npm - @nokinc-flur/sdk - Versions diffs - 2.2.0 → 2.4.0 - Mend

@nokinc-flur/sdk 2.2.0 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -2891,7 +2891,78 @@ declare function createAccountsClient(opts: AccountsClientOptions): AccountsClie
  * Schemas mirror `flur-backend/src/offline-consumer/types.ts`.
  */
+/**
+ * Hard upper bound on an account-funded OAC's validity window (24h). The OAC
+ * is a *rolling* 24h credential: a device that comes online at any point
+ * proactively reissues a fresh 24h window, while a device that stays offline
+ * beyond 24h loses spend authority (short TTL is the revocation-propagation
+ * mechanism). The offline verifier rejects any window longer than this.
+ */
 declare const ACCOUNT_FUNDED_OAC_MAX_TTL_MS: number;
+/**
+ * Pinned issuer trust-bundle entry returned by `GET /v1/issuer/keys`. Devices
+ * pin these public keys and verify unified OACs OFFLINE against them — never
+ * against the key embedded in the credential. The shape is a superset of
+ * `TrustedIssuerKey` so it can be passed straight to `verifyOacOffline`.
+ */
+declare const IssuerTrustKeySchema: z.ZodObject<{
+    issuerId: z.ZodString;
+    alg: z.ZodLiteral<"p256">;
+    publicKeySpkiB64: z.ZodString;
+    notBeforeMs: z.ZodOptional<z.ZodNumber>;
+    notAfterMs: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    issuerId: string;
+    alg: "p256";
+    publicKeySpkiB64: string;
+    notBeforeMs?: number | undefined;
+    notAfterMs?: number | undefined;
+}, {
+    issuerId: string;
+    alg: "p256";
+    publicKeySpkiB64: string;
+    notBeforeMs?: number | undefined;
+    notAfterMs?: number | undefined;
+}>;
+type IssuerTrustKey = z.infer<typeof IssuerTrustKeySchema>;
+declare const IssuerTrustBundleSchema: z.ZodObject<{
+    keys: z.ZodArray<z.ZodObject<{
+        issuerId: z.ZodString;
+        alg: z.ZodLiteral<"p256">;
+        publicKeySpkiB64: z.ZodString;
+        notBeforeMs: z.ZodOptional<z.ZodNumber>;
+        notAfterMs: z.ZodOptional<z.ZodNumber>;
+    }, "strip", z.ZodTypeAny, {
+        issuerId: string;
+        alg: "p256";
+        publicKeySpkiB64: string;
+        notBeforeMs?: number | undefined;
+        notAfterMs?: number | undefined;
+    }, {
+        issuerId: string;
+        alg: "p256";
+        publicKeySpkiB64: string;
+        notBeforeMs?: number | undefined;
+        notAfterMs?: number | undefined;
+    }>, "many">;
+}, "strip", z.ZodTypeAny, {
+    keys: {
+        issuerId: string;
+        alg: "p256";
+        publicKeySpkiB64: string;
+        notBeforeMs?: number | undefined;
+        notAfterMs?: number | undefined;
+    }[];
+}, {
+    keys: {
+        issuerId: string;
+        alg: "p256";
+        publicKeySpkiB64: string;
+        notBeforeMs?: number | undefined;
+        notAfterMs?: number | undefined;
+    }[];
+}>;
+type IssuerTrustBundle = z.infer<typeof IssuerTrustBundleSchema>;
 /**
  * Counterparty claim-submission grace after `oac.validUntilMs`. Claims
  * signed while the OAC was valid may still be relayed within this window
@@ -2969,9 +3040,9 @@ declare const DeviceKeyRecordSchema: z.ZodObject<{
     id: string;
     createdAtMs: number;
     revokedAtMs: number | null;
+    alg: "p256";
     publicKeySpkiB64: string | null;
     securityLevel: "STRONGBOX" | "TEE" | "SECURE_ENCLAVE" | "SOFTWARE" | null;
-    alg: "p256";
     hardwareBacked: boolean;
     attestedAtMs: number | null;
 }, {
@@ -2980,9 +3051,9 @@ declare const DeviceKeyRecordSchema: z.ZodObject<{
     id: string;
     createdAtMs: number;
     revokedAtMs: number | null;
+    alg?: "p256" | undefined;
     publicKeySpkiB64?: string | null | undefined;
     securityLevel?: "STRONGBOX" | "TEE" | "SECURE_ENCLAVE" | "SOFTWARE" | null | undefined;
-    alg?: "p256" | undefined;
     hardwareBacked?: boolean | undefined;
     attestedAtMs?: number | null | undefined;
 }>;
@@ -3001,6 +3072,13 @@ declare const ConsumerOACSchema: z.ZodObject<{
     alg: z.ZodLiteral<"p256">;
     /** P-256 SubjectPublicKeyInfo DER, base64. */
     devicePubkeySpkiB64: z.ZodString;
+    /**
+     * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+     * denotes an identity-only OAC: the credential proves who the holder is and
+     * binds their device key for offline-verifiable first contact, but carries
+     * no offline spend authority (every claim against it routes to REVIEW).
+     * Issued to zero-balance wallets so they can still be paid offline.
+     */
     perTxCapKobo: z.ZodNumber;
     cumulativeCapKobo: z.ZodNumber;
     currency: z.ZodString;
@@ -3008,9 +3086,19 @@ declare const ConsumerOACSchema: z.ZodObject<{
     validUntilMs: z.ZodNumber;
     counterSeed: z.ZodNumber;
     issuedAtMs: z.ZodNumber;
+    /**
+     * Issuer-attested identity folded into the OAC so a single signed
+     * credential serves both Tier B offline-verifiable identity and offline
+     * spend authority. Verified offline against a pinned issuer key; the
+     * backend remains authoritative at settlement.
+     */
+    phoneE164: z.ZodString;
+    displayName: z.ZodString;
 }, "strip", z.ZodTypeAny, {
+    phoneE164: string;
     userId: string;
     deviceId: string;
+    displayName: string;
     currency: string;
     perTxCapKobo: number;
     cumulativeCapKobo: number;
@@ -3023,8 +3111,10 @@ declare const ConsumerOACSchema: z.ZodObject<{
     oacId: string;
     devicePubkeySpkiB64: string;
 }, {
+    phoneE164: string;
     userId: string;
     deviceId: string;
+    displayName: string;
     currency: string;
     perTxCapKobo: number;
     cumulativeCapKobo: number;
@@ -3053,6 +3143,13 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
         alg: z.ZodLiteral<"p256">;
         /** P-256 SubjectPublicKeyInfo DER, base64. */
         devicePubkeySpkiB64: z.ZodString;
+        /**
+         * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+         * denotes an identity-only OAC: the credential proves who the holder is and
+         * binds their device key for offline-verifiable first contact, but carries
+         * no offline spend authority (every claim against it routes to REVIEW).
+         * Issued to zero-balance wallets so they can still be paid offline.
+         */
         perTxCapKobo: z.ZodNumber;
         cumulativeCapKobo: z.ZodNumber;
         currency: z.ZodString;
@@ -3060,9 +3157,19 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
         validUntilMs: z.ZodNumber;
         counterSeed: z.ZodNumber;
         issuedAtMs: z.ZodNumber;
+        /**
+         * Issuer-attested identity folded into the OAC so a single signed
+         * credential serves both Tier B offline-verifiable identity and offline
+         * spend authority. Verified offline against a pinned issuer key; the
+         * backend remains authoritative at settlement.
+         */
+        phoneE164: z.ZodString;
+        displayName: z.ZodString;
     }, "strip", z.ZodTypeAny, {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3075,8 +3182,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
         oacId: string;
         devicePubkeySpkiB64: string;
     }, {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3096,8 +3205,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
 }, "strip", z.ZodTypeAny, {
     issuerSig: string;
     oac: {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3114,8 +3225,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
 }, {
     issuerSig: string;
     oac: {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3146,6 +3259,13 @@ declare const OACRecordSchema: z.ZodObject<{
         alg: z.ZodLiteral<"p256">;
         /** P-256 SubjectPublicKeyInfo DER, base64. */
         devicePubkeySpkiB64: z.ZodString;
+        /**
+         * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+         * denotes an identity-only OAC: the credential proves who the holder is and
+         * binds their device key for offline-verifiable first contact, but carries
+         * no offline spend authority (every claim against it routes to REVIEW).
+         * Issued to zero-balance wallets so they can still be paid offline.
+         */
         perTxCapKobo: z.ZodNumber;
         cumulativeCapKobo: z.ZodNumber;
         currency: z.ZodString;
@@ -3153,9 +3273,19 @@ declare const OACRecordSchema: z.ZodObject<{
         validUntilMs: z.ZodNumber;
         counterSeed: z.ZodNumber;
         issuedAtMs: z.ZodNumber;
+        /**
+         * Issuer-attested identity folded into the OAC so a single signed
+         * credential serves both Tier B offline-verifiable identity and offline
+         * spend authority. Verified offline against a pinned issuer key; the
+         * backend remains authoritative at settlement.
+         */
+        phoneE164: z.ZodString;
+        displayName: z.ZodString;
     }, "strip", z.ZodTypeAny, {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3168,8 +3298,10 @@ declare const OACRecordSchema: z.ZodObject<{
         oacId: string;
         devicePubkeySpkiB64: string;
     }, {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3196,8 +3328,10 @@ declare const OACRecordSchema: z.ZodObject<{
     issuerSig: string;
     revokedAtMs: number | null;
     oac: {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3218,8 +3352,10 @@ declare const OACRecordSchema: z.ZodObject<{
     issuerSig: string;
     revokedAtMs: number | null;
     oac: {
+        phoneE164: string;
         userId: string;
         deviceId: string;
+        displayName: string;
         currency: string;
         perTxCapKobo: number;
         cumulativeCapKobo: number;
@@ -3279,6 +3415,13 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
             alg: z.ZodLiteral<"p256">;
             /** P-256 SubjectPublicKeyInfo DER, base64. */
             devicePubkeySpkiB64: z.ZodString;
+            /**
+             * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+             * denotes an identity-only OAC: the credential proves who the holder is and
+             * binds their device key for offline-verifiable first contact, but carries
+             * no offline spend authority (every claim against it routes to REVIEW).
+             * Issued to zero-balance wallets so they can still be paid offline.
+             */
             perTxCapKobo: z.ZodNumber;
             cumulativeCapKobo: z.ZodNumber;
             currency: z.ZodString;
@@ -3286,9 +3429,19 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
             validUntilMs: z.ZodNumber;
             counterSeed: z.ZodNumber;
             issuedAtMs: z.ZodNumber;
+            /**
+             * Issuer-attested identity folded into the OAC so a single signed
+             * credential serves both Tier B offline-verifiable identity and offline
+             * spend authority. Verified offline against a pinned issuer key; the
+             * backend remains authoritative at settlement.
+             */
+            phoneE164: z.ZodString;
+            displayName: z.ZodString;
         }, "strip", z.ZodTypeAny, {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3301,8 +3454,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
             oacId: string;
             devicePubkeySpkiB64: string;
         }, {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3329,8 +3484,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
         issuerSig: string;
         revokedAtMs: number | null;
         oac: {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3351,8 +3508,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
         issuerSig: string;
         revokedAtMs: number | null;
         oac: {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3375,8 +3534,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
         issuerSig: string;
         revokedAtMs: number | null;
         oac: {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3399,8 +3560,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
         issuerSig: string;
         revokedAtMs: number | null;
         oac: {
+            phoneE164: string;
             userId: string;
             deviceId: string;
+            displayName: string;
             currency: string;
             perTxCapKobo: number;
             cumulativeCapKobo: number;
@@ -3683,6 +3846,8 @@ type MeOfflineClient = {
     getStatus: (deviceId?: string) => Promise<OfflineStatusResult>;
     submitClaim: (claim: ConsumerPaymentClaim) => Promise<ConsumerSettleResult>;
     getSettlement: (idOrKey: string) => Promise<ConsumerSettlement>;
+    /** Fetch the public pinned issuer trust bundle (`GET /v1/issuer/keys`). */
+    getIssuerKeys: () => Promise<IssuerTrustBundle>;
 };
 declare function createMeOfflineClient(opts: MeOfflineClientOptions): MeOfflineClient;
@@ -3939,6 +4104,163 @@ declare function verifyConsumerSettlementReceiptQR(value: string, issuerPublicKe
 declare function decodeConsumerSettlementReceiptQR(value: string): ConsumerSettlement;
 declare function decodeConsumerSettlementReceiptQR(value: string, issuerPublicKeySpkiB64: string): ConsumerSettlement;
+/**
+ * Offline verification of the unified Offline Authorization Certificate (OAC).
+ *
+ * The OAC is issuer-signed and folds identity (phoneE164, displayName, bound
+ * device key) into the same credential that carries offline spend authority.
+ * This lets two users who meet for the first time recognise and pay each
+ * other WITHOUT a network round-trip: the verifier checks the issuer
+ * signature against a *pinned* trusted issuer key (a Trust Bundle refreshed
+ * whenever the device is online), never the key embedded in the credential.
+ *
+ * Trust model:
+ *   - Provisional offline authorization, authoritative online settlement.
+ *     A successful offline verify proves the credential was issued by Flur
+ *     and is within its validity window; the backend still re-checks
+ *     revocation, balance, and caps at settlement. Short OAC TTL is the
+ *     revocation-propagation mechanism — a revoked user cannot refresh and
+ *     their OAC expires within the issuance TTL.
+ *
+ * Wire format mirrors `flur-backend/src/offline-consumer/service.ts`
+ * (`oacSigningPayload`): the issuer signs `canonicalJSONBytes({ domain, ...oac })`
+ * with its P-256 key. Adding fields to `ConsumerOAC` automatically includes
+ * them in the signed bytes, so identity is covered without a new domain.
+ */
+/**
+ * Domain tag bound into the OAC issuer signature. MUST match
+ * `OAC_DOMAIN` in `flur-backend/src/offline-consumer/service.ts`.
+ */
+declare const CONSUMER_OAC_DOMAIN: "flur:consumer-offline:v1:oac";
+/**
+ * A pinned issuer key the device trusts for offline OAC verification.
+ * Sourced from the backend Trust Bundle (`GET /v1/issuer/keys`) and cached
+ * on-device. `notBeforeMs` / `notAfterMs` bound the key's own validity so a
+ * rotated-out key cannot be used to verify a freshly minted credential.
+ */
+interface TrustedIssuerKey {
+    issuerId: string;
+    /** Issuer P-256 public key as SubjectPublicKeyInfo DER, base64. */
+    publicKeySpkiB64: string;
+    notBeforeMs?: number;
+    notAfterMs?: number;
+}
+/** Identity surfaced to the caller after a successful offline verify. */
+interface OacOfflineIdentity {
+    oacId: string;
+    issuerId: string;
+    userId: string;
+    phoneE164: string;
+    displayName: string;
+    /** Holder's bound device key; lets the caller verify receipts offline. */
+    devicePubkeySpkiB64: string;
+}
+type VerifyOacOfflineResult = {
+    ok: true;
+    oac: ConsumerOAC;
+    identity: OacOfflineIdentity;
+} | {
+    ok: false;
+    reason: 'malformed' | 'untrusted_issuer' | 'signature_invalid' | 'window_too_long' | 'not_yet_valid' | 'expired';
+};
+interface VerifyOacOfflineOptions {
+    /** Override the wall clock; defaults to `Date.now()`. */
+    nowMs?: number;
+}
+/** Canonical OAC payload (domain-bound) the backend issuer signs. */
+declare function consumerOacSigningPayload(oac: ConsumerOAC): {
+    phoneE164: string;
+    userId: string;
+    deviceId: string;
+    displayName: string;
+    currency: string;
+    perTxCapKobo: number;
+    cumulativeCapKobo: number;
+    validFromMs: number;
+    validUntilMs: number;
+    counterSeed: number;
+    issuedAtMs: number;
+    issuerId: string;
+    alg: "p256";
+    oacId: string;
+    devicePubkeySpkiB64: string;
+    domain: "flur:consumer-offline:v1:oac";
+};
+/**
+ * Verify a signed OAC offline against a pinned set of trusted issuer keys.
+ *
+ * Security invariants:
+ *   - The signature is checked against the PINNED key for `oac.issuerId`,
+ *     never the credential-embedded `issuerPublicKeySpkiB64`. An attacker who
+ *     forges an OAC with their own key (and a matching embedded key) fails
+ *     because their key is not pinned.
+ *   - The pinned key's own validity window is enforced.
+ *   - The OAC validity window is enforced (`validFromMs <= now < validUntilMs`).
+ */
+declare function verifyOacOffline(signed: SignedConsumerOAC, trustedKeys: readonly TrustedIssuerKey[], options?: VerifyOacOfflineOptions): VerifyOacOfflineResult;
+/**
+ * QR prefix for a presented unified OAC. A holder shows this QR to be paid
+ * and/or identified offline; the scanner decodes it and calls
+ * `verifyOacOffline` against its pinned trust bundle. Distinct from the
+ * settlement-receipt (`FLURSR1.`) and pay-card prefixes so the scanner can
+ * dispatch by prefix without ambiguity.
+ */
+declare const CONSUMER_OAC_QR_PREFIX: "FLUROAC1.";
+/** True iff `value` looks like a presented OAC QR payload. */
+declare function isConsumerOacQR(value: string): boolean;
+/**
+ * Advisory "pay me" request a holder may attach to a presented OAC pay code:
+ * an amount, a purpose/intent, and a free-text reference. This rides as an
+ * UNSIGNED suffix on the QR (see {@link encodeConsumerOacQR}) — it is never
+ * part of the issuer-signed credential and carries no authority. The payer's
+ * app treats it purely as a prefill hint and always confirms the amount,
+ * exactly as with a NIBSS dynamic QR.
+ */
+declare const OacPresentmentRequestSchema: z.ZodObject<{
+    /** Requested amount in minor units (kobo). */
+    amountMinor: z.ZodOptional<z.ZodNumber>;
+    /** Purpose/intent code (mirrors the NIBSS intent vocabulary). */
+    intent: z.ZodOptional<z.ZodString>;
+    /** Free-text reference / note. */
+    reference: z.ZodOptional<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    amountMinor?: number | undefined;
+    reference?: string | undefined;
+    intent?: string | undefined;
+}, {
+    amountMinor?: number | undefined;
+    reference?: string | undefined;
+    intent?: string | undefined;
+}>;
+type OacPresentmentRequest = z.infer<typeof OacPresentmentRequestSchema>;
+/**
+ * Encode a signed OAC as a scannable QR payload. The envelope is validated
+ * before encoding so a malformed credential can never be presented.
+ *
+ * An optional advisory {@link OacPresentmentRequest} is appended as a
+ * dot-separated, base64url-encoded suffix:
+ *   `FLUROAC1.<base64url(signed)>.<base64url(request)>`
+ * The signed segment is byte-identical with or without the suffix, so the
+ * credential's verifiability is unaffected. An empty request adds no suffix.
+ */
+declare function encodeConsumerOacQR(signed: SignedConsumerOAC, request?: OacPresentmentRequest): string;
+/**
+ * Decode (WITHOUT verifying) a presented OAC QR back into a signed envelope.
+ * Any advisory request suffix is ignored here — use
+ * {@link decodeConsumerOacRequest} to read it. The caller MUST pass the result
+ * to `verifyOacOffline` against pinned keys before trusting any field —
+ * decoding proves nothing about authenticity.
+ */
+declare function decodeUnverifiedConsumerOacQR(value: string): SignedConsumerOAC;
+/**
+ * Read the advisory {@link OacPresentmentRequest} from a presented OAC QR, or
+ * `null` if absent/malformed. This is purely a prefill hint and is NEVER
+ * authoritative — a malformed suffix is treated as "no request" and never
+ * throws, so a bad suffix can never block a verifiable credential.
+ */
+declare function decodeConsumerOacRequest(value: string): OacPresentmentRequest | null;
 /**
  * FLURA1 — single-SMS consumer-offline settle token.
  *
@@ -4948,7 +5270,6 @@ declare const ARTIFACT_TYPES: {
     readonly STATEMENT: "statement";
     readonly PASS: "pass";
     readonly IDENTITY: "identity";
-    readonly PAY_CARD: "pay_card";
 };
 type ArtifactType = (typeof ARTIFACT_TYPES)[keyof typeof ARTIFACT_TYPES];
 declare const OfflinePaymentAuthorizationArtifactSchema: z.ZodObject<{
@@ -5436,17 +5757,17 @@ declare const ReversalRecordArtifactSchema: z.ZodObject<{
 }, "strip", z.ZodTypeAny, {
     currency: "NGN";
     amountKobo: number;
+    reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
     reversalId: string;
     originalTxnId: string;
-    reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
     reversedAtMs: number;
     memo?: string | undefined;
 }, {
     currency: "NGN";
     amountKobo: number;
+    reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
     reversalId: string;
     originalTxnId: string;
-    reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
     reversedAtMs: number;
     memo?: string | undefined;
 }>;
@@ -5592,23 +5913,6 @@ declare const IdentityArtifactSchema: z.ZodObject<{
     claimType: "phone_verified" | "email_verified" | "bvn_verified" | "kyc_tier" | "age_band";
     claimValueHash: string;
 }>;
-declare const PayCardArtifactSchema: z.ZodObject<{
-    userId: z.ZodString;
-    phoneE164: z.ZodString;
-    displayName: z.ZodString;
-    devicePubKeySpkiB64: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    phoneE164: string;
-    userId: string;
-    displayName: string;
-    devicePubKeySpkiB64: string;
-}, {
-    phoneE164: string;
-    userId: string;
-    displayName: string;
-    devicePubKeySpkiB64: string;
-}>;
-type PayCardArtifact = z.infer<typeof PayCardArtifactSchema>;
 declare const ARTIFACT_BODY_SCHEMAS: {
     readonly offline_payment_authorization: z.ZodObject<{
         authorization: z.ZodObject<{
@@ -6093,17 +6397,17 @@ declare const ARTIFACT_BODY_SCHEMAS: {
     }, "strip", z.ZodTypeAny, {
         currency: "NGN";
         amountKobo: number;
+        reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
         reversalId: string;
         originalTxnId: string;
-        reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
         reversedAtMs: number;
         memo?: string | undefined;
     }, {
         currency: "NGN";
         amountKobo: number;
+        reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
         reversalId: string;
         originalTxnId: string;
-        reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
         reversedAtMs: number;
         memo?: string | undefined;
     }>;
@@ -6249,22 +6553,6 @@ declare const ARTIFACT_BODY_SCHEMAS: {
         claimType: "phone_verified" | "email_verified" | "bvn_verified" | "kyc_tier" | "age_band";
         claimValueHash: string;
     }>;
-    readonly pay_card: z.ZodObject<{
-        userId: z.ZodString;
-        phoneE164: z.ZodString;
-        displayName: z.ZodString;
-        devicePubKeySpkiB64: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        phoneE164: string;
-        userId: string;
-        displayName: string;
-        devicePubKeySpkiB64: string;
-    }, {
-        phoneE164: string;
-        userId: string;
-        displayName: string;
-        devicePubKeySpkiB64: string;
-    }>;
 };
 /** Artifact types whose body schema is fully specified and safe to dispatch. */
 declare const HARDENED_ARTIFACT_TYPES: Set<ArtifactType>;
@@ -6383,154 +6671,4 @@ declare function createOfflinePaymentAuthorizationArtifactUri(input: {
     }>;
 };
-/**
- * Pay Card — Tier B of the Flur recipient-trust ladder.
- *
- * A Pay Card is a holder-signed, expiring identity attestation rendered as a
- * QR. When a payer scans a Pay Card and verifies its signature against the
- * holder's registered device-key, they obtain a trusted (userId, phoneE164,
- * displayName, devicePubKey) tuple they can cache locally and reuse to pay
- * the holder fully offline thereafter.
- *
- * Transport: the standard Flur v1 signed-artifact envelope
- *   `flur://v1/pay_card/<base64url(canonical-json(body))>.<base64url(sig)>`
- *
- * Trust model:
- *   - Card is signed by the holder's device key (P-256, ECDSA-SHA256, DER).
- *   - Verifier resolves (issuer=userId, kid) to a SubjectPublicKeyInfo via
- *     Flur's device-key registry — typically online at scan time.
- *   - On successful verify, the scanner upserts the card into its local
- *     verified-contact cache (Tier A) so future pays are offline.
- *
- * This module is the canonical implementation. The backend and mobile MUST
- * use it for build, verify, and freshness checks — no parallel implementations.
- *
- * Industry-standard defaults (configurable per call):
- *   - TTL:                90 days from issue.
- *   - Refresh threshold:  30 days remaining triggers a 'refresh_recommended'
- *                         freshness state.
- *
- * Field policy (enforced by {@link PayCardArtifactSchema}):
- *   - displayName \u2264 64 chars
- *   - phoneE164 must match /^\+[1-9]\d{7,14}$/
- *   - devicePubKeySpkiB64 must be standard base64 (no url-safe variants),
- *     64..256 chars (covers P-256 SPKI = 91 chars plus forward-compat).
- */
-/** Default Pay Card lifetime (ms): 90 days. */
-declare const PAY_CARD_DEFAULT_TTL_MS: number;
-/**
- * When the remaining lifetime drops below this threshold (ms),
- * {@link inspectPayCardFreshness} returns `'refresh_recommended'`.
- *
- * Holders should refresh in the background well before hard-expiry so
- * a stale-card scan never blocks a payment.
- */
-declare const PAY_CARD_REFRESH_THRESHOLD_MS: number;
-/** URI prefix for Pay Card artifacts. */
-declare const PAY_CARD_URI_PREFIX: string;
-/**
- * Inputs for {@link createPayCardArtifactUri}. Mirrors the artifact codec
- * inputs but pins type to `pay_card`, validates the data shape, and applies
- * the default TTL when `expiresAtSeconds` is omitted.
- */
-interface CreatePayCardArtifactInput {
-    /** Holder Flur userId (also used as the envelope issuer). */
-    issuer: string;
-    /** Holder device key id. */
-    keyId: string;
-    /** Holder device private key (raw 32-byte P-256 scalar). */
-    privateKey: Uint8Array;
-    /** Pay Card business payload. */
-    data: PayCardArtifact;
-    /** URL-safe nonce, 8..64 chars. Required for envelope uniqueness. */
-    nonce: string;
-    /** Override the issued-at (seconds). Defaults to now. */
-    issuedAtSeconds?: number;
-    /**
-     * Override the expiry (seconds). Defaults to `issuedAt + 90 days`.
-     *
-     * SECURITY: a Pay Card is a holder-signed identity attestation, so a
-     * hard expiry is mandatory at the protocol level — there is no opt-out.
-     * Callers may shorten the TTL but cannot remove it; backend verifiers
-     * additionally reject envelopes without `exp` (`PAY_CARD_NO_EXPIRY`).
-     */
-    expiresAtSeconds?: number;
-}
-/**
- * Build, sign, and encode a Pay Card as a `flur://v1/pay_card/...` URI.
- *
- * Defaults the envelope's `exp` to `iat + 90 days` so callers do not need
- * to compute lifetimes. Refuses to emit a card whose `userId` payload
- * field disagrees with the envelope `issuer` \u2014 the holder must sign their
- * own card.
- */
-declare function createPayCardArtifactUri(input: CreatePayCardArtifactInput): {
-    uri: string;
-    signed: SignedArtifact<PayCardArtifact>;
-};
-/** True when the URI is shaped as a Pay Card artifact (prefix check only). */
-declare function isPayCardArtifactUri(uri: string): boolean;
-interface DecodedPayCard {
-    /** Validated Pay Card body (data + envelope header). */
-    body: ArtifactBody<PayCardArtifact>;
-    /** ASN.1 DER ECDSA P-256 signature, base64 (standard). */
-    sig: string;
-    /** Raw decoded envelope \u2014 useful when re-emitting or relaying. */
-    decoded: DecodedArtifactUri;
-}
-/**
- * Decode a Pay Card URI without verifying its signature. Validates the URI
- * shape, the envelope header, and the data schema. Use when the caller wants
- * to inspect the card before deciding whether/how to verify it.
- */
-declare function decodePayCardArtifact(uri: string): DecodedPayCard;
-/**
- * Verify a Pay Card URI fully:
- *   1. URI + envelope + data schema (via {@link decodePayCardArtifact}).
- *   2. Envelope expiry (unless `options.enforceExpiry === false`).
- *   3. ECDSA P-256 signature against the supplied holder SPKI public key.
- *
- * The caller is responsible for resolving `(issuer, kid)` to the holder's
- * registered SPKI public key (typically via the backend device-key registry).
- */
-declare function verifyPayCardArtifact(uri: string, publicKeySpkiB64: string, options?: VerifyArtifactOptions): DecodedPayCard;
-type PayCardFreshness = 'fresh' | 'refresh_recommended' | 'expired' | 'no_expiry';
-/**
- * Classify a Pay Card by remaining lifetime. Used by holders to decide when
- * to re-fetch a freshly-signed card from the backend, and by scanners to
- * decide whether to prompt the holder to refresh.
- *
- *   - `'expired'`              : envelope.exp \u2264 now
- *   - `'refresh_recommended'`  : 0 < remaining \u2264 PAY_CARD_REFRESH_THRESHOLD_MS
- *   - `'fresh'`                : remaining > PAY_CARD_REFRESH_THRESHOLD_MS
- *   - `'no_expiry'`            : envelope omits `exp` (non-production cards only)
- */
-declare function inspectPayCardFreshness(decoded: DecodedPayCard, nowMs?: number): PayCardFreshness;
-/**
- * Compute the canonical body bytes a backend must sign when issuing a
- * Pay Card on behalf of the holder via a *server-side* signing path.
- *
- * This export exists so a backend (which holds neither the holder's private
- * key nor a parallel envelope implementation) can call into the SDK to
- * obtain the exact bytes to sign with a hardware-backed device key abstraction.
- * Mobile clients that sign locally should use {@link createPayCardArtifactUri}
- * instead.
- *
- * Returned bytes are the same input passed to ECDSA P-256(SHA-256). Callers
- * MUST keep this contract \u2014 changing the signing input is a protocol break.
- */
-declare function buildPayCardSigningInput(input: {
-    issuer: string;
-    keyId: string;
-    data: PayCardArtifact;
-    nonce: string;
-    issuedAtSeconds?: number;
-    /** See {@link CreatePayCardArtifactInput.expiresAtSeconds}. */
-    expiresAtSeconds?: number;
-}): {
-    body: ArtifactBody<PayCardArtifact>;
-    bodyBytes: Uint8Array;
-};
-export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayCardArtifactInput, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DecodedPayCard, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, PAY_CARD_DEFAULT_TTL_MS, PAY_CARD_REFRESH_THRESHOLD_MS, PAY_CARD_URI_PREFIX, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCardArtifact, PayCardArtifactSchema, type PayCardFreshness, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPayCardSigningInput, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createPayCardArtifactUri, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePayCardArtifact, decodePaymentRequestQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, inspectPayCardFreshness, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, isPayCardArtifactUri, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOfflineSmsSettleToken, verifyPass, verifyPayCardArtifact, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };
+export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OAC_DOMAIN, CONSUMER_OAC_QR_PREFIX, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, type IssuerTrustBundle, IssuerTrustBundleSchema, type IssuerTrustKey, IssuerTrustKeySchema, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OacOfflineIdentity, type OacPresentmentRequest, OacPresentmentRequestSchema, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type TrustedIssuerKey, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, type VerifyOacOfflineOptions, type VerifyOacOfflineResult, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerOacSigningPayload, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerOacRequest, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePaymentRequestQR, decodeUnverifiedConsumerOacQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerOacQR, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, isConsumerOacQR, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOacOffline, verifyOfflineSmsSettleToken, verifyPass, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };