npm - @motebit/crypto - Versions diffs - 0.8.0 - Mend

@motebit/crypto 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/LICENSE +26 -0
package/README.md +142 -0
package/dist/artifacts.d.ts +268 -0
package/dist/artifacts.d.ts.map +1 -0
package/dist/artifacts.js +506 -0
package/dist/artifacts.js.map +1 -0
package/dist/credential-anchor.d.ts +97 -0
package/dist/credential-anchor.d.ts.map +1 -0
package/dist/credential-anchor.js +159 -0
package/dist/credential-anchor.js.map +1 -0
package/dist/credentials.d.ts +107 -0
package/dist/credentials.d.ts.map +1 -0
package/dist/credentials.js +209 -0
package/dist/credentials.js.map +1 -0
package/dist/index.d.ts +212 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2513 -0
package/dist/index.js.map +1 -0
package/dist/signing.d.ts +97 -0
package/dist/signing.d.ts.map +1 -0
package/dist/signing.js +282 -0
package/dist/signing.js.map +1 -0
package/package.json +67 -0

package/dist/credential-anchor.js ADDED Viewed

@@ -0,0 +1,159 @@
+/**
+ * Credential anchor — leaf hashing and self-verification.
+ *
+ * MIT: these functions are part of the open protocol. Any implementation
+ * can compute credential leaves and verify anchor proofs using this module.
+ *
+ * motebit/credential-anchor@1.0 §3 (leaf hash) and §5.2 (verification).
+ */
+import { canonicalJson, sha256, ed25519Verify, hexToBytes } from "./signing.js";
+// === Helpers (inlined — zero monorepo deps) ===
+function toHex(bytes) {
+    return Array.from(bytes)
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+}
+function fromHex(hex) {
+    const bytes = new Uint8Array(hex.length / 2);
+    for (let i = 0; i < hex.length; i += 2) {
+        bytes[i / 2] = parseInt(hex.slice(i, i + 2), 16);
+    }
+    return bytes;
+}
+function concat(a, b) {
+    const out = new Uint8Array(a.length + b.length);
+    out.set(a);
+    out.set(b, a.length);
+    return out;
+}
+// === Leaf Hash ===
+/**
+ * Compute a credential leaf hash for Merkle anchoring.
+ *
+ * The input is the full W3C VC 2.0 credential including its `proof` field.
+ * The proof is included because it binds the credential to its issuer's
+ * signature — without it, anyone could claim arbitrary credential content.
+ *
+ * @param credential - Full verifiable credential object (with proof)
+ * @returns Hex-encoded SHA-256 hash
+ */
+export async function computeCredentialLeaf(credential) {
+    const canonical = canonicalJson(credential);
+    const hash = await sha256(new TextEncoder().encode(canonical));
+    return toHex(hash);
+}
+// === Merkle Proof Verification ===
+/**
+ * Verify a Merkle inclusion proof against an expected root.
+ *
+ * Binary tree with odd-leaf promotion (no duplication).
+ * Same algorithm as @motebit/encryption/merkle.ts — inlined here
+ * so the crypto package remains zero-monorepo-deps.
+ */
+async function verifyMerkleInclusion(leaf, index, siblings, layerSizes, expectedRoot) {
+    let current = fromHex(leaf);
+    let idx = index;
+    let sibIdx = 0;
+    for (const layerSize of layerSizes) {
+        const siblingPos = idx % 2 === 0 ? idx + 1 : idx - 1;
+        const hasSibling = siblingPos >= 0 && siblingPos < layerSize;
+        if (hasSibling) {
+            if (sibIdx >= siblings.length)
+                return false;
+            const siblingBytes = fromHex(siblings[sibIdx]);
+            const combined = idx % 2 === 0 ? concat(current, siblingBytes) : concat(siblingBytes, current);
+            current = await sha256(combined);
+            sibIdx++;
+        }
+        // Odd promotion: current passes through unchanged
+        idx = Math.floor(idx / 2);
+    }
+    return toHex(current) === expectedRoot;
+}
+/**
+ * Verify a credential anchor proof — the 4-step self-verification algorithm.
+ *
+ * Steps 1–3 are fully offline. Step 4 (onchain lookup) requires a callback
+ * and is skipped if not provided or if the proof has no onchain anchor.
+ *
+ * @param credential - The full W3C VC 2.0 credential (with proof)
+ * @param anchorProof - The CredentialAnchorProof from the relay
+ * @param chainVerifier - Optional callback for step 4 (onchain verification)
+ * @returns Verification result with per-step breakdown
+ *
+ * @example
+ * ```ts
+ * import { verifyCredentialAnchor } from "@motebit/crypto";
+ *
+ * const result = await verifyCredentialAnchor(credential, proof);
+ * if (result.valid) {
+ *   // Steps 1-3 passed: credential was anchored by this relay
+ * }
+ * ```
+ */
+export async function verifyCredentialAnchor(credential, anchorProof, chainVerifier) {
+    const errors = [];
+    // Step 1: Hash verification — credential maps to the claimed leaf
+    const computedHash = await computeCredentialLeaf(credential);
+    const hashValid = computedHash === anchorProof.credential_hash;
+    if (!hashValid) {
+        errors.push(`Hash mismatch: computed ${computedHash.slice(0, 16)}…, proof claims ${anchorProof.credential_hash.slice(0, 16)}…`);
+    }
+    // Step 2: Merkle inclusion — leaf reconstructs to root
+    const merkleValid = await verifyMerkleInclusion(anchorProof.credential_hash, anchorProof.leaf_index, anchorProof.siblings, anchorProof.layer_sizes, anchorProof.merkle_root);
+    if (!merkleValid) {
+        errors.push("Merkle proof does not reconstruct to the claimed root");
+    }
+    // Step 3: Relay attestation — relay signed the batch payload
+    // Reconstruct the exact payload signed by cutCredentialBatch
+    const batchPayload = canonicalJson({
+        batch_id: anchorProof.batch_id,
+        merkle_root: anchorProof.merkle_root,
+        leaf_count: anchorProof.leaf_count,
+        first_issued_at: anchorProof.first_issued_at,
+        last_issued_at: anchorProof.last_issued_at,
+        relay_id: anchorProof.relay_id,
+    });
+    const payloadBytes = new TextEncoder().encode(batchPayload);
+    const signatureBytes = hexToBytes(anchorProof.batch_signature);
+    const publicKeyBytes = hexToBytes(anchorProof.relay_public_key);
+    let relaySignatureValid = false;
+    try {
+        relaySignatureValid = await ed25519Verify(signatureBytes, payloadBytes, publicKeyBytes);
+    }
+    catch {
+        relaySignatureValid = false;
+    }
+    if (!relaySignatureValid) {
+        errors.push("Relay batch signature verification failed");
+    }
+    // Step 4: Onchain anchor (optional — requires network access)
+    let chainVerified = null;
+    if (anchorProof.anchor && chainVerifier) {
+        try {
+            chainVerified = await chainVerifier({
+                ...anchorProof.anchor,
+                expected_root: anchorProof.merkle_root,
+            });
+            if (!chainVerified) {
+                errors.push("Onchain anchor verification failed");
+            }
+        }
+        catch (err) {
+            chainVerified = false;
+            errors.push(`Onchain verification error: ${err instanceof Error ? err.message : String(err)}`);
+        }
+    }
+    const valid = hashValid && merkleValid && relaySignatureValid && (chainVerified === null || chainVerified);
+    return {
+        valid,
+        steps: {
+            hash_valid: hashValid,
+            merkle_valid: merkleValid,
+            relay_signature_valid: relaySignatureValid,
+            chain_verified: chainVerified,
+        },
+        errors,
+    };
+}
+//# sourceMappingURL=credential-anchor.js.map

package/dist/credential-anchor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credential-anchor.js","sourceRoot":"","sources":["../src/credential-anchor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAEhF,iDAAiD;AAEjD,SAAS,KAAK,CAAC,KAAiB;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,OAAO,CAAC,GAAW;IAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACX,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,oBAAoB;AAEpB;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,UAAmC;IAC7E,MAAM,SAAS,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;IAC/D,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC;AACrB,CAAC;AAED,oCAAoC;AAEpC;;;;;;GAMG;AACH,KAAK,UAAU,qBAAqB,CAClC,IAAY,EACZ,KAAa,EACb,QAAkB,EAClB,UAAoB,EACpB,YAAoB;IAEpB,IAAI,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,IAAI,GAAG,GAAG,KAAK,CAAC;IAChB,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;QACrD,MAAM,UAAU,GAAG,UAAU,IAAI,CAAC,IAAI,UAAU,GAAG,SAAS,CAAC;QAE7D,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,MAAM,IAAI,QAAQ,CAAC,MAAM;gBAAE,OAAO,KAAK,CAAC;YAC5C,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAE,CAAC,CAAC;YAChD,MAAM,QAAQ,GACZ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YAChF,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;YACjC,MAAM,EAAE,CAAC;QACX,CAAC;QACD,kDAAkD;QAElD,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,YAAY,CAAC;AACzC,CAAC;AA8DD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,UAAmC,EACnC,WAAwC,EACxC,aAAmC;IAEnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,kEAAkE;IAClE,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,UAAU,CAAC,CAAC;IAC7D,MAAM,SAAS,GAAG,YAAY,KAAK,WAAW,CAAC,eAAe,CAAC;IAC/D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,2BAA2B,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,WAAW,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CACnH,CAAC;IACJ,CAAC;IAED,uDAAuD;IACvD,MAAM,WAAW,GAAG,MAAM,qBAAqB,CAC7C,WAAW,CAAC,eAAe,EAC3B,WAAW,CAAC,UAAU,EACtB,WAAW,CAAC,QAAQ,EACpB,WAAW,CAAC,WAAW,EACvB,WAAW,CAAC,WAAW,CACxB,CAAC;IACF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;IAED,6DAA6D;IAC7D,6DAA6D;IAC7D,MAAM,YAAY,GAAG,aAAa,CAAC;QACjC,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,UAAU,EAAE,WAAW,CAAC,UAAU;QAClC,eAAe,EAAE,WAAW,CAAC,eAAe;QAC5C,cAAc,EAAE,WAAW,CAAC,cAAc;QAC1C,QAAQ,EAAE,WAAW,CAAC,QAAQ;KAC/B,CAAC,CAAC;IACH,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC5D,MAAM,cAAc,GAAG,UAAU,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IAC/D,MAAM,cAAc,GAAG,UAAU,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;IAEhE,IAAI,mBAAmB,GAAG,KAAK,CAAC;IAChC,IAAI,CAAC;QACH,mBAAmB,GAAG,MAAM,aAAa,CAAC,cAAc,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC;IAC1F,CAAC;IAAC,MAAM,CAAC;QACP,mBAAmB,GAAG,KAAK,CAAC;IAC9B,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IAC3D,CAAC;IAED,8DAA8D;IAC9D,IAAI,aAAa,GAAmB,IAAI,CAAC;IACzC,IAAI,WAAW,CAAC,MAAM,IAAI,aAAa,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,aAAa,GAAG,MAAM,aAAa,CAAC;gBAClC,GAAG,WAAW,CAAC,MAAM;gBACrB,aAAa,EAAE,WAAW,CAAC,WAAW;aACvC,CAAC,CAAC;YACH,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,aAAa,GAAG,KAAK,CAAC;YACtB,MAAM,CAAC,IAAI,CACT,+BAA+B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAClF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GACT,SAAS,IAAI,WAAW,IAAI,mBAAmB,IAAI,CAAC,aAAa,KAAK,IAAI,IAAI,aAAa,CAAC,CAAC;IAE/F,OAAO;QACL,KAAK;QACL,KAAK,EAAE;YACL,UAAU,EAAE,SAAS;YACrB,YAAY,EAAE,WAAW;YACzB,qBAAqB,EAAE,mBAAmB;YAC1C,cAAc,EAAE,aAAa;SAC9B;QACD,MAAM;KACP,CAAC;AACJ,CAAC"}

package/dist/credentials.d.ts ADDED Viewed

@@ -0,0 +1,107 @@
+/**
+ * Verifiable Credentials (W3C VC Data Model 2.0) with eddsa-jcs-2022 cryptosuite.
+ *
+ * Signing and verification of W3C Verifiable Credentials and Presentations
+ * using the protocol's canonical Ed25519 + JCS pipeline.
+ *
+ * Moved from BSL @motebit/crypto to MIT @motebit/crypto.
+ */
+export interface DataIntegrityProof {
+    type: "DataIntegrityProof";
+    cryptosuite: "eddsa-jcs-2022";
+    created: string;
+    verificationMethod: string;
+    proofPurpose: "assertionMethod" | "authentication";
+    proofValue: string;
+}
+export interface VerifiableCredential<T = Record<string, unknown>> {
+    "@context": string[];
+    type: string[];
+    issuer: string;
+    credentialSubject: T & {
+        id: string;
+    };
+    validFrom: string;
+    validUntil?: string;
+    credentialStatus?: {
+        id: string;
+        type: string;
+    };
+    proof: DataIntegrityProof;
+}
+export interface VerifiablePresentation {
+    "@context": string[];
+    type: string[];
+    holder: string;
+    verifiableCredential: VerifiableCredential[];
+    proof: DataIntegrityProof;
+}
+export interface GradientCredentialSubject {
+    id: string;
+    gradient: number;
+    knowledge_density: number;
+    knowledge_quality: number;
+    graph_connectivity: number;
+    temporal_stability: number;
+    retrieval_quality: number;
+    interaction_efficiency: number;
+    tool_efficiency: number;
+    curiosity_pressure: number;
+    measured_at: number;
+}
+export interface ReputationCredentialSubject {
+    id: string;
+    success_rate: number;
+    avg_latency_ms: number;
+    task_count: number;
+    trust_score: number;
+    availability: number;
+    sample_size: number;
+    measured_at: number;
+}
+export interface TrustCredentialSubject {
+    id: string;
+    trust_level: string;
+    interaction_count: number;
+    successful_tasks: number;
+    failed_tasks: number;
+    first_seen_at: number;
+    last_seen_at: number;
+}
+export declare function signVerifiableCredential<T = Record<string, unknown>>(unsignedVC: Omit<VerifiableCredential<T>, "proof">, privateKey: Uint8Array, publicKey: Uint8Array): Promise<VerifiableCredential<T>>;
+export declare function verifyVerifiableCredential<T = Record<string, unknown>>(vc: VerifiableCredential<T>): Promise<boolean>;
+export declare function signVerifiablePresentation(unsignedVP: Omit<VerifiablePresentation, "proof">, privateKey: Uint8Array, publicKey: Uint8Array): Promise<VerifiablePresentation>;
+export declare function verifyVerifiablePresentation(vp: VerifiablePresentation): Promise<{
+    valid: boolean;
+    errors: string[];
+}>;
+export declare function issueGradientCredential(snapshot: {
+    gradient: number;
+    knowledge_density: number;
+    knowledge_quality: number;
+    graph_connectivity: number;
+    temporal_stability: number;
+    retrieval_quality: number;
+    interaction_efficiency: number;
+    tool_efficiency: number;
+    curiosity_pressure: number;
+    timestamp: number;
+}, privateKey: Uint8Array, publicKey: Uint8Array, subjectDid?: string, validForMs?: number, statusEndpoint?: string): Promise<VerifiableCredential<GradientCredentialSubject>>;
+export declare function issueReputationCredential(snapshot: {
+    success_rate: number;
+    avg_latency_ms: number;
+    task_count: number;
+    trust_score: number;
+    availability: number;
+    measured_at: number;
+}, privateKey: Uint8Array, publicKey: Uint8Array, subjectDid: string, validForMs?: number, statusEndpoint?: string): Promise<VerifiableCredential<ReputationCredentialSubject>>;
+export declare function issueTrustCredential(trustRecord: {
+    trust_level: string;
+    interaction_count: number;
+    successful_tasks?: number;
+    failed_tasks?: number;
+    first_seen_at: number;
+    last_seen_at: number;
+}, privateKey: Uint8Array, publicKey: Uint8Array, subjectDid: string, validForMs?: number, statusEndpoint?: string): Promise<VerifiableCredential<TrustCredentialSubject>>;
+export declare function createPresentation(credentials: VerifiableCredential[], privateKey: Uint8Array, publicKey: Uint8Array): Promise<VerifiablePresentation>;
+//# sourceMappingURL=credentials.d.ts.map

package/dist/credentials.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAeH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,oBAAoB,CAAC;IAC3B,WAAW,EAAE,gBAAgB,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,iBAAiB,GAAG,gBAAgB,CAAC;IACnD,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAC/D,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,CAAC,GAAG;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;IACtC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAChD,KAAK,EAAE,kBAAkB,CAAC;CAC3B;AAED,MAAM,WAAW,sBAAsB;IACrC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB,EAAE,oBAAoB,EAAE,CAAC;IAC7C,KAAK,EAAE,kBAAkB,CAAC;CAC3B;AAKD,MAAM,WAAW,yBAAyB;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,eAAe,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,2BAA2B;IAC1C,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB;AAgGD,wBAAsB,wBAAwB,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACxE,UAAU,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAClD,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAQlC;AAED,wBAAsB,0BAA0B,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC1E,EAAE,EAAE,oBAAoB,CAAC,CAAC,CAAC,GAC1B,OAAO,CAAC,OAAO,CAAC,CAMlB;AAID,wBAAsB,0BAA0B,CAC9C,UAAU,EAAE,IAAI,CAAC,sBAAsB,EAAE,OAAO,CAAC,EACjD,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,sBAAsB,CAAC,CAQjC;AAED,wBAAsB,4BAA4B,CAChD,EAAE,EAAE,sBAAsB,GACzB,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAoB/C;AAUD,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE;IACR,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,eAAe,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB,EACD,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,EACrB,UAAU,CAAC,EAAE,MAAM,EACnB,UAAU,SAAc,EACxB,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,oBAAoB,CAAC,yBAAyB,CAAC,CAAC,CA8B1D;AAED,wBAAsB,yBAAyB,CAC7C,QAAQ,EAAE;IACR,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB,EACD,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,EACrB,UAAU,EAAE,MAAM,EAClB,UAAU,SAAc,EACxB,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,oBAAoB,CAAC,2BAA2B,CAAC,CAAC,CA2B5D;AAED,wBAAsB,oBAAoB,CACxC,WAAW,EAAE;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,EACD,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,EACrB,UAAU,EAAE,MAAM,EAClB,UAAU,SAAc,EACxB,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,oBAAoB,CAAC,sBAAsB,CAAC,CAAC,CA0BvD;AAED,wBAAsB,kBAAkB,CACtC,WAAW,EAAE,oBAAoB,EAAE,EACnC,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,sBAAsB,CAAC,CAUjC"}

package/dist/credentials.js ADDED Viewed

@@ -0,0 +1,209 @@
+/**
+ * Verifiable Credentials (W3C VC Data Model 2.0) with eddsa-jcs-2022 cryptosuite.
+ *
+ * Signing and verification of W3C Verifiable Credentials and Presentations
+ * using the protocol's canonical Ed25519 + JCS pipeline.
+ *
+ * Moved from BSL @motebit/crypto to MIT @motebit/crypto.
+ */
+import { canonicalJson, ed25519Sign, ed25519Verify, base58btcEncode, base58btcDecode, publicKeyToDidKey, didKeyToPublicKey, sha256, } from "./signing.js";
+// === Internal helpers ===
+function buildVerificationMethod(publicKey) {
+    const did = publicKeyToDidKey(publicKey);
+    const fragment = did.slice("did:key:".length);
+    return `${did}#${fragment}`;
+}
+// === eddsa-jcs-2022 Signing ===
+/**
+ * Sign a document using eddsa-jcs-2022 (Data Integrity EdDSA Cryptosuites).
+ *
+ * 1. Separate proof options from document
+ * 2. proofHash = SHA-256(canonicalJson(proofOptions))
+ * 3. docHash = SHA-256(canonicalJson(documentWithoutProof))
+ * 4. signature = Ed25519.sign(proofHash || docHash, privateKey)
+ * 5. proofValue = "z" + base58btcEncode(signature)
+ */
+async function signDataIntegrity(document, privateKey, publicKey, proofPurpose) {
+    const verificationMethod = buildVerificationMethod(publicKey);
+    const created = new Date().toISOString();
+    const proofOptions = {
+        type: "DataIntegrityProof",
+        cryptosuite: "eddsa-jcs-2022",
+        created,
+        verificationMethod,
+        proofPurpose,
+    };
+    const encoder = new TextEncoder();
+    const proofHash = await sha256(encoder.encode(canonicalJson(proofOptions)));
+    const { proof: _proof, ...docWithoutProof } = document;
+    const docHash = await sha256(encoder.encode(canonicalJson(docWithoutProof)));
+    const combined = new Uint8Array(proofHash.length + docHash.length);
+    combined.set(proofHash);
+    combined.set(docHash, proofHash.length);
+    const signature = await ed25519Sign(combined, privateKey);
+    const proofValue = "z" + base58btcEncode(signature);
+    return { ...proofOptions, proofValue };
+}
+/**
+ * Verify a Data Integrity proof using eddsa-jcs-2022.
+ */
+async function verifyDataIntegritySigning(document, proof) {
+    if (proof.type !== "DataIntegrityProof" || proof.cryptosuite !== "eddsa-jcs-2022") {
+        return false;
+    }
+    const did = proof.verificationMethod.split("#")[0];
+    let publicKey;
+    try {
+        publicKey = didKeyToPublicKey(did);
+    }
+    catch {
+        return false;
+    }
+    const { proofValue, ...proofOptions } = proof;
+    const encoder = new TextEncoder();
+    const proofHash = await sha256(encoder.encode(canonicalJson(proofOptions)));
+    const { proof: _proof, ...docWithoutProof } = document;
+    const docHash = await sha256(encoder.encode(canonicalJson(docWithoutProof)));
+    const combined = new Uint8Array(proofHash.length + docHash.length);
+    combined.set(proofHash);
+    combined.set(docHash, proofHash.length);
+    if (!proofValue.startsWith("z"))
+        return false;
+    let signature;
+    try {
+        signature = base58btcDecode(proofValue.slice(1));
+    }
+    catch {
+        return false;
+    }
+    return ed25519Verify(signature, combined, publicKey);
+}
+// === Verifiable Credential Sign/Verify ===
+export async function signVerifiableCredential(unsignedVC, privateKey, publicKey) {
+    const proof = await signDataIntegrity(unsignedVC, privateKey, publicKey, "assertionMethod");
+    return { ...unsignedVC, proof };
+}
+export async function verifyVerifiableCredential(vc) {
+    if (vc.validUntil) {
+        const expiresAt = new Date(vc.validUntil).getTime();
+        if (Date.now() > expiresAt)
+            return false;
+    }
+    return verifyDataIntegritySigning(vc, vc.proof);
+}
+// === Verifiable Presentation Sign/Verify ===
+export async function signVerifiablePresentation(unsignedVP, privateKey, publicKey) {
+    const proof = await signDataIntegrity(unsignedVP, privateKey, publicKey, "authentication");
+    return { ...unsignedVP, proof };
+}
+export async function verifyVerifiablePresentation(vp) {
+    const errors = [];
+    const vpValid = await verifyDataIntegritySigning(vp, vp.proof);
+    if (!vpValid) {
+        errors.push("Presentation proof is invalid");
+    }
+    for (let i = 0; i < vp.verifiableCredential.length; i++) {
+        const vc = vp.verifiableCredential[i];
+        const vcValid = await verifyVerifiableCredential(vc);
+        if (!vcValid) {
+            errors.push(`Credential ${i} proof is invalid`);
+        }
+    }
+    return { valid: errors.length === 0, errors };
+}
+// === Convenience Issuance Functions ===
+const VC_TYPE_GRADIENT = "AgentGradientCredential";
+const VC_TYPE_REPUTATION = "AgentReputationCredential";
+const VC_TYPE_TRUST = "AgentTrustCredential";
+const ONE_HOUR_MS = 60 * 60 * 1000;
+export async function issueGradientCredential(snapshot, privateKey, publicKey, subjectDid, validForMs = ONE_HOUR_MS, statusEndpoint) {
+    const issuerDid = publicKeyToDidKey(publicKey);
+    const subject = {
+        id: subjectDid ?? issuerDid,
+        gradient: snapshot.gradient,
+        knowledge_density: snapshot.knowledge_density,
+        knowledge_quality: snapshot.knowledge_quality,
+        graph_connectivity: snapshot.graph_connectivity,
+        temporal_stability: snapshot.temporal_stability,
+        retrieval_quality: snapshot.retrieval_quality,
+        interaction_efficiency: snapshot.interaction_efficiency,
+        tool_efficiency: snapshot.tool_efficiency,
+        curiosity_pressure: snapshot.curiosity_pressure,
+        measured_at: snapshot.timestamp,
+    };
+    const now = new Date();
+    const unsignedVC = {
+        "@context": ["https://www.w3.org/ns/credentials/v2"],
+        type: ["VerifiableCredential", VC_TYPE_GRADIENT],
+        issuer: issuerDid,
+        credentialSubject: subject,
+        validFrom: now.toISOString(),
+        validUntil: new Date(now.getTime() + validForMs).toISOString(),
+        ...(statusEndpoint
+            ? { credentialStatus: { id: statusEndpoint, type: "RevocationList2024" } }
+            : {}),
+    };
+    return signVerifiableCredential(unsignedVC, privateKey, publicKey);
+}
+export async function issueReputationCredential(snapshot, privateKey, publicKey, subjectDid, validForMs = ONE_HOUR_MS, statusEndpoint) {
+    const issuerDid = publicKeyToDidKey(publicKey);
+    const subject = {
+        id: subjectDid,
+        success_rate: snapshot.success_rate,
+        avg_latency_ms: snapshot.avg_latency_ms,
+        task_count: snapshot.task_count,
+        trust_score: snapshot.trust_score,
+        availability: snapshot.availability,
+        sample_size: snapshot.task_count,
+        measured_at: snapshot.measured_at,
+    };
+    const now = new Date();
+    const unsignedVC = {
+        "@context": ["https://www.w3.org/ns/credentials/v2"],
+        type: ["VerifiableCredential", VC_TYPE_REPUTATION],
+        issuer: issuerDid,
+        credentialSubject: subject,
+        validFrom: now.toISOString(),
+        validUntil: new Date(now.getTime() + validForMs).toISOString(),
+        ...(statusEndpoint
+            ? { credentialStatus: { id: statusEndpoint, type: "RevocationList2024" } }
+            : {}),
+    };
+    return signVerifiableCredential(unsignedVC, privateKey, publicKey);
+}
+export async function issueTrustCredential(trustRecord, privateKey, publicKey, subjectDid, validForMs = ONE_HOUR_MS, statusEndpoint) {
+    const issuerDid = publicKeyToDidKey(publicKey);
+    const subject = {
+        id: subjectDid,
+        trust_level: trustRecord.trust_level,
+        interaction_count: trustRecord.interaction_count,
+        successful_tasks: trustRecord.successful_tasks ?? 0,
+        failed_tasks: trustRecord.failed_tasks ?? 0,
+        first_seen_at: trustRecord.first_seen_at,
+        last_seen_at: trustRecord.last_seen_at,
+    };
+    const now = new Date();
+    const unsignedVC = {
+        "@context": ["https://www.w3.org/ns/credentials/v2"],
+        type: ["VerifiableCredential", VC_TYPE_TRUST],
+        issuer: issuerDid,
+        credentialSubject: subject,
+        validFrom: now.toISOString(),
+        validUntil: new Date(now.getTime() + validForMs).toISOString(),
+        ...(statusEndpoint
+            ? { credentialStatus: { id: statusEndpoint, type: "RevocationList2024" } }
+            : {}),
+    };
+    return signVerifiableCredential(unsignedVC, privateKey, publicKey);
+}
+export async function createPresentation(credentials, privateKey, publicKey) {
+    const holderDid = publicKeyToDidKey(publicKey);
+    const unsignedVP = {
+        "@context": ["https://www.w3.org/ns/credentials/v2"],
+        type: ["VerifiablePresentation"],
+        holder: holderDid,
+        verifiableCredential: credentials,
+    };
+    return signVerifiablePresentation(unsignedVP, privateKey, publicKey);
+}
+//# sourceMappingURL=credentials.js.map

package/dist/credentials.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,aAAa,EACb,WAAW,EACX,aAAa,EACb,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,MAAM,GACP,MAAM,cAAc,CAAC;AAsEtB,2BAA2B;AAE3B,SAAS,uBAAuB,CAAC,SAAqB;IACpD,MAAM,GAAG,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC9C,OAAO,GAAG,GAAG,IAAI,QAAQ,EAAE,CAAC;AAC9B,CAAC;AAED,iCAAiC;AAEjC;;;;;;;;GAQG;AACH,KAAK,UAAU,iBAAiB,CAC9B,QAAiC,EACjC,UAAsB,EACtB,SAAqB,EACrB,YAAkD;IAElD,MAAM,kBAAkB,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;IAC9D,MAAM,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEzC,MAAM,YAAY,GAAG;QACnB,IAAI,EAAE,oBAA6B;QACnC,WAAW,EAAE,gBAAyB;QACtC,OAAO;QACP,kBAAkB;QAClB,YAAY;KACb,CAAC;IAEF,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,GAAG,QAAQ,CAAC;IACvD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxB,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;IAExC,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,GAAG,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAEpD,OAAO,EAAE,GAAG,YAAY,EAAE,UAAU,EAAE,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,0BAA0B,CACvC,QAAiC,EACjC,KAAyB;IAEzB,IAAI,KAAK,CAAC,IAAI,KAAK,oBAAoB,IAAI,KAAK,CAAC,WAAW,KAAK,gBAAgB,EAAE,CAAC;QAClF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,KAAK,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;IACpD,IAAI,SAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,SAAS,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,GAAG,YAAY,EAAE,GAAG,KAAK,CAAC;IAE9C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,GAAG,QAAQ,CAAC;IACvD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxB,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;IAExC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,SAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,aAAa,CAAC,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED,4CAA4C;AAE5C,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,UAAkD,EAClD,UAAsB,EACtB,SAAqB;IAErB,MAAM,KAAK,GAAG,MAAM,iBAAiB,CACnC,UAAgD,EAChD,UAAU,EACV,SAAS,EACT,iBAAiB,CAClB,CAAC;IACF,OAAO,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,CAAC;AAClC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAA2B;IAE3B,IAAI,EAAE,CAAC,UAAU,EAAE,CAAC;QAClB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC;QACpD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAAE,OAAO,KAAK,CAAC;IAC3C,CAAC;IACD,OAAO,0BAA0B,CAAC,EAAwC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;AACxF,CAAC;AAED,8CAA8C;AAE9C,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,UAAiD,EACjD,UAAsB,EACtB,SAAqB;IAErB,MAAM,KAAK,GAAG,MAAM,iBAAiB,CACnC,UAAgD,EAChD,UAAU,EACV,SAAS,EACT,gBAAgB,CACjB,CAAC;IACF,OAAO,EAAE,GAAG,UAAU,EAAE,KAAK,EAA4B,CAAC;AAC5D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,EAA0B;IAE1B,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,MAAM,0BAA0B,CAC9C,EAAwC,EACxC,EAAE,CAAC,KAAK,CACT,CAAC;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC/C,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxD,MAAM,EAAE,GAAG,EAAE,CAAC,oBAAoB,CAAC,CAAC,CAAE,CAAC;QACvC,MAAM,OAAO,GAAG,MAAM,0BAA0B,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC;AAED,yCAAyC;AAEzC,MAAM,gBAAgB,GAAG,yBAAyB,CAAC;AACnD,MAAM,kBAAkB,GAAG,2BAA2B,CAAC;AACvD,MAAM,aAAa,GAAG,sBAAsB,CAAC;AAE7C,MAAM,WAAW,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnC,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,QAWC,EACD,UAAsB,EACtB,SAAqB,EACrB,UAAmB,EACnB,UAAU,GAAG,WAAW,EACxB,cAAuB;IAEvB,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC/C,MAAM,OAAO,GAA8B;QACzC,EAAE,EAAE,UAAU,IAAI,SAAS;QAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;QAC7C,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;QAC7C,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;QAC/C,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;QAC/C,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;QAC7C,sBAAsB,EAAE,QAAQ,CAAC,sBAAsB;QACvD,eAAe,EAAE,QAAQ,CAAC,eAAe;QACzC,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;QAC/C,WAAW,EAAE,QAAQ,CAAC,SAAS;KAChC,CAAC;IAEF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,UAAU,GAAmE;QACjF,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,IAAI,EAAE,CAAC,sBAAsB,EAAE,gBAAgB,CAAC;QAChD,MAAM,EAAE,SAAS;QACjB,iBAAiB,EAAE,OAAO;QAC1B,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;QAC5B,UAAU,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE;QAC9D,GAAG,CAAC,cAAc;YAChB,CAAC,CAAC,EAAE,gBAAgB,EAAE,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE;YAC1E,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;IAEF,OAAO,wBAAwB,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,QAOC,EACD,UAAsB,EACtB,SAAqB,EACrB,UAAkB,EAClB,UAAU,GAAG,WAAW,EACxB,cAAuB;IAEvB,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAgC;QAC3C,EAAE,EAAE,UAAU;QACd,YAAY,EAAE,QAAQ,CAAC,YAAY;QACnC,cAAc,EAAE,QAAQ,CAAC,cAAc;QACvC,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,YAAY,EAAE,QAAQ,CAAC,YAAY;QACnC,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,WAAW,EAAE,QAAQ,CAAC,WAAW;KAClC,CAAC;IAEF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,UAAU,GAAqE;QACnF,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,IAAI,EAAE,CAAC,sBAAsB,EAAE,kBAAkB,CAAC;QAClD,MAAM,EAAE,SAAS;QACjB,iBAAiB,EAAE,OAAO;QAC1B,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;QAC5B,UAAU,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE;QAC9D,GAAG,CAAC,cAAc;YAChB,CAAC,CAAC,EAAE,gBAAgB,EAAE,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE;YAC1E,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;IAEF,OAAO,wBAAwB,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,WAOC,EACD,UAAsB,EACtB,SAAqB,EACrB,UAAkB,EAClB,UAAU,GAAG,WAAW,EACxB,cAAuB;IAEvB,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC/C,MAAM,OAAO,GAA2B;QACtC,EAAE,EAAE,UAAU;QACd,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,iBAAiB,EAAE,WAAW,CAAC,iBAAiB;QAChD,gBAAgB,EAAE,WAAW,CAAC,gBAAgB,IAAI,CAAC;QACnD,YAAY,EAAE,WAAW,CAAC,YAAY,IAAI,CAAC;QAC3C,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,YAAY,EAAE,WAAW,CAAC,YAAY;KACvC,CAAC;IAEF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,UAAU,GAAgE;QAC9E,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,IAAI,EAAE,CAAC,sBAAsB,EAAE,aAAa,CAAC;QAC7C,MAAM,EAAE,SAAS;QACjB,iBAAiB,EAAE,OAAO;QAC1B,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;QAC5B,UAAU,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE;QAC9D,GAAG,CAAC,cAAc;YAChB,CAAC,CAAC,EAAE,gBAAgB,EAAE,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE;YAC1E,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;IAEF,OAAO,wBAAwB,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,WAAmC,EACnC,UAAsB,EACtB,SAAqB;IAErB,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC/C,MAAM,UAAU,GAA0C;QACxD,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,IAAI,EAAE,CAAC,wBAAwB,CAAC;QAChC,MAAM,EAAE,SAAS;QACjB,oBAAoB,EAAE,WAAW;KAClC,CAAC;IAEF,OAAO,0BAA0B,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AACvE,CAAC"}