@enbox/agent 0.0.1

package/dist/types/did-api.d.ts

@@ -0,0 +1,119 @@
+import type { DidDocument, DidMetadata, PortableDid, DidMethodApi, DidDhtCreateOptions, DidJwkCreateOptions, DidResolutionResult, DidResolutionOptions, DidVerificationMethod, DidResolverCache } from '@enbox/dids';
+import { BearerDid, UniversalResolver } from '@enbox/dids';
+import type { AgentDataStore } from './store-data.js';
+import type { AgentKeyManager } from './types/key-manager.js';
+import type { ResponseStatus, Web5PlatformAgent } from './types/agent.js';
+export declare enum DidInterface {
+    Create = "Create",
+    Resolve = "Resolve"
+}
+export interface DidMessageParams {
+    [DidInterface.Create]: DidCreateParams;
+    [DidInterface.Resolve]: DidResolveParams;
+}
+export interface DidMessageResult {
+    [DidInterface.Create]: DidCreateResult;
+    [DidInterface.Resolve]: DidResolveResult;
+}
+export type DidCreateResult = {
+    uri: string;
+    document: DidDocument;
+    metadata: DidMetadata;
+};
+export type DidResolveResult = DidResolutionResult;
+export type DidRequest<T extends DidInterface> = {
+    messageType: T;
+    messageParams: DidMessageParams[T];
+};
+export type DidResolveParams = {
+    didUri: string;
+    options?: DidResolutionOptions;
+};
+export type DidResponse<T extends DidInterface> = ResponseStatus & {
+    result?: DidMessageResult[T];
+};
+export interface DidCreateParams<TKeyManager = AgentKeyManager, TMethod extends keyof DidMethodCreateOptions<TKeyManager> = keyof DidMethodCreateOptions<TKeyManager>> {
+    method: TMethod;
+    options?: DidMethodCreateOptions<TKeyManager>[TMethod];
+    store?: boolean;
+    tenant?: string;
+}
+export interface DidMethodCreateOptions<TKeyManager> {
+    dht: DidDhtCreateOptions<TKeyManager>;
+    jwk: DidJwkCreateOptions<TKeyManager>;
+}
+export interface DidApiParams {
+    didMethods: DidMethodApi[];
+    agent?: Web5PlatformAgent;
+    /**
+     * An optional `DidResolverCache` instance used for caching resolved DID documents.
+     *
+     * Providing a cache implementation can significantly enhance resolution performance by avoiding
+     * redundant resolutions for previously resolved DIDs. If omitted, the default is an instance of `AgentDidResolverCache`.
+     *
+     * `AgentDidResolverCache` keeps a stale copy of the Agent's managed Identity DIDs and only refreshes upon a successful resolution.
+     * This allows for quick and offline access to the internal DIDs used by the agent.
+     */
+    resolverCache?: DidResolverCache;
+    store?: AgentDataStore<PortableDid>;
+}
+export declare function isDidRequest<T extends DidInterface>(didRequest: DidRequest<DidInterface>, messageType: T): didRequest is DidRequest<T>;
+/**
+ * This API is used to manage and interact with DIDs within the Web5 Agent framework.
+ *
+ * If a DWN Data Store is used, the DID information is stored under DID's own tenant by default.
+ * If a tenant property is passed, that tenant will be used to store the DID information.
+ */
+export declare class AgentDidApi<TKeyManager extends AgentKeyManager = AgentKeyManager> extends UniversalResolver {
+    /**
+     * Holds the instance of a `Web5PlatformAgent` that represents the current execution context for
+     * the `AgentDidApi`. This agent is used to interact with other Web5 agent components. It's vital
+     * to ensure this instance is set to correctly contextualize operations within the broader Web5
+     * Agent framework.
+     */
+    private _agent?;
+    private _didMethods;
+    private _store;
+    constructor({ agent, didMethods, resolverCache, store }: DidApiParams);
+    /**
+     * Retrieves the `Web5PlatformAgent` execution context.
+     *
+     * @returns The `Web5PlatformAgent` instance that represents the current execution context.
+     * @throws Will throw an error if the `agent` instance property is undefined.
+     */
+    get agent(): Web5PlatformAgent;
+    set agent(agent: Web5PlatformAgent);
+    create({ method, tenant, options, store }: DidCreateParams<TKeyManager>): Promise<BearerDid>;
+    export({ didUri, tenant }: {
+        didUri: string;
+        tenant?: string;
+    }): Promise<PortableDid>;
+    get({ didUri, tenant }: {
+        didUri: string;
+        tenant?: string;
+    }): Promise<BearerDid | undefined>;
+    getSigningMethod({ didUri, methodId }: {
+        didUri: string;
+        methodId?: string;
+    }): Promise<DidVerificationMethod>;
+    update({ tenant, portableDid, publish }: {
+        tenant?: string;
+        portableDid: PortableDid;
+        publish?: boolean;
+    }): Promise<BearerDid>;
+    import({ portableDid, tenant }: {
+        portableDid: PortableDid;
+        tenant?: string;
+    }): Promise<BearerDid>;
+    delete({ didUri, tenant, deleteKey }: {
+        didUri: string;
+        tenant?: string;
+        deleteKey?: boolean;
+    }): Promise<void>;
+    deleteKeys({ portableDid }: {
+        portableDid: PortableDid;
+    }): Promise<void>;
+    processRequest<T extends DidInterface>(request: DidRequest<T>): Promise<DidResponse<T>>;
+    private getMethod;
+}
+//# sourceMappingURL=did-api.d.ts.map

package/dist/types/did-api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"did-api.d.ts","sourceRoot":"","sources":["../../src/did-api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,WAAW,EACX,WAAW,EACX,YAAY,EACZ,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,qBAAqB,EACrB,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,SAAS,EAAe,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAExE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAM1E,oBAAY,YAAY;IACtB,MAAM,WAAY;IAElB,OAAO,YAAY;CAEpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,eAAe,CAAC;IAEvC,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAE1C;AAED,MAAM,WAAW,gBAAgB;IAC/B,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,eAAe,CAAC;IAEvC,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAE1C;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,WAAW,CAAC;IACtB,QAAQ,EAAE,WAAW,CAAC;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG,mBAAmB,CAAA;AAElD,MAAM,MAAM,UAAU,CAAC,CAAC,SAAS,YAAY,IAAI;IAC/C,WAAW,EAAE,CAAC,CAAC;IACf,aAAa,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;CACpC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,oBAAoB,CAAC;CAChC,CAAA;AAED,MAAM,MAAM,WAAW,CAAC,CAAC,SAAS,YAAY,IAAI,cAAc,GAAG;IACjE,MAAM,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;CAC9B,CAAC;AAEF,MAAM,WAAW,eAAe,CAC9B,WAAW,GAAG,eAAe,EAC7B,OAAO,SAAS,MAAM,sBAAsB,CAAC,WAAW,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC;IAErG,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,CAAC,EAAE,sBAAsB,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC;IACvD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,sBAAsB,CAAC,WAAW;IACjD,GAAG,EAAE,mBAAmB,CAAC,WAAW,CAAC,CAAC;IACtC,GAAG,EAAE,mBAAmB,CAAC,WAAW,CAAC,CAAC;CACvC;AAED,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,YAAY,EAAE,CAAC;IAE3B,KAAK,CAAC,EAAE,iBAAiB,CAAC;IAE1B;;;;;;;;OAQG;IACH,aAAa,CAAC,EAAE,gBAAgB,CAAC;IAEjC,KAAK,CAAC,EAAE,cAAc,CAAC,WAAW,CAAC,CAAC;CACrC;AAED,wBAAgB,YAAY,CAAC,CAAC,SAAS,YAAY,EACjD,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC,GACnD,UAAU,IAAI,UAAU,CAAC,CAAC,CAAC,CAE7B;AAED;;;;;GAKG;AACH,qBAAa,WAAW,CAAC,WAAW,SAAS,eAAe,GAAG,eAAe,CAAE,SAAQ,iBAAiB;IACvG;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,CAAoB;IAEnC,OAAO,CAAC,WAAW,CAAwC;IAE3D,OAAO,CAAC,MAAM,CAA8B;gBAEhC,EAAE,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,YAAY;IAsBrE;;;;;OAKG;IACH,IAAI,KAAK,IAAI,iBAAiB,CAM7B;IAED,IAAI,KAAK,CAAC,KAAK,EAAE,iBAAiB,EAOjC;IAEY,MAAM,CAAC,EAClB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAC/B,EAAE,eAAe,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC;IA+BvC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;QACtC,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,WAAW,CAAC;IAeX,GAAG,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;QACnC,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,GAAG,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC;IAUrB,gBAAgB,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;QAClD,MAAM,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAsBrB,MAAM,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,OAAc,EAAE,EAAE;QAC3D,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,WAAW,CAAC;QACzB,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,GAAG,OAAO,CAAC,SAAS,CAAC;IAgDT,MAAM,CAAC,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE;QAC3C,WAAW,EAAE,WAAW,CAAC;QACzB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,SAAS,CAAC;IA4BT,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,SAAgB,EAAE,EAAE;QACxD,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,SAAS,CAAC,EAAE,OAAO,CAAC;KACrB,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBJ,UAAU,CAAC,EAAE,WAAW,EAAE,EAAE;QACvC,WAAW,EAAE,WAAW,CAAC;KAC1B,GAAG,OAAO,CAAC,IAAI,CAAC;IAWJ,cAAc,CAAC,CAAC,SAAS,YAAY,EAChD,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,GACrB,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;IAuC1B,OAAO,CAAC,SAAS;CASlB"}

package/dist/types/dwn-api.d.ts

@@ -0,0 +1,66 @@
+import { Dwn, DwnConfig, GenericMessage } from '@enbox/dwn-sdk-js';
+import type { Web5PlatformAgent } from './types/agent.js';
+import type { DwnMessage, DwnMessagesPermissionScope, DwnPermissionScope, DwnRecordsInterfaces, DwnRecordsPermissionScope, DwnResponse, ProcessDwnRequest, SendDwnRequest } from './types/dwn.js';
+import { DwnInterface } from './types/dwn.js';
+export type DwnMessageWithBlob<T extends DwnInterface> = {
+    message: DwnMessage[T];
+    data?: Blob;
+};
+export type DwnApiParams = {
+    agent?: Web5PlatformAgent;
+    dwn: Dwn;
+};
+export interface DwnApiCreateDwnParams extends Partial<DwnConfig> {
+    dataPath?: string;
+}
+export declare function isDwnRequest<T extends DwnInterface>(dwnRequest: ProcessDwnRequest<DwnInterface>, messageType: T): dwnRequest is ProcessDwnRequest<T>;
+export declare function isDwnMessage<T extends DwnInterface>(messageType: T, message: GenericMessage): message is DwnMessage[T];
+export declare function isRecordsType(messageType: DwnInterface): messageType is DwnRecordsInterfaces;
+export declare function isRecordPermissionScope(scope: DwnPermissionScope): scope is DwnRecordsPermissionScope;
+export declare function isMessagesPermissionScope(scope: DwnPermissionScope): scope is DwnMessagesPermissionScope;
+export declare class AgentDwnApi {
+    /**
+     * Holds the instance of a `Web5PlatformAgent` that represents the current execution context for
+     * the `AgentDwnApi`. This agent is used to interact with other Web5 agent components. It's vital
+     * to ensure this instance is set to correctly contextualize operations within the broader Web5
+     * Agent framework.
+     */
+    private _agent?;
+    /**
+     * The DWN instance to use for this API.
+     */
+    private _dwn;
+    constructor({ agent, dwn }: DwnApiParams);
+    /**
+     * Retrieves the `Web5PlatformAgent` execution context.
+     *
+     * @returns The `Web5PlatformAgent` instance that represents the current execution context.
+     * @throws Will throw an error if the `agent` instance property is undefined.
+     */
+    get agent(): Web5PlatformAgent;
+    set agent(agent: Web5PlatformAgent);
+    /**
+     * Public getter for the DWN instance used by this API.
+     *
+     * Notes:
+     * - This getter is public to allow advanced developers to access the DWN instance directly.
+     *   However, it is recommended to use the `processRequest` method to interact with the DWN
+     *   instance to ensure that the DWN message is constructed correctly.
+     * - The getter is named `node` to avoid confusion with the `dwn` property of the
+     *   `Web5PlatformAgent`. In other words, so that a developer can call `agent.dwn.node` to access
+     *   the DWN instance and not `agent.dwn.dwn`.
+     */
+    get node(): Dwn;
+    static createDwn({ dataPath, dataStore, didResolver, eventLog, eventStream, messageStore, tenantGate, resumableTaskStore }: DwnApiCreateDwnParams): Promise<Dwn>;
+    processRequest<T extends DwnInterface>(request: ProcessDwnRequest<T>): Promise<DwnResponse<T>>;
+    sendRequest<T extends DwnInterface>(request: SendDwnRequest<T>): Promise<DwnResponse<T>>;
+    private sendDwnRpcRequest;
+    private constructDwnMessage;
+    private hasGrantParams;
+    private getSigner;
+    /**
+     * FURTHER REFACTORING NEEDED BELOW THIS LINE
+     */
+    private getDwnMessage;
+}
+//# sourceMappingURL=dwn-api.d.ts.map

package/dist/types/dwn-api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dwn-api.d.ts","sourceRoot":"","sources":["../../src/dwn-api.ts"],"names":[],"mappings":"AAEA,OAAO,EAGL,GAAG,EACH,SAAS,EAKT,cAAc,EAIf,MAAM,mBAAmB,CAAC;AAM3B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,KAAK,EACV,UAAU,EAIV,0BAA0B,EAE1B,kBAAkB,EAClB,oBAAoB,EACpB,yBAAyB,EACzB,WAAW,EAGX,iBAAiB,EACjB,cAAc,EACf,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,YAAY,EAA0B,MAAM,gBAAgB,CAAC;AAGtE,MAAM,MAAM,kBAAkB,CAAC,CAAC,SAAS,YAAY,IAAI;IACvD,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,EAAE,IAAI,CAAC;CACb,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,CAAC,EAAE,iBAAiB,CAAC;IAC1B,GAAG,EAAE,GAAG,CAAC;CACV,CAAA;AAED,MAAM,WAAW,qBAAsB,SAAQ,OAAO,CAAC,SAAS,CAAC;IAC/D,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,YAAY,CAAC,CAAC,SAAS,YAAY,EACjD,UAAU,EAAE,iBAAiB,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC,GAC1D,UAAU,IAAI,iBAAiB,CAAC,CAAC,CAAC,CAEpC;AAED,wBAAgB,YAAY,CAAC,CAAC,SAAS,YAAY,EACjD,WAAW,EAAE,CAAC,EAAE,OAAO,EAAE,cAAc,GACtC,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,CAG1B;AAED,wBAAgB,aAAa,CAAC,WAAW,EAAE,YAAY,GAAG,WAAW,IAAI,oBAAoB,CAM5F;AAED,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,kBAAkB,GAAG,KAAK,IAAI,yBAAyB,CAErG;AAED,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,kBAAkB,GAAG,KAAK,IAAI,0BAA0B,CAExG;AAED,qBAAa,WAAW;IACtB;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,CAAoB;IAEnC;;OAEG;IACH,OAAO,CAAC,IAAI,CAAM;gBAEN,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,YAAY;IAQxC;;;;;OAKG;IACH,IAAI,KAAK,IAAI,iBAAiB,CAM7B;IAED,IAAI,KAAK,CAAC,KAAK,EAAE,iBAAiB,EAEjC;IAED;;;;;;;;;;OAUG;IACH,IAAI,IAAI,IAAI,GAAG,CAEd;WAEmB,SAAS,CAAC,EAC5B,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,kBAAkB,EACtG,EAAE,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC;IAsB1B,cAAc,CAAC,CAAC,SAAS,YAAY,EAChD,OAAO,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAC5B,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;IA0Bb,WAAW,CAAC,CAAC,SAAS,YAAY,EAC7C,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC,GACzB,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;YAgDZ,iBAAiB;YA0DjB,mBAAmB;IA2EjC,OAAO,CAAC,cAAc;YAMR,SAAS;IA4CvB;;OAEG;YAEW,aAAa;CAgC5B"}

package/dist/types/dwn-registrar.d.ts

@@ -0,0 +1,29 @@
+/**
+ * A client for registering tenants with a DWN.
+ */
+export declare class DwnRegistrar {
+    /**
+     * Registers a new tenant with the given DWN.
+     * NOTE: Assumes the user has already accepted the terms of service.
+     * NOTE: Currently the DWN Server from `dwn-server` does not require user signature.
+     * TODO: bring in types from `dwn-server`.
+     */
+    static registerTenant(dwnEndpoint: string, did: string): Promise<void>;
+    /**
+     * Computes the SHA-256 hash of the given array of strings.
+     */
+    static hashAsHexString(input: string): Promise<string>;
+    /**
+     * Finds a response nonce that qualifies the difficulty requirement for the given proof-of-work challenge and request data.
+     */
+    static findQualifiedResponseNonce(input: {
+        maximumAllowedHashValue: string;
+        challengeNonce: string;
+        requestData: string;
+    }): Promise<string>;
+    /**
+     * Generates 32 random bytes expressed as a HEX string.
+     */
+    static generateNonce(): Promise<string>;
+}
+//# sourceMappingURL=dwn-registrar.d.ts.map

package/dist/types/dwn-registrar.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dwn-registrar.d.ts","sourceRoot":"","sources":["../../src/dwn-registrar.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,qBAAa,YAAY;IACvB;;;;;OAKG;WACiB,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA6DnF;;OAEG;WACiB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMnE;;OAEG;WACiB,0BAA0B,CAAC,KAAK,EAAE;QACpD,uBAAuB,EAAE,MAAM,CAAC;QAChC,cAAc,EAAE,MAAM,CAAC;QACvB,WAAW,EAAE,MAAM,CAAC;KACrB,GAAG,OAAO,CAAC,MAAM,CAAC;IA2BnB;;OAEG;WACiB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC;CAKrD"}

package/dist/types/hd-identity-vault.d.ts

@@ -0,0 +1,306 @@
+import { BearerDid } from '@enbox/dids';
+import type { IdentityVaultBackup, IdentityVaultStatus, IdentityVaultParams, IdentityVault } from './types/identity-vault.js';
+import { AgentCryptoApi } from './crypto-api.js';
+/**
+ * Extended initialization parameters for HdIdentityVault, including an optional recovery phrase
+ * that can be used to derive keys to encrypt the vault and generate a DID.
+ */
+export type HdIdentityVaultInitializeParams = {
+    /**
+      * The password used to secure the vault.
+      *
+      * The password selected should be strong and securely managed to prevent unauthorized access.
+      */
+    password: string;
+    /**
+     * An optional recovery phrase used to derive the cryptographic keys for the vault.
+     *
+     * Providing a recovery phrase can be used to recover the vault's content or establish a
+     * deterministic key generation scheme. If not provided, a new recovery phrase will be generated
+     * during the initialization process.
+     */
+    recoveryPhrase?: string;
+    /**
+     * Optional dwnEndpoints to register didService endpoints during HdIdentityVault initialization
+     *
+     * The dwnEndpoints are used to register a DWN endpoint during DidDht.create(). This allows the
+     * agent to properly recover connectedDids from DWN. Also, this pattern can be used on the server
+     * side in place of the agentDid-->connectedDids pattern.
+     */
+    dwnEndpoints?: string[];
+};
+/**
+ * The `HdIdentityVault` class provides secure storage and management of identity data.
+ *
+ * The `HdIdentityVault` class implements the `IdentityVault` interface, providing secure storage
+ * and management of identity data with an added layer of security using Hierarchical Deterministic
+ * (HD) key derivation based on the SLIP-0010 standard for Ed25519 keys. It enhances identity
+ * protection by generating and securing the identity using a derived HD key, allowing for the
+ * deterministic regeneration of keys from a recovery phrase.
+ *
+ * The vault is capable of:
+ * - Secure initialization with a password and an optional recovery phrase, employing HD key
+ *   derivation.
+ * - Encrypting the identity data using a derived content encryption key (CEK) which is securely
+ *   encrypted and stored, accessible only by the correct password.
+ * - Securely backing up and restoring the vault’s contents, including the HD-derived keys and
+ *   associated DID.
+ * - Locking and unlocking the vault, which encrypts and decrypts the CEK for secure access to the
+ *   vault's contents.
+ * - Managing the DID associated with the identity, providing a secure identity layer for
+ *   applications.
+ *
+ * Usage involves initializing the vault with a secure password (and optionally a recovery phrase),
+ * which then allows for the secure storage, backup, and retrieval of the identity data.
+ *
+ * Note: Ensure the password is strong and securely managed, as it is crucial for the security of the
+ * vault's encrypted contents.
+ *
+ * @example
+ * ```typescript
+ * const vault = new HdIdentityVault();
+ * await vault.initialize({ password: 'secure-unique-phrase', recoveryPhrase: 'twelve words ...' });
+ * const backup = await vault.backup();
+ * await vault.restore({ backup, password: 'secure-unique-phrase' });
+ * ```
+ */
+export declare class HdIdentityVault implements IdentityVault<{
+    InitializeResult: string;
+}> {
+    /** Provides cryptographic functions needed for secure storage and management of the vault. */
+    crypto: AgentCryptoApi;
+    /** Determines the computational intensity of the key derivation process. */
+    private _keyDerivationWorkFactor;
+    /** The underlying key-value store for the vault's encrypted content. */
+    private _store;
+    /** The cryptographic key used to encrypt and decrypt the vault's content securely. */
+    private _contentEncryptionKey;
+    /**
+     * Constructs an instance of `HdIdentityVault`, initializing the key derivation factor and data
+     * store. It sets the default key derivation work factor and initializes the internal data store,
+     * either with the provided store or a default in-memory store. It also establishes the initial
+     * status of the vault as uninitialized and locked.
+     *
+     * @param params - Optional parameters when constructing a vault instance.
+     * @param params.keyDerivationWorkFactor - Optionally set the computational effort for key derivation.
+     * @param params.store - Optionally specify a custom key-value store for vault data.
+     */
+    constructor({ keyDerivationWorkFactor, store }?: IdentityVaultParams);
+    /**
+     * Creates a backup of the vault's current state, including the encrypted DID and content
+     * encryption key, and returns it as an `IdentityVaultBackup` object. The backup includes a
+     * Base64Url-encoded string representing the vault's encrypted data, encapsulating the
+     * {@link PortableDid}, the content encryption key, and the vault's status.
+     *
+     * This method ensures that the vault is initialized and unlocked before proceeding with the
+     * backup operation.
+     *
+     * @throws Error if the vault is not initialized or is locked, preventing the backup.
+     * @returns A promise that resolves to the `IdentityVaultBackup` object containing the vault's
+     *          encrypted backup data.
+     */
+    backup(): Promise<IdentityVaultBackup>;
+    /**
+     * Changes the password used to secure the vault.
+     *
+     * This method decrypts the existing content encryption key (CEK) with the old password, then
+     * re-encrypts it with the new password, updating the vault's stored encrypted CEK. It ensures
+     * that the vault is initialized and unlocks the vault if the password is successfully changed.
+     *
+     * @param params - Parameters required for changing the vault password.
+     * @param params.oldPassword - The current password used to unlock the vault.
+     * @param params.newPassword - The new password to replace the existing one.
+     * @throws Error if the vault is not initialized or the old password is incorrect.
+     * @returns A promise that resolves when the password change is complete.
+     */
+    changePassword({ oldPassword, newPassword }: {
+        oldPassword: string;
+        newPassword: string;
+    }): Promise<void>;
+    /**
+     * Retrieves the DID (Decentralized Identifier) associated with the vault.
+     *
+     * This method ensures the vault is initialized and unlocked before decrypting and returning the
+     * DID. The DID is stored encrypted and  is decrypted using the vault's content encryption key.
+     *
+     * @throws Error if the vault is not initialized, is locked, or the DID cannot be decrypted.
+     * @returns A promise that resolves with a {@link BearerDid}.
+     */
+    getDid(): Promise<BearerDid>;
+    /**
+     * Fetches the current status of the `HdIdentityVault`, providing details on whether it's
+     * initialized and the timestamps of the last backup and restore operations.
+     *
+     * @returns A promise that resolves with the current status of the `HdIdentityVault`, detailing
+     *          its initialization, lock state, and the timestamps of the last backup and restore.
+     */
+    getStatus(): Promise<IdentityVaultStatus>;
+    /**
+     * Initializes the `HdIdentityVault` with a password and an optional recovery phrase.
+     *
+     * If a recovery phrase is not provided, a new one is generated. This process sets up the vault,
+     * deriving the necessary cryptographic keys and preparing the vault for use. It ensures the vault
+     * is ready to securely store and manage identity data.
+     *
+     * @example
+     * ```ts
+     * const identityVault = new HdIdentityVault();
+     * const recoveryPhrase = await identityVault.initialize({
+     *   password: 'your-secure-phrase'
+     * });
+     * console.log('Vault initialized. Recovery phrase:', recoveryPhrase);
+     * ```
+     *
+     * @param params - The initialization parameters.
+     * @param params.password - The password used to secure the vault.
+     * @param params.recoveryPhrase - An optional 12-word recovery phrase for key derivation. If
+     *                                omitted, a new recovery is generated.
+     * @returns A promise that resolves with the recovery phrase used during the initialization, which
+     *          should be securely stored by the user.
+     */
+    initialize({ password, recoveryPhrase, dwnEndpoints }: HdIdentityVaultInitializeParams): Promise<string>;
+    /**
+     * Determines whether the vault has been initialized.
+     *
+     * This method checks the vault's current status to determine if it has been
+     * initialized. Initialization is a prerequisite for most operations on the vault,
+     * ensuring that it is ready for use.
+     *
+     * @example
+     * ```ts
+     * const isInitialized = await identityVault.isInitialized();
+     * console.log('Is the vault initialized?', isInitialized);
+     * ```
+     *
+     * @returns A promise that resolves to `true` if the vault has been initialized, otherwise `false`.
+     */
+    isInitialized(): Promise<boolean>;
+    /**
+     * Checks if the vault is currently locked.
+     *
+     * This method assesses the vault's current state to determine if it is locked.
+     * A locked vault restricts access to its contents, requiring the correct password
+     * to unlock and access the stored identity data. The vault must be unlocked to
+     * perform operations that access or modify its contents.
+     *
+     * @example
+     * ```ts
+     * const isLocked = await identityVault.isLocked();
+     * console.log('Is the vault locked?', isLocked);
+     * ```
+     *
+     * @returns `true` if the vault is locked, otherwise `false`.
+     */
+    isLocked(): boolean;
+    /**
+     * Locks the `HdIdentityVault`, securing its contents by clearing the in-memory encryption key.
+     *
+     * This method ensures that the vault's sensitive data cannot be accessed without unlocking the
+     * vault again with the correct password. It's an essential security feature for safeguarding
+     * the vault's contents against unauthorized access.
+     *
+     * @example
+     * ```ts
+     * const identityVault = new HdIdentityVault();
+     * await identityVault.lock();
+     * console.log('Vault is now locked.');
+     * ```
+     * @throws An error if the identity vault has not been initialized.
+     * @returns A promise that resolves when the vault is successfully locked.
+     */
+    lock(): Promise<void>;
+    /**
+     * Restores the vault's data from a backup object, decrypting and reinitializing the vault's
+     * content with the provided backup data.
+     *
+     * This operation is crucial for data recovery scenarios, allowing users to regain access to their
+     * encrypted data using a previously saved backup and their password.
+     *
+     * @example
+     * ```ts
+     * const identityVault = new HdIdentityVault();
+     * await identityVault.initialize({ password: 'your-secure-phrase' });
+     * // Create a backup of the vault's contents.
+     * const backup = await identityVault.backup();
+     * // Restore the vault with the same password.
+     * await identityVault.restore({ backup: backup, password: 'your-secure-phrase' });
+     * console.log('Vault restored successfully.');
+     * ```
+     *
+     * @param params - The parameters required for the restore operation.
+     * @param params.backup - The backup object containing the encrypted vault data.
+     * @param params.password - The password used to encrypt the backup, necessary for decryption.
+     * @returns A promise that resolves when the vault has been successfully restored.
+     * @throws An error if the backup object is invalid or if the password is incorrect.
+     */
+    restore({ backup, password }: {
+        backup: IdentityVaultBackup;
+        password: string;
+    }): Promise<void>;
+    /**
+     * Unlocks the vault by decrypting the stored content encryption key (CEK) using the provided
+     * password.
+     *
+     * This method is essential for accessing the vault's encrypted contents, enabling the decryption
+     * of stored data and the execution of further operations requiring the vault to be unlocked.
+     *
+     * @example
+     * ```ts
+     * const identityVault = new HdIdentityVault();
+     * await identityVault.initialize({ password: 'your-initial-phrase' });
+     * // Unlock the vault with the correct password before accessing its contents
+     * await identityVault.unlock({ password: 'your-initial-phrase' });
+     * console.log('Vault unlocked successfully.');
+     * ```
+     *
+     *
+     * @param params - The parameters required for the unlock operation.
+     * @param params.password - The password used to encrypt the vault's CEK, necessary for
+     *                            decryption.
+     * @returns A promise that resolves when the vault has been successfully unlocked.
+     * @throws An error if the vault has not been initialized or if the provided password is
+     *         incorrect.
+     */
+    unlock({ password }: {
+        password: string;
+    }): Promise<void>;
+    /**
+     * Retrieves the Decentralized Identifier (DID) associated with the identity vault from the vault
+     * store.
+     *
+     * This DID is encrypted in compact JWE format and needs to be decrypted after the vault is
+     * unlocked. The method is intended to be used internally within the HdIdentityVault class to access
+     * the encrypted PortableDid.
+     *
+     * @returns A promise that resolves to the encrypted DID stored in the vault as a compact JWE.
+     * @throws Will throw an error if the DID cannot be retrieved from the vault.
+     */
+    private getStoredDid;
+    /**
+     * Retrieves the encrypted Content Encryption Key (CEK) from the vault's storage.
+     *
+     * This CEK is used for encrypting and decrypting the vault's contents. It is stored as a
+     * compact JWE and should be decrypted with the user's password to be used for further
+     * cryptographic operations.
+     *
+     * @returns A promise that resolves to the stored CEK as a string in compact JWE format.
+     * @throws Will throw an error if the CEK cannot be retrieved, indicating potential issues with
+     *         the vault's integrity or state.
+     */
+    private getStoredContentEncryptionKey;
+    /**
+     * Updates the status of the `HdIdentityVault`, reflecting changes in its initialization, lock
+     * state, and the timestamps of the last backup and restore operations.
+     *
+     * This method directly manipulates the internal state stored in the vault's key-value store.
+     *
+     * @param params - The status properties to be updated.
+     * @param params.initialized - Updates the initialization state of the vault.
+     * @param params.lastBackup - Updates the timestamp of the last successful backup.
+     * @param params.lastRestore - Updates the timestamp of the last successful restore.
+     * @returns A promise that resolves to a boolean indicating successful status update.
+     * @throws Will throw an error if the status cannot be updated in the key-value store.
+     */
+    private setStatus;
+}
+//# sourceMappingURL=hd-identity-vault.d.ts.map

package/dist/types/hd-identity-vault.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hd-identity-vault.d.ts","sourceRoot":"","sources":["../../src/hd-identity-vault.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,SAAS,EAAU,MAAM,aAAa,CAAC;AAMhD,OAAO,KAAK,EAAE,mBAAmB,EAA2B,mBAAmB,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAEvJ,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAMjD;;;GAGG;AACH,MAAM,MAAM,+BAA+B,GAAG;IAC5C;;;;QAII;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;;;;;OAMG;IACF,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B,CAAC;AAyDH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,qBAAa,eAAgB,YAAW,aAAa,CAAC;IAAE,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC;IACjF,8FAA8F;IACvF,MAAM,iBAAwB;IAErC,4EAA4E;IAC5E,OAAO,CAAC,wBAAwB,CAAS;IAEzC,wEAAwE;IACxE,OAAO,CAAC,MAAM,CAAgC;IAE9C,sFAAsF;IACtF,OAAO,CAAC,qBAAqB,CAAkB;IAE/C;;;;;;;;;OASG;gBACS,EAAE,uBAAuB,EAAE,KAAK,EAAE,GAAE,mBAAwB;IAKxE;;;;;;;;;;;;OAYG;IACU,MAAM,IAAI,OAAO,CAAC,mBAAmB,CAAC;IA+BnD;;;;;;;;;;;;OAYG;IACU,cAAc,CAAC,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE;QACxD,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;KACrB,GAAG,OAAO,CAAC,IAAI,CAAC;IAiDjB;;;;;;;;OAQG;IACU,MAAM,IAAI,OAAO,CAAC,SAAS,CAAC;IA2BzC;;;;;;OAMG;IACU,SAAS,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAqBtD;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACU,UAAU,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,EAChE,+BAA+B,GAC9B,OAAO,CAAC,MAAM,CAAC;IAqNlB;;;;;;;;;;;;;;OAcG;IACU,aAAa,IAAI,OAAO,CAAC,OAAO,CAAC;IAI9C;;;;;;;;;;;;;;;OAeG;IACI,QAAQ,IAAI,OAAO;IAI1B;;;;;;;;;;;;;;;OAeG;IACU,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAWlC;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;QACzC,MAAM,EAAE,mBAAmB,CAAC;QAC5B,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,IAAI,CAAC;IAoDjB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,MAAM,CAAC,EAAE,QAAQ,EAAE,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBtE;;;;;;;;;;OAUG;YACW,YAAY;IAe1B;;;;;;;;;;OAUG;YACW,6BAA6B;IAe3C;;;;;;;;;;;;OAYG;YACW,SAAS;CAcxB"}

package/dist/types/identity-api.d.ts

@@ -0,0 +1,107 @@
+import type { RequireOnly } from '@enbox/common';
+import type { AgentDataStore } from './store-data.js';
+import type { Web5PlatformAgent } from './types/agent.js';
+import type { DidMethodCreateOptions } from './did-api.js';
+import type { AgentKeyManager } from './types/key-manager.js';
+import type { IdentityMetadata, PortableIdentity } from './types/identity.js';
+import { BearerIdentity } from './bearer-identity.js';
+export interface IdentityApiParams<TKeyManager extends AgentKeyManager> {
+    agent?: Web5PlatformAgent<TKeyManager>;
+    store?: AgentDataStore<IdentityMetadata>;
+}
+export interface IdentityCreateParams<TKeyManager = AgentKeyManager, TMethod extends keyof DidMethodCreateOptions<TKeyManager> = keyof DidMethodCreateOptions<TKeyManager>> {
+    metadata: RequireOnly<IdentityMetadata, 'name'>;
+    didMethod?: TMethod;
+    didOptions?: DidMethodCreateOptions<TKeyManager>[TMethod];
+    store?: boolean;
+}
+export declare function isPortableIdentity(obj: unknown): obj is PortableIdentity;
+/**
+ * This API is used to manage and interact with Identities within the Web5 Agent framework.
+ * An Identity is a DID that is associated with metadata that describes the Identity.
+ * Metadata includes A name(label), and whether or not the Identity is connected (delegated to act on the behalf of another DID).
+ *
+ * A KeyManager is used to manage the cryptographic keys associated with the Identities.
+ *
+ * The `DidApi` is used internally to create, store, and manage DIDs.
+ * When a DWN Data Store is used, the Identity and DID information are stored under the Agent DID's tenant.
+ */
+export declare class AgentIdentityApi<TKeyManager extends AgentKeyManager = AgentKeyManager> {
+    /**
+     * Holds the instance of a `Web5PlatformAgent` that represents the current execution context for
+     * the `AgentIdentityApi`. This agent is used to interact with other Web5 agent components. It's
+     * vital to ensure this instance is set to correctly contextualize operations within the broader
+     * Web5 Agent framework.
+     */
+    private _agent?;
+    private _store;
+    constructor({ agent, store }?: IdentityApiParams<TKeyManager>);
+    /**
+     * Retrieves the `Web5PlatformAgent` execution context.
+     *
+     * @returns The `Web5PlatformAgent` instance that represents the current execution context.
+     * @throws Will throw an error if the `agent` instance property is undefined.
+     */
+    get agent(): Web5PlatformAgent<TKeyManager>;
+    set agent(agent: Web5PlatformAgent<TKeyManager>);
+    get tenant(): string;
+    create({ metadata, didMethod, didOptions, store }: IdentityCreateParams<TKeyManager>): Promise<BearerIdentity>;
+    export({ didUri }: {
+        didUri: string;
+    }): Promise<PortableIdentity>;
+    get({ didUri }: {
+        didUri: string;
+    }): Promise<BearerIdentity | undefined>;
+    import({ portableIdentity }: {
+        portableIdentity: PortableIdentity;
+    }): Promise<BearerIdentity>;
+    list({ tenant }?: {
+        tenant?: string;
+    }): Promise<BearerIdentity[]>;
+    delete({ didUri }: {
+        didUri: string;
+    }): Promise<void>;
+    /**
+     * Returns the DWN endpoints for the given DID.
+     *
+     * @param didUri - The DID URI to get the DWN endpoints for.
+     * @returns An array of DWN endpoints.
+     * @throws An error if the DID is not found, or no DWN service exists.
+     */
+    getDwnEndpoints({ didUri }: {
+        didUri: string;
+    }): Promise<string[]>;
+    /**
+     * Sets the DWN endpoints for the given DID.
+     *
+     * @param didUri - The DID URI to set the DWN endpoints for.
+     * @param endpoints - The array of DWN endpoints to set.
+     * @throws An error if the DID is not found, or if an update cannot be performed.
+     */
+    setDwnEndpoints({ didUri, endpoints }: {
+        didUri: string;
+        endpoints: string[];
+    }): Promise<void>;
+    /**
+     * Updates the Identity's metadata name field.
+     *
+     * @param didUri - The DID URI of the Identity to update.
+     * @param name - The new name to set for the Identity.
+     *
+     * @throws An error if the Identity is not found, name is not provided, or no changes are detected.
+     */
+    setMetadataName({ didUri, name }: {
+        didUri: string;
+        name: string;
+    }): Promise<void>;
+    /**
+     * Returns the connected Identity, if one is available.
+     *
+     * Accepts optional `connectedDid` parameter to filter the a specific connected identity,
+     * if none is provided the first connected identity is returned.
+     */
+    connectedIdentity({ connectedDid }?: {
+        connectedDid?: string;
+    }): Promise<BearerIdentity | undefined>;
+}
+//# sourceMappingURL=identity-api.d.ts.map

package/dist/types/identity-api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity-api.d.ts","sourceRoot":"","sources":["../../src/identity-api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,KAAK,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAE9E,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAMtD,MAAM,WAAW,iBAAiB,CAAC,WAAW,SAAS,eAAe;IACpE,KAAK,CAAC,EAAE,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAEvC,KAAK,CAAC,EAAE,cAAc,CAAC,gBAAgB,CAAC,CAAC;CAC1C;AAED,MAAM,WAAW,oBAAoB,CACnC,WAAW,GAAG,eAAe,EAC7B,OAAO,SAAS,MAAM,sBAAsB,CAAC,WAAW,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC;IAErG,QAAQ,EAAE,WAAW,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAChD,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,sBAAsB,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC;IAC1D,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,gBAAgB,CAMxE;AAED;;;;;;;;;GASG;AACH,qBAAa,gBAAgB,CAAC,WAAW,SAAS,eAAe,GAAG,eAAe;IACjF;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,CAAiC;IAEhD,OAAO,CAAC,MAAM,CAAmC;gBAErC,EAAE,KAAK,EAAE,KAAK,EAAE,GAAE,iBAAiB,CAAC,WAAW,CAAM;IAOjE;;;;;OAKG;IACH,IAAI,KAAK,IAAI,iBAAiB,CAAC,WAAW,CAAC,CAM1C;IAED,IAAI,KAAK,CAAC,KAAK,EAAE,iBAAiB,CAAC,WAAW,CAAC,EAE9C;IAED,IAAI,MAAM,IAAI,MAAM,CAMnB;IAEY,MAAM,CAAC,EAAE,QAAQ,EAAE,SAAiB,EAAE,UAAU,EAAE,KAAK,EAAE,EACpE,oBAAoB,CAAC,WAAW,CAAC,GAChC,OAAO,CAAC,cAAc,CAAC;IA8Bb,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE;QAC9B,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAchB,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE;QAC3B,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,cAAc,GAAG,SAAS,CAAC;IAqB1B,MAAM,CAAC,EAAE,gBAAgB,EAAE,EAAE;QACxC,gBAAgB,EAAE,gBAAgB,CAAC;KACpC,GAAG,OAAO,CAAC,cAAc,CAAC;IAgCd,IAAI,CAAC,EAAE,MAAM,EAAE,GAAE;QAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;KACZ,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IASrB,MAAM,CAAC,EAAE,MAAM,EAAE,EAAC;QAC7B,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjB;;;;;;OAMG;IACI,eAAe,CAAC,EAAE,MAAM,EAAE,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;KAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAI1E;;;;;;OAMG;IACU,eAAe,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAkC3G;;;;;;;OAOG;IACU,eAAe,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAyB/F;;;;;OAKG;IACU,iBAAiB,CAAC,EAAE,YAAY,EAAE,GAAC;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,cAAc,GAAG,SAAS,CAAC;CAYrH"}