@gardenfi/utils 2.1.3-beta.2 → 2.1.3-beta.21

package/dist/index297.cjs

@@ -1 +1 @@
-"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});function r(n,a,y){let i="";if(y)for(const e of Object.entries(y)){if(!e)continue;let s="";for(const t of e[1])s+=`[${t.type}${t.name?`:${t.name}`:""}]`;i+=`(${e[0]}{${s}})`}return a?`${a}:${n}${i}`:n}const d=new Map([["address",{type:"address"}],["bool",{type:"bool"}],["bytes",{type:"bytes"}],["bytes32",{type:"bytes32"}],["int",{type:"int256"}],["int256",{type:"int256"}],["string",{type:"string"}],["uint",{type:"uint256"}],["uint8",{type:"uint8"}],["uint16",{type:"uint16"}],["uint24",{type:"uint24"}],["uint32",{type:"uint32"}],["uint64",{type:"uint64"}],["uint96",{type:"uint96"}],["uint112",{type:"uint112"}],["uint160",{type:"uint160"}],["uint192",{type:"uint192"}],["uint256",{type:"uint256"}],["address owner",{type:"address",name:"owner"}],["address to",{type:"address",name:"to"}],["bool approved",{type:"bool",name:"approved"}],["bytes _data",{type:"bytes",name:"_data"}],["bytes data",{type:"bytes",name:"data"}],["bytes signature",{type:"bytes",name:"signature"}],["bytes32 hash",{type:"bytes32",name:"hash"}],["bytes32 r",{type:"bytes32",name:"r"}],["bytes32 root",{type:"bytes32",name:"root"}],["bytes32 s",{type:"bytes32",name:"s"}],["string name",{type:"string",name:"name"}],["string symbol",{type:"string",name:"symbol"}],["string tokenURI",{type:"string",name:"tokenURI"}],["uint tokenId",{type:"uint256",name:"tokenId"}],["uint8 v",{type:"uint8",name:"v"}],["uint256 balance",{type:"uint256",name:"balance"}],["uint256 tokenId",{type:"uint256",name:"tokenId"}],["uint256 value",{type:"uint256",name:"value"}],["event:address indexed from",{type:"address",name:"from",indexed:!0}],["event:address indexed to",{type:"address",name:"to",indexed:!0}],["event:uint indexed tokenId",{type:"uint256",name:"tokenId",indexed:!0}],["event:uint256 indexed tokenId",{type:"uint256",name:"tokenId",indexed:!0}]]);exports.getParameterCacheKey=r;exports.parameterCache=d;
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const y=require("./index291.cjs"),v=require("./index279.cjs");/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const m=BigInt(0),h=BigInt(1);function b(t,r){const e=r.negate();return t?e:r}function B(t,r,e){const n=s=>s.pz,i=v.FpInvertBatch(t.Fp,e.map(n));return e.map((s,a)=>s.toAffine(i[a])).map(t.fromAffine)}function I(t,r){if(!Number.isSafeInteger(t)||t<=0||t>r)throw new Error("invalid window size, expected [1.."+r+"], got W="+t)}function E(t,r){I(t,r);const e=Math.ceil(r/t)+1,n=2**(t-1),i=2**t,o=y.bitMask(t),s=BigInt(t);return{windows:e,windowSize:n,mask:o,maxNumber:i,shiftBy:s}}function M(t,r,e){const{windowSize:n,mask:i,maxNumber:o,shiftBy:s}=e;let a=Number(t&i),f=t>>s;a>n&&(a-=o,f+=h);const d=r*n,c=d+Math.abs(a)-1,p=a===0,l=a<0,w=r%2!==0;return{nextN:f,offset:c,isZero:p,isNeg:l,isNegF:w,offsetF:d}}function O(t,r){if(!Array.isArray(t))throw new Error("array expected");t.forEach((e,n)=>{if(!(e instanceof r))throw new Error("invalid point at index "+n)})}function R(t,r){if(!Array.isArray(t))throw new Error("array of scalars expected");t.forEach((e,n)=>{if(!r.isValid(e))throw new Error("invalid scalar at index "+n)})}const N=new WeakMap,Z=new WeakMap;function A(t){return Z.get(t)||1}function x(t){if(t!==m)throw new Error("invalid wNAF")}function j(t,r){return{constTimeNegate:b,hasPrecomputes(e){return A(e)!==1},unsafeLadder(e,n,i=t.ZERO){let o=e;for(;n>m;)n&h&&(i=i.add(o)),o=o.double(),n>>=h;return i},precomputeWindow(e,n){const{windows:i,windowSize:o}=E(n,r),s=[];let a=e,f=a;for(let d=0;d<i;d++){f=a,s.push(f);for(let c=1;c<o;c++)f=f.add(a),s.push(f);a=f.double()}return s},wNAF(e,n,i){let o=t.ZERO,s=t.BASE;const a=E(e,r);for(let f=0;f<a.windows;f++){const{nextN:d,offset:c,isZero:p,isNeg:l,isNegF:w,offsetF:g}=M(i,f,a);i=d,p?s=s.add(b(w,n[g])):o=o.add(b(l,n[c]))}return x(i),{p:o,f:s}},wNAFUnsafe(e,n,i,o=t.ZERO){const s=E(e,r);for(let a=0;a<s.windows&&i!==m;a++){const{nextN:f,offset:d,isZero:c,isNeg:p}=M(i,a,s);if(i=f,!c){const l=n[d];o=o.add(p?l.negate():l)}}return x(i),o},getPrecomputes(e,n,i){let o=N.get(n);return o||(o=this.precomputeWindow(n,e),e!==1&&(typeof i=="function"&&(o=i(o)),N.set(n,o))),o},wNAFCached(e,n,i){const o=A(e);return this.wNAF(o,this.getPrecomputes(o,e,i),n)},wNAFCachedUnsafe(e,n,i,o){const s=A(e);return s===1?this.unsafeLadder(e,n,o):this.wNAFUnsafe(s,this.getPrecomputes(s,e,i),n,o)},setWindowSize(e,n){I(n,r),Z.set(e,n),N.delete(e)}}}function _(t,r,e,n){let i=r,o=t.ZERO,s=t.ZERO;for(;e>m||n>m;)e&h&&(o=o.add(i)),n&h&&(s=s.add(i)),i=i.double(),e>>=h,n>>=h;return{p1:o,p2:s}}function C(t,r,e,n){O(e,t),R(n,r);const i=e.length,o=n.length;if(i!==o)throw new Error("arrays of points and scalars must have equal length");const s=t.ZERO,a=y.bitLen(BigInt(i));let f=1;a>12?f=a-3:a>4?f=a-2:a>0&&(f=2);const d=y.bitMask(f),c=new Array(Number(d)+1).fill(s),p=Math.floor((r.BITS-1)/f)*f;let l=s;for(let w=p;w>=0;w-=f){c.fill(s);for(let u=0;u<o;u++){const F=n[u],S=Number(F>>BigInt(w)&d);c[S]=c[S].add(e[u])}let g=s;for(let u=c.length-1,F=s;u>0;u--)F=F.add(c[u]),g=g.add(F);if(l=l.add(g),w!==0)for(let u=0;u<f;u++)l=l.double()}return l}function z(t,r){if(r){if(r.ORDER!==t)throw new Error("Field.ORDER must match order: Fp == p, Fn == n");return v.validateField(r),r}else return v.Field(t)}function k(t,r,e={}){if(!r||typeof r!="object")throw new Error(`expected valid ${t} CURVE object`);for(const a of["p","n","h"]){const f=r[a];if(!(typeof f=="bigint"&&f>m))throw new Error(`CURVE.${a} must be positive bigint`)}const n=z(r.p,e.Fp),i=z(r.n,e.Fn),s=["Gx","Gy","a","b"];for(const a of s)if(!n.isValid(r[a]))throw new Error(`CURVE.${a} must be valid field element of CURVE.Fp`);return{Fp:n,Fn:i}}exports._createCurveFields=k;exports.mulEndoUnsafe=_;exports.negateCt=b;exports.normalizeZ=B;exports.pippenger=C;exports.wNAF=j;

package/dist/index297.js

@@ -1,71 +1,204 @@
-function d(n, y, i) {
-  let a = "";
-  if (i)
-    for (const e of Object.entries(i)) {
-      if (!e)
-        continue;
-      let s = "";
-      for (const t of e[1])
-        s += `[${t.type}${t.name ? `:${t.name}` : ""}]`;
-      a += `(${e[0]}{${s}})`;
+import { bitLen as B, bitMask as z } from "./index291.js";
+import { validateField as Z, Field as O, FpInvertBatch as R } from "./index279.js";
+/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
+const g = BigInt(0), h = BigInt(1);
+function b(t, r) {
+  const e = r.negate();
+  return t ? e : r;
+}
+function L(t, r, e) {
+  const n = (s) => s.pz, i = R(t.Fp, e.map(n));
+  return e.map((s, f) => s.toAffine(i[f])).map(t.fromAffine);
+}
+function I(t, r) {
+  if (!Number.isSafeInteger(t) || t <= 0 || t > r)
+    throw new Error("invalid window size, expected [1.." + r + "], got W=" + t);
+}
+function E(t, r) {
+  I(t, r);
+  const e = Math.ceil(r / t) + 1, n = 2 ** (t - 1), i = 2 ** t, o = z(t), s = BigInt(t);
+  return { windows: e, windowSize: n, mask: o, maxNumber: i, shiftBy: s };
+}
+function v(t, r, e) {
+  const { windowSize: n, mask: i, maxNumber: o, shiftBy: s } = e;
+  let f = Number(t & i), a = t >> s;
+  f > n && (f -= o, a += h);
+  const d = r * n, c = d + Math.abs(f) - 1, p = f === 0, l = f < 0, u = r % 2 !== 0;
+  return { nextN: a, offset: c, isZero: p, isNeg: l, isNegF: u, offsetF: d };
+}
+function j(t, r) {
+  if (!Array.isArray(t))
+    throw new Error("array expected");
+  t.forEach((e, n) => {
+    if (!(e instanceof r))
+      throw new Error("invalid point at index " + n);
+  });
+}
+function _(t, r) {
+  if (!Array.isArray(t))
+    throw new Error("array of scalars expected");
+  t.forEach((e, n) => {
+    if (!r.isValid(e))
+      throw new Error("invalid scalar at index " + n);
+  });
+}
+const N = /* @__PURE__ */ new WeakMap(), M = /* @__PURE__ */ new WeakMap();
+function A(t) {
+  return M.get(t) || 1;
+}
+function S(t) {
+  if (t !== g)
+    throw new Error("invalid wNAF");
+}
+function U(t, r) {
+  return {
+    constTimeNegate: b,
+    hasPrecomputes(e) {
+      return A(e) !== 1;
+    },
+    // non-const time multiplication ladder
+    unsafeLadder(e, n, i = t.ZERO) {
+      let o = e;
+      for (; n > g; )
+        n & h && (i = i.add(o)), o = o.double(), n >>= h;
+      return i;
+    },
+    /**
+     * Creates a wNAF precomputation window. Used for caching.
+     * Default window size is set by `utils.precompute()` and is equal to 8.
+     * Number of precomputed points depends on the curve size:
+     * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where:
+     * - 𝑊 is the window size
+     * - 𝑛 is the bitlength of the curve order.
+     * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224.
+     * @param elm Point instance
+     * @param W window size
+     * @returns precomputed point tables flattened to a single array
+     */
+    precomputeWindow(e, n) {
+      const { windows: i, windowSize: o } = E(n, r), s = [];
+      let f = e, a = f;
+      for (let d = 0; d < i; d++) {
+        a = f, s.push(a);
+        for (let c = 1; c < o; c++)
+          a = a.add(f), s.push(a);
+        f = a.double();
+      }
+      return s;
+    },
+    /**
+     * Implements ec multiplication using precomputed tables and w-ary non-adjacent form.
+     * @param W window size
+     * @param precomputes precomputed tables
+     * @param n scalar (we don't check here, but should be less than curve order)
+     * @returns real and fake (for const-time) points
+     */
+    wNAF(e, n, i) {
+      let o = t.ZERO, s = t.BASE;
+      const f = E(e, r);
+      for (let a = 0; a < f.windows; a++) {
+        const { nextN: d, offset: c, isZero: p, isNeg: l, isNegF: u, offsetF: m } = v(i, a, f);
+        i = d, p ? s = s.add(b(u, n[m])) : o = o.add(b(l, n[c]));
+      }
+      return S(i), { p: o, f: s };
+    },
+    /**
+     * Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form.
+     * @param W window size
+     * @param precomputes precomputed tables
+     * @param n scalar (we don't check here, but should be less than curve order)
+     * @param acc accumulator point to add result of multiplication
+     * @returns point
+     */
+    wNAFUnsafe(e, n, i, o = t.ZERO) {
+      const s = E(e, r);
+      for (let f = 0; f < s.windows && i !== g; f++) {
+        const { nextN: a, offset: d, isZero: c, isNeg: p } = v(i, f, s);
+        if (i = a, !c) {
+          const l = n[d];
+          o = o.add(p ? l.negate() : l);
+        }
+      }
+      return S(i), o;
+    },
+    getPrecomputes(e, n, i) {
+      let o = N.get(n);
+      return o || (o = this.precomputeWindow(n, e), e !== 1 && (typeof i == "function" && (o = i(o)), N.set(n, o))), o;
+    },
+    wNAFCached(e, n, i) {
+      const o = A(e);
+      return this.wNAF(o, this.getPrecomputes(o, e, i), n);
+    },
+    wNAFCachedUnsafe(e, n, i, o) {
+      const s = A(e);
+      return s === 1 ? this.unsafeLadder(e, n, o) : this.wNAFUnsafe(s, this.getPrecomputes(s, e, i), n, o);
+    },
+    // We calculate precomputes for elliptic curve point multiplication
+    // using windowed method. This specifies window size and
+    // stores precomputed values. Usually only base point would be precomputed.
+    setWindowSize(e, n) {
+      I(n, r), M.set(e, n), N.delete(e);
     }
-  return y ? `${y}:${n}${a}` : n;
+  };
+}
+function $(t, r, e, n) {
+  let i = r, o = t.ZERO, s = t.ZERO;
+  for (; e > g || n > g; )
+    e & h && (o = o.add(i)), n & h && (s = s.add(i)), i = i.double(), e >>= h, n >>= h;
+  return { p1: o, p2: s };
+}
+function D(t, r, e, n) {
+  j(e, t), _(n, r);
+  const i = e.length, o = n.length;
+  if (i !== o)
+    throw new Error("arrays of points and scalars must have equal length");
+  const s = t.ZERO, f = B(BigInt(i));
+  let a = 1;
+  f > 12 ? a = f - 3 : f > 4 ? a = f - 2 : f > 0 && (a = 2);
+  const d = z(a), c = new Array(Number(d) + 1).fill(s), p = Math.floor((r.BITS - 1) / a) * a;
+  let l = s;
+  for (let u = p; u >= 0; u -= a) {
+    c.fill(s);
+    for (let w = 0; w < o; w++) {
+      const F = n[w], y = Number(F >> BigInt(u) & d);
+      c[y] = c[y].add(e[w]);
+    }
+    let m = s;
+    for (let w = c.length - 1, F = s; w > 0; w--)
+      F = F.add(c[w]), m = m.add(F);
+    if (l = l.add(m), u !== 0)
+      for (let w = 0; w < a; w++)
+        l = l.double();
+  }
+  return l;
+}
+function x(t, r) {
+  if (r) {
+    if (r.ORDER !== t)
+      throw new Error("Field.ORDER must match order: Fp == p, Fn == n");
+    return Z(r), r;
+  } else
+    return O(t);
+}
+function G(t, r, e = {}) {
+  if (!r || typeof r != "object")
+    throw new Error(`expected valid ${t} CURVE object`);
+  for (const f of ["p", "n", "h"]) {
+    const a = r[f];
+    if (!(typeof a == "bigint" && a > g))
+      throw new Error(`CURVE.${f} must be positive bigint`);
+  }
+  const n = x(r.p, e.Fp), i = x(r.n, e.Fn), s = ["Gx", "Gy", "a", "b"];
+  for (const f of s)
+    if (!n.isValid(r[f]))
+      throw new Error(`CURVE.${f} must be valid field element of CURVE.Fp`);
+  return { Fp: n, Fn: i };
 }
-const p = /* @__PURE__ */ new Map([
-  // Unnamed
-  ["address", { type: "address" }],
-  ["bool", { type: "bool" }],
-  ["bytes", { type: "bytes" }],
-  ["bytes32", { type: "bytes32" }],
-  ["int", { type: "int256" }],
-  ["int256", { type: "int256" }],
-  ["string", { type: "string" }],
-  ["uint", { type: "uint256" }],
-  ["uint8", { type: "uint8" }],
-  ["uint16", { type: "uint16" }],
-  ["uint24", { type: "uint24" }],
-  ["uint32", { type: "uint32" }],
-  ["uint64", { type: "uint64" }],
-  ["uint96", { type: "uint96" }],
-  ["uint112", { type: "uint112" }],
-  ["uint160", { type: "uint160" }],
-  ["uint192", { type: "uint192" }],
-  ["uint256", { type: "uint256" }],
-  // Named
-  ["address owner", { type: "address", name: "owner" }],
-  ["address to", { type: "address", name: "to" }],
-  ["bool approved", { type: "bool", name: "approved" }],
-  ["bytes _data", { type: "bytes", name: "_data" }],
-  ["bytes data", { type: "bytes", name: "data" }],
-  ["bytes signature", { type: "bytes", name: "signature" }],
-  ["bytes32 hash", { type: "bytes32", name: "hash" }],
-  ["bytes32 r", { type: "bytes32", name: "r" }],
-  ["bytes32 root", { type: "bytes32", name: "root" }],
-  ["bytes32 s", { type: "bytes32", name: "s" }],
-  ["string name", { type: "string", name: "name" }],
-  ["string symbol", { type: "string", name: "symbol" }],
-  ["string tokenURI", { type: "string", name: "tokenURI" }],
-  ["uint tokenId", { type: "uint256", name: "tokenId" }],
-  ["uint8 v", { type: "uint8", name: "v" }],
-  ["uint256 balance", { type: "uint256", name: "balance" }],
-  ["uint256 tokenId", { type: "uint256", name: "tokenId" }],
-  ["uint256 value", { type: "uint256", name: "value" }],
-  // Indexed
-  [
-    "event:address indexed from",
-    { type: "address", name: "from", indexed: !0 }
-  ],
-  ["event:address indexed to", { type: "address", name: "to", indexed: !0 }],
-  [
-    "event:uint indexed tokenId",
-    { type: "uint256", name: "tokenId", indexed: !0 }
-  ],
-  [
-    "event:uint256 indexed tokenId",
-    { type: "uint256", name: "tokenId", indexed: !0 }
-  ]
-]);
 export {
-  d as getParameterCacheKey,
-  p as parameterCache
+  G as _createCurveFields,
+  $ as mulEndoUnsafe,
+  b as negateCt,
+  L as normalizeZ,
+  D as pippenger,
+  U as wNAF
 };

package/dist/index298.cjs

@@ -1 +1,2 @@
-"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const tt=require("./index299.cjs"),Q=require("./index278.cjs"),a=require("./index288.cjs");/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function ot(y){y.lowS!==void 0&&a.abool("lowS",y.lowS),y.prehash!==void 0&&a.abool("prehash",y.prehash)}function ct(y){const n=tt.validateBasic(y);a.validateObject(n,{a:"field",b:"field"},{allowedPrivateKeyLengths:"array",wrapPrivateKey:"boolean",isTorsionFree:"function",clearCofactor:"function",allowInfinityPoint:"boolean",fromBytes:"function",toBytes:"function"});const{endo:t,Fp:b,a:O}=n;if(t){if(!b.eql(O,b.ZERO))throw new Error("invalid endomorphism, can only be defined for Koblitz curves that have a=0");if(typeof t!="object"||typeof t.beta!="bigint"||typeof t.splitScalar!="function")throw new Error("invalid endomorphism, expected beta: bigint and splitScalar: function")}return Object.freeze({...n})}class it extends Error{constructor(n=""){super(n)}}const Y={Err:it,_tlv:{encode:(y,n)=>{const{Err:t}=Y;if(y<0||y>256)throw new t("tlv.encode: wrong tag");if(n.length&1)throw new t("tlv.encode: unpadded data");const b=n.length/2,O=a.numberToHexUnpadded(b);if(O.length/2&128)throw new t("tlv.encode: long form length too big");const Z=b>127?a.numberToHexUnpadded(O.length/2|128):"";return a.numberToHexUnpadded(y)+Z+O+n},decode(y,n){const{Err:t}=Y;let b=0;if(y<0||y>256)throw new t("tlv.encode: wrong tag");if(n.length<2||n[b++]!==y)throw new t("tlv.decode: wrong tlv");const O=n[b++],Z=!!(O&128);let x=0;if(!Z)x=O;else{const R=O&127;if(!R)throw new t("tlv.decode(long): indefinite length not supported");if(R>4)throw new t("tlv.decode(long): byte length is too big");const L=n.subarray(b,b+R);if(L.length!==R)throw new t("tlv.decode: length bytes not complete");if(L[0]===0)throw new t("tlv.decode(long): zero leftmost byte");for(const K of L)x=x<<8|K;if(b+=R,x<128)throw new t("tlv.decode(long): not minimal encoding")}const V=n.subarray(b,b+x);if(V.length!==x)throw new t("tlv.decode: wrong value length");return{v:V,l:n.subarray(b+x)}}},_int:{encode(y){const{Err:n}=Y;if(y<j)throw new n("integer: negative integers are not allowed");let t=a.numberToHexUnpadded(y);if(Number.parseInt(t[0],16)&8&&(t="00"+t),t.length&1)throw new n("unexpected DER parsing assertion: unpadded hex");return t},decode(y){const{Err:n}=Y;if(y[0]&128)throw new n("invalid signature integer: negative");if(y[0]===0&&!(y[1]&128))throw new n("invalid signature integer: unnecessary leading zero");return a.bytesToNumberBE(y)}},toSig(y){const{Err:n,_int:t,_tlv:b}=Y,O=a.ensureBytes("signature",y),{v:Z,l:x}=b.decode(48,O);if(x.length)throw new n("invalid signature: left bytes after parsing");const{v:V,l:R}=b.decode(2,Z),{v:L,l:K}=b.decode(2,R);if(K.length)throw new n("invalid signature: left bytes after parsing");return{r:t.decode(V),s:t.decode(L)}},hexFromSig(y){const{_tlv:n,_int:t}=Y,b=n.encode(2,t.encode(y.r)),O=n.encode(2,t.encode(y.s)),Z=b+O;return n.encode(48,Z)}},j=BigInt(0),T=BigInt(1);BigInt(2);const st=BigInt(3);BigInt(4);function at(y){const n=ct(y),{Fp:t}=n,b=Q.Field(n.n,n.nBitLength),O=n.toBytes||((m,e,i)=>{const c=e.toAffine();return a.concatBytes(Uint8Array.from([4]),t.toBytes(c.x),t.toBytes(c.y))}),Z=n.fromBytes||(m=>{const e=m.subarray(1),i=t.fromBytes(e.subarray(0,t.BYTES)),c=t.fromBytes(e.subarray(t.BYTES,2*t.BYTES));return{x:i,y:c}});function x(m){const{a:e,b:i}=n,c=t.sqr(m),d=t.mul(c,m);return t.add(t.add(d,t.mul(m,e)),i)}if(!t.eql(t.sqr(n.Gy),x(n.Gx)))throw new Error("bad generator point: equation left != right");function V(m){return a.inRange(m,T,n.n)}function R(m){const{allowedPrivateKeyLengths:e,nByteLength:i,wrapPrivateKey:c,n:d}=n;if(e&&typeof m!="bigint"){if(a.isBytes(m)&&(m=a.bytesToHex(m)),typeof m!="string"||!e.includes(m.length))throw new Error("invalid private key");m=m.padStart(i*2,"0")}let p;try{p=typeof m=="bigint"?m:a.bytesToNumberBE(a.ensureBytes("private key",m,i))}catch{throw new Error("invalid private key, expected hex or "+i+" bytes, got "+typeof m)}return c&&(p=Q.mod(p,d)),a.aInRange("private key",p,T,d),p}function L(m){if(!(m instanceof w))throw new Error("ProjectivePoint expected")}const K=a.memoized((m,e)=>{const{px:i,py:c,pz:d}=m;if(t.eql(d,t.ONE))return{x:i,y:c};const p=m.is0();e==null&&(e=p?t.ONE:t.inv(d));const v=t.mul(i,e),g=t.mul(c,e),l=t.mul(d,e);if(p)return{x:t.ZERO,y:t.ZERO};if(!t.eql(l,t.ONE))throw new Error("invZ was invalid");return{x:v,y:g}}),et=a.memoized(m=>{if(m.is0()){if(n.allowInfinityPoint&&!t.is0(m.py))return;throw new Error("bad point: ZERO")}const{x:e,y:i}=m.toAffine();if(!t.isValid(e)||!t.isValid(i))throw new Error("bad point: x or y not FE");const c=t.sqr(i),d=x(e);if(!t.eql(c,d))throw new Error("bad point: equation left != right");if(!m.isTorsionFree())throw new Error("bad point: not in prime-order subgroup");return!0});class w{constructor(e,i,c){if(e==null||!t.isValid(e))throw new Error("x required");if(i==null||!t.isValid(i))throw new Error("y required");if(c==null||!t.isValid(c))throw new Error("z required");this.px=e,this.py=i,this.pz=c,Object.freeze(this)}static fromAffine(e){const{x:i,y:c}=e||{};if(!e||!t.isValid(i)||!t.isValid(c))throw new Error("invalid affine point");if(e instanceof w)throw new Error("projective point not allowed");const d=p=>t.eql(p,t.ZERO);return d(i)&&d(c)?w.ZERO:new w(i,c,t.ONE)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}static normalizeZ(e){const i=t.invertBatch(e.map(c=>c.pz));return e.map((c,d)=>c.toAffine(i[d])).map(w.fromAffine)}static fromHex(e){const i=w.fromAffine(Z(a.ensureBytes("pointHex",e)));return i.assertValidity(),i}static fromPrivateKey(e){return w.BASE.multiply(R(e))}static msm(e,i){return tt.pippenger(w,b,e,i)}_setWindowSize(e){C.setWindowSize(this,e)}assertValidity(){et(this)}hasEvenY(){const{y:e}=this.toAffine();if(t.isOdd)return!t.isOdd(e);throw new Error("Field doesn't support isOdd")}equals(e){L(e);const{px:i,py:c,pz:d}=this,{px:p,py:v,pz:g}=e,l=t.eql(t.mul(i,g),t.mul(p,d)),h=t.eql(t.mul(c,g),t.mul(v,d));return l&&h}negate(){return new w(this.px,t.neg(this.py),this.pz)}double(){const{a:e,b:i}=n,c=t.mul(i,st),{px:d,py:p,pz:v}=this;let g=t.ZERO,l=t.ZERO,h=t.ZERO,u=t.mul(d,d),N=t.mul(p,p),S=t.mul(v,v),B=t.mul(d,p);return B=t.add(B,B),h=t.mul(d,v),h=t.add(h,h),g=t.mul(e,h),l=t.mul(c,S),l=t.add(g,l),g=t.sub(N,l),l=t.add(N,l),l=t.mul(g,l),g=t.mul(B,g),h=t.mul(c,h),S=t.mul(e,S),B=t.sub(u,S),B=t.mul(e,B),B=t.add(B,h),h=t.add(u,u),u=t.add(h,u),u=t.add(u,S),u=t.mul(u,B),l=t.add(l,u),S=t.mul(p,v),S=t.add(S,S),u=t.mul(S,B),g=t.sub(g,u),h=t.mul(S,N),h=t.add(h,h),h=t.add(h,h),new w(g,l,h)}add(e){L(e);const{px:i,py:c,pz:d}=this,{px:p,py:v,pz:g}=e;let l=t.ZERO,h=t.ZERO,u=t.ZERO;const N=n.a,S=t.mul(n.b,st);let B=t.mul(i,p),F=t.mul(c,v),r=t.mul(d,g),o=t.add(i,c),s=t.add(p,v);o=t.mul(o,s),s=t.add(B,F),o=t.sub(o,s),s=t.add(i,d);let f=t.add(p,g);return s=t.mul(s,f),f=t.add(B,r),s=t.sub(s,f),f=t.add(c,d),l=t.add(v,g),f=t.mul(f,l),l=t.add(F,r),f=t.sub(f,l),u=t.mul(N,s),l=t.mul(S,r),u=t.add(l,u),l=t.sub(F,u),u=t.add(F,u),h=t.mul(l,u),F=t.add(B,B),F=t.add(F,B),r=t.mul(N,r),s=t.mul(S,s),F=t.add(F,r),r=t.sub(B,r),r=t.mul(N,r),s=t.add(s,r),B=t.mul(F,s),h=t.add(h,B),B=t.mul(f,s),l=t.mul(o,l),l=t.sub(l,B),B=t.mul(o,F),u=t.mul(f,u),u=t.add(u,B),new w(l,h,u)}subtract(e){return this.add(e.negate())}is0(){return this.equals(w.ZERO)}wNAF(e){return C.wNAFCached(this,e,w.normalizeZ)}multiplyUnsafe(e){const{endo:i,n:c}=n;a.aInRange("scalar",e,j,c);const d=w.ZERO;if(e===j)return d;if(this.is0()||e===T)return this;if(!i||C.hasPrecomputes(this))return C.wNAFCachedUnsafe(this,e,w.normalizeZ);let{k1neg:p,k1:v,k2neg:g,k2:l}=i.splitScalar(e),h=d,u=d,N=this;for(;v>j||l>j;)v&T&&(h=h.add(N)),l&T&&(u=u.add(N)),N=N.double(),v>>=T,l>>=T;return p&&(h=h.negate()),g&&(u=u.negate()),u=new w(t.mul(u.px,i.beta),u.py,u.pz),h.add(u)}multiply(e){const{endo:i,n:c}=n;a.aInRange("scalar",e,T,c);let d,p;if(i){const{k1neg:v,k1:g,k2neg:l,k2:h}=i.splitScalar(e);let{p:u,f:N}=this.wNAF(g),{p:S,f:B}=this.wNAF(h);u=C.constTimeNegate(v,u),S=C.constTimeNegate(l,S),S=new w(t.mul(S.px,i.beta),S.py,S.pz),d=u.add(S),p=N.add(B)}else{const{p:v,f:g}=this.wNAF(e);d=v,p=g}return w.normalizeZ([d,p])[0]}multiplyAndAddUnsafe(e,i,c){const d=w.BASE,p=(g,l)=>l===j||l===T||!g.equals(d)?g.multiplyUnsafe(l):g.multiply(l),v=p(this,i).add(p(e,c));return v.is0()?void 0:v}toAffine(e){return K(this,e)}isTorsionFree(){const{h:e,isTorsionFree:i}=n;if(e===T)return!0;if(i)return i(w,this);throw new Error("isTorsionFree() has not been declared for the elliptic curve")}clearCofactor(){const{h:e,clearCofactor:i}=n;return e===T?this:i?i(w,this):this.multiplyUnsafe(n.h)}toRawBytes(e=!0){return a.abool("isCompressed",e),this.assertValidity(),O(w,this,e)}toHex(e=!0){return a.abool("isCompressed",e),a.bytesToHex(this.toRawBytes(e))}}w.BASE=new w(n.Gx,n.Gy,t.ONE),w.ZERO=new w(t.ZERO,t.ONE,t.ZERO);const M=n.nBitLength,C=tt.wNAF(w,n.endo?Math.ceil(M/2):M);return{CURVE:n,ProjectivePoint:w,normPrivateKeyToScalar:R,weierstrassEquation:x,isWithinCurveOrder:V}}function lt(y){const n=tt.validateBasic(y);return a.validateObject(n,{hash:"hash",hmac:"function",randomBytes:"function"},{bits2int:"function",bits2int_modN:"function",lowS:"boolean"}),Object.freeze({lowS:!0,...n})}function ut(y){const n=lt(y),{Fp:t,n:b}=n,O=t.BYTES+1,Z=2*t.BYTES+1;function x(r){return Q.mod(r,b)}function V(r){return Q.invert(r,b)}const{ProjectivePoint:R,normPrivateKeyToScalar:L,weierstrassEquation:K,isWithinCurveOrder:et}=at({...n,toBytes(r,o,s){const f=o.toAffine(),E=t.toBytes(f.x),A=a.concatBytes;return a.abool("isCompressed",s),s?A(Uint8Array.from([o.hasEvenY()?2:3]),E):A(Uint8Array.from([4]),E,t.toBytes(f.y))},fromBytes(r){const o=r.length,s=r[0],f=r.subarray(1);if(o===O&&(s===2||s===3)){const E=a.bytesToNumberBE(f);if(!a.inRange(E,T,t.ORDER))throw new Error("Point is not on curve");const A=K(E);let z;try{z=t.sqrt(A)}catch(U){const H=U instanceof Error?": "+U.message:"";throw new Error("Point is not on curve"+H)}const q=(z&T)===T;return(s&1)===1!==q&&(z=t.neg(z)),{x:E,y:z}}else if(o===Z&&s===4){const E=t.fromBytes(f.subarray(0,t.BYTES)),A=t.fromBytes(f.subarray(t.BYTES,2*t.BYTES));return{x:E,y:A}}else{const E=O,A=Z;throw new Error("invalid Point, expected length of "+E+", or uncompressed "+A+", got "+o)}}}),w=r=>a.bytesToHex(a.numberToBytesBE(r,n.nByteLength));function M(r){const o=b>>T;return r>o}function C(r){return M(r)?x(-r):r}const m=(r,o,s)=>a.bytesToNumberBE(r.slice(o,s));class e{constructor(o,s,f){a.aInRange("r",o,T,b),a.aInRange("s",s,T,b),this.r=o,this.s=s,f!=null&&(this.recovery=f),Object.freeze(this)}static fromCompact(o){const s=n.nByteLength;return o=a.ensureBytes("compactSignature",o,s*2),new e(m(o,0,s),m(o,s,2*s))}static fromDER(o){const{r:s,s:f}=Y.toSig(a.ensureBytes("DER",o));return new e(s,f)}assertValidity(){}addRecoveryBit(o){return new e(this.r,this.s,o)}recoverPublicKey(o){const{r:s,s:f,recovery:E}=this,A=g(a.ensureBytes("msgHash",o));if(E==null||![0,1,2,3].includes(E))throw new Error("recovery id invalid");const z=E===2||E===3?s+n.n:s;if(z>=t.ORDER)throw new Error("recovery id 2 or 3 invalid");const q=E&1?"03":"02",I=R.fromHex(q+w(z)),U=V(z),H=x(-A*U),X=x(f*U),D=R.BASE.multiplyAndAddUnsafe(I,H,X);if(!D)throw new Error("point at infinify");return D.assertValidity(),D}hasHighS(){return M(this.s)}normalizeS(){return this.hasHighS()?new e(this.r,x(-this.s),this.recovery):this}toDERRawBytes(){return a.hexToBytes(this.toDERHex())}toDERHex(){return Y.hexFromSig({r:this.r,s:this.s})}toCompactRawBytes(){return a.hexToBytes(this.toCompactHex())}toCompactHex(){return w(this.r)+w(this.s)}}const i={isValidPrivateKey(r){try{return L(r),!0}catch{return!1}},normPrivateKeyToScalar:L,randomPrivateKey:()=>{const r=Q.getMinHashLength(n.n);return Q.mapHashToField(n.randomBytes(r),n.n)},precompute(r=8,o=R.BASE){return o._setWindowSize(r),o.multiply(BigInt(3)),o}};function c(r,o=!0){return R.fromPrivateKey(r).toRawBytes(o)}function d(r){const o=a.isBytes(r),s=typeof r=="string",f=(o||s)&&r.length;return o?f===O||f===Z:s?f===2*O||f===2*Z:r instanceof R}function p(r,o,s=!0){if(d(r))throw new Error("first arg must be private key");if(!d(o))throw new Error("second arg must be public key");return R.fromHex(o).multiply(L(r)).toRawBytes(s)}const v=n.bits2int||function(r){if(r.length>8192)throw new Error("input is too large");const o=a.bytesToNumberBE(r),s=r.length*8-n.nBitLength;return s>0?o>>BigInt(s):o},g=n.bits2int_modN||function(r){return x(v(r))},l=a.bitMask(n.nBitLength);function h(r){return a.aInRange("num < 2^"+n.nBitLength,r,j,l),a.numberToBytesBE(r,n.nByteLength)}function u(r,o,s=N){if(["recovered","canonical"].some(P=>P in s))throw new Error("sign() legacy options not supported");const{hash:f,randomBytes:E}=n;let{lowS:A,prehash:z,extraEntropy:q}=s;A==null&&(A=!0),r=a.ensureBytes("msgHash",r),ot(s),z&&(r=a.ensureBytes("prehashed msgHash",f(r)));const I=g(r),U=L(o),H=[h(U),h(I)];if(q!=null&&q!==!1){const P=q===!0?E(t.BYTES):q;H.push(a.ensureBytes("extraEntropy",P))}const X=a.concatBytes(...H),D=I;function nt(P){const W=v(P);if(!et(W))return;const rt=V(W),$=R.BASE.multiply(W).toAffine(),k=x($.x);if(k===j)return;const J=x(rt*x(D+k*U));if(J===j)return;let _=($.x===k?0:2)|Number($.y&T),G=J;return A&&M(J)&&(G=C(J),_^=1),new e(k,G,_)}return{seed:X,k2sig:nt}}const N={lowS:n.lowS,prehash:!1},S={lowS:n.lowS,prehash:!1};function B(r,o,s=N){const{seed:f,k2sig:E}=u(r,o,s),A=n;return a.createHmacDrbg(A.hash.outputLen,A.nByteLength,A.hmac)(f,E)}R.BASE._setWindowSize(8);function F(r,o,s,f=S){var _;const E=r;o=a.ensureBytes("msgHash",o),s=a.ensureBytes("publicKey",s);const{lowS:A,prehash:z,format:q}=f;if(ot(f),"strict"in f)throw new Error("options.strict was renamed to lowS");if(q!==void 0&&q!=="compact"&&q!=="der")throw new Error("format must be compact or der");const I=typeof E=="string"||a.isBytes(E),U=!I&&!q&&typeof E=="object"&&E!==null&&typeof E.r=="bigint"&&typeof E.s=="bigint";if(!I&&!U)throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");let H,X;try{if(U&&(H=new e(E.r,E.s)),I){try{q!=="compact"&&(H=e.fromDER(E))}catch(G){if(!(G instanceof Y.Err))throw G}!H&&q!=="der"&&(H=e.fromCompact(E))}X=R.fromHex(s)}catch{return!1}if(!H||A&&H.hasHighS())return!1;z&&(o=n.hash(o));const{r:D,s:nt}=H,P=g(o),W=V(nt),rt=x(P*W),$=x(D*W),k=(_=R.BASE.multiplyAndAddUnsafe(X,rt,$))==null?void 0:_.toAffine();return k?x(k.x)===D:!1}return{CURVE:n,getPublicKey:c,getSharedSecret:p,sign:B,verify:F,ProjectivePoint:R,Signature:e,utils:i}}exports.DER=Y;exports.DERErr=it;exports.weierstrass=ut;exports.weierstrassPoints=at;
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const n=require("./index310.cjs");class c extends Error{constructor(r,e={}){const a=(()=>{var s;if(e.cause instanceof c){if(e.cause.details)return e.cause.details;if(e.cause.shortMessage)return e.cause.shortMessage}return e.cause&&"details"in e.cause&&typeof e.cause.details=="string"?e.cause.details:(s=e.cause)!=null&&s.message?e.cause.message:e.details})(),u=e.cause instanceof c&&e.cause.docsPath||e.docsPath,i=`https://oxlib.sh${u??""}`,d=[r||"An error occurred.",...e.metaMessages?["",...e.metaMessages]:[],...a||u?["",a?`Details: ${a}`:void 0,u?`See: ${i}`:void 0]:[]].filter(s=>typeof s=="string").join(`
+`);super(d,e.cause?{cause:e.cause}:void 0),Object.defineProperty(this,"details",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"docs",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"docsPath",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"shortMessage",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"cause",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"name",{enumerable:!0,configurable:!0,writable:!0,value:"BaseError"}),Object.defineProperty(this,"version",{enumerable:!0,configurable:!0,writable:!0,value:`ox@${n.getVersion()}`}),this.cause=e.cause,this.details=a,this.docs=i,this.docsPath=u,this.shortMessage=r}walk(r){return l(this,r)}}function l(t,r){return r!=null&&r(t)?t:t&&typeof t=="object"&&"cause"in t&&t.cause?l(t.cause,r):r?null:t}exports.BaseError=c;