npm - @metamask-previews/seedless-onboarding-controller - Versions diffs - 7.1.0-preview-7cfbb337 → 7.1.0-preview-bea9ae5 - Mend

@metamask-previews/seedless-onboarding-controller 7.1.0-preview-7cfbb337 → 7.1.0-preview-bea9ae5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/SeedlessOnboardingController.cjs +1 -1
package/dist/SeedlessOnboardingController.cjs.map +1 -1
package/dist/SeedlessOnboardingController.d.cts.map +1 -1
package/dist/SeedlessOnboardingController.d.mts.map +1 -1
package/dist/SeedlessOnboardingController.mjs +1 -1
package/dist/SeedlessOnboardingController.mjs.map +1 -1
package/dist/errors.cjs.map +1 -1
package/dist/errors.d.cts.map +1 -1
package/dist/errors.d.mts.map +1 -1
package/dist/errors.mjs.map +1 -1
package/package.json +1 -1

package/dist/SeedlessOnboardingController.cjs CHANGED Viewed

@@ -1584,7 +1584,7 @@ function assertIsValidPassword(password) {
     if (typeof password !== 'string') {
         throw new Error(constants_1.SeedlessOnboardingControllerErrorMessage.WrongPasswordType);
     }
-    if (!password || !password.length) {
+    if (!password?.length) {
         throw new Error(constants_1.SeedlessOnboardingControllerErrorMessage.InvalidEmptyPassword);
     }
 }

package/dist/SeedlessOnboardingController.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SeedlessOnboardingController.cjs","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qEAAkE;AAClE,+DAA+E;AAO/E,uEAIuC;AACvC,2CAIyB;AACzB,4CAAyC;AACzC,gDAAgE;AAChE,wDAAwD;AACxD,uDAAoD;AACpD,6CAAoC;AAEpC,iDAIsB;AAEtB,+CAMqB;AACrB,yCAA4D;AAC5D,yCAA6D;AAC7D,yDAAkD;AAelD,uCAKiB;AAEjB,MAAM,GAAG,GAAG,IAAA,2BAAkB,EAAC,sBAAa,EAAE,0BAAc,CAAC,CAAC;AAE9D;;;;;GAKG;AACH,SAAgB,uDAAuD,CACrE,SAAsD;IAEtD,MAAM,YAAY,GAAG;QACnB,qBAAqB,EAAE,EAAE;QACzB,qCAAqC,EAAE,KAAK;QAC5C,GAAG,SAAS;KACb,CAAC;IAEF,8CAA8C;IAC9C,IAAI,CAAC;QACH,IAAA,wDAA2C,EAAC,YAAY,CAAC,CAAC;QAC1D,YAAY,CAAC,qCAAqC,GAAG,IAAI,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,CAAC,qCAAqC,GAAG,KAAK,CAAC;IAC7D,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAjBD,0HAiBC;AAED;;;;;;GAMG;AACH,MAAM,0BAA0B,GAC9B;IACE,KAAK,EAAE;QACL,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qBAAqB,EAAE;QACrB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,cAAc,EAAE;QACd,kBAAkB,EAAE,CAAC,cAAc,EAAE,EAAE,CACrC,CAAC,IAAA,yBAAiB,EAAC,cAAc,CAAC;QACpC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,cAAc,EAAE;QACd,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,IAAI;KACf;IACD,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,uBAAuB,EAAE;QACvB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,MAAM,EAAE;QACN,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,IAAI;KACf;IACD,kBAAkB,EAAE;QAClB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,mBAAmB,EAAE;QACnB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,UAAU,EAAE;QACV,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qBAAqB,EAAE;QACrB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,YAAY,EAAE;QACZ,kBAAkB,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,YAAY,CAAC;QACtE,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,WAAW,EAAE;QACX,kBAAkB,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,WAAW,CAAC;QACpE,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,wBAAwB,EAAE;QACxB,kBAAkB,EAAE,CAAC,wBAAwB,EAAE,EAAE,CAC/C,CAAC,IAAA,yBAAiB,EAAC,wBAAwB,CAAC;YAC5C,wBAAwB,CAAC,MAAM,GAAG,CAAC;QACrC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,iBAAiB;IACjB,WAAW,EAAE;QACX,kBAAkB,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,WAAW,CAAC;QACpE,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,2EAA2E;IAC3E,2CAA2C;IAC3C,mBAAmB,EAAE;QACnB,kBAAkB,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAC1C,CAAC,IAAA,yBAAiB,EAAC,mBAAmB,CAAC;QACzC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,8BAA8B,EAAE;QAC9B,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,6BAA6B,EAAE;QAC7B,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qCAAqC,EAAE;QACrC,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;CACF,CAAC;AAEJ,MAAa,4BAGX,SAAQ,gCAIT;IAqCC;;;;;;;;;;;;;OAaG;IACH,YAAY,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAO,GAAG,2BAAe,CAAC,OAAO,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAwB,GAAG,0CAA8B,GAI1D;QACC,KAAK,CAAC;YACJ,IAAI,EAAE,0BAAc;YACpB,QAAQ,EAAE,0BAA0B;YACpC,KAAK,EAAE,uDAAuD,CAAC,KAAK,CAAC;YACrE,SAAS;SACV,CAAC,CAAC;;QArEI,+DAGP;QAEO,iEAA4B,IAAI,mBAAK,EAAE,EAAC;QAExC,4DAAuB,IAAI,mBAAK,EAAE,EAAC;QAInC,gEAAkC;QAElC,mEAAwC;QAExC,kEAAsC;QAE/C;;WAEG;QACM,yEAAkC;QAE3C;;;;WAIG;QACH,mDAAc,KAAK,EAAC;QAEpB;;;;WAIG;QACH,yEAA6D;QAqC3D,IAAA,+CAAkC,EAAC,wBAAwB,CAAC,CAAC;QAC7D,uBAAA,IAAI,0DAA6B,wBAAwB,MAAA,CAAC;QAE1D,uBAAA,IAAI,gDAAmB,SAAS,MAAA,CAAC;QAEjC,IAAI,CAAC,WAAW,GAAG,IAAI,uCAAiB,CAAC;YACvC,OAAO;YACP,UAAU,EAAE,eAAe;YAC3B,wBAAwB,EAAE,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;SACnE,CAAC,CAAC;QACH,uBAAA,IAAI,iDAAoB,eAAe,MAAA,CAAC;QACxC,uBAAA,IAAI,oDAAuB,kBAAkB,MAAA,CAAC;QAC9C,uBAAA,IAAI,mDAAsB,iBAAiB,MAAA,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,wBAAwB;QAG5B,MAAM,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAC3C,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,0BAA0B,CACpE,CAAC;QACJ,CAAC;QAED,kDAAkD;QAClD,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,mBAAmB,CAAC,CAAC;QACzD,IAAI,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;YACrD,+BAA+B;YAC/B,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAE/B,kCAAkC;YAClC,MAAM,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAEnE,OAAO;gBACL,mBAAmB,EAAE,sBAAgC;aACtD,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,mBAAmB,EAAE,CAAC;IACjC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,8BAA8B,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,YAAY,CAAC,MAYlB;QACC,MAAM,uBAAuB,GAAG,KAAK,IAAI,EAAE;YACzC,IAAI,CAAC;gBACH,MAAM,EACJ,QAAQ,EACR,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,EACN,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mBAAmB,GACpB,GAAG,MAAM,CAAC;gBAEX,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;oBAC/D,gBAAgB;oBAChB,MAAM;oBACN,QAAQ;oBACR,uBAAuB;iBACxB,CAAC,CAAC;gBACH,oDAAoD;gBACpD,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,KAAK,CAAC,cAAc,GAAG,oBAAoB,CAAC,cAAc,CAAC;oBAC3D,KAAK,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;oBAC1C,KAAK,CAAC,uBAAuB,GAAG,uBAAuB,CAAC;oBACxD,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;oBACtB,KAAK,CAAC,cAAc,GAAG,cAAc,CAAC;oBACtC,KAAK,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;oBAC1C,KAAK,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;oBAChD,KAAK,CAAC,YAAY,GAAG,YAAY,CAAC;oBAClC,IAAI,WAAW,EAAE,CAAC;wBAChB,kFAAkF;wBAClF,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;oBAClC,CAAC;oBACD,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;oBAEhC,yFAAyF;oBACzF,mEAAmE;oBACnE,IAAA,wDAA2C,EAAC,KAAK,CAAC,CAAC;oBACnD,KAAK,CAAC,qCAAqC,GAAG,IAAI,CAAC;gBACrD,CAAC,CAAC,CAAC;gBAEH,OAAO,oBAAoB,CAAC;YAC9B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QACF,OAAO,MAAM,CAAC,QAAQ;YACpB,CAAC,CAAC,MAAM,uBAAuB,EAAE;YACjC,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,uBAAuB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,iCAAiC,CACrC,QAAgB,EAChB,UAAsB,EACtB,SAAiB;QAEjB,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,+BAA+B;YAC/B,qGAAqG;YACrG,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAE5C,wDAAwD;YACxD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,GAC9C,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC;gBACpC,QAAQ;aACT,CAAC,CAAC;YACL,MAAM,2BAA2B,GAAG,KAAK,IAAmB,EAAE;gBAC5D,oCAAoC;gBACpC,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B;oBACpC,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,sBAAU,CAAC,QAAQ;oBACzB,MAAM;oBACN,WAAW;oBACX,OAAO,EAAE;wBACP,SAAS;qBACV;iBACF,CAAC,CAAC;gBAEH,0CAA0C;gBAC1C,qFAAqF;gBACrF,4FAA4F;gBAC5F,kDAAkD;gBAClD,MAAM,uBAAA,IAAI,6FAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC;gBACpD,4DAA4D;gBAC5D,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ;oBACR,qBAAqB,EAAE,MAAM;oBAC7B,uBAAuB,EAAE,QAAQ;oBACjC,mBAAmB,EAAE,WAAW;iBACjC,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACR,2BAA2B,EAC3B,mCAAmC,CACpC,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,gBAAgB,CACpB,IAAgB,EAChB,IAAgB,EAChB,OAEC;QAED,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YAEzB,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;gBAC/B,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,KAAK,IAAmB,EAAE;gBAC9C,2CAA2C;gBAC3C,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,GAC5C,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;gBAE3C,oCAAoC;gBACpC,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B;oBACpC,IAAI;oBACJ,IAAI;oBACJ,MAAM,EAAE,kBAAkB;oBAC1B,WAAW,EAAE,gBAAgB;oBAC7B,OAAO;iBACR,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,aAAa,EAAE,kBAAkB,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,kBAAkB,CAAC,QAAiB;QACxC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,KAAK,IAAI,EAAE;gBACpD,wEAAwE;gBACxE,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;gBAE5C,IAAI,MAAkB,CAAC;gBACvB,IAAI,QAAoB,CAAC;gBACzB,IAAI,WAAoB,CAAC;gBAEzB,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,mBAAmB,GAAG,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,QAAQ,CAAC,CAAC;oBAChE,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC;oBACpC,QAAQ,GAAG,mBAAmB,CAAC,QAAQ,CAAC;oBACxC,WAAW,GAAG,mBAAmB,CAAC,WAAW,CAAC;gBAChD,CAAC;qBAAM,CAAC;oBACN,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;oBACzB,2CAA2C;oBAC3C,MAAM,aAAa,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;oBAC/D,MAAM,GAAG,aAAa,CAAC,kBAAkB,CAAC;oBAC1C,QAAQ,GAAG,aAAa,CAAC,oBAAoB,CAAC;oBAC9C,WAAW,GAAG,aAAa,CAAC,gBAAgB,CAAC;gBAC/C,CAAC;gBAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,kHAAqC,MAAzC,IAAI,EACxB,MAAM,EACN,WAAW,CACZ,CAAC;gBAEF,IAAI,QAAQ,EAAE,CAAC;oBACb,qIAAqI;oBACrI,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;wBACrC,QAAQ;wBACR,qBAAqB,EAAE,MAAM;wBAC7B,uBAAuB,EAAE,QAAQ;wBACjC,mBAAmB,EAAE,WAAW;qBACjC,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,WAAmB;QAC3D,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YACzB,iDAAiD;YACjD,MAAM,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE;gBAC1C,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;gBAC1D,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,qBAAqB,GAAG,KAAK,IAAmB,EAAE;gBACtD,2CAA2C;gBAC3C,IAAI,oBAAwC,CAAC;gBAC7C,IAAI,IAAI,CAAC,KAAK,CAAC,6BAA6B,EAAE,CAAC;oBAC7C,oBAAoB,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;gBAC/D,CAAC;gBAED,4EAA4E;gBAC5E,MAAM,EACJ,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAE,cAAc,GAC5B,GAAG,MAAM,uBAAA,IAAI,kGAAqB,MAAzB,IAAI,EAAsB;oBAClC,WAAW;oBACX,WAAW;oBACX,cAAc;iBACf,CAAC,CAAC;gBAEH,iDAAiD;gBACjD,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ,EAAE,WAAW;oBACrB,qBAAqB,EAAE,SAAS;oBAChC,uBAAuB,EAAE,WAAW;oBACpC,mBAAmB,EAAE,cAAc;iBACpC,CAAC,CAAC;gBAEH,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;gBAEnC,gDAAgD;gBAChD,IAAI,oBAAoB,EAAE,CAAC;oBACzB,MAAM,IAAI,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC,CAAC;YAEF,IAAI,CAAC;gBACH,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACR,qBAAqB,EACrB,gBAAgB,CACjB,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;gBACtC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,sBAAsB,CAChE,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,yBAAyB,CACvB,UAEkE;QAElE,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;QAEzB,uBAAA,IAAI,wHAA2C,MAA/C,IAAI,EAA4C,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,mBAAmB,CACvB,QAAgB,EAChB,OAEC;QAED,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;YAC1B,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,UAAU,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,uBAAA,IAAI,oDAAgB,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACjE,CAAC,CAAC;QACF,OAAO,OAAO,EAAE,QAAQ;YACtB,CAAC,CAAC,MAAM,QAAQ,EAAE;YAClB,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAgB,EAChB,OAAmB,sBAAU,CAAC,QAAQ;QAEtC,MAAM,cAAc,GAAG,IAAA,uCAAkB,EAAC,IAAI,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,CAC1C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,CACnE,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,cAAc,CAAC,QAAgB;QACnC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B,EAAE,QAAQ,EAAE,CAAC,CAAC;YACrD,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS;QACb,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;gBACpB,OAAO,KAAK,CAAC,kBAAkB,CAAC;gBAChC,OAAO,KAAK,CAAC,mBAAmB,CAAC;gBACjC,OAAO,KAAK,CAAC,WAAW,CAAC;gBACzB,OAAO,KAAK,CAAC,WAAW,CAAC;YAC3B,CAAC,CAAC,CAAC;YAEH,uBAAA,IAAI,0DAA6B,SAAS,MAAA,CAAC;YAC3C,uBAAA,IAAI,4CAAe,KAAK,MAAA,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,wBAAwB,CAAC,EAC7B,cAAc,GAGf;QACC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YACzB,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;gBAChC,0CAA0C;gBAC1C,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GACrC,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,cAAc,CAAC,CAAC;gBAC5C,iDAAiD;gBACjD,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ,EAAE,cAAc;oBACxB,qBAAqB,EAAE,MAAM;oBAC7B,uBAAuB,EAAE,QAAQ;oBACjC,mBAAmB,EAAE,WAAW;iBACjC,CAAC,CAAC;gBAEH,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;YACrC,CAAC,CAAC;YACF,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACf,cAAc,EACd,0BAA0B,CAC3B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAiB,GAAG,CAAC,GAItB;QACC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,KAAK,IAAI,EAAE;gBACpD,MAAM,uBAAuB,GAAG,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,CAAqB,CAAC;gBAC1D,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;oBAC/B,gBAAgB,EAAE,uBAAuB;oBACzC,cAAc;oBACd,iBAAiB;iBAClB,CAAC,CAAC;YACL,CAAC,EAAE,sBAAsB,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC;IAuDD;;;;;;;;;OASG;IACH,KAAK,CAAC,uBAAuB,CAAC,OAI7B;QACC,MAAM,wBAAwB,GAAG,KAAK,IAAI,EAAE;YAC1C,uCAAuC;YACvC,6CAA6C;YAC7C,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,CAAC;gBACxB,MAAM,EAAE,qBAAqB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;gBAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACvB,MAAM,YAAY,GAChB,qBAAqB;oBACrB,GAAG,GAAG,qBAAqB,CAAC,SAAS;wBACnC,uBAAA,IAAI,8DAA0B,CAAC;gBAEnC,IAAI,YAAY,EAAE,CAAC;oBACjB,OAAO,qBAAqB,CAAC,YAAY,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;YAEf,MAAM,uBAAuB,GAAG,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,CAAqB,CAAC;YAE1D,IAAI,gBAAgB,GAAG,OAAO,EAAE,gBAAgB,CAAC;YACjD,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW;qBAC1C,eAAe,CAAC;oBACf,cAAc;oBACd,gBAAgB;oBAChB,uBAAuB;oBACvB,MAAM;iBACP,CAAC;qBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oBACf,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;oBAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,uBAAuB,CACjE,CAAC;gBACJ,CAAC,CAAC,CAAC;gBACL,gBAAgB,GAAG,UAAU,CAAC;YAChC,CAAC;YAED,uDAAuD;YACvD,MAAM,YAAY,GAAG,CAAC,qBAAS,CAAC,eAAe,CAAC,OAAO,CACrD,uBAAuB,CACxB,CAAC,MAAM,CAAC,qBAAS,CAAC,eAAe,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;YAC9D,4BAA4B;YAC5B,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;gBACpB,KAAK,CAAC,qBAAqB,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACxE,CAAC,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC,CAAC;QAEF,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACf,KAAK,IAAI,EAAE,CACT,OAAO,EAAE,QAAQ;YACf,CAAC,CAAC,MAAM,wBAAwB,EAAE;YAClC,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,wBAAwB,CAAC,EAC9D,yBAAyB,CAC1B,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,sBAAsB;QAC1B,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAMD;;OAEG;IACH,UAAU;QACR,MAAM,YAAY,GAChB,uDAAuD,EAAE,CAAC;QAC5D,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;YACf,OAAO,YAAY,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC;IA8CD;;;;;OAKG;IACH,KAAK,CAAC,yBAAyB,CAAC,oBAA4B;QAC1D,MAAM,EAAE,oBAAoB,EAAE,MAAM,EAAE,GACpC,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;QAC3C,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB;QAC5B,MAAM,EAAE,oBAAoB,EAAE,MAAM,EAAE,GACpC,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;QAC3C,OAAO,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,MAAM,CAAC,CAAC;IACtD,CAAC;IAmvBD;;;;;;;OAOG;IACH,KAAK,CAAC,iBAAiB;QACrB,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAEpC,MAAM,GAAG,GAAG,MAAM,uBAAA,IAAI,qDAAiB,MAArB,IAAI,EAAkB;YACtC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;YACrC,YAAY;SACb,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACjB,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,wBAAwB,CAClE,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,GAAG,GAAG,CAAC;YAC3D,qEAAqE;YACrE,sKAAsK;YACtK,MAAM,IAAI,CAAC,YAAY,CAAC;gBACtB,QAAQ;gBACR,WAAW;gBACX,mBAAmB;gBACnB,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;gBACzC,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB;gBAC7C,uBAAuB,EAAE,IAAI,CAAC,KAAK,CAAC,uBAAuB;gBAC3D,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM;gBACzB,YAAY;gBACZ,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAChD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QACtC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,YAAY,EAAE,kBAAkB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YACxD,MAAM,EACJ,kBAAkB,EAAE,qBAAqB,EACzC,oBAAoB,EAAE,uBAAuB,EAC7C,gBAAgB,EAAE,mBAAmB,EACrC,WAAW,GACZ,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;gBACzC,QAAQ;gBACR,aAAa,EAAE,kBAAkB;aAClC,CAAC,CAAC;YAEH,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,MAAM,uBAAA,IAAI,uDAAmB,MAAvB,IAAI,EACpD;gBACE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;gBACrC,WAAW;aACZ,CACF,CAAC;YAEF,IAAI,cAAc,IAAI,eAAe,EAAE,CAAC;gBACtC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,oEAAoE;oBACpE,KAAK,CAAC,WAAW,GAAG,cAAc,CAAC;oBACnC,4CAA4C;oBAC5C,KAAK,CAAC,YAAY,GAAG,eAAe,CAAC;gBACvC,CAAC,CAAC,CAAC;gBAEH,0EAA0E;gBAC1E,uBAAA,IAAI,0GAA6B,MAAjC,IAAI,EAA8B;oBAChC,YAAY;oBACZ,WAAW;iBACZ,CAAC,CAAC;gBAEH,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ;oBACR,qBAAqB;oBACrB,uBAAuB;oBACvB,mBAAmB;iBACpB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B;QAC9B,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAChD,IAAI,CAAC,wBAAwB,IAAI,wBAAwB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvE,OAAO;YACT,CAAC;YAED,gDAAgD;YAChD,MAAM,QAAQ,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE;gBAChE,MAAM,aAAa,GAAG,KAAK,IAA4B,EAAE;oBACvD,IAAI,CAAC;wBACH,MAAM,uBAAA,IAAI,wDAAoB,MAAxB,IAAI,EAAqB;4BAC7B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAgC;4BACvD,WAAW;yBACZ,CAAC,CAAC;wBACH,OAAO,WAAW,CAAC;oBACrB,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,GAAG,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;wBAC3C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC,CAAC;gBACF,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,gFAAgF;YAC5H,6BAA6B;YAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC;YAC/D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,wFAAwF;gBACxF,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,KAAK,CAAC,wBAAwB;wBAC5B,KAAK,CAAC,wBAAwB,EAAE,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,CACtD,CAAC;gBACN,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IA8HD;;;;OAIG;IACI,yBAAyB;QAC9B,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;QAE5C,MAAM,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QACtC,mFAAmF;QACnF,MAAM,cAAc,GAAG,cAAc,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;QACpD,gDAAgD;QAChD,MAAM,YAAY,GAAG,IAAA,2BAAmB,EAAC,cAAc,CAAC,CAAC;QACzD,gCAAgC;QAChC,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IAC9C,CAAC;IAED;;;;OAIG;IACI,+BAA+B;QACpC,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAC3C,yEAAyE;YACzE,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,mBAA6B,CAAC,CAAC;YACnE,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,CAAC,yDAAyD;QACxE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,uBAAuB;QAC5B,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YACnC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACnD,CAAC;YACD,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,WAAW,CAAC,CAAC;YACjD,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,CAAC,yDAAyD;QACxE,CAAC;IACH,CAAC;CACF;AA33DD,oEA23DC;;AA7xCC;;;;;;;;;;;GAWG;AACH,KAAK,6DAAuB,EAC1B,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAKlB;IACC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,cAAc,EAAE,GAC1D,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,cAAc,CAAC,CAAC;IAE5C,IAAI,CAAC;QACH,gCAAgC;QAChC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;YACjD,gBAAgB;YAChB,WAAW;YACX,cAAc;YACd,gBAAgB,EAAE,iBAAiB;SACpC,CAAC,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;QACzB,MAAM,QAAQ,GAAG,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,QAAQ,CAAC,CAAC;QAEjE,wBAAwB;QACxB,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;YACrC,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAC;QACH,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,IAAI,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,yBAAyB,CACnE,CAAC;QACJ,CAAC;QACD,MAAM,0BAAiB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC;IAsGC,uBAAA,IAAI,4CAAe,IAAI,MAAA,CAAC;AAC1B,CAAC;AAaD;;;;;;GAMG;AACH,KAAK,uDAAiB,OAAe,EAAE,UAAgC;IACrE,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzE,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;YACrC,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;YACzC,gBAAgB;YAChB,uBAAuB;YACvB,MAAM;YACN,OAAO;YACP,UAAU;SACX,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,GAAG,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,sBAAsB,CAChE,CAAC;IACJ,CAAC;AACH,CAAC,6GASkB,MAA4C;IAC7D,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;AACL,CAAC;AA0BD;;;;;GAKG;AACH,KAAK,kEACH,MAAkB,EAClB,oBAA4B;IAE5B,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAC/C,IAAA,mBAAW,EAAC,oBAAoB,CAAC,CAClC,CAAC;IACF,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,6BAA6B,GAAG,IAAA,qBAAa,EACjD,6BAA6B,CAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,KAAK,iEAA2B,MAAkB;IAChD,MAAM,EAAE,6BAA6B,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IACnE,wCAAwC,CAAC,YAAY,CAAC,CAAC;IACvD,MAAM,sBAAsB,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,OAAO,IAAA,mBAAW,EAAC,QAAQ,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,KAAK,kEAA4B,MAAkB;IACjD,MAAM,EAAE,8BAA8B,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IACpE,yCAAyC,CAAC,YAAY,CAAC,CAAC;IACxD,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,qBAAqB,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC7D,OAAO,IAAA,mBAAW,EAAC,qBAAqB,CAAC,CAAC;AAC5C,CAAC;IASC,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAClC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;IACJ,CAAC;IAED,OAAO,IAAA,qBAAa,EAAC,UAAU,CAAC,CAAC;AACnC,CAAC;AAED;;;;;;GAMG;AACH,KAAK,sDACH,QAAgB;IAEhB,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;IAEf,IAAI,CAAC;QACH,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC;YAC/D,cAAc;YACd,QAAQ;YACR,gBAAgB;YAChB,uBAAuB;YACvB,MAAM;SACP,CAAC,CAAC;QACH,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,sDAAsD;QACtD,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,sBAAa,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;AACH,CAAC,sEAED,KAAK,4EACH,MAAkB,EAClB,WAAoB;IAEpB,IAAI,UAAU,GAAiB,EAAE,CAAC;IAClC,IAAI,CAAC;QACH,4DAA4D;QAC5D,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC;YAC1D,MAAM,EAAE,MAAM;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,2BAA2B,CACrE,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,IAAI,UAAU,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,+BAAc,CAAC,6BAA6B,CAAC,UAAU,CAAC,CAAC;QACzE,uDAAuD;QACvD,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACjC,IAAI,aAAa,CAAC,IAAI,KAAK,sBAAU,CAAC,QAAQ,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,4BAA4B,CACtE,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,iBAAiB,CAAC,CAAC;AAC9E,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,4DAAsB,EACzB,WAAW,EACX,WAAW,EACX,cAAc,GAKf;IACC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzE,IAAI,MAAkB,CAAC;IACvB,IAAI,QAAoB,CAAC;IACzB,IAAI,WAAoB,CAAC;IACzB,IAAI,cAAc,GAAG,cAAc,CAAC;IACpC,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,CAAC;YACC,MAAM;YACN,QAAQ;YACR,WAAW;YACX,aAAa,EAAE,cAAc;SAC9B,GAAG,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,WAAW,CAAC,CAAC,CAAC;IAC9C,CAAC;SAAM,CAAC;QACN,CAAC;YACC,kBAAkB,EAAE,MAAM;YAC1B,oBAAoB,EAAE,QAAQ;YAC9B,gBAAgB,EAAE,WAAW;SAC9B,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;QACjD,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;QACzC,gBAAgB;QAChB,uBAAuB;QACvB,MAAM;QACN,SAAS,EAAE,MAAM;QACjB,WAAW,EAAE,QAAQ;QACrB,cAAc,EAAE,WAAW;QAC3B,gBAAgB,EAAE,cAAc;QAChC,WAAW;KACZ,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,KAAK,kEAA4B,MAQhC;IACC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAE5D,uGAAuG;IACvG,MAAM,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9D,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,+BAAc,CAAC,IAAI,EAAE;QAC9C,IAAI;KACL,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC;IAE5C,MAAM,SAAS,GAAG,OAAO,EAAE,SAAmB,CAAC;IAC/C,IAAI,IAAI,KAAK,sBAAU,CAAC,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,uBAAA,IAAI,sHAAyC,MAA7C,IAAI,EAA0C,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBACvC,MAAM;gBACN,UAAU;gBACV,WAAW;aACZ,CAAC,CAAC;YACH,OAAO;gBACL,SAAS;gBACT,IAAI;gBACJ,IAAI;aACL,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,GAAG,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC;QAC9D,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,iCAAiC,CAC3E,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,KAAK,mEAA6B,MAGjC;IACC,OAAO,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,KAAK,IAAI,EAAE;QACpC,IAAI,uBAAA,IAAI,8DAA0B,EAAE,CAAC;YACnC,OAAO,uBAAA,IAAI,8DAA0B,CAAC;QACxC,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAC1D,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,MAAM,CAAC,CAAC;QAE/C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;YAC9C,KAAK,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;YAChD,KAAK,CAAC,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;YAC1C,KAAK,CAAC,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;QAC5C,CAAC,CAAC,CAAC;QAEH,MAAM,qBAAqB,GAAG,IAAA,4BAAoB,EAAC,SAAS,CAAC,CAAC;QAC9D,uBAAA,IAAI,0DAA6B,qBAAqB,MAAA,CAAC;QACvD,OAAO,qBAAqB,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,KAAK,iEAA2B,MAG/B;IAKC,IAAI,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAC7D,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAE7C,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,UAAU,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,MAAM,EAAE,aAAa,EAAE,CAAC;QAC1B,kBAAkB,GAAG,MAAM,CAAC,aAAa,CAAC;IAC5C,CAAC;IAED,IAAI,kBAA2B,CAAC;IAEhC,0EAA0E;IAC1E,IAAI,kBAAkB,EAAE,CAAC;QACvB,MAAM,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAExD,IACE,mBAAmB;YACnB,mBAAmB,KAAK,oBAAoB,CAAC,IAAI,EACjD,CAAC;YACD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;QACJ,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QACrE,kBAAkB,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,cAAc,CAC5D,GAAG,EACH,oBAAoB,CACrB,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,wFAAwF;QACxF,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QACxC,sHAAsH;QACtH,yEAAyE;QACzE,+DAA+D;QAC/D,MAAM,MAAM,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,iBAAiB,CACzD,MAAM,CAAC,QAAQ,EACf,cAAc,CACf,CAAC;QACF,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC;QAClC,kBAAkB,GAAG,MAAM,CAAC,iBAAiB,CAAC;QAC9C,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC;IACpC,CAAC;IAED,MAAM,SAAS,GAAG,uBAAA,IAAI,6FAAgB,MAApB,IAAI,EAAiB,kBAAkB,CAAC,CAAC;IAE3D,OAAO;QACL,SAAS;QACT,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,gFACH,kCAEC;IAED,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,MAAM,kCAAkC,EAAE,CAAC;QAE7D,uBAAA,IAAI,wHAA2C,MAA/C,IAAI,EAA4C,SAAS,CAAC,CAAC;QAE3D,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;QACnD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,6JAYC,UAUO;IAEP,MAAM,sBAAsB,GAAG,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC;IAEhE,MAAM,kBAAkB,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;QAClD,CAAC,CAAC,UAAU;QACZ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;IACjB,MAAM,0BAA0B,GAA4B,EAAE,CAAC;IAE/D,qEAAqE;IACrE,wBAAwB;IACxB,kBAAkB,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACvC,MAAM,UAAU,GAAG,IAAA,uCAAkB,EAAC,IAAI,CAAC,CAAC;QAE5C,MAAM,yBAAyB,GAAG,sBAAsB,CAAC,IAAI,CAC3D,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,CAC/D,CAAC;QAEF,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,0BAA0B,CAAC,IAAI,CAAC;gBAC9B,SAAS;gBACT,IAAI,EAAE,UAAU;gBAChB,IAAI;aACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,0BAA0B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,qBAAqB,GAAG;gBAC5B,GAAG,KAAK,CAAC,qBAAqB;gBAC9B,GAAG,0BAA0B;aAC9B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,mEAA6B,EAChC,QAAQ,EACR,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,GAMpB;IACC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAE5C,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,GAChC,MAAM,uBAAA,IAAI,2GAA8B,MAAlC,IAAI,EAA+B,QAAQ,CAAC,CAAC;IAErD,MAAM,SAAS,GAA0B;QACvC,gBAAgB,EAAE,mBAAmB;QACrC,kBAAkB,EAAE,qBAAqB;QACzC,oBAAoB,EAAE,uBAAuB;QAC7C,WAAW;QACX,WAAW;KACZ,CAAC;IAEF,MAAM,uBAAA,IAAI,0FAAa,MAAjB,IAAI,EAAc;QACtB,QAAQ;QACR,SAAS;QACT,QAAQ,EAAE,uBAAuB;KAClC,CAAC,CAAC;IAEH,qCAAqC;IACrC,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,EAAoB;QACtB,UAAU,EAAE,mBAAmB,CAAC,EAAE;KACnC,CAAC,CAAC;IAEH,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;AACtB,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,oDAAc,EACjB,QAAQ,EACR,SAAS,EACT,QAAQ,GAKT;IACC,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,KAAK,IAAI,EAAE;QACnC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAEhC,yEAAyE;QACzE,uBAAA,IAAI,0DAA6B,SAAS,MAAA,CAAC;QAE3C,MAAM,mBAAmB,GAAG,IAAA,0BAAkB,EAAC,SAAS,CAAC,CAAC;QAE1D,sHAAsH;QACtH,yEAAyE;QACzE,+DAA+D;QAC/D,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAChC,MAAM,uBAAA,IAAI,oDAAgB,CAAC,iBAAiB,CAC1C,QAAQ,EACR,mBAAmB,CACpB,CAAC;QAEJ,qBAAqB;QACrB,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,IAAA,mBAAW,EAAC,iBAAiB,CAAC,CAAC,CAAC;QAEjE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC;YACpB,KAAK,CAAC,kBAAkB,GAAG,iBAAiB,CAAC;YAC7C,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC;YACnD,KAAK,CAAC,8BAA8B,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,KAAK,qEACH,QAAgB;IAEhB,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAC9C,8GAA8G;IAC9G,4GAA4G;IAC5G,IAAI,WAAW,IAAI,WAAW,EAAE,CAAC;QAC/B,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;IACtC,CAAC;IAED,6HAA6H;IAC7H,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACrB,gJAAgJ;QAChJ,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,EAAE,QAAQ,EAAE,CAAC,CAAC;QACzE,WAAW,GAAG,WAAW,IAAI,SAAS,CAAC,WAAW,CAAC;QACnD,WAAW,GAAG,WAAW,IAAI,SAAS,CAAC,WAAW,CAAC;IACrD,CAAC;IAED,uFAAuF;IACvF,sEAAsE;IAEtE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AACtC,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,2DACH,QAA2C;IAE3C,OAAO,MAAM,QAAQ,CAAC,uBAAA,IAAI,8DAA0B,EAAE,QAAQ,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,sDACH,QAA2C;IAE3C,OAAO,MAAM,QAAQ,CAAC,uBAAA,IAAI,yDAAqB,EAAE,QAAQ,CAAC,CAAC;AAC7D,CAAC,uGASe,IAAa;IAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,cAAc,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,eAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,cAAc,CAAC,CAAC;IAC3E,CAAC;IAED,IAAA,mCAAsB,EAAC,eAAe,CAAC,CAAC;IAExC,OAAO,eAAe,CAAC;AACzB,CAAC;IAGC,IAAI,CAAC,uBAAA,IAAI,gDAAY,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;AACH,CAAC,6HAeC,KAAc;IAEd,IAAI,CAAC;QACH,IAAA,wDAA2C,EAAC,KAAK,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,qCAAqC,GAAG,KAAK,CAAC;QACtD,CAAC,CAAC,CAAC;QACH,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,6DAAuB,OAG3B;IAIC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;IAEf,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW;SACpE,eAAe,CAAC;QACf,cAAc;QACd,gBAAgB;QAChB,uBAAuB;QACvB,MAAM;KACP,CAAC;SACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,uBAAuB,CACjE,CAAC;IACJ,CAAC,CAAC,CAAC;IACL,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC;QAC5D,GAAG,OAAO;QACV,gBAAgB,EAAE,UAAU;KAC7B,CAAC,CAAC;IACH,IAAI,kBAAkB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;AACxC,CAAC;IAGC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,OAAO,KAAK,CAAC,qBAAqB,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,iIAyJ4B,EAC3B,YAAY,EACZ,WAAW,GAIZ;IACC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,wBAAwB,GAAG;YAC/B,GAAG,CAAC,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC;YACzC,EAAE,YAAY,EAAE,WAAW,EAAE;SAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,2GAUiB,KAAc;IAC9B,IAAI,KAAK,YAAY,gCAAU,EAAE,CAAC;QAChC,OAAO,CACL,KAAK,CAAC,IAAI,KAAK,oCAAc,CAAC,gBAAgB;YAC9C,KAAK,CAAC,IAAI,KAAK,oCAAc,CAAC,gBAAgB,CAC/C,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,2HAUyB,KAAc;IACtC,IAAI,KAAK,YAAY,gCAAU,EAAE,CAAC;QAChC,OAAO,CACL,KAAK,CAAC,IAAI;YACT,oCAAc,CAAC,yBAA+C,CAChE,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,gEACH,SAA2B,EAC3B,aAAqB;IAErB,IAAI,CAAC;QACH,kEAAkE;QAClE,MAAM,sBAAsB,GAAG,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAChE,MAAM,4BAA4B,GAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QACzC,6DAA6D;QAC7D,2CAA2C;QAC3C,IAAI,oBAAoB,GAAG,KAAK,CAAC;QACjC,IAAI,uBAAA,IAAI,gDAAY,EAAE,CAAC;YACrB,oBAAoB,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACxD,CAAC;QAED,IACE,sBAAsB;YACtB,4BAA4B;YAC5B,oBAAoB,EACpB,CAAC;YACD,GAAG,CACD,4BAA4B,aAAa,gCAAgC,EACzE,2BAA2B,CAC5B,CAAC;YACF,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjC,CAAC;QAED,OAAO,MAAM,SAAS,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,4CAA4C;QAC5C,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,GAAG,CACD,wBAAwB,aAAa,gCAAgC,EACrE,KAAK,CACN,CAAC;YACF,IAAI,CAAC;gBACH,qBAAqB;gBACrB,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC/B,wCAAwC;gBACxC,OAAO,MAAM,SAAS,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,GAAG,CAAC,kCAAkC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;gBACrE,MAAM,YAAY,CAAC;YACrB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;AACH,CAAC;AAyDH;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,QAAiB;IAC9C,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,iBAAiB,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,oBAAoB,CAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,UAAU,QAAQ,CACrB,KAAY,EACZ,QAA2C;IAE3C,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;IAE1C,IAAI,CAAC;QACH,OAAO,MAAM,QAAQ,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC;IACzC,CAAC;YAAS,CAAC;QACT,WAAW,EAAE,CAAC;IAChB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,wCAAwC,CAC/C,6BAAiD;IAEjD,IAAI,CAAC,6BAA6B,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mCAAmC,CAC7E,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,yCAAyC,CAChD,8BAAkD;IAElD,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,oCAAoC,CAC9E,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { keccak256AndHexify } from '@metamask/auth-network-utils';\nimport { BaseController, type StateMetadata } from '@metamask/base-controller';\nimport type * as encryptionUtils from '@metamask/browser-passworder';\nimport type {\n KeyPair,\n RecoverEncryptionKeyResult,\n SEC1EncodedPublicKey,\n} from '@metamask/toprf-secure-backup';\nimport {\n ToprfSecureBackup,\n TOPRFErrorCode,\n TOPRFError,\n} from '@metamask/toprf-secure-backup';\nimport {\n base64ToBytes,\n bytesToBase64,\n isNullOrUndefined,\n} from '@metamask/utils';\nimport { gcm } from '@noble/ciphers/aes';\nimport { bytesToUtf8, utf8ToBytes } from '@noble/ciphers/utils';\nimport { managedNonce } from '@noble/ciphers/webcrypto';\nimport { secp256k1 } from '@noble/curves/secp256k1';\nimport { Mutex } from 'async-mutex';\n\nimport {\n assertIsPasswordOutdatedCacheValid,\n assertIsSeedlessOnboardingUserAuthenticated,\n assertIsValidVaultData,\n} from './assertions';\nimport type { AuthConnection } from './constants';\nimport {\n controllerName,\n PASSWORD_OUTDATED_CACHE_TTL_MS,\n SecretType,\n SeedlessOnboardingControllerErrorMessage,\n Web3AuthNetwork,\n} from './constants';\nimport { PasswordSyncError, RecoveryError } from './errors';\nimport { projectLogger, createModuleLogger } from './logger';\nimport { SecretMetadata } from './SecretMetadata';\nimport type {\n MutuallyExclusiveCallback,\n SeedlessOnboardingControllerMessenger,\n SeedlessOnboardingControllerOptions,\n SeedlessOnboardingControllerState,\n AuthenticatedUserDetails,\n SocialBackupsMetadata,\n VaultEncryptor,\n RefreshJWTToken,\n RevokeRefreshToken,\n RenewRefreshToken,\n VaultData,\n DeserializedVaultData,\n} from './types';\nimport {\n decodeJWTToken,\n decodeNodeAuthToken,\n deserializeVaultData,\n serializeVaultData,\n} from './utils';\n\nconst log = createModuleLogger(projectLogger, controllerName);\n\n/*\n Get the initial state for the Seedless Onboarding Controller with defaults.\n \n @param overrides - The overrides for the initial state.\n * @returns The initial state for the Seedless Onboarding Controller.\n /\nexport function getInitialSeedlessOnboardingControllerStateWithDefaults(\n overrides?: Partial<SeedlessOnboardingControllerState>,\n): SeedlessOnboardingControllerState {\n const initialState = {\n socialBackupsMetadata: [],\n isSeedlessOnboardingUserAuthenticated: false,\n ...overrides,\n };\n\n // Ensure authenticated flag is set correctly.\n try {\n assertIsSeedlessOnboardingUserAuthenticated(initialState);\n initialState.isSeedlessOnboardingUserAuthenticated = true;\n } catch {\n initialState.isSeedlessOnboardingUserAuthenticated = false;\n }\n return initialState;\n}\n\n/\n Seedless Onboarding Controller State Metadata.\n \n This allows us to choose if fields of the state should be persisted or not\n * using the `persist` flag; and if they can be sent to Sentry or not, using\n * the `anonymous` flag.\n /\nconst seedlessOnboardingMetadata: StateMetadata<SeedlessOnboardingControllerState> =\n {\n vault: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n socialBackupsMetadata: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n nodeAuthTokens: {\n includeInStateLogs: (nodeAuthTokens) =>\n !isNullOrUndefined(nodeAuthTokens),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n authConnection: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: true,\n },\n authConnectionId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n groupedAuthConnectionId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n userId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n socialLoginEmail: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: true,\n },\n vaultEncryptionKey: {\n includeInStateLogs: false,\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n vaultEncryptionSalt: {\n includeInStateLogs: false,\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n authPubKey: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n passwordOutdatedCache: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n refreshToken: {\n includeInStateLogs: (refreshToken) => !isNullOrUndefined(refreshToken),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n revokeToken: {\n includeInStateLogs: (revokeToken) => !isNullOrUndefined(revokeToken),\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n pendingToBeRevokedTokens: {\n includeInStateLogs: (pendingToBeRevokedTokens) =>\n !isNullOrUndefined(pendingToBeRevokedTokens) &&\n pendingToBeRevokedTokens.length > 0,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n // stays in vault\n accessToken: {\n includeInStateLogs: (accessToken) => !isNullOrUndefined(accessToken),\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n // stays outside of vault as this token is accessed by the metadata service\n // before the vault is created or unlocked.\n metadataAccessToken: {\n includeInStateLogs: (metadataAccessToken) =>\n !isNullOrUndefined(metadataAccessToken),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n encryptedSeedlessEncryptionKey: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n encryptedKeyringEncryptionKey: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n isSeedlessOnboardingUserAuthenticated: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n };\n\nexport class SeedlessOnboardingController<\n EncryptionKey,\n SupportedKeyDerivationOptions = encryptionUtils.KeyDerivationOptions,\n> extends BaseController<\n typeof controllerName,\n SeedlessOnboardingControllerState,\n SeedlessOnboardingControllerMessenger\n> {\n readonly #vaultEncryptor: VaultEncryptor<\n EncryptionKey,\n SupportedKeyDerivationOptions\n >;\n\n readonly #controllerOperationMutex = new Mutex();\n\n readonly #vaultOperationMutex = new Mutex();\n\n readonly toprfClient: ToprfSecureBackup;\n\n readonly #refreshJWTToken: RefreshJWTToken;\n\n readonly #revokeRefreshToken: RevokeRefreshToken;\n\n readonly #renewRefreshToken: RenewRefreshToken;\n\n /\n The TTL of the password outdated cache in milliseconds.\n /\n readonly #passwordOutdatedCacheTTL: number;\n\n /\n Controller lock state.\n \n The controller lock is synchronized with the keyring lock.\n /\n #isUnlocked = false;\n\n /\n Cached decrypted vault data.\n \n This is used to cache the decrypted vault data to avoid decrypting the vault data multiple times.\n /\n #cachedDecryptedVaultData: DeserializedVaultData \| undefined;\n\n /\n Creates a new SeedlessOnboardingController instance.\n \n @param options - The options for the SeedlessOnboardingController.\n * @param options.messenger - A restricted messenger.\n * @param options.state - Initial state to set on this controller.\n * @param options.encryptor - An optional encryptor to use for encrypting and decrypting seedless onboarding vault.\n * @param options.toprfKeyDeriver - An optional key derivation interface for the TOPRF client.\n * @param options.network - The network to be used for the Seedless Onboarding flow.\n * @param options.refreshJWTToken - A function to get a new jwt token using refresh token.\n * @param options.revokeRefreshToken - A function to revoke the refresh token.\n * @param options.renewRefreshToken - A function to renew the refresh token and get new revoke token.\n * @param options.passwordOutdatedCacheTTL - The TTL of the password outdated cache in milliseconds.,\n /\n constructor({\n messenger,\n state,\n encryptor,\n toprfKeyDeriver,\n network = Web3AuthNetwork.Mainnet,\n refreshJWTToken,\n revokeRefreshToken,\n renewRefreshToken,\n passwordOutdatedCacheTTL = PASSWORD_OUTDATED_CACHE_TTL_MS,\n }: SeedlessOnboardingControllerOptions<\n EncryptionKey,\n SupportedKeyDerivationOptions\n >) {\n super({\n name: controllerName,\n metadata: seedlessOnboardingMetadata,\n state: getInitialSeedlessOnboardingControllerStateWithDefaults(state),\n messenger,\n });\n\n assertIsPasswordOutdatedCacheValid(passwordOutdatedCacheTTL);\n this.#passwordOutdatedCacheTTL = passwordOutdatedCacheTTL;\n\n this.#vaultEncryptor = encryptor;\n\n this.toprfClient = new ToprfSecureBackup({\n network,\n keyDeriver: toprfKeyDeriver,\n fetchMetadataAccessCreds: this.fetchMetadataAccessCreds.bind(this),\n });\n this.#refreshJWTToken = refreshJWTToken;\n this.#revokeRefreshToken = revokeRefreshToken;\n this.#renewRefreshToken = renewRefreshToken;\n }\n\n async fetchMetadataAccessCreds(): Promise<{\n metadataAccessToken: string;\n }> {\n const { metadataAccessToken } = this.state;\n if (!metadataAccessToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidMetadataAccessToken,\n );\n }\n\n // Check if token is expired and refresh if needed\n const decodedToken = decodeJWTToken(metadataAccessToken);\n if (decodedToken.exp < Math.floor(Date.now() / 1000)) {\n // Token is expired, refresh it\n await this.refreshAuthTokens();\n\n // Get the new token after refresh\n const { metadataAccessToken: newMetadataAccessToken } = this.state;\n\n return {\n metadataAccessToken: newMetadataAccessToken as string,\n };\n }\n\n return { metadataAccessToken };\n }\n\n /\n Gets the node details for the TOPRF operations.\n * This function can be called to get the node endpoints, indexes and pubkeys and cache them locally.\n /\n async preloadToprfNodeDetails() {\n try {\n await this.toprfClient.getNodeDetails();\n } catch {\n log('Failed to fetch node details');\n }\n }\n\n /\n Authenticate OAuth user using the seedless onboarding flow\n * and determine if the user is already registered or not.\n \n @param params - The parameters for authenticate OAuth user.\n * @param params.idTokens - The ID token(s) issued by OAuth verification service. Currently this array only contains a single idToken which is verified by all the nodes, in future we are considering to issue a unique idToken for each node.\n * @param params.authConnection - The social login provider.\n * @param params.authConnectionId - OAuth authConnectionId from dashboard\n * @param params.userId - user email or id from Social login\n * @param params.groupedAuthConnectionId - Optional grouped authConnectionId to be used for the authenticate request.\n * @param params.socialLoginEmail - The user email from Social login.\n * @param params.refreshToken - refresh token for refreshing expired nodeAuthTokens.\n * @param params.revokeToken - revoke token for revoking refresh token and get new refresh token and new revoke token.\n * @param params.accessToken - Access token for pairing with profile sync auth service and to access other services.\n * @param params.metadataAccessToken - Metadata access token for accessing the metadata service before the vault is created or unlocked.\n * @param params.skipLock - Optional flag to skip acquiring the controller lock. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to the authentication result.\n /\n async authenticate(params: {\n idTokens: string[];\n accessToken: string;\n metadataAccessToken: string;\n authConnection: AuthConnection;\n authConnectionId: string;\n userId: string;\n groupedAuthConnectionId?: string;\n socialLoginEmail?: string;\n refreshToken: string;\n revokeToken?: string;\n skipLock?: boolean;\n }) {\n const doAuthenticateWithNodes = async () => {\n try {\n const {\n idTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n authConnection,\n socialLoginEmail,\n refreshToken,\n revokeToken,\n accessToken,\n metadataAccessToken,\n } = params;\n\n const authenticationResult = await this.toprfClient.authenticate({\n authConnectionId,\n userId,\n idTokens,\n groupedAuthConnectionId,\n });\n // update the state with the authenticated user info\n this.update((state) => {\n state.nodeAuthTokens = authenticationResult.nodeAuthTokens;\n state.authConnectionId = authConnectionId;\n state.groupedAuthConnectionId = groupedAuthConnectionId;\n state.userId = userId;\n state.authConnection = authConnection;\n state.socialLoginEmail = socialLoginEmail;\n state.metadataAccessToken = metadataAccessToken;\n state.refreshToken = refreshToken;\n if (revokeToken) {\n // Temporarily store revoke token & access token in state for later vault creation\n state.revokeToken = revokeToken;\n }\n state.accessToken = accessToken;\n\n // we will check if the controller state is properly set with the authenticated user info\n // before setting the isSeedlessOnboardingUserAuthenticated to true\n assertIsSeedlessOnboardingUserAuthenticated(state);\n state.isSeedlessOnboardingUserAuthenticated = true;\n });\n\n return authenticationResult;\n } catch (error) {\n log('Error authenticating user', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.AuthenticationError,\n );\n }\n };\n return params.skipLock\n ? await doAuthenticateWithNodes()\n : await this.#withControllerLock(doAuthenticateWithNodes);\n }\n\n /\n Create a new TOPRF encryption key using given password and backups the provided seed phrase.\n \n @param password - The password used to create new wallet and seedphrase\n * @param seedPhrase - The initial seed phrase (Mnemonic) created together with the wallet.\n * @param keyringId - The keyring id of the backup seed phrase\n * @returns A promise that resolves to the encrypted seed phrase and the encryption key.\n /\n async createToprfKeyAndBackupSeedPhrase(\n password: string,\n seedPhrase: Uint8Array,\n keyringId: string,\n ): Promise<void> {\n return await this.#withControllerLock(async () => {\n // to make sure that fail fast,\n // assert that the user is authenticated before creating the TOPRF key and backing up the seed phrase\n this.#assertIsAuthenticatedUser(this.state);\n\n // locally evaluate the encryption key from the password\n const { encKey, pwEncKey, authKeyPair, oprfKey } =\n await this.toprfClient.createLocalKey({\n password,\n });\n const performKeyCreationAndBackup = async (): Promise<void> => {\n // encrypt and store the secret data\n await this.#encryptAndStoreSecretData({\n data: seedPhrase,\n type: SecretType.Mnemonic,\n encKey,\n authKeyPair,\n options: {\n keyringId,\n },\n });\n\n // store/persist the encryption key shares\n // We store the secret metadata in the metadata store first. If this operation fails,\n // we avoid persisting the encryption key shares to prevent a situation where a user appears\n // to have an account but with no associated data.\n await this.#persistOprfKey(oprfKey, authKeyPair.pk);\n // create a new vault with the resulting authentication data\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n };\n\n await this.#executeWithTokenRefresh(\n performKeyCreationAndBackup,\n 'createToprfKeyAndBackupSeedPhrase',\n );\n });\n }\n\n /\n encrypt and add a new secret data to the metadata store.\n \n @param data - The data to add.\n * @param type - The type of the secret data.\n * @param options - Optional options object, which includes optional data to be added to the metadata store.\n * @param options.keyringId - The keyring id of the backup keyring (SRP).\n * @returns A promise that resolves to the success of the operation.\n /\n async addNewSecretData(\n data: Uint8Array,\n type: SecretType,\n options?: {\n keyringId?: string;\n },\n ): Promise<void> {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n\n await this.#assertPasswordInSync({\n skipCache: true,\n skipLock: true, // skip lock since we already have the lock\n });\n\n const performBackup = async (): Promise<void> => {\n // verify the password and unlock the vault\n const { toprfEncryptionKey, toprfAuthKeyPair } =\n await this.#unlockVaultAndGetVaultData();\n\n // encrypt and store the secret data\n await this.#encryptAndStoreSecretData({\n data,\n type,\n encKey: toprfEncryptionKey,\n authKeyPair: toprfAuthKeyPair,\n options,\n });\n };\n\n await this.#executeWithTokenRefresh(performBackup, 'addNewSecretData');\n });\n }\n\n /\n Fetches all encrypted secret data and metadata for user's account from the metadata store.\n \n Decrypts the secret data and returns the decrypted secret data using the recovered encryption key from the password.\n \n @param password - The optional password used to create new wallet. If not provided, `cached Encryption Key` will be used.\n * @returns A promise that resolves to the secret data.\n /\n async fetchAllSecretData(password?: string): Promise<SecretMetadata[]> {\n return await this.#withControllerLock(async () => {\n return await this.#executeWithTokenRefresh(async () => {\n // assert that the user is authenticated before fetching the secret data\n this.#assertIsAuthenticatedUser(this.state);\n\n let encKey: Uint8Array;\n let pwEncKey: Uint8Array;\n let authKeyPair: KeyPair;\n\n if (password) {\n const recoverEncKeyResult = await this.#recoverEncKey(password);\n encKey = recoverEncKeyResult.encKey;\n pwEncKey = recoverEncKeyResult.pwEncKey;\n authKeyPair = recoverEncKeyResult.authKeyPair;\n } else {\n this.#assertIsUnlocked();\n // verify the password and unlock the vault\n const keysFromVault = await this.#unlockVaultAndGetVaultData();\n encKey = keysFromVault.toprfEncryptionKey;\n pwEncKey = keysFromVault.toprfPwEncryptionKey;\n authKeyPair = keysFromVault.toprfAuthKeyPair;\n }\n\n const secrets = await this.#fetchAllSecretDataFromMetadataStore(\n encKey,\n authKeyPair,\n );\n\n if (password) {\n // if password is provided, we need to create a new vault with the auth data. (supposedly the user is trying to rehydrate the wallet)\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n }\n\n return secrets;\n }, 'fetchAllSecretData');\n });\n }\n\n /\n Update the password of the seedless onboarding flow.\n \n Changing password will also update the encryption key, metadata store and the vault with new encrypted values.\n \n @param newPassword - The new password to update.\n * @param oldPassword - The old password to verify.\n * @returns A promise that resolves to the success of the operation.\n /\n async changePassword(newPassword: string, oldPassword: string) {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n // verify the old password of the encrypted vault\n await this.verifyVaultPassword(oldPassword, {\n skipLock: true, // skip lock since we already have the lock\n });\n\n const { latestKeyIndex } = await this.#assertPasswordInSync({\n skipCache: true,\n skipLock: true, // skip lock since we already have the lock\n });\n\n const attemptChangePassword = async (): Promise<void> => {\n // load keyring encryption key if it exists\n let keyringEncryptionKey: string \| undefined;\n if (this.state.encryptedKeyringEncryptionKey) {\n keyringEncryptionKey = await this.loadKeyringEncryptionKey();\n }\n\n // update the encryption key with new password and update the Metadata Store\n const {\n encKey: newEncKey,\n pwEncKey: newPwEncKey,\n authKeyPair: newAuthKeyPair,\n } = await this.#changeEncryptionKey({\n oldPassword,\n newPassword,\n latestKeyIndex,\n });\n\n // update and encrypt the vault with new password\n await this.#createNewVaultWithAuthData({\n password: newPassword,\n rawToprfEncryptionKey: newEncKey,\n rawToprfPwEncryptionKey: newPwEncKey,\n rawToprfAuthKeyPair: newAuthKeyPair,\n });\n\n this.#resetPasswordOutdatedCache();\n\n // store the keyring encryption key if it exists\n if (keyringEncryptionKey) {\n await this.storeKeyringEncryptionKey(keyringEncryptionKey);\n }\n };\n\n try {\n await this.#executeWithTokenRefresh(\n attemptChangePassword,\n 'changePassword',\n );\n } catch (error) {\n log('Error changing password', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToChangePassword,\n );\n }\n });\n }\n\n /\n Update the backup metadata state for the given secret data.\n \n @param secretData - The data to backup, can be a single backup or array of backups.\n * @param secretData.keyringId - The keyring id associated with the backup secret data.\n * @param secretData.data - The secret data to update the backup metadata state.\n /\n updateBackupMetadataState(\n secretData:\n \| (Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array })\n \| (Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array })[],\n ) {\n this.#assertIsUnlocked();\n\n this.#filterDupesAndUpdateSocialBackupsMetadata(secretData);\n }\n\n /\n Verify the password validity by decrypting the vault.\n \n @param password - The password to verify.\n * @param options - Optional options object.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to the success of the operation.\n * @throws {Error} If the password is invalid or the vault is not initialized.\n /\n async verifyVaultPassword(\n password: string,\n options?: {\n skipLock?: boolean;\n },\n ): Promise<void> {\n const doVerify = async () => {\n if (!this.state.vault) {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultError);\n }\n await this.#vaultEncryptor.decrypt(password, this.state.vault);\n };\n return options?.skipLock\n ? await doVerify()\n : await this.#withControllerLock(doVerify);\n }\n\n /\n Get backup state of the given secret data, from the controller state.\n \n If the given secret data is not backed up and not found in the state, it will return `undefined`.\n \n @param data - The data to get the backup state of.\n * @param type - The type of the secret data.\n * @returns The backup state of the given secret data.\n /\n getSecretDataBackupState(\n data: Uint8Array,\n type: SecretType = SecretType.Mnemonic,\n ): SocialBackupsMetadata \| undefined {\n const secretDataHash = keccak256AndHexify(data);\n return this.state.socialBackupsMetadata.find(\n (backup) => backup.hash === secretDataHash && backup.type === type,\n );\n }\n\n /\n Submit the password to the controller, verify the password validity and unlock the controller.\n \n This method will be used especially when user rehydrate/unlock the wallet.\n * The provided password will be verified against the encrypted vault, encryption key will be derived and saved in the controller state.\n \n This operation is useful when user performs some actions that requires the user password/encryption key. e.g. add new srp backup\n \n @param password - The password to submit.\n * @returns A promise that resolves to the success of the operation.\n /\n async submitPassword(password: string): Promise<void> {\n return await this.#withControllerLock(async () => {\n await this.#unlockVaultAndGetVaultData({ password });\n this.#setUnlocked();\n });\n }\n\n /\n Set the controller to locked state, and deallocate the secrets (vault encryption key and salt).\n \n When the controller is locked, the user will not be able to perform any operations on the controller/vault.\n \n @returns A promise that resolves to the success of the operation.\n /\n async setLocked() {\n return await this.#withControllerLock(async () => {\n this.update((state) => {\n delete state.vaultEncryptionKey;\n delete state.vaultEncryptionSalt;\n delete state.revokeToken;\n delete state.accessToken;\n });\n\n this.#cachedDecryptedVaultData = undefined;\n this.#isUnlocked = false;\n });\n }\n\n /\n Sync the latest global password to the controller.\n * reset vault with latest globalPassword,\n * persist the latest global password authPubKey\n \n @param params - The parameters for syncing the latest global password.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the success of the operation.\n /\n async syncLatestGlobalPassword({\n globalPassword,\n }: {\n globalPassword: string;\n }) {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n const doSyncPassword = async () => {\n // update vault with latest globalPassword\n const { encKey, pwEncKey, authKeyPair } =\n await this.#recoverEncKey(globalPassword);\n // update and encrypt the vault with new password\n await this.#createNewVaultWithAuthData({\n password: globalPassword,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n\n this.#resetPasswordOutdatedCache();\n };\n return await this.#executeWithTokenRefresh(\n doSyncPassword,\n 'syncLatestGlobalPassword',\n );\n });\n }\n\n /\n @description Unlock the controller with the latest global password.\n \n @param params - The parameters for unlocking the controller.\n * @param params.maxKeyChainLength - The maximum chain length of the pwd encryption keys.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the success of the operation.\n /\n async submitGlobalPassword({\n globalPassword,\n maxKeyChainLength = 5,\n }: {\n globalPassword: string;\n maxKeyChainLength?: number;\n }): Promise<void> {\n return await this.#withControllerLock(async () => {\n return await this.#executeWithTokenRefresh(async () => {\n const currentDeviceAuthPubKey = this.#recoverAuthPubKey();\n await this.#submitGlobalPassword({\n targetAuthPubKey: currentDeviceAuthPubKey,\n globalPassword,\n maxKeyChainLength,\n });\n }, 'submitGlobalPassword');\n });\n }\n\n /\n @description Submit the global password to the controller, verify the\n * password validity and unlock the controller.\n \n @param params - The parameters for submitting the global password.\n * @param params.maxKeyChainLength - The maximum chain length of the pwd encryption keys.\n * @param params.targetAuthPubKey - The target public key of the keyring\n * encryption key to recover.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the keyring encryption key\n * corresponding to the current authPubKey in state.\n /\n async #submitGlobalPassword({\n targetAuthPubKey,\n globalPassword,\n maxKeyChainLength,\n }: {\n targetAuthPubKey: SEC1EncodedPublicKey;\n globalPassword: string;\n maxKeyChainLength: number;\n }): Promise<void> {\n const { pwEncKey: curPwEncKey, authKeyPair: curAuthKeyPair } =\n await this.#recoverEncKey(globalPassword);\n\n try {\n // Recover vault encryption key.\n const res = await this.toprfClient.recoverPwEncKey({\n targetAuthPubKey,\n curPwEncKey,\n curAuthKeyPair,\n maxPwChainLength: maxKeyChainLength,\n });\n const { pwEncKey } = res;\n const vaultKey = await this.#loadSeedlessEncryptionKey(pwEncKey);\n\n // Unlock the controller\n await this.#unlockVaultAndGetVaultData({\n encryptionKey: vaultKey,\n });\n this.#setUnlocked();\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n if (this.#isMaxKeyChainLengthError(error)) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.MaxKeyChainLengthExceeded,\n );\n }\n throw PasswordSyncError.getInstance(error);\n }\n }\n\n /\n @description Check if the current password is outdated compare to the global password.\n \n @param options - Optional options object.\n * @param options.globalAuthPubKey - The global auth public key to compare with the current auth public key.\n * If not provided, the global auth public key will be fetched from the backend.\n * @param options.skipCache - If true, bypass the cache and force a fresh check.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to true if the password is outdated, false otherwise.\n /\n async checkIsPasswordOutdated(options?: {\n skipCache?: boolean;\n skipLock?: boolean;\n globalAuthPubKey?: SEC1EncodedPublicKey;\n }): Promise<boolean> {\n const doCheckIsPasswordExpired = async () => {\n // cache result to reduce load on infra\n // Check cache first unless skipCache is true\n if (!options?.skipCache) {\n const { passwordOutdatedCache } = this.state;\n const now = Date.now();\n const isCacheValid =\n passwordOutdatedCache &&\n now - passwordOutdatedCache.timestamp <\n this.#passwordOutdatedCacheTTL;\n\n if (isCacheValid) {\n return passwordOutdatedCache.isExpiredPwd;\n }\n }\n\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n const currentDeviceAuthPubKey = this.#recoverAuthPubKey();\n\n let globalAuthPubKey = options?.globalAuthPubKey;\n if (!globalAuthPubKey) {\n const { authPubKey } = await this.toprfClient\n .fetchAuthPubKey({\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n })\n .catch((error) => {\n log('Error fetching auth pub key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchAuthPubKey,\n );\n });\n globalAuthPubKey = authPubKey;\n }\n\n // use noble lib to deserialize and compare curve point\n const isExpiredPwd = !secp256k1.ProjectivePoint.fromHex(\n currentDeviceAuthPubKey,\n ).equals(secp256k1.ProjectivePoint.fromHex(globalAuthPubKey));\n // Cache the result in state\n this.update((state) => {\n state.passwordOutdatedCache = { isExpiredPwd, timestamp: Date.now() };\n });\n return isExpiredPwd;\n };\n\n return await this.#executeWithTokenRefresh(\n async () =>\n options?.skipLock\n ? await doCheckIsPasswordExpired()\n : await this.#withControllerLock(doCheckIsPasswordExpired),\n 'checkIsPasswordOutdated',\n );\n }\n\n /\n Check if the user is authenticated with the seedless onboarding flow by checking the token values in the state.\n \n This method will check the `accessToken` and `revokeToken` in the state, besides the social login authentication details.\n * If both are present, the user is authenticated.\n * If either is missing, the user is not authenticated.\n \n This method is useful when we want to check if the state has valid authenticated user details to perform vault creations.\n \n @returns True if the user is authenticated, false otherwise.\n /\n async getIsUserAuthenticated(): Promise<boolean> {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n return Boolean(this.state.accessToken) && Boolean(this.state.revokeToken);\n } catch {\n return false;\n }\n }\n\n #setUnlocked(): void {\n this.#isUnlocked = true;\n }\n\n /\n Clears the current state of the SeedlessOnboardingController.\n /\n clearState() {\n const defaultState =\n getInitialSeedlessOnboardingControllerStateWithDefaults();\n this.update(() => {\n return defaultState;\n });\n }\n\n /\n Persist the encryption key for the seedless onboarding flow.\n \n @param oprfKey - The OPRF key to be splited and persisted.\n * @param authPubKey - The authentication public key.\n * @returns A promise that resolves to the success of the operation.\n /\n async #persistOprfKey(oprfKey: bigint, authPubKey: SEC1EncodedPublicKey) {\n this.#assertIsAuthenticatedUser(this.state);\n const { authConnectionId, groupedAuthConnectionId, userId } = this.state;\n\n try {\n await this.toprfClient.persistLocalKey({\n nodeAuthTokens: this.state.nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n oprfKey,\n authPubKey,\n });\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n log('Error persisting local encryption key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToPersistOprfKey,\n );\n }\n }\n\n /\n Persist the authentication public key for the seedless onboarding flow.\n * convert to suitable format before persisting.\n \n @param params - The parameters for persisting the authentication public key.\n * @param params.authPubKey - The authentication public key to be persisted.\n /\n #persistAuthPubKey(params: { authPubKey: SEC1EncodedPublicKey }): void {\n this.update((state) => {\n state.authPubKey = bytesToBase64(params.authPubKey);\n });\n }\n\n /\n Store the keyring encryption key in state, encrypted under the current\n * encryption key.\n \n @param keyringEncryptionKey - The keyring encryption key.\n /\n async storeKeyringEncryptionKey(keyringEncryptionKey: string) {\n const { toprfPwEncryptionKey: encKey } =\n await this.#unlockVaultAndGetVaultData();\n await this.#storeKeyringEncryptionKey(encKey, keyringEncryptionKey);\n }\n\n /\n Load the keyring encryption key from state, decrypted under the current\n * encryption key.\n \n @returns The keyring encryption key.\n /\n async loadKeyringEncryptionKey() {\n const { toprfPwEncryptionKey: encKey } =\n await this.#unlockVaultAndGetVaultData();\n return await this.#loadKeyringEncryptionKey(encKey);\n }\n\n /\n Encrypt the keyring encryption key and store it in state.\n \n @param encKey - The encryption key.\n * @param keyringEncryptionKey - The keyring encryption key.\n /\n async #storeKeyringEncryptionKey(\n encKey: Uint8Array,\n keyringEncryptionKey: string,\n ) {\n const aes = managedNonce(gcm)(encKey);\n const encryptedKeyringEncryptionKey = aes.encrypt(\n utf8ToBytes(keyringEncryptionKey),\n );\n this.update((state) => {\n state.encryptedKeyringEncryptionKey = bytesToBase64(\n encryptedKeyringEncryptionKey,\n );\n });\n }\n\n /\n Decrypt the keyring encryption key from state.\n \n @param encKey - The encryption key.\n * @returns The keyring encryption key.\n /\n async #loadKeyringEncryptionKey(encKey: Uint8Array) {\n const { encryptedKeyringEncryptionKey: encryptedKey } = this.state;\n assertIsEncryptedKeyringEncryptionKeySet(encryptedKey);\n const encryptedPasswordBytes = base64ToBytes(encryptedKey);\n const aes = managedNonce(gcm)(encKey);\n const password = aes.decrypt(encryptedPasswordBytes);\n return bytesToUtf8(password);\n }\n\n /\n Decrypt the seedless encryption key from state.\n \n @param encKey - The encryption key.\n * @returns The seedless encryption key.\n /\n async #loadSeedlessEncryptionKey(encKey: Uint8Array) {\n const { encryptedSeedlessEncryptionKey: encryptedKey } = this.state;\n assertIsEncryptedSeedlessEncryptionKeySet(encryptedKey);\n const encryptedKeyBytes = base64ToBytes(encryptedKey);\n const aes = managedNonce(gcm)(encKey);\n const seedlessEncryptionKey = aes.decrypt(encryptedKeyBytes);\n return bytesToUtf8(seedlessEncryptionKey);\n }\n\n /\n Recover the authentication public key from the state.\n * convert to pubkey format before recovering.\n \n @returns The authentication public key.\n /\n #recoverAuthPubKey(): SEC1EncodedPublicKey {\n const { authPubKey } = this.state;\n if (!authPubKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.SRPNotBackedUpError,\n );\n }\n\n return base64ToBytes(authPubKey);\n }\n\n /\n Recover the encryption key from password.\n \n @param password - The password used to derive/recover the encryption key.\n * @returns A promise that resolves to the encryption key and authentication key pair.\n * @throws RecoveryError - If failed to recover the encryption key.\n /\n async #recoverEncKey(\n password: string,\n ): Promise<Omit<RecoverEncryptionKeyResult, 'rateLimitResetResult'>> {\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n try {\n const recoverEncKeyResult = await this.toprfClient.recoverEncKey({\n nodeAuthTokens,\n password,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n });\n return recoverEncKeyResult;\n } catch (error) {\n // throw token expired error for token refresh handler\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n\n throw RecoveryError.getInstance(error);\n }\n }\n\n async #fetchAllSecretDataFromMetadataStore(\n encKey: Uint8Array,\n authKeyPair: KeyPair,\n ) {\n let secretData: Uint8Array[] = [];\n try {\n // fetch and decrypt the secret data from the metadata store\n secretData = await this.toprfClient.fetchAllSecretDataItems({\n decKey: encKey,\n authKeyPair,\n });\n } catch (error) {\n log('Error fetching secret data', error);\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchSecretMetadata,\n );\n }\n\n // user must have at least one secret data\n if (secretData?.length > 0) {\n const secrets = SecretMetadata.parseSecretsFromMetadataStore(secretData);\n // validate the primary secret data is a mnemonic (SRP)\n const primarySecret = secrets[0];\n if (primarySecret.type !== SecretType.Mnemonic) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidPrimarySecretDataType,\n );\n }\n return secrets;\n }\n\n throw new Error(SeedlessOnboardingControllerErrorMessage.NoSecretDataFound);\n }\n\n /\n Update the encryption key with new password and update the Metadata Store with new encryption key.\n \n @param params - The function parameters.\n * @param params.oldPassword - The old password to verify.\n * @param params.newPassword - The new password to update.\n * @param params.latestKeyIndex - The key index of the latest key.\n * @returns A promise that resolves to new encryption key and authentication key pair.\n /\n async #changeEncryptionKey({\n oldPassword,\n newPassword,\n latestKeyIndex,\n }: {\n newPassword: string;\n oldPassword: string;\n latestKeyIndex?: number;\n }) {\n this.#assertIsAuthenticatedUser(this.state);\n const { authConnectionId, groupedAuthConnectionId, userId } = this.state;\n\n let encKey: Uint8Array;\n let pwEncKey: Uint8Array;\n let authKeyPair: KeyPair;\n let globalKeyIndex = latestKeyIndex;\n if (!globalKeyIndex) {\n ({\n encKey,\n pwEncKey,\n authKeyPair,\n keyShareIndex: globalKeyIndex,\n } = await this.#recoverEncKey(oldPassword));\n } else {\n ({\n toprfEncryptionKey: encKey,\n toprfPwEncryptionKey: pwEncKey,\n toprfAuthKeyPair: authKeyPair,\n } = await this.#unlockVaultAndGetVaultData({ password: oldPassword }));\n }\n const result = await this.toprfClient.changeEncKey({\n nodeAuthTokens: this.state.nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n oldEncKey: encKey,\n oldPwEncKey: pwEncKey,\n oldAuthKeyPair: authKeyPair,\n newKeyShareIndex: globalKeyIndex,\n newPassword,\n });\n return result;\n }\n\n /\n Encrypt and store the secret data backup in the metadata store.\n \n @param params - The parameters for encrypting and storing the secret data backup.\n * @param params.data - The secret data to store.\n * @param params.type - The type of the secret data.\n * @param params.encKey - The encryption key to store.\n * @param params.authKeyPair - The authentication key pair to store.\n * @param params.options - Optional options object, which includes optional data to be added to the metadata store.\n * @param params.options.keyringId - The keyring id of the backup keyring (SRP).\n \n @returns A promise that resolves to the success of the operation.\n /\n async #encryptAndStoreSecretData(params: {\n data: Uint8Array;\n type: SecretType;\n encKey: Uint8Array;\n authKeyPair: KeyPair;\n options?: {\n keyringId?: string;\n };\n }): Promise<void> {\n const { options, data, encKey, authKeyPair, type } = params;\n\n // before encrypting and create backup, we will check the state if the secret data is already backed up\n const backupState = this.getSecretDataBackupState(data, type);\n if (backupState) {\n return;\n }\n\n const secretMetadata = new SecretMetadata(data, {\n type,\n });\n const secretData = secretMetadata.toBytes();\n\n const keyringId = options?.keyringId as string;\n if (type === SecretType.Mnemonic && !keyringId) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.MissingKeyringId,\n );\n }\n\n try {\n await this.#withPersistedSecretMetadataBackupsState(async () => {\n await this.toprfClient.addSecretDataItem({\n encKey,\n secretData,\n authKeyPair,\n });\n return {\n keyringId,\n data,\n type,\n };\n });\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n log('Error encrypting and storing secret data backup', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToEncryptAndStoreSecretData,\n );\n }\n }\n\n /\n Unlocks the encrypted vault using the provided password and returns the decrypted vault data.\n * This method ensures thread-safety by using a mutex lock when accessing the vault.\n \n @param params - The parameters for unlocking the vault.\n * @param params.password - The optional password to unlock the vault.\n * @param params.encryptionKey - The optional encryption key to unlock the vault.\n * @returns A promise that resolves to an object containing:\n * - toprfEncryptionKey: The decrypted TOPRF encryption key\n * - toprfAuthKeyPair: The decrypted TOPRF authentication key pair\n * - revokeToken: The decrypted revoke token\n * - accessToken: The decrypted access token\n * @throws {Error} If:\n * - The password is invalid or empty\n * - The vault is not initialized\n * - The password is incorrect (from encryptor.decrypt)\n * - The decrypted vault data is malformed\n /\n async #unlockVaultAndGetVaultData(params?: {\n password?: string;\n encryptionKey?: string;\n }): Promise<DeserializedVaultData> {\n return this.#withVaultLock(async () => {\n if (this.#cachedDecryptedVaultData) {\n return this.#cachedDecryptedVaultData;\n }\n\n const { vaultData, vaultEncryptionKey, vaultEncryptionSalt } =\n await this.#decryptAndParseVaultData(params);\n\n this.update((state) => {\n state.vaultEncryptionKey = vaultEncryptionKey;\n state.vaultEncryptionSalt = vaultEncryptionSalt;\n state.revokeToken = vaultData.revokeToken;\n state.accessToken = vaultData.accessToken;\n });\n\n const deserializedVaultData = deserializeVaultData(vaultData);\n this.#cachedDecryptedVaultData = deserializedVaultData;\n return deserializedVaultData;\n });\n }\n\n /\n Decrypts the vault data and parses it into a usable format.\n \n @param params - The parameters for decrypting the vault.\n * @param params.password - The optional password to decrypt the vault.\n * @param params.encryptionKey - The optional encryption key to decrypt the vault.\n * @returns A promise that resolves to an object containing:\n /\n async #decryptAndParseVaultData(params?: {\n password?: string;\n encryptionKey?: string;\n }): Promise<{\n vaultData: VaultData;\n vaultEncryptionKey: string;\n vaultEncryptionSalt?: string;\n }> {\n let { vaultEncryptionKey, vaultEncryptionSalt } = this.state;\n const { vault: encryptedVault } = this.state;\n\n if (!encryptedVault) {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultError);\n }\n\n if (params?.encryptionKey) {\n vaultEncryptionKey = params.encryptionKey;\n }\n\n let decryptedVaultData: unknown;\n\n // if the encryption key is available, we will use it to decrypt the vault\n if (vaultEncryptionKey) {\n const parsedEncryptedVault = JSON.parse(encryptedVault);\n\n if (\n vaultEncryptionSalt &&\n vaultEncryptionSalt !== parsedEncryptedVault.salt\n ) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.ExpiredCredentials,\n );\n }\n\n const key = await this.#vaultEncryptor.importKey(vaultEncryptionKey);\n decryptedVaultData = await this.#vaultEncryptor.decryptWithKey(\n key,\n parsedEncryptedVault,\n );\n } else {\n // if the encryption key is not available, we will use the password to decrypt the vault\n assertIsValidPassword(params?.password);\n // Note that vault decryption using the password is a very costly operation as it involves deriving the encryption key\n // from the password using an intentionally slow key derivation function.\n // We should make sure that we only call it very intentionally.\n const result = await this.#vaultEncryptor.decryptWithDetail(\n params.password,\n encryptedVault,\n );\n decryptedVaultData = result.vault;\n vaultEncryptionKey = result.exportedKeyString;\n vaultEncryptionSalt = result.salt;\n }\n\n const vaultData = this.#parseVaultData(decryptedVaultData);\n\n return {\n vaultData,\n vaultEncryptionKey,\n vaultEncryptionSalt,\n };\n }\n\n /\n Executes a callback function that creates or restores secret data and persists their hashes in the controller state.\n \n This method:\n * 1. Executes the provided callback to create/restore secret data\n * 2. Generates keccak256 hashes of the secret data\n * 3. Merges new hashes with existing ones in the state, ensuring uniqueness\n * 4. Updates the controller state with the combined hashes\n \n This is a wrapper method that should be used around any operation that creates\n * or restores secret data to ensure their hashes are properly tracked.\n \n @param createSecretMetadataBackupCallback - function that returns either a single secret data\n * or an array of secret data as Uint8Array(s)\n * @returns The original secret data(s) returned by the callback\n * @throws Rethrows any errors from the callback with additional logging\n /\n async #withPersistedSecretMetadataBackupsState(\n createSecretMetadataBackupCallback: () => Promise<\n Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array }\n >,\n ): Promise<Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array }> {\n try {\n const newBackup = await createSecretMetadataBackupCallback();\n\n this.#filterDupesAndUpdateSocialBackupsMetadata(newBackup);\n\n return newBackup;\n } catch (error) {\n log('Error persisting secret data backups', error);\n throw error;\n }\n }\n\n /\n Updates the social backups metadata state by adding new unique secret data backups.\n * This method ensures no duplicate backups are stored by checking the hash of each secret data.\n \n @param secretData - The backup data to add to the state\n * @param secretData.data - The secret data to backup as a Uint8Array\n * @param secretData.keyringId - The optional keyring id of the backup keyring (SRP).\n * @param secretData.type - The type of the secret data.\n /\n #filterDupesAndUpdateSocialBackupsMetadata(\n secretData:\n \| {\n data: Uint8Array;\n keyringId?: string;\n type: SecretType;\n }\n \| {\n data: Uint8Array;\n keyringId?: string;\n type: SecretType;\n }[],\n ) {\n const currentBackupsMetadata = this.state.socialBackupsMetadata;\n\n const newBackupsMetadata = Array.isArray(secretData)\n ? secretData\n : [secretData];\n const filteredNewBackupsMetadata: SocialBackupsMetadata[] = [];\n\n // filter out the backed up metadata that already exists in the state\n // to prevent duplicates\n newBackupsMetadata.forEach((item) => {\n const { keyringId, data, type } = item;\n const backupHash = keccak256AndHexify(data);\n\n const backupStateAlreadyExisted = currentBackupsMetadata.some(\n (backup) => backup.hash === backupHash && backup.type === type,\n );\n\n if (!backupStateAlreadyExisted) {\n filteredNewBackupsMetadata.push({\n keyringId,\n hash: backupHash,\n type,\n });\n }\n });\n\n if (filteredNewBackupsMetadata.length > 0) {\n this.update((state) => {\n state.socialBackupsMetadata = [\n ...state.socialBackupsMetadata,\n ...filteredNewBackupsMetadata,\n ];\n });\n }\n }\n\n /\n Create a new vault with the given authentication data.\n \n Serialize the authentication and key data which will be stored in the vault.\n \n @param params - The parameters for creating a new vault.\n * @param params.password - The password to encrypt the vault.\n * @param params.rawToprfEncryptionKey - The encryption key to encrypt the vault.\n * @param params.rawToprfPwEncryptionKey - The encryption key to encrypt the password.\n * @param params.rawToprfAuthKeyPair - The authentication key pair for Toprf operations.\n /\n async #createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey,\n rawToprfPwEncryptionKey,\n rawToprfAuthKeyPair,\n }: {\n password: string;\n rawToprfEncryptionKey: Uint8Array;\n rawToprfPwEncryptionKey: Uint8Array;\n rawToprfAuthKeyPair: KeyPair;\n }): Promise<void> {\n this.#assertIsAuthenticatedUser(this.state);\n\n const { accessToken, revokeToken } =\n await this.#getAccessTokenAndRevokeToken(password);\n\n const vaultData: DeserializedVaultData = {\n toprfAuthKeyPair: rawToprfAuthKeyPair,\n toprfEncryptionKey: rawToprfEncryptionKey,\n toprfPwEncryptionKey: rawToprfPwEncryptionKey,\n revokeToken,\n accessToken,\n };\n\n await this.#updateVault({\n password,\n vaultData,\n pwEncKey: rawToprfPwEncryptionKey,\n });\n\n // update the authPubKey in the state\n this.#persistAuthPubKey({\n authPubKey: rawToprfAuthKeyPair.pk,\n });\n\n this.#setUnlocked();\n }\n\n /\n Encrypt and update the vault with the given authentication data.\n \n @param params - The parameters for updating the vault.\n * @param params.password - The password to encrypt the vault.\n * @param params.vaultData - The raw vault data to update the vault with.\n * @param params.pwEncKey - The global password encryption key.\n * @returns A promise that resolves to the updated vault.\n /\n async #updateVault({\n password,\n vaultData,\n pwEncKey,\n }: {\n password: string;\n vaultData: DeserializedVaultData;\n pwEncKey: Uint8Array;\n }): Promise<void> {\n await this.#withVaultLock(async () => {\n assertIsValidPassword(password);\n\n // cache the vault data to avoid decrypting the vault data multiple times\n this.#cachedDecryptedVaultData = vaultData;\n\n const serializedVaultData = serializeVaultData(vaultData);\n\n // Note that vault encryption using the password is a very costly operation as it involves deriving the encryption key\n // from the password using an intentionally slow key derivation function.\n // We should make sure that we only call it very intentionally.\n const { vault, exportedKeyString } =\n await this.#vaultEncryptor.encryptWithDetail(\n password,\n serializedVaultData,\n );\n\n // Encrypt vault key.\n const aes = managedNonce(gcm)(pwEncKey);\n const encryptedKey = aes.encrypt(utf8ToBytes(exportedKeyString));\n\n this.update((state) => {\n state.vault = vault;\n state.vaultEncryptionKey = exportedKeyString;\n state.vaultEncryptionSalt = JSON.parse(vault).salt;\n state.encryptedSeedlessEncryptionKey = bytesToBase64(encryptedKey);\n });\n });\n }\n\n /\n Get the access token and revoke token from the state or the vault.\n \n @param password - The password to decrypt the vault.\n * @returns The access token and revoke token.\n /\n async #getAccessTokenAndRevokeToken(\n password: string,\n ): Promise<{ accessToken: string; revokeToken: string }> {\n let { accessToken, revokeToken } = this.state;\n // `accessToken` and `revokeToken` are both available in the state, `ONLY` when the wallet (vault) is unlocked\n // or during the period between the social authentication and the vault creation during the onboarding flow.\n if (accessToken && revokeToken) {\n return { accessToken, revokeToken };\n }\n\n // if `password` is provided to decrypt the vault, decrypt the vault and get the access token and revoke token from the vault\n if (this.state.vault) {\n // if the access token or revoke token is not available in the state, decrypt the vault and get the access token and revoke token from the vault\n const { vaultData } = await this.#decryptAndParseVaultData({ password });\n accessToken = accessToken \|\| vaultData.accessToken;\n revokeToken = revokeToken \|\| vaultData.revokeToken;\n }\n\n // we should always throw an error if the access token or revoke token is not available\n // to prevent the caller from using the controller in an invalid state\n\n if (!accessToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidAccessToken,\n );\n }\n\n if (!revokeToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidRevokeToken,\n );\n }\n\n return { accessToken, revokeToken };\n }\n\n /\n Lock the controller mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n This wrapper ensures that each mutable operation that interacts with the\n * controller and that changes its state is executed in a mutually exclusive way,\n * preventing unsafe concurrent access that could lead to unpredictable behavior.\n \n @param callback - The function to execute while the controller mutex is locked.\n * @returns The result of the function.\n /\n async #withControllerLock<Result>(\n callback: MutuallyExclusiveCallback<Result>,\n ): Promise<Result> {\n return await withLock(this.#controllerOperationMutex, callback);\n }\n\n /\n Lock the vault mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n This ensures that each operation that interacts with the vault\n * is executed in a mutually exclusive way.\n \n @param callback - The function to execute while the vault mutex is locked.\n * @returns The result of the function.\n /\n async #withVaultLock<Result>(\n callback: MutuallyExclusiveCallback<Result>,\n ): Promise<Result> {\n return await withLock(this.#vaultOperationMutex, callback);\n }\n\n /\n Parse and deserialize the authentication data from the vault.\n \n @param data - The decrypted vault data.\n * @returns The parsed authentication data.\n * @throws If the vault data is not valid.\n /\n #parseVaultData(data: unknown): VaultData {\n if (typeof data !== 'string') {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);\n }\n\n let parsedVaultData: unknown;\n try {\n parsedVaultData = JSON.parse(data);\n } catch {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);\n }\n\n assertIsValidVaultData(parsedVaultData);\n\n return parsedVaultData;\n }\n\n #assertIsUnlocked(): void {\n if (!this.#isUnlocked) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.ControllerLocked,\n );\n }\n }\n\n /\n Assert that the provided value contains valid authenticated user information.\n \n This method checks that the value is an object containing:\n * - nodeAuthTokens: A non-empty array of authentication tokens\n * - authConnectionId: A string identifier for the OAuth connection\n * - groupedAuthConnectionId: A string identifier for grouped OAuth connections\n * - userId: A string identifier for the authenticated user\n \n @param value - The value to validate.\n * @throws {Error} If the value does not contain valid authenticated user information.\n /\n #assertIsAuthenticatedUser(\n value: unknown,\n ): asserts value is AuthenticatedUserDetails {\n try {\n assertIsSeedlessOnboardingUserAuthenticated(value);\n } catch (error) {\n this.update((state) => {\n state.isSeedlessOnboardingUserAuthenticated = false;\n });\n throw error;\n }\n }\n\n /\n Assert that the password is in sync with the global password.\n \n @param options - The options for asserting the password is in sync.\n * @param options.skipCache - Whether to skip the cache check.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns The global auth public key and the latest key index.\n * @throws If the password is outdated.\n /\n async #assertPasswordInSync(options?: {\n skipCache?: boolean;\n skipLock?: boolean;\n }): Promise<{\n authPubKey: SEC1EncodedPublicKey;\n latestKeyIndex: number;\n }> {\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n const { authPubKey, keyIndex: latestKeyIndex } = await this.toprfClient\n .fetchAuthPubKey({\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n })\n .catch((error) => {\n log('Error fetching auth pub key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchAuthPubKey,\n );\n });\n const isPasswordOutdated = await this.checkIsPasswordOutdated({\n ...options,\n globalAuthPubKey: authPubKey,\n });\n if (isPasswordOutdated) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.OutdatedPassword,\n );\n }\n return { authPubKey, latestKeyIndex };\n }\n\n #resetPasswordOutdatedCache(): void {\n this.update((state) => {\n delete state.passwordOutdatedCache;\n });\n }\n\n /\n Refresh expired nodeAuthTokens, accessToken, and metadataAccessToken using the stored refresh token.\n \n This method retrieves the refresh token from the vault and uses it to obtain\n * new nodeAuthTokens when the current ones have expired.\n \n @returns A promise that resolves to the new nodeAuthTokens.\n /\n async refreshAuthTokens(): Promise<void> {\n this.#assertIsAuthenticatedUser(this.state);\n const { refreshToken } = this.state;\n\n const res = await this.#refreshJWTToken({\n connection: this.state.authConnection,\n refreshToken,\n }).catch((error) => {\n log('Error refreshing JWT tokens', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToRefreshJWTTokens,\n );\n });\n\n try {\n const { idTokens, accessToken, metadataAccessToken } = res;\n // re-authenticate with the new id tokens to set new node auth tokens\n // NOTE: here we can't provide the `revokeToken` value to the `authenticate` method because `refreshAuthTokens` method can be called when the wallet (vault) is locked\n await this.authenticate({\n idTokens,\n accessToken,\n metadataAccessToken,\n authConnection: this.state.authConnection,\n authConnectionId: this.state.authConnectionId,\n groupedAuthConnectionId: this.state.groupedAuthConnectionId,\n userId: this.state.userId,\n refreshToken,\n skipLock: true,\n });\n } catch (error) {\n log('Error refreshing node auth tokens', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.AuthenticationError,\n );\n }\n }\n\n /\n Renew the refresh token - get new refresh token and new revoke token\n * and also updates the vault with the new revoke token.\n * This method is to be called after user is authenticated.\n \n @param password - The password to encrypt the vault.\n * @returns A Promise that resolves to void.\n /\n async renewRefreshToken(password: string) {\n return await this.#withControllerLock(async () => {\n this.#assertIsAuthenticatedUser(this.state);\n const { refreshToken, vaultEncryptionKey } = this.state;\n const {\n toprfEncryptionKey: rawToprfEncryptionKey,\n toprfPwEncryptionKey: rawToprfPwEncryptionKey,\n toprfAuthKeyPair: rawToprfAuthKeyPair,\n revokeToken,\n } = await this.#unlockVaultAndGetVaultData({\n password,\n encryptionKey: vaultEncryptionKey,\n });\n\n const { newRevokeToken, newRefreshToken } = await this.#renewRefreshToken(\n {\n connection: this.state.authConnection,\n revokeToken,\n },\n );\n\n if (newRevokeToken && newRefreshToken) {\n this.update((state) => {\n // set new revoke token in state temporarily for persisting in vault\n state.revokeToken = newRevokeToken;\n // set new refresh token to persist in state\n state.refreshToken = newRefreshToken;\n });\n\n // add the old refresh token to the list to be revoked later when possible\n this.#addRefreshTokenToRevokeList({\n refreshToken,\n revokeToken,\n });\n\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey,\n rawToprfPwEncryptionKey,\n rawToprfAuthKeyPair,\n });\n }\n });\n }\n\n /\n Revoke all pending refresh tokens.\n \n This method is to be called after user is authenticated.\n \n @returns A Promise that resolves to void.\n /\n async revokePendingRefreshTokens() {\n return await this.#withControllerLock(async () => {\n this.#assertIsAuthenticatedUser(this.state);\n const { pendingToBeRevokedTokens } = this.state;\n if (!pendingToBeRevokedTokens \|\| pendingToBeRevokedTokens.length === 0) {\n return;\n }\n\n // revoke all pending refresh tokens in parallel\n const promises = pendingToBeRevokedTokens.map(({ revokeToken }) => {\n const revokePromise = async (): Promise<string \| null> => {\n try {\n await this.#revokeRefreshToken({\n connection: this.state.authConnection as AuthConnection,\n revokeToken,\n });\n return revokeToken;\n } catch (error) {\n log('Error revoking refresh token', error);\n return null;\n }\n };\n return revokePromise();\n });\n const result = await Promise.all(promises); // no need to do Promise.allSettled because the promise already handle try catch\n // filter out the null values\n const revokedTokens = result.filter((token) => token !== null);\n if (revokedTokens.length > 0) {\n // update the state to remove the revoked tokens once all concurrent token revoke finish\n this.update((state) => {\n state.pendingToBeRevokedTokens =\n state.pendingToBeRevokedTokens?.filter(\n (token) => !revokedTokens.includes(token.revokeToken),\n );\n });\n }\n });\n }\n\n /\n Add a pending refresh, revoke token to the state to be revoked later.\n \n @param params - The parameters for adding a pending refresh, revoke token.\n * @param params.refreshToken - The refresh token to add.\n * @param params.revokeToken - The revoke token to add.\n /\n #addRefreshTokenToRevokeList({\n refreshToken,\n revokeToken,\n }: {\n refreshToken: string;\n revokeToken: string;\n }) {\n this.update((state) => {\n state.pendingToBeRevokedTokens = [\n ...(state.pendingToBeRevokedTokens \|\| []),\n { refreshToken, revokeToken },\n ];\n });\n }\n\n /\n Check if the provided error is an auth token error.\n \n This method checks if the error is a TOPRF error with AuthTokenExpired code or InvalidAuthToken code.\n \n @param error - The error to check.\n * @returns True if the error indicates auth token error, false otherwise.\n /\n #isAuthTokenError(error: unknown): boolean {\n if (error instanceof TOPRFError) {\n return (\n error.code === TOPRFErrorCode.AuthTokenExpired \|\|\n error.code === TOPRFErrorCode.InvalidAuthToken\n );\n }\n\n return false;\n }\n\n /\n Check if the provided error is a max key chain length error.\n \n This method checks if the error is a TOPRF error with MaxKeyChainLength code.\n \n @param error - The error to check.\n * @returns True if the error indicates max key chain length has been exceeded, false otherwise.\n /\n #isMaxKeyChainLengthError(error: unknown): boolean {\n if (error instanceof TOPRFError) {\n return (\n error.code ===\n (TOPRFErrorCode.MaxKeyChainLengthExceeded as typeof error.code)\n );\n }\n\n return false;\n }\n\n /\n Executes an operation with automatic token refresh on expiration.\n \n This wrapper method automatically handles token expiration by refreshing tokens\n * and retrying the operation. It can be used by any method that might encounter\n * token expiration errors.\n \n @param operation - The operation to execute that might require valid tokens.\n * @param operationName - A descriptive name for the operation (used in error messages).\n * @returns A promise that resolves to the result of the operation.\n * @throws The original error if it's not token-related, or refresh error if token refresh fails.\n /\n async #executeWithTokenRefresh<T>(\n operation: () => Promise<T>,\n operationName: string,\n ): Promise<T> {\n try {\n // proactively check for expired tokens and refresh them if needed\n const isNodeAuthTokenExpired = this.checkNodeAuthTokenExpired();\n const isMetadataAccessTokenExpired =\n this.checkMetadataAccessTokenExpired();\n // access token is only accessible when the vault is unlocked\n // so skip the check if the vault is locked\n let isAccessTokenExpired = false;\n if (this.#isUnlocked) {\n isAccessTokenExpired = this.checkAccessTokenExpired();\n }\n\n if (\n isNodeAuthTokenExpired \|\|\n isMetadataAccessTokenExpired \|\|\n isAccessTokenExpired\n ) {\n log(\n `JWT token expired during ${operationName}, attempting to refresh tokens`,\n 'node auth token exp check',\n );\n await this.refreshAuthTokens();\n }\n\n return await operation();\n } catch (error) {\n // Check if this is a token expiration error\n if (this.#isAuthTokenError(error)) {\n log(\n `Token expired during ${operationName}, attempting to refresh tokens`,\n error,\n );\n try {\n // Refresh the tokens\n await this.refreshAuthTokens();\n // Retry the operation with fresh tokens\n return await operation();\n } catch (refreshError) {\n log(`Error refreshing tokens during ${operationName}`, refreshError);\n throw refreshError;\n }\n } else {\n // Re-throw non-token-related errors\n throw error;\n }\n }\n }\n\n /\n Check if the current node auth token is expired.\n \n @returns True if the current node auth token is expired, false otherwise.\n /\n public checkNodeAuthTokenExpired(): boolean {\n this.#assertIsAuthenticatedUser(this.state);\n\n const { nodeAuthTokens } = this.state;\n // all auth tokens should be expired at the same time so we can check the first one\n const firstAuthToken = nodeAuthTokens[0]?.authToken;\n // node auth token is base64 encoded json object\n const decodedToken = decodeNodeAuthToken(firstAuthToken);\n // check if the token is expired\n return decodedToken.exp < Date.now() / 1000;\n }\n\n /\n Check if the current metadata access token is expired.\n \n @returns True if the metadata access token is expired, false otherwise.\n /\n public checkMetadataAccessTokenExpired(): boolean {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n const { metadataAccessToken } = this.state;\n // assertIsAuthenticatedUser will throw if metadataAccessToken is missing\n const decodedToken = decodeJWTToken(metadataAccessToken as string);\n return decodedToken.exp < Math.floor(Date.now() / 1000);\n } catch {\n return true; // Consider unauthenticated user as having expired tokens\n }\n }\n\n /\n Check if the current access token is expired.\n * When the vault is locked, the access token is not accessible, so we return false.\n \n @returns True if the access token is expired, false otherwise.\n /\n public checkAccessTokenExpired(): boolean {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n const { accessToken } = this.state;\n if (!accessToken) {\n return true; // Consider missing token as expired\n }\n const decodedToken = decodeJWTToken(accessToken);\n return decodedToken.exp < Math.floor(Date.now() / 1000);\n } catch {\n return true; // Consider unauthenticated user as having expired tokens\n }\n }\n}\n\n/\n Assert that the provided password is a valid non-empty string.\n \n @param password - The password to check.\n * @throws If the password is not a valid string.\n /\nfunction assertIsValidPassword(password: unknown): asserts password is string {\n if (typeof password !== 'string') {\n throw new Error(SeedlessOnboardingControllerErrorMessage.WrongPasswordType);\n }\n\n if (!password \|\| !password.length) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidEmptyPassword,\n );\n }\n}\n\n/\n Lock the given mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n @param mutex - The mutex to lock.\n * @param callback - The function to execute while the mutex is locked.\n * @returns The result of the function.\n /\nasync function withLock<Result>(\n mutex: Mutex,\n callback: MutuallyExclusiveCallback<Result>,\n): Promise<Result> {\n const releaseLock = await mutex.acquire();\n\n try {\n return await callback({ releaseLock });\n } finally {\n releaseLock();\n }\n}\n\n/\n Assert that the provided encrypted keyring encryption key is a valid non-empty string.\n \n @param encryptedKeyringEncryptionKey - The encrypted keyring encryption key to check.\n * @throws If the encrypted keyring encryption key is not a valid string.\n /\nfunction assertIsEncryptedKeyringEncryptionKeySet(\n encryptedKeyringEncryptionKey: string \| undefined,\n): asserts encryptedKeyringEncryptionKey is string {\n if (!encryptedKeyringEncryptionKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.EncryptedKeyringEncryptionKeyNotSet,\n );\n }\n}\n\n/\n Assert that the provided encrypted seedless encryption key is a valid non-empty string.\n \n @param encryptedSeedlessEncryptionKey - The encrypted seedless encryption key to check.\n * @throws If the encrypted seedless encryption key is not a valid string.\n */\nfunction assertIsEncryptedSeedlessEncryptionKeySet(\n encryptedSeedlessEncryptionKey: string \| undefined,\n): asserts encryptedSeedlessEncryptionKey is string {\n if (!encryptedSeedlessEncryptionKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.EncryptedSeedlessEncryptionKeyNotSet,\n );\n }\n}\n"]}
1	+ {"version":3,"file":"SeedlessOnboardingController.cjs","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qEAAkE;AAClE,+DAA2D;AAQ3D,uEAIuC;AACvC,2CAIyB;AACzB,4CAAyC;AACzC,gDAAgE;AAChE,wDAAwD;AACxD,uDAAoD;AACpD,6CAAoC;AAEpC,iDAIsB;AAEtB,+CAMqB;AACrB,yCAA4D;AAC5D,yCAA6D;AAC7D,yDAAkD;AAelD,uCAKiB;AAEjB,MAAM,GAAG,GAAG,IAAA,2BAAkB,EAAC,sBAAa,EAAE,0BAAc,CAAC,CAAC;AAE9D;;;;;GAKG;AACH,SAAgB,uDAAuD,CACrE,SAAsD;IAEtD,MAAM,YAAY,GAAG;QACnB,qBAAqB,EAAE,EAAE;QACzB,qCAAqC,EAAE,KAAK;QAC5C,GAAG,SAAS;KACb,CAAC;IAEF,8CAA8C;IAC9C,IAAI,CAAC;QACH,IAAA,wDAA2C,EAAC,YAAY,CAAC,CAAC;QAC1D,YAAY,CAAC,qCAAqC,GAAG,IAAI,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,CAAC,qCAAqC,GAAG,KAAK,CAAC;IAC7D,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAjBD,0HAiBC;AAED;;;;;;GAMG;AACH,MAAM,0BAA0B,GAC9B;IACE,KAAK,EAAE;QACL,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qBAAqB,EAAE;QACrB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,cAAc,EAAE;QACd,kBAAkB,EAAE,CAAC,cAAc,EAAE,EAAE,CACrC,CAAC,IAAA,yBAAiB,EAAC,cAAc,CAAC;QACpC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,cAAc,EAAE;QACd,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,IAAI;KACf;IACD,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,uBAAuB,EAAE;QACvB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,MAAM,EAAE;QACN,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,IAAI;KACf;IACD,kBAAkB,EAAE;QAClB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,mBAAmB,EAAE;QACnB,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,UAAU,EAAE;QACV,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qBAAqB,EAAE;QACrB,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;IACD,YAAY,EAAE;QACZ,kBAAkB,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,YAAY,CAAC;QACtE,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,WAAW,EAAE;QACX,kBAAkB,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,WAAW,CAAC;QACpE,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,wBAAwB,EAAE;QACxB,kBAAkB,EAAE,CAAC,wBAAwB,EAAE,EAAE,CAC/C,CAAC,IAAA,yBAAiB,EAAC,wBAAwB,CAAC;YAC5C,wBAAwB,CAAC,MAAM,GAAG,CAAC;QACrC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,iBAAiB;IACjB,WAAW,EAAE;QACX,kBAAkB,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAA,yBAAiB,EAAC,WAAW,CAAC;QACpE,OAAO,EAAE,KAAK;QACd,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,2EAA2E;IAC3E,2CAA2C;IAC3C,mBAAmB,EAAE;QACnB,kBAAkB,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAC1C,CAAC,IAAA,yBAAiB,EAAC,mBAAmB,CAAC;QACzC,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,8BAA8B,EAAE;QAC9B,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,6BAA6B,EAAE;QAC7B,kBAAkB,EAAE,KAAK;QACzB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,QAAQ,EAAE,KAAK;KAChB;IACD,qCAAqC,EAAE;QACrC,kBAAkB,EAAE,IAAI;QACxB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,IAAI;QAC5B,QAAQ,EAAE,KAAK;KAChB;CACF,CAAC;AAEJ,MAAa,4BAGX,SAAQ,gCAIT;IAqCC;;;;;;;;;;;;;OAaG;IACH,YAAY,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAO,GAAG,2BAAe,CAAC,OAAO,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAwB,GAAG,0CAA8B,GAI1D;QACC,KAAK,CAAC;YACJ,IAAI,EAAE,0BAAc;YACpB,QAAQ,EAAE,0BAA0B;YACpC,KAAK,EAAE,uDAAuD,CAAC,KAAK,CAAC;YACrE,SAAS;SACV,CAAC,CAAC;;QArEI,+DAGP;QAEO,iEAA4B,IAAI,mBAAK,EAAE,EAAC;QAExC,4DAAuB,IAAI,mBAAK,EAAE,EAAC;QAInC,gEAAkC;QAElC,mEAAwC;QAExC,kEAAsC;QAE/C;;WAEG;QACM,yEAAkC;QAE3C;;;;WAIG;QACH,mDAAc,KAAK,EAAC;QAEpB;;;;WAIG;QACH,yEAA6D;QAqC3D,IAAA,+CAAkC,EAAC,wBAAwB,CAAC,CAAC;QAC7D,uBAAA,IAAI,0DAA6B,wBAAwB,MAAA,CAAC;QAE1D,uBAAA,IAAI,gDAAmB,SAAS,MAAA,CAAC;QAEjC,IAAI,CAAC,WAAW,GAAG,IAAI,uCAAiB,CAAC;YACvC,OAAO;YACP,UAAU,EAAE,eAAe;YAC3B,wBAAwB,EAAE,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;SACnE,CAAC,CAAC;QACH,uBAAA,IAAI,iDAAoB,eAAe,MAAA,CAAC;QACxC,uBAAA,IAAI,oDAAuB,kBAAkB,MAAA,CAAC;QAC9C,uBAAA,IAAI,mDAAsB,iBAAiB,MAAA,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,wBAAwB;QAG5B,MAAM,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAC3C,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,0BAA0B,CACpE,CAAC;QACJ,CAAC;QAED,kDAAkD;QAClD,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,mBAAmB,CAAC,CAAC;QACzD,IAAI,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;YACrD,+BAA+B;YAC/B,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAE/B,kCAAkC;YAClC,MAAM,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAEnE,OAAO;gBACL,mBAAmB,EAAE,sBAAgC;aACtD,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,mBAAmB,EAAE,CAAC;IACjC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,uBAAuB;QAC3B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,8BAA8B,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,YAAY,CAAC,MAYlB;QACC,MAAM,uBAAuB,GAAG,KAAK,IAAI,EAAE;YACzC,IAAI,CAAC;gBACH,MAAM,EACJ,QAAQ,EACR,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,EACN,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mBAAmB,GACpB,GAAG,MAAM,CAAC;gBAEX,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;oBAC/D,gBAAgB;oBAChB,MAAM;oBACN,QAAQ;oBACR,uBAAuB;iBACxB,CAAC,CAAC;gBACH,oDAAoD;gBACpD,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,KAAK,CAAC,cAAc,GAAG,oBAAoB,CAAC,cAAc,CAAC;oBAC3D,KAAK,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;oBAC1C,KAAK,CAAC,uBAAuB,GAAG,uBAAuB,CAAC;oBACxD,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;oBACtB,KAAK,CAAC,cAAc,GAAG,cAAc,CAAC;oBACtC,KAAK,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;oBAC1C,KAAK,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;oBAChD,KAAK,CAAC,YAAY,GAAG,YAAY,CAAC;oBAClC,IAAI,WAAW,EAAE,CAAC;wBAChB,kFAAkF;wBAClF,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;oBAClC,CAAC;oBACD,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;oBAEhC,yFAAyF;oBACzF,mEAAmE;oBACnE,IAAA,wDAA2C,EAAC,KAAK,CAAC,CAAC;oBACnD,KAAK,CAAC,qCAAqC,GAAG,IAAI,CAAC;gBACrD,CAAC,CAAC,CAAC;gBAEH,OAAO,oBAAoB,CAAC;YAC9B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QACF,OAAO,MAAM,CAAC,QAAQ;YACpB,CAAC,CAAC,MAAM,uBAAuB,EAAE;YACjC,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,uBAAuB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,iCAAiC,CACrC,QAAgB,EAChB,UAAsB,EACtB,SAAiB;QAEjB,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,+BAA+B;YAC/B,qGAAqG;YACrG,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAE5C,wDAAwD;YACxD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,GAC9C,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC;gBACpC,QAAQ;aACT,CAAC,CAAC;YACL,MAAM,2BAA2B,GAAG,KAAK,IAAmB,EAAE;gBAC5D,oCAAoC;gBACpC,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B;oBACpC,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,sBAAU,CAAC,QAAQ;oBACzB,MAAM;oBACN,WAAW;oBACX,OAAO,EAAE;wBACP,SAAS;qBACV;iBACF,CAAC,CAAC;gBAEH,0CAA0C;gBAC1C,qFAAqF;gBACrF,4FAA4F;gBAC5F,kDAAkD;gBAClD,MAAM,uBAAA,IAAI,6FAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC;gBACpD,4DAA4D;gBAC5D,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ;oBACR,qBAAqB,EAAE,MAAM;oBAC7B,uBAAuB,EAAE,QAAQ;oBACjC,mBAAmB,EAAE,WAAW;iBACjC,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACR,2BAA2B,EAC3B,mCAAmC,CACpC,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,gBAAgB,CACpB,IAAgB,EAChB,IAAgB,EAChB,OAEC;QAED,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YAEzB,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;gBAC/B,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,KAAK,IAAmB,EAAE;gBAC9C,2CAA2C;gBAC3C,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,GAC5C,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;gBAE3C,oCAAoC;gBACpC,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B;oBACpC,IAAI;oBACJ,IAAI;oBACJ,MAAM,EAAE,kBAAkB;oBAC1B,WAAW,EAAE,gBAAgB;oBAC7B,OAAO;iBACR,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,aAAa,EAAE,kBAAkB,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,kBAAkB,CAAC,QAAiB;QACxC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,KAAK,IAAI,EAAE;gBACpD,wEAAwE;gBACxE,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;gBAE5C,IAAI,MAAkB,CAAC;gBACvB,IAAI,QAAoB,CAAC;gBACzB,IAAI,WAAoB,CAAC;gBAEzB,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,mBAAmB,GAAG,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,QAAQ,CAAC,CAAC;oBAChE,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC;oBACpC,QAAQ,GAAG,mBAAmB,CAAC,QAAQ,CAAC;oBACxC,WAAW,GAAG,mBAAmB,CAAC,WAAW,CAAC;gBAChD,CAAC;qBAAM,CAAC;oBACN,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;oBACzB,2CAA2C;oBAC3C,MAAM,aAAa,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;oBAC/D,MAAM,GAAG,aAAa,CAAC,kBAAkB,CAAC;oBAC1C,QAAQ,GAAG,aAAa,CAAC,oBAAoB,CAAC;oBAC9C,WAAW,GAAG,aAAa,CAAC,gBAAgB,CAAC;gBAC/C,CAAC;gBAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,kHAAqC,MAAzC,IAAI,EACxB,MAAM,EACN,WAAW,CACZ,CAAC;gBAEF,IAAI,QAAQ,EAAE,CAAC;oBACb,qIAAqI;oBACrI,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;wBACrC,QAAQ;wBACR,qBAAqB,EAAE,MAAM;wBAC7B,uBAAuB,EAAE,QAAQ;wBACjC,mBAAmB,EAAE,WAAW;qBACjC,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,WAAmB;QAC3D,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YACzB,iDAAiD;YACjD,MAAM,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE;gBAC1C,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;gBAC1D,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI,EAAE,2CAA2C;aAC5D,CAAC,CAAC;YAEH,MAAM,qBAAqB,GAAG,KAAK,IAAmB,EAAE;gBACtD,2CAA2C;gBAC3C,IAAI,oBAAwC,CAAC;gBAC7C,IAAI,IAAI,CAAC,KAAK,CAAC,6BAA6B,EAAE,CAAC;oBAC7C,oBAAoB,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;gBAC/D,CAAC;gBAED,4EAA4E;gBAC5E,MAAM,EACJ,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAE,cAAc,GAC5B,GAAG,MAAM,uBAAA,IAAI,kGAAqB,MAAzB,IAAI,EAAsB;oBAClC,WAAW;oBACX,WAAW;oBACX,cAAc;iBACf,CAAC,CAAC;gBAEH,iDAAiD;gBACjD,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ,EAAE,WAAW;oBACrB,qBAAqB,EAAE,SAAS;oBAChC,uBAAuB,EAAE,WAAW;oBACpC,mBAAmB,EAAE,cAAc;iBACpC,CAAC,CAAC;gBAEH,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;gBAEnC,gDAAgD;gBAChD,IAAI,oBAAoB,EAAE,CAAC;oBACzB,MAAM,IAAI,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC,CAAC;YAEF,IAAI,CAAC;gBACH,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACR,qBAAqB,EACrB,gBAAgB,CACjB,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;gBACtC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,sBAAsB,CAChE,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,yBAAyB,CACvB,UAEkE;QAElE,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;QAEzB,uBAAA,IAAI,wHAA2C,MAA/C,IAAI,EAA4C,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,mBAAmB,CACvB,QAAgB,EAChB,OAEC;QAED,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;YAC1B,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,UAAU,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,uBAAA,IAAI,oDAAgB,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACjE,CAAC,CAAC;QACF,OAAO,OAAO,EAAE,QAAQ;YACtB,CAAC,CAAC,MAAM,QAAQ,EAAE;YAClB,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAgB,EAChB,OAAmB,sBAAU,CAAC,QAAQ;QAEtC,MAAM,cAAc,GAAG,IAAA,uCAAkB,EAAC,IAAI,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,CAC1C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,CACnE,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,cAAc,CAAC,QAAgB;QACnC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B,EAAE,QAAQ,EAAE,CAAC,CAAC;YACrD,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS;QACb,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;gBACpB,OAAO,KAAK,CAAC,kBAAkB,CAAC;gBAChC,OAAO,KAAK,CAAC,mBAAmB,CAAC;gBACjC,OAAO,KAAK,CAAC,WAAW,CAAC;gBACzB,OAAO,KAAK,CAAC,WAAW,CAAC;YAC3B,CAAC,CAAC,CAAC;YAEH,uBAAA,IAAI,0DAA6B,SAAS,MAAA,CAAC;YAC3C,uBAAA,IAAI,4CAAe,KAAK,MAAA,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,wBAAwB,CAAC,EAC7B,cAAc,GAGf;QACC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,CAAoB,CAAC;YACzB,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE;gBAChC,0CAA0C;gBAC1C,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GACrC,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,cAAc,CAAC,CAAC;gBAC5C,iDAAiD;gBACjD,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ,EAAE,cAAc;oBACxB,qBAAqB,EAAE,MAAM;oBAC7B,uBAAuB,EAAE,QAAQ;oBACjC,mBAAmB,EAAE,WAAW;iBACjC,CAAC,CAAC;gBAEH,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;YACrC,CAAC,CAAC;YACF,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACf,cAAc,EACd,0BAA0B,CAC3B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAiB,GAAG,CAAC,GAItB;QACC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EAA0B,KAAK,IAAI,EAAE;gBACpD,MAAM,uBAAuB,GAAG,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,CAAqB,CAAC;gBAC1D,MAAM,uBAAA,IAAI,mGAAsB,MAA1B,IAAI,EAAuB;oBAC/B,gBAAgB,EAAE,uBAAuB;oBACzC,cAAc;oBACd,iBAAiB;iBAClB,CAAC,CAAC;YACL,CAAC,EAAE,sBAAsB,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC;IAuDD;;;;;;;;;OASG;IACH,KAAK,CAAC,uBAAuB,CAAC,OAI7B;QACC,MAAM,wBAAwB,GAAG,KAAK,IAAI,EAAE;YAC1C,uCAAuC;YACvC,6CAA6C;YAC7C,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,CAAC;gBACxB,MAAM,EAAE,qBAAqB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;gBAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACvB,MAAM,YAAY,GAChB,qBAAqB;oBACrB,GAAG,GAAG,qBAAqB,CAAC,SAAS;wBACnC,uBAAA,IAAI,8DAA0B,CAAC;gBAEnC,IAAI,YAAY,EAAE,CAAC;oBACjB,OAAO,qBAAqB,CAAC,YAAY,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;YAEf,MAAM,uBAAuB,GAAG,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,CAAqB,CAAC;YAE1D,IAAI,gBAAgB,GAAG,OAAO,EAAE,gBAAgB,CAAC;YACjD,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW;qBAC1C,eAAe,CAAC;oBACf,cAAc;oBACd,gBAAgB;oBAChB,uBAAuB;oBACvB,MAAM;iBACP,CAAC;qBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oBACf,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;oBAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,uBAAuB,CACjE,CAAC;gBACJ,CAAC,CAAC,CAAC;gBACL,gBAAgB,GAAG,UAAU,CAAC;YAChC,CAAC;YAED,uDAAuD;YACvD,MAAM,YAAY,GAAG,CAAC,qBAAS,CAAC,eAAe,CAAC,OAAO,CACrD,uBAAuB,CACxB,CAAC,MAAM,CAAC,qBAAS,CAAC,eAAe,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;YAC9D,4BAA4B;YAC5B,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;gBACpB,KAAK,CAAC,qBAAqB,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACxE,CAAC,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC,CAAC;QAEF,OAAO,MAAM,uBAAA,IAAI,sGAAyB,MAA7B,IAAI,EACf,KAAK,IAAI,EAAE,CACT,OAAO,EAAE,QAAQ;YACf,CAAC,CAAC,MAAM,wBAAwB,EAAE;YAClC,CAAC,CAAC,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,wBAAwB,CAAC,EAC9D,yBAAyB,CAC1B,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,sBAAsB;QAC1B,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAMD;;OAEG;IACH,UAAU;QACR,MAAM,YAAY,GAChB,uDAAuD,EAAE,CAAC;QAC5D,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;YACf,OAAO,YAAY,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC;IA8CD;;;;;OAKG;IACH,KAAK,CAAC,yBAAyB,CAAC,oBAA4B;QAC1D,MAAM,EAAE,oBAAoB,EAAE,MAAM,EAAE,GACpC,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;QAC3C,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB;QAC5B,MAAM,EAAE,oBAAoB,EAAE,MAAM,EAAE,GACpC,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,CAA8B,CAAC;QAC3C,OAAO,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,MAAM,CAAC,CAAC;IACtD,CAAC;IAmvBD;;;;;;;OAOG;IACH,KAAK,CAAC,iBAAiB;QACrB,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAEpC,MAAM,GAAG,GAAG,MAAM,uBAAA,IAAI,qDAAiB,MAArB,IAAI,EAAkB;YACtC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;YACrC,YAAY;SACb,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACjB,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,wBAAwB,CAClE,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,GAAG,GAAG,CAAC;YAC3D,qEAAqE;YACrE,sKAAsK;YACtK,MAAM,IAAI,CAAC,YAAY,CAAC;gBACtB,QAAQ;gBACR,WAAW;gBACX,mBAAmB;gBACnB,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;gBACzC,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB;gBAC7C,uBAAuB,EAAE,IAAI,CAAC,KAAK,CAAC,uBAAuB;gBAC3D,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM;gBACzB,YAAY;gBACZ,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAChD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QACtC,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,YAAY,EAAE,kBAAkB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YACxD,MAAM,EACJ,kBAAkB,EAAE,qBAAqB,EACzC,oBAAoB,EAAE,uBAAuB,EAC7C,gBAAgB,EAAE,mBAAmB,EACrC,WAAW,GACZ,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;gBACzC,QAAQ;gBACR,aAAa,EAAE,kBAAkB;aAClC,CAAC,CAAC;YAEH,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,MAAM,uBAAA,IAAI,uDAAmB,MAAvB,IAAI,EACpD;gBACE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;gBACrC,WAAW;aACZ,CACF,CAAC;YAEF,IAAI,cAAc,IAAI,eAAe,EAAE,CAAC;gBACtC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,oEAAoE;oBACpE,KAAK,CAAC,WAAW,GAAG,cAAc,CAAC;oBACnC,4CAA4C;oBAC5C,KAAK,CAAC,YAAY,GAAG,eAAe,CAAC;gBACvC,CAAC,CAAC,CAAC;gBAEH,0EAA0E;gBAC1E,uBAAA,IAAI,0GAA6B,MAAjC,IAAI,EAA8B;oBAChC,YAAY;oBACZ,WAAW;iBACZ,CAAC,CAAC;gBAEH,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;oBACrC,QAAQ;oBACR,qBAAqB;oBACrB,uBAAuB;oBACvB,mBAAmB;iBACpB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B;QAC9B,OAAO,MAAM,uBAAA,IAAI,iGAAoB,MAAxB,IAAI,EAAqB,KAAK,IAAI,EAAE;YAC/C,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAChD,IAAI,CAAC,wBAAwB,IAAI,wBAAwB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvE,OAAO;YACT,CAAC;YAED,gDAAgD;YAChD,MAAM,QAAQ,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE;gBAChE,MAAM,aAAa,GAAG,KAAK,IAA4B,EAAE;oBACvD,IAAI,CAAC;wBACH,MAAM,uBAAA,IAAI,wDAAoB,MAAxB,IAAI,EAAqB;4BAC7B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,cAAgC;4BACvD,WAAW;yBACZ,CAAC,CAAC;wBACH,OAAO,WAAW,CAAC;oBACrB,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,GAAG,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;wBAC3C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC,CAAC;gBACF,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,gFAAgF;YAC5H,6BAA6B;YAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC;YAC/D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,wFAAwF;gBACxF,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpB,KAAK,CAAC,wBAAwB;wBAC5B,KAAK,CAAC,wBAAwB,EAAE,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,CACtD,CAAC;gBACN,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IA8HD;;;;OAIG;IACI,yBAAyB;QAC9B,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;QAE5C,MAAM,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QACtC,mFAAmF;QACnF,MAAM,cAAc,GAAG,cAAc,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;QACpD,gDAAgD;QAChD,MAAM,YAAY,GAAG,IAAA,2BAAmB,EAAC,cAAc,CAAC,CAAC;QACzD,gCAAgC;QAChC,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IAC9C,CAAC;IAED;;;;OAIG;IACI,+BAA+B;QACpC,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YAC3C,yEAAyE;YACzE,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,mBAA6B,CAAC,CAAC;YACnE,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,CAAC,yDAAyD;QACxE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,uBAAuB;QAC5B,IAAI,CAAC;YACH,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;YACnC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAC,CAAC,oCAAoC;YACnD,CAAC;YACD,MAAM,YAAY,GAAG,IAAA,sBAAc,EAAC,WAAW,CAAC,CAAC;YACjD,OAAO,YAAY,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,CAAC,yDAAyD;QACxE,CAAC;IACH,CAAC;CACF;AA33DD,oEA23DC;;AA7xCC;;;;;;;;;;;GAWG;AACH,KAAK,6DAAuB,EAC1B,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAKlB;IACC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,cAAc,EAAE,GAC1D,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,cAAc,CAAC,CAAC;IAE5C,IAAI,CAAC;QACH,gCAAgC;QAChC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;YACjD,gBAAgB;YAChB,WAAW;YACX,cAAc;YACd,gBAAgB,EAAE,iBAAiB;SACpC,CAAC,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;QACzB,MAAM,QAAQ,GAAG,MAAM,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,QAAQ,CAAC,CAAC;QAEjE,wBAAwB;QACxB,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B;YACrC,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAC;QACH,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,IAAI,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,yBAAyB,CACnE,CAAC;QACJ,CAAC;QACD,MAAM,0BAAiB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC;IAsGC,uBAAA,IAAI,4CAAe,IAAI,MAAA,CAAC;AAC1B,CAAC;AAaD;;;;;;GAMG;AACH,KAAK,uDAAiB,OAAe,EAAE,UAAgC;IACrE,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzE,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;YACrC,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;YACzC,gBAAgB;YAChB,uBAAuB;YACvB,MAAM;YACN,OAAO;YACP,UAAU;SACX,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,GAAG,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,sBAAsB,CAChE,CAAC;IACJ,CAAC;AACH,CAAC,6GASkB,MAA4C;IAC7D,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;AACL,CAAC;AA0BD;;;;;GAKG;AACH,KAAK,kEACH,MAAkB,EAClB,oBAA4B;IAE5B,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,6BAA6B,GAAG,GAAG,CAAC,OAAO,CAC/C,IAAA,mBAAW,EAAC,oBAAoB,CAAC,CAClC,CAAC;IACF,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,6BAA6B,GAAG,IAAA,qBAAa,EACjD,6BAA6B,CAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,KAAK,iEAA2B,MAAkB;IAChD,MAAM,EAAE,6BAA6B,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IACnE,wCAAwC,CAAC,YAAY,CAAC,CAAC;IACvD,MAAM,sBAAsB,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,OAAO,IAAA,mBAAW,EAAC,QAAQ,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,KAAK,kEAA4B,MAAkB;IACjD,MAAM,EAAE,8BAA8B,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IACpE,yCAAyC,CAAC,YAAY,CAAC,CAAC;IACxD,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,qBAAqB,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC7D,OAAO,IAAA,mBAAW,EAAC,qBAAqB,CAAC,CAAC;AAC5C,CAAC;IASC,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAClC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mBAAmB,CAC7D,CAAC;IACJ,CAAC;IAED,OAAO,IAAA,qBAAa,EAAC,UAAU,CAAC,CAAC;AACnC,CAAC;AAED;;;;;;GAMG;AACH,KAAK,sDACH,QAAgB;IAEhB,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;IAEf,IAAI,CAAC;QACH,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC;YAC/D,cAAc;YACd,QAAQ;YACR,gBAAgB;YAChB,uBAAuB;YACvB,MAAM;SACP,CAAC,CAAC;QACH,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,sDAAsD;QACtD,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,sBAAa,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;AACH,CAAC,sEAED,KAAK,4EACH,MAAkB,EAClB,WAAoB;IAEpB,IAAI,UAAU,GAAiB,EAAE,CAAC;IAClC,IAAI,CAAC;QACH,4DAA4D;QAC5D,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC;YAC1D,MAAM,EAAE,MAAM;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,2BAA2B,CACrE,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,IAAI,UAAU,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,+BAAc,CAAC,6BAA6B,CAAC,UAAU,CAAC,CAAC;QACzE,uDAAuD;QACvD,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACjC,IAAI,aAAa,CAAC,IAAI,KAAK,sBAAU,CAAC,QAAQ,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,4BAA4B,CACtE,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,iBAAiB,CAAC,CAAC;AAC9E,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,4DAAsB,EACzB,WAAW,EACX,WAAW,EACX,cAAc,GAKf;IACC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzE,IAAI,MAAkB,CAAC;IACvB,IAAI,QAAoB,CAAC;IACzB,IAAI,WAAoB,CAAC;IACzB,IAAI,cAAc,GAAG,cAAc,CAAC;IACpC,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,CAAC;YACC,MAAM;YACN,QAAQ;YACR,WAAW;YACX,aAAa,EAAE,cAAc;SAC9B,GAAG,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,WAAW,CAAC,CAAC,CAAC;IAC9C,CAAC;SAAM,CAAC;QACN,CAAC;YACC,kBAAkB,EAAE,MAAM;YAC1B,oBAAoB,EAAE,QAAQ;YAC9B,gBAAgB,EAAE,WAAW;SAC9B,GAAG,MAAM,uBAAA,IAAI,yGAA4B,MAAhC,IAAI,EAA6B,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;QACjD,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc;QACzC,gBAAgB;QAChB,uBAAuB;QACvB,MAAM;QACN,SAAS,EAAE,MAAM;QACjB,WAAW,EAAE,QAAQ;QACrB,cAAc,EAAE,WAAW;QAC3B,gBAAgB,EAAE,cAAc;QAChC,WAAW;KACZ,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,KAAK,kEAA4B,MAQhC;IACC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAE5D,uGAAuG;IACvG,MAAM,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9D,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,+BAAc,CAAC,IAAI,EAAE;QAC9C,IAAI;KACL,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC;IAE5C,MAAM,SAAS,GAAG,OAAO,EAAE,SAAmB,CAAC;IAC/C,IAAI,IAAI,KAAK,sBAAU,CAAC,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,uBAAA,IAAI,sHAAyC,MAA7C,IAAI,EAA0C,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBACvC,MAAM;gBACN,UAAU;gBACV,WAAW;aACZ,CAAC,CAAC;YACH,OAAO;gBACL,SAAS;gBACT,IAAI;gBACJ,IAAI;aACL,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,GAAG,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC;QAC9D,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,iCAAiC,CAC3E,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,KAAK,mEAA6B,MAGjC;IACC,OAAO,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,KAAK,IAAI,EAAE;QACpC,IAAI,uBAAA,IAAI,8DAA0B,EAAE,CAAC;YACnC,OAAO,uBAAA,IAAI,8DAA0B,CAAC;QACxC,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAC1D,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,MAAM,CAAC,CAAC;QAE/C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;YAC9C,KAAK,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;YAChD,KAAK,CAAC,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;YAC1C,KAAK,CAAC,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;QAC5C,CAAC,CAAC,CAAC;QAEH,MAAM,qBAAqB,GAAG,IAAA,4BAAoB,EAAC,SAAS,CAAC,CAAC;QAC9D,uBAAA,IAAI,0DAA6B,qBAAqB,MAAA,CAAC;QACvD,OAAO,qBAAqB,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,KAAK,iEAA2B,MAG/B;IAKC,IAAI,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAC7D,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAE7C,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,UAAU,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,MAAM,EAAE,aAAa,EAAE,CAAC;QAC1B,kBAAkB,GAAG,MAAM,CAAC,aAAa,CAAC;IAC5C,CAAC;IAED,IAAI,kBAA2B,CAAC;IAEhC,0EAA0E;IAC1E,IAAI,kBAAkB,EAAE,CAAC;QACvB,MAAM,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAExD,IACE,mBAAmB;YACnB,mBAAmB,KAAK,oBAAoB,CAAC,IAAI,EACjD,CAAC;YACD,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;QACJ,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QACrE,kBAAkB,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,cAAc,CAC5D,GAAG,EACH,oBAAoB,CACrB,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,wFAAwF;QACxF,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QACxC,sHAAsH;QACtH,yEAAyE;QACzE,+DAA+D;QAC/D,MAAM,MAAM,GAAG,MAAM,uBAAA,IAAI,oDAAgB,CAAC,iBAAiB,CACzD,MAAM,CAAC,QAAQ,EACf,cAAc,CACf,CAAC;QACF,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC;QAClC,kBAAkB,GAAG,MAAM,CAAC,iBAAiB,CAAC;QAC9C,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC;IACpC,CAAC;IAED,MAAM,SAAS,GAAG,uBAAA,IAAI,6FAAgB,MAApB,IAAI,EAAiB,kBAAkB,CAAC,CAAC;IAE3D,OAAO;QACL,SAAS;QACT,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,gFACH,kCAEC;IAED,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,MAAM,kCAAkC,EAAE,CAAC;QAE7D,uBAAA,IAAI,wHAA2C,MAA/C,IAAI,EAA4C,SAAS,CAAC,CAAC;QAE3D,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;QACnD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,6JAYC,UAUO;IAEP,MAAM,sBAAsB,GAAG,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC;IAEhE,MAAM,kBAAkB,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;QAClD,CAAC,CAAC,UAAU;QACZ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;IACjB,MAAM,0BAA0B,GAA4B,EAAE,CAAC;IAE/D,qEAAqE;IACrE,wBAAwB;IACxB,kBAAkB,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;QACvC,MAAM,UAAU,GAAG,IAAA,uCAAkB,EAAC,IAAI,CAAC,CAAC;QAE5C,MAAM,yBAAyB,GAAG,sBAAsB,CAAC,IAAI,CAC3D,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,CAC/D,CAAC;QAEF,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,0BAA0B,CAAC,IAAI,CAAC;gBAC9B,SAAS;gBACT,IAAI,EAAE,UAAU;gBAChB,IAAI;aACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,0BAA0B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,qBAAqB,GAAG;gBAC5B,GAAG,KAAK,CAAC,qBAAqB;gBAC9B,GAAG,0BAA0B;aAC9B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,mEAA6B,EAChC,QAAQ,EACR,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,GAMpB;IACC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAE5C,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,GAChC,MAAM,uBAAA,IAAI,2GAA8B,MAAlC,IAAI,EAA+B,QAAQ,CAAC,CAAC;IAErD,MAAM,SAAS,GAA0B;QACvC,gBAAgB,EAAE,mBAAmB;QACrC,kBAAkB,EAAE,qBAAqB;QACzC,oBAAoB,EAAE,uBAAuB;QAC7C,WAAW;QACX,WAAW;KACZ,CAAC;IAEF,MAAM,uBAAA,IAAI,0FAAa,MAAjB,IAAI,EAAc;QACtB,QAAQ;QACR,SAAS;QACT,QAAQ,EAAE,uBAAuB;KAClC,CAAC,CAAC;IAEH,qCAAqC;IACrC,uBAAA,IAAI,gGAAmB,MAAvB,IAAI,EAAoB;QACtB,UAAU,EAAE,mBAAmB,CAAC,EAAE;KACnC,CAAC,CAAC;IAEH,uBAAA,IAAI,0FAAa,MAAjB,IAAI,CAAe,CAAC;AACtB,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,oDAAc,EACjB,QAAQ,EACR,SAAS,EACT,QAAQ,GAKT;IACC,MAAM,uBAAA,IAAI,4FAAe,MAAnB,IAAI,EAAgB,KAAK,IAAI,EAAE;QACnC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAEhC,yEAAyE;QACzE,uBAAA,IAAI,0DAA6B,SAAS,MAAA,CAAC;QAE3C,MAAM,mBAAmB,GAAG,IAAA,0BAAkB,EAAC,SAAS,CAAC,CAAC;QAE1D,sHAAsH;QACtH,yEAAyE;QACzE,+DAA+D;QAC/D,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAChC,MAAM,uBAAA,IAAI,oDAAgB,CAAC,iBAAiB,CAC1C,QAAQ,EACR,mBAAmB,CACpB,CAAC;QAEJ,qBAAqB;QACrB,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,SAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,IAAA,mBAAW,EAAC,iBAAiB,CAAC,CAAC,CAAC;QAEjE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC;YACpB,KAAK,CAAC,kBAAkB,GAAG,iBAAiB,CAAC;YAC7C,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC;YACnD,KAAK,CAAC,8BAA8B,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,KAAK,qEACH,QAAgB;IAEhB,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;IAC9C,8GAA8G;IAC9G,4GAA4G;IAC5G,IAAI,WAAW,IAAI,WAAW,EAAE,CAAC;QAC/B,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;IACtC,CAAC;IAED,6HAA6H;IAC7H,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACrB,gJAAgJ;QAChJ,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,uBAAA,IAAI,uGAA0B,MAA9B,IAAI,EAA2B,EAAE,QAAQ,EAAE,CAAC,CAAC;QACzE,WAAW,GAAG,WAAW,IAAI,SAAS,CAAC,WAAW,CAAC;QACnD,WAAW,GAAG,WAAW,IAAI,SAAS,CAAC,WAAW,CAAC;IACrD,CAAC;IAED,uFAAuF;IACvF,sEAAsE;IAEtE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,kBAAkB,CAC5D,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AACtC,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,2DACH,QAA2C;IAE3C,OAAO,MAAM,QAAQ,CAAC,uBAAA,IAAI,8DAA0B,EAAE,QAAQ,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,sDACH,QAA2C;IAE3C,OAAO,MAAM,QAAQ,CAAC,uBAAA,IAAI,yDAAqB,EAAE,QAAQ,CAAC,CAAC;AAC7D,CAAC,uGASe,IAAa;IAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,cAAc,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,eAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,cAAc,CAAC,CAAC;IAC3E,CAAC;IAED,IAAA,mCAAsB,EAAC,eAAe,CAAC,CAAC;IAExC,OAAO,eAAe,CAAC;AACzB,CAAC;IAGC,IAAI,CAAC,uBAAA,IAAI,gDAAY,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;AACH,CAAC,6HAeC,KAAc;IAEd,IAAI,CAAC;QACH,IAAA,wDAA2C,EAAC,KAAK,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,KAAK,CAAC,qCAAqC,GAAG,KAAK,CAAC;QACtD,CAAC,CAAC,CAAC;QACH,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,6DAAuB,OAG3B;IAIC,uBAAA,IAAI,wGAA2B,MAA/B,IAAI,EAA4B,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,MAAM,GACP,GAAG,IAAI,CAAC,KAAK,CAAC;IAEf,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW;SACpE,eAAe,CAAC;QACf,cAAc;QACd,gBAAgB;QAChB,uBAAuB;QACvB,MAAM;KACP,CAAC;SACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,uBAAuB,CACjE,CAAC;IACJ,CAAC,CAAC,CAAC;IACL,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC;QAC5D,GAAG,OAAO;QACV,gBAAgB,EAAE,UAAU;KAC7B,CAAC,CAAC;IACH,IAAI,kBAAkB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,gBAAgB,CAC1D,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;AACxC,CAAC;IAGC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,OAAO,KAAK,CAAC,qBAAqB,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,iIAyJ4B,EAC3B,YAAY,EACZ,WAAW,GAIZ;IACC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACpB,KAAK,CAAC,wBAAwB,GAAG;YAC/B,GAAG,CAAC,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC;YACzC,EAAE,YAAY,EAAE,WAAW,EAAE;SAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,2GAUiB,KAAc;IAC9B,IAAI,KAAK,YAAY,gCAAU,EAAE,CAAC;QAChC,OAAO,CACL,KAAK,CAAC,IAAI,KAAK,oCAAc,CAAC,gBAAgB;YAC9C,KAAK,CAAC,IAAI,KAAK,oCAAc,CAAC,gBAAgB,CAC/C,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,2HAUyB,KAAc;IACtC,IAAI,KAAK,YAAY,gCAAU,EAAE,CAAC;QAChC,OAAO,CACL,KAAK,CAAC,IAAI;YACT,oCAAc,CAAC,yBAA+C,CAChE,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,gEACH,SAA2B,EAC3B,aAAqB;IAErB,IAAI,CAAC;QACH,kEAAkE;QAClE,MAAM,sBAAsB,GAAG,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAChE,MAAM,4BAA4B,GAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QACzC,6DAA6D;QAC7D,2CAA2C;QAC3C,IAAI,oBAAoB,GAAG,KAAK,CAAC;QACjC,IAAI,uBAAA,IAAI,gDAAY,EAAE,CAAC;YACrB,oBAAoB,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACxD,CAAC;QAED,IACE,sBAAsB;YACtB,4BAA4B;YAC5B,oBAAoB,EACpB,CAAC;YACD,GAAG,CACD,4BAA4B,aAAa,gCAAgC,EACzE,2BAA2B,CAC5B,CAAC;YACF,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjC,CAAC;QAED,OAAO,MAAM,SAAS,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,4CAA4C;QAC5C,IAAI,uBAAA,IAAI,+FAAkB,MAAtB,IAAI,EAAmB,KAAK,CAAC,EAAE,CAAC;YAClC,GAAG,CACD,wBAAwB,aAAa,gCAAgC,EACrE,KAAK,CACN,CAAC;YACF,IAAI,CAAC;gBACH,qBAAqB;gBACrB,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC/B,wCAAwC;gBACxC,OAAO,MAAM,SAAS,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,GAAG,CAAC,kCAAkC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;gBACrE,MAAM,YAAY,CAAC;YACrB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;AACH,CAAC;AAyDH;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,QAAiB;IAC9C,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,oDAAwC,CAAC,iBAAiB,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,oBAAoB,CAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,UAAU,QAAQ,CACrB,KAAY,EACZ,QAA2C;IAE3C,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;IAE1C,IAAI,CAAC;QACH,OAAO,MAAM,QAAQ,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC;IACzC,CAAC;YAAS,CAAC;QACT,WAAW,EAAE,CAAC;IAChB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,wCAAwC,CAC/C,6BAAiD;IAEjD,IAAI,CAAC,6BAA6B,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,mCAAmC,CAC7E,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,yCAAyC,CAChD,8BAAkD;IAElD,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,oDAAwC,CAAC,oCAAoC,CAC9E,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { keccak256AndHexify } from '@metamask/auth-network-utils';\nimport { BaseController } from '@metamask/base-controller';\nimport type { StateMetadata } from '@metamask/base-controller';\nimport type * as encryptionUtils from '@metamask/browser-passworder';\nimport type {\n KeyPair,\n RecoverEncryptionKeyResult,\n SEC1EncodedPublicKey,\n} from '@metamask/toprf-secure-backup';\nimport {\n ToprfSecureBackup,\n TOPRFErrorCode,\n TOPRFError,\n} from '@metamask/toprf-secure-backup';\nimport {\n base64ToBytes,\n bytesToBase64,\n isNullOrUndefined,\n} from '@metamask/utils';\nimport { gcm } from '@noble/ciphers/aes';\nimport { bytesToUtf8, utf8ToBytes } from '@noble/ciphers/utils';\nimport { managedNonce } from '@noble/ciphers/webcrypto';\nimport { secp256k1 } from '@noble/curves/secp256k1';\nimport { Mutex } from 'async-mutex';\n\nimport {\n assertIsPasswordOutdatedCacheValid,\n assertIsSeedlessOnboardingUserAuthenticated,\n assertIsValidVaultData,\n} from './assertions';\nimport type { AuthConnection } from './constants';\nimport {\n controllerName,\n PASSWORD_OUTDATED_CACHE_TTL_MS,\n SecretType,\n SeedlessOnboardingControllerErrorMessage,\n Web3AuthNetwork,\n} from './constants';\nimport { PasswordSyncError, RecoveryError } from './errors';\nimport { projectLogger, createModuleLogger } from './logger';\nimport { SecretMetadata } from './SecretMetadata';\nimport type {\n MutuallyExclusiveCallback,\n SeedlessOnboardingControllerMessenger,\n SeedlessOnboardingControllerOptions,\n SeedlessOnboardingControllerState,\n AuthenticatedUserDetails,\n SocialBackupsMetadata,\n VaultEncryptor,\n RefreshJWTToken,\n RevokeRefreshToken,\n RenewRefreshToken,\n VaultData,\n DeserializedVaultData,\n} from './types';\nimport {\n decodeJWTToken,\n decodeNodeAuthToken,\n deserializeVaultData,\n serializeVaultData,\n} from './utils';\n\nconst log = createModuleLogger(projectLogger, controllerName);\n\n/*\n Get the initial state for the Seedless Onboarding Controller with defaults.\n \n @param overrides - The overrides for the initial state.\n * @returns The initial state for the Seedless Onboarding Controller.\n /\nexport function getInitialSeedlessOnboardingControllerStateWithDefaults(\n overrides?: Partial<SeedlessOnboardingControllerState>,\n): SeedlessOnboardingControllerState {\n const initialState = {\n socialBackupsMetadata: [],\n isSeedlessOnboardingUserAuthenticated: false,\n ...overrides,\n };\n\n // Ensure authenticated flag is set correctly.\n try {\n assertIsSeedlessOnboardingUserAuthenticated(initialState);\n initialState.isSeedlessOnboardingUserAuthenticated = true;\n } catch {\n initialState.isSeedlessOnboardingUserAuthenticated = false;\n }\n return initialState;\n}\n\n/\n Seedless Onboarding Controller State Metadata.\n \n This allows us to choose if fields of the state should be persisted or not\n * using the `persist` flag; and if they can be sent to Sentry or not, using\n * the `anonymous` flag.\n /\nconst seedlessOnboardingMetadata: StateMetadata<SeedlessOnboardingControllerState> =\n {\n vault: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n socialBackupsMetadata: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n nodeAuthTokens: {\n includeInStateLogs: (nodeAuthTokens) =>\n !isNullOrUndefined(nodeAuthTokens),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n authConnection: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: true,\n },\n authConnectionId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n groupedAuthConnectionId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n userId: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n socialLoginEmail: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: true,\n },\n vaultEncryptionKey: {\n includeInStateLogs: false,\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n vaultEncryptionSalt: {\n includeInStateLogs: false,\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n authPubKey: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n passwordOutdatedCache: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n refreshToken: {\n includeInStateLogs: (refreshToken) => !isNullOrUndefined(refreshToken),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n revokeToken: {\n includeInStateLogs: (revokeToken) => !isNullOrUndefined(revokeToken),\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n pendingToBeRevokedTokens: {\n includeInStateLogs: (pendingToBeRevokedTokens) =>\n !isNullOrUndefined(pendingToBeRevokedTokens) &&\n pendingToBeRevokedTokens.length > 0,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n // stays in vault\n accessToken: {\n includeInStateLogs: (accessToken) => !isNullOrUndefined(accessToken),\n persist: false,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n // stays outside of vault as this token is accessed by the metadata service\n // before the vault is created or unlocked.\n metadataAccessToken: {\n includeInStateLogs: (metadataAccessToken) =>\n !isNullOrUndefined(metadataAccessToken),\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n encryptedSeedlessEncryptionKey: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n encryptedKeyringEncryptionKey: {\n includeInStateLogs: false,\n persist: true,\n includeInDebugSnapshot: false,\n usedInUi: false,\n },\n isSeedlessOnboardingUserAuthenticated: {\n includeInStateLogs: true,\n persist: true,\n includeInDebugSnapshot: true,\n usedInUi: false,\n },\n };\n\nexport class SeedlessOnboardingController<\n EncryptionKey,\n SupportedKeyDerivationOptions = encryptionUtils.KeyDerivationOptions,\n> extends BaseController<\n typeof controllerName,\n SeedlessOnboardingControllerState,\n SeedlessOnboardingControllerMessenger\n> {\n readonly #vaultEncryptor: VaultEncryptor<\n EncryptionKey,\n SupportedKeyDerivationOptions\n >;\n\n readonly #controllerOperationMutex = new Mutex();\n\n readonly #vaultOperationMutex = new Mutex();\n\n readonly toprfClient: ToprfSecureBackup;\n\n readonly #refreshJWTToken: RefreshJWTToken;\n\n readonly #revokeRefreshToken: RevokeRefreshToken;\n\n readonly #renewRefreshToken: RenewRefreshToken;\n\n /\n The TTL of the password outdated cache in milliseconds.\n /\n readonly #passwordOutdatedCacheTTL: number;\n\n /\n Controller lock state.\n \n The controller lock is synchronized with the keyring lock.\n /\n #isUnlocked = false;\n\n /\n Cached decrypted vault data.\n \n This is used to cache the decrypted vault data to avoid decrypting the vault data multiple times.\n /\n #cachedDecryptedVaultData: DeserializedVaultData \| undefined;\n\n /\n Creates a new SeedlessOnboardingController instance.\n \n @param options - The options for the SeedlessOnboardingController.\n * @param options.messenger - A restricted messenger.\n * @param options.state - Initial state to set on this controller.\n * @param options.encryptor - An optional encryptor to use for encrypting and decrypting seedless onboarding vault.\n * @param options.toprfKeyDeriver - An optional key derivation interface for the TOPRF client.\n * @param options.network - The network to be used for the Seedless Onboarding flow.\n * @param options.refreshJWTToken - A function to get a new jwt token using refresh token.\n * @param options.revokeRefreshToken - A function to revoke the refresh token.\n * @param options.renewRefreshToken - A function to renew the refresh token and get new revoke token.\n * @param options.passwordOutdatedCacheTTL - The TTL of the password outdated cache in milliseconds.,\n /\n constructor({\n messenger,\n state,\n encryptor,\n toprfKeyDeriver,\n network = Web3AuthNetwork.Mainnet,\n refreshJWTToken,\n revokeRefreshToken,\n renewRefreshToken,\n passwordOutdatedCacheTTL = PASSWORD_OUTDATED_CACHE_TTL_MS,\n }: SeedlessOnboardingControllerOptions<\n EncryptionKey,\n SupportedKeyDerivationOptions\n >) {\n super({\n name: controllerName,\n metadata: seedlessOnboardingMetadata,\n state: getInitialSeedlessOnboardingControllerStateWithDefaults(state),\n messenger,\n });\n\n assertIsPasswordOutdatedCacheValid(passwordOutdatedCacheTTL);\n this.#passwordOutdatedCacheTTL = passwordOutdatedCacheTTL;\n\n this.#vaultEncryptor = encryptor;\n\n this.toprfClient = new ToprfSecureBackup({\n network,\n keyDeriver: toprfKeyDeriver,\n fetchMetadataAccessCreds: this.fetchMetadataAccessCreds.bind(this),\n });\n this.#refreshJWTToken = refreshJWTToken;\n this.#revokeRefreshToken = revokeRefreshToken;\n this.#renewRefreshToken = renewRefreshToken;\n }\n\n async fetchMetadataAccessCreds(): Promise<{\n metadataAccessToken: string;\n }> {\n const { metadataAccessToken } = this.state;\n if (!metadataAccessToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidMetadataAccessToken,\n );\n }\n\n // Check if token is expired and refresh if needed\n const decodedToken = decodeJWTToken(metadataAccessToken);\n if (decodedToken.exp < Math.floor(Date.now() / 1000)) {\n // Token is expired, refresh it\n await this.refreshAuthTokens();\n\n // Get the new token after refresh\n const { metadataAccessToken: newMetadataAccessToken } = this.state;\n\n return {\n metadataAccessToken: newMetadataAccessToken as string,\n };\n }\n\n return { metadataAccessToken };\n }\n\n /\n Gets the node details for the TOPRF operations.\n * This function can be called to get the node endpoints, indexes and pubkeys and cache them locally.\n /\n async preloadToprfNodeDetails() {\n try {\n await this.toprfClient.getNodeDetails();\n } catch {\n log('Failed to fetch node details');\n }\n }\n\n /\n Authenticate OAuth user using the seedless onboarding flow\n * and determine if the user is already registered or not.\n \n @param params - The parameters for authenticate OAuth user.\n * @param params.idTokens - The ID token(s) issued by OAuth verification service. Currently this array only contains a single idToken which is verified by all the nodes, in future we are considering to issue a unique idToken for each node.\n * @param params.authConnection - The social login provider.\n * @param params.authConnectionId - OAuth authConnectionId from dashboard\n * @param params.userId - user email or id from Social login\n * @param params.groupedAuthConnectionId - Optional grouped authConnectionId to be used for the authenticate request.\n * @param params.socialLoginEmail - The user email from Social login.\n * @param params.refreshToken - refresh token for refreshing expired nodeAuthTokens.\n * @param params.revokeToken - revoke token for revoking refresh token and get new refresh token and new revoke token.\n * @param params.accessToken - Access token for pairing with profile sync auth service and to access other services.\n * @param params.metadataAccessToken - Metadata access token for accessing the metadata service before the vault is created or unlocked.\n * @param params.skipLock - Optional flag to skip acquiring the controller lock. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to the authentication result.\n /\n async authenticate(params: {\n idTokens: string[];\n accessToken: string;\n metadataAccessToken: string;\n authConnection: AuthConnection;\n authConnectionId: string;\n userId: string;\n groupedAuthConnectionId?: string;\n socialLoginEmail?: string;\n refreshToken: string;\n revokeToken?: string;\n skipLock?: boolean;\n }) {\n const doAuthenticateWithNodes = async () => {\n try {\n const {\n idTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n authConnection,\n socialLoginEmail,\n refreshToken,\n revokeToken,\n accessToken,\n metadataAccessToken,\n } = params;\n\n const authenticationResult = await this.toprfClient.authenticate({\n authConnectionId,\n userId,\n idTokens,\n groupedAuthConnectionId,\n });\n // update the state with the authenticated user info\n this.update((state) => {\n state.nodeAuthTokens = authenticationResult.nodeAuthTokens;\n state.authConnectionId = authConnectionId;\n state.groupedAuthConnectionId = groupedAuthConnectionId;\n state.userId = userId;\n state.authConnection = authConnection;\n state.socialLoginEmail = socialLoginEmail;\n state.metadataAccessToken = metadataAccessToken;\n state.refreshToken = refreshToken;\n if (revokeToken) {\n // Temporarily store revoke token & access token in state for later vault creation\n state.revokeToken = revokeToken;\n }\n state.accessToken = accessToken;\n\n // we will check if the controller state is properly set with the authenticated user info\n // before setting the isSeedlessOnboardingUserAuthenticated to true\n assertIsSeedlessOnboardingUserAuthenticated(state);\n state.isSeedlessOnboardingUserAuthenticated = true;\n });\n\n return authenticationResult;\n } catch (error) {\n log('Error authenticating user', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.AuthenticationError,\n );\n }\n };\n return params.skipLock\n ? await doAuthenticateWithNodes()\n : await this.#withControllerLock(doAuthenticateWithNodes);\n }\n\n /\n Create a new TOPRF encryption key using given password and backups the provided seed phrase.\n \n @param password - The password used to create new wallet and seedphrase\n * @param seedPhrase - The initial seed phrase (Mnemonic) created together with the wallet.\n * @param keyringId - The keyring id of the backup seed phrase\n * @returns A promise that resolves to the encrypted seed phrase and the encryption key.\n /\n async createToprfKeyAndBackupSeedPhrase(\n password: string,\n seedPhrase: Uint8Array,\n keyringId: string,\n ): Promise<void> {\n return await this.#withControllerLock(async () => {\n // to make sure that fail fast,\n // assert that the user is authenticated before creating the TOPRF key and backing up the seed phrase\n this.#assertIsAuthenticatedUser(this.state);\n\n // locally evaluate the encryption key from the password\n const { encKey, pwEncKey, authKeyPair, oprfKey } =\n await this.toprfClient.createLocalKey({\n password,\n });\n const performKeyCreationAndBackup = async (): Promise<void> => {\n // encrypt and store the secret data\n await this.#encryptAndStoreSecretData({\n data: seedPhrase,\n type: SecretType.Mnemonic,\n encKey,\n authKeyPair,\n options: {\n keyringId,\n },\n });\n\n // store/persist the encryption key shares\n // We store the secret metadata in the metadata store first. If this operation fails,\n // we avoid persisting the encryption key shares to prevent a situation where a user appears\n // to have an account but with no associated data.\n await this.#persistOprfKey(oprfKey, authKeyPair.pk);\n // create a new vault with the resulting authentication data\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n };\n\n await this.#executeWithTokenRefresh(\n performKeyCreationAndBackup,\n 'createToprfKeyAndBackupSeedPhrase',\n );\n });\n }\n\n /\n encrypt and add a new secret data to the metadata store.\n \n @param data - The data to add.\n * @param type - The type of the secret data.\n * @param options - Optional options object, which includes optional data to be added to the metadata store.\n * @param options.keyringId - The keyring id of the backup keyring (SRP).\n * @returns A promise that resolves to the success of the operation.\n /\n async addNewSecretData(\n data: Uint8Array,\n type: SecretType,\n options?: {\n keyringId?: string;\n },\n ): Promise<void> {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n\n await this.#assertPasswordInSync({\n skipCache: true,\n skipLock: true, // skip lock since we already have the lock\n });\n\n const performBackup = async (): Promise<void> => {\n // verify the password and unlock the vault\n const { toprfEncryptionKey, toprfAuthKeyPair } =\n await this.#unlockVaultAndGetVaultData();\n\n // encrypt and store the secret data\n await this.#encryptAndStoreSecretData({\n data,\n type,\n encKey: toprfEncryptionKey,\n authKeyPair: toprfAuthKeyPair,\n options,\n });\n };\n\n await this.#executeWithTokenRefresh(performBackup, 'addNewSecretData');\n });\n }\n\n /\n Fetches all encrypted secret data and metadata for user's account from the metadata store.\n \n Decrypts the secret data and returns the decrypted secret data using the recovered encryption key from the password.\n \n @param password - The optional password used to create new wallet. If not provided, `cached Encryption Key` will be used.\n * @returns A promise that resolves to the secret data.\n /\n async fetchAllSecretData(password?: string): Promise<SecretMetadata[]> {\n return await this.#withControllerLock(async () => {\n return await this.#executeWithTokenRefresh(async () => {\n // assert that the user is authenticated before fetching the secret data\n this.#assertIsAuthenticatedUser(this.state);\n\n let encKey: Uint8Array;\n let pwEncKey: Uint8Array;\n let authKeyPair: KeyPair;\n\n if (password) {\n const recoverEncKeyResult = await this.#recoverEncKey(password);\n encKey = recoverEncKeyResult.encKey;\n pwEncKey = recoverEncKeyResult.pwEncKey;\n authKeyPair = recoverEncKeyResult.authKeyPair;\n } else {\n this.#assertIsUnlocked();\n // verify the password and unlock the vault\n const keysFromVault = await this.#unlockVaultAndGetVaultData();\n encKey = keysFromVault.toprfEncryptionKey;\n pwEncKey = keysFromVault.toprfPwEncryptionKey;\n authKeyPair = keysFromVault.toprfAuthKeyPair;\n }\n\n const secrets = await this.#fetchAllSecretDataFromMetadataStore(\n encKey,\n authKeyPair,\n );\n\n if (password) {\n // if password is provided, we need to create a new vault with the auth data. (supposedly the user is trying to rehydrate the wallet)\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n }\n\n return secrets;\n }, 'fetchAllSecretData');\n });\n }\n\n /\n Update the password of the seedless onboarding flow.\n \n Changing password will also update the encryption key, metadata store and the vault with new encrypted values.\n \n @param newPassword - The new password to update.\n * @param oldPassword - The old password to verify.\n * @returns A promise that resolves to the success of the operation.\n /\n async changePassword(newPassword: string, oldPassword: string) {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n // verify the old password of the encrypted vault\n await this.verifyVaultPassword(oldPassword, {\n skipLock: true, // skip lock since we already have the lock\n });\n\n const { latestKeyIndex } = await this.#assertPasswordInSync({\n skipCache: true,\n skipLock: true, // skip lock since we already have the lock\n });\n\n const attemptChangePassword = async (): Promise<void> => {\n // load keyring encryption key if it exists\n let keyringEncryptionKey: string \| undefined;\n if (this.state.encryptedKeyringEncryptionKey) {\n keyringEncryptionKey = await this.loadKeyringEncryptionKey();\n }\n\n // update the encryption key with new password and update the Metadata Store\n const {\n encKey: newEncKey,\n pwEncKey: newPwEncKey,\n authKeyPair: newAuthKeyPair,\n } = await this.#changeEncryptionKey({\n oldPassword,\n newPassword,\n latestKeyIndex,\n });\n\n // update and encrypt the vault with new password\n await this.#createNewVaultWithAuthData({\n password: newPassword,\n rawToprfEncryptionKey: newEncKey,\n rawToprfPwEncryptionKey: newPwEncKey,\n rawToprfAuthKeyPair: newAuthKeyPair,\n });\n\n this.#resetPasswordOutdatedCache();\n\n // store the keyring encryption key if it exists\n if (keyringEncryptionKey) {\n await this.storeKeyringEncryptionKey(keyringEncryptionKey);\n }\n };\n\n try {\n await this.#executeWithTokenRefresh(\n attemptChangePassword,\n 'changePassword',\n );\n } catch (error) {\n log('Error changing password', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToChangePassword,\n );\n }\n });\n }\n\n /\n Update the backup metadata state for the given secret data.\n \n @param secretData - The data to backup, can be a single backup or array of backups.\n * @param secretData.keyringId - The keyring id associated with the backup secret data.\n * @param secretData.data - The secret data to update the backup metadata state.\n /\n updateBackupMetadataState(\n secretData:\n \| (Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array })\n \| (Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array })[],\n ) {\n this.#assertIsUnlocked();\n\n this.#filterDupesAndUpdateSocialBackupsMetadata(secretData);\n }\n\n /\n Verify the password validity by decrypting the vault.\n \n @param password - The password to verify.\n * @param options - Optional options object.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to the success of the operation.\n * @throws {Error} If the password is invalid or the vault is not initialized.\n /\n async verifyVaultPassword(\n password: string,\n options?: {\n skipLock?: boolean;\n },\n ): Promise<void> {\n const doVerify = async () => {\n if (!this.state.vault) {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultError);\n }\n await this.#vaultEncryptor.decrypt(password, this.state.vault);\n };\n return options?.skipLock\n ? await doVerify()\n : await this.#withControllerLock(doVerify);\n }\n\n /\n Get backup state of the given secret data, from the controller state.\n \n If the given secret data is not backed up and not found in the state, it will return `undefined`.\n \n @param data - The data to get the backup state of.\n * @param type - The type of the secret data.\n * @returns The backup state of the given secret data.\n /\n getSecretDataBackupState(\n data: Uint8Array,\n type: SecretType = SecretType.Mnemonic,\n ): SocialBackupsMetadata \| undefined {\n const secretDataHash = keccak256AndHexify(data);\n return this.state.socialBackupsMetadata.find(\n (backup) => backup.hash === secretDataHash && backup.type === type,\n );\n }\n\n /\n Submit the password to the controller, verify the password validity and unlock the controller.\n \n This method will be used especially when user rehydrate/unlock the wallet.\n * The provided password will be verified against the encrypted vault, encryption key will be derived and saved in the controller state.\n \n This operation is useful when user performs some actions that requires the user password/encryption key. e.g. add new srp backup\n \n @param password - The password to submit.\n * @returns A promise that resolves to the success of the operation.\n /\n async submitPassword(password: string): Promise<void> {\n return await this.#withControllerLock(async () => {\n await this.#unlockVaultAndGetVaultData({ password });\n this.#setUnlocked();\n });\n }\n\n /\n Set the controller to locked state, and deallocate the secrets (vault encryption key and salt).\n \n When the controller is locked, the user will not be able to perform any operations on the controller/vault.\n \n @returns A promise that resolves to the success of the operation.\n /\n async setLocked() {\n return await this.#withControllerLock(async () => {\n this.update((state) => {\n delete state.vaultEncryptionKey;\n delete state.vaultEncryptionSalt;\n delete state.revokeToken;\n delete state.accessToken;\n });\n\n this.#cachedDecryptedVaultData = undefined;\n this.#isUnlocked = false;\n });\n }\n\n /\n Sync the latest global password to the controller.\n * reset vault with latest globalPassword,\n * persist the latest global password authPubKey\n \n @param params - The parameters for syncing the latest global password.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the success of the operation.\n /\n async syncLatestGlobalPassword({\n globalPassword,\n }: {\n globalPassword: string;\n }) {\n return await this.#withControllerLock(async () => {\n this.#assertIsUnlocked();\n const doSyncPassword = async () => {\n // update vault with latest globalPassword\n const { encKey, pwEncKey, authKeyPair } =\n await this.#recoverEncKey(globalPassword);\n // update and encrypt the vault with new password\n await this.#createNewVaultWithAuthData({\n password: globalPassword,\n rawToprfEncryptionKey: encKey,\n rawToprfPwEncryptionKey: pwEncKey,\n rawToprfAuthKeyPair: authKeyPair,\n });\n\n this.#resetPasswordOutdatedCache();\n };\n return await this.#executeWithTokenRefresh(\n doSyncPassword,\n 'syncLatestGlobalPassword',\n );\n });\n }\n\n /\n @description Unlock the controller with the latest global password.\n \n @param params - The parameters for unlocking the controller.\n * @param params.maxKeyChainLength - The maximum chain length of the pwd encryption keys.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the success of the operation.\n /\n async submitGlobalPassword({\n globalPassword,\n maxKeyChainLength = 5,\n }: {\n globalPassword: string;\n maxKeyChainLength?: number;\n }): Promise<void> {\n return await this.#withControllerLock(async () => {\n return await this.#executeWithTokenRefresh(async () => {\n const currentDeviceAuthPubKey = this.#recoverAuthPubKey();\n await this.#submitGlobalPassword({\n targetAuthPubKey: currentDeviceAuthPubKey,\n globalPassword,\n maxKeyChainLength,\n });\n }, 'submitGlobalPassword');\n });\n }\n\n /\n @description Submit the global password to the controller, verify the\n * password validity and unlock the controller.\n \n @param params - The parameters for submitting the global password.\n * @param params.maxKeyChainLength - The maximum chain length of the pwd encryption keys.\n * @param params.targetAuthPubKey - The target public key of the keyring\n * encryption key to recover.\n * @param params.globalPassword - The latest global password.\n * @returns A promise that resolves to the keyring encryption key\n * corresponding to the current authPubKey in state.\n /\n async #submitGlobalPassword({\n targetAuthPubKey,\n globalPassword,\n maxKeyChainLength,\n }: {\n targetAuthPubKey: SEC1EncodedPublicKey;\n globalPassword: string;\n maxKeyChainLength: number;\n }): Promise<void> {\n const { pwEncKey: curPwEncKey, authKeyPair: curAuthKeyPair } =\n await this.#recoverEncKey(globalPassword);\n\n try {\n // Recover vault encryption key.\n const res = await this.toprfClient.recoverPwEncKey({\n targetAuthPubKey,\n curPwEncKey,\n curAuthKeyPair,\n maxPwChainLength: maxKeyChainLength,\n });\n const { pwEncKey } = res;\n const vaultKey = await this.#loadSeedlessEncryptionKey(pwEncKey);\n\n // Unlock the controller\n await this.#unlockVaultAndGetVaultData({\n encryptionKey: vaultKey,\n });\n this.#setUnlocked();\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n if (this.#isMaxKeyChainLengthError(error)) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.MaxKeyChainLengthExceeded,\n );\n }\n throw PasswordSyncError.getInstance(error);\n }\n }\n\n /\n @description Check if the current password is outdated compare to the global password.\n \n @param options - Optional options object.\n * @param options.globalAuthPubKey - The global auth public key to compare with the current auth public key.\n * If not provided, the global auth public key will be fetched from the backend.\n * @param options.skipCache - If true, bypass the cache and force a fresh check.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns A promise that resolves to true if the password is outdated, false otherwise.\n /\n async checkIsPasswordOutdated(options?: {\n skipCache?: boolean;\n skipLock?: boolean;\n globalAuthPubKey?: SEC1EncodedPublicKey;\n }): Promise<boolean> {\n const doCheckIsPasswordExpired = async () => {\n // cache result to reduce load on infra\n // Check cache first unless skipCache is true\n if (!options?.skipCache) {\n const { passwordOutdatedCache } = this.state;\n const now = Date.now();\n const isCacheValid =\n passwordOutdatedCache &&\n now - passwordOutdatedCache.timestamp <\n this.#passwordOutdatedCacheTTL;\n\n if (isCacheValid) {\n return passwordOutdatedCache.isExpiredPwd;\n }\n }\n\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n const currentDeviceAuthPubKey = this.#recoverAuthPubKey();\n\n let globalAuthPubKey = options?.globalAuthPubKey;\n if (!globalAuthPubKey) {\n const { authPubKey } = await this.toprfClient\n .fetchAuthPubKey({\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n })\n .catch((error) => {\n log('Error fetching auth pub key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchAuthPubKey,\n );\n });\n globalAuthPubKey = authPubKey;\n }\n\n // use noble lib to deserialize and compare curve point\n const isExpiredPwd = !secp256k1.ProjectivePoint.fromHex(\n currentDeviceAuthPubKey,\n ).equals(secp256k1.ProjectivePoint.fromHex(globalAuthPubKey));\n // Cache the result in state\n this.update((state) => {\n state.passwordOutdatedCache = { isExpiredPwd, timestamp: Date.now() };\n });\n return isExpiredPwd;\n };\n\n return await this.#executeWithTokenRefresh(\n async () =>\n options?.skipLock\n ? await doCheckIsPasswordExpired()\n : await this.#withControllerLock(doCheckIsPasswordExpired),\n 'checkIsPasswordOutdated',\n );\n }\n\n /\n Check if the user is authenticated with the seedless onboarding flow by checking the token values in the state.\n \n This method will check the `accessToken` and `revokeToken` in the state, besides the social login authentication details.\n * If both are present, the user is authenticated.\n * If either is missing, the user is not authenticated.\n \n This method is useful when we want to check if the state has valid authenticated user details to perform vault creations.\n \n @returns True if the user is authenticated, false otherwise.\n /\n async getIsUserAuthenticated(): Promise<boolean> {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n return Boolean(this.state.accessToken) && Boolean(this.state.revokeToken);\n } catch {\n return false;\n }\n }\n\n #setUnlocked(): void {\n this.#isUnlocked = true;\n }\n\n /\n Clears the current state of the SeedlessOnboardingController.\n /\n clearState() {\n const defaultState =\n getInitialSeedlessOnboardingControllerStateWithDefaults();\n this.update(() => {\n return defaultState;\n });\n }\n\n /\n Persist the encryption key for the seedless onboarding flow.\n \n @param oprfKey - The OPRF key to be splited and persisted.\n * @param authPubKey - The authentication public key.\n * @returns A promise that resolves to the success of the operation.\n /\n async #persistOprfKey(oprfKey: bigint, authPubKey: SEC1EncodedPublicKey) {\n this.#assertIsAuthenticatedUser(this.state);\n const { authConnectionId, groupedAuthConnectionId, userId } = this.state;\n\n try {\n await this.toprfClient.persistLocalKey({\n nodeAuthTokens: this.state.nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n oprfKey,\n authPubKey,\n });\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n log('Error persisting local encryption key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToPersistOprfKey,\n );\n }\n }\n\n /\n Persist the authentication public key for the seedless onboarding flow.\n * convert to suitable format before persisting.\n \n @param params - The parameters for persisting the authentication public key.\n * @param params.authPubKey - The authentication public key to be persisted.\n /\n #persistAuthPubKey(params: { authPubKey: SEC1EncodedPublicKey }): void {\n this.update((state) => {\n state.authPubKey = bytesToBase64(params.authPubKey);\n });\n }\n\n /\n Store the keyring encryption key in state, encrypted under the current\n * encryption key.\n \n @param keyringEncryptionKey - The keyring encryption key.\n /\n async storeKeyringEncryptionKey(keyringEncryptionKey: string) {\n const { toprfPwEncryptionKey: encKey } =\n await this.#unlockVaultAndGetVaultData();\n await this.#storeKeyringEncryptionKey(encKey, keyringEncryptionKey);\n }\n\n /\n Load the keyring encryption key from state, decrypted under the current\n * encryption key.\n \n @returns The keyring encryption key.\n /\n async loadKeyringEncryptionKey() {\n const { toprfPwEncryptionKey: encKey } =\n await this.#unlockVaultAndGetVaultData();\n return await this.#loadKeyringEncryptionKey(encKey);\n }\n\n /\n Encrypt the keyring encryption key and store it in state.\n \n @param encKey - The encryption key.\n * @param keyringEncryptionKey - The keyring encryption key.\n /\n async #storeKeyringEncryptionKey(\n encKey: Uint8Array,\n keyringEncryptionKey: string,\n ) {\n const aes = managedNonce(gcm)(encKey);\n const encryptedKeyringEncryptionKey = aes.encrypt(\n utf8ToBytes(keyringEncryptionKey),\n );\n this.update((state) => {\n state.encryptedKeyringEncryptionKey = bytesToBase64(\n encryptedKeyringEncryptionKey,\n );\n });\n }\n\n /\n Decrypt the keyring encryption key from state.\n \n @param encKey - The encryption key.\n * @returns The keyring encryption key.\n /\n async #loadKeyringEncryptionKey(encKey: Uint8Array) {\n const { encryptedKeyringEncryptionKey: encryptedKey } = this.state;\n assertIsEncryptedKeyringEncryptionKeySet(encryptedKey);\n const encryptedPasswordBytes = base64ToBytes(encryptedKey);\n const aes = managedNonce(gcm)(encKey);\n const password = aes.decrypt(encryptedPasswordBytes);\n return bytesToUtf8(password);\n }\n\n /\n Decrypt the seedless encryption key from state.\n \n @param encKey - The encryption key.\n * @returns The seedless encryption key.\n /\n async #loadSeedlessEncryptionKey(encKey: Uint8Array) {\n const { encryptedSeedlessEncryptionKey: encryptedKey } = this.state;\n assertIsEncryptedSeedlessEncryptionKeySet(encryptedKey);\n const encryptedKeyBytes = base64ToBytes(encryptedKey);\n const aes = managedNonce(gcm)(encKey);\n const seedlessEncryptionKey = aes.decrypt(encryptedKeyBytes);\n return bytesToUtf8(seedlessEncryptionKey);\n }\n\n /\n Recover the authentication public key from the state.\n * convert to pubkey format before recovering.\n \n @returns The authentication public key.\n /\n #recoverAuthPubKey(): SEC1EncodedPublicKey {\n const { authPubKey } = this.state;\n if (!authPubKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.SRPNotBackedUpError,\n );\n }\n\n return base64ToBytes(authPubKey);\n }\n\n /\n Recover the encryption key from password.\n \n @param password - The password used to derive/recover the encryption key.\n * @returns A promise that resolves to the encryption key and authentication key pair.\n * @throws RecoveryError - If failed to recover the encryption key.\n /\n async #recoverEncKey(\n password: string,\n ): Promise<Omit<RecoverEncryptionKeyResult, 'rateLimitResetResult'>> {\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n try {\n const recoverEncKeyResult = await this.toprfClient.recoverEncKey({\n nodeAuthTokens,\n password,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n });\n return recoverEncKeyResult;\n } catch (error) {\n // throw token expired error for token refresh handler\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n\n throw RecoveryError.getInstance(error);\n }\n }\n\n async #fetchAllSecretDataFromMetadataStore(\n encKey: Uint8Array,\n authKeyPair: KeyPair,\n ) {\n let secretData: Uint8Array[] = [];\n try {\n // fetch and decrypt the secret data from the metadata store\n secretData = await this.toprfClient.fetchAllSecretDataItems({\n decKey: encKey,\n authKeyPair,\n });\n } catch (error) {\n log('Error fetching secret data', error);\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchSecretMetadata,\n );\n }\n\n // user must have at least one secret data\n if (secretData?.length > 0) {\n const secrets = SecretMetadata.parseSecretsFromMetadataStore(secretData);\n // validate the primary secret data is a mnemonic (SRP)\n const primarySecret = secrets[0];\n if (primarySecret.type !== SecretType.Mnemonic) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidPrimarySecretDataType,\n );\n }\n return secrets;\n }\n\n throw new Error(SeedlessOnboardingControllerErrorMessage.NoSecretDataFound);\n }\n\n /\n Update the encryption key with new password and update the Metadata Store with new encryption key.\n \n @param params - The function parameters.\n * @param params.oldPassword - The old password to verify.\n * @param params.newPassword - The new password to update.\n * @param params.latestKeyIndex - The key index of the latest key.\n * @returns A promise that resolves to new encryption key and authentication key pair.\n /\n async #changeEncryptionKey({\n oldPassword,\n newPassword,\n latestKeyIndex,\n }: {\n newPassword: string;\n oldPassword: string;\n latestKeyIndex?: number;\n }) {\n this.#assertIsAuthenticatedUser(this.state);\n const { authConnectionId, groupedAuthConnectionId, userId } = this.state;\n\n let encKey: Uint8Array;\n let pwEncKey: Uint8Array;\n let authKeyPair: KeyPair;\n let globalKeyIndex = latestKeyIndex;\n if (!globalKeyIndex) {\n ({\n encKey,\n pwEncKey,\n authKeyPair,\n keyShareIndex: globalKeyIndex,\n } = await this.#recoverEncKey(oldPassword));\n } else {\n ({\n toprfEncryptionKey: encKey,\n toprfPwEncryptionKey: pwEncKey,\n toprfAuthKeyPair: authKeyPair,\n } = await this.#unlockVaultAndGetVaultData({ password: oldPassword }));\n }\n const result = await this.toprfClient.changeEncKey({\n nodeAuthTokens: this.state.nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n oldEncKey: encKey,\n oldPwEncKey: pwEncKey,\n oldAuthKeyPair: authKeyPair,\n newKeyShareIndex: globalKeyIndex,\n newPassword,\n });\n return result;\n }\n\n /\n Encrypt and store the secret data backup in the metadata store.\n \n @param params - The parameters for encrypting and storing the secret data backup.\n * @param params.data - The secret data to store.\n * @param params.type - The type of the secret data.\n * @param params.encKey - The encryption key to store.\n * @param params.authKeyPair - The authentication key pair to store.\n * @param params.options - Optional options object, which includes optional data to be added to the metadata store.\n * @param params.options.keyringId - The keyring id of the backup keyring (SRP).\n \n @returns A promise that resolves to the success of the operation.\n /\n async #encryptAndStoreSecretData(params: {\n data: Uint8Array;\n type: SecretType;\n encKey: Uint8Array;\n authKeyPair: KeyPair;\n options?: {\n keyringId?: string;\n };\n }): Promise<void> {\n const { options, data, encKey, authKeyPair, type } = params;\n\n // before encrypting and create backup, we will check the state if the secret data is already backed up\n const backupState = this.getSecretDataBackupState(data, type);\n if (backupState) {\n return;\n }\n\n const secretMetadata = new SecretMetadata(data, {\n type,\n });\n const secretData = secretMetadata.toBytes();\n\n const keyringId = options?.keyringId as string;\n if (type === SecretType.Mnemonic && !keyringId) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.MissingKeyringId,\n );\n }\n\n try {\n await this.#withPersistedSecretMetadataBackupsState(async () => {\n await this.toprfClient.addSecretDataItem({\n encKey,\n secretData,\n authKeyPair,\n });\n return {\n keyringId,\n data,\n type,\n };\n });\n } catch (error) {\n if (this.#isAuthTokenError(error)) {\n throw error;\n }\n log('Error encrypting and storing secret data backup', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToEncryptAndStoreSecretData,\n );\n }\n }\n\n /\n Unlocks the encrypted vault using the provided password and returns the decrypted vault data.\n * This method ensures thread-safety by using a mutex lock when accessing the vault.\n \n @param params - The parameters for unlocking the vault.\n * @param params.password - The optional password to unlock the vault.\n * @param params.encryptionKey - The optional encryption key to unlock the vault.\n * @returns A promise that resolves to an object containing:\n * - toprfEncryptionKey: The decrypted TOPRF encryption key\n * - toprfAuthKeyPair: The decrypted TOPRF authentication key pair\n * - revokeToken: The decrypted revoke token\n * - accessToken: The decrypted access token\n * @throws {Error} If:\n * - The password is invalid or empty\n * - The vault is not initialized\n * - The password is incorrect (from encryptor.decrypt)\n * - The decrypted vault data is malformed\n /\n async #unlockVaultAndGetVaultData(params?: {\n password?: string;\n encryptionKey?: string;\n }): Promise<DeserializedVaultData> {\n return this.#withVaultLock(async () => {\n if (this.#cachedDecryptedVaultData) {\n return this.#cachedDecryptedVaultData;\n }\n\n const { vaultData, vaultEncryptionKey, vaultEncryptionSalt } =\n await this.#decryptAndParseVaultData(params);\n\n this.update((state) => {\n state.vaultEncryptionKey = vaultEncryptionKey;\n state.vaultEncryptionSalt = vaultEncryptionSalt;\n state.revokeToken = vaultData.revokeToken;\n state.accessToken = vaultData.accessToken;\n });\n\n const deserializedVaultData = deserializeVaultData(vaultData);\n this.#cachedDecryptedVaultData = deserializedVaultData;\n return deserializedVaultData;\n });\n }\n\n /\n Decrypts the vault data and parses it into a usable format.\n \n @param params - The parameters for decrypting the vault.\n * @param params.password - The optional password to decrypt the vault.\n * @param params.encryptionKey - The optional encryption key to decrypt the vault.\n * @returns A promise that resolves to an object containing:\n /\n async #decryptAndParseVaultData(params?: {\n password?: string;\n encryptionKey?: string;\n }): Promise<{\n vaultData: VaultData;\n vaultEncryptionKey: string;\n vaultEncryptionSalt?: string;\n }> {\n let { vaultEncryptionKey, vaultEncryptionSalt } = this.state;\n const { vault: encryptedVault } = this.state;\n\n if (!encryptedVault) {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultError);\n }\n\n if (params?.encryptionKey) {\n vaultEncryptionKey = params.encryptionKey;\n }\n\n let decryptedVaultData: unknown;\n\n // if the encryption key is available, we will use it to decrypt the vault\n if (vaultEncryptionKey) {\n const parsedEncryptedVault = JSON.parse(encryptedVault);\n\n if (\n vaultEncryptionSalt &&\n vaultEncryptionSalt !== parsedEncryptedVault.salt\n ) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.ExpiredCredentials,\n );\n }\n\n const key = await this.#vaultEncryptor.importKey(vaultEncryptionKey);\n decryptedVaultData = await this.#vaultEncryptor.decryptWithKey(\n key,\n parsedEncryptedVault,\n );\n } else {\n // if the encryption key is not available, we will use the password to decrypt the vault\n assertIsValidPassword(params?.password);\n // Note that vault decryption using the password is a very costly operation as it involves deriving the encryption key\n // from the password using an intentionally slow key derivation function.\n // We should make sure that we only call it very intentionally.\n const result = await this.#vaultEncryptor.decryptWithDetail(\n params.password,\n encryptedVault,\n );\n decryptedVaultData = result.vault;\n vaultEncryptionKey = result.exportedKeyString;\n vaultEncryptionSalt = result.salt;\n }\n\n const vaultData = this.#parseVaultData(decryptedVaultData);\n\n return {\n vaultData,\n vaultEncryptionKey,\n vaultEncryptionSalt,\n };\n }\n\n /\n Executes a callback function that creates or restores secret data and persists their hashes in the controller state.\n \n This method:\n * 1. Executes the provided callback to create/restore secret data\n * 2. Generates keccak256 hashes of the secret data\n * 3. Merges new hashes with existing ones in the state, ensuring uniqueness\n * 4. Updates the controller state with the combined hashes\n \n This is a wrapper method that should be used around any operation that creates\n * or restores secret data to ensure their hashes are properly tracked.\n \n @param createSecretMetadataBackupCallback - function that returns either a single secret data\n * or an array of secret data as Uint8Array(s)\n * @returns The original secret data(s) returned by the callback\n * @throws Rethrows any errors from the callback with additional logging\n /\n async #withPersistedSecretMetadataBackupsState(\n createSecretMetadataBackupCallback: () => Promise<\n Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array }\n >,\n ): Promise<Omit<SocialBackupsMetadata, 'hash'> & { data: Uint8Array }> {\n try {\n const newBackup = await createSecretMetadataBackupCallback();\n\n this.#filterDupesAndUpdateSocialBackupsMetadata(newBackup);\n\n return newBackup;\n } catch (error) {\n log('Error persisting secret data backups', error);\n throw error;\n }\n }\n\n /\n Updates the social backups metadata state by adding new unique secret data backups.\n * This method ensures no duplicate backups are stored by checking the hash of each secret data.\n \n @param secretData - The backup data to add to the state\n * @param secretData.data - The secret data to backup as a Uint8Array\n * @param secretData.keyringId - The optional keyring id of the backup keyring (SRP).\n * @param secretData.type - The type of the secret data.\n /\n #filterDupesAndUpdateSocialBackupsMetadata(\n secretData:\n \| {\n data: Uint8Array;\n keyringId?: string;\n type: SecretType;\n }\n \| {\n data: Uint8Array;\n keyringId?: string;\n type: SecretType;\n }[],\n ) {\n const currentBackupsMetadata = this.state.socialBackupsMetadata;\n\n const newBackupsMetadata = Array.isArray(secretData)\n ? secretData\n : [secretData];\n const filteredNewBackupsMetadata: SocialBackupsMetadata[] = [];\n\n // filter out the backed up metadata that already exists in the state\n // to prevent duplicates\n newBackupsMetadata.forEach((item) => {\n const { keyringId, data, type } = item;\n const backupHash = keccak256AndHexify(data);\n\n const backupStateAlreadyExisted = currentBackupsMetadata.some(\n (backup) => backup.hash === backupHash && backup.type === type,\n );\n\n if (!backupStateAlreadyExisted) {\n filteredNewBackupsMetadata.push({\n keyringId,\n hash: backupHash,\n type,\n });\n }\n });\n\n if (filteredNewBackupsMetadata.length > 0) {\n this.update((state) => {\n state.socialBackupsMetadata = [\n ...state.socialBackupsMetadata,\n ...filteredNewBackupsMetadata,\n ];\n });\n }\n }\n\n /\n Create a new vault with the given authentication data.\n \n Serialize the authentication and key data which will be stored in the vault.\n \n @param params - The parameters for creating a new vault.\n * @param params.password - The password to encrypt the vault.\n * @param params.rawToprfEncryptionKey - The encryption key to encrypt the vault.\n * @param params.rawToprfPwEncryptionKey - The encryption key to encrypt the password.\n * @param params.rawToprfAuthKeyPair - The authentication key pair for Toprf operations.\n /\n async #createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey,\n rawToprfPwEncryptionKey,\n rawToprfAuthKeyPair,\n }: {\n password: string;\n rawToprfEncryptionKey: Uint8Array;\n rawToprfPwEncryptionKey: Uint8Array;\n rawToprfAuthKeyPair: KeyPair;\n }): Promise<void> {\n this.#assertIsAuthenticatedUser(this.state);\n\n const { accessToken, revokeToken } =\n await this.#getAccessTokenAndRevokeToken(password);\n\n const vaultData: DeserializedVaultData = {\n toprfAuthKeyPair: rawToprfAuthKeyPair,\n toprfEncryptionKey: rawToprfEncryptionKey,\n toprfPwEncryptionKey: rawToprfPwEncryptionKey,\n revokeToken,\n accessToken,\n };\n\n await this.#updateVault({\n password,\n vaultData,\n pwEncKey: rawToprfPwEncryptionKey,\n });\n\n // update the authPubKey in the state\n this.#persistAuthPubKey({\n authPubKey: rawToprfAuthKeyPair.pk,\n });\n\n this.#setUnlocked();\n }\n\n /\n Encrypt and update the vault with the given authentication data.\n \n @param params - The parameters for updating the vault.\n * @param params.password - The password to encrypt the vault.\n * @param params.vaultData - The raw vault data to update the vault with.\n * @param params.pwEncKey - The global password encryption key.\n * @returns A promise that resolves to the updated vault.\n /\n async #updateVault({\n password,\n vaultData,\n pwEncKey,\n }: {\n password: string;\n vaultData: DeserializedVaultData;\n pwEncKey: Uint8Array;\n }): Promise<void> {\n await this.#withVaultLock(async () => {\n assertIsValidPassword(password);\n\n // cache the vault data to avoid decrypting the vault data multiple times\n this.#cachedDecryptedVaultData = vaultData;\n\n const serializedVaultData = serializeVaultData(vaultData);\n\n // Note that vault encryption using the password is a very costly operation as it involves deriving the encryption key\n // from the password using an intentionally slow key derivation function.\n // We should make sure that we only call it very intentionally.\n const { vault, exportedKeyString } =\n await this.#vaultEncryptor.encryptWithDetail(\n password,\n serializedVaultData,\n );\n\n // Encrypt vault key.\n const aes = managedNonce(gcm)(pwEncKey);\n const encryptedKey = aes.encrypt(utf8ToBytes(exportedKeyString));\n\n this.update((state) => {\n state.vault = vault;\n state.vaultEncryptionKey = exportedKeyString;\n state.vaultEncryptionSalt = JSON.parse(vault).salt;\n state.encryptedSeedlessEncryptionKey = bytesToBase64(encryptedKey);\n });\n });\n }\n\n /\n Get the access token and revoke token from the state or the vault.\n \n @param password - The password to decrypt the vault.\n * @returns The access token and revoke token.\n /\n async #getAccessTokenAndRevokeToken(\n password: string,\n ): Promise<{ accessToken: string; revokeToken: string }> {\n let { accessToken, revokeToken } = this.state;\n // `accessToken` and `revokeToken` are both available in the state, `ONLY` when the wallet (vault) is unlocked\n // or during the period between the social authentication and the vault creation during the onboarding flow.\n if (accessToken && revokeToken) {\n return { accessToken, revokeToken };\n }\n\n // if `password` is provided to decrypt the vault, decrypt the vault and get the access token and revoke token from the vault\n if (this.state.vault) {\n // if the access token or revoke token is not available in the state, decrypt the vault and get the access token and revoke token from the vault\n const { vaultData } = await this.#decryptAndParseVaultData({ password });\n accessToken = accessToken \|\| vaultData.accessToken;\n revokeToken = revokeToken \|\| vaultData.revokeToken;\n }\n\n // we should always throw an error if the access token or revoke token is not available\n // to prevent the caller from using the controller in an invalid state\n\n if (!accessToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidAccessToken,\n );\n }\n\n if (!revokeToken) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidRevokeToken,\n );\n }\n\n return { accessToken, revokeToken };\n }\n\n /\n Lock the controller mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n This wrapper ensures that each mutable operation that interacts with the\n * controller and that changes its state is executed in a mutually exclusive way,\n * preventing unsafe concurrent access that could lead to unpredictable behavior.\n \n @param callback - The function to execute while the controller mutex is locked.\n * @returns The result of the function.\n /\n async #withControllerLock<Result>(\n callback: MutuallyExclusiveCallback<Result>,\n ): Promise<Result> {\n return await withLock(this.#controllerOperationMutex, callback);\n }\n\n /\n Lock the vault mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n This ensures that each operation that interacts with the vault\n * is executed in a mutually exclusive way.\n \n @param callback - The function to execute while the vault mutex is locked.\n * @returns The result of the function.\n /\n async #withVaultLock<Result>(\n callback: MutuallyExclusiveCallback<Result>,\n ): Promise<Result> {\n return await withLock(this.#vaultOperationMutex, callback);\n }\n\n /\n Parse and deserialize the authentication data from the vault.\n \n @param data - The decrypted vault data.\n * @returns The parsed authentication data.\n * @throws If the vault data is not valid.\n /\n #parseVaultData(data: unknown): VaultData {\n if (typeof data !== 'string') {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);\n }\n\n let parsedVaultData: unknown;\n try {\n parsedVaultData = JSON.parse(data);\n } catch {\n throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);\n }\n\n assertIsValidVaultData(parsedVaultData);\n\n return parsedVaultData;\n }\n\n #assertIsUnlocked(): void {\n if (!this.#isUnlocked) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.ControllerLocked,\n );\n }\n }\n\n /\n Assert that the provided value contains valid authenticated user information.\n \n This method checks that the value is an object containing:\n * - nodeAuthTokens: A non-empty array of authentication tokens\n * - authConnectionId: A string identifier for the OAuth connection\n * - groupedAuthConnectionId: A string identifier for grouped OAuth connections\n * - userId: A string identifier for the authenticated user\n \n @param value - The value to validate.\n * @throws {Error} If the value does not contain valid authenticated user information.\n /\n #assertIsAuthenticatedUser(\n value: unknown,\n ): asserts value is AuthenticatedUserDetails {\n try {\n assertIsSeedlessOnboardingUserAuthenticated(value);\n } catch (error) {\n this.update((state) => {\n state.isSeedlessOnboardingUserAuthenticated = false;\n });\n throw error;\n }\n }\n\n /\n Assert that the password is in sync with the global password.\n \n @param options - The options for asserting the password is in sync.\n * @param options.skipCache - Whether to skip the cache check.\n * @param options.skipLock - Whether to skip the lock acquisition. (to prevent deadlock in case the caller already acquired the lock)\n * @returns The global auth public key and the latest key index.\n * @throws If the password is outdated.\n /\n async #assertPasswordInSync(options?: {\n skipCache?: boolean;\n skipLock?: boolean;\n }): Promise<{\n authPubKey: SEC1EncodedPublicKey;\n latestKeyIndex: number;\n }> {\n this.#assertIsAuthenticatedUser(this.state);\n const {\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n } = this.state;\n\n const { authPubKey, keyIndex: latestKeyIndex } = await this.toprfClient\n .fetchAuthPubKey({\n nodeAuthTokens,\n authConnectionId,\n groupedAuthConnectionId,\n userId,\n })\n .catch((error) => {\n log('Error fetching auth pub key', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToFetchAuthPubKey,\n );\n });\n const isPasswordOutdated = await this.checkIsPasswordOutdated({\n ...options,\n globalAuthPubKey: authPubKey,\n });\n if (isPasswordOutdated) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.OutdatedPassword,\n );\n }\n return { authPubKey, latestKeyIndex };\n }\n\n #resetPasswordOutdatedCache(): void {\n this.update((state) => {\n delete state.passwordOutdatedCache;\n });\n }\n\n /\n Refresh expired nodeAuthTokens, accessToken, and metadataAccessToken using the stored refresh token.\n \n This method retrieves the refresh token from the vault and uses it to obtain\n * new nodeAuthTokens when the current ones have expired.\n \n @returns A promise that resolves to the new nodeAuthTokens.\n /\n async refreshAuthTokens(): Promise<void> {\n this.#assertIsAuthenticatedUser(this.state);\n const { refreshToken } = this.state;\n\n const res = await this.#refreshJWTToken({\n connection: this.state.authConnection,\n refreshToken,\n }).catch((error) => {\n log('Error refreshing JWT tokens', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.FailedToRefreshJWTTokens,\n );\n });\n\n try {\n const { idTokens, accessToken, metadataAccessToken } = res;\n // re-authenticate with the new id tokens to set new node auth tokens\n // NOTE: here we can't provide the `revokeToken` value to the `authenticate` method because `refreshAuthTokens` method can be called when the wallet (vault) is locked\n await this.authenticate({\n idTokens,\n accessToken,\n metadataAccessToken,\n authConnection: this.state.authConnection,\n authConnectionId: this.state.authConnectionId,\n groupedAuthConnectionId: this.state.groupedAuthConnectionId,\n userId: this.state.userId,\n refreshToken,\n skipLock: true,\n });\n } catch (error) {\n log('Error refreshing node auth tokens', error);\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.AuthenticationError,\n );\n }\n }\n\n /\n Renew the refresh token - get new refresh token and new revoke token\n * and also updates the vault with the new revoke token.\n * This method is to be called after user is authenticated.\n \n @param password - The password to encrypt the vault.\n * @returns A Promise that resolves to void.\n /\n async renewRefreshToken(password: string) {\n return await this.#withControllerLock(async () => {\n this.#assertIsAuthenticatedUser(this.state);\n const { refreshToken, vaultEncryptionKey } = this.state;\n const {\n toprfEncryptionKey: rawToprfEncryptionKey,\n toprfPwEncryptionKey: rawToprfPwEncryptionKey,\n toprfAuthKeyPair: rawToprfAuthKeyPair,\n revokeToken,\n } = await this.#unlockVaultAndGetVaultData({\n password,\n encryptionKey: vaultEncryptionKey,\n });\n\n const { newRevokeToken, newRefreshToken } = await this.#renewRefreshToken(\n {\n connection: this.state.authConnection,\n revokeToken,\n },\n );\n\n if (newRevokeToken && newRefreshToken) {\n this.update((state) => {\n // set new revoke token in state temporarily for persisting in vault\n state.revokeToken = newRevokeToken;\n // set new refresh token to persist in state\n state.refreshToken = newRefreshToken;\n });\n\n // add the old refresh token to the list to be revoked later when possible\n this.#addRefreshTokenToRevokeList({\n refreshToken,\n revokeToken,\n });\n\n await this.#createNewVaultWithAuthData({\n password,\n rawToprfEncryptionKey,\n rawToprfPwEncryptionKey,\n rawToprfAuthKeyPair,\n });\n }\n });\n }\n\n /\n Revoke all pending refresh tokens.\n \n This method is to be called after user is authenticated.\n \n @returns A Promise that resolves to void.\n /\n async revokePendingRefreshTokens() {\n return await this.#withControllerLock(async () => {\n this.#assertIsAuthenticatedUser(this.state);\n const { pendingToBeRevokedTokens } = this.state;\n if (!pendingToBeRevokedTokens \|\| pendingToBeRevokedTokens.length === 0) {\n return;\n }\n\n // revoke all pending refresh tokens in parallel\n const promises = pendingToBeRevokedTokens.map(({ revokeToken }) => {\n const revokePromise = async (): Promise<string \| null> => {\n try {\n await this.#revokeRefreshToken({\n connection: this.state.authConnection as AuthConnection,\n revokeToken,\n });\n return revokeToken;\n } catch (error) {\n log('Error revoking refresh token', error);\n return null;\n }\n };\n return revokePromise();\n });\n const result = await Promise.all(promises); // no need to do Promise.allSettled because the promise already handle try catch\n // filter out the null values\n const revokedTokens = result.filter((token) => token !== null);\n if (revokedTokens.length > 0) {\n // update the state to remove the revoked tokens once all concurrent token revoke finish\n this.update((state) => {\n state.pendingToBeRevokedTokens =\n state.pendingToBeRevokedTokens?.filter(\n (token) => !revokedTokens.includes(token.revokeToken),\n );\n });\n }\n });\n }\n\n /\n Add a pending refresh, revoke token to the state to be revoked later.\n \n @param params - The parameters for adding a pending refresh, revoke token.\n * @param params.refreshToken - The refresh token to add.\n * @param params.revokeToken - The revoke token to add.\n /\n #addRefreshTokenToRevokeList({\n refreshToken,\n revokeToken,\n }: {\n refreshToken: string;\n revokeToken: string;\n }) {\n this.update((state) => {\n state.pendingToBeRevokedTokens = [\n ...(state.pendingToBeRevokedTokens \|\| []),\n { refreshToken, revokeToken },\n ];\n });\n }\n\n /\n Check if the provided error is an auth token error.\n \n This method checks if the error is a TOPRF error with AuthTokenExpired code or InvalidAuthToken code.\n \n @param error - The error to check.\n * @returns True if the error indicates auth token error, false otherwise.\n /\n #isAuthTokenError(error: unknown): boolean {\n if (error instanceof TOPRFError) {\n return (\n error.code === TOPRFErrorCode.AuthTokenExpired \|\|\n error.code === TOPRFErrorCode.InvalidAuthToken\n );\n }\n\n return false;\n }\n\n /\n Check if the provided error is a max key chain length error.\n \n This method checks if the error is a TOPRF error with MaxKeyChainLength code.\n \n @param error - The error to check.\n * @returns True if the error indicates max key chain length has been exceeded, false otherwise.\n /\n #isMaxKeyChainLengthError(error: unknown): boolean {\n if (error instanceof TOPRFError) {\n return (\n error.code ===\n (TOPRFErrorCode.MaxKeyChainLengthExceeded as typeof error.code)\n );\n }\n\n return false;\n }\n\n /\n Executes an operation with automatic token refresh on expiration.\n \n This wrapper method automatically handles token expiration by refreshing tokens\n * and retrying the operation. It can be used by any method that might encounter\n * token expiration errors.\n \n @param operation - The operation to execute that might require valid tokens.\n * @param operationName - A descriptive name for the operation (used in error messages).\n * @returns A promise that resolves to the result of the operation.\n * @throws The original error if it's not token-related, or refresh error if token refresh fails.\n /\n async #executeWithTokenRefresh<T>(\n operation: () => Promise<T>,\n operationName: string,\n ): Promise<T> {\n try {\n // proactively check for expired tokens and refresh them if needed\n const isNodeAuthTokenExpired = this.checkNodeAuthTokenExpired();\n const isMetadataAccessTokenExpired =\n this.checkMetadataAccessTokenExpired();\n // access token is only accessible when the vault is unlocked\n // so skip the check if the vault is locked\n let isAccessTokenExpired = false;\n if (this.#isUnlocked) {\n isAccessTokenExpired = this.checkAccessTokenExpired();\n }\n\n if (\n isNodeAuthTokenExpired \|\|\n isMetadataAccessTokenExpired \|\|\n isAccessTokenExpired\n ) {\n log(\n `JWT token expired during ${operationName}, attempting to refresh tokens`,\n 'node auth token exp check',\n );\n await this.refreshAuthTokens();\n }\n\n return await operation();\n } catch (error) {\n // Check if this is a token expiration error\n if (this.#isAuthTokenError(error)) {\n log(\n `Token expired during ${operationName}, attempting to refresh tokens`,\n error,\n );\n try {\n // Refresh the tokens\n await this.refreshAuthTokens();\n // Retry the operation with fresh tokens\n return await operation();\n } catch (refreshError) {\n log(`Error refreshing tokens during ${operationName}`, refreshError);\n throw refreshError;\n }\n } else {\n // Re-throw non-token-related errors\n throw error;\n }\n }\n }\n\n /\n Check if the current node auth token is expired.\n \n @returns True if the current node auth token is expired, false otherwise.\n /\n public checkNodeAuthTokenExpired(): boolean {\n this.#assertIsAuthenticatedUser(this.state);\n\n const { nodeAuthTokens } = this.state;\n // all auth tokens should be expired at the same time so we can check the first one\n const firstAuthToken = nodeAuthTokens[0]?.authToken;\n // node auth token is base64 encoded json object\n const decodedToken = decodeNodeAuthToken(firstAuthToken);\n // check if the token is expired\n return decodedToken.exp < Date.now() / 1000;\n }\n\n /\n Check if the current metadata access token is expired.\n \n @returns True if the metadata access token is expired, false otherwise.\n /\n public checkMetadataAccessTokenExpired(): boolean {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n const { metadataAccessToken } = this.state;\n // assertIsAuthenticatedUser will throw if metadataAccessToken is missing\n const decodedToken = decodeJWTToken(metadataAccessToken as string);\n return decodedToken.exp < Math.floor(Date.now() / 1000);\n } catch {\n return true; // Consider unauthenticated user as having expired tokens\n }\n }\n\n /\n Check if the current access token is expired.\n * When the vault is locked, the access token is not accessible, so we return false.\n \n @returns True if the access token is expired, false otherwise.\n /\n public checkAccessTokenExpired(): boolean {\n try {\n this.#assertIsAuthenticatedUser(this.state);\n const { accessToken } = this.state;\n if (!accessToken) {\n return true; // Consider missing token as expired\n }\n const decodedToken = decodeJWTToken(accessToken);\n return decodedToken.exp < Math.floor(Date.now() / 1000);\n } catch {\n return true; // Consider unauthenticated user as having expired tokens\n }\n }\n}\n\n/\n Assert that the provided password is a valid non-empty string.\n \n @param password - The password to check.\n * @throws If the password is not a valid string.\n /\nfunction assertIsValidPassword(password: unknown): asserts password is string {\n if (typeof password !== 'string') {\n throw new Error(SeedlessOnboardingControllerErrorMessage.WrongPasswordType);\n }\n\n if (!password?.length) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.InvalidEmptyPassword,\n );\n }\n}\n\n/\n Lock the given mutex before executing the given function,\n * and release it after the function is resolved or after an\n * error is thrown.\n \n @param mutex - The mutex to lock.\n * @param callback - The function to execute while the mutex is locked.\n * @returns The result of the function.\n /\nasync function withLock<Result>(\n mutex: Mutex,\n callback: MutuallyExclusiveCallback<Result>,\n): Promise<Result> {\n const releaseLock = await mutex.acquire();\n\n try {\n return await callback({ releaseLock });\n } finally {\n releaseLock();\n }\n}\n\n/\n Assert that the provided encrypted keyring encryption key is a valid non-empty string.\n \n @param encryptedKeyringEncryptionKey - The encrypted keyring encryption key to check.\n * @throws If the encrypted keyring encryption key is not a valid string.\n /\nfunction assertIsEncryptedKeyringEncryptionKeySet(\n encryptedKeyringEncryptionKey: string \| undefined,\n): asserts encryptedKeyringEncryptionKey is string {\n if (!encryptedKeyringEncryptionKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.EncryptedKeyringEncryptionKeyNotSet,\n );\n }\n}\n\n/\n Assert that the provided encrypted seedless encryption key is a valid non-empty string.\n \n @param encryptedSeedlessEncryptionKey - The encrypted seedless encryption key to check.\n * @throws If the encrypted seedless encryption key is not a valid string.\n */\nfunction assertIsEncryptedSeedlessEncryptionKeySet(\n encryptedSeedlessEncryptionKey: string \| undefined,\n): asserts encryptedSeedlessEncryptionKey is string {\n if (!encryptedSeedlessEncryptionKey) {\n throw new Error(\n SeedlessOnboardingControllerErrorMessage.EncryptedSeedlessEncryptionKeyNotSet,\n );\n }\n}\n"]}

package/dist/SeedlessOnboardingController.d.cts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SeedlessOnboardingController.d.cts","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,~~EAAsB~~,kCAAkC;~~AAC/E~~,OAAO,KAAK,KAAK,eAAe,qCAAqC;AACrE,OAAO,KAAK,EAGV,oBAAoB,EACrB,sCAAsC;AACvC,OAAO,EACL,iBAAiB,EAGlB,sCAAsC;AAiBvC,OAAO,KAAK,EAAE,cAAc,EAAE,wBAAoB;AAClD,OAAO,EACL,cAAc,EAEd,UAAU,EAGX,wBAAoB;AAGrB,OAAO,EAAE,cAAc,EAAE,6BAAyB;AAClD,OAAO,KAAK,EAEV,qCAAqC,EACrC,mCAAmC,EACnC,iCAAiC,EAEjC,qBAAqB,EAOtB,oBAAgB;AAUjB;;;;;GAKG;AACH,wBAAgB,uDAAuD,CACrE,SAAS,CAAC,EAAE,OAAO,CAAC,iCAAiC,CAAC,GACrD,iCAAiC,CAenC;AA4ID,qBAAa,4BAA4B,CACvC,aAAa,EACb,6BAA6B,GAAG,eAAe,CAAC,oBAAoB,CACpE,SAAQ,cAAc,CACtB,OAAO,cAAc,EACrB,iCAAiC,EACjC,qCAAqC,CACtC;;IAUC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IA2BxC;;;;;;;;;;;;;OAaG;gBACS,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAiC,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAyD,GAC1D,EAAE,mCAAmC,CACpC,aAAa,EACb,6BAA6B,CAC9B;IAuBK,wBAAwB,IAAI,OAAO,CAAC;QACxC,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IAyBF;;;OAGG;IACG,uBAAuB;IAQ7B;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,MAAM,EAAE;QACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC;QACf,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB;IAyDD;;;;;;;OAOG;IACG,iCAAiC,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IA4ChB;;;;;;;;OAQG;IACG,gBAAgB,CACpB,IAAI,EAAE,UAAU,EAChB,IAAI,EAAE,UAAU,EAChB,OAAO,CAAC,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IA4BhB;;;;;;;OAOG;IACG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IA4CtE;;;;;;;;OAQG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM;IA6D7D;;;;;;OAMG;IACH,yBAAyB,CACvB,UAAU,EACN,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,GAC5D,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,EAAE;IAOpE;;;;;;;;OAQG;IACG,mBAAmB,CACvB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAI,EAAE,UAAU,EAChB,IAAI,GAAE,UAAgC,GACrC,qBAAqB,GAAG,SAAS;IAOpC;;;;;;;;;;OAUG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrD;;;;;;OAMG;IACG,SAAS;IAcf;;;;;;;;OAQG;IACG,wBAAwB,CAAC,EAC7B,cAAc,GACf,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;KACxB;IAwBD;;;;;;;OAOG;IACG,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAqB,GACtB,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,GAAG,OAAO,CAAC,IAAI,CAAC;IAkEjB;;;;;;;;;OASG;IACG,uBAAuB,CAAC,OAAO,CAAC,EAAE;QACtC,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,gBAAgB,CAAC,EAAE,oBAAoB,CAAC;KACzC,GAAG,OAAO,CAAC,OAAO,CAAC;IAiEpB;;;;;;;;;;OAUG;IACG,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC;IAahD;;OAEG;IACH,UAAU;IAoDV;;;;;OAKG;IACG,yBAAyB,CAAC,oBAAoB,EAAE,MAAM;IAM5D;;;;;OAKG;IACG,wBAAwB;IAuvB9B;;;;;;;OAOG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAqCxC;;;;;;;OAOG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM;IA6CxC;;;;;;OAMG;IACG,0BAA0B;IAmKhC;;;;OAIG;IACI,yBAAyB,IAAI,OAAO;IAY3C;;;;OAIG;IACI,+BAA+B,IAAI,OAAO;IAYjD;;;;;OAKG;IACI,uBAAuB,IAAI,OAAO;CAa1C"}
1	+ {"version":3,"file":"SeedlessOnboardingController.d.cts","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kCAAkC;AAE3D,OAAO,KAAK,KAAK,eAAe,qCAAqC;AACrE,OAAO,KAAK,EAGV,oBAAoB,EACrB,sCAAsC;AACvC,OAAO,EACL,iBAAiB,EAGlB,sCAAsC;AAiBvC,OAAO,KAAK,EAAE,cAAc,EAAE,wBAAoB;AAClD,OAAO,EACL,cAAc,EAEd,UAAU,EAGX,wBAAoB;AAGrB,OAAO,EAAE,cAAc,EAAE,6BAAyB;AAClD,OAAO,KAAK,EAEV,qCAAqC,EACrC,mCAAmC,EACnC,iCAAiC,EAEjC,qBAAqB,EAOtB,oBAAgB;AAUjB;;;;;GAKG;AACH,wBAAgB,uDAAuD,CACrE,SAAS,CAAC,EAAE,OAAO,CAAC,iCAAiC,CAAC,GACrD,iCAAiC,CAenC;AA4ID,qBAAa,4BAA4B,CACvC,aAAa,EACb,6BAA6B,GAAG,eAAe,CAAC,oBAAoB,CACpE,SAAQ,cAAc,CACtB,OAAO,cAAc,EACrB,iCAAiC,EACjC,qCAAqC,CACtC;;IAUC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IA2BxC;;;;;;;;;;;;;OAaG;gBACS,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAiC,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAyD,GAC1D,EAAE,mCAAmC,CACpC,aAAa,EACb,6BAA6B,CAC9B;IAuBK,wBAAwB,IAAI,OAAO,CAAC;QACxC,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IAyBF;;;OAGG;IACG,uBAAuB;IAQ7B;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,MAAM,EAAE;QACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC;QACf,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB;IAyDD;;;;;;;OAOG;IACG,iCAAiC,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IA4ChB;;;;;;;;OAQG;IACG,gBAAgB,CACpB,IAAI,EAAE,UAAU,EAChB,IAAI,EAAE,UAAU,EAChB,OAAO,CAAC,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IA4BhB;;;;;;;OAOG;IACG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IA4CtE;;;;;;;;OAQG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM;IA6D7D;;;;;;OAMG;IACH,yBAAyB,CACvB,UAAU,EACN,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,GAC5D,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,EAAE;IAOpE;;;;;;;;OAQG;IACG,mBAAmB,CACvB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAI,EAAE,UAAU,EAChB,IAAI,GAAE,UAAgC,GACrC,qBAAqB,GAAG,SAAS;IAOpC;;;;;;;;;;OAUG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrD;;;;;;OAMG;IACG,SAAS;IAcf;;;;;;;;OAQG;IACG,wBAAwB,CAAC,EAC7B,cAAc,GACf,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;KACxB;IAwBD;;;;;;;OAOG;IACG,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAqB,GACtB,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,GAAG,OAAO,CAAC,IAAI,CAAC;IAkEjB;;;;;;;;;OASG;IACG,uBAAuB,CAAC,OAAO,CAAC,EAAE;QACtC,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,gBAAgB,CAAC,EAAE,oBAAoB,CAAC;KACzC,GAAG,OAAO,CAAC,OAAO,CAAC;IAiEpB;;;;;;;;;;OAUG;IACG,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC;IAahD;;OAEG;IACH,UAAU;IAoDV;;;;;OAKG;IACG,yBAAyB,CAAC,oBAAoB,EAAE,MAAM;IAM5D;;;;;OAKG;IACG,wBAAwB;IAuvB9B;;;;;;;OAOG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAqCxC;;;;;;;OAOG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM;IA6CxC;;;;;;OAMG;IACG,0BAA0B;IAmKhC;;;;OAIG;IACI,yBAAyB,IAAI,OAAO;IAY3C;;;;OAIG;IACI,+BAA+B,IAAI,OAAO;IAYjD;;;;;OAKG;IACI,uBAAuB,IAAI,OAAO;CAa1C"}

package/dist/SeedlessOnboardingController.d.mts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SeedlessOnboardingController.d.mts","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,~~EAAsB~~,kCAAkC;~~AAC/E~~,OAAO,KAAK,KAAK,eAAe,qCAAqC;AACrE,OAAO,KAAK,EAGV,oBAAoB,EACrB,sCAAsC;AACvC,OAAO,EACL,iBAAiB,EAGlB,sCAAsC;AAiBvC,OAAO,KAAK,EAAE,cAAc,EAAE,wBAAoB;AAClD,OAAO,EACL,cAAc,EAEd,UAAU,EAGX,wBAAoB;AAGrB,OAAO,EAAE,cAAc,EAAE,6BAAyB;AAClD,OAAO,KAAK,EAEV,qCAAqC,EACrC,mCAAmC,EACnC,iCAAiC,EAEjC,qBAAqB,EAOtB,oBAAgB;AAUjB;;;;;GAKG;AACH,wBAAgB,uDAAuD,CACrE,SAAS,CAAC,EAAE,OAAO,CAAC,iCAAiC,CAAC,GACrD,iCAAiC,CAenC;AA4ID,qBAAa,4BAA4B,CACvC,aAAa,EACb,6BAA6B,GAAG,eAAe,CAAC,oBAAoB,CACpE,SAAQ,cAAc,CACtB,OAAO,cAAc,EACrB,iCAAiC,EACjC,qCAAqC,CACtC;;IAUC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IA2BxC;;;;;;;;;;;;;OAaG;gBACS,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAiC,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAyD,GAC1D,EAAE,mCAAmC,CACpC,aAAa,EACb,6BAA6B,CAC9B;IAuBK,wBAAwB,IAAI,OAAO,CAAC;QACxC,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IAyBF;;;OAGG;IACG,uBAAuB;IAQ7B;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,MAAM,EAAE;QACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC;QACf,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB;IAyDD;;;;;;;OAOG;IACG,iCAAiC,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IA4ChB;;;;;;;;OAQG;IACG,gBAAgB,CACpB,IAAI,EAAE,UAAU,EAChB,IAAI,EAAE,UAAU,EAChB,OAAO,CAAC,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IA4BhB;;;;;;;OAOG;IACG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IA4CtE;;;;;;;;OAQG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM;IA6D7D;;;;;;OAMG;IACH,yBAAyB,CACvB,UAAU,EACN,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,GAC5D,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,EAAE;IAOpE;;;;;;;;OAQG;IACG,mBAAmB,CACvB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAI,EAAE,UAAU,EAChB,IAAI,GAAE,UAAgC,GACrC,qBAAqB,GAAG,SAAS;IAOpC;;;;;;;;;;OAUG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrD;;;;;;OAMG;IACG,SAAS;IAcf;;;;;;;;OAQG;IACG,wBAAwB,CAAC,EAC7B,cAAc,GACf,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;KACxB;IAwBD;;;;;;;OAOG;IACG,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAqB,GACtB,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,GAAG,OAAO,CAAC,IAAI,CAAC;IAkEjB;;;;;;;;;OASG;IACG,uBAAuB,CAAC,OAAO,CAAC,EAAE;QACtC,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,gBAAgB,CAAC,EAAE,oBAAoB,CAAC;KACzC,GAAG,OAAO,CAAC,OAAO,CAAC;IAiEpB;;;;;;;;;;OAUG;IACG,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC;IAahD;;OAEG;IACH,UAAU;IAoDV;;;;;OAKG;IACG,yBAAyB,CAAC,oBAAoB,EAAE,MAAM;IAM5D;;;;;OAKG;IACG,wBAAwB;IAuvB9B;;;;;;;OAOG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAqCxC;;;;;;;OAOG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM;IA6CxC;;;;;;OAMG;IACG,0BAA0B;IAmKhC;;;;OAIG;IACI,yBAAyB,IAAI,OAAO;IAY3C;;;;OAIG;IACI,+BAA+B,IAAI,OAAO;IAYjD;;;;;OAKG;IACI,uBAAuB,IAAI,OAAO;CAa1C"}
1	+ {"version":3,"file":"SeedlessOnboardingController.d.mts","sourceRoot":"","sources":["../src/SeedlessOnboardingController.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kCAAkC;AAE3D,OAAO,KAAK,KAAK,eAAe,qCAAqC;AACrE,OAAO,KAAK,EAGV,oBAAoB,EACrB,sCAAsC;AACvC,OAAO,EACL,iBAAiB,EAGlB,sCAAsC;AAiBvC,OAAO,KAAK,EAAE,cAAc,EAAE,wBAAoB;AAClD,OAAO,EACL,cAAc,EAEd,UAAU,EAGX,wBAAoB;AAGrB,OAAO,EAAE,cAAc,EAAE,6BAAyB;AAClD,OAAO,KAAK,EAEV,qCAAqC,EACrC,mCAAmC,EACnC,iCAAiC,EAEjC,qBAAqB,EAOtB,oBAAgB;AAUjB;;;;;GAKG;AACH,wBAAgB,uDAAuD,CACrE,SAAS,CAAC,EAAE,OAAO,CAAC,iCAAiC,CAAC,GACrD,iCAAiC,CAenC;AA4ID,qBAAa,4BAA4B,CACvC,aAAa,EACb,6BAA6B,GAAG,eAAe,CAAC,oBAAoB,CACpE,SAAQ,cAAc,CACtB,OAAO,cAAc,EACrB,iCAAiC,EACjC,qCAAqC,CACtC;;IAUC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IA2BxC;;;;;;;;;;;;;OAaG;gBACS,EACV,SAAS,EACT,KAAK,EACL,SAAS,EACT,eAAe,EACf,OAAiC,EACjC,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,wBAAyD,GAC1D,EAAE,mCAAmC,CACpC,aAAa,EACb,6BAA6B,CAC9B;IAuBK,wBAAwB,IAAI,OAAO,CAAC;QACxC,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IAyBF;;;OAGG;IACG,uBAAuB;IAQ7B;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,MAAM,EAAE;QACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC;QACf,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB;IAyDD;;;;;;;OAOG;IACG,iCAAiC,CACrC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IA4ChB;;;;;;;;OAQG;IACG,gBAAgB,CACpB,IAAI,EAAE,UAAU,EAChB,IAAI,EAAE,UAAU,EAChB,OAAO,CAAC,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IA4BhB;;;;;;;OAOG;IACG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IA4CtE;;;;;;;;OAQG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM;IA6D7D;;;;;;OAMG;IACH,yBAAyB,CACvB,UAAU,EACN,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,GAC5D,CAAC,IAAI,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG;QAAE,IAAI,EAAE,UAAU,CAAA;KAAE,CAAC,EAAE;IAOpE;;;;;;;;OAQG;IACG,mBAAmB,CACvB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,GACA,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;;;OAQG;IACH,wBAAwB,CACtB,IAAI,EAAE,UAAU,EAChB,IAAI,GAAE,UAAgC,GACrC,qBAAqB,GAAG,SAAS;IAOpC;;;;;;;;;;OAUG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrD;;;;;;OAMG;IACG,SAAS;IAcf;;;;;;;;OAQG;IACG,wBAAwB,CAAC,EAC7B,cAAc,GACf,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;KACxB;IAwBD;;;;;;;OAOG;IACG,oBAAoB,CAAC,EACzB,cAAc,EACd,iBAAqB,GACtB,EAAE;QACD,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,GAAG,OAAO,CAAC,IAAI,CAAC;IAkEjB;;;;;;;;;OASG;IACG,uBAAuB,CAAC,OAAO,CAAC,EAAE;QACtC,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,gBAAgB,CAAC,EAAE,oBAAoB,CAAC;KACzC,GAAG,OAAO,CAAC,OAAO,CAAC;IAiEpB;;;;;;;;;;OAUG;IACG,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC;IAahD;;OAEG;IACH,UAAU;IAoDV;;;;;OAKG;IACG,yBAAyB,CAAC,oBAAoB,EAAE,MAAM;IAM5D;;;;;OAKG;IACG,wBAAwB;IAuvB9B;;;;;;;OAOG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAqCxC;;;;;;;OAOG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM;IA6CxC;;;;;;OAMG;IACG,0BAA0B;IAmKhC;;;;OAIG;IACI,yBAAyB,IAAI,OAAO;IAY3C;;;;OAIG;IACI,+BAA+B,IAAI,OAAO;IAYjD;;;;;OAKG;IACI,uBAAuB,IAAI,OAAO;CAa1C"}

package/dist/SeedlessOnboardingController.mjs CHANGED Viewed

@@ -1579,7 +1579,7 @@ function assertIsValidPassword(password) {
     if (typeof password !== 'string') {
         throw new Error(SeedlessOnboardingControllerErrorMessage.WrongPasswordType);
     }
-    if (!password || !password.length) {
+    if (!password?.length) {
         throw new Error(SeedlessOnboardingControllerErrorMessage.InvalidEmptyPassword);
     }
 }