@motebit/crypto 0.8.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/LICENSE +198 -18
  2. package/NOTICE +19 -0
  3. package/README.md +11 -3
  4. package/dist/artifacts.d.ts +431 -32
  5. package/dist/artifacts.d.ts.map +1 -1
  6. package/dist/credential-anchor.d.ts +76 -2
  7. package/dist/credential-anchor.d.ts.map +1 -1
  8. package/dist/credentials.d.ts +26 -1
  9. package/dist/credentials.d.ts.map +1 -1
  10. package/dist/hardware-attestation.d.ts +268 -0
  11. package/dist/hardware-attestation.d.ts.map +1 -0
  12. package/dist/index.d.ts +56 -3
  13. package/dist/index.d.ts.map +1 -1
  14. package/dist/index.js +3597 -153
  15. package/dist/signing.d.ts +52 -17
  16. package/dist/signing.d.ts.map +1 -1
  17. package/dist/suite-dispatch.d.ts +103 -0
  18. package/dist/suite-dispatch.d.ts.map +1 -0
  19. package/dist/suite-dispatch.js +3233 -0
  20. package/package.json +20 -5
  21. package/dist/artifacts.js +0 -506
  22. package/dist/artifacts.js.map +0 -1
  23. package/dist/credential-anchor.js +0 -159
  24. package/dist/credential-anchor.js.map +0 -1
  25. package/dist/credentials.js +0 -209
  26. package/dist/credentials.js.map +0 -1
  27. package/dist/index.js.map +0 -1
  28. package/dist/signing.js +0 -282
  29. package/dist/signing.js.map +0 -1
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@motebit/crypto",
3
- "version": "0.8.0",
4
- "description": "Protocol cryptography — sign and verify all Motebit artifacts. Receipts, credentials, delegations, successions. Zero monorepo deps, MIT.",
3
+ "version": "1.1.0",
4
+ "description": "Sign and verify every Motebit artifact — identity files, execution receipts, credentials, delegations, succession records, credential anchors. Ed25519 today, cryptosuite-agile for post-quantum tomorrow. Apache-2.0, zero monorepo dependencies.",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
7
7
  "types": "./dist/index.d.ts",
@@ -9,6 +9,10 @@
9
9
  ".": {
10
10
  "types": "./dist/index.d.ts",
11
11
  "default": "./dist/index.js"
12
+ },
13
+ "./suite-dispatch": {
14
+ "types": "./dist/suite-dispatch.d.ts",
15
+ "default": "./dist/suite-dispatch.js"
12
16
  }
13
17
  },
14
18
  "files": [
@@ -17,10 +21,11 @@
17
21
  "dist/**/*.d.ts",
18
22
  "dist/**/*.d.ts.map",
19
23
  "LICENSE",
24
+ "NOTICE",
20
25
  "README.md"
21
26
  ],
22
27
  "sideEffects": false,
23
- "license": "MIT",
28
+ "license": "Apache-2.0",
24
29
  "keywords": [
25
30
  "motebit",
26
31
  "agent",
@@ -45,16 +50,24 @@
45
50
  "publishConfig": {
46
51
  "access": "public"
47
52
  },
53
+ "motebit": {
54
+ "implements": [
55
+ "spec/identity-v1.md",
56
+ "spec/credential-v1.md"
57
+ ]
58
+ },
48
59
  "devDependencies": {
60
+ "@noble/curves": "~1.7.0",
49
61
  "@noble/ed25519": "~3.0.1",
50
62
  "@noble/hashes": "~1.6.0",
51
63
  "@types/node": "^22.0.0",
52
64
  "tsup": "^8.0.0",
53
65
  "typescript": "^5.6.0",
54
- "vitest": "^2.1.0"
66
+ "vitest": "^2.1.0",
67
+ "@motebit/protocol": "1.1.0"
55
68
  },
56
69
  "engines": {
57
- "node": ">=18"
70
+ "node": ">=20"
58
71
  },
59
72
  "scripts": {
60
73
  "build": "tsup && tsc -p tsconfig.json --emitDeclarationOnly --declaration --declarationMap --outDir dist",
@@ -62,6 +75,8 @@
62
75
  "test:coverage": "vitest run --coverage",
63
76
  "typecheck": "tsc --noEmit",
64
77
  "lint": "eslint --parser-options=project:tsconfig.eslint.json src/",
78
+ "lint:pack": "publint --strict && attw --pack --profile esm-only",
79
+ "api:extract": "api-extractor run --local",
65
80
  "clean": "rm -rf dist .turbo *.tsbuildinfo"
66
81
  }
67
82
  }
package/dist/artifacts.js DELETED
@@ -1,506 +0,0 @@
1
- /**
2
- * Protocol artifact signing — receipts, delegations, successions, collaborative receipts.
3
- *
4
- * These functions define the canonical signing format for all Motebit protocol
5
- * artifacts. A third party needs these to produce valid signed artifacts that
6
- * any verifier will accept.
7
- *
8
- * Moved from BSL @motebit/crypto to MIT @motebit/crypto.
9
- */
10
- import { canonicalJson, ed25519Sign, ed25519Verify, toBase64Url, fromBase64Url, bytesToHex, hexToBytes, hash, isScopeNarrowed, } from "./signing.js";
11
- /**
12
- * Sign an execution receipt. Produces a canonical JSON representation
13
- * of all fields except `signature`, signs it with Ed25519, and sets
14
- * the `signature` field to the base64url-encoded result.
15
- */
16
- export async function signExecutionReceipt(receipt, privateKey, publicKey) {
17
- // Embed the public key for portable verification (no relay lookup needed)
18
- const body = publicKey ? { ...receipt, public_key: bytesToHex(publicKey) } : receipt;
19
- const canonical = canonicalJson(body);
20
- const message = new TextEncoder().encode(canonical);
21
- const sig = await ed25519Sign(message, privateKey);
22
- return { ...body, signature: toBase64Url(sig) };
23
- }
24
- /**
25
- * Verify an execution receipt's Ed25519 signature.
26
- * Reconstructs the canonical JSON from all fields except `signature`
27
- * and verifies against the provided public key.
28
- */
29
- export async function verifyExecutionReceipt(receipt, publicKey) {
30
- const { signature, ...body } = receipt;
31
- const canonical = canonicalJson(body);
32
- const message = new TextEncoder().encode(canonical);
33
- try {
34
- const sig = fromBase64Url(signature);
35
- return await ed25519Verify(sig, message, publicKey);
36
- }
37
- catch {
38
- return false;
39
- }
40
- }
41
- /**
42
- * Construct, canonicalize, and sign a sovereign payment receipt with
43
- * the payee's Ed25519 identity key. Returns a fully-formed
44
- * `ExecutionReceipt` that can be passed to any standard verifier and
45
- * fed into `bumpTrustFromReceipt` on the payer's runtime.
46
- *
47
- * No relay is contacted at any point. The resulting receipt is
48
- * self-verifiable forever from the embedded `public_key` field.
49
- */
50
- export async function signSovereignPaymentReceipt(input, privateKey, publicKey) {
51
- const receipt = {
52
- task_id: `${input.rail}:tx:${input.tx_hash}`,
53
- motebit_id: input.payee_motebit_id,
54
- device_id: input.payee_device_id,
55
- submitted_at: input.submitted_at,
56
- completed_at: input.completed_at,
57
- status: "completed",
58
- result: `${input.service_description} | paid by ${input.payer_motebit_id}: ${input.amount_micro.toString()} micro-${input.asset} via ${input.rail}`,
59
- tools_used: input.tools_used ?? [],
60
- memories_formed: 0,
61
- prompt_hash: input.prompt_hash,
62
- result_hash: input.result_hash,
63
- // relay_task_id intentionally omitted — sovereign rail, no relay binding
64
- };
65
- return signExecutionReceipt(receipt, privateKey, publicKey);
66
- }
67
- /**
68
- * Recursively verify an execution receipt and all its delegation receipts.
69
- * Each receipt is verified against the public key found in `knownKeys` for its `motebit_id`.
70
- * Returns a tree of verification results mirroring the delegation structure.
71
- */
72
- export async function verifyReceiptChain(receipt, knownKeys) {
73
- const { task_id, motebit_id } = receipt;
74
- // Use embedded public key if available, otherwise look up from known keys.
75
- let publicKey = knownKeys.get(motebit_id);
76
- if (!publicKey && receipt.public_key) {
77
- publicKey = hexToBytes(receipt.public_key);
78
- }
79
- if (!publicKey) {
80
- const delegations = await verifyDelegations(receipt, knownKeys);
81
- return { task_id, motebit_id, verified: false, error: "unknown motebit_id", delegations };
82
- }
83
- let verified;
84
- let error;
85
- try {
86
- verified = await verifyExecutionReceipt(receipt, publicKey);
87
- }
88
- catch (err) {
89
- /* v8 ignore next 3 */
90
- verified = false;
91
- error = err instanceof Error ? err.message : String(err);
92
- }
93
- const delegations = await verifyDelegations(receipt, knownKeys);
94
- const result = { task_id, motebit_id, verified, delegations };
95
- if (error) {
96
- /* v8 ignore next */
97
- result.error = error;
98
- }
99
- return result;
100
- }
101
- async function verifyDelegations(receipt, knownKeys) {
102
- if (!receipt.delegation_receipts || receipt.delegation_receipts.length === 0) {
103
- return [];
104
- }
105
- return Promise.all(receipt.delegation_receipts.map((dr) => verifyReceiptChain(dr, knownKeys)));
106
- }
107
- /**
108
- * Verify a flat sequence of execution receipts.
109
- *
110
- * A valid sequence means:
111
- * 1. Each receipt's signature is valid against its signer's public key.
112
- * 2. Adjacent receipts are temporally ordered: receipt[i].completed_at <= receipt[i+1].submitted_at.
113
- *
114
- * An empty sequence is considered valid.
115
- * Use `verifyReceiptChain` for nested/tree-structured delegation receipts.
116
- */
117
- export async function verifyReceiptSequence(chain) {
118
- if (chain.length === 0)
119
- return { valid: true };
120
- for (let i = 0; i < chain.length; i++) {
121
- const entry = chain[i];
122
- const sigValid = await verifyExecutionReceipt(entry.receipt, entry.signer_public_key);
123
- if (!sigValid) {
124
- return { valid: false, error: `Receipt ${i} has invalid signature`, index: i };
125
- }
126
- }
127
- for (let i = 1; i < chain.length; i++) {
128
- const prev = chain[i - 1];
129
- const curr = chain[i];
130
- if (prev.receipt.completed_at > curr.receipt.submitted_at) {
131
- return {
132
- valid: false,
133
- error: `Receipt ${i} submitted_at (${curr.receipt.submitted_at}) is before receipt ${i - 1} completed_at (${prev.receipt.completed_at})`,
134
- index: i,
135
- };
136
- }
137
- }
138
- return { valid: true };
139
- }
140
- /**
141
- * Sign a delegation token. The delegator authorizes the delegate to act
142
- * within the given scope. The signature covers all fields except `signature`.
143
- */
144
- export async function signDelegation(delegation, delegatorPrivateKey) {
145
- const canonical = canonicalJson(delegation);
146
- const message = new TextEncoder().encode(canonical);
147
- const sig = await ed25519Sign(message, delegatorPrivateKey);
148
- return { ...delegation, signature: toBase64Url(sig) };
149
- }
150
- /**
151
- * Verify a delegation token's signature and (optionally) expiration.
152
- *
153
- * @param delegation - The delegation token to verify
154
- * @param options.checkExpiry - If true (default), reject expired tokens. Pass false
155
- * only when verifying historical chains where expiration is irrelevant.
156
- * @param options.now - Current time in ms (default: Date.now()). For testing.
157
- */
158
- export async function verifyDelegation(delegation, options) {
159
- const checkExpiry = options?.checkExpiry ?? true;
160
- if (checkExpiry) {
161
- const now = options?.now ?? Date.now();
162
- if (delegation.expires_at < now)
163
- return false;
164
- }
165
- const { signature, ...body } = delegation;
166
- const canonical = canonicalJson(body);
167
- const message = new TextEncoder().encode(canonical);
168
- try {
169
- const pubKey = fromBase64Url(delegation.delegator_public_key);
170
- const sig = fromBase64Url(signature);
171
- return await ed25519Verify(sig, message, pubKey);
172
- }
173
- catch {
174
- return false;
175
- }
176
- }
177
- /**
178
- * Verify a chain of delegation tokens.
179
- *
180
- * A valid chain means:
181
- * 1. Each delegation's signature is valid (signed by the delegator's key).
182
- * 2. Adjacent delegations are linked: delegation[i].delegate_id === delegation[i+1].delegator_id
183
- * and delegation[i].delegate_public_key === delegation[i+1].delegator_public_key.
184
- *
185
- * An empty chain is considered valid (no delegations to verify).
186
- */
187
- export async function verifyDelegationChain(chain) {
188
- if (chain.length === 0)
189
- return { valid: true };
190
- for (let i = 0; i < chain.length; i++) {
191
- const delegation = chain[i];
192
- // Chain verification is historical — don't reject expired tokens in the chain
193
- const sigValid = await verifyDelegation(delegation, { checkExpiry: false });
194
- if (!sigValid) {
195
- return { valid: false, error: `Delegation ${i} has invalid signature` };
196
- }
197
- if (i > 0) {
198
- const prev = chain[i - 1];
199
- if (prev.delegate_id !== delegation.delegator_id) {
200
- return {
201
- valid: false,
202
- error: `Chain break at ${i}: delegate_id "${prev.delegate_id}" !== delegator_id "${delegation.delegator_id}"`,
203
- };
204
- }
205
- if (prev.delegate_public_key !== delegation.delegator_public_key) {
206
- return {
207
- valid: false,
208
- error: `Chain break at ${i}: delegate_public_key mismatch`,
209
- };
210
- }
211
- // Scope narrowing: each delegation must not widen scope beyond its parent
212
- if (!isScopeNarrowed(prev.scope, delegation.scope)) {
213
- return {
214
- valid: false,
215
- error: `Delegation ${i} widens scope: parent="${prev.scope}", child="${delegation.scope}"`,
216
- };
217
- }
218
- }
219
- }
220
- return { valid: true };
221
- }
222
- /**
223
- * Build the canonical payload for key succession signing.
224
- */
225
- function keySuccessionPayload(oldPublicKeyHex, newPublicKeyHex, timestamp, reason, recovery) {
226
- const obj = {
227
- old_public_key: oldPublicKeyHex,
228
- new_public_key: newPublicKeyHex,
229
- timestamp,
230
- };
231
- if (reason !== undefined) {
232
- obj.reason = reason;
233
- }
234
- if (recovery) {
235
- obj.recovery = true;
236
- }
237
- return canonicalJson(obj);
238
- }
239
- /**
240
- * Create a key succession record signed by both the old and new keys.
241
- */
242
- export async function signKeySuccession(oldPrivateKey, newPrivateKey, newPublicKey, oldPublicKey, reason) {
243
- const timestamp = Date.now();
244
- const oldPublicKeyHex = bytesToHex(oldPublicKey);
245
- const newPublicKeyHex = bytesToHex(newPublicKey);
246
- const payload = keySuccessionPayload(oldPublicKeyHex, newPublicKeyHex, timestamp, reason);
247
- const message = new TextEncoder().encode(payload);
248
- const oldSig = await ed25519Sign(message, oldPrivateKey);
249
- const newSig = await ed25519Sign(message, newPrivateKey);
250
- return {
251
- old_public_key: oldPublicKeyHex,
252
- new_public_key: newPublicKeyHex,
253
- timestamp,
254
- ...(reason !== undefined ? { reason } : {}),
255
- old_key_signature: bytesToHex(oldSig),
256
- new_key_signature: bytesToHex(newSig),
257
- };
258
- }
259
- /**
260
- * Sign a guardian recovery succession record (§3.8.3).
261
- * The guardian key signs instead of the compromised old key.
262
- * Reason MUST include "guardian_recovery".
263
- */
264
- export async function signGuardianRecoverySuccession(guardianPrivateKey, newPrivateKey, oldPublicKey, newPublicKey, reason) {
265
- const timestamp = Date.now();
266
- const oldPublicKeyHex = bytesToHex(oldPublicKey);
267
- const newPublicKeyHex = bytesToHex(newPublicKey);
268
- const effectiveReason = reason ?? "guardian_recovery";
269
- const payload = keySuccessionPayload(oldPublicKeyHex, newPublicKeyHex, timestamp, effectiveReason, true);
270
- const message = new TextEncoder().encode(payload);
271
- const guardianSig = await ed25519Sign(message, guardianPrivateKey);
272
- const newSig = await ed25519Sign(message, newPrivateKey);
273
- return {
274
- old_public_key: oldPublicKeyHex,
275
- new_public_key: newPublicKeyHex,
276
- timestamp,
277
- reason: effectiveReason,
278
- new_key_signature: bytesToHex(newSig),
279
- recovery: true,
280
- guardian_signature: bytesToHex(guardianSig),
281
- };
282
- }
283
- /**
284
- * Verify a key succession record. For normal rotation, checks old_key_signature + new_key_signature.
285
- * For guardian recovery (recovery: true), checks guardian_signature + new_key_signature.
286
- */
287
- export async function verifyKeySuccession(record, guardianPublicKeyHex) {
288
- const payload = keySuccessionPayload(record.old_public_key, record.new_public_key, record.timestamp, record.reason, record.recovery);
289
- const message = new TextEncoder().encode(payload);
290
- try {
291
- const newPubKey = hexToBytes(record.new_public_key);
292
- const newSig = hexToBytes(record.new_key_signature);
293
- const newValid = await ed25519Verify(newSig, message, newPubKey);
294
- if (!newValid)
295
- return false;
296
- if (record.recovery) {
297
- if (!record.guardian_signature || !guardianPublicKeyHex)
298
- return false;
299
- const guardianPubKey = hexToBytes(guardianPublicKeyHex);
300
- const guardianSig = hexToBytes(record.guardian_signature);
301
- return await ed25519Verify(guardianSig, message, guardianPubKey);
302
- }
303
- else {
304
- if (!record.old_key_signature)
305
- return false;
306
- const oldPubKey = hexToBytes(record.old_public_key);
307
- const oldSig = hexToBytes(record.old_key_signature);
308
- return await ed25519Verify(oldSig, message, oldPubKey);
309
- }
310
- }
311
- catch {
312
- /* v8 ignore next */
313
- return false;
314
- }
315
- }
316
- /**
317
- * Verify a full key succession chain — an ordered array of KeySuccessionRecords
318
- * representing a sequence of key rotations from a genesis key to the current active key.
319
- */
320
- export async function verifySuccessionChain(chain, guardianPublicKeyHex) {
321
- if (chain.length === 0) {
322
- return {
323
- valid: false,
324
- genesis_public_key: "",
325
- current_public_key: "",
326
- length: 0,
327
- error: { index: 0, message: "Empty succession chain" },
328
- };
329
- }
330
- const genesisKey = chain[0].old_public_key;
331
- const currentKey = chain[chain.length - 1].new_public_key;
332
- for (let i = 0; i < chain.length; i++) {
333
- const record = chain[i];
334
- if (record.recovery && !guardianPublicKeyHex) {
335
- return {
336
- valid: false,
337
- genesis_public_key: genesisKey,
338
- current_public_key: currentKey,
339
- length: chain.length,
340
- error: {
341
- index: i,
342
- message: `Record ${i} is a guardian recovery but no guardian public key provided`,
343
- },
344
- };
345
- }
346
- const sigValid = await verifyKeySuccession(record, guardianPublicKeyHex);
347
- if (!sigValid) {
348
- return {
349
- valid: false,
350
- genesis_public_key: genesisKey,
351
- current_public_key: currentKey,
352
- length: chain.length,
353
- error: { index: i, message: `Record ${i} has invalid signature` },
354
- };
355
- }
356
- if (i < chain.length - 1) {
357
- const next = chain[i + 1];
358
- if (record.new_public_key !== next.old_public_key) {
359
- return {
360
- valid: false,
361
- genesis_public_key: genesisKey,
362
- current_public_key: currentKey,
363
- length: chain.length,
364
- error: {
365
- index: i + 1,
366
- message: `Chain break at ${i + 1}: expected old_public_key "${record.new_public_key}", got "${next.old_public_key}"`,
367
- },
368
- };
369
- }
370
- }
371
- if (i < chain.length - 1) {
372
- const next = chain[i + 1];
373
- if (record.timestamp >= next.timestamp) {
374
- return {
375
- valid: false,
376
- genesis_public_key: genesisKey,
377
- current_public_key: currentKey,
378
- length: chain.length,
379
- error: {
380
- index: i + 1,
381
- message: `Temporal ordering violation at ${i + 1}: timestamp ${next.timestamp} is not after ${record.timestamp}`,
382
- },
383
- };
384
- }
385
- }
386
- }
387
- return {
388
- valid: true,
389
- genesis_public_key: genesisKey,
390
- current_public_key: currentKey,
391
- length: chain.length,
392
- };
393
- }
394
- // === Guardian Revocation (§3.3.2) ===
395
- /**
396
- * Sign a guardian revocation payload — requires BOTH identity and guardian keys.
397
- * Neither party can unilaterally dissolve the custody relationship.
398
- */
399
- export async function signGuardianRevocation(identityPrivateKey, guardianPrivateKey, timestamp) {
400
- const ts = timestamp ?? Date.now();
401
- const payload = canonicalJson({ action: "guardian_revoked", timestamp: ts });
402
- const message = new TextEncoder().encode(payload);
403
- const identitySig = await ed25519Sign(message, identityPrivateKey);
404
- const guardianSig = await ed25519Sign(message, guardianPrivateKey);
405
- return {
406
- payload,
407
- identity_signature: bytesToHex(identitySig),
408
- guardian_signature: bytesToHex(guardianSig),
409
- timestamp: ts,
410
- };
411
- }
412
- /**
413
- * Verify a guardian revocation proof — both signatures must be valid.
414
- */
415
- export async function verifyGuardianRevocation(revocation, identityPublicKeyHex, guardianPublicKeyHex) {
416
- const payload = canonicalJson({ action: "guardian_revoked", timestamp: revocation.timestamp });
417
- const message = new TextEncoder().encode(payload);
418
- try {
419
- const identityPub = hexToBytes(identityPublicKeyHex);
420
- const guardianPub = hexToBytes(guardianPublicKeyHex);
421
- const identitySig = hexToBytes(revocation.identity_signature);
422
- const guardianSig = hexToBytes(revocation.guardian_signature);
423
- const identityValid = await ed25519Verify(identitySig, message, identityPub);
424
- const guardianValid = await ed25519Verify(guardianSig, message, guardianPub);
425
- return identityValid && guardianValid;
426
- }
427
- catch {
428
- return false;
429
- }
430
- }
431
- /**
432
- * Sign a collaborative receipt. Computes a content hash over the canonical
433
- * JSON of all participant receipts, then signs the aggregate with the
434
- * initiator's Ed25519 private key.
435
- */
436
- export async function signCollaborativeReceipt(receipt, initiatorPrivateKey) {
437
- const receiptsCanonical = canonicalJson(receipt.participant_receipts);
438
- const receiptsBytes = new TextEncoder().encode(receiptsCanonical);
439
- const contentHash = await hash(receiptsBytes);
440
- const sigPayload = canonicalJson({
441
- proposal_id: receipt.proposal_id,
442
- plan_id: receipt.plan_id,
443
- content_hash: contentHash,
444
- });
445
- const sigMessage = new TextEncoder().encode(sigPayload);
446
- const sig = await ed25519Sign(sigMessage, initiatorPrivateKey);
447
- return {
448
- ...receipt,
449
- content_hash: contentHash,
450
- initiator_signature: toBase64Url(sig),
451
- };
452
- }
453
- /**
454
- * Verify a collaborative receipt:
455
- * 1. Recomputes content hash from participant receipts and checks it matches.
456
- * 2. Verifies the initiator's Ed25519 signature over the aggregate.
457
- * 3. Optionally verifies each participant receipt against known keys.
458
- */
459
- export async function verifyCollaborativeReceipt(receipt, initiatorPublicKey, participantKeys) {
460
- // 1. Recompute content hash
461
- const receiptsCanonical = canonicalJson(receipt.participant_receipts);
462
- const receiptsBytes = new TextEncoder().encode(receiptsCanonical);
463
- const expectedHash = await hash(receiptsBytes);
464
- if (expectedHash !== receipt.content_hash) {
465
- return { valid: false, error: "Content hash mismatch" };
466
- }
467
- // 2. Verify initiator signature
468
- const sigPayload = canonicalJson({
469
- proposal_id: receipt.proposal_id,
470
- plan_id: receipt.plan_id,
471
- content_hash: receipt.content_hash,
472
- });
473
- const sigMessage = new TextEncoder().encode(sigPayload);
474
- try {
475
- const sig = fromBase64Url(receipt.initiator_signature);
476
- const sigValid = await ed25519Verify(sig, sigMessage, initiatorPublicKey);
477
- if (!sigValid) {
478
- return { valid: false, error: "Initiator signature invalid" };
479
- }
480
- }
481
- catch {
482
- return { valid: false, error: "Initiator signature decode failed" };
483
- }
484
- // 3. Verify participant receipts if keys provided
485
- if (participantKeys) {
486
- for (let i = 0; i < receipt.participant_receipts.length; i++) {
487
- const pr = receipt.participant_receipts[i];
488
- const pubKey = participantKeys.get(pr.motebit_id);
489
- if (!pubKey) {
490
- return {
491
- valid: false,
492
- error: `Unknown participant key for receipt ${i} (${pr.motebit_id})`,
493
- };
494
- }
495
- const prValid = await verifyExecutionReceipt(pr, pubKey);
496
- if (!prValid) {
497
- return {
498
- valid: false,
499
- error: `Participant receipt ${i} (${pr.motebit_id}) signature invalid`,
500
- };
501
- }
502
- }
503
- }
504
- return { valid: true };
505
- }
506
- //# sourceMappingURL=artifacts.js.map
package/dist/artifacts.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../src/artifacts.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,aAAa,EACb,WAAW,EACX,aAAa,EACb,WAAW,EACX,aAAa,EACb,UAAU,EACV,UAAU,EACV,IAAI,EACJ,eAAe,GAChB,MAAM,cAAc,CAAC;AA4BtB;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAU,EACV,UAAsB,EACtB,SAAsB;IAEtB,0EAA0E;IAC1E,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;IACrF,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IACnD,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,EAA+B,CAAC;AAC/E,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,OAAwB,EACxB,SAAqB;IAErB,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IACvC,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC;QACrC,OAAO,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AA6CD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,KAAmC,EACnC,UAAsB,EACtB,SAAqB;IAErB,MAAM,OAAO,GAAuC;QAClD,OAAO,EAAE,GAAG,KAAK,CAAC,IAAI,OAAO,KAAK,CAAC,OAAO,EAAE;QAC5C,UAAU,EAAE,KAAK,CAAC,gBAAgB;QAClC,SAAS,EAAE,KAAK,CAAC,eAAe;QAChC,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,MAAM,EAAE,WAAW;QACnB,MAAM,EAAE,GAAG,KAAK,CAAC,mBAAmB,cAAc,KAAK,CAAC,gBAAgB,KAAK,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,UAAU,KAAK,CAAC,KAAK,QAAQ,KAAK,CAAC,IAAI,EAAE;QACnJ,UAAU,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;QAClC,eAAe,EAAE,CAAC;QAClB,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,yEAAyE;KAC1E,CAAC;IACF,OAAO,oBAAoB,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AAC9D,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,OAAwB,EACxB,SAAoB;IAEpB,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;IAExC,2EAA2E;IAC3E,IAAI,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC1C,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACrC,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,CAAC;IAC5F,CAAC;IAED,IAAI,QAAiB,CAAC;IACtB,IAAI,KAAyB,CAAC;IAC9B,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC9D,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,sBAAsB;QACtB,QAAQ,GAAG,KAAK,CAAC;QACjB,KAAK,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEhE,MAAM,MAAM,GAAwB,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IACnF,IAAI,KAAK,EAAE,CAAC;QACV,oBAAoB;QACpB,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;IACvB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,iBAAiB,CAC9B,OAAwB,EACxB,SAAoB;IAEpB,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7E,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,kBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;AACjG,CAAC;AASD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAA0B;IAE1B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAE/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACxB,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC;QACtF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,CAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC1D,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,WAAW,CAAC,kBAAkB,IAAI,CAAC,OAAO,CAAC,YAAY,uBAAuB,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG;gBACxI,KAAK,EAAE,CAAC;aACT,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC;AAoBD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,UAA8C,EAC9C,mBAA+B;IAE/B,MAAM,SAAS,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IAC5D,OAAO,EAAE,GAAG,UAAU,EAAE,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;AACxD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,UAA2B,EAC3B,OAAiD;IAEjD,MAAM,WAAW,GAAG,OAAO,EAAE,WAAW,IAAI,IAAI,CAAC;IACjD,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QACvC,IAAI,UAAU,CAAC,UAAU,GAAG,GAAG;YAAE,OAAO,KAAK,CAAC;IAChD,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,GAAG,UAAU,CAAC;IAC1C,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,aAAa,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC;QACrC,OAAO,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAAwB;IAExB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAE/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QAC7B,8EAA8E;QAC9E,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,UAAU,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,CAAC,wBAAwB,EAAE,CAAC;QAC1E,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACV,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;YAC3B,IAAI,IAAI,CAAC,WAAW,KAAK,UAAU,CAAC,YAAY,EAAE,CAAC;gBACjD,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,kBAAkB,CAAC,kBAAkB,IAAI,CAAC,WAAW,uBAAuB,UAAU,CAAC,YAAY,GAAG;iBAC9G,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,mBAAmB,KAAK,UAAU,CAAC,oBAAoB,EAAE,CAAC;gBACjE,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,kBAAkB,CAAC,gCAAgC;iBAC3D,CAAC;YACJ,CAAC;YACD,0EAA0E;YAC1E,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBACnD,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,cAAc,CAAC,0BAA0B,IAAI,CAAC,KAAK,aAAa,UAAU,CAAC,KAAK,GAAG;iBAC3F,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC;AAqBD;;GAEG;AACH,SAAS,oBAAoB,CAC3B,eAAuB,EACvB,eAAuB,EACvB,SAAiB,EACjB,MAAe,EACf,QAAkB;IAElB,MAAM,GAAG,GAA4B;QACnC,cAAc,EAAE,eAAe;QAC/B,cAAc,EAAE,eAAe;QAC/B,SAAS;KACV,CAAC;IACF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;IACtB,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC;IACtB,CAAC;IACD,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,aAAyB,EACzB,aAAyB,EACzB,YAAwB,EACxB,YAAwB,EACxB,MAAe;IAEf,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,eAAe,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IACjD,MAAM,eAAe,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEjD,MAAM,OAAO,GAAG,oBAAoB,CAAC,eAAe,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1F,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAEzD,OAAO;QACL,cAAc,EAAE,eAAe;QAC/B,cAAc,EAAE,eAAe;QAC/B,SAAS;QACT,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3C,iBAAiB,EAAE,UAAU,CAAC,MAAM,CAAC;QACrC,iBAAiB,EAAE,UAAU,CAAC,MAAM,CAAC;KACtC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,kBAA8B,EAC9B,aAAyB,EACzB,YAAwB,EACxB,YAAwB,EACxB,MAAe;IAEf,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,eAAe,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IACjD,MAAM,eAAe,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEjD,MAAM,eAAe,GAAG,MAAM,IAAI,mBAAmB,CAAC;IACtD,MAAM,OAAO,GAAG,oBAAoB,CAClC,eAAe,EACf,eAAe,EACf,SAAS,EACT,eAAe,EACf,IAAI,CACL,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAEzD,OAAO;QACL,cAAc,EAAE,eAAe;QAC/B,cAAc,EAAE,eAAe;QAC/B,SAAS;QACT,MAAM,EAAE,eAAe;QACvB,iBAAiB,EAAE,UAAU,CAAC,MAAM,CAAC;QACrC,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,UAAU,CAAC,WAAW,CAAC;KAC5C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAA2B,EAC3B,oBAA6B;IAE7B,MAAM,OAAO,GAAG,oBAAoB,CAClC,MAAM,CAAC,cAAc,EACrB,MAAM,CAAC,cAAc,EACrB,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,QAAQ,CAChB,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACpD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5B,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,CAAC,oBAAoB;gBAAE,OAAO,KAAK,CAAC;YACtE,MAAM,cAAc,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAC;YACxD,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YAC1D,OAAO,MAAM,aAAa,CAAC,WAAW,EAAE,OAAO,EAAE,cAAc,CAAC,CAAC;QACnE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAAE,OAAO,KAAK,CAAC;YAC5C,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;YACpD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;YACpD,OAAO,MAAM,aAAa,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,oBAAoB;QACpB,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAaD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAA4B,EAC5B,oBAA6B;IAE7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,kBAAkB,EAAE,EAAE;YACtB,kBAAkB,EAAE,EAAE;YACtB,MAAM,EAAE,CAAC;YACT,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE;SACvD,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC,cAAc,CAAC;IAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,cAAc,CAAC;IAE3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QAEzB,IAAI,MAAM,CAAC,QAAQ,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC7C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,kBAAkB,EAAE,UAAU;gBAC9B,kBAAkB,EAAE,UAAU;gBAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,KAAK,EAAE;oBACL,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,UAAU,CAAC,6DAA6D;iBAClF;aACF,CAAC;QACJ,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,kBAAkB,EAAE,UAAU;gBAC9B,kBAAkB,EAAE,UAAU;gBAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC,wBAAwB,EAAE;aAClE,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;YAC3B,IAAI,MAAM,CAAC,cAAc,KAAK,IAAI,CAAC,cAAc,EAAE,CAAC;gBAClD,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,kBAAkB,EAAE,UAAU;oBAC9B,kBAAkB,EAAE,UAAU;oBAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,KAAK,EAAE;wBACL,KAAK,EAAE,CAAC,GAAG,CAAC;wBACZ,OAAO,EAAE,kBAAkB,CAAC,GAAG,CAAC,8BAA8B,MAAM,CAAC,cAAc,WAAW,IAAI,CAAC,cAAc,GAAG;qBACrH;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;YAC3B,IAAI,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBACvC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,kBAAkB,EAAE,UAAU;oBAC9B,kBAAkB,EAAE,UAAU;oBAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,KAAK,EAAE;wBACL,KAAK,EAAE,CAAC,GAAG,CAAC;wBACZ,OAAO,EAAE,kCAAkC,CAAC,GAAG,CAAC,eAAe,IAAI,CAAC,SAAS,iBAAiB,MAAM,CAAC,SAAS,EAAE;qBACjH;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,kBAAkB,EAAE,UAAU;QAC9B,kBAAkB,EAAE,UAAU;QAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;KACrB,CAAC;AACJ,CAAC;AAED,uCAAuC;AAEvC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,kBAA8B,EAC9B,kBAA8B,EAC9B,SAAkB;IAOlB,MAAM,EAAE,GAAG,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IACnC,MAAM,OAAO,GAAG,aAAa,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;IACnE,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;IAEnE,OAAO;QACL,OAAO;QACP,kBAAkB,EAAE,UAAU,CAAC,WAAW,CAAC;QAC3C,kBAAkB,EAAE,UAAU,CAAC,WAAW,CAAC;QAC3C,SAAS,EAAE,EAAE;KACd,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,UAIC,EACD,oBAA4B,EAC5B,oBAA4B;IAE5B,MAAM,OAAO,GAAG,aAAa,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,SAAS,EAAE,UAAU,CAAC,SAAS,EAAE,CAAC,CAAC;IAC/F,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAC;QACrD,MAAM,WAAW,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAC;QACrD,MAAM,WAAW,GAAG,UAAU,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;QAE9D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;QAE7E,OAAO,aAAa,IAAI,aAAa,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAYD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,OAAmF,EACnF,mBAA+B;IAE/B,MAAM,iBAAiB,GAAG,aAAa,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACtE,MAAM,aAAa,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IAE9C,MAAM,UAAU,GAAG,aAAa,CAAC;QAC/B,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,YAAY,EAAE,WAAW;KAC1B,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;IAE/D,OAAO;QACL,GAAG,OAAO;QACV,YAAY,EAAE,WAAW;QACzB,mBAAmB,EAAE,WAAW,CAAC,GAAG,CAAC;KACtC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,OAAqC,EACrC,kBAA8B,EAC9B,eAA2B;IAE3B,4BAA4B;IAC5B,MAAM,iBAAiB,GAAG,aAAa,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACtE,MAAM,aAAa,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IAE/C,IAAI,YAAY,KAAK,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC;IAC1D,CAAC;IAED,gCAAgC;IAChC,MAAM,UAAU,GAAG,aAAa,CAAC;QAC/B,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,YAAY,EAAE,OAAO,CAAC,YAAY;KACnC,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACxD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,kBAAkB,CAAC,CAAC;QAC1E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,6BAA6B,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;IACtE,CAAC;IAED,kDAAkD;IAClD,IAAI,eAAe,EAAE,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,oBAAoB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7D,MAAM,EAAE,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC,CAAE,CAAC;YAC5C,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,uCAAuC,CAAC,KAAK,EAAE,CAAC,UAAU,GAAG;iBACrE,CAAC;YACJ,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;YACzD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,uBAAuB,CAAC,KAAK,EAAE,CAAC,UAAU,qBAAqB;iBACvE,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC"}