@inco/lightning-js 0.0.0-bootstrap.0

package/dist/cjs/local/local-node.js

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LocalNodeEnv = void 0;
+exports.parseLocalEnv = parseLocalEnv;
+const effect_1 = require("effect");
+const binary_js_1 = require("../binary.js");
+/**
+ * Schema for the environment variables required to connect to a local Inco node.
+ *
+ * Includes executor/sender addresses, keys, covalidator settings, and optional
+ * remote compute-server overrides. Typically populated from a `.env` file.
+ */
+exports.LocalNodeEnv = effect_1.Schema.Struct({
+    DEPLOYER_ADDRESS: binary_js_1.Address,
+    STATE_DUMP: effect_1.Schema.String,
+    EXECUTOR_ADDRESS: binary_js_1.Address,
+    // Empty if compute-server is remote
+    NETWORK_PUBKEY: effect_1.Schema.optional(binary_js_1.HexString),
+    SENDER_ADDRESS: binary_js_1.Address,
+    SENDER_PRIVATE_KEY: binary_js_1.HexString,
+    // Empty if compute-server is remote
+    EIP712_SIGNER_ADDRESS: effect_1.Schema.optional(binary_js_1.HexString),
+    PEPPER: effect_1.Schema.String,
+    // Empty if compute-server is remote
+    COVALIDATOR_NETWORK_PRIVATE_KEY: effect_1.Schema.optional(binary_js_1.HexString),
+    // Empty if compute-server is remote
+    COVALIDATOR_EIP712_PRIVATE_SIGNING_KEY: effect_1.Schema.optional(binary_js_1.HexString),
+    COVALIDATOR_INCO_EXECUTOR_ADDR: binary_js_1.Address,
+    COVALIDATOR_HOST_CHAIN_ID: effect_1.Schema.optional(effect_1.Schema.String),
+    COVALIDATOR_URL: effect_1.Schema.optional(effect_1.Schema.String),
+    COVALIDATOR_HOST_CHAIN_RPC_URL: effect_1.Schema.optional(effect_1.Schema.String),
+    COVALIDATOR_COMPUTE_TYPE: effect_1.Schema.optional(effect_1.Schema.String),
+    COVALIDATOR_STORAGE_KEY: effect_1.Schema.optional(binary_js_1.HexString),
+});
+/**
+ * Parses a dotenv-formatted string or `Buffer` into a validated {@link LocalNodeEnv}.
+ *
+ * Falls back to `process.env` when no argument is provided.
+ *
+ * @param envFileOrObj - A dotenv-formatted string, `Buffer`, or `undefined` to use `process.env`.
+ * @returns A validated `LocalNodeEnv` object.
+ * @throws If required environment variables are missing or invalid.
+ */
+function parseLocalEnv(envFileOrObj) {
+    const envObj = envFileOrObj ? readEnv(envFileOrObj) : process.env;
+    return effect_1.Schema.decodeUnknownSync(exports.LocalNodeEnv)(envObj);
+}
+function readEnv(envContent) {
+    return parseEnv(envContent.toString());
+}
+// Parse environment variables with support for variable substitutions and comments
+function parseEnv(envContent) {
+    let env = {};
+    const lines = envContent.split('\n');
+    // First pass: collect raw values
+    for (const line of lines) {
+        const trimmedLine = line.trim();
+        if (trimmedLine && !trimmedLine.startsWith('#')) {
+            const equalIndex = trimmedLine.indexOf('=');
+            if (equalIndex !== -1) {
+                const key = trimmedLine.substring(0, equalIndex).trim();
+                let value = trimmedLine.substring(equalIndex + 1).trim();
+                // Handle quoted values
+                if ((value.startsWith('"') && value.endsWith('"')) ||
+                    (value.startsWith("'") && value.endsWith("'"))) {
+                    value = value.substring(1, value.length - 1);
+                }
+                env[key] = value;
+            }
+        }
+    }
+    // Second pass: resolve substitutions like $VAR or ${VAR}
+    for (const [key, value] of Object.entries(env)) {
+        env[key] = value.replace(/\${?(\w+)}?/g, (_, varName) => {
+            return env[varName] ?? '';
+        });
+    }
+    return env;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9jYWwtbm9kZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9sb2NhbC9sb2NhbC1ub2RlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQTRDQSxzQ0FHQztBQS9DRCxtQ0FBZ0M7QUFDaEMsNENBQWtEO0FBRWxEOzs7OztHQUtHO0FBQ1UsUUFBQSxZQUFZLEdBQUcsZUFBTSxDQUFDLE1BQU0sQ0FBQztJQUN4QyxnQkFBZ0IsRUFBRSxtQkFBTztJQUN6QixVQUFVLEVBQUUsZUFBTSxDQUFDLE1BQU07SUFDekIsZ0JBQWdCLEVBQUUsbUJBQU87SUFDekIsb0NBQW9DO0lBQ3BDLGNBQWMsRUFBRSxlQUFNLENBQUMsUUFBUSxDQUFDLHFCQUFTLENBQUM7SUFDMUMsY0FBYyxFQUFFLG1CQUFPO0lBQ3ZCLGtCQUFrQixFQUFFLHFCQUFTO0lBQzdCLG9DQUFvQztJQUNwQyxxQkFBcUIsRUFBRSxlQUFNLENBQUMsUUFBUSxDQUFDLHFCQUFTLENBQUM7SUFDakQsTUFBTSxFQUFFLGVBQU0sQ0FBQyxNQUFNO0lBQ3JCLG9DQUFvQztJQUNwQywrQkFBK0IsRUFBRSxlQUFNLENBQUMsUUFBUSxDQUFDLHFCQUFTLENBQUM7SUFDM0Qsb0NBQW9DO0lBQ3BDLHNDQUFzQyxFQUFFLGVBQU0sQ0FBQyxRQUFRLENBQUMscUJBQVMsQ0FBQztJQUNsRSw4QkFBOEIsRUFBRSxtQkFBTztJQUN2Qyx5QkFBeUIsRUFBRSxlQUFNLENBQUMsUUFBUSxDQUFDLGVBQU0sQ0FBQyxNQUFNLENBQUM7SUFDekQsZUFBZSxFQUFFLGVBQU0sQ0FBQyxRQUFRLENBQUMsZUFBTSxDQUFDLE1BQU0sQ0FBQztJQUMvQyw4QkFBOEIsRUFBRSxlQUFNLENBQUMsUUFBUSxDQUFDLGVBQU0sQ0FBQyxNQUFNLENBQUM7SUFDOUQsd0JBQXdCLEVBQUUsZUFBTSxDQUFDLFFBQVEsQ0FBQyxlQUFNLENBQUMsTUFBTSxDQUFDO0lBQ3hELHVCQUF1QixFQUFFLGVBQU0sQ0FBQyxRQUFRLENBQUMscUJBQVMsQ0FBQztDQUNwRCxDQUFDLENBQUM7QUFLSDs7Ozs7Ozs7R0FRRztBQUNILFNBQWdCLGFBQWEsQ0FBQyxZQUE4QjtJQUMxRCxNQUFNLE1BQU0sR0FBRyxZQUFZLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQztJQUNsRSxPQUFPLGVBQU0sQ0FBQyxpQkFBaUIsQ0FBQyxvQkFBWSxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUM7QUFDeEQsQ0FBQztBQUVELFNBQVMsT0FBTyxDQUFDLFVBQTJCO0lBQzFDLE9BQU8sUUFBUSxDQUFDLFVBQVUsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDO0FBQ3pDLENBQUM7QUFFRCxtRkFBbUY7QUFDbkYsU0FBUyxRQUFRLENBQUMsVUFBa0I7SUFDbEMsSUFBSSxHQUFHLEdBQTJCLEVBQUUsQ0FBQztJQUNyQyxNQUFNLEtBQUssR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBRXJDLGlDQUFpQztJQUNqQyxLQUFLLE1BQU0sSUFBSSxJQUFJLEtBQUssRUFBRSxDQUFDO1FBQ3pCLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNoQyxJQUFJLFdBQVcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNoRCxNQUFNLFVBQVUsR0FBRyxXQUFXLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQzVDLElBQUksVUFBVSxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3RCLE1BQU0sR0FBRyxHQUFHLFdBQVcsQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLFVBQVUsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO2dCQUN4RCxJQUFJLEtBQUssR0FBRyxXQUFXLENBQUMsU0FBUyxDQUFDLFVBQVUsR0FBRyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFFekQsdUJBQXVCO2dCQUN2QixJQUNFLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDO29CQUM5QyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLElBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUM5QyxDQUFDO29CQUNELEtBQUssR0FBRyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxLQUFLLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUMvQyxDQUFDO2dCQUVELEdBQUcsQ0FBQyxHQUFHLENBQUMsR0FBRyxLQUFLLENBQUM7WUFDbkIsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQseURBQXlEO0lBQ3pELEtBQUssTUFBTSxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7UUFDL0MsR0FBRyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsY0FBYyxFQUFFLENBQUMsQ0FBQyxFQUFFLE9BQWUsRUFBRSxFQUFFO1lBQzlELE9BQU8sR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUM1QixDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxPQUFPLEdBQUcsQ0FBQztBQUNiLENBQUMifQ==

package/dist/cjs/reencryption/eip712.d.ts

@@ -0,0 +1,56 @@
+import { Schema } from 'effect';
+import { Address } from 'viem';
+declare const baseEIP712: Schema.Struct<{
+    domain: Schema.Struct<{
+        chainId: typeof Schema.BigInt;
+        name: typeof Schema.String;
+        version: typeof Schema.String;
+        verifyingContract: Schema.optional<Schema.TemplateLiteral<`0x${string}`>>;
+    }>;
+    primaryType: typeof Schema.String;
+    types: Schema.Record$<typeof Schema.String, Schema.Array$<Schema.Struct<{
+        name: typeof Schema.String;
+        type: typeof Schema.String;
+    }>>>;
+}>;
+type BaseEIP712 = typeof baseEIP712.Type;
+/**
+ * An EIP-712 typed data payload with a generic `message` field.
+ *
+ * Extends the base EIP-712 structure (domain, primaryType, types) with
+ * a strongly-typed `message` object for signing.
+ *
+ * @typeParam Message - The shape of the application-specific message to sign.
+ */
+export interface EIP712<Message extends object> extends BaseEIP712 {
+    message: Message;
+}
+/**
+ * Creates an EIP-712 typed data payload for user signing.
+ *
+ * Used to verify the user controls the private key corresponding to the ephemeral
+ * public key embedded in the payload. The `message` keys must exactly match the
+ * `name` values in `primaryTypeFields`.
+ *
+ * @typeParam PrimaryType - The EIP-712 primary type name.
+ * @typeParam Message - The shape of the message to sign.
+ * @param params.chainId - The chain ID for the EIP-712 domain.
+ * @param params.primaryType - The primary type name (e.g. `"Reencrypt"`).
+ * @param params.primaryTypeFields - The field definitions for the primary type.
+ * @param params.message - The message object to sign (must match `primaryTypeFields`).
+ * @param params.verifyingContract - Optional verifying contract address for the domain.
+ * @param params.domainName - Human-readable name for the EIP-712 domain.
+ * @param params.domainVersion - Version string for the EIP-712 domain.
+ * @returns A complete {@link EIP712} payload ready for signing.
+ * @throws If message keys do not match `primaryTypeFields` names.
+ */
+export declare function createEIP712Payload<PrimaryType extends string, Message extends object>({ chainId, primaryType, primaryTypeFields, message, verifyingContract, domainName, domainVersion, }: {
+    chainId: bigint;
+    primaryType: PrimaryType;
+    primaryTypeFields: BaseEIP712['types'][PrimaryType];
+    message: Message;
+    verifyingContract?: Address;
+    domainName: string;
+    domainVersion: string;
+}): EIP712<Message>;
+export {};

package/dist/cjs/reencryption/eip712.js

@@ -0,0 +1,90 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createEIP712Payload = createEIP712Payload;
+const effect_1 = require("effect");
+const binary_js_1 = require("../binary.js");
+// An effect Schema representing a base EIP712 typed message, without any
+// custom message types, as defined in EIP-712.
+const baseEIP712 = effect_1.Schema.Struct({
+    domain: effect_1.Schema.Struct({
+        chainId: effect_1.Schema.BigInt,
+        name: effect_1.Schema.String,
+        version: effect_1.Schema.String,
+        verifyingContract: effect_1.Schema.optional(binary_js_1.HexString),
+        // If salt is needed, it can be added here. Currently, none of the Incolite
+        // features need this.
+    }),
+    primaryType: effect_1.Schema.String,
+    types: effect_1.Schema.Record({
+        key: effect_1.Schema.String,
+        value: effect_1.Schema.Array(effect_1.Schema.Struct({
+            name: effect_1.Schema.String,
+            type: effect_1.Schema.String,
+        })),
+    }),
+});
+/**
+ * Creates an EIP-712 typed data payload for user signing.
+ *
+ * Used to verify the user controls the private key corresponding to the ephemeral
+ * public key embedded in the payload. The `message` keys must exactly match the
+ * `name` values in `primaryTypeFields`.
+ *
+ * @typeParam PrimaryType - The EIP-712 primary type name.
+ * @typeParam Message - The shape of the message to sign.
+ * @param params.chainId - The chain ID for the EIP-712 domain.
+ * @param params.primaryType - The primary type name (e.g. `"Reencrypt"`).
+ * @param params.primaryTypeFields - The field definitions for the primary type.
+ * @param params.message - The message object to sign (must match `primaryTypeFields`).
+ * @param params.verifyingContract - Optional verifying contract address for the domain.
+ * @param params.domainName - Human-readable name for the EIP-712 domain.
+ * @param params.domainVersion - Version string for the EIP-712 domain.
+ * @returns A complete {@link EIP712} payload ready for signing.
+ * @throws If message keys do not match `primaryTypeFields` names.
+ */
+function createEIP712Payload({ chainId, primaryType, primaryTypeFields, message, verifyingContract, domainName, domainVersion, }) {
+    const types = {
+        // This refers to the domain the contract is hosted on.
+        EIP712Domain: [
+            { name: 'name', type: 'string' },
+            { name: 'version', type: 'string' },
+            { name: 'chainId', type: 'uint256' },
+        ],
+        // Refer to primaryType.
+        [primaryType]: primaryTypeFields,
+    };
+    if (verifyingContract) {
+        types.EIP712Domain.push({ name: 'verifyingContract', type: 'address' });
+    }
+    // Check that the message has the same keys as the primaryTypeFields.
+    const messageKeys = Object.keys(message);
+    const primaryTypeFieldsKeys = primaryTypeFields.map((field) => field.name);
+    if (messageKeys.length !== primaryTypeFieldsKeys.length) {
+        throw new Error('Message keys do not match primaryTypeFields keys');
+    }
+    for (const key of messageKeys) {
+        if (!primaryTypeFieldsKeys.includes(key)) {
+            throw new Error(`Message key ${key} does not match primaryTypeFields key`);
+        }
+    }
+    const msgParams = {
+        types,
+        // This defines the message you're proposing the user to sign, is dapp-specific, and contains
+        // anything you want. There are no required fields. Be as explicit as possible when building out
+        // the message schema.
+        // This refers to the keys of the following types object.
+        primaryType,
+        domain: {
+            // Give a user-friendly name to the specific contract you're signing for.
+            name: domainName,
+            // This identifies the latest version.
+            version: domainVersion,
+            // This defines the network, in this case, Mainnet.
+            chainId,
+            verifyingContract,
+        },
+        message,
+    };
+    return msgParams;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZWlwNzEyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JlZW5jcnlwdGlvbi9laXA3MTIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUE0REEsa0RBcUVDO0FBaklELG1DQUFnQztBQUVoQyw0Q0FBeUM7QUFFekMseUVBQXlFO0FBQ3pFLCtDQUErQztBQUMvQyxNQUFNLFVBQVUsR0FBRyxlQUFNLENBQUMsTUFBTSxDQUFDO0lBQy9CLE1BQU0sRUFBRSxlQUFNLENBQUMsTUFBTSxDQUFDO1FBQ3BCLE9BQU8sRUFBRSxlQUFNLENBQUMsTUFBTTtRQUN0QixJQUFJLEVBQUUsZUFBTSxDQUFDLE1BQU07UUFDbkIsT0FBTyxFQUFFLGVBQU0sQ0FBQyxNQUFNO1FBQ3RCLGlCQUFpQixFQUFFLGVBQU0sQ0FBQyxRQUFRLENBQUMscUJBQVMsQ0FBQztRQUM3QywyRUFBMkU7UUFDM0Usc0JBQXNCO0tBQ3ZCLENBQUM7SUFDRixXQUFXLEVBQUUsZUFBTSxDQUFDLE1BQU07SUFDMUIsS0FBSyxFQUFFLGVBQU0sQ0FBQyxNQUFNLENBQUM7UUFDbkIsR0FBRyxFQUFFLGVBQU0sQ0FBQyxNQUFNO1FBQ2xCLEtBQUssRUFBRSxlQUFNLENBQUMsS0FBSyxDQUNqQixlQUFNLENBQUMsTUFBTSxDQUFDO1lBQ1osSUFBSSxFQUFFLGVBQU0sQ0FBQyxNQUFNO1lBQ25CLElBQUksRUFBRSxlQUFNLENBQUMsTUFBTTtTQUNwQixDQUFDLENBQ0g7S0FDRixDQUFDO0NBQ0gsQ0FBQyxDQUFDO0FBZ0JIOzs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FrQkc7QUFDSCxTQUFnQixtQkFBbUIsQ0FHakMsRUFDQSxPQUFPLEVBQ1AsV0FBVyxFQUNYLGlCQUFpQixFQUNqQixPQUFPLEVBQ1AsaUJBQWlCLEVBQ2pCLFVBQVUsRUFDVixhQUFhLEdBU2Q7SUFDQyxNQUFNLEtBQUssR0FBRztRQUNaLHVEQUF1RDtRQUN2RCxZQUFZLEVBQUU7WUFDWixFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUNoQyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUNuQyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRTtTQUNyQztRQUNELHdCQUF3QjtRQUN4QixDQUFDLFdBQVcsQ0FBQyxFQUFFLGlCQUFpQjtLQUNqQyxDQUFDO0lBRUYsSUFBSSxpQkFBaUIsRUFBRSxDQUFDO1FBQ3RCLEtBQUssQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFLG1CQUFtQixFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDO0lBQzFFLENBQUM7SUFFRCxxRUFBcUU7SUFDckUsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUN6QyxNQUFNLHFCQUFxQixHQUFHLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzNFLElBQUksV0FBVyxDQUFDLE1BQU0sS0FBSyxxQkFBcUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUN4RCxNQUFNLElBQUksS0FBSyxDQUFDLGtEQUFrRCxDQUFDLENBQUM7SUFDdEUsQ0FBQztJQUNELEtBQUssTUFBTSxHQUFHLElBQUksV0FBVyxFQUFFLENBQUM7UUFDOUIsSUFBSSxDQUFDLHFCQUFxQixDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3pDLE1BQU0sSUFBSSxLQUFLLENBQ2IsZUFBZSxHQUFHLHVDQUF1QyxDQUMxRCxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFRCxNQUFNLFNBQVMsR0FBRztRQUNoQixLQUFLO1FBQ0wsNkZBQTZGO1FBQzdGLGdHQUFnRztRQUNoRyxzQkFBc0I7UUFDdEIseURBQXlEO1FBQ3pELFdBQVc7UUFDWCxNQUFNLEVBQUU7WUFDTix5RUFBeUU7WUFDekUsSUFBSSxFQUFFLFVBQVU7WUFDaEIsc0NBQXNDO1lBQ3RDLE9BQU8sRUFBRSxhQUFhO1lBQ3RCLG1EQUFtRDtZQUNuRCxPQUFPO1lBQ1AsaUJBQWlCO1NBQ2xCO1FBQ0QsT0FBTztLQUNSLENBQUM7SUFFRixPQUFPLFNBQVMsQ0FBQztBQUNuQixDQUFDIn0=

package/dist/cjs/reencryption/index.d.ts

@@ -0,0 +1,2 @@
+export * from './eip712.js';
+export * from './types.js';

package/dist/cjs/reencryption/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./eip712.js"), exports);
+__exportStar(require("./types.js"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcmVlbmNyeXB0aW9uL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw4Q0FBNEI7QUFDNUIsNkNBQTJCIn0=

package/dist/cjs/reencryption/types.d.ts

@@ -0,0 +1,48 @@
+import { Address } from 'viem';
+import { HexString } from '../binary.js';
+import { CiphertextOf, EncryptionScheme, PlaintextOf, SupportedTeeType } from '../encryption/encryption.js';
+import { Handle } from '../handle.js';
+import type { XwingKeypair } from '../lite/xwing.js';
+import type { BackoffConfig } from '../retry.js';
+/**
+ * The core reencryption function type. Takes a handle (and optional ciphertext) and returns
+ * the decrypted plaintext. Supports retry configuration for handles that are not yet available.
+ *
+ * @typeParam S - The encryption scheme (e.g. X-Wing).
+ */
+export type Reencryptor<S extends EncryptionScheme> = <T extends SupportedTeeType>(args: ReencryptFnArgs<S, T>, backoffConfig?: Partial<BackoffConfig>) => Promise<PlaintextOf<S, T>>;
+/** Arguments required to construct a {@link Reencryptor}. */
+export interface ReencryptorArgs {
+    chainId: bigint;
+}
+/**
+ * Arguments for a single reencryption call.
+ *
+ * @typeParam S - The encryption scheme.
+ * @typeParam T - The ENCRYPTION type of the ciphertext.
+ */
+export type ReencryptFnArgs<S extends EncryptionScheme, T extends SupportedTeeType> = {
+    handle: Handle;
+    /**
+     * Optional ciphertext hint. If provided, the reencrypt endpoint may use it directly
+     * instead of fetching from the covalidators.
+     */
+    ciphertext?: CiphertextOf<S, T>;
+};
+/** Union of supported ephemeral keypair types for reencryption (currently X-Wing only). */
+export type SupportedEphemeralKeypairs = XwingKeypair;
+/** An object whose public key can be serialized to a `Uint8Array`. */
+export interface PubKeyEncodable {
+    encodePublicKey(): Uint8Array;
+}
+/**
+ * A reencryption request to be sent to a reencrypt endpoint.
+ *
+ * @typeParam EKP - The type of ephemeral keypair used for the reencryption session.
+ */
+export interface ReencryptEndpointRequest<EKP extends SupportedEphemeralKeypairs> {
+    userAddress: Address;
+    handle: Handle;
+    eip712Signature: HexString;
+    ephemeralKeypair: EKP;
+}

package/dist/cjs/reencryption/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcmVlbmNyeXB0aW9uL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==

package/dist/cjs/retry.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Configuration for exponential backoff retry logic.
+ */
+export type BackoffConfig = {
+    maxRetries: number;
+    baseDelayInMs: number;
+    backoffFactor: number;
+    errHandler?: (error: Error, attempt: number) => 'stop' | 'continue';
+};
+/**
+ * Checks if an error is safe to retry.
+ * Only transient errors matching the allowlist should return true.
+ * All other errors fail fast to avoid masking security-critical failures.
+ *
+ * @param error - The error to check
+ * @returns true if the error is transient and safe to retry, false otherwise
+ */
+export declare function isRetryableError(error: Error): boolean;
+/**
+ * Default error handler that only retries known transient errors.
+ * Security-critical errors will fail fast.
+ */
+export declare function defaultRetryErrorHandler(error: Error): 'stop' | 'continue';
+/**
+ * Helper function to implement exponential backoff retry logic.
+ * @param fn - The function to retry
+ * @param config - Optional backoff configuration
+ * @returns Promise that resolves with the result of the function
+ */
+export declare function retryWithBackoff<T>(fn: () => Promise<T>, { maxRetries, baseDelayInMs, backoffFactor, errHandler, }?: Partial<BackoffConfig>): Promise<T>;

package/dist/cjs/retry.js

@@ -0,0 +1,87 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isRetryableError = isRetryableError;
+exports.defaultRetryErrorHandler = defaultRetryErrorHandler;
+exports.retryWithBackoff = retryWithBackoff;
+/**
+ * Allowlist of transient error patterns that are safe to retry.
+ * Each pattern includes a substring to match (case-insensitive) and a description.
+ *
+ * SECURITY: Only add patterns here for genuinely transient errors.
+ * Do NOT add patterns that could mask security-critical errors like:
+ * - Authentication failures
+ * - Permission denied
+ * - Signature validation errors
+ * - Invalid input/format errors
+ */
+const RETRYABLE_ERROR_PATTERNS = [
+    // Explicit retry suggestions from the server
+    {
+        pattern: 'try again later',
+        description: 'Server explicitly suggests retry',
+    },
+    // Network/connectivity issues
+    { pattern: 'timeout', description: 'Request timeout' },
+    { pattern: 'etimedout', description: 'Connection timeout' },
+    { pattern: 'econnreset', description: 'Connection reset' },
+    { pattern: 'econnrefused', description: 'Connection refused' },
+    // Service availability
+    { pattern: '503', description: 'Service unavailable (503)' },
+    { pattern: 'service unavailable', description: 'Service unavailable' },
+    // Data propagation delays (eventual consistency)
+    {
+        pattern: 'ciphertext too short',
+        description: 'Ciphertext not yet propagated to covalidator',
+    },
+];
+/**
+ * Checks if an error is safe to retry.
+ * Only transient errors matching the allowlist should return true.
+ * All other errors fail fast to avoid masking security-critical failures.
+ *
+ * @param error - The error to check
+ * @returns true if the error is transient and safe to retry, false otherwise
+ */
+function isRetryableError(error) {
+    const message = error.message?.toLowerCase() ?? '';
+    return RETRYABLE_ERROR_PATTERNS.some(({ pattern }) => message.includes(pattern));
+}
+/**
+ * Default error handler that only retries known transient errors.
+ * Security-critical errors will fail fast.
+ */
+function defaultRetryErrorHandler(error) {
+    if (isRetryableError(error)) {
+        console.warn(`Retrying after transient error: ${error.message}`);
+        return 'continue';
+    }
+    return 'stop';
+}
+/**
+ * Helper function to implement exponential backoff retry logic.
+ * @param fn - The function to retry
+ * @param config - Optional backoff configuration
+ * @returns Promise that resolves with the result of the function
+ */
+async function retryWithBackoff(fn, { 
+// These default values will make it return an error after ~10s if the fn response is fast.
+maxRetries = 5, baseDelayInMs = 1000, backoffFactor = 1.5, errHandler = defaultRetryErrorHandler, } = {}) {
+    let lastError;
+    for (let attempt = 0; attempt < maxRetries; attempt++) {
+        try {
+            return await fn();
+        }
+        catch (error) {
+            lastError = error;
+            if (errHandler(lastError, attempt) !== 'continue' ||
+                attempt === maxRetries - 1) {
+                break;
+            }
+            const delay = baseDelayInMs * Math.pow(backoffFactor, attempt);
+            const jitter = delay * (0.8 + Math.random() * 0.4); // random jitter, 80% to 120% of the delay
+            await new Promise((resolve) => setTimeout(resolve, jitter));
+        }
+    }
+    throw lastError;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmV0cnkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcmV0cnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUF3REEsNENBTUM7QUFNRCw0REFNQztBQVFELDRDQThCQztBQXRHRDs7Ozs7Ozs7OztHQVVHO0FBQ0gsTUFBTSx3QkFBd0IsR0FHekI7SUFDSCw2Q0FBNkM7SUFDN0M7UUFDRSxPQUFPLEVBQUUsaUJBQWlCO1FBQzFCLFdBQVcsRUFBRSxrQ0FBa0M7S0FDaEQ7SUFFRCw4QkFBOEI7SUFDOUIsRUFBRSxPQUFPLEVBQUUsU0FBUyxFQUFFLFdBQVcsRUFBRSxpQkFBaUIsRUFBRTtJQUN0RCxFQUFFLE9BQU8sRUFBRSxXQUFXLEVBQUUsV0FBVyxFQUFFLG9CQUFvQixFQUFFO0lBQzNELEVBQUUsT0FBTyxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsa0JBQWtCLEVBQUU7SUFDMUQsRUFBRSxPQUFPLEVBQUUsY0FBYyxFQUFFLFdBQVcsRUFBRSxvQkFBb0IsRUFBRTtJQUU5RCx1QkFBdUI7SUFDdkIsRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLFdBQVcsRUFBRSwyQkFBMkIsRUFBRTtJQUM1RCxFQUFFLE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxXQUFXLEVBQUUscUJBQXFCLEVBQUU7SUFFdEUsaURBQWlEO0lBQ2pEO1FBQ0UsT0FBTyxFQUFFLHNCQUFzQjtRQUMvQixXQUFXLEVBQUUsOENBQThDO0tBQzVEO0NBQ0YsQ0FBQztBQUVGOzs7Ozs7O0dBT0c7QUFDSCxTQUFnQixnQkFBZ0IsQ0FBQyxLQUFZO0lBQzNDLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRSxDQUFDO0lBRW5ELE9BQU8sd0JBQXdCLENBQUMsSUFBSSxDQUFDLENBQUMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFLENBQ25ELE9BQU8sQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQzFCLENBQUM7QUFDSixDQUFDO0FBRUQ7OztHQUdHO0FBQ0gsU0FBZ0Isd0JBQXdCLENBQUMsS0FBWTtJQUNuRCxJQUFJLGdCQUFnQixDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUM7UUFDNUIsT0FBTyxDQUFDLElBQUksQ0FBQyxtQ0FBbUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDakUsT0FBTyxVQUFVLENBQUM7SUFDcEIsQ0FBQztJQUNELE9BQU8sTUFBTSxDQUFDO0FBQ2hCLENBQUM7QUFFRDs7Ozs7R0FLRztBQUNJLEtBQUssVUFBVSxnQkFBZ0IsQ0FDcEMsRUFBb0IsRUFDcEI7QUFDRSwyRkFBMkY7QUFDM0YsVUFBVSxHQUFHLENBQUMsRUFDZCxhQUFhLEdBQUcsSUFBSSxFQUNwQixhQUFhLEdBQUcsR0FBRyxFQUNuQixVQUFVLEdBQUcsd0JBQXdCLE1BQ1gsRUFBRTtJQUU5QixJQUFJLFNBQTRCLENBQUM7SUFFakMsS0FBSyxJQUFJLE9BQU8sR0FBRyxDQUFDLEVBQUUsT0FBTyxHQUFHLFVBQVUsRUFBRSxPQUFPLEVBQUUsRUFBRSxDQUFDO1FBQ3RELElBQUksQ0FBQztZQUNILE9BQU8sTUFBTSxFQUFFLEVBQUUsQ0FBQztRQUNwQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLFNBQVMsR0FBRyxLQUFjLENBQUM7WUFDM0IsSUFDRSxVQUFVLENBQUMsU0FBUyxFQUFFLE9BQU8sQ0FBQyxLQUFLLFVBQVU7Z0JBQzdDLE9BQU8sS0FBSyxVQUFVLEdBQUcsQ0FBQyxFQUMxQixDQUFDO2dCQUNELE1BQU07WUFDUixDQUFDO1lBQ0QsTUFBTSxLQUFLLEdBQUcsYUFBYSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsYUFBYSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQy9ELE1BQU0sTUFBTSxHQUFHLEtBQUssR0FBRyxDQUFDLEdBQUcsR0FBRyxJQUFJLENBQUMsTUFBTSxFQUFFLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQywwQ0FBMEM7WUFDOUYsTUFBTSxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBQzlELENBQUM7SUFDSCxDQUFDO0lBRUQsTUFBTSxTQUFTLENBQUM7QUFDbEIsQ0FBQyJ9

package/dist/cjs/schema.d.ts

@@ -0,0 +1,4 @@
+import { Schema } from 'effect';
+import { ParseOptions } from 'effect/SchemaAST';
+export declare function parse<A, I>(schema: Schema.Schema<A, I>, obj: unknown, options?: ParseOptions): A;
+export declare function parseJson<A, I>(schema: Schema.Schema<A, I>, json: string | Uint8Array, options?: ParseOptions): A;

package/dist/cjs/schema.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parse = parse;
+exports.parseJson = parseJson;
+const effect_1 = require("effect");
+// parse takes an effect Schema object and parses an unknown value into that schema, if parsing fails an error is thrown
+// only fields specified in the schema will be present in the parsed object.
+function parse(schema, obj, options) {
+    return effect_1.Schema.decodeUnknownSync(schema)(obj, options);
+}
+// parseJson takes an effect Schema object and parses a JSON string into that schema, if parsing fails an error is thrown
+// only fields specified in the schema will be present in the parsed object.
+function parseJson(schema, json, options) {
+    if (typeof json !== 'string') {
+        json = json.toString();
+    }
+    return effect_1.Schema.decodeUnknownSync(effect_1.Schema.parseJson(schema))(json, options);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NjaGVtYS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUtBLHNCQU1DO0FBSUQsOEJBU0M7QUF4QkQsbUNBQWdDO0FBR2hDLHdIQUF3SDtBQUN4SCw0RUFBNEU7QUFDNUUsU0FBZ0IsS0FBSyxDQUNuQixNQUEyQixFQUMzQixHQUFZLEVBQ1osT0FBc0I7SUFFdEIsT0FBTyxlQUFNLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO0FBQ3hELENBQUM7QUFFRCx5SEFBeUg7QUFDekgsNEVBQTRFO0FBQzVFLFNBQWdCLFNBQVMsQ0FDdkIsTUFBMkIsRUFDM0IsSUFBeUIsRUFDekIsT0FBc0I7SUFFdEIsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRLEVBQUUsQ0FBQztRQUM3QixJQUFJLEdBQUcsSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFDRCxPQUFPLGVBQU0sQ0FBQyxpQkFBaUIsQ0FBQyxlQUFNLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0FBQzNFLENBQUMifQ==

package/dist/cjs/test/mocks.d.ts

@@ -0,0 +1,20 @@
+import { Account, Chain, PublicClient, Transport, WalletClient } from 'viem';
+import { vi } from 'vitest';
+import { KmsClient } from '../kms/client.js';
+import { KmsQuorumClient } from '../kms/quorumClient.js';
+interface MinimalKmsClient {
+    attestedCompute: ReturnType<typeof vi.fn>;
+    attestedDecrypt: ReturnType<typeof vi.fn>;
+    attestedReveal: ReturnType<typeof vi.fn>;
+    eListAttestedDecrypt: ReturnType<typeof vi.fn>;
+    eListAttestedReveal: ReturnType<typeof vi.fn>;
+    key: ReturnType<typeof vi.fn>;
+    reencrypt: ReturnType<typeof vi.fn>;
+}
+export declare function createMockKmsClient(): MinimalKmsClient & KmsClient;
+export declare function createMockQuorumClient(): KmsQuorumClient;
+export declare function setupMockInQuorumClient(quorumClient: KmsQuorumClient, mockKmsClient: MinimalKmsClient & KmsClient): void;
+export declare function createMockPublicClient(): PublicClient<Transport, Chain>;
+export declare function createTestWalletClient(): WalletClient<Transport, Chain, Account>;
+export declare function createFallbackWalletClient(): WalletClient<Transport, Chain, Account>;
+export {};

package/dist/cjs/test/mocks.js

@@ -0,0 +1,72 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createMockKmsClient = createMockKmsClient;
+exports.createMockQuorumClient = createMockQuorumClient;
+exports.setupMockInQuorumClient = setupMockInQuorumClient;
+exports.createMockPublicClient = createMockPublicClient;
+exports.createTestWalletClient = createTestWalletClient;
+exports.createFallbackWalletClient = createFallbackWalletClient;
+const viem_1 = require("viem");
+const accounts_1 = require("viem/accounts");
+const chains_1 = require("viem/chains");
+const vitest_1 = require("vitest");
+const client_js_1 = require("../kms/client.js");
+const quorumClient_js_1 = require("../kms/quorumClient.js");
+// Create a mock that satisfies our minimal interface
+function createMockKmsClient() {
+    return {
+        attestedCompute: vitest_1.vi.fn(),
+        attestedDecrypt: vitest_1.vi.fn(),
+        attestedReveal: vitest_1.vi.fn(),
+        eListAttestedDecrypt: vitest_1.vi.fn(),
+        eListAttestedReveal: vitest_1.vi.fn(),
+        key: vitest_1.vi.fn(),
+        reencrypt: vitest_1.vi.fn(),
+    };
+}
+// Create a mock KmsQuorumClient from a mock KmsClient for testing
+function createMockQuorumClient() {
+    // Use the private constructor via type casting (similar to quorumClient.test.ts)
+    const AnyClass = quorumClient_js_1.KmsQuorumClient;
+    return new AnyClass([{ url: 'https://mock-kms', signer: client_js_1.TEST_DEFAULT_COVALIDATOR_SIGNER }], 1);
+}
+// Helper to set up the mock client inside the quorum client
+function setupMockInQuorumClient(quorumClient, mockKmsClient) {
+    // Access private kmss array and replace the client
+    const anyQuorumClient = quorumClient;
+    if (anyQuorumClient.kmss && anyQuorumClient.kmss.length > 0) {
+        anyQuorumClient.kmss[0].client = mockKmsClient;
+    }
+}
+// Create a public client for testing (transport URL is never actually called;
+// publicClient is required by attestedDecrypt/attestedCompute but KMS is mocked in tests)
+function createMockPublicClient() {
+    return (0, viem_1.createPublicClient)({
+        chain: chains_1.sepolia,
+        transport: (0, viem_1.http)('http://localhost:8567'),
+    });
+}
+// Create a wallet client for testing (transport URL is never actually called;
+// signing with a local key account does not require an RPC connection)
+function createTestWalletClient() {
+    const account = (0, accounts_1.privateKeyToAccount)((0, accounts_1.generatePrivateKey)());
+    return (0, viem_1.createWalletClient)({
+        chain: chains_1.sepolia, // Arbitrary chain, not relevant to test
+        transport: (0, viem_1.http)('http://localhost:8567'),
+        account,
+    });
+}
+// Create a wallet client with a fallback() transport for testing that code
+// handles non-http transports correctly (fallback has no .url property)
+function createFallbackWalletClient() {
+    const account = (0, accounts_1.privateKeyToAccount)((0, accounts_1.generatePrivateKey)());
+    return (0, viem_1.createWalletClient)({
+        chain: chains_1.sepolia,
+        transport: (0, viem_1.fallback)([
+            (0, viem_1.http)('http://localhost:8567'),
+            (0, viem_1.http)('http://localhost:8568'),
+        ]),
+        account,
+    });
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibW9ja3MuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdGVzdC9tb2Nrcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQThCQSxrREFVQztBQUdELHdEQU9DO0FBR0QsMERBU0M7QUFJRCx3REFLQztBQUlELHdEQVdDO0FBSUQsZ0VBY0M7QUF4R0QsK0JBVWM7QUFDZCw0Q0FBd0U7QUFDeEUsd0NBQXNDO0FBQ3RDLG1DQUE0QjtBQUM1QixnREFBOEU7QUFDOUUsNERBQXlEO0FBY3pELHFEQUFxRDtBQUNyRCxTQUFnQixtQkFBbUI7SUFDakMsT0FBTztRQUNMLGVBQWUsRUFBRSxXQUFFLENBQUMsRUFBRSxFQUFFO1FBQ3hCLGVBQWUsRUFBRSxXQUFFLENBQUMsRUFBRSxFQUFFO1FBQ3hCLGNBQWMsRUFBRSxXQUFFLENBQUMsRUFBRSxFQUFFO1FBQ3ZCLG9CQUFvQixFQUFFLFdBQUUsQ0FBQyxFQUFFLEVBQUU7UUFDN0IsbUJBQW1CLEVBQUUsV0FBRSxDQUFDLEVBQUUsRUFBRTtRQUM1QixHQUFHLEVBQUUsV0FBRSxDQUFDLEVBQUUsRUFBRTtRQUNaLFNBQVMsRUFBRSxXQUFFLENBQUMsRUFBRSxFQUFFO0tBQ2EsQ0FBQztBQUNwQyxDQUFDO0FBRUQsa0VBQWtFO0FBQ2xFLFNBQWdCLHNCQUFzQjtJQUNwQyxpRkFBaUY7SUFDakYsTUFBTSxRQUFRLEdBQVEsaUNBQWUsQ0FBQztJQUN0QyxPQUFPLElBQUksUUFBUSxDQUNqQixDQUFDLEVBQUUsR0FBRyxFQUFFLGtCQUFrQixFQUFFLE1BQU0sRUFBRSwyQ0FBK0IsRUFBRSxDQUFDLEVBQ3RFLENBQUMsQ0FDRixDQUFDO0FBQ0osQ0FBQztBQUVELDREQUE0RDtBQUM1RCxTQUFnQix1QkFBdUIsQ0FDckMsWUFBNkIsRUFDN0IsYUFBMkM7SUFFM0MsbURBQW1EO0lBQ25ELE1BQU0sZUFBZSxHQUFHLFlBQW1CLENBQUM7SUFDNUMsSUFBSSxlQUFlLENBQUMsSUFBSSxJQUFJLGVBQWUsQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQzVELGVBQWUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxHQUFHLGFBQWEsQ0FBQztJQUNqRCxDQUFDO0FBQ0gsQ0FBQztBQUVELDhFQUE4RTtBQUM5RSwwRkFBMEY7QUFDMUYsU0FBZ0Isc0JBQXNCO0lBQ3BDLE9BQU8sSUFBQSx5QkFBa0IsRUFBQztRQUN4QixLQUFLLEVBQUUsZ0JBQU87UUFDZCxTQUFTLEVBQUUsSUFBQSxXQUFJLEVBQUMsdUJBQXVCLENBQUM7S0FDekMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELDhFQUE4RTtBQUM5RSx1RUFBdUU7QUFDdkUsU0FBZ0Isc0JBQXNCO0lBS3BDLE1BQU0sT0FBTyxHQUFHLElBQUEsOEJBQW1CLEVBQUMsSUFBQSw2QkFBa0IsR0FBRSxDQUFDLENBQUM7SUFDMUQsT0FBTyxJQUFBLHlCQUFrQixFQUFDO1FBQ3hCLEtBQUssRUFBRSxnQkFBTyxFQUFFLHdDQUF3QztRQUN4RCxTQUFTLEVBQUUsSUFBQSxXQUFJLEVBQUMsdUJBQXVCLENBQUM7UUFDeEMsT0FBTztLQUNSLENBQUMsQ0FBQztBQUNMLENBQUM7QUFFRCwyRUFBMkU7QUFDM0Usd0VBQXdFO0FBQ3hFLFNBQWdCLDBCQUEwQjtJQUt4QyxNQUFNLE9BQU8sR0FBRyxJQUFBLDhCQUFtQixFQUFDLElBQUEsNkJBQWtCLEdBQUUsQ0FBQyxDQUFDO0lBQzFELE9BQU8sSUFBQSx5QkFBa0IsRUFBQztRQUN4QixLQUFLLEVBQUUsZ0JBQU87UUFDZCxTQUFTLEVBQUUsSUFBQSxlQUFRLEVBQUM7WUFDbEIsSUFBQSxXQUFJLEVBQUMsdUJBQXVCLENBQUM7WUFDN0IsSUFBQSxXQUFJLEVBQUMsdUJBQXVCLENBQUM7U0FDOUIsQ0FBQztRQUNGLE9BQU87S0FDUixDQUFDLENBQUM7QUFDTCxDQUFDIn0=