@dorafactory/maci-sdk 0.1.3-pre.21 → 0.1.3-pre.23

package/dist/index.js

@@ -31,9 +31,12 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var index_exports = {};
 __export(index_exports, {
   Circuit: () => Circuit,
+  EdDSAPoseidonKeypair: () => EdDSAPoseidonKeypair,
+  EdDSAPoseidonPublicKey: () => EdDSAPoseidonPublicKey,
   G1Point: () => G1Point,
   G2Point: () => G2Point,
   Http: () => Http,
+  MaciApiClient: () => MaciApiClient,
   MaciCertSystemType: () => MaciCertSystemType,
   MaciCircuitType: () => MaciCircuitType,
   MaciClient: () => MaciClient2,
@@ -47,12 +50,23 @@ __export(index_exports, {
   Transaction: () => Transaction,
   Tree: () => Tree,
   UserAccount: () => UserAccount,
+  VoterClient: () => VoterClient,
+  adaptToUncompressed: () => adaptToUncompressed,
+  addressToUint256: () => addressToUint256,
   batchGenMessage: () => batchGenMessage,
   bigInt2Buffer: () => bigInt2Buffer,
+  bigintToHex: () => bigintToHex,
   buffer2Bigint: () => buffer2Bigint,
   circuits: () => circuits,
+  compressPublicKey: () => compressPublicKey,
+  decompressPublicKey: () => decompressPublicKey,
   destringizing: () => destringizing,
+  encryptOdevity: () => encryptOdevity,
   formatPrivKeyForBabyJub: () => formatPrivKeyForBabyJub,
+  fromB64: () => fromB64,
+  fromBase64: () => fromBase64,
+  fromHEX: () => fromHEX,
+  fromHex: () => fromHex,
   genAddKeyInput: () => genAddKeyInput,
   genEcdhSharedKey: () => genEcdhSharedKey,
   genKeypair: () => genKeypair,
@@ -65,6 +79,9 @@ __export(index_exports, {
   genRandomKey: () => genRandomKey,
   genRandomSalt: () => genRandomSalt,
   getAMaciRoundCircuitFee: () => getAMaciRoundCircuitFee,
+  getCurveFromName: () => getCurveFromName,
+  getCurveFromQ: () => getCurveFromQ,
+  getCurveFromR: () => getCurveFromR,
   getDefaultParams: () => getDefaultParams,
   hash12: () => hash12,
   hash2: () => hash2,
@@ -75,6 +92,8 @@ __export(index_exports, {
   hashLeftRight: () => hashLeftRight,
   hashN: () => hashN,
   hashOne: () => hashOne,
+  hexToBigInt: () => hexToBigInt,
+  hexToDecimalString: () => hexToDecimalString,
   isValidAddress: () => isValidAddress,
   packPubKey: () => packPubKey,
   poseidon: () => poseidon,
@@ -83,9 +102,15 @@ __export(index_exports, {
   poseidonT5: () => poseidonT5,
   poseidonT6: () => poseidonT6,
   privateKeyFromTxt: () => privateKeyFromTxt,
+  rerandomize: () => rerandomize,
   sha256Hash: () => sha256Hash,
   signMessage: () => signMessage2,
   stringizing: () => stringizing,
+  toB64: () => toB64,
+  toBase64: () => toBase64,
+  toHEX: () => toHEX,
+  toHex: () => toHex,
+  transformPubkey: () => transformPubkey,
   unpackPubKey: () => unpackPubKey
 });
 module.exports = __toCommonJS(index_exports);
@@ -427,6 +452,7 @@ function getDefaultParams(network = "mainnet") {
         rpcEndpoint: "https://vota-rpc.dorafactory.org",
         restEndpoint: "https://vota-rest.dorafactory.org",
         apiEndpoint: "https://vota-api.dorafactory.org",
+        saasApiEndpoint: "https://vota-maci-api.dorafactory.org",
         certificateApiEndpoint: "https://vota-certificate-api.dorafactory.org/api/v1",
         registryAddress: "dora1smg5qp5trjdkcekdjssqpjehdjf6n4cjss0clyvqcud3t3u3948s8rmgg4",
         saasAddress: "dora1ksxvvve2nsw5uyvg7y6lnnxcqxadjepc78z0qa8enm5zhayxaqgqpsewf8",
@@ -446,6 +472,7 @@ function getDefaultParams(network = "mainnet") {
         rpcEndpoint: "https://vota-testnet-rpc.dorafactory.org",
         restEndpoint: "https://vota-testnet-rest.dorafactory.org",
         apiEndpoint: "https://vota-testnet-api.dorafactory.org",
+        saasApiEndpoint: "https://vota-testnet-maci-api.dorafactory.org",
         certificateApiEndpoint: "https://vota-testnet-certificate-api.dorafactory.org/api/v1",
         registryAddress: "dora13c8aecstyxrhax9znvvh5zey89edrmd2k5va57pxvpe3fxtfsfeqlhsjnd",
         saasAddress: "dora1dgnszrwnwxgr5djprrr6w4q45z8s3ghsew869g6tlp4ruqah39nqnemjya",
@@ -536,7 +563,61 @@ var Circuit = class {
   }
 };
 
-// src/utils/index.ts
+// src/utils/base64.ts
+function fromBase64(base64String) {
+  return Uint8Array.from(atob(base64String), (char) => char.charCodeAt(0));
+}
+var CHUNK_SIZE = 8192;
+function toBase64(bytes) {
+  if (bytes.length < CHUNK_SIZE) {
+    return btoa(String.fromCharCode(...bytes));
+  }
+  let output = "";
+  for (var i = 0; i < bytes.length; i += CHUNK_SIZE) {
+    const chunk = bytes.slice(i, i + CHUNK_SIZE);
+    output += String.fromCharCode(...chunk);
+  }
+  return btoa(output);
+}
+var toB64 = toBase64;
+var fromB64 = fromBase64;
+
+// src/utils/hex.ts
+function fromHex(hexStr) {
+  const normalized = hexStr.startsWith("0x") ? hexStr.slice(2) : hexStr;
+  const padded = normalized.length % 2 === 0 ? normalized : `0${normalized}}`;
+  const intArr = padded.match(/.{2}/g)?.map((byte) => parseInt(byte, 16)) ?? [];
+  return Uint8Array.from(intArr);
+}
+function toHex(bytes) {
+  return bytes.reduce(
+    (str, byte) => str + byte.toString(16).padStart(2, "0"),
+    ""
+  );
+}
+var toHEX = toHex;
+var fromHEX = fromHex;
+
+// src/utils/decode-address.ts
+var import_sha256 = require("@noble/hashes/sha256");
+function addressToUint256(address) {
+  const addressBytes = new TextEncoder().encode(address);
+  const hashResult = (0, import_sha256.sha256)(addressBytes);
+  const uint256Bytes = new Uint8Array(32);
+  for (let i = 0; i < hashResult.length && i < 32; i++) {
+    uint256Bytes[31 - i] = hashResult[i];
+  }
+  let result = 0n;
+  for (let i = 0; i < uint256Bytes.length; i++) {
+    result = (result << 8n) + BigInt(uint256Bytes[i]);
+  }
+  return result;
+}
+function bigintToHex(value) {
+  return "0x" + value.toString(16).padStart(64, "0");
+}
+
+// src/utils/validate-address.ts
 var import_bech32 = require("bech32");
 
 // src/libs/crypto/keys.ts
@@ -610,9 +691,7 @@ var import_assert = __toESM(require("assert"));
 var SNARK_FIELD_SIZE = import_baby_jubjub.r;
 var NOTHING_UP_MY_SLEEVE = BigInt((0, import_ethers.keccak256)((0, import_ethers.toUtf8Bytes)("Maci"))) % SNARK_FIELD_SIZE;
 (0, import_assert.default)(
-  NOTHING_UP_MY_SLEEVE === BigInt(
-    "8370432830353022751713833565135785980866757267633941821328460903436894336785"
-  )
+  NOTHING_UP_MY_SLEEVE === BigInt("8370432830353022751713833565135785980866757267633941821328460903436894336785")
 );
 var PAD_KEY_HASH = BigInt(
   "1309255631273308531193241901289907343161346846555918942743921933037802809814"
@@ -830,9 +909,7 @@ var Tree = class _Tree {
     while (idx > 0) {
       const parentIdx = Math.floor((idx - 1) / this.DEGREE);
       const childrenIdx0 = parentIdx * this.DEGREE + 1;
-      this.nodes[parentIdx] = poseidon(
-        this.nodes.slice(childrenIdx0, childrenIdx0 + 5)
-      );
+      this.nodes[parentIdx] = poseidon(this.nodes.slice(childrenIdx0, childrenIdx0 + 5));
       idx = parentIdx;
     }
   }
@@ -918,9 +995,7 @@ var genRandomBabyJubValue = () => {
   const min = 6350874878119819312338956282401532410528162663560392320966563075034087161851n;
   let rand;
   while (true) {
-    rand = BigInt(
-      `0x${import_crypto_js.default.lib.WordArray.random(32).toString(import_crypto_js.default.enc.Hex)}`
-    );
+    rand = BigInt(`0x${import_crypto_js.default.lib.WordArray.random(32).toString(import_crypto_js.default.enc.Hex)}`);
     if (rand >= min) {
       break;
     }
@@ -953,9 +1028,7 @@ var genKeypair = (pkey) => {
 var genEcdhSharedKey = (privKey, pubKey) => (0, import_baby_jubjub2.mulPointEscalar)(pubKey, formatPrivKeyForBabyJub(privKey));
 var genMessageFactory = (stateIdx, signPriKey, signPubKey, coordPubKey) => (encPriKey, nonce, voIdx, newVotes, isLastCmd, salt) => {
   if (!salt) {
-    salt = BigInt(
-      `0x${import_crypto_js2.default.lib.WordArray.random(7).toString(import_crypto_js2.default.enc.Hex)}`
-    );
+    salt = BigInt(`0x${import_crypto_js2.default.lib.WordArray.random(7).toString(import_crypto_js2.default.enc.Hex)}`);
   }
   const packaged = BigInt(nonce) + (BigInt(stateIdx) << 32n) + (BigInt(voIdx) << 64n) + (BigInt(newVotes) << 96n) + (BigInt(salt) << 192n);
   let newPubKey = [...signPubKey];
@@ -965,11 +1038,7 @@ var genMessageFactory = (stateIdx, signPriKey, signPubKey, coordPubKey) => (encP
   const hash = poseidon([packaged, ...newPubKey]);
   const signature = (0, import_eddsa_poseidon.signMessage)(bigInt2Buffer(signPriKey), hash);
   const command = [packaged, ...newPubKey, ...signature.R8, signature.S];
-  const message = (0, import_poseidon_cipher2.poseidonEncrypt)(
-    command,
-    genEcdhSharedKey(encPriKey, coordPubKey),
-    0n
-  );
+  const message = (0, import_poseidon_cipher2.poseidonEncrypt)(command, genEcdhSharedKey(encPriKey, coordPubKey), 0n);
   return message;
 };
 var batchGenMessage = (stateIdx, keypair, coordPubKey, plan) => {
@@ -983,13 +1052,7 @@ var batchGenMessage = (stateIdx, keypair, coordPubKey, plan) => {
   for (let i = plan.length - 1; i >= 0; i--) {
     const p = plan[i];
     const encAccount = genKeypair();
-    const msg = genMessage(
-      BigInt(encAccount.privKey),
-      i + 1,
-      p[0],
-      p[1],
-      i === plan.length - 1
-    );
+    const msg = genMessage(BigInt(encAccount.privKey), i + 1, p[0], p[1], i === plan.length - 1);
     payload.push({
       msg,
       encPubkeys: encAccount.pubKey
@@ -1041,10 +1104,7 @@ var genAddKeyInput = (depth, {
   const c1 = [deactivateLeaf[0], deactivateLeaf[1]];
   const c2 = [deactivateLeaf[2], deactivateLeaf[3]];
   const { d1, d2 } = rerandomize(coordPubKey, { c1, c2 }, randomVal);
-  const nullifier = poseidon([
-    BigInt(oldKey.formatedPrivKey),
-    1444992409218394441042n
-  ]);
+  const nullifier = poseidon([BigInt(oldKey.formatedPrivKey), 1444992409218394441042n]);
   const tree = new Tree(5, depth, 0n);
   const leaves = deactivates.map((d) => poseidon(d));
   tree.initLeaves(leaves);
@@ -1091,12 +1151,7 @@ function randomUint256() {
   return buffer.join("");
 }
 var genRandomKey = () => {
-  const key = [
-    randomUint256(),
-    randomUint256(),
-    randomUint256(),
-    randomUint256()
-  ].join("");
+  const key = [randomUint256(), randomUint256(), randomUint256(), randomUint256()].join("");
   return ["-----BEGIN MACI KEY-----", key, "-----END MACI KEY-----"].join("\n");
 };
 
@@ -1152,19 +1207,127 @@ async function genKeypairFromSign({
   if (!address) {
     [{ address }] = await signer.getAccounts();
   }
-  const sig = await signMessage2(
-    signer,
-    address,
-    "Generate_MACI_Private_Key",
-    network
-  );
+  const sig = await signMessage2(signer, address, "Generate_MACI_Private_Key", network);
   return genKeypairFromSignature(sig.signature);
 }
 
-// src/utils/index.ts
+// src/libs/crypto/curve.ts
+var import_ffjavascript = require("ffjavascript");
+var bls12381r = import_ffjavascript.Scalar.e("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", 16);
+var bn128r = import_ffjavascript.Scalar.e(
+  "21888242871839275222246405745257275088548364400416034343698204186575808495617"
+);
+var bls12381q = import_ffjavascript.Scalar.e(
+  "1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab",
+  16
+);
+var bn128q = import_ffjavascript.Scalar.e(
+  "21888242871839275222246405745257275088696311157297823662689037894645226208583"
+);
+async function getCurveFromR(r2) {
+  let curve;
+  if (import_ffjavascript.Scalar.eq(r2, bn128r)) {
+    curve = await (0, import_ffjavascript.buildBn128)();
+  } else if (import_ffjavascript.Scalar.eq(r2, bls12381r)) {
+    curve = await (0, import_ffjavascript.buildBls12381)();
+  } else {
+    throw new Error(`Curve not supported: ${import_ffjavascript.Scalar.toString(r2)}`);
+  }
+  return curve;
+}
+async function getCurveFromQ(q) {
+  let curve;
+  if (import_ffjavascript.Scalar.eq(q, bn128q)) {
+    curve = await (0, import_ffjavascript.buildBn128)();
+  } else if (import_ffjavascript.Scalar.eq(q, bls12381q)) {
+    curve = await (0, import_ffjavascript.buildBls12381)();
+  } else {
+    throw new Error(`Curve not supported: ${import_ffjavascript.Scalar.toString(q)}`);
+  }
+  return curve;
+}
+async function getCurveFromName(name) {
+  let curve;
+  const normName = normalizeName(name);
+  if (["BN128", "BN254", "ALTBN128"].indexOf(normName) >= 0) {
+    curve = await (0, import_ffjavascript.buildBn128)();
+  } else if (["BLS12381"].indexOf(normName) >= 0) {
+    curve = await (0, import_ffjavascript.buildBls12381)();
+  } else {
+    throw new Error(`Curve not supported: ${name}`);
+  }
+  return curve;
+  function normalizeName(n) {
+    return (n.toUpperCase().match(/[A-Za-z0-9]+/g) || []).join("");
+  }
+}
+
+// src/libs/crypto/adapter.ts
+var import_ffjavascript2 = require("ffjavascript");
+var { unstringifyBigInts } = import_ffjavascript2.utils;
+var Bytes2Str = (arr) => {
+  let str = "";
+  for (let i = 0; i < arr.length; i++) {
+    let tmp = arr[i].toString(16);
+    if (tmp.length == 1) {
+      tmp = "0" + tmp;
+    }
+    str += tmp;
+  }
+  return str;
+};
+var BN128Curve = null;
+var adaptToUncompressed = async (proof) => {
+  const p = unstringifyBigInts(proof);
+  let curve = BN128Curve;
+  if (!curve) {
+    BN128Curve = await getCurveFromName("BN128");
+    curve = BN128Curve;
+  }
+  const pi_a = curve.G1.toUncompressed(curve.G1.fromObject(p.pi_a));
+  const pi_b = curve.G2.toUncompressed(curve.G2.fromObject(p.pi_b));
+  const pi_c = curve.G1.toUncompressed(curve.G1.fromObject(p.pi_c));
+  return {
+    a: Bytes2Str(Array.from(pi_a)),
+    b: Bytes2Str(Array.from(pi_b)),
+    c: Bytes2Str(Array.from(pi_c))
+  };
+};
+
+// src/libs/crypto/rerandomize.ts
+var BabyJub2 = __toESM(require("@zk-kit/baby-jubjub"));
+var F = BabyJub2.Fr;
+var encodeToMessage = (original, randomKey = genKeypair()) => {
+  const xIncrement = F.e(F.sub(randomKey.pubKey[0], original));
+  return {
+    point: {
+      x: randomKey.pubKey[0],
+      y: randomKey.pubKey[1]
+    },
+    xIncrement
+  };
+};
+var encryptOdevity = (isOdd, pubKey, randomVal = genRandomBabyJubValue()) => {
+  let i = 0n;
+  let message = encodeToMessage(123n, genKeypair(randomVal + i));
+  while (message.point.x % 2n === 1n !== isOdd) {
+    i++;
+    message = encodeToMessage(123n, genKeypair(randomVal + i));
+  }
+  const c1Point = BabyJub2.mulPointEscalar(BabyJub2.Base8, randomVal);
+  const pky = BabyJub2.mulPointEscalar(pubKey, randomVal);
+  const c2Point = BabyJub2.addPoint([message.point.x, message.point.y], pky);
+  return {
+    c1: { x: c1Point[0], y: c1Point[1] },
+    c2: { x: c2Point[0], y: c2Point[1] },
+    xIncrement: message.xIncrement
+  };
+};
+
+// src/utils/validate-address.ts
 function verifyIsBech32(address) {
   try {
-    (0, import_bech32.decode)(address);
+    import_bech32.bech32.decode(address);
   } catch (error) {
     return error instanceof Error ? error : new Error("Unknown error");
   }
@@ -1173,6 +1336,46 @@ function verifyIsBech32(address) {
 function isValidAddress(address) {
   return address.startsWith("dora") && verifyIsBech32(address) === void 0;
 }
+function hexToDecimalString(hexString) {
+  const decimalString = BigInt("0x" + hexString).toString(10);
+  return decimalString;
+}
+function hexToBigInt(hexString) {
+  return BigInt("0x" + hexString);
+}
+function padWithZerosIfNeeded(inputString) {
+  if (inputString.length === 64) {
+    return inputString;
+  } else if (inputString.length < 64) {
+    const zerosToAdd = 64 - inputString.length;
+    const zeroPadding = "0".repeat(zerosToAdd);
+    return zeroPadding + inputString;
+  }
+  throw new Error("Invalid input string length");
+}
+function decompressPublicKey(compressedPubkey) {
+  const x = compressedPubkey.slice(0, 64);
+  const y = compressedPubkey.slice(64);
+  return {
+    x: hexToDecimalString(x),
+    y: hexToDecimalString(y)
+  };
+}
+function compressPublicKey(decompressedPubkey) {
+  const x = decompressedPubkey[0];
+  const y = decompressedPubkey[1];
+  const compressedPubkey = padWithZerosIfNeeded(x.toString(16)) + padWithZerosIfNeeded(y.toString(16));
+  return compressedPubkey;
+}
+function transformPubkey(oldPubkey) {
+  const x = oldPubkey.slice(0, 64);
+  const y = oldPubkey.slice(64);
+  const pubkey = [hexToBigInt(x), hexToBigInt(y)];
+  console.log(pubkey);
+  console.log([hexToDecimalString(x), hexToDecimalString(y)]);
+  const packedPubkey = packPubKey(pubkey);
+  return packedPubkey;
+}
 
 // src/libs/query/operator.ts
 var Operator = class {
@@ -8559,6 +8762,257 @@ var MACI = class {
   }
 };
 
+// src/libs/api/client.ts
+var MaciApiClient = class {
+  constructor(config) {
+    this.baseUrl = config.baseUrl.replace(/\/$/, "");
+    this.apiKey = config.apiKey;
+    this.customFetch = config.customFetch || fetch;
+    this.timeout = config.timeout || 12e4;
+    this.apiKeyHeader = config.apiKeyHeader || "x-api-key";
+  }
+  /**
+   * Update API key
+   */
+  setApiKey(apiKey) {
+    this.apiKey = apiKey;
+  }
+  /**
+   * Update base URL
+   */
+  setBaseUrl(baseUrl) {
+    this.baseUrl = baseUrl.replace(/\/$/, "");
+  }
+  /**
+   * Internal fetch method with timeout and error handling
+   */
+  async fetch(path, options) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    try {
+      const headers = {
+        "Content-Type": "application/json"
+      };
+      if (options?.headers) {
+        Object.assign(headers, options.headers);
+      }
+      if (this.apiKey) {
+        if (this.apiKeyHeader === "x-api-key") {
+          headers["x-api-key"] = this.apiKey;
+        } else {
+          headers["Authorization"] = `Bearer ${this.apiKey}`;
+        }
+      }
+      const response = await this.customFetch(`${this.baseUrl}${path}`, {
+        ...options,
+        headers,
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      if (!response.ok) {
+        const errorData = await response.json().catch(() => ({}));
+        throw new HttpError(
+          errorData.error || `HTTP error! status: ${response.status}`,
+          response.status
+        );
+      }
+      if (response.status === 204) {
+        return null;
+      }
+      return await response.json();
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof HttpError) {
+        throw error;
+      }
+      if (error.name === "AbortError") {
+        throw new HttpError("Request timeout", 408);
+      }
+      throw new HttpError(`Failed to fetch: ${error.message}`, 500);
+    }
+  }
+  /**
+   * Health check
+   */
+  async health() {
+    return this.fetch("/health", { method: "GET" });
+  }
+  // ==================== Admin APIs ====================
+  /**
+   * Create API key (Admin)
+   */
+  async createApiKey(data) {
+    return this.fetch("/admin/keys", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Create tenant (Admin)
+   */
+  async createTenant(data) {
+    return this.fetch("/admin/tenants", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  // ==================== Usage API ====================
+  /**
+   * Get usage for current API key
+   */
+  async getUsage(params) {
+    const queryString = params ? "?" + new URLSearchParams(params).toString() : "";
+    return this.fetch(`/v1/usage${queryString}`, { method: "GET" });
+  }
+  // ==================== Core MACI APIs ====================
+  /**
+   * Signup
+   */
+  async signup(data) {
+    return this.fetch("/v1/signup", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Vote
+   */
+  async vote(data) {
+    return this.fetch("/v1/vote", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Create Round
+   */
+  async createRound(data) {
+    return this.fetch("/v1/create-round", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Create AMaci Round
+   */
+  async createAmaciRound(data) {
+    return this.fetch("/v1/create-amaci-round", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Set Round Info
+   */
+  async setRoundInfo(data) {
+    return this.fetch("/v1/set-round-info", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Set Vote Options
+   */
+  async setVoteOptions(data) {
+    return this.fetch("/v1/set-vote-options", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Deactivate
+   */
+  async deactivate(data) {
+    return this.fetch("/v1/deactivate", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Add New Key
+   */
+  async addNewKey(data) {
+    return this.fetch("/v1/add-new-key", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Pre Add New Key
+   */
+  async preAddNewKey(data) {
+    return this.fetch("/v1/pre-add-new-key", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  // ==================== Allowlist APIs ====================
+  /**
+   * Get allowlist list
+   */
+  async getAllowlists(params) {
+    const queryString = params ? "?" + new URLSearchParams(params).toString() : "";
+    return this.fetch(`/v1/allowlists/${queryString}`, { method: "GET" });
+  }
+  /**
+   * Create allowlist
+   */
+  async createAllowlist(data) {
+    return this.fetch("/v1/allowlists/", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Get allowlist details
+   */
+  async getAllowlistDetail(params) {
+    return this.fetch(`/v1/allowlists/${params.id}`, { method: "GET" });
+  }
+  /**
+   * Update allowlist
+   */
+  async updateAllowlist(params, data) {
+    return this.fetch(`/v1/allowlists/${params.id}`, {
+      method: "PUT",
+      body: JSON.stringify(data)
+    });
+  }
+  /**
+   * Delete allowlist
+   */
+  async deleteAllowlist(params) {
+    return this.fetch(`/v1/allowlists/${params.id}`, { method: "DELETE" });
+  }
+  /**
+   * Get round allowlist snapshot
+   */
+  async getRoundAllowlistSnapshot(params) {
+    return this.fetch(`/v1/allowlists/snapshots/${params.contractAddress}`, {
+      method: "GET"
+    });
+  }
+  // ==================== Certificate APIs ====================
+  /**
+   * Request certificate
+   */
+  async requestCertificate(data) {
+    return this.fetch("/v1/certificates/request", {
+      method: "POST",
+      body: JSON.stringify(data)
+    });
+  }
+  // ==================== Pre-deactivate APIs ====================
+  /**
+   * Get pre-deactivate data by contract address
+   */
+  async getPreDeactivate(params) {
+    return this.fetch(`/v1/pre-deactivate/${params.contractAddress}`, {
+      method: "GET"
+    });
+  }
+};
+
 // src/maci.ts
 var MaciClient2 = class {
   /**
@@ -8571,6 +9025,8 @@ var MaciClient2 = class {
     rpcEndpoint,
     restEndpoint,
     apiEndpoint,
+    saasApiEndpoint,
+    saasApiKey,
     registryAddress,
     saasAddress,
     apiSaasAddress,
@@ -8589,6 +9045,7 @@ var MaciClient2 = class {
     this.rpcEndpoint = rpcEndpoint || defaultParams.rpcEndpoint;
     this.restEndpoint = restEndpoint || defaultParams.restEndpoint;
     this.apiEndpoint = apiEndpoint || defaultParams.apiEndpoint;
+    this.saasApiEndpoint = saasApiEndpoint;
     this.certificateApiEndpoint = certificateApiEndpoint || defaultParams.certificateApiEndpoint;
     this.registryAddress = registryAddress || defaultParams.registryAddress;
     this.saasAddress = saasAddress || defaultParams.saasAddress;
@@ -8598,15 +9055,11 @@ var MaciClient2 = class {
     this.feegrantOperator = feegrantOperator || defaultParams.oracleFeegrantOperator;
     this.whitelistBackendPubkey = whitelistBackendPubkey || defaultParams.oracleWhitelistBackendPubkey;
     this.maciKeypair = maciKeypair ?? genKeypair();
-    this.http = new Http(
-      this.apiEndpoint,
-      this.restEndpoint,
-      customFetch,
-      defaultOptions
-    );
+    this.http = new Http(this.apiEndpoint, this.restEndpoint, customFetch, defaultOptions);
     this.indexer = new Indexer({
       restEndpoint: this.restEndpoint,
       apiEndpoint: this.apiEndpoint,
+      // Indexer GraphQL API
       registryAddress: this.registryAddress,
       http: this.http
     });
@@ -8631,6 +9084,13 @@ var MaciClient2 = class {
       oracleCertificate: this.oracleCertificate,
       maciKeypair: this.maciKeypair
     });
+    if (this.saasApiEndpoint) {
+      this.saasApiClient = new MaciApiClient({
+        baseUrl: this.saasApiEndpoint,
+        apiKey: saasApiKey,
+        customFetch
+      });
+    }
   }
   getSigner(signer) {
     if (signer) {
@@ -8641,6 +9101,28 @@ var MaciClient2 = class {
     }
     throw new Error("No signer provided, please provide a signer");
   }
+  /**
+   * Set SaaS API key for MaciApiClient
+   */
+  setSaasApiKey(apiKey) {
+    if (!this.saasApiClient) {
+      throw new Error(
+        "SaaS API client not initialized. Please provide saasApiEndpoint in constructor."
+      );
+    }
+    this.saasApiClient.setApiKey(apiKey);
+  }
+  /**
+   * Get SaaS API client instance
+   */
+  getSaasApiClient() {
+    if (!this.saasApiClient) {
+      throw new Error(
+        "SaaS API client not initialized. Please provide saasApiEndpoint in constructor."
+      );
+    }
+    return this.saasApiClient;
+  }
   getMaciKeypair() {
     return this.maciKeypair;
   }
@@ -8843,9 +9325,7 @@ var MaciClient2 = class {
   async getRounds(after, limit) {
     const rounds = await this.indexer.getRounds(after || "", limit || 10);
     if (isErrorResponse(rounds)) {
-      throw new Error(
-        `Failed to get rounds: ${rounds.code} ${rounds.error.message}`
-      );
+      throw new Error(`Failed to get rounds: ${rounds.code} ${rounds.error.message}`);
     }
     return rounds;
   }
@@ -8858,15 +9338,10 @@ var MaciClient2 = class {
   async queryRoundIsQv({ contractAddress }) {
     return await this.maci.queryRoundIsQv({ contractAddress });
   }
-  async queryRoundClaimable({
-    contractAddress
-  }) {
+  async queryRoundClaimable({ contractAddress }) {
     return await this.maci.queryRoundClaimable({ contractAddress });
   }
-  async queryAMaciChargeFee({
-    maxVoter,
-    maxOption
-  }) {
+  async queryAMaciChargeFee({ maxVoter, maxOption }) {
     return await this.maci.queryAMaciChargeFee({
       maxVoter,
       maxOption
@@ -8876,12 +9351,7 @@ var MaciClient2 = class {
     return await this.maci.queryRoundGasStation({ contractAddress });
   }
   parseRoundStatus(votingStart, votingEnd, status, currentTime) {
-    return this.maci.parseRoundStatus(
-      votingStart,
-      votingEnd,
-      status,
-      currentTime
-    );
+    return this.maci.parseRoundStatus(votingStart, votingEnd, status, currentTime);
   }
   async queryRoundBalance({ contractAddress }) {
     return await this.maci.queryRoundBalance({ contractAddress });
@@ -9141,13 +9611,941 @@ var MaciClient2 = class {
       fee
     });
   }
+  // ==================== SaaS API Client Methods ====================
+  /**
+   * Create AMaci round via SaaS API
+   * @param params - Round creation parameters
+   */
+  async saasCreateAmaciRound(params) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.createAmaciRound(params);
+  }
+  /**
+   * Set round info via SaaS API
+   * @param params - Round info parameters
+   */
+  async saasSetRoundInfo(params) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.setRoundInfo(params);
+  }
+  /**
+   * Set vote options via SaaS API
+   * @param params - Vote options parameters
+   */
+  async saasSetVoteOptions(params) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.setVoteOptions(params);
+  }
+};
+
+// src/voter.ts
+var import_crypto_js3 = __toESM(require("crypto-js"));
+var import_ethers4 = require("ethers");
+var import_snarkjs = require("snarkjs");
+
+// src/libs/keypairs/eddsa-poseidon/keypair.ts
+var import_blake2b = require("@noble/hashes/blake2b");
+var import_utils9 = require("@noble/hashes/utils");
+var import_bip32 = require("@scure/bip32");
+var import_sha2563 = require("@noble/hashes/sha256");
+var import_eddsa_poseidon4 = require("@zk-kit/eddsa-poseidon");
+
+// src/libs/cryptography/keypair.ts
+var Signer = class {
+  /**
+   * Sign messages with a specific payload. By combining the message bytes with the payload before hashing and signing,
+   * it ensures that a signed message is tied to a specific purpose and domain separator is provided
+   */
+  async signWithPayload(message) {
+    const signature = await this.sign(message);
+    return {
+      message,
+      signature
+    };
+  }
+};
+var Keypair3 = class extends Signer {
+};
+
+// src/libs/cryptography/mnemonics.ts
+var import_bip39 = require("@scure/bip39");
+function isValidBIP32Path(path) {
+  if (!new RegExp("^m\\/(44|54|74)'\\/118'\\/[0-9]+'\\/[0-9]+\\/[0-9]+$").test(path)) {
+    return false;
+  }
+  return true;
+}
+function mnemonicToSeed(mnemonics) {
+  return (0, import_bip39.mnemonicToSeedSync)(mnemonics, "");
+}
+
+// src/libs/keypairs/eddsa-poseidon/publickey.ts
+var import_sha2562 = require("@noble/hashes/sha256");
+
+// src/libs/cryptography/publickey.ts
+var PublicKey = class {
+  /**
+   * Checks if two public keys are equal
+   */
+  equals(publicKey) {
+    return this.toPackedData() === publicKey.toPackedData();
+  }
+};
+
+// src/libs/keypairs/eddsa-poseidon/publickey.ts
+var import_eddsa_poseidon3 = require("@zk-kit/eddsa-poseidon");
+var EdDSAPoseidonPublicKey = class extends PublicKey {
+  /**
+   * Create a new EdDSAPoseidonPublicKey object
+   * @param value public key as packed bigint, Point array, Uint8Array or string
+   */
+  constructor(value) {
+    super();
+    if (typeof value === "bigint") {
+      this.packedData = value;
+      this.rawPoint = unpackPubKey(value);
+    } else if (Array.isArray(value) && value.length === 2) {
+      this.rawPoint = value;
+      this.packedData = packPubKey(this.rawPoint);
+    } else if (typeof value === "string") {
+      this.packedData = BigInt(value);
+      this.rawPoint = unpackPubKey(this.packedData);
+    } else if (value instanceof Uint8Array) {
+      const hex = Array.from(value).map((b) => b.toString(16).padStart(2, "0")).join("");
+      this.packedData = BigInt("0x" + hex);
+      this.rawPoint = unpackPubKey(this.packedData);
+    } else {
+      const bytes = new Uint8Array(value);
+      const hex = Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+      this.packedData = BigInt("0x" + hex);
+      this.rawPoint = unpackPubKey(this.packedData);
+    }
+  }
+  /**
+   * Checks if two EdDSAPoseidon public keys are equal
+   */
+  equals(publicKey) {
+    return super.equals(publicKey);
+  }
+  /**
+   * Return the Point representation of the EdDSAPoseidon public key
+   */
+  toPoints() {
+    return this.rawPoint;
+  }
+  /**
+   * Return the packed bigint representation of the EdDSAPoseidon public key
+   */
+  toPackedData() {
+    return this.packedData;
+  }
+  /**
+   * Verifies that the signature is valid for for the provided message
+   */
+  verify(message, signature) {
+    try {
+      return (0, import_eddsa_poseidon3.verifySignature)(message, signature, this.rawPoint);
+    } catch (error) {
+      return false;
+    }
+  }
+  /**
+   * Verifies that the signature is valid for the provided address and amount
+   */
+  verifyPayload({
+    amount,
+    contractAddress,
+    signature
+  }) {
+    const payload = {
+      amount,
+      contract_address: addressToUint256(contractAddress).toString(),
+      pubkey_x: this.toPoints()[0].toString(),
+      pubkey_y: this.toPoints()[1].toString()
+    };
+    const signatureBytes = fromBase64(signature);
+    const rawSignature = (0, import_eddsa_poseidon3.unpackSignature)(new Buffer(signatureBytes));
+    const payloadHash = (0, import_sha2562.sha256)(new TextEncoder().encode(JSON.stringify(payload)));
+    return this.verify(payloadHash, rawSignature);
+  }
+  /**
+   * Verifies that the signature is valid for the provided address and amount
+   */
+  verifyCredential({
+    amount,
+    contractAddress,
+    signature
+  }) {
+    const messageHash = hash5([
+      BigInt(amount),
+      BigInt(addressToUint256(contractAddress)),
+      this.toPoints()[0],
+      this.toPoints()[1],
+      BigInt(0)
+    ]);
+    const signatureBytes = fromBase64(signature);
+    const rawSignature = (0, import_eddsa_poseidon3.unpackSignature)(new Buffer(signatureBytes));
+    return this.verify(bigInt2Buffer(messageHash), rawSignature);
+  }
+};
+
+// src/libs/keypairs/eddsa-poseidon/keypair.ts
+var import_baby_jubjub3 = require("@zk-kit/baby-jubjub");
+var DEFAULT_EDDSA_POSEIDON_DERIVATION_PATH = "m/44'/118'/0'/0/0";
+var EdDSAPoseidonKeypair = class _EdDSAPoseidonKeypair extends Keypair3 {
+  /**
+   * Create a new EdDSA-Poseidon keypair instance.
+   *
+   * If no keypair data is provided, a new random keypair will be generated
+   * using cryptographically secure random number generation.
+   *
+   * @param keypair Optional existing EdDSA-Poseidon keypair data to initialize with
+   */
+  constructor(keypair) {
+    super();
+    if (keypair) {
+      this.keypair = keypair;
+    } else {
+      const generatedKeypair = genKeypair();
+      const secretKey = generatedKeypair.privKey;
+      const unPackedPublicKey = generatedKeypair.pubKey;
+      const publicKey = packPubKey(unPackedPublicKey);
+      const formatedPrivKey = formatPrivKeyForBabyJub(secretKey);
+      this.keypair = { publicKey, secretKey, formatedPrivKey };
+    }
+  }
+  /**
+   * Get the signature scheme identifier for this keypair.
+   *
+   * @returns The signature scheme type 'EDDSA_POSEIDON'
+   */
+  getKeyScheme() {
+    return "EDDSA_POSEIDON";
+  }
+  /**
+   * Generate a new random EdDSA-Poseidon keypair.
+   *
+   * This is a convenience static method that creates a new instance
+   * with randomly generated cryptographic keys.
+   *
+   * @returns A new EdDSAPoseidonKeypair instance with random keys
+   */
+  static generate() {
+    return new _EdDSAPoseidonKeypair();
+  }
+  /**
+   * Create a keypair from an existing secret key.
+   *
+   * This method reconstructs a keypair from a previously generated secret key.
+   * The secret key can be provided as either a hex string (with or without '0x' prefix)
+   * or as a bigint value. For generating keypairs from mnemonic seeds, use the
+   * {@link EdDSAPoseidonKeypair.deriveKeypair} method instead.
+   *
+   * @param secretKey The secret key as a hex string or bigint
+   * @param options Configuration options for key reconstruction
+   * @param options.skipValidation If true, skips cryptographic validation of the secret key
+   *
+   * @returns A new EdDSAPoseidonKeypair instance created from the secret key
+   * @throws Error if the provided secret key is invalid and validation is not skipped
+   */
+  static fromSecretKey(secretKey, options) {
+    if (typeof secretKey === "string") {
+      const cleanSecretKey = secretKey.startsWith("0x") ? secretKey.slice(2) : secretKey;
+      const decoded = buffer2Bigint((0, import_utils9.hexToBytes)(cleanSecretKey));
+      return this.fromSecretKey(decoded, options);
+    }
+    const unPackedPublicKey = genPubKey(secretKey);
+    const publicKey = packPubKey(unPackedPublicKey);
+    if (!options || !options.skipValidation) {
+      const encoder = new TextEncoder();
+      const signData = encoder.encode("dora validation");
+      const msgHash = (0, import_utils9.bytesToHex)((0, import_blake2b.blake2b)(signData, { dkLen: 16 }));
+      const signature = (0, import_eddsa_poseidon4.signMessage)(bigInt2Buffer(secretKey), msgHash);
+      if (!(0, import_eddsa_poseidon4.verifySignature)(msgHash, signature, unPackedPublicKey)) {
+        throw new Error("Provided secretKey is invalid");
+      }
+    }
+    const formatedPrivKey = formatPrivKeyForBabyJub(secretKey);
+    return new _EdDSAPoseidonKeypair({
+      publicKey,
+      secretKey,
+      formatedPrivKey
+    });
+  }
+  /**
+   * Get the public key associated with this keypair.
+   *
+   * @returns An EdDSAPoseidonPublicKey instance containing the public key data
+   */
+  getPublicKey() {
+    return new EdDSAPoseidonPublicKey(this.keypair.publicKey);
+  }
+  /**
+   * Get the secret key as a hexadecimal string.
+   *
+   * Returns the secret key component of this keypair encoded as a hex string.
+   * This can be used to serialize the secret key for storage or transmission.
+   *
+   * @returns The secret key encoded as a hexadecimal string
+   */
+  getSecretKey() {
+    return (0, import_utils9.bytesToHex)(bigInt2Buffer(this.keypair.secretKey));
+  }
+  getFormatedPrivKey() {
+    return this.keypair.formatedPrivKey;
+  }
+  /**
+   * Sign a message using this keypair's secret key.
+   *
+   * Creates a cryptographic signature for the provided message using the
+   * EdDSA-Poseidon signature algorithm. The signature can later be verified
+   * using the corresponding public key.
+   *
+   * @param message The message to sign (as BigNumberish - can be bigint, string, or number)
+   * @returns The cryptographic signature of the message
+   */
+  sign(message) {
+    const sig = (0, import_eddsa_poseidon4.signMessage)(bigInt2Buffer(this.keypair.secretKey), message);
+    return sig;
+  }
+  /**
+   * Derive an EdDSA-Poseidon keypair from a mnemonic phrase and derivation path.
+   *
+   * This method implements hierarchical deterministic (HD) key derivation following
+   * the BIP-32 standard. The mnemonic phrase must be normalized and validated against
+   * the English wordlist before use.
+   *
+   * @param mnemonics The mnemonic phrase (12, 15, 18, 21, or 24 words)
+   * @param path Optional BIP-32 derivation path. If not provided, uses the default path.
+   *             Must be in the form m/44'/118'/{account_index}'/{change_index}/{address_index}
+   *
+   * @returns A new EdDSAPoseidonKeypair derived from the mnemonic and path
+   * @throws Error if the derivation path is invalid or key derivation fails
+   */
+  static deriveKeypair(mnemonics, path) {
+    if (path == null) {
+      path = DEFAULT_EDDSA_POSEIDON_DERIVATION_PATH;
+    }
+    if (!isValidBIP32Path(path)) {
+      throw new Error("Invalid derivation path");
+    }
+    const seed = mnemonicToSeed(mnemonics);
+    const hdKey = import_bip32.HDKey.fromMasterSeed(seed);
+    const derivedKey = hdKey.derive(path);
+    if (!derivedKey.privateKey) {
+      throw new Error("Invalid key");
+    }
+    const privateKeyHex = Buffer.from(derivedKey.privateKey).toString(
+      "hex"
+    );
+    const secretKey = BigInt("0x" + privateKeyHex) % SNARK_FIELD_SIZE;
+    const unPackedPubKey = genPubKey(secretKey);
+    const pubKey = packPubKey(unPackedPubKey);
+    return new _EdDSAPoseidonKeypair({
+      publicKey: pubKey,
+      secretKey,
+      formatedPrivKey: formatPrivKeyForBabyJub(secretKey)
+    });
+  }
+  /**
+   * Sign a payload containing contract address and amount information.
+   *
+   * This method creates a structured payload with the contract address, amount,
+   * and public key coordinates, then generates a cryptographic signature over
+   * the JSON-serialized payload using SHA-256 hashing.
+   *
+   * The resulting signature can be used as a certificate or proof of authorization
+   * for the specified contract address and amount.
+   *
+   * @param params The payload parameters
+   * @param params.amount The amount value as a string
+   * @param params.contractAddress The contract address to include in the payload
+   *
+   * @returns Base64-encoded signature of the payload
+   */
+  signPayload({
+    amount,
+    contractAddress
+  }) {
+    const payload = {
+      amount,
+      contract_address: addressToUint256(contractAddress).toString(),
+      pubkey_x: this.getPublicKey().toPoints()[0].toString(),
+      pubkey_y: this.getPublicKey().toPoints()[1].toString()
+    };
+    const bytes = new TextEncoder().encode(JSON.stringify(payload));
+    const msgHash = (0, import_sha2563.sha256)(bytes);
+    const signature = this.sign(msgHash);
+    return toBase64(new Uint8Array((0, import_eddsa_poseidon4.packSignature)(signature)));
+  }
+  /**
+   * Sign a credential containing contract address and amount using Poseidon hashing.
+   *
+   * This method creates a cryptographic credential by signing a structured message
+   * using the Poseidon hash function (hash5). The message includes the amount,
+   * contract address (converted to uint256), public key coordinates, and a zero nonce.
+   *
+   * This type of credential is optimized for zero-knowledge proof systems where
+   * Poseidon hashing is more efficient than traditional hash functions.
+   *
+   * @param params The credential parameters
+   * @param params.amount The amount value as a string (will be converted to BigInt)
+   * @param params.contractAddress The contract address (will be converted to uint256)
+   *
+   * @returns Base64-encoded signature of the credential
+   */
+  signCredential({
+    amount,
+    contractAddress
+  }) {
+    const messageHash = hash5([
+      BigInt(amount),
+      BigInt(addressToUint256(contractAddress)),
+      this.getPublicKey().toPoints()[0],
+      this.getPublicKey().toPoints()[1],
+      BigInt(0)
+      // Nonce field (currently set to 0)
+    ]);
+    const signature = this.sign(messageHash);
+    return toBase64(new Uint8Array((0, import_eddsa_poseidon4.packSignature)(signature)));
+  }
+  /**
+   * Generates an Elliptic-Curve Diffie–Hellman (ECDH) shared key given a private
+   * key and a public key.
+   * @param pubKey A public key generated using genPubKey()
+   * @returns The ECDH shared key.
+   */
+  genEcdhSharedKey(pubKey) {
+    return (0, import_baby_jubjub3.mulPointEscalar)(
+      pubKey,
+      this.keypair.formatedPrivKey
+    );
+  }
+  genDeactivateRoot(accounts, stateTreeDepth) {
+    const unpackedAccounts = accounts.length > 0 && typeof accounts[0] === "bigint" ? accounts.map((account) => unpackPubKey(account)) : accounts;
+    const deactivates = unpackedAccounts.map((account) => {
+      const sharedKey = this.genEcdhSharedKey(account);
+      const deactivate = encryptOdevity(
+        false,
+        // isOdd: According to circuit rules, odd values indicate active accounts and even values indicate inactive accounts. Set to false here to ensure valid signup
+        this.getPublicKey().toPoints(),
+        genRandomBabyJubValue()
+      );
+      return [
+        deactivate.c1.x,
+        deactivate.c1.y,
+        deactivate.c2.x,
+        deactivate.c2.y,
+        poseidon(sharedKey)
+      ];
+    });
+    const degree = 5;
+    const depth = stateTreeDepth + 2;
+    const zero = 0n;
+    const tree = new Tree(degree, depth, zero);
+    const leaves = deactivates.map((deactivate) => poseidon(deactivate));
+    tree.initLeaves(leaves);
+    return {
+      deactivates,
+      root: tree.root,
+      leaves,
+      tree
+      // Return tree instance for later retrieval of path elements
+    };
+  }
+};
+
+// src/libs/account/keypair.ts
+var getDerivePathForMACI = (derivePathParams = {}) => {
+  const { accountIndex = 0, isExternal = false, addressIndex = 0 } = derivePathParams;
+  return `m/44'/118'/${accountIndex}'/${isExternal ? 1 : 0}/${addressIndex}`;
+};
+var getKeyPair = (mnemonics, derivePathParams = {}) => {
+  const derivePath = getDerivePathForMACI(derivePathParams);
+  return EdDSAPoseidonKeypair.deriveKeypair(mnemonics, derivePath);
+};
+
+// src/libs/account/crypto.ts
+var import_bip392 = require("@scure/bip39");
+var import_english = require("@scure/bip39/wordlists/english");
+var generateMnemonic = (numberOfWords = 24) => {
+  const strength = numberOfWords === 12 ? 128 : 256;
+  return (0, import_bip392.generateMnemonic)(import_english.wordlist, strength);
+};
+
+// src/libs/account/index.ts
+var MaciAccount = class {
+  /**
+   * Support the following ways to init the SuiToolkit:
+   * 1. mnemonics
+   * 2. secretKey (base64 or hex)
+   * If none of them is provided, will generate a random mnemonics with 24 words.
+   *
+   * @param mnemonics, 12 or 24 mnemonics words, separated by space
+   * @param secretKey, base64 or hex string or Bech32 string, when mnemonics is provided, secretKey will be ignored
+   */
+  constructor({ mnemonic, secretKey } = {}) {
+    this.mnemonic = mnemonic || "";
+    this.secretKey = secretKey || "";
+    if (!this.mnemonic && !this.secretKey) {
+      this.mnemonic = generateMnemonic(24);
+    }
+    this.currentKeypair = this.secretKey ? this.parseSecretKey(this.secretKey) : getKeyPair(this.mnemonic);
+    this.currentPubkey = this.currentKeypair.getPublicKey();
+  }
+  /**
+   * Check if the secretKey starts with bench32 format
+   */
+  parseSecretKey(secretKey) {
+    return EdDSAPoseidonKeypair.fromSecretKey(secretKey);
+  }
+  /**
+   * if derivePathParams is not provided or mnemonics is empty, it will return the currentKeyPair.
+   * else:
+   * it will generate keyPair from the mnemonic with the given derivePathParams.
+   */
+  getKeyPair(derivePathParams) {
+    if (!derivePathParams || !this.mnemonic) return this.currentKeypair;
+    return getKeyPair(this.mnemonic, derivePathParams);
+  }
+  /**
+   * Switch the current account with the given derivePathParams.
+   * This is only useful when the mnemonic is provided. For secretKey mode, it will always use the same account.
+   */
+  switchAccount(derivePathParams) {
+    if (this.mnemonic) {
+      this.currentKeypair = getKeyPair(this.mnemonic, derivePathParams);
+      this.currentPubkey = this.currentKeypair.getPublicKey();
+    }
+  }
+};
+
+// src/voter.ts
+var import_poseidon_cipher3 = require("@zk-kit/poseidon-cipher");
+var VoterClient = class _VoterClient {
+  /**
+   * @constructor
+   * @param {VoterClientParams} params - The parameters for the Maci Voter Client instance.
+   */
+  constructor({
+    network,
+    mnemonic,
+    secretKey,
+    apiEndpoint,
+    restEndpoint,
+    saasApiEndpoint,
+    saasApiKey,
+    registryAddress,
+    customFetch,
+    defaultOptions
+  }) {
+    this.network = network;
+    this.accountManager = new MaciAccount({ mnemonic, secretKey });
+    const defaultParams = getDefaultParams(network);
+    this.restEndpoint = restEndpoint || defaultParams.restEndpoint;
+    this.apiEndpoint = apiEndpoint || defaultParams.apiEndpoint;
+    this.saasApiEndpoint = saasApiEndpoint || defaultParams.saasApiEndpoint;
+    this.registryAddress = registryAddress || defaultParams.registryAddress;
+    this.http = new Http(this.apiEndpoint, this.restEndpoint, customFetch, defaultOptions);
+    this.indexer = new Indexer({
+      restEndpoint: this.restEndpoint,
+      apiEndpoint: this.apiEndpoint,
+      // Indexer GraphQL API
+      registryAddress: this.registryAddress,
+      http: this.http
+    });
+    this.saasApiClient = new MaciApiClient({
+      baseUrl: this.saasApiEndpoint,
+      apiKey: saasApiKey,
+      customFetch
+    });
+  }
+  /**
+   * Set SaaS API key for MaciApiClient
+   */
+  setSaasApiKey(apiKey) {
+    if (!this.saasApiClient) {
+      throw new Error(
+        "SaaS API client not initialized. Please provide saasApiEndpoint in constructor."
+      );
+    }
+    this.saasApiClient.setApiKey(apiKey);
+  }
+  /**
+   * Get SaaS API client instance
+   */
+  getSaasApiClient() {
+    if (!this.saasApiClient) {
+      throw new Error(
+        "SaaS API client not initialized. Please provide saasApiEndpoint in constructor."
+      );
+    }
+    return this.saasApiClient;
+  }
+  /**
+   * else:
+   * it will generate signer from the mnemonic with the given derivePathParams.
+   * @param derivePathParams, such as { accountIndex: 2, isExternal: false, addressIndex: 10 }, comply with the BIP44 standard
+   */
+  getSigner(derivePathParams) {
+    return this.accountManager.getKeyPair(derivePathParams);
+  }
+  packMaciPubkey(pubkey) {
+    return packPubKey(pubkey || this.accountManager.currentPubkey.toPoints());
+  }
+  unpackMaciPubkey(pubkey) {
+    return unpackPubKey(BigInt(pubkey));
+  }
+  getPubkey(derivePathParams) {
+    return this.accountManager.getKeyPair(derivePathParams).getPublicKey();
+  }
+  buildVotePayload({
+    stateIdx,
+    operatorPubkey,
+    selectedOptions,
+    derivePathParams
+  }) {
+    const idxSet = /* @__PURE__ */ new Set();
+    for (const option of selectedOptions) {
+      if (idxSet.has(option.idx)) {
+        throw new Error(`Duplicate option index (${option.idx}) is not allowed`);
+      }
+      idxSet.add(option.idx);
+    }
+    const options = selectedOptions.filter((o) => !!o.vc).sort((a, b) => a.idx - b.idx);
+    const plan = options.map((o) => {
+      return [o.idx, o.vc];
+    });
+    const payload = this.batchGenMessage(stateIdx, operatorPubkey, plan, derivePathParams);
+    return stringizing(payload);
+  }
+  batchGenMessage(stateIdx, operatorPubkey, plan, derivePathParams) {
+    const genMessage = this.genMessageFactory(stateIdx, operatorPubkey, derivePathParams);
+    const payload = [];
+    for (let i = plan.length - 1; i >= 0; i--) {
+      const p = plan[i];
+      const encAccount = genKeypair();
+      const msg = genMessage(BigInt(encAccount.privKey), i + 1, p[0], p[1], i === plan.length - 1);
+      payload.push({
+        msg,
+        encPubkeys: encAccount.pubKey
+      });
+    }
+    return payload;
+  }
+  genMessageFactory(stateIdx, operatorPubkey, derivePathParams) {
+    return (encPriKey, nonce, voIdx, newVotes, isLastCmd, salt) => {
+      if (!salt) {
+        salt = BigInt(`0x${import_crypto_js3.default.lib.WordArray.random(7).toString(import_crypto_js3.default.enc.Hex)}`);
+      }
+      const packaged = BigInt(nonce) + (BigInt(stateIdx) << 32n) + (BigInt(voIdx) << 64n) + (BigInt(newVotes) << 96n) + (BigInt(salt) << 192n);
+      const signer = this.getSigner(derivePathParams);
+      let newPubKey = [...signer.getPublicKey().toPoints()];
+      if (isLastCmd) {
+        newPubKey = [0n, 0n];
+      }
+      const hash = poseidon([packaged, ...newPubKey]);
+      const signature = signer.sign(hash);
+      const command = [packaged, ...newPubKey, ...signature.R8, signature.S];
+      const coordPubkey = this.unpackMaciPubkey(operatorPubkey);
+      const message = (0, import_poseidon_cipher3.poseidonEncrypt)(command, genEcdhSharedKey(encPriKey, coordPubkey), 0n);
+      return message;
+    };
+  }
+  async getStateIdxByPubKey({
+    contractAddress,
+    pubKey
+  }) {
+    const response = await this.indexer.getSignUpEventByPubKey(contractAddress, pubKey);
+    if (isErrorResponse(response)) {
+      return -1;
+    }
+    return response.data.signUpEvents[0].stateIdx;
+  }
+  async buildAddNewKeyPayload({
+    stateTreeDepth,
+    operatorPubkey,
+    deactivates,
+    wasmFile,
+    zkeyFile,
+    derivePathParams
+  }) {
+    const [coordPubkeyX, coordPubkeyY] = this.unpackMaciPubkey(operatorPubkey);
+    const addKeyInput = await this.genAddKeyInput(stateTreeDepth + 2, {
+      coordPubKey: [coordPubkeyX, coordPubkeyY],
+      deactivates: deactivates.map((d) => d.map(BigInt)),
+      derivePathParams
+    });
+    if (addKeyInput === null) {
+      throw Error("genAddKeyInput failed");
+    }
+    const { proof } = await import_snarkjs.groth16.fullProve(addKeyInput, wasmFile, zkeyFile);
+    const proofHex = await adaptToUncompressed(proof);
+    return {
+      proof: proofHex,
+      d: [
+        addKeyInput.d1[0].toString(),
+        addKeyInput.d1[1].toString(),
+        addKeyInput.d2[0].toString(),
+        addKeyInput.d2[1].toString()
+      ],
+      nullifier: addKeyInput.nullifier.toString()
+    };
+  }
+  async buildPreAddNewKeyPayload({
+    stateTreeDepth,
+    coordinatorPubkey,
+    deactivates,
+    wasmFile,
+    zkeyFile,
+    derivePathParams
+  }) {
+    const [coordPubkeyX, coordPubkeyY] = this.unpackMaciPubkey(coordinatorPubkey);
+    const addKeyInput = await this.genPreAddKeyInput(stateTreeDepth + 2, {
+      coordPubKey: [coordPubkeyX, coordPubkeyY],
+      deactivates: deactivates.map((d) => d.map(BigInt)),
+      derivePathParams
+    });
+    if (addKeyInput === null) {
+      throw Error("genPreAddKeyInput failed, cannot find deactivate idx");
+    }
+    const { proof } = await import_snarkjs.groth16.fullProve(addKeyInput, wasmFile, zkeyFile);
+    const proofHex = await adaptToUncompressed(proof);
+    return {
+      proof: proofHex,
+      d: [
+        addKeyInput.d1[0].toString(),
+        addKeyInput.d1[1].toString(),
+        addKeyInput.d2[0].toString(),
+        addKeyInput.d2[1].toString()
+      ],
+      nullifier: addKeyInput.nullifier.toString()
+    };
+  }
+  async genAddKeyInput(depth, {
+    coordPubKey,
+    deactivates,
+    derivePathParams
+  }) {
+    const signer = this.getSigner(derivePathParams);
+    const sharedKeyHash = poseidon(signer.genEcdhSharedKey(coordPubKey));
+    const randomVal = genRandomSalt();
+    const deactivateIdx = deactivates.findIndex((d) => d[4] === sharedKeyHash);
+    if (deactivateIdx < 0) {
+      return null;
+    }
+    const deactivateLeaf = deactivates[deactivateIdx];
+    const c1 = [deactivateLeaf[0], deactivateLeaf[1]];
+    const c2 = [deactivateLeaf[2], deactivateLeaf[3]];
+    const { d1, d2 } = rerandomize(coordPubKey, { c1, c2 }, randomVal);
+    const nullifier = poseidon([signer.getFormatedPrivKey(), 1444992409218394441042n]);
+    const tree = new Tree(5, depth, 0n);
+    const leaves = deactivates.map((d) => poseidon(d));
+    tree.initLeaves(leaves);
+    const deactivateRoot = tree.root;
+    const deactivateLeafPathElements = tree.pathElementOf(deactivateIdx);
+    const inputHash = BigInt(
+      (0, import_ethers4.solidityPackedSha256)(
+        new Array(7).fill("uint256"),
+        stringizing([
+          deactivateRoot,
+          poseidon(coordPubKey),
+          nullifier,
+          d1[0],
+          d1[1],
+          d2[0],
+          d2[1]
+        ])
+      )
+    ) % SNARK_FIELD_SIZE;
+    const input = {
+      inputHash,
+      coordPubKey,
+      deactivateRoot,
+      deactivateIndex: deactivateIdx,
+      deactivateLeaf: poseidon(deactivateLeaf),
+      c1,
+      c2,
+      randomVal,
+      d1,
+      d2,
+      deactivateLeafPathElements,
+      nullifier,
+      oldPrivateKey: signer.getFormatedPrivKey()
+    };
+    return input;
+  }
+  async genPreAddKeyInput(depth, {
+    coordPubKey,
+    deactivates,
+    derivePathParams
+  }) {
+    const signer = this.getSigner(derivePathParams);
+    const sharedKeyHash = poseidon(signer.genEcdhSharedKey(coordPubKey));
+    const randomVal = genRandomSalt();
+    const deactivateIdx = deactivates.findIndex((d) => d[4] === sharedKeyHash);
+    if (deactivateIdx < 0) {
+      return null;
+    }
+    const deactivateLeaf = deactivates[deactivateIdx];
+    const c1 = [deactivateLeaf[0], deactivateLeaf[1]];
+    const c2 = [deactivateLeaf[2], deactivateLeaf[3]];
+    const { d1, d2 } = rerandomize(coordPubKey, { c1, c2 }, randomVal);
+    const nullifier = poseidon([signer.getFormatedPrivKey(), 1444992409218394441042n]);
+    const tree = new Tree(5, depth, 0n);
+    const leaves = deactivates.map((d) => poseidon(d));
+    tree.initLeaves(leaves);
+    const deactivateRoot = tree.root;
+    const deactivateLeafPathElements = tree.pathElementOf(deactivateIdx);
+    const inputHash = BigInt(
+      (0, import_ethers4.solidityPackedSha256)(
+        new Array(7).fill("uint256"),
+        stringizing([
+          deactivateRoot,
+          poseidon(coordPubKey),
+          nullifier,
+          d1[0],
+          d1[1],
+          d2[0],
+          d2[1]
+        ])
+      )
+    ) % SNARK_FIELD_SIZE;
+    const input = {
+      inputHash,
+      coordPubKey,
+      deactivateRoot,
+      deactivateIndex: deactivateIdx,
+      deactivateLeaf: poseidon(deactivateLeaf),
+      c1,
+      c2,
+      randomVal,
+      d1,
+      d2,
+      deactivateLeafPathElements,
+      nullifier,
+      oldPrivateKey: signer.getFormatedPrivKey()
+    };
+    return input;
+  }
+  async buildDeactivatePayload({
+    stateIdx,
+    operatorPubkey,
+    derivePathParams
+  }) {
+    const payload = this.batchGenMessage(stateIdx, operatorPubkey, [[0, 0]], derivePathParams);
+    return stringizing(payload[0]);
+  }
+  // ==================== SaaS API Client Methods ====================
+  /**
+   * Get pre-deactivate data via SaaS API
+   * @param contractAddress - Contract address
+   */
+  async saasGetPreDeactivate(contractAddress) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.getPreDeactivate({ contractAddress });
+  }
+  /**
+   * Pre add new key via SaaS API
+   * @param params - Pre add new key parameters
+   */
+  async saasSubmitPreAddNewKey(params) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.preAddNewKey(params);
+  }
+  /**
+   * Vote via SaaS API
+   * @param params - Vote parameters
+   */
+  async saasSubmitVote(params) {
+    if (!this.saasApiClient) {
+      throw new Error("SaaS API client not initialized");
+    }
+    return await this.saasApiClient.vote(params);
+  }
+  // ==================== Maci Voter Methods ====================
+  async saasPreCreateNewAccount({
+    contractAddress,
+    stateTreeDepth,
+    coordinatorPubkey,
+    deactivates,
+    wasmFile,
+    zkeyFile,
+    derivePathParams
+  }) {
+    const addNewKeyPayload = await this.buildPreAddNewKeyPayload({
+      stateTreeDepth,
+      coordinatorPubkey,
+      deactivates,
+      wasmFile,
+      zkeyFile,
+      derivePathParams
+    });
+    const newVoterClient = new _VoterClient({
+      network: this.network,
+      restEndpoint: this.restEndpoint,
+      apiEndpoint: this.apiEndpoint,
+      saasApiEndpoint: this.saasApiEndpoint,
+      registryAddress: this.registryAddress
+    });
+    const addNewKeyResult = await newVoterClient.saasSubmitPreAddNewKey({
+      contractAddress,
+      proof: addNewKeyPayload.proof,
+      d: addNewKeyPayload.d,
+      nullifier: addNewKeyPayload.nullifier,
+      newPubkey: newVoterClient.getPubkey().toPoints().map((p) => p.toString())
+    });
+    return {
+      result: addNewKeyResult,
+      account: newVoterClient
+    };
+  }
+  async saasVote({
+    contractAddress,
+    // stateIdx,
+    operatorPubkey,
+    selectedOptions,
+    derivePathParams
+  }) {
+    const stateIdx = await this.getStateIdxByPubKey({
+      contractAddress,
+      pubKey: this.getPubkey(derivePathParams).toPoints()
+    });
+    if (stateIdx === -1) {
+      throw new Error("State index is not set, Please signup or addNewKey first");
+    }
+    const payload = this.buildVotePayload({
+      stateIdx,
+      operatorPubkey,
+      selectedOptions,
+      derivePathParams
+    });
+    const voteResult = await this.saasSubmitVote({
+      contractAddress,
+      payload
+    });
+    return voteResult;
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   Circuit,
+  EdDSAPoseidonKeypair,
+  EdDSAPoseidonPublicKey,
   G1Point,
   G2Point,
   Http,
+  MaciApiClient,
   MaciCertSystemType,
   MaciCircuitType,
   MaciClient,
@@ -9161,12 +10559,23 @@ var MaciClient2 = class {
   Transaction,
   Tree,
   UserAccount,
+  VoterClient,
+  adaptToUncompressed,
+  addressToUint256,
   batchGenMessage,
   bigInt2Buffer,
+  bigintToHex,
   buffer2Bigint,
   circuits,
+  compressPublicKey,
+  decompressPublicKey,
   destringizing,
+  encryptOdevity,
   formatPrivKeyForBabyJub,
+  fromB64,
+  fromBase64,
+  fromHEX,
+  fromHex,
   genAddKeyInput,
   genEcdhSharedKey,
   genKeypair,
@@ -9179,6 +10588,9 @@ var MaciClient2 = class {
   genRandomKey,
   genRandomSalt,
   getAMaciRoundCircuitFee,
+  getCurveFromName,
+  getCurveFromQ,
+  getCurveFromR,
   getDefaultParams,
   hash12,
   hash2,
@@ -9189,6 +10601,8 @@ var MaciClient2 = class {
   hashLeftRight,
   hashN,
   hashOne,
+  hexToBigInt,
+  hexToDecimalString,
   isValidAddress,
   packPubKey,
   poseidon,
@@ -9197,9 +10611,15 @@ var MaciClient2 = class {
   poseidonT5,
   poseidonT6,
   privateKeyFromTxt,
+  rerandomize,
   sha256Hash,
   signMessage,
   stringizing,
+  toB64,
+  toBase64,
+  toHEX,
+  toHex,
+  transformPubkey,
   unpackPubKey
 });
 //# sourceMappingURL=index.js.map