@labacacia/nps-sdk 1.0.0-alpha.6 → 1.0.0-alpha.7

package/dist/nip/acme/server.d.ts

@@ -0,0 +1,41 @@
+import * as x509 from "@peculiar/x509";
+export interface AcmeServerOptions {
+    caNid: string;
+    caKeys: CryptoKeyPair;
+    caRootCert: x509.X509Certificate;
+    certValidityMs: number;
+}
+export declare class AcmeServer {
+    readonly options: AcmeServerOptions;
+    private readonly server;
+    private readonly nonces;
+    private readonly accountJwks;
+    private readonly orders;
+    private readonly authzs;
+    private readonly challenges;
+    private readonly certs;
+    private boundPort;
+    constructor(options: AcmeServerOptions);
+    start(): Promise<this>;
+    close(): Promise<void>;
+    get baseUrl(): string;
+    get directoryUrl(): string;
+    private dispatch;
+    private handleDirectory;
+    private handleNewNonce;
+    private handleNewAccount;
+    private handleNewOrder;
+    private handleAuthz;
+    private handleChallenge;
+    private handleFinalize;
+    private handleCert;
+    private handleOrder;
+    private mintNonce;
+    private consumeNonce;
+    private verifyAccount;
+    private readEnvelope;
+    private parseHeader;
+    private sendJson;
+    private sendProblem;
+}
+//# sourceMappingURL=server.d.ts.map

package/dist/nip/acme/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/server.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,IAAI,MAAM,gBAAgB,CAAC;AAevC,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAY,MAAM,CAAC;IACxB,MAAM,EAAW,aAAa,CAAC;IAC/B,UAAU,EAAO,IAAI,CAAC,eAAe,CAAC;IACtC,cAAc,EAAG,MAAM,CAAC;CACzB;AA6BD,qBAAa,UAAU;aAUO,OAAO,EAAE,iBAAiB;IATtD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA2B;IAClD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA+B;IAC3D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuC;IAC9D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuC;IAC9D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAuC;IAClE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAoC;IAC1D,OAAO,CAAC,SAAS,CAAgB;gBAEL,OAAO,EAAE,iBAAiB;IAIhD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAS5B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAItB,IAAI,OAAO,IAAU,MAAM,CAAiD;IAC5E,IAAI,YAAY,IAAK,MAAM,CAAwC;YAIrD,QAAQ;IAsBtB,OAAO,CAAC,eAAe;IASvB,OAAO,CAAC,cAAc;YAOR,gBAAgB;YAgChB,cAAc;YAwDd,WAAW;YA2BX,eAAe;YAyDf,cAAc;YAuEd,UAAU;YAmBV,WAAW;IAuBzB,OAAO,CAAC,SAAS;IAMjB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,aAAa;YAOP,YAAY;IAe1B,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,QAAQ;IAMhB,OAAO,CAAC,WAAW;CAKpB"}

package/dist/nip/acme/server.js

@@ -0,0 +1,458 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+/**
+ * In-process ACME server implementing the `agent-01` challenge for NPS-RFC-0002 §4.4.
+ *
+ * Backed by Node's stdlib `http.createServer`. Suitable for tests and reference
+ * deployments. State is kept in memory.
+ */
+import * as ed25519 from "@noble/ed25519";
+import { sha512 } from "@noble/hashes/sha512";
+import { createServer } from "node:http";
+import { randomBytes } from "node:crypto";
+import * as x509 from "@peculiar/x509";
+import { AssuranceLevel } from "../assurance-level.js";
+import { ACME_CHALLENGE_FAILED } from "../error-codes.js";
+import { issueLeaf } from "../x509/builder.js";
+import * as Jws from "./jws.js";
+import * as wire from "./wire.js";
+ed25519.etc.sha512Sync = (...m) => sha512(ed25519.etc.concatBytes(...m));
+x509.cryptoProvider.set(globalThis.crypto);
+export class AcmeServer {
+    options;
+    server;
+    nonces = new Set();
+    accountJwks = new Map();
+    orders = new Map();
+    authzs = new Map();
+    challenges = new Map();
+    certs = new Map();
+    boundPort = 0;
+    constructor(options) {
+        this.options = options;
+        this.server = createServer((req, res) => this.dispatch(req, res));
+    }
+    async start() {
+        await new Promise((resolve) => {
+            this.server.listen(0, "127.0.0.1", () => resolve());
+        });
+        const addr = this.server.address();
+        this.boundPort = typeof addr === "object" && addr !== null ? addr.port : 0;
+        return this;
+    }
+    close() {
+        return new Promise((resolve) => this.server.close(() => resolve()));
+    }
+    get baseUrl() { return `http://127.0.0.1:${this.boundPort}`; }
+    get directoryUrl() { return `${this.baseUrl}/directory`; }
+    // ── Routing ──────────────────────────────────────────────────────────────
+    async dispatch(req, res) {
+        const url = req.url ?? "/";
+        const method = req.method ?? "GET";
+        try {
+            if (method === "GET" && url === "/directory")
+                return this.handleDirectory(res);
+            if (url === "/new-nonce")
+                return this.handleNewNonce(method, res);
+            if (method === "POST" && url === "/new-account")
+                return await this.handleNewAccount(req, res);
+            if (method === "POST" && url === "/new-order")
+                return await this.handleNewOrder(req, res);
+            if (method === "POST" && url.startsWith("/authz/"))
+                return await this.handleAuthz(req, res, url);
+            if (method === "POST" && url.startsWith("/chall/"))
+                return await this.handleChallenge(req, res, url);
+            if (method === "POST" && url.startsWith("/finalize/"))
+                return await this.handleFinalize(req, res, url);
+            if (method === "POST" && url.startsWith("/cert/"))
+                return await this.handleCert(req, res, url);
+            if (method === "POST" && url.startsWith("/order/"))
+                return await this.handleOrder(req, res, url);
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no such resource");
+        }
+        catch (e) {
+            this.sendProblem(res, 500, "urn:ietf:params:acme:error:serverInternal", e.message);
+        }
+    }
+    // ── Endpoint handlers ────────────────────────────────────────────────────
+    handleDirectory(res) {
+        const dir = {
+            newNonce: `${this.baseUrl}/new-nonce`,
+            newAccount: `${this.baseUrl}/new-account`,
+            newOrder: `${this.baseUrl}/new-order`,
+        };
+        this.sendJson(res, 200, dir);
+    }
+    handleNewNonce(method, res) {
+        res.statusCode = method === "HEAD" ? 200 : 204;
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        res.setHeader("Cache-Control", "no-store");
+        res.end();
+    }
+    async handleNewAccount(req, res) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!header.jwk) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", "newAccount must include a 'jwk' member");
+            return;
+        }
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        const pub = Jws.publicKeyFromJwk(header.jwk);
+        if (Jws.verify(env, pub) === null) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", "JWS signature verify failed");
+            return;
+        }
+        const accountId = `acc-${shortId()}`;
+        const accountUrl = `${this.baseUrl}/account/${accountId}`;
+        this.accountJwks.set(accountUrl, header.jwk);
+        res.statusCode = 201;
+        res.setHeader("Content-Type", "application/json");
+        res.setHeader("Location", accountUrl);
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        res.end(JSON.stringify({ status: wire.Status.VALID }));
+    }
+    async handleNewOrder(req, res) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        if (!this.verifyAccount(env, header)) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:accountDoesNotExist", `unknown kid: ${header.kid ?? "<missing>"}`);
+            return;
+        }
+        const payload = Jws.decodePayload(env);
+        if (!payload || !payload.identifiers?.length) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", "missing identifiers");
+            return;
+        }
+        const ident = payload.identifiers[0];
+        const orderId = `ord-${shortId()}`;
+        const authzId = `az-${shortId()}`;
+        const challId = `ch-${shortId()}`;
+        const token = Jws.b64uEncode(new Uint8Array(randomBytes(32)));
+        const orderUrl = `${this.baseUrl}/order/${orderId}`;
+        const authzUrl = `${this.baseUrl}/authz/${authzId}`;
+        const challUrl = `${this.baseUrl}/chall/${challId}`;
+        const finalizeUrl = `${this.baseUrl}/finalize/${orderId}`;
+        this.challenges.set(challId, {
+            id: challId, type: wire.CHALLENGE_AGENT_01, status: wire.Status.PENDING,
+            token, authzId, accountUrl: header.kid ?? "",
+        });
+        this.authzs.set(authzId, {
+            id: authzId, identifier: ident, status: wire.Status.PENDING,
+            challengeIds: [challId], accountUrl: header.kid ?? "",
+        });
+        this.orders.set(orderId, {
+            id: orderId, identifier: ident, status: wire.Status.PENDING,
+            authzId, finalizeUrl, accountUrl: header.kid ?? "",
+        });
+        const order = {
+            status: wire.Status.PENDING,
+            identifiers: [ident],
+            authorizations: [authzUrl],
+            finalize: finalizeUrl,
+        };
+        res.statusCode = 201;
+        res.setHeader("Content-Type", "application/json");
+        res.setHeader("Location", orderUrl);
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        res.end(JSON.stringify(order));
+    }
+    async handleAuthz(req, res, url) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        if (!this.verifyAccount(env, header)) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:unauthorized", "bad sig");
+            return;
+        }
+        const id = url.replace(/^\/authz\//, "");
+        const az = this.authzs.get(id);
+        if (!az) {
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no authz");
+            return;
+        }
+        const challenges = az.challengeIds.map((cid) => {
+            const cs = this.challenges.get(cid);
+            return {
+                type: cs.type, url: `${this.baseUrl}/chall/${cs.id}`,
+                status: cs.status, token: cs.token,
+            };
+        });
+        const authz = {
+            status: az.status, identifier: az.identifier, challenges,
+        };
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        this.sendJson(res, 200, authz);
+    }
+    async handleChallenge(req, res, url) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        const accountJwk = this.accountJwks.get(header.kid ?? "");
+        if (!accountJwk) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:accountDoesNotExist", "unknown kid");
+            return;
+        }
+        const accountPub = Jws.publicKeyFromJwk(accountJwk);
+        if (Jws.verify(env, accountPub) === null) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", "JWS sig fail");
+            return;
+        }
+        const id = url.replace(/^\/chall\//, "");
+        const ch = this.challenges.get(id);
+        if (!ch) {
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no chall");
+            return;
+        }
+        const payload = Jws.decodePayload(env);
+        if (!payload?.agent_signature) {
+            ch.status = wire.Status.INVALID;
+            this.sendProblem(res, 400, ACME_CHALLENGE_FAILED, "missing agent_signature in challenge response");
+            return;
+        }
+        try {
+            const sigBytes = Jws.b64uDecode(payload.agent_signature);
+            const tokenBytes = new TextEncoder().encode(ch.token);
+            if (!ed25519.verify(sigBytes, tokenBytes, accountPub)) {
+                ch.status = wire.Status.INVALID;
+                this.sendProblem(res, 400, ACME_CHALLENGE_FAILED, "agent-01 signature did not verify");
+                return;
+            }
+        }
+        catch (e) {
+            ch.status = wire.Status.INVALID;
+            this.sendProblem(res, 400, ACME_CHALLENGE_FAILED, `agent-01 verification error: ${e.message}`);
+            return;
+        }
+        ch.status = wire.Status.VALID;
+        const az = this.authzs.get(ch.authzId);
+        if (az)
+            az.status = wire.Status.VALID;
+        for (const o of this.orders.values()) {
+            if (o.authzId === ch.authzId)
+                o.status = wire.Status.READY;
+        }
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        this.sendJson(res, 200, {
+            type: ch.type, url: `${this.baseUrl}/chall/${ch.id}`,
+            status: ch.status, token: ch.token,
+        });
+    }
+    async handleFinalize(req, res, url) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        if (!this.verifyAccount(env, header)) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:unauthorized", "bad sig");
+            return;
+        }
+        const orderId = url.replace(/^\/finalize\//, "");
+        const os = this.orders.get(orderId);
+        if (!os) {
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no order");
+            return;
+        }
+        if (os.status !== wire.Status.READY) {
+            this.sendProblem(res, 403, "urn:ietf:params:acme:error:orderNotReady", `order is in state '${os.status}', not 'ready'`);
+            return;
+        }
+        const fp = Jws.decodePayload(env);
+        if (!fp?.csr) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", "missing csr");
+            return;
+        }
+        try {
+            const csrDer = Jws.b64uDecode(fp.csr);
+            const csr = new x509.Pkcs10CertificateRequest(csrDer.buffer);
+            const subjectCn = (() => {
+                for (const rdn of csr.subject.split(",")) {
+                    const t = rdn.trim();
+                    if (t.startsWith("CN="))
+                        return t.slice(3).replace(/\\([",+;<>\\])/g, "$1");
+                }
+                return null;
+            })();
+            if (subjectCn !== os.identifier.value) {
+                this.sendProblem(res, 400, "NIP-CERT-SUBJECT-NID-MISMATCH", `CSR subject CN '${subjectCn ?? ""}' does not match order identifier '${os.identifier.value}'`);
+                return;
+            }
+            const subjectPub = await csr.publicKey.export();
+            const now = new Date();
+            const leaf = await issueLeaf({
+                subjectNid: os.identifier.value,
+                subjectPublicKey: subjectPub,
+                caKeys: this.options.caKeys,
+                issuerNid: this.options.caNid,
+                role: "agent",
+                assuranceLevel: AssuranceLevel.ANONYMOUS,
+                notBefore: new Date(now.getTime() - 60_000),
+                notAfter: new Date(now.getTime() + this.options.certValidityMs),
+                serialNumber: randomHexSerial(),
+            });
+            const certId = `crt-${shortId()}`;
+            const certUrl = `${this.baseUrl}/cert/${certId}`;
+            const pem = leaf.toString("pem") + this.options.caRootCert.toString("pem");
+            this.certs.set(certId, pem);
+            os.status = wire.Status.VALID;
+            os.certificateUrl = certUrl;
+        }
+        catch (e) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badCSR", `CSR processing failed: ${e.message}`);
+            return;
+        }
+        const authzUrl = `${this.baseUrl}/authz/${os.authzId}`;
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        this.sendJson(res, 200, {
+            status: os.status, identifiers: [os.identifier],
+            authorizations: [authzUrl], finalize: os.finalizeUrl,
+            certificate: os.certificateUrl,
+        });
+    }
+    async handleCert(req, res, url) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        if (!this.verifyAccount(env, header)) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:unauthorized", "bad sig");
+            return;
+        }
+        const certId = url.replace(/^\/cert\//, "");
+        const pem = this.certs.get(certId);
+        if (!pem) {
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no cert");
+            return;
+        }
+        res.statusCode = 200;
+        res.setHeader("Content-Type", wire.CONTENT_TYPE_PEM_CERT);
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        res.end(pem);
+    }
+    async handleOrder(req, res, url) {
+        const env = await this.readEnvelope(req, res);
+        if (!env)
+            return;
+        const header = this.parseHeader(env, res);
+        if (!header)
+            return;
+        if (!this.consumeNonce(header.nonce)) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:badNonce", "invalid nonce");
+            return;
+        }
+        if (!this.verifyAccount(env, header)) {
+            this.sendProblem(res, 401, "urn:ietf:params:acme:error:unauthorized", "bad sig");
+            return;
+        }
+        const orderId = url.replace(/^\/order\//, "");
+        const os = this.orders.get(orderId);
+        if (!os) {
+            this.sendProblem(res, 404, "urn:ietf:params:acme:error:malformed", "no order");
+            return;
+        }
+        const authzUrl = `${this.baseUrl}/authz/${os.authzId}`;
+        res.setHeader("Replay-Nonce", this.mintNonce());
+        this.sendJson(res, 200, {
+            status: os.status, identifiers: [os.identifier],
+            authorizations: [authzUrl], finalize: os.finalizeUrl,
+            certificate: os.certificateUrl,
+        });
+    }
+    // ── helpers ──────────────────────────────────────────────────────────────
+    mintNonce() {
+        const n = Jws.b64uEncode(new Uint8Array(randomBytes(16)));
+        this.nonces.add(n);
+        return n;
+    }
+    consumeNonce(nonce) {
+        return this.nonces.delete(nonce);
+    }
+    verifyAccount(env, header) {
+        if (!header.kid)
+            return false;
+        const jwk = this.accountJwks.get(header.kid);
+        if (!jwk)
+            return false;
+        return Jws.verify(env, Jws.publicKeyFromJwk(jwk)) !== null;
+    }
+    async readEnvelope(req, res) {
+        try {
+            const chunks = [];
+            for await (const chunk of req) {
+                chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+            }
+            const body = Buffer.concat(chunks).toString("utf8");
+            return JSON.parse(body);
+        }
+        catch (e) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", `body read/parse failed: ${e.message}`);
+            return null;
+        }
+    }
+    parseHeader(env, res) {
+        try {
+            return JSON.parse(new TextDecoder().decode(Jws.b64uDecode(env.protected)));
+        }
+        catch (e) {
+            this.sendProblem(res, 400, "urn:ietf:params:acme:error:malformed", `malformed protected header: ${e.message}`);
+            return null;
+        }
+    }
+    sendJson(res, status, body) {
+        res.statusCode = status;
+        res.setHeader("Content-Type", "application/json");
+        res.end(JSON.stringify(body));
+    }
+    sendProblem(res, status, type, detail) {
+        res.statusCode = status;
+        res.setHeader("Content-Type", wire.CONTENT_TYPE_PROBLEM);
+        res.end(JSON.stringify({ type, detail, status }));
+    }
+}
+function shortId() {
+    return Buffer.from(randomBytes(8)).toString("hex");
+}
+function randomHexSerial() {
+    return Buffer.from(randomBytes(20)).toString("hex");
+}
+//# sourceMappingURL=server.js.map

package/dist/nip/acme/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../src/nip/acme/server.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAEtC;;;;;GAKG;AAEH,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAA0D,MAAM,WAAW,CAAC;AACjG,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,IAAI,MAAM,gBAAgB,CAAC;AAEvC,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,KAAK,GAAG,MAAM,UAAU,CAAC;AAKhC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACzE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AAoC3C,MAAM,OAAO,UAAU;IAUO;IATX,MAAM,CAAS;IACf,MAAM,GAAS,IAAI,GAAG,EAAU,CAAC;IACjC,WAAW,GAAI,IAAI,GAAG,EAAmB,CAAC;IAC1C,MAAM,GAAS,IAAI,GAAG,EAAsB,CAAC;IAC7C,MAAM,GAAS,IAAI,GAAG,EAAsB,CAAC;IAC7C,UAAU,GAAK,IAAI,GAAG,EAA0B,CAAC;IACjD,KAAK,GAAU,IAAI,GAAG,EAAkB,CAAC;IAClD,SAAS,GAAc,CAAC,CAAC;IAEjC,YAA4B,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;QACpD,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YAClC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK;QACH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,OAAO,KAAmB,OAAO,oBAAoB,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC5E,IAAI,YAAY,KAAc,OAAO,GAAG,IAAI,CAAC,OAAO,YAAY,CAAC,CAAC,CAAC;IAEnE,4EAA4E;IAEpE,KAAK,CAAC,QAAQ,CAAC,GAAoB,EAAE,GAAmB;QAC9D,MAAM,GAAG,GAAM,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,KAAK,YAAY;gBAAS,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YACtF,IAAI,GAAG,KAAK,YAAY;gBAA+B,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC/F,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,KAAK,cAAc;gBAAM,OAAO,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAClG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,KAAK,YAAY;gBAAQ,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAChG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAK,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACpG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAK,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACxG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC;gBAAE,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACvG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAM,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACnG,IAAI,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAK,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACpG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,kBAAkB,CAAC,CAAC;QACzF,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,2CAA2C,EACnE,CAAW,CAAC,OAAO,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,4EAA4E;IAEpE,eAAe,CAAC,GAAmB;QACzC,MAAM,GAAG,GAAc;YACrB,QAAQ,EAAI,GAAG,IAAI,CAAC,OAAO,YAAY;YACvC,UAAU,EAAE,GAAG,IAAI,CAAC,OAAO,cAAc;YACzC,QAAQ,EAAI,GAAG,IAAI,CAAC,OAAO,YAAY;SACxC,CAAC;QACF,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC/B,CAAC;IAEO,cAAc,CAAC,MAAc,EAAE,GAAmB;QACxD,GAAG,CAAC,UAAU,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/C,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC3C,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,GAAoB,EAAE,GAAmB;QACtE,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC9C,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAC/D,wCAAwC,CAAC,CAAC;YAC5C,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YACnF,OAAO;QACT,CAAC;QACD,MAAM,GAAG,GAAG,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAC/D,6BAA6B,CAAC,CAAC;YACjC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAI,OAAO,OAAO,EAAE,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,GAAG,IAAI,CAAC,OAAO,YAAY,SAAS,EAAE,CAAC;QAC1D,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QAE7C,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAClD,GAAG,CAAC,SAAS,CAAC,UAAU,EAAM,UAAU,CAAC,CAAC;QAC1C,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACzD,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,GAAoB,EAAE,GAAmB;QACpE,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC9C,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,gDAAgD,EACzE,gBAAgB,MAAM,CAAC,GAAG,IAAI,WAAW,EAAE,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,CAAC,aAAa,CAAkB,GAAG,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;YAC7C,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,qBAAqB,CAAC,CAAC;YAC1F,OAAO;QACT,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,OAAO,OAAO,EAAE,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,MAAM,OAAO,EAAE,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,MAAM,OAAO,EAAE,EAAE,CAAC;QAClC,MAAM,KAAK,GAAK,GAAG,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAEhE,MAAM,QAAQ,GAAM,GAAG,IAAI,CAAC,OAAO,UAAU,OAAO,EAAE,CAAC;QACvD,MAAM,QAAQ,GAAM,GAAG,IAAI,CAAC,OAAO,UAAU,OAAO,EAAE,CAAC;QACvD,MAAM,QAAQ,GAAM,GAAG,IAAI,CAAC,OAAO,UAAU,OAAO,EAAE,CAAC;QACvD,MAAM,WAAW,GAAG,GAAG,IAAI,CAAC,OAAO,aAAa,OAAO,EAAE,CAAC;QAE1D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE;YAC3B,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YACvE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,IAAI,EAAE;SAC7C,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE;YACvB,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC3D,YAAY,EAAE,CAAC,OAAO,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,IAAI,EAAE;SACtD,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE;YACvB,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC3D,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,IAAI,EAAE;SACnD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAU;YACnB,MAAM,EAAU,IAAI,CAAC,MAAM,CAAC,OAAO;YACnC,WAAW,EAAK,CAAC,KAAK,CAAC;YACvB,cAAc,EAAE,CAAC,QAAQ,CAAC;YAC1B,QAAQ,EAAQ,WAAW;SAC5B,CAAC;QACF,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAClD,GAAG,CAAC,SAAS,CAAC,UAAU,EAAM,QAAQ,CAAC,CAAC;QACxC,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAW;QAC9E,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,yCAAyC,EAAE,SAAS,CAAC,CAAC;YAAC,OAAO;QAC3F,CAAC;QACD,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC/B,IAAI,CAAC,EAAE,EAAE,CAAC;YAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,UAAU,CAAC,CAAC;YAAC,OAAO;QAAC,CAAC;QAEpG,MAAM,UAAU,GAAgB,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;YACrC,OAAO;gBACL,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,UAAU,EAAE,CAAC,EAAE,EAAE;gBACpD,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK;aACnC,CAAC;QACJ,CAAC,CAAC,CAAC;QACH,MAAM,KAAK,GAAkB;YAC3B,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC,UAAU,EAAE,UAAU;SACzD,CAAC;QACF,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAW;QAClF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;QAC1D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,gDAAgD,EAAE,aAAa,CAAC,CAAC;YAC5F,OAAO;QACT,CAAC;QACD,MAAM,UAAU,GAAG,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACpD,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC;YACzC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,cAAc,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QAED,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,EAAE,CAAC;YAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,UAAU,CAAC,CAAC;YAAC,OAAO;QAAC,CAAC;QAEpG,MAAM,OAAO,GAAG,GAAG,CAAC,aAAa,CAA0B,GAAG,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,eAAe,EAAE,CAAC;YAC9B,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,EAC9C,+CAA+C,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QACD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;YACzD,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;YACtD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,CAAC;gBACtD,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;gBAChC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,EAC9C,mCAAmC,CAAC,CAAC;gBACvC,OAAO;YACT,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,EAC9C,gCAAiC,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1D,OAAO;QACT,CAAC;QAED,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;QAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,EAAE;YAAE,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;QACtC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACrC,IAAI,CAAC,CAAC,OAAO,KAAK,EAAE,CAAC,OAAO;gBAAE,CAAC,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;QAC7D,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,UAAU,EAAE,CAAC,EAAE,EAAE;YACpD,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK;SACtB,CAAC,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAW;QACjF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,yCAAyC,EAAE,SAAS,CAAC,CAAC;YAAC,OAAO;QAC3F,CAAC;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,CAAC,EAAE,EAAE,CAAC;YAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,UAAU,CAAC,CAAC;YAAC,OAAO;QAAC,CAAC;QACpG,IAAI,EAAE,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACpC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,0CAA0C,EACnE,sBAAsB,EAAE,CAAC,MAAM,gBAAgB,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QACD,MAAM,EAAE,GAAG,GAAG,CAAC,aAAa,CAAkB,GAAG,CAAC,CAAC;QACnD,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,aAAa,CAAC,CAAC;YAAC,OAAO;QAC5F,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACtC,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,MAAqB,CAAC,CAAC;YAC5E,MAAM,SAAS,GAAG,CAAC,GAAG,EAAE;gBACtB,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;oBACzC,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;oBACrB,IAAI,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC;wBAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC;gBAC9E,CAAC;gBACD,OAAO,IAAqB,CAAC;YAC/B,CAAC,CAAC,EAAE,CAAC;YACL,IAAI,SAAS,KAAK,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;gBACtC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,+BAA+B,EACxD,mBAAmB,SAAS,IAAI,EAAE,sCAAsC,EAAE,CAAC,UAAU,CAAC,KAAK,GAAG,CAAC,CAAC;gBAClG,OAAO;YACT,CAAC;YACD,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC;gBAC3B,UAAU,EAAQ,EAAE,CAAC,UAAU,CAAC,KAAK;gBACrC,gBAAgB,EAAE,UAAU;gBAC5B,MAAM,EAAY,IAAI,CAAC,OAAO,CAAC,MAAM;gBACrC,SAAS,EAAS,IAAI,CAAC,OAAO,CAAC,KAAK;gBACpC,IAAI,EAAc,OAAO;gBACzB,cAAc,EAAI,cAAc,CAAC,SAAS;gBAC1C,SAAS,EAAS,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC;gBAClD,QAAQ,EAAU,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;gBACvE,YAAY,EAAM,eAAe,EAAE;aACpC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,OAAO,OAAO,EAAE,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,OAAO,SAAS,MAAM,EAAE,CAAC;YACjD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC3E,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC5B,EAAE,CAAC,MAAM,GAAW,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;YACtC,EAAE,CAAC,cAAc,GAAG,OAAO,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,mCAAmC,EAC5D,0BAA2B,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YACpD,OAAO;QACT,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,OAAO,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC;QACvD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC;YAC/C,cAAc,EAAE,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW;YACpD,WAAW,EAAE,EAAE,CAAC,cAAc;SACtB,CAAC,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAW;QAC7E,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,yCAAyC,EAAE,SAAS,CAAC,CAAC;YAAC,OAAO;QAC3F,CAAC;QACD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,GAAG,EAAE,CAAC;YAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,SAAS,CAAC,CAAC;YAAC,OAAO;QAAC,CAAC;QAEpG,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAC1D,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAW;QAC9E,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,GAAG;YAAE,OAAO;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qCAAqC,EAAE,eAAe,CAAC,CAAC;YAAC,OAAO;QAC7F,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,yCAAyC,EAAE,SAAS,CAAC,CAAC;YAAC,OAAO;QAC3F,CAAC;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC9C,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,CAAC,EAAE,EAAE,CAAC;YAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAAE,UAAU,CAAC,CAAC;YAAC,OAAO;QAAC,CAAC;QACpG,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,OAAO,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC;QACvD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC;YAC/C,cAAc,EAAE,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW;YACpD,WAAW,EAAE,EAAE,CAAC,cAAc;SACtB,CAAC,CAAC;IACd,CAAC;IAED,4EAA4E;IAEpE,SAAS;QACf,MAAM,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACnB,OAAO,CAAC,CAAC;IACX,CAAC;IAEO,YAAY,CAAC,KAAa;QAChC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAEO,aAAa,CAAC,GAAiB,EAAE,MAA2B;QAClE,IAAI,CAAC,MAAM,CAAC,GAAG;YAAE,OAAO,KAAK,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,CAAC,GAAG;YAAE,OAAO,KAAK,CAAC;QACvB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC;IAC7D,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,GAAoB,EAAE,GAAmB;QAClE,IAAI,CAAC;YACH,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,GAAG,EAAE,CAAC;gBAC9B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YACnE,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAiB,CAAC;QAC1C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAC/D,2BAA4B,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YACrD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,GAAiB,EAAE,GAAmB;QACxD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAwB,CAAC;QACpG,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,sCAAsC,EAC/D,+BAAgC,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAa;QACjE,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC;QACxB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;IAEO,WAAW,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAY,EAAE,MAAc;QACnF,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC;QACxB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACzD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAmB,CAAC,CAAC,CAAC;IACrE,CAAC;CACF;AAED,SAAS,OAAO;IACd,OAAO,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACtD,CAAC"}

package/dist/nip/acme/wire.d.ts

@@ -0,0 +1,19 @@
+/** ACME wire constants (RFC 8555 + NPS-RFC-0002 §4.4). */
+export declare const CONTENT_TYPE_JOSE_JSON = "application/jose+json";
+export declare const CONTENT_TYPE_PROBLEM = "application/problem+json";
+export declare const CONTENT_TYPE_PEM_CERT = "application/pem-certificate-chain";
+export declare const CHALLENGE_AGENT_01 = "agent-01";
+export declare const IDENTIFIER_TYPE_NID = "nid";
+/** ACME status enumeration values (RFC 8555 §7.1.6). */
+export declare const Status: {
+    readonly PENDING: "pending";
+    readonly READY: "ready";
+    readonly PROCESSING: "processing";
+    readonly VALID: "valid";
+    readonly INVALID: "invalid";
+    readonly EXPIRED: "expired";
+    readonly DEACTIVATED: "deactivated";
+    readonly REVOKED: "revoked";
+    readonly SUBMITTED: "submitted";
+};
+//# sourceMappingURL=wire.d.ts.map

package/dist/nip/acme/wire.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wire.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/wire.ts"],"names":[],"mappings":"AAGA,0DAA0D;AAE1D,eAAO,MAAM,sBAAsB,0BAA0B,CAAC;AAC9D,eAAO,MAAM,oBAAoB,6BAA+B,CAAC;AACjE,eAAO,MAAM,qBAAqB,sCAAuC,CAAC;AAE1E,eAAO,MAAM,kBAAkB,aAAc,CAAC;AAC9C,eAAO,MAAM,mBAAmB,QAAQ,CAAC;AAEzC,wDAAwD;AACxD,eAAO,MAAM,MAAM;;;;;;;;;;CAUT,CAAC"}

package/dist/nip/acme/wire.js

@@ -0,0 +1,21 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+/** ACME wire constants (RFC 8555 + NPS-RFC-0002 §4.4). */
+export const CONTENT_TYPE_JOSE_JSON = "application/jose+json";
+export const CONTENT_TYPE_PROBLEM = "application/problem+json";
+export const CONTENT_TYPE_PEM_CERT = "application/pem-certificate-chain";
+export const CHALLENGE_AGENT_01 = "agent-01";
+export const IDENTIFIER_TYPE_NID = "nid";
+/** ACME status enumeration values (RFC 8555 §7.1.6). */
+export const Status = {
+    PENDING: "pending",
+    READY: "ready",
+    PROCESSING: "processing",
+    VALID: "valid",
+    INVALID: "invalid",
+    EXPIRED: "expired",
+    DEACTIVATED: "deactivated",
+    REVOKED: "revoked",
+    SUBMITTED: "submitted",
+};
+//# sourceMappingURL=wire.js.map

package/dist/nip/acme/wire.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wire.js","sourceRoot":"","sources":["../../../src/nip/acme/wire.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAEtC,0DAA0D;AAE1D,MAAM,CAAC,MAAM,sBAAsB,GAAG,uBAAuB,CAAC;AAC9D,MAAM,CAAC,MAAM,oBAAoB,GAAK,0BAA0B,CAAC;AACjE,MAAM,CAAC,MAAM,qBAAqB,GAAI,mCAAmC,CAAC;AAE1E,MAAM,CAAC,MAAM,kBAAkB,GAAI,UAAU,CAAC;AAC9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAEzC,wDAAwD;AACxD,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,OAAO,EAAM,SAAS;IACtB,KAAK,EAAQ,OAAO;IACpB,UAAU,EAAG,YAAY;IACzB,KAAK,EAAQ,OAAO;IACpB,OAAO,EAAM,SAAS;IACtB,OAAO,EAAM,SAAS;IACtB,WAAW,EAAE,aAAa;IAC1B,OAAO,EAAM,SAAS;IACtB,SAAS,EAAI,WAAW;CAChB,CAAC"}

package/dist/nip/assurance-level.d.ts

@@ -0,0 +1,19 @@
+/** Agent identity assurance level per NPS-RFC-0003 §5.1.1. */
+export type AssuranceLevelWire = "anonymous" | "attested" | "verified";
+export declare class AssuranceLevel {
+    readonly wire: AssuranceLevelWire;
+    readonly rank: number;
+    static readonly ANONYMOUS: AssuranceLevel;
+    static readonly ATTESTED: AssuranceLevel;
+    static readonly VERIFIED: AssuranceLevel;
+    private constructor();
+    meetsOrExceeds(required: AssuranceLevel): boolean;
+    /**
+     * Parse a wire string.  `null`, `undefined`, or `""` → `ANONYMOUS`
+     * (backward compat per NPS-RFC-0003 §5.1.1).  Any other unrecognised
+     * non-empty value throws — callers MUST surface it as `NIP-ASSURANCE-UNKNOWN`.
+     */
+    static fromWire(wire: string | null | undefined): AssuranceLevel;
+    static fromRank(rank: number): AssuranceLevel;
+}
+//# sourceMappingURL=assurance-level.d.ts.map

package/dist/nip/assurance-level.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"assurance-level.d.ts","sourceRoot":"","sources":["../../src/nip/assurance-level.ts"],"names":[],"mappings":"AAGA,8DAA8D;AAC9D,MAAM,MAAM,kBAAkB,GAAG,WAAW,GAAG,UAAU,GAAG,UAAU,CAAC;AAEvE,qBAAa,cAAc;aAMP,IAAI,EAAE,kBAAkB;aACxB,IAAI,EAAE,MAAM;IAN9B,MAAM,CAAC,QAAQ,CAAC,SAAS,iBAAsC;IAC/D,MAAM,CAAC,QAAQ,CAAC,QAAQ,iBAAuC;IAC/D,MAAM,CAAC,QAAQ,CAAC,QAAQ,iBAAuC;IAE/D,OAAO;IAKP,cAAc,CAAC,QAAQ,EAAE,cAAc,GAAG,OAAO;IAIjD;;;;OAIG;IACH,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,cAAc;IAQhE,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc;CAM9C"}

package/dist/nip/assurance-level.js

@@ -0,0 +1,38 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+export class AssuranceLevel {
+    wire;
+    rank;
+    static ANONYMOUS = new AssuranceLevel("anonymous", 0);
+    static ATTESTED = new AssuranceLevel("attested", 1);
+    static VERIFIED = new AssuranceLevel("verified", 2);
+    constructor(wire, rank) {
+        this.wire = wire;
+        this.rank = rank;
+    }
+    meetsOrExceeds(required) {
+        return this.rank >= required.rank;
+    }
+    /**
+     * Parse a wire string.  `null`, `undefined`, or `""` → `ANONYMOUS`
+     * (backward compat per NPS-RFC-0003 §5.1.1).  Any other unrecognised
+     * non-empty value throws — callers MUST surface it as `NIP-ASSURANCE-UNKNOWN`.
+     */
+    static fromWire(wire) {
+        if (!wire)
+            return AssuranceLevel.ANONYMOUS; // null, undefined, or ""
+        for (const level of [AssuranceLevel.ANONYMOUS, AssuranceLevel.ATTESTED, AssuranceLevel.VERIFIED]) {
+            if (level.wire === wire)
+                return level;
+        }
+        throw new Error(`Unknown assurance_level: ${JSON.stringify(wire)}`);
+    }
+    static fromRank(rank) {
+        for (const level of [AssuranceLevel.ANONYMOUS, AssuranceLevel.ATTESTED, AssuranceLevel.VERIFIED]) {
+            if (level.rank === rank)
+                return level;
+        }
+        throw new Error(`Unknown assurance_level rank: ${rank}`);
+    }
+}
+//# sourceMappingURL=assurance-level.js.map

package/dist/nip/assurance-level.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"assurance-level.js","sourceRoot":"","sources":["../../src/nip/assurance-level.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAKtC,MAAM,OAAO,cAAc;IAMP;IACA;IANlB,MAAM,CAAU,SAAS,GAAG,IAAI,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC/D,MAAM,CAAU,QAAQ,GAAI,IAAI,cAAc,CAAC,UAAU,EAAG,CAAC,CAAC,CAAC;IAC/D,MAAM,CAAU,QAAQ,GAAI,IAAI,cAAc,CAAC,UAAU,EAAG,CAAC,CAAC,CAAC;IAE/D,YACkB,IAAwB,EACxB,IAAY;QADZ,SAAI,GAAJ,IAAI,CAAoB;QACxB,SAAI,GAAJ,IAAI,CAAQ;IAC3B,CAAC;IAEJ,cAAc,CAAC,QAAwB;QACrC,OAAO,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC;IACpC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,QAAQ,CAAC,IAA+B;QAC7C,IAAI,CAAC,IAAI;YAAE,OAAO,cAAc,CAAC,SAAS,CAAC,CAAC,yBAAyB;QACrE,KAAK,MAAM,KAAK,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjG,IAAI,KAAK,CAAC,IAAI,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;QACxC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,IAAY;QAC1B,KAAK,MAAM,KAAK,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjG,IAAI,KAAK,CAAC,IAAI,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;QACxC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC"}