@noble/curves 1.9.0 → 1.9.1

package/abstract/modular.js

@@ -34,8 +34,6 @@ const utils_ts_1 = require("./utils.js");
 const _0n = BigInt(0), _1n = BigInt(1), _2n = /* @__PURE__ */ BigInt(2), _3n = /* @__PURE__ */ BigInt(3);
 // prettier-ignore
 const _4n = /* @__PURE__ */ BigInt(4), _5n = /* @__PURE__ */ BigInt(5), _8n = /* @__PURE__ */ BigInt(8);
-// prettier-ignore
-const _9n = /* @__PURE__ */ BigInt(9), _16n = /* @__PURE__ */ BigInt(16);
 // Calculates a modulo b
 function mod(a, b) {
     const result = a % b;
@@ -49,20 +47,7 @@ function mod(a, b) {
  * pow(2n, 6n, 11n) // 64n % 11n == 9n
  */
 function pow(num, power, modulo) {
-    if (power < _0n)
-        throw new Error('invalid exponent, negatives unsupported');
-    if (modulo <= _0n)
-        throw new Error('invalid modulus');
-    if (modulo === _1n)
-        return _0n;
-    let res = _1n;
-    while (power > _0n) {
-        if (power & _1n)
-            res = (res * num) % modulo;
-        num = (num * num) % modulo;
-        power >>= _1n;
-    }
-    return res;
+    return FpPow(Field(modulo), num, power);
 }
 /** Does `x^(2^power)` mod p. `pow2(30, 4)` == `30^(2^4)` */
 function pow2(x, power, modulo) {
@@ -101,6 +86,51 @@ function invert(number, modulo) {
         throw new Error('invert: does not exist');
     return mod(x, modulo);
 }
+// Not all roots are possible! Example which will throw:
+// const NUM =
+// n = 72057594037927816n;
+// Fp = Field(BigInt('0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab'));
+function sqrt3mod4(Fp, n) {
+    const p1div4 = (Fp.ORDER + _1n) / _4n;
+    const root = Fp.pow(n, p1div4);
+    // Throw if root^2 != n
+    if (!Fp.eql(Fp.sqr(root), n))
+        throw new Error('Cannot find square root');
+    return root;
+}
+function sqrt5mod8(Fp, n) {
+    const p5div8 = (Fp.ORDER - _5n) / _8n;
+    const n2 = Fp.mul(n, _2n);
+    const v = Fp.pow(n2, p5div8);
+    const nv = Fp.mul(n, v);
+    const i = Fp.mul(Fp.mul(nv, _2n), v);
+    const root = Fp.mul(nv, Fp.sub(i, Fp.ONE));
+    if (!Fp.eql(Fp.sqr(root), n))
+        throw new Error('Cannot find square root');
+    return root;
+}
+// TODO: Commented-out for now. Provide test vectors.
+// Tonelli is too slow for extension fields Fp2.
+// That means we can't use sqrt (c1, c2...) even for initialization constants.
+// if (P % _16n === _9n) return sqrt9mod16;
+// // prettier-ignore
+// function sqrt9mod16<T>(Fp: IField<T>, n: T, p7div16?: bigint) {
+//   if (p7div16 === undefined) p7div16 = (Fp.ORDER + BigInt(7)) / _16n;
+//   const c1 = Fp.sqrt(Fp.neg(Fp.ONE)); //  1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F
+//   const c2 = Fp.sqrt(c1);             //  2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F
+//   const c3 = Fp.sqrt(Fp.neg(c1));     //  3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F
+//   const c4 = p7div16;                 //  4. c4 = (q + 7) / 16        # Integer arithmetic
+//   let tv1 = Fp.pow(n, c4);            //  1. tv1 = x^c4
+//   let tv2 = Fp.mul(c1, tv1);          //  2. tv2 = c1 * tv1
+//   const tv3 = Fp.mul(c2, tv1);        //  3. tv3 = c2 * tv1
+//   let tv4 = Fp.mul(c3, tv1);          //  4. tv4 = c3 * tv1
+//   const e1 = Fp.eql(Fp.sqr(tv2), n);  //  5.  e1 = (tv2^2) == x
+//   const e2 = Fp.eql(Fp.sqr(tv3), n);  //  6.  e2 = (tv3^2) == x
+//   tv1 = Fp.cmov(tv1, tv2, e1); //  7. tv1 = CMOV(tv1, tv2, e1)  # Select tv2 if (tv2^2) == x
+//   tv2 = Fp.cmov(tv4, tv3, e2); //  8. tv2 = CMOV(tv4, tv3, e2)  # Select tv3 if (tv3^2) == x
+//   const e3 = Fp.eql(Fp.sqr(tv2), n);  //  9.  e3 = (tv2^2) == x
+//   return Fp.cmov(tv1, tv2, e3); // 10.  z = CMOV(tv1, tv2, e3) # Select the sqrt from tv1 and tv2
+// }
 /**
  * Tonelli-Shanks square root search algorithm.
  * 1. https://eprint.iacr.org/2012/685.pdf (page 12)
@@ -109,131 +139,88 @@ function invert(number, modulo) {
  * @returns function that takes field Fp (created from P) and number n
  */
 function tonelliShanks(P) {
-    // Do expensive precomputation step
-    // Step 1: By factoring out powers of 2 from p - 1,
-    // find q and s such that p-1 == q*(2^s) with q odd
+    // Initialization (precomputation).
+    if (P < BigInt(3))
+        throw new Error('sqrt is not defined for small field');
+    // Factor P - 1 = Q * 2^S, where Q is odd
     let Q = P - _1n;
     let S = 0;
     while (Q % _2n === _0n) {
         Q /= _2n;
         S++;
     }
-    // Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq
+    // Find the first quadratic non-residue Z >= 2
     let Z = _2n;
     const _Fp = Field(P);
-    while (Z < P && FpIsSquare(_Fp, Z)) {
+    while (FpLegendre(_Fp, Z) === 1) {
+        // Basic primality test for P. After x iterations, chance of
+        // not finding quadratic non-residue is 2^x, so 2^1000.
         if (Z++ > 1000)
             throw new Error('Cannot find square root: probably non-prime P');
     }
-    // Fast-path
-    if (S === 1) {
-        const p1div4 = (P + _1n) / _4n;
-        return function tonelliFast(Fp, n) {
-            const root = Fp.pow(n, p1div4);
-            if (!Fp.eql(Fp.sqr(root), n))
-                throw new Error('Cannot find square root');
-            return root;
-        };
-    }
+    // Fast-path; usually done before Z, but we do "primality test".
+    if (S === 1)
+        return sqrt3mod4;
     // Slow-path
+    // TODO: test on Fp2 and others
+    let cc = _Fp.pow(Z, Q); // c = z^Q
     const Q1div2 = (Q + _1n) / _2n;
     return function tonelliSlow(Fp, n) {
-        // Step 0: Check that n is indeed a square: (n | p) should not be ≡ -1
-        if (!FpIsSquare(Fp, n))
+        if (Fp.is0(n))
+            return n;
+        // Check if n is a quadratic residue using Legendre symbol
+        if (FpLegendre(Fp, n) !== 1)
             throw new Error('Cannot find square root');
-        let r = S;
-        // TODO: test on Fp2 and others
-        let g = Fp.pow(Fp.mul(Fp.ONE, Z), Q); // will update both x and b
-        let x = Fp.pow(n, Q1div2); // first guess at the square root
-        let b = Fp.pow(n, Q); // first guess at the fudge factor
-        while (!Fp.eql(b, Fp.ONE)) {
-            // (4. If t = 0, return r = 0)
-            // https://en.wikipedia.org/wiki/Tonelli%E2%80%93Shanks_algorithm
-            if (Fp.eql(b, Fp.ZERO))
-                return Fp.ZERO;
-            // Find m such b^(2^m)==1
-            let m = 1;
-            for (let t2 = Fp.sqr(b); m < r; m++) {
-                if (Fp.eql(t2, Fp.ONE))
-                    break;
-                t2 = Fp.sqr(t2); // t2 *= t2
+        // Initialize variables for the main loop
+        let M = S;
+        let c = Fp.mul(Fp.ONE, cc); // c = z^Q, move cc from field _Fp into field Fp
+        let t = Fp.pow(n, Q); // t = n^Q, first guess at the fudge factor
+        let R = Fp.pow(n, Q1div2); // R = n^((Q+1)/2), first guess at the square root
+        // Main loop
+        // while t != 1
+        while (!Fp.eql(t, Fp.ONE)) {
+            if (Fp.is0(t))
+                return Fp.ZERO; // if t=0 return R=0
+            let i = 1;
+            // Find the smallest i >= 1 such that t^(2^i) ≡ 1 (mod P)
+            let t_tmp = Fp.sqr(t); // t^(2^1)
+            while (!Fp.eql(t_tmp, Fp.ONE)) {
+                i++;
+                t_tmp = Fp.sqr(t_tmp); // t^(2^2)...
+                if (i === M)
+                    throw new Error('Cannot find square root');
             }
-            // NOTE: r-m-1 can be bigger than 32, need to convert to bigint before shift,
-            // otherwise there will be overflow.
-            const ge = Fp.pow(g, _1n << BigInt(r - m - 1)); // ge = 2^(r-m-1)
-            g = Fp.sqr(ge); // g = ge * ge
-            x = Fp.mul(x, ge); // x *= ge
-            b = Fp.mul(b, g); // b *= g
-            r = m;
+            // Calculate the exponent for b: 2^(M - i - 1)
+            const exponent = _1n << BigInt(M - i - 1); // bigint is important
+            const b = Fp.pow(c, exponent); // b = 2^(M - i - 1)
+            // Update variables
+            M = i;
+            c = Fp.sqr(b); // c = b^2
+            t = Fp.mul(t, c); // t = (t * b^2)
+            R = Fp.mul(R, b); // R = R*b
         }
-        return x;
+        return R;
     };
 }
 /**
- * Square root for a finite field. It will try to check if optimizations are applicable and fall back to 4:
+ * Square root for a finite field. Will try optimized versions first:
  *
  * 1. P ≡ 3 (mod 4)
  * 2. P ≡ 5 (mod 8)
- * 3. P ≡ 9 (mod 16)
- * 4. Tonelli-Shanks algorithm
+ * 3. Tonelli-Shanks algorithm
  *
  * Different algorithms can give different roots, it is up to user to decide which one they want.
  * For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve).
  */
 function FpSqrt(P) {
-    // P ≡ 3 (mod 4)
-    // √n = n^((P+1)/4)
-    if (P % _4n === _3n) {
-        // Not all roots possible!
-        // const ORDER =
-        //   0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn;
-        // const NUM = 72057594037927816n;
-        return function sqrt3mod4(Fp, n) {
-            const p1div4 = (P + _1n) / _4n;
-            const root = Fp.pow(n, p1div4);
-            // Throw if root**2 != n
-            if (!Fp.eql(Fp.sqr(root), n))
-                throw new Error('Cannot find square root');
-            return root;
-        };
-    }
-    // Atkin algorithm for q ≡ 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10)
-    if (P % _8n === _5n) {
-        return function sqrt5mod8(Fp, n) {
-            const n2 = Fp.mul(n, _2n);
-            const c1 = (P - _5n) / _8n;
-            const v = Fp.pow(n2, c1);
-            const nv = Fp.mul(n, v);
-            const i = Fp.mul(Fp.mul(nv, _2n), v);
-            const root = Fp.mul(nv, Fp.sub(i, Fp.ONE));
-            if (!Fp.eql(Fp.sqr(root), n))
-                throw new Error('Cannot find square root');
-            return root;
-        };
-    }
-    // P ≡ 9 (mod 16)
-    if (P % _16n === _9n) {
-        // NOTE: tonelli is too slow for bls-Fp2 calculations even on start
-        // Means we cannot use sqrt for constants at all!
-        //
-        // const c1 = Fp.sqrt(Fp.negate(Fp.ONE)); //  1. c1 = sqrt(-1) in F, i.e., (c1^2) == -1 in F
-        // const c2 = Fp.sqrt(c1);                //  2. c2 = sqrt(c1) in F, i.e., (c2^2) == c1 in F
-        // const c3 = Fp.sqrt(Fp.negate(c1));     //  3. c3 = sqrt(-c1) in F, i.e., (c3^2) == -c1 in F
-        // const c4 = (P + _7n) / _16n;           //  4. c4 = (q + 7) / 16        # Integer arithmetic
-        // sqrt = (x) => {
-        //   let tv1 = Fp.pow(x, c4);             //  1. tv1 = x^c4
-        //   let tv2 = Fp.mul(c1, tv1);           //  2. tv2 = c1 * tv1
-        //   const tv3 = Fp.mul(c2, tv1);         //  3. tv3 = c2 * tv1
-        //   let tv4 = Fp.mul(c3, tv1);           //  4. tv4 = c3 * tv1
-        //   const e1 = Fp.equals(Fp.square(tv2), x); //  5.  e1 = (tv2^2) == x
-        //   const e2 = Fp.equals(Fp.square(tv3), x); //  6.  e2 = (tv3^2) == x
-        //   tv1 = Fp.cmov(tv1, tv2, e1); //  7. tv1 = CMOV(tv1, tv2, e1)  # Select tv2 if (tv2^2) == x
-        //   tv2 = Fp.cmov(tv4, tv3, e2); //  8. tv2 = CMOV(tv4, tv3, e2)  # Select tv3 if (tv3^2) == x
-        //   const e3 = Fp.equals(Fp.square(tv2), x); //  9.  e3 = (tv2^2) == x
-        //   return Fp.cmov(tv1, tv2, e3); //  10.  z = CMOV(tv1, tv2, e3)  # Select the sqrt from tv1 and tv2
-        // }
-    }
-    // Other cases: Tonelli-Shanks algorithm
+    // P ≡ 3 (mod 4) => √n = n^((P+1)/4)
+    if (P % _4n === _3n)
+        return sqrt3mod4;
+    // P ≡ 5 (mod 8) => Atkin algorithm, page 10 of https://eprint.iacr.org/2012/685.pdf
+    if (P % _8n === _5n)
+        return sqrt5mod8;
+    // P ≡ 9 (mod 16) not implemented, see above
+    // Tonelli-Shanks algorithm
     return tonelliShanks(P);
 }
 // Little-endian check for first LE bit (last BE bit);
@@ -270,7 +257,6 @@ function FpPow(Fp, num, power) {
         return Fp.ONE;
     if (power === _1n)
         return num;
-    // @ts-ignore
     let p = Fp.ONE;
     let d = num;
     while (power > _0n) {
@@ -313,26 +299,28 @@ function FpDiv(Fp, lhs, rhs) {
 /**
  * Legendre symbol.
  * Legendre constant is used to calculate Legendre symbol (a | p)
- * which denotes the value of a^((p-1)/2) (mod p)..
+ * which denotes the value of a^((p-1)/2) (mod p).
  *
  * * (a | p) ≡ 1    if a is a square (mod p), quadratic residue
  * * (a | p) ≡ -1   if a is not a square (mod p), quadratic non residue
  * * (a | p) ≡ 0    if a ≡ 0 (mod p)
  */
 function FpLegendre(Fp, n) {
-    const legc = (Fp.ORDER - _1n) / _2n;
-    const powered = Fp.pow(n, legc);
+    // We can use 3rd argument as optional cache of this value
+    // but seems unneeded for now. The operation is very fast.
+    const p1mod2 = (Fp.ORDER - _1n) / _2n;
+    const powered = Fp.pow(n, p1mod2);
     const yes = Fp.eql(powered, Fp.ONE);
     const zero = Fp.eql(powered, Fp.ZERO);
     const no = Fp.eql(powered, Fp.neg(Fp.ONE));
     if (!yes && !zero && !no)
-        throw new Error('Cannot find square root: probably non-prime P');
+        throw new Error('invalid Legendre symbol result');
     return yes ? 1 : zero ? 0 : -1;
 }
 // This function returns True whenever the value x is a square in the field F.
 function FpIsSquare(Fp, n) {
     const l = FpLegendre(Fp, n);
-    return l === 0 || l === 1;
+    return l === 1;
 }
 // CURVE.n lengths
 function nLength(n, nBitLength) {

package/abstract/modular.js.map

@@ -1 +1 @@
-{"version":3,"file":"modular.js","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":";;;AA0BA,kBAGC;AAQD,kBAWC;AAGD,oBAOC;AAMD,wBAoBC;AASD,sCA0DC;AAaD,wBAuDC;AAuDD,sCAYC;AAQD,sBAaC;AAOD,sCAiBC;AAGD,sBAEC;AAWD,gCAQC;AAGD,gCAGC;AAGD,0BAYC;AAkBD,sBA8DC;AAED,8BAIC;AAED,gCAIC;AAQD,kDAcC;AAQD,kDAIC;AASD,4CAGC;AAeD,wCAWC;AA5hBD;;;;;GAKG;AACH,sEAAsE;AACtE,+CAA8C;AAC9C,yCAQoB;AAEpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACzG,kBAAkB;AAClB,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACxG,kBAAkB;AAClB,MAAM,GAAG,GAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAExE,wBAAwB;AACxB,SAAgB,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AACD;;;;;;GAMG;AACH,SAAgB,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC5E,IAAI,MAAM,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACtD,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC/B,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,EAAE,CAAC;QACnB,IAAI,KAAK,GAAG,GAAG;YAAE,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC5C,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC;QAC3B,KAAK,KAAK,GAAG,CAAC;IAChB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,4DAA4D;AAC5D,SAAgB,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE,CAAC;QACrB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAgB,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACxE,IAAI,MAAM,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,GAAG,MAAM,CAAC,CAAC;IACvF,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;QACjB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,CAAS;IACrC,mCAAmC;IACnC,mDAAmD;IACnD,mDAAmD;IACnD,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IAChB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC;QACvB,CAAC,IAAI,GAAG,CAAC;QACT,CAAC,EAAE,CAAC;IACN,CAAC;IAED,sEAAsE;IACtE,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC;QACnC,IAAI,CAAC,EAAE,GAAG,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnF,CAAC;IAED,YAAY;IACZ,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;YAChD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IACD,YAAY;IACZ,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,sEAAsE;QACtE,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACnE,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,+BAA+B;QAC/B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2BAA2B;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,iCAAiC;QAC5D,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,kCAAkC;QAExD,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,8BAA8B;YAC9B,iEAAiE;YACjE,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC;YACvC,yBAAyB;YACzB,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,KAAK,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;oBAAE,MAAM;gBAC9B,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;YAC9B,CAAC;YACD,6EAA6E;YAC7E,oCAAoC;YACpC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACjE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;YAC9B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC7B,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC3B,CAAC,GAAG,CAAC,CAAC;QACR,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAgB,MAAM,CAAC,CAAS;IAC9B,gBAAgB;IAChB,mBAAmB;IACnB,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC;QACpB,0BAA0B;QAC1B,gBAAgB;QAChB,yGAAyG;QACzG,kCAAkC;QAClC,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;YAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC/B,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IAED,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC;QACpB,OAAO,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;YAC9C,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;YAC3B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACzB,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;IACJ,CAAC;IAED,iBAAiB;IACjB,IAAI,CAAC,GAAG,IAAI,KAAK,GAAG,EAAE,CAAC;QACrB,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,4FAA4F;QAC5F,4FAA4F;QAC5F,8FAA8F;QAC9F,8FAA8F;QAC9F,kBAAkB;QAClB,2DAA2D;QAC3D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,uEAAuE;QACvE,uEAAuE;QACvE,+FAA+F;QAC/F,+FAA+F;QAC/F,uEAAuE;QACvE,sGAAsG;QACtG,IAAI;IACN,CAAC;IACD,wCAAwC;IACxC,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,sDAAsD;AAC/C,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAW,EAAE,CACnE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AADtB,QAAA,YAAY,gBACU;AA6CnC,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,SAAgB,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,IAAA,yBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,0BAA0B;AAE1B;;;GAGG;AACH,SAAgB,KAAK,CAAI,EAAa,EAAE,GAAM,EAAE,KAAa;IAC3D,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC5E,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC,GAAG,CAAC;IACjC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,aAAa;IACb,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACf,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE,CAAC;QACnB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACd,KAAK,KAAK,GAAG,CAAC;IAChB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAI,EAAa,EAAE,IAAS,EAAE,QAAQ,GAAG,KAAK;IACzE,MAAM,QAAQ,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAC7E,6DAA6D;IAC7D,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAChD,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC5B,QAAQ,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QAClB,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1B,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IACX,sBAAsB;IACtB,MAAM,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC1C,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC5B,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1B,CAAC,EAAE,WAAW,CAAC,CAAC;IAChB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,eAAe;AACf,SAAgB,KAAK,CAAI,EAAa,EAAE,GAAM,EAAE,GAAe;IAC7D,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACpF,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,UAAU,CAAI,EAAa,EAAE,CAAI;IAC/C,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACpC,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3C,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IAC3F,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,SAAgB,UAAU,CAAI,EAAa,EAAE,CAAI;IAC/C,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,kBAAkB;AAClB,SAAgB,OAAO,CACrB,CAAS,EACT,UAAmB;IAKnB,iCAAiC;IACjC,IAAI,UAAU,KAAK,SAAS;QAAE,IAAA,eAAO,EAAC,UAAU,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AAGD;;;;;;;;;;;;;;GAcG;AACH,SAAgB,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,GAAG,KAAK,CAAC,CAAC;IACrF,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpF,IAAI,KAAgC,CAAC,CAAC,eAAe;IACrD,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,OAAO,GAAG,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EACF,KAAK,CAAC,IAAI;YACV,CAAC,CAAC,CAAC,EAAE,EAAE;gBACL,IAAI,CAAC,KAAK;oBAAE,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClC,OAAO,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC;QACJ,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,KAAK,GAAG,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACxF,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;QAChE,CAAC;QACD,uDAAuD;QACvD,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,wDAAwD;QACxD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpB,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,SAAgB,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CACb,gCAAgC,GAAG,MAAM,GAAG,4BAA4B,GAAG,OAAO,CACnF,CAAC;IACJ,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,UAAkB;IACpD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAClF,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;AAClC,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,UAAkB;IACjD,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC/C,OAAO,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,cAAc,CAAC,GAAe,EAAE,UAAkB,EAAE,IAAI,GAAG,KAAK;IAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,iGAAiG;IACjG,IAAI,GAAG,GAAG,EAAE,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,GAAG,IAAI;QACxC,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,MAAM,GAAG,4BAA4B,GAAG,GAAG,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAC/D,+EAA+E;IAC/E,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACjD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACxF,CAAC"}
+{"version":3,"file":"modular.js","sourceRoot":"","sources":["../src/abstract/modular.ts"],"names":[],"mappings":";;;AAwBA,kBAGC;AAQD,kBAEC;AAGD,oBAOC;AAMD,wBAoBC;AAuDD,sCA+DC;AAYD,wBAQC;AAsDD,sCAYC;AAQD,sBAYC;AAOD,sCAiBC;AAGD,sBAEC;AAWD,gCAUC;AAGD,gCAGC;AAGD,0BAYC;AAkBD,sBA8DC;AAED,8BAIC;AAED,gCAIC;AAQD,kDAcC;AAQD,kDAIC;AASD,4CAGC;AAeD,wCAWC;AAphBD;;;;;GAKG;AACH,sEAAsE;AACtE,+CAA8C;AAC9C,yCAQoB;AAEpB,kBAAkB;AAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACzG,kBAAkB;AAClB,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAExG,wBAAwB;AACxB,SAAgB,GAAG,CAAC,CAAS,EAAE,CAAS;IACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;AAC7C,CAAC;AACD;;;;;;GAMG;AACH,SAAgB,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,MAAc;IAC5D,OAAO,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;AAC1C,CAAC;AAED,4DAA4D;AAC5D,SAAgB,IAAI,CAAC,CAAS,EAAE,KAAa,EAAE,MAAc;IAC3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,OAAO,KAAK,EAAE,GAAG,GAAG,EAAE,CAAC;QACrB,GAAG,IAAI,GAAG,CAAC;QACX,GAAG,IAAI,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAgB,MAAM,CAAC,MAAc,EAAE,MAAc;IACnD,IAAI,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACxE,IAAI,MAAM,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,GAAG,MAAM,CAAC,CAAC;IACvF,kFAAkF;IAClF,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,kBAAkB;IAClB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC;IACvC,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;QACjB,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,kBAAkB;QAClB,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,GAAG,GAAG,CAAC,CAAC;IACd,IAAI,GAAG,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACxB,CAAC;AAED,wDAAwD;AACxD,cAAc;AACd,0BAA0B;AAC1B,4HAA4H;AAC5H,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;IACvC,MAAM,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACtC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAC/B,uBAAuB;IACvB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,SAAS,CAAI,EAAa,EAAE,CAAI;IACvC,MAAM,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACtC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC1B,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACxB,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,qDAAqD;AACrD,gDAAgD;AAChD,8EAA8E;AAC9E,2CAA2C;AAC3C,qBAAqB;AACrB,kEAAkE;AAClE,wEAAwE;AACxE,2FAA2F;AAC3F,2FAA2F;AAC3F,6FAA6F;AAC7F,6FAA6F;AAC7F,0DAA0D;AAC1D,8DAA8D;AAC9D,8DAA8D;AAC9D,8DAA8D;AAC9D,kEAAkE;AAClE,kEAAkE;AAClE,+FAA+F;AAC/F,+FAA+F;AAC/F,kEAAkE;AAClE,oGAAoG;AACpG,IAAI;AAEJ;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,CAAS;IACrC,mCAAmC;IACnC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IAC1E,yCAAyC;IACzC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IAChB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC;QACvB,CAAC,IAAI,GAAG,CAAC;QACT,CAAC,EAAE,CAAC;IACN,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACrB,OAAO,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;QAChC,4DAA4D;QAC5D,uDAAuD;QACvD,IAAI,CAAC,EAAE,GAAG,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnF,CAAC;IACD,gEAAgE;IAChE,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAE9B,YAAY;IACZ,+BAA+B;IAC/B,IAAI,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU;IAClC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IAC/B,OAAO,SAAS,WAAW,CAAI,EAAa,EAAE,CAAI;QAChD,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,OAAO,CAAC,CAAC;QACxB,0DAA0D;QAC1D,IAAI,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAExE,yCAAyC;QACzC,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,gDAAgD;QAC5E,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,2CAA2C;QACjE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,kDAAkD;QAE7E,YAAY;QACZ,eAAe;QACf,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,oBAAoB;YACnD,IAAI,CAAC,GAAG,CAAC,CAAC;YAEV,yDAAyD;YACzD,IAAI,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU;YACjC,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,CAAC,EAAE,CAAC;gBACJ,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,aAAa;gBACpC,IAAI,CAAC,KAAK,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAC1D,CAAC;YAED,8CAA8C;YAC9C,MAAM,QAAQ,GAAG,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,sBAAsB;YACjE,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,oBAAoB;YAEnD,mBAAmB;YACnB,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU;YACzB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAClC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU;QAC9B,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,MAAM,CAAC,CAAS;IAC9B,oCAAoC;IACpC,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,OAAO,SAAS,CAAC;IACtC,oFAAoF;IACpF,IAAI,CAAC,GAAG,GAAG,KAAK,GAAG;QAAE,OAAO,SAAS,CAAC;IACtC,4CAA4C;IAC5C,2BAA2B;IAC3B,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,sDAAsD;AAC/C,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,MAAc,EAAW,EAAE,CACnE,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AADtB,QAAA,YAAY,gBACU;AA4CnC,kBAAkB;AAClB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;IACvD,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IACxC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CACtB,CAAC;AACX,SAAgB,aAAa,CAAI,KAAgB;IAC/C,MAAM,OAAO,GAAG;QACd,KAAK,EAAE,QAAQ;QACf,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,eAAe;QACtB,IAAI,EAAE,eAAe;KACI,CAAC;IAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAW,EAAE,EAAE;QACpD,GAAG,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QACtB,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,OAAO,CAAC,CAAC;IACZ,OAAO,IAAA,yBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,0BAA0B;AAE1B;;;GAGG;AACH,SAAgB,KAAK,CAAI,EAAa,EAAE,GAAM,EAAE,KAAa;IAC3D,IAAI,KAAK,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC5E,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC,GAAG,CAAC;IACjC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,GAAG,CAAC;IAC9B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC;IACf,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,OAAO,KAAK,GAAG,GAAG,EAAE,CAAC;QACnB,IAAI,KAAK,GAAG,GAAG;YAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACd,KAAK,KAAK,GAAG,CAAC;IAChB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAI,EAAa,EAAE,IAAS,EAAE,QAAQ,GAAG,KAAK;IACzE,MAAM,QAAQ,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAC7E,6DAA6D;IAC7D,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAChD,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC5B,QAAQ,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;QAClB,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1B,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IACX,sBAAsB;IACtB,MAAM,WAAW,GAAG,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC1C,sEAAsE;IACtE,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAC5B,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC1B,CAAC,EAAE,WAAW,CAAC,CAAC;IAChB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,eAAe;AACf,SAAgB,KAAK,CAAI,EAAa,EAAE,GAAM,EAAE,GAAe;IAC7D,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACpF,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,UAAU,CAAI,EAAa,EAAE,CAAI;IAC/C,0DAA0D;IAC1D,0DAA0D;IAC1D,MAAM,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACtC,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAClC,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3C,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IAC5E,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,SAAgB,UAAU,CAAI,EAAa,EAAE,CAAI;IAC/C,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,KAAK,CAAC,CAAC;AACjB,CAAC;AAED,kBAAkB;AAClB,SAAgB,OAAO,CACrB,CAAS,EACT,UAAmB;IAKnB,iCAAiC;IACjC,IAAI,UAAU,KAAK,SAAS;QAAE,IAAA,eAAO,EAAC,UAAU,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAClD,CAAC;AAGD;;;;;;;;;;;;;;GAcG;AACH,SAAgB,KAAK,CACnB,KAAa,EACb,MAAe,EACf,IAAI,GAAG,KAAK,EACZ,QAAiC,EAAE;IAEnC,IAAI,KAAK,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,GAAG,KAAK,CAAC,CAAC;IACrF,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,IAAI,KAAK,GAAG,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpF,IAAI,KAAgC,CAAC,CAAC,eAAe;IACrD,MAAM,CAAC,GAAsB,MAAM,CAAC,MAAM,CAAC;QACzC,KAAK;QACL,IAAI;QACJ,IAAI;QACJ,KAAK;QACL,IAAI,EAAE,IAAA,kBAAO,EAAC,IAAI,CAAC;QACnB,IAAI,EAAE,GAAG;QACT,GAAG,EAAE,GAAG;QACR,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACf,IAAI,OAAO,GAAG,KAAK,QAAQ;gBACzB,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,OAAO,GAAG,CAAC,CAAC;YAC/E,OAAO,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,8CAA8C;QAClF,CAAC;QACD,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QACzB,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC;QAC9B,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG;QAE9B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACnC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,KAAK,CAAC;QACxC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC;QACzC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC;QAEvD,uCAAuC;QACvC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QACxB,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAC7B,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG;QAE7B,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC;QAChC,IAAI,EACF,KAAK,CAAC,IAAI;YACV,CAAC,CAAC,CAAC,EAAE,EAAE;gBACL,IAAI,CAAC,KAAK;oBAAE,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClC,OAAO,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC;QACJ,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACpF,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;YACnB,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK;gBACxB,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,KAAK,GAAG,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACxF,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;QAChE,CAAC;QACD,uDAAuD;QACvD,WAAW,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC;QAC3C,wDAAwD;QACxD,4CAA4C;QAC5C,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACpB,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,SAAS,CAAI,EAAa,EAAE,GAAM;IAChD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,SAAgB,UAAU,CAAI,EAAa,EAAE,GAAM;IACjD,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,IAAyB,EACzB,UAAkB,EAClB,IAAI,GAAG,KAAK;IAEZ,IAAI,GAAG,IAAA,sBAAW,EAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC;IAC5B,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IACnD,IAAI,MAAM,GAAG,EAAE,IAAI,OAAO,GAAG,MAAM,IAAI,OAAO,GAAG,IAAI;QACnD,MAAM,IAAI,KAAK,CACb,gCAAgC,GAAG,MAAM,GAAG,4BAA4B,GAAG,OAAO,CACnF,CAAC;IACJ,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC;IACjE,OAAO,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,UAAkB;IACpD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAClF,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;AAClC,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,UAAkB;IACjD,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC/C,OAAO,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,cAAc,CAAC,GAAe,EAAE,UAAkB,EAAE,IAAI,GAAG,KAAK;IAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,iGAAiG;IACjG,IAAI,GAAG,GAAG,EAAE,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,GAAG,IAAI;QACxC,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,MAAM,GAAG,4BAA4B,GAAG,GAAG,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAC/D,+EAA+E;IAC/E,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACjD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAA,0BAAe,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACxF,CAAC"}

package/abstract/montgomery.d.ts

@@ -1,15 +1,10 @@
 type Hex = string | Uint8Array;
 export type CurveType = {
     P: bigint;
-    nByteLength: number;
-    adjustScalarBytes?: (bytes: Uint8Array) => Uint8Array;
-    domain?: (data: Uint8Array, ctx: Uint8Array, phflag: boolean) => Uint8Array;
-    a: bigint;
-    montgomeryBits: number;
-    powPminus2?: (x: bigint) => bigint;
-    xyToU?: (x: bigint, y: bigint) => bigint;
-    Gu: bigint;
-    randomBytes?: (bytesLength?: number) => Uint8Array;
+    type: 'x25519' | 'x448';
+    adjustScalarBytes: (bytes: Uint8Array) => Uint8Array;
+    powPminus2: (x: bigint) => bigint;
+    randomBytes: (bytesLength?: number) => Uint8Array;
 };
 export type CurveFn = {
     scalarMult: (scalar: Hex, u: Hex) => Uint8Array;

package/abstract/montgomery.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"montgomery.d.ts","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":"AAkBA,KAAK,GAAG,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/B,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,EAAE,MAAM,CAAC;IACV,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,KAAK,UAAU,CAAC;IAC5E,CAAC,EAAE,MAAM,CAAC;IACV,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACnC,KAAK,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACpD,CAAC;AAEF,MAAM,MAAM,OAAO,GAAG;IACpB,UAAU,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,KAAK,UAAU,CAAC;IAChD,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,KAAK,UAAU,CAAC;IAC5C,eAAe,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IACnE,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,KAAK,EAAE;QAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;KAAE,CAAC;IAC9C,OAAO,EAAE,UAAU,CAAC;CACrB,CAAC;AAsBF,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CAsIvD"}
+{"version":3,"file":"montgomery.d.ts","sourceRoot":"","sources":["../src/abstract/montgomery.ts"],"names":[],"mappings":"AAmBA,KAAK,GAAG,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/B,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,EAAE,MAAM,CAAC;IACV,IAAI,EAAE,QAAQ,GAAG,MAAM,CAAC;IACxB,iBAAiB,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,UAAU,CAAC;IACrD,UAAU,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,OAAO,GAAG;IACpB,UAAU,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,KAAK,UAAU,CAAC;IAChD,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,KAAK,UAAU,CAAC;IAC5C,eAAe,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IACnE,YAAY,EAAE,CAAC,UAAU,EAAE,GAAG,KAAK,UAAU,CAAC;IAC9C,KAAK,EAAE;QAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;KAAE,CAAC;IAC9C,OAAO,EAAE,UAAU,CAAC;CACrB,CAAC;AAUF,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CAsHvD"}

package/abstract/montgomery.js

@@ -12,61 +12,88 @@ const modular_ts_1 = require("./modular.js");
 const utils_ts_1 = require("./utils.js");
 const _0n = BigInt(0);
 const _1n = BigInt(1);
+const _2n = BigInt(2);
 function validateOpts(curve) {
     (0, utils_ts_1.validateObject)(curve, {
-        a: 'bigint',
-    }, {
-        montgomeryBits: 'isSafeInteger',
-        nByteLength: 'isSafeInteger',
         adjustScalarBytes: 'function',
-        domain: 'function',
         powPminus2: 'function',
-        Gu: 'bigint',
     });
-    // Set defaults
     return Object.freeze({ ...curve });
 }
-// Uses only one coordinate instead of two
 function montgomery(curveDef) {
     const CURVE = validateOpts(curveDef);
-    const { P } = CURVE;
-    const Fp = (0, modular_ts_1.Field)(P);
+    const { P, type, adjustScalarBytes, powPminus2 } = CURVE;
+    const is25519 = type === 'x25519';
+    if (!is25519 && type !== 'x448')
+        throw new Error('invalid type');
+    const montgomeryBits = is25519 ? 255 : 448;
+    const fieldLen = is25519 ? 32 : 56;
+    const Gu = is25519 ? BigInt(9) : BigInt(5);
+    // RFC 7748 #5:
+    // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519 and
+    // (156326 - 2) / 4 = 39081 for curve448/X448
+    // const a = is25519 ? 156326n : 486662n;
+    const a24 = is25519 ? BigInt(121665) : BigInt(39081);
+    // RFC: x25519 "the resulting integer is of the form 2^254 plus
+    // eight times a value between 0 and 2^251 - 1 (inclusive)"
+    // x448: "2^447 plus four times a value between 0 and 2^445 - 1 (inclusive)"
+    const minScalar = is25519 ? _2n ** BigInt(254) : _2n ** BigInt(447);
+    const maxAdded = is25519
+        ? BigInt(8) * _2n ** BigInt(251) - _1n
+        : BigInt(4) * _2n ** BigInt(445) - _1n;
+    const maxScalar = minScalar + maxAdded + _1n; // (inclusive)
     const modP = (n) => (0, modular_ts_1.mod)(n, P);
-    const montgomeryBits = CURVE.montgomeryBits;
-    const montgomeryBytes = Math.ceil(montgomeryBits / 8);
-    const fieldLen = CURVE.nByteLength;
-    const adjustScalarBytes = CURVE.adjustScalarBytes || ((bytes) => bytes);
-    const powPminus2 = CURVE.powPminus2 || ((x) => Fp.pow(x, P - BigInt(2)));
-    // cswap from RFC7748. But it is not from RFC7748!
-    /*
-      cswap(swap, x_2, x_3):
-           dummy = mask(swap) AND (x_2 XOR x_3)
-           x_2 = x_2 XOR dummy
-           x_3 = x_3 XOR dummy
-           Return (x_2, x_3)
-    Where mask(swap) is the all-1 or all-0 word of the same length as x_2
-     and x_3, computed, e.g., as mask(swap) = 0 - swap.
-    */
+    const GuBytes = encodeU(Gu);
+    function encodeU(u) {
+        return (0, utils_ts_1.numberToBytesLE)(modP(u), fieldLen);
+    }
+    function decodeU(u) {
+        const _u = (0, utils_ts_1.ensureBytes)('u coordinate', u, fieldLen);
+        // RFC: When receiving such an array, implementations of X25519
+        // (but not X448) MUST mask the most significant bit in the final byte.
+        if (is25519)
+            _u[31] &= 127; // 0b0111_1111
+        // RFC: Implementations MUST accept non-canonical values and process them as
+        // if they had been reduced modulo the field prime.  The non-canonical
+        // values are 2^255 - 19 through 2^255 - 1 for X25519 and 2^448 - 2^224
+        // - 1 through 2^448 - 1 for X448.
+        return modP((0, utils_ts_1.bytesToNumberLE)(_u));
+    }
+    function decodeScalar(scalar) {
+        return (0, utils_ts_1.bytesToNumberLE)(adjustScalarBytes((0, utils_ts_1.ensureBytes)('scalar', scalar, fieldLen)));
+    }
+    function scalarMult(scalar, u) {
+        const pu = montgomeryLadder(decodeU(u), decodeScalar(scalar));
+        // Some public keys are useless, of low-order. Curve author doesn't think
+        // it needs to be validated, but we do it nonetheless.
+        // https://cr.yp.to/ecdh.html#validate
+        if (pu === _0n)
+            throw new Error('invalid private or public key received');
+        return encodeU(pu);
+    }
+    // Computes public key from private. By doing scalar multiplication of base point.
+    function scalarMultBase(scalar) {
+        return scalarMult(scalar, GuBytes);
+    }
+    // cswap from RFC7748 "example code"
     function cswap(swap, x_2, x_3) {
+        // dummy = mask(swap) AND (x_2 XOR x_3)
+        // Where mask(swap) is the all-1 or all-0 word of the same length as x_2
+        // and x_3, computed, e.g., as mask(swap) = 0 - swap.
         const dummy = modP(swap * (x_2 - x_3));
-        x_2 = modP(x_2 - dummy);
-        x_3 = modP(x_3 + dummy);
-        return [x_2, x_3];
+        x_2 = modP(x_2 - dummy); // x_2 = x_2 XOR dummy
+        x_3 = modP(x_3 + dummy); // x_3 = x_3 XOR dummy
+        return { x_2, x_3 };
     }
-    // x25519 from 4
-    // The constant a24 is (486662 - 2) / 4 = 121665 for curve25519/X25519
-    const a24 = (CURVE.a - BigInt(2)) / BigInt(4);
     /**
-     *
+     * Montgomery x-only multiplication ladder.
      * @param pointU u coordinate (x) on Montgomery Curve 25519
      * @param scalar by which the point would be multiplied
      * @returns new Point on Montgomery curve
      */
     function montgomeryLadder(u, scalar) {
         (0, utils_ts_1.aInRange)('u', u, _0n, P);
-        (0, utils_ts_1.aInRange)('scalar', scalar, _0n, P);
-        // Section 5: Implementations MUST accept non-canonical values and process them as
-        // if they had been reduced modulo the field prime.
+        (0, utils_ts_1.aInRange)('scalar', scalar, minScalar, maxScalar);
         const k = scalar;
         const x_1 = u;
         let x_2 = _1n;
@@ -74,16 +101,11 @@ function montgomery(curveDef) {
         let x_3 = u;
         let z_3 = _1n;
         let swap = _0n;
-        let sw;
         for (let t = BigInt(montgomeryBits - 1); t >= _0n; t--) {
             const k_t = (k >> t) & _1n;
             swap ^= k_t;
-            sw = cswap(swap, x_2, x_3);
-            x_2 = sw[0];
-            x_3 = sw[1];
-            sw = cswap(swap, z_2, z_3);
-            z_2 = sw[0];
-            z_3 = sw[1];
+            ({ x_2, x_3 } = cswap(swap, x_2, x_3));
+            ({ x_2: z_2, x_3: z_3 } = cswap(swap, z_2, z_3));
             swap = k_t;
             const A = x_2 + z_2;
             const AA = modP(A * A);
@@ -101,61 +123,18 @@ function montgomery(curveDef) {
             x_2 = modP(AA * BB);
             z_2 = modP(E * (AA + modP(a24 * E)));
         }
-        // (x_2, x_3) = cswap(swap, x_2, x_3)
-        sw = cswap(swap, x_2, x_3);
-        x_2 = sw[0];
-        x_3 = sw[1];
-        // (z_2, z_3) = cswap(swap, z_2, z_3)
-        sw = cswap(swap, z_2, z_3);
-        z_2 = sw[0];
-        z_3 = sw[1];
-        // z_2^(p - 2)
-        const z2 = powPminus2(z_2);
-        // Return x_2 * (z_2^(p - 2))
-        return modP(x_2 * z2);
-    }
-    function encodeUCoordinate(u) {
-        return (0, utils_ts_1.numberToBytesLE)(modP(u), montgomeryBytes);
-    }
-    function decodeUCoordinate(uEnc) {
-        // Section 5: When receiving such an array, implementations of X25519
-        // MUST mask the most significant bit in the final byte.
-        const u = (0, utils_ts_1.ensureBytes)('u coordinate', uEnc, montgomeryBytes);
-        if (fieldLen === 32)
-            u[31] &= 127; // 0b0111_1111
-        return (0, utils_ts_1.bytesToNumberLE)(u);
-    }
-    function decodeScalar(n) {
-        const bytes = (0, utils_ts_1.ensureBytes)('scalar', n);
-        const len = bytes.length;
-        if (len !== montgomeryBytes && len !== fieldLen) {
-            let valid = '' + montgomeryBytes + ' or ' + fieldLen;
-            throw new Error('invalid scalar, expected ' + valid + ' bytes, got ' + len);
-        }
-        return (0, utils_ts_1.bytesToNumberLE)(adjustScalarBytes(bytes));
-    }
-    function scalarMult(scalar, u) {
-        const pointU = decodeUCoordinate(u);
-        const _scalar = decodeScalar(scalar);
-        const pu = montgomeryLadder(pointU, _scalar);
-        // The result was not contributory
-        // https://cr.yp.to/ecdh.html#validate
-        if (pu === _0n)
-            throw new Error('invalid private or public key received');
-        return encodeUCoordinate(pu);
-    }
-    // Computes public key from private. By doing scalar multiplication of base point.
-    const GuBytes = encodeUCoordinate(CURVE.Gu);
-    function scalarMultBase(scalar) {
-        return scalarMult(scalar, GuBytes);
+        ({ x_2, x_3 } = cswap(swap, x_2, x_3));
+        ({ x_2: z_2, x_3: z_3 } = cswap(swap, z_2, z_3));
+        const z2 = powPminus2(z_2); // `Fp.pow(x, P - _2n)` is much slower equivalent
+        return modP(x_2 * z2); // Return x_2 * (z_2^(p - 2))
     }
     return {
         scalarMult,
         scalarMultBase,
         getSharedSecret: (privateKey, publicKey) => scalarMult(privateKey, publicKey),
         getPublicKey: (privateKey) => scalarMultBase(privateKey),
-        utils: { randomPrivateKey: () => CURVE.randomBytes(CURVE.nByteLength) },
-        GuBytes: GuBytes,
+        utils: { randomPrivateKey: () => CURVE.randomBytes(fieldLen) },
+        GuBytes: GuBytes.slice(),
     };
 }
 //# sourceMappingURL=montgomery.js.map