@mysten/sui 1.15.0 → 1.16.0

package/CHANGELOG.md

@@ -1,5 +1,45 @@
 # @mysten/sui.js
 
+## 1.16.0
+
+### Minor Changes
+
+- ec2dc7f: Add legacyAddress flag to zklogin methods that generate addresses
+- ec2dc7f: All functionality from `@mysten/zklogin` has been moved to `@mysten/sui/zklogin`
+
+  For most methods, simply replace the `@mysten/zklogin` import with `@mysten/sui/zklogin`
+
+  2 Methods require one small additional change:
+
+  `computeZkLoginAddress` and `jwtToAddress` have new `legacyAddress` flags which must be set to
+  true for backwards compatibility:
+
+  ```diff
+  - import { computeZkLoginAddress, jwtToAddress } from '@mysten/zklogin';
+  + import { computeZkLoginAddress, jwtToAddress } from '@mysten/sui/zklogin';
+
+    const address = jwtToAddress(
+     jwtAsString,
+     salt,
+  +  true
+    );
+    const address = computeZkLoginAddress({
+  	claimName,
+  	claimValue,
+  	iss,
+  	aud,
+  	userSalt: BigInt(salt),
+  +	legacyAddress: true,
+    });
+  ```
+
+## 1.15.1
+
+### Patch Changes
+
+- Updated dependencies [1dd7713]
+  - @mysten/bcs@1.1.1
+
 ## 1.15.0
 
 ### Minor Changes

package/dist/cjs/bcs/index.d.ts

@@ -3111,7 +3111,7 @@ declare const suiBcs: {
     u256(options?: import("@mysten/bcs").BcsTypeOptions<string, number | bigint | string>): import("@mysten/bcs").BcsType<string, string | number | bigint>;
     bool(options?: import("@mysten/bcs").BcsTypeOptions<boolean>): import("@mysten/bcs").BcsType<boolean, boolean>;
     uleb128(options?: import("@mysten/bcs").BcsTypeOptions<number>): import("@mysten/bcs").BcsType<number, number>;
-    bytes<T extends number>(size: T, options?: import("@mysten/bcs").BcsTypeOptions<Uint8Array, Iterable<number>>): import("@mysten/bcs").BcsType<Uint8Array, Uint8Array>;
+    bytes<T extends number>(size: T, options?: import("@mysten/bcs").BcsTypeOptions<Uint8Array, Iterable<number>>): import("@mysten/bcs").BcsType<Uint8Array, Iterable<number>>;
     string(options?: import("@mysten/bcs").BcsTypeOptions<string>): import("@mysten/bcs").BcsType<string, string>;
     fixedArray<T, Input>(size: number, type: import("@mysten/bcs").BcsType<T, Input>, options?: import("@mysten/bcs").BcsTypeOptions<T[], Iterable<Input> & {
         length: number;

package/dist/cjs/version.d.ts

@@ -1,2 +1,2 @@
-export declare const PACKAGE_VERSION = "1.15.0";
+export declare const PACKAGE_VERSION = "1.16.0";
 export declare const TARGETED_RPC_VERSION = "1.39.0";

package/dist/cjs/version.js

@@ -22,6 +22,6 @@ __export(version_exports, {
   TARGETED_RPC_VERSION: () => TARGETED_RPC_VERSION
 });
 module.exports = __toCommonJS(version_exports);
-const PACKAGE_VERSION = "1.15.0";
+const PACKAGE_VERSION = "1.16.0";
 const TARGETED_RPC_VERSION = "1.39.0";
 //# sourceMappingURL=version.js.map

package/dist/cjs/version.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/version.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\n// This file is generated by genversion.mjs. Do not edit it directly.\n\nexport const PACKAGE_VERSION = '1.15.0';\nexport const TARGETED_RPC_VERSION = '1.39.0';\n"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\n// This file is generated by genversion.mjs. Do not edit it directly.\n\nexport const PACKAGE_VERSION = '1.16.0';\nexport const TARGETED_RPC_VERSION = '1.39.0';\n"],
   "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,kBAAkB;AACxB,MAAM,uBAAuB;",
   "names": []
 }

package/dist/cjs/zklogin/address.d.ts

@@ -1 +1,16 @@
-export declare function computeZkLoginAddressFromSeed(addressSeed: bigint, iss: string): string;
+export declare function computeZkLoginAddressFromSeed(addressSeed: bigint, iss: string, 
+/** TODO: This default should be changed in the next major release */
+legacyAddress?: boolean): string;
+export declare const MAX_HEADER_LEN_B64 = 248;
+export declare const MAX_PADDED_UNSIGNED_JWT_LEN: number;
+export declare function lengthChecks(jwt: string): void;
+export declare function jwtToAddress(jwt: string, userSalt: string | bigint, legacyAddress?: boolean): string;
+export interface ComputeZkLoginAddressOptions {
+    claimName: string;
+    claimValue: string;
+    userSalt: string | bigint;
+    iss: string;
+    aud: string;
+    legacyAddress?: boolean;
+}
+export declare function computeZkLoginAddress({ claimName, claimValue, iss, aud, userSalt, legacyAddress, }: ComputeZkLoginAddressOptions): string;

package/dist/cjs/zklogin/address.js

@@ -18,16 +18,22 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var address_exports = {};
 __export(address_exports, {
-  computeZkLoginAddressFromSeed: () => computeZkLoginAddressFromSeed
+  MAX_HEADER_LEN_B64: () => MAX_HEADER_LEN_B64,
+  MAX_PADDED_UNSIGNED_JWT_LEN: () => MAX_PADDED_UNSIGNED_JWT_LEN,
+  computeZkLoginAddress: () => computeZkLoginAddress,
+  computeZkLoginAddressFromSeed: () => computeZkLoginAddressFromSeed,
+  jwtToAddress: () => jwtToAddress,
+  lengthChecks: () => lengthChecks
 });
 module.exports = __toCommonJS(address_exports);
 var import_blake2b = require("@noble/hashes/blake2b");
 var import_utils = require("@noble/hashes/utils");
+var import_jose = require("jose");
 var import_signature_scheme = require("../cryptography/signature-scheme.js");
 var import_utils2 = require("../utils/index.js");
 var import_utils3 = require("./utils.js");
-function computeZkLoginAddressFromSeed(addressSeed, iss) {
-  const addressSeedBytesBigEndian = (0, import_utils3.toBigEndianBytes)(addressSeed, 32);
+function computeZkLoginAddressFromSeed(addressSeed, iss, legacyAddress = true) {
+  const addressSeedBytesBigEndian = legacyAddress ? (0, import_utils3.toBigEndianBytes)(addressSeed, 32) : (0, import_utils3.toPaddedBigEndianBytes)(addressSeed, 32);
   if (iss === "accounts.google.com") {
     iss = "https://accounts.google.com";
   }
@@ -41,4 +47,50 @@ function computeZkLoginAddressFromSeed(addressSeed, iss) {
     (0, import_utils.bytesToHex)((0, import_blake2b.blake2b)(tmp, { dkLen: 32 })).slice(0, import_utils2.SUI_ADDRESS_LENGTH * 2)
   );
 }
+const MAX_HEADER_LEN_B64 = 248;
+const MAX_PADDED_UNSIGNED_JWT_LEN = 64 * 25;
+function lengthChecks(jwt) {
+  const [header, payload] = jwt.split(".");
+  if (header.length > MAX_HEADER_LEN_B64) {
+    throw new Error(`Header is too long`);
+  }
+  const L = (header.length + 1 + payload.length) * 8;
+  const K = (512 + 448 - (L % 512 + 1)) % 512;
+  const padded_unsigned_jwt_len = (L + 1 + K + 64) / 8;
+  if (padded_unsigned_jwt_len > MAX_PADDED_UNSIGNED_JWT_LEN) {
+    throw new Error(`JWT is too long`);
+  }
+}
+function jwtToAddress(jwt, userSalt, legacyAddress = false) {
+  lengthChecks(jwt);
+  const decodedJWT = (0, import_jose.decodeJwt)(jwt);
+  if (!decodedJWT.sub || !decodedJWT.iss || !decodedJWT.aud) {
+    throw new Error("Missing jwt data");
+  }
+  if (Array.isArray(decodedJWT.aud)) {
+    throw new Error("Not supported aud. Aud is an array, string was expected.");
+  }
+  return computeZkLoginAddress({
+    userSalt,
+    claimName: "sub",
+    claimValue: decodedJWT.sub,
+    aud: decodedJWT.aud,
+    iss: decodedJWT.iss,
+    legacyAddress
+  });
+}
+function computeZkLoginAddress({
+  claimName,
+  claimValue,
+  iss,
+  aud,
+  userSalt,
+  legacyAddress = false
+}) {
+  return computeZkLoginAddressFromSeed(
+    (0, import_utils3.genAddressSeed)(userSalt, claimName, claimValue, aud),
+    iss,
+    legacyAddress
+  );
+}
 //# sourceMappingURL=address.js.map

package/dist/cjs/zklogin/address.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/zklogin/address.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { blake2b } from '@noble/hashes/blake2b';\nimport { bytesToHex } from '@noble/hashes/utils';\n\nimport { SIGNATURE_SCHEME_TO_FLAG } from '../cryptography/signature-scheme.js';\nimport { normalizeSuiAddress, SUI_ADDRESS_LENGTH } from '../utils/index.js';\nimport { toBigEndianBytes } from './utils.js';\n\nexport function computeZkLoginAddressFromSeed(addressSeed: bigint, iss: string) {\n\tconst addressSeedBytesBigEndian = toBigEndianBytes(addressSeed, 32);\n\tif (iss === 'accounts.google.com') {\n\t\tiss = 'https://accounts.google.com';\n\t}\n\tconst addressParamBytes = new TextEncoder().encode(iss);\n\tconst tmp = new Uint8Array(2 + addressSeedBytesBigEndian.length + addressParamBytes.length);\n\n\ttmp.set([SIGNATURE_SCHEME_TO_FLAG.ZkLogin]);\n\ttmp.set([addressParamBytes.length], 1);\n\ttmp.set(addressParamBytes, 2);\n\ttmp.set(addressSeedBytesBigEndian, 2 + addressParamBytes.length);\n\n\treturn normalizeSuiAddress(\n\t\tbytesToHex(blake2b(tmp, { dkLen: 32 })).slice(0, SUI_ADDRESS_LENGTH * 2),\n\t);\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,qBAAwB;AACxB,mBAA2B;AAE3B,8BAAyC;AACzC,IAAAA,gBAAwD;AACxD,IAAAA,gBAAiC;AAE1B,SAAS,8BAA8B,aAAqB,KAAa;AAC/E,QAAM,gCAA4B,gCAAiB,aAAa,EAAE;AAClE,MAAI,QAAQ,uBAAuB;AAClC,UAAM;AAAA,EACP;AACA,QAAM,oBAAoB,IAAI,YAAY,EAAE,OAAO,GAAG;AACtD,QAAM,MAAM,IAAI,WAAW,IAAI,0BAA0B,SAAS,kBAAkB,MAAM;AAE1F,MAAI,IAAI,CAAC,iDAAyB,OAAO,CAAC;AAC1C,MAAI,IAAI,CAAC,kBAAkB,MAAM,GAAG,CAAC;AACrC,MAAI,IAAI,mBAAmB,CAAC;AAC5B,MAAI,IAAI,2BAA2B,IAAI,kBAAkB,MAAM;AAE/D,aAAO;AAAA,QACN,6BAAW,wBAAQ,KAAK,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,GAAG,mCAAqB,CAAC;AAAA,EACxE;AACD;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { blake2b } from '@noble/hashes/blake2b';\nimport { bytesToHex } from '@noble/hashes/utils';\nimport { decodeJwt } from 'jose';\n\nimport { SIGNATURE_SCHEME_TO_FLAG } from '../cryptography/signature-scheme.js';\nimport { normalizeSuiAddress, SUI_ADDRESS_LENGTH } from '../utils/index.js';\nimport { genAddressSeed, toBigEndianBytes, toPaddedBigEndianBytes } from './utils.js';\n\nexport function computeZkLoginAddressFromSeed(\n\taddressSeed: bigint,\n\tiss: string,\n\t/** TODO: This default should be changed in the next major release */\n\tlegacyAddress = true,\n) {\n\tconst addressSeedBytesBigEndian = legacyAddress\n\t\t? toBigEndianBytes(addressSeed, 32)\n\t\t: toPaddedBigEndianBytes(addressSeed, 32);\n\tif (iss === 'accounts.google.com') {\n\t\tiss = 'https://accounts.google.com';\n\t}\n\tconst addressParamBytes = new TextEncoder().encode(iss);\n\tconst tmp = new Uint8Array(2 + addressSeedBytesBigEndian.length + addressParamBytes.length);\n\n\ttmp.set([SIGNATURE_SCHEME_TO_FLAG.ZkLogin]);\n\ttmp.set([addressParamBytes.length], 1);\n\ttmp.set(addressParamBytes, 2);\n\ttmp.set(addressSeedBytesBigEndian, 2 + addressParamBytes.length);\n\n\treturn normalizeSuiAddress(\n\t\tbytesToHex(blake2b(tmp, { dkLen: 32 })).slice(0, SUI_ADDRESS_LENGTH * 2),\n\t);\n}\n\nexport const MAX_HEADER_LEN_B64 = 248;\nexport const MAX_PADDED_UNSIGNED_JWT_LEN = 64 * 25;\n\nexport function lengthChecks(jwt: string) {\n\tconst [header, payload] = jwt.split('.');\n\t/// Is the header small enough\n\tif (header.length > MAX_HEADER_LEN_B64) {\n\t\tthrow new Error(`Header is too long`);\n\t}\n\n\t/// Is the combined length of (header, payload, SHA2 padding) small enough?\n\t// unsigned_jwt = header + '.' + payload;\n\tconst L = (header.length + 1 + payload.length) * 8;\n\tconst K = (512 + 448 - ((L % 512) + 1)) % 512;\n\n\t// The SHA2 padding is 1 followed by K zeros, followed by the length of the message\n\tconst padded_unsigned_jwt_len = (L + 1 + K + 64) / 8;\n\n\t// The padded unsigned JWT must be less than the max_padded_unsigned_jwt_len\n\tif (padded_unsigned_jwt_len > MAX_PADDED_UNSIGNED_JWT_LEN) {\n\t\tthrow new Error(`JWT is too long`);\n\t}\n}\n\nexport function jwtToAddress(jwt: string, userSalt: string | bigint, legacyAddress = false) {\n\tlengthChecks(jwt);\n\n\tconst decodedJWT = decodeJwt(jwt);\n\tif (!decodedJWT.sub || !decodedJWT.iss || !decodedJWT.aud) {\n\t\tthrow new Error('Missing jwt data');\n\t}\n\n\tif (Array.isArray(decodedJWT.aud)) {\n\t\tthrow new Error('Not supported aud. Aud is an array, string was expected.');\n\t}\n\n\treturn computeZkLoginAddress({\n\t\tuserSalt,\n\t\tclaimName: 'sub',\n\t\tclaimValue: decodedJWT.sub,\n\t\taud: decodedJWT.aud,\n\t\tiss: decodedJWT.iss,\n\t\tlegacyAddress,\n\t});\n}\n\nexport interface ComputeZkLoginAddressOptions {\n\tclaimName: string;\n\tclaimValue: string;\n\tuserSalt: string | bigint;\n\tiss: string;\n\taud: string;\n\tlegacyAddress?: boolean;\n}\n\nexport function computeZkLoginAddress({\n\tclaimName,\n\tclaimValue,\n\tiss,\n\taud,\n\tuserSalt,\n\tlegacyAddress = false,\n}: ComputeZkLoginAddressOptions) {\n\treturn computeZkLoginAddressFromSeed(\n\t\tgenAddressSeed(userSalt, claimName, claimValue, aud),\n\t\tiss,\n\t\tlegacyAddress,\n\t);\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,qBAAwB;AACxB,mBAA2B;AAC3B,kBAA0B;AAE1B,8BAAyC;AACzC,IAAAA,gBAAwD;AACxD,IAAAA,gBAAyE;AAElE,SAAS,8BACf,aACA,KAEA,gBAAgB,MACf;AACD,QAAM,4BAA4B,oBAC/B,gCAAiB,aAAa,EAAE,QAChC,sCAAuB,aAAa,EAAE;AACzC,MAAI,QAAQ,uBAAuB;AAClC,UAAM;AAAA,EACP;AACA,QAAM,oBAAoB,IAAI,YAAY,EAAE,OAAO,GAAG;AACtD,QAAM,MAAM,IAAI,WAAW,IAAI,0BAA0B,SAAS,kBAAkB,MAAM;AAE1F,MAAI,IAAI,CAAC,iDAAyB,OAAO,CAAC;AAC1C,MAAI,IAAI,CAAC,kBAAkB,MAAM,GAAG,CAAC;AACrC,MAAI,IAAI,mBAAmB,CAAC;AAC5B,MAAI,IAAI,2BAA2B,IAAI,kBAAkB,MAAM;AAE/D,aAAO;AAAA,QACN,6BAAW,wBAAQ,KAAK,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,GAAG,mCAAqB,CAAC;AAAA,EACxE;AACD;AAEO,MAAM,qBAAqB;AAC3B,MAAM,8BAA8B,KAAK;AAEzC,SAAS,aAAa,KAAa;AACzC,QAAM,CAAC,QAAQ,OAAO,IAAI,IAAI,MAAM,GAAG;AAEvC,MAAI,OAAO,SAAS,oBAAoB;AACvC,UAAM,IAAI,MAAM,oBAAoB;AAAA,EACrC;AAIA,QAAM,KAAK,OAAO,SAAS,IAAI,QAAQ,UAAU;AACjD,QAAM,KAAK,MAAM,OAAQ,IAAI,MAAO,MAAM;AAG1C,QAAM,2BAA2B,IAAI,IAAI,IAAI,MAAM;AAGnD,MAAI,0BAA0B,6BAA6B;AAC1D,UAAM,IAAI,MAAM,iBAAiB;AAAA,EAClC;AACD;AAEO,SAAS,aAAa,KAAa,UAA2B,gBAAgB,OAAO;AAC3F,eAAa,GAAG;AAEhB,QAAM,iBAAa,uBAAU,GAAG;AAChC,MAAI,CAAC,WAAW,OAAO,CAAC,WAAW,OAAO,CAAC,WAAW,KAAK;AAC1D,UAAM,IAAI,MAAM,kBAAkB;AAAA,EACnC;AAEA,MAAI,MAAM,QAAQ,WAAW,GAAG,GAAG;AAClC,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC3E;AAEA,SAAO,sBAAsB;AAAA,IAC5B;AAAA,IACA,WAAW;AAAA,IACX,YAAY,WAAW;AAAA,IACvB,KAAK,WAAW;AAAA,IAChB,KAAK,WAAW;AAAA,IAChB;AAAA,EACD,CAAC;AACF;AAWO,SAAS,sBAAsB;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,gBAAgB;AACjB,GAAiC;AAChC,SAAO;AAAA,QACN,8BAAe,UAAU,WAAW,YAAY,GAAG;AAAA,IACnD;AAAA,IACA;AAAA,EACD;AACD;",
   "names": ["import_utils"]
 }

package/dist/cjs/zklogin/index.d.ts

@@ -1,5 +1,8 @@
 export { getZkLoginSignature, parseZkLoginSignature } from './signature.js';
-export { toBigEndianBytes, toPaddedBigEndianBytes } from './utils.js';
-export { computeZkLoginAddressFromSeed } from './address.js';
+export { toBigEndianBytes, toPaddedBigEndianBytes, hashASCIIStrToField, genAddressSeed, getExtendedEphemeralPublicKey, } from './utils.js';
+export { computeZkLoginAddressFromSeed, computeZkLoginAddress, jwtToAddress } from './address.js';
+export type { ComputeZkLoginAddressOptions } from './address.js';
 export { toZkLoginPublicIdentifier, ZkLoginPublicIdentifier } from './publickey.js';
 export type { ZkLoginSignatureInputs } from './bcs.js';
+export { poseidonHash } from './poseidon.js';
+export { generateNonce, generateRandomness } from './nonce.js';

package/dist/cjs/zklogin/index.js

@@ -19,9 +19,17 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var zklogin_exports = {};
 __export(zklogin_exports, {
   ZkLoginPublicIdentifier: () => import_publickey.ZkLoginPublicIdentifier,
+  computeZkLoginAddress: () => import_address.computeZkLoginAddress,
   computeZkLoginAddressFromSeed: () => import_address.computeZkLoginAddressFromSeed,
+  genAddressSeed: () => import_utils.genAddressSeed,
+  generateNonce: () => import_nonce.generateNonce,
+  generateRandomness: () => import_nonce.generateRandomness,
+  getExtendedEphemeralPublicKey: () => import_utils.getExtendedEphemeralPublicKey,
   getZkLoginSignature: () => import_signature.getZkLoginSignature,
+  hashASCIIStrToField: () => import_utils.hashASCIIStrToField,
+  jwtToAddress: () => import_address.jwtToAddress,
   parseZkLoginSignature: () => import_signature.parseZkLoginSignature,
+  poseidonHash: () => import_poseidon.poseidonHash,
   toBigEndianBytes: () => import_utils.toBigEndianBytes,
   toPaddedBigEndianBytes: () => import_utils.toPaddedBigEndianBytes,
   toZkLoginPublicIdentifier: () => import_publickey.toZkLoginPublicIdentifier
@@ -31,4 +39,6 @@ var import_signature = require("./signature.js");
 var import_utils = require("./utils.js");
 var import_address = require("./address.js");
 var import_publickey = require("./publickey.js");
+var import_poseidon = require("./poseidon.js");
+var import_nonce = require("./nonce.js");
 //# sourceMappingURL=index.js.map

package/dist/cjs/zklogin/index.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/zklogin/index.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nexport { getZkLoginSignature, parseZkLoginSignature } from './signature.js';\nexport { toBigEndianBytes, toPaddedBigEndianBytes } from './utils.js';\nexport { computeZkLoginAddressFromSeed } from './address.js';\nexport { toZkLoginPublicIdentifier, ZkLoginPublicIdentifier } from './publickey.js';\nexport type { ZkLoginSignatureInputs } from './bcs.js';\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,uBAA2D;AAC3D,mBAAyD;AACzD,qBAA8C;AAC9C,uBAAmE;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nexport { getZkLoginSignature, parseZkLoginSignature } from './signature.js';\nexport {\n\ttoBigEndianBytes,\n\ttoPaddedBigEndianBytes,\n\thashASCIIStrToField,\n\tgenAddressSeed,\n\tgetExtendedEphemeralPublicKey,\n} from './utils.js';\nexport { computeZkLoginAddressFromSeed, computeZkLoginAddress, jwtToAddress } from './address.js';\nexport type { ComputeZkLoginAddressOptions } from './address.js';\nexport { toZkLoginPublicIdentifier, ZkLoginPublicIdentifier } from './publickey.js';\nexport type { ZkLoginSignatureInputs } from './bcs.js';\nexport { poseidonHash } from './poseidon.js';\nexport { generateNonce, generateRandomness } from './nonce.js';\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,uBAA2D;AAC3D,mBAMO;AACP,qBAAmF;AAEnF,uBAAmE;AAEnE,sBAA6B;AAC7B,mBAAkD;",
   "names": []
 }

package/dist/cjs/zklogin/nonce.d.ts

@@ -0,0 +1,4 @@
+import type { PublicKey } from '../cryptography/publickey.js';
+export declare const NONCE_LENGTH = 27;
+export declare function generateRandomness(): string;
+export declare function generateNonce(publicKey: PublicKey, maxEpoch: number, randomness: bigint | string): string;

package/dist/cjs/zklogin/nonce.js

@@ -0,0 +1,54 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var nonce_exports = {};
+__export(nonce_exports, {
+  NONCE_LENGTH: () => NONCE_LENGTH,
+  generateNonce: () => generateNonce,
+  generateRandomness: () => generateRandomness
+});
+module.exports = __toCommonJS(nonce_exports);
+var import_bcs = require("@mysten/bcs");
+var import_utils = require("@noble/hashes/utils");
+var import_jose = require("jose");
+var import_poseidon = require("./poseidon.js");
+var import_utils2 = require("./utils.js");
+const NONCE_LENGTH = 27;
+function toBigIntBE(bytes) {
+  const hex = (0, import_bcs.toHex)(bytes);
+  if (hex.length === 0) {
+    return BigInt(0);
+  }
+  return BigInt(`0x${hex}`);
+}
+function generateRandomness() {
+  return String(toBigIntBE((0, import_utils.randomBytes)(16)));
+}
+function generateNonce(publicKey, maxEpoch, randomness) {
+  const publicKeyBytes = toBigIntBE(publicKey.toSuiBytes());
+  const eph_public_key_0 = publicKeyBytes / 2n ** 128n;
+  const eph_public_key_1 = publicKeyBytes % 2n ** 128n;
+  const bigNum = (0, import_poseidon.poseidonHash)([eph_public_key_0, eph_public_key_1, maxEpoch, BigInt(randomness)]);
+  const Z = (0, import_utils2.toPaddedBigEndianBytes)(bigNum, 20);
+  const nonce = import_jose.base64url.encode(Z);
+  if (nonce.length !== NONCE_LENGTH) {
+    throw new Error(`Length of nonce ${nonce} (${nonce.length}) is not equal to ${NONCE_LENGTH}`);
+  }
+  return nonce;
+}
+//# sourceMappingURL=nonce.js.map

package/dist/cjs/zklogin/nonce.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/zklogin/nonce.ts"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toHex } from '@mysten/bcs';\nimport { randomBytes } from '@noble/hashes/utils';\nimport { base64url } from 'jose';\n\nimport type { PublicKey } from '../cryptography/publickey.js';\nimport { poseidonHash } from './poseidon.js';\nimport { toPaddedBigEndianBytes } from './utils.js';\n\nexport const NONCE_LENGTH = 27;\n\nfunction toBigIntBE(bytes: Uint8Array) {\n\tconst hex = toHex(bytes);\n\tif (hex.length === 0) {\n\t\treturn BigInt(0);\n\t}\n\treturn BigInt(`0x${hex}`);\n}\n\nexport function generateRandomness() {\n\t// Once Node 20 enters LTS, we can just use crypto.getRandomValues(new Uint8Array(16)), but until then we use `randomBytes` to improve compatibility:\n\treturn String(toBigIntBE(randomBytes(16)));\n}\n\nexport function generateNonce(publicKey: PublicKey, maxEpoch: number, randomness: bigint | string) {\n\tconst publicKeyBytes = toBigIntBE(publicKey.toSuiBytes());\n\tconst eph_public_key_0 = publicKeyBytes / 2n ** 128n;\n\tconst eph_public_key_1 = publicKeyBytes % 2n ** 128n;\n\tconst bigNum = poseidonHash([eph_public_key_0, eph_public_key_1, maxEpoch, BigInt(randomness)]);\n\tconst Z = toPaddedBigEndianBytes(bigNum, 20);\n\tconst nonce = base64url.encode(Z);\n\tif (nonce.length !== NONCE_LENGTH) {\n\t\tthrow new Error(`Length of nonce ${nonce} (${nonce.length}) is not equal to ${NONCE_LENGTH}`);\n\t}\n\treturn nonce;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAsB;AACtB,mBAA4B;AAC5B,kBAA0B;AAG1B,sBAA6B;AAC7B,IAAAA,gBAAuC;AAEhC,MAAM,eAAe;AAE5B,SAAS,WAAW,OAAmB;AACtC,QAAM,UAAM,kBAAM,KAAK;AACvB,MAAI,IAAI,WAAW,GAAG;AACrB,WAAO,OAAO,CAAC;AAAA,EAChB;AACA,SAAO,OAAO,KAAK,GAAG,EAAE;AACzB;AAEO,SAAS,qBAAqB;AAEpC,SAAO,OAAO,eAAW,0BAAY,EAAE,CAAC,CAAC;AAC1C;AAEO,SAAS,cAAc,WAAsB,UAAkB,YAA6B;AAClG,QAAM,iBAAiB,WAAW,UAAU,WAAW,CAAC;AACxD,QAAM,mBAAmB,iBAAiB,MAAM;AAChD,QAAM,mBAAmB,iBAAiB,MAAM;AAChD,QAAM,aAAS,8BAAa,CAAC,kBAAkB,kBAAkB,UAAU,OAAO,UAAU,CAAC,CAAC;AAC9F,QAAM,QAAI,sCAAuB,QAAQ,EAAE;AAC3C,QAAM,QAAQ,sBAAU,OAAO,CAAC;AAChC,MAAI,MAAM,WAAW,cAAc;AAClC,UAAM,IAAI,MAAM,mBAAmB,KAAK,KAAK,MAAM,MAAM,qBAAqB,YAAY,EAAE;AAAA,EAC7F;AACA,SAAO;AACR;",
+  "names": ["import_utils"]
+}

package/dist/cjs/zklogin/poseidon.d.ts

@@ -0,0 +1,2 @@
+export declare const BN254_FIELD_SIZE = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+export declare function poseidonHash(inputs: (number | bigint | string)[]): bigint;

package/dist/cjs/zklogin/poseidon.js

@@ -0,0 +1,63 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var poseidon_exports = {};
+__export(poseidon_exports, {
+  BN254_FIELD_SIZE: () => BN254_FIELD_SIZE,
+  poseidonHash: () => poseidonHash
+});
+module.exports = __toCommonJS(poseidon_exports);
+var import_poseidon_lite = require("poseidon-lite");
+const poseidonNumToHashFN = [
+  import_poseidon_lite.poseidon1,
+  import_poseidon_lite.poseidon2,
+  import_poseidon_lite.poseidon3,
+  import_poseidon_lite.poseidon4,
+  import_poseidon_lite.poseidon5,
+  import_poseidon_lite.poseidon6,
+  import_poseidon_lite.poseidon7,
+  import_poseidon_lite.poseidon8,
+  import_poseidon_lite.poseidon9,
+  import_poseidon_lite.poseidon10,
+  import_poseidon_lite.poseidon11,
+  import_poseidon_lite.poseidon12,
+  import_poseidon_lite.poseidon13,
+  import_poseidon_lite.poseidon14,
+  import_poseidon_lite.poseidon15,
+  import_poseidon_lite.poseidon16
+];
+const BN254_FIELD_SIZE = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+function poseidonHash(inputs) {
+  inputs.forEach((x) => {
+    const b = BigInt(x);
+    if (b < 0 || b >= BN254_FIELD_SIZE) {
+      throw new Error(`Element ${b} not in the BN254 field`);
+    }
+  });
+  const hashFN = poseidonNumToHashFN[inputs.length - 1];
+  if (hashFN) {
+    return hashFN(inputs);
+  } else if (inputs.length <= 32) {
+    const hash1 = poseidonHash(inputs.slice(0, 16));
+    const hash2 = poseidonHash(inputs.slice(16));
+    return poseidonHash([hash1, hash2]);
+  } else {
+    throw new Error(`Yet to implement: Unable to hash a vector of length ${inputs.length}`);
+  }
+}
+//# sourceMappingURL=poseidon.js.map

package/dist/cjs/zklogin/poseidon.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/zklogin/poseidon.ts"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport {\n\tposeidon1,\n\tposeidon2,\n\tposeidon3,\n\tposeidon4,\n\tposeidon5,\n\tposeidon6,\n\tposeidon7,\n\tposeidon8,\n\tposeidon9,\n\tposeidon10,\n\tposeidon11,\n\tposeidon12,\n\tposeidon13,\n\tposeidon14,\n\tposeidon15,\n\tposeidon16,\n} from 'poseidon-lite';\n\nconst poseidonNumToHashFN = [\n\tposeidon1,\n\tposeidon2,\n\tposeidon3,\n\tposeidon4,\n\tposeidon5,\n\tposeidon6,\n\tposeidon7,\n\tposeidon8,\n\tposeidon9,\n\tposeidon10,\n\tposeidon11,\n\tposeidon12,\n\tposeidon13,\n\tposeidon14,\n\tposeidon15,\n\tposeidon16,\n];\n\nexport const BN254_FIELD_SIZE =\n\t21888242871839275222246405745257275088548364400416034343698204186575808495617n;\n\nexport function poseidonHash(inputs: (number | bigint | string)[]): bigint {\n\tinputs.forEach((x) => {\n\t\tconst b = BigInt(x);\n\t\tif (b < 0 || b >= BN254_FIELD_SIZE) {\n\t\t\tthrow new Error(`Element ${b} not in the BN254 field`);\n\t\t}\n\t});\n\n\tconst hashFN = poseidonNumToHashFN[inputs.length - 1];\n\n\tif (hashFN) {\n\t\treturn hashFN(inputs);\n\t} else if (inputs.length <= 32) {\n\t\tconst hash1 = poseidonHash(inputs.slice(0, 16));\n\t\tconst hash2 = poseidonHash(inputs.slice(16));\n\t\treturn poseidonHash([hash1, hash2]);\n\t} else {\n\t\tthrow new Error(`Yet to implement: Unable to hash a vector of length ${inputs.length}`);\n\t}\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,2BAiBO;AAEP,MAAM,sBAAsB;AAAA,EAC3B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD;AAEO,MAAM,mBACZ;AAEM,SAAS,aAAa,QAA8C;AAC1E,SAAO,QAAQ,CAAC,MAAM;AACrB,UAAM,IAAI,OAAO,CAAC;AAClB,QAAI,IAAI,KAAK,KAAK,kBAAkB;AACnC,YAAM,IAAI,MAAM,WAAW,CAAC,yBAAyB;AAAA,IACtD;AAAA,EACD,CAAC;AAED,QAAM,SAAS,oBAAoB,OAAO,SAAS,CAAC;AAEpD,MAAI,QAAQ;AACX,WAAO,OAAO,MAAM;AAAA,EACrB,WAAW,OAAO,UAAU,IAAI;AAC/B,UAAM,QAAQ,aAAa,OAAO,MAAM,GAAG,EAAE,CAAC;AAC9C,UAAM,QAAQ,aAAa,OAAO,MAAM,EAAE,CAAC;AAC3C,WAAO,aAAa,CAAC,OAAO,KAAK,CAAC;AAAA,EACnC,OAAO;AACN,UAAM,IAAI,MAAM,uDAAuD,OAAO,MAAM,EAAE;AAAA,EACvF;AACD;",
+  "names": []
+}

package/dist/cjs/zklogin/publickey.d.ts

@@ -17,6 +17,7 @@ export declare class ZkLoginPublicIdentifier extends PublicKey {
      * Checks if two zkLogin public identifiers are equal
      */
     equals(publicKey: ZkLoginPublicIdentifier): boolean;
+    toSuiAddress(): string;
     /**
      * Return the byte array representation of the zkLogin public identifier
      */
@@ -40,6 +41,7 @@ export declare class ZkLoginPublicIdentifier extends PublicKey {
 }
 export declare function toZkLoginPublicIdentifier(addressSeed: bigint, iss: string, options?: {
     client?: SuiGraphQLClient;
+    legacyAddress?: boolean;
 }): ZkLoginPublicIdentifier;
 export declare function parseSerializedZkLoginSignature(signature: Uint8Array | string): {
     serializedSignature: string;

package/dist/cjs/zklogin/publickey.js

@@ -31,14 +31,17 @@ __export(publickey_exports, {
 });
 module.exports = __toCommonJS(publickey_exports);
 var import_bcs = require("@mysten/bcs");
+var import_blake2b = require("@noble/hashes/blake2b");
+var import_utils = require("@noble/hashes/utils");
 var import_publickey = require("../cryptography/publickey.js");
 var import_signature_scheme = require("../cryptography/signature-scheme.js");
 var import_client = require("../graphql/client.js");
 var import__ = require("../graphql/schemas/2024.4/index.js");
+var import_sui_types = require("../utils/sui-types.js");
 var import_jwt_utils = require("./jwt-utils.js");
 var import_signature = require("./signature.js");
-var import_utils = require("./utils.js");
-var _data, _client;
+var import_utils2 = require("./utils.js");
+var _data, _client, _legacyAddress;
 const _ZkLoginPublicIdentifier = class _ZkLoginPublicIdentifier extends import_publickey.PublicKey {
   /**
    * Create a new ZkLoginPublicIdentifier object
@@ -48,6 +51,7 @@ const _ZkLoginPublicIdentifier = class _ZkLoginPublicIdentifier extends import_p
     super();
     __privateAdd(this, _data);
     __privateAdd(this, _client);
+    __privateAdd(this, _legacyAddress);
     __privateSet(this, _client, client);
     if (typeof value === "string") {
       __privateSet(this, _data, (0, import_bcs.fromBase64)(value));
@@ -56,6 +60,10 @@ const _ZkLoginPublicIdentifier = class _ZkLoginPublicIdentifier extends import_p
     } else {
       __privateSet(this, _data, Uint8Array.from(value));
     }
+    __privateSet(this, _legacyAddress, __privateGet(this, _data).length !== __privateGet(this, _data)[0] + 1 + 32);
+    if (__privateGet(this, _legacyAddress)) {
+      __privateSet(this, _data, normalizeZkLoginPublicKeyBytes(__privateGet(this, _data)));
+    }
   }
   /**
    * Checks if two zkLogin public identifiers are equal
@@ -63,6 +71,18 @@ const _ZkLoginPublicIdentifier = class _ZkLoginPublicIdentifier extends import_p
   equals(publicKey) {
     return super.equals(publicKey);
   }
+  toSuiAddress() {
+    if (__privateGet(this, _legacyAddress)) {
+      const legacyBytes = normalizeZkLoginPublicKeyBytes(__privateGet(this, _data), true);
+      const addressBytes = new Uint8Array(legacyBytes.length + 1);
+      addressBytes[0] = this.flag();
+      addressBytes.set(legacyBytes, 1);
+      return (0, import_sui_types.normalizeSuiAddress)(
+        (0, import_utils.bytesToHex)((0, import_blake2b.blake2b)(addressBytes, { dkLen: 32 })).slice(0, import_sui_types.SUI_ADDRESS_LENGTH * 2)
+      );
+    }
+    return super.toSuiAddress();
+  }
   /**
    * Return the byte array representation of the zkLogin public identifier
    */
@@ -112,9 +132,10 @@ const _ZkLoginPublicIdentifier = class _ZkLoginPublicIdentifier extends import_p
 };
 _data = new WeakMap();
 _client = new WeakMap();
+_legacyAddress = new WeakMap();
 let ZkLoginPublicIdentifier = _ZkLoginPublicIdentifier;
 function toZkLoginPublicIdentifier(addressSeed, iss, options) {
-  const addressSeedBytesBigEndian = (0, import_utils.toPaddedBigEndianBytes)(addressSeed, 32);
+  const addressSeedBytesBigEndian = options?.legacyAddress ? (0, import_utils2.toBigEndianBytes)(addressSeed, 32) : (0, import_utils2.toPaddedBigEndianBytes)(addressSeed, 32);
   const issBytes = new TextEncoder().encode(iss);
   const tmp = new Uint8Array(1 + issBytes.length + addressSeedBytesBigEndian.length);
   tmp.set([issBytes.length], 0);
@@ -140,6 +161,15 @@ const VerifyZkLoginSignatureQuery = (0, import__.graphql)(`
 		}
 	}
 `);
+function normalizeZkLoginPublicKeyBytes(bytes, legacyAddress = false) {
+  const issByteLength = bytes[0] + 1;
+  const addressSeed = BigInt(`0x${(0, import_bcs.toHex)(bytes.slice(issByteLength))}`);
+  const seedBytes = legacyAddress ? (0, import_utils2.toBigEndianBytes)(addressSeed, 32) : (0, import_utils2.toPaddedBigEndianBytes)(addressSeed, 32);
+  const data = new Uint8Array(issByteLength + seedBytes.length);
+  data.set(bytes.slice(0, issByteLength), 0);
+  data.set(seedBytes, issByteLength);
+  return data;
+}
 async function graphqlVerifyZkLoginSignature({
   address,
   bytes,

package/dist/cjs/zklogin/publickey.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/zklogin/publickey.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromBase64, toBase64 } from '@mysten/bcs';\n\nimport { PublicKey } from '../cryptography/publickey.js';\nimport type { PublicKeyInitData } from '../cryptography/publickey.js';\nimport { SIGNATURE_SCHEME_TO_FLAG } from '../cryptography/signature-scheme.js';\nimport { SuiGraphQLClient } from '../graphql/client.js';\nimport { graphql } from '../graphql/schemas/2024.4/index.js';\nimport { extractClaimValue } from './jwt-utils.js';\nimport { parseZkLoginSignature } from './signature.js';\nimport { toPaddedBigEndianBytes } from './utils.js';\n\n/**\n * A zkLogin public identifier\n */\nexport class ZkLoginPublicIdentifier extends PublicKey {\n\t#data: Uint8Array;\n\t#client?: SuiGraphQLClient;\n\n\t/**\n\t * Create a new ZkLoginPublicIdentifier object\n\t * @param value zkLogin public identifier as buffer or base-64 encoded string\n\t */\n\tconstructor(value: PublicKeyInitData, { client }: { client?: SuiGraphQLClient } = {}) {\n\t\tsuper();\n\n\t\tthis.#client = client;\n\n\t\tif (typeof value === 'string') {\n\t\t\tthis.#data = fromBase64(value);\n\t\t} else if (value instanceof Uint8Array) {\n\t\t\tthis.#data = value;\n\t\t} else {\n\t\t\tthis.#data = Uint8Array.from(value);\n\t\t}\n\t}\n\n\t/**\n\t * Checks if two zkLogin public identifiers are equal\n\t */\n\toverride equals(publicKey: ZkLoginPublicIdentifier): boolean {\n\t\treturn super.equals(publicKey);\n\t}\n\n\t/**\n\t * Return the byte array representation of the zkLogin public identifier\n\t */\n\ttoRawBytes(): Uint8Array {\n\t\treturn this.#data;\n\t}\n\n\t/**\n\t * Return the Sui address associated with this ZkLogin public identifier\n\t */\n\tflag(): number {\n\t\treturn SIGNATURE_SCHEME_TO_FLAG['ZkLogin'];\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided message\n\t */\n\tasync verify(_message: Uint8Array, _signature: Uint8Array | string): Promise<boolean> {\n\t\tthrow Error('does not support');\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided PersonalMessage\n\t */\n\tverifyPersonalMessage(message: Uint8Array, signature: Uint8Array | string): Promise<boolean> {\n\t\tconst parsedSignature = parseSerializedZkLoginSignature(signature);\n\t\tconst address = new ZkLoginPublicIdentifier(parsedSignature.publicKey).toSuiAddress();\n\n\t\treturn graphqlVerifyZkLoginSignature({\n\t\t\taddress: address,\n\t\t\tbytes: toBase64(message),\n\t\t\tsignature: parsedSignature.serializedSignature,\n\t\t\tintentScope: 'PERSONAL_MESSAGE',\n\t\t\tclient: this.#client,\n\t\t});\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided Transaction\n\t */\n\tverifyTransaction(transaction: Uint8Array, signature: Uint8Array | string): Promise<boolean> {\n\t\tconst parsedSignature = parseSerializedZkLoginSignature(signature);\n\t\tconst address = new ZkLoginPublicIdentifier(parsedSignature.publicKey).toSuiAddress();\n\t\treturn graphqlVerifyZkLoginSignature({\n\t\t\taddress: address,\n\t\t\tbytes: toBase64(transaction),\n\t\t\tsignature: parsedSignature.serializedSignature,\n\t\t\tintentScope: 'TRANSACTION_DATA',\n\t\t\tclient: this.#client,\n\t\t});\n\t}\n}\n\n// Derive the public identifier for zklogin based on address seed and iss.\nexport function toZkLoginPublicIdentifier(\n\taddressSeed: bigint,\n\tiss: string,\n\toptions?: { client?: SuiGraphQLClient },\n): ZkLoginPublicIdentifier {\n\t// Consists of iss_bytes_len || iss_bytes || padded_32_byte_address_seed.\n\tconst addressSeedBytesBigEndian = toPaddedBigEndianBytes(addressSeed, 32);\n\tconst issBytes = new TextEncoder().encode(iss);\n\tconst tmp = new Uint8Array(1 + issBytes.length + addressSeedBytesBigEndian.length);\n\ttmp.set([issBytes.length], 0);\n\ttmp.set(issBytes, 1);\n\ttmp.set(addressSeedBytesBigEndian, 1 + issBytes.length);\n\treturn new ZkLoginPublicIdentifier(tmp, options);\n}\n\nconst VerifyZkLoginSignatureQuery = graphql(`\n\tquery Zklogin(\n\t\t$bytes: Base64!\n\t\t$signature: Base64!\n\t\t$intentScope: ZkLoginIntentScope!\n\t\t$author: SuiAddress!\n\t) {\n\t\tverifyZkloginSignature(\n\t\t\tbytes: $bytes\n\t\t\tsignature: $signature\n\t\t\tintentScope: $intentScope\n\t\t\tauthor: $author\n\t\t) {\n\t\t\tsuccess\n\t\t\terrors\n\t\t}\n\t}\n`);\n\nasync function graphqlVerifyZkLoginSignature({\n\taddress,\n\tbytes,\n\tsignature,\n\tintentScope,\n\tclient = new SuiGraphQLClient({\n\t\turl: 'https://sui-mainnet.mystenlabs.com/graphql',\n\t}),\n}: {\n\taddress: string;\n\tbytes: string;\n\tsignature: string;\n\tintentScope: 'PERSONAL_MESSAGE' | 'TRANSACTION_DATA';\n\tclient?: SuiGraphQLClient;\n}) {\n\tconst resp = await client.query({\n\t\tquery: VerifyZkLoginSignatureQuery,\n\t\tvariables: {\n\t\t\tbytes,\n\t\t\tsignature,\n\t\t\tintentScope,\n\t\t\tauthor: address,\n\t\t},\n\t});\n\n\treturn (\n\t\tresp.data?.verifyZkloginSignature.success === true &&\n\t\tresp.data?.verifyZkloginSignature.errors.length === 0\n\t);\n}\n\nexport function parseSerializedZkLoginSignature(signature: Uint8Array | string) {\n\tconst bytes = typeof signature === 'string' ? fromBase64(signature) : signature;\n\n\tif (bytes[0] !== SIGNATURE_SCHEME_TO_FLAG.ZkLogin) {\n\t\tthrow new Error('Invalid signature scheme');\n\t}\n\n\tconst signatureBytes = bytes.slice(1);\n\tconst { inputs, maxEpoch, userSignature } = parseZkLoginSignature(signatureBytes);\n\tconst { issBase64Details, addressSeed } = inputs;\n\tconst iss = extractClaimValue<string>(issBase64Details, 'iss');\n\tconst publicIdentifer = toZkLoginPublicIdentifier(BigInt(addressSeed), iss);\n\treturn {\n\t\tserializedSignature: toBase64(bytes),\n\t\tsignatureScheme: 'ZkLogin' as const,\n\t\tzkLogin: {\n\t\t\tinputs,\n\t\t\tmaxEpoch,\n\t\t\tuserSignature,\n\t\t\tiss,\n\t\t\taddressSeed: BigInt(addressSeed),\n\t\t},\n\t\tsignature: bytes,\n\t\tpublicKey: publicIdentifer.toRawBytes(),\n\t};\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAqC;AAErC,uBAA0B;AAE1B,8BAAyC;AACzC,oBAAiC;AACjC,eAAwB;AACxB,uBAAkC;AAClC,uBAAsC;AACtC,mBAAuC;AAZvC;AAiBO,MAAM,2BAAN,MAAM,iCAAgC,2BAAU;AAAA;AAAA;AAAA;AAAA;AAAA,EAQtD,YAAY,OAA0B,EAAE,OAAO,IAAmC,CAAC,GAAG;AACrF,UAAM;AARP;AACA;AASC,uBAAK,SAAU;AAEf,QAAI,OAAO,UAAU,UAAU;AAC9B,yBAAK,WAAQ,uBAAW,KAAK;AAAA,IAC9B,WAAW,iBAAiB,YAAY;AACvC,yBAAK,OAAQ;AAAA,IACd,OAAO;AACN,yBAAK,OAAQ,WAAW,KAAK,KAAK;AAAA,IACnC;AAAA,EACD;AAAA;AAAA;AAAA;AAAA,EAKS,OAAO,WAA6C;AAC5D,WAAO,MAAM,OAAO,SAAS;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKA,aAAyB;AACxB,WAAO,mBAAK;AAAA,EACb;AAAA;AAAA;AAAA;AAAA,EAKA,OAAe;AACd,WAAO,iDAAyB,SAAS;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,UAAsB,YAAmD;AACrF,UAAM,MAAM,kBAAkB;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,sBAAsB,SAAqB,WAAkD;AAC5F,UAAM,kBAAkB,gCAAgC,SAAS;AACjE,UAAM,UAAU,IAAI,yBAAwB,gBAAgB,SAAS,EAAE,aAAa;AAEpF,WAAO,8BAA8B;AAAA,MACpC;AAAA,MACA,WAAO,qBAAS,OAAO;AAAA,MACvB,WAAW,gBAAgB;AAAA,MAC3B,aAAa;AAAA,MACb,QAAQ,mBAAK;AAAA,IACd,CAAC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAkB,aAAyB,WAAkD;AAC5F,UAAM,kBAAkB,gCAAgC,SAAS;AACjE,UAAM,UAAU,IAAI,yBAAwB,gBAAgB,SAAS,EAAE,aAAa;AACpF,WAAO,8BAA8B;AAAA,MACpC;AAAA,MACA,WAAO,qBAAS,WAAW;AAAA,MAC3B,WAAW,gBAAgB;AAAA,MAC3B,aAAa;AAAA,MACb,QAAQ,mBAAK;AAAA,IACd,CAAC;AAAA,EACF;AACD;AA/EC;AACA;AAFM,IAAM,0BAAN;AAmFA,SAAS,0BACf,aACA,KACA,SAC0B;AAE1B,QAAM,gCAA4B,qCAAuB,aAAa,EAAE;AACxE,QAAM,WAAW,IAAI,YAAY,EAAE,OAAO,GAAG;AAC7C,QAAM,MAAM,IAAI,WAAW,IAAI,SAAS,SAAS,0BAA0B,MAAM;AACjF,MAAI,IAAI,CAAC,SAAS,MAAM,GAAG,CAAC;AAC5B,MAAI,IAAI,UAAU,CAAC;AACnB,MAAI,IAAI,2BAA2B,IAAI,SAAS,MAAM;AACtD,SAAO,IAAI,wBAAwB,KAAK,OAAO;AAChD;AAEA,MAAM,kCAA8B,kBAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,CAiB3C;AAED,eAAe,8BAA8B;AAAA,EAC5C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAS,IAAI,+BAAiB;AAAA,IAC7B,KAAK;AAAA,EACN,CAAC;AACF,GAMG;AACF,QAAM,OAAO,MAAM,OAAO,MAAM;AAAA,IAC/B,OAAO;AAAA,IACP,WAAW;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACT;AAAA,EACD,CAAC;AAED,SACC,KAAK,MAAM,uBAAuB,YAAY,QAC9C,KAAK,MAAM,uBAAuB,OAAO,WAAW;AAEtD;AAEO,SAAS,gCAAgC,WAAgC;AAC/E,QAAM,QAAQ,OAAO,cAAc,eAAW,uBAAW,SAAS,IAAI;AAEtE,MAAI,MAAM,CAAC,MAAM,iDAAyB,SAAS;AAClD,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC3C;AAEA,QAAM,iBAAiB,MAAM,MAAM,CAAC;AACpC,QAAM,EAAE,QAAQ,UAAU,cAAc,QAAI,wCAAsB,cAAc;AAChF,QAAM,EAAE,kBAAkB,YAAY,IAAI;AAC1C,QAAM,UAAM,oCAA0B,kBAAkB,KAAK;AAC7D,QAAM,kBAAkB,0BAA0B,OAAO,WAAW,GAAG,GAAG;AAC1E,SAAO;AAAA,IACN,yBAAqB,qBAAS,KAAK;AAAA,IACnC,iBAAiB;AAAA,IACjB,SAAS;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa,OAAO,WAAW;AAAA,IAChC;AAAA,IACA,WAAW;AAAA,IACX,WAAW,gBAAgB,WAAW;AAAA,EACvC;AACD;",
-  "names": []
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromBase64, toBase64, toHex } from '@mysten/bcs';\nimport { blake2b } from '@noble/hashes/blake2b';\nimport { bytesToHex } from '@noble/hashes/utils';\n\nimport { PublicKey } from '../cryptography/publickey.js';\nimport type { PublicKeyInitData } from '../cryptography/publickey.js';\nimport { SIGNATURE_SCHEME_TO_FLAG } from '../cryptography/signature-scheme.js';\nimport { SuiGraphQLClient } from '../graphql/client.js';\nimport { graphql } from '../graphql/schemas/2024.4/index.js';\nimport { normalizeSuiAddress, SUI_ADDRESS_LENGTH } from '../utils/sui-types.js';\nimport { extractClaimValue } from './jwt-utils.js';\nimport { parseZkLoginSignature } from './signature.js';\nimport { toBigEndianBytes, toPaddedBigEndianBytes } from './utils.js';\n\n/**\n * A zkLogin public identifier\n */\nexport class ZkLoginPublicIdentifier extends PublicKey {\n\t#data: Uint8Array;\n\t#client?: SuiGraphQLClient;\n\t#legacyAddress: boolean;\n\n\t/**\n\t * Create a new ZkLoginPublicIdentifier object\n\t * @param value zkLogin public identifier as buffer or base-64 encoded string\n\t */\n\tconstructor(value: PublicKeyInitData, { client }: { client?: SuiGraphQLClient } = {}) {\n\t\tsuper();\n\n\t\tthis.#client = client;\n\n\t\tif (typeof value === 'string') {\n\t\t\tthis.#data = fromBase64(value);\n\t\t} else if (value instanceof Uint8Array) {\n\t\t\tthis.#data = value;\n\t\t} else {\n\t\t\tthis.#data = Uint8Array.from(value);\n\t\t}\n\t\tthis.#legacyAddress = this.#data.length !== this.#data[0] + 1 + 32;\n\n\t\tif (this.#legacyAddress) {\n\t\t\tthis.#data = normalizeZkLoginPublicKeyBytes(this.#data);\n\t\t}\n\t}\n\n\t/**\n\t * Checks if two zkLogin public identifiers are equal\n\t */\n\toverride equals(publicKey: ZkLoginPublicIdentifier): boolean {\n\t\treturn super.equals(publicKey);\n\t}\n\n\toverride toSuiAddress(): string {\n\t\tif (this.#legacyAddress) {\n\t\t\tconst legacyBytes = normalizeZkLoginPublicKeyBytes(this.#data, true);\n\t\t\tconst addressBytes = new Uint8Array(legacyBytes.length + 1);\n\t\t\taddressBytes[0] = this.flag();\n\t\t\taddressBytes.set(legacyBytes, 1);\n\t\t\treturn normalizeSuiAddress(\n\t\t\t\tbytesToHex(blake2b(addressBytes, { dkLen: 32 })).slice(0, SUI_ADDRESS_LENGTH * 2),\n\t\t\t);\n\t\t}\n\n\t\treturn super.toSuiAddress();\n\t}\n\n\t/**\n\t * Return the byte array representation of the zkLogin public identifier\n\t */\n\ttoRawBytes(): Uint8Array {\n\t\treturn this.#data;\n\t}\n\n\t/**\n\t * Return the Sui address associated with this ZkLogin public identifier\n\t */\n\tflag(): number {\n\t\treturn SIGNATURE_SCHEME_TO_FLAG['ZkLogin'];\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided message\n\t */\n\tasync verify(_message: Uint8Array, _signature: Uint8Array | string): Promise<boolean> {\n\t\tthrow Error('does not support');\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided PersonalMessage\n\t */\n\tverifyPersonalMessage(message: Uint8Array, signature: Uint8Array | string): Promise<boolean> {\n\t\tconst parsedSignature = parseSerializedZkLoginSignature(signature);\n\t\tconst address = new ZkLoginPublicIdentifier(parsedSignature.publicKey).toSuiAddress();\n\n\t\treturn graphqlVerifyZkLoginSignature({\n\t\t\taddress: address,\n\t\t\tbytes: toBase64(message),\n\t\t\tsignature: parsedSignature.serializedSignature,\n\t\t\tintentScope: 'PERSONAL_MESSAGE',\n\t\t\tclient: this.#client,\n\t\t});\n\t}\n\n\t/**\n\t * Verifies that the signature is valid for for the provided Transaction\n\t */\n\tverifyTransaction(transaction: Uint8Array, signature: Uint8Array | string): Promise<boolean> {\n\t\tconst parsedSignature = parseSerializedZkLoginSignature(signature);\n\t\tconst address = new ZkLoginPublicIdentifier(parsedSignature.publicKey).toSuiAddress();\n\t\treturn graphqlVerifyZkLoginSignature({\n\t\t\taddress: address,\n\t\t\tbytes: toBase64(transaction),\n\t\t\tsignature: parsedSignature.serializedSignature,\n\t\t\tintentScope: 'TRANSACTION_DATA',\n\t\t\tclient: this.#client,\n\t\t});\n\t}\n}\n\n// Derive the public identifier for zklogin based on address seed and iss.\nexport function toZkLoginPublicIdentifier(\n\taddressSeed: bigint,\n\tiss: string,\n\toptions?: { client?: SuiGraphQLClient; legacyAddress?: boolean },\n): ZkLoginPublicIdentifier {\n\t// Consists of iss_bytes_len || iss_bytes || padded_32_byte_address_seed.\n\tconst addressSeedBytesBigEndian = options?.legacyAddress\n\t\t? toBigEndianBytes(addressSeed, 32)\n\t\t: toPaddedBigEndianBytes(addressSeed, 32);\n\n\tconst issBytes = new TextEncoder().encode(iss);\n\tconst tmp = new Uint8Array(1 + issBytes.length + addressSeedBytesBigEndian.length);\n\ttmp.set([issBytes.length], 0);\n\ttmp.set(issBytes, 1);\n\ttmp.set(addressSeedBytesBigEndian, 1 + issBytes.length);\n\treturn new ZkLoginPublicIdentifier(tmp, options);\n}\n\nconst VerifyZkLoginSignatureQuery = graphql(`\n\tquery Zklogin(\n\t\t$bytes: Base64!\n\t\t$signature: Base64!\n\t\t$intentScope: ZkLoginIntentScope!\n\t\t$author: SuiAddress!\n\t) {\n\t\tverifyZkloginSignature(\n\t\t\tbytes: $bytes\n\t\t\tsignature: $signature\n\t\t\tintentScope: $intentScope\n\t\t\tauthor: $author\n\t\t) {\n\t\t\tsuccess\n\t\t\terrors\n\t\t}\n\t}\n`);\n\nfunction normalizeZkLoginPublicKeyBytes(bytes: Uint8Array, legacyAddress = false) {\n\tconst issByteLength = bytes[0] + 1;\n\tconst addressSeed = BigInt(`0x${toHex(bytes.slice(issByteLength))}`);\n\tconst seedBytes = legacyAddress\n\t\t? toBigEndianBytes(addressSeed, 32)\n\t\t: toPaddedBigEndianBytes(addressSeed, 32);\n\tconst data = new Uint8Array(issByteLength + seedBytes.length);\n\tdata.set(bytes.slice(0, issByteLength), 0);\n\tdata.set(seedBytes, issByteLength);\n\treturn data;\n}\n\nasync function graphqlVerifyZkLoginSignature({\n\taddress,\n\tbytes,\n\tsignature,\n\tintentScope,\n\tclient = new SuiGraphQLClient({\n\t\turl: 'https://sui-mainnet.mystenlabs.com/graphql',\n\t}),\n}: {\n\taddress: string;\n\tbytes: string;\n\tsignature: string;\n\tintentScope: 'PERSONAL_MESSAGE' | 'TRANSACTION_DATA';\n\tclient?: SuiGraphQLClient;\n}) {\n\tconst resp = await client.query({\n\t\tquery: VerifyZkLoginSignatureQuery,\n\t\tvariables: {\n\t\t\tbytes,\n\t\t\tsignature,\n\t\t\tintentScope,\n\t\t\tauthor: address,\n\t\t},\n\t});\n\n\treturn (\n\t\tresp.data?.verifyZkloginSignature.success === true &&\n\t\tresp.data?.verifyZkloginSignature.errors.length === 0\n\t);\n}\n\nexport function parseSerializedZkLoginSignature(signature: Uint8Array | string) {\n\tconst bytes = typeof signature === 'string' ? fromBase64(signature) : signature;\n\n\tif (bytes[0] !== SIGNATURE_SCHEME_TO_FLAG.ZkLogin) {\n\t\tthrow new Error('Invalid signature scheme');\n\t}\n\n\tconst signatureBytes = bytes.slice(1);\n\tconst { inputs, maxEpoch, userSignature } = parseZkLoginSignature(signatureBytes);\n\tconst { issBase64Details, addressSeed } = inputs;\n\tconst iss = extractClaimValue<string>(issBase64Details, 'iss');\n\tconst publicIdentifer = toZkLoginPublicIdentifier(BigInt(addressSeed), iss);\n\treturn {\n\t\tserializedSignature: toBase64(bytes),\n\t\tsignatureScheme: 'ZkLogin' as const,\n\t\tzkLogin: {\n\t\t\tinputs,\n\t\t\tmaxEpoch,\n\t\t\tuserSignature,\n\t\t\tiss,\n\t\t\taddressSeed: BigInt(addressSeed),\n\t\t},\n\t\tsignature: bytes,\n\t\tpublicKey: publicIdentifer.toRawBytes(),\n\t};\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAA4C;AAC5C,qBAAwB;AACxB,mBAA2B;AAE3B,uBAA0B;AAE1B,8BAAyC;AACzC,oBAAiC;AACjC,eAAwB;AACxB,uBAAwD;AACxD,uBAAkC;AAClC,uBAAsC;AACtC,IAAAA,gBAAyD;AAfzD;AAoBO,MAAM,2BAAN,MAAM,iCAAgC,2BAAU;AAAA;AAAA;AAAA;AAAA;AAAA,EAStD,YAAY,OAA0B,EAAE,OAAO,IAAmC,CAAC,GAAG;AACrF,UAAM;AATP;AACA;AACA;AASC,uBAAK,SAAU;AAEf,QAAI,OAAO,UAAU,UAAU;AAC9B,yBAAK,WAAQ,uBAAW,KAAK;AAAA,IAC9B,WAAW,iBAAiB,YAAY;AACvC,yBAAK,OAAQ;AAAA,IACd,OAAO;AACN,yBAAK,OAAQ,WAAW,KAAK,KAAK;AAAA,IACnC;AACA,uBAAK,gBAAiB,mBAAK,OAAM,WAAW,mBAAK,OAAM,CAAC,IAAI,IAAI;AAEhE,QAAI,mBAAK,iBAAgB;AACxB,yBAAK,OAAQ,+BAA+B,mBAAK,MAAK;AAAA,IACvD;AAAA,EACD;AAAA;AAAA;AAAA;AAAA,EAKS,OAAO,WAA6C;AAC5D,WAAO,MAAM,OAAO,SAAS;AAAA,EAC9B;AAAA,EAES,eAAuB;AAC/B,QAAI,mBAAK,iBAAgB;AACxB,YAAM,cAAc,+BAA+B,mBAAK,QAAO,IAAI;AACnE,YAAM,eAAe,IAAI,WAAW,YAAY,SAAS,CAAC;AAC1D,mBAAa,CAAC,IAAI,KAAK,KAAK;AAC5B,mBAAa,IAAI,aAAa,CAAC;AAC/B,iBAAO;AAAA,YACN,6BAAW,wBAAQ,cAAc,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,GAAG,sCAAqB,CAAC;AAAA,MACjF;AAAA,IACD;AAEA,WAAO,MAAM,aAAa;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,aAAyB;AACxB,WAAO,mBAAK;AAAA,EACb;AAAA;AAAA;AAAA;AAAA,EAKA,OAAe;AACd,WAAO,iDAAyB,SAAS;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,UAAsB,YAAmD;AACrF,UAAM,MAAM,kBAAkB;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,sBAAsB,SAAqB,WAAkD;AAC5F,UAAM,kBAAkB,gCAAgC,SAAS;AACjE,UAAM,UAAU,IAAI,yBAAwB,gBAAgB,SAAS,EAAE,aAAa;AAEpF,WAAO,8BAA8B;AAAA,MACpC;AAAA,MACA,WAAO,qBAAS,OAAO;AAAA,MACvB,WAAW,gBAAgB;AAAA,MAC3B,aAAa;AAAA,MACb,QAAQ,mBAAK;AAAA,IACd,CAAC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAkB,aAAyB,WAAkD;AAC5F,UAAM,kBAAkB,gCAAgC,SAAS;AACjE,UAAM,UAAU,IAAI,yBAAwB,gBAAgB,SAAS,EAAE,aAAa;AACpF,WAAO,8BAA8B;AAAA,MACpC;AAAA,MACA,WAAO,qBAAS,WAAW;AAAA,MAC3B,WAAW,gBAAgB;AAAA,MAC3B,aAAa;AAAA,MACb,QAAQ,mBAAK;AAAA,IACd,CAAC;AAAA,EACF;AACD;AAnGC;AACA;AACA;AAHM,IAAM,0BAAN;AAuGA,SAAS,0BACf,aACA,KACA,SAC0B;AAE1B,QAAM,4BAA4B,SAAS,oBACxC,gCAAiB,aAAa,EAAE,QAChC,sCAAuB,aAAa,EAAE;AAEzC,QAAM,WAAW,IAAI,YAAY,EAAE,OAAO,GAAG;AAC7C,QAAM,MAAM,IAAI,WAAW,IAAI,SAAS,SAAS,0BAA0B,MAAM;AACjF,MAAI,IAAI,CAAC,SAAS,MAAM,GAAG,CAAC;AAC5B,MAAI,IAAI,UAAU,CAAC;AACnB,MAAI,IAAI,2BAA2B,IAAI,SAAS,MAAM;AACtD,SAAO,IAAI,wBAAwB,KAAK,OAAO;AAChD;AAEA,MAAM,kCAA8B,kBAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,CAiB3C;AAED,SAAS,+BAA+B,OAAmB,gBAAgB,OAAO;AACjF,QAAM,gBAAgB,MAAM,CAAC,IAAI;AACjC,QAAM,cAAc,OAAO,SAAK,kBAAM,MAAM,MAAM,aAAa,CAAC,CAAC,EAAE;AACnE,QAAM,YAAY,oBACf,gCAAiB,aAAa,EAAE,QAChC,sCAAuB,aAAa,EAAE;AACzC,QAAM,OAAO,IAAI,WAAW,gBAAgB,UAAU,MAAM;AAC5D,OAAK,IAAI,MAAM,MAAM,GAAG,aAAa,GAAG,CAAC;AACzC,OAAK,IAAI,WAAW,aAAa;AACjC,SAAO;AACR;AAEA,eAAe,8BAA8B;AAAA,EAC5C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAS,IAAI,+BAAiB;AAAA,IAC7B,KAAK;AAAA,EACN,CAAC;AACF,GAMG;AACF,QAAM,OAAO,MAAM,OAAO,MAAM;AAAA,IAC/B,OAAO;AAAA,IACP,WAAW;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACT;AAAA,EACD,CAAC;AAED,SACC,KAAK,MAAM,uBAAuB,YAAY,QAC9C,KAAK,MAAM,uBAAuB,OAAO,WAAW;AAEtD;AAEO,SAAS,gCAAgC,WAAgC;AAC/E,QAAM,QAAQ,OAAO,cAAc,eAAW,uBAAW,SAAS,IAAI;AAEtE,MAAI,MAAM,CAAC,MAAM,iDAAyB,SAAS;AAClD,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC3C;AAEA,QAAM,iBAAiB,MAAM,MAAM,CAAC;AACpC,QAAM,EAAE,QAAQ,UAAU,cAAc,QAAI,wCAAsB,cAAc;AAChF,QAAM,EAAE,kBAAkB,YAAY,IAAI;AAC1C,QAAM,UAAM,oCAA0B,kBAAkB,KAAK;AAC7D,QAAM,kBAAkB,0BAA0B,OAAO,WAAW,GAAG,GAAG;AAC1E,SAAO;AAAA,IACN,yBAAqB,qBAAS,KAAK;AAAA,IACnC,iBAAiB;AAAA,IACjB,SAAS;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa,OAAO,WAAW;AAAA,IAChC;AAAA,IACA,WAAW;AAAA,IACX,WAAW,gBAAgB,WAAW;AAAA,EACvC;AACD;",
+  "names": ["import_utils"]
 }

package/dist/cjs/zklogin/utils.d.ts

@@ -1,2 +1,15 @@
+import type { PublicKey } from '../cryptography/publickey.js';
 export declare function toPaddedBigEndianBytes(num: bigint, width: number): Uint8Array;
 export declare function toBigEndianBytes(num: bigint, width: number): Uint8Array;
+export declare function getExtendedEphemeralPublicKey(publicKey: PublicKey): string;
+/**
+ * Splits an array into chunks of size chunk_size. If the array is not evenly
+ * divisible by chunk_size, the first chunk will be smaller than chunk_size.
+ *
+ * E.g., arrayChunk([1, 2, 3, 4, 5], 2) => [[1], [2, 3], [4, 5]]
+ *
+ * Note: Can be made more efficient by avoiding the reverse() calls.
+ */
+export declare function chunkArray<T>(array: T[], chunk_size: number): T[][];
+export declare function hashASCIIStrToField(str: string, maxSize: number): bigint;
+export declare function genAddressSeed(salt: string | bigint, name: string, value: string, aud: string, max_name_length?: number, max_value_length?: number, max_aud_length?: number): bigint;