@monolythium/core-sdk 0.4.23 → 0.5.0

package/dist/index.cjs

@@ -2,9 +2,6 @@
 
 var blake3_js = require('@noble/hashes/blake3.js');
 var sha3_js = require('@noble/hashes/sha3.js');
-var mlKem_js = require('@noble/post-quantum/ml-kem.js');
-var chacha_js = require('@noble/ciphers/chacha.js');
-require('@noble/hashes/utils.js');
 var mlDsa_js = require('@noble/post-quantum/ml-dsa.js');
 var bls12381_js = require('@noble/curves/bls12-381.js');
 var bip39 = require('@scure/bip39');
@@ -382,10 +379,6 @@ var NODE_REGISTRY_SELECTORS = {
   formClusterV2: "0x" + selectorHex("formCluster(bytes,bytes,bytes,bytes)"),
   /** `setOperatorDisplay(bytes32,string,string)` — owner-callable public display metadata. */
   setOperatorDisplay: "0x" + selectorHex("setOperatorDisplay(bytes32,string,string)"),
-  /** `publishOperatorSealKey(bytes32,bytes)` — owner-callable LythiumSeal EK publication. */
-  publishOperatorSealKey: "0x" + selectorHex("publishOperatorSealKey(bytes32,bytes)"),
-  /** `getOperatorSealKey(bytes32)` view — returns the operator's published LythiumSeal EK. */
-  getOperatorSealKey: "0x" + selectorHex("getOperatorSealKey(bytes32)"),
   /**
    * `updateCharter(uint32,bytes,bytes,bytes)` — Component H live charter
    * amendment (Law §6.8); re-signs a new 30-byte charter for a LIVE cluster
@@ -411,7 +404,35 @@ var NODE_REGISTRY_SELECTORS = {
   /** `getProbeAuthority()` view — Component C configured probe-authority address. */
   getProbeAuthority: "0x" + selectorHex("getProbeAuthority()"),
   /** `attestServiceProbe(bytes32,uint32,uint8,uint64)` — Component C attested score-eligibility path. */
-  attestServiceProbe: "0x" + selectorHex("attestServiceProbe(bytes32,uint32,uint8,uint64)")
+  attestServiceProbe: "0x" + selectorHex("attestServiceProbe(bytes32,uint32,uint8,uint64)"),
+  /**
+   * `advertiseSeat(uint32,uint8,uint32,uint128,uint32,bytes32)` returns
+   * `uint32 seatId` (L6 open-seat marketplace). Publishes a vacancy
+   * listing; caller must own an active member op-hash of the cluster.
+   */
+  advertiseSeat: "0x" + selectorHex("advertiseSeat(uint32,uint8,uint32,uint128,uint32,bytes32)"),
+  /**
+   * `applyForSeat(uint32,uint32,bytes)` returns `bytes32 appKey` (L6).
+   * Payable — the native `value` carries the refundable application
+   * escrow ({@link NODE_REGISTRY_SEAT_APPLICATION_ESCROW_LYTHOSHI}).
+   */
+  applyForSeat: "0x" + selectorHex("applyForSeat(uint32,uint32,bytes)"),
+  /**
+   * `voteSeatAdmit(uint32,bytes32,bytes)` returns `uint16 voteCount`
+   * (L6). Active-member admission vote; the 7-of-10 threshold-reaching
+   * vote fills the seat and admits the operator.
+   */
+  voteSeatAdmit: "0x" + selectorHex("voteSeatAdmit(uint32,bytes32,bytes)"),
+  /**
+   * `withdrawSeatApplication(uint32,bytes32)` returns `bool` (L6) —
+   * applicant withdrawal that refunds the escrow.
+   */
+  withdrawSeatApplication: "0x" + selectorHex("withdrawSeatApplication(uint32,bytes32)"),
+  /**
+   * `closeSeat(uint32,uint32)` returns `bool` (L6) — advertiser rescind
+   * of an `Open` listing.
+   */
+  closeSeat: "0x" + selectorHex("closeSeat(uint32,uint32)")
 };
 var NODE_REGISTRY_CLUSTER_MEMBER_REF_BYTES = 48;
 var NODE_REGISTRY_LEGACY_CLUSTER_MEMBER_PUBKEY_BYTES = NODE_REGISTRY_CLUSTER_MEMBER_REF_BYTES;
@@ -419,7 +440,6 @@ var NODE_REGISTRY_BLS_PUBKEY_BYTES = NODE_REGISTRY_CLUSTER_MEMBER_REF_BYTES;
 var NODE_REGISTRY_CONSENSUS_PUBKEY_BYTES = 1952;
 var NODE_REGISTRY_CONSENSUS_SIGNATURE_BYTES = 3309;
 var NODE_REGISTRY_CONSENSUS_POP_BYTES = 3309;
-var NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES = 1184;
 var NODE_REGISTRY_DKG_ATTESTATION_SIG_BYTES = 96;
 var NODE_REGISTRY_DKG_THRESHOLD_SIG_BYTES = NODE_REGISTRY_DKG_ATTESTATION_SIG_BYTES;
 var NODE_REGISTRY_DKG_RESHARE_MIN_SIGNERS = 5;
@@ -686,43 +706,6 @@ function encodeSetOperatorDisplayCalldata(args) {
     )
   );
 }
-function encodePublishOperatorSealKeyCalldata(args) {
-  const peerId = expectLength2(toBytes(args.peerId), 32, "peerId");
-  const sealEk = expectNonZeroBytes(
-    expectLength2(toBytes(args.sealEk), NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES, "sealEk"),
-    "sealEk"
-  );
-  const sealEkPadded = padToWord(sealEk);
-  return bytesToHex(
-    concatBytes(
-      hexToBytes(NODE_REGISTRY_SELECTORS.publishOperatorSealKey),
-      peerId,
-      uint64Word(2n * 32n, "sealEkOffset"),
-      uint64Word(BigInt(sealEk.length), "sealEkLength"),
-      sealEkPadded
-    )
-  );
-}
-function encodeGetOperatorSealKeyCalldata(args) {
-  return bytesToHex(
-    concatBytes(
-      hexToBytes(NODE_REGISTRY_SELECTORS.getOperatorSealKey),
-      expectLength2(toBytes(args.operatorId), 32, "operatorId")
-    )
-  );
-}
-function decodeOperatorSealKey(returnData) {
-  const bytes = toBytes(returnData);
-  if (bytes.length === NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES) {
-    return bytesToHex(expectNonZeroBytes(bytes, "operatorSealKey"));
-  }
-  const sealEk = decodeDynamicBytesResult(
-    bytes,
-    NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES,
-    "operatorSealKey"
-  );
-  return bytesToHex(expectNonZeroBytes(sealEk, "operatorSealKey"));
-}
 function encodeCancelClusterJoinCalldata(args) {
   return bytesToHex(
     concatBytes(
@@ -1396,6 +1379,253 @@ function deriveClusterAnchorAddress(roster, threshold) {
   }
   return bytesToHex(blake3_js.blake3(concatBytes(...parts)).slice(0, 20));
 }
+var NODE_REGISTRY_TAG_CLUSTER_SEAT = 50;
+var NODE_REGISTRY_SEAT_APPLICATION_ESCROW_LYTHOSHI = 100n * 1000000000000000000n;
+var NODE_REGISTRY_MIN_SELF_BOND_LYTHOSHI = 5000n * 1000000000000000000n;
+var NODE_REGISTRY_SEAT_KIND_ACTIVE = 0;
+var NODE_REGISTRY_SEAT_KIND_STANDBY = 1;
+function seatKindFromByte(b) {
+  return b === NODE_REGISTRY_SEAT_KIND_STANDBY ? "standby" : "active";
+}
+function seatKindToByte(kind) {
+  return kind === "standby" ? NODE_REGISTRY_SEAT_KIND_STANDBY : NODE_REGISTRY_SEAT_KIND_ACTIVE;
+}
+var SEAT_STATUS_CODES = {
+  none: 0,
+  open: 1,
+  filled: 2,
+  closed: 3
+};
+function seatStatusFromByte(b) {
+  switch (b) {
+    case 1:
+      return "open";
+    case 2:
+      return "filled";
+    case 3:
+      return "closed";
+    default:
+      return "none";
+  }
+}
+var SEAT_ADVERTISED_EVENT_SIG = "SeatAdvertised(uint32,uint32,bytes32,uint8,uint32,uint128,uint32,bytes32)";
+var SEAT_APPLIED_EVENT_SIG = "SeatApplied(uint32,uint32,bytes32,address,uint128)";
+var SEAT_FILLED_EVENT_SIG = "SeatFilled(uint32,uint32,bytes32,uint16,uint16)";
+var SEAT_CLOSED_EVENT_SIG = "SeatClosed(uint32,uint32,uint8)";
+function encodeAdvertiseSeatCalldata(args) {
+  const kindByte = typeof args.kind === "number" ? args.kind : seatKindToByte(args.kind);
+  if (!Number.isInteger(kindByte) || kindByte < 0 || kindByte > 255) {
+    throw new NodeRegistryError("kind must be a u8 seat kind (0 = active, 1 = standby)");
+  }
+  return bytesToHex(
+    concatBytes(
+      hexToBytes(NODE_REGISTRY_SELECTORS.advertiseSeat),
+      uint32Word(toUint32(args.clusterId, "clusterId")),
+      uint8Word(kindByte),
+      uint32Word(toUint32(args.seatCount, "seatCount")),
+      uint128Word(args.minBondLythoshi, "minBondLythoshi"),
+      uint32Word(toUint32(args.capabilityMask, "capabilityMask")),
+      expectLength2(toBytes(args.termsHash), 32, "termsHash")
+    )
+  );
+}
+function encodeApplyForSeatCalldata(args) {
+  const operatorPubkey = expectLength2(
+    toBytes(args.operatorPubkey),
+    NODE_REGISTRY_CONSENSUS_PUBKEY_BYTES,
+    "operatorPubkey"
+  );
+  const operatorPubkeyPadded = padToWord(operatorPubkey);
+  return bytesToHex(
+    concatBytes(
+      hexToBytes(NODE_REGISTRY_SELECTORS.applyForSeat),
+      uint32Word(toUint32(args.clusterId, "clusterId")),
+      uint32Word(toUint32(args.seatId, "seatId")),
+      uint64Word(3n * 32n, "operatorPubkeyOffset"),
+      uint64Word(BigInt(operatorPubkey.length), "operatorPubkeyLength"),
+      operatorPubkeyPadded
+    )
+  );
+}
+function encodeVoteSeatAdmitCalldata(args) {
+  const appKey = expectLength2(toBytes(args.appKey), 32, "appKey");
+  const voterPubkey = expectLength2(
+    toBytes(args.voterPubkey),
+    NODE_REGISTRY_CONSENSUS_PUBKEY_BYTES,
+    "voterPubkey"
+  );
+  const voterPubkeyPadded = padToWord(voterPubkey);
+  return bytesToHex(
+    concatBytes(
+      hexToBytes(NODE_REGISTRY_SELECTORS.voteSeatAdmit),
+      uint32Word(toUint32(args.clusterId, "clusterId")),
+      appKey,
+      uint64Word(3n * 32n, "voterPubkeyOffset"),
+      uint64Word(BigInt(voterPubkey.length), "voterPubkeyLength"),
+      voterPubkeyPadded
+    )
+  );
+}
+function encodeWithdrawSeatApplicationCalldata(args) {
+  return bytesToHex(
+    concatBytes(
+      hexToBytes(NODE_REGISTRY_SELECTORS.withdrawSeatApplication),
+      uint32Word(toUint32(args.clusterId, "clusterId")),
+      expectLength2(toBytes(args.appKey), 32, "appKey")
+    )
+  );
+}
+function encodeCloseSeatCalldata(args) {
+  return bytesToHex(
+    concatBytes(
+      hexToBytes(NODE_REGISTRY_SELECTORS.closeSeat),
+      uint32Word(toUint32(args.clusterId, "clusterId")),
+      uint32Word(toUint32(args.seatId, "seatId"))
+    )
+  );
+}
+function deriveSeatApplicationKey(operatorPubkey) {
+  return bytesToHex(
+    blake3_js.blake3(expectLength2(toBytes(operatorPubkey), NODE_REGISTRY_CONSENSUS_PUBKEY_BYTES, "operatorPubkey"))
+  );
+}
+function decodeSeatAdvertisedEvent(topics, data) {
+  const { clusterId, seatId } = decodeSeatClusterSeatTopics(topics, SEAT_ADVERTISED_EVENT_SIG, 3);
+  const body = toBytes(data);
+  if (body.length < 6 * 32) {
+    throw new NodeRegistryError("SeatAdvertised data shorter than the 6-word body");
+  }
+  const word = (i) => body.slice(i * 32, (i + 1) * 32);
+  return {
+    clusterId,
+    seatId,
+    advertiser: bytesToHex(word(0)),
+    kind: numberFromWord(word(1), "kind", 255),
+    seatCount: u32FromWord(word(2)),
+    minBondLythoshi: uintFromWord(word(3)),
+    capabilityMask: u32FromWord(word(4)),
+    termsHash: bytesToHex(word(5))
+  };
+}
+function decodeSeatAppliedEvent(topics, data) {
+  const { clusterId, seatId, operatorId } = decodeSeatClusterSeatOperatorTopics(
+    topics,
+    SEAT_APPLIED_EVENT_SIG
+  );
+  const body = toBytes(data);
+  if (body.length < 2 * 32) {
+    throw new NodeRegistryError("SeatApplied data shorter than the 2-word body");
+  }
+  return {
+    clusterId,
+    seatId,
+    operatorId,
+    owner: bytesToHex(body.slice(12, 32)),
+    escrowLythoshi: uintFromWord(body.slice(32, 64))
+  };
+}
+function decodeSeatFilledEvent(topics, data) {
+  const { clusterId, seatId, operatorId } = decodeSeatClusterSeatOperatorTopics(
+    topics,
+    SEAT_FILLED_EVENT_SIG
+  );
+  const body = toBytes(data);
+  if (body.length < 2 * 32) {
+    throw new NodeRegistryError("SeatFilled data shorter than the 2-word body");
+  }
+  return {
+    clusterId,
+    seatId,
+    operatorId,
+    filledCount: numberFromWord(body.slice(0, 32), "filledCount", 65535),
+    seatCount: numberFromWord(body.slice(32, 64), "seatCount", 65535)
+  };
+}
+function decodeSeatClosedEvent(topics, data) {
+  const { clusterId, seatId } = decodeSeatClusterSeatTopics(topics, SEAT_CLOSED_EVENT_SIG, 3);
+  const body = toBytes(data);
+  if (body.length < 32) {
+    throw new NodeRegistryError("SeatClosed data shorter than the 1-word body");
+  }
+  return {
+    clusterId,
+    seatId,
+    status: numberFromWord(body.slice(0, 32), "status", 255)
+  };
+}
+function openSeatFromAdvertised(event) {
+  return {
+    clusterId: event.clusterId,
+    seatId: event.seatId,
+    advertiser: event.advertiser,
+    kind: seatKindFromByte(event.kind),
+    seatCount: event.seatCount,
+    filledCount: 0,
+    minBondLythoshi: event.minBondLythoshi,
+    capabilityMask: event.capabilityMask,
+    termsHash: event.termsHash,
+    status: "open"
+  };
+}
+function decodeSeatClusterSeatTopics(topics, sig, expectedCount) {
+  if (topics.length !== expectedCount) {
+    throw new NodeRegistryError(`${sig} expects ${expectedCount} topics, got ${topics.length}`);
+  }
+  assertEventTopic0(topics[0], sig);
+  return {
+    clusterId: u32FromWord(expectLength2(toBytes(topics[1]), 32, "clusterId topic")),
+    seatId: u32FromWord(expectLength2(toBytes(topics[2]), 32, "seatId topic"))
+  };
+}
+function decodeSeatClusterSeatOperatorTopics(topics, sig) {
+  if (topics.length !== 4) {
+    throw new NodeRegistryError(`${sig} expects 4 topics, got ${topics.length}`);
+  }
+  assertEventTopic0(topics[0], sig);
+  return {
+    clusterId: u32FromWord(expectLength2(toBytes(topics[1]), 32, "clusterId topic")),
+    seatId: u32FromWord(expectLength2(toBytes(topics[2]), 32, "seatId topic")),
+    operatorId: bytesToHex(expectLength2(toBytes(topics[3]), 32, "operatorId topic"))
+  };
+}
+function assertEventTopic0(topic0, sig) {
+  const got = bytesToHex(expectLength2(toBytes(topic0), 32, "topic0"));
+  const want = bytesToHex(sha3_js.keccak_256(new TextEncoder().encode(sig)));
+  if (got !== want) {
+    throw new NodeRegistryError(`unexpected topic0 for ${sig}`);
+  }
+}
+function uint128Word(value, name) {
+  const n = toUint128(value, name);
+  const out = new Uint8Array(32);
+  let rest = n;
+  for (let i = 31; i >= 16; i--) {
+    out[i] = Number(rest & 0xffn);
+    rest >>= 8n;
+  }
+  return out;
+}
+function toUint128(value, name) {
+  let parsed;
+  if (typeof value === "bigint") {
+    parsed = value;
+  } else if (typeof value === "number") {
+    if (!Number.isSafeInteger(value)) {
+      throw new NodeRegistryError(`${name} must be a safe integer`);
+    }
+    parsed = BigInt(value);
+  } else {
+    const trimmed = value.trim();
+    if (!/^\d+$/u.test(trimmed)) {
+      throw new NodeRegistryError(`${name} must be a decimal uint128`);
+    }
+    parsed = BigInt(trimmed);
+  }
+  if (parsed < 0n || parsed >= 1n << 128n) {
+    throw new NodeRegistryError(`${name} must fit uint128`);
+  }
+  return parsed;
+}
 function selectorHex(sig) {
   return [...sha3_js.keccak_256(new TextEncoder().encode(sig)).slice(0, 4)].map((b) => b.toString(16).padStart(2, "0")).join("");
 }
@@ -1651,30 +1881,6 @@ function expectLength2(value, len, name) {
   }
   return value;
 }
-function expectNonZeroBytes(value, name) {
-  if (value.every((byte) => byte === 0)) {
-    throw new NodeRegistryError(`${name} must not be all-zero`);
-  }
-  return value;
-}
-function decodeDynamicBytesResult(bytes, expectedLength, label) {
-  if (bytes.length < 64) {
-    throw new NodeRegistryError(`${label} return must be ABI-encoded dynamic bytes`);
-  }
-  const offset = uintFromWord(bytes.slice(0, 32));
-  if (offset !== 32n) {
-    throw new NodeRegistryError(`${label} return offset must be 0x20`);
-  }
-  const len = uintFromWord(bytes.slice(32, 64));
-  if (len !== BigInt(expectedLength)) {
-    throw new NodeRegistryError(`${label} must be ${expectedLength} bytes, got ${len}`);
-  }
-  const paddedLen = Math.ceil(expectedLength / 32) * 32;
-  if (bytes.length < 64 + paddedLen) {
-    throw new NodeRegistryError(`${label} body is truncated`);
-  }
-  return bytes.slice(64, 64 + expectedLength);
-}
 
 // src/native-events.ts
 var NATIVE_MARKET_EVENT_FAMILY = "market";
@@ -1816,6 +2022,40 @@ function parseBigint(value, label) {
   return BigInt(value);
 }
 
+// src/crypto/submission.ts
+function buildPlaintextSubmission(args) {
+  const signed = args.backend.signEvmTx(args.tx);
+  return {
+    signedTxWireHex: `0x${signed.wireHex}`,
+    innerTxHashHex: bytesToHex2(signed.txHash),
+    innerSighashHex: bytesToHex2(signed.sighash),
+    innerWireBytes: signed.wireBytes.length
+  };
+}
+async function submitPlaintextTransaction(client, signedTxWireHex, expectedTxHashHex) {
+  const returned = await client.call("mesh_submitTx", [signedTxWireHex]);
+  const returnedBytes = hexToBytes2(returned, "mesh_submitTx tx hash");
+  if (returnedBytes.length !== 32) {
+    throw new Error(
+      `mesh_submitTx tx hash must be 32 bytes, got ${returnedBytes.length}`
+    );
+  }
+  const expectedBytes = hexToBytes2(expectedTxHashHex, "expected tx hash");
+  if (!bytesEqual(returnedBytes, expectedBytes)) {
+    throw new Error(
+      `mesh_submitTx returned tx hash ${bytesToHex2(returnedBytes)} but the locally computed canonical hash is ${bytesToHex2(expectedBytes)}`
+    );
+  }
+  return bytesToHex2(returnedBytes);
+}
+function bytesEqual(a, b) {
+  if (a.length !== b.length) return false;
+  for (let i = 0; i < a.length; i++) {
+    if (a[i] !== b[i]) return false;
+  }
+  return true;
+}
+
 // src/crypto/bincode.ts
 var BincodeWriter = class {
   #chunks = [];
@@ -1875,673 +2115,6 @@ var BincodeWriter = class {
   }
 };
 
-// src/crypto/tx.ts
-function encodeTransactionForHash(fields, tag) {
-  const n = normalizeTxFields(fields);
-  return concatBytes2(
-    Uint8Array.of(tag),
-    bigintToBeBytes(n.chainId, 8, "chainId"),
-    bigintToBeBytes(n.nonce, 8, "nonce"),
-    bigintToBeBytes(n.maxPriorityFeePerGas, 32, "maxPriorityFeePerGas"),
-    bigintToBeBytes(n.maxFeePerGas, 32, "maxFeePerGas"),
-    bigintToBeBytes(n.gasLimit, 8, "gasLimit"),
-    n.to === null ? Uint8Array.of(0) : concatBytes2(Uint8Array.of(1), n.to),
-    bigintToBeBytes(n.value, 32, "value"),
-    bigintToBeBytes(BigInt(n.input.length), 4, "input.length"),
-    n.input,
-    new Uint8Array(4),
-    // access_list length
-    encodeExtensionsForHash(n.extensions)
-  );
-}
-function bincodeSignedTransaction(fields, signature, publicKey) {
-  const n = normalizeTxFields(fields);
-  const sig = expectBytes(signature, ML_DSA_65_SIGNATURE_LEN, "ML-DSA-65 signature");
-  const pk = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key");
-  const w = new BincodeWriter();
-  w.u64(n.chainId);
-  w.u64(n.nonce);
-  w.bytes(uint256Be(n.maxPriorityFeePerGas, "maxPriorityFeePerGas"));
-  w.bytes(uint256Be(n.maxFeePerGas, "maxFeePerGas"));
-  w.u64(n.gasLimit);
-  if (n.to === null) {
-    w.u8(0);
-  } else {
-    w.u8(1);
-    w.bytes(n.to);
-  }
-  w.bytes(uint256Be(n.value, "value"));
-  w.bytes(n.input);
-  w.u64(0n);
-  w.u64(BigInt(n.extensions.length));
-  for (const ext of n.extensions) bincodeTypedExtensionInto(w, ext);
-  bincodeMlDsa65OpaqueInto(w, sig);
-  bincodeMlDsa65OpaqueInto(w, pk);
-  return w.toBytes();
-}
-function normalizeTxFields(fields) {
-  return {
-    chainId: parseBigint(fields.chainId, "chainId"),
-    nonce: parseBigint(fields.nonce, "nonce"),
-    maxPriorityFeePerGas: parseBigint(fields.maxPriorityFeePerGas, "maxPriorityFeePerGas"),
-    maxFeePerGas: parseBigint(fields.maxFeePerGas, "maxFeePerGas"),
-    gasLimit: parseBigint(fields.gasLimit, "gasLimit"),
-    to: normalizeTo(fields.to),
-    value: parseBigint(fields.value, "value"),
-    input: normalizeBytes(fields.input ?? new Uint8Array(0), "input"),
-    extensions: normalizeExtensions(fields.extensions)
-  };
-}
-function normalizeTo(value) {
-  if (value === null) return null;
-  const bytes = normalizeBytes(value, "to");
-  return expectBytes(bytes, 20, "to");
-}
-function normalizeBytes(value, label) {
-  if (typeof value === "string") return hexToBytes2(value, label);
-  return value instanceof Uint8Array ? value : Uint8Array.from(value);
-}
-function normalizeExtensions(value) {
-  if (value === void 0) return [];
-  return value.map((ext, index) => {
-    if (!Number.isInteger(ext.kind) || ext.kind < 0 || ext.kind > 255) {
-      throw new Error(`extensions[${index}].kind out of u8 range`);
-    }
-    const body = normalizeBytes("bodyHex" in ext ? ext.bodyHex : ext.body, `extensions[${index}].body`);
-    if (body.length > 4294967295) {
-      throw new Error(`extensions[${index}].body exceeds u32 length`);
-    }
-    return { kind: ext.kind, body };
-  });
-}
-function encodeExtensionsForHash(extensions) {
-  const chunks = [bigintToBeBytes(BigInt(extensions.length), 4, "extensions.length")];
-  for (const ext of extensions) {
-    chunks.push(
-      Uint8Array.of(ext.kind),
-      bigintToBeBytes(BigInt(ext.body.length), 4, "extension.body.length"),
-      ext.body
-    );
-  }
-  return concatBytes2(...chunks);
-}
-function uint256Be(value, label) {
-  if (value < 0n || value >= 1n << 256n) throw new Error(`${label} out of u256 range`);
-  const out = new Uint8Array(32);
-  let v = value;
-  for (let i = 31; i >= 0; i--) {
-    out[i] = Number(v & 0xffn);
-    v >>= 8n;
-  }
-  return out;
-}
-function bincodeMlDsa65OpaqueInto(w, raw) {
-  w.enumVariant(ENUM_VARIANT_INDEX_ML_DSA_65);
-  w.u16(STANDARD_ALGO_NUMBER_ML_DSA_65);
-  w.bytes(raw);
-}
-function bincodeTypedExtensionInto(w, ext) {
-  w.u8(ext.kind);
-  w.bytes(ext.body);
-}
-
-// src/crypto/ml-dsa.ts
-var ML_DSA_65_SEED_LEN = 32;
-var ML_DSA_65_SIGNING_KEY_LEN = 4032;
-var ML_DSA_65_PUBLIC_KEY_LEN = 1952;
-var ML_DSA_65_SIGNATURE_LEN = 3309;
-var STANDARD_ALGO_NUMBER_ML_DSA_65 = 1001;
-var ENUM_VARIANT_INDEX_ML_DSA_65 = 3;
-var ADDRESS_DERIVATION_DOMAIN = "MONO_ADDRESS_BLAKE3_20_V1";
-var ADDRESS_DERIVATION_DOMAIN_BYTES = new TextEncoder().encode(ADDRESS_DERIVATION_DOMAIN);
-var MlDsa65Backend = class _MlDsa65Backend {
-  #secretKey;
-  #publicKey;
-  #addressBytes;
-  #disposed = false;
-  constructor(secretKey, publicKey) {
-    this.#secretKey = expectBytes(secretKey, ML_DSA_65_SIGNING_KEY_LEN, "ML-DSA-65 secret key").slice();
-    this.#publicKey = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key").slice();
-    this.#addressBytes = mlDsa65AddressBytes(this.#publicKey);
-  }
-  static fromSeed(seed) {
-    const kp = mlDsa_js.ml_dsa65.keygen(expectBytes(seed, ML_DSA_65_SEED_LEN, "ML-DSA-65 seed"));
-    return new _MlDsa65Backend(kp.secretKey, kp.publicKey);
-  }
-  publicKey() {
-    return this.#publicKey.slice();
-  }
-  addressBytes() {
-    return this.#addressBytes.slice();
-  }
-  getAddress() {
-    return bytesToHex2(this.#addressBytes);
-  }
-  sign(message) {
-    if (this.#disposed) {
-      throw new Error("MlDsa65Backend disposed");
-    }
-    return mlDsa_js.ml_dsa65.sign(message, this.#secretKey, { extraEntropy: false });
-  }
-  /**
-   * Best-effort deterministic wipe of the in-memory secret key. Zeroes the
-   * SDK-held `#secretKey` copy and makes any subsequent `sign()` /
-   * `signPrehash()` / `signEvmTx()` throw `"MlDsa65Backend disposed"` rather
-   * than signing with a zeroed key. Idempotent. Public material
-   * (`publicKey()` / `getAddress()` / `verify()`) stays usable.
-   *
-   * Defense-in-depth (S1-01): narrows the post-lock residency window of the
-   * ML-DSA-65 secret in the JS heap. `@noble/post-quantum`'s internal
-   * transient keygen/sign buffers are out of scope; the SDK-held copy is the
-   * meaningful residency win.
-   */
-  dispose() {
-    this.#secretKey.fill(0);
-    this.#disposed = true;
-  }
-  /** Alias for {@link dispose}. */
-  zeroize() {
-    this.dispose();
-  }
-  /** Whether {@link dispose} has been called (the secret key is wiped). */
-  get disposed() {
-    return this.#disposed;
-  }
-  signPrehash(digest) {
-    return this.sign(expectBytes(digest, 32, "prehash"));
-  }
-  verify(message, signature) {
-    return mlDsa_js.ml_dsa65.verify(
-      expectBytes(signature, ML_DSA_65_SIGNATURE_LEN, "ML-DSA-65 signature"),
-      message,
-      this.#publicKey
-    );
-  }
-  signEvmTx(fields) {
-    const txHashPreimage = encodeTransactionForHash(fields, 1);
-    const sighash = sha3_js.keccak_256(txHashPreimage);
-    const signature = this.sign(sighash);
-    const wireBytes = bincodeSignedTransaction(fields, signature, this.#publicKey);
-    const txHash = sha3_js.keccak_256(
-      concatBytes2(
-        encodeTransactionForHash(fields, 2),
-        signature,
-        this.#publicKey
-      )
-    );
-    return {
-      wireHex: bytesToHex2(wireBytes).slice(2),
-      wireBytes,
-      sighash,
-      txHash
-    };
-  }
-};
-function mlDsa65AddressFromPublicKey(publicKey) {
-  return bytesToHex2(mlDsa65AddressBytes(publicKey));
-}
-function mlDsa65AddressBytes(publicKey) {
-  const bytes = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key");
-  return blake3_js.blake3(concatBytes2(
-    ADDRESS_DERIVATION_DOMAIN_BYTES,
-    bigintToBeBytes(BigInt(STANDARD_ALGO_NUMBER_ML_DSA_65), 2, "ML-DSA-65 algo id"),
-    bytes
-  )).slice(0, 20);
-}
-
-// src/crypto/envelope.ts
-new TextEncoder().encode("protocore/v2/mempool/dkg-mlkem768/1");
-var MempoolClass = {
-  Transfer: 0,
-  ContractCall: 1,
-  CLOBOp: 3};
-function bincodeNonceAad(aad) {
-  const w = new BincodeWriter();
-  w.bytes(expectBytes(aad.sender, 20, "NonceAad.sender"));
-  w.u64(aad.nonce);
-  w.u64(aad.chainId);
-  w.enumVariant(aad.class);
-  w.u128(aad.maxFeePerGas);
-  w.u128(aad.maxPriorityFeePerGas);
-  w.u64(aad.gasLimit);
-  return w.toBytes();
-}
-function bincodeDecryptHint(hint) {
-  const w = new BincodeWriter();
-  w.u64(hint.epoch);
-  w.u16(hint.scheme);
-  return w.toBytes();
-}
-function bincodeEncryptedEnvelope(env) {
-  const w = new BincodeWriter();
-  w.rawBytes(bincodeNonceAad(env.nonceAad));
-  w.bytes(env.ciphertext);
-  w.rawBytes(bincodeDecryptHint(env.decryptionHint));
-  bincodeMlDsa65OpaqueInto2(w, expectBytes(env.senderPubkey, ML_DSA_65_PUBLIC_KEY_LEN, "senderPubkey"));
-  bincodeMlDsa65OpaqueInto2(w, expectBytes(env.outerSignature, ML_DSA_65_SIGNATURE_LEN, "outerSignature"));
-  w.bytes(expectBytes(env.sender, 20, "sender"));
-  return w.toBytes();
-}
-function outerSigDigest(nonceAad, ciphertext, decryptionHint, senderPubkey) {
-  const aad = bincodeNonceAad(nonceAad);
-  const hint = bincodeDecryptHint(decryptionHint);
-  return sha3_js.keccak_256(concatBytes2(aad, ciphertext, hint, expectBytes(senderPubkey, ML_DSA_65_PUBLIC_KEY_LEN, "senderPubkey")));
-}
-function bincodeMlDsa65OpaqueInto2(w, raw) {
-  w.enumVariant(ENUM_VARIANT_INDEX_ML_DSA_65);
-  w.u16(STANDARD_ALGO_NUMBER_ML_DSA_65);
-  w.bytes(raw);
-}
-var SEAL_EK_LEN = 1184;
-var SEAL_KEY_LEN = 32;
-var SEAL_NONCE_LEN = 12;
-var SEAL_COMMIT_LEN = 32;
-var SEAL_SECRET_LEN = 32;
-var SEAL_SHARE_LEN = 1 + SEAL_SECRET_LEN;
-var CLUSTER_MLKEM_SHAMIR = 3;
-var COMMIT_DOMAIN = new TextEncoder().encode("lythiumseal/commit/v1");
-var KEK_DOMAIN = new TextEncoder().encode("lythiumseal/kek/v1");
-var NONCE_DOMAIN = new TextEncoder().encode("lythiumseal/nonce/v1");
-var BODY_AAD_DOMAIN = new TextEncoder().encode("lythiumseal/body/v1");
-var SHARE_AAD_DOMAIN = new TextEncoder().encode("lythiumseal/share/v1");
-var ROSTER_DOMAIN = new TextEncoder().encode("lythiumseal/roster/v1");
-function cryptoRandomSource() {
-  return {
-    fillBytes(dest) {
-      crypto.getRandomValues(dest);
-    }
-  };
-}
-function u32le(n) {
-  const out = new Uint8Array(4);
-  out[0] = n & 255;
-  out[1] = n >>> 8 & 255;
-  out[2] = n >>> 16 & 255;
-  out[3] = n >>> 24 & 255;
-  return out;
-}
-function u64le(n) {
-  const out = new Uint8Array(8);
-  let v = n;
-  for (let i = 0; i < 8; i++) {
-    out[i] = Number(v & 0xffn);
-    v >>= 8n;
-  }
-  return out;
-}
-function framed(field2) {
-  return concatBytes2(u32le(field2.length), field2);
-}
-function keyCommitment(key) {
-  return sha3_js.shake256(concatBytes2(framed(COMMIT_DOMAIN), key), { dkLen: SEAL_COMMIT_LEN });
-}
-function deriveKek(sharedSecret, domain, clusterId, epoch, opIndex) {
-  const input = concatBytes2(
-    framed(KEK_DOMAIN),
-    framed(sharedSecret),
-    framed(domain),
-    u32le(clusterId),
-    u64le(epoch),
-    Uint8Array.of(opIndex)
-  );
-  return sha3_js.shake256(input, { dkLen: SEAL_KEY_LEN });
-}
-function deriveNonce(domain, context) {
-  const input = concatBytes2(framed(NONCE_DOMAIN), framed(domain), framed(context));
-  return sha3_js.shake256(input, { dkLen: SEAL_NONCE_LEN });
-}
-function bodyAad(ctx, k, n) {
-  return concatBytes2(
-    BODY_AAD_DOMAIN,
-    u32le(ctx.clusterId),
-    u64le(ctx.epoch),
-    Uint8Array.of(k),
-    Uint8Array.of(n),
-    ctx.rosterHash
-  );
-}
-function shareAad(ctx, opIndex) {
-  return concatBytes2(
-    SHARE_AAD_DOMAIN,
-    u32le(ctx.clusterId),
-    u64le(ctx.epoch),
-    Uint8Array.of(opIndex),
-    ctx.rosterHash
-  );
-}
-function aeadSeal(key, nonce, plaintext, aad) {
-  const cipher = chacha_js.chacha20poly1305(key, nonce, aad);
-  const ct = cipher.encrypt(plaintext);
-  return { nonce, ct, commitment: keyCommitment(key) };
-}
-function gfMul(a, b) {
-  let product = 0;
-  let x = a & 255;
-  let y = b & 255;
-  for (let i = 0; i < 8; i++) {
-    const mask = -(y & 1) & 255;
-    product ^= x & mask;
-    const high = -(x >> 7 & 1) & 255;
-    x = x << 1 & 255;
-    x ^= 27 & high;
-    y >>= 1;
-  }
-  return product & 255;
-}
-function polyEval(coeffs, x) {
-  let acc = 0;
-  for (let i = coeffs.length - 1; i >= 0; i--) {
-    acc = gfMul(acc, x) ^ coeffs[i];
-  }
-  return acc & 255;
-}
-function shamirSplit(secret, t, n, rng) {
-  const byteCoeffs = [];
-  for (let j = 0; j < SEAL_SECRET_LEN; j++) {
-    const c = new Uint8Array(t);
-    c[0] = secret[j];
-    if (t > 1) {
-      const tail = new Uint8Array(t - 1);
-      rng.fillBytes(tail);
-      c.set(tail, 1);
-    }
-    byteCoeffs.push(c);
-  }
-  const shares = [];
-  for (let k = 0; k < n; k++) {
-    const x = k + 1 & 255;
-    const value = new Uint8Array(SEAL_SECRET_LEN);
-    for (let j = 0; j < SEAL_SECRET_LEN; j++) {
-      value[j] = polyEval(byteCoeffs[j], x);
-    }
-    shares.push({ index: x, value });
-  }
-  return shares;
-}
-function shareToBytes(s) {
-  const out = new Uint8Array(SEAL_SHARE_LEN);
-  out[0] = s.index;
-  out.set(s.value, 1);
-  return out;
-}
-function sealRosterHash(keccak2562, clusterId, t, n, roster) {
-  const chunks = [ROSTER_DOMAIN, u32le(clusterId), Uint8Array.of(t), Uint8Array.of(n)];
-  for (const { operatorIndex, ek } of roster) {
-    chunks.push(Uint8Array.of(operatorIndex), ek);
-  }
-  return keccak2562(concatBytes2(...chunks));
-}
-function encodeSealEnvelope(env) {
-  const chunks = [];
-  chunks.push(u32le(env.clusterId));
-  chunks.push(u64le(env.epoch));
-  chunks.push(expectBytes(env.rosterHash, 32, "rosterHash"));
-  chunks.push(Uint8Array.of(env.t));
-  chunks.push(Uint8Array.of(env.n));
-  pushAeadBody(chunks, env.aeadBody);
-  chunks.push(u64le(BigInt(env.recipients.length)));
-  for (const r of env.recipients) {
-    chunks.push(Uint8Array.of(r.operatorIndex));
-    chunks.push(u64le(BigInt(r.kemCt.length)));
-    chunks.push(r.kemCt);
-    pushAeadBody(chunks, r.wrapped);
-  }
-  return concatBytes2(...chunks);
-}
-function pushAeadBody(chunks, body) {
-  chunks.push(expectBytes(body.nonce, SEAL_NONCE_LEN, "aead nonce"));
-  chunks.push(u64le(BigInt(body.ct.length)));
-  chunks.push(body.ct);
-  chunks.push(expectBytes(body.commitment, SEAL_COMMIT_LEN, "aead commitment"));
-}
-function sealToCluster(args) {
-  const { plaintext, recipientEks, t, clusterId } = args;
-  const epoch = args.epoch;
-  const rosterHash = expectBytes(args.rosterHash, 32, "rosterHash");
-  const rng = args.rng ?? cryptoRandomSource();
-  const n = recipientEks.length;
-  if (!Number.isInteger(t) || t < 1 || t > n || n < 1 || n > 255) {
-    throw new Error(`invalid threshold/recipient count: t=${t} n=${n}`);
-  }
-  for (let i = 0; i < n; i++) {
-    expectBytes(recipientEks[i], SEAL_EK_LEN, `recipientEks[${i}]`);
-  }
-  const ctx = { clusterId, epoch, rosterHash };
-  const bodyKey = new Uint8Array(SEAL_KEY_LEN);
-  rng.fillBytes(bodyKey);
-  const aad = bodyAad(ctx, t, n);
-  const bodyNonce = deriveNonce(new TextEncoder().encode("body"), aad);
-  const aeadBody = aeadSeal(bodyKey, bodyNonce, plaintext, aad);
-  const shares = shamirSplit(bodyKey, t, n, rng);
-  const recipients = [];
-  for (let i = 0; i < n; i++) {
-    const opIndex = i + 1 & 255;
-    const m = new Uint8Array(32);
-    rng.fillBytes(m);
-    const { cipherText: kemCt, sharedSecret } = mlKem_js.ml_kem768.encapsulate(recipientEks[i], m);
-    const kek = deriveKek(sharedSecret, rosterHash, clusterId, epoch, opIndex);
-    const sAad = shareAad(ctx, opIndex);
-    const wrapNonce = deriveNonce(new TextEncoder().encode("share"), sAad);
-    const wrapped = aeadSeal(kek, wrapNonce, shareToBytes(shares[i]), sAad);
-    recipients.push({ operatorIndex: opIndex, kemCt, wrapped });
-    sharedSecret.fill(0);
-    kek.fill(0);
-  }
-  bodyKey.fill(0);
-  return {
-    clusterId,
-    epoch,
-    rosterHash,
-    t,
-    n,
-    aeadBody,
-    recipients
-  };
-}
-
-// src/crypto/seal.ts
-var CLUSTER_MLKEM_SHAMIR_ALGO = "cluster-mlkem768-shamir";
-function parseClusterSealKeys(source) {
-  const n = source.roster.length;
-  if (n === 0) {
-    throw new Error("cluster seal roster is empty");
-  }
-  if (source.n !== n) {
-    throw new Error(`cluster seal roster n=${source.n} disagrees with ${n} entries`);
-  }
-  if (!Number.isInteger(source.t) || source.t < 2 || source.t > n) {
-    throw new Error(`cluster seal threshold t=${source.t} out of range 2..=${n}`);
-  }
-  const sorted = [...source.roster].sort((a, b) => a.operatorIndex - b.operatorIndex);
-  const recipientEks = [];
-  const hashInput = [];
-  for (let i = 0; i < n; i++) {
-    const entry = sorted[i];
-    if (entry.operatorIndex !== i + 1) {
-      throw new Error(
-        `cluster seal roster operator indices must be 1..=${n}; got ${entry.operatorIndex} at slot ${i + 1}`
-      );
-    }
-    const ek = expectBytes(hexToBytes2(entry.mlKemEk, `operator ${entry.operatorIndex} mlKemEk`), SEAL_EK_LEN, `operator ${entry.operatorIndex} ek`);
-    recipientEks.push(ek);
-    hashInput.push({ operatorIndex: entry.operatorIndex, ek });
-  }
-  const recomputed = sealRosterHash(keccak256, source.clusterId, source.t, n, hashInput);
-  if (source.rosterHash !== void 0) {
-    const supplied = expectBytes(hexToBytes2(source.rosterHash, "rosterHash"), 32, "rosterHash");
-    if (!bytesEqual(supplied, recomputed)) {
-      throw new Error(
-        `cluster seal roster hash mismatch: source ${bytesToHex2(supplied)} != recomputed ${bytesToHex2(recomputed)} (the roster hash does not commit to this ek set)`
-      );
-    }
-  }
-  return {
-    algo: source.algo ?? CLUSTER_MLKEM_SHAMIR_ALGO,
-    clusterId: source.clusterId,
-    epoch: toBigInt(source.epoch),
-    rosterHash: recomputed,
-    t: source.t,
-    n,
-    recipientEks
-  };
-}
-async function sealTransaction(args) {
-  const keys = args.clusterSealKeys;
-  const senderPubkey = expectBytes(args.senderPubkey, ML_DSA_65_PUBLIC_KEY_LEN, "senderPubkey");
-  const senderAddress = expectBytes(args.senderAddress, 20, "senderAddress");
-  const env = sealToCluster({
-    plaintext: args.signedTxBincode,
-    recipientEks: keys.recipientEks,
-    t: keys.t,
-    clusterId: keys.clusterId,
-    epoch: keys.epoch,
-    rosterHash: keys.rosterHash,
-    rng: args.rng
-  });
-  const ciphertext = encodeSealEnvelope(env);
-  const decryptionHint = { epoch: keys.epoch, scheme: CLUSTER_MLKEM_SHAMIR };
-  const digest = outerSigDigest(args.aad, ciphertext, decryptionHint, senderPubkey);
-  const outerSignature = expectBytes(
-    await args.signOuterDigest(digest),
-    ML_DSA_65_SIGNATURE_LEN,
-    "outerSignature"
-  );
-  const envelope = {
-    nonceAad: args.aad,
-    ciphertext,
-    decryptionHint,
-    senderPubkey,
-    outerSignature,
-    sender: senderAddress
-  };
-  const envelopeWireBytes = bincodeEncryptedEnvelope(envelope);
-  return {
-    envelopeWireHex: `0x${bytesToHex2(envelopeWireBytes).slice(2)}`,
-    envelopeWireBytes,
-    ciphertextBytes: ciphertext.length
-  };
-}
-function keccak256(input) {
-  return sha3_js.keccak_256(input);
-}
-function toBigInt(value) {
-  if (typeof value === "bigint") return value;
-  return BigInt(value);
-}
-function bytesEqual(a, b) {
-  if (a.length !== b.length) return false;
-  for (let i = 0; i < a.length; i++) {
-    if (a[i] !== b[i]) return false;
-  }
-  return true;
-}
-
-// src/crypto/submission.ts
-async function fetchEncryptionKey(client) {
-  const result = await client.call(
-    "lyth_getEncryptionKey",
-    []
-  );
-  return {
-    algo: result.algo ?? "ml-kem-768",
-    epoch: typeof result.epoch === "string" ? BigInt(result.epoch) : BigInt(result.epoch),
-    encapsulationKey: hexToBytes2(result.encapsulationKey, "encapsulationKey")
-  };
-}
-var ENCRYPTED_SUBMISSION_UNAVAILABLE_MESSAGE = "private submission requires cluster seal keys; pass clusterSealKeysSource or enable lyth_getClusterSealKeys";
-async function buildEncryptedSubmission(args) {
-  const signed = args.backend.signEvmTx(args.tx);
-  const clusterSealKeys = await resolveClusterSealKeys(args);
-  const aad = nonceAadForTx(args.tx, args.backend.addressBytes(), args.class);
-  const sealed = await sealTransaction({
-    signedTxBincode: signed.wireBytes,
-    clusterSealKeys,
-    aad,
-    senderAddress: args.backend.addressBytes(),
-    senderPubkey: args.backend.publicKey(),
-    signOuterDigest: (digest) => args.backend.signPrehash(digest)
-  });
-  return {
-    envelopeWireHex: sealed.envelopeWireHex,
-    innerSighashHex: bytesToHex2(signed.sighash),
-    innerTxHashHex: bytesToHex2(signed.txHash),
-    innerWireBytes: signed.wireBytes.length
-  };
-}
-async function submitEncryptedEnvelope(client, envelopeWireHex) {
-  return client.call("lyth_submitEncrypted", [envelopeWireHex]);
-}
-function buildPlaintextSubmission(args) {
-  const signed = args.backend.signEvmTx(args.tx);
-  return {
-    signedTxWireHex: `0x${signed.wireHex}`,
-    innerTxHashHex: bytesToHex2(signed.txHash),
-    innerSighashHex: bytesToHex2(signed.sighash),
-    innerWireBytes: signed.wireBytes.length
-  };
-}
-async function submitPlaintextTransaction(client, signedTxWireHex, expectedTxHashHex) {
-  const returned = await client.call("mesh_submitTx", [signedTxWireHex]);
-  const returnedBytes = hexToBytes2(returned, "mesh_submitTx tx hash");
-  if (returnedBytes.length !== 32) {
-    throw new Error(
-      `mesh_submitTx tx hash must be 32 bytes, got ${returnedBytes.length}`
-    );
-  }
-  const expectedBytes = hexToBytes2(expectedTxHashHex, "expected tx hash");
-  if (!bytesEqual2(returnedBytes, expectedBytes)) {
-    throw new Error(
-      `mesh_submitTx returned tx hash ${bytesToHex2(returnedBytes)} but the locally computed canonical hash is ${bytesToHex2(expectedBytes)}`
-    );
-  }
-  return bytesToHex2(returnedBytes);
-}
-function bytesEqual2(a, b) {
-  if (a.length !== b.length) return false;
-  for (let i = 0; i < a.length; i++) {
-    if (a[i] !== b[i]) return false;
-  }
-  return true;
-}
-async function resolveClusterSealKeys(args) {
-  if (args.clusterSealKeys !== void 0) return args.clusterSealKeys;
-  if (args.clusterSealKeysSource !== void 0) {
-    return parseClusterSealKeys(args.clusterSealKeysSource);
-  }
-  if (args.client === void 0) {
-    throw new Error(ENCRYPTED_SUBMISSION_UNAVAILABLE_MESSAGE);
-  }
-  const clusterId = args.clusterId ?? 0;
-  const result = await args.client.call(
-    "lyth_getClusterSealKeys",
-    [clusterId]
-  );
-  return parseClusterSealKeys({ ...result, clusterId: result.clusterId ?? clusterId });
-}
-function nonceAadForTx(tx, sender, mempoolClass) {
-  return {
-    sender,
-    nonce: parseBigint(tx.nonce, "nonce"),
-    chainId: parseBigint(tx.chainId, "chainId"),
-    class: mempoolClass ?? inferMempoolClass(tx),
-    maxFeePerGas: parseBigint(tx.maxFeePerGas, "maxFeePerGas"),
-    maxPriorityFeePerGas: parseBigint(tx.maxPriorityFeePerGas, "maxPriorityFeePerGas"),
-    gasLimit: parseBigint(tx.gasLimit, "gasLimit")
-  };
-}
-function inferMempoolClass(tx) {
-  if (tx.to === null || hasInput(tx.input)) return MempoolClass.ContractCall;
-  return MempoolClass.Transfer;
-}
-function hasInput(input) {
-  if (input === void 0) return false;
-  if (typeof input === "string") {
-    const stripped = input.startsWith("0x") || input.startsWith("0X") ? input.slice(2) : input;
-    return stripped.length > 0;
-  }
-  return input.length > 0;
-}
-
 // src/mrv.ts
 var MRV_FORMAT_VERSION = 1;
 var MRV_DEPLOY_PAYLOAD_VERSION = 1;
@@ -3029,29 +2602,28 @@ function buildMrvNativeFeePreview(executionUnitLimit, maxExecutionFeeLythoshi, p
 async function submitMrvDeployNativeTx(client, backend, artifactBytes, options) {
   const plan = buildMrvDeployNativeTxPlan(artifactBytes, options);
   assertMrvDeployNativeSubmissionPlan(plan);
-  return submitMrvEncryptedNativeTxGated(client, backend, plan, options);
+  return submitMrvPlaintextNativeTx(client, backend, plan);
 }
 async function submitMrvDeployPayloadNativeTx(client, backend, artifactBytes, options) {
   const plan = buildMrvDeployPayloadNativeTxPlan(artifactBytes, options);
   assertMrvDeployNativeSubmissionPlan(plan);
-  return submitMrvEncryptedNativeTxGated(client, backend, plan, options);
+  return submitMrvPlaintextNativeTx(client, backend, plan);
 }
 async function submitMrvCallNativeTx(client, backend, contractAddress, input, options) {
   const plan = buildMrvCallNativeTxPlan(contractAddress, input, options);
   assertMrvCallNativeSubmissionPlan(plan);
-  return submitMrvEncryptedNativeTxGated(client, backend, plan, options);
-}
-async function submitMrvEncryptedNativeTxGated(client, backend, plan, options) {
-  const submission = await buildEncryptedSubmission({
-    backend,
-    tx: plan.tx,
-    encryptionKey: options.encryptionKey ?? await fetchEncryptionKey(client),
-    class: options.class
-  });
+  return submitMrvPlaintextNativeTx(client, backend, plan);
+}
+async function submitMrvPlaintextNativeTx(client, backend, plan) {
+  const submission = buildPlaintextSubmission({ backend, tx: plan.tx });
   return {
     ...plan,
     ...submission,
-    txHash: await submitEncryptedEnvelope(client, submission.envelopeWireHex)
+    txHash: await submitPlaintextTransaction(
+      client,
+      submission.signedTxWireHex,
+      submission.innerTxHashHex
+    )
   };
 }
 function assertMrvNativeSubmissionEnvelope(plan) {
@@ -3355,50 +2927,264 @@ function validateExecutionUnitLimit(field2, value) {
   if (value !== void 0 && BigInt(value) === 0n) {
     throw new MrvValidationError(`${field2} must be greater than zero`);
   }
-}
-function normalizeU64(value, field2) {
-  if (typeof value === "number" && !Number.isSafeInteger(value)) {
-    throw new MrvValidationError(`${field2} must be a safe unsigned integer`);
+}
+function normalizeU64(value, field2) {
+  if (typeof value === "number" && !Number.isSafeInteger(value)) {
+    throw new MrvValidationError(`${field2} must be a safe unsigned integer`);
+  }
+  const out = BigInt(value);
+  if (out < 0n || out > 0xffffffffffffffffn) {
+    throw new MrvValidationError(`${field2} must fit in u64`);
+  }
+  return out;
+}
+function validateHexLength(field2, value, expected) {
+  const bytes = hexToBytes3(value, field2);
+  if (bytes.length !== expected) throw new MrvValidationError(`${field2} must be ${expected} bytes`);
+}
+function bytesFrom(value, field2) {
+  if (typeof value === "string") return hexToBytes3(value, field2);
+  return value instanceof Uint8Array ? value : Uint8Array.from(value);
+}
+function hexToBytes3(value, field2) {
+  if (!/^0x(?:[0-9a-fA-F]{2})*$/.test(value)) {
+    throw new MrvValidationError(`${field2} must be 0x-prefixed even-length hex`);
+  }
+  const out = new Uint8Array((value.length - 2) / 2);
+  for (let i = 0; i < out.length; i++) {
+    out[i] = Number.parseInt(value.slice(2 + i * 2, 4 + i * 2), 16);
+  }
+  return out;
+}
+function bytesToHex3(bytes) {
+  return `0x${[...bytes].map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+}
+function concatBytes3(...parts) {
+  const len = parts.reduce((sum, item) => sum + item.length, 0);
+  const out = new Uint8Array(len);
+  let offset = 0;
+  for (const part of parts) {
+    out.set(part, offset);
+    offset += part.length;
+  }
+  return out;
+}
+function isIdentifier(value) {
+  return /^[a-z][a-z0-9_]*$/.test(value);
+}
+
+// src/crypto/tx.ts
+function encodeTransactionForHash(fields, tag) {
+  const n = normalizeTxFields(fields);
+  return concatBytes2(
+    Uint8Array.of(tag),
+    bigintToBeBytes(n.chainId, 8, "chainId"),
+    bigintToBeBytes(n.nonce, 8, "nonce"),
+    bigintToBeBytes(n.maxPriorityFeePerGas, 32, "maxPriorityFeePerGas"),
+    bigintToBeBytes(n.maxFeePerGas, 32, "maxFeePerGas"),
+    bigintToBeBytes(n.gasLimit, 8, "gasLimit"),
+    n.to === null ? Uint8Array.of(0) : concatBytes2(Uint8Array.of(1), n.to),
+    bigintToBeBytes(n.value, 32, "value"),
+    bigintToBeBytes(BigInt(n.input.length), 4, "input.length"),
+    n.input,
+    new Uint8Array(4),
+    // access_list length
+    encodeExtensionsForHash(n.extensions)
+  );
+}
+function bincodeSignedTransaction(fields, signature, publicKey) {
+  const n = normalizeTxFields(fields);
+  const sig = expectBytes(signature, ML_DSA_65_SIGNATURE_LEN, "ML-DSA-65 signature");
+  const pk = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key");
+  const w = new BincodeWriter();
+  w.u64(n.chainId);
+  w.u64(n.nonce);
+  w.bytes(uint256Be(n.maxPriorityFeePerGas, "maxPriorityFeePerGas"));
+  w.bytes(uint256Be(n.maxFeePerGas, "maxFeePerGas"));
+  w.u64(n.gasLimit);
+  if (n.to === null) {
+    w.u8(0);
+  } else {
+    w.u8(1);
+    w.bytes(n.to);
+  }
+  w.bytes(uint256Be(n.value, "value"));
+  w.bytes(n.input);
+  w.u64(0n);
+  w.u64(BigInt(n.extensions.length));
+  for (const ext of n.extensions) bincodeTypedExtensionInto(w, ext);
+  bincodeMlDsa65OpaqueInto(w, sig);
+  bincodeMlDsa65OpaqueInto(w, pk);
+  return w.toBytes();
+}
+function normalizeTxFields(fields) {
+  return {
+    chainId: parseBigint(fields.chainId, "chainId"),
+    nonce: parseBigint(fields.nonce, "nonce"),
+    maxPriorityFeePerGas: parseBigint(fields.maxPriorityFeePerGas, "maxPriorityFeePerGas"),
+    maxFeePerGas: parseBigint(fields.maxFeePerGas, "maxFeePerGas"),
+    gasLimit: parseBigint(fields.gasLimit, "gasLimit"),
+    to: normalizeTo(fields.to),
+    value: parseBigint(fields.value, "value"),
+    input: normalizeBytes(fields.input ?? new Uint8Array(0), "input"),
+    extensions: normalizeExtensions(fields.extensions)
+  };
+}
+function normalizeTo(value) {
+  if (value === null) return null;
+  const bytes = normalizeBytes(value, "to");
+  return expectBytes(bytes, 20, "to");
+}
+function normalizeBytes(value, label) {
+  if (typeof value === "string") return hexToBytes2(value, label);
+  return value instanceof Uint8Array ? value : Uint8Array.from(value);
+}
+function normalizeExtensions(value) {
+  if (value === void 0) return [];
+  return value.map((ext, index) => {
+    if (!Number.isInteger(ext.kind) || ext.kind < 0 || ext.kind > 255) {
+      throw new Error(`extensions[${index}].kind out of u8 range`);
+    }
+    const body = normalizeBytes("bodyHex" in ext ? ext.bodyHex : ext.body, `extensions[${index}].body`);
+    if (body.length > 4294967295) {
+      throw new Error(`extensions[${index}].body exceeds u32 length`);
+    }
+    return { kind: ext.kind, body };
+  });
+}
+function encodeExtensionsForHash(extensions) {
+  const chunks = [bigintToBeBytes(BigInt(extensions.length), 4, "extensions.length")];
+  for (const ext of extensions) {
+    chunks.push(
+      Uint8Array.of(ext.kind),
+      bigintToBeBytes(BigInt(ext.body.length), 4, "extension.body.length"),
+      ext.body
+    );
+  }
+  return concatBytes2(...chunks);
+}
+function uint256Be(value, label) {
+  if (value < 0n || value >= 1n << 256n) throw new Error(`${label} out of u256 range`);
+  const out = new Uint8Array(32);
+  let v = value;
+  for (let i = 31; i >= 0; i--) {
+    out[i] = Number(v & 0xffn);
+    v >>= 8n;
+  }
+  return out;
+}
+function bincodeMlDsa65OpaqueInto(w, raw) {
+  w.enumVariant(ENUM_VARIANT_INDEX_ML_DSA_65);
+  w.u16(STANDARD_ALGO_NUMBER_ML_DSA_65);
+  w.bytes(raw);
+}
+function bincodeTypedExtensionInto(w, ext) {
+  w.u8(ext.kind);
+  w.bytes(ext.body);
+}
+
+// src/crypto/ml-dsa.ts
+var ML_DSA_65_SEED_LEN = 32;
+var ML_DSA_65_SIGNING_KEY_LEN = 4032;
+var ML_DSA_65_PUBLIC_KEY_LEN = 1952;
+var ML_DSA_65_SIGNATURE_LEN = 3309;
+var STANDARD_ALGO_NUMBER_ML_DSA_65 = 1001;
+var ENUM_VARIANT_INDEX_ML_DSA_65 = 3;
+var ADDRESS_DERIVATION_DOMAIN = "MONO_ADDRESS_BLAKE3_20_V1";
+var ADDRESS_DERIVATION_DOMAIN_BYTES = new TextEncoder().encode(ADDRESS_DERIVATION_DOMAIN);
+var MlDsa65Backend = class _MlDsa65Backend {
+  #secretKey;
+  #publicKey;
+  #addressBytes;
+  #disposed = false;
+  constructor(secretKey, publicKey) {
+    this.#secretKey = expectBytes(secretKey, ML_DSA_65_SIGNING_KEY_LEN, "ML-DSA-65 secret key").slice();
+    this.#publicKey = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key").slice();
+    this.#addressBytes = mlDsa65AddressBytes(this.#publicKey);
+  }
+  static fromSeed(seed) {
+    const kp = mlDsa_js.ml_dsa65.keygen(expectBytes(seed, ML_DSA_65_SEED_LEN, "ML-DSA-65 seed"));
+    return new _MlDsa65Backend(kp.secretKey, kp.publicKey);
+  }
+  publicKey() {
+    return this.#publicKey.slice();
+  }
+  addressBytes() {
+    return this.#addressBytes.slice();
+  }
+  getAddress() {
+    return bytesToHex2(this.#addressBytes);
+  }
+  sign(message) {
+    if (this.#disposed) {
+      throw new Error("MlDsa65Backend disposed");
+    }
+    return mlDsa_js.ml_dsa65.sign(message, this.#secretKey, { extraEntropy: false });
+  }
+  /**
+   * Best-effort deterministic wipe of the in-memory secret key. Zeroes the
+   * SDK-held `#secretKey` copy and makes any subsequent `sign()` /
+   * `signPrehash()` / `signEvmTx()` throw `"MlDsa65Backend disposed"` rather
+   * than signing with a zeroed key. Idempotent. Public material
+   * (`publicKey()` / `getAddress()` / `verify()`) stays usable.
+   *
+   * Defense-in-depth (S1-01): narrows the post-lock residency window of the
+   * ML-DSA-65 secret in the JS heap. `@noble/post-quantum`'s internal
+   * transient keygen/sign buffers are out of scope; the SDK-held copy is the
+   * meaningful residency win.
+   */
+  dispose() {
+    this.#secretKey.fill(0);
+    this.#disposed = true;
+  }
+  /** Alias for {@link dispose}. */
+  zeroize() {
+    this.dispose();
   }
-  const out = BigInt(value);
-  if (out < 0n || out > 0xffffffffffffffffn) {
-    throw new MrvValidationError(`${field2} must fit in u64`);
+  /** Whether {@link dispose} has been called (the secret key is wiped). */
+  get disposed() {
+    return this.#disposed;
   }
-  return out;
-}
-function validateHexLength(field2, value, expected) {
-  const bytes = hexToBytes3(value, field2);
-  if (bytes.length !== expected) throw new MrvValidationError(`${field2} must be ${expected} bytes`);
-}
-function bytesFrom(value, field2) {
-  if (typeof value === "string") return hexToBytes3(value, field2);
-  return value instanceof Uint8Array ? value : Uint8Array.from(value);
-}
-function hexToBytes3(value, field2) {
-  if (!/^0x(?:[0-9a-fA-F]{2})*$/.test(value)) {
-    throw new MrvValidationError(`${field2} must be 0x-prefixed even-length hex`);
+  signPrehash(digest) {
+    return this.sign(expectBytes(digest, 32, "prehash"));
   }
-  const out = new Uint8Array((value.length - 2) / 2);
-  for (let i = 0; i < out.length; i++) {
-    out[i] = Number.parseInt(value.slice(2 + i * 2, 4 + i * 2), 16);
+  verify(message, signature) {
+    return mlDsa_js.ml_dsa65.verify(
+      expectBytes(signature, ML_DSA_65_SIGNATURE_LEN, "ML-DSA-65 signature"),
+      message,
+      this.#publicKey
+    );
   }
-  return out;
-}
-function bytesToHex3(bytes) {
-  return `0x${[...bytes].map((b) => b.toString(16).padStart(2, "0")).join("")}`;
-}
-function concatBytes3(...parts) {
-  const len = parts.reduce((sum, item) => sum + item.length, 0);
-  const out = new Uint8Array(len);
-  let offset = 0;
-  for (const part of parts) {
-    out.set(part, offset);
-    offset += part.length;
+  signEvmTx(fields) {
+    const txHashPreimage = encodeTransactionForHash(fields, 1);
+    const sighash = sha3_js.keccak_256(txHashPreimage);
+    const signature = this.sign(sighash);
+    const wireBytes = bincodeSignedTransaction(fields, signature, this.#publicKey);
+    const txHash = sha3_js.keccak_256(
+      concatBytes2(
+        encodeTransactionForHash(fields, 2),
+        signature,
+        this.#publicKey
+      )
+    );
+    return {
+      wireHex: bytesToHex2(wireBytes).slice(2),
+      wireBytes,
+      sighash,
+      txHash
+    };
   }
-  return out;
+};
+function mlDsa65AddressFromPublicKey(publicKey) {
+  return bytesToHex2(mlDsa65AddressBytes(publicKey));
 }
-function isIdentifier(value) {
-  return /^[a-z][a-z0-9_]*$/.test(value);
+function mlDsa65AddressBytes(publicKey) {
+  const bytes = expectBytes(publicKey, ML_DSA_65_PUBLIC_KEY_LEN, "ML-DSA-65 public key");
+  return blake3_js.blake3(concatBytes2(
+    ADDRESS_DERIVATION_DOMAIN_BYTES,
+    bigintToBeBytes(BigInt(STANDARD_ALGO_NUMBER_ML_DSA_65), 2, "ML-DSA-65 algo id"),
+    bytes
+  )).slice(0, 20);
 }
 
 // src/registry.ts
@@ -3408,8 +3194,8 @@ var TESTNET_69420 = {
   network: "testnet-69420",
   display_name: "Monolythium Testnet",
   description: "Public Monolythium testnet. Testnet state may reset without notice; do not store value on this network.",
-  genesis_hash: "0x363fb60abd3f481e16fe74d6a3e5afd35d6d3ba9cc26e186f27d4195cd5a7359",
-  binary_sha: "72a137c6",
+  genesis_hash: "0xb52b59d667a0ad97c531607b840b7082547ba3151aa11a819eb6916b080b1ca9",
+  binary_sha: "6f33aa30",
   rpc: [
     {
       url: "http://178.105.12.9:8545",
@@ -4989,14 +4775,6 @@ var RpcClient = class _RpcClient {
   async lythSubmitPendingChange(envelope) {
     return this.call("lyth_submitPendingChange", [envelope]);
   }
-  /** `lyth_submitEncrypted` — submit a bincode-encoded encrypted envelope hex. */
-  async lythSubmitEncrypted(envelopeHex) {
-    return this.call("lyth_submitEncrypted", [envelopeHex]);
-  }
-  /** `lyth_getEncryptionKey` — cluster ML-KEM encapsulation key. */
-  async lythGetEncryptionKey() {
-    return this.call("lyth_getEncryptionKey", []);
-  }
   /** `lyth_syncStatus` — DAG-sync driver snapshot. */
   async lythSyncStatus() {
     const v = await this.call("lyth_syncStatus", []);
@@ -8153,7 +7931,7 @@ function verifyBoundedReceiptProof(proof) {
   }
   const actualRoot = computeNoEvmReceiptsRoot(receipts);
   const expectedRoot = decodeHash(proof.receiptsRoot, "receiptsRoot");
-  if (!bytesEqual3(expectedRoot, decodeHash(actualRoot, "computedReceiptsRoot"))) {
+  if (!bytesEqual2(expectedRoot, decodeHash(actualRoot, "computedReceiptsRoot"))) {
     throw new NoEvmReceiptProofError(
       "receipts_root_mismatch",
       `receiptsRoot mismatch: expected ${proof.receiptsRoot}, computed ${actualRoot}`
@@ -8161,7 +7939,7 @@ function verifyBoundedReceiptProof(proof) {
   }
   const actualTargetHash = computeNoEvmTargetReceiptHash(targetReceipt);
   const expectedTargetHash = decodeHash(proof.targetReceiptHash, "targetReceiptHash");
-  if (!bytesEqual3(expectedTargetHash, decodeHash(actualTargetHash, "computedTargetReceiptHash"))) {
+  if (!bytesEqual2(expectedTargetHash, decodeHash(actualTargetHash, "computedTargetReceiptHash"))) {
     throw new NoEvmReceiptProofError(
       "target_receipt_hash_mismatch",
       `targetReceiptHash mismatch: expected ${proof.targetReceiptHash}, computed ${actualTargetHash}`
@@ -8218,7 +7996,7 @@ function verifyCompactReceiptProof(proof) {
   const targetReceipt = decodeHexBytes(targetReceiptBytes, "targetReceiptBytes");
   const actualTargetHash = computeNoEvmTargetReceiptHash(targetReceipt);
   const expectedTargetHash = decodeHash(proof.targetReceiptHash, "targetReceiptHash");
-  if (!bytesEqual3(expectedTargetHash, decodeHash(actualTargetHash, "computedTargetReceiptHash"))) {
+  if (!bytesEqual2(expectedTargetHash, decodeHash(actualTargetHash, "computedTargetReceiptHash"))) {
     throw new NoEvmReceiptProofError(
       "target_receipt_hash_mismatch",
       `targetReceiptHash mismatch: expected ${proof.targetReceiptHash}, computed ${actualTargetHash}`
@@ -8229,7 +8007,7 @@ function verifyCompactReceiptProof(proof) {
     compactProof.leafHash,
     "compactInclusionProof.leafHash"
   );
-  if (!bytesEqual3(expectedLeafHashBytes, actualLeafHashBytes)) {
+  if (!bytesEqual2(expectedLeafHashBytes, actualLeafHashBytes)) {
     throw new NoEvmReceiptProofError(
       "compact_leaf_hash_mismatch",
       `compactInclusionProof.leafHash mismatch: expected ${compactProof.leafHash}, computed ${bytesToHex6(
@@ -8239,7 +8017,7 @@ function verifyCompactReceiptProof(proof) {
   }
   const compactRootBytes = decodeHash(compactProof.root, "compactInclusionProof.root");
   const receiptsRootBytes = decodeHash(proof.receiptsRoot, "receiptsRoot");
-  if (!bytesEqual3(receiptsRootBytes, compactRootBytes)) {
+  if (!bytesEqual2(receiptsRootBytes, compactRootBytes)) {
     throw new NoEvmReceiptProofError(
       "compact_root_mismatch",
       `receiptsRoot must equal compactInclusionProof.root: receiptsRoot ${proof.receiptsRoot}, compact root ${compactProof.root}`
@@ -8262,7 +8040,7 @@ function verifyCompactReceiptProof(proof) {
     siblingHashes,
     pathSides
   );
-  if (!bytesEqual3(actualRootBytes, compactRootBytes)) {
+  if (!bytesEqual2(actualRootBytes, compactRootBytes)) {
     throw new NoEvmReceiptProofError(
       "compact_path_mismatch",
       `compact inclusion path mismatch: expected ${compactProof.root}, computed ${bytesToHex6(
@@ -8416,7 +8194,7 @@ function validateCoveringSnapshotObject(snapshot, archiveContentHash, proofBlock
       "archiveProof.coveringSnapshot.checkpointTo must match blockHeight"
     );
   }
-  if (!bytesEqual3(checkpointContentHash, archiveContentHash)) {
+  if (!bytesEqual2(checkpointContentHash, archiveContentHash)) {
     throw new NoEvmReceiptProofError(
       "invalid_proof_shape",
       "archiveProof.coveringSnapshot.checkpointContentHash must match archiveProof.contentHash"
@@ -8615,7 +8393,7 @@ function validateFinalityBlockReference(blockReference, round, proofBlockHash) {
   );
   if (proofBlockHash !== void 0) {
     const blockHash = decodeHash(proofBlockHash, "blockHash");
-    if (!bytesEqual3(digest, blockHash)) {
+    if (!bytesEqual2(digest, blockHash)) {
       throw new NoEvmReceiptProofError(
         "invalid_proof_shape",
         "finalityEvidence.blockReference.digest must match blockHash"
@@ -8965,7 +8743,7 @@ function assertHashBytes(value, field2) {
 function isRecord3(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
-function bytesEqual3(a, b) {
+function bytesEqual2(a, b) {
   if (a.length !== b.length) return false;
   let diff = 0;
   for (let index = 0; index < a.length; index++) {
@@ -8980,6 +8758,191 @@ function bytesToHex6(bytes) {
   }
   return out;
 }
+var TREE_TAG_LEAF = 0;
+var TREE_TAG_INTERNAL = 1;
+var TREE_TERMINATOR = new Uint8Array(32);
+var HASH_BYTE_LENGTH2 = 32;
+var PROOF_KIND_BINARY = "binary";
+var ProofVerifyError = class extends Error {
+  constructor(code, message) {
+    super(message);
+    this.code = code;
+    this.name = "ProofVerifyError";
+  }
+  code;
+};
+function hashValue(data) {
+  return blake3_js.blake3(data);
+}
+function hashLeaf(path, valueHash) {
+  const buf = new Uint8Array(1 + 32 + 32);
+  buf[0] = TREE_TAG_LEAF;
+  buf.set(path, 1);
+  buf.set(valueHash, 33);
+  return blake3_js.blake3(buf);
+}
+function compress(left, right) {
+  if (isTerminator(left) && isTerminator(right)) {
+    return TREE_TERMINATOR;
+  }
+  const buf = new Uint8Array(1 + 32 + 32);
+  buf[0] = TREE_TAG_INTERNAL;
+  buf.set(left, 1);
+  buf.set(right, 33);
+  return blake3_js.blake3(buf);
+}
+function isTerminator(hash) {
+  for (let i = 0; i < hash.length; i++) {
+    if (hash[i] !== 0) return false;
+  }
+  return true;
+}
+function pathBit(path, depth) {
+  const byte = path[depth >>> 3];
+  return byte >>> 7 - (depth & 7) & 1;
+}
+function foldToRoot(target, current, siblings) {
+  const depth = siblings.length;
+  let node = current;
+  for (let i = 0; i < depth; i++) {
+    const level = depth - 1 - i;
+    const sibling = siblings[i];
+    node = pathBit(target, level) === 0 ? compress(node, sibling) : compress(sibling, node);
+  }
+  return node;
+}
+function bytesEqual3(a, b) {
+  if (a.length !== b.length) return false;
+  for (let i = 0; i < a.length; i++) {
+    if (a[i] !== b[i]) return false;
+  }
+  return true;
+}
+function decodeHash2(value, field2) {
+  let bytes;
+  try {
+    bytes = hexToBytes2(value, field2);
+  } catch (cause) {
+    throw new ProofVerifyError("invalid_hex", `${field2} is not valid hex: ${String(cause)}`);
+  }
+  if (bytes.length !== HASH_BYTE_LENGTH2) {
+    throw new ProofVerifyError(
+      "invalid_hash_length",
+      `${field2} must be ${HASH_BYTE_LENGTH2} bytes, got ${bytes.length}`
+    );
+  }
+  return bytes;
+}
+function decodeSiblings(siblings) {
+  return siblings.map((sib, index) => decodeHash2(sib, `siblings[${index}]`));
+}
+function assertBinaryKind(proofKind) {
+  if (proofKind !== PROOF_KIND_BINARY) {
+    throw new ProofVerifyError(
+      "unsupported_proof_kind",
+      `unsupported proofKind: ${proofKind} (expected ${PROOF_KIND_BINARY})`
+    );
+  }
+}
+var ProofVerifier = class {
+  /**
+   * Verify a {@link ProofEnvelope} inclusion proof against `stateRoot`.
+   *
+   * @returns `true` when the proof binds `(key, value)` to `stateRoot`.
+   */
+  verifyInclusion(stateRoot, proof) {
+    assertBinaryKind(proof.proofKind);
+    const root = toHashBytes(stateRoot, "stateRoot");
+    const key = decodeHex(proof.key, "proof.key");
+    const value = decodeHex(proof.value, "proof.value");
+    const siblings = decodeSiblings(proof.siblings);
+    const target = hashValue(key);
+    const leaf = hashLeaf(target, hashValue(value));
+    return bytesEqual3(foldToRoot(target, leaf, siblings), root);
+  }
+  /**
+   * Verify a {@link ProofEnvelope} inclusion proof, throwing a
+   * {@link ProofVerifyError} on failure (the loud variant for wallets).
+   */
+  assertInclusion(stateRoot, proof) {
+    if (!this.verifyInclusion(stateRoot, proof)) {
+      throw new ProofVerifyError(
+        "proof_verify_failed",
+        `inclusion proof for key ${proof.key} does not verify against the state root`
+      );
+    }
+  }
+  /**
+   * Verify a {@link NonInclusionProofEnvelope} against `stateRoot`.
+   *
+   * Returns `false` for a `found` endpoint (that is an inclusion, not
+   * absence) or an `otherLeaf` whose path equals the queried key. Mirrors
+   * `protocore_state::verify_binary_non_inclusion`.
+   */
+  verifyNonInclusion(stateRoot, proof) {
+    assertBinaryKind(proof.proofKind);
+    const root = toHashBytes(stateRoot, "stateRoot");
+    const key = decodeHex(proof.key, "proof.key");
+    const siblings = decodeSiblings(proof.siblings);
+    const target = hashValue(key);
+    let endpointHash;
+    switch (proof.endpoint.kind) {
+      case "found":
+        return false;
+      case "terminator":
+        endpointHash = TREE_TERMINATOR;
+        break;
+      case "otherLeaf": {
+        const path = decodeHash2(proof.endpoint.path, "endpoint.path");
+        if (bytesEqual3(path, target)) return false;
+        endpointHash = hashLeaf(path, decodeHash2(proof.endpoint.valueHash, "endpoint.valueHash"));
+        break;
+      }
+    }
+    return bytesEqual3(foldToRoot(target, endpointHash, siblings), root);
+  }
+  /**
+   * Verify a non-inclusion proof, throwing a {@link ProofVerifyError} on
+   * failure.
+   */
+  assertNonInclusion(stateRoot, proof) {
+    if (!this.verifyNonInclusion(stateRoot, proof)) {
+      throw new ProofVerifyError(
+        "non_inclusion_verify_failed",
+        `non-inclusion proof for key ${proof.key} does not verify against the state root`
+      );
+    }
+  }
+};
+var proofVerifier = new ProofVerifier();
+function toHashBytes(value, field2) {
+  if (typeof value === "string") return decodeHash2(value, field2);
+  return expectBytes(value, HASH_BYTE_LENGTH2, field2);
+}
+function decodeHex(value, field2) {
+  try {
+    return hexToBytes2(value, field2);
+  } catch (cause) {
+    throw new ProofVerifyError("invalid_hex", `${field2} is not valid hex: ${String(cause)}`);
+  }
+}
+function asBinaryProofEnvelope(proof) {
+  if (proof == null || typeof proof !== "object") return null;
+  const obj = proof;
+  if (obj.proofKind !== PROOF_KIND_BINARY) return null;
+  if (typeof obj.key !== "string" || typeof obj.value !== "string" || !Array.isArray(obj.siblings) || obj.siblings.some((s) => typeof s !== "string")) {
+    return null;
+  }
+  return {
+    proofKind: PROOF_KIND_BINARY,
+    siblings: obj.siblings,
+    key: obj.key,
+    value: obj.value
+  };
+}
+function hashToHex(hash) {
+  return bytesToHex2(hash);
+}
 
 // src/native-dev.ts
 var NATIVE_DEV_HOST_API_VERSION = "0.1.0";
@@ -9173,72 +9136,47 @@ function assertWholeNumber(field2, value) {
     throw new Error(`${field2} must be a whole number`);
   }
 }
-var PQM1_ALGO_TAG_MLDSA65 = 1;
-var PQM1_VERSION_V1 = 1;
-var PQM1_PAYLOAD_LEN = 32;
-var PQM1_V1_MNEMONIC_WORDS = 24;
-var PQM1_V1_MLDSA65_DOMAIN_TAG = "monolythium.pqm1.v1.mldsa65";
-var Pqm1Error = class extends Error {
+var MLDSA65_MNEMONIC_WORDS = 24;
+var MLDSA65_SEED_DOMAIN = "monolythium.mldsa65.v1";
+var DOMAIN_BYTES = new TextEncoder().encode(MLDSA65_SEED_DOMAIN);
+var MnemonicError = class extends Error {
   constructor(kind, message) {
     super(message);
     this.kind = kind;
-    this.name = "Pqm1Error";
+    this.name = "MnemonicError";
   }
   kind;
 };
-var DOMAIN_BYTES = new TextEncoder().encode(PQM1_V1_MLDSA65_DOMAIN_TAG);
 function normalizeMnemonic(mnemonic) {
   return mnemonic.trim().toLowerCase().replace(/\s+/g, " ");
 }
-function ensureSupportedPayload(bytes) {
-  if (bytes.length !== PQM1_PAYLOAD_LEN) {
-    throw new Pqm1Error("badPayloadLength", `PQM-1 payload must be ${PQM1_PAYLOAD_LEN} bytes, got ${bytes.length}`);
-  }
-  if (bytes[0] !== PQM1_ALGO_TAG_MLDSA65) {
-    throw new Pqm1Error("unsupportedAlgorithm", `unsupported PQM-1 algorithm tag 0x${bytes[0].toString(16).padStart(2, "0")}`);
-  }
-  if (bytes[1] !== PQM1_VERSION_V1) {
-    throw new Pqm1Error("unsupportedVersion", `unsupported PQM-1 version 0x${bytes[1].toString(16).padStart(2, "0")}`);
-  }
-}
-function parsePqm1Payload(payload) {
-  const bytes = expectBytes(payload, PQM1_PAYLOAD_LEN, "PQM-1 payload").slice();
-  ensureSupportedPayload(bytes);
-  return {
-    algoTag: PQM1_ALGO_TAG_MLDSA65,
-    version: PQM1_VERSION_V1,
-    entropy: bytes.slice(2),
-    bytes
-  };
+function wordCount(normalized) {
+  return normalized.length === 0 ? 0 : normalized.split(" ").length;
 }
-function pqm1MnemonicToPayload(mnemonic) {
+function mnemonicToMlDsa65Seed(mnemonic) {
   const normalized = normalizeMnemonic(mnemonic);
-  const words = normalized.length === 0 ? [] : normalized.split(" ");
-  if (words.length !== PQM1_V1_MNEMONIC_WORDS) {
-    throw new Pqm1Error("badWordCount", `PQM-1 mnemonic must be ${PQM1_V1_MNEMONIC_WORDS} words, got ${words.length}`);
+  const words = wordCount(normalized);
+  if (words !== MLDSA65_MNEMONIC_WORDS) {
+    throw new MnemonicError(
+      "badWordCount",
+      `mnemonic must be ${MLDSA65_MNEMONIC_WORDS} words, got ${words}`
+    );
   }
-  let payload;
-  try {
-    payload = bip39.mnemonicToEntropy(normalized, english_js.wordlist);
-  } catch (e) {
-    throw new Pqm1Error("bip39Decode", `invalid PQM-1 mnemonic: ${e.message}`);
+  if (!bip39.validateMnemonic(normalized, english_js.wordlist)) {
+    throw new MnemonicError(
+      "bip39Decode",
+      "invalid BIP-39 mnemonic (unknown word or bad checksum)"
+    );
   }
-  return parsePqm1Payload(payload);
-}
-function derivePqm1MlDsa65SeedFromPayload(payload) {
-  const parsed = parsePqm1Payload(payload);
-  return sha3_js.shake256(concatBytes2(DOMAIN_BYTES, parsed.bytes), { dkLen: ML_DSA_65_SEED_LEN });
+  const seed64 = bip39.mnemonicToSeedSync(normalized, "");
+  return sha3_js.shake256(concatBytes2(DOMAIN_BYTES, seed64), { dkLen: ML_DSA_65_SEED_LEN });
 }
-function pqm1MnemonicToMlDsa65Seed(mnemonic) {
-  return derivePqm1MlDsa65SeedFromPayload(pqm1MnemonicToPayload(mnemonic).bytes);
-}
-function pqm1MnemonicToMlDsa65Backend(mnemonic) {
-  return MlDsa65Backend.fromSeed(pqm1MnemonicToMlDsa65Seed(mnemonic));
+function mnemonicToMlDsa65Backend(mnemonic) {
+  return MlDsa65Backend.fromSeed(mnemonicToMlDsa65Seed(mnemonic));
 }
 
 // src/cluster-join.ts
 var DEFAULT_CLUSTER_JOIN_EXECUTION_UNIT_LIMIT = REGISTRY_DEFAULT_EXECUTION_UNIT_LIMIT;
-var DEFAULT_OPERATOR_SEAL_KEY_EXECUTION_UNIT_LIMIT = REGISTRY_DEFAULT_EXECUTION_UNIT_LIMIT;
 var ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
 var MAX_UINT32 = (1n << 32n) - 1n;
 function deriveClusterJoinOperatorId(operatorPubkey) {
@@ -9346,29 +9284,11 @@ function buildVoteClusterAdmitTxFields(args) {
     })
   };
 }
-function buildPublishOperatorSealKeyTxFields(args) {
-  return {
-    chainId: args.chainId,
-    nonce: args.nonce,
-    maxFeePerGas: parseBigint(args.fee.maxFeePerGas, "maxFeePerGas"),
-    maxPriorityFeePerGas: parseBigint(args.fee.maxPriorityFeePerGas, "maxPriorityFeePerGas"),
-    gasLimit: parseBigint(
-      args.fee.gasLimit ?? DEFAULT_OPERATOR_SEAL_KEY_EXECUTION_UNIT_LIMIT,
-      "gasLimit"
-    ),
-    to: nodeRegistryAddressHex(),
-    value: 0n,
-    input: encodePublishOperatorSealKeyCalldata({
-      peerId: normalizeOperatorId(args.peerId),
-      sealEk: normalizeOperatorSealEk(args.sealEk)
-    })
-  };
-}
 async function submitRequestClusterJoin(args) {
   const clusterId = parseUint32(args.clusterId, "clusterId");
   const operatorPubkey = normalizeConsensusPubkey(args.operatorPubkey, "operatorPubkey");
   const operatorIdHex = deriveClusterJoinOperatorId(operatorPubkey);
-  const backend = pqm1MnemonicToMlDsa65Backend(args.mnemonic);
+  const backend = mnemonicToMlDsa65Backend(args.mnemonic);
   const senderAddress = addressToTypedBech32("user", backend.addressBytes());
   const preview = await previewRequestClusterJoin(args.client, {
     from: senderAddress,
@@ -9390,12 +9310,12 @@ async function submitRequestClusterJoin(args) {
     operatorPubkey,
     bondLythoshi: args.bondLythoshi
   });
-  return submitClusterJoinTx(args.client, backend, tx, clusterId, operatorIdHex, args);
+  return submitClusterJoinTx(args.client, backend, tx, clusterId, operatorIdHex);
 }
 async function submitVoteClusterAdmit(args) {
   const clusterId = parseUint32(args.clusterId, "clusterId");
   const operatorIdHex = normalizeOperatorId(args.operatorId);
-  const backend = pqm1MnemonicToMlDsa65Backend(args.mnemonic);
+  const backend = mnemonicToMlDsa65Backend(args.mnemonic);
   const senderAddress = addressToTypedBech32("user", backend.addressBytes());
   const preview = await previewVoteClusterAdmit(args.client, {
     from: senderAddress,
@@ -9417,62 +9337,9 @@ async function submitVoteClusterAdmit(args) {
     operatorId: operatorIdHex,
     voterPubkey: args.voterPubkey
   });
-  return submitClusterJoinTx(args.client, backend, tx, clusterId, operatorIdHex, args);
-}
-async function submitPublishOperatorSealKey(args) {
-  const operatorIdHex = normalizeOperatorId(args.peerId);
-  const sealEk = normalizeOperatorSealEk(args.sealEk);
-  const backend = pqm1MnemonicToMlDsa65Backend(args.mnemonic);
-  const senderAddress = addressToTypedBech32("user", backend.addressBytes());
-  const [chainId, nonce, quote] = await Promise.all([
-    args.client.ethChainId(),
-    args.client.lythGetTransactionCount(senderAddress),
-    args.client.lythExecutionUnitPrice()
-  ]);
-  const tx = buildPublishOperatorSealKeyTxFields({
-    chainId,
-    nonce,
-    fee: resolveClusterJoinExecutionFee(quote, {
-      ...args,
-      executionUnitLimit: args.executionUnitLimit ?? DEFAULT_OPERATOR_SEAL_KEY_EXECUTION_UNIT_LIMIT
-    }),
-    peerId: operatorIdHex,
-    sealEk
-  });
-  const plaintext = buildPlaintextSubmission({ backend, tx });
-  const txHash = await submitPlaintextTransaction(
-    args.client,
-    plaintext.signedTxWireHex,
-    plaintext.innerTxHashHex
-  );
-  return {
-    txHash,
-    operatorIdHex,
-    innerSighashHex: plaintext.innerSighashHex,
-    signedTxWireBytes: plaintext.innerWireBytes
-  };
+  return submitClusterJoinTx(args.client, backend, tx, clusterId, operatorIdHex);
 }
-async function submitClusterJoinTx(client, backend, tx, clusterId, operatorIdHex, options) {
-  if (options.private !== false) {
-    const encrypted = await buildEncryptedSubmission({
-      client,
-      backend,
-      tx,
-      clusterId: Number(clusterId),
-      clusterSealKeys: options.clusterSealKeys,
-      clusterSealKeysSource: options.clusterSealKeysSource,
-      class: MempoolClass.ContractCall
-    });
-    assertRpcHash(await submitEncryptedEnvelope(client, encrypted.envelopeWireHex));
-    return {
-      txHash: encrypted.innerTxHashHex,
-      clusterId: clusterId.toString(10),
-      operatorIdHex,
-      innerSighashHex: encrypted.innerSighashHex,
-      signedTxWireBytes: encrypted.innerWireBytes,
-      envelopeWireBytes: hexByteLength(encrypted.envelopeWireHex)
-    };
-  }
+async function submitClusterJoinTx(client, backend, tx, clusterId, operatorIdHex) {
   const plaintext = buildPlaintextSubmission({ backend, tx });
   const txHash = await submitPlaintextTransaction(
     client,
@@ -9487,16 +9354,6 @@ async function submitClusterJoinTx(client, backend, tx, clusterId, operatorIdHex
     signedTxWireBytes: plaintext.innerWireBytes
   };
 }
-function hexByteLength(value) {
-  const clean = value.startsWith("0x") || value.startsWith("0X") ? value.slice(2) : value;
-  return clean.length / 2;
-}
-function assertRpcHash(value) {
-  const bytes = hexToBytes2(value, "lyth_submitEncrypted tx hash");
-  if (bytes.length !== 32) {
-    throw new Error(`lyth_submitEncrypted tx hash must be 32 bytes, got ${bytes.length}`);
-  }
-}
 function adaptNativeClusterJoinRequest(request) {
   return {
     owner: request.owner ?? ZERO_ADDRESS,
@@ -9539,10 +9396,6 @@ function normalizeOperatorId(value) {
   const bytes = typeof value === "string" ? hexToBytes2(value, "operatorId") : value;
   return bytesToHex2(expectBytes(bytes, 32, "operatorId"));
 }
-function normalizeOperatorSealEk(value) {
-  const bytes = typeof value === "string" ? hexToBytes2(value, "sealEk") : value;
-  return expectBytes(bytes, NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES, "sealEk").slice();
-}
 function parseUint32(value, label) {
   const parsed = parseBigint(value, label);
   if (parsed < 0n || parsed > MAX_UINT32) {
@@ -9560,6 +9413,77 @@ function parseU256(value, label) {
 function errorMessage(cause) {
   return cause instanceof Error ? cause.message : String(cause);
 }
+
+// src/cluster-seat.ts
+var DEFAULT_SEAT_EXECUTION_UNIT_LIMIT = REGISTRY_DEFAULT_EXECUTION_UNIT_LIMIT;
+function resolveSeatExecutionFee(quote, options = {}) {
+  const quoted = parseBigint(quote.executionUnitPriceLythoshi, "executionUnitPriceLythoshi");
+  const floor = options.minPriceLythoshi === void 0 ? MIN_EXECUTION_UNIT_PRICE_LYTHOSHI : parseBigint(options.minPriceLythoshi, "minPriceLythoshi");
+  const multiplier = options.safetyMultiplier === void 0 ? EXECUTION_UNIT_PRICE_SAFETY_MULTIPLIER : parseBigint(options.safetyMultiplier, "safetyMultiplier");
+  if (multiplier <= 0n) throw new Error("safetyMultiplier must be greater than zero");
+  const base = quoted > floor ? quoted : floor;
+  const maxFeePerGas = base * multiplier;
+  const tip = options.priorityTipLythoshi === void 0 ? maxFeePerGas : clampPriorityTip(options.priorityTipLythoshi, maxFeePerGas);
+  return {
+    maxFeePerGas,
+    maxPriorityFeePerGas: tip,
+    gasLimit: options.executionUnitLimit ?? DEFAULT_SEAT_EXECUTION_UNIT_LIMIT
+  };
+}
+function buildAdvertiseSeatTxFields(args) {
+  return {
+    ...seatTxEnvelope(args.chainId, args.nonce, args.fee),
+    value: 0n,
+    input: encodeAdvertiseSeatCalldata(args)
+  };
+}
+function buildApplyForSeatTxFields(args) {
+  const escrow = args.escrowLythoshi === void 0 ? NODE_REGISTRY_SEAT_APPLICATION_ESCROW_LYTHOSHI : parseU2562(args.escrowLythoshi, "escrowLythoshi");
+  return {
+    ...seatTxEnvelope(args.chainId, args.nonce, args.fee),
+    value: escrow,
+    input: encodeApplyForSeatCalldata(args)
+  };
+}
+function buildVoteSeatAdmitTxFields(args) {
+  return {
+    ...seatTxEnvelope(args.chainId, args.nonce, args.fee),
+    value: 0n,
+    input: encodeVoteSeatAdmitCalldata(args)
+  };
+}
+function buildWithdrawSeatApplicationTxFields(args) {
+  return {
+    ...seatTxEnvelope(args.chainId, args.nonce, args.fee),
+    value: 0n,
+    input: encodeWithdrawSeatApplicationCalldata(args)
+  };
+}
+function buildCloseSeatTxFields(args) {
+  return {
+    ...seatTxEnvelope(args.chainId, args.nonce, args.fee),
+    value: 0n,
+    input: encodeCloseSeatCalldata(args)
+  };
+}
+var SEAT_KINDS = ["active", "standby"];
+function seatTxEnvelope(chainId, nonce, fee) {
+  return {
+    chainId,
+    nonce,
+    maxFeePerGas: parseBigint(fee.maxFeePerGas, "maxFeePerGas"),
+    maxPriorityFeePerGas: parseBigint(fee.maxPriorityFeePerGas, "maxPriorityFeePerGas"),
+    gasLimit: parseBigint(fee.gasLimit ?? DEFAULT_SEAT_EXECUTION_UNIT_LIMIT, "gasLimit"),
+    to: nodeRegistryAddressHex()
+  };
+}
+function parseU2562(value, label) {
+  const parsed = parseBigint(value, label);
+  if (parsed < 0n || parsed >= 1n << 256n) {
+    throw new Error(`${label} out of 256-bit range`);
+  }
+  return parsed;
+}
 var ORACLE_EVENT_SIGS = {
   oracleRoundFinalized: "OracleRoundFinalized(bytes32,uint64,uint256,uint64,uint32)",
   observationSubmitted: "ObservationSubmitted(bytes32,uint64,address,uint256,uint64)",
@@ -11051,6 +10975,12 @@ function wordToBigint(word) {
   }
   return out;
 }
+
+// src/crypto/envelope.ts
+var MempoolClass = {
+  CLOBOp: 3};
+
+// src/market-actions.ts
 var CLOB_MARKET_ID_DOMAIN_TAG = 193;
 var NATIVE_MARKET_MODULE_ADDRESS_BYTES = "0x4d41524b45545f4e41544956455f4d4f445f5631";
 var NATIVE_MARKET_MODULE_ADDRESS = addressToTypedBech32(
@@ -12402,7 +12332,7 @@ exports.CLOB_MARKET_ID_DOMAIN_TAG = CLOB_MARKET_ID_DOMAIN_TAG;
 exports.CLOB_SELECTORS = CLOB_SELECTORS;
 exports.CLUSTER_FORMED_EVENT_SIG = CLUSTER_FORMED_EVENT_SIG;
 exports.DEFAULT_CLUSTER_JOIN_EXECUTION_UNIT_LIMIT = DEFAULT_CLUSTER_JOIN_EXECUTION_UNIT_LIMIT;
-exports.DEFAULT_OPERATOR_SEAL_KEY_EXECUTION_UNIT_LIMIT = DEFAULT_OPERATOR_SEAL_KEY_EXECUTION_UNIT_LIMIT;
+exports.DEFAULT_SEAT_EXECUTION_UNIT_LIMIT = DEFAULT_SEAT_EXECUTION_UNIT_LIMIT;
 exports.DELEGATION_REVERT_TAGS = DELEGATION_REVERT_TAGS;
 exports.DELEGATION_SELECTORS = DELEGATION_SELECTORS;
 exports.DIVERSITY_SCORE_MAX = DIVERSITY_SCORE_MAX;
@@ -12489,16 +12419,20 @@ exports.NODE_REGISTRY_MAX_MERKLE_PROOF_DEPTH = NODE_REGISTRY_MAX_MERKLE_PROOF_DE
 exports.NODE_REGISTRY_MERKLE_INNER_DOMAIN = NODE_REGISTRY_MERKLE_INNER_DOMAIN;
 exports.NODE_REGISTRY_MERKLE_LEAF_DOMAIN = NODE_REGISTRY_MERKLE_LEAF_DOMAIN;
 exports.NODE_REGISTRY_MIN_ARCHIVE_LEAF_COUNT = NODE_REGISTRY_MIN_ARCHIVE_LEAF_COUNT;
+exports.NODE_REGISTRY_MIN_SELF_BOND_LYTHOSHI = NODE_REGISTRY_MIN_SELF_BOND_LYTHOSHI;
 exports.NODE_REGISTRY_OPERATOR_ALIAS_MAX_BYTES = NODE_REGISTRY_OPERATOR_ALIAS_MAX_BYTES;
 exports.NODE_REGISTRY_OPERATOR_MONIKER_MAX_BYTES = NODE_REGISTRY_OPERATOR_MONIKER_MAX_BYTES;
-exports.NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES = NODE_REGISTRY_OPERATOR_SEAL_EK_BYTES;
 exports.NODE_REGISTRY_PENDING_CHANGE_MAX_INTENT_ID = NODE_REGISTRY_PENDING_CHANGE_MAX_INTENT_ID;
 exports.NODE_REGISTRY_PUBLIC_SERVICE_MASK = NODE_REGISTRY_PUBLIC_SERVICE_MASK;
+exports.NODE_REGISTRY_SEAT_APPLICATION_ESCROW_LYTHOSHI = NODE_REGISTRY_SEAT_APPLICATION_ESCROW_LYTHOSHI;
+exports.NODE_REGISTRY_SEAT_KIND_ACTIVE = NODE_REGISTRY_SEAT_KIND_ACTIVE;
+exports.NODE_REGISTRY_SEAT_KIND_STANDBY = NODE_REGISTRY_SEAT_KIND_STANDBY;
 exports.NODE_REGISTRY_SELECTORS = NODE_REGISTRY_SELECTORS;
 exports.NODE_REGISTRY_SUBKIND_CHARTER_DELEGATOR_BPS = NODE_REGISTRY_SUBKIND_CHARTER_DELEGATOR_BPS;
 exports.NODE_REGISTRY_SUBKIND_CHARTER_MEMBER_SHARES = NODE_REGISTRY_SUBKIND_CHARTER_MEMBER_SHARES;
 exports.NODE_REGISTRY_TAG_ARCHIVE_CHALLENGE = NODE_REGISTRY_TAG_ARCHIVE_CHALLENGE;
 exports.NODE_REGISTRY_TAG_CLUSTER_CHARTER = NODE_REGISTRY_TAG_CLUSTER_CHARTER;
+exports.NODE_REGISTRY_TAG_CLUSTER_SEAT = NODE_REGISTRY_TAG_CLUSTER_SEAT;
 exports.NODE_REGISTRY_TAG_SERVICE_SCORE = NODE_REGISTRY_TAG_SERVICE_SCORE;
 exports.NODE_REGISTRY_TAG_TREASURY = NODE_REGISTRY_TAG_TREASURY;
 exports.NODE_REGISTRY_UPDATE_CHARTER_MESSAGE_DOMAIN = NODE_REGISTRY_UPDATE_CHARTER_MESSAGE_DOMAIN;
@@ -12524,6 +12458,7 @@ exports.OperatorTrustError = OperatorTrustError;
 exports.OracleEventError = OracleEventError;
 exports.PENDING_CHANGE_KIND_CODES = PENDING_CHANGE_KIND_CODES;
 exports.PRECOMPILE_ADDRESSES = PRECOMPILE_ADDRESSES;
+exports.PROOF_KIND_BINARY = PROOF_KIND_BINARY;
 exports.PROTOCOL_MAX_OPERATOR_FEE_BPS = PROTOCOL_MAX_OPERATOR_FEE_BPS;
 exports.PROVER_MARKET_ADDRESS = PROVER_MARKET_ADDRESS;
 exports.PROVER_MARKET_BID_DOMAIN = PROVER_MARKET_BID_DOMAIN;
@@ -12535,12 +12470,20 @@ exports.PROVER_SLASH_REASON_BAD_PROOF = PROVER_SLASH_REASON_BAD_PROOF;
 exports.PROVER_SLASH_REASON_NON_DELIVERY = PROVER_SLASH_REASON_NON_DELIVERY;
 exports.PUBKEY_REGISTRY_ML_DSA_65_PUBLIC_KEY_LEN = PUBKEY_REGISTRY_ML_DSA_65_PUBLIC_KEY_LEN;
 exports.PUBKEY_REGISTRY_SELECTORS = PUBKEY_REGISTRY_SELECTORS;
+exports.ProofVerifier = ProofVerifier;
+exports.ProofVerifyError = ProofVerifyError;
 exports.ProverMarketError = ProverMarketError;
 exports.PubkeyRegistryError = PubkeyRegistryError;
 exports.QUARANTINED_RPC_CODE = QUARANTINED_RPC_CODE;
 exports.REGISTRY_DEFAULT_EXECUTION_UNIT_LIMIT = REGISTRY_DEFAULT_EXECUTION_UNIT_LIMIT;
 exports.RESERVED_ADDRESS_HRPS = RESERVED_ADDRESS_HRPS;
 exports.RpcClient = RpcClient;
+exports.SEAT_ADVERTISED_EVENT_SIG = SEAT_ADVERTISED_EVENT_SIG;
+exports.SEAT_APPLIED_EVENT_SIG = SEAT_APPLIED_EVENT_SIG;
+exports.SEAT_CLOSED_EVENT_SIG = SEAT_CLOSED_EVENT_SIG;
+exports.SEAT_FILLED_EVENT_SIG = SEAT_FILLED_EVENT_SIG;
+exports.SEAT_KINDS = SEAT_KINDS;
+exports.SEAT_STATUS_CODES = SEAT_STATUS_CODES;
 exports.SERVES_GPU_PROVE = SERVES_GPU_PROVE;
 exports.SERVICE_PROBE_STATUS = SERVICE_PROBE_STATUS;
 exports.SET_POLICY_CLAIM_DOMAIN_TAG = SET_POLICY_CLAIM_DOMAIN_TAG;
@@ -12575,6 +12518,7 @@ exports.allowRootFor = allowRootFor;
 exports.apiEndpointFromRpcEndpoint = apiEndpointFromRpcEndpoint;
 exports.archiveMerkleInnerHash = archiveMerkleInnerHash;
 exports.archiveMerkleLeafHash = archiveMerkleLeafHash;
+exports.asBinaryProofEnvelope = asBinaryProofEnvelope;
 exports.assembleMultisigSigned = assembleMultisigSigned;
 exports.assembleMultisigWitness = assembleMultisigWitness;
 exports.assertMrvCallNativeSubmissionPlan = assertMrvCallNativeSubmissionPlan;
@@ -12594,8 +12538,11 @@ exports.bridgeDrainRemaining = bridgeDrainRemaining;
 exports.bridgeQuoteSubmitReadiness = bridgeQuoteSubmitReadiness;
 exports.bridgeRoutesReadiness = bridgeRoutesReadiness;
 exports.bridgeTransferCandidates = bridgeTransferCandidates;
+exports.buildAdvertiseSeatTxFields = buildAdvertiseSeatTxFields;
+exports.buildApplyForSeatTxFields = buildApplyForSeatTxFields;
 exports.buildBridgeRouteCatalogue = buildBridgeRouteCatalogue;
 exports.buildCancelSpotOrderPlan = buildCancelSpotOrderPlan;
+exports.buildCloseSeatTxFields = buildCloseSeatTxFields;
 exports.buildMrvCallNativeTxPlan = buildMrvCallNativeTxPlan;
 exports.buildMrvCallPlan = buildMrvCallPlan;
 exports.buildMrvCallRequest = buildMrvCallRequest;
@@ -12640,9 +12587,10 @@ exports.buildPlaceLimitOrderViaPlan = buildPlaceLimitOrderViaPlan;
 exports.buildPlaceSpotLimitOrderPlan = buildPlaceSpotLimitOrderPlan;
 exports.buildPlaceSpotMarketOrderExPlan = buildPlaceSpotMarketOrderExPlan;
 exports.buildPlaceSpotMarketOrderPlan = buildPlaceSpotMarketOrderPlan;
-exports.buildPublishOperatorSealKeyTxFields = buildPublishOperatorSealKeyTxFields;
 exports.buildRequestClusterJoinTxFields = buildRequestClusterJoinTxFields;
 exports.buildVoteClusterAdmitTxFields = buildVoteClusterAdmitTxFields;
+exports.buildVoteSeatAdmitTxFields = buildVoteSeatAdmitTxFields;
+exports.buildWithdrawSeatApplicationTxFields = buildWithdrawSeatApplicationTxFields;
 exports.categoryRoot = categoryRoot;
 exports.checkMrvFeeDisplayConformance = checkMrvFeeDisplayConformance;
 exports.checkMrvStructuredFeeConformance = checkMrvStructuredFeeConformance;
@@ -12673,11 +12621,14 @@ exports.decodeNativeReceiptResponse = decodeNativeReceiptResponse;
 exports.decodeNoEvmReceiptTranscript = decodeNoEvmReceiptTranscript;
 exports.decodeOperatorFeeChargedEvent = decodeOperatorFeeChargedEvent;
 exports.decodeOperatorNetworkMetadata = decodeOperatorNetworkMetadata;
-exports.decodeOperatorSealKey = decodeOperatorSealKey;
 exports.decodeOracleEvent = decodeOracleEvent;
 exports.decodePendingCharter = decodePendingCharter;
 exports.decodeProbeAuthority = decodeProbeAuthority;
 exports.decodeScoreServiceProbe = decodeScoreServiceProbe;
+exports.decodeSeatAdvertisedEvent = decodeSeatAdvertisedEvent;
+exports.decodeSeatAppliedEvent = decodeSeatAppliedEvent;
+exports.decodeSeatClosedEvent = decodeSeatClosedEvent;
+exports.decodeSeatFilledEvent = decodeSeatFilledEvent;
 exports.decodeTimeWindow = decodeTimeWindow;
 exports.decodeTokenFactoryTokenId = decodeTokenFactoryTokenId;
 exports.decodeTxFeedResponse = decodeTxFeedResponse;
@@ -12694,9 +12645,12 @@ exports.deriveMultisigAddress = deriveMultisigAddress;
 exports.deriveMultisigAddressBytes = deriveMultisigAddressBytes;
 exports.deriveNativeSpotMarketId = deriveNativeSpotMarketId;
 exports.deriveNativeSpotOrderId = deriveNativeSpotOrderId;
+exports.deriveSeatApplicationKey = deriveSeatApplicationKey;
 exports.deriveTokenFactoryTokenId = deriveTokenFactoryTokenId;
 exports.destinationRoot = destinationRoot;
+exports.encodeAdvertiseSeatCalldata = encodeAdvertiseSeatCalldata;
 exports.encodeAnswerArchiveChallengeCalldata = encodeAnswerArchiveChallengeCalldata;
+exports.encodeApplyForSeatCalldata = encodeApplyForSeatCalldata;
 exports.encodeAttestDkgReshareCalldata = encodeAttestDkgReshareCalldata;
 exports.encodeAttestServiceProbeCalldata = encodeAttestServiceProbeCalldata;
 exports.encodeBlockSelector = encodeBlockSelector;
@@ -12707,6 +12661,7 @@ exports.encodeCancelOrderCalldata = encodeCancelOrderCalldata;
 exports.encodeCancelPendingChangeCalldata = encodeCancelPendingChangeCalldata;
 exports.encodeClaimCalldata = encodeClaimCalldata;
 exports.encodeClaimPolicyByAddressCalldata = encodeClaimPolicyByAddressCalldata;
+exports.encodeCloseSeatCalldata = encodeCloseSeatCalldata;
 exports.encodeClusterCharter = encodeClusterCharter;
 exports.encodeCommitArchiveRootCalldata = encodeCommitArchiveRootCalldata;
 exports.encodeCreateFixedSupplyMrc20Calldata = encodeCreateFixedSupplyMrc20Calldata;
@@ -12720,7 +12675,6 @@ exports.encodeExpireClusterJoinCalldata = encodeExpireClusterJoinCalldata;
 exports.encodeFormClusterCalldata = encodeFormClusterCalldata;
 exports.encodeFormClusterV2Calldata = encodeFormClusterV2Calldata;
 exports.encodeGetClusterJoinRequestCalldata = encodeGetClusterJoinRequestCalldata;
-exports.encodeGetOperatorSealKeyCalldata = encodeGetOperatorSealKeyCalldata;
 exports.encodeGetPendingCharterCalldata = encodeGetPendingCharterCalldata;
 exports.encodeGetProbeAuthorityCalldata = encodeGetProbeAuthorityCalldata;
 exports.encodeHasPubkeyCalldata = encodeHasPubkeyCalldata;
@@ -12780,7 +12734,6 @@ exports.encodePlaceLimitOrderCalldata = encodePlaceLimitOrderCalldata;
 exports.encodePlaceLimitOrderViaCalldata = encodePlaceLimitOrderViaCalldata;
 exports.encodePlaceMarketOrderCalldata = encodePlaceMarketOrderCalldata;
 exports.encodePlaceMarketOrderExCalldata = encodePlaceMarketOrderExCalldata;
-exports.encodePublishOperatorSealKeyCalldata = encodePublishOperatorSealKeyCalldata;
 exports.encodeRecoverOperatorNodeCalldata = encodeRecoverOperatorNodeCalldata;
 exports.encodeRedelegateCalldata = encodeRedelegateCalldata;
 exports.encodeRegisterPubkeyCalldata = encodeRegisterPubkeyCalldata;
@@ -12815,7 +12768,9 @@ exports.encodeTokenFactoryTransferOwnershipCalldata = encodeTokenFactoryTransfer
 exports.encodeUndelegateCalldata = encodeUndelegateCalldata;
 exports.encodeUpdateCharterCalldata = encodeUpdateCharterCalldata;
 exports.encodeVoteClusterAdmitCalldata = encodeVoteClusterAdmitCalldata;
+exports.encodeVoteSeatAdmitCalldata = encodeVoteSeatAdmitCalldata;
 exports.encodeVrfEvaluateCalldata = encodeVrfEvaluateCalldata;
+exports.encodeWithdrawSeatApplicationCalldata = encodeWithdrawSeatApplicationCalldata;
 exports.exportBridgeRouteCatalogueJson = exportBridgeRouteCatalogueJson;
 exports.fetchChainInfoLatest = fetchChainInfoLatest;
 exports.fetchChainRegistryLatest = fetchChainRegistryLatest;
@@ -12831,6 +12786,7 @@ exports.getChainInfo = getChainInfo;
 exports.getNoEvmReceiptTrustPolicy = getNoEvmReceiptTrustPolicy;
 exports.getP2pSeeds = getP2pSeeds;
 exports.getRpcEndpoints = getRpcEndpoints;
+exports.hashToHex = hashToHex;
 exports.hexToAddressBytes = hexToAddressBytes;
 exports.isBridgeAdminLockedRevert = isBridgeAdminLockedRevert;
 exports.isBridgeCooldownZeroRevert = isBridgeCooldownZeroRevert;
@@ -12871,6 +12827,7 @@ exports.nodeRegistryAddressHex = nodeRegistryAddressHex;
 exports.normalizeAddressHex = normalizeAddressHex;
 exports.normalizeBridgeRouteCatalogue = normalizeBridgeRouteCatalogue;
 exports.normalizePendingChangeKind = normalizePendingChangeKind;
+exports.openSeatFromAdvertised = openSeatFromAdvertised;
 exports.oracleAddressHex = oracleAddressHex;
 exports.oraclePriceToNumber = oraclePriceToNumber;
 exports.packTimeWindow = packTimeWindow;
@@ -12886,6 +12843,7 @@ exports.parseQuantityBig = parseQuantityBig;
 exports.preflightClusterJoinRequest = preflightClusterJoinRequest;
 exports.previewRequestClusterJoin = previewRequestClusterJoin;
 exports.previewVoteClusterAdmit = previewVoteClusterAdmit;
+exports.proofVerifier = proofVerifier;
 exports.protocolNonceForEpoch = protocolNonceForEpoch;
 exports.proverMarketStateFromByte = proverMarketStateFromByte;
 exports.pubkeyRegistryAddressHex = pubkeyRegistryAddressHex;
@@ -12899,7 +12857,11 @@ exports.resolveClusterJoinExecutionFee = resolveClusterJoinExecutionFee;
 exports.resolveExecutionFee = resolveExecutionFee;
 exports.resolveMaxExecutionUnitPrice = resolveMaxExecutionUnitPrice;
 exports.resolveRegistryExecutionFee = resolveRegistryExecutionFee;
+exports.resolveSeatExecutionFee = resolveSeatExecutionFee;
 exports.resolveStudioHostStatus = resolveStudioHostStatus;
+exports.seatKindFromByte = seatKindFromByte;
+exports.seatKindToByte = seatKindToByte;
+exports.seatStatusFromByte = seatStatusFromByte;
 exports.selectBridgeTransferRoute = selectBridgeTransferRoute;
 exports.selectTrustedOperator = selectTrustedOperator;
 exports.selectTrustedOperatorForNetwork = selectTrustedOperatorForNetwork;
@@ -12919,7 +12881,6 @@ exports.spendingPolicyAddressHex = spendingPolicyAddressHex;
 exports.submitMrvCallNativeTx = submitMrvCallNativeTx;
 exports.submitMrvDeployNativeTx = submitMrvDeployNativeTx;
 exports.submitMrvDeployPayloadNativeTx = submitMrvDeployPayloadNativeTx;
-exports.submitPublishOperatorSealKey = submitPublishOperatorSealKey;
 exports.submitRequestClusterJoin = submitRequestClusterJoin;
 exports.submitSighash = submitSighash;
 exports.submitVoteClusterAdmit = submitVoteClusterAdmit;