@dupecom/botcha-cloudflare 0.15.0 → 0.18.0

package/dist/dashboard/whitepaper.js

@@ -0,0 +1,418 @@
+import { jsx as _jsx, jsxs as _jsxs } from "hono/jsx/jsx-runtime";
+import { DASHBOARD_CSS } from './styles';
+import { GlobalFooter, OGMeta } from './layout';
+// ============ WHITEPAPER CSS ============
+const WHITEPAPER_CSS = `
+  /* ============ Article layout ============ */
+  .wp {
+    max-width: 740px;
+    margin: 0 auto;
+    padding: 3rem 2rem 4rem;
+  }
+
+  /* ---- Header ---- */
+  .wp-header {
+    text-align: center;
+    margin-bottom: 3rem;
+    padding-bottom: 2rem;
+    border-bottom: 1px solid var(--border);
+  }
+
+  .wp-badge {
+    display: inline-block;
+    font-size: 0.625rem;
+    font-weight: 700;
+    letter-spacing: 0.15em;
+    text-transform: uppercase;
+    padding: 0.3rem 0.875rem;
+    border: 1px solid var(--border);
+    color: var(--text-muted);
+    margin-bottom: 1.5rem;
+  }
+
+  .wp-title {
+    font-size: 2rem;
+    font-weight: 700;
+    line-height: 1.15;
+    margin: 0 0 0.75rem;
+    color: var(--text);
+  }
+
+  .wp-subtitle {
+    font-size: 0.875rem;
+    color: var(--text-muted);
+    line-height: 1.6;
+    margin: 0 0 1rem;
+  }
+
+  .wp-meta {
+    font-size: 0.6875rem;
+    color: var(--text-dim);
+  }
+
+  .wp-meta a {
+    color: var(--text-muted);
+  }
+
+  /* ---- Table of Contents ---- */
+  .wp-toc {
+    border: 1px solid var(--border);
+    padding: 1.5rem 2rem;
+    margin-bottom: 3rem;
+    background: var(--bg);
+  }
+
+  .wp-toc-title {
+    font-size: 0.6875rem;
+    font-weight: 700;
+    letter-spacing: 0.1em;
+    text-transform: uppercase;
+    color: var(--text-dim);
+    margin-bottom: 1rem;
+  }
+
+  .wp-toc ol {
+    list-style: none;
+    padding: 0;
+    margin: 0;
+    counter-reset: toc;
+  }
+
+  .wp-toc li {
+    counter-increment: toc;
+    font-size: 0.8125rem;
+    line-height: 2;
+  }
+
+  .wp-toc li::before {
+    content: counter(toc) ".";
+    display: inline-block;
+    width: 1.5rem;
+    color: var(--text-dim);
+    font-weight: 600;
+  }
+
+  .wp-toc a {
+    color: var(--text);
+    text-decoration: none;
+  }
+
+  .wp-toc a:hover {
+    text-decoration: underline;
+    opacity: 1;
+  }
+
+  /* ---- Prose ---- */
+  .wp h2 {
+    font-size: 1.25rem;
+    font-weight: 700;
+    margin: 3rem 0 1rem;
+    padding-top: 1.5rem;
+    border-top: 1px solid var(--border);
+    color: var(--text);
+  }
+
+  .wp h3 {
+    font-size: 1rem;
+    font-weight: 700;
+    margin: 2rem 0 0.75rem;
+    color: var(--text);
+  }
+
+  .wp p {
+    font-size: 0.875rem;
+    line-height: 1.8;
+    margin: 0 0 1.25rem;
+    color: var(--text);
+  }
+
+  .wp strong {
+    font-weight: 700;
+  }
+
+  .wp em {
+    font-style: italic;
+  }
+
+  .wp ul, .wp ol {
+    font-size: 0.875rem;
+    line-height: 1.8;
+    margin: 0 0 1.25rem;
+    padding-left: 1.5rem;
+    color: var(--text);
+  }
+
+  .wp li {
+    margin-bottom: 0.375rem;
+  }
+
+  .wp li::marker {
+    color: var(--text-dim);
+  }
+
+  .wp a {
+    color: var(--text);
+    text-decoration: underline;
+    text-underline-offset: 3px;
+  }
+
+  .wp a:hover {
+    color: var(--green);
+    opacity: 1;
+  }
+
+  /* ---- Code ---- */
+  .wp code {
+    font-family: var(--font);
+    font-size: 0.8125rem;
+    background: var(--bg-raised);
+    padding: 0.15rem 0.4rem;
+    border: 1px solid var(--border);
+  }
+
+  .wp pre {
+    background: #1a1a1a;
+    color: #e0e0e0;
+    padding: 1.25rem 1.5rem;
+    margin: 0 0 1.5rem;
+    overflow-x: auto;
+    font-size: 0.75rem;
+    line-height: 1.7;
+    border: 2px solid #1a1a1a;
+  }
+
+  .wp pre code {
+    background: none;
+    border: none;
+    padding: 0;
+    color: inherit;
+    font-size: inherit;
+  }
+
+  .wp-code-label {
+    display: block;
+    font-size: 0.625rem;
+    font-weight: 700;
+    letter-spacing: 0.1em;
+    text-transform: uppercase;
+    color: #888;
+    margin-bottom: 0.25rem;
+  }
+
+  /* ---- Tables ---- */
+  .wp table {
+    width: 100%;
+    border-collapse: collapse;
+    margin: 0 0 1.5rem;
+    font-size: 0.8125rem;
+  }
+
+  .wp thead {
+    border-bottom: 2px solid var(--accent);
+  }
+
+  .wp th {
+    text-align: left;
+    padding: 0.5rem 0.75rem;
+    font-weight: 700;
+    font-size: 0.6875rem;
+    letter-spacing: 0.05em;
+    text-transform: uppercase;
+    color: var(--text-muted);
+  }
+
+  .wp td {
+    padding: 0.5rem 0.75rem;
+    border-bottom: 1px solid var(--border);
+    line-height: 1.6;
+  }
+
+  /* ---- Blockquote ---- */
+  .wp blockquote {
+    border-left: 3px solid var(--accent);
+    padding: 0.75rem 1.25rem;
+    margin: 0 0 1.5rem;
+    background: var(--bg-raised);
+    font-size: 0.875rem;
+    line-height: 1.7;
+    color: var(--text-muted);
+  }
+
+  .wp blockquote p {
+    margin: 0;
+    color: var(--text-muted);
+  }
+
+  /* ---- Diagrams ---- */
+  .wp-stack {
+    margin: 1.5rem 0 2rem;
+  }
+
+  .wp-stack-layer {
+    border: 2px solid var(--border);
+    padding: 1rem 1.25rem;
+    background: var(--bg);
+    display: flex;
+    align-items: baseline;
+    gap: 1rem;
+  }
+
+  .wp-stack-layer + .wp-stack-layer {
+    margin-top: -2px;
+  }
+
+  .wp-stack-highlight {
+    border: 3px solid var(--accent);
+    background: var(--bg-raised);
+  }
+
+  .wp-stack-label {
+    font-size: 0.625rem;
+    font-weight: 700;
+    letter-spacing: 0.1em;
+    text-transform: uppercase;
+    color: var(--text-dim);
+    min-width: 6rem;
+  }
+
+  .wp-stack-highlight .wp-stack-label {
+    color: var(--green);
+  }
+
+  .wp-stack-name {
+    font-weight: 700;
+    font-size: 0.9375rem;
+  }
+
+  .wp-stack-desc {
+    font-size: 0.75rem;
+    color: var(--text-muted);
+    margin-left: auto;
+  }
+
+  /* ---- Horizontal rule ---- */
+  .wp hr {
+    border: none;
+    border-top: 1px solid var(--border);
+    margin: 3rem 0;
+  }
+
+  /* ---- Back-to-top nav ---- */
+  .wp-nav {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 1rem 0;
+    margin-bottom: 2rem;
+  }
+
+  .wp-nav a {
+    font-size: 0.75rem;
+    color: var(--text-muted);
+    text-decoration: none;
+  }
+
+  .wp-nav a:hover {
+    color: var(--text);
+    opacity: 1;
+  }
+
+  /* ---- CTA ---- */
+  .wp-cta {
+    text-align: center;
+    padding: 2.5rem 2rem;
+    border: 2px solid var(--accent);
+    margin: 3rem 0 0;
+  }
+
+  .wp-cta-title {
+    font-size: 1rem;
+    font-weight: 700;
+    margin-bottom: 1rem;
+  }
+
+  .wp-cta code {
+    display: block;
+    font-size: 0.75rem;
+    margin: 0.375rem 0;
+    background: none;
+    border: none;
+    color: var(--text-muted);
+  }
+
+  .wp-cta-links {
+    display: flex;
+    justify-content: center;
+    gap: 0.5rem;
+    margin-top: 1.5rem;
+    flex-wrap: wrap;
+  }
+
+  .wp-cta-link {
+    font-size: 0.6875rem;
+    padding: 0.375rem 0.75rem;
+    border: 1px solid var(--border-bright);
+    color: var(--text);
+    text-decoration: none;
+    transition: border-color 0.15s;
+  }
+
+  .wp-cta-link:hover {
+    border-color: var(--accent);
+    opacity: 1;
+  }
+
+  /* ---- Responsive ---- */
+  @media (max-width: 768px) {
+    .wp { padding: 2rem 1rem 3rem; }
+    .wp-title { font-size: 1.5rem; }
+    .wp h2 { font-size: 1.125rem; }
+    .wp pre { font-size: 0.6875rem; padding: 1rem; }
+    .wp table { font-size: 0.75rem; }
+    .wp-stack-layer { flex-direction: column; gap: 0.25rem; }
+    .wp-stack-desc { margin-left: 0; }
+  }
+`;
+const WHITEPAPER_PAGE_CSS = DASHBOARD_CSS + WHITEPAPER_CSS;
+// ============ PAGE COMPONENT ============
+export const WhitepaperPage = ({ version }) => {
+    return (_jsxs("html", { lang: "en", children: [_jsxs("head", { children: [_jsx("meta", { charset: "utf-8" }), _jsx("meta", { name: "viewport", content: "width=device-width, initial-scale=1" }), _jsx("title", { children: "BOTCHA Whitepaper \u2014 Identity Infrastructure for the Agentic Web" }), _jsx("meta", { name: "description", content: "Technical whitepaper on BOTCHA: reverse CAPTCHA for AI agents, Trusted Agent Protocol (TAP), and identity infrastructure for the agentic web." }), _jsx("meta", { name: "keywords", content: "BOTCHA, whitepaper, AI agent identity, Trusted Agent Protocol, TAP, reverse CAPTCHA, agent verification, RFC 9421" }), _jsx(OGMeta, { title: "BOTCHA Whitepaper \u2014 Identity Infrastructure for the Agentic Web", description: "How BOTCHA provides proof of AI, proof of identity, and proof of intent for the agentic web.", url: "https://botcha.ai/whitepaper", type: "article" }), _jsx("link", { rel: "preconnect", href: "https://fonts.googleapis.com" }), _jsx("link", { href: "https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;600;700&display=swap", rel: "stylesheet" }), _jsx("style", { dangerouslySetInnerHTML: { __html: WHITEPAPER_PAGE_CSS } })] }), _jsxs("body", { children: [_jsxs("article", { class: "wp", children: [_jsxs("nav", { class: "wp-nav", children: [_jsx("a", { href: "/", children: "\u2190 botcha.ai" }), _jsx("a", { href: "/whitepaper", children: "v1.0 \u00B7 February 2026" })] }), _jsxs("header", { class: "wp-header", children: [_jsx("div", { class: "wp-badge", children: "Whitepaper" }), _jsx("h1", { class: "wp-title", children: "Identity Infrastructure for the Agentic Web" }), _jsx("p", { class: "wp-subtitle", children: "How BOTCHA provides proof of AI, proof of identity, and proof of intent for AI agents operating on the open internet." }), _jsxs("p", { class: "wp-meta", children: ["Version 1.0 \u00B7 February 2026 \u00B7 ", _jsx("a", { href: "https://dupe.com", children: "Dupe.com" })] })] }), _jsxs("nav", { class: "wp-toc", children: [_jsx("div", { class: "wp-toc-title", children: "Contents" }), _jsxs("ol", { children: [_jsx("li", { children: _jsx("a", { href: "#executive-summary", children: "Executive Summary" }) }), _jsx("li", { children: _jsx("a", { href: "#the-problem", children: "The Problem: Who Is This Agent?" }) }), _jsx("li", { children: _jsx("a", { href: "#what-is-botcha", children: "BOTCHA: Reverse CAPTCHA for AI Agents" }) }), _jsx("li", { children: _jsx("a", { href: "#the-challenge-system", children: "How It Works: The Challenge System" }) }), _jsx("li", { children: _jsx("a", { href: "#tap", children: "The Trusted Agent Protocol (TAP)" }) }), _jsx("li", { children: _jsx("a", { href: "#architecture", children: "Architecture and Security" }) }), _jsx("li", { children: _jsx("a", { href: "#integration", children: "Integration: SDKs and Middleware" }) }), _jsx("li", { children: _jsx("a", { href: "#the-stack", children: "The Agent Infrastructure Stack" }) }), _jsx("li", { children: _jsx("a", { href: "#use-cases", children: "Use Cases" }) }), _jsx("li", { children: _jsx("a", { href: "#roadmap", children: "Roadmap" }) })] })] }), _jsx("h2", { id: "executive-summary", children: "1. Executive Summary" }), _jsx("p", { children: "BOTCHA is a reverse CAPTCHA \u2014 a verification system that proves you are an AI agent, not a human. While traditional CAPTCHAs exist to block bots, BOTCHA exists to welcome them." }), _jsx("p", { children: "As AI agents become first-class participants on the internet \u2014 browsing, purchasing, comparing, auditing \u2014 they need a way to prove their identity and declare their intent. BOTCHA provides three layers of proof:" }), _jsxs("ul", { children: [_jsxs("li", { children: [_jsx("strong", { children: "Proof of AI" }), " \u2014 Computational challenges (SHA-256 hashes in under 500ms) that only machines can solve."] }), _jsxs("li", { children: [_jsx("strong", { children: "Proof of Identity" }), " \u2014 Persistent agent registration with cryptographic keys, verified via HTTP Message Signatures (RFC 9421)."] }), _jsxs("li", { children: [_jsx("strong", { children: "Proof of Intent" }), " \u2014 Capability-scoped sessions where agents declare what they plan to do, for how long, and on behalf of whom."] })] }), _jsxs("p", { children: ["BOTCHA is open source, free to use, and deployed as a hosted service at", ' ', _jsx("a", { href: "https://botcha.ai", children: "botcha.ai" }), ". It ships TypeScript and Python SDKs, server-side verification middleware, a CLI, and a LangChain integration."] }), _jsx("h2", { id: "the-problem", children: "2. The Problem: Who Is This Agent?" }), _jsx("p", { children: "The internet was built for humans. Authentication systems \u2014 passwords, OAuth, CAPTCHAs \u2014 all assume a human is at the keyboard. But the web is changing." }), _jsx("h3", { children: "The rise of agentic AI" }), _jsxs("p", { children: ["AI agents are no longer just answering questions. They are ", _jsx("strong", { children: "browsing" }), " product catalogs on behalf of consumers, ", _jsx("strong", { children: "comparing" }), " prices across retailers,", ' ', _jsx("strong", { children: "purchasing" }), " goods and services with real money,", ' ', _jsx("strong", { children: "auditing" }), " compliance postures, and ", _jsx("strong", { children: "negotiating" }), " contracts."] }), _jsx("p", { children: "Every major AI lab is building agent capabilities. OpenAI's Operator, Anthropic's computer use, Google's Project Mariner \u2014 these are production systems that interact with real APIs and real businesses." }), _jsx("h3", { children: "The identity gap" }), _jsx("p", { children: "When an AI agent hits your API, you face three questions that existing infrastructure cannot answer:" }), _jsxs("ol", { children: [_jsxs("li", { children: [_jsx("strong", { children: "Is this actually an AI agent?" }), " User-Agent strings are trivially spoofable. There is no reliable way to distinguish a real AI agent from a script pretending to be one."] }), _jsxs("li", { children: [_jsx("strong", { children: "Which specific agent is this?" }), " Even if you know it is AI, you do not know if it belongs to a known organization or what its track record is."] }), _jsxs("li", { children: [_jsx("strong", { children: "What does it intend to do?" }), " An agent browsing your catalog is very different from one attempting a purchase. Traditional auth grants blanket access \u2014 it does not capture intent."] })] }), _jsx("h3", { children: "What happens without agent identity" }), _jsx("p", { children: "Without a reliable identity layer, the agentic web defaults to chaos. APIs cannot set appropriate rate limits. Businesses cannot authorize transactions. Agents cannot build reputation. Fraud is trivial because there is no audit trail." }), _jsx("h2", { id: "what-is-botcha", children: "3. BOTCHA: Reverse CAPTCHA for AI Agents" }), _jsx("p", { children: "BOTCHA inverts the CAPTCHA model. Instead of proving you are human, you prove you are a machine." }), _jsx("h3", { children: "The core idea" }), _jsxs("p", { children: ["A CAPTCHA asks: ", _jsx("em", { children: "Can you identify traffic lights in this image?" }), " A human can; a bot struggles."] }), _jsxs("p", { children: ["BOTCHA asks: ", _jsx("em", { children: "Can you compute 5 SHA-256 hashes in 500 milliseconds?" }), " A machine can; a human cannot copy-paste fast enough."] }), _jsx("p", { children: "This inversion is not just a novelty \u2014 it is a fundamental shift. In a world where AI agents are legitimate, wanted participants, the question is no longer \"how do we keep bots out?\" but \"how do we let the right bots in?\"" }), _jsx("h3", { children: "Design principles" }), _jsxs("p", { children: [_jsx("strong", { children: "Agent-first, always." }), " Every feature in BOTCHA requires an AI agent as a participant. Humans are welcome, but only through an agent. If a human wants dashboard access, their agent generates a device code for them. There is no password form."] }), _jsxs("p", { children: [_jsx("strong", { children: "Fail-open on infrastructure errors." }), " If the backing store is unavailable, BOTCHA logs a warning and allows the request through. Blocking legitimate traffic is worse than letting an unverified request pass."] }), _jsxs("p", { children: [_jsx("strong", { children: "Zero configuration to start." }), " An agent can verify itself with a single HTTP request pair. No API keys, no registration \u2014 just solve the challenge and get a token."] }), _jsx("h2", { id: "the-challenge-system", children: "4. How It Works: The Challenge System" }), _jsx("p", { children: "BOTCHA offers four challenge types, each testing a different aspect of machine capability." }), _jsx("h3", { children: "Speed Challenge" }), _jsxs("p", { children: ["The primary verification method. The server generates 5 random 6-digit numbers. The agent computes the SHA-256 hash of each and returns the first 8 hex characters \u2014 all within ", _jsx("strong", { children: "500 milliseconds" }), "."] }), _jsx("p", { children: "The time limit is generous for any programming language but impossible for a human to copy-paste through. The challenge is not computationally hard \u2014 it is computationally trivial, but only if you are a machine." }), _jsxs("p", { children: [_jsx("strong", { children: "RTT-aware fairness:" }), " The time limit adjusts for network latency. An agent on a satellite connection gets extra time. This prevents geographic discrimination while capping at 5 seconds to prevent abuse."] }), _jsx("h3", { children: "Reasoning Challenge" }), _jsx("p", { children: "Tests language understanding. The server selects 3 questions from 6 categories: math, code, logic, wordplay, common-sense, and analogy. The agent has 30 seconds." }), _jsxs("p", { children: ["All questions use ", _jsx("strong", { children: "parameterized generators" }), " producing unique values each time. There is no static question bank to memorize. Combined with 45+ generators, the effective answer space is infinite."] }), _jsx("h3", { children: "Hybrid Challenge" }), _jsxs("p", { children: ["The default challenge type. Combines speed and reasoning \u2014 both must pass. Proves the agent can compute fast ", _jsx("em", { children: "and" }), " reason about language."] }), _jsx("h3", { children: "Standard (Compute) Challenge" }), _jsx("p", { children: "A heavier computational challenge: generate prime numbers, concatenate with a random salt, compute SHA-256. Difficulty scales from easy (100 primes, 10s) to hard (1000 primes, 3s)." }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Challenge" }), _jsx("th", { children: "Tests" }), _jsx("th", { children: "Time Limit" }), _jsx("th", { children: "Best For" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Speed" }), _jsx("td", { children: "Computation speed" }), _jsx("td", { children: "500ms" }), _jsx("td", { children: "Quick verification, high throughput" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Reasoning" }), _jsx("td", { children: "Language understanding" }), _jsx("td", { children: "30s" }), _jsx("td", { children: "Proving AI comprehension" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Hybrid" }), _jsx("td", { children: "Both" }), _jsx("td", { children: "35s" }), _jsx("td", { children: "Default \u2014 strongest proof" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Compute" }), _jsx("td", { children: "Heavy computation" }), _jsx("td", { children: "3-10s" }), _jsx("td", { children: "High-value operations" })] })] })] }), _jsx("h2", { id: "tap", children: "5. The Trusted Agent Protocol (TAP)" }), _jsxs("p", { children: ["Solving a challenge proves you are ", _jsx("em", { children: "a bot" }), ". TAP proves you are", ' ', _jsx("em", { children: "a specific, trusted bot" }), "."] }), _jsx("h3", { children: "What is TAP?" }), _jsxs("p", { children: ["The Trusted Agent Protocol is an identity and authorization layer built on top of BOTCHA's proof-of-bot system. Inspired by", ' ', _jsx("a", { href: "https://developer.visa.com/capabilities/trusted-agent-protocol/overview", target: "_blank", rel: "noopener", children: "Visa's Trusted Agent Protocol" }), ", BOTCHA's TAP provides:"] }), _jsxs("ul", { children: [_jsxs("li", { children: [_jsx("strong", { children: "Persistent agent identity" }), " \u2014 unique ID, name, and operator metadata."] }), _jsxs("li", { children: [_jsx("strong", { children: "Cryptographic verification" }), " \u2014 ECDSA P-256 or RSA-PSS public keys; requests signed via HTTP Message Signatures (RFC 9421)."] }), _jsxs("li", { children: [_jsx("strong", { children: "Capability-based access control" }), " \u2014 agents declare actions: ", _jsx("code", { children: "browse" }), ", ", _jsx("code", { children: "search" }), ", ", _jsx("code", { children: "compare" }), ", ", _jsx("code", { children: "purchase" }), ", ", _jsx("code", { children: "audit" }), "."] }), _jsxs("li", { children: [_jsx("strong", { children: "Intent-scoped sessions" }), " \u2014 time-limited sessions validated against capabilities."] }), _jsxs("li", { children: [_jsx("strong", { children: "Trust levels" }), " \u2014 ", _jsx("code", { children: "basic" }), ", ", _jsx("code", { children: "verified" }), ", ", _jsx("code", { children: "enterprise" }), "."] })] }), _jsx("h3", { children: "Agent registration" }), _jsx("pre", { children: _jsx("code", { children: `POST /v1/agents/register/tap
+{
+  "name": "shopping-agent",
+  "operator": "acme-corp",
+  "capabilities": [
+    { "action": "browse", "scope": ["products", "reviews"] },
+    { "action": "purchase", "scope": ["products"],
+      "restrictions": { "max_amount": 500 } }
+  ],
+  "trust_level": "basic"
+}` }) }), _jsx("p", { children: "For cryptographic identity, agents register a public key and sign requests using RFC 9421:" }), _jsx("pre", { children: _jsx("code", { children: `x-tap-agent-id: agent_6ddfd9f10cfd8dfc
+x-tap-intent: {"action":"browse","resource":"products"}
+signature-input: sig1=("@method" "@path" "x-tap-agent-id");created=...;alg="ecdsa-p256-sha256"
+signature: sig1=:BASE64_SIGNATURE:` }) }), _jsx("h3", { children: "Intent validation and scoped sessions" }), _jsx("p", { children: "Before acting, a TAP agent creates a session declaring its intent. The server validates the intent against the agent's registered capabilities, checks scope, and enforces a maximum duration of 24 hours." }), _jsx("pre", { children: _jsx("code", { children: `POST /v1/sessions/tap
+{
+  "agent_id": "agent_6ddfd9f10cfd8dfc",
+  "intent": { "action": "browse", "resource": "products", "duration": 3600 },
+  "user_context": "anon_user_hash"
+}` }) }), _jsx("h3", { children: "The verification hierarchy" }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Layer" }), _jsx("th", { children: "Proves" }), _jsx("th", { children: "Mechanism" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Anonymous" }), _jsx("td", { children: "\"I am a bot\"" }), _jsx("td", { children: "Speed challenge in <500ms" })] }), _jsxs("tr", { children: [_jsx("td", { children: "App-scoped" }), _jsx("td", { children: "\"I belong to this org\"" }), _jsx("td", { children: "Challenge + app_id" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Agent identity" }), _jsx("td", { children: "\"I am this specific bot\"" }), _jsx("td", { children: "Registered ID + capabilities" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Cryptographic" }), _jsx("td", { children: "\"I can prove I am this bot\"" }), _jsx("td", { children: "RFC 9421 signatures" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Dual auth" }), _jsx("td", { children: "\"Verified bot, proven identity\"" }), _jsx("td", { children: "Challenge + signature" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Intent-scoped" }), _jsx("td", { children: "\"I intend to do this now\"" }), _jsx("td", { children: "Validated session" })] })] })] }), _jsx("h2", { id: "architecture", children: "6. Architecture and Security" }), _jsx("h3", { children: "Infrastructure" }), _jsxs("p", { children: ["BOTCHA runs on ", _jsx("strong", { children: "Cloudflare Workers" }), " \u2014 deployed to 300+ edge locations globally. Sub-50ms cold starts, KV storage for all state, no servers to manage."] }), _jsx("h3", { children: "Token system" }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Token" }), _jsx("th", { children: "Lifetime" }), _jsx("th", { children: "Purpose" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Access token" }), _jsx("td", { children: "5 minutes" }), _jsx("td", { children: "API access via Bearer header" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Refresh token" }), _jsx("td", { children: "1 hour" }), _jsx("td", { children: "Obtain new access tokens without re-solving" })] })] })] }), _jsx("p", { children: "Tokens are HMAC-SHA256 JWTs carrying the solved challenge ID (proof of work), a unique JTI for revocation, optional audience claims, and the solve time in milliseconds." }), _jsx("h3", { children: "Cryptography" }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Operation" }), _jsx("th", { children: "Algorithm" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Challenge answers" }), _jsx("td", { children: "SHA-256" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Token signing" }), _jsx("td", { children: "HMAC-SHA256 (HS256)" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Secret storage" }), _jsx("td", { children: "SHA-256 (never stored in plaintext)" })] }), _jsxs("tr", { children: [_jsx("td", { children: "TAP signatures" }), _jsx("td", { children: "ECDSA P-256 or RSA-PSS SHA-256" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Secret validation" }), _jsx("td", { children: "Constant-time comparison" })] })] })] }), _jsx("h3", { children: "Anti-gaming measures" }), _jsxs("ul", { children: [_jsxs("li", { children: [_jsx("strong", { children: "Single-use challenges" }), " \u2014 deleted from storage on first attempt."] }), _jsxs("li", { children: [_jsx("strong", { children: "Timestamp validation" }), " \u2014 rejects timestamps older than 30 seconds or in the future."] }), _jsxs("li", { children: [_jsx("strong", { children: "RTT capped at 5 seconds" }), " \u2014 prevents time manipulation."] }), _jsxs("li", { children: [_jsx("strong", { children: "Parameterized question generators" }), " \u2014 no static lookup tables."] }), _jsxs("li", { children: [_jsx("strong", { children: "Salted compute challenges" }), " \u2014 defeats precomputed hash tables."] }), _jsxs("li", { children: [_jsx("strong", { children: "User-Agent ignored" }), " \u2014 trivially spoofable, not used for verification."] }), _jsxs("li", { children: [_jsx("strong", { children: "Anti-enumeration" }), " \u2014 recovery endpoints return identical shapes regardless of email existence."] })] }), _jsx("h3", { children: "Human handoff" }), _jsxs("p", { children: ["When a human needs dashboard access, the agent solves a challenge and receives a device code (e.g., ", _jsx("code", { children: "BOTCHA-RBA89X" }), "). The human opens the link and is logged in. This adapts the OAuth 2.0 Device Authorization Grant (RFC 8628) with a twist: the agent must solve a BOTCHA challenge to generate the code. No agent, no code."] }), _jsx("h2", { id: "integration", children: "7. Integration: SDKs and Middleware" }), _jsx("h3", { children: "Client SDKs (for agents)" }), _jsxs("p", { children: [_jsx("strong", { children: "TypeScript" }), " (", _jsx("code", { children: "@dupecom/botcha" }), " on npm):"] }), _jsx("pre", { children: _jsx("code", { children: `import { BotchaClient } from '@dupecom/botcha';
+const client = new BotchaClient();
+
+// Drop-in fetch replacement — auto-solves challenges on 403
+const response = await client.fetch('https://api.example.com/products');
+
+// Or get a token explicitly
+const token = await client.getToken();` }) }), _jsxs("p", { children: [_jsx("strong", { children: "Python" }), " (", _jsx("code", { children: "botcha" }), " on PyPI):"] }), _jsx("pre", { children: _jsx("code", { children: `from botcha import BotchaClient
+
+async with BotchaClient() as client:
+    response = await client.fetch("https://api.example.com/products")
+    token = await client.get_token()` }) }), _jsx("h3", { children: "Server-side verification (for API providers)" }), _jsx("p", { children: _jsx("strong", { children: "Express:" }) }), _jsx("pre", { children: _jsx("code", { children: `import { botchaVerify } from '@botcha/verify';
+app.get('/api/products', botchaVerify({ secret }), handler);` }) }), _jsx("p", { children: _jsx("strong", { children: "FastAPI:" }) }), _jsx("pre", { children: _jsx("code", { children: `from botcha_verify import BotchaVerify
+botcha = BotchaVerify(secret=os.environ["BOTCHA_SECRET"])
+
+@app.get("/api/products")
+async def products(token=Depends(botcha)):
+    return {"solve_time": token.solve_time}` }) }), _jsx("p", { children: "Also available: Hono middleware, Django middleware, and TAP-enhanced middleware with full cryptographic + computational dual verification." }), _jsx("h3", { children: "CLI" }), _jsx("pre", { children: _jsx("code", { children: `npm install -g @dupecom/botcha-cli
+botcha init --email you@company.com
+botcha tap register --name "my-agent" --capabilities browse,search
+botcha tap session --action browse --resource products --duration 1h` }) }), _jsx("h2", { id: "the-stack", children: "8. The Agent Infrastructure Stack" }), _jsx("p", { children: "BOTCHA positions itself alongside other emerging agent protocols:" }), _jsxs("div", { class: "wp-stack", children: [_jsxs("div", { class: "wp-stack-layer wp-stack-highlight", children: [_jsx("span", { class: "wp-stack-label", children: "Layer 3" }), _jsx("span", { class: "wp-stack-name", children: "TAP (BOTCHA)" }), _jsx("span", { class: "wp-stack-desc", children: "Who agents are" })] }), _jsxs("div", { class: "wp-stack-layer", children: [_jsx("span", { class: "wp-stack-label", children: "Layer 2" }), _jsx("span", { class: "wp-stack-name", children: "A2A (Google)" }), _jsx("span", { class: "wp-stack-desc", children: "How agents talk" })] }), _jsxs("div", { class: "wp-stack-layer", children: [_jsx("span", { class: "wp-stack-label", children: "Layer 1" }), _jsx("span", { class: "wp-stack-name", children: "MCP (Anthropic)" }), _jsx("span", { class: "wp-stack-desc", children: "What agents access" })] })] }), _jsxs("p", { children: [_jsx("strong", { children: "MCP" }), " gives agents access to tools and data. ", _jsx("strong", { children: "A2A" }), " enables multi-agent coordination. ", _jsx("strong", { children: "TAP" }), " provides identity, capability scoping, and intent declaration."] }), _jsx("p", { children: "Without an identity layer, the other layers have a trust gap. MCP can give an agent access to a database, but who authorized it? A2A can let agents delegate tasks, but can you trust the delegate? TAP closes this gap." }), _jsx("h2", { id: "use-cases", children: "9. Use Cases" }), _jsx("h3", { children: "E-commerce agent verification" }), _jsxs("p", { children: ["A shopping agent registers with ", _jsx("code", { children: "browse" }), ", ", _jsx("code", { children: "compare" }), ", and", ' ', _jsx("code", { children: "purchase" }), " capabilities. It creates sessions scoped to specific actions. The retailer verifies identity, checks capabilities, and maintains a full audit trail of which agent made each purchase, when, and on behalf of whom."] }), _jsx("h3", { children: "API access control" }), _jsx("p", { children: "An API provider adds BOTCHA middleware to protected endpoints. Legitimate agents solve the speed challenge; scrapers pretending to be AI cannot. The provider gets rate limiting, solve-time analytics, and agent identification \u2014 without requiring API keys." }), _jsx("h3", { children: "Multi-agent systems" }), _jsx("p", { children: "A coordinator agent delegates tasks to sub-agents, each registered with scoped capabilities. The coordinator can verify sub-agent actions via TAP sessions. Capabilities are bounded at the protocol level." }), _jsx("h3", { children: "Compliance and auditing" }), _jsx("p", { children: "Financial services APIs use TAP's audit logging to record every agent interaction. Each request includes agent ID, intent, user context, and timestamp. Trust levels enable graduated access to sensitive endpoints." }), _jsx("h2", { id: "roadmap", children: "10. Roadmap" }), _jsx("h3", { children: "Shipped" }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Feature" }), _jsx("th", { children: "Description" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Challenge types" }), _jsx("td", { children: "Speed, Reasoning, Hybrid, and Compute" })] }), _jsxs("tr", { children: [_jsx("td", { children: "JWT token system" }), _jsx("td", { children: "5-min access, 1-hr refresh, revocation, audience claims" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Multi-tenant apps" }), _jsx("td", { children: "Per-app rate limits, scoped tokens, isolated analytics" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Agent Registry" }), _jsx("td", { children: "Persistent identities with names and operators" })] }), _jsxs("tr", { children: [_jsx("td", { children: "TAP" }), _jsx("td", { children: "Cryptographic identity, capability scoping, intent sessions" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Dashboard" }), _jsx("td", { children: "Per-app analytics and metrics" })] }), _jsxs("tr", { children: [_jsx("td", { children: "SDKs" }), _jsx("td", { children: "TypeScript, Python, CLI, LangChain" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Server verification" }), _jsx("td", { children: "Express, Hono, FastAPI, Django middleware" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Discovery" }), _jsx("td", { children: "ai.txt, OpenAPI, AI Plugin manifest, embedded metadata" })] })] })] }), _jsx("h3", { children: "Planned" }), _jsxs("table", { children: [_jsx("thead", { children: _jsxs("tr", { children: [_jsx("th", { children: "Feature" }), _jsx("th", { children: "Description" })] }) }), _jsxs("tbody", { children: [_jsxs("tr", { children: [_jsx("td", { children: "Delegation chains" }), _jsx("td", { children: "Signed \"User X authorized Agent Y to do Z until T\"" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Capability attestation" }), _jsx("td", { children: "Token claims with server-side enforcement" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Agent reputation" }), _jsx("td", { children: "Trust scores, faster verification for high-rep agents" })] }), _jsxs("tr", { children: [_jsx("td", { children: "Agent SSO" }), _jsx("td", { children: "Verify once, trusted everywhere (OIDC for agents)" })] }), _jsxs("tr", { children: [_jsx("td", { children: "RFC contribution" }), _jsx("td", { children: "Internet-Draft for agent identity, target IETF" })] })] })] }), _jsxs("div", { class: "wp-cta", children: [_jsx("div", { class: "wp-cta-title", children: "Get started in 30 seconds" }), _jsx("code", { children: "npm install -g @dupecom/botcha-cli" }), _jsx("code", { children: "botcha init --email you@company.com" }), _jsx("code", { children: "botcha tap register --name \"my-agent\"" }), _jsxs("div", { class: "wp-cta-links", children: [_jsx("a", { href: "/", class: "wp-cta-link", children: "Home" }), _jsx("a", { href: "https://github.com/dupe-com/botcha", class: "wp-cta-link", children: "GitHub" }), _jsx("a", { href: "/openapi.json", class: "wp-cta-link", children: "OpenAPI" }), _jsx("a", { href: "https://www.npmjs.com/package/@dupecom/botcha", class: "wp-cta-link", children: "npm" }), _jsx("a", { href: "https://pypi.org/project/botcha/", class: "wp-cta-link", children: "PyPI" }), _jsx("a", { href: "/dashboard", class: "wp-cta-link", children: "Dashboard" })] })] })] }), _jsx(GlobalFooter, { version: version })] })] }));
+};

package/dist/email.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"email.d.ts","sourceRoot":"","sources":["../src/email.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,UAAU,UAAU;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,OAAO,EAAE,gBAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CAyCrB;AAID;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAkB7E;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAmB3F;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAe/E"}
+{"version":3,"file":"email.d.ts","sourceRoot":"","sources":["../src/email.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,UAAU,UAAU;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,OAAO,EAAE,gBAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CAyCrB;AAID;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAsB7E;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAmB3F;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,gBAAgB,GAAG;IAAE,EAAE,EAAE,EAAE,CAAA;CAAE,CAe/E"}

package/dist/email.js

@@ -64,12 +64,16 @@ export function verificationEmail(code) {
   <div style="background: #f5f5f5; border: 2px solid #333; padding: 1.5rem; text-align: center; font-size: 2rem; font-weight: bold; letter-spacing: 0.3em; margin: 1.5rem 0;">
     ${code}
   </div>
+  <div style="background: #f0faf0; border: 1px solid #1a8a2a; padding: 1rem; margin: 1.5rem 0;">
+    <p style="font-size: 0.9375rem; font-weight: bold; color: #1a6a1a; margin: 0 0 0.5rem;">&#8594; Go back to your AI agent and paste this code.</p>
+    <p style="font-size: 0.8125rem; color: #333; margin: 0;">Your agent asked for your email and is waiting for this code to finish setting up your account.</p>
+  </div>
   <p style="color: #666; font-size: 0.875rem;">This code expires in 10 minutes.</p>
   <p style="color: #666; font-size: 0.875rem;">If you didn't request this, ignore this email.</p>
   <hr style="border: none; border-top: 1px solid #ddd; margin: 2rem 0;">
   <p style="color: #999; font-size: 0.75rem;">BOTCHA — Prove you're a bot. Humans need not apply.</p>
 </div>`,
-        text: `BOTCHA: Your verification code is ${code}\n\nThis code expires in 10 minutes.\nIf you didn't request this, ignore this email.`,
+        text: `BOTCHA: Your verification code is ${code}\n\n--> Go back to your AI agent and paste this code.\nYour agent asked for your email and is waiting for this code to finish setting up your account.\n\nThis code expires in 10 minutes.\nIf you didn't request this, ignore this email.`,
     };
 }
 /**

package/dist/index.d.ts

@@ -14,6 +14,8 @@ type Bindings = {
     APPS: KVNamespace;
     AGENTS: KVNamespace;
     SESSIONS: KVNamespace;
+    NONCES: KVNamespace;
+    INVOICES: KVNamespace;
     ANALYTICS?: AnalyticsEngineDataset;
     JWT_SECRET: string;
     BOTCHA_VERSION: string;

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.tsx"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAYL,KAAK,WAAW,EACjB,MAAM,cAAc,CAAC;AA0BtB,OAAO,EACL,KAAK,sBAAsB,EAM5B,MAAM,aAAa,CAAC;AAGrB,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,WAAW,CAAC;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,IAAI,EAAE,WAAW,CAAC;IAClB,MAAM,EAAE,WAAW,CAAC;IACpB,QAAQ,EAAE,WAAW,CAAC;IACtB,SAAS,CAAC,EAAE,sBAAsB,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,YAAY,CAAC,EAAE;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,iBAAiB,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH,CAAC;AAEF,QAAA,MAAM,GAAG;cAAwB,QAAQ;eAAa,SAAS;yCAAK,CAAC;AAwhErE,eAAe,GAAG,CAAC;AAGnB,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,yBAAyB,EACzB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,YAAY,GAClB,MAAM,SAAS,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.tsx"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAYL,KAAK,WAAW,EACjB,MAAM,cAAc,CAAC;AAuDtB,OAAO,EACL,KAAK,sBAAsB,EAM5B,MAAM,aAAa,CAAC;AAGrB,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,WAAW,CAAC;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,IAAI,EAAE,WAAW,CAAC;IAClB,MAAM,EAAE,WAAW,CAAC;IACpB,QAAQ,EAAE,WAAW,CAAC;IACtB,MAAM,EAAE,WAAW,CAAC;IACpB,QAAQ,EAAE,WAAW,CAAC;IACtB,SAAS,CAAC,EAAE,sBAAsB,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,YAAY,CAAC,EAAE;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,iBAAiB,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH,CAAC;AAEF,QAAA,MAAM,GAAG;cAAwB,QAAQ;eAAa,SAAS;yCAAK,CAAC;AAuqErE,eAAe,GAAG,CAAC;AAGnB,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,yBAAyB,EACzB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,YAAY,GAClB,MAAM,SAAS,CAAC"}