@holochain/hc-spin 0.500.0-rc.1 → 0.500.0

package/dist/main/index.js

@@ -4537,399 +4537,29 @@ const getBaseRoleNameFromCloneId = (roleName) => {
   }
   return roleName.split(CLONE_ID_DELIMITER)[0];
 };
-const version = "3.7.7";
-const VERSION = version;
-const _hasBuffer = typeof Buffer === "function";
-const _TD = typeof TextDecoder === "function" ? new TextDecoder() : void 0;
-const _TE = typeof TextEncoder === "function" ? new TextEncoder() : void 0;
-const b64ch = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
-const b64chs = Array.prototype.slice.call(b64ch);
-const b64tab = ((a) => {
-  let tab = {};
-  a.forEach((c, i) => tab[c] = i);
-  return tab;
-})(b64chs);
-const b64re = /^(?:[A-Za-z\d+\/]{4})*?(?:[A-Za-z\d+\/]{2}(?:==)?|[A-Za-z\d+\/]{3}=?)?$/;
-const _fromCC = String.fromCharCode.bind(String);
-const _U8Afrom = typeof Uint8Array.from === "function" ? Uint8Array.from.bind(Uint8Array) : (it) => new Uint8Array(Array.prototype.slice.call(it, 0));
-const _mkUriSafe = (src) => src.replace(/=/g, "").replace(/[+\/]/g, (m0) => m0 == "+" ? "-" : "_");
-const _tidyB64 = (s) => s.replace(/[^A-Za-z0-9\+\/]/g, "");
-const btoaPolyfill = (bin) => {
-  let u32, c0, c1, c2, asc = "";
-  const pad = bin.length % 3;
-  for (let i = 0; i < bin.length; ) {
-    if ((c0 = bin.charCodeAt(i++)) > 255 || (c1 = bin.charCodeAt(i++)) > 255 || (c2 = bin.charCodeAt(i++)) > 255)
-      throw new TypeError("invalid character found");
-    u32 = c0 << 16 | c1 << 8 | c2;
-    asc += b64chs[u32 >> 18 & 63] + b64chs[u32 >> 12 & 63] + b64chs[u32 >> 6 & 63] + b64chs[u32 & 63];
-  }
-  return pad ? asc.slice(0, pad - 3) + "===".substring(pad) : asc;
-};
-const _btoa = typeof btoa === "function" ? (bin) => btoa(bin) : _hasBuffer ? (bin) => Buffer.from(bin, "binary").toString("base64") : btoaPolyfill;
-const _fromUint8Array = _hasBuffer ? (u8a) => Buffer.from(u8a).toString("base64") : (u8a) => {
-  const maxargs = 4096;
-  let strs = [];
-  for (let i = 0, l = u8a.length; i < l; i += maxargs) {
-    strs.push(_fromCC.apply(null, u8a.subarray(i, i + maxargs)));
-  }
-  return _btoa(strs.join(""));
-};
-const fromUint8Array = (u8a, urlsafe = false) => urlsafe ? _mkUriSafe(_fromUint8Array(u8a)) : _fromUint8Array(u8a);
-const cb_utob = (c) => {
-  if (c.length < 2) {
-    var cc = c.charCodeAt(0);
-    return cc < 128 ? c : cc < 2048 ? _fromCC(192 | cc >>> 6) + _fromCC(128 | cc & 63) : _fromCC(224 | cc >>> 12 & 15) + _fromCC(128 | cc >>> 6 & 63) + _fromCC(128 | cc & 63);
-  } else {
-    var cc = 65536 + (c.charCodeAt(0) - 55296) * 1024 + (c.charCodeAt(1) - 56320);
-    return _fromCC(240 | cc >>> 18 & 7) + _fromCC(128 | cc >>> 12 & 63) + _fromCC(128 | cc >>> 6 & 63) + _fromCC(128 | cc & 63);
-  }
-};
-const re_utob = /[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g;
-const utob = (u) => u.replace(re_utob, cb_utob);
-const _encode = _hasBuffer ? (s) => Buffer.from(s, "utf8").toString("base64") : _TE ? (s) => _fromUint8Array(_TE.encode(s)) : (s) => _btoa(utob(s));
-const encode = (src, urlsafe = false) => urlsafe ? _mkUriSafe(_encode(src)) : _encode(src);
-const encodeURI = (src) => encode(src, true);
-const re_btou = /[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}|[\xF0-\xF7][\x80-\xBF]{3}/g;
-const cb_btou = (cccc) => {
-  switch (cccc.length) {
-    case 4:
-      var cp = (7 & cccc.charCodeAt(0)) << 18 | (63 & cccc.charCodeAt(1)) << 12 | (63 & cccc.charCodeAt(2)) << 6 | 63 & cccc.charCodeAt(3), offset = cp - 65536;
-      return _fromCC((offset >>> 10) + 55296) + _fromCC((offset & 1023) + 56320);
-    case 3:
-      return _fromCC((15 & cccc.charCodeAt(0)) << 12 | (63 & cccc.charCodeAt(1)) << 6 | 63 & cccc.charCodeAt(2));
-    default:
-      return _fromCC((31 & cccc.charCodeAt(0)) << 6 | 63 & cccc.charCodeAt(1));
-  }
-};
-const btou = (b) => b.replace(re_btou, cb_btou);
-const atobPolyfill = (asc) => {
-  asc = asc.replace(/\s+/g, "");
-  if (!b64re.test(asc))
-    throw new TypeError("malformed base64.");
-  asc += "==".slice(2 - (asc.length & 3));
-  let u24, bin = "", r1, r2;
-  for (let i = 0; i < asc.length; ) {
-    u24 = b64tab[asc.charAt(i++)] << 18 | b64tab[asc.charAt(i++)] << 12 | (r1 = b64tab[asc.charAt(i++)]) << 6 | (r2 = b64tab[asc.charAt(i++)]);
-    bin += r1 === 64 ? _fromCC(u24 >> 16 & 255) : r2 === 64 ? _fromCC(u24 >> 16 & 255, u24 >> 8 & 255) : _fromCC(u24 >> 16 & 255, u24 >> 8 & 255, u24 & 255);
-  }
-  return bin;
-};
-const _atob = typeof atob === "function" ? (asc) => atob(_tidyB64(asc)) : _hasBuffer ? (asc) => Buffer.from(asc, "base64").toString("binary") : atobPolyfill;
-const _toUint8Array = _hasBuffer ? (a) => _U8Afrom(Buffer.from(a, "base64")) : (a) => _U8Afrom(_atob(a).split("").map((c) => c.charCodeAt(0)));
-const toUint8Array$1 = (a) => _toUint8Array(_unURI(a));
-const _decode = _hasBuffer ? (a) => Buffer.from(a, "base64").toString("utf8") : _TD ? (a) => _TD.decode(_toUint8Array(a)) : (a) => btou(_atob(a));
-const _unURI = (a) => _tidyB64(a.replace(/[-_]/g, (m0) => m0 == "-" ? "+" : "/"));
-const decode = (src) => _decode(_unURI(src));
-const isValid = (src) => {
-  if (typeof src !== "string")
-    return false;
-  const s = src.replace(/\s+/g, "").replace(/={0,2}$/, "");
-  return !/[^\s0-9a-zA-Z\+/]/.test(s) || !/[^\s0-9a-zA-Z\-_]/.test(s);
-};
-const _noEnum = (v2) => {
-  return {
-    value: v2,
-    enumerable: false,
-    writable: true,
-    configurable: true
-  };
-};
-const extendString = function() {
-  const _add = (name, body) => Object.defineProperty(String.prototype, name, _noEnum(body));
-  _add("fromBase64", function() {
-    return decode(this);
-  });
-  _add("toBase64", function(urlsafe) {
-    return encode(this, urlsafe);
-  });
-  _add("toBase64URI", function() {
-    return encode(this, true);
-  });
-  _add("toBase64URL", function() {
-    return encode(this, true);
-  });
-  _add("toUint8Array", function() {
-    return toUint8Array$1(this);
-  });
-};
-const extendUint8Array = function() {
-  const _add = (name, body) => Object.defineProperty(Uint8Array.prototype, name, _noEnum(body));
-  _add("toBase64", function(urlsafe) {
-    return fromUint8Array(this, urlsafe);
-  });
-  _add("toBase64URI", function() {
-    return fromUint8Array(this, true);
-  });
-  _add("toBase64URL", function() {
-    return fromUint8Array(this, true);
-  });
-};
-const extendBuiltins = () => {
-  extendString();
-  extendUint8Array();
-};
-const gBase64 = {
-  version,
-  VERSION,
-  atob: _atob,
-  atobPolyfill,
-  btoa: _btoa,
-  btoaPolyfill,
-  fromBase64: decode,
-  toBase64: encode,
-  encode,
-  encodeURI,
-  encodeURL: encodeURI,
-  utob,
-  btou,
-  decode,
-  isValid,
-  fromUint8Array,
-  toUint8Array: toUint8Array$1,
-  extendString,
-  extendUint8Array,
-  extendBuiltins
-};
-function encodeHashToBase64(hash) {
-  return `u${gBase64.fromUint8Array(hash, true)}`;
-}
-class WsClient extends Emittery {
-  socket;
-  url;
-  options;
-  pendingRequests;
-  index;
-  authenticationToken;
-  constructor(socket, url2, options) {
-    super();
-    this.registerMessageListener(socket);
-    this.registerCloseListener(socket);
-    this.socket = socket;
-    this.url = url2;
-    this.options = options || {};
-    this.pendingRequests = {};
-    this.index = 0;
-  }
-  /**
-   * Instance factory for creating WsClients.
-   *
-   * @param url - The WebSocket URL to connect to.
-   * @param options - Options for the WsClient.
-   * @returns An new instance of the WsClient.
-   */
-  static connect(url2, options) {
-    return new Promise((resolve, reject) => {
-      const socket = new IsoWebSocket(url2, options);
-      socket.addEventListener("error", (errorEvent) => {
-        reject(new HolochainError("ConnectionError", `could not connect to Holochain Conductor API at ${url2} - ${errorEvent.error}`));
-      });
-      socket.addEventListener("open", (_) => {
-        const client = new WsClient(socket, url2, options);
-        resolve(client);
-      }, { once: true });
-    });
-  }
-  /**
-   * Sends data as a signal.
-   *
-   * @param data - Data to send.
-   */
-  emitSignal(data) {
-    const encodedMsg = msgpack.encode({
-      type: "signal",
-      data: msgpack.encode(data)
-    });
-    this.socket.send(encodedMsg);
-  }
-  /**
-   * Authenticate the client with the conductor.
-   *
-   * This is only relevant for app websockets.
-   *
-   * @param request - The authentication request, containing an app authentication token.
-   */
-  async authenticate(request) {
-    this.authenticationToken = request.token;
-    return this.exchange(request, (request2, resolve, reject) => {
-      const invalidTokenCloseListener = (closeEvent) => {
-        this.authenticationToken = void 0;
-        reject(new HolochainError("InvalidTokenError", `could not connect to ${this.url} due to an invalid app authentication token - close code ${closeEvent.code}`));
-      };
-      this.socket.addEventListener("close", invalidTokenCloseListener, {
-        once: true
-      });
-      const encodedMsg = msgpack.encode({
-        type: "authenticate",
-        data: msgpack.encode(request2)
-      });
-      this.socket.send(encodedMsg);
-      setTimeout(() => {
-        this.socket.removeEventListener("close", invalidTokenCloseListener);
-        resolve(null);
-      }, 10);
-    });
-  }
-  /**
-   * Close the websocket connection.
-   */
-  close(code = 1e3) {
-    const closedPromise = new Promise((resolve) => this.socket.addEventListener("close", (closeEvent) => resolve(closeEvent), { once: true }));
-    this.socket.close(code);
-    return closedPromise;
-  }
-  /**
-   * Send requests to the connected websocket.
-   *
-   * @param request - The request to send over the websocket.
-   * @returns
-   */
-  async request(request) {
-    return this.exchange(request, this.sendMessage.bind(this));
-  }
-  async exchange(request, sendHandler) {
-    if (this.socket.readyState === this.socket.OPEN) {
-      const promise = new Promise((resolve, reject) => {
-        sendHandler(request, resolve, reject);
-      });
-      return promise;
-    } else if (this.url && this.authenticationToken) {
-      await this.reconnectWebsocket(this.url, this.authenticationToken);
-      this.registerMessageListener(this.socket);
-      this.registerCloseListener(this.socket);
-      const promise = new Promise((resolve, reject) => sendHandler(request, resolve, reject));
-      return promise;
-    } else {
-      return Promise.reject(new HolochainError("WebsocketClosedError", "Websocket is not open"));
-    }
-  }
-  sendMessage(request, resolve, reject) {
-    const id = this.index;
-    const encodedMsg = msgpack.encode({
-      id,
-      type: "request",
-      data: msgpack.encode(request)
-    });
-    this.socket.send(encodedMsg);
-    this.pendingRequests[id] = { resolve, reject };
-    this.index += 1;
-  }
-  registerMessageListener(socket) {
-    socket.onmessage = async (serializedMessage) => {
-      let deserializedData;
-      if (globalThis.window && serializedMessage.data instanceof globalThis.window.Blob) {
-        deserializedData = await serializedMessage.data.arrayBuffer();
-      } else {
-        if (typeof Buffer !== "undefined" && Buffer.isBuffer(serializedMessage.data)) {
-          deserializedData = serializedMessage.data;
-        } else {
-          throw new HolochainError("UnknownMessageFormat", `incoming message has unknown message format - ${deserializedData}`);
-        }
-      }
-      const message = msgpack.decode(deserializedData);
-      assertHolochainMessage(message);
-      if (message.type === "signal") {
-        if (message.data === null) {
-          throw new HolochainError("UnknownSignalFormat", "incoming signal has no data");
-        }
-        const deserializedSignal = msgpack.decode(message.data);
-        assertHolochainSignal(deserializedSignal);
-        if (deserializedSignal.type === "system") {
-          this.emit("signal", {
-            type: "system",
-            value: deserializedSignal.value
-          });
-        } else {
-          const encodedAppSignal = deserializedSignal.value;
-          const payload = msgpack.decode(encodedAppSignal.signal);
-          const signal = {
-            cell_id: encodedAppSignal.cell_id,
-            zome_name: encodedAppSignal.zome_name,
-            payload
-          };
-          this.emit("signal", { type: "app", value: signal });
-        }
-      } else if (message.type === "response") {
-        this.handleResponse(message);
-      } else {
-        throw new HolochainError("UnknownMessageType", `incoming message has unknown type - ${message.type}`);
-      }
-    };
-  }
-  registerCloseListener(socket) {
-    socket.addEventListener("close", (closeEvent) => {
-      const pendingRequestIds = Object.keys(this.pendingRequests).map((id) => parseInt(id));
-      if (pendingRequestIds.length) {
-        pendingRequestIds.forEach((id) => {
-          const error = new HolochainError("ClientClosedWithPendingRequests", `client closed with pending requests - close event code: ${closeEvent.code}, request id: ${id}`);
-          this.pendingRequests[id].reject(error);
-          delete this.pendingRequests[id];
-        });
-      }
-    }, { once: true });
-  }
-  async reconnectWebsocket(url2, token) {
-    return new Promise((resolve, reject) => {
-      this.socket = new IsoWebSocket(url2, this.options);
-      this.socket.addEventListener("error", (errorEvent) => {
-        this.authenticationToken = void 0;
-        reject(new HolochainError("ConnectionError", `could not connect to Holochain Conductor API at ${url2} - ${errorEvent.message}`));
-      }, { once: true });
-      const invalidTokenCloseListener = (closeEvent) => {
-        this.authenticationToken = void 0;
-        reject(new HolochainError("InvalidTokenError", `could not connect to ${this.url} due to an invalid app authentication token - close code ${closeEvent.code}`));
-      };
-      this.socket.addEventListener("close", invalidTokenCloseListener, {
-        once: true
-      });
-      this.socket.addEventListener("open", async (_) => {
-        const encodedMsg = msgpack.encode({
-          type: "authenticate",
-          data: msgpack.encode({ token })
-        });
-        this.socket.send(encodedMsg);
-        setTimeout(() => {
-          this.socket.removeEventListener("close", invalidTokenCloseListener);
-          resolve();
-        }, 10);
-      }, { once: true });
-    });
-  }
-  handleResponse(msg) {
-    const id = msg.id;
-    if (this.pendingRequests[id]) {
-      if (msg.data === null || msg.data === void 0) {
-        this.pendingRequests[id].reject(new Error("Response canceled by responder"));
-      } else {
-        this.pendingRequests[id].resolve(msgpack.decode(msg.data, {
-          mapKeyConverter: (key) => {
-            if (typeof key === "string" || typeof key === "number") {
-              return key;
-            }
-            if (key && typeof key === "object" && key instanceof Uint8Array) {
-              return encodeHashToBase64(key);
-            }
-            throw new HolochainError("DeserializationError", "Encountered map with key of type 'object', but not HoloHash " + key);
-          }
-        }));
-      }
-      delete this.pendingRequests[id];
-    } else {
-      console.error(`got response with no matching request. id = ${id} msg = ${msg}`);
-    }
-  }
-}
-function assertHolochainMessage(message) {
-  if (typeof message === "object" && message !== null && "type" in message && "data" in message) {
-    return;
-  }
-  throw new HolochainError("UnknownMessageFormat", `incoming message has unknown message format ${JSON.stringify(message, null, 4)}`);
-}
-function assertHolochainSignal(signal) {
-  if (typeof signal === "object" && signal !== null && "type" in signal && "value" in signal && ["app", "signal"].some((type) => signal.type === type)) {
-    return;
-  }
-  throw new HolochainError("UnknownSignalFormat", `incoming signal has unknown signal format ${JSON.stringify(signal, null, 4)}`);
-}
+var CountersigningSessionStateType;
+(function(CountersigningSessionStateType2) {
+  CountersigningSessionStateType2["Accepted"] = "Accepted";
+  CountersigningSessionStateType2["SignaturesCollected"] = "SignaturesCollected";
+  CountersigningSessionStateType2["Unknown"] = "Unknown";
+})(CountersigningSessionStateType || (CountersigningSessionStateType = {}));
+var ResolutionRequiredReason;
+(function(ResolutionRequiredReason2) {
+  ResolutionRequiredReason2["Timeout"] = "Timeout";
+  ResolutionRequiredReason2["Unknown"] = "Unknown";
+})(ResolutionRequiredReason || (ResolutionRequiredReason = {}));
+var SessionCompletionDecisionType;
+(function(SessionCompletionDecisionType2) {
+  SessionCompletionDecisionType2["Complete"] = "Complete";
+  SessionCompletionDecisionType2["Abandoned"] = "Abandoned";
+  SessionCompletionDecisionType2["Indeterminate"] = "Indeterminate";
+  SessionCompletionDecisionType2["Failed"] = "Failed";
+})(SessionCompletionDecisionType || (SessionCompletionDecisionType = {}));
+var SignalType;
+(function(SignalType2) {
+  SignalType2["App"] = "app";
+  SignalType2["System"] = "system";
+})(SignalType || (SignalType = {}));
 var libsodiumWrappers = {};
 var libsodium = { exports: {} };
 var hasRequiredLibsodium;
@@ -9986,372 +9616,158 @@ function requireLibsodium() {
         b(s2, "invalid usage");
       }
       function Ur(e3) {
-        var a3 = [];
-        l(e3);
-        var t2 = new u(0 | r2._crypto_stream_keybytes()), _2 = t2.address;
-        a3.push(_2), r2._crypto_stream_keygen(_2);
-        var n2 = y(t2, e3);
-        return g(a3), n2;
-      }
-      function Cr(e3) {
-        var a3 = [];
-        l(e3);
-        var t2 = new u(0 | r2._crypto_stream_xchacha20_keybytes()), _2 = t2.address;
-        a3.push(_2), r2._crypto_stream_xchacha20_keygen(_2);
-        var n2 = y(t2, e3);
-        return g(a3), n2;
-      }
-      function Pr(e3, a3, t2, _2) {
-        var n2 = [];
-        l(_2);
-        var s2 = d(e3 = E(n2, e3, "input_message")), c2 = e3.length;
-        n2.push(s2), a3 = E(n2, a3, "nonce");
-        var h2, o2 = 0 | r2._crypto_stream_xchacha20_noncebytes();
-        a3.length !== o2 && f(n2, "invalid nonce length"), h2 = d(a3), n2.push(h2), t2 = E(n2, t2, "key");
-        var p2, i2 = 0 | r2._crypto_stream_xchacha20_keybytes();
-        t2.length !== i2 && f(n2, "invalid key length"), p2 = d(t2), n2.push(p2);
-        var v3 = new u(0 | c2), m3 = v3.address;
-        if (n2.push(m3), 0 === r2._crypto_stream_xchacha20_xor(m3, s2, c2, 0, h2, p2)) {
-          var x2 = y(v3, _2);
-          return g(n2), x2;
-        }
-        b(n2, "invalid usage");
-      }
-      function Rr(e3, a3, t2, _2, n2) {
-        var s2 = [];
-        l(n2);
-        var c2 = d(e3 = E(s2, e3, "input_message")), h2 = e3.length;
-        s2.push(c2), a3 = E(s2, a3, "nonce");
-        var o2, p2 = 0 | r2._crypto_stream_xchacha20_noncebytes();
-        a3.length !== p2 && f(s2, "invalid nonce length"), o2 = d(a3), s2.push(o2), m2(s2, t2, "nonce_increment"), ("number" != typeof t2 || (0 | t2) !== t2 || t2 < 0) && f(s2, "nonce_increment must be an unsigned integer"), _2 = E(s2, _2, "key");
-        var i2, v3 = 0 | r2._crypto_stream_xchacha20_keybytes();
-        _2.length !== v3 && f(s2, "invalid key length"), i2 = d(_2), s2.push(i2);
-        var x2 = new u(0 | h2), k2 = x2.address;
-        if (s2.push(k2), 0 === r2._crypto_stream_xchacha20_xor_ic(k2, c2, h2, 0, o2, t2, 0, i2)) {
-          var S2 = y(x2, n2);
-          return g(s2), S2;
-        }
-        b(s2, "invalid usage");
-      }
-      function Xr(e3, a3) {
-        var t2 = [];
-        l(a3), m2(t2, e3, "length"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(t2, "length must be an unsigned integer");
-        var _2 = new u(0 | e3), n2 = _2.address;
-        t2.push(n2), r2._randombytes_buf(n2, e3);
-        var s2 = y(_2, a3);
-        return g(t2), s2;
-      }
-      function Gr(e3, a3, t2) {
-        var _2 = [];
-        l(t2), m2(_2, e3, "length"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(_2, "length must be an unsigned integer"), a3 = E(_2, a3, "seed");
-        var n2, s2 = 0 | r2._randombytes_seedbytes();
-        a3.length !== s2 && f(_2, "invalid seed length"), n2 = d(a3), _2.push(n2);
-        var c2 = new u(0 | e3), h2 = c2.address;
-        _2.push(h2), r2._randombytes_buf_deterministic(h2, e3, n2);
-        var o2 = y(c2, t2);
-        return g(_2), o2;
-      }
-      function Dr(e3) {
-        l(e3), r2._randombytes_close();
-      }
-      function Fr(e3) {
-        l(e3);
-        var a3 = r2._randombytes_random() >>> 0;
-        return g([]), a3;
-      }
-      function Vr(e3, a3) {
-        var t2 = [];
-        l(a3);
-        for (var _2 = r2._malloc(24), n2 = 0; n2 < 6; n2++) r2.setValue(_2 + 4 * n2, r2.Runtime.addFunction(e3[["implementation_name", "random", "stir", "uniform", "buf", "close"][n2]]), "i32");
-        0 | r2._randombytes_set_implementation(_2) && b(t2, "unsupported implementation"), g(t2);
-      }
-      function Hr(e3) {
-        l(e3), r2._randombytes_stir();
-      }
-      function Wr(e3, a3) {
-        var t2 = [];
-        l(a3), m2(t2, e3, "upper_bound"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(t2, "upper_bound must be an unsigned integer");
-        var _2 = r2._randombytes_uniform(e3) >>> 0;
-        return g(t2), _2;
+        var a3 = [];
+        l(e3);
+        var t2 = new u(0 | r2._crypto_stream_keybytes()), _2 = t2.address;
+        a3.push(_2), r2._crypto_stream_keygen(_2);
+        var n2 = y(t2, e3);
+        return g(a3), n2;
       }
-      function qr() {
-        var e3 = r2._sodium_version_string(), a3 = r2.UTF8ToString(e3);
-        return g([]), a3;
+      function Cr(e3) {
+        var a3 = [];
+        l(e3);
+        var t2 = new u(0 | r2._crypto_stream_xchacha20_keybytes()), _2 = t2.address;
+        a3.push(_2), r2._crypto_stream_xchacha20_keygen(_2);
+        var n2 = y(t2, e3);
+        return g(a3), n2;
       }
-      return u.prototype.to_Uint8Array = function() {
-        var e3 = new Uint8Array(this.length);
-        return e3.set(r2.HEAPU8.subarray(this.address, this.address + this.length)), e3;
-      }, e2.add = function(e3, a3) {
-        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can added");
-        var r3 = e3.length, t2 = 0, _2 = 0;
-        if (a3.length != e3.length) throw new TypeError("Arguments must have the same length");
-        for (_2 = 0; _2 < r3; _2++) t2 >>= 8, t2 += e3[_2] + a3[_2], e3[_2] = 255 & t2;
-      }, e2.base64_variants = h, e2.compare = function(e3, a3) {
-        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be compared");
-        if (e3.length !== a3.length) throw new TypeError("Only instances of identical length can be compared");
-        for (var r3 = 0, t2 = 1, _2 = e3.length; _2-- > 0; ) r3 |= a3[_2] - e3[_2] >> 8 & t2, t2 &= (a3[_2] ^ e3[_2]) - 1 >> 8;
-        return r3 + r3 + t2 - 1;
-      }, e2.from_base64 = function(e3, a3) {
-        a3 = o(a3);
-        var t2, _2 = [], n2 = new u(3 * (e3 = E(_2, e3, "input")).length / 4), s2 = d(e3), c2 = v2(4), h2 = v2(4);
-        return _2.push(s2), _2.push(n2.address), _2.push(n2.result_bin_len_p), _2.push(n2.b64_end_p), 0 !== r2._sodium_base642bin(n2.address, n2.length, s2, e3.length, 0, c2, h2, a3) && b(_2, "invalid input"), r2.getValue(h2, "i32") - s2 !== e3.length && b(_2, "incomplete input"), n2.length = r2.getValue(c2, "i32"), t2 = n2.to_Uint8Array(), g(_2), t2;
-      }, e2.from_hex = function(e3) {
-        var a3, t2 = [], _2 = new u((e3 = E(t2, e3, "input")).length / 2), n2 = d(e3), s2 = v2(4);
-        return t2.push(n2), t2.push(_2.address), t2.push(_2.hex_end_p), 0 !== r2._sodium_hex2bin(_2.address, _2.length, n2, e3.length, 0, 0, s2) && b(t2, "invalid input"), r2.getValue(s2, "i32") - n2 !== e3.length && b(t2, "incomplete input"), a3 = _2.to_Uint8Array(), g(t2), a3;
-      }, e2.from_string = n, e2.increment = function(e3) {
-        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be incremented");
-        for (var a3 = 256, r3 = 0, t2 = e3.length; r3 < t2; r3++) a3 >>= 8, a3 += e3[r3], e3[r3] = 255 & a3;
-      }, e2.is_zero = function(e3) {
-        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be checked");
-        for (var a3 = 0, r3 = 0, t2 = e3.length; r3 < t2; r3++) a3 |= e3[r3];
-        return 0 === a3;
-      }, e2.libsodium = a2, e2.memcmp = function(e3, a3) {
-        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be compared");
-        if (e3.length !== a3.length) throw new TypeError("Only instances of identical length can be compared");
-        for (var r3 = 0, t2 = 0, _2 = e3.length; t2 < _2; t2++) r3 |= e3[t2] ^ a3[t2];
-        return 0 === r3;
-      }, e2.memzero = function(e3) {
-        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be wiped");
-        for (var a3 = 0, r3 = e3.length; a3 < r3; a3++) e3[a3] = 0;
-      }, e2.output_formats = function() {
-        return ["uint8array", "text", "hex", "base64"];
-      }, e2.pad = function(e3, a3) {
-        if (!(e3 instanceof Uint8Array)) throw new TypeError("buffer must be a Uint8Array");
-        if ((a3 |= 0) <= 0) throw new Error("block size must be > 0");
-        var t2, _2 = [], n2 = v2(4), s2 = 1, c2 = 0, h2 = 0 | e3.length, o2 = new u(h2 + a3);
-        _2.push(n2), _2.push(o2.address);
-        for (var p2 = o2.address, y2 = o2.address + h2 + a3; p2 < y2; p2++) r2.HEAPU8[p2] = e3[c2], c2 += s2 = 1 & ~((65535 & ((h2 -= s2) >>> 48 | h2 >>> 32 | h2 >>> 16 | h2)) - 1 >> 16);
-        return 0 !== r2._sodium_pad(n2, o2.address, e3.length, a3, o2.length) && b(_2, "internal error"), o2.length = r2.getValue(n2, "i32"), t2 = o2.to_Uint8Array(), g(_2), t2;
-      }, e2.unpad = function(e3, a3) {
-        if (!(e3 instanceof Uint8Array)) throw new TypeError("buffer must be a Uint8Array");
-        if ((a3 |= 0) <= 0) throw new Error("block size must be > 0");
-        var t2 = [], _2 = d(e3), n2 = v2(4);
-        return t2.push(_2), t2.push(n2), 0 !== r2._sodium_unpad(n2, _2, e3.length, a3) && b(t2, "unsupported/invalid padding"), e3 = (e3 = new Uint8Array(e3)).subarray(0, r2.getValue(n2, "i32")), g(t2), e3;
-      }, e2.ready = _, e2.symbols = function() {
-        return Object.keys(e2).sort();
-      }, e2.to_base64 = p, e2.to_hex = c, e2.to_string = s, e2;
-    }
-    var r = "object" == typeof e.sodium && "function" == typeof e.sodium.onload ? e.sodium.onload : null;
-    "string" != typeof exports2.nodeName ? a(exports2, requireLibsodium()) : e.sodium = a(e.commonJsStrict = {}, e.libsodium), r && e.sodium.ready.then(function() {
-      r(e.sodium);
-    });
-  }(commonjsGlobal);
-})(libsodiumWrappers);
-const _sodium = /* @__PURE__ */ getDefaultExportFromCjs(libsodiumWrappers);
-const signingCredentials = /* @__PURE__ */ new Map();
-const getSigningCredentials = (cellId) => {
-  const cellIdB64 = encodeHashToBase64(cellId[0]).concat(encodeHashToBase64(cellId[1]));
-  return signingCredentials.get(cellIdB64);
-};
-const setSigningCredentials = (cellId, credentials) => {
-  const cellIdB64 = encodeHashToBase64(cellId[0]).concat(encodeHashToBase64(cellId[1]));
-  signingCredentials.set(cellIdB64, credentials);
-};
-const generateSigningKeyPair = async (agentPubKey) => {
-  await _sodium.ready;
-  const sodium = _sodium;
-  const keyPair = sodium.crypto_sign_keypair();
-  const locationBytes = [0, 0, 0, 0];
-  const signingKey = new Uint8Array([132, 32, 36].concat(...keyPair.publicKey).concat(...locationBytes));
-  return [keyPair, signingKey];
-};
-const randomCapSecret = async () => randomByteArray(64);
-const randomNonce = async () => randomByteArray(32);
-const randomByteArray = async (length) => {
-  if (globalThis.crypto && "getRandomValues" in globalThis.crypto) {
-    return globalThis.crypto.getRandomValues(new Uint8Array(length));
-  }
-  await _sodium.ready;
-  const sodium = _sodium;
-  return sodium.randombytes_buf(length);
-};
-const getNonceExpiration = () => (Date.now() + 5 * 60 * 1e3) * 1e3;
-class AdminWebsocket {
-  /**
-   * The websocket client used for transporting requests and responses.
-   */
-  client;
-  /**
-   * Default timeout for any request made over the websocket.
-   */
-  defaultTimeout;
-  constructor(client, defaultTimeout) {
-    this.client = client;
-    this.defaultTimeout = defaultTimeout === void 0 ? DEFAULT_TIMEOUT : defaultTimeout;
-  }
-  /**
-   * Factory mehtod to create a new instance connected to the given URL.
-   *
-   * @param options - {@link (WebsocketConnectionOptions:interface)}
-   * @returns A promise for a new connected instance.
-   */
-  static async connect(options = {}) {
-    const env = getLauncherEnvironment();
-    if (env?.ADMIN_INTERFACE_PORT) {
-      options.url = new URL(`ws://localhost:${env.ADMIN_INTERFACE_PORT}`);
-    }
-    if (!options.url) {
-      throw new HolochainError("ConnectionUrlMissing", `unable to connect to Conductor API - no url provided and not in a launcher environment.`);
-    }
-    const wsClient = await WsClient.connect(options.url, options.wsClientOptions);
-    return new AdminWebsocket(wsClient, options.defaultTimeout);
-  }
-  _requester(tag, transformer) {
-    return requesterTransformer((req, timeout2) => promiseTimeout(this.client.request(req), tag, timeout2 || this.defaultTimeout).then(catchError), tag, transformer);
-  }
-  /**
-   * Send a request to open the given port for {@link AppWebsocket} connections.
-   */
-  attachAppInterface = this._requester("attach_app_interface");
-  /**
-   * Enable a stopped app.
-   */
-  enableApp = this._requester("enable_app");
-  /**
-   * Disable a running app.
-   */
-  disableApp = this._requester("disable_app");
-  /**
-   * Dump the state of the specified cell, including its source chain, as JSON.
-   */
-  dumpState = this._requester("dump_state", dumpStateTransform);
-  /**
-   * Dump the full state of the specified cell, including its chain and DHT
-   * shard, as JSON.
-   */
-  dumpFullState = this._requester("dump_full_state");
-  /**
-   * Generate a new agent pub key.
-   */
-  generateAgentPubKey = this._requester("generate_agent_pub_key");
-  /**
-   * Generate a new agent pub key.
-   */
-  revokeAgentKey = this._requester("revoke_agent_key");
-  /**
-   * Register a DNA for later app installation.
-   *
-   * Stores the given DNA into the Holochain DNA database and returns the hash of it.
-   */
-  registerDna = this._requester("register_dna");
-  /**
-   * Get the DNA definition for the specified DNA hash.
-   */
-  getDnaDefinition = this._requester("get_dna_definition");
-  /**
-   * Uninstall the specified app from Holochain.
-   */
-  uninstallApp = this._requester("uninstall_app");
-  /**
-   * Install the specified app into Holochain.
-   */
-  installApp = this._requester("install_app");
-  /**
-   * Update coordinators for an installed app.
-   */
-  updateCoordinators = this._requester("update_coordinators");
-  /**
-   * List all registered DNAs.
-   */
-  listDnas = this._requester("list_dnas");
-  /**
-   * List all installed cell ids.
-   */
-  listCellIds = this._requester("list_cell_ids");
-  /**
-   * List all installed apps.
-   */
-  listApps = this._requester("list_apps");
-  /**
-   * List all attached app interfaces.
-   */
-  listAppInterfaces = this._requester("list_app_interfaces");
-  /**
-   * Request all available info about an agent.
-   */
-  agentInfo = this._requester("agent_info");
-  /**
-   * Add an existing agent to Holochain.
-   */
-  addAgentInfo = this._requester("add_agent_info");
-  /**
-   * Delete a disabled clone cell.
-   */
-  deleteCloneCell = this._requester("delete_clone_cell");
-  /**
-   * Grant a zome call capability for an agent, to be used for signing zome
-   * calls.
-   */
-  grantZomeCallCapability = this._requester("grant_zome_call_capability");
-  storageInfo = this._requester("storage_info");
-  issueAppAuthenticationToken = this._requester("issue_app_authentication_token");
-  dumpNetworkStats = this._requester("dump_network_stats");
-  dumpNetworkMetrics = this._requester("dump_network_metrics");
-  // zome call signing related methods
-  /**
-   * Grant a capability for signing zome calls.
-   *
-   * @param cellId - The cell to grant the capability for.
-   * @param functions - The zome functions to grant the capability for.
-   * @param signingKey - The assignee of the capability.
-   * @returns The cap secret of the created capability.
-   */
-  grantSigningKey = async (cellId, functions, signingKey) => {
-    const capSecret = await randomCapSecret();
-    await this.grantZomeCallCapability({
-      cell_id: cellId,
-      cap_grant: {
-        tag: "zome-call-signing-key",
-        functions,
-        access: {
-          type: "assigned",
-          value: {
-            secret: capSecret,
-            assignees: [signingKey]
-          }
+      function Pr(e3, a3, t2, _2) {
+        var n2 = [];
+        l(_2);
+        var s2 = d(e3 = E(n2, e3, "input_message")), c2 = e3.length;
+        n2.push(s2), a3 = E(n2, a3, "nonce");
+        var h2, o2 = 0 | r2._crypto_stream_xchacha20_noncebytes();
+        a3.length !== o2 && f(n2, "invalid nonce length"), h2 = d(a3), n2.push(h2), t2 = E(n2, t2, "key");
+        var p2, i2 = 0 | r2._crypto_stream_xchacha20_keybytes();
+        t2.length !== i2 && f(n2, "invalid key length"), p2 = d(t2), n2.push(p2);
+        var v3 = new u(0 | c2), m3 = v3.address;
+        if (n2.push(m3), 0 === r2._crypto_stream_xchacha20_xor(m3, s2, c2, 0, h2, p2)) {
+          var x2 = y(v3, _2);
+          return g(n2), x2;
+        }
+        b(n2, "invalid usage");
+      }
+      function Rr(e3, a3, t2, _2, n2) {
+        var s2 = [];
+        l(n2);
+        var c2 = d(e3 = E(s2, e3, "input_message")), h2 = e3.length;
+        s2.push(c2), a3 = E(s2, a3, "nonce");
+        var o2, p2 = 0 | r2._crypto_stream_xchacha20_noncebytes();
+        a3.length !== p2 && f(s2, "invalid nonce length"), o2 = d(a3), s2.push(o2), m2(s2, t2, "nonce_increment"), ("number" != typeof t2 || (0 | t2) !== t2 || t2 < 0) && f(s2, "nonce_increment must be an unsigned integer"), _2 = E(s2, _2, "key");
+        var i2, v3 = 0 | r2._crypto_stream_xchacha20_keybytes();
+        _2.length !== v3 && f(s2, "invalid key length"), i2 = d(_2), s2.push(i2);
+        var x2 = new u(0 | h2), k2 = x2.address;
+        if (s2.push(k2), 0 === r2._crypto_stream_xchacha20_xor_ic(k2, c2, h2, 0, o2, t2, 0, i2)) {
+          var S2 = y(x2, n2);
+          return g(s2), S2;
         }
+        b(s2, "invalid usage");
+      }
+      function Xr(e3, a3) {
+        var t2 = [];
+        l(a3), m2(t2, e3, "length"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(t2, "length must be an unsigned integer");
+        var _2 = new u(0 | e3), n2 = _2.address;
+        t2.push(n2), r2._randombytes_buf(n2, e3);
+        var s2 = y(_2, a3);
+        return g(t2), s2;
+      }
+      function Gr(e3, a3, t2) {
+        var _2 = [];
+        l(t2), m2(_2, e3, "length"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(_2, "length must be an unsigned integer"), a3 = E(_2, a3, "seed");
+        var n2, s2 = 0 | r2._randombytes_seedbytes();
+        a3.length !== s2 && f(_2, "invalid seed length"), n2 = d(a3), _2.push(n2);
+        var c2 = new u(0 | e3), h2 = c2.address;
+        _2.push(h2), r2._randombytes_buf_deterministic(h2, e3, n2);
+        var o2 = y(c2, t2);
+        return g(_2), o2;
+      }
+      function Dr(e3) {
+        l(e3), r2._randombytes_close();
+      }
+      function Fr(e3) {
+        l(e3);
+        var a3 = r2._randombytes_random() >>> 0;
+        return g([]), a3;
+      }
+      function Vr(e3, a3) {
+        var t2 = [];
+        l(a3);
+        for (var _2 = r2._malloc(24), n2 = 0; n2 < 6; n2++) r2.setValue(_2 + 4 * n2, r2.Runtime.addFunction(e3[["implementation_name", "random", "stir", "uniform", "buf", "close"][n2]]), "i32");
+        0 | r2._randombytes_set_implementation(_2) && b(t2, "unsupported implementation"), g(t2);
+      }
+      function Hr(e3) {
+        l(e3), r2._randombytes_stir();
+      }
+      function Wr(e3, a3) {
+        var t2 = [];
+        l(a3), m2(t2, e3, "upper_bound"), ("number" != typeof e3 || (0 | e3) !== e3 || e3 < 0) && f(t2, "upper_bound must be an unsigned integer");
+        var _2 = r2._randombytes_uniform(e3) >>> 0;
+        return g(t2), _2;
+      }
+      function qr() {
+        var e3 = r2._sodium_version_string(), a3 = r2.UTF8ToString(e3);
+        return g([]), a3;
       }
+      return u.prototype.to_Uint8Array = function() {
+        var e3 = new Uint8Array(this.length);
+        return e3.set(r2.HEAPU8.subarray(this.address, this.address + this.length)), e3;
+      }, e2.add = function(e3, a3) {
+        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can added");
+        var r3 = e3.length, t2 = 0, _2 = 0;
+        if (a3.length != e3.length) throw new TypeError("Arguments must have the same length");
+        for (_2 = 0; _2 < r3; _2++) t2 >>= 8, t2 += e3[_2] + a3[_2], e3[_2] = 255 & t2;
+      }, e2.base64_variants = h, e2.compare = function(e3, a3) {
+        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be compared");
+        if (e3.length !== a3.length) throw new TypeError("Only instances of identical length can be compared");
+        for (var r3 = 0, t2 = 1, _2 = e3.length; _2-- > 0; ) r3 |= a3[_2] - e3[_2] >> 8 & t2, t2 &= (a3[_2] ^ e3[_2]) - 1 >> 8;
+        return r3 + r3 + t2 - 1;
+      }, e2.from_base64 = function(e3, a3) {
+        a3 = o(a3);
+        var t2, _2 = [], n2 = new u(3 * (e3 = E(_2, e3, "input")).length / 4), s2 = d(e3), c2 = v2(4), h2 = v2(4);
+        return _2.push(s2), _2.push(n2.address), _2.push(n2.result_bin_len_p), _2.push(n2.b64_end_p), 0 !== r2._sodium_base642bin(n2.address, n2.length, s2, e3.length, 0, c2, h2, a3) && b(_2, "invalid input"), r2.getValue(h2, "i32") - s2 !== e3.length && b(_2, "incomplete input"), n2.length = r2.getValue(c2, "i32"), t2 = n2.to_Uint8Array(), g(_2), t2;
+      }, e2.from_hex = function(e3) {
+        var a3, t2 = [], _2 = new u((e3 = E(t2, e3, "input")).length / 2), n2 = d(e3), s2 = v2(4);
+        return t2.push(n2), t2.push(_2.address), t2.push(_2.hex_end_p), 0 !== r2._sodium_hex2bin(_2.address, _2.length, n2, e3.length, 0, 0, s2) && b(t2, "invalid input"), r2.getValue(s2, "i32") - n2 !== e3.length && b(t2, "incomplete input"), a3 = _2.to_Uint8Array(), g(t2), a3;
+      }, e2.from_string = n, e2.increment = function(e3) {
+        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be incremented");
+        for (var a3 = 256, r3 = 0, t2 = e3.length; r3 < t2; r3++) a3 >>= 8, a3 += e3[r3], e3[r3] = 255 & a3;
+      }, e2.is_zero = function(e3) {
+        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be checked");
+        for (var a3 = 0, r3 = 0, t2 = e3.length; r3 < t2; r3++) a3 |= e3[r3];
+        return 0 === a3;
+      }, e2.libsodium = a2, e2.memcmp = function(e3, a3) {
+        if (!(e3 instanceof Uint8Array && a3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be compared");
+        if (e3.length !== a3.length) throw new TypeError("Only instances of identical length can be compared");
+        for (var r3 = 0, t2 = 0, _2 = e3.length; t2 < _2; t2++) r3 |= e3[t2] ^ a3[t2];
+        return 0 === r3;
+      }, e2.memzero = function(e3) {
+        if (!(e3 instanceof Uint8Array)) throw new TypeError("Only Uint8Array instances can be wiped");
+        for (var a3 = 0, r3 = e3.length; a3 < r3; a3++) e3[a3] = 0;
+      }, e2.output_formats = function() {
+        return ["uint8array", "text", "hex", "base64"];
+      }, e2.pad = function(e3, a3) {
+        if (!(e3 instanceof Uint8Array)) throw new TypeError("buffer must be a Uint8Array");
+        if ((a3 |= 0) <= 0) throw new Error("block size must be > 0");
+        var t2, _2 = [], n2 = v2(4), s2 = 1, c2 = 0, h2 = 0 | e3.length, o2 = new u(h2 + a3);
+        _2.push(n2), _2.push(o2.address);
+        for (var p2 = o2.address, y2 = o2.address + h2 + a3; p2 < y2; p2++) r2.HEAPU8[p2] = e3[c2], c2 += s2 = 1 & ~((65535 & ((h2 -= s2) >>> 48 | h2 >>> 32 | h2 >>> 16 | h2)) - 1 >> 16);
+        return 0 !== r2._sodium_pad(n2, o2.address, e3.length, a3, o2.length) && b(_2, "internal error"), o2.length = r2.getValue(n2, "i32"), t2 = o2.to_Uint8Array(), g(_2), t2;
+      }, e2.unpad = function(e3, a3) {
+        if (!(e3 instanceof Uint8Array)) throw new TypeError("buffer must be a Uint8Array");
+        if ((a3 |= 0) <= 0) throw new Error("block size must be > 0");
+        var t2 = [], _2 = d(e3), n2 = v2(4);
+        return t2.push(_2), t2.push(n2), 0 !== r2._sodium_unpad(n2, _2, e3.length, a3) && b(t2, "unsupported/invalid padding"), e3 = (e3 = new Uint8Array(e3)).subarray(0, r2.getValue(n2, "i32")), g(t2), e3;
+      }, e2.ready = _, e2.symbols = function() {
+        return Object.keys(e2).sort();
+      }, e2.to_base64 = p, e2.to_hex = c, e2.to_string = s, e2;
+    }
+    var r = "object" == typeof e.sodium && "function" == typeof e.sodium.onload ? e.sodium.onload : null;
+    "string" != typeof exports2.nodeName ? a(exports2, requireLibsodium()) : e.sodium = a(e.commonJsStrict = {}, e.libsodium), r && e.sodium.ready.then(function() {
+      r(e.sodium);
     });
-    return capSecret;
-  };
-  /**
-   * Generate and authorize a new key pair for signing zome calls.
-   *
-   * @param cellId - The cell id to create the capability grant for.
-   * @param functions - Zomes and functions to authorize the signing key for
-   * (optional). When no functions are specified, the capability will be
-   * granted for all zomes and functions.
-   */
-  authorizeSigningCredentials = async (cellId, functions) => {
-    const [keyPair, signingKey] = await generateSigningKeyPair();
-    const capSecret = await this.grantSigningKey(cellId, functions || { type: "all" }, signingKey);
-    setSigningCredentials(cellId, { capSecret, keyPair, signingKey });
-  };
-}
-const dumpStateTransform = {
-  input: (req) => req,
-  output: (res) => {
-    return JSON.parse(res);
-  }
-};
-var CountersigningSessionStateType;
-(function(CountersigningSessionStateType2) {
-  CountersigningSessionStateType2["Accepted"] = "Accepted";
-  CountersigningSessionStateType2["SignaturesCollected"] = "SignaturesCollected";
-  CountersigningSessionStateType2["Unknown"] = "Unknown";
-})(CountersigningSessionStateType || (CountersigningSessionStateType = {}));
-var ResolutionRequiredReason;
-(function(ResolutionRequiredReason2) {
-  ResolutionRequiredReason2["Timeout"] = "Timeout";
-  ResolutionRequiredReason2["Unknown"] = "Unknown";
-})(ResolutionRequiredReason || (ResolutionRequiredReason = {}));
-var SessionCompletionDecisionType;
-(function(SessionCompletionDecisionType2) {
-  SessionCompletionDecisionType2["Complete"] = "Complete";
-  SessionCompletionDecisionType2["Abandoned"] = "Abandoned";
-  SessionCompletionDecisionType2["Indeterminate"] = "Indeterminate";
-  SessionCompletionDecisionType2["Failed"] = "Failed";
-})(SessionCompletionDecisionType || (SessionCompletionDecisionType = {}));
+  }(commonjsGlobal);
+})(libsodiumWrappers);
+const _sodium = /* @__PURE__ */ getDefaultExportFromCjs(libsodiumWrappers);
 var freeGlobal = typeof global == "object" && global && global.Object === Object && global;
 var freeSelf = typeof self == "object" && self && self.Object === Object && self;
 var root = freeGlobal || freeSelf || Function("return this")();
@@ -11295,22 +10711,206 @@ var omit = flatRest(function(object, paths) {
   if (object == null) {
     return result;
   }
-  var isDeep = false;
-  paths = arrayMap(paths, function(path2) {
-    path2 = castPath(path2, object);
-    isDeep || (isDeep = path2.length > 1);
-    return path2;
+  var isDeep = false;
+  paths = arrayMap(paths, function(path2) {
+    path2 = castPath(path2, object);
+    isDeep || (isDeep = path2.length > 1);
+    return path2;
+  });
+  copyObject(object, getAllKeysIn(object), result);
+  if (isDeep) {
+    result = baseClone(result, CLONE_DEEP_FLAG | CLONE_FLAT_FLAG | CLONE_SYMBOLS_FLAG, customOmitClone);
+  }
+  var length = paths.length;
+  while (length--) {
+    baseUnset(result, paths[length]);
+  }
+  return result;
+});
+const version = "3.7.7";
+const VERSION = version;
+const _hasBuffer = typeof Buffer === "function";
+const _TD = typeof TextDecoder === "function" ? new TextDecoder() : void 0;
+const _TE = typeof TextEncoder === "function" ? new TextEncoder() : void 0;
+const b64ch = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+const b64chs = Array.prototype.slice.call(b64ch);
+const b64tab = ((a) => {
+  let tab = {};
+  a.forEach((c, i) => tab[c] = i);
+  return tab;
+})(b64chs);
+const b64re = /^(?:[A-Za-z\d+\/]{4})*?(?:[A-Za-z\d+\/]{2}(?:==)?|[A-Za-z\d+\/]{3}=?)?$/;
+const _fromCC = String.fromCharCode.bind(String);
+const _U8Afrom = typeof Uint8Array.from === "function" ? Uint8Array.from.bind(Uint8Array) : (it) => new Uint8Array(Array.prototype.slice.call(it, 0));
+const _mkUriSafe = (src) => src.replace(/=/g, "").replace(/[+\/]/g, (m0) => m0 == "+" ? "-" : "_");
+const _tidyB64 = (s) => s.replace(/[^A-Za-z0-9\+\/]/g, "");
+const btoaPolyfill = (bin) => {
+  let u32, c0, c1, c2, asc = "";
+  const pad = bin.length % 3;
+  for (let i = 0; i < bin.length; ) {
+    if ((c0 = bin.charCodeAt(i++)) > 255 || (c1 = bin.charCodeAt(i++)) > 255 || (c2 = bin.charCodeAt(i++)) > 255)
+      throw new TypeError("invalid character found");
+    u32 = c0 << 16 | c1 << 8 | c2;
+    asc += b64chs[u32 >> 18 & 63] + b64chs[u32 >> 12 & 63] + b64chs[u32 >> 6 & 63] + b64chs[u32 & 63];
+  }
+  return pad ? asc.slice(0, pad - 3) + "===".substring(pad) : asc;
+};
+const _btoa = typeof btoa === "function" ? (bin) => btoa(bin) : _hasBuffer ? (bin) => Buffer.from(bin, "binary").toString("base64") : btoaPolyfill;
+const _fromUint8Array = _hasBuffer ? (u8a) => Buffer.from(u8a).toString("base64") : (u8a) => {
+  const maxargs = 4096;
+  let strs = [];
+  for (let i = 0, l = u8a.length; i < l; i += maxargs) {
+    strs.push(_fromCC.apply(null, u8a.subarray(i, i + maxargs)));
+  }
+  return _btoa(strs.join(""));
+};
+const fromUint8Array = (u8a, urlsafe = false) => urlsafe ? _mkUriSafe(_fromUint8Array(u8a)) : _fromUint8Array(u8a);
+const cb_utob = (c) => {
+  if (c.length < 2) {
+    var cc = c.charCodeAt(0);
+    return cc < 128 ? c : cc < 2048 ? _fromCC(192 | cc >>> 6) + _fromCC(128 | cc & 63) : _fromCC(224 | cc >>> 12 & 15) + _fromCC(128 | cc >>> 6 & 63) + _fromCC(128 | cc & 63);
+  } else {
+    var cc = 65536 + (c.charCodeAt(0) - 55296) * 1024 + (c.charCodeAt(1) - 56320);
+    return _fromCC(240 | cc >>> 18 & 7) + _fromCC(128 | cc >>> 12 & 63) + _fromCC(128 | cc >>> 6 & 63) + _fromCC(128 | cc & 63);
+  }
+};
+const re_utob = /[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g;
+const utob = (u) => u.replace(re_utob, cb_utob);
+const _encode = _hasBuffer ? (s) => Buffer.from(s, "utf8").toString("base64") : _TE ? (s) => _fromUint8Array(_TE.encode(s)) : (s) => _btoa(utob(s));
+const encode = (src, urlsafe = false) => urlsafe ? _mkUriSafe(_encode(src)) : _encode(src);
+const encodeURI = (src) => encode(src, true);
+const re_btou = /[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}|[\xF0-\xF7][\x80-\xBF]{3}/g;
+const cb_btou = (cccc) => {
+  switch (cccc.length) {
+    case 4:
+      var cp = (7 & cccc.charCodeAt(0)) << 18 | (63 & cccc.charCodeAt(1)) << 12 | (63 & cccc.charCodeAt(2)) << 6 | 63 & cccc.charCodeAt(3), offset = cp - 65536;
+      return _fromCC((offset >>> 10) + 55296) + _fromCC((offset & 1023) + 56320);
+    case 3:
+      return _fromCC((15 & cccc.charCodeAt(0)) << 12 | (63 & cccc.charCodeAt(1)) << 6 | 63 & cccc.charCodeAt(2));
+    default:
+      return _fromCC((31 & cccc.charCodeAt(0)) << 6 | 63 & cccc.charCodeAt(1));
+  }
+};
+const btou = (b) => b.replace(re_btou, cb_btou);
+const atobPolyfill = (asc) => {
+  asc = asc.replace(/\s+/g, "");
+  if (!b64re.test(asc))
+    throw new TypeError("malformed base64.");
+  asc += "==".slice(2 - (asc.length & 3));
+  let u24, bin = "", r1, r2;
+  for (let i = 0; i < asc.length; ) {
+    u24 = b64tab[asc.charAt(i++)] << 18 | b64tab[asc.charAt(i++)] << 12 | (r1 = b64tab[asc.charAt(i++)]) << 6 | (r2 = b64tab[asc.charAt(i++)]);
+    bin += r1 === 64 ? _fromCC(u24 >> 16 & 255) : r2 === 64 ? _fromCC(u24 >> 16 & 255, u24 >> 8 & 255) : _fromCC(u24 >> 16 & 255, u24 >> 8 & 255, u24 & 255);
+  }
+  return bin;
+};
+const _atob = typeof atob === "function" ? (asc) => atob(_tidyB64(asc)) : _hasBuffer ? (asc) => Buffer.from(asc, "base64").toString("binary") : atobPolyfill;
+const _toUint8Array = _hasBuffer ? (a) => _U8Afrom(Buffer.from(a, "base64")) : (a) => _U8Afrom(_atob(a).split("").map((c) => c.charCodeAt(0)));
+const toUint8Array$1 = (a) => _toUint8Array(_unURI(a));
+const _decode = _hasBuffer ? (a) => Buffer.from(a, "base64").toString("utf8") : _TD ? (a) => _TD.decode(_toUint8Array(a)) : (a) => btou(_atob(a));
+const _unURI = (a) => _tidyB64(a.replace(/[-_]/g, (m0) => m0 == "-" ? "+" : "/"));
+const decode = (src) => _decode(_unURI(src));
+const isValid = (src) => {
+  if (typeof src !== "string")
+    return false;
+  const s = src.replace(/\s+/g, "").replace(/={0,2}$/, "");
+  return !/[^\s0-9a-zA-Z\+/]/.test(s) || !/[^\s0-9a-zA-Z\-_]/.test(s);
+};
+const _noEnum = (v2) => {
+  return {
+    value: v2,
+    enumerable: false,
+    writable: true,
+    configurable: true
+  };
+};
+const extendString = function() {
+  const _add = (name, body) => Object.defineProperty(String.prototype, name, _noEnum(body));
+  _add("fromBase64", function() {
+    return decode(this);
   });
-  copyObject(object, getAllKeysIn(object), result);
-  if (isDeep) {
-    result = baseClone(result, CLONE_DEEP_FLAG | CLONE_FLAT_FLAG | CLONE_SYMBOLS_FLAG, customOmitClone);
-  }
-  var length = paths.length;
-  while (length--) {
-    baseUnset(result, paths[length]);
+  _add("toBase64", function(urlsafe) {
+    return encode(this, urlsafe);
+  });
+  _add("toBase64URI", function() {
+    return encode(this, true);
+  });
+  _add("toBase64URL", function() {
+    return encode(this, true);
+  });
+  _add("toUint8Array", function() {
+    return toUint8Array$1(this);
+  });
+};
+const extendUint8Array = function() {
+  const _add = (name, body) => Object.defineProperty(Uint8Array.prototype, name, _noEnum(body));
+  _add("toBase64", function(urlsafe) {
+    return fromUint8Array(this, urlsafe);
+  });
+  _add("toBase64URI", function() {
+    return fromUint8Array(this, true);
+  });
+  _add("toBase64URL", function() {
+    return fromUint8Array(this, true);
+  });
+};
+const extendBuiltins = () => {
+  extendString();
+  extendUint8Array();
+};
+const gBase64 = {
+  version,
+  VERSION,
+  atob: _atob,
+  atobPolyfill,
+  btoa: _btoa,
+  btoaPolyfill,
+  fromBase64: decode,
+  toBase64: encode,
+  encode,
+  encodeURI,
+  encodeURL: encodeURI,
+  utob,
+  btou,
+  decode,
+  isValid,
+  fromUint8Array,
+  toUint8Array: toUint8Array$1,
+  extendString,
+  extendUint8Array,
+  extendBuiltins
+};
+function encodeHashToBase64(hash) {
+  return `u${gBase64.fromUint8Array(hash, true)}`;
+}
+const signingCredentials = /* @__PURE__ */ new Map();
+const getSigningCredentials = (cellId) => {
+  const cellIdB64 = encodeHashToBase64(cellId[0]).concat(encodeHashToBase64(cellId[1]));
+  return signingCredentials.get(cellIdB64);
+};
+const setSigningCredentials = (cellId, credentials) => {
+  const cellIdB64 = encodeHashToBase64(cellId[0]).concat(encodeHashToBase64(cellId[1]));
+  signingCredentials.set(cellIdB64, credentials);
+};
+const generateSigningKeyPair = async (agentPubKey) => {
+  await _sodium.ready;
+  const sodium = _sodium;
+  const keyPair = sodium.crypto_sign_keypair();
+  const locationBytes = [0, 0, 0, 0];
+  const signingKey = new Uint8Array([132, 32, 36].concat(...keyPair.publicKey).concat(...locationBytes));
+  return [keyPair, signingKey];
+};
+const randomCapSecret = async () => randomByteArray(64);
+const randomNonce = async () => randomByteArray(32);
+const randomByteArray = async (length) => {
+  if (globalThis.crypto && "getRandomValues" in globalThis.crypto) {
+    return globalThis.crypto.getRandomValues(new Uint8Array(length));
   }
-  return result;
-});
+  await _sodium.ready;
+  const sodium = _sodium;
+  return sodium.randombytes_buf(length);
+};
+const getNonceExpiration = () => (Date.now() + 5 * 60 * 1e3) * 1e3;
 var blake2b$1 = { exports: {} };
 var nanoassert$1 = assert$3;
 class AssertionError extends Error {
@@ -11789,572 +11389,980 @@ function blake2bCompress(ctx, last2) {
     v[i] = ctx.h[i];
     v[i + 16] = BLAKE2B_IV32[i];
   }
-  v[24] = v[24] ^ ctx.t;
-  v[25] = v[25] ^ ctx.t / 4294967296;
-  if (last2) {
-    v[28] = ~v[28];
-    v[29] = ~v[29];
+  v[24] = v[24] ^ ctx.t;
+  v[25] = v[25] ^ ctx.t / 4294967296;
+  if (last2) {
+    v[28] = ~v[28];
+    v[29] = ~v[29];
+  }
+  for (i = 0; i < 32; i++) {
+    m[i] = B2B_GET32(ctx.b, 4 * i);
+  }
+  for (i = 0; i < 12; i++) {
+    B2B_G(0, 8, 16, 24, SIGMA82[i * 16 + 0], SIGMA82[i * 16 + 1]);
+    B2B_G(2, 10, 18, 26, SIGMA82[i * 16 + 2], SIGMA82[i * 16 + 3]);
+    B2B_G(4, 12, 20, 28, SIGMA82[i * 16 + 4], SIGMA82[i * 16 + 5]);
+    B2B_G(6, 14, 22, 30, SIGMA82[i * 16 + 6], SIGMA82[i * 16 + 7]);
+    B2B_G(0, 10, 20, 30, SIGMA82[i * 16 + 8], SIGMA82[i * 16 + 9]);
+    B2B_G(2, 12, 22, 24, SIGMA82[i * 16 + 10], SIGMA82[i * 16 + 11]);
+    B2B_G(4, 14, 16, 26, SIGMA82[i * 16 + 12], SIGMA82[i * 16 + 13]);
+    B2B_G(6, 8, 18, 28, SIGMA82[i * 16 + 14], SIGMA82[i * 16 + 15]);
+  }
+  for (i = 0; i < 16; i++) {
+    ctx.h[i] = ctx.h[i] ^ v[i] ^ v[i + 16];
+  }
+}
+const parameter_block = new Uint8Array([
+  0,
+  0,
+  0,
+  0,
+  //  0: outlen, keylen, fanout, depth
+  0,
+  0,
+  0,
+  0,
+  //  4: leaf length, sequential mode
+  0,
+  0,
+  0,
+  0,
+  //  8: node offset
+  0,
+  0,
+  0,
+  0,
+  // 12: node offset
+  0,
+  0,
+  0,
+  0,
+  // 16: node depth, inner length, rfu
+  0,
+  0,
+  0,
+  0,
+  // 20: rfu
+  0,
+  0,
+  0,
+  0,
+  // 24: rfu
+  0,
+  0,
+  0,
+  0,
+  // 28: rfu
+  0,
+  0,
+  0,
+  0,
+  // 32: salt
+  0,
+  0,
+  0,
+  0,
+  // 36: salt
+  0,
+  0,
+  0,
+  0,
+  // 40: salt
+  0,
+  0,
+  0,
+  0,
+  // 44: salt
+  0,
+  0,
+  0,
+  0,
+  // 48: personal
+  0,
+  0,
+  0,
+  0,
+  // 52: personal
+  0,
+  0,
+  0,
+  0,
+  // 56: personal
+  0,
+  0,
+  0,
+  0
+  // 60: personal
+]);
+function Blake2b(outlen, key, salt, personal) {
+  parameter_block.fill(0);
+  this.b = new Uint8Array(128);
+  this.h = new Uint32Array(16);
+  this.t = 0;
+  this.c = 0;
+  this.outlen = outlen;
+  parameter_block[0] = outlen;
+  if (key) parameter_block[1] = key.length;
+  parameter_block[2] = 1;
+  parameter_block[3] = 1;
+  if (salt) parameter_block.set(salt, 32);
+  if (personal) parameter_block.set(personal, 48);
+  for (let i = 0; i < 16; i++) {
+    this.h[i] = BLAKE2B_IV32[i] ^ B2B_GET32(parameter_block, i * 4);
+  }
+  if (key) {
+    blake2bUpdate(this, key);
+    this.c = 128;
+  }
+}
+Blake2b.prototype.update = function(input) {
+  assert(input instanceof Uint8Array, "input must be Uint8Array or Buffer");
+  blake2bUpdate(this, input);
+  return this;
+};
+Blake2b.prototype.digest = function(out) {
+  const buf = !out || out === "binary" || out === "hex" ? new Uint8Array(this.outlen) : out;
+  assert(buf instanceof Uint8Array, 'out must be "binary", "hex", Uint8Array, or Buffer');
+  assert(buf.length >= this.outlen, "out must have at least outlen bytes of space");
+  blake2bFinal(this, buf);
+  if (out === "hex") return hexSlice(buf);
+  return buf;
+};
+Blake2b.prototype.final = Blake2b.prototype.digest;
+Blake2b.ready = function(cb) {
+  b2wasm.ready(function() {
+    cb();
+  });
+};
+function blake2bUpdate(ctx, input) {
+  for (let i = 0; i < input.length; i++) {
+    if (ctx.c === 128) {
+      ctx.t += ctx.c;
+      blake2bCompress(ctx, false);
+      ctx.c = 0;
+    }
+    ctx.b[ctx.c++] = input[i];
+  }
+}
+function blake2bFinal(ctx, out) {
+  ctx.t += ctx.c;
+  while (ctx.c < 128) {
+    ctx.b[ctx.c++] = 0;
+  }
+  blake2bCompress(ctx, true);
+  for (let i = 0; i < ctx.outlen; i++) {
+    out[i] = ctx.h[i >> 2] >> 8 * (i & 3);
+  }
+  return out;
+}
+function hexSlice(buf) {
+  let str = "";
+  for (let i = 0; i < buf.length; i++) str += toHex(buf[i]);
+  return str;
+}
+function toHex(n) {
+  if (n < 16) return "0" + n.toString(16);
+  return n.toString(16);
+}
+const Proto = Blake2b;
+blake2b$1.exports = function createHash2(outlen, key, salt, personal, noAssert) {
+  if (noAssert !== true) {
+    assert(outlen >= BYTES_MIN, "outlen must be at least " + BYTES_MIN + ", was given " + outlen);
+    assert(outlen <= BYTES_MAX, "outlen must be at most " + BYTES_MAX + ", was given " + outlen);
+    if (key != null) {
+      assert(key instanceof Uint8Array, "key must be Uint8Array or Buffer");
+      assert(key.length >= KEYBYTES_MIN, "key must be at least " + KEYBYTES_MIN + ", was given " + key.length);
+      assert(key.length <= KEYBYTES_MAX, "key must be at most " + KEYBYTES_MAX + ", was given " + key.length);
+    }
+    if (salt != null) {
+      assert(salt instanceof Uint8Array, "salt must be Uint8Array or Buffer");
+      assert(salt.length === SALTBYTES, "salt must be exactly " + SALTBYTES + ", was given " + salt.length);
+    }
+    if (personal != null) {
+      assert(personal instanceof Uint8Array, "personal must be Uint8Array or Buffer");
+      assert(
+        personal.length === PERSONALBYTES,
+        "personal must be exactly " + PERSONALBYTES + ", was given " + personal.length
+      );
+    }
+  }
+  return new Proto(outlen, key, salt, personal);
+};
+blake2b$1.exports.ready = function(cb) {
+  b2wasm.ready(function() {
+    cb();
+  });
+};
+blake2b$1.exports.WASM_SUPPORTED = b2wasm.SUPPORTED;
+blake2b$1.exports.WASM_LOADED = false;
+b2wasm.ready(function(err) {
+  if (!err) {
+    blake2b$1.exports.WASM_LOADED = true;
+    blake2b$1.exports = b2wasm;
+  }
+});
+({
+  Agent: Uint8Array.from([132, 32, 36]),
+  Entry: Uint8Array.from([132, 33, 36]),
+  Dna: Uint8Array.from([132, 45, 36]),
+  Action: Uint8Array.from([132, 41, 36]),
+  External: Uint8Array.from([132, 47, 36])
+});
+class AppWebsocket {
+  client;
+  myPubKey;
+  installedAppId;
+  defaultTimeout;
+  emitter;
+  callZomeTransform;
+  cachedAppInfo;
+  appInfoRequester;
+  callZomeRequester;
+  provideMemproofRequester;
+  enableAppRequester;
+  createCloneCellRequester;
+  enableCloneCellRequester;
+  disableCloneCellRequester;
+  dumpNetworkStatsRequester;
+  dumpNetworkMetricsRequester;
+  getCountersigningSessionStateRequester;
+  abandonCountersigningSessionRequester;
+  publishCountersigningSessionRequester;
+  constructor(client, appInfo, callZomeTransform, defaultTimeout) {
+    this.client = client;
+    this.myPubKey = appInfo.agent_pub_key;
+    this.installedAppId = appInfo.installed_app_id;
+    this.defaultTimeout = defaultTimeout ?? DEFAULT_TIMEOUT;
+    this.callZomeTransform = callZomeTransform ?? defaultCallZomeTransform;
+    this.emitter = new Emittery();
+    this.cachedAppInfo = appInfo;
+    this.appInfoRequester = AppWebsocket.requester(this.client, "app_info", this.defaultTimeout);
+    this.callZomeRequester = AppWebsocket.requester(this.client, "call_zome", this.defaultTimeout, this.callZomeTransform);
+    this.provideMemproofRequester = AppWebsocket.requester(this.client, "provide_memproofs", this.defaultTimeout);
+    this.enableAppRequester = AppWebsocket.requester(this.client, "enable_app", this.defaultTimeout);
+    this.createCloneCellRequester = AppWebsocket.requester(this.client, "create_clone_cell", this.defaultTimeout);
+    this.enableCloneCellRequester = AppWebsocket.requester(this.client, "enable_clone_cell", this.defaultTimeout);
+    this.disableCloneCellRequester = AppWebsocket.requester(this.client, "disable_clone_cell", this.defaultTimeout);
+    this.dumpNetworkStatsRequester = AppWebsocket.requester(this.client, "dump_network_stats", this.defaultTimeout);
+    this.dumpNetworkMetricsRequester = AppWebsocket.requester(this.client, "dump_network_metrics", this.defaultTimeout);
+    this.getCountersigningSessionStateRequester = AppWebsocket.requester(this.client, "get_countersigning_session_state", this.defaultTimeout);
+    this.abandonCountersigningSessionRequester = AppWebsocket.requester(this.client, "abandon_countersigning_session", this.defaultTimeout);
+    this.publishCountersigningSessionRequester = AppWebsocket.requester(this.client, "publish_countersigning_session", this.defaultTimeout);
+    Object.getOwnPropertyNames(Emittery.prototype).forEach((name) => {
+      const to_bind = this.emitter[name];
+      if (typeof to_bind === "function") {
+        this.emitter[name] = to_bind.bind(this.emitter);
+      }
+    });
+    this.client.on("signal", (signal) => {
+      this.emitter.emit("signal", signal).catch(console.error);
+    });
+  }
+  /**
+   * Instance factory for creating an {@link AppWebsocket}.
+   *
+   * @param token - A token to authenticate the websocket connection. Get a token using AdminWebsocket#issueAppAuthenticationToken.
+   * @param options - {@link (WebsocketConnectionOptions:interface)}
+   * @returns A new instance of an AppWebsocket.
+   */
+  static async connect(options = {}) {
+    const env = getLauncherEnvironment();
+    if (env?.APP_INTERFACE_PORT) {
+      options.url = new URL(`ws://localhost:${env.APP_INTERFACE_PORT}`);
+    }
+    if (!options.url) {
+      throw new HolochainError("ConnectionUrlMissing", `unable to connect to Conductor API - no url provided and not in a launcher environment.`);
+    }
+    const client = await WsClient.connect(options.url, options.wsClientOptions);
+    const token = options.token ?? env?.APP_INTERFACE_TOKEN;
+    if (!token)
+      throw new HolochainError("AppAuthenticationTokenMissing", `unable to connect to Conductor API - no app authentication token provided.`);
+    await client.authenticate({ token });
+    const appInfo = await AppWebsocket.requester(client, "app_info", DEFAULT_TIMEOUT)(null);
+    if (!appInfo) {
+      throw new HolochainError("AppNotFound", `The app your connection token was issued for was not found. The app needs to be installed and enabled.`);
+    }
+    return new AppWebsocket(client, appInfo, options.callZomeTransform, options.defaultTimeout);
+  }
+  /**
+   * Request the app's info, including all cell infos.
+   *
+   * @param timeout - A timeout to override the default.
+   * @returns The app's {@link AppInfo}.
+   */
+  async appInfo(timeout2) {
+    const appInfo = await this.appInfoRequester(null, timeout2);
+    if (!appInfo) {
+      throw new HolochainError("AppNotFound", `App info not found. App needs to be installed and enabled.`);
+    }
+    this.cachedAppInfo = appInfo;
+    return appInfo;
+  }
+  /**
+   * Request network stats.
+   *
+   * @returns The conductor's {@link TransportStats}.
+   */
+  async dumpNetworkStats(timeout2) {
+    return await this.dumpNetworkStatsRequester(void 0, timeout2);
+  }
+  /**
+   * Request network metrics.
+   *
+   * @returns The {@link NetworkMetrics}.
+   */
+  async dumpNetworkMetrics(req, timeout2) {
+    return await this.dumpNetworkMetricsRequester(req, timeout2);
+  }
+  /**
+   * Provide membrane proofs for the app.
+   *
+   * @param memproofs - A map of {@link MembraneProof}s.
+   */
+  async provideMemproofs(memproofs) {
+    await this.provideMemproofRequester(memproofs);
+  }
+  /**
+   * Enable an app only if the app is in the `AppStatus::Disabled(DisabledAppReason::NotStartedAfterProvidingMemproofs)`
+   * state. Attempting to enable the app from other states (other than Running) will fail.
+   */
+  async enableApp() {
+    await this.enableAppRequester();
+  }
+  /**
+   * Get a cell id by its role name or clone id.
+   *
+   * @param roleName - The role name or clone id of the cell.
+   * @param appInfo - The app info containing all cell infos.
+   * @returns The cell id or throws an error if not found.
+   */
+  getCellIdFromRoleName(roleName, appInfo) {
+    if (isCloneId(roleName)) {
+      const baseRoleName = getBaseRoleNameFromCloneId(roleName);
+      if (!(baseRoleName in appInfo.cell_info)) {
+        throw new HolochainError("NoCellForRoleName", `no cell found with role_name ${roleName}`);
+      }
+      const cloneCell = appInfo.cell_info[baseRoleName].find((c) => c.type === CellType.Cloned && c.value.clone_id === roleName);
+      if (!cloneCell || cloneCell.type !== CellType.Cloned) {
+        throw new HolochainError("NoCellForCloneId", `no clone cell found with clone id ${roleName}`);
+      }
+      return cloneCell.value.cell_id;
+    }
+    if (!(roleName in appInfo.cell_info)) {
+      throw new HolochainError("NoCellForRoleName", `no cell found with role_name ${roleName}`);
+    }
+    const cell = appInfo.cell_info[roleName].find((c) => c.type === CellType.Provisioned);
+    if (!cell || cell.type !== CellType.Provisioned) {
+      throw new HolochainError("NoProvisionedCellForRoleName", `no provisioned cell found with role_name ${roleName}`);
+    }
+    return cell.value.cell_id;
+  }
+  /**
+   * Call a zome.
+   *
+   * @param request - The zome call arguments.
+   * @param timeout - A timeout to override the default.
+   * @returns The zome call's response.
+   */
+  async callZome(request, timeout2) {
+    if (!("provenance" in request)) {
+      request = {
+        ...request,
+        provenance: this.myPubKey
+      };
+    }
+    if ("role_name" in request && request.role_name) {
+      const appInfo = this.cachedAppInfo || await this.appInfo();
+      const cell_id = this.getCellIdFromRoleName(request.role_name, appInfo);
+      request = {
+        ...omit(request, "role_name"),
+        // Some problem here with the launcher with just the `cell_id`.
+        cell_id: [cell_id[0], cell_id[1]]
+      };
+    } else if (!("cell_id" in request)) {
+      throw new HolochainError("MissingRoleNameOrCellId", "callZome requires a role_name or cell_id argument");
+    }
+    return this.callZomeRequester(request, timeout2);
+  }
+  /**
+   * Clone an existing provisioned cell.
+   *
+   * @param args - Specify the cell to clone.
+   * @returns The created clone cell.
+   */
+  async createCloneCell(args) {
+    const clonedCell = this.createCloneCellRequester({
+      ...args
+    });
+    this.cachedAppInfo = void 0;
+    return clonedCell;
+  }
+  /**
+   * Enable a disabled clone cell.
+   *
+   * @param args - Specify the clone cell to enable.
+   * @returns The enabled clone cell.
+   */
+  async enableCloneCell(args) {
+    return this.enableCloneCellRequester({
+      ...args
+    });
+  }
+  /**
+   * Disable an enabled clone cell.
+   *
+   * @param args - Specify the clone cell to disable.
+   */
+  async disableCloneCell(args) {
+    return this.disableCloneCellRequester({
+      ...args
+    });
+  }
+  /**
+   * Get the state of a countersigning session.
+   */
+  async getCountersigningSessionState(args) {
+    return this.getCountersigningSessionStateRequester(args);
+  }
+  /**
+   * Abandon an unresolved countersigning session.
+   *
+   * If the current session has not been resolved automatically, it can be forcefully abandoned.
+   * A condition for this call to succeed is that at least one attempt has been made to resolve
+   * it automatically.
+   *
+   * # Returns
+   *
+   * [`AppResponse::CountersigningSessionAbandoned`]
+   *
+   * The session is marked for abandoning and the countersigning workflow was triggered. The session
+   * has not been abandoned yet.
+   *
+   * Upon successful abandoning the system signal [`SystemSignal::AbandonedCountersigning`] will
+   * be emitted and the session removed from state, so that [`AppRequest::GetCountersigningSessionState`]
+   * would return `None`.
+   *
+   * In the countersigning workflow it will first be attempted to resolve the session with incoming
+   * signatures of the countersigned entries, before force-abandoning the session. In a very rare event
+   * it could happen that in just the moment where the [`AppRequest::AbandonCountersigningSession`]
+   * is made, signatures for this session come in. If they are valid, the session will be resolved and
+   * published as usual. Should they be invalid, however, the flag to abandon the session is erased.
+   * In such cases this request can be retried until the session has been abandoned successfully.
+   *
+   * # Errors
+   *
+   * [`CountersigningError::WorkspaceDoesNotExist`] likely indicates that an invalid cell id was
+   * passed in to the call.
+   *
+   * [`CountersigningError::SessionNotFound`] when no ongoing session could be found for the provided
+   * cell id.
+   *
+   * [`CountersigningError::SessionNotUnresolved`] when an attempt to resolve the session
+   * automatically has not been made.
+   */
+  async abandonCountersigningSession(args) {
+    return this.abandonCountersigningSessionRequester(args);
+  }
+  /**
+   * Publish an unresolved countersigning session.
+   *
+   * If the current session has not been resolved automatically, it can be forcefully published.
+   * A condition for this call to succeed is that at least one attempt has been made to resolve
+   * it automatically.
+   *
+   * # Returns
+   *
+   * [`AppResponse::PublishCountersigningSessionTriggered`]
+   *
+   * The session is marked for publishing and the countersigning workflow was triggered. The session
+   * has not been published yet.
+   *
+   * Upon successful publishing the system signal [`SystemSignal::SuccessfulCountersigning`] will
+   * be emitted and the session removed from state, so that [`AppRequest::GetCountersigningSessionState`]
+   * would return `None`.
+   *
+   * In the countersigning workflow it will first be attempted to resolve the session with incoming
+   * signatures of the countersigned entries, before force-publishing the session. In a very rare event
+   * it could happen that in just the moment where the [`AppRequest::PublishCountersigningSession`]
+   * is made, signatures for this session come in. If they are valid, the session will be resolved and
+   * published as usual. Should they be invalid, however, the flag to publish the session is erased.
+   * In such cases this request can be retried until the session has been published successfully.
+   *
+   * # Errors
+   *
+   * [`CountersigningError::WorkspaceDoesNotExist`] likely indicates that an invalid cell id was
+   * passed in to the call.
+   *
+   * [`CountersigningError::SessionNotFound`] when no ongoing session could be found for the provided
+   * cell id.
+   *
+   * [`CountersigningError::SessionNotUnresolved`] when an attempt to resolve the session
+   * automatically has not been made.
+   */
+  async publishCountersigningSession(args) {
+    return this.publishCountersigningSessionRequester(args);
+  }
+  /**
+   * Register an event listener for signals.
+   *
+   * @param eventName - Event name to listen to (currently only "signal").
+   * @param listener - The function to call when event is triggered.
+   * @returns A function to unsubscribe the event listener.
+   */
+  on(eventName, listener) {
+    return this.emitter.on(eventName, listener);
+  }
+  static requester(client, tag, defaultTimeout, transformer) {
+    return requesterTransformer((req, timeout2) => promiseTimeout(client.request(req), tag, timeout2 || defaultTimeout).then(catchError), tag, transformer);
+  }
+}
+const defaultCallZomeTransform = {
+  input: async (request) => {
+    if ("signature" in request) {
+      return request;
+    }
+    const hostSigner = getHostZomeCallSigner();
+    if (hostSigner) {
+      return hostSigner.signZomeCall(request);
+    } else {
+      return signZomeCall(request);
+    }
+  },
+  output: (response) => msgpack.decode(response)
+};
+const signZomeCall = async (request) => {
+  const signingCredentialsForCell = getSigningCredentials(request.cell_id);
+  if (!signingCredentialsForCell) {
+    throw new HolochainError("NoSigningCredentialsForCell", `no signing credentials have been authorized for cell [${encodeHashToBase64(request.cell_id[0])}, ${encodeHashToBase64(request.cell_id[1])}]`);
+  }
+  const zome_call_params = {
+    cap_secret: signingCredentialsForCell.capSecret,
+    cell_id: request.cell_id,
+    zome_name: request.zome_name,
+    fn_name: request.fn_name,
+    provenance: signingCredentialsForCell.signingKey,
+    payload: msgpack.encode(request.payload),
+    nonce: await randomNonce(),
+    expires_at: getNonceExpiration()
+  };
+  const bytes = msgpack.encode(zome_call_params);
+  const bytesHash = new Uint8Array(jsSha512.sha512.array(bytes));
+  await _sodium.ready;
+  const sodium = _sodium;
+  const signature = sodium.crypto_sign(bytesHash, signingCredentialsForCell.keyPair.privateKey).subarray(0, sodium.crypto_sign_BYTES);
+  const signedZomeCall = {
+    bytes,
+    signature
+  };
+  return signedZomeCall;
+};
+class WsClient extends Emittery {
+  socket;
+  url;
+  options;
+  pendingRequests;
+  index;
+  authenticationToken;
+  constructor(socket, url2, options) {
+    super();
+    this.registerMessageListener(socket);
+    this.registerCloseListener(socket);
+    this.socket = socket;
+    this.url = url2;
+    this.options = options || {};
+    this.pendingRequests = {};
+    this.index = 0;
+  }
+  /**
+   * Instance factory for creating WsClients.
+   *
+   * @param url - The WebSocket URL to connect to.
+   * @param options - Options for the WsClient.
+   * @returns An new instance of the WsClient.
+   */
+  static connect(url2, options) {
+    return new Promise((resolve, reject) => {
+      const socket = new IsoWebSocket(url2, options);
+      socket.addEventListener("error", (errorEvent) => {
+        reject(new HolochainError("ConnectionError", `could not connect to Holochain Conductor API at ${url2} - ${errorEvent.error}`));
+      });
+      socket.addEventListener("open", (_) => {
+        const client = new WsClient(socket, url2, options);
+        resolve(client);
+      }, { once: true });
+    });
+  }
+  /**
+   * Sends data as a signal.
+   *
+   * @param data - Data to send.
+   */
+  emitSignal(data) {
+    const encodedMsg = msgpack.encode({
+      type: "signal",
+      data: msgpack.encode(data)
+    });
+    this.socket.send(encodedMsg);
+  }
+  /**
+   * Authenticate the client with the conductor.
+   *
+   * This is only relevant for app websockets.
+   *
+   * @param request - The authentication request, containing an app authentication token.
+   */
+  async authenticate(request) {
+    this.authenticationToken = request.token;
+    return this.exchange(request, (request2, resolve, reject) => {
+      const invalidTokenCloseListener = (closeEvent) => {
+        this.authenticationToken = void 0;
+        reject(new HolochainError("InvalidTokenError", `could not connect to ${this.url} due to an invalid app authentication token - close code ${closeEvent.code}`));
+      };
+      this.socket.addEventListener("close", invalidTokenCloseListener, {
+        once: true
+      });
+      const encodedMsg = msgpack.encode({
+        type: "authenticate",
+        data: msgpack.encode(request2)
+      });
+      this.socket.send(encodedMsg);
+      setTimeout(() => {
+        this.socket.removeEventListener("close", invalidTokenCloseListener);
+        resolve(null);
+      }, 10);
+    });
   }
-  for (i = 0; i < 32; i++) {
-    m[i] = B2B_GET32(ctx.b, 4 * i);
+  /**
+   * Close the websocket connection.
+   */
+  close(code = 1e3) {
+    const closedPromise = new Promise((resolve) => this.socket.addEventListener("close", (closeEvent) => resolve(closeEvent), { once: true }));
+    this.socket.close(code);
+    return closedPromise;
   }
-  for (i = 0; i < 12; i++) {
-    B2B_G(0, 8, 16, 24, SIGMA82[i * 16 + 0], SIGMA82[i * 16 + 1]);
-    B2B_G(2, 10, 18, 26, SIGMA82[i * 16 + 2], SIGMA82[i * 16 + 3]);
-    B2B_G(4, 12, 20, 28, SIGMA82[i * 16 + 4], SIGMA82[i * 16 + 5]);
-    B2B_G(6, 14, 22, 30, SIGMA82[i * 16 + 6], SIGMA82[i * 16 + 7]);
-    B2B_G(0, 10, 20, 30, SIGMA82[i * 16 + 8], SIGMA82[i * 16 + 9]);
-    B2B_G(2, 12, 22, 24, SIGMA82[i * 16 + 10], SIGMA82[i * 16 + 11]);
-    B2B_G(4, 14, 16, 26, SIGMA82[i * 16 + 12], SIGMA82[i * 16 + 13]);
-    B2B_G(6, 8, 18, 28, SIGMA82[i * 16 + 14], SIGMA82[i * 16 + 15]);
+  /**
+   * Send requests to the connected websocket.
+   *
+   * @param request - The request to send over the websocket.
+   * @returns
+   */
+  async request(request) {
+    return this.exchange(request, this.sendMessage.bind(this));
   }
-  for (i = 0; i < 16; i++) {
-    ctx.h[i] = ctx.h[i] ^ v[i] ^ v[i + 16];
+  async exchange(request, sendHandler) {
+    if (this.socket.readyState === this.socket.OPEN) {
+      const promise = new Promise((resolve, reject) => {
+        sendHandler(request, resolve, reject);
+      });
+      return promise;
+    } else if (this.url && this.authenticationToken) {
+      await this.reconnectWebsocket(this.url, this.authenticationToken);
+      this.registerMessageListener(this.socket);
+      this.registerCloseListener(this.socket);
+      const promise = new Promise((resolve, reject) => sendHandler(request, resolve, reject));
+      return promise;
+    } else {
+      return Promise.reject(new HolochainError("WebsocketClosedError", "Websocket is not open"));
+    }
   }
-}
-const parameter_block = new Uint8Array([
-  0,
-  0,
-  0,
-  0,
-  //  0: outlen, keylen, fanout, depth
-  0,
-  0,
-  0,
-  0,
-  //  4: leaf length, sequential mode
-  0,
-  0,
-  0,
-  0,
-  //  8: node offset
-  0,
-  0,
-  0,
-  0,
-  // 12: node offset
-  0,
-  0,
-  0,
-  0,
-  // 16: node depth, inner length, rfu
-  0,
-  0,
-  0,
-  0,
-  // 20: rfu
-  0,
-  0,
-  0,
-  0,
-  // 24: rfu
-  0,
-  0,
-  0,
-  0,
-  // 28: rfu
-  0,
-  0,
-  0,
-  0,
-  // 32: salt
-  0,
-  0,
-  0,
-  0,
-  // 36: salt
-  0,
-  0,
-  0,
-  0,
-  // 40: salt
-  0,
-  0,
-  0,
-  0,
-  // 44: salt
-  0,
-  0,
-  0,
-  0,
-  // 48: personal
-  0,
-  0,
-  0,
-  0,
-  // 52: personal
-  0,
-  0,
-  0,
-  0,
-  // 56: personal
-  0,
-  0,
-  0,
-  0
-  // 60: personal
-]);
-function Blake2b(outlen, key, salt, personal) {
-  parameter_block.fill(0);
-  this.b = new Uint8Array(128);
-  this.h = new Uint32Array(16);
-  this.t = 0;
-  this.c = 0;
-  this.outlen = outlen;
-  parameter_block[0] = outlen;
-  if (key) parameter_block[1] = key.length;
-  parameter_block[2] = 1;
-  parameter_block[3] = 1;
-  if (salt) parameter_block.set(salt, 32);
-  if (personal) parameter_block.set(personal, 48);
-  for (let i = 0; i < 16; i++) {
-    this.h[i] = BLAKE2B_IV32[i] ^ B2B_GET32(parameter_block, i * 4);
+  sendMessage(request, resolve, reject) {
+    const id = this.index;
+    const encodedMsg = msgpack.encode({
+      id,
+      type: "request",
+      data: msgpack.encode(request)
+    });
+    this.socket.send(encodedMsg);
+    this.pendingRequests[id] = { resolve, reject };
+    this.index += 1;
   }
-  if (key) {
-    blake2bUpdate(this, key);
-    this.c = 128;
+  registerMessageListener(socket) {
+    socket.onmessage = async (serializedMessage) => {
+      let deserializedData;
+      if (globalThis.window && serializedMessage.data instanceof globalThis.window.Blob) {
+        deserializedData = await serializedMessage.data.arrayBuffer();
+      } else {
+        if (typeof Buffer !== "undefined" && Buffer.isBuffer(serializedMessage.data)) {
+          deserializedData = serializedMessage.data;
+        } else {
+          throw new HolochainError("UnknownMessageFormat", `incoming message has unknown message format - ${deserializedData}`);
+        }
+      }
+      const message = msgpack.decode(deserializedData);
+      assertHolochainMessage(message);
+      if (message.type === "signal") {
+        if (message.data === null) {
+          throw new HolochainError("UnknownSignalFormat", "incoming signal has no data");
+        }
+        const deserializedSignal = msgpack.decode(message.data);
+        assertHolochainSignal(deserializedSignal);
+        if (deserializedSignal.type === SignalType.System) {
+          this.emit("signal", {
+            type: SignalType.System,
+            value: deserializedSignal.value
+          });
+        } else {
+          const encodedAppSignal = deserializedSignal.value;
+          const payload = msgpack.decode(encodedAppSignal.signal);
+          const signal = {
+            cell_id: encodedAppSignal.cell_id,
+            zome_name: encodedAppSignal.zome_name,
+            payload
+          };
+          this.emit("signal", {
+            type: SignalType.App,
+            value: signal
+          });
+        }
+      } else if (message.type === "response") {
+        this.handleResponse(message);
+      } else {
+        throw new HolochainError("UnknownMessageType", `incoming message has unknown type - ${message.type}`);
+      }
+    };
   }
-}
-Blake2b.prototype.update = function(input) {
-  assert(input instanceof Uint8Array, "input must be Uint8Array or Buffer");
-  blake2bUpdate(this, input);
-  return this;
-};
-Blake2b.prototype.digest = function(out) {
-  const buf = !out || out === "binary" || out === "hex" ? new Uint8Array(this.outlen) : out;
-  assert(buf instanceof Uint8Array, 'out must be "binary", "hex", Uint8Array, or Buffer');
-  assert(buf.length >= this.outlen, "out must have at least outlen bytes of space");
-  blake2bFinal(this, buf);
-  if (out === "hex") return hexSlice(buf);
-  return buf;
-};
-Blake2b.prototype.final = Blake2b.prototype.digest;
-Blake2b.ready = function(cb) {
-  b2wasm.ready(function() {
-    cb();
-  });
-};
-function blake2bUpdate(ctx, input) {
-  for (let i = 0; i < input.length; i++) {
-    if (ctx.c === 128) {
-      ctx.t += ctx.c;
-      blake2bCompress(ctx, false);
-      ctx.c = 0;
+  registerCloseListener(socket) {
+    socket.addEventListener("close", (closeEvent) => {
+      const pendingRequestIds = Object.keys(this.pendingRequests).map((id) => parseInt(id));
+      if (pendingRequestIds.length) {
+        pendingRequestIds.forEach((id) => {
+          const error = new HolochainError("ClientClosedWithPendingRequests", `client closed with pending requests - close event code: ${closeEvent.code}, request id: ${id}`);
+          this.pendingRequests[id].reject(error);
+          delete this.pendingRequests[id];
+        });
+      }
+    }, { once: true });
+  }
+  async reconnectWebsocket(url2, token) {
+    return new Promise((resolve, reject) => {
+      this.socket = new IsoWebSocket(url2, this.options);
+      this.socket.addEventListener("error", (errorEvent) => {
+        this.authenticationToken = void 0;
+        reject(new HolochainError("ConnectionError", `could not connect to Holochain Conductor API at ${url2} - ${errorEvent.message}`));
+      }, { once: true });
+      const invalidTokenCloseListener = (closeEvent) => {
+        this.authenticationToken = void 0;
+        reject(new HolochainError("InvalidTokenError", `could not connect to ${this.url} due to an invalid app authentication token - close code ${closeEvent.code}`));
+      };
+      this.socket.addEventListener("close", invalidTokenCloseListener, {
+        once: true
+      });
+      this.socket.addEventListener("open", async (_) => {
+        const encodedMsg = msgpack.encode({
+          type: "authenticate",
+          data: msgpack.encode({ token })
+        });
+        this.socket.send(encodedMsg);
+        setTimeout(() => {
+          this.socket.removeEventListener("close", invalidTokenCloseListener);
+          resolve();
+        }, 10);
+      }, { once: true });
+    });
+  }
+  handleResponse(msg) {
+    const id = msg.id;
+    if (this.pendingRequests[id]) {
+      if (msg.data === null || msg.data === void 0) {
+        this.pendingRequests[id].reject(new Error("Response canceled by responder"));
+      } else {
+        this.pendingRequests[id].resolve(msgpack.decode(msg.data, {
+          mapKeyConverter: (key) => {
+            if (typeof key === "string" || typeof key === "number") {
+              return key;
+            }
+            if (key && typeof key === "object" && key instanceof Uint8Array) {
+              return encodeHashToBase64(key);
+            }
+            throw new HolochainError("DeserializationError", "Encountered map with key of type 'object', but not HoloHash " + key);
+          }
+        }));
+      }
+      delete this.pendingRequests[id];
+    } else {
+      console.error(`got response with no matching request. id = ${id} msg = ${msg}`);
     }
-    ctx.b[ctx.c++] = input[i];
   }
 }
-function blake2bFinal(ctx, out) {
-  ctx.t += ctx.c;
-  while (ctx.c < 128) {
-    ctx.b[ctx.c++] = 0;
-  }
-  blake2bCompress(ctx, true);
-  for (let i = 0; i < ctx.outlen; i++) {
-    out[i] = ctx.h[i >> 2] >> 8 * (i & 3);
+function assertHolochainMessage(message) {
+  if (typeof message === "object" && message !== null && "type" in message && "data" in message) {
+    return;
   }
-  return out;
-}
-function hexSlice(buf) {
-  let str = "";
-  for (let i = 0; i < buf.length; i++) str += toHex(buf[i]);
-  return str;
-}
-function toHex(n) {
-  if (n < 16) return "0" + n.toString(16);
-  return n.toString(16);
+  throw new HolochainError("UnknownMessageFormat", `incoming message has unknown message format ${JSON.stringify(message, null, 4)}`);
 }
-const Proto = Blake2b;
-blake2b$1.exports = function createHash2(outlen, key, salt, personal, noAssert) {
-  if (noAssert !== true) {
-    assert(outlen >= BYTES_MIN, "outlen must be at least " + BYTES_MIN + ", was given " + outlen);
-    assert(outlen <= BYTES_MAX, "outlen must be at most " + BYTES_MAX + ", was given " + outlen);
-    if (key != null) {
-      assert(key instanceof Uint8Array, "key must be Uint8Array or Buffer");
-      assert(key.length >= KEYBYTES_MIN, "key must be at least " + KEYBYTES_MIN + ", was given " + key.length);
-      assert(key.length <= KEYBYTES_MAX, "key must be at most " + KEYBYTES_MAX + ", was given " + key.length);
-    }
-    if (salt != null) {
-      assert(salt instanceof Uint8Array, "salt must be Uint8Array or Buffer");
-      assert(salt.length === SALTBYTES, "salt must be exactly " + SALTBYTES + ", was given " + salt.length);
-    }
-    if (personal != null) {
-      assert(personal instanceof Uint8Array, "personal must be Uint8Array or Buffer");
-      assert(
-        personal.length === PERSONALBYTES,
-        "personal must be exactly " + PERSONALBYTES + ", was given " + personal.length
-      );
-    }
-  }
-  return new Proto(outlen, key, salt, personal);
-};
-blake2b$1.exports.ready = function(cb) {
-  b2wasm.ready(function() {
-    cb();
-  });
-};
-blake2b$1.exports.WASM_SUPPORTED = b2wasm.SUPPORTED;
-blake2b$1.exports.WASM_LOADED = false;
-b2wasm.ready(function(err) {
-  if (!err) {
-    blake2b$1.exports.WASM_LOADED = true;
-    blake2b$1.exports = b2wasm;
+function assertHolochainSignal(signal) {
+  if (typeof signal === "object" && signal !== null && "type" in signal && "value" in signal && [SignalType.App, SignalType.System].some((type) => signal.type === type)) {
+    return;
   }
-});
-({
-  Agent: Uint8Array.from([132, 32, 36]),
-  Entry: Uint8Array.from([132, 33, 36]),
-  Dna: Uint8Array.from([132, 45, 36]),
-  Action: Uint8Array.from([132, 41, 36]),
-  External: Uint8Array.from([132, 47, 36])
-});
-class AppWebsocket {
+  throw new HolochainError("UnknownSignalFormat", `incoming signal has unknown signal format ${JSON.stringify(signal, null, 4)}`);
+}
+class AdminWebsocket {
+  /**
+   * The websocket client used for transporting requests and responses.
+   */
   client;
-  myPubKey;
-  installedAppId;
+  /**
+   * Default timeout for any request made over the websocket.
+   */
   defaultTimeout;
-  emitter;
-  callZomeTransform;
-  cachedAppInfo;
-  appInfoRequester;
-  callZomeRequester;
-  provideMemproofRequester;
-  enableAppRequester;
-  createCloneCellRequester;
-  enableCloneCellRequester;
-  disableCloneCellRequester;
-  dumpNetworkStatsRequester;
-  dumpNetworkMetricsRequester;
-  getCountersigningSessionStateRequester;
-  abandonCountersigningSessionRequester;
-  publishCountersigningSessionRequester;
-  constructor(client, appInfo, callZomeTransform, defaultTimeout) {
+  constructor(client, defaultTimeout) {
     this.client = client;
-    this.myPubKey = appInfo.agent_pub_key;
-    this.installedAppId = appInfo.installed_app_id;
-    this.defaultTimeout = defaultTimeout ?? DEFAULT_TIMEOUT;
-    this.callZomeTransform = callZomeTransform ?? defaultCallZomeTransform;
-    this.emitter = new Emittery();
-    this.cachedAppInfo = appInfo;
-    this.appInfoRequester = AppWebsocket.requester(this.client, "app_info", this.defaultTimeout);
-    this.callZomeRequester = AppWebsocket.requester(this.client, "call_zome", this.defaultTimeout, this.callZomeTransform);
-    this.provideMemproofRequester = AppWebsocket.requester(this.client, "provide_memproofs", this.defaultTimeout);
-    this.enableAppRequester = AppWebsocket.requester(this.client, "enable_app", this.defaultTimeout);
-    this.createCloneCellRequester = AppWebsocket.requester(this.client, "create_clone_cell", this.defaultTimeout);
-    this.enableCloneCellRequester = AppWebsocket.requester(this.client, "enable_clone_cell", this.defaultTimeout);
-    this.disableCloneCellRequester = AppWebsocket.requester(this.client, "disable_clone_cell", this.defaultTimeout);
-    this.dumpNetworkStatsRequester = AppWebsocket.requester(this.client, "dump_network_stats", this.defaultTimeout);
-    this.dumpNetworkMetricsRequester = AppWebsocket.requester(this.client, "dump_network_metrics", this.defaultTimeout);
-    this.getCountersigningSessionStateRequester = AppWebsocket.requester(this.client, "get_countersigning_session_state", this.defaultTimeout);
-    this.abandonCountersigningSessionRequester = AppWebsocket.requester(this.client, "abandon_countersigning_session", this.defaultTimeout);
-    this.publishCountersigningSessionRequester = AppWebsocket.requester(this.client, "publish_countersigning_session", this.defaultTimeout);
-    Object.getOwnPropertyNames(Emittery.prototype).forEach((name) => {
-      const to_bind = this.emitter[name];
-      if (typeof to_bind === "function") {
-        this.emitter[name] = to_bind.bind(this.emitter);
-      }
-    });
-    this.client.on("signal", (signal) => {
-      this.emitter.emit("signal", signal).catch(console.error);
-    });
+    this.defaultTimeout = defaultTimeout === void 0 ? DEFAULT_TIMEOUT : defaultTimeout;
   }
   /**
-   * Instance factory for creating an {@link AppWebsocket}.
+   * Factory mehtod to create a new instance connected to the given URL.
    *
-   * @param token - A token to authenticate the websocket connection. Get a token using AdminWebsocket#issueAppAuthenticationToken.
    * @param options - {@link (WebsocketConnectionOptions:interface)}
-   * @returns A new instance of an AppWebsocket.
+   * @returns A promise for a new connected instance.
    */
   static async connect(options = {}) {
     const env = getLauncherEnvironment();
-    if (env?.APP_INTERFACE_PORT) {
-      options.url = new URL(`ws://localhost:${env.APP_INTERFACE_PORT}`);
+    if (env?.ADMIN_INTERFACE_PORT) {
+      options.url = new URL(`ws://localhost:${env.ADMIN_INTERFACE_PORT}`);
     }
     if (!options.url) {
       throw new HolochainError("ConnectionUrlMissing", `unable to connect to Conductor API - no url provided and not in a launcher environment.`);
     }
-    const client = await WsClient.connect(options.url, options.wsClientOptions);
-    const token = options.token ?? env?.APP_INTERFACE_TOKEN;
-    if (!token)
-      throw new HolochainError("AppAuthenticationTokenMissing", `unable to connect to Conductor API - no app authentication token provided.`);
-    await client.authenticate({ token });
-    const appInfo = await AppWebsocket.requester(client, "app_info", DEFAULT_TIMEOUT)(null);
-    if (!appInfo) {
-      throw new HolochainError("AppNotFound", `The app your connection token was issued for was not found. The app needs to be installed and enabled.`);
-    }
-    return new AppWebsocket(client, appInfo, options.callZomeTransform, options.defaultTimeout);
+    const wsClient = await WsClient.connect(options.url, options.wsClientOptions);
+    return new AdminWebsocket(wsClient, options.defaultTimeout);
+  }
+  _requester(tag, transformer) {
+    return requesterTransformer((req, timeout2) => promiseTimeout(this.client.request(req), tag, timeout2 || this.defaultTimeout).then(catchError), tag, transformer);
   }
   /**
-   * Request the app's info, including all cell infos.
-   *
-   * @param timeout - A timeout to override the default.
-   * @returns The app's {@link AppInfo}.
+   * Send a request to open the given port for {@link AppWebsocket} connections.
    */
-  async appInfo(timeout2) {
-    const appInfo = await this.appInfoRequester(null, timeout2);
-    if (!appInfo) {
-      throw new HolochainError("AppNotFound", `App info not found. App needs to be installed and enabled.`);
-    }
-    this.cachedAppInfo = appInfo;
-    return appInfo;
-  }
+  attachAppInterface = this._requester("attach_app_interface");
   /**
-   * Request network stats.
-   *
-   * @returns The conductor's {@link TransportStats}.
+   * Enable a stopped app.
    */
-  async dumpNetworkStats(timeout2) {
-    return await this.dumpNetworkStatsRequester(void 0, timeout2);
-  }
+  enableApp = this._requester("enable_app");
   /**
-   * Request network metrics.
-   *
-   * @returns The {@link NetworkMetrics}.
+   * Disable a running app.
    */
-  async dumpNetworkMetrics(req, timeout2) {
-    return await this.dumpNetworkMetricsRequester(req, timeout2);
-  }
+  disableApp = this._requester("disable_app");
   /**
-   * Provide membrane proofs for the app.
-   *
-   * @param memproofs - A map of {@link MembraneProof}s.
+   * Dump the state of the specified cell, including its source chain, as JSON.
    */
-  async provideMemproofs(memproofs) {
-    await this.provideMemproofRequester(memproofs);
-  }
+  dumpState = this._requester("dump_state", dumpStateTransform);
   /**
-   * Enable an app only if the app is in the `AppStatus::Disabled(DisabledAppReason::NotStartedAfterProvidingMemproofs)`
-   * state. Attempting to enable the app from other states (other than Running) will fail.
+   * Dump the full state of the specified cell, including its chain and DHT
+   * shard, as JSON.
    */
-  async enableApp() {
-    await this.enableAppRequester();
-  }
+  dumpFullState = this._requester("dump_full_state");
   /**
-   * Get a cell id by its role name or clone id.
+   * Generate a new agent pub key.
+   */
+  generateAgentPubKey = this._requester("generate_agent_pub_key");
+  /**
+   * Generate a new agent pub key.
+   */
+  revokeAgentKey = this._requester("revoke_agent_key");
+  /**
+   * Register a DNA for later app installation.
    *
-   * @param roleName - The role name or clone id of the cell.
-   * @param appInfo - The app info containing all cell infos.
-   * @returns The cell id or throws an error if not found.
+   * Stores the given DNA into the Holochain DNA database and returns the hash of it.
+   */
+  registerDna = this._requester("register_dna");
+  /**
+   * Get the DNA definition for the specified DNA hash.
+   */
+  getDnaDefinition = this._requester("get_dna_definition");
+  /**
+   * Uninstall the specified app from Holochain.
+   */
+  uninstallApp = this._requester("uninstall_app");
+  /**
+   * Install the specified app into Holochain.
+   */
+  installApp = this._requester("install_app");
+  /**
+   * Update coordinators for an installed app.
+   */
+  updateCoordinators = this._requester("update_coordinators");
+  /**
+   * List all registered DNAs.
+   */
+  listDnas = this._requester("list_dnas");
+  /**
+   * List all installed cell ids.
    */
-  getCellIdFromRoleName(roleName, appInfo) {
-    if (isCloneId(roleName)) {
-      const baseRoleName = getBaseRoleNameFromCloneId(roleName);
-      if (!(baseRoleName in appInfo.cell_info)) {
-        throw new HolochainError("NoCellForRoleName", `no cell found with role_name ${roleName}`);
-      }
-      const cloneCell = appInfo.cell_info[baseRoleName].find((c) => c.type === CellType.Cloned && c.value.clone_id === roleName);
-      if (!cloneCell || cloneCell.type !== CellType.Cloned) {
-        throw new HolochainError("NoCellForCloneId", `no clone cell found with clone id ${roleName}`);
-      }
-      return cloneCell.value.cell_id;
-    }
-    if (!(roleName in appInfo.cell_info)) {
-      throw new HolochainError("NoCellForRoleName", `no cell found with role_name ${roleName}`);
-    }
-    const cell = appInfo.cell_info[roleName].find((c) => c.type === CellType.Provisioned);
-    if (!cell || cell.type !== CellType.Provisioned) {
-      throw new HolochainError("NoProvisionedCellForRoleName", `no provisioned cell found with role_name ${roleName}`);
-    }
-    return cell.value.cell_id;
-  }
+  listCellIds = this._requester("list_cell_ids");
   /**
-   * Call a zome.
-   *
-   * @param request - The zome call arguments.
-   * @param timeout - A timeout to override the default.
-   * @returns The zome call's response.
+   * List all installed apps.
    */
-  async callZome(request, timeout2) {
-    if (!("provenance" in request)) {
-      request = {
-        ...request,
-        provenance: this.myPubKey
-      };
-    }
-    if ("role_name" in request && request.role_name) {
-      const appInfo = this.cachedAppInfo || await this.appInfo();
-      const cell_id = this.getCellIdFromRoleName(request.role_name, appInfo);
-      request = {
-        ...omit(request, "role_name"),
-        // Some problem here with the launcher with just the `cell_id`.
-        cell_id: [cell_id[0], cell_id[1]]
-      };
-    } else if (!("cell_id" in request)) {
-      throw new HolochainError("MissingRoleNameOrCellId", "callZome requires a role_name or cell_id argument");
-    }
-    return this.callZomeRequester(request, timeout2);
-  }
+  listApps = this._requester("list_apps");
   /**
-   * Clone an existing provisioned cell.
-   *
-   * @param args - Specify the cell to clone.
-   * @returns The created clone cell.
+   * List all attached app interfaces.
    */
-  async createCloneCell(args) {
-    const clonedCell = this.createCloneCellRequester({
-      ...args
-    });
-    this.cachedAppInfo = void 0;
-    return clonedCell;
-  }
+  listAppInterfaces = this._requester("list_app_interfaces");
   /**
-   * Enable a disabled clone cell.
-   *
-   * @param args - Specify the clone cell to enable.
-   * @returns The enabled clone cell.
+   * Request all available info about an agent.
    */
-  async enableCloneCell(args) {
-    return this.enableCloneCellRequester({
-      ...args
-    });
-  }
+  agentInfo = this._requester("agent_info");
   /**
-   * Disable an enabled clone cell.
-   *
-   * @param args - Specify the clone cell to disable.
+   * Add an existing agent to Holochain.
    */
-  async disableCloneCell(args) {
-    return this.disableCloneCellRequester({
-      ...args
-    });
-  }
+  addAgentInfo = this._requester("add_agent_info");
   /**
-   * Get the state of a countersigning session.
+   * Delete a disabled clone cell.
    */
-  async getCountersigningSessionState(args) {
-    return this.getCountersigningSessionStateRequester(args);
-  }
+  deleteCloneCell = this._requester("delete_clone_cell");
   /**
-   * Abandon an unresolved countersigning session.
-   *
-   * If the current session has not been resolved automatically, it can be forcefully abandoned.
-   * A condition for this call to succeed is that at least one attempt has been made to resolve
-   * it automatically.
-   *
-   * # Returns
-   *
-   * [`AppResponse::CountersigningSessionAbandoned`]
-   *
-   * The session is marked for abandoning and the countersigning workflow was triggered. The session
-   * has not been abandoned yet.
-   *
-   * Upon successful abandoning the system signal [`SystemSignal::AbandonedCountersigning`] will
-   * be emitted and the session removed from state, so that [`AppRequest::GetCountersigningSessionState`]
-   * would return `None`.
-   *
-   * In the countersigning workflow it will first be attempted to resolve the session with incoming
-   * signatures of the countersigned entries, before force-abandoning the session. In a very rare event
-   * it could happen that in just the moment where the [`AppRequest::AbandonCountersigningSession`]
-   * is made, signatures for this session come in. If they are valid, the session will be resolved and
-   * published as usual. Should they be invalid, however, the flag to abandon the session is erased.
-   * In such cases this request can be retried until the session has been abandoned successfully.
-   *
-   * # Errors
-   *
-   * [`CountersigningError::WorkspaceDoesNotExist`] likely indicates that an invalid cell id was
-   * passed in to the call.
-   *
-   * [`CountersigningError::SessionNotFound`] when no ongoing session could be found for the provided
-   * cell id.
-   *
-   * [`CountersigningError::SessionNotUnresolved`] when an attempt to resolve the session
-   * automatically has not been made.
+   * Grant a zome call capability for an agent, to be used for signing zome
+   * calls.
    */
-  async abandonCountersigningSession(args) {
-    return this.abandonCountersigningSessionRequester(args);
-  }
+  grantZomeCallCapability = this._requester("grant_zome_call_capability");
+  storageInfo = this._requester("storage_info");
+  issueAppAuthenticationToken = this._requester("issue_app_authentication_token");
+  dumpNetworkStats = this._requester("dump_network_stats");
+  dumpNetworkMetrics = this._requester("dump_network_metrics");
+  // zome call signing related methods
   /**
-   * Publish an unresolved countersigning session.
-   *
-   * If the current session has not been resolved automatically, it can be forcefully published.
-   * A condition for this call to succeed is that at least one attempt has been made to resolve
-   * it automatically.
-   *
-   * # Returns
-   *
-   * [`AppResponse::PublishCountersigningSessionTriggered`]
-   *
-   * The session is marked for publishing and the countersigning workflow was triggered. The session
-   * has not been published yet.
-   *
-   * Upon successful publishing the system signal [`SystemSignal::SuccessfulCountersigning`] will
-   * be emitted and the session removed from state, so that [`AppRequest::GetCountersigningSessionState`]
-   * would return `None`.
-   *
-   * In the countersigning workflow it will first be attempted to resolve the session with incoming
-   * signatures of the countersigned entries, before force-publishing the session. In a very rare event
-   * it could happen that in just the moment where the [`AppRequest::PublishCountersigningSession`]
-   * is made, signatures for this session come in. If they are valid, the session will be resolved and
-   * published as usual. Should they be invalid, however, the flag to publish the session is erased.
-   * In such cases this request can be retried until the session has been published successfully.
-   *
-   * # Errors
-   *
-   * [`CountersigningError::WorkspaceDoesNotExist`] likely indicates that an invalid cell id was
-   * passed in to the call.
-   *
-   * [`CountersigningError::SessionNotFound`] when no ongoing session could be found for the provided
-   * cell id.
+   * Grant a capability for signing zome calls.
    *
-   * [`CountersigningError::SessionNotUnresolved`] when an attempt to resolve the session
-   * automatically has not been made.
+   * @param cellId - The cell to grant the capability for.
+   * @param functions - The zome functions to grant the capability for.
+   * @param signingKey - The assignee of the capability.
+   * @returns The cap secret of the created capability.
    */
-  async publishCountersigningSession(args) {
-    return this.publishCountersigningSessionRequester(args);
-  }
+  grantSigningKey = async (cellId, functions, signingKey) => {
+    const capSecret = await randomCapSecret();
+    await this.grantZomeCallCapability({
+      cell_id: cellId,
+      cap_grant: {
+        tag: "zome-call-signing-key",
+        functions,
+        access: {
+          type: "assigned",
+          value: {
+            secret: capSecret,
+            assignees: [signingKey]
+          }
+        }
+      }
+    });
+    return capSecret;
+  };
   /**
-   * Register an event listener for signals.
+   * Generate and authorize a new key pair for signing zome calls.
    *
-   * @param eventName - Event name to listen to (currently only "signal").
-   * @param listener - The function to call when event is triggered.
-   * @returns A function to unsubscribe the event listener.
+   * @param cellId - The cell id to create the capability grant for.
+   * @param functions - Zomes and functions to authorize the signing key for
+   * (optional). When no functions are specified, the capability will be
+   * granted for all zomes and functions.
    */
-  on(eventName, listener) {
-    return this.emitter.on(eventName, listener);
-  }
-  static requester(client, tag, defaultTimeout, transformer) {
-    return requesterTransformer((req, timeout2) => promiseTimeout(client.request(req), tag, timeout2 || defaultTimeout).then(catchError), tag, transformer);
-  }
+  authorizeSigningCredentials = async (cellId, functions) => {
+    const [keyPair, signingKey] = await generateSigningKeyPair();
+    const capSecret = await this.grantSigningKey(cellId, functions || { type: "all" }, signingKey);
+    setSigningCredentials(cellId, { capSecret, keyPair, signingKey });
+  };
 }
-const defaultCallZomeTransform = {
-  input: async (request) => {
-    if ("signature" in request) {
-      return request;
-    }
-    const hostSigner = getHostZomeCallSigner();
-    if (hostSigner) {
-      return hostSigner.signZomeCall(request);
-    } else {
-      return signZomeCall(request);
-    }
-  },
-  output: (response) => msgpack.decode(response)
-};
-const signZomeCall = async (request) => {
-  const signingCredentialsForCell = getSigningCredentials(request.cell_id);
-  if (!signingCredentialsForCell) {
-    throw new HolochainError("NoSigningCredentialsForCell", `no signing credentials have been authorized for cell [${encodeHashToBase64(request.cell_id[0])}, ${encodeHashToBase64(request.cell_id[1])}]`);
+const dumpStateTransform = {
+  input: (req) => req,
+  output: (res) => {
+    return JSON.parse(res);
   }
-  const zome_call_params = {
-    cap_secret: signingCredentialsForCell.capSecret,
-    cell_id: request.cell_id,
-    zome_name: request.zome_name,
-    fn_name: request.fn_name,
-    provenance: signingCredentialsForCell.signingKey,
-    payload: msgpack.encode(request.payload),
-    nonce: await randomNonce(),
-    expires_at: getNonceExpiration()
-  };
-  const bytes = msgpack.encode(zome_call_params);
-  const bytesHash = new Uint8Array(jsSha512.sha512.array(bytes));
-  await _sodium.ready;
-  const sodium = _sodium;
-  const signature = sodium.crypto_sign(bytesHash, signingCredentialsForCell.keyPair.privateKey).subarray(0, sodium.crypto_sign_BYTES);
-  const signedZomeCall = {
-    bytes,
-    signature
-  };
-  return signedZomeCall;
 };
 var ActionType;
 (function(ActionType2) {