@mysten/seal 0.4.20 → 0.4.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (83) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/dist/cjs/bcs.js +7 -7
  3. package/dist/cjs/bcs.js.map +2 -2
  4. package/dist/cjs/bls12381.js +8 -2
  5. package/dist/cjs/bls12381.js.map +2 -2
  6. package/dist/cjs/client.d.ts +21 -53
  7. package/dist/cjs/client.js +60 -34
  8. package/dist/cjs/client.js.map +2 -2
  9. package/dist/cjs/decrypt.d.ts +6 -1
  10. package/dist/cjs/decrypt.js +26 -9
  11. package/dist/cjs/decrypt.js.map +2 -2
  12. package/dist/cjs/dem.d.ts +1 -1
  13. package/dist/cjs/dem.js +9 -0
  14. package/dist/cjs/dem.js.map +2 -2
  15. package/dist/cjs/encrypt.js +6 -10
  16. package/dist/cjs/encrypt.js.map +3 -3
  17. package/dist/cjs/ibe.d.ts +32 -12
  18. package/dist/cjs/ibe.js +32 -12
  19. package/dist/cjs/ibe.js.map +2 -2
  20. package/dist/cjs/index.d.ts +3 -3
  21. package/dist/cjs/index.js.map +2 -2
  22. package/dist/cjs/kdf.js.map +1 -1
  23. package/dist/cjs/key-server.d.ts +47 -1
  24. package/dist/cjs/key-server.js +57 -4
  25. package/dist/cjs/key-server.js.map +2 -2
  26. package/dist/cjs/session-key.d.ts +21 -13
  27. package/dist/cjs/session-key.js +27 -10
  28. package/dist/cjs/session-key.js.map +2 -2
  29. package/dist/cjs/shamir.js +1 -1
  30. package/dist/cjs/shamir.js.map +2 -2
  31. package/dist/cjs/types.d.ts +67 -0
  32. package/dist/cjs/types.js.map +1 -1
  33. package/dist/cjs/utils.d.ts +7 -0
  34. package/dist/cjs/utils.js +7 -0
  35. package/dist/cjs/utils.js.map +2 -2
  36. package/dist/cjs/version.d.ts +1 -1
  37. package/dist/cjs/version.js +1 -1
  38. package/dist/cjs/version.js.map +1 -1
  39. package/dist/esm/bcs.js +7 -7
  40. package/dist/esm/bcs.js.map +2 -2
  41. package/dist/esm/bls12381.js +8 -2
  42. package/dist/esm/bls12381.js.map +2 -2
  43. package/dist/esm/client.d.ts +21 -53
  44. package/dist/esm/client.js +62 -36
  45. package/dist/esm/client.js.map +2 -2
  46. package/dist/esm/decrypt.d.ts +6 -1
  47. package/dist/esm/decrypt.js +28 -11
  48. package/dist/esm/decrypt.js.map +2 -2
  49. package/dist/esm/dem.d.ts +1 -1
  50. package/dist/esm/dem.js +9 -0
  51. package/dist/esm/dem.js.map +2 -2
  52. package/dist/esm/encrypt.js +4 -8
  53. package/dist/esm/encrypt.js.map +2 -2
  54. package/dist/esm/ibe.d.ts +32 -12
  55. package/dist/esm/ibe.js +32 -12
  56. package/dist/esm/ibe.js.map +2 -2
  57. package/dist/esm/index.d.ts +3 -3
  58. package/dist/esm/index.js.map +2 -2
  59. package/dist/esm/kdf.js.map +1 -1
  60. package/dist/esm/key-server.d.ts +47 -1
  61. package/dist/esm/key-server.js +64 -6
  62. package/dist/esm/key-server.js.map +2 -2
  63. package/dist/esm/session-key.d.ts +21 -13
  64. package/dist/esm/session-key.js +27 -10
  65. package/dist/esm/session-key.js.map +2 -2
  66. package/dist/esm/shamir.js +1 -1
  67. package/dist/esm/shamir.js.map +2 -2
  68. package/dist/esm/types.d.ts +67 -0
  69. package/dist/esm/utils.d.ts +7 -0
  70. package/dist/esm/utils.js +7 -0
  71. package/dist/esm/utils.js.map +2 -2
  72. package/dist/esm/version.d.ts +1 -1
  73. package/dist/esm/version.js +1 -1
  74. package/dist/esm/version.js.map +1 -1
  75. package/dist/tsconfig.esm.tsbuildinfo +1 -1
  76. package/dist/tsconfig.tsbuildinfo +1 -1
  77. package/package.json +2 -2
  78. package/dist/cjs/keys.d.ts +0 -17
  79. package/dist/cjs/keys.js +0 -64
  80. package/dist/cjs/keys.js.map +0 -7
  81. package/dist/esm/keys.d.ts +0 -17
  82. package/dist/esm/keys.js +0 -44
  83. package/dist/esm/keys.js.map +0 -7
package/dist/esm/key-server.js CHANGED
@@ -1,22 +1,27 @@
1
- import { bcs, fromBase64, fromHex, toHex } from "@mysten/bcs";
1
+ import { bcs, fromBase64, fromHex, toBase64, toHex } from "@mysten/bcs";
2
2
  import { bls12_381 } from "@noble/curves/bls12-381";
3
3
  import { KeyServerMove, KeyServerMoveV1 } from "./bcs.js";
4
- import { InvalidKeyServerVersionError, SealAPIError, UnsupportedNetworkError } from "./error.js";
4
+ import {
5
+ InvalidKeyServerError,
6
+ InvalidKeyServerVersionError,
7
+ SealAPIError,
8
+ UnsupportedNetworkError
9
+ } from "./error.js";
5
10
  import { DST_POP } from "./ibe.js";
6
11
  import { PACKAGE_VERSION } from "./version.js";
7
12
  import { flatten, Version } from "./utils.js";
13
+ import { elgamalDecrypt } from "./elgamal.js";
8
14
  const EXPECTED_SERVER_VERSION = 1;
9
15
  var KeyServerType = /* @__PURE__ */ ((KeyServerType2) => {
10
16
  KeyServerType2[KeyServerType2["BonehFranklinBLS12381"] = 0] = "BonehFranklinBLS12381";
11
17
  return KeyServerType2;
12
18
  })(KeyServerType || {});
13
19
  const SERVER_VERSION_REQUIREMENT = new Version("0.4.1");
20
+ const MYSTEN_LABS_KEY_SERVER_1 = "0x73d05d62c18d9374e3ea529e8e0ed6161da1a141a94d3f76ae3fe4e99356db75";
21
+ const MYSTEN_LABS_KEY_SERVER_2 = "0xf5d14a81a982144ae441cd7d64b09027f116a468bd36e7eca494f750591623c8";
14
22
  function getAllowlistedKeyServers(network) {
15
23
  if (network === "testnet") {
16
- return [
17
- "0x73d05d62c18d9374e3ea529e8e0ed6161da1a141a94d3f76ae3fe4e99356db75",
18
- "0xf5d14a81a982144ae441cd7d64b09027f116a468bd36e7eca494f750591623c8"
19
- ];
24
+ return [MYSTEN_LABS_KEY_SERVER_1, MYSTEN_LABS_KEY_SERVER_2];
20
25
  } else {
21
26
  throw new UnsupportedNetworkError(`Unsupported network ${network}`);
22
27
  }
@@ -44,6 +49,11 @@ async function retrieveKeyServers({
44
49
  }
45
50
  });
46
51
  const ksVersioned = KeyServerMoveV1.parse(resVersionedKs.dynamicField.value.bcs);
52
+ if (ksVersioned.keyType !== 0 /* BonehFranklinBLS12381 */) {
53
+ throw new InvalidKeyServerError(
54
+ `Server ${objectId} has invalid key type: ${ksVersioned.keyType}`
55
+ );
56
+ }
47
57
  return {
48
58
  objectId,
49
59
  name: ksVersioned.name,
@@ -96,10 +106,58 @@ class BonehFranklinBLS12381DerivedKey {
96
106
  return this.representation;
97
107
  }
98
108
  }
109
+ async function fetchKeysForAllIds({
110
+ url,
111
+ requestSignature,
112
+ transactionBytes,
113
+ encKey,
114
+ encKeyPk,
115
+ encVerificationKey,
116
+ certificate,
117
+ timeout,
118
+ apiKeyName,
119
+ apiKey,
120
+ signal
121
+ }) {
122
+ const body = {
123
+ ptb: toBase64(transactionBytes.slice(1)),
124
+ // removes the byte of the transaction type version
125
+ enc_key: toBase64(encKeyPk),
126
+ enc_verification_key: toBase64(encVerificationKey),
127
+ request_signature: requestSignature,
128
+ // already b64
129
+ certificate
130
+ };
131
+ const timeoutSignal = AbortSignal.timeout(timeout);
132
+ const combinedSignal = signal ? AbortSignal.any([signal, timeoutSignal]) : timeoutSignal;
133
+ const requestId = crypto.randomUUID();
134
+ const response = await fetch(url + "/v1/fetch_key", {
135
+ method: "POST",
136
+ headers: {
137
+ "Content-Type": "application/json",
138
+ "Request-Id": requestId,
139
+ "Client-Sdk-Type": "typescript",
140
+ "Client-Sdk-Version": PACKAGE_VERSION,
141
+ ...apiKeyName && apiKey ? { apiKeyName: apiKey } : {}
142
+ },
143
+ body: JSON.stringify(body),
144
+ signal: combinedSignal
145
+ });
146
+ await SealAPIError.assertResponse(response, requestId);
147
+ const resp = await response.json();
148
+ verifyKeyServerVersion(response);
149
+ return resp.decryption_keys.map((dk) => ({
150
+ fullId: toHex(dk.id),
151
+ key: elgamalDecrypt(encKey, dk.encrypted_key.map(fromBase64))
152
+ }));
153
+ }
99
154
  export {
100
155
  BonehFranklinBLS12381DerivedKey,
101
156
  KeyServerType,
157
+ MYSTEN_LABS_KEY_SERVER_1,
158
+ MYSTEN_LABS_KEY_SERVER_2,
102
159
  SERVER_VERSION_REQUIREMENT,
160
+ fetchKeysForAllIds,
103
161
  getAllowlistedKeyServers,
104
162
  retrieveKeyServers,
105
163
  verifyKeyServer,
package/dist/esm/key-server.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../src/key-server.ts"],
4
- "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\nimport { bcs, fromBase64, fromHex, toHex } from '@mysten/bcs';\nimport { bls12_381 } from '@noble/curves/bls12-381';\n\nimport { KeyServerMove, KeyServerMoveV1 } from './bcs.js';\nimport { InvalidKeyServerVersionError, SealAPIError, UnsupportedNetworkError } from './error.js';\nimport { DST_POP } from './ibe.js';\nimport { PACKAGE_VERSION } from './version.js';\nimport type { SealCompatibleClient } from './types.js';\nimport type { G1Element } from './bls12381.js';\nimport { flatten, Version } from './utils.js';\n\nconst EXPECTED_SERVER_VERSION = 1;\n\nexport type KeyServer = {\n\tobjectId: string;\n\tname: string;\n\turl: string;\n\tkeyType: KeyServerType;\n\tpk: Uint8Array;\n};\n\nexport enum KeyServerType {\n\tBonehFranklinBLS12381 = 0,\n}\n\nexport const SERVER_VERSION_REQUIREMENT = new Version('0.4.1');\n\n/**\n * Returns a static list of Seal key server object ids that the dapp can choose to use.\n * @param network - The network to use.\n * @returns The object id's of the key servers.\n */\nexport function getAllowlistedKeyServers(network: 'testnet' | 'mainnet'): string[] {\n\tif (network === 'testnet') {\n\t\treturn [\n\t\t\t'0x73d05d62c18d9374e3ea529e8e0ed6161da1a141a94d3f76ae3fe4e99356db75',\n\t\t\t'0xf5d14a81a982144ae441cd7d64b09027f116a468bd36e7eca494f750591623c8',\n\t\t];\n\t} else {\n\t\tthrow new UnsupportedNetworkError(`Unsupported network ${network}`);\n\t}\n}\n\n/**\n * Given a list of key server object IDs, returns a list of SealKeyServer\n * from onchain state containing name, objectId, URL and pk.\n *\n * @param objectIds - The key server object IDs.\n * @param client - The SuiClient to use.\n * @returns - An array of SealKeyServer.\n */\nexport async function retrieveKeyServers({\n\tobjectIds,\n\tclient,\n}: {\n\tobjectIds: string[];\n\tclient: SealCompatibleClient;\n}): Promise<KeyServer[]> {\n\treturn await Promise.all(\n\t\tobjectIds.map(async (objectId) => {\n\t\t\t// First get the KeyServer object and validate it.\n\t\t\tconst res = await client.core.getObject({\n\t\t\t\tobjectId,\n\t\t\t});\n\t\t\tconst ks = KeyServerMove.parse(await res.object.content);\n\t\t\tif (\n\t\t\t\tEXPECTED_SERVER_VERSION < Number(ks.firstVersion) ||\n\t\t\t\tEXPECTED_SERVER_VERSION > Number(ks.lastVersion)\n\t\t\t) {\n\t\t\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t\t\t`Key server ${objectId} supports versions between ${ks.firstVersion} and ${ks.lastVersion} (inclusive), but SDK expects version ${EXPECTED_SERVER_VERSION}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Then fetch the expected versioned object and parse it.\n\t\t\tconst resVersionedKs = await client.core.getDynamicField({\n\t\t\t\tparentId: objectId,\n\t\t\t\tname: {\n\t\t\t\t\ttype: 'u64',\n\t\t\t\t\tbcs: bcs.u64().serialize(EXPECTED_SERVER_VERSION).toBytes(),\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tconst ksVersioned = KeyServerMoveV1.parse(resVersionedKs.dynamicField.value.bcs);\n\n\t\t\treturn {\n\t\t\t\tobjectId,\n\t\t\t\tname: ksVersioned.name,\n\t\t\t\turl: ksVersioned.url,\n\t\t\t\tkeyType: ksVersioned.keyType,\n\t\t\t\tpk: new Uint8Array(ksVersioned.pk),\n\t\t\t};\n\t\t}),\n\t);\n}\n\n/**\n * Given a KeyServer, fetch the proof of possession (PoP) from the URL and verify it\n * against the pubkey. This should be used only rarely when the dapp uses a dynamic\n * set of key servers.\n *\n * @param server - The KeyServer to verify.\n * @returns - True if the key server is valid, false otherwise.\n */\nexport async function verifyKeyServer(\n\tserver: KeyServer,\n\ttimeout: number,\n\tapiKeyName?: string,\n\tapiKey?: string,\n): Promise<boolean> {\n\tconst requestId = crypto.randomUUID();\n\tconst response = await fetch(server.url! + '/v1/service?service_id=' + server.objectId, {\n\t\tmethod: 'GET',\n\t\theaders: {\n\t\t\t'Content-Type': 'application/json',\n\t\t\t'Request-Id': requestId,\n\t\t\t'Client-Sdk-Type': 'typescript',\n\t\t\t'Client-Sdk-Version': PACKAGE_VERSION,\n\t\t\t...(apiKeyName && apiKey ? { apiKeyName: apiKey } : {}),\n\t\t},\n\t\tsignal: AbortSignal.timeout(timeout),\n\t});\n\n\tawait SealAPIError.assertResponse(response, requestId);\n\tverifyKeyServerVersion(response);\n\tconst serviceResponse = await response.json();\n\n\tif (serviceResponse.service_id !== server.objectId) {\n\t\treturn false;\n\t}\n\tconst fullMsg = flatten([DST_POP, server.pk, fromHex(server.objectId)]);\n\treturn bls12_381.verifyShortSignature(fromBase64(serviceResponse.pop), fullMsg, server.pk);\n}\n\n/**\n * Verify the key server version. Throws an `InvalidKeyServerError` if the version is not supported.\n *\n * @param response - The response from the key server.\n */\nexport function verifyKeyServerVersion(response: Response) {\n\tconst keyServerVersion = response.headers.get('X-KeyServer-Version');\n\tif (keyServerVersion == null) {\n\t\tthrow new InvalidKeyServerVersionError('Key server version not found');\n\t}\n\tif (new Version(keyServerVersion).older_than(SERVER_VERSION_REQUIREMENT)) {\n\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t`Key server version ${keyServerVersion} is not supported`,\n\t\t);\n\t}\n}\n\nexport interface DerivedKey {\n\ttoString(): string;\n}\n\n/**\n * A user secret key for the Boneh-Franklin BLS12381 scheme.\n * This is a wrapper around the G1Element type.\n */\nexport class BonehFranklinBLS12381DerivedKey implements DerivedKey {\n\trepresentation: string;\n\n\tconstructor(public key: G1Element) {\n\t\tthis.representation = toHex(key.toBytes());\n\t}\n\n\ttoString(): string {\n\t\treturn this.representation;\n\t}\n}\n"],
5
- "mappings": "AAEA,SAAS,KAAK,YAAY,SAAS,aAAa;AAChD,SAAS,iBAAiB;AAE1B,SAAS,eAAe,uBAAuB;AAC/C,SAAS,8BAA8B,cAAc,+BAA+B;AACpF,SAAS,eAAe;AACxB,SAAS,uBAAuB;AAGhC,SAAS,SAAS,eAAe;AAEjC,MAAM,0BAA0B;AAUzB,IAAK,gBAAL,kBAAKA,mBAAL;AACN,EAAAA,8BAAA,2BAAwB,KAAxB;AADW,SAAAA;AAAA,GAAA;AAIL,MAAM,6BAA6B,IAAI,QAAQ,OAAO;AAOtD,SAAS,yBAAyB,SAA0C;AAClF,MAAI,YAAY,WAAW;AAC1B,WAAO;AAAA,MACN;AAAA,MACA;AAAA,IACD;AAAA,EACD,OAAO;AACN,UAAM,IAAI,wBAAwB,uBAAuB,OAAO,EAAE;AAAA,EACnE;AACD;AAUA,eAAsB,mBAAmB;AAAA,EACxC;AAAA,EACA;AACD,GAGyB;AACxB,SAAO,MAAM,QAAQ;AAAA,IACpB,UAAU,IAAI,OAAO,aAAa;AAEjC,YAAM,MAAM,MAAM,OAAO,KAAK,UAAU;AAAA,QACvC;AAAA,MACD,CAAC;AACD,YAAM,KAAK,cAAc,MAAM,MAAM,IAAI,OAAO,OAAO;AACvD,UACC,0BAA0B,OAAO,GAAG,YAAY,KAChD,0BAA0B,OAAO,GAAG,WAAW,GAC9C;AACD,cAAM,IAAI;AAAA,UACT,cAAc,QAAQ,8BAA8B,GAAG,YAAY,QAAQ,GAAG,WAAW,yCAAyC,uBAAuB;AAAA,QAC1J;AAAA,MACD;AAGA,YAAM,iBAAiB,MAAM,OAAO,KAAK,gBAAgB;AAAA,QACxD,UAAU;AAAA,QACV,MAAM;AAAA,UACL,MAAM;AAAA,UACN,KAAK,IAAI,IAAI,EAAE,UAAU,uBAAuB,EAAE,QAAQ;AAAA,QAC3D;AAAA,MACD,CAAC;AAED,YAAM,cAAc,gBAAgB,MAAM,eAAe,aAAa,MAAM,GAAG;AAE/E,aAAO;AAAA,QACN;AAAA,QACA,MAAM,YAAY;AAAA,QAClB,KAAK,YAAY;AAAA,QACjB,SAAS,YAAY;AAAA,QACrB,IAAI,IAAI,WAAW,YAAY,EAAE;AAAA,MAClC;AAAA,IACD,CAAC;AAAA,EACF;AACD;AAUA,eAAsB,gBACrB,QACA,SACA,YACA,QACmB;AACnB,QAAM,YAAY,OAAO,WAAW;AACpC,QAAM,WAAW,MAAM,MAAM,OAAO,MAAO,4BAA4B,OAAO,UAAU;AAAA,IACvF,QAAQ;AAAA,IACR,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,cAAc;AAAA,MACd,mBAAmB;AAAA,MACnB,sBAAsB;AAAA,MACtB,GAAI,cAAc,SAAS,EAAE,YAAY,OAAO,IAAI,CAAC;AAAA,IACtD;AAAA,IACA,QAAQ,YAAY,QAAQ,OAAO;AAAA,EACpC,CAAC;AAED,QAAM,aAAa,eAAe,UAAU,SAAS;AACrD,yBAAuB,QAAQ;AAC/B,QAAM,kBAAkB,MAAM,SAAS,KAAK;AAE5C,MAAI,gBAAgB,eAAe,OAAO,UAAU;AACnD,WAAO;AAAA,EACR;AACA,QAAM,UAAU,QAAQ,CAAC,SAAS,OAAO,IAAI,QAAQ,OAAO,QAAQ,CAAC,CAAC;AACtE,SAAO,UAAU,qBAAqB,WAAW,gBAAgB,GAAG,GAAG,SAAS,OAAO,EAAE;AAC1F;AAOO,SAAS,uBAAuB,UAAoB;AAC1D,QAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB;AACnE,MAAI,oBAAoB,MAAM;AAC7B,UAAM,IAAI,6BAA6B,8BAA8B;AAAA,EACtE;AACA,MAAI,IAAI,QAAQ,gBAAgB,EAAE,WAAW,0BAA0B,GAAG;AACzE,UAAM,IAAI;AAAA,MACT,sBAAsB,gBAAgB;AAAA,IACvC;AAAA,EACD;AACD;AAUO,MAAM,gCAAsD;AAAA,EAGlE,YAAmB,KAAgB;AAAhB;AAClB,SAAK,iBAAiB,MAAM,IAAI,QAAQ,CAAC;AAAA,EAC1C;AAAA,EAEA,WAAmB;AAClB,WAAO,KAAK;AAAA,EACb;AACD;",
4
+ "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\nimport { bcs, fromBase64, fromHex, toBase64, toHex } from '@mysten/bcs';\nimport { bls12_381 } from '@noble/curves/bls12-381';\n\nimport { KeyServerMove, KeyServerMoveV1 } from './bcs.js';\nimport {\n\tInvalidKeyServerError,\n\tInvalidKeyServerVersionError,\n\tSealAPIError,\n\tUnsupportedNetworkError,\n} from './error.js';\nimport { DST_POP } from './ibe.js';\nimport { PACKAGE_VERSION } from './version.js';\nimport type { SealCompatibleClient } from './types.js';\nimport type { G1Element } from './bls12381.js';\nimport { flatten, Version } from './utils.js';\nimport { elgamalDecrypt } from './elgamal.js';\nimport type { Certificate } from './session-key.js';\n\nconst EXPECTED_SERVER_VERSION = 1;\n\nexport type KeyServer = {\n\tobjectId: string;\n\tname: string;\n\turl: string;\n\tkeyType: KeyServerType;\n\tpk: Uint8Array;\n};\n\nexport enum KeyServerType {\n\tBonehFranklinBLS12381 = 0,\n}\n\nexport const SERVER_VERSION_REQUIREMENT = new Version('0.4.1');\nexport const MYSTEN_LABS_KEY_SERVER_1 =\n\t'0x73d05d62c18d9374e3ea529e8e0ed6161da1a141a94d3f76ae3fe4e99356db75';\nexport const MYSTEN_LABS_KEY_SERVER_2 =\n\t'0xf5d14a81a982144ae441cd7d64b09027f116a468bd36e7eca494f750591623c8';\n\n/**\n * Returns a static list of Seal key server object ids, corresponding to Mysten ran Seal servers.\n * @param network - The network to use.\n * @returns The object id's of the key servers.\n */\nexport function getAllowlistedKeyServers(network: 'testnet' | 'mainnet'): string[] {\n\tif (network === 'testnet') {\n\t\treturn [MYSTEN_LABS_KEY_SERVER_1, MYSTEN_LABS_KEY_SERVER_2];\n\t} else {\n\t\t// TODO: add mainnet key servers\n\t\tthrow new UnsupportedNetworkError(`Unsupported network ${network}`);\n\t}\n}\n\n/**\n * Given a list of key server object IDs, returns a list of SealKeyServer\n * from onchain state containing name, objectId, URL and pk.\n *\n * @param objectIds - The key server object IDs.\n * @param client - The SuiClient to use.\n * @returns - An array of SealKeyServer.\n */\nexport async function retrieveKeyServers({\n\tobjectIds,\n\tclient,\n}: {\n\tobjectIds: string[];\n\tclient: SealCompatibleClient;\n}): Promise<KeyServer[]> {\n\treturn await Promise.all(\n\t\tobjectIds.map(async (objectId) => {\n\t\t\t// First get the KeyServer object and validate it.\n\t\t\tconst res = await client.core.getObject({\n\t\t\t\tobjectId,\n\t\t\t});\n\t\t\tconst ks = KeyServerMove.parse(await res.object.content);\n\t\t\tif (\n\t\t\t\tEXPECTED_SERVER_VERSION < Number(ks.firstVersion) ||\n\t\t\t\tEXPECTED_SERVER_VERSION > Number(ks.lastVersion)\n\t\t\t) {\n\t\t\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t\t\t`Key server ${objectId} supports versions between ${ks.firstVersion} and ${ks.lastVersion} (inclusive), but SDK expects version ${EXPECTED_SERVER_VERSION}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Then fetch the expected versioned object and parse it.\n\t\t\tconst resVersionedKs = await client.core.getDynamicField({\n\t\t\t\tparentId: objectId,\n\t\t\t\tname: {\n\t\t\t\t\ttype: 'u64',\n\t\t\t\t\tbcs: bcs.u64().serialize(EXPECTED_SERVER_VERSION).toBytes(),\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tconst ksVersioned = KeyServerMoveV1.parse(resVersionedKs.dynamicField.value.bcs);\n\n\t\t\tif (ksVersioned.keyType !== KeyServerType.BonehFranklinBLS12381) {\n\t\t\t\tthrow new InvalidKeyServerError(\n\t\t\t\t\t`Server ${objectId} has invalid key type: ${ksVersioned.keyType}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tobjectId,\n\t\t\t\tname: ksVersioned.name,\n\t\t\t\turl: ksVersioned.url,\n\t\t\t\tkeyType: ksVersioned.keyType,\n\t\t\t\tpk: new Uint8Array(ksVersioned.pk),\n\t\t\t};\n\t\t}),\n\t);\n}\n\n/**\n * Given a KeyServer, fetch the proof of possession (PoP) from the URL and verify it\n * against the pubkey. This should be used only rarely when the dapp uses a dynamic\n * set of key servers.\n *\n * @param server - The KeyServer to verify.\n * @returns - True if the key server is valid, false otherwise.\n */\nexport async function verifyKeyServer(\n\tserver: KeyServer,\n\ttimeout: number,\n\tapiKeyName?: string,\n\tapiKey?: string,\n): Promise<boolean> {\n\tconst requestId = crypto.randomUUID();\n\tconst response = await fetch(server.url! + '/v1/service?service_id=' + server.objectId, {\n\t\tmethod: 'GET',\n\t\theaders: {\n\t\t\t'Content-Type': 'application/json',\n\t\t\t'Request-Id': requestId,\n\t\t\t'Client-Sdk-Type': 'typescript',\n\t\t\t'Client-Sdk-Version': PACKAGE_VERSION,\n\t\t\t...(apiKeyName && apiKey ? { apiKeyName: apiKey } : {}),\n\t\t},\n\t\tsignal: AbortSignal.timeout(timeout),\n\t});\n\n\tawait SealAPIError.assertResponse(response, requestId);\n\tverifyKeyServerVersion(response);\n\tconst serviceResponse = await response.json();\n\n\tif (serviceResponse.service_id !== server.objectId) {\n\t\treturn false;\n\t}\n\tconst fullMsg = flatten([DST_POP, server.pk, fromHex(server.objectId)]);\n\treturn bls12_381.verifyShortSignature(fromBase64(serviceResponse.pop), fullMsg, server.pk);\n}\n\n/**\n * Verify the key server version. Throws an `InvalidKeyServerError` if the version is not supported.\n *\n * @param response - The response from the key server.\n */\nexport function verifyKeyServerVersion(response: Response) {\n\tconst keyServerVersion = response.headers.get('X-KeyServer-Version');\n\tif (keyServerVersion == null) {\n\t\tthrow new InvalidKeyServerVersionError('Key server version not found');\n\t}\n\tif (new Version(keyServerVersion).older_than(SERVER_VERSION_REQUIREMENT)) {\n\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t`Key server version ${keyServerVersion} is not supported`,\n\t\t);\n\t}\n}\n\nexport interface DerivedKey {\n\ttoString(): string;\n}\n\n/**\n * A user secret key for the Boneh-Franklin BLS12381 scheme.\n * This is a wrapper around the G1Element type.\n */\nexport class BonehFranklinBLS12381DerivedKey implements DerivedKey {\n\trepresentation: string;\n\n\tconstructor(public key: G1Element) {\n\t\tthis.representation = toHex(key.toBytes());\n\t}\n\n\ttoString(): string {\n\t\treturn this.representation;\n\t}\n}\n\n/**\n * Options for fetching keys from the key server.\n */\nexport interface FetchKeysOptions {\n\t/** The URL of the key server. */\n\turl: string;\n\t/** The Base64 string of request signature. */\n\trequestSignature: string;\n\t/** The transaction bytes. */\n\ttransactionBytes: Uint8Array;\n\t/** The ephemeral secret key. */\n\tencKey: Uint8Array;\n\t/** The ephemeral public key. */\n\tencKeyPk: Uint8Array;\n\t/** The ephemeral verification key. */\n\tencVerificationKey: Uint8Array;\n\t/** The certificate. */\n\tcertificate: Certificate;\n\t/** Request timeout in milliseconds. */\n\ttimeout: number;\n\t/** Optional API key name. */\n\tapiKeyName?: string;\n\t/** Optional API key. */\n\tapiKey?: string;\n\t/** Optional abort signal for cancellation. */\n\tsignal?: AbortSignal;\n}\n\n/**\n * Helper function to request all keys from URL with requestSig, txBytes, ephemeral pubkey.\n * Then decrypt the Seal key with ephemeral secret key. Returns a list decryption keys with\n * their full IDs.\n *\n * @param url - The URL of the key server.\n * @param requestSig - The Base64 string of request signature.\n * @param txBytes - The transaction bytes.\n * @param encKey - The ephemeral secret key.\n * @param certificate - The certificate.\n * @returns - A list of full ID and the decrypted key.\n */\nexport async function fetchKeysForAllIds({\n\turl,\n\trequestSignature,\n\ttransactionBytes,\n\tencKey,\n\tencKeyPk,\n\tencVerificationKey,\n\tcertificate,\n\ttimeout,\n\tapiKeyName,\n\tapiKey,\n\tsignal,\n}: FetchKeysOptions): Promise<{ fullId: string; key: Uint8Array }[]> {\n\tconst body = {\n\t\tptb: toBase64(transactionBytes.slice(1)), // removes the byte of the transaction type version\n\t\tenc_key: toBase64(encKeyPk),\n\t\tenc_verification_key: toBase64(encVerificationKey),\n\t\trequest_signature: requestSignature, // already b64\n\t\tcertificate,\n\t};\n\n\tconst timeoutSignal = AbortSignal.timeout(timeout);\n\tconst combinedSignal = signal ? AbortSignal.any([signal, timeoutSignal]) : timeoutSignal;\n\n\tconst requestId = crypto.randomUUID();\n\tconst response = await fetch(url + '/v1/fetch_key', {\n\t\tmethod: 'POST',\n\t\theaders: {\n\t\t\t'Content-Type': 'application/json',\n\t\t\t'Request-Id': requestId,\n\t\t\t'Client-Sdk-Type': 'typescript',\n\t\t\t'Client-Sdk-Version': PACKAGE_VERSION,\n\t\t\t...(apiKeyName && apiKey ? { apiKeyName: apiKey } : {}),\n\t\t},\n\t\tbody: JSON.stringify(body),\n\t\tsignal: combinedSignal,\n\t});\n\tawait SealAPIError.assertResponse(response, requestId);\n\tconst resp = await response.json();\n\tverifyKeyServerVersion(response);\n\n\treturn resp.decryption_keys.map((dk: { id: Uint8Array; encrypted_key: [string, string] }) => ({\n\t\tfullId: toHex(dk.id),\n\t\tkey: elgamalDecrypt(encKey, dk.encrypted_key.map(fromBase64) as [Uint8Array, Uint8Array]),\n\t}));\n}\n"],
5
+ "mappings": "AAEA,SAAS,KAAK,YAAY,SAAS,UAAU,aAAa;AAC1D,SAAS,iBAAiB;AAE1B,SAAS,eAAe,uBAAuB;AAC/C;AAAA,EACC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACM;AACP,SAAS,eAAe;AACxB,SAAS,uBAAuB;AAGhC,SAAS,SAAS,eAAe;AACjC,SAAS,sBAAsB;AAG/B,MAAM,0BAA0B;AAUzB,IAAK,gBAAL,kBAAKA,mBAAL;AACN,EAAAA,8BAAA,2BAAwB,KAAxB;AADW,SAAAA;AAAA,GAAA;AAIL,MAAM,6BAA6B,IAAI,QAAQ,OAAO;AACtD,MAAM,2BACZ;AACM,MAAM,2BACZ;AAOM,SAAS,yBAAyB,SAA0C;AAClF,MAAI,YAAY,WAAW;AAC1B,WAAO,CAAC,0BAA0B,wBAAwB;AAAA,EAC3D,OAAO;AAEN,UAAM,IAAI,wBAAwB,uBAAuB,OAAO,EAAE;AAAA,EACnE;AACD;AAUA,eAAsB,mBAAmB;AAAA,EACxC;AAAA,EACA;AACD,GAGyB;AACxB,SAAO,MAAM,QAAQ;AAAA,IACpB,UAAU,IAAI,OAAO,aAAa;AAEjC,YAAM,MAAM,MAAM,OAAO,KAAK,UAAU;AAAA,QACvC;AAAA,MACD,CAAC;AACD,YAAM,KAAK,cAAc,MAAM,MAAM,IAAI,OAAO,OAAO;AACvD,UACC,0BAA0B,OAAO,GAAG,YAAY,KAChD,0BAA0B,OAAO,GAAG,WAAW,GAC9C;AACD,cAAM,IAAI;AAAA,UACT,cAAc,QAAQ,8BAA8B,GAAG,YAAY,QAAQ,GAAG,WAAW,yCAAyC,uBAAuB;AAAA,QAC1J;AAAA,MACD;AAGA,YAAM,iBAAiB,MAAM,OAAO,KAAK,gBAAgB;AAAA,QACxD,UAAU;AAAA,QACV,MAAM;AAAA,UACL,MAAM;AAAA,UACN,KAAK,IAAI,IAAI,EAAE,UAAU,uBAAuB,EAAE,QAAQ;AAAA,QAC3D;AAAA,MACD,CAAC;AAED,YAAM,cAAc,gBAAgB,MAAM,eAAe,aAAa,MAAM,GAAG;AAE/E,UAAI,YAAY,YAAY,+BAAqC;AAChE,cAAM,IAAI;AAAA,UACT,UAAU,QAAQ,0BAA0B,YAAY,OAAO;AAAA,QAChE;AAAA,MACD;AAEA,aAAO;AAAA,QACN;AAAA,QACA,MAAM,YAAY;AAAA,QAClB,KAAK,YAAY;AAAA,QACjB,SAAS,YAAY;AAAA,QACrB,IAAI,IAAI,WAAW,YAAY,EAAE;AAAA,MAClC;AAAA,IACD,CAAC;AAAA,EACF;AACD;AAUA,eAAsB,gBACrB,QACA,SACA,YACA,QACmB;AACnB,QAAM,YAAY,OAAO,WAAW;AACpC,QAAM,WAAW,MAAM,MAAM,OAAO,MAAO,4BAA4B,OAAO,UAAU;AAAA,IACvF,QAAQ;AAAA,IACR,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,cAAc;AAAA,MACd,mBAAmB;AAAA,MACnB,sBAAsB;AAAA,MACtB,GAAI,cAAc,SAAS,EAAE,YAAY,OAAO,IAAI,CAAC;AAAA,IACtD;AAAA,IACA,QAAQ,YAAY,QAAQ,OAAO;AAAA,EACpC,CAAC;AAED,QAAM,aAAa,eAAe,UAAU,SAAS;AACrD,yBAAuB,QAAQ;AAC/B,QAAM,kBAAkB,MAAM,SAAS,KAAK;AAE5C,MAAI,gBAAgB,eAAe,OAAO,UAAU;AACnD,WAAO;AAAA,EACR;AACA,QAAM,UAAU,QAAQ,CAAC,SAAS,OAAO,IAAI,QAAQ,OAAO,QAAQ,CAAC,CAAC;AACtE,SAAO,UAAU,qBAAqB,WAAW,gBAAgB,GAAG,GAAG,SAAS,OAAO,EAAE;AAC1F;AAOO,SAAS,uBAAuB,UAAoB;AAC1D,QAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB;AACnE,MAAI,oBAAoB,MAAM;AAC7B,UAAM,IAAI,6BAA6B,8BAA8B;AAAA,EACtE;AACA,MAAI,IAAI,QAAQ,gBAAgB,EAAE,WAAW,0BAA0B,GAAG;AACzE,UAAM,IAAI;AAAA,MACT,sBAAsB,gBAAgB;AAAA,IACvC;AAAA,EACD;AACD;AAUO,MAAM,gCAAsD;AAAA,EAGlE,YAAmB,KAAgB;AAAhB;AAClB,SAAK,iBAAiB,MAAM,IAAI,QAAQ,CAAC;AAAA,EAC1C;AAAA,EAEA,WAAmB;AAClB,WAAO,KAAK;AAAA,EACb;AACD;AA0CA,eAAsB,mBAAmB;AAAA,EACxC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD,GAAqE;AACpE,QAAM,OAAO;AAAA,IACZ,KAAK,SAAS,iBAAiB,MAAM,CAAC,CAAC;AAAA;AAAA,IACvC,SAAS,SAAS,QAAQ;AAAA,IAC1B,sBAAsB,SAAS,kBAAkB;AAAA,IACjD,mBAAmB;AAAA;AAAA,IACnB;AAAA,EACD;AAEA,QAAM,gBAAgB,YAAY,QAAQ,OAAO;AACjD,QAAM,iBAAiB,SAAS,YAAY,IAAI,CAAC,QAAQ,aAAa,CAAC,IAAI;AAE3E,QAAM,YAAY,OAAO,WAAW;AACpC,QAAM,WAAW,MAAM,MAAM,MAAM,iBAAiB;AAAA,IACnD,QAAQ;AAAA,IACR,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,cAAc;AAAA,MACd,mBAAmB;AAAA,MACnB,sBAAsB;AAAA,MACtB,GAAI,cAAc,SAAS,EAAE,YAAY,OAAO,IAAI,CAAC;AAAA,IACtD;AAAA,IACA,MAAM,KAAK,UAAU,IAAI;AAAA,IACzB,QAAQ;AAAA,EACT,CAAC;AACD,QAAM,aAAa,eAAe,UAAU,SAAS;AACrD,QAAM,OAAO,MAAM,SAAS,KAAK;AACjC,yBAAuB,QAAQ;AAE/B,SAAO,KAAK,gBAAgB,IAAI,CAAC,QAA6D;AAAA,IAC7F,QAAQ,MAAM,GAAG,EAAE;AAAA,IACnB,KAAK,eAAe,QAAQ,GAAG,cAAc,IAAI,UAAU,CAA6B;AAAA,EACzF,EAAE;AACH;",
6
6
  "names": ["KeyServerType"]
7
7
  }
package/dist/esm/session-key.d.ts CHANGED
@@ -19,7 +19,7 @@ export type Certificate = {
19
19
  signature: string;
20
20
  mvr_name?: string;
21
21
  };
22
- export type SessionKeyType = {
22
+ export type ExportedSessionKey = {
23
23
  address: string;
24
24
  packageId: string;
25
25
  mvrName?: string;
@@ -30,17 +30,17 @@ export type SessionKeyType = {
30
30
  };
31
31
  export declare class SessionKey {
32
32
  #private;
33
+ private constructor();
33
34
  /**
34
- * @deprecated - Use `await SessionKey.create()` instead.
35
+ * Create a new SessionKey instance.
36
+ * @param address - The address of the user.
37
+ * @param packageId - The ID of the package.
38
+ * @param mvrName - Optional. The name of the MVR, if there is one.
39
+ * @param ttlMin - The TTL in minutes.
40
+ * @param signer - Optional. The signer instance, e.g. EnokiSigner.
41
+ * @param suiClient - The Sui client.
42
+ * @returns A new SessionKey instance.
35
43
  */
36
- constructor({ address, packageId, mvrName, ttlMin, signer, suiClient, }: {
37
- address: string;
38
- packageId: string;
39
- mvrName?: string;
40
- ttlMin: number;
41
- signer?: Signer;
42
- suiClient: SealCompatibleClient;
43
- });
44
44
  static create({ address, packageId, mvrName, ttlMin, signer, suiClient, }: {
45
45
  address: string;
46
46
  packageId: string;
@@ -56,17 +56,25 @@ export declare class SessionKey {
56
56
  getPersonalMessage(): Uint8Array;
57
57
  setPersonalMessageSignature(personalMessageSignature: string): Promise<void>;
58
58
  getCertificate(): Promise<Certificate>;
59
+ /**
60
+ * Create request params for the given transaction bytes.
61
+ * @param txBytes - The transaction bytes.
62
+ * @returns The request params containing the ephemeral secret key,
63
+ * its public key and its verification key.
64
+ */
59
65
  createRequestParams(txBytes: Uint8Array): Promise<{
60
- decryptionKey: Uint8Array;
66
+ encKey: Uint8Array;
67
+ encKeyPk: Uint8Array;
68
+ encVerificationKey: Uint8Array;
61
69
  requestSignature: string;
62
70
  }>;
63
71
  /**
64
72
  * Export the Session Key object from the instance. Store the object in IndexedDB to persist.
65
73
  */
66
- export(): SessionKeyType;
74
+ export(): ExportedSessionKey;
67
75
  /**
68
76
  * Restore a SessionKey instance for the given object.
69
77
  * @returns A new SessionKey instance with restored state
70
78
  */
71
- static import(data: SessionKeyType, suiClient: SealCompatibleClient, signer?: Signer): SessionKey;
79
+ static import(data: ExportedSessionKey, suiClient: SealCompatibleClient, signer?: Signer): SessionKey;
72
80
  }
package/dist/esm/session-key.js CHANGED
@@ -19,14 +19,11 @@ import {
19
19
  UserError
20
20
  } from "./error.js";
21
21
  const RequestFormat = bcs.struct("RequestFormat", {
22
- ptb: bcs.vector(bcs.U8),
23
- encKey: bcs.vector(bcs.U8),
24
- encVerificationKey: bcs.vector(bcs.U8)
22
+ ptb: bcs.vector(bcs.u8()),
23
+ encKey: bcs.vector(bcs.u8()),
24
+ encVerificationKey: bcs.vector(bcs.u8())
25
25
  });
26
26
  const _SessionKey = class _SessionKey {
27
- /**
28
- * @deprecated - Use `await SessionKey.create()` instead.
29
- */
30
27
  constructor({
31
28
  address,
32
29
  packageId,
@@ -65,6 +62,16 @@ const _SessionKey = class _SessionKey {
65
62
  __privateSet(this, _signer, signer);
66
63
  __privateSet(this, _suiClient, suiClient);
67
64
  }
65
+ /**
66
+ * Create a new SessionKey instance.
67
+ * @param address - The address of the user.
68
+ * @param packageId - The ID of the package.
69
+ * @param mvrName - Optional. The name of the MVR, if there is one.
70
+ * @param ttlMin - The TTL in minutes.
71
+ * @param signer - Optional. The signer instance, e.g. EnokiSigner.
72
+ * @param suiClient - The Sui client.
73
+ * @returns A new SessionKey instance.
74
+ */
68
75
  static async create({
69
76
  address,
70
77
  packageId,
@@ -137,18 +144,28 @@ const _SessionKey = class _SessionKey {
137
144
  mvr_name: __privateGet(this, _mvrName)
138
145
  };
139
146
  }
147
+ /**
148
+ * Create request params for the given transaction bytes.
149
+ * @param txBytes - The transaction bytes.
150
+ * @returns The request params containing the ephemeral secret key,
151
+ * its public key and its verification key.
152
+ */
140
153
  async createRequestParams(txBytes) {
141
154
  if (this.isExpired()) {
142
155
  throw new ExpiredSessionKeyError();
143
156
  }
144
- const egSk = generateSecretKey();
157
+ const encKey = generateSecretKey();
158
+ const encKeyPk = toPublicKey(encKey);
159
+ const encVerificationKey = toVerificationKey(encKey);
145
160
  const msgToSign = RequestFormat.serialize({
146
161
  ptb: txBytes.slice(1),
147
- encKey: toPublicKey(egSk),
148
- encVerificationKey: toVerificationKey(egSk)
162
+ encKey: encKeyPk,
163
+ encVerificationKey
149
164
  }).toBytes();
150
165
  return {
151
- decryptionKey: egSk,
166
+ encKey,
167
+ encKeyPk,
168
+ encVerificationKey,
152
169
  requestSignature: toBase64(await __privateGet(this, _sessionKey).sign(msgToSign))
153
170
  };
154
171
  }
package/dist/esm/session-key.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../src/session-key.ts"],
4
- "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toBase64 } from '@mysten/bcs';\nimport { bcs } from '@mysten/sui/bcs';\nimport type { Signer } from '@mysten/sui/cryptography';\nimport { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';\nimport { isValidNamedPackage, isValidSuiAddress, isValidSuiObjectId } from '@mysten/sui/utils';\nimport { verifyPersonalMessageSignature } from '@mysten/sui/verify';\nimport { generateSecretKey, toPublicKey, toVerificationKey } from './elgamal.js';\nimport {\n\tExpiredSessionKeyError,\n\tInvalidPackageError,\n\tInvalidPersonalMessageSignatureError,\n\tUserError,\n} from './error.js';\nimport type { SealCompatibleClient } from './types.js';\n\nexport const RequestFormat = bcs.struct('RequestFormat', {\n\tptb: bcs.vector(bcs.U8),\n\tencKey: bcs.vector(bcs.U8),\n\tencVerificationKey: bcs.vector(bcs.U8),\n});\n\nexport type Certificate = {\n\tuser: string;\n\tsession_vk: string;\n\tcreation_time: number;\n\tttl_min: number;\n\tsignature: string;\n\tmvr_name?: string;\n};\n\nexport type SessionKeyType = {\n\taddress: string;\n\tpackageId: string;\n\tmvrName?: string;\n\tcreationTimeMs: number;\n\tttlMin: number;\n\tpersonalMessageSignature?: string;\n\tsessionKey: string;\n};\n\nexport class SessionKey {\n\t#address: string;\n\t#packageId: string;\n\t#mvrName?: string;\n\t#creationTimeMs: number;\n\t#ttlMin: number;\n\t#sessionKey: Ed25519Keypair;\n\t#personalMessageSignature?: string;\n\t#signer?: Signer;\n\t#suiClient: SealCompatibleClient;\n\n\t/**\n\t * @deprecated - Use `await SessionKey.create()` instead.\n\t */\n\tconstructor({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\tsuiClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\tsuiClient: SealCompatibleClient;\n\t}) {\n\t\tif (mvrName && !isValidNamedPackage(mvrName)) {\n\t\t\tthrow new UserError(`Invalid package name ${mvrName}`);\n\t\t}\n\t\tif (!isValidSuiObjectId(packageId) || !isValidSuiAddress(address)) {\n\t\t\tthrow new UserError(`Invalid package ID ${packageId} or address ${address}`);\n\t\t}\n\t\tif (ttlMin > 30 || ttlMin < 1) {\n\t\t\tthrow new UserError(`Invalid TTL ${ttlMin}, must be between 1 and 30`);\n\t\t}\n\t\tif (signer && signer.getPublicKey().toSuiAddress() !== address) {\n\t\t\tthrow new UserError('Signer address does not match session key address');\n\t\t}\n\n\t\tthis.#address = address;\n\t\tthis.#packageId = packageId;\n\t\tthis.#mvrName = mvrName;\n\t\tthis.#creationTimeMs = Date.now();\n\t\tthis.#ttlMin = ttlMin;\n\t\tthis.#sessionKey = Ed25519Keypair.generate();\n\t\tthis.#signer = signer;\n\t\tthis.#suiClient = suiClient;\n\t}\n\n\tstatic async create({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\tsuiClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\tsuiClient: SealCompatibleClient;\n\t}): Promise<SessionKey> {\n\t\tconst packageObj = await suiClient.core.getObject({ objectId: packageId });\n\t\tif (String(packageObj.object.version) !== '1') {\n\t\t\tthrow new InvalidPackageError(`Package ${packageId} is not the first version`);\n\t\t}\n\n\t\treturn new SessionKey({\n\t\t\taddress,\n\t\t\tpackageId,\n\t\t\tmvrName,\n\t\t\tttlMin,\n\t\t\tsigner,\n\t\t\tsuiClient,\n\t\t});\n\t}\n\tisExpired(): boolean {\n\t\t// Allow 10 seconds for clock skew\n\t\treturn this.#creationTimeMs + this.#ttlMin * 60 * 1000 - 10_000 < Date.now();\n\t}\n\n\tgetAddress(): string {\n\t\treturn this.#address;\n\t}\n\n\tgetPackageName(): string {\n\t\tif (this.#mvrName) {\n\t\t\treturn this.#mvrName;\n\t\t}\n\t\treturn this.#packageId;\n\t}\n\n\tgetPackageId(): string {\n\t\treturn this.#packageId;\n\t}\n\n\tgetPersonalMessage(): Uint8Array {\n\t\tconst creationTimeUtc =\n\t\t\tnew Date(this.#creationTimeMs).toISOString().slice(0, 19).replace('T', ' ') + ' UTC';\n\t\tconst message = `Accessing keys of package ${this.getPackageName()} for ${this.#ttlMin} mins from ${creationTimeUtc}, session key ${toBase64(this.#sessionKey.getPublicKey().toRawBytes())}`;\n\t\treturn new TextEncoder().encode(message);\n\t}\n\n\tasync setPersonalMessageSignature(personalMessageSignature: string) {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\ttry {\n\t\t\t\tawait verifyPersonalMessageSignature(this.getPersonalMessage(), personalMessageSignature, {\n\t\t\t\t\taddress: this.#address,\n\t\t\t\t\tclient: this.#suiClient,\n\t\t\t\t});\n\t\t\t\tthis.#personalMessageSignature = personalMessageSignature;\n\t\t\t} catch (e) {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Not valid');\n\t\t\t}\n\t\t}\n\t}\n\n\tasync getCertificate(): Promise<Certificate> {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\tif (this.#signer) {\n\t\t\t\tconst { signature } = await this.#signer.signPersonalMessage(this.getPersonalMessage());\n\t\t\t\tthis.#personalMessageSignature = signature;\n\t\t\t} else {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Personal message signature is not set');\n\t\t\t}\n\t\t}\n\t\treturn {\n\t\t\tuser: this.#address,\n\t\t\tsession_vk: toBase64(this.#sessionKey.getPublicKey().toRawBytes()),\n\t\t\tcreation_time: this.#creationTimeMs,\n\t\t\tttl_min: this.#ttlMin,\n\t\t\tsignature: this.#personalMessageSignature,\n\t\t\tmvr_name: this.#mvrName,\n\t\t};\n\t}\n\n\tasync createRequestParams(\n\t\ttxBytes: Uint8Array,\n\t): Promise<{ decryptionKey: Uint8Array; requestSignature: string }> {\n\t\tif (this.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\tconst egSk = generateSecretKey();\n\t\tconst msgToSign = RequestFormat.serialize({\n\t\t\tptb: txBytes.slice(1),\n\t\t\tencKey: toPublicKey(egSk),\n\t\t\tencVerificationKey: toVerificationKey(egSk),\n\t\t}).toBytes();\n\t\treturn {\n\t\t\tdecryptionKey: egSk,\n\t\t\trequestSignature: toBase64(await this.#sessionKey.sign(msgToSign)),\n\t\t};\n\t}\n\n\t/**\n\t * Export the Session Key object from the instance. Store the object in IndexedDB to persist.\n\t */\n\texport(): SessionKeyType {\n\t\tconst obj = {\n\t\t\taddress: this.#address,\n\t\t\tpackageId: this.#packageId,\n\t\t\tmvrName: this.#mvrName,\n\t\t\tcreationTimeMs: this.#creationTimeMs,\n\t\t\tttlMin: this.#ttlMin,\n\t\t\tpersonalMessageSignature: this.#personalMessageSignature,\n\t\t\tsessionKey: this.#sessionKey.getSecretKey(), // bech32 encoded string\n\t\t};\n\n\t\tObject.defineProperty(obj, 'toJSON', {\n\t\t\tenumerable: false,\n\t\t\tvalue: () => {\n\t\t\t\tthrow new Error('This object is not serializable');\n\t\t\t},\n\t\t});\n\t\treturn obj;\n\t}\n\n\t/**\n\t * Restore a SessionKey instance for the given object.\n\t * @returns A new SessionKey instance with restored state\n\t */\n\tstatic import(\n\t\tdata: SessionKeyType,\n\t\tsuiClient: SealCompatibleClient,\n\t\tsigner?: Signer,\n\t): SessionKey {\n\t\tconst instance = new SessionKey({\n\t\t\taddress: data.address,\n\t\t\tpackageId: data.packageId,\n\t\t\tmvrName: data.mvrName,\n\t\t\tttlMin: data.ttlMin,\n\t\t\tsigner,\n\t\t\tsuiClient,\n\t\t});\n\n\t\tinstance.#creationTimeMs = data.creationTimeMs;\n\t\tinstance.#sessionKey = Ed25519Keypair.fromSecretKey(data.sessionKey);\n\t\tinstance.#personalMessageSignature = data.personalMessageSignature;\n\n\t\tif (instance.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\treturn instance;\n\t}\n}\n"],
5
- "mappings": ";;;;;;;AAAA;AAGA,SAAS,gBAAgB;AACzB,SAAS,WAAW;AAEpB,SAAS,sBAAsB;AAC/B,SAAS,qBAAqB,mBAAmB,0BAA0B;AAC3E,SAAS,sCAAsC;AAC/C,SAAS,mBAAmB,aAAa,yBAAyB;AAClE;AAAA,EACC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACM;AAGA,MAAM,gBAAgB,IAAI,OAAO,iBAAiB;AAAA,EACxD,KAAK,IAAI,OAAO,IAAI,EAAE;AAAA,EACtB,QAAQ,IAAI,OAAO,IAAI,EAAE;AAAA,EACzB,oBAAoB,IAAI,OAAO,IAAI,EAAE;AACtC,CAAC;AAqBM,MAAM,cAAN,MAAM,YAAW;AAAA;AAAA;AAAA;AAAA,EAcvB,YAAY;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOG;AA3BH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAoBC,QAAI,WAAW,CAAC,oBAAoB,OAAO,GAAG;AAC7C,YAAM,IAAI,UAAU,wBAAwB,OAAO,EAAE;AAAA,IACtD;AACA,QAAI,CAAC,mBAAmB,SAAS,KAAK,CAAC,kBAAkB,OAAO,GAAG;AAClE,YAAM,IAAI,UAAU,sBAAsB,SAAS,eAAe,OAAO,EAAE;AAAA,IAC5E;AACA,QAAI,SAAS,MAAM,SAAS,GAAG;AAC9B,YAAM,IAAI,UAAU,eAAe,MAAM,4BAA4B;AAAA,IACtE;AACA,QAAI,UAAU,OAAO,aAAa,EAAE,aAAa,MAAM,SAAS;AAC/D,YAAM,IAAI,UAAU,mDAAmD;AAAA,IACxE;AAEA,uBAAK,UAAW;AAChB,uBAAK,YAAa;AAClB,uBAAK,UAAW;AAChB,uBAAK,iBAAkB,KAAK,IAAI;AAChC,uBAAK,SAAU;AACf,uBAAK,aAAc,eAAe,SAAS;AAC3C,uBAAK,SAAU;AACf,uBAAK,YAAa;AAAA,EACnB;AAAA,EAEA,aAAa,OAAO;AAAA,IACnB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOwB;AACvB,UAAM,aAAa,MAAM,UAAU,KAAK,UAAU,EAAE,UAAU,UAAU,CAAC;AACzE,QAAI,OAAO,WAAW,OAAO,OAAO,MAAM,KAAK;AAC9C,YAAM,IAAI,oBAAoB,WAAW,SAAS,2BAA2B;AAAA,IAC9E;AAEA,WAAO,IAAI,YAAW;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACD,CAAC;AAAA,EACF;AAAA,EACA,YAAqB;AAEpB,WAAO,mBAAK,mBAAkB,mBAAK,WAAU,KAAK,MAAO,MAAS,KAAK,IAAI;AAAA,EAC5E;AAAA,EAEA,aAAqB;AACpB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,iBAAyB;AACxB,QAAI,mBAAK,WAAU;AAClB,aAAO,mBAAK;AAAA,IACb;AACA,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,eAAuB;AACtB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,qBAAiC;AAChC,UAAM,kBACL,IAAI,KAAK,mBAAK,gBAAe,EAAE,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,QAAQ,KAAK,GAAG,IAAI;AAC/E,UAAM,UAAU,6BAA6B,KAAK,eAAe,CAAC,QAAQ,mBAAK,QAAO,cAAc,eAAe,iBAAiB,SAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC,CAAC;AAC1L,WAAO,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,EACxC;AAAA,EAEA,MAAM,4BAA4B,0BAAkC;AACnE,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI;AACH,cAAM,+BAA+B,KAAK,mBAAmB,GAAG,0BAA0B;AAAA,UACzF,SAAS,mBAAK;AAAA,UACd,QAAQ,mBAAK;AAAA,QACd,CAAC;AACD,2BAAK,2BAA4B;AAAA,MAClC,SAAS,GAAG;AACX,cAAM,IAAI,qCAAqC,WAAW;AAAA,MAC3D;AAAA,IACD;AAAA,EACD;AAAA,EAEA,MAAM,iBAAuC;AAC5C,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI,mBAAK,UAAS;AACjB,cAAM,EAAE,UAAU,IAAI,MAAM,mBAAK,SAAQ,oBAAoB,KAAK,mBAAmB,CAAC;AACtF,2BAAK,2BAA4B;AAAA,MAClC,OAAO;AACN,cAAM,IAAI,qCAAqC,uCAAuC;AAAA,MACvF;AAAA,IACD;AACA,WAAO;AAAA,MACN,MAAM,mBAAK;AAAA,MACX,YAAY,SAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC;AAAA,MACjE,eAAe,mBAAK;AAAA,MACpB,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,UAAU,mBAAK;AAAA,IAChB;AAAA,EACD;AAAA,EAEA,MAAM,oBACL,SACmE;AACnE,QAAI,KAAK,UAAU,GAAG;AACrB,YAAM,IAAI,uBAAuB;AAAA,IAClC;AACA,UAAM,OAAO,kBAAkB;AAC/B,UAAM,YAAY,cAAc,UAAU;AAAA,MACzC,KAAK,QAAQ,MAAM,CAAC;AAAA,MACpB,QAAQ,YAAY,IAAI;AAAA,MACxB,oBAAoB,kBAAkB,IAAI;AAAA,IAC3C,CAAC,EAAE,QAAQ;AACX,WAAO;AAAA,MACN,eAAe;AAAA,MACf,kBAAkB,SAAS,MAAM,mBAAK,aAAY,KAAK,SAAS,CAAC;AAAA,IAClE;AAAA,EACD;AAAA;AAAA;AAAA;AAAA,EAKA,SAAyB;AACxB,UAAM,MAAM;AAAA,MACX,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,SAAS,mBAAK;AAAA,MACd,gBAAgB,mBAAK;AAAA,MACrB,QAAQ,mBAAK;AAAA,MACb,0BAA0B,mBAAK;AAAA,MAC/B,YAAY,mBAAK,aAAY,aAAa;AAAA;AAAA,IAC3C;AAEA,WAAO,eAAe,KAAK,UAAU;AAAA,MACpC,YAAY;AAAA,MACZ,OAAO,MAAM;AACZ,cAAM,IAAI,MAAM,iCAAiC;AAAA,MAClD;AAAA,IACD,CAAC;AACD,WAAO;AAAA,EACR;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,OACN,MACA,WACA,QACa;AACb,UAAM,WAAW,IAAI,YAAW;AAAA,MAC/B,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,MAChB,SAAS,KAAK;AAAA,MACd,QAAQ,KAAK;AAAA,MACb;AAAA,MACA;AAAA,IACD,CAAC;AAED,2BAAS,iBAAkB,KAAK;AAChC,2BAAS,aAAc,eAAe,cAAc,KAAK,UAAU;AACnE,2BAAS,2BAA4B,KAAK;AAE1C,QAAI,SAAS,UAAU,GAAG;AACzB,YAAM,IAAI,uBAAuB;AAAA,IAClC;AACA,WAAO;AAAA,EACR;AACD;AAhNC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATM,IAAM,aAAN;",
4
+ "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toBase64 } from '@mysten/bcs';\nimport { bcs } from '@mysten/sui/bcs';\nimport type { Signer } from '@mysten/sui/cryptography';\nimport { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';\nimport { isValidNamedPackage, isValidSuiAddress, isValidSuiObjectId } from '@mysten/sui/utils';\nimport { verifyPersonalMessageSignature } from '@mysten/sui/verify';\nimport { generateSecretKey, toPublicKey, toVerificationKey } from './elgamal.js';\nimport {\n\tExpiredSessionKeyError,\n\tInvalidPackageError,\n\tInvalidPersonalMessageSignatureError,\n\tUserError,\n} from './error.js';\nimport type { SealCompatibleClient } from './types.js';\n\nexport const RequestFormat = bcs.struct('RequestFormat', {\n\tptb: bcs.vector(bcs.u8()),\n\tencKey: bcs.vector(bcs.u8()),\n\tencVerificationKey: bcs.vector(bcs.u8()),\n});\n\nexport type Certificate = {\n\tuser: string;\n\tsession_vk: string;\n\tcreation_time: number;\n\tttl_min: number;\n\tsignature: string;\n\tmvr_name?: string;\n};\n\nexport type ExportedSessionKey = {\n\taddress: string;\n\tpackageId: string;\n\tmvrName?: string;\n\tcreationTimeMs: number;\n\tttlMin: number;\n\tpersonalMessageSignature?: string;\n\tsessionKey: string;\n};\n\nexport class SessionKey {\n\t#address: string;\n\t#packageId: string;\n\t#mvrName?: string;\n\t#creationTimeMs: number;\n\t#ttlMin: number;\n\t#sessionKey: Ed25519Keypair;\n\t#personalMessageSignature?: string;\n\t#signer?: Signer;\n\t#suiClient: SealCompatibleClient;\n\n\tprivate constructor({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\tsuiClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\tsuiClient: SealCompatibleClient;\n\t}) {\n\t\tif (mvrName && !isValidNamedPackage(mvrName)) {\n\t\t\tthrow new UserError(`Invalid package name ${mvrName}`);\n\t\t}\n\t\tif (!isValidSuiObjectId(packageId) || !isValidSuiAddress(address)) {\n\t\t\tthrow new UserError(`Invalid package ID ${packageId} or address ${address}`);\n\t\t}\n\t\tif (ttlMin > 30 || ttlMin < 1) {\n\t\t\tthrow new UserError(`Invalid TTL ${ttlMin}, must be between 1 and 30`);\n\t\t}\n\t\tif (signer && signer.getPublicKey().toSuiAddress() !== address) {\n\t\t\tthrow new UserError('Signer address does not match session key address');\n\t\t}\n\n\t\tthis.#address = address;\n\t\tthis.#packageId = packageId;\n\t\tthis.#mvrName = mvrName;\n\t\tthis.#creationTimeMs = Date.now();\n\t\tthis.#ttlMin = ttlMin;\n\t\tthis.#sessionKey = Ed25519Keypair.generate();\n\t\tthis.#signer = signer;\n\t\tthis.#suiClient = suiClient;\n\t}\n\n\t/**\n\t * Create a new SessionKey instance.\n\t * @param address - The address of the user.\n\t * @param packageId - The ID of the package.\n\t * @param mvrName - Optional. The name of the MVR, if there is one.\n\t * @param ttlMin - The TTL in minutes.\n\t * @param signer - Optional. The signer instance, e.g. EnokiSigner.\n\t * @param suiClient - The Sui client.\n\t * @returns A new SessionKey instance.\n\t */\n\tstatic async create({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\tsuiClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\tsuiClient: SealCompatibleClient;\n\t}): Promise<SessionKey> {\n\t\tconst packageObj = await suiClient.core.getObject({ objectId: packageId });\n\t\tif (String(packageObj.object.version) !== '1') {\n\t\t\tthrow new InvalidPackageError(`Package ${packageId} is not the first version`);\n\t\t}\n\n\t\treturn new SessionKey({\n\t\t\taddress,\n\t\t\tpackageId,\n\t\t\tmvrName,\n\t\t\tttlMin,\n\t\t\tsigner,\n\t\t\tsuiClient,\n\t\t});\n\t}\n\tisExpired(): boolean {\n\t\t// Allow 10 seconds for clock skew\n\t\treturn this.#creationTimeMs + this.#ttlMin * 60 * 1000 - 10_000 < Date.now();\n\t}\n\n\tgetAddress(): string {\n\t\treturn this.#address;\n\t}\n\n\tgetPackageName(): string {\n\t\tif (this.#mvrName) {\n\t\t\treturn this.#mvrName;\n\t\t}\n\t\treturn this.#packageId;\n\t}\n\n\tgetPackageId(): string {\n\t\treturn this.#packageId;\n\t}\n\n\tgetPersonalMessage(): Uint8Array {\n\t\tconst creationTimeUtc =\n\t\t\tnew Date(this.#creationTimeMs).toISOString().slice(0, 19).replace('T', ' ') + ' UTC';\n\t\tconst message = `Accessing keys of package ${this.getPackageName()} for ${this.#ttlMin} mins from ${creationTimeUtc}, session key ${toBase64(this.#sessionKey.getPublicKey().toRawBytes())}`;\n\t\treturn new TextEncoder().encode(message);\n\t}\n\n\tasync setPersonalMessageSignature(personalMessageSignature: string) {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\ttry {\n\t\t\t\tawait verifyPersonalMessageSignature(this.getPersonalMessage(), personalMessageSignature, {\n\t\t\t\t\taddress: this.#address,\n\t\t\t\t\tclient: this.#suiClient,\n\t\t\t\t});\n\t\t\t\tthis.#personalMessageSignature = personalMessageSignature;\n\t\t\t} catch (e) {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Not valid');\n\t\t\t}\n\t\t}\n\t}\n\n\tasync getCertificate(): Promise<Certificate> {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\tif (this.#signer) {\n\t\t\t\tconst { signature } = await this.#signer.signPersonalMessage(this.getPersonalMessage());\n\t\t\t\tthis.#personalMessageSignature = signature;\n\t\t\t} else {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Personal message signature is not set');\n\t\t\t}\n\t\t}\n\t\treturn {\n\t\t\tuser: this.#address,\n\t\t\tsession_vk: toBase64(this.#sessionKey.getPublicKey().toRawBytes()),\n\t\t\tcreation_time: this.#creationTimeMs,\n\t\t\tttl_min: this.#ttlMin,\n\t\t\tsignature: this.#personalMessageSignature,\n\t\t\tmvr_name: this.#mvrName,\n\t\t};\n\t}\n\n\t/**\n\t * Create request params for the given transaction bytes.\n\t * @param txBytes - The transaction bytes.\n\t * @returns The request params containing the ephemeral secret key,\n\t * its public key and its verification key.\n\t */\n\tasync createRequestParams(txBytes: Uint8Array): Promise<{\n\t\tencKey: Uint8Array;\n\t\tencKeyPk: Uint8Array;\n\t\tencVerificationKey: Uint8Array;\n\t\trequestSignature: string;\n\t}> {\n\t\tif (this.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\tconst encKey = generateSecretKey();\n\t\tconst encKeyPk = toPublicKey(encKey);\n\t\tconst encVerificationKey = toVerificationKey(encKey);\n\n\t\tconst msgToSign = RequestFormat.serialize({\n\t\t\tptb: txBytes.slice(1),\n\t\t\tencKey: encKeyPk,\n\t\t\tencVerificationKey,\n\t\t}).toBytes();\n\t\treturn {\n\t\t\tencKey,\n\t\t\tencKeyPk,\n\t\t\tencVerificationKey,\n\t\t\trequestSignature: toBase64(await this.#sessionKey.sign(msgToSign)),\n\t\t};\n\t}\n\n\t/**\n\t * Export the Session Key object from the instance. Store the object in IndexedDB to persist.\n\t */\n\texport(): ExportedSessionKey {\n\t\tconst obj = {\n\t\t\taddress: this.#address,\n\t\t\tpackageId: this.#packageId,\n\t\t\tmvrName: this.#mvrName,\n\t\t\tcreationTimeMs: this.#creationTimeMs,\n\t\t\tttlMin: this.#ttlMin,\n\t\t\tpersonalMessageSignature: this.#personalMessageSignature,\n\t\t\tsessionKey: this.#sessionKey.getSecretKey(), // bech32 encoded string\n\t\t};\n\n\t\tObject.defineProperty(obj, 'toJSON', {\n\t\t\tenumerable: false,\n\t\t\tvalue: () => {\n\t\t\t\tthrow new Error('This object is not serializable');\n\t\t\t},\n\t\t});\n\t\treturn obj;\n\t}\n\n\t/**\n\t * Restore a SessionKey instance for the given object.\n\t * @returns A new SessionKey instance with restored state\n\t */\n\tstatic import(\n\t\tdata: ExportedSessionKey,\n\t\tsuiClient: SealCompatibleClient,\n\t\tsigner?: Signer,\n\t): SessionKey {\n\t\tconst instance = new SessionKey({\n\t\t\taddress: data.address,\n\t\t\tpackageId: data.packageId,\n\t\t\tmvrName: data.mvrName,\n\t\t\tttlMin: data.ttlMin,\n\t\t\tsigner,\n\t\t\tsuiClient,\n\t\t});\n\n\t\tinstance.#creationTimeMs = data.creationTimeMs;\n\t\tinstance.#sessionKey = Ed25519Keypair.fromSecretKey(data.sessionKey);\n\t\tinstance.#personalMessageSignature = data.personalMessageSignature;\n\n\t\tif (instance.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\treturn instance;\n\t}\n}\n"],
5
+ "mappings": ";;;;;;;AAAA;AAGA,SAAS,gBAAgB;AACzB,SAAS,WAAW;AAEpB,SAAS,sBAAsB;AAC/B,SAAS,qBAAqB,mBAAmB,0BAA0B;AAC3E,SAAS,sCAAsC;AAC/C,SAAS,mBAAmB,aAAa,yBAAyB;AAClE;AAAA,EACC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACM;AAGA,MAAM,gBAAgB,IAAI,OAAO,iBAAiB;AAAA,EACxD,KAAK,IAAI,OAAO,IAAI,GAAG,CAAC;AAAA,EACxB,QAAQ,IAAI,OAAO,IAAI,GAAG,CAAC;AAAA,EAC3B,oBAAoB,IAAI,OAAO,IAAI,GAAG,CAAC;AACxC,CAAC;AAqBM,MAAM,cAAN,MAAM,YAAW;AAAA,EAWf,YAAY;AAAA,IACnB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOG;AAxBH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBC,QAAI,WAAW,CAAC,oBAAoB,OAAO,GAAG;AAC7C,YAAM,IAAI,UAAU,wBAAwB,OAAO,EAAE;AAAA,IACtD;AACA,QAAI,CAAC,mBAAmB,SAAS,KAAK,CAAC,kBAAkB,OAAO,GAAG;AAClE,YAAM,IAAI,UAAU,sBAAsB,SAAS,eAAe,OAAO,EAAE;AAAA,IAC5E;AACA,QAAI,SAAS,MAAM,SAAS,GAAG;AAC9B,YAAM,IAAI,UAAU,eAAe,MAAM,4BAA4B;AAAA,IACtE;AACA,QAAI,UAAU,OAAO,aAAa,EAAE,aAAa,MAAM,SAAS;AAC/D,YAAM,IAAI,UAAU,mDAAmD;AAAA,IACxE;AAEA,uBAAK,UAAW;AAChB,uBAAK,YAAa;AAClB,uBAAK,UAAW;AAChB,uBAAK,iBAAkB,KAAK,IAAI;AAChC,uBAAK,SAAU;AACf,uBAAK,aAAc,eAAe,SAAS;AAC3C,uBAAK,SAAU;AACf,uBAAK,YAAa;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,aAAa,OAAO;AAAA,IACnB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOwB;AACvB,UAAM,aAAa,MAAM,UAAU,KAAK,UAAU,EAAE,UAAU,UAAU,CAAC;AACzE,QAAI,OAAO,WAAW,OAAO,OAAO,MAAM,KAAK;AAC9C,YAAM,IAAI,oBAAoB,WAAW,SAAS,2BAA2B;AAAA,IAC9E;AAEA,WAAO,IAAI,YAAW;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACD,CAAC;AAAA,EACF;AAAA,EACA,YAAqB;AAEpB,WAAO,mBAAK,mBAAkB,mBAAK,WAAU,KAAK,MAAO,MAAS,KAAK,IAAI;AAAA,EAC5E;AAAA,EAEA,aAAqB;AACpB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,iBAAyB;AACxB,QAAI,mBAAK,WAAU;AAClB,aAAO,mBAAK;AAAA,IACb;AACA,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,eAAuB;AACtB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,qBAAiC;AAChC,UAAM,kBACL,IAAI,KAAK,mBAAK,gBAAe,EAAE,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,QAAQ,KAAK,GAAG,IAAI;AAC/E,UAAM,UAAU,6BAA6B,KAAK,eAAe,CAAC,QAAQ,mBAAK,QAAO,cAAc,eAAe,iBAAiB,SAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC,CAAC;AAC1L,WAAO,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,EACxC;AAAA,EAEA,MAAM,4BAA4B,0BAAkC;AACnE,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI;AACH,cAAM,+BAA+B,KAAK,mBAAmB,GAAG,0BAA0B;AAAA,UACzF,SAAS,mBAAK;AAAA,UACd,QAAQ,mBAAK;AAAA,QACd,CAAC;AACD,2BAAK,2BAA4B;AAAA,MAClC,SAAS,GAAG;AACX,cAAM,IAAI,qCAAqC,WAAW;AAAA,MAC3D;AAAA,IACD;AAAA,EACD;AAAA,EAEA,MAAM,iBAAuC;AAC5C,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI,mBAAK,UAAS;AACjB,cAAM,EAAE,UAAU,IAAI,MAAM,mBAAK,SAAQ,oBAAoB,KAAK,mBAAmB,CAAC;AACtF,2BAAK,2BAA4B;AAAA,MAClC,OAAO;AACN,cAAM,IAAI,qCAAqC,uCAAuC;AAAA,MACvF;AAAA,IACD;AACA,WAAO;AAAA,MACN,MAAM,mBAAK;AAAA,MACX,YAAY,SAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC;AAAA,MACjE,eAAe,mBAAK;AAAA,MACpB,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,UAAU,mBAAK;AAAA,IAChB;AAAA,EACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,oBAAoB,SAKvB;AACF,QAAI,KAAK,UAAU,GAAG;AACrB,YAAM,IAAI,uBAAuB;AAAA,IAClC;AACA,UAAM,SAAS,kBAAkB;AACjC,UAAM,WAAW,YAAY,MAAM;AACnC,UAAM,qBAAqB,kBAAkB,MAAM;AAEnD,UAAM,YAAY,cAAc,UAAU;AAAA,MACzC,KAAK,QAAQ,MAAM,CAAC;AAAA,MACpB,QAAQ;AAAA,MACR;AAAA,IACD,CAAC,EAAE,QAAQ;AACX,WAAO;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,MACA,kBAAkB,SAAS,MAAM,mBAAK,aAAY,KAAK,SAAS,CAAC;AAAA,IAClE;AAAA,EACD;AAAA;AAAA;AAAA;AAAA,EAKA,SAA6B;AAC5B,UAAM,MAAM;AAAA,MACX,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,SAAS,mBAAK;AAAA,MACd,gBAAgB,mBAAK;AAAA,MACrB,QAAQ,mBAAK;AAAA,MACb,0BAA0B,mBAAK;AAAA,MAC/B,YAAY,mBAAK,aAAY,aAAa;AAAA;AAAA,IAC3C;AAEA,WAAO,eAAe,KAAK,UAAU;AAAA,MACpC,YAAY;AAAA,MACZ,OAAO,MAAM;AACZ,cAAM,IAAI,MAAM,iCAAiC;AAAA,MAClD;AAAA,IACD,CAAC;AACD,WAAO;AAAA,EACR;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,OACN,MACA,WACA,QACa;AACb,UAAM,WAAW,IAAI,YAAW;AAAA,MAC/B,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,MAChB,SAAS,KAAK;AAAA,MACd,QAAQ,KAAK;AAAA,MACb;AAAA,MACA;AAAA,IACD,CAAC;AAED,2BAAS,iBAAkB,KAAK;AAChC,2BAAS,aAAc,eAAe,cAAc,KAAK,UAAU;AACnE,2BAAS,2BAA4B,KAAK;AAE1C,QAAI,SAAS,UAAU,GAAG;AACzB,YAAM,IAAI,uBAAuB;AAAA,IAClC;AACA,WAAO;AAAA,EACR;AACD;AArOC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATM,IAAM,aAAN;",
6
6
  "names": []
7
7
  }
package/dist/esm/shamir.js CHANGED
@@ -688,7 +688,7 @@ function samplePolynomial(constant, degree) {
688
688
  return Polynomial.fromBytes(new Uint8Array([constant.value, ...randomCoefficients]));
689
689
  }
690
690
  function split(secret, threshold, total) {
691
- if (threshold > total || threshold < 1 || total > GF256_SIZE) {
691
+ if (threshold > total || threshold < 1 || total >= GF256_SIZE) {
692
692
  throw new Error(`Invalid threshold ${threshold} or total ${total}`);
693
693
  }
694
694
  const polynomials = Array.from(secret, (s) => samplePolynomial(new GF256(s), threshold - 1));
package/dist/esm/shamir.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../src/shamir.ts"],
4
- "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { allEqual, hasDuplicates } from './utils.js';\n\nconst GF256_SIZE = 256;\n\n/**\n * A field element in the Rijndael finite field GF(2\u2078) with a fixed generator g = 0x03.\n */\nexport class GF256 {\n\tvalue: number;\n\n\tconstructor(value: number) {\n\t\tif (value < 0 || value >= GF256_SIZE) {\n\t\t\tthrow new Error(`Invalid value ${value} for GF256`);\n\t\t}\n\t\tthis.value = value;\n\t}\n\n\tlog(): number {\n\t\tif (this.value === 0) {\n\t\t\tthrow new Error('Invalid value');\n\t\t}\n\t\treturn LOG[this.value - 1];\n\t}\n\n\tstatic exp(x: number): GF256 {\n\t\treturn new GF256(EXP[x % (GF256_SIZE - 1)]);\n\t}\n\n\tadd(other: GF256): GF256 {\n\t\treturn new GF256(this.value ^ other.value);\n\t}\n\n\tsub(other: GF256): GF256 {\n\t\t// Addition is the same as subtraction in a binary field.\n\t\treturn this.add(other);\n\t}\n\n\tneg(): GF256 {\n\t\t// Negation doesn't change the value in a binary field.\n\t\treturn this;\n\t}\n\n\tmul(other: GF256): GF256 {\n\t\tif (this.value === 0 || other.value === 0) {\n\t\t\treturn new GF256(0);\n\t\t}\n\t\treturn GF256.exp(this.log() + other.log());\n\t}\n\n\tdiv(other: GF256): GF256 {\n\t\treturn this.mul(GF256.exp(GF256_SIZE - other.log() - 1));\n\t}\n\n\tequals(other: GF256): boolean {\n\t\treturn this.value === other.value;\n\t}\n\n\tstatic zero(): GF256 {\n\t\treturn new GF256(0);\n\t}\n\n\tstatic one(): GF256 {\n\t\treturn new GF256(1);\n\t}\n}\n\n/// Table of E\u1D62 = g\u2071 where g = 0x03 generates the multiplicative group of the field.\nconst EXP: number[] = [\n\t0x01, 0x03, 0x05, 0x0f, 0x11, 0x33, 0x55, 0xff, 0x1a, 0x2e, 0x72, 0x96, 0xa1, 0xf8, 0x13, 0x35,\n\t0x5f, 0xe1, 0x38, 0x48, 0xd8, 0x73, 0x95, 0xa4, 0xf7, 0x02, 0x06, 0x0a, 0x1e, 0x22, 0x66, 0xaa,\n\t0xe5, 0x34, 0x5c, 0xe4, 0x37, 0x59, 0xeb, 0x26, 0x6a, 0xbe, 0xd9, 0x70, 0x90, 0xab, 0xe6, 0x31,\n\t0x53, 0xf5, 0x04, 0x0c, 0x14, 0x3c, 0x44, 0xcc, 0x4f, 0xd1, 0x68, 0xb8, 0xd3, 0x6e, 0xb2, 0xcd,\n\t0x4c, 0xd4, 0x67, 0xa9, 0xe0, 0x3b, 0x4d, 0xd7, 0x62, 0xa6, 0xf1, 0x08, 0x18, 0x28, 0x78, 0x88,\n\t0x83, 0x9e, 0xb9, 0xd0, 0x6b, 0xbd, 0xdc, 0x7f, 0x81, 0x98, 0xb3, 0xce, 0x49, 0xdb, 0x76, 0x9a,\n\t0xb5, 0xc4, 0x57, 0xf9, 0x10, 0x30, 0x50, 0xf0, 0x0b, 0x1d, 0x27, 0x69, 0xbb, 0xd6, 0x61, 0xa3,\n\t0xfe, 0x19, 0x2b, 0x7d, 0x87, 0x92, 0xad, 0xec, 0x2f, 0x71, 0x93, 0xae, 0xe9, 0x20, 0x60, 0xa0,\n\t0xfb, 0x16, 0x3a, 0x4e, 0xd2, 0x6d, 0xb7, 0xc2, 0x5d, 0xe7, 0x32, 0x56, 0xfa, 0x15, 0x3f, 0x41,\n\t0xc3, 0x5e, 0xe2, 0x3d, 0x47, 0xc9, 0x40, 0xc0, 0x5b, 0xed, 0x2c, 0x74, 0x9c, 0xbf, 0xda, 0x75,\n\t0x9f, 0xba, 0xd5, 0x64, 0xac, 0xef, 0x2a, 0x7e, 0x82, 0x9d, 0xbc, 0xdf, 0x7a, 0x8e, 0x89, 0x80,\n\t0x9b, 0xb6, 0xc1, 0x58, 0xe8, 0x23, 0x65, 0xaf, 0xea, 0x25, 0x6f, 0xb1, 0xc8, 0x43, 0xc5, 0x54,\n\t0xfc, 0x1f, 0x21, 0x63, 0xa5, 0xf4, 0x07, 0x09, 0x1b, 0x2d, 0x77, 0x99, 0xb0, 0xcb, 0x46, 0xca,\n\t0x45, 0xcf, 0x4a, 0xde, 0x79, 0x8b, 0x86, 0x91, 0xa8, 0xe3, 0x3e, 0x42, 0xc6, 0x51, 0xf3, 0x0e,\n\t0x12, 0x36, 0x5a, 0xee, 0x29, 0x7b, 0x8d, 0x8c, 0x8f, 0x8a, 0x85, 0x94, 0xa7, 0xf2, 0x0d, 0x17,\n\t0x39, 0x4b, 0xdd, 0x7c, 0x84, 0x97, 0xa2, 0xfd, 0x1c, 0x24, 0x6c, 0xb4, 0xc7, 0x52, 0xf6,\n];\n\n/// Table of L\u1D62 = LOG[i + 1] such that g^L\u1D62 = i where g = 0x03.\nconst LOG: number[] = [\n\t0x00, 0x19, 0x01, 0x32, 0x02, 0x1a, 0xc6, 0x4b, 0xc7, 0x1b, 0x68, 0x33, 0xee, 0xdf, 0x03, 0x64,\n\t0x04, 0xe0, 0x0e, 0x34, 0x8d, 0x81, 0xef, 0x4c, 0x71, 0x08, 0xc8, 0xf8, 0x69, 0x1c, 0xc1, 0x7d,\n\t0xc2, 0x1d, 0xb5, 0xf9, 0xb9, 0x27, 0x6a, 0x4d, 0xe4, 0xa6, 0x72, 0x9a, 0xc9, 0x09, 0x78, 0x65,\n\t0x2f, 0x8a, 0x05, 0x21, 0x0f, 0xe1, 0x24, 0x12, 0xf0, 0x82, 0x45, 0x35, 0x93, 0xda, 0x8e, 0x96,\n\t0x8f, 0xdb, 0xbd, 0x36, 0xd0, 0xce, 0x94, 0x13, 0x5c, 0xd2, 0xf1, 0x40, 0x46, 0x83, 0x38, 0x66,\n\t0xdd, 0xfd, 0x30, 0xbf, 0x06, 0x8b, 0x62, 0xb3, 0x25, 0xe2, 0x98, 0x22, 0x88, 0x91, 0x10, 0x7e,\n\t0x6e, 0x48, 0xc3, 0xa3, 0xb6, 0x1e, 0x42, 0x3a, 0x6b, 0x28, 0x54, 0xfa, 0x85, 0x3d, 0xba, 0x2b,\n\t0x79, 0x0a, 0x15, 0x9b, 0x9f, 0x5e, 0xca, 0x4e, 0xd4, 0xac, 0xe5, 0xf3, 0x73, 0xa7, 0x57, 0xaf,\n\t0x58, 0xa8, 0x50, 0xf4, 0xea, 0xd6, 0x74, 0x4f, 0xae, 0xe9, 0xd5, 0xe7, 0xe6, 0xad, 0xe8, 0x2c,\n\t0xd7, 0x75, 0x7a, 0xeb, 0x16, 0x0b, 0xf5, 0x59, 0xcb, 0x5f, 0xb0, 0x9c, 0xa9, 0x51, 0xa0, 0x7f,\n\t0x0c, 0xf6, 0x6f, 0x17, 0xc4, 0x49, 0xec, 0xd8, 0x43, 0x1f, 0x2d, 0xa4, 0x76, 0x7b, 0xb7, 0xcc,\n\t0xbb, 0x3e, 0x5a, 0xfb, 0x60, 0xb1, 0x86, 0x3b, 0x52, 0xa1, 0x6c, 0xaa, 0x55, 0x29, 0x9d, 0x97,\n\t0xb2, 0x87, 0x90, 0x61, 0xbe, 0xdc, 0xfc, 0xbc, 0x95, 0xcf, 0xcd, 0x37, 0x3f, 0x5b, 0xd1, 0x53,\n\t0x39, 0x84, 0x3c, 0x41, 0xa2, 0x6d, 0x47, 0x14, 0x2a, 0x9e, 0x5d, 0x56, 0xf2, 0xd3, 0xab, 0x44,\n\t0x11, 0x92, 0xd9, 0x23, 0x20, 0x2e, 0x89, 0xb4, 0x7c, 0xb8, 0x26, 0x77, 0x99, 0xe3, 0xa5, 0x67,\n\t0x4a, 0xed, 0xde, 0xc5, 0x31, 0xfe, 0x18, 0x0d, 0x63, 0x8c, 0x80, 0xc0, 0xf7, 0x70, 0x07,\n];\n\nexport class Polynomial {\n\tcoefficients: GF256[];\n\n\t/**\n\t * Construct a new Polynomial over [GF256] from the given coefficients.\n\t * The first coefficient is the constant term.\n\t */\n\tconstructor(coefficients: GF256[]) {\n\t\tthis.coefficients = coefficients.slice();\n\n\t\t// The highest degree coefficient is always non-zero.\n\t\twhile (\n\t\t\tthis.coefficients.length > 0 &&\n\t\t\tthis.coefficients[this.coefficients.length - 1].value === 0\n\t\t) {\n\t\t\tthis.coefficients.pop();\n\t\t}\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): Polynomial {\n\t\treturn new Polynomial(Array.from(bytes, (b) => new GF256(b)));\n\t}\n\n\tdegree(): number {\n\t\tif (this.coefficients.length === 0) {\n\t\t\treturn 0;\n\t\t}\n\t\treturn this.coefficients.length - 1;\n\t}\n\n\tgetCoefficient(index: number): GF256 {\n\t\tif (index >= this.coefficients.length) {\n\t\t\treturn GF256.zero();\n\t\t}\n\t\treturn this.coefficients[index];\n\t}\n\n\tadd(other: Polynomial): Polynomial {\n\t\tconst degree = Math.max(this.degree(), other.degree());\n\t\treturn new Polynomial(\n\t\t\tArray.from({ length: degree + 1 }, (_, i) =>\n\t\t\t\tthis.getCoefficient(i).add(other.getCoefficient(i)),\n\t\t\t),\n\t\t);\n\t}\n\n\tmul(other: Polynomial): Polynomial {\n\t\tconst degree = this.degree() + other.degree();\n\t\treturn new Polynomial(\n\t\t\tArray.from({ length: degree + 1 }, (_, i) => {\n\t\t\t\tlet sum = GF256.zero();\n\t\t\t\tfor (let j = 0; j <= i; j++) {\n\t\t\t\t\tif (j <= this.degree() && i - j <= other.degree()) {\n\t\t\t\t\t\tsum = sum.add(this.getCoefficient(j).mul(other.getCoefficient(i - j)));\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\treturn sum;\n\t\t\t}),\n\t\t);\n\t}\n\n\t/** The polynomial s * this. */\n\tscale(s: GF256): Polynomial {\n\t\treturn new Polynomial(this.coefficients.map((c) => c.mul(s)));\n\t}\n\n\tdiv(s: GF256): Polynomial {\n\t\treturn this.scale(new GF256(1).div(s));\n\t}\n\n\t/** The polynomial x + c. */\n\tstatic monic_linear(c: GF256): Polynomial {\n\t\treturn new Polynomial([c, GF256.one()]);\n\t}\n\n\tstatic zero(): Polynomial {\n\t\treturn new Polynomial([]);\n\t}\n\n\tstatic one(): Polynomial {\n\t\treturn new Polynomial([GF256.one()]);\n\t}\n\n\t/** Given a set of coordinates, interpolate a polynomial. */\n\tstatic interpolate(coordinates: { x: GF256; y: GF256 }[]): Polynomial {\n\t\tif (coordinates.length < 1) {\n\t\t\tthrow new Error('At least one coefficient is required');\n\t\t}\n\n\t\tif (hasDuplicates(coordinates.map(({ x }) => x.value))) {\n\t\t\tthrow new Error('Coefficients must have unique x values');\n\t\t}\n\n\t\treturn coordinates.reduce(\n\t\t\t(sum, { x: x_j, y: y_j }, j) =>\n\t\t\t\tsum.add(\n\t\t\t\t\tcoordinates\n\t\t\t\t\t\t.filter((_, i) => i !== j)\n\t\t\t\t\t\t.reduce(\n\t\t\t\t\t\t\t(product, { x: x_i }) =>\n\t\t\t\t\t\t\t\tproduct.mul(Polynomial.monic_linear(x_i.neg()).div(x_j.sub(x_i))),\n\t\t\t\t\t\t\tPolynomial.one(),\n\t\t\t\t\t\t)\n\t\t\t\t\t\t.scale(y_j),\n\t\t\t\t),\n\t\t\tPolynomial.zero(),\n\t\t);\n\t}\n\n\t/** Given a set of coordinates, interpolate a polynomial and evaluate it at x = 0. */\n\tstatic combine(coordinates: { x: GF256; y: GF256 }[]): GF256 {\n\t\tif (coordinates.length < 1) {\n\t\t\tthrow new Error('At least one coefficient is required');\n\t\t}\n\n\t\tif (hasDuplicates(coordinates.map(({ x }) => x.value))) {\n\t\t\tthrow new Error('Coefficients must have unique x values');\n\t\t}\n\n\t\tconst quotient: GF256 = coordinates.reduce((sum, { x: x_j, y: y_j }, j) => {\n\t\t\tconst denominator = x_j.mul(\n\t\t\t\tcoordinates\n\t\t\t\t\t.filter((_, i) => i !== j)\n\t\t\t\t\t.reduce((product, { x: x_i }) => product.mul(x_i.sub(x_j)), GF256.one()),\n\t\t\t);\n\t\t\treturn sum.add(y_j.div(denominator));\n\t\t}, GF256.zero());\n\n\t\tconst xProduct = coordinates.reduce((product, { x }) => product.mul(x), GF256.one());\n\t\treturn xProduct.mul(quotient);\n\t}\n\n\t/** Evaluate the polynomial at x. */\n\tevaluate(x: GF256): GF256 {\n\t\treturn this.coefficients\n\t\t\t.toReversed()\n\t\t\t.reduce((sum, coefficient) => sum.mul(x).add(coefficient), GF256.zero());\n\t}\n\n\tequals(other: Polynomial): boolean {\n\t\tif (this.coefficients.length !== other.coefficients.length) {\n\t\t\treturn false;\n\t\t}\n\t\treturn this.coefficients.every((c, i) => c.equals(other.getCoefficient(i)));\n\t}\n}\n\n/** Representation of a share of a secret. The index is a number between 1 and 255. */\nexport type Share = {\n\tindex: number;\n\tshare: Uint8Array;\n};\n\nfunction toInternalShare(share: Share): InternalShare {\n\treturn {\n\t\tindex: new GF256(share.index),\n\t\tshare: Array.from(share.share, (byte) => new GF256(byte)),\n\t};\n}\n\n/** Internal representation of a share of a secret. The index is a non-zero GF256. */\ntype InternalShare = {\n\tindex: GF256;\n\tshare: GF256[];\n};\n\nfunction toShare(internalShare: InternalShare): Share {\n\treturn {\n\t\tindex: internalShare.index.value,\n\t\tshare: new Uint8Array(internalShare.share.map((byte) => byte.value)),\n\t};\n}\n\n/**\n * Sample a random polynomial with the given constant and degree.\n *\n * @param constant The constant term of the polynomial.\n * @param degree The degree of the polynomial.\n * @returns A random polynomial with the given constant and degree.\n */\nfunction samplePolynomial(constant: GF256, degree: number): Polynomial {\n\tconst randomCoefficients = new Uint8Array(degree);\n\tcrypto.getRandomValues(randomCoefficients);\n\n\t// The resulting polynomial has degree + 1 coefficients.\n\treturn Polynomial.fromBytes(new Uint8Array([constant.value, ...randomCoefficients]));\n}\n\n/**\n * Split a secret into shares.\n *\n * @param secret The secret to split.\n * @param threshold The minimum number of shares required to reconstruct the secret.\n * @param total The total number of shares to generate.\n * @returns The shares.\n */\nexport function split(secret: Uint8Array, threshold: number, total: number): Share[] {\n\tif (threshold > total || threshold < 1 || total > GF256_SIZE) {\n\t\tthrow new Error(`Invalid threshold ${threshold} or total ${total}`);\n\t}\n\n\tconst polynomials = Array.from(secret, (s) => samplePolynomial(new GF256(s), threshold - 1));\n\treturn Array.from({ length: total }, (_, i) => {\n\t\t// Indexes start at 1 because 0 is reserved for the constant term (which is also the secret).\n\t\tconst index = new GF256(i + 1);\n\t\tconst share = polynomials.map((p) => p.evaluate(index));\n\t\treturn toShare({ index, share });\n\t});\n}\n\n/** Validate a set of shares and return them in internal shares representation along with the length of the shares. */\nfunction validateShares(shares: Share[]): { internalShares: InternalShare[]; length: number } {\n\tif (shares.length < 1) {\n\t\tthrow new Error('At least one share is required');\n\t}\n\n\tif (!allEqual(shares.map(({ share }) => share.length))) {\n\t\tthrow new Error('All shares must have the same length');\n\t}\n\n\tif (hasDuplicates(shares.map(({ index }) => index))) {\n\t\tthrow new Error('Shares must have unique indices');\n\t}\n\n\tconst internalShares = shares.map(toInternalShare);\n\tconst length = internalShares[0].share.length;\n\n\treturn { internalShares, length };\n}\n\n/**\n * Combine shares into a secret. If fewer than the threshold number of shares are provided,\n * the result will be indistinguishable from random.\n *\n * @param shares The shares to combine.\n * @returns The secret.\n */\nexport function combine(shares: Share[]): Uint8Array {\n\tconst { internalShares, length } = validateShares(shares);\n\n\treturn new Uint8Array(\n\t\tArray.from(\n\t\t\t{ length },\n\t\t\t(_, i) =>\n\t\t\t\tPolynomial.combine(\n\t\t\t\t\tinternalShares.map(({ index, share }) => ({\n\t\t\t\t\t\tx: index,\n\t\t\t\t\t\ty: share[i],\n\t\t\t\t\t})),\n\t\t\t\t).value,\n\t\t),\n\t);\n}\n\n/**\n * Interpolate a polynomial from the given shares.\n *\n * @param shares The shares to interpolate from.\n * @returns A function that evaluates the polynomial at a given x.\n */\nexport function interpolate(shares: Share[]): (x: number) => Uint8Array {\n\tconst { internalShares, length } = validateShares(shares);\n\n\tconst polynomials = Array.from({ length }, (_, i) =>\n\t\tPolynomial.interpolate(internalShares.map(({ index, share }) => ({ x: index, y: share[i] }))),\n\t);\n\n\treturn (x: number) => {\n\t\treturn new Uint8Array(polynomials.map((p) => p.evaluate(new GF256(x)).value));\n\t};\n}\n"],
5
- "mappings": "AAGA,SAAS,UAAU,qBAAqB;AAExC,MAAM,aAAa;AAKZ,MAAM,MAAM;AAAA,EAGlB,YAAY,OAAe;AAC1B,QAAI,QAAQ,KAAK,SAAS,YAAY;AACrC,YAAM,IAAI,MAAM,iBAAiB,KAAK,YAAY;AAAA,IACnD;AACA,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,MAAc;AACb,QAAI,KAAK,UAAU,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IAChC;AACA,WAAO,IAAI,KAAK,QAAQ,CAAC;AAAA,EAC1B;AAAA,EAEA,OAAO,IAAI,GAAkB;AAC5B,WAAO,IAAI,MAAM,IAAI,KAAK,aAAa,EAAE,CAAC;AAAA,EAC3C;AAAA,EAEA,IAAI,OAAqB;AACxB,WAAO,IAAI,MAAM,KAAK,QAAQ,MAAM,KAAK;AAAA,EAC1C;AAAA,EAEA,IAAI,OAAqB;AAExB,WAAO,KAAK,IAAI,KAAK;AAAA,EACtB;AAAA,EAEA,MAAa;AAEZ,WAAO;AAAA,EACR;AAAA,EAEA,IAAI,OAAqB;AACxB,QAAI,KAAK,UAAU,KAAK,MAAM,UAAU,GAAG;AAC1C,aAAO,IAAI,MAAM,CAAC;AAAA,IACnB;AACA,WAAO,MAAM,IAAI,KAAK,IAAI,IAAI,MAAM,IAAI,CAAC;AAAA,EAC1C;AAAA,EAEA,IAAI,OAAqB;AACxB,WAAO,KAAK,IAAI,MAAM,IAAI,aAAa,MAAM,IAAI,IAAI,CAAC,CAAC;AAAA,EACxD;AAAA,EAEA,OAAO,OAAuB;AAC7B,WAAO,KAAK,UAAU,MAAM;AAAA,EAC7B;AAAA,EAEA,OAAO,OAAc;AACpB,WAAO,IAAI,MAAM,CAAC;AAAA,EACnB;AAAA,EAEA,OAAO,MAAa;AACnB,WAAO,IAAI,MAAM,CAAC;AAAA,EACnB;AACD;AAGA,MAAM,MAAgB;AAAA,EACrB;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AACrF;AAGA,MAAM,MAAgB;AAAA,EACrB;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AACrF;AAEO,MAAM,WAAW;AAAA;AAAA;AAAA;AAAA;AAAA,EAOvB,YAAY,cAAuB;AAClC,SAAK,eAAe,aAAa,MAAM;AAGvC,WACC,KAAK,aAAa,SAAS,KAC3B,KAAK,aAAa,KAAK,aAAa,SAAS,CAAC,EAAE,UAAU,GACzD;AACD,WAAK,aAAa,IAAI;AAAA,IACvB;AAAA,EACD;AAAA,EAEA,OAAO,UAAU,OAA+B;AAC/C,WAAO,IAAI,WAAW,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC;AAAA,EAC7D;AAAA,EAEA,SAAiB;AAChB,QAAI,KAAK,aAAa,WAAW,GAAG;AACnC,aAAO;AAAA,IACR;AACA,WAAO,KAAK,aAAa,SAAS;AAAA,EACnC;AAAA,EAEA,eAAe,OAAsB;AACpC,QAAI,SAAS,KAAK,aAAa,QAAQ;AACtC,aAAO,MAAM,KAAK;AAAA,IACnB;AACA,WAAO,KAAK,aAAa,KAAK;AAAA,EAC/B;AAAA,EAEA,IAAI,OAA+B;AAClC,UAAM,SAAS,KAAK,IAAI,KAAK,OAAO,GAAG,MAAM,OAAO,CAAC;AACrD,WAAO,IAAI;AAAA,MACV,MAAM;AAAA,QAAK,EAAE,QAAQ,SAAS,EAAE;AAAA,QAAG,CAAC,GAAG,MACtC,KAAK,eAAe,CAAC,EAAE,IAAI,MAAM,eAAe,CAAC,CAAC;AAAA,MACnD;AAAA,IACD;AAAA,EACD;AAAA,EAEA,IAAI,OAA+B;AAClC,UAAM,SAAS,KAAK,OAAO,IAAI,MAAM,OAAO;AAC5C,WAAO,IAAI;AAAA,MACV,MAAM,KAAK,EAAE,QAAQ,SAAS,EAAE,GAAG,CAAC,GAAG,MAAM;AAC5C,YAAI,MAAM,MAAM,KAAK;AACrB,iBAAS,IAAI,GAAG,KAAK,GAAG,KAAK;AAC5B,cAAI,KAAK,KAAK,OAAO,KAAK,IAAI,KAAK,MAAM,OAAO,GAAG;AAClD,kBAAM,IAAI,IAAI,KAAK,eAAe,CAAC,EAAE,IAAI,MAAM,eAAe,IAAI,CAAC,CAAC,CAAC;AAAA,UACtE;AAAA,QACD;AACA,eAAO;AAAA,MACR,CAAC;AAAA,IACF;AAAA,EACD;AAAA;AAAA,EAGA,MAAM,GAAsB;AAC3B,WAAO,IAAI,WAAW,KAAK,aAAa,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;AAAA,EAC7D;AAAA,EAEA,IAAI,GAAsB;AACzB,WAAO,KAAK,MAAM,IAAI,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;AAAA,EACtC;AAAA;AAAA,EAGA,OAAO,aAAa,GAAsB;AACzC,WAAO,IAAI,WAAW,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC;AAAA,EACvC;AAAA,EAEA,OAAO,OAAmB;AACzB,WAAO,IAAI,WAAW,CAAC,CAAC;AAAA,EACzB;AAAA,EAEA,OAAO,MAAkB;AACxB,WAAO,IAAI,WAAW,CAAC,MAAM,IAAI,CAAC,CAAC;AAAA,EACpC;AAAA;AAAA,EAGA,OAAO,YAAY,aAAmD;AACrE,QAAI,YAAY,SAAS,GAAG;AAC3B,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACvD;AAEA,QAAI,cAAc,YAAY,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG;AACvD,YAAM,IAAI,MAAM,wCAAwC;AAAA,IACzD;AAEA,WAAO,YAAY;AAAA,MAClB,CAAC,KAAK,EAAE,GAAG,KAAK,GAAG,IAAI,GAAG,MACzB,IAAI;AAAA,QACH,YACE,OAAO,CAAC,GAAG,MAAM,MAAM,CAAC,EACxB;AAAA,UACA,CAAC,SAAS,EAAE,GAAG,IAAI,MAClB,QAAQ,IAAI,WAAW,aAAa,IAAI,IAAI,CAAC,EAAE,IAAI,IAAI,IAAI,GAAG,CAAC,CAAC;AAAA,UACjE,WAAW,IAAI;AAAA,QAChB,EACC,MAAM,GAAG;AAAA,MACZ;AAAA,MACD,WAAW,KAAK;AAAA,IACjB;AAAA,EACD;AAAA;AAAA,EAGA,OAAO,QAAQ,aAA8C;AAC5D,QAAI,YAAY,SAAS,GAAG;AAC3B,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACvD;AAEA,QAAI,cAAc,YAAY,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG;AACvD,YAAM,IAAI,MAAM,wCAAwC;AAAA,IACzD;AAEA,UAAM,WAAkB,YAAY,OAAO,CAAC,KAAK,EAAE,GAAG,KAAK,GAAG,IAAI,GAAG,MAAM;AAC1E,YAAM,cAAc,IAAI;AAAA,QACvB,YACE,OAAO,CAAC,GAAG,MAAM,MAAM,CAAC,EACxB,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,MAAM,QAAQ,IAAI,IAAI,IAAI,GAAG,CAAC,GAAG,MAAM,IAAI,CAAC;AAAA,MACzE;AACA,aAAO,IAAI,IAAI,IAAI,IAAI,WAAW,CAAC;AAAA,IACpC,GAAG,MAAM,KAAK,CAAC;AAEf,UAAM,WAAW,YAAY,OAAO,CAAC,SAAS,EAAE,EAAE,MAAM,QAAQ,IAAI,CAAC,GAAG,MAAM,IAAI,CAAC;AACnF,WAAO,SAAS,IAAI,QAAQ;AAAA,EAC7B;AAAA;AAAA,EAGA,SAAS,GAAiB;AACzB,WAAO,KAAK,aACV,WAAW,EACX,OAAO,CAAC,KAAK,gBAAgB,IAAI,IAAI,CAAC,EAAE,IAAI,WAAW,GAAG,MAAM,KAAK,CAAC;AAAA,EACzE;AAAA,EAEA,OAAO,OAA4B;AAClC,QAAI,KAAK,aAAa,WAAW,MAAM,aAAa,QAAQ;AAC3D,aAAO;AAAA,IACR;AACA,WAAO,KAAK,aAAa,MAAM,CAAC,GAAG,MAAM,EAAE,OAAO,MAAM,eAAe,CAAC,CAAC,CAAC;AAAA,EAC3E;AACD;AAQA,SAAS,gBAAgB,OAA6B;AACrD,SAAO;AAAA,IACN,OAAO,IAAI,MAAM,MAAM,KAAK;AAAA,IAC5B,OAAO,MAAM,KAAK,MAAM,OAAO,CAAC,SAAS,IAAI,MAAM,IAAI,CAAC;AAAA,EACzD;AACD;AAQA,SAAS,QAAQ,eAAqC;AACrD,SAAO;AAAA,IACN,OAAO,cAAc,MAAM;AAAA,IAC3B,OAAO,IAAI,WAAW,cAAc,MAAM,IAAI,CAAC,SAAS,KAAK,KAAK,CAAC;AAAA,EACpE;AACD;AASA,SAAS,iBAAiB,UAAiB,QAA4B;AACtE,QAAM,qBAAqB,IAAI,WAAW,MAAM;AAChD,SAAO,gBAAgB,kBAAkB;AAGzC,SAAO,WAAW,UAAU,IAAI,WAAW,CAAC,SAAS,OAAO,GAAG,kBAAkB,CAAC,CAAC;AACpF;AAUO,SAAS,MAAM,QAAoB,WAAmB,OAAwB;AACpF,MAAI,YAAY,SAAS,YAAY,KAAK,QAAQ,YAAY;AAC7D,UAAM,IAAI,MAAM,qBAAqB,SAAS,aAAa,KAAK,EAAE;AAAA,EACnE;AAEA,QAAM,cAAc,MAAM,KAAK,QAAQ,CAAC,MAAM,iBAAiB,IAAI,MAAM,CAAC,GAAG,YAAY,CAAC,CAAC;AAC3F,SAAO,MAAM,KAAK,EAAE,QAAQ,MAAM,GAAG,CAAC,GAAG,MAAM;AAE9C,UAAM,QAAQ,IAAI,MAAM,IAAI,CAAC;AAC7B,UAAM,QAAQ,YAAY,IAAI,CAAC,MAAM,EAAE,SAAS,KAAK,CAAC;AACtD,WAAO,QAAQ,EAAE,OAAO,MAAM,CAAC;AAAA,EAChC,CAAC;AACF;AAGA,SAAS,eAAe,QAAsE;AAC7F,MAAI,OAAO,SAAS,GAAG;AACtB,UAAM,IAAI,MAAM,gCAAgC;AAAA,EACjD;AAEA,MAAI,CAAC,SAAS,OAAO,IAAI,CAAC,EAAE,MAAM,MAAM,MAAM,MAAM,CAAC,GAAG;AACvD,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACvD;AAEA,MAAI,cAAc,OAAO,IAAI,CAAC,EAAE,MAAM,MAAM,KAAK,CAAC,GAAG;AACpD,UAAM,IAAI,MAAM,iCAAiC;AAAA,EAClD;AAEA,QAAM,iBAAiB,OAAO,IAAI,eAAe;AACjD,QAAM,SAAS,eAAe,CAAC,EAAE,MAAM;AAEvC,SAAO,EAAE,gBAAgB,OAAO;AACjC;AASO,SAAS,QAAQ,QAA6B;AACpD,QAAM,EAAE,gBAAgB,OAAO,IAAI,eAAe,MAAM;AAExD,SAAO,IAAI;AAAA,IACV,MAAM;AAAA,MACL,EAAE,OAAO;AAAA,MACT,CAAC,GAAG,MACH,WAAW;AAAA,QACV,eAAe,IAAI,CAAC,EAAE,OAAO,MAAM,OAAO;AAAA,UACzC,GAAG;AAAA,UACH,GAAG,MAAM,CAAC;AAAA,QACX,EAAE;AAAA,MACH,EAAE;AAAA,IACJ;AAAA,EACD;AACD;AAQO,SAAS,YAAY,QAA4C;AACvE,QAAM,EAAE,gBAAgB,OAAO,IAAI,eAAe,MAAM;AAExD,QAAM,cAAc,MAAM;AAAA,IAAK,EAAE,OAAO;AAAA,IAAG,CAAC,GAAG,MAC9C,WAAW,YAAY,eAAe,IAAI,CAAC,EAAE,OAAO,MAAM,OAAO,EAAE,GAAG,OAAO,GAAG,MAAM,CAAC,EAAE,EAAE,CAAC;AAAA,EAC7F;AAEA,SAAO,CAAC,MAAc;AACrB,WAAO,IAAI,WAAW,YAAY,IAAI,CAAC,MAAM,EAAE,SAAS,IAAI,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC;AAAA,EAC7E;AACD;",
4
+ "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { allEqual, hasDuplicates } from './utils.js';\n\nconst GF256_SIZE = 256;\n\n/**\n * A field element in the Rijndael finite field GF(2\u2078) with a fixed generator g = 0x03.\n */\nexport class GF256 {\n\tvalue: number;\n\n\tconstructor(value: number) {\n\t\tif (value < 0 || value >= GF256_SIZE) {\n\t\t\tthrow new Error(`Invalid value ${value} for GF256`);\n\t\t}\n\t\tthis.value = value;\n\t}\n\n\tlog(): number {\n\t\tif (this.value === 0) {\n\t\t\tthrow new Error('Invalid value');\n\t\t}\n\t\treturn LOG[this.value - 1];\n\t}\n\n\tstatic exp(x: number): GF256 {\n\t\treturn new GF256(EXP[x % (GF256_SIZE - 1)]);\n\t}\n\n\tadd(other: GF256): GF256 {\n\t\treturn new GF256(this.value ^ other.value);\n\t}\n\n\tsub(other: GF256): GF256 {\n\t\t// Addition is the same as subtraction in a binary field.\n\t\treturn this.add(other);\n\t}\n\n\tneg(): GF256 {\n\t\t// Negation doesn't change the value in a binary field.\n\t\treturn this;\n\t}\n\n\tmul(other: GF256): GF256 {\n\t\tif (this.value === 0 || other.value === 0) {\n\t\t\treturn new GF256(0);\n\t\t}\n\t\treturn GF256.exp(this.log() + other.log());\n\t}\n\n\tdiv(other: GF256): GF256 {\n\t\treturn this.mul(GF256.exp(GF256_SIZE - other.log() - 1));\n\t}\n\n\tequals(other: GF256): boolean {\n\t\treturn this.value === other.value;\n\t}\n\n\tstatic zero(): GF256 {\n\t\treturn new GF256(0);\n\t}\n\n\tstatic one(): GF256 {\n\t\treturn new GF256(1);\n\t}\n}\n\n/// Table of E\u1D62 = g\u2071 where g = 0x03 generates the multiplicative group of the field.\nconst EXP: number[] = [\n\t0x01, 0x03, 0x05, 0x0f, 0x11, 0x33, 0x55, 0xff, 0x1a, 0x2e, 0x72, 0x96, 0xa1, 0xf8, 0x13, 0x35,\n\t0x5f, 0xe1, 0x38, 0x48, 0xd8, 0x73, 0x95, 0xa4, 0xf7, 0x02, 0x06, 0x0a, 0x1e, 0x22, 0x66, 0xaa,\n\t0xe5, 0x34, 0x5c, 0xe4, 0x37, 0x59, 0xeb, 0x26, 0x6a, 0xbe, 0xd9, 0x70, 0x90, 0xab, 0xe6, 0x31,\n\t0x53, 0xf5, 0x04, 0x0c, 0x14, 0x3c, 0x44, 0xcc, 0x4f, 0xd1, 0x68, 0xb8, 0xd3, 0x6e, 0xb2, 0xcd,\n\t0x4c, 0xd4, 0x67, 0xa9, 0xe0, 0x3b, 0x4d, 0xd7, 0x62, 0xa6, 0xf1, 0x08, 0x18, 0x28, 0x78, 0x88,\n\t0x83, 0x9e, 0xb9, 0xd0, 0x6b, 0xbd, 0xdc, 0x7f, 0x81, 0x98, 0xb3, 0xce, 0x49, 0xdb, 0x76, 0x9a,\n\t0xb5, 0xc4, 0x57, 0xf9, 0x10, 0x30, 0x50, 0xf0, 0x0b, 0x1d, 0x27, 0x69, 0xbb, 0xd6, 0x61, 0xa3,\n\t0xfe, 0x19, 0x2b, 0x7d, 0x87, 0x92, 0xad, 0xec, 0x2f, 0x71, 0x93, 0xae, 0xe9, 0x20, 0x60, 0xa0,\n\t0xfb, 0x16, 0x3a, 0x4e, 0xd2, 0x6d, 0xb7, 0xc2, 0x5d, 0xe7, 0x32, 0x56, 0xfa, 0x15, 0x3f, 0x41,\n\t0xc3, 0x5e, 0xe2, 0x3d, 0x47, 0xc9, 0x40, 0xc0, 0x5b, 0xed, 0x2c, 0x74, 0x9c, 0xbf, 0xda, 0x75,\n\t0x9f, 0xba, 0xd5, 0x64, 0xac, 0xef, 0x2a, 0x7e, 0x82, 0x9d, 0xbc, 0xdf, 0x7a, 0x8e, 0x89, 0x80,\n\t0x9b, 0xb6, 0xc1, 0x58, 0xe8, 0x23, 0x65, 0xaf, 0xea, 0x25, 0x6f, 0xb1, 0xc8, 0x43, 0xc5, 0x54,\n\t0xfc, 0x1f, 0x21, 0x63, 0xa5, 0xf4, 0x07, 0x09, 0x1b, 0x2d, 0x77, 0x99, 0xb0, 0xcb, 0x46, 0xca,\n\t0x45, 0xcf, 0x4a, 0xde, 0x79, 0x8b, 0x86, 0x91, 0xa8, 0xe3, 0x3e, 0x42, 0xc6, 0x51, 0xf3, 0x0e,\n\t0x12, 0x36, 0x5a, 0xee, 0x29, 0x7b, 0x8d, 0x8c, 0x8f, 0x8a, 0x85, 0x94, 0xa7, 0xf2, 0x0d, 0x17,\n\t0x39, 0x4b, 0xdd, 0x7c, 0x84, 0x97, 0xa2, 0xfd, 0x1c, 0x24, 0x6c, 0xb4, 0xc7, 0x52, 0xf6,\n];\n\n/// Table of L\u1D62 = LOG[i + 1] such that g^L\u1D62 = i where g = 0x03.\nconst LOG: number[] = [\n\t0x00, 0x19, 0x01, 0x32, 0x02, 0x1a, 0xc6, 0x4b, 0xc7, 0x1b, 0x68, 0x33, 0xee, 0xdf, 0x03, 0x64,\n\t0x04, 0xe0, 0x0e, 0x34, 0x8d, 0x81, 0xef, 0x4c, 0x71, 0x08, 0xc8, 0xf8, 0x69, 0x1c, 0xc1, 0x7d,\n\t0xc2, 0x1d, 0xb5, 0xf9, 0xb9, 0x27, 0x6a, 0x4d, 0xe4, 0xa6, 0x72, 0x9a, 0xc9, 0x09, 0x78, 0x65,\n\t0x2f, 0x8a, 0x05, 0x21, 0x0f, 0xe1, 0x24, 0x12, 0xf0, 0x82, 0x45, 0x35, 0x93, 0xda, 0x8e, 0x96,\n\t0x8f, 0xdb, 0xbd, 0x36, 0xd0, 0xce, 0x94, 0x13, 0x5c, 0xd2, 0xf1, 0x40, 0x46, 0x83, 0x38, 0x66,\n\t0xdd, 0xfd, 0x30, 0xbf, 0x06, 0x8b, 0x62, 0xb3, 0x25, 0xe2, 0x98, 0x22, 0x88, 0x91, 0x10, 0x7e,\n\t0x6e, 0x48, 0xc3, 0xa3, 0xb6, 0x1e, 0x42, 0x3a, 0x6b, 0x28, 0x54, 0xfa, 0x85, 0x3d, 0xba, 0x2b,\n\t0x79, 0x0a, 0x15, 0x9b, 0x9f, 0x5e, 0xca, 0x4e, 0xd4, 0xac, 0xe5, 0xf3, 0x73, 0xa7, 0x57, 0xaf,\n\t0x58, 0xa8, 0x50, 0xf4, 0xea, 0xd6, 0x74, 0x4f, 0xae, 0xe9, 0xd5, 0xe7, 0xe6, 0xad, 0xe8, 0x2c,\n\t0xd7, 0x75, 0x7a, 0xeb, 0x16, 0x0b, 0xf5, 0x59, 0xcb, 0x5f, 0xb0, 0x9c, 0xa9, 0x51, 0xa0, 0x7f,\n\t0x0c, 0xf6, 0x6f, 0x17, 0xc4, 0x49, 0xec, 0xd8, 0x43, 0x1f, 0x2d, 0xa4, 0x76, 0x7b, 0xb7, 0xcc,\n\t0xbb, 0x3e, 0x5a, 0xfb, 0x60, 0xb1, 0x86, 0x3b, 0x52, 0xa1, 0x6c, 0xaa, 0x55, 0x29, 0x9d, 0x97,\n\t0xb2, 0x87, 0x90, 0x61, 0xbe, 0xdc, 0xfc, 0xbc, 0x95, 0xcf, 0xcd, 0x37, 0x3f, 0x5b, 0xd1, 0x53,\n\t0x39, 0x84, 0x3c, 0x41, 0xa2, 0x6d, 0x47, 0x14, 0x2a, 0x9e, 0x5d, 0x56, 0xf2, 0xd3, 0xab, 0x44,\n\t0x11, 0x92, 0xd9, 0x23, 0x20, 0x2e, 0x89, 0xb4, 0x7c, 0xb8, 0x26, 0x77, 0x99, 0xe3, 0xa5, 0x67,\n\t0x4a, 0xed, 0xde, 0xc5, 0x31, 0xfe, 0x18, 0x0d, 0x63, 0x8c, 0x80, 0xc0, 0xf7, 0x70, 0x07,\n];\n\nexport class Polynomial {\n\tcoefficients: GF256[];\n\n\t/**\n\t * Construct a new Polynomial over [GF256] from the given coefficients.\n\t * The first coefficient is the constant term.\n\t */\n\tconstructor(coefficients: GF256[]) {\n\t\tthis.coefficients = coefficients.slice();\n\n\t\t// The highest degree coefficient is always non-zero.\n\t\twhile (\n\t\t\tthis.coefficients.length > 0 &&\n\t\t\tthis.coefficients[this.coefficients.length - 1].value === 0\n\t\t) {\n\t\t\tthis.coefficients.pop();\n\t\t}\n\t}\n\n\tstatic fromBytes(bytes: Uint8Array): Polynomial {\n\t\treturn new Polynomial(Array.from(bytes, (b) => new GF256(b)));\n\t}\n\n\tdegree(): number {\n\t\tif (this.coefficients.length === 0) {\n\t\t\treturn 0;\n\t\t}\n\t\treturn this.coefficients.length - 1;\n\t}\n\n\tgetCoefficient(index: number): GF256 {\n\t\tif (index >= this.coefficients.length) {\n\t\t\treturn GF256.zero();\n\t\t}\n\t\treturn this.coefficients[index];\n\t}\n\n\tadd(other: Polynomial): Polynomial {\n\t\tconst degree = Math.max(this.degree(), other.degree());\n\t\treturn new Polynomial(\n\t\t\tArray.from({ length: degree + 1 }, (_, i) =>\n\t\t\t\tthis.getCoefficient(i).add(other.getCoefficient(i)),\n\t\t\t),\n\t\t);\n\t}\n\n\tmul(other: Polynomial): Polynomial {\n\t\tconst degree = this.degree() + other.degree();\n\t\treturn new Polynomial(\n\t\t\tArray.from({ length: degree + 1 }, (_, i) => {\n\t\t\t\tlet sum = GF256.zero();\n\t\t\t\tfor (let j = 0; j <= i; j++) {\n\t\t\t\t\tif (j <= this.degree() && i - j <= other.degree()) {\n\t\t\t\t\t\tsum = sum.add(this.getCoefficient(j).mul(other.getCoefficient(i - j)));\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\treturn sum;\n\t\t\t}),\n\t\t);\n\t}\n\n\t/** The polynomial s * this. */\n\tscale(s: GF256): Polynomial {\n\t\treturn new Polynomial(this.coefficients.map((c) => c.mul(s)));\n\t}\n\n\tdiv(s: GF256): Polynomial {\n\t\treturn this.scale(new GF256(1).div(s));\n\t}\n\n\t/** The polynomial x + c. */\n\tstatic monic_linear(c: GF256): Polynomial {\n\t\treturn new Polynomial([c, GF256.one()]);\n\t}\n\n\tstatic zero(): Polynomial {\n\t\treturn new Polynomial([]);\n\t}\n\n\tstatic one(): Polynomial {\n\t\treturn new Polynomial([GF256.one()]);\n\t}\n\n\t/** Given a set of coordinates, interpolate a polynomial. */\n\tstatic interpolate(coordinates: { x: GF256; y: GF256 }[]): Polynomial {\n\t\tif (coordinates.length < 1) {\n\t\t\tthrow new Error('At least one coefficient is required');\n\t\t}\n\n\t\tif (hasDuplicates(coordinates.map(({ x }) => x.value))) {\n\t\t\tthrow new Error('Coefficients must have unique x values');\n\t\t}\n\n\t\treturn coordinates.reduce(\n\t\t\t(sum, { x: x_j, y: y_j }, j) =>\n\t\t\t\tsum.add(\n\t\t\t\t\tcoordinates\n\t\t\t\t\t\t.filter((_, i) => i !== j)\n\t\t\t\t\t\t.reduce(\n\t\t\t\t\t\t\t(product, { x: x_i }) =>\n\t\t\t\t\t\t\t\tproduct.mul(Polynomial.monic_linear(x_i.neg()).div(x_j.sub(x_i))),\n\t\t\t\t\t\t\tPolynomial.one(),\n\t\t\t\t\t\t)\n\t\t\t\t\t\t.scale(y_j),\n\t\t\t\t),\n\t\t\tPolynomial.zero(),\n\t\t);\n\t}\n\n\t/** Given a set of coordinates, interpolate a polynomial and evaluate it at x = 0. */\n\tstatic combine(coordinates: { x: GF256; y: GF256 }[]): GF256 {\n\t\tif (coordinates.length < 1) {\n\t\t\tthrow new Error('At least one coefficient is required');\n\t\t}\n\n\t\tif (hasDuplicates(coordinates.map(({ x }) => x.value))) {\n\t\t\tthrow new Error('Coefficients must have unique x values');\n\t\t}\n\n\t\tconst quotient: GF256 = coordinates.reduce((sum, { x: x_j, y: y_j }, j) => {\n\t\t\tconst denominator = x_j.mul(\n\t\t\t\tcoordinates\n\t\t\t\t\t.filter((_, i) => i !== j)\n\t\t\t\t\t.reduce((product, { x: x_i }) => product.mul(x_i.sub(x_j)), GF256.one()),\n\t\t\t);\n\t\t\treturn sum.add(y_j.div(denominator));\n\t\t}, GF256.zero());\n\n\t\tconst xProduct = coordinates.reduce((product, { x }) => product.mul(x), GF256.one());\n\t\treturn xProduct.mul(quotient);\n\t}\n\n\t/** Evaluate the polynomial at x. */\n\tevaluate(x: GF256): GF256 {\n\t\treturn this.coefficients\n\t\t\t.toReversed()\n\t\t\t.reduce((sum, coefficient) => sum.mul(x).add(coefficient), GF256.zero());\n\t}\n\n\tequals(other: Polynomial): boolean {\n\t\tif (this.coefficients.length !== other.coefficients.length) {\n\t\t\treturn false;\n\t\t}\n\t\treturn this.coefficients.every((c, i) => c.equals(other.getCoefficient(i)));\n\t}\n}\n\n/** Representation of a share of a secret. The index is a number between 1 and 255. */\nexport type Share = {\n\tindex: number;\n\tshare: Uint8Array;\n};\n\nfunction toInternalShare(share: Share): InternalShare {\n\treturn {\n\t\tindex: new GF256(share.index),\n\t\tshare: Array.from(share.share, (byte) => new GF256(byte)),\n\t};\n}\n\n/** Internal representation of a share of a secret. The index is a non-zero GF256. */\ntype InternalShare = {\n\tindex: GF256;\n\tshare: GF256[];\n};\n\nfunction toShare(internalShare: InternalShare): Share {\n\treturn {\n\t\tindex: internalShare.index.value,\n\t\tshare: new Uint8Array(internalShare.share.map((byte) => byte.value)),\n\t};\n}\n\n/**\n * Sample a random polynomial with the given constant and degree.\n *\n * @param constant The constant term of the polynomial.\n * @param degree The degree of the polynomial.\n * @returns A random polynomial with the given constant and degree.\n */\nfunction samplePolynomial(constant: GF256, degree: number): Polynomial {\n\tconst randomCoefficients = new Uint8Array(degree);\n\tcrypto.getRandomValues(randomCoefficients);\n\n\t// The resulting polynomial has degree + 1 coefficients.\n\treturn Polynomial.fromBytes(new Uint8Array([constant.value, ...randomCoefficients]));\n}\n\n/**\n * Split a secret into shares.\n *\n * @param secret The secret to split.\n * @param threshold The minimum number of shares required to reconstruct the secret.\n * @param total The total number of shares to generate.\n * @returns The shares.\n */\nexport function split(secret: Uint8Array, threshold: number, total: number): Share[] {\n\tif (threshold > total || threshold < 1 || total >= GF256_SIZE) {\n\t\tthrow new Error(`Invalid threshold ${threshold} or total ${total}`);\n\t}\n\n\tconst polynomials = Array.from(secret, (s) => samplePolynomial(new GF256(s), threshold - 1));\n\treturn Array.from({ length: total }, (_, i) => {\n\t\t// Indexes start at 1 because 0 is reserved for the constant term (which is also the secret).\n\t\tconst index = new GF256(i + 1);\n\t\tconst share = polynomials.map((p) => p.evaluate(index));\n\t\treturn toShare({ index, share });\n\t});\n}\n\n/** Validate a set of shares and return them in internal shares representation along with the length of the shares. */\nfunction validateShares(shares: Share[]): { internalShares: InternalShare[]; length: number } {\n\tif (shares.length < 1) {\n\t\tthrow new Error('At least one share is required');\n\t}\n\n\tif (!allEqual(shares.map(({ share }) => share.length))) {\n\t\tthrow new Error('All shares must have the same length');\n\t}\n\n\tif (hasDuplicates(shares.map(({ index }) => index))) {\n\t\tthrow new Error('Shares must have unique indices');\n\t}\n\n\tconst internalShares = shares.map(toInternalShare);\n\tconst length = internalShares[0].share.length;\n\n\treturn { internalShares, length };\n}\n\n/**\n * Combine shares into a secret. If fewer than the threshold number of shares are provided,\n * the result will be indistinguishable from random.\n *\n * @param shares The shares to combine.\n * @returns The secret.\n */\nexport function combine(shares: Share[]): Uint8Array {\n\tconst { internalShares, length } = validateShares(shares);\n\n\treturn new Uint8Array(\n\t\tArray.from(\n\t\t\t{ length },\n\t\t\t(_, i) =>\n\t\t\t\tPolynomial.combine(\n\t\t\t\t\tinternalShares.map(({ index, share }) => ({\n\t\t\t\t\t\tx: index,\n\t\t\t\t\t\ty: share[i],\n\t\t\t\t\t})),\n\t\t\t\t).value,\n\t\t),\n\t);\n}\n\n/**\n * Interpolate a polynomial from the given shares.\n *\n * @param shares The shares to interpolate from.\n * @returns A function that evaluates the polynomial at a given x.\n */\nexport function interpolate(shares: Share[]): (x: number) => Uint8Array {\n\tconst { internalShares, length } = validateShares(shares);\n\n\tconst polynomials = Array.from({ length }, (_, i) =>\n\t\tPolynomial.interpolate(internalShares.map(({ index, share }) => ({ x: index, y: share[i] }))),\n\t);\n\n\treturn (x: number) => {\n\t\treturn new Uint8Array(polynomials.map((p) => p.evaluate(new GF256(x)).value));\n\t};\n}\n"],
5
+ "mappings": "AAGA,SAAS,UAAU,qBAAqB;AAExC,MAAM,aAAa;AAKZ,MAAM,MAAM;AAAA,EAGlB,YAAY,OAAe;AAC1B,QAAI,QAAQ,KAAK,SAAS,YAAY;AACrC,YAAM,IAAI,MAAM,iBAAiB,KAAK,YAAY;AAAA,IACnD;AACA,SAAK,QAAQ;AAAA,EACd;AAAA,EAEA,MAAc;AACb,QAAI,KAAK,UAAU,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IAChC;AACA,WAAO,IAAI,KAAK,QAAQ,CAAC;AAAA,EAC1B;AAAA,EAEA,OAAO,IAAI,GAAkB;AAC5B,WAAO,IAAI,MAAM,IAAI,KAAK,aAAa,EAAE,CAAC;AAAA,EAC3C;AAAA,EAEA,IAAI,OAAqB;AACxB,WAAO,IAAI,MAAM,KAAK,QAAQ,MAAM,KAAK;AAAA,EAC1C;AAAA,EAEA,IAAI,OAAqB;AAExB,WAAO,KAAK,IAAI,KAAK;AAAA,EACtB;AAAA,EAEA,MAAa;AAEZ,WAAO;AAAA,EACR;AAAA,EAEA,IAAI,OAAqB;AACxB,QAAI,KAAK,UAAU,KAAK,MAAM,UAAU,GAAG;AAC1C,aAAO,IAAI,MAAM,CAAC;AAAA,IACnB;AACA,WAAO,MAAM,IAAI,KAAK,IAAI,IAAI,MAAM,IAAI,CAAC;AAAA,EAC1C;AAAA,EAEA,IAAI,OAAqB;AACxB,WAAO,KAAK,IAAI,MAAM,IAAI,aAAa,MAAM,IAAI,IAAI,CAAC,CAAC;AAAA,EACxD;AAAA,EAEA,OAAO,OAAuB;AAC7B,WAAO,KAAK,UAAU,MAAM;AAAA,EAC7B;AAAA,EAEA,OAAO,OAAc;AACpB,WAAO,IAAI,MAAM,CAAC;AAAA,EACnB;AAAA,EAEA,OAAO,MAAa;AACnB,WAAO,IAAI,MAAM,CAAC;AAAA,EACnB;AACD;AAGA,MAAM,MAAgB;AAAA,EACrB;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AACrF;AAGA,MAAM,MAAgB;AAAA,EACrB;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAC1F;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AAAA,EAAM;AACrF;AAEO,MAAM,WAAW;AAAA;AAAA;AAAA;AAAA;AAAA,EAOvB,YAAY,cAAuB;AAClC,SAAK,eAAe,aAAa,MAAM;AAGvC,WACC,KAAK,aAAa,SAAS,KAC3B,KAAK,aAAa,KAAK,aAAa,SAAS,CAAC,EAAE,UAAU,GACzD;AACD,WAAK,aAAa,IAAI;AAAA,IACvB;AAAA,EACD;AAAA,EAEA,OAAO,UAAU,OAA+B;AAC/C,WAAO,IAAI,WAAW,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC;AAAA,EAC7D;AAAA,EAEA,SAAiB;AAChB,QAAI,KAAK,aAAa,WAAW,GAAG;AACnC,aAAO;AAAA,IACR;AACA,WAAO,KAAK,aAAa,SAAS;AAAA,EACnC;AAAA,EAEA,eAAe,OAAsB;AACpC,QAAI,SAAS,KAAK,aAAa,QAAQ;AACtC,aAAO,MAAM,KAAK;AAAA,IACnB;AACA,WAAO,KAAK,aAAa,KAAK;AAAA,EAC/B;AAAA,EAEA,IAAI,OAA+B;AAClC,UAAM,SAAS,KAAK,IAAI,KAAK,OAAO,GAAG,MAAM,OAAO,CAAC;AACrD,WAAO,IAAI;AAAA,MACV,MAAM;AAAA,QAAK,EAAE,QAAQ,SAAS,EAAE;AAAA,QAAG,CAAC,GAAG,MACtC,KAAK,eAAe,CAAC,EAAE,IAAI,MAAM,eAAe,CAAC,CAAC;AAAA,MACnD;AAAA,IACD;AAAA,EACD;AAAA,EAEA,IAAI,OAA+B;AAClC,UAAM,SAAS,KAAK,OAAO,IAAI,MAAM,OAAO;AAC5C,WAAO,IAAI;AAAA,MACV,MAAM,KAAK,EAAE,QAAQ,SAAS,EAAE,GAAG,CAAC,GAAG,MAAM;AAC5C,YAAI,MAAM,MAAM,KAAK;AACrB,iBAAS,IAAI,GAAG,KAAK,GAAG,KAAK;AAC5B,cAAI,KAAK,KAAK,OAAO,KAAK,IAAI,KAAK,MAAM,OAAO,GAAG;AAClD,kBAAM,IAAI,IAAI,KAAK,eAAe,CAAC,EAAE,IAAI,MAAM,eAAe,IAAI,CAAC,CAAC,CAAC;AAAA,UACtE;AAAA,QACD;AACA,eAAO;AAAA,MACR,CAAC;AAAA,IACF;AAAA,EACD;AAAA;AAAA,EAGA,MAAM,GAAsB;AAC3B,WAAO,IAAI,WAAW,KAAK,aAAa,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;AAAA,EAC7D;AAAA,EAEA,IAAI,GAAsB;AACzB,WAAO,KAAK,MAAM,IAAI,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;AAAA,EACtC;AAAA;AAAA,EAGA,OAAO,aAAa,GAAsB;AACzC,WAAO,IAAI,WAAW,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC;AAAA,EACvC;AAAA,EAEA,OAAO,OAAmB;AACzB,WAAO,IAAI,WAAW,CAAC,CAAC;AAAA,EACzB;AAAA,EAEA,OAAO,MAAkB;AACxB,WAAO,IAAI,WAAW,CAAC,MAAM,IAAI,CAAC,CAAC;AAAA,EACpC;AAAA;AAAA,EAGA,OAAO,YAAY,aAAmD;AACrE,QAAI,YAAY,SAAS,GAAG;AAC3B,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACvD;AAEA,QAAI,cAAc,YAAY,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG;AACvD,YAAM,IAAI,MAAM,wCAAwC;AAAA,IACzD;AAEA,WAAO,YAAY;AAAA,MAClB,CAAC,KAAK,EAAE,GAAG,KAAK,GAAG,IAAI,GAAG,MACzB,IAAI;AAAA,QACH,YACE,OAAO,CAAC,GAAG,MAAM,MAAM,CAAC,EACxB;AAAA,UACA,CAAC,SAAS,EAAE,GAAG,IAAI,MAClB,QAAQ,IAAI,WAAW,aAAa,IAAI,IAAI,CAAC,EAAE,IAAI,IAAI,IAAI,GAAG,CAAC,CAAC;AAAA,UACjE,WAAW,IAAI;AAAA,QAChB,EACC,MAAM,GAAG;AAAA,MACZ;AAAA,MACD,WAAW,KAAK;AAAA,IACjB;AAAA,EACD;AAAA;AAAA,EAGA,OAAO,QAAQ,aAA8C;AAC5D,QAAI,YAAY,SAAS,GAAG;AAC3B,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACvD;AAEA,QAAI,cAAc,YAAY,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG;AACvD,YAAM,IAAI,MAAM,wCAAwC;AAAA,IACzD;AAEA,UAAM,WAAkB,YAAY,OAAO,CAAC,KAAK,EAAE,GAAG,KAAK,GAAG,IAAI,GAAG,MAAM;AAC1E,YAAM,cAAc,IAAI;AAAA,QACvB,YACE,OAAO,CAAC,GAAG,MAAM,MAAM,CAAC,EACxB,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,MAAM,QAAQ,IAAI,IAAI,IAAI,GAAG,CAAC,GAAG,MAAM,IAAI,CAAC;AAAA,MACzE;AACA,aAAO,IAAI,IAAI,IAAI,IAAI,WAAW,CAAC;AAAA,IACpC,GAAG,MAAM,KAAK,CAAC;AAEf,UAAM,WAAW,YAAY,OAAO,CAAC,SAAS,EAAE,EAAE,MAAM,QAAQ,IAAI,CAAC,GAAG,MAAM,IAAI,CAAC;AACnF,WAAO,SAAS,IAAI,QAAQ;AAAA,EAC7B;AAAA;AAAA,EAGA,SAAS,GAAiB;AACzB,WAAO,KAAK,aACV,WAAW,EACX,OAAO,CAAC,KAAK,gBAAgB,IAAI,IAAI,CAAC,EAAE,IAAI,WAAW,GAAG,MAAM,KAAK,CAAC;AAAA,EACzE;AAAA,EAEA,OAAO,OAA4B;AAClC,QAAI,KAAK,aAAa,WAAW,MAAM,aAAa,QAAQ;AAC3D,aAAO;AAAA,IACR;AACA,WAAO,KAAK,aAAa,MAAM,CAAC,GAAG,MAAM,EAAE,OAAO,MAAM,eAAe,CAAC,CAAC,CAAC;AAAA,EAC3E;AACD;AAQA,SAAS,gBAAgB,OAA6B;AACrD,SAAO;AAAA,IACN,OAAO,IAAI,MAAM,MAAM,KAAK;AAAA,IAC5B,OAAO,MAAM,KAAK,MAAM,OAAO,CAAC,SAAS,IAAI,MAAM,IAAI,CAAC;AAAA,EACzD;AACD;AAQA,SAAS,QAAQ,eAAqC;AACrD,SAAO;AAAA,IACN,OAAO,cAAc,MAAM;AAAA,IAC3B,OAAO,IAAI,WAAW,cAAc,MAAM,IAAI,CAAC,SAAS,KAAK,KAAK,CAAC;AAAA,EACpE;AACD;AASA,SAAS,iBAAiB,UAAiB,QAA4B;AACtE,QAAM,qBAAqB,IAAI,WAAW,MAAM;AAChD,SAAO,gBAAgB,kBAAkB;AAGzC,SAAO,WAAW,UAAU,IAAI,WAAW,CAAC,SAAS,OAAO,GAAG,kBAAkB,CAAC,CAAC;AACpF;AAUO,SAAS,MAAM,QAAoB,WAAmB,OAAwB;AACpF,MAAI,YAAY,SAAS,YAAY,KAAK,SAAS,YAAY;AAC9D,UAAM,IAAI,MAAM,qBAAqB,SAAS,aAAa,KAAK,EAAE;AAAA,EACnE;AAEA,QAAM,cAAc,MAAM,KAAK,QAAQ,CAAC,MAAM,iBAAiB,IAAI,MAAM,CAAC,GAAG,YAAY,CAAC,CAAC;AAC3F,SAAO,MAAM,KAAK,EAAE,QAAQ,MAAM,GAAG,CAAC,GAAG,MAAM;AAE9C,UAAM,QAAQ,IAAI,MAAM,IAAI,CAAC;AAC7B,UAAM,QAAQ,YAAY,IAAI,CAAC,MAAM,EAAE,SAAS,KAAK,CAAC;AACtD,WAAO,QAAQ,EAAE,OAAO,MAAM,CAAC;AAAA,EAChC,CAAC;AACF;AAGA,SAAS,eAAe,QAAsE;AAC7F,MAAI,OAAO,SAAS,GAAG;AACtB,UAAM,IAAI,MAAM,gCAAgC;AAAA,EACjD;AAEA,MAAI,CAAC,SAAS,OAAO,IAAI,CAAC,EAAE,MAAM,MAAM,MAAM,MAAM,CAAC,GAAG;AACvD,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACvD;AAEA,MAAI,cAAc,OAAO,IAAI,CAAC,EAAE,MAAM,MAAM,KAAK,CAAC,GAAG;AACpD,UAAM,IAAI,MAAM,iCAAiC;AAAA,EAClD;AAEA,QAAM,iBAAiB,OAAO,IAAI,eAAe;AACjD,QAAM,SAAS,eAAe,CAAC,EAAE,MAAM;AAEvC,SAAO,EAAE,gBAAgB,OAAO;AACjC;AASO,SAAS,QAAQ,QAA6B;AACpD,QAAM,EAAE,gBAAgB,OAAO,IAAI,eAAe,MAAM;AAExD,SAAO,IAAI;AAAA,IACV,MAAM;AAAA,MACL,EAAE,OAAO;AAAA,MACT,CAAC,GAAG,MACH,WAAW;AAAA,QACV,eAAe,IAAI,CAAC,EAAE,OAAO,MAAM,OAAO;AAAA,UACzC,GAAG;AAAA,UACH,GAAG,MAAM,CAAC;AAAA,QACX,EAAE;AAAA,MACH,EAAE;AAAA,IACJ;AAAA,EACD;AACD;AAQO,SAAS,YAAY,QAA4C;AACvE,QAAM,EAAE,gBAAgB,OAAO,IAAI,eAAe,MAAM;AAExD,QAAM,cAAc,MAAM;AAAA,IAAK,EAAE,OAAO;AAAA,IAAG,CAAC,GAAG,MAC9C,WAAW,YAAY,eAAe,IAAI,CAAC,EAAE,OAAO,MAAM,OAAO,EAAE,GAAG,OAAO,GAAG,MAAM,CAAC,EAAE,EAAE,CAAC;AAAA,EAC7F;AAEA,SAAO,CAAC,MAAc;AACrB,WAAO,IAAI,WAAW,YAAY,IAAI,CAAC,MAAM,EAAE,SAAS,IAAI,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC;AAAA,EAC7E;AACD;",
6
6
  "names": []
7
7
  }
package/dist/esm/types.d.ts CHANGED
@@ -1,5 +1,72 @@
1
1
  import type { ClientWithExtensions, Experimental_CoreClient } from '@mysten/sui/experimental';
2
+ import type { DemType, KemType } from './encrypt.js';
3
+ import type { SessionKey } from './session-key.js';
2
4
  export type KeyCacheKey = `${string}:${string}`;
3
5
  export type SealCompatibleClient = ClientWithExtensions<{
4
6
  core: Experimental_CoreClient;
5
7
  }>;
8
+ /** Configuration options for initializing a SealClient*/
9
+ export interface SealClientExtensionOptions {
10
+ /** Array of key server configs consisting of objectId, weight, optional API key name and API key */
11
+ serverConfigs: KeyServerConfig[];
12
+ /** Whether to verify the key servers' authenticity. */
13
+ verifyKeyServers?: boolean;
14
+ /** Timeout in milliseconds for network requests. */
15
+ timeout?: number;
16
+ }
17
+ export interface KeyServerConfig {
18
+ objectId: string;
19
+ weight: number;
20
+ apiKeyName?: string;
21
+ apiKey?: string;
22
+ }
23
+ export interface SealClientOptions extends SealClientExtensionOptions {
24
+ suiClient: SealCompatibleClient;
25
+ }
26
+ export interface EncryptOptions {
27
+ /** The type of KEM to use. */
28
+ kemType?: KemType;
29
+ /** The type of DEM to use. */
30
+ demType?: DemType;
31
+ /** The threshold for the TSS encryption. */
32
+ threshold: number;
33
+ /** The packageId namespace. */
34
+ packageId: string;
35
+ /** The identity to use. */
36
+ id: string;
37
+ /** The data to encrypt. */
38
+ data: Uint8Array;
39
+ /** Optional additional authenticated data. */
40
+ aad?: Uint8Array;
41
+ }
42
+ export interface DecryptOptions {
43
+ /** The encrypted bytes to decrypt. */
44
+ data: Uint8Array;
45
+ /** The session key to use. */
46
+ sessionKey: SessionKey;
47
+ /** The transaction bytes to use (that calls seal_approve* functions). */
48
+ txBytes: Uint8Array;
49
+ /** Whether to check share consistency. */
50
+ checkShareConsistency?: boolean;
51
+ }
52
+ export interface FetchKeysOptions {
53
+ /** The ids of the encrypted objects. */
54
+ ids: string[];
55
+ /** The transaction bytes to use (that calls seal_approve* functions). */
56
+ txBytes: Uint8Array;
57
+ /** The session key to use. */
58
+ sessionKey: SessionKey;
59
+ /** The threshold. */
60
+ threshold: number;
61
+ }
62
+ export interface GetDerivedKeysOptions {
63
+ kemType?: KemType;
64
+ /** The id of the encrypted object. */
65
+ id: string;
66
+ /** The transaction bytes to use (that calls seal_approve* functions). */
67
+ txBytes: Uint8Array;
68
+ /** The session key to use. */
69
+ sessionKey: SessionKey;
70
+ /** The threshold. */
71
+ threshold: number;
72
+ }
package/dist/esm/utils.d.ts CHANGED
@@ -22,6 +22,13 @@ export declare function count<T>(array: T[], value: T): number;
22
22
  export declare function hasDuplicates(array: number[]): boolean;
23
23
  /** Check if all elements in the array are equal. */
24
24
  export declare function allEqual(array: number[]): boolean;
25
+ /**
26
+ * Check if two Uint8Arrays are equal.
27
+ * @param a - The first Uint8Array.
28
+ * @param b - The second Uint8Array.
29
+ * @returns True if the two Uint8Arrays are equal, false otherwise.
30
+ */
31
+ export declare function equals(a: Uint8Array, b: Uint8Array): boolean;
25
32
  /**
26
33
  * A simple class to represent a version number of the form x.y.z.
27
34
  */
package/dist/esm/utils.js CHANGED
@@ -39,6 +39,12 @@ function allEqual(array) {
39
39
  }
40
40
  return array.every((item) => item === array[0]);
41
41
  }
42
+ function equals(a, b) {
43
+ if (a.length !== b.length) {
44
+ return false;
45
+ }
46
+ return a.every((ai, i) => ai === b[i]);
47
+ }
42
48
  class Version {
43
49
  constructor(version) {
44
50
  const parts = version.split(".").map(Number);
@@ -65,6 +71,7 @@ export {
65
71
  allEqual,
66
72
  count,
67
73
  createFullId,
74
+ equals,
68
75
  flatten,
69
76
  hasDuplicates,
70
77
  xor,
package/dist/esm/utils.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../src/utils.ts"],
4
- "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromHex, toHex } from '@mysten/bcs';\nimport { isValidSuiObjectId } from '@mysten/sui/utils';\n\nimport { UserError } from './error.js';\n\n/** Maximum value for a u8 (unsigned 8-bit integer). */\nexport const MAX_U8 = 255;\n\nexport function xor(a: Uint8Array, b: Uint8Array): Uint8Array {\n\tif (a.length !== b.length) {\n\t\tthrow new Error('Invalid input');\n\t}\n\treturn xorUnchecked(a, b);\n}\n\nexport function xorUnchecked(a: Uint8Array, b: Uint8Array): Uint8Array {\n\treturn a.map((ai, i) => ai ^ b[i]);\n}\n\n/**\n * Create a full ID concatenating package ID || inner ID.\n * @param packageId - The package ID.\n * @param innerId - The inner ID.\n * @returns The full ID.\n */\nexport function createFullId(packageId: string, innerId: string): string {\n\tif (!isValidSuiObjectId(packageId)) {\n\t\tthrow new UserError(`Invalid package ID ${packageId}`);\n\t}\n\tconst fullId = flatten([fromHex(packageId), fromHex(innerId)]);\n\treturn toHex(fullId);\n}\n\n/**\n * Flatten an array of Uint8Arrays into a single Uint8Array.\n *\n * @param arrays - An array of Uint8Arrays to flatten.\n * @returns A single Uint8Array containing all the elements of the input arrays in the given order.\n */\nexport function flatten(arrays: Uint8Array[]): Uint8Array {\n\tconst length = arrays.reduce((sum, arr) => sum + arr.length, 0);\n\tconst result = new Uint8Array(length);\n\tarrays.reduce((offset, array) => {\n\t\tresult.set(array, offset);\n\t\treturn offset + array.length;\n\t}, 0);\n\treturn result;\n}\n\n/** Count the number of occurrences of a value in an array. */\nexport function count<T>(array: T[], value: T): number {\n\treturn array.reduce((count, item) => (item === value ? count + 1 : count), 0);\n}\n\n/** Check if the array has any duplicate elements. */\nexport function hasDuplicates(array: number[]): boolean {\n\treturn new Set(array).size !== array.length;\n}\n\n/** Check if all elements in the array are equal. */\nexport function allEqual(array: number[]): boolean {\n\tif (array.length === 0) {\n\t\treturn true;\n\t}\n\treturn array.every((item) => item === array[0]);\n}\n\n/**\n * A simple class to represent a version number of the form x.y.z.\n */\nexport class Version {\n\tmajor: number;\n\tminor: number;\n\tpatch: number;\n\n\tconstructor(version: string) {\n\t\t// Very basic version parsing. Assumes version is in the format x.y.z where x, y, and z are non-negative integers.\n\t\tconst parts = version.split('.').map(Number);\n\t\tif (\n\t\t\tparts.length !== 3 ||\n\t\t\tparts.some((part) => isNaN(part) || !Number.isInteger(part) || part < 0)\n\t\t) {\n\t\t\tthrow new UserError(`Invalid version format: ${version}`);\n\t\t}\n\t\tthis.major = parts[0];\n\t\tthis.minor = parts[1];\n\t\tthis.patch = parts[2];\n\t}\n\n\t// Compare this version with another version. True if this version is older than the other version.\n\tolder_than(other: Version): boolean {\n\t\tif (this.major !== other.major) {\n\t\t\treturn this.major < other.major;\n\t\t} else if (this.minor !== other.minor) {\n\t\t\treturn this.minor < other.minor;\n\t\t}\n\t\treturn this.patch < other.patch;\n\t}\n}\n"],
5
- "mappings": "AAGA,SAAS,SAAS,aAAa;AAC/B,SAAS,0BAA0B;AAEnC,SAAS,iBAAiB;AAGnB,MAAM,SAAS;AAEf,SAAS,IAAI,GAAe,GAA2B;AAC7D,MAAI,EAAE,WAAW,EAAE,QAAQ;AAC1B,UAAM,IAAI,MAAM,eAAe;AAAA,EAChC;AACA,SAAO,aAAa,GAAG,CAAC;AACzB;AAEO,SAAS,aAAa,GAAe,GAA2B;AACtE,SAAO,EAAE,IAAI,CAAC,IAAI,MAAM,KAAK,EAAE,CAAC,CAAC;AAClC;AAQO,SAAS,aAAa,WAAmB,SAAyB;AACxE,MAAI,CAAC,mBAAmB,SAAS,GAAG;AACnC,UAAM,IAAI,UAAU,sBAAsB,SAAS,EAAE;AAAA,EACtD;AACA,QAAM,SAAS,QAAQ,CAAC,QAAQ,SAAS,GAAG,QAAQ,OAAO,CAAC,CAAC;AAC7D,SAAO,MAAM,MAAM;AACpB;AAQO,SAAS,QAAQ,QAAkC;AACzD,QAAM,SAAS,OAAO,OAAO,CAAC,KAAK,QAAQ,MAAM,IAAI,QAAQ,CAAC;AAC9D,QAAM,SAAS,IAAI,WAAW,MAAM;AACpC,SAAO,OAAO,CAAC,QAAQ,UAAU;AAChC,WAAO,IAAI,OAAO,MAAM;AACxB,WAAO,SAAS,MAAM;AAAA,EACvB,GAAG,CAAC;AACJ,SAAO;AACR;AAGO,SAAS,MAAS,OAAY,OAAkB;AACtD,SAAO,MAAM,OAAO,CAACA,QAAO,SAAU,SAAS,QAAQA,SAAQ,IAAIA,QAAQ,CAAC;AAC7E;AAGO,SAAS,cAAc,OAA0B;AACvD,SAAO,IAAI,IAAI,KAAK,EAAE,SAAS,MAAM;AACtC;AAGO,SAAS,SAAS,OAA0B;AAClD,MAAI,MAAM,WAAW,GAAG;AACvB,WAAO;AAAA,EACR;AACA,SAAO,MAAM,MAAM,CAAC,SAAS,SAAS,MAAM,CAAC,CAAC;AAC/C;AAKO,MAAM,QAAQ;AAAA,EAKpB,YAAY,SAAiB;AAE5B,UAAM,QAAQ,QAAQ,MAAM,GAAG,EAAE,IAAI,MAAM;AAC3C,QACC,MAAM,WAAW,KACjB,MAAM,KAAK,CAAC,SAAS,MAAM,IAAI,KAAK,CAAC,OAAO,UAAU,IAAI,KAAK,OAAO,CAAC,GACtE;AACD,YAAM,IAAI,UAAU,2BAA2B,OAAO,EAAE;AAAA,IACzD;AACA,SAAK,QAAQ,MAAM,CAAC;AACpB,SAAK,QAAQ,MAAM,CAAC;AACpB,SAAK,QAAQ,MAAM,CAAC;AAAA,EACrB;AAAA;AAAA,EAGA,WAAW,OAAyB;AACnC,QAAI,KAAK,UAAU,MAAM,OAAO;AAC/B,aAAO,KAAK,QAAQ,MAAM;AAAA,IAC3B,WAAW,KAAK,UAAU,MAAM,OAAO;AACtC,aAAO,KAAK,QAAQ,MAAM;AAAA,IAC3B;AACA,WAAO,KAAK,QAAQ,MAAM;AAAA,EAC3B;AACD;",
4
+ "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromHex, toHex } from '@mysten/bcs';\nimport { isValidSuiObjectId } from '@mysten/sui/utils';\n\nimport { UserError } from './error.js';\n\n/** Maximum value for a u8 (unsigned 8-bit integer). */\nexport const MAX_U8 = 255;\n\nexport function xor(a: Uint8Array, b: Uint8Array): Uint8Array {\n\tif (a.length !== b.length) {\n\t\tthrow new Error('Invalid input');\n\t}\n\treturn xorUnchecked(a, b);\n}\n\nexport function xorUnchecked(a: Uint8Array, b: Uint8Array): Uint8Array {\n\treturn a.map((ai, i) => ai ^ b[i]);\n}\n\n/**\n * Create a full ID concatenating package ID || inner ID.\n * @param packageId - The package ID.\n * @param innerId - The inner ID.\n * @returns The full ID.\n */\nexport function createFullId(packageId: string, innerId: string): string {\n\tif (!isValidSuiObjectId(packageId)) {\n\t\tthrow new UserError(`Invalid package ID ${packageId}`);\n\t}\n\tconst fullId = flatten([fromHex(packageId), fromHex(innerId)]);\n\treturn toHex(fullId);\n}\n\n/**\n * Flatten an array of Uint8Arrays into a single Uint8Array.\n *\n * @param arrays - An array of Uint8Arrays to flatten.\n * @returns A single Uint8Array containing all the elements of the input arrays in the given order.\n */\nexport function flatten(arrays: Uint8Array[]): Uint8Array {\n\tconst length = arrays.reduce((sum, arr) => sum + arr.length, 0);\n\tconst result = new Uint8Array(length);\n\tarrays.reduce((offset, array) => {\n\t\tresult.set(array, offset);\n\t\treturn offset + array.length;\n\t}, 0);\n\treturn result;\n}\n\n/** Count the number of occurrences of a value in an array. */\nexport function count<T>(array: T[], value: T): number {\n\treturn array.reduce((count, item) => (item === value ? count + 1 : count), 0);\n}\n\n/** Check if the array has any duplicate elements. */\nexport function hasDuplicates(array: number[]): boolean {\n\treturn new Set(array).size !== array.length;\n}\n\n/** Check if all elements in the array are equal. */\nexport function allEqual(array: number[]): boolean {\n\tif (array.length === 0) {\n\t\treturn true;\n\t}\n\treturn array.every((item) => item === array[0]);\n}\n\n/**\n * Check if two Uint8Arrays are equal.\n * @param a - The first Uint8Array.\n * @param b - The second Uint8Array.\n * @returns True if the two Uint8Arrays are equal, false otherwise.\n */\nexport function equals(a: Uint8Array, b: Uint8Array): boolean {\n\tif (a.length !== b.length) {\n\t\treturn false;\n\t}\n\treturn a.every((ai, i) => ai === b[i]);\n}\n\n/**\n * A simple class to represent a version number of the form x.y.z.\n */\nexport class Version {\n\tmajor: number;\n\tminor: number;\n\tpatch: number;\n\n\tconstructor(version: string) {\n\t\t// Very basic version parsing. Assumes version is in the format x.y.z where x, y, and z are non-negative integers.\n\t\tconst parts = version.split('.').map(Number);\n\t\tif (\n\t\t\tparts.length !== 3 ||\n\t\t\tparts.some((part) => isNaN(part) || !Number.isInteger(part) || part < 0)\n\t\t) {\n\t\t\tthrow new UserError(`Invalid version format: ${version}`);\n\t\t}\n\t\tthis.major = parts[0];\n\t\tthis.minor = parts[1];\n\t\tthis.patch = parts[2];\n\t}\n\n\t// Compare this version with another version. True if this version is older than the other version.\n\tolder_than(other: Version): boolean {\n\t\tif (this.major !== other.major) {\n\t\t\treturn this.major < other.major;\n\t\t} else if (this.minor !== other.minor) {\n\t\t\treturn this.minor < other.minor;\n\t\t}\n\t\treturn this.patch < other.patch;\n\t}\n}\n"],
5
+ "mappings": "AAGA,SAAS,SAAS,aAAa;AAC/B,SAAS,0BAA0B;AAEnC,SAAS,iBAAiB;AAGnB,MAAM,SAAS;AAEf,SAAS,IAAI,GAAe,GAA2B;AAC7D,MAAI,EAAE,WAAW,EAAE,QAAQ;AAC1B,UAAM,IAAI,MAAM,eAAe;AAAA,EAChC;AACA,SAAO,aAAa,GAAG,CAAC;AACzB;AAEO,SAAS,aAAa,GAAe,GAA2B;AACtE,SAAO,EAAE,IAAI,CAAC,IAAI,MAAM,KAAK,EAAE,CAAC,CAAC;AAClC;AAQO,SAAS,aAAa,WAAmB,SAAyB;AACxE,MAAI,CAAC,mBAAmB,SAAS,GAAG;AACnC,UAAM,IAAI,UAAU,sBAAsB,SAAS,EAAE;AAAA,EACtD;AACA,QAAM,SAAS,QAAQ,CAAC,QAAQ,SAAS,GAAG,QAAQ,OAAO,CAAC,CAAC;AAC7D,SAAO,MAAM,MAAM;AACpB;AAQO,SAAS,QAAQ,QAAkC;AACzD,QAAM,SAAS,OAAO,OAAO,CAAC,KAAK,QAAQ,MAAM,IAAI,QAAQ,CAAC;AAC9D,QAAM,SAAS,IAAI,WAAW,MAAM;AACpC,SAAO,OAAO,CAAC,QAAQ,UAAU;AAChC,WAAO,IAAI,OAAO,MAAM;AACxB,WAAO,SAAS,MAAM;AAAA,EACvB,GAAG,CAAC;AACJ,SAAO;AACR;AAGO,SAAS,MAAS,OAAY,OAAkB;AACtD,SAAO,MAAM,OAAO,CAACA,QAAO,SAAU,SAAS,QAAQA,SAAQ,IAAIA,QAAQ,CAAC;AAC7E;AAGO,SAAS,cAAc,OAA0B;AACvD,SAAO,IAAI,IAAI,KAAK,EAAE,SAAS,MAAM;AACtC;AAGO,SAAS,SAAS,OAA0B;AAClD,MAAI,MAAM,WAAW,GAAG;AACvB,WAAO;AAAA,EACR;AACA,SAAO,MAAM,MAAM,CAAC,SAAS,SAAS,MAAM,CAAC,CAAC;AAC/C;AAQO,SAAS,OAAO,GAAe,GAAwB;AAC7D,MAAI,EAAE,WAAW,EAAE,QAAQ;AAC1B,WAAO;AAAA,EACR;AACA,SAAO,EAAE,MAAM,CAAC,IAAI,MAAM,OAAO,EAAE,CAAC,CAAC;AACtC;AAKO,MAAM,QAAQ;AAAA,EAKpB,YAAY,SAAiB;AAE5B,UAAM,QAAQ,QAAQ,MAAM,GAAG,EAAE,IAAI,MAAM;AAC3C,QACC,MAAM,WAAW,KACjB,MAAM,KAAK,CAAC,SAAS,MAAM,IAAI,KAAK,CAAC,OAAO,UAAU,IAAI,KAAK,OAAO,CAAC,GACtE;AACD,YAAM,IAAI,UAAU,2BAA2B,OAAO,EAAE;AAAA,IACzD;AACA,SAAK,QAAQ,MAAM,CAAC;AACpB,SAAK,QAAQ,MAAM,CAAC;AACpB,SAAK,QAAQ,MAAM,CAAC;AAAA,EACrB;AAAA;AAAA,EAGA,WAAW,OAAyB;AACnC,QAAI,KAAK,UAAU,MAAM,OAAO;AAC/B,aAAO,KAAK,QAAQ,MAAM;AAAA,IAC3B,WAAW,KAAK,UAAU,MAAM,OAAO;AACtC,aAAO,KAAK,QAAQ,MAAM;AAAA,IAC3B;AACA,WAAO,KAAK,QAAQ,MAAM;AAAA,EAC3B;AACD;",
6
6
  "names": ["count"]
7
7
  }