@inco/js 0.1.31 → 0.1.33

package/dist/fhevm/fhevm.js

@@ -0,0 +1,139 @@
+import { createClient } from '@connectrpc/connect';
+import { createGrpcTransport } from '@connectrpc/connect-node';
+import { createPublicClient, createWalletClient, getContract, http, } from 'viem';
+import { privateKeyToAccount } from 'viem/accounts';
+import * as chains from 'viem/chains';
+import { normaliseToHex } from '../binary';
+import { gatewayContractAbi, kmsVerifierAbi } from '../generated/abis/inco-fhevm';
+import { Query } from '../generated/es/inco/fhe/v1/query_pb';
+import { createL1Client, createL1Wallet } from '../l1';
+import { getFheEnvironment } from './fhe-environment';
+// Create a public and wallet client for the given chain.
+export function createPublicWalletClient({ account, hostChainRpcUrl, chain, }) {
+    const transport = http(hostChainRpcUrl);
+    const publicClient = createPublicClient({
+        chain,
+        transport,
+    });
+    // const privateKey = await shell("cast wallet private-key --account sepolia_deployer --password ''");
+    // const account = privateKeyToAccount(mustBeHex(privateKey));
+    const walletClient = createWalletClient({
+        chain,
+        transport,
+        account,
+    });
+    return { public: publicClient, wallet: walletClient };
+}
+export function getFhevmDeployerClient({ deployer, hostChainRpcUrl, chain, }) {
+    const viemChain = getViemChain(chain.id);
+    const transport = http(hostChainRpcUrl);
+    const publicClient = createPublicClient({
+        chain: viemChain,
+        transport,
+    });
+    // const privateKey = await shell("cast wallet private-key --account sepolia_deployer --password ''");
+    // const account = privateKeyToAccount(mustBeHex(privateKey));
+    const walletClient = createWalletClient({
+        chain: viemChain,
+        transport,
+        account: deployer,
+    });
+    return { public: publicClient, wallet: walletClient };
+}
+export async function configureFhevmContracts({ chain, hostChain: { privateKeys, rpcUrl }, }) {
+    const deployer = privateKeyToAccount(normaliseToHex(privateKeys.deployer));
+    const relayer = privateKeyToAccount(normaliseToHex(privateKeys.relayer));
+    const kmsSigner = privateKeyToAccount(normaliseToHex(privateKeys.kmsSigner));
+    console.log(`Configuring FHE environment contracts on ${chain.name} with deployer ${deployer.address}, relayer ${relayer.address}, and KMS signer ${kmsSigner.address}...`);
+    const client = getFhevmDeployerClient({
+        hostChainRpcUrl: rpcUrl,
+        deployer,
+        chain,
+    });
+    const { gatewayAddress, kmsVerifierAddress } = getFheEnvironment(chain.id);
+    const gateway = getContract({
+        address: gatewayAddress,
+        abi: gatewayContractAbi,
+        client,
+    });
+    const kmsVerifier = getContract({
+        address: kmsVerifierAddress,
+        abi: kmsVerifierAbi,
+        client,
+    });
+    console.log(`Adding relayer ${relayer.address}...`);
+    let addRelayerTxReceipt = null;
+    let addKmsSignerTxReceipt = null;
+    const ErrAlreadyRelayer = 'Address is already relayer';
+    try {
+        const addRelayerTxHash = await gateway.write.addRelayer([relayer.address]);
+        addRelayerTxReceipt = await client.public.waitForTransactionReceipt({
+            hash: addRelayerTxHash,
+        });
+    }
+    catch (err) {
+        if (!err.message.includes(ErrAlreadyRelayer)) {
+            throw err;
+        }
+        console.log(`Relayer ${relayer.address} already added`);
+    }
+    console.log(`Adding KMS signer ${kmsSigner.address}...`);
+    const ErrAlreadySigner = 'Address is already a signer';
+    try {
+        const addKmsSignerTxHash = await kmsVerifier.write.addSigner([kmsSigner.address]);
+        addKmsSignerTxReceipt = await client.public.waitForTransactionReceipt({
+            hash: addKmsSignerTxHash,
+        });
+    }
+    catch (err) {
+        if (!err.message.includes(ErrAlreadySigner)) {
+            throw err;
+        }
+        console.log(`KMS signer ${kmsSigner.address} already added`);
+    }
+    return { addRelayerTxReceipt, addKmsSignerTxReceipt };
+}
+// Attempts to ensure the given Inco L1 has the FHE environment for the given chain/ACL registered.
+// based extracting from logs.
+export async function ensureFheEnvironmentRegistered({ l1, chain, }) {
+    console.log(`Ensuring FHE environment is registered on ${l1.grpcEndpoint} ...`);
+    const { aclAddress } = getFheEnvironment(chain.id);
+    const wallet = await createL1Wallet(l1.mnemonic);
+    const signingClient = await createL1Client({
+        cometRpcEndpoint: l1.cometRpcEndpoint,
+        grpcEndpoint: l1.grpcEndpoint,
+        wallet,
+    });
+    const transport = createGrpcTransport({ baseUrl: l1.grpcEndpoint });
+    const queryClient = createClient(Query, transport);
+    const [signingAccount] = await wallet.getAccounts();
+    const fheEnvArg = {
+        keysetId: aclAddress.slice(2),
+        hostChainId: `evm/${chain.id}`,
+        accessControl: undefined,
+    };
+    const NotFoundErrorMessage = 'collections: not found';
+    try {
+        const { fheEnv } = await queryClient.fheEnv(fheEnvArg);
+        console.log(`FHE environment already registered on ${chain.id} using ACL ${aclAddress} : ${JSON.stringify(fheEnv)} `);
+    }
+    catch (err) {
+        if (String(err).includes(NotFoundErrorMessage)) {
+            const tx = await signingClient.sendTx(signingAccount.address, '/inco.fhe.v1.MsgAddFheEnv', {
+                fheEnv: fheEnvArg,
+                authority: signingAccount.address,
+            });
+            console.log(tx);
+            return;
+        }
+        throw err;
+    }
+}
+function getViemChain(chainId) {
+    const found = Object.values(chains).find((chain) => chain.id === chainId);
+    if (!found) {
+        throw new Error(`could not find chain with id ${chainId}`);
+    }
+    return found;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZmhldm0uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmhldm0vZmhldm0udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHFCQUFxQixDQUFDO0FBQ25ELE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQy9ELE9BQU8sRUFHTCxrQkFBa0IsRUFDbEIsa0JBQWtCLEVBQ2xCLFdBQVcsRUFDWCxJQUFJLEdBS0wsTUFBTSxNQUFNLENBQUM7QUFDZCxPQUFPLEVBQUUsbUJBQW1CLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDcEQsT0FBTyxLQUFLLE1BQU0sTUFBTSxhQUFhLENBQUM7QUFDdEMsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUUzQyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsY0FBYyxFQUFFLE1BQU0sOEJBQThCLENBQUM7QUFDbEYsT0FBTyxFQUFFLEtBQUssRUFBRSxNQUFNLHNDQUFzQyxDQUFDO0FBQzdELE9BQU8sRUFBRSxjQUFjLEVBQUUsY0FBYyxFQUFFLE1BQU0sT0FBTyxDQUFDO0FBQ3ZELE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBT3RELHlEQUF5RDtBQUN6RCxNQUFNLFVBQVUsd0JBQXdCLENBQUMsRUFDdkMsT0FBTyxFQUNQLGVBQWUsRUFDZixLQUFLLEdBS047SUFDQyxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDeEMsTUFBTSxZQUFZLEdBQUcsa0JBQWtCLENBQTRCO1FBQ2pFLEtBQUs7UUFDTCxTQUFTO0tBQ1YsQ0FBQyxDQUFDO0lBQ0gsc0dBQXNHO0lBQ3RHLDhEQUE4RDtJQUM5RCxNQUFNLFlBQVksR0FBRyxrQkFBa0IsQ0FBQztRQUN0QyxLQUFLO1FBQ0wsU0FBUztRQUNULE9BQU87S0FDUixDQUFDLENBQUM7SUFFSCxPQUFPLEVBQUUsTUFBTSxFQUFFLFlBQVksRUFBRSxNQUFNLEVBQUUsWUFBWSxFQUFFLENBQUM7QUFDeEQsQ0FBQztBQUVELE1BQU0sVUFBVSxzQkFBc0IsQ0FBQyxFQUNyQyxRQUFRLEVBQ1IsZUFBZSxFQUNmLEtBQUssR0FLTjtJQUNDLE1BQU0sU0FBUyxHQUFHLFlBQVksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDekMsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ3hDLE1BQU0sWUFBWSxHQUFHLGtCQUFrQixDQUE0QjtRQUNqRSxLQUFLLEVBQUUsU0FBUztRQUNoQixTQUFTO0tBQ1YsQ0FBQyxDQUFDO0lBQ0gsc0dBQXNHO0lBQ3RHLDhEQUE4RDtJQUM5RCxNQUFNLFlBQVksR0FBRyxrQkFBa0IsQ0FBQztRQUN0QyxLQUFLLEVBQUUsU0FBUztRQUNoQixTQUFTO1FBQ1QsT0FBTyxFQUFFLFFBQVE7S0FDbEIsQ0FBQyxDQUFDO0lBRUgsT0FBTyxFQUFFLE1BQU0sRUFBRSxZQUFZLEVBQUUsTUFBTSxFQUFFLFlBQVksRUFBRSxDQUFDO0FBQ3hELENBQUM7QUFhRCxNQUFNLENBQUMsS0FBSyxVQUFVLHVCQUF1QixDQUFDLEVBQzVDLEtBQUssRUFDTCxTQUFTLEVBQUUsRUFBRSxXQUFXLEVBQUUsTUFBTSxFQUFFLEdBSW5DO0lBSUMsTUFBTSxRQUFRLEdBQUcsbUJBQW1CLENBQUMsY0FBYyxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDO0lBQzNFLE1BQU0sT0FBTyxHQUFHLG1CQUFtQixDQUFDLGNBQWMsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUN6RSxNQUFNLFNBQVMsR0FBRyxtQkFBbUIsQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUM7SUFDN0UsT0FBTyxDQUFDLEdBQUcsQ0FDVCw0Q0FBNEMsS0FBSyxDQUFDLElBQUksa0JBQWtCLFFBQVEsQ0FBQyxPQUFPLGFBQWEsT0FBTyxDQUFDLE9BQU8sb0JBQW9CLFNBQVMsQ0FBQyxPQUFPLEtBQUssQ0FDL0osQ0FBQztJQUNGLE1BQU0sTUFBTSxHQUFHLHNCQUFzQixDQUFDO1FBQ3BDLGVBQWUsRUFBRSxNQUFNO1FBQ3ZCLFFBQVE7UUFDUixLQUFLO0tBQ04sQ0FBQyxDQUFDO0lBQ0gsTUFBTSxFQUFFLGNBQWMsRUFBRSxrQkFBa0IsRUFBRSxHQUFHLGlCQUFpQixDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUMzRSxNQUFNLE9BQU8sR0FBRyxXQUFXLENBQUM7UUFDMUIsT0FBTyxFQUFFLGNBQWM7UUFDdkIsR0FBRyxFQUFFLGtCQUFrQjtRQUN2QixNQUFNO0tBQ1AsQ0FBQyxDQUFDO0lBRUgsTUFBTSxXQUFXLEdBQUcsV0FBVyxDQUFDO1FBQzlCLE9BQU8sRUFBRSxrQkFBa0I7UUFDM0IsR0FBRyxFQUFFLGNBQWM7UUFDbkIsTUFBTTtLQUNQLENBQUMsQ0FBQztJQUVILE9BQU8sQ0FBQyxHQUFHLENBQUMsa0JBQWtCLE9BQU8sQ0FBQyxPQUFPLEtBQUssQ0FBQyxDQUFDO0lBQ3BELElBQUksbUJBQW1CLEdBQThCLElBQUksQ0FBQztJQUMxRCxJQUFJLHFCQUFxQixHQUE4QixJQUFJLENBQUM7SUFDNUQsTUFBTSxpQkFBaUIsR0FBRyw0QkFBNEIsQ0FBQztJQUN2RCxJQUFJLENBQUM7UUFDSCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sT0FBTyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztRQUMzRSxtQkFBbUIsR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMseUJBQXlCLENBQUM7WUFDbEUsSUFBSSxFQUFFLGdCQUFnQjtTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBQUMsT0FBTyxHQUFRLEVBQUUsQ0FBQztRQUNsQixJQUFJLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUMsRUFBRSxDQUFDO1lBQzdDLE1BQU0sR0FBRyxDQUFDO1FBQ1osQ0FBQztRQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMsV0FBVyxPQUFPLENBQUMsT0FBTyxnQkFBZ0IsQ0FBQyxDQUFDO0lBQzFELENBQUM7SUFDRCxPQUFPLENBQUMsR0FBRyxDQUFDLHFCQUFxQixTQUFTLENBQUMsT0FBTyxLQUFLLENBQUMsQ0FBQztJQUN6RCxNQUFNLGdCQUFnQixHQUFHLDZCQUE2QixDQUFDO0lBQ3ZELElBQUksQ0FBQztRQUNILE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxXQUFXLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBQ2xGLHFCQUFxQixHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyx5QkFBeUIsQ0FBQztZQUNwRSxJQUFJLEVBQUUsa0JBQWtCO1NBQ3pCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFBQyxPQUFPLEdBQVEsRUFBRSxDQUFDO1FBQ2xCLElBQUksQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLENBQUM7WUFDNUMsTUFBTSxHQUFHLENBQUM7UUFDWixDQUFDO1FBQ0QsT0FBTyxDQUFDLEdBQUcsQ0FBQyxjQUFjLFNBQVMsQ0FBQyxPQUFPLGdCQUFnQixDQUFDLENBQUM7SUFDL0QsQ0FBQztJQUVELE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxxQkFBcUIsRUFBRSxDQUFDO0FBQ3hELENBQUM7QUFRRCxtR0FBbUc7QUFDbkcsOEJBQThCO0FBQzlCLE1BQU0sQ0FBQyxLQUFLLFVBQVUsOEJBQThCLENBQUMsRUFDbkQsRUFBRSxFQUNGLEtBQUssR0FJTjtJQUNDLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkNBQTZDLEVBQUUsQ0FBQyxZQUFZLE1BQU0sQ0FBQyxDQUFDO0lBQ2hGLE1BQU0sRUFBRSxVQUFVLEVBQUUsR0FBRyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDbkQsTUFBTSxNQUFNLEdBQUcsTUFBTSxjQUFjLENBQUMsRUFBRSxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ2pELE1BQU0sYUFBYSxHQUFHLE1BQU0sY0FBYyxDQUFDO1FBQ3pDLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxnQkFBZ0I7UUFDckMsWUFBWSxFQUFFLEVBQUUsQ0FBQyxZQUFZO1FBQzdCLE1BQU07S0FDUCxDQUFDLENBQUM7SUFDSCxNQUFNLFNBQVMsR0FBRyxtQkFBbUIsQ0FBQyxFQUFFLE9BQU8sRUFBRSxFQUFFLENBQUMsWUFBWSxFQUFFLENBQUMsQ0FBQztJQUNwRSxNQUFNLFdBQVcsR0FBRyxZQUFZLENBQUMsS0FBSyxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ25ELE1BQU0sQ0FBQyxjQUFjLENBQUMsR0FBRyxNQUFNLE1BQU0sQ0FBQyxXQUFXLEVBQUUsQ0FBQztJQUNwRCxNQUFNLFNBQVMsR0FBRztRQUNoQixRQUFRLEVBQUUsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7UUFDN0IsV0FBVyxFQUFFLE9BQU8sS0FBSyxDQUFDLEVBQUUsRUFBRTtRQUM5QixhQUFhLEVBQUUsU0FBUztLQUN6QixDQUFDO0lBQ0YsTUFBTSxvQkFBb0IsR0FBRyx3QkFBd0IsQ0FBQztJQUN0RCxJQUFJLENBQUM7UUFDSCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxXQUFXLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ3ZELE9BQU8sQ0FBQyxHQUFHLENBQ1QseUNBQXlDLEtBQUssQ0FBQyxFQUFFLGNBQWMsVUFBVSxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FDekcsQ0FBQztJQUNKLENBQUM7SUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1FBQ2IsSUFBSSxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDLG9CQUFvQixDQUFDLEVBQUUsQ0FBQztZQUMvQyxNQUFNLEVBQUUsR0FBRyxNQUFNLGFBQWEsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSwyQkFBMkIsRUFBRTtnQkFDekYsTUFBTSxFQUFFLFNBQVM7Z0JBQ2pCLFNBQVMsRUFBRSxjQUFjLENBQUMsT0FBTzthQUNsQyxDQUFDLENBQUM7WUFDSCxPQUFPLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2hCLE9BQU87UUFDVCxDQUFDO1FBQ0QsTUFBTSxHQUFHLENBQUM7SUFDWixDQUFDO0FBQ0gsQ0FBQztBQUVELFNBQVMsWUFBWSxDQUFDLE9BQWU7SUFDbkMsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLEtBQUssQ0FBQyxFQUFFLEtBQUssT0FBTyxDQUFDLENBQUM7SUFDMUUsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ1gsTUFBTSxJQUFJLEtBQUssQ0FBQyxnQ0FBZ0MsT0FBTyxFQUFFLENBQUMsQ0FBQztJQUM3RCxDQUFDO0lBQ0QsT0FBTyxLQUFLLENBQUM7QUFDZixDQUFDIn0=

package/dist/fhevm/index.js

@@ -0,0 +1,2 @@
+export * from './fhe-environment';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmhldm0vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxtQkFBbUIsQ0FBQyJ9

package/dist/fhevm/reencrypt.js

@@ -0,0 +1,123 @@
+import { Schema } from 'effect';
+import { cryptobox_get_pk, cryptobox_keygen, cryptobox_pk_to_u8vec, cryptobox_sk_to_u8vec, new_client, process_reencryption_resp_from_js, u8vec_to_cryptobox_pk, u8vec_to_cryptobox_sk, } from 'node-tkms';
+import { getAddress, hexToBigInt } from 'viem';
+import { bytesToBigInt, bytesToHex } from '../binary';
+import { bigintToPlaintext, encryptionSchemes, } from '../encryption/encryption';
+import { getHandleType } from '../handle';
+import { createEIP712Payload } from '../reencryption';
+import { parse } from '../schema';
+// The domain constants that Zama uses for reencrypts.
+const ZAMA_REENCRYPT_DOMAIN = {
+    name: 'Authorization token',
+    version: '1',
+    salt: undefined,
+};
+export async function zamaReencryptor({ chainId, gatewayUrl, walletClient, unsafeSkipVerifyKMSSignatures, contractAddress, kmsSigners, userAddress, }) {
+    const ephemeralKeypair = generateCryptoBoxEphemeralKeyPair();
+    // Sign the EIP712 attesting that the user has access to the private key
+    // corresponding to the ephemeral public key.
+    const eip712Payload = createEIP712Payload({
+        chainId,
+        primaryType: 'ReencryptionRequest',
+        primaryTypeFields: [{ name: 'publicKey', type: 'bytes' }],
+        message: {
+            publicKey: bytesToHex(ephemeralKeypair.encodePublicKey()),
+        },
+        domainName: ZAMA_REENCRYPT_DOMAIN.name,
+        domainVersion: ZAMA_REENCRYPT_DOMAIN.version,
+    });
+    // Using browser extensions, this step will prompt the user to sign the
+    // payload.
+    const eip712Signature = await walletClient.signTypedData(eip712Payload);
+    return async function reencrypt({ handle, }) {
+        const handleBigInt = hexToBigInt(handle);
+        const reencryptRequest = {
+            signature: eip712Signature.replace(/^(0x)/, ''),
+            client_address: getAddress(userAddress),
+            enc_key: bytesToHex(ephemeralKeypair.encodePublicKey()).replace(/^(0x)/, ''),
+            ciphertext_handle: handleBigInt.toString(16).padStart(64, '0'),
+            eip712_verifying_contract: getAddress(contractAddress),
+        };
+        const reencryptResponse = await makeReencryptRequest(reencryptRequest, gatewayUrl);
+        let pubKey;
+        let privKey;
+        try {
+            pubKey = u8vec_to_cryptobox_pk(ephemeralKeypair.publicKey);
+            privKey = u8vec_to_cryptobox_sk(ephemeralKeypair.privateKey);
+        }
+        catch (e) {
+            throw new Error(`Invalid public or private key: ${JSON.stringify(e)}`);
+        }
+        const client = new_client(kmsSigners, userAddress, 'default');
+        try {
+            const buffer = new ArrayBuffer(32);
+            const view = new DataView(buffer);
+            view.setUint32(28, Number(chainId), false);
+            const chainIdArrayBE = new Uint8Array(buffer);
+            // Duplicate reencryptRequest and replace ciphertext_handle with ciphertext_digest.
+            const { ciphertext_handle, ...p } = reencryptRequest;
+            // TODO (from Zama): check all ciphertext digests are all the same
+            const payloadForVerification = {
+                ...p,
+                ciphertext_digest: reencryptResponse.response[0].ciphertext_digest,
+            };
+            const decrypted = process_reencryption_resp_from_js(client, payloadForVerification, {
+                name: eip712Payload.domain.name,
+                version: eip712Payload.domain.version,
+                chain_id: chainIdArrayBE,
+                verifying_contract: eip712Payload.domain.verifyingContract,
+            }, reencryptResponse.response, pubKey, privKey, !unsafeSkipVerifyKMSSignatures);
+            return bigintToPlaintext(encryptionSchemes.cryptobox, getHandleType(handle), bytesToBigInt(decrypted));
+        }
+        catch (e) {
+            console.error(e);
+            throw new Error(`An error occurred during decryption: ${e}`);
+        }
+    };
+}
+// Generate a new ephemeral keypair for reencryption.
+export function generateCryptoBoxEphemeralKeyPair() {
+    const keypair = cryptobox_keygen();
+    const publicKey = cryptobox_pk_to_u8vec(cryptobox_get_pk(keypair));
+    return {
+        scheme: encryptionSchemes.cryptobox,
+        publicKey,
+        privateKey: cryptobox_sk_to_u8vec(keypair),
+        encodePublicKey() {
+            return publicKey;
+        },
+    };
+}
+// This is the response type of the reencrypt endpoint, defined on the
+// server-side in Zama's gateway. The response field is a vector of this struct
+// in Rust:
+// https://github.com/zama-ai/kms-core/blob/a3b824b389e87429d04537696e28dee902a3b2d9/blockchain/events/src/kms.rs#L985-L1003
+const ZamaGatewayReencryptResponse = Schema.Struct({
+    status: Schema.Union(Schema.Literal('success'), Schema.Literal('failure')),
+    response: Schema.Array(Schema.Struct({
+        ciphertext_digest: Schema.optional(Schema.String),
+        payload: Schema.String,
+        signature: Schema.String,
+    })),
+});
+// Make a HTTP request to the reencrypt endpoint of the gateway.
+async function makeReencryptRequest(request, gatewayUrl) {
+    const fetchOptions = {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(request),
+    };
+    const response = await fetch(`${gatewayUrl}/reencrypt`, fetchOptions);
+    if (!response.ok) {
+        throw new Error(`Reencrypt failed: gateway respond with HTTP code ${response.status}: ${JSON.stringify(await response.json())}`);
+    }
+    const json = await response.json();
+    const reencryptResponse = parse(ZamaGatewayReencryptResponse, json);
+    if (reencryptResponse.status === 'failure') {
+        throw new Error('Reencrypt failed: gateway responded with failure');
+    }
+    return reencryptResponse;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVlbmNyeXB0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2ZoZXZtL3JlZW5jcnlwdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sUUFBUSxDQUFDO0FBQ2hDLE9BQU8sRUFDTCxnQkFBZ0IsRUFDaEIsZ0JBQWdCLEVBQ2hCLHFCQUFxQixFQUNyQixxQkFBcUIsRUFDckIsVUFBVSxFQUNWLGlDQUFpQyxFQUNqQyxxQkFBcUIsRUFDckIscUJBQXFCLEdBQ3RCLE1BQU0sV0FBVyxDQUFDO0FBQ25CLE9BQU8sRUFBMkIsVUFBVSxFQUFFLFdBQVcsRUFBMkIsTUFBTSxNQUFNLENBQUM7QUFDakcsT0FBTyxFQUFFLGFBQWEsRUFBRSxVQUFVLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFDdEQsT0FBTyxFQUNMLGlCQUFpQixFQUVqQixpQkFBaUIsR0FHbEIsTUFBTSwwQkFBMEIsQ0FBQztBQUNsQyxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBRTFDLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBRXRELE9BQU8sRUFBRSxLQUFLLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFpQ2xDLHNEQUFzRDtBQUN0RCxNQUFNLHFCQUFxQixHQUFHO0lBQzVCLElBQUksRUFBRSxxQkFBcUI7SUFDM0IsT0FBTyxFQUFFLEdBQUc7SUFDWixJQUFJLEVBQUUsU0FBUztDQUNoQixDQUFDO0FBRUYsTUFBTSxDQUFDLEtBQUssVUFBVSxlQUFlLENBQUMsRUFDcEMsT0FBTyxFQUNQLFVBQVUsRUFDVixZQUFZLEVBQ1osNkJBQTZCLEVBQzdCLGVBQWUsRUFDZixVQUFVLEVBQ1YsV0FBVyxHQUNTO0lBQ3BCLE1BQU0sZ0JBQWdCLEdBQUcsaUNBQWlDLEVBQUUsQ0FBQztJQUU3RCx3RUFBd0U7SUFDeEUsNkNBQTZDO0lBQzdDLE1BQU0sYUFBYSxHQUFHLG1CQUFtQixDQUFDO1FBQ3hDLE9BQU87UUFDUCxXQUFXLEVBQUUscUJBQXFCO1FBQ2xDLGlCQUFpQixFQUFFLENBQUMsRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsQ0FBQztRQUN6RCxPQUFPLEVBQUU7WUFDUCxTQUFTLEVBQUUsVUFBVSxDQUFDLGdCQUFnQixDQUFDLGVBQWUsRUFBRSxDQUFDO1NBQzFEO1FBQ0QsVUFBVSxFQUFFLHFCQUFxQixDQUFDLElBQUk7UUFDdEMsYUFBYSxFQUFFLHFCQUFxQixDQUFDLE9BQU87S0FDN0MsQ0FBQyxDQUFDO0lBQ0gsdUVBQXVFO0lBQ3ZFLFdBQVc7SUFDWCxNQUFNLGVBQWUsR0FBRyxNQUFNLFlBQVksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLENBQUM7SUFFeEUsT0FBTyxLQUFLLFVBQVUsU0FBUyxDQUE2QixFQUMxRCxNQUFNLEdBQzhCO1FBQ3BDLE1BQU0sWUFBWSxHQUFHLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN6QyxNQUFNLGdCQUFnQixHQUFnQztZQUNwRCxTQUFTLEVBQUUsZUFBZSxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDO1lBQy9DLGNBQWMsRUFBRSxVQUFVLENBQUMsV0FBVyxDQUFDO1lBQ3ZDLE9BQU8sRUFBRSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsZUFBZSxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQztZQUM1RSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxFQUFFLEVBQUUsR0FBRyxDQUFDO1lBQzlELHlCQUF5QixFQUFFLFVBQVUsQ0FBQyxlQUFlLENBQUM7U0FDdkQsQ0FBQztRQUNGLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxvQkFBb0IsQ0FBQyxnQkFBZ0IsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUVuRixJQUFJLE1BQU0sQ0FBQztRQUNYLElBQUksT0FBTyxDQUFDO1FBQ1osSUFBSSxDQUFDO1lBQ0gsTUFBTSxHQUFHLHFCQUFxQixDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQzNELE9BQU8sR0FBRyxxQkFBcUIsQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUMvRCxDQUFDO1FBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUNYLE1BQU0sSUFBSSxLQUFLLENBQUMsa0NBQWtDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3pFLENBQUM7UUFFRCxNQUFNLE1BQU0sR0FBRyxVQUFVLENBQUMsVUFBVSxFQUFFLFdBQVcsRUFBRSxTQUFTLENBQUMsQ0FBQztRQUU5RCxJQUFJLENBQUM7WUFDSCxNQUFNLE1BQU0sR0FBRyxJQUFJLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNuQyxNQUFNLElBQUksR0FBRyxJQUFJLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUNsQyxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsRUFBRSxNQUFNLENBQUMsT0FBTyxDQUFDLEVBQUUsS0FBSyxDQUFDLENBQUM7WUFDM0MsTUFBTSxjQUFjLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDOUMsbUZBQW1GO1lBQ25GLE1BQU0sRUFBRSxpQkFBaUIsRUFBRSxHQUFHLENBQUMsRUFBRSxHQUFHLGdCQUFnQixDQUFDO1lBQ3JELGtFQUFrRTtZQUNsRSxNQUFNLHNCQUFzQixHQUFHO2dCQUM3QixHQUFHLENBQUM7Z0JBQ0osaUJBQWlCLEVBQUUsaUJBQWlCLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDLGlCQUFpQjthQUNuRSxDQUFDO1lBRUYsTUFBTSxTQUFTLEdBQUcsaUNBQWlDLENBQ2pELE1BQU0sRUFDTixzQkFBc0IsRUFDdEI7Z0JBQ0UsSUFBSSxFQUFFLGFBQWEsQ0FBQyxNQUFNLENBQUMsSUFBSTtnQkFDL0IsT0FBTyxFQUFFLGFBQWEsQ0FBQyxNQUFNLENBQUMsT0FBTztnQkFDckMsUUFBUSxFQUFFLGNBQWM7Z0JBQ3hCLGtCQUFrQixFQUFFLGFBQWEsQ0FBQyxNQUFNLENBQUMsaUJBQWlCO2FBQzNELEVBQ0QsaUJBQWlCLENBQUMsUUFBUSxFQUMxQixNQUFNLEVBQ04sT0FBTyxFQUNQLENBQUMsNkJBQTZCLENBQy9CLENBQUM7WUFFRixPQUFPLGlCQUFpQixDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsTUFBTSxDQUFNLEVBQUUsYUFBYSxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUM7UUFDOUcsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDWCxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMsd0NBQXdDLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDL0QsQ0FBQztJQUNILENBQUMsQ0FBQztBQUNKLENBQUM7QUFFRCxxREFBcUQ7QUFDckQsTUFBTSxVQUFVLGlDQUFpQztJQUMvQyxNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsRUFBRSxDQUFDO0lBQ25DLE1BQU0sU0FBUyxHQUFHLHFCQUFxQixDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7SUFDbkUsT0FBTztRQUNMLE1BQU0sRUFBRSxpQkFBaUIsQ0FBQyxTQUFTO1FBQ25DLFNBQVM7UUFDVCxVQUFVLEVBQUUscUJBQXFCLENBQUMsT0FBTyxDQUFDO1FBQzFDLGVBQWU7WUFDYixPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDO0tBQ0YsQ0FBQztBQUNKLENBQUM7QUFhRCxzRUFBc0U7QUFDdEUsK0VBQStFO0FBQy9FLFdBQVc7QUFDWCw0SEFBNEg7QUFDNUgsTUFBTSw0QkFBNEIsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO0lBQ2pELE1BQU0sRUFBRSxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUMxRSxRQUFRLEVBQUUsTUFBTSxDQUFDLEtBQUssQ0FDcEIsTUFBTSxDQUFDLE1BQU0sQ0FBQztRQUNaLGlCQUFpQixFQUFFLE1BQU0sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQztRQUNqRCxPQUFPLEVBQUUsTUFBTSxDQUFDLE1BQU07UUFDdEIsU0FBUyxFQUFFLE1BQU0sQ0FBQyxNQUFNO0tBQ3pCLENBQUMsQ0FDSDtDQUNGLENBQUMsQ0FBQztBQUlILGdFQUFnRTtBQUNoRSxLQUFLLFVBQVUsb0JBQW9CLENBQ2pDLE9BQW9DLEVBQ3BDLFVBQWtCO0lBRWxCLE1BQU0sWUFBWSxHQUFHO1FBQ25CLE1BQU0sRUFBRSxNQUFNO1FBQ2QsT0FBTyxFQUFFO1lBQ1AsY0FBYyxFQUFFLGtCQUFrQjtTQUNuQztRQUNELElBQUksRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQztLQUM5QixDQUFDO0lBRUYsTUFBTSxRQUFRLEdBQUcsTUFBTSxLQUFLLENBQUMsR0FBRyxVQUFVLFlBQVksRUFBRSxZQUFZLENBQUMsQ0FBQztJQUN0RSxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsRUFBRSxDQUFDO1FBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQ2Isb0RBQW9ELFFBQVEsQ0FBQyxNQUFNLEtBQUssSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLFFBQVEsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxFQUFFLENBQ2hILENBQUM7SUFDSixDQUFDO0lBRUQsTUFBTSxJQUFJLEdBQUcsTUFBTSxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDbkMsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsNEJBQTRCLEVBQUUsSUFBSSxDQUFDLENBQUM7SUFDcEUsSUFBSSxpQkFBaUIsQ0FBQyxNQUFNLEtBQUssU0FBUyxFQUFFLENBQUM7UUFDM0MsTUFBTSxJQUFJLEtBQUssQ0FBQyxrREFBa0QsQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFRCxPQUFPLGlCQUFpQixDQUFDO0FBQzNCLENBQUMifQ==

package/dist/fhevm/tfhe.js

@@ -0,0 +1,324 @@
+import { Decoder, RustType } from 'bincode-ts';
+import { Schema } from 'effect';
+import { CompactCiphertextList, CompactPkePublicParams, FheBool, FheTypes, FheUint256, FheUint64, ProvenCompactCiphertextList, set_server_key, TfheClientKey, TfheCompactPublicKey, TfheServerKey, ZkComputeLoad, } from 'node-tfhe';
+import { isAddress } from 'viem';
+import { asBytes32, bytesFromHexString, bytesToBigInt, bytesToHex } from '../binary';
+import { encryptionSchemes, getEncryptionSchemeName, } from '../encryption/encryption';
+import { computeHandle, computePrehandle, HANDLE_VERSION, handleTypes } from '../handle';
+import { parse } from '../schema';
+import { getHandleTypeFromFheType } from './types';
+// This code pulled and modifier from fhevmjs which currently is a relatively poor dependency to extend since it does
+//   not expose types correctly and does not export various modules
+// Handed down on a stone tablet from: https://github.com/zama-ai/fhevm-backend/blob/5a70c19a90671cfa4901413db9e162a65c4cf17a/fhevm-engine/fhevm-engine-common/src/utils.rs#L6-L7
+// We use fhevm-backend in KMS and compute services
+export const SERIALIZED_SIZE_LIMIT_CIPHERTEXT = BigInt(1024 * 1024 * 512);
+export const SERIALIZED_SIZE_LIMIT_PK = BigInt(1024 * 1024 * 512);
+export const SERIALIZED_SIZE_LIMIT_CRS = BigInt(1024 * 1024 * 512);
+export const ENCRYPTION_TYPES = {
+    1: 0, // ebool takes 2 encrypted bits
+    4: 1,
+    8: 2,
+    16: 3,
+    32: 4,
+    64: 5,
+    128: 6,
+    160: 7,
+    256: 8,
+    512: 9,
+    1024: 10,
+    2048: 11,
+};
+export function getTfheEncryptor(args) {
+    const publicKey = TfheCompactPublicKey.safe_deserialize(args.publicKey, SERIALIZED_SIZE_LIMIT_PK);
+    const publicParams = CompactPkePublicParams.safe_deserialize(args.crs2048, SERIALIZED_SIZE_LIMIT_CRS);
+    return async ({ context, plaintext, }) => {
+        if (plaintext.scheme !== encryptionSchemes.tfhe) {
+            throw new Error(`Plaintext with scheme ${getEncryptionSchemeName(plaintext.scheme)} cannot be encrypted with TFHE`);
+        }
+        const { aclAddress, userAddress, contractAddress, hostChainId } = context;
+        const input = createEncryptedInput(aclAddress, hostChainId, publicKey, { 2048: { publicParams } })(userAddress, contractAddress);
+        const encInput = await addPlaintextInput(input, plaintext).encrypt();
+        // FIXME: support multi-valued ciphertext properly
+        const prehandle = encInput.prehandles[0];
+        const handle = computeHandle({ prehandle, context });
+        return {
+            context,
+            // The '0x' prefix is required for bytes32 for correct json parsing in foundry, but avoided in ciphertext to avoid bytes-based encoding
+            // we may need
+            prehandle: asBytes32(prehandle),
+            handle: asBytes32(handle),
+            ciphertext: {
+                scheme: plaintext.scheme,
+                type: plaintext.type,
+                value: bytesToHex(encInput.ciphertext),
+            },
+        };
+    };
+}
+export function createEncryptedInput(aclContractAddress, chainId, tfheCompactPublicKey, publicParams) {
+    return (userAddress, contractAddress) => {
+        if (!isAddress(contractAddress)) {
+            throw new Error('Contract address is not a valid address.');
+        }
+        if (!isAddress(userAddress)) {
+            throw new Error('User address is not a valid address.');
+        }
+        const bits = [];
+        const builder = CompactCiphertextList.builder(tfheCompactPublicKey);
+        const checkLimit = (added) => {
+            if (bits.reduce((acc, val) => acc + Math.max(2, val), 0) + added > 2048) {
+                throw Error('Packing more than 2048 bits in a single input ciphertext is unsupported');
+            }
+            if (bits.length + 1 > 256)
+                throw Error('Packing more than 256 variables in a single input ciphertext is unsupported');
+        };
+        function checkEncryptedValue(value, bits) {
+            if (value == null)
+                throw new Error('Missing value');
+            let limit;
+            if (bits >= 8) {
+                limit = BigInt(`0x${new Array(bits / 8).fill(null).reduce((v) => `${v}ff`, '')}`);
+            }
+            else {
+                limit = BigInt(2 ** bits - 1);
+            }
+            if (value > limit) {
+                throw new Error(`The value exceeds the limit for ${bits}bits integer (${limit.toString()}).`);
+            }
+        }
+        return {
+            addBool(value) {
+                if (typeof value !== 'bigint' && Number(value) > 1)
+                    throw new Error('The value must be 1 or 0.');
+                checkEncryptedValue(Number(value), 1);
+                checkLimit(2);
+                builder.push_boolean(!!value);
+                bits.push(1); // ebool takes 2 encrypted bits
+                return this;
+            },
+            add4(value) {
+                checkEncryptedValue(value, 4);
+                checkLimit(4);
+                builder.push_u4(Number(value));
+                bits.push(4);
+                return this;
+            },
+            add8(value) {
+                checkEncryptedValue(value, 8);
+                checkLimit(8);
+                builder.push_u8(Number(value));
+                bits.push(8);
+                return this;
+            },
+            add16(value) {
+                checkEncryptedValue(value, 16);
+                checkLimit(16);
+                builder.push_u16(Number(value));
+                bits.push(16);
+                return this;
+            },
+            add32(value) {
+                checkEncryptedValue(value, 32);
+                checkLimit(32);
+                builder.push_u32(Number(value));
+                bits.push(32);
+                return this;
+            },
+            add64(value) {
+                checkEncryptedValue(value, 64);
+                checkLimit(64);
+                builder.push_u64(BigInt(value));
+                bits.push(64);
+                return this;
+            },
+            add128(value) {
+                checkEncryptedValue(value, 128);
+                checkLimit(128);
+                builder.push_u128(BigInt(value));
+                bits.push(128);
+                return this;
+            },
+            addAddress(value) {
+                if (!isAddress(value)) {
+                    throw new Error('The value must be a valid address.');
+                }
+                checkLimit(160);
+                builder.push_u160(BigInt(value));
+                bits.push(160);
+                return this;
+            },
+            add256(value) {
+                checkEncryptedValue(value, 256);
+                checkLimit(256);
+                builder.push_u256(BigInt(value));
+                bits.push(256);
+                return this;
+            },
+            addBytes64(value) {
+                if (value.length !== 64)
+                    throw Error('Incorrect length of input Uint8Array, should be 64 for an ebytes64');
+                const bigIntValue = bytesToBigInt(value);
+                checkEncryptedValue(bigIntValue, 512);
+                checkLimit(512);
+                builder.push_u512(bigIntValue);
+                bits.push(512);
+                return this;
+            },
+            addBytes128(value) {
+                if (value.length !== 128)
+                    throw Error('Incorrect length of input Uint8Array, should be 128 for an ebytes128');
+                const bigIntValue = bytesToBigInt(value);
+                checkEncryptedValue(bigIntValue, 1024);
+                checkLimit(1024);
+                builder.push_u1024(bigIntValue);
+                bits.push(1024);
+                return this;
+            },
+            addBytes256(value) {
+                if (value.length !== 256)
+                    throw Error('Incorrect length of input Uint8Array, should be 256 for an ebytes256');
+                const bigIntValue = bytesToBigInt(value);
+                checkEncryptedValue(bigIntValue, 2048);
+                checkLimit(2048);
+                builder.push_u2048(bigIntValue);
+                bits.push(2048);
+                return this;
+            },
+            getBits() {
+                return bits;
+            },
+            async encrypt() {
+                const getKeys = (obj) => Object.keys(obj);
+                const totalBits = bits.reduce((total, v) => total + v, 0);
+                const now = Date.now();
+                // const ppTypes = getKeys(publicParams);
+                const ppTypes = getKeys(publicParams);
+                const closestPP = ppTypes.find((k) => Number(k) >= totalBits);
+                if (!closestPP) {
+                    throw new Error(`Too many bits in provided values. Maximum is ${ppTypes[ppTypes.length - 1]}.`);
+                }
+                const pp = publicParams[closestPP].publicParams;
+                const buffContract = bytesFromHexString(contractAddress);
+                const buffUser = bytesFromHexString(userAddress);
+                const buffAcl = bytesFromHexString(aclContractAddress);
+                const buffChainId = bytesFromHexString(chainId.toString(16));
+                const auxData = new Uint8Array(buffContract.length + buffUser.length + buffAcl.length + 32);
+                auxData.set(buffContract, 0);
+                auxData.set(buffUser, 20);
+                auxData.set(buffAcl, 40);
+                auxData.set(buffChainId, auxData.length - buffChainId.length);
+                const encrypted = builder.build_with_proof_packed(pp, auxData, ZkComputeLoad.Proof);
+                const ciphertext = Buffer.from(encrypted.safe_serialize(SERIALIZED_SIZE_LIMIT_CIPHERTEXT));
+                // These prehandles have the expected layout expected by verifyCiphertext
+                // including type and version metadata
+                const prehandles = [];
+                for (let i = 0; i < encrypted.len(); i++) {
+                    const handleType = getHandleTypeFromFheType(encrypted.get_kind_of(i));
+                    prehandles[i] = computePrehandle({
+                        ciphertext,
+                        handleType: handleType,
+                        handleVersion: HANDLE_VERSION,
+                        indexHandle: i,
+                    });
+                }
+                return {
+                    prehandles,
+                    ciphertext,
+                };
+            },
+        };
+    };
+}
+export function addPlaintextInput(input, plaintext) {
+    switch (plaintext.type) {
+        case handleTypes.ebool:
+            return input.addBool(plaintext.value);
+        case handleTypes.euint64:
+            return input.add64(plaintext.value);
+        case handleTypes.euint256:
+            return input.add256(plaintext.value);
+    }
+}
+// Decryption...
+export function getTfheDecryptor({ cks }) {
+    const clientKey = TfheClientKey.safe_deserialize(cks, SERIALIZED_SIZE_LIMIT_CIPHERTEXT);
+    const serverKey = TfheServerKey.new(clientKey);
+    set_server_key(serverKey);
+    return async ({ scheme, type, value, }) => {
+        if (scheme !== encryptionSchemes.tfhe) {
+            throw new Error(`Ciphertext with scheme ${getEncryptionSchemeName(scheme)} cannot be decrypted with TFHE`);
+        }
+        const handleType = type;
+        const ctBuf = bytesFromHexString(value);
+        const header = decodeTfheSerializationHeader(ctBuf);
+        // For now just support a singleton ciphertext list
+        if (header.name === ProvenCompactCiphertextListTypeName) {
+            const encrypted = ProvenCompactCiphertextList.safe_deserialize(ctBuf, SERIALIZED_SIZE_LIMIT_CIPHERTEXT);
+            const decrypted = encrypted.expand_without_verification();
+            const kind = decrypted.get_kind_of(0);
+            return fromCiphertextList(decrypted, clientKey);
+        }
+        const decryptor = decryptionClasses[handleType];
+        if (!decryptor) {
+            throw new Error(`Unsupported handle type: ${handleType}`);
+        }
+        const encrypted = decryptor.safe_deserialize(ctBuf, SERIALIZED_SIZE_LIMIT_CIPHERTEXT);
+        const decrypted = encrypted.decrypt(clientKey);
+        // First assign to unnarrowed plaintext to avoid concealing type
+        const plaintext = { scheme: encryptionSchemes.tfhe, type: handleType, value: decrypted };
+        return plaintext;
+    };
+}
+function fromCiphertextList(decrypted, clientKey) {
+    const kind = decrypted.get_kind_of(0);
+    const scheme = encryptionSchemes.tfhe;
+    switch (kind) {
+        case FheTypes.Bool:
+            return { scheme, type: handleTypes.ebool, value: decrypted.get_bool(0).decrypt(clientKey) };
+        case FheTypes.Uint64:
+            return { scheme, type: handleTypes.euint64, value: decrypted.get_uint64(0).decrypt(clientKey) };
+        case FheTypes.Uint256:
+            return { scheme, type: handleTypes.euint256, value: decrypted.get_uint256(0).decrypt(clientKey) };
+    }
+    throw new Error(`Unsupported kind: ${kind}`);
+}
+const decryptionClasses = {
+    [handleTypes.ebool]: FheBool,
+    [handleTypes.euint64]: FheUint64,
+    [handleTypes.euint256]: FheUint256,
+};
+var VersioningMode;
+(function (VersioningMode) {
+    VersioningMode[VersioningMode["Versioned"] = 0] = "Versioned";
+    VersioningMode[VersioningMode["Unversioned"] = 1] = "Unversioned";
+})(VersioningMode || (VersioningMode = {}));
+// Representation of (https://github.com/zama-ai/tfhe-rs/blob/8ee1bdd9a935e9f00c72238f2ff5220ccf77c850/tfhe/src/safe_serialization.rs#L75-L79):
+// struct SerializationHeader {
+//   header_version: Cow<'static, str>,
+//   versioning_mode: SerializationVersioningMode,
+//   name: Cow<'static, str>,
+// }
+export const SerializationHeader = RustType.Struct([
+    ['header_version', RustType.Str],
+    [
+        'versioning_mode',
+        RustType.Enum({ [VersioningMode.Versioned]: RustType.Str, [VersioningMode.Unversioned]: RustType.Str }),
+    ],
+    ['name', RustType.Str],
+]);
+// Output schema (note we currently strip the versioning_mode field because we do not care about it, only the name
+export const ProvenCompactCiphertextListTypeName = 'high_level_api::ProvenCompactCiphertextList';
+export const FheUintTypeName = 'high_level_api::FheUint';
+export const TfheSerialisationTypeName = Schema.Literal(ProvenCompactCiphertextListTypeName, FheUintTypeName);
+export const TfheSerializationHeader = Schema.Struct({
+    header_version: Schema.String,
+    // For now, we will accept any string to avoid having to define an exhaustive union above
+    name: Schema.Union(TfheSerialisationTypeName, Schema.String),
+});
+// Decode a serialisation header from a ciphertext or other bincode-serialised data from tfhe-rs
+export function decodeTfheSerializationHeader(buffer) {
+    const decoder = new Decoder();
+    const decoded = decoder.load(Uint8Array.from(buffer).buffer).decodeAs(SerializationHeader);
+    return parse(TfheSerializationHeader, decoded);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGZoZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9maGV2bS90ZmhlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sWUFBWSxDQUFDO0FBQy9DLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDaEMsT0FBTyxFQUNMLHFCQUFxQixFQUVyQixzQkFBc0IsRUFDdEIsT0FBTyxFQUNQLFFBQVEsRUFDUixVQUFVLEVBQ1YsU0FBUyxFQUNULDJCQUEyQixFQUMzQixjQUFjLEVBQ2QsYUFBYSxFQUNiLG9CQUFvQixFQUNwQixhQUFhLEVBQ2IsYUFBYSxHQUNkLE1BQU0sV0FBVyxDQUFDO0FBQ25CLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFDakMsT0FBTyxFQUFFLFNBQVMsRUFBRSxrQkFBa0IsRUFBRSxhQUFhLEVBQUUsVUFBVSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ3JGLE9BQU8sRUFHTCxpQkFBaUIsRUFHakIsdUJBQXVCLEdBTXhCLE1BQU0sMEJBQTBCLENBQUM7QUFDbEMsT0FBTyxFQUFFLGFBQWEsRUFBRSxnQkFBZ0IsRUFBRSxjQUFjLEVBQUUsV0FBVyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ3pGLE9BQU8sRUFBRSxLQUFLLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFDbEMsT0FBTyxFQUFFLHdCQUF3QixFQUFFLE1BQU0sU0FBUyxDQUFDO0FBRW5ELHFIQUFxSDtBQUNySCxtRUFBbUU7QUFFbkUsaUxBQWlMO0FBQ2pMLG1EQUFtRDtBQUNuRCxNQUFNLENBQUMsTUFBTSxnQ0FBZ0MsR0FBRyxNQUFNLENBQUMsSUFBSSxHQUFHLElBQUksR0FBRyxHQUFHLENBQUMsQ0FBQztBQUMxRSxNQUFNLENBQUMsTUFBTSx3QkFBd0IsR0FBRyxNQUFNLENBQUMsSUFBSSxHQUFHLElBQUksR0FBRyxHQUFHLENBQUMsQ0FBQztBQUNsRSxNQUFNLENBQUMsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLENBQUMsSUFBSSxHQUFHLElBQUksR0FBRyxHQUFHLENBQUMsQ0FBQztBQWtCbkUsTUFBTSxDQUFDLE1BQU0sZ0JBQWdCLEdBQUc7SUFDOUIsQ0FBQyxFQUFFLENBQUMsRUFBRSwrQkFBK0I7SUFDckMsQ0FBQyxFQUFFLENBQUM7SUFDSixDQUFDLEVBQUUsQ0FBQztJQUNKLEVBQUUsRUFBRSxDQUFDO0lBQ0wsRUFBRSxFQUFFLENBQUM7SUFDTCxFQUFFLEVBQUUsQ0FBQztJQUNMLEdBQUcsRUFBRSxDQUFDO0lBQ04sR0FBRyxFQUFFLENBQUM7SUFDTixHQUFHLEVBQUUsQ0FBQztJQUNOLEdBQUcsRUFBRSxDQUFDO0lBQ04sSUFBSSxFQUFFLEVBQUU7SUFDUixJQUFJLEVBQUUsRUFBRTtDQUNULENBQUM7QUF1QkYsTUFBTSxVQUFVLGdCQUFnQixDQUFDLElBQXVCO0lBQ3RELE1BQU0sU0FBUyxHQUFHLG9CQUFvQixDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsd0JBQXdCLENBQUMsQ0FBQztJQUNsRyxNQUFNLFlBQVksR0FBRyxzQkFBc0IsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLHlCQUF5QixDQUFDLENBQUM7SUFFdEcsT0FBTyxLQUFLLEVBQThCLEVBQ3hDLE9BQU8sRUFDUCxTQUFTLEdBQzZCLEVBQTJDLEVBQUU7UUFDbkYsSUFBSSxTQUFTLENBQUMsTUFBTSxLQUFLLGlCQUFpQixDQUFDLElBQUksRUFBRSxDQUFDO1lBQ2hELE1BQU0sSUFBSSxLQUFLLENBQ2IseUJBQXlCLHVCQUF1QixDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsZ0NBQWdDLENBQ25HLENBQUM7UUFDSixDQUFDO1FBQ0QsTUFBTSxFQUFFLFVBQVUsRUFBRSxXQUFXLEVBQUUsZUFBZSxFQUFFLFdBQVcsRUFBRSxHQUFHLE9BQU8sQ0FBQztRQUMxRSxNQUFNLEtBQUssR0FBRyxvQkFBb0IsQ0FBQyxVQUFVLEVBQUUsV0FBVyxFQUFFLFNBQVMsRUFBRSxFQUFFLElBQUksRUFBRSxFQUFFLFlBQVksRUFBRSxFQUFFLENBQUMsQ0FDaEcsV0FBVyxFQUNYLGVBQWUsQ0FDaEIsQ0FBQztRQUNGLE1BQU0sUUFBUSxHQUFHLE1BQU0saUJBQWlCLENBQUMsS0FBSyxFQUFFLFNBQVMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQ3JFLGtEQUFrRDtRQUNsRCxNQUFNLFNBQVMsR0FBRyxRQUFRLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRXpDLE1BQU0sTUFBTSxHQUFHLGFBQWEsQ0FBQyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ3JELE9BQU87WUFDTCxPQUFPO1lBQ1AsdUlBQXVJO1lBQ3ZJLGNBQWM7WUFDZCxTQUFTLEVBQUUsU0FBUyxDQUFDLFNBQVMsQ0FBQztZQUMvQixNQUFNLEVBQUUsU0FBUyxDQUFDLE1BQU0sQ0FBQztZQUN6QixVQUFVLEVBQUU7Z0JBQ1YsTUFBTSxFQUFFLFNBQVMsQ0FBQyxNQUFNO2dCQUN4QixJQUFJLEVBQUUsU0FBUyxDQUFDLElBQUk7Z0JBQ3BCLEtBQUssRUFBRSxVQUFVLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQzthQUN2QztTQUNGLENBQUM7SUFDSixDQUFDLENBQUM7QUFDSixDQUFDO0FBRUQsTUFBTSxVQUFVLG9CQUFvQixDQUNsQyxrQkFBMEIsRUFDMUIsT0FBZSxFQUNmLG9CQUEwQyxFQUMxQyxZQUEwQjtJQUUxQixPQUFPLENBQUMsV0FBVyxFQUFFLGVBQWUsRUFBRSxFQUFFO1FBQ3RDLElBQUksQ0FBQyxTQUFTLENBQUMsZUFBZSxDQUFDLEVBQUUsQ0FBQztZQUNoQyxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7UUFDOUQsQ0FBQztRQUNELElBQUksQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztZQUM1QixNQUFNLElBQUksS0FBSyxDQUFDLHNDQUFzQyxDQUFDLENBQUM7UUFDMUQsQ0FBQztRQUNELE1BQU0sSUFBSSxHQUFzQixFQUFFLENBQUM7UUFDbkMsTUFBTSxPQUFPLEdBQUcscUJBQXFCLENBQUMsT0FBTyxDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDcEUsTUFBTSxVQUFVLEdBQUcsQ0FBQyxLQUFhLEVBQUUsRUFBRTtZQUNuQyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLEVBQUUsQ0FBQyxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEdBQUcsS0FBSyxHQUFHLElBQUksRUFBRSxDQUFDO2dCQUN4RSxNQUFNLEtBQUssQ0FBQyx5RUFBeUUsQ0FBQyxDQUFDO1lBQ3pGLENBQUM7WUFDRCxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsQ0FBQyxHQUFHLEdBQUc7Z0JBQ3ZCLE1BQU0sS0FBSyxDQUFDLDZFQUE2RSxDQUFDLENBQUM7UUFDL0YsQ0FBQyxDQUFDO1FBQ0YsU0FBUyxtQkFBbUIsQ0FBQyxLQUFzQixFQUFFLElBQVk7WUFDL0QsSUFBSSxLQUFLLElBQUksSUFBSTtnQkFBRSxNQUFNLElBQUksS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1lBQ3BELElBQUksS0FBSyxDQUFDO1lBQ1YsSUFBSSxJQUFJLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ2QsS0FBSyxHQUFHLE1BQU0sQ0FBQyxLQUFLLElBQUksS0FBSyxDQUFDLElBQUksR0FBRyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNwRixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sS0FBSyxHQUFHLE1BQU0sQ0FBQyxDQUFDLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBQ2hDLENBQUM7WUFDRCxJQUFJLEtBQUssR0FBRyxLQUFLLEVBQUUsQ0FBQztnQkFDbEIsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsSUFBSSxpQkFBaUIsS0FBSyxDQUFDLFFBQVEsRUFBRSxJQUFJLENBQUMsQ0FBQztZQUNoRyxDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU87WUFDTCxPQUFPLENBQUMsS0FBZ0M7Z0JBQ3RDLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUSxJQUFJLE1BQU0sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDO29CQUFFLE1BQU0sSUFBSSxLQUFLLENBQUMsMkJBQTJCLENBQUMsQ0FBQztnQkFDakcsbUJBQW1CLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO2dCQUN0QyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ2QsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzlCLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQywrQkFBK0I7Z0JBQzdDLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUNELElBQUksQ0FBQyxLQUFzQjtnQkFDekIsbUJBQW1CLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDO2dCQUM5QixVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ2QsT0FBTyxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDL0IsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDYixPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFDRCxJQUFJLENBQUMsS0FBc0I7Z0JBQ3pCLG1CQUFtQixDQUFDLEtBQUssRUFBRSxDQUFDLENBQUMsQ0FBQztnQkFDOUIsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNkLE9BQU8sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7Z0JBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ2IsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO1lBQ0QsS0FBSyxDQUFDLEtBQXNCO2dCQUMxQixtQkFBbUIsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7Z0JBQy9CLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQztnQkFDZixPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO2dCQUNoQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUNkLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUNELEtBQUssQ0FBQyxLQUFzQjtnQkFDMUIsbUJBQW1CLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUMvQixVQUFVLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQ2YsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDaEMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztnQkFDZCxPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFDRCxLQUFLLENBQUMsS0FBc0I7Z0JBQzFCLG1CQUFtQixDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztnQkFDL0IsVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUNmLE9BQU8sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7Z0JBQ2hDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQ2QsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO1lBQ0QsTUFBTSxDQUFDLEtBQXNCO2dCQUMzQixtQkFBbUIsQ0FBQyxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUM7Z0JBQ2hDLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQztnQkFDaEIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDakMsSUFBSSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztnQkFDZixPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFDRCxVQUFVLENBQUMsS0FBYTtnQkFDdEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO29CQUN0QixNQUFNLElBQUksS0FBSyxDQUFDLG9DQUFvQyxDQUFDLENBQUM7Z0JBQ3hELENBQUM7Z0JBQ0QsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNoQixPQUFPLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO2dCQUNqQyxJQUFJLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNmLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUNELE1BQU0sQ0FBQyxLQUFzQjtnQkFDM0IsbUJBQW1CLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDO2dCQUNoQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQ2hCLE9BQU8sQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7Z0JBQ2pDLElBQUksQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQ2YsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO1lBQ0QsVUFBVSxDQUFDLEtBQWlCO2dCQUMxQixJQUFJLEtBQUssQ0FBQyxNQUFNLEtBQUssRUFBRTtvQkFBRSxNQUFNLEtBQUssQ0FBQyxvRUFBb0UsQ0FBQyxDQUFDO2dCQUMzRyxNQUFNLFdBQVcsR0FBRyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ3pDLG1CQUFtQixDQUFDLFdBQVcsRUFBRSxHQUFHLENBQUMsQ0FBQztnQkFDdEMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNoQixPQUFPLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUMvQixJQUFJLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNmLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUNELFdBQVcsQ0FBQyxLQUFpQjtnQkFDM0IsSUFBSSxLQUFLLENBQUMsTUFBTSxLQUFLLEdBQUc7b0JBQUUsTUFBTSxLQUFLLENBQUMsc0VBQXNFLENBQUMsQ0FBQztnQkFDOUcsTUFBTSxXQUFXLEdBQUcsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUN6QyxtQkFBbUIsQ0FBQyxXQUFXLEVBQUUsSUFBSSxDQUFDLENBQUM7Z0JBQ3ZDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDakIsT0FBTyxDQUFDLFVBQVUsQ0FBQyxXQUFXLENBQUMsQ0FBQztnQkFDaEMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDaEIsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO1lBQ0QsV0FBVyxDQUFDLEtBQWlCO2dCQUMzQixJQUFJLEtBQUssQ0FBQyxNQUFNLEtBQUssR0FBRztvQkFBRSxNQUFNLEtBQUssQ0FBQyxzRUFBc0UsQ0FBQyxDQUFDO2dCQUM5RyxNQUFNLFdBQVcsR0FBRyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ3pDLG1CQUFtQixDQUFDLFdBQVcsRUFBRSxJQUFJLENBQUMsQ0FBQztnQkFDdkMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNqQixPQUFPLENBQUMsVUFBVSxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUNoQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNoQixPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFDRCxPQUFPO2dCQUNMLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUNELEtBQUssQ0FBQyxPQUFPO2dCQUNYLE1BQU0sT0FBTyxHQUFHLENBQWUsR0FBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBbUIsQ0FBQztnQkFFN0UsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLEtBQUssR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQzFELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztnQkFDdkIseUNBQXlDO2dCQUN6QyxNQUFNLE9BQU8sR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUM7Z0JBQ3RDLE1BQU0sU0FBUyxHQUFnQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLElBQUksU0FBUyxDQUFDLENBQUM7Z0JBQzNGLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztvQkFDZixNQUFNLElBQUksS0FBSyxDQUFDLGdEQUFnRCxPQUFPLENBQUMsT0FBTyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQ2xHLENBQUM7Z0JBQ0QsTUFBTSxFQUFFLEdBQUcsWUFBWSxDQUFDLFNBQVMsQ0FBRSxDQUFDLFlBQVksQ0FBQztnQkFDakQsTUFBTSxZQUFZLEdBQUcsa0JBQWtCLENBQUMsZUFBZSxDQUFDLENBQUM7Z0JBQ3pELE1BQU0sUUFBUSxHQUFHLGtCQUFrQixDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUNqRCxNQUFNLE9BQU8sR0FBRyxrQkFBa0IsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLFdBQVcsR0FBRyxrQkFBa0IsQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQzdELE1BQU0sT0FBTyxHQUFHLElBQUksVUFBVSxDQUM1QixZQUFZLENBQUMsTUFBTSxHQUFHLFFBQVEsQ0FBQyxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sR0FBRyxFQUFFLENBQzVELENBQUM7Z0JBQ0YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQzdCLE9BQU8sQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUMxQixPQUFPLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsQ0FBQztnQkFDekIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsT0FBTyxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUMsTUFBTSxDQUFDLENBQUM7Z0JBQzlELE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQyxFQUFFLEVBQUUsT0FBTyxFQUFFLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDcEYsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLGdDQUFnQyxDQUFDLENBQUMsQ0FBQztnQkFFM0YseUVBQXlFO2dCQUN6RSxzQ0FBc0M7Z0JBQ3RDLE1BQU0sVUFBVSxHQUFpQixFQUFFLENBQUM7Z0JBQ3BDLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxTQUFTLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztvQkFDekMsTUFBTSxVQUFVLEdBQUcsd0JBQXdCLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO29CQUN0RSxVQUFVLENBQUMsQ0FBQyxDQUFDLEdBQUcsZ0JBQWdCLENBQUM7d0JBQy9CLFVBQVU7d0JBQ1YsVUFBVSxFQUFFLFVBQVU7d0JBQ3RCLGFBQWEsRUFBRSxjQUFjO3dCQUM3QixXQUFXLEVBQUUsQ0FBQztxQkFDZixDQUFDLENBQUM7Z0JBQ0wsQ0FBQztnQkFFRCxPQUFPO29CQUNMLFVBQVU7b0JBQ1YsVUFBVTtpQkFDWCxDQUFDO1lBQ0osQ0FBQztTQUNGLENBQUM7SUFDSixDQUFDLENBQUM7QUFDSixDQUFDO0FBRUQsTUFBTSxVQUFVLGlCQUFpQixDQUFDLEtBQWMsRUFBRSxTQUFvQjtJQUNwRSxRQUFRLFNBQVMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUN2QixLQUFLLFdBQVcsQ0FBQyxLQUFLO1lBQ3BCLE9BQU8sS0FBSyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDeEMsS0FBSyxXQUFXLENBQUMsT0FBTztZQUN0QixPQUFPLEtBQUssQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3RDLEtBQUssV0FBVyxDQUFDLFFBQVE7WUFDdkIsT0FBTyxLQUFLLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN6QyxDQUFDO0FBQ0gsQ0FBQztBQUVELGdCQUFnQjtBQUVoQixNQUFNLFVBQVUsZ0JBQWdCLENBQUMsRUFBRSxHQUFHLEVBQXFCO0lBQ3pELE1BQU0sU0FBUyxHQUFHLGFBQWEsQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHLEVBQUUsZ0NBQWdDLENBQUMsQ0FBQztJQUN4RixNQUFNLFNBQVMsR0FBRyxhQUFhLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQy9DLGNBQWMsQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUUxQixPQUFPLEtBQUssRUFBOEIsRUFDeEMsTUFBTSxFQUNOLElBQUksRUFDSixLQUFLLEdBQ3VCLEVBQXVDLEVBQUU7UUFDckUsSUFBSSxNQUFNLEtBQUssaUJBQWlCLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDdEMsTUFBTSxJQUFJLEtBQUssQ0FBQywwQkFBMEIsdUJBQXVCLENBQUMsTUFBTSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7UUFDN0csQ0FBQztRQUNELE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQztRQUN4QixNQUFNLEtBQUssR0FBRyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUN4QyxNQUFNLE1BQU0sR0FBRyw2QkFBNkIsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNwRCxtREFBbUQ7UUFDbkQsSUFBSSxNQUFNLENBQUMsSUFBSSxLQUFLLG1DQUFtQyxFQUFFLENBQUM7WUFDeEQsTUFBTSxTQUFTLEdBQUcsMkJBQTJCLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxFQUFFLGdDQUFnQyxDQUFDLENBQUM7WUFDeEcsTUFBTSxTQUFTLEdBQUcsU0FBUyxDQUFDLDJCQUEyQixFQUFFLENBQUM7WUFDMUQsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUN0QyxPQUFPLGtCQUFrQixDQUFDLFNBQVMsRUFBRSxTQUFTLENBQStCLENBQUM7UUFDaEYsQ0FBQztRQUNELE1BQU0sU0FBUyxHQUFHLGlCQUFpQixDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ2hELElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNmLE1BQU0sSUFBSSxLQUFLLENBQUMsNEJBQTRCLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFDNUQsQ0FBQztRQUNELE1BQU0sU0FBUyxHQUFHLFNBQVMsQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLEVBQUUsZ0NBQWdDLENBQUMsQ0FBQztRQUN0RixNQUFNLFNBQVMsR0FBRyxTQUFTLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQy9DLGdFQUFnRTtRQUNoRSxNQUFNLFNBQVMsR0FBYyxFQUFFLE1BQU0sRUFBRSxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFLENBQUM7UUFDcEcsT0FBTyxTQUF1QyxDQUFDO0lBQ2pELENBQUMsQ0FBQztBQUNKLENBQUM7QUFFRCxTQUFTLGtCQUFrQixDQUFDLFNBQXdDLEVBQUUsU0FBd0I7SUFDNUYsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUN0QyxNQUFNLE1BQU0sR0FBRyxpQkFBaUIsQ0FBQyxJQUFJLENBQUM7SUFDdEMsUUFBUSxJQUFJLEVBQUUsQ0FBQztRQUNiLEtBQUssUUFBUSxDQUFDLElBQUk7WUFDaEIsT0FBTyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsV0FBVyxDQUFDLEtBQUssRUFBRSxLQUFLLEVBQUUsU0FBUyxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztRQUM5RixLQUFLLFFBQVEsQ0FBQyxNQUFNO1lBQ2xCLE9BQU8sRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFdBQVcsQ0FBQyxPQUFPLEVBQUUsS0FBSyxFQUFFLFNBQVMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7UUFDbEcsS0FBSyxRQUFRLENBQUMsT0FBTztZQUNuQixPQUFPLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsUUFBUSxFQUFFLEtBQUssRUFBRSxTQUFTLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO0lBQ3RHLENBQUM7SUFDRCxNQUFNLElBQUksS0FBSyxDQUFDLHFCQUFxQixJQUFJLEVBQUUsQ0FBQyxDQUFDO0FBQy9DLENBQUM7QUFFRCxNQUFNLGlCQUFpQixHQUFHO0lBQ3hCLENBQUMsV0FBVyxDQUFDLEtBQUssQ0FBQyxFQUFFLE9BQU87SUFDNUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEVBQUUsU0FBUztJQUNoQyxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsRUFBRSxVQUFVO0NBQ2lCLENBQUM7QUFFdEQsSUFBSyxjQUdKO0FBSEQsV0FBSyxjQUFjO0lBQ2pCLDZEQUFTLENBQUE7SUFDVCxpRUFBVyxDQUFBO0FBQ2IsQ0FBQyxFQUhJLGNBQWMsS0FBZCxjQUFjLFFBR2xCO0FBRUQsK0lBQStJO0FBQy9JLCtCQUErQjtBQUMvQix1Q0FBdUM7QUFDdkMsa0RBQWtEO0FBQ2xELDZCQUE2QjtBQUM3QixJQUFJO0FBQ0osTUFBTSxDQUFDLE1BQU0sbUJBQW1CLEdBQUcsUUFBUSxDQUFDLE1BQU0sQ0FBQztJQUNqRCxDQUFDLGdCQUFnQixFQUFFLFFBQVEsQ0FBQyxHQUFHLENBQUM7SUFDaEM7UUFDRSxpQkFBaUI7UUFDakIsUUFBUSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxHQUFHLEVBQUUsQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLEVBQUUsUUFBUSxDQUFDLEdBQUcsRUFBRSxDQUFDO0tBQ3hHO0lBQ0QsQ0FBQyxNQUFNLEVBQUUsUUFBUSxDQUFDLEdBQUcsQ0FBQztDQUN2QixDQUFDLENBQUM7QUFFSCxrSEFBa0g7QUFDbEgsTUFBTSxDQUFDLE1BQU0sbUNBQW1DLEdBQUcsNkNBQTZDLENBQUM7QUFDakcsTUFBTSxDQUFDLE1BQU0sZUFBZSxHQUFHLHlCQUF5QixDQUFDO0FBQ3pELE1BQU0sQ0FBQyxNQUFNLHlCQUF5QixHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsbUNBQW1DLEVBQUUsZUFBZSxDQUFDLENBQUM7QUFJOUcsTUFBTSxDQUFDLE1BQU0sdUJBQXVCLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQztJQUNuRCxjQUFjLEVBQUUsTUFBTSxDQUFDLE1BQU07SUFDN0IseUZBQXlGO0lBQ3pGLElBQUksRUFBRSxNQUFNLENBQUMsS0FBSyxDQUFDLHlCQUF5QixFQUFFLE1BQU0sQ0FBQyxNQUFNLENBQUM7Q0FDN0QsQ0FBQyxDQUFDO0FBSUgsZ0dBQWdHO0FBQ2hHLE1BQU0sVUFBVSw2QkFBNkIsQ0FBQyxNQUFrQjtJQUM5RCxNQUFNLE9BQU8sR0FBRyxJQUFJLE9BQU8sRUFBRSxDQUFDO0lBQzlCLE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUMzRixPQUFPLEtBQUssQ0FBQyx1QkFBdUIsRUFBRSxPQUFPLENBQUMsQ0FBQztBQUNqRCxDQUFDIn0=