@mysten/seal 0.4.19 → 0.4.21

package/CHANGELOG.md

@@ -1,5 +1,22 @@
 # @mysten/seal
 
+## 0.4.21
+
+### Patch Changes
+
+- Updated dependencies [660377c]
+  - @mysten/sui@1.37.2
+
+## 0.4.20
+
+### Patch Changes
+
+- Updated dependencies [33230ed]
+- Updated dependencies [33230ed]
+- Updated dependencies [33230ed]
+  - @mysten/bcs@1.7.0
+  - @mysten/sui@1.37.1
+
 ## 0.4.19
 
 ### Patch Changes

package/dist/cjs/bcs.d.ts

@@ -1,142 +1,89 @@
-export declare const IBEEncryptions: import("@mysten/bcs").BcsType<{
-    BonehFranklinBLS12381: {
-        nonce: Uint8Array<ArrayBufferLike>;
-        encryptedShares: Uint8Array<ArrayBufferLike>[];
-        encryptedRandomness: Uint8Array<ArrayBufferLike>;
-    };
-    $kind: "BonehFranklinBLS12381";
-}, {
-    BonehFranklinBLS12381: {
-        nonce: Iterable<number>;
-        encryptedShares: Iterable<Iterable<number>> & {
+export declare const IBEEncryptions: import("@mysten/bcs").BcsEnum<{
+    BonehFranklinBLS12381: import("@mysten/bcs").BcsStruct<{
+        nonce: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[96]">;
+        encryptedShares: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>[], Iterable<Iterable<number>> & {
             length: number;
-        };
-        encryptedRandomness: Iterable<number>;
-    };
-}>;
-export declare const Ciphertext: import("@mysten/bcs").BcsType<import("@mysten/bcs").EnumOutputShapeWithKeys<{
-    Aes256Gcm: {
-        blob: number[];
-        aad: number[] | null;
-    };
-    Hmac256Ctr: {
-        blob: number[];
-        aad: number[] | null;
-        mac: Uint8Array<ArrayBufferLike>;
-    };
-    Plain: {};
-}, "Aes256Gcm" | "Hmac256Ctr" | "Plain">, import("@mysten/bcs").EnumInputShape<{
-    Aes256Gcm: {
-        blob: Iterable<number> & {
+        }, string>;
+        encryptedRandomness: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[32]">;
+    }, string>;
+}, "IBEEncryptions">;
+export declare const Ciphertext: import("@mysten/bcs").BcsEnum<{
+    Aes256Gcm: import("@mysten/bcs").BcsStruct<{
+        blob: import("@mysten/bcs").BcsType<number[], Iterable<number> & {
             length: number;
-        };
-        aad: (Iterable<number> & {
+        }, string>;
+        aad: import("@mysten/bcs").BcsType<number[] | null, (Iterable<number> & {
             length: number;
-        }) | null | undefined;
-    };
-    Hmac256Ctr: {
-        blob: Iterable<number> & {
+        }) | null | undefined, "Option<vector<u8>>">;
+    }, string>;
+    Hmac256Ctr: import("@mysten/bcs").BcsStruct<{
+        blob: import("@mysten/bcs").BcsType<number[], Iterable<number> & {
             length: number;
-        };
-        aad: (Iterable<number> & {
+        }, string>;
+        aad: import("@mysten/bcs").BcsType<number[] | null, (Iterable<number> & {
             length: number;
-        }) | null | undefined;
-        mac: Iterable<number>;
-    };
-    Plain: {};
-}>>;
+        }) | null | undefined, "Option<vector<u8>>">;
+        mac: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[32]">;
+    }, string>;
+    Plain: import("@mysten/bcs").BcsStruct<{}, string>;
+}, "Ciphertext">;
 /**
  * The encrypted object format. Should be aligned with the Rust implementation.
  */
-export declare const EncryptedObject: import("@mysten/bcs").BcsType<{
-    version: number;
-    packageId: string;
-    id: string;
-    services: [string, number][];
-    threshold: number;
-    encryptedShares: {
-        BonehFranklinBLS12381: {
-            nonce: Uint8Array<ArrayBufferLike>;
-            encryptedShares: Uint8Array<ArrayBufferLike>[];
-            encryptedRandomness: Uint8Array<ArrayBufferLike>;
-        };
-        $kind: "BonehFranklinBLS12381";
-    };
-    ciphertext: import("@mysten/bcs").EnumOutputShapeWithKeys<{
-        Aes256Gcm: {
-            blob: number[];
-            aad: number[] | null;
-        };
-        Hmac256Ctr: {
-            blob: number[];
-            aad: number[] | null;
-            mac: Uint8Array<ArrayBufferLike>;
-        };
-        Plain: {};
-    }, "Aes256Gcm" | "Hmac256Ctr" | "Plain">;
-}, {
-    version: number;
-    packageId: string | Uint8Array<ArrayBufferLike>;
-    id: string;
-    services: Iterable<readonly [string | Uint8Array<ArrayBufferLike>, number]> & {
+export declare const EncryptedObject: import("@mysten/bcs").BcsStruct<{
+    version: import("@mysten/bcs").BcsType<number, number, "u8">;
+    packageId: import("@mysten/bcs").BcsType<string, string | Uint8Array<ArrayBufferLike>, "bytes[32]">;
+    id: import("@mysten/bcs").BcsType<string, string, string>;
+    services: import("@mysten/bcs").BcsType<[string, number][], Iterable<readonly [string | Uint8Array<ArrayBufferLike>, number]> & {
         length: number;
-    };
-    threshold: number;
-    encryptedShares: {
-        BonehFranklinBLS12381: {
-            nonce: Iterable<number>;
-            encryptedShares: Iterable<Iterable<number>> & {
+    }, string>;
+    threshold: import("@mysten/bcs").BcsType<number, number, "u8">;
+    encryptedShares: import("@mysten/bcs").BcsEnum<{
+        BonehFranklinBLS12381: import("@mysten/bcs").BcsStruct<{
+            nonce: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[96]">;
+            encryptedShares: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>[], Iterable<Iterable<number>> & {
                 length: number;
-            };
-            encryptedRandomness: Iterable<number>;
-        };
-    };
-    ciphertext: import("@mysten/bcs").EnumInputShape<{
-        Aes256Gcm: {
-            blob: Iterable<number> & {
+            }, string>;
+            encryptedRandomness: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[32]">;
+        }, string>;
+    }, "IBEEncryptions">;
+    ciphertext: import("@mysten/bcs").BcsEnum<{
+        Aes256Gcm: import("@mysten/bcs").BcsStruct<{
+            blob: import("@mysten/bcs").BcsType<number[], Iterable<number> & {
                 length: number;
-            };
-            aad: (Iterable<number> & {
+            }, string>;
+            aad: import("@mysten/bcs").BcsType<number[] | null, (Iterable<number> & {
                 length: number;
-            }) | null | undefined;
-        };
-        Hmac256Ctr: {
-            blob: Iterable<number> & {
+            }) | null | undefined, "Option<vector<u8>>">;
+        }, string>;
+        Hmac256Ctr: import("@mysten/bcs").BcsStruct<{
+            blob: import("@mysten/bcs").BcsType<number[], Iterable<number> & {
                 length: number;
-            };
-            aad: (Iterable<number> & {
+            }, string>;
+            aad: import("@mysten/bcs").BcsType<number[] | null, (Iterable<number> & {
                 length: number;
-            }) | null | undefined;
-            mac: Iterable<number>;
-        };
-        Plain: {};
-    }>;
-}>;
+            }) | null | undefined, "Option<vector<u8>>">;
+            mac: import("@mysten/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "bytes[32]">;
+        }, string>;
+        Plain: import("@mysten/bcs").BcsStruct<{}, string>;
+    }, "Ciphertext">;
+}, string>;
 /**
  * The Move struct for the KeyServerV1 object.
  */
-export declare const KeyServerMoveV1: import("@mysten/bcs").BcsType<{
-    name: string;
-    url: string;
-    keyType: number;
-    pk: number[];
-}, {
-    name: string;
-    url: string;
-    keyType: number;
-    pk: Iterable<number> & {
+export declare const KeyServerMoveV1: import("@mysten/bcs").BcsStruct<{
+    name: import("@mysten/bcs").BcsType<string, string, "string">;
+    url: import("@mysten/bcs").BcsType<string, string, "string">;
+    keyType: import("@mysten/bcs").BcsType<number, number, "u8">;
+    pk: import("@mysten/bcs").BcsType<number[], Iterable<number> & {
         length: number;
-    };
-}>;
+    }, string>;
+}, string>;
 /**
  * The Move struct for the parent object.
  */
-export declare const KeyServerMove: import("@mysten/bcs").BcsType<{
-    id: string;
-    firstVersion: string;
-    lastVersion: string;
-}, {
-    id: string | Uint8Array<ArrayBufferLike>;
-    firstVersion: string | number | bigint;
-    lastVersion: string | number | bigint;
-}>;
+export declare const KeyServerMove: import("@mysten/bcs").BcsStruct<{
+    id: import("@mysten/bcs").BcsType<string, string | Uint8Array<ArrayBufferLike>, "bytes[32]">;
+    firstVersion: import("@mysten/bcs").BcsType<string, string | number | bigint, "u64">;
+    lastVersion: import("@mysten/bcs").BcsType<string, string | number | bigint, "u64">;
+}, string>;

package/dist/cjs/bcs.js

@@ -36,25 +36,25 @@ const IBEEncryptions = import_bcs2.bcs.enum("IBEEncryptions", {
 });
 const Ciphertext = import_bcs2.bcs.enum("Ciphertext", {
   Aes256Gcm: import_bcs2.bcs.struct("Aes256Gcm", {
-    blob: import_bcs2.bcs.vector(import_bcs2.bcs.U8),
-    aad: import_bcs2.bcs.option(import_bcs2.bcs.vector(import_bcs2.bcs.U8))
+    blob: import_bcs2.bcs.vector(import_bcs2.bcs.u8()),
+    aad: import_bcs2.bcs.option(import_bcs2.bcs.vector(import_bcs2.bcs.u8()))
   }),
   Hmac256Ctr: import_bcs2.bcs.struct("Hmac256Ctr", {
-    blob: import_bcs2.bcs.vector(import_bcs2.bcs.U8),
-    aad: import_bcs2.bcs.option(import_bcs2.bcs.vector(import_bcs2.bcs.U8)),
+    blob: import_bcs2.bcs.vector(import_bcs2.bcs.u8()),
+    aad: import_bcs2.bcs.option(import_bcs2.bcs.vector(import_bcs2.bcs.u8())),
     mac: import_bcs2.bcs.bytes(32)
   }),
   Plain: import_bcs2.bcs.struct("Plain", {})
 });
 const EncryptedObject = import_bcs2.bcs.struct("EncryptedObject", {
-  version: import_bcs2.bcs.U8,
+  version: import_bcs2.bcs.u8(),
   packageId: import_bcs2.bcs.Address,
   id: import_bcs2.bcs.vector(import_bcs2.bcs.U8).transform({
     output: (val) => (0, import_bcs.toHex)(new Uint8Array(val)),
     input: (val) => (0, import_bcs.fromHex)(val)
   }),
-  services: import_bcs2.bcs.vector(import_bcs2.bcs.tuple([import_bcs2.bcs.Address, import_bcs2.bcs.U8])),
-  threshold: import_bcs2.bcs.U8,
+  services: import_bcs2.bcs.vector(import_bcs2.bcs.tuple([import_bcs2.bcs.Address, import_bcs2.bcs.u8()])),
+  threshold: import_bcs2.bcs.u8(),
   encryptedShares: IBEEncryptions,
   ciphertext: Ciphertext
 });

package/dist/cjs/bcs.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/bcs.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromHex, toHex } from '@mysten/bcs';\nimport { bcs } from '@mysten/sui/bcs';\n\nexport const IBEEncryptions = bcs.enum('IBEEncryptions', {\n\tBonehFranklinBLS12381: bcs.struct('BonehFranklinBLS12381', {\n\t\tnonce: bcs.bytes(96),\n\t\tencryptedShares: bcs.vector(bcs.bytes(32)),\n\t\tencryptedRandomness: bcs.bytes(32),\n\t}),\n});\n\nexport const Ciphertext = bcs.enum('Ciphertext', {\n\tAes256Gcm: bcs.struct('Aes256Gcm', {\n\t\tblob: bcs.vector(bcs.U8),\n\t\taad: bcs.option(bcs.vector(bcs.U8)),\n\t}),\n\tHmac256Ctr: bcs.struct('Hmac256Ctr', {\n\t\tblob: bcs.vector(bcs.U8),\n\t\taad: bcs.option(bcs.vector(bcs.U8)),\n\t\tmac: bcs.bytes(32),\n\t}),\n\tPlain: bcs.struct('Plain', {}),\n});\n\n/**\n * The encrypted object format. Should be aligned with the Rust implementation.\n */\nexport const EncryptedObject = bcs.struct('EncryptedObject', {\n\tversion: bcs.U8,\n\tpackageId: bcs.Address,\n\tid: bcs.vector(bcs.U8).transform({\n\t\toutput: (val) => toHex(new Uint8Array(val)),\n\t\tinput: (val: string) => fromHex(val),\n\t}),\n\tservices: bcs.vector(bcs.tuple([bcs.Address, bcs.U8])),\n\tthreshold: bcs.U8,\n\tencryptedShares: IBEEncryptions,\n\tciphertext: Ciphertext,\n});\n\n/**\n * The Move struct for the KeyServerV1 object.\n */\nexport const KeyServerMoveV1 = bcs.struct('KeyServerV1', {\n\tname: bcs.string(),\n\turl: bcs.string(),\n\tkeyType: bcs.u8(),\n\tpk: bcs.vector(bcs.u8()),\n});\n\n/**\n * The Move struct for the parent object.\n */\nexport const KeyServerMove = bcs.struct('KeyServer', {\n\tid: bcs.Address,\n\tfirstVersion: bcs.u64(), // latest version\n\tlastVersion: bcs.u64(), // oldest version\n});\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAA+B;AAC/B,IAAAA,cAAoB;AAEb,MAAM,iBAAiB,gBAAI,KAAK,kBAAkB;AAAA,EACxD,uBAAuB,gBAAI,OAAO,yBAAyB;AAAA,IAC1D,OAAO,gBAAI,MAAM,EAAE;AAAA,IACnB,iBAAiB,gBAAI,OAAO,gBAAI,MAAM,EAAE,CAAC;AAAA,IACzC,qBAAqB,gBAAI,MAAM,EAAE;AAAA,EAClC,CAAC;AACF,CAAC;AAEM,MAAM,aAAa,gBAAI,KAAK,cAAc;AAAA,EAChD,WAAW,gBAAI,OAAO,aAAa;AAAA,IAClC,MAAM,gBAAI,OAAO,gBAAI,EAAE;AAAA,IACvB,KAAK,gBAAI,OAAO,gBAAI,OAAO,gBAAI,EAAE,CAAC;AAAA,EACnC,CAAC;AAAA,EACD,YAAY,gBAAI,OAAO,cAAc;AAAA,IACpC,MAAM,gBAAI,OAAO,gBAAI,EAAE;AAAA,IACvB,KAAK,gBAAI,OAAO,gBAAI,OAAO,gBAAI,EAAE,CAAC;AAAA,IAClC,KAAK,gBAAI,MAAM,EAAE;AAAA,EAClB,CAAC;AAAA,EACD,OAAO,gBAAI,OAAO,SAAS,CAAC,CAAC;AAC9B,CAAC;AAKM,MAAM,kBAAkB,gBAAI,OAAO,mBAAmB;AAAA,EAC5D,SAAS,gBAAI;AAAA,EACb,WAAW,gBAAI;AAAA,EACf,IAAI,gBAAI,OAAO,gBAAI,EAAE,EAAE,UAAU;AAAA,IAChC,QAAQ,CAAC,YAAQ,kBAAM,IAAI,WAAW,GAAG,CAAC;AAAA,IAC1C,OAAO,CAAC,YAAgB,oBAAQ,GAAG;AAAA,EACpC,CAAC;AAAA,EACD,UAAU,gBAAI,OAAO,gBAAI,MAAM,CAAC,gBAAI,SAAS,gBAAI,EAAE,CAAC,CAAC;AAAA,EACrD,WAAW,gBAAI;AAAA,EACf,iBAAiB;AAAA,EACjB,YAAY;AACb,CAAC;AAKM,MAAM,kBAAkB,gBAAI,OAAO,eAAe;AAAA,EACxD,MAAM,gBAAI,OAAO;AAAA,EACjB,KAAK,gBAAI,OAAO;AAAA,EAChB,SAAS,gBAAI,GAAG;AAAA,EAChB,IAAI,gBAAI,OAAO,gBAAI,GAAG,CAAC;AACxB,CAAC;AAKM,MAAM,gBAAgB,gBAAI,OAAO,aAAa;AAAA,EACpD,IAAI,gBAAI;AAAA,EACR,cAAc,gBAAI,IAAI;AAAA;AAAA,EACtB,aAAa,gBAAI,IAAI;AAAA;AACtB,CAAC;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromHex, toHex } from '@mysten/bcs';\nimport { bcs } from '@mysten/sui/bcs';\n\nexport const IBEEncryptions = bcs.enum('IBEEncryptions', {\n\tBonehFranklinBLS12381: bcs.struct('BonehFranklinBLS12381', {\n\t\tnonce: bcs.bytes(96),\n\t\tencryptedShares: bcs.vector(bcs.bytes(32)),\n\t\tencryptedRandomness: bcs.bytes(32),\n\t}),\n});\n\nexport const Ciphertext = bcs.enum('Ciphertext', {\n\tAes256Gcm: bcs.struct('Aes256Gcm', {\n\t\tblob: bcs.vector(bcs.u8()),\n\t\taad: bcs.option(bcs.vector(bcs.u8())),\n\t}),\n\tHmac256Ctr: bcs.struct('Hmac256Ctr', {\n\t\tblob: bcs.vector(bcs.u8()),\n\t\taad: bcs.option(bcs.vector(bcs.u8())),\n\t\tmac: bcs.bytes(32),\n\t}),\n\tPlain: bcs.struct('Plain', {}),\n});\n\n/**\n * The encrypted object format. Should be aligned with the Rust implementation.\n */\nexport const EncryptedObject = bcs.struct('EncryptedObject', {\n\tversion: bcs.u8(),\n\tpackageId: bcs.Address,\n\tid: bcs.vector(bcs.U8).transform({\n\t\toutput: (val) => toHex(new Uint8Array(val)),\n\t\tinput: (val: string) => fromHex(val),\n\t}),\n\tservices: bcs.vector(bcs.tuple([bcs.Address, bcs.u8()])),\n\tthreshold: bcs.u8(),\n\tencryptedShares: IBEEncryptions,\n\tciphertext: Ciphertext,\n});\n\n/**\n * The Move struct for the KeyServerV1 object.\n */\nexport const KeyServerMoveV1 = bcs.struct('KeyServerV1', {\n\tname: bcs.string(),\n\turl: bcs.string(),\n\tkeyType: bcs.u8(),\n\tpk: bcs.vector(bcs.u8()),\n});\n\n/**\n * The Move struct for the parent object.\n */\nexport const KeyServerMove = bcs.struct('KeyServer', {\n\tid: bcs.Address,\n\tfirstVersion: bcs.u64(), // latest version\n\tlastVersion: bcs.u64(), // oldest version\n});\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAA+B;AAC/B,IAAAA,cAAoB;AAEb,MAAM,iBAAiB,gBAAI,KAAK,kBAAkB;AAAA,EACxD,uBAAuB,gBAAI,OAAO,yBAAyB;AAAA,IAC1D,OAAO,gBAAI,MAAM,EAAE;AAAA,IACnB,iBAAiB,gBAAI,OAAO,gBAAI,MAAM,EAAE,CAAC;AAAA,IACzC,qBAAqB,gBAAI,MAAM,EAAE;AAAA,EAClC,CAAC;AACF,CAAC;AAEM,MAAM,aAAa,gBAAI,KAAK,cAAc;AAAA,EAChD,WAAW,gBAAI,OAAO,aAAa;AAAA,IAClC,MAAM,gBAAI,OAAO,gBAAI,GAAG,CAAC;AAAA,IACzB,KAAK,gBAAI,OAAO,gBAAI,OAAO,gBAAI,GAAG,CAAC,CAAC;AAAA,EACrC,CAAC;AAAA,EACD,YAAY,gBAAI,OAAO,cAAc;AAAA,IACpC,MAAM,gBAAI,OAAO,gBAAI,GAAG,CAAC;AAAA,IACzB,KAAK,gBAAI,OAAO,gBAAI,OAAO,gBAAI,GAAG,CAAC,CAAC;AAAA,IACpC,KAAK,gBAAI,MAAM,EAAE;AAAA,EAClB,CAAC;AAAA,EACD,OAAO,gBAAI,OAAO,SAAS,CAAC,CAAC;AAC9B,CAAC;AAKM,MAAM,kBAAkB,gBAAI,OAAO,mBAAmB;AAAA,EAC5D,SAAS,gBAAI,GAAG;AAAA,EAChB,WAAW,gBAAI;AAAA,EACf,IAAI,gBAAI,OAAO,gBAAI,EAAE,EAAE,UAAU;AAAA,IAChC,QAAQ,CAAC,YAAQ,kBAAM,IAAI,WAAW,GAAG,CAAC;AAAA,IAC1C,OAAO,CAAC,YAAgB,oBAAQ,GAAG;AAAA,EACpC,CAAC;AAAA,EACD,UAAU,gBAAI,OAAO,gBAAI,MAAM,CAAC,gBAAI,SAAS,gBAAI,GAAG,CAAC,CAAC,CAAC;AAAA,EACvD,WAAW,gBAAI,GAAG;AAAA,EAClB,iBAAiB;AAAA,EACjB,YAAY;AACb,CAAC;AAKM,MAAM,kBAAkB,gBAAI,OAAO,eAAe;AAAA,EACxD,MAAM,gBAAI,OAAO;AAAA,EACjB,KAAK,gBAAI,OAAO;AAAA,EAChB,SAAS,gBAAI,GAAG;AAAA,EAChB,IAAI,gBAAI,OAAO,gBAAI,GAAG,CAAC;AACxB,CAAC;AAKM,MAAM,gBAAgB,gBAAI,OAAO,aAAa;AAAA,EACpD,IAAI,gBAAI;AAAA,EACR,cAAc,gBAAI,IAAI;AAAA;AAAA,EACtB,aAAa,gBAAI,IAAI;AAAA;AACtB,CAAC;",
   "names": ["import_bcs"]
 }

package/dist/cjs/bls12381.js

@@ -26,7 +26,6 @@ __export(bls12381_exports, {
 module.exports = __toCommonJS(bls12381_exports);
 var import_bcs = require("@mysten/bcs");
 var import_bls12_381 = require("@noble/curves/bls12-381");
-var import_utils = require("./utils.js");
 const _G1Element = class _G1Element {
   constructor(point) {
     this.point = point;
@@ -98,7 +97,14 @@ const _GTElement = class _GTElement {
     const P = [0, 3, 1, 4, 2, 5];
     const PAIR_SIZE = _GTElement.SIZE / P.length;
     const bytes = import_bls12_381.bls12_381.fields.Fp12.toBytes(this.element);
-    return (0, import_utils.flatten)(P.map((p) => bytes.subarray(p * PAIR_SIZE, (p + 1) * PAIR_SIZE)));
+    const result = new Uint8Array(_GTElement.SIZE);
+    for (let i = 0; i < P.length; i++) {
+      const sourceStart = P[i] * PAIR_SIZE;
+      const sourceEnd = sourceStart + PAIR_SIZE;
+      const targetStart = i * PAIR_SIZE;
+      result.set(bytes.subarray(sourceStart, sourceEnd), targetStart);
+    }
+    return result;
   }
   equals(other) {
     return import_bls12_381.bls12_381.fields.Fp12.eql(this.element, other.element);

package/dist/cjs/bls12381.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/bls12381.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toHex } from '@mysten/bcs';\nimport type { Fp2, Fp12 } from '@noble/curves/abstract/tower';\nimport type { ProjPointType } from '@noble/curves/abstract/weierstrass';\nimport { bls12_381 } from '@noble/curves/bls12-381';\nimport { flatten } from './utils.js';\n\nexport class G1Element {\n\tpoint: ProjPointType<bigint>;\n\n\tpublic static readonly SIZE = 48;\n\n\tconstructor(point: ProjPointType<bigint>) {\n\t\tthis.point = point;\n\t}\n\n\tstatic generator(): G1Element {\n\t\treturn new G1Element(bls12_381.G1.ProjectivePoint.BASE);\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): G1Element {\n\t\treturn new G1Element(bls12_381.G1.ProjectivePoint.fromHex(toHex(bytes)));\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn this.point.toRawBytes();\n\t}\n\n\tmultiply(scalar: Scalar): G1Element {\n\t\treturn new G1Element(this.point.multiply(scalar.scalar));\n\t}\n\n\tadd(other: G1Element): G1Element {\n\t\treturn new G1Element(this.point.add(other.point));\n\t}\n\n\tsubtract(other: G1Element): G1Element {\n\t\treturn new G1Element(this.point.subtract(other.point));\n\t}\n\n\tstatic hashToCurve(data: Uint8Array): G1Element {\n\t\treturn new G1Element(\n\t\t\tbls12_381.G1.ProjectivePoint.fromAffine(bls12_381.G1.hashToCurve(data).toAffine()),\n\t\t);\n\t}\n\n\tpairing(other: G2Element): GTElement {\n\t\treturn new GTElement(bls12_381.pairing(this.point, other.point));\n\t}\n}\n\nexport class G2Element {\n\tpoint: ProjPointType<Fp2>;\n\n\tpublic static readonly SIZE = 96;\n\n\tconstructor(point: ProjPointType<Fp2>) {\n\t\tthis.point = point;\n\t}\n\n\tstatic generator(): G2Element {\n\t\treturn new G2Element(bls12_381.G2.ProjectivePoint.BASE);\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): G2Element {\n\t\treturn new G2Element(bls12_381.G2.ProjectivePoint.fromHex(toHex(bytes)));\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn this.point.toRawBytes();\n\t}\n\n\tmultiply(scalar: Scalar): G2Element {\n\t\treturn new G2Element(this.point.multiply(scalar.scalar));\n\t}\n\n\tadd(other: G2Element): G2Element {\n\t\treturn new G2Element(this.point.add(other.point));\n\t}\n\n\tstatic hashToCurve(data: Uint8Array): G2Element {\n\t\treturn new G2Element(\n\t\t\tbls12_381.G2.ProjectivePoint.fromAffine(bls12_381.G2.hashToCurve(data).toAffine()),\n\t\t);\n\t}\n\n\tequals(other: G2Element): boolean {\n\t\treturn this.point.equals(other.point);\n\t}\n}\n\nexport class GTElement {\n\telement: Fp12;\n\n\tpublic static readonly SIZE = 576;\n\n\tconstructor(element: Fp12) {\n\t\tthis.element = element;\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\t// This permutation reorders the 6 pairs of coefficients of the GT element for compatability with the Rust and Move implementations.\n\t\t//\n\t\t// The permutation P may be computed as:\n\t\t// for i in 0..3 {\n\t\t//   for j in 0..2 {\n\t\t//     P[2 * i + j] = i + 3 * j;\n\t\t//   }\n\t\t// }\n\t\tconst P = [0, 3, 1, 4, 2, 5];\n\t\tconst PAIR_SIZE = GTElement.SIZE / P.length;\n\n\t\tconst bytes = bls12_381.fields.Fp12.toBytes(this.element);\n\t\treturn flatten(P.map((p) => bytes.subarray(p * PAIR_SIZE, (p + 1) * PAIR_SIZE)));\n\t}\n\n\tequals(other: GTElement): boolean {\n\t\treturn bls12_381.fields.Fp12.eql(this.element, other.element);\n\t}\n}\n\nexport class Scalar {\n\tscalar: bigint;\n\n\tpublic static readonly SIZE = 32;\n\n\tconstructor(scalar: bigint) {\n\t\tthis.scalar = scalar;\n\t}\n\n\tstatic random(): Scalar {\n\t\treturn Scalar.fromBytes(bls12_381.utils.randomPrivateKey());\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn new Uint8Array(bls12_381.fields.Fr.toBytes(this.scalar));\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): Scalar {\n\t\treturn new Scalar(bls12_381.fields.Fr.fromBytes(bytes));\n\t}\n\n\tstatic fromNumber(num: number): Scalar {\n\t\treturn new Scalar(BigInt(num));\n\t}\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAsB;AAGtB,uBAA0B;AAC1B,mBAAwB;AAEjB,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,OAA8B;AACzC,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,OAAO,YAAuB;AAC7B,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,IAAI;AAAA,EACvD;AAAA,EAEA,OAAO,UAAU,OAA8B;AAC9C,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,YAAQ,kBAAM,KAAK,CAAC,CAAC;AAAA,EACxE;AAAA,EAEA,UAAsB;AACrB,WAAO,KAAK,MAAM,WAAW;AAAA,EAC9B;AAAA,EAEA,SAAS,QAA2B;AACnC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,OAAO,MAAM,CAAC;AAAA,EACxD;AAAA,EAEA,IAAI,OAA6B;AAChC,WAAO,IAAI,WAAU,KAAK,MAAM,IAAI,MAAM,KAAK,CAAC;AAAA,EACjD;AAAA,EAEA,SAAS,OAA6B;AACrC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,MAAM,KAAK,CAAC;AAAA,EACtD;AAAA,EAEA,OAAO,YAAY,MAA6B;AAC/C,WAAO,IAAI;AAAA,MACV,2BAAU,GAAG,gBAAgB,WAAW,2BAAU,GAAG,YAAY,IAAI,EAAE,SAAS,CAAC;AAAA,IAClF;AAAA,EACD;AAAA,EAEA,QAAQ,OAA6B;AACpC,WAAO,IAAI,UAAU,2BAAU,QAAQ,KAAK,OAAO,MAAM,KAAK,CAAC;AAAA,EAChE;AACD;AA1Ca,WAGW,OAAO;AAHxB,IAAM,YAAN;AA4CA,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,OAA2B;AACtC,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,OAAO,YAAuB;AAC7B,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,IAAI;AAAA,EACvD;AAAA,EAEA,OAAO,UAAU,OAA8B;AAC9C,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,YAAQ,kBAAM,KAAK,CAAC,CAAC;AAAA,EACxE;AAAA,EAEA,UAAsB;AACrB,WAAO,KAAK,MAAM,WAAW;AAAA,EAC9B;AAAA,EAEA,SAAS,QAA2B;AACnC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,OAAO,MAAM,CAAC;AAAA,EACxD;AAAA,EAEA,IAAI,OAA6B;AAChC,WAAO,IAAI,WAAU,KAAK,MAAM,IAAI,MAAM,KAAK,CAAC;AAAA,EACjD;AAAA,EAEA,OAAO,YAAY,MAA6B;AAC/C,WAAO,IAAI;AAAA,MACV,2BAAU,GAAG,gBAAgB,WAAW,2BAAU,GAAG,YAAY,IAAI,EAAE,SAAS,CAAC;AAAA,IAClF;AAAA,EACD;AAAA,EAEA,OAAO,OAA2B;AACjC,WAAO,KAAK,MAAM,OAAO,MAAM,KAAK;AAAA,EACrC;AACD;AAtCa,WAGW,OAAO;AAHxB,IAAM,YAAN;AAwCA,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,SAAe;AAC1B,SAAK,UAAU;AAAA,EAChB;AAAA,EAEA,UAAsB;AASrB,UAAM,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;AAC3B,UAAM,YAAY,WAAU,OAAO,EAAE;AAErC,UAAM,QAAQ,2BAAU,OAAO,KAAK,QAAQ,KAAK,OAAO;AACxD,eAAO,sBAAQ,EAAE,IAAI,CAAC,MAAM,MAAM,SAAS,IAAI,YAAY,IAAI,KAAK,SAAS,CAAC,CAAC;AAAA,EAChF;AAAA,EAEA,OAAO,OAA2B;AACjC,WAAO,2BAAU,OAAO,KAAK,IAAI,KAAK,SAAS,MAAM,OAAO;AAAA,EAC7D;AACD;AA5Ba,WAGW,OAAO;AAHxB,IAAM,YAAN;AA8BA,MAAM,UAAN,MAAM,QAAO;AAAA,EAKnB,YAAY,QAAgB;AAC3B,SAAK,SAAS;AAAA,EACf;AAAA,EAEA,OAAO,SAAiB;AACvB,WAAO,QAAO,UAAU,2BAAU,MAAM,iBAAiB,CAAC;AAAA,EAC3D;AAAA,EAEA,UAAsB;AACrB,WAAO,IAAI,WAAW,2BAAU,OAAO,GAAG,QAAQ,KAAK,MAAM,CAAC;AAAA,EAC/D;AAAA,EAEA,OAAO,UAAU,OAA2B;AAC3C,WAAO,IAAI,QAAO,2BAAU,OAAO,GAAG,UAAU,KAAK,CAAC;AAAA,EACvD;AAAA,EAEA,OAAO,WAAW,KAAqB;AACtC,WAAO,IAAI,QAAO,OAAO,GAAG,CAAC;AAAA,EAC9B;AACD;AAxBa,QAGW,OAAO;AAHxB,IAAM,SAAN;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toHex } from '@mysten/bcs';\nimport type { Fp2, Fp12 } from '@noble/curves/abstract/tower';\nimport type { ProjPointType } from '@noble/curves/abstract/weierstrass';\nimport { bls12_381 } from '@noble/curves/bls12-381';\n\nexport class G1Element {\n\tpoint: ProjPointType<bigint>;\n\n\tpublic static readonly SIZE = 48;\n\n\tconstructor(point: ProjPointType<bigint>) {\n\t\tthis.point = point;\n\t}\n\n\tstatic generator(): G1Element {\n\t\treturn new G1Element(bls12_381.G1.ProjectivePoint.BASE);\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): G1Element {\n\t\treturn new G1Element(bls12_381.G1.ProjectivePoint.fromHex(toHex(bytes)));\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn this.point.toRawBytes();\n\t}\n\n\tmultiply(scalar: Scalar): G1Element {\n\t\treturn new G1Element(this.point.multiply(scalar.scalar));\n\t}\n\n\tadd(other: G1Element): G1Element {\n\t\treturn new G1Element(this.point.add(other.point));\n\t}\n\n\tsubtract(other: G1Element): G1Element {\n\t\treturn new G1Element(this.point.subtract(other.point));\n\t}\n\n\tstatic hashToCurve(data: Uint8Array): G1Element {\n\t\treturn new G1Element(\n\t\t\tbls12_381.G1.ProjectivePoint.fromAffine(bls12_381.G1.hashToCurve(data).toAffine()),\n\t\t);\n\t}\n\n\tpairing(other: G2Element): GTElement {\n\t\treturn new GTElement(bls12_381.pairing(this.point, other.point));\n\t}\n}\n\nexport class G2Element {\n\tpoint: ProjPointType<Fp2>;\n\n\tpublic static readonly SIZE = 96;\n\n\tconstructor(point: ProjPointType<Fp2>) {\n\t\tthis.point = point;\n\t}\n\n\tstatic generator(): G2Element {\n\t\treturn new G2Element(bls12_381.G2.ProjectivePoint.BASE);\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): G2Element {\n\t\treturn new G2Element(bls12_381.G2.ProjectivePoint.fromHex(toHex(bytes)));\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn this.point.toRawBytes();\n\t}\n\n\tmultiply(scalar: Scalar): G2Element {\n\t\treturn new G2Element(this.point.multiply(scalar.scalar));\n\t}\n\n\tadd(other: G2Element): G2Element {\n\t\treturn new G2Element(this.point.add(other.point));\n\t}\n\n\tstatic hashToCurve(data: Uint8Array): G2Element {\n\t\treturn new G2Element(\n\t\t\tbls12_381.G2.ProjectivePoint.fromAffine(bls12_381.G2.hashToCurve(data).toAffine()),\n\t\t);\n\t}\n\n\tequals(other: G2Element): boolean {\n\t\treturn this.point.equals(other.point);\n\t}\n}\n\nexport class GTElement {\n\telement: Fp12;\n\n\tpublic static readonly SIZE = 576;\n\n\tconstructor(element: Fp12) {\n\t\tthis.element = element;\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\t// This permutation reorders the 6 pairs of coefficients of the GT element for compatability with the Rust and Move implementations.\n\t\t//\n\t\t// The permutation P may be computed as:\n\t\t// for i in 0..3 {\n\t\t//   for j in 0..2 {\n\t\t//     P[2 * i + j] = i + 3 * j;\n\t\t//   }\n\t\t// }\n\t\tconst P = [0, 3, 1, 4, 2, 5];\n\t\tconst PAIR_SIZE = GTElement.SIZE / P.length;\n\n\t\tconst bytes = bls12_381.fields.Fp12.toBytes(this.element);\n\t\tconst result = new Uint8Array(GTElement.SIZE);\n\n\t\tfor (let i = 0; i < P.length; i++) {\n\t\t\tconst sourceStart = P[i] * PAIR_SIZE;\n\t\t\tconst sourceEnd = sourceStart + PAIR_SIZE;\n\t\t\tconst targetStart = i * PAIR_SIZE;\n\t\t\tresult.set(bytes.subarray(sourceStart, sourceEnd), targetStart);\n\t\t}\n\n\t\treturn result;\n\t}\n\n\tequals(other: GTElement): boolean {\n\t\treturn bls12_381.fields.Fp12.eql(this.element, other.element);\n\t}\n}\n\nexport class Scalar {\n\tscalar: bigint;\n\n\tpublic static readonly SIZE = 32;\n\n\tconstructor(scalar: bigint) {\n\t\tthis.scalar = scalar;\n\t}\n\n\tstatic random(): Scalar {\n\t\treturn Scalar.fromBytes(bls12_381.utils.randomPrivateKey());\n\t}\n\n\ttoBytes(): Uint8Array {\n\t\treturn new Uint8Array(bls12_381.fields.Fr.toBytes(this.scalar));\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): Scalar {\n\t\treturn new Scalar(bls12_381.fields.Fr.fromBytes(bytes));\n\t}\n\n\tstatic fromNumber(num: number): Scalar {\n\t\treturn new Scalar(BigInt(num));\n\t}\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAsB;AAGtB,uBAA0B;AAEnB,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,OAA8B;AACzC,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,OAAO,YAAuB;AAC7B,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,IAAI;AAAA,EACvD;AAAA,EAEA,OAAO,UAAU,OAA8B;AAC9C,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,YAAQ,kBAAM,KAAK,CAAC,CAAC;AAAA,EACxE;AAAA,EAEA,UAAsB;AACrB,WAAO,KAAK,MAAM,WAAW;AAAA,EAC9B;AAAA,EAEA,SAAS,QAA2B;AACnC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,OAAO,MAAM,CAAC;AAAA,EACxD;AAAA,EAEA,IAAI,OAA6B;AAChC,WAAO,IAAI,WAAU,KAAK,MAAM,IAAI,MAAM,KAAK,CAAC;AAAA,EACjD;AAAA,EAEA,SAAS,OAA6B;AACrC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,MAAM,KAAK,CAAC;AAAA,EACtD;AAAA,EAEA,OAAO,YAAY,MAA6B;AAC/C,WAAO,IAAI;AAAA,MACV,2BAAU,GAAG,gBAAgB,WAAW,2BAAU,GAAG,YAAY,IAAI,EAAE,SAAS,CAAC;AAAA,IAClF;AAAA,EACD;AAAA,EAEA,QAAQ,OAA6B;AACpC,WAAO,IAAI,UAAU,2BAAU,QAAQ,KAAK,OAAO,MAAM,KAAK,CAAC;AAAA,EAChE;AACD;AA1Ca,WAGW,OAAO;AAHxB,IAAM,YAAN;AA4CA,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,OAA2B;AACtC,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,OAAO,YAAuB;AAC7B,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,IAAI;AAAA,EACvD;AAAA,EAEA,OAAO,UAAU,OAA8B;AAC9C,WAAO,IAAI,WAAU,2BAAU,GAAG,gBAAgB,YAAQ,kBAAM,KAAK,CAAC,CAAC;AAAA,EACxE;AAAA,EAEA,UAAsB;AACrB,WAAO,KAAK,MAAM,WAAW;AAAA,EAC9B;AAAA,EAEA,SAAS,QAA2B;AACnC,WAAO,IAAI,WAAU,KAAK,MAAM,SAAS,OAAO,MAAM,CAAC;AAAA,EACxD;AAAA,EAEA,IAAI,OAA6B;AAChC,WAAO,IAAI,WAAU,KAAK,MAAM,IAAI,MAAM,KAAK,CAAC;AAAA,EACjD;AAAA,EAEA,OAAO,YAAY,MAA6B;AAC/C,WAAO,IAAI;AAAA,MACV,2BAAU,GAAG,gBAAgB,WAAW,2BAAU,GAAG,YAAY,IAAI,EAAE,SAAS,CAAC;AAAA,IAClF;AAAA,EACD;AAAA,EAEA,OAAO,OAA2B;AACjC,WAAO,KAAK,MAAM,OAAO,MAAM,KAAK;AAAA,EACrC;AACD;AAtCa,WAGW,OAAO;AAHxB,IAAM,YAAN;AAwCA,MAAM,aAAN,MAAM,WAAU;AAAA,EAKtB,YAAY,SAAe;AAC1B,SAAK,UAAU;AAAA,EAChB;AAAA,EAEA,UAAsB;AASrB,UAAM,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;AAC3B,UAAM,YAAY,WAAU,OAAO,EAAE;AAErC,UAAM,QAAQ,2BAAU,OAAO,KAAK,QAAQ,KAAK,OAAO;AACxD,UAAM,SAAS,IAAI,WAAW,WAAU,IAAI;AAE5C,aAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AAClC,YAAM,cAAc,EAAE,CAAC,IAAI;AAC3B,YAAM,YAAY,cAAc;AAChC,YAAM,cAAc,IAAI;AACxB,aAAO,IAAI,MAAM,SAAS,aAAa,SAAS,GAAG,WAAW;AAAA,IAC/D;AAEA,WAAO;AAAA,EACR;AAAA,EAEA,OAAO,OAA2B;AACjC,WAAO,2BAAU,OAAO,KAAK,IAAI,KAAK,SAAS,MAAM,OAAO;AAAA,EAC7D;AACD;AArCa,WAGW,OAAO;AAHxB,IAAM,YAAN;AAuCA,MAAM,UAAN,MAAM,QAAO;AAAA,EAKnB,YAAY,QAAgB;AAC3B,SAAK,SAAS;AAAA,EACf;AAAA,EAEA,OAAO,SAAiB;AACvB,WAAO,QAAO,UAAU,2BAAU,MAAM,iBAAiB,CAAC;AAAA,EAC3D;AAAA,EAEA,UAAsB;AACrB,WAAO,IAAI,WAAW,2BAAU,OAAO,GAAG,QAAQ,KAAK,MAAM,CAAC;AAAA,EAC/D;AAAA,EAEA,OAAO,UAAU,OAA2B;AAC3C,WAAO,IAAI,QAAO,2BAAU,OAAO,GAAG,UAAU,KAAK,CAAC;AAAA,EACvD;AAAA,EAEA,OAAO,WAAW,KAAqB;AACtC,WAAO,IAAI,QAAO,OAAO,GAAG,CAAC;AAAA,EAC9B;AACD;AAxBa,QAGW,OAAO;AAHxB,IAAM,SAAN;",
   "names": []
 }

package/dist/cjs/client.d.ts

@@ -1,33 +1,10 @@
-import { DemType, KemType } from './encrypt.js';
+import { G2Element } from './bls12381.js';
 import type { DerivedKey, KeyServer } from './key-server.js';
-import type { SessionKey } from './session-key.js';
-import type { SealCompatibleClient } from './types.js';
-/**
- * Configuration options for initializing a SealClient
- * @property serverConfigs: Array of key server configs consisting of objectId, weight, optional API key name and API key.
- * @property verifyKeyServers: Whether to verify the key servers' authenticity.
- * 	 Should be false if servers are pre-verified (e.g., getAllowlistedKeyServers).
- * 	 Defaults to true.
- * @property timeout: Timeout in milliseconds for network requests. Defaults to 10 seconds.
- */
-export interface SealClientExtensionOptions {
-    serverConfigs: KeyServerConfig[];
-    verifyKeyServers?: boolean;
-    timeout?: number;
-}
-export interface KeyServerConfig {
-    objectId: string;
-    weight: number;
-    apiKeyName?: string;
-    apiKey?: string;
-}
-export interface SealClientOptions extends SealClientExtensionOptions {
-    suiClient: SealCompatibleClient;
-}
+import type { DecryptOptions, EncryptOptions, FetchKeysOptions, GetDerivedKeysOptions, SealClientExtensionOptions, SealClientOptions, SealCompatibleClient } from './types.js';
 export declare class SealClient {
     #private;
     constructor(options: SealClientOptions);
-    static experimental_asClientExtension(options: SealClientExtensionOptions): {
+    static asClientExtension(options: SealClientExtensionOptions): {
         name: "seal";
         register: (client: SealCompatibleClient) => SealClient;
     };
@@ -44,15 +21,7 @@ export declare class SealClient {
      * @returns The bcs bytes of the encrypted object containing all metadata and the 256-bit symmetric key that was used to encrypt the object.
      * 	Since the symmetric key can be used to decrypt, it should not be shared but can be used e.g. for backup.
      */
-    encrypt({ kemType, demType, threshold, packageId, id, data, aad, }: {
-        kemType?: KemType;
-        demType?: DemType;
-        threshold: number;
-        packageId: string;
-        id: string;
-        data: Uint8Array;
-        aad?: Uint8Array;
-    }): Promise<{
+    encrypt({ kemType, demType, threshold, packageId, id, data, aad, }: EncryptOptions): Promise<{
         encryptedObject: Uint8Array;
         key: Uint8Array;
     }>;
@@ -62,17 +31,27 @@ export declare class SealClient {
      * The function throws an error if the client's key servers are not a subset of
      * the encrypted object's key servers or if the threshold cannot be met.
      *
+     * If checkShareConsistency is true, the decrypted shares are checked for consistency, meaning that
+     * any combination of at least threshold shares should either succesfully combine to the plaintext or fail.
+     * This is useful in case the encryptor is not trusted and the decryptor wants to ensure all decryptors
+     * receive the same output (e.g., for onchain encrypted voting).
+     *
      * @param data - The encrypted bytes to decrypt.
      * @param sessionKey - The session key to use.
      * @param txBytes - The transaction bytes to use (that calls seal_approve* functions).
+     * @param checkShareConsistency - If true, the shares are checked for consistency.
      * @returns - The decrypted plaintext corresponding to ciphertext.
      */
-    decrypt({ data, sessionKey, txBytes, }: {
-        data: Uint8Array;
-        sessionKey: SessionKey;
-        txBytes: Uint8Array;
-    }): Promise<Uint8Array<ArrayBufferLike>>;
+    decrypt({ data, sessionKey, txBytes, checkShareConsistency }: DecryptOptions): Promise<Uint8Array<ArrayBufferLike>>;
     getKeyServers(): Promise<Map<string, KeyServer>>;
+    /**
+     * Get the public keys for the given services.
+     * If all public keys are not in the cache, they are retrieved.
+     *
+     * @param services - The services to get the public keys for.
+     * @returns The public keys for the given services in the same order as the given services.
+     */
+    getPublicKeys(services: string[]): Promise<G2Element[]>;
     /**
      * Fetch keys from the key servers and update the cache.
      *
@@ -85,12 +64,7 @@ export declare class SealClient {
      * @param sessionKey - The session key to use.
      * @param threshold - The threshold for the TSS encryptions. The function returns when a threshold of key servers had returned keys for all ids.
      */
-    fetchKeys({ ids, txBytes, sessionKey, threshold, }: {
-        ids: string[];
-        txBytes: Uint8Array;
-        sessionKey: SessionKey;
-        threshold: number;
-    }): Promise<void>;
+    fetchKeys({ ids, txBytes, sessionKey, threshold }: FetchKeysOptions): Promise<void>;
     /**
      * Get derived keys from the given services.
      *
@@ -100,11 +74,5 @@ export declare class SealClient {
      * @param threshold - The threshold.
      * @returns - Derived keys for the given services that are in the cache as a "service object ID" -> derived key map. If the call is succesful, exactly threshold keys will be returned.
      */
-    getDerivedKeys({ kemType, id, txBytes, sessionKey, threshold, }: {
-        kemType?: KemType;
-        id: string;
-        txBytes: Uint8Array;
-        sessionKey: SessionKey;
-        threshold: number;
-    }): Promise<Map<string, DerivedKey>>;
+    getDerivedKeys({ kemType, id, txBytes, sessionKey, threshold, }: GetDerivedKeysOptions): Promise<Map<string, DerivedKey>>;
 }

package/dist/cjs/client.js

@@ -37,9 +37,8 @@ var import_encrypt = require("./encrypt.js");
 var import_error = require("./error.js");
 var import_ibe = require("./ibe.js");
 var import_key_server = require("./key-server.js");
-var import_keys = require("./keys.js");
 var import_utils = require("./utils.js");
-var _suiClient, _configs, _keyServers, _verifyKeyServers, _cachedKeys, _timeout, _totalWeight, _SealClient_instances, createEncryptionInput_fn, weight_fn, validateEncryptionServices_fn, getWeightedKeyServers_fn, loadKeyServers_fn;
+var _suiClient, _configs, _keyServers, _verifyKeyServers, _cachedKeys, _cachedPublicKeys, _timeout, _totalWeight, _SealClient_instances, createEncryptionInput_fn, weight_fn, validateEncryptionServices_fn, getWeightedKeyServers_fn, loadKeyServers_fn;
 const _SealClient = class _SealClient {
   constructor(options) {
     __privateAdd(this, _SealClient_instances);
@@ -49,6 +48,7 @@ const _SealClient = class _SealClient {
     __privateAdd(this, _verifyKeyServers);
     // A caching map for: fullId:object_id -> partial key.
     __privateAdd(this, _cachedKeys, /* @__PURE__ */ new Map());
+    __privateAdd(this, _cachedPublicKeys, /* @__PURE__ */ new Map());
     __privateAdd(this, _timeout);
     __privateAdd(this, _totalWeight);
     __privateSet(this, _suiClient, options.suiClient);
@@ -65,7 +65,7 @@ const _SealClient = class _SealClient {
     __privateSet(this, _verifyKeyServers, options.verifyKeyServers ?? true);
     __privateSet(this, _timeout, options.timeout ?? 1e4);
   }
-  static experimental_asClientExtension(options) {
+  static asClientExtension(options) {
     return {
       name: "seal",
       register: (client) => {
@@ -117,16 +117,18 @@ const _SealClient = class _SealClient {
    * The function throws an error if the client's key servers are not a subset of
    * the encrypted object's key servers or if the threshold cannot be met.
    *
+   * If checkShareConsistency is true, the decrypted shares are checked for consistency, meaning that
+   * any combination of at least threshold shares should either succesfully combine to the plaintext or fail.
+   * This is useful in case the encryptor is not trusted and the decryptor wants to ensure all decryptors
+   * receive the same output (e.g., for onchain encrypted voting).
+   *
    * @param data - The encrypted bytes to decrypt.
    * @param sessionKey - The session key to use.
    * @param txBytes - The transaction bytes to use (that calls seal_approve* functions).
+   * @param checkShareConsistency - If true, the shares are checked for consistency.
    * @returns - The decrypted plaintext corresponding to ciphertext.
    */
-  async decrypt({
-    data,
-    sessionKey,
-    txBytes
-  }) {
+  async decrypt({ data, sessionKey, txBytes, checkShareConsistency }) {
     const encryptedObject = import_bcs.EncryptedObject.parse(data);
     __privateMethod(this, _SealClient_instances, validateEncryptionServices_fn).call(this, encryptedObject.services.map((s) => s[0]), encryptedObject.threshold);
     await this.fetchKeys({
@@ -135,6 +137,12 @@ const _SealClient = class _SealClient {
       sessionKey,
       threshold: encryptedObject.threshold
     });
+    if (checkShareConsistency) {
+      const publicKeys = await this.getPublicKeys(
+        encryptedObject.services.map(([objectId, _]) => objectId)
+      );
+      return (0, import_decrypt.decrypt)({ encryptedObject, keys: __privateGet(this, _cachedKeys), publicKeys });
+    }
     return (0, import_decrypt.decrypt)({ encryptedObject, keys: __privateGet(this, _cachedKeys) });
   }
   async getKeyServers() {
@@ -146,6 +154,34 @@ const _SealClient = class _SealClient {
     }
     return __privateGet(this, _keyServers);
   }
+  /**
+   * Get the public keys for the given services.
+   * If all public keys are not in the cache, they are retrieved.
+   *
+   * @param services - The services to get the public keys for.
+   * @returns The public keys for the given services in the same order as the given services.
+   */
+  async getPublicKeys(services) {
+    const keyServers = await this.getKeyServers();
+    const missingKeyServers = services.filter(
+      (objectId) => !keyServers.has(objectId) && !__privateGet(this, _cachedPublicKeys).has(objectId)
+    );
+    if (missingKeyServers.length > 0) {
+      (await (0, import_key_server.retrieveKeyServers)({
+        objectIds: missingKeyServers,
+        client: __privateGet(this, _suiClient)
+      })).forEach(
+        (keyServer) => __privateGet(this, _cachedPublicKeys).set(keyServer.objectId, import_bls12381.G2Element.fromBytes(keyServer.pk))
+      );
+    }
+    return services.map((objectId) => {
+      const keyServer = keyServers.get(objectId);
+      if (keyServer) {
+        return import_bls12381.G2Element.fromBytes(keyServer.pk);
+      }
+      return __privateGet(this, _cachedPublicKeys).get(objectId);
+    });
+  }
   /**
    * Fetch keys from the key servers and update the cache.
    *
@@ -158,12 +194,7 @@ const _SealClient = class _SealClient {
    * @param sessionKey - The session key to use.
    * @param threshold - The threshold for the TSS encryptions. The function returns when a threshold of key servers had returned keys for all ids.
    */
-  async fetchKeys({
-    ids,
-    txBytes,
-    sessionKey,
-    threshold
-  }) {
+  async fetchKeys({ ids, txBytes, sessionKey, threshold }) {
     if (threshold > __privateGet(this, _totalWeight) || threshold < 1) {
       throw new import_error.InvalidThresholdError(
         `Invalid threshold ${threshold} servers with weights ${__privateGet(this, _configs)}`
@@ -185,15 +216,7 @@ const _SealClient = class _SealClient {
     if (completedWeight >= threshold) {
       return;
     }
-    for (const objectId of remainingKeyServers) {
-      const server = keyServers.get(objectId);
-      if (server.keyType !== import_key_server.KeyServerType.BonehFranklinBLS12381) {
-        throw new import_error.InvalidKeyServerError(
-          `Server ${server.objectId} has invalid key type: ${server.keyType}`
-        );
-      }
-    }
-    const cert = await sessionKey.getCertificate();
+    const certificate = await sessionKey.getCertificate();
     const signedRequest = await sessionKey.createRequestParams(txBytes);
     const controller = new AbortController();
     const errors = [];
@@ -201,17 +224,19 @@ const _SealClient = class _SealClient {
       const server = keyServers.get(objectId);
       try {
         const config = __privateGet(this, _configs).get(objectId);
-        const allKeys = await (0, import_keys.fetchKeysForAllIds)(
-          server.url,
-          signedRequest.requestSignature,
-          txBytes,
-          signedRequest.decryptionKey,
-          cert,
-          __privateGet(this, _timeout),
-          config?.apiKeyName,
-          config?.apiKey,
-          controller.signal
-        );
+        const allKeys = await (0, import_key_server.fetchKeysForAllIds)({
+          url: server.url,
+          requestSignature: signedRequest.requestSignature,
+          transactionBytes: txBytes,
+          encKey: signedRequest.encKey,
+          encKeyPk: signedRequest.encKeyPk,
+          encVerificationKey: signedRequest.encVerificationKey,
+          certificate,
+          timeout: __privateGet(this, _timeout),
+          apiKeyName: config?.apiKeyName,
+          apiKey: config?.apiKey,
+          signal: controller.signal
+        });
         for (const { fullId, key } of allKeys) {
           const keyElement = import_bls12381.G1Element.fromBytes(key);
           if (!import_ibe.BonehFranklinBLS12381Services.verifyUserSecretKey(
@@ -298,6 +323,7 @@ _configs = new WeakMap();
 _keyServers = new WeakMap();
 _verifyKeyServers = new WeakMap();
 _cachedKeys = new WeakMap();
+_cachedPublicKeys = new WeakMap();
 _timeout = new WeakMap();
 _totalWeight = new WeakMap();
 _SealClient_instances = new WeakSet();