@noble/curves 0.7.2 → 0.8.0

package/esm/abstract/bls.js

@@ -1,226 +0,0 @@
-import { hashToPrivateScalar } from './modular.js';
-import { bitLen, bitGet, ensureBytes } from './utils.js';
-import * as htf from './hash-to-curve.js';
-import { weierstrassPoints, } from './weierstrass.js';
-export function bls(CURVE) {
-    // Fields looks pretty specific for curve, so for now we need to pass them with opts
-    const { Fp, Fr, Fp2, Fp6, Fp12 } = CURVE;
-    const BLS_X_LEN = bitLen(CURVE.x);
-    const groupLen = 32; // TODO: calculate; hardcoded for now
-    // Pre-compute coefficients for sparse multiplication
-    // Point addition and point double calculations is reused for coefficients
-    function calcPairingPrecomputes(p) {
-        const { x, y } = p;
-        // prettier-ignore
-        const Qx = x, Qy = y, Qz = Fp2.ONE;
-        // prettier-ignore
-        let Rx = Qx, Ry = Qy, Rz = Qz;
-        let ell_coeff = [];
-        for (let i = BLS_X_LEN - 2; i >= 0; i--) {
-            // Double
-            let t0 = Fp2.sqr(Ry); // Ry²
-            let t1 = Fp2.sqr(Rz); // Rz²
-            let t2 = Fp2.multiplyByB(Fp2.mul(t1, 3n)); // 3 * T1 * B
-            let t3 = Fp2.mul(t2, 3n); // 3 * T2
-            let t4 = Fp2.sub(Fp2.sub(Fp2.sqr(Fp2.add(Ry, Rz)), t1), t0); // (Ry + Rz)² - T1 - T0
-            ell_coeff.push([
-                Fp2.sub(t2, t0),
-                Fp2.mul(Fp2.sqr(Rx), 3n),
-                Fp2.neg(t4), // -T4
-            ]);
-            Rx = Fp2.div(Fp2.mul(Fp2.mul(Fp2.sub(t0, t3), Rx), Ry), 2n); // ((T0 - T3) * Rx * Ry) / 2
-            Ry = Fp2.sub(Fp2.sqr(Fp2.div(Fp2.add(t0, t3), 2n)), Fp2.mul(Fp2.sqr(t2), 3n)); // ((T0 + T3) / 2)² - 3 * T2²
-            Rz = Fp2.mul(t0, t4); // T0 * T4
-            if (bitGet(CURVE.x, i)) {
-                // Addition
-                let t0 = Fp2.sub(Ry, Fp2.mul(Qy, Rz)); // Ry - Qy * Rz
-                let t1 = Fp2.sub(Rx, Fp2.mul(Qx, Rz)); // Rx - Qx * Rz
-                ell_coeff.push([
-                    Fp2.sub(Fp2.mul(t0, Qx), Fp2.mul(t1, Qy)),
-                    Fp2.neg(t0),
-                    t1, // T1
-                ]);
-                let t2 = Fp2.sqr(t1); // T1²
-                let t3 = Fp2.mul(t2, t1); // T2 * T1
-                let t4 = Fp2.mul(t2, Rx); // T2 * Rx
-                let t5 = Fp2.add(Fp2.sub(t3, Fp2.mul(t4, 2n)), Fp2.mul(Fp2.sqr(t0), Rz)); // T3 - 2 * T4 + T0² * Rz
-                Rx = Fp2.mul(t1, t5); // T1 * T5
-                Ry = Fp2.sub(Fp2.mul(Fp2.sub(t4, t5), t0), Fp2.mul(t3, Ry)); // (T4 - T5) * T0 - T3 * Ry
-                Rz = Fp2.mul(Rz, t3); // Rz * T3
-            }
-        }
-        return ell_coeff;
-    }
-    function millerLoop(ell, g1) {
-        const { x } = CURVE;
-        const Px = g1[0];
-        const Py = g1[1];
-        let f12 = Fp12.ONE;
-        for (let j = 0, i = BLS_X_LEN - 2; i >= 0; i--, j++) {
-            const E = ell[j];
-            f12 = Fp12.multiplyBy014(f12, E[0], Fp2.mul(E[1], Px), Fp2.mul(E[2], Py));
-            if (bitGet(x, i)) {
-                j += 1;
-                const F = ell[j];
-                f12 = Fp12.multiplyBy014(f12, F[0], Fp2.mul(F[1], Px), Fp2.mul(F[2], Py));
-            }
-            if (i !== 0)
-                f12 = Fp12.sqr(f12);
-        }
-        return Fp12.conjugate(f12);
-    }
-    const utils = {
-        randomPrivateKey: () => {
-            return Fr.toBytes(hashToPrivateScalar(CURVE.randomBytes(groupLen + 8), CURVE.r));
-        },
-    };
-    // Point on G1 curve: (x, y)
-    const G1_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G1 });
-    const G1 = Object.assign(G1_, htf.createHasher(G1_.ProjectivePoint, CURVE.G1.mapToCurve, {
-        ...CURVE.htfDefaults,
-        ...CURVE.G1.htfDefaults,
-    }));
-    function pairingPrecomputes(point) {
-        const p = point;
-        if (p._PPRECOMPUTES)
-            return p._PPRECOMPUTES;
-        p._PPRECOMPUTES = calcPairingPrecomputes(point.toAffine());
-        return p._PPRECOMPUTES;
-    }
-    // TODO: export
-    // function clearPairingPrecomputes(point: G2) {
-    //   const p = point as G2 & withPairingPrecomputes;
-    //   p._PPRECOMPUTES = undefined;
-    // }
-    // Point on G2 curve (complex numbers): (x₁, x₂+i), (y₁, y₂+i)
-    const G2_ = weierstrassPoints({ n: Fr.ORDER, ...CURVE.G2 });
-    const G2 = Object.assign(G2_, htf.createHasher(G2_.ProjectivePoint, CURVE.G2.mapToCurve, {
-        ...CURVE.htfDefaults,
-        ...CURVE.G2.htfDefaults,
-    }));
-    const { Signature } = CURVE.G2;
-    // Calculates bilinear pairing
-    function pairing(Q, P, withFinalExponent = true) {
-        if (Q.equals(G1.ProjectivePoint.ZERO) || P.equals(G2.ProjectivePoint.ZERO))
-            throw new Error('pairing is not available for ZERO point');
-        Q.assertValidity();
-        P.assertValidity();
-        // Performance: 9ms for millerLoop and ~14ms for exp.
-        const Qa = Q.toAffine();
-        const looped = millerLoop(pairingPrecomputes(P), [Qa.x, Qa.y]);
-        return withFinalExponent ? Fp12.finalExponentiate(looped) : looped;
-    }
-    function normP1(point) {
-        return point instanceof G1.ProjectivePoint ? point : G1.ProjectivePoint.fromHex(point);
-    }
-    function normP2(point) {
-        return point instanceof G2.ProjectivePoint ? point : Signature.decode(point);
-    }
-    function normP2Hash(point, htfOpts) {
-        return point instanceof G2.ProjectivePoint
-            ? point
-            : G2.hashToCurve(ensureBytes('point', point), htfOpts);
-    }
-    // Multiplies generator by private key.
-    // P = pk x G
-    function getPublicKey(privateKey) {
-        return G1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(true);
-    }
-    function sign(message, privateKey, htfOpts) {
-        const msgPoint = normP2Hash(message, htfOpts);
-        msgPoint.assertValidity();
-        const sigPoint = msgPoint.multiply(G1.normPrivateKeyToScalar(privateKey));
-        if (message instanceof G2.ProjectivePoint)
-            return sigPoint;
-        return Signature.encode(sigPoint);
-    }
-    // Checks if pairing of public key & hash is equal to pairing of generator & signature.
-    // e(P, H(m)) == e(G, S)
-    function verify(signature, message, publicKey, htfOpts) {
-        const P = normP1(publicKey);
-        const Hm = normP2Hash(message, htfOpts);
-        const G = G1.ProjectivePoint.BASE;
-        const S = normP2(signature);
-        // Instead of doing 2 exponentiations, we use property of billinear maps
-        // and do one exp after multiplying 2 points.
-        const ePHm = pairing(P.negate(), Hm, false);
-        const eGS = pairing(G, S, false);
-        const exp = Fp12.finalExponentiate(Fp12.mul(eGS, ePHm));
-        return Fp12.eql(exp, Fp12.ONE);
-    }
-    function aggregatePublicKeys(publicKeys) {
-        if (!publicKeys.length)
-            throw new Error('Expected non-empty array');
-        const agg = publicKeys.map(normP1).reduce((sum, p) => sum.add(p), G1.ProjectivePoint.ZERO);
-        const aggAffine = agg; //.toAffine();
-        if (publicKeys[0] instanceof G1.ProjectivePoint) {
-            aggAffine.assertValidity();
-            return aggAffine;
-        }
-        // toRawBytes ensures point validity
-        return aggAffine.toRawBytes(true);
-    }
-    function aggregateSignatures(signatures) {
-        if (!signatures.length)
-            throw new Error('Expected non-empty array');
-        const agg = signatures.map(normP2).reduce((sum, s) => sum.add(s), G2.ProjectivePoint.ZERO);
-        const aggAffine = agg; //.toAffine();
-        if (signatures[0] instanceof G2.ProjectivePoint) {
-            aggAffine.assertValidity();
-            return aggAffine;
-        }
-        return Signature.encode(aggAffine);
-    }
-    // https://ethresear.ch/t/fast-verification-of-multiple-bls-signatures/5407
-    // e(G, S) = e(G, SUM(n)(Si)) = MUL(n)(e(G, Si))
-    function verifyBatch(signature, messages, publicKeys, htfOpts) {
-        // @ts-ignore
-        // console.log('verifyBatch', bytesToHex(signature as any), messages, publicKeys.map(bytesToHex));
-        if (!messages.length)
-            throw new Error('Expected non-empty messages array');
-        if (publicKeys.length !== messages.length)
-            throw new Error('Pubkey count should equal msg count');
-        const sig = normP2(signature);
-        const nMessages = messages.map((i) => normP2Hash(i, htfOpts));
-        const nPublicKeys = publicKeys.map(normP1);
-        try {
-            const paired = [];
-            for (const message of new Set(nMessages)) {
-                const groupPublicKey = nMessages.reduce((groupPublicKey, subMessage, i) => subMessage === message ? groupPublicKey.add(nPublicKeys[i]) : groupPublicKey, G1.ProjectivePoint.ZERO);
-                // const msg = message instanceof PointG2 ? message : await PointG2.hashToCurve(message);
-                // Possible to batch pairing for same msg with different groupPublicKey here
-                paired.push(pairing(groupPublicKey, message, false));
-            }
-            paired.push(pairing(G1.ProjectivePoint.BASE.negate(), sig, false));
-            const product = paired.reduce((a, b) => Fp12.mul(a, b), Fp12.ONE);
-            const exp = Fp12.finalExponentiate(product);
-            return Fp12.eql(exp, Fp12.ONE);
-        }
-        catch {
-            return false;
-        }
-    }
-    G1.ProjectivePoint.BASE._setWindowSize(4);
-    return {
-        CURVE,
-        Fr,
-        Fp,
-        Fp2,
-        Fp6,
-        Fp12,
-        G1,
-        G2,
-        Signature,
-        millerLoop,
-        calcPairingPrecomputes,
-        pairing,
-        getPublicKey,
-        sign,
-        verify,
-        aggregatePublicKeys,
-        aggregateSignatures,
-        verifyBatch,
-        utils,
-    };
-}
-//# sourceMappingURL=bls.js.map

package/esm/abstract/bls.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"bls.js","sourceRoot":"","sources":["../../src/abstract/bls.ts"],"names":[],"mappings":"AAcA,OAAO,EAAS,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAuB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9E,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAIL,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAiF1B,MAAM,UAAU,GAAG,CACjB,KAAoC;IAEpC,oFAAoF;IACpF,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;IACzC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,EAAE,CAAC,CAAC,qCAAqC;IAE1D,qDAAqD;IACrD,0EAA0E;IAC1E,SAAS,sBAAsB,CAAC,CAAmB;QACjD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QACnB,kBAAkB;QAClB,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC;QACnC,kBAAkB;QAClB,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAsB,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YACvC,SAAS;YACT,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;YAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa;YACxD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB;YACpF,SAAS,CAAC,IAAI,CAAC;gBACb,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC;gBACf,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACxB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,MAAM;aACpB,CAAC,CAAC;YACH,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;YACzF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,6BAA6B;YAC5G,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAChC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBACtB,WAAW;gBACX,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe;gBACtD,SAAS,CAAC,IAAI,CAAC;oBACb,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;oBACzC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBACX,EAAE,EAAE,KAAK;iBACV,CAAC,CAAC;gBACH,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM;gBAC5B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBACpC,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yBAAyB;gBACnG,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;gBAChC,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;gBACxF,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;aACjC;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,UAAU,CAAC,GAAsB,EAAE,EAAY;QACtD,MAAM,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC;QACpB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACjB,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE;YACnD,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC1E,IAAI,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBAChB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACjB,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;aAC3E;YACD,IAAI,CAAC,KAAK,CAAC;gBAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SAClC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE,GAAe,EAAE;YACjC,OAAO,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,CAAC;KACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzD,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAKF,SAAS,kBAAkB,CAAC,KAAS;QACnC,MAAM,CAAC,GAAG,KAAoC,CAAC;QAC/C,IAAI,CAAC,CAAC,aAAa;YAAE,OAAO,CAAC,CAAC,aAAa,CAAC;QAC5C,CAAC,CAAC,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,aAAa,CAAC;IACzB,CAAC;IAED,eAAe;IACf,gDAAgD;IAChD,oDAAoD;IACpD,iCAAiC;IACjC,IAAI;IAEJ,8DAA8D;IAC9D,MAAM,GAAG,GAAG,iBAAiB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CACtB,GAAG,EACH,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAA+C,EAAE,KAAK,CAAC,EAAE,CAAC,UAAU,EAAE;QACzF,GAAG,KAAK,CAAC,WAAW;QACpB,GAAG,KAAK,CAAC,EAAE,CAAC,WAAW;KACxB,CAAC,CACH,CAAC;IAEF,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;IAE/B,8BAA8B;IAC9B,SAAS,OAAO,CAAC,CAAK,EAAE,CAAK,EAAE,oBAA6B,IAAI;QAC9D,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,qDAAqD;QACrD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/D,OAAO,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,CAAC;IAMD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAE,KAAY,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjG,CAAC;IACD,SAAS,MAAM,CAAC,KAAY;QAC1B,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/E,CAAC;IACD,SAAS,UAAU,CAAC,KAAY,EAAE,OAA0B;QAC1D,OAAO,KAAK,YAAY,EAAE,CAAC,eAAe;YACxC,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,OAAO,CAAQ,CAAC;IACnE,CAAC;IAED,uCAAuC;IACvC,aAAa;IACb,SAAS,YAAY,CAAC,UAAmB;QACvC,OAAO,EAAE,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAMD,SAAS,IAAI,CAAC,OAAc,EAAE,UAAmB,EAAE,OAA0B;QAC3E,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9C,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,IAAI,OAAO,YAAY,EAAE,CAAC,eAAe;YAAE,OAAO,QAAQ,CAAC;QAC3D,OAAO,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,uFAAuF;IACvF,wBAAwB;IACxB,SAAS,MAAM,CACb,SAAgB,EAChB,OAAc,EACd,SAAgB,EAChB,OAA0B;QAE1B,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,MAAM,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5B,wEAAwE;QACxE,6CAA6C;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAMD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,oCAAoC;QACpC,OAAO,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAKD,SAAS,mBAAmB,CAAC,UAAmB;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,cAAc;QACrC,IAAI,UAAU,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,eAAe,EAAE;YAC/C,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED,2EAA2E;IAC3E,gDAAgD;IAChD,SAAS,WAAW,CAClB,SAAgB,EAChB,QAAiB,EACjB,UAAmB,EACnB,OAA0B;QAE1B,aAAa;QACb,kGAAkG;QAElG,IAAI,CAAC,QAAQ,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI;YACF,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,KAAK,MAAM,OAAO,IAAI,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;gBACxC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAChC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,EAC9E,EAAE,CAAC,eAAe,CAAC,IAAI,CACxB,CAAC;gBACF,yFAAyF;gBACzF,4EAA4E;gBAC5E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;aACtD;YACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAClE,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;SAChC;QAAC,MAAM;YACN,OAAO,KAAK,CAAC;SACd;IACH,CAAC;IAED,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAE1C,OAAO;QACL,KAAK;QACL,EAAE;QACF,EAAE;QACF,GAAG;QACH,GAAG;QACH,IAAI;QACJ,EAAE;QACF,EAAE;QACF,SAAS;QACT,UAAU;QACV,sBAAsB;QACtB,OAAO;QACP,YAAY;QACZ,IAAI;QACJ,MAAM;QACN,mBAAmB;QACnB,mBAAmB;QACnB,WAAW;QACX,KAAK;KACN,CAAC;AACJ,CAAC"}

package/esm/abstract/curve.js

@@ -1,152 +0,0 @@
-/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
-// Abelian group utilities
-import { validateField, nLength } from './modular.js';
-import { validateObject } from './utils.js';
-const _0n = BigInt(0);
-const _1n = BigInt(1);
-// Elliptic curve multiplication of Point by scalar. Fragile.
-// Scalars should always be less than curve order: this should be checked inside of a curve itself.
-// Creates precomputation tables for fast multiplication:
-// - private scalar is split by fixed size windows of W bits
-// - every window point is collected from window's table & added to accumulator
-// - since windows are different, same point inside tables won't be accessed more than once per calc
-// - each multiplication is 'Math.ceil(CURVE_ORDER / 𝑊) + 1' point additions (fixed for any scalar)
-// - +1 window is neccessary for wNAF
-// - wNAF reduces table size: 2x less memory + 2x faster generation, but 10% slower multiplication
-// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow
-// windows to be in different memory locations
-export function wNAF(c, bits) {
-    const constTimeNegate = (condition, item) => {
-        const neg = item.negate();
-        return condition ? neg : item;
-    };
-    const opts = (W) => {
-        const windows = Math.ceil(bits / W) + 1; // +1, because
-        const windowSize = 2 ** (W - 1); // -1 because we skip zero
-        return { windows, windowSize };
-    };
-    return {
-        constTimeNegate,
-        // non-const time multiplication ladder
-        unsafeLadder(elm, n) {
-            let p = c.ZERO;
-            let d = elm;
-            while (n > _0n) {
-                if (n & _1n)
-                    p = p.add(d);
-                d = d.double();
-                n >>= _1n;
-            }
-            return p;
-        },
-        /**
-         * Creates a wNAF precomputation window. Used for caching.
-         * Default window size is set by `utils.precompute()` and is equal to 8.
-         * Number of precomputed points depends on the curve size:
-         * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where:
-         * - 𝑊 is the window size
-         * - 𝑛 is the bitlength of the curve order.
-         * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224.
-         * @returns precomputed point tables flattened to a single array
-         */
-        precomputeWindow(elm, W) {
-            const { windows, windowSize } = opts(W);
-            const points = [];
-            let p = elm;
-            let base = p;
-            for (let window = 0; window < windows; window++) {
-                base = p;
-                points.push(base);
-                // =1, because we skip zero
-                for (let i = 1; i < windowSize; i++) {
-                    base = base.add(p);
-                    points.push(base);
-                }
-                p = base.double();
-            }
-            return points;
-        },
-        /**
-         * Implements ec multiplication using precomputed tables and w-ary non-adjacent form.
-         * @param W window size
-         * @param precomputes precomputed tables
-         * @param n scalar (we don't check here, but should be less than curve order)
-         * @returns real and fake (for const-time) points
-         */
-        wNAF(W, precomputes, n) {
-            // TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise
-            // But need to carefully remove other checks before wNAF. ORDER == bits here
-            const { windows, windowSize } = opts(W);
-            let p = c.ZERO;
-            let f = c.BASE;
-            const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc.
-            const maxNumber = 2 ** W;
-            const shiftBy = BigInt(W);
-            for (let window = 0; window < windows; window++) {
-                const offset = window * windowSize;
-                // Extract W bits.
-                let wbits = Number(n & mask);
-                // Shift number by W bits.
-                n >>= shiftBy;
-                // If the bits are bigger than max size, we'll split those.
-                // +224 => 256 - 32
-                if (wbits > windowSize) {
-                    wbits -= maxNumber;
-                    n += _1n;
-                }
-                // This code was first written with assumption that 'f' and 'p' will never be infinity point:
-                // since each addition is multiplied by 2 ** W, it cannot cancel each other. However,
-                // there is negate now: it is possible that negated element from low value
-                // would be the same as high element, which will create carry into next window.
-                // It's not obvious how this can fail, but still worth investigating later.
-                // Check if we're onto Zero point.
-                // Add random point inside current window to f.
-                const offset1 = offset;
-                const offset2 = offset + Math.abs(wbits) - 1; // -1 because we skip zero
-                const cond1 = window % 2 !== 0;
-                const cond2 = wbits < 0;
-                if (wbits === 0) {
-                    // The most important part for const-time getPublicKey
-                    f = f.add(constTimeNegate(cond1, precomputes[offset1]));
-                }
-                else {
-                    p = p.add(constTimeNegate(cond2, precomputes[offset2]));
-                }
-            }
-            // JIT-compiler should not eliminate f here, since it will later be used in normalizeZ()
-            // Even if the variable is still unused, there are some checks which will
-            // throw an exception, so compiler needs to prove they won't happen, which is hard.
-            // At this point there is a way to F be infinity-point even if p is not,
-            // which makes it less const-time: around 1 bigint multiply.
-            return { p, f };
-        },
-        wNAFCached(P, precomputesMap, n, transform) {
-            // @ts-ignore
-            const W = P._WINDOW_SIZE || 1;
-            // Calculate precomputes on a first run, reuse them after
-            let comp = precomputesMap.get(P);
-            if (!comp) {
-                comp = this.precomputeWindow(P, W);
-                if (W !== 1) {
-                    precomputesMap.set(P, transform(comp));
-                }
-            }
-            return this.wNAF(W, comp, n);
-        },
-    };
-}
-export function validateBasic(curve) {
-    validateField(curve.Fp);
-    validateObject(curve, {
-        n: 'bigint',
-        h: 'bigint',
-        Gx: 'field',
-        Gy: 'field',
-    }, {
-        nBitLength: 'isSafeInteger',
-        nByteLength: 'isSafeInteger',
-    });
-    // Set defaults
-    return Object.freeze({ ...nLength(curve.n, curve.nBitLength), ...curve });
-}
-//# sourceMappingURL=curve.js.map

package/esm/abstract/curve.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"curve.js","sourceRoot":"","sources":["../../src/abstract/curve.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,0BAA0B;AAC1B,OAAO,EAAS,aAAa,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AAsBtB,6DAA6D;AAC7D,mGAAmG;AACnG,yDAAyD;AACzD,4DAA4D;AAC5D,+EAA+E;AAC/E,oGAAoG;AACpG,oGAAoG;AACpG,qCAAqC;AACrC,kGAAkG;AAClG,gGAAgG;AAChG,8CAA8C;AAC9C,MAAM,UAAU,IAAI,CAAqB,CAAsB,EAAE,IAAY;IAC3E,MAAM,eAAe,GAAG,CAAC,SAAkB,EAAE,IAAO,EAAK,EAAE;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;QACvD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAC3D,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC,CAAC;IACF,OAAO;QACL,eAAe;QACf,uCAAuC;QACvC,YAAY,CAAC,GAAM,EAAE,CAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,EAAE;gBACd,IAAI,CAAC,GAAG,GAAG;oBAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;gBACf,CAAC,KAAK,GAAG,CAAC;aACX;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED;;;;;;;;;WASG;QACH,gBAAgB,CAAC,GAAM,EAAE,CAAS;YAChC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,IAAI,CAAC,GAAM,GAAG,CAAC;YACf,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,IAAI,GAAG,CAAC,CAAC;gBACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClB,2BAA2B;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE;oBACnC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACnB;gBACD,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;aACnB;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED;;;;;;WAMG;QACH,IAAI,CAAC,CAAS,EAAE,WAAgB,EAAE,CAAS;YACzC,gGAAgG;YAChG,4EAA4E;YAC5E,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAEf,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,+CAA+C;YAChF,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YAE1B,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC/C,MAAM,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;gBACnC,kBAAkB;gBAClB,IAAI,KAAK,GAAG,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAE7B,0BAA0B;gBAC1B,CAAC,KAAK,OAAO,CAAC;gBAEd,2DAA2D;gBAC3D,mBAAmB;gBACnB,IAAI,KAAK,GAAG,UAAU,EAAE;oBACtB,KAAK,IAAI,SAAS,CAAC;oBACnB,CAAC,IAAI,GAAG,CAAC;iBACV;gBAED,6FAA6F;gBAC7F,qFAAqF;gBACrF,0EAA0E;gBAC1E,+EAA+E;gBAC/E,2EAA2E;gBAE3E,kCAAkC;gBAClC,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC;gBACvB,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,0BAA0B;gBACxE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,KAAK,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,IAAI,KAAK,KAAK,CAAC,EAAE;oBACf,sDAAsD;oBACtD,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;qBAAM;oBACL,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;iBACzD;aACF;YACD,wFAAwF;YACxF,yEAAyE;YACzE,mFAAmF;YACnF,wEAAwE;YACxE,4DAA4D;YAC5D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAClB,CAAC;QAED,UAAU,CAAC,CAAI,EAAE,cAA2B,EAAE,CAAS,EAAE,SAAoB;YAC3E,aAAa;YACb,MAAM,CAAC,GAAW,CAAC,CAAC,YAAY,IAAI,CAAC,CAAC;YACtC,yDAAyD;YACzD,IAAI,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE;gBACT,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAQ,CAAC;gBAC1C,IAAI,CAAC,KAAK,CAAC,EAAE;oBACX,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACxC;aACF;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,aAAa,CAAQ,KAAyB;IAC5D,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxB,cAAc,CACZ,KAAK,EACL;QACE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,EAAE,EAAE,OAAO;QACX,EAAE,EAAE,OAAO;KACZ,EACD;QACE,UAAU,EAAE,eAAe;QAC3B,WAAW,EAAE,eAAe;KAC7B,CACF,CAAC;IACF,eAAe;IACf,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,KAAK,EAAW,CAAC,CAAC;AACrF,CAAC"}