@nokinc-flur/sdk 2.3.0 → 2.4.0

package/dist/index.d.ts

@@ -4104,6 +4104,30 @@ declare function verifyConsumerSettlementReceiptQR(value: string, issuerPublicKe
 declare function decodeConsumerSettlementReceiptQR(value: string): ConsumerSettlement;
 declare function decodeConsumerSettlementReceiptQR(value: string, issuerPublicKeySpkiB64: string): ConsumerSettlement;
 
+/**
+ * Offline verification of the unified Offline Authorization Certificate (OAC).
+ *
+ * The OAC is issuer-signed and folds identity (phoneE164, displayName, bound
+ * device key) into the same credential that carries offline spend authority.
+ * This lets two users who meet for the first time recognise and pay each
+ * other WITHOUT a network round-trip: the verifier checks the issuer
+ * signature against a *pinned* trusted issuer key (a Trust Bundle refreshed
+ * whenever the device is online), never the key embedded in the credential.
+ *
+ * Trust model:
+ *   - Provisional offline authorization, authoritative online settlement.
+ *     A successful offline verify proves the credential was issued by Flur
+ *     and is within its validity window; the backend still re-checks
+ *     revocation, balance, and caps at settlement. Short OAC TTL is the
+ *     revocation-propagation mechanism — a revoked user cannot refresh and
+ *     their OAC expires within the issuance TTL.
+ *
+ * Wire format mirrors `flur-backend/src/offline-consumer/service.ts`
+ * (`oacSigningPayload`): the issuer signs `canonicalJSONBytes({ domain, ...oac })`
+ * with its P-256 key. Adding fields to `ConsumerOAC` automatically includes
+ * them in the signed bytes, so identity is covered without a new domain.
+ */
+
 /**
  * Domain tag bound into the OAC issuer signature. MUST match
  * `OAC_DOMAIN` in `flur-backend/src/offline-consumer/service.ts`.
@@ -4185,17 +4209,57 @@ declare function verifyOacOffline(signed: SignedConsumerOAC, trustedKeys: readon
 declare const CONSUMER_OAC_QR_PREFIX: "FLUROAC1.";
 /** True iff `value` looks like a presented OAC QR payload. */
 declare function isConsumerOacQR(value: string): boolean;
+/**
+ * Advisory "pay me" request a holder may attach to a presented OAC pay code:
+ * an amount, a purpose/intent, and a free-text reference. This rides as an
+ * UNSIGNED suffix on the QR (see {@link encodeConsumerOacQR}) — it is never
+ * part of the issuer-signed credential and carries no authority. The payer's
+ * app treats it purely as a prefill hint and always confirms the amount,
+ * exactly as with a NIBSS dynamic QR.
+ */
+declare const OacPresentmentRequestSchema: z.ZodObject<{
+    /** Requested amount in minor units (kobo). */
+    amountMinor: z.ZodOptional<z.ZodNumber>;
+    /** Purpose/intent code (mirrors the NIBSS intent vocabulary). */
+    intent: z.ZodOptional<z.ZodString>;
+    /** Free-text reference / note. */
+    reference: z.ZodOptional<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    amountMinor?: number | undefined;
+    reference?: string | undefined;
+    intent?: string | undefined;
+}, {
+    amountMinor?: number | undefined;
+    reference?: string | undefined;
+    intent?: string | undefined;
+}>;
+type OacPresentmentRequest = z.infer<typeof OacPresentmentRequestSchema>;
 /**
  * Encode a signed OAC as a scannable QR payload. The envelope is validated
  * before encoding so a malformed credential can never be presented.
+ *
+ * An optional advisory {@link OacPresentmentRequest} is appended as a
+ * dot-separated, base64url-encoded suffix:
+ *   `FLUROAC1.<base64url(signed)>.<base64url(request)>`
+ * The signed segment is byte-identical with or without the suffix, so the
+ * credential's verifiability is unaffected. An empty request adds no suffix.
  */
-declare function encodeConsumerOacQR(signed: SignedConsumerOAC): string;
+declare function encodeConsumerOacQR(signed: SignedConsumerOAC, request?: OacPresentmentRequest): string;
 /**
  * Decode (WITHOUT verifying) a presented OAC QR back into a signed envelope.
- * The caller MUST pass the result to `verifyOacOffline` against pinned keys
- * before trusting any field — decoding proves nothing about authenticity.
+ * Any advisory request suffix is ignored here — use
+ * {@link decodeConsumerOacRequest} to read it. The caller MUST pass the result
+ * to `verifyOacOffline` against pinned keys before trusting any field —
+ * decoding proves nothing about authenticity.
  */
 declare function decodeUnverifiedConsumerOacQR(value: string): SignedConsumerOAC;
+/**
+ * Read the advisory {@link OacPresentmentRequest} from a presented OAC QR, or
+ * `null` if absent/malformed. This is purely a prefill hint and is NEVER
+ * authoritative — a malformed suffix is treated as "no request" and never
+ * throws, so a bad suffix can never block a verifiable credential.
+ */
+declare function decodeConsumerOacRequest(value: string): OacPresentmentRequest | null;
 
 /**
  * FLURA1 — single-SMS consumer-offline settle token.
@@ -5206,7 +5270,6 @@ declare const ARTIFACT_TYPES: {
     readonly STATEMENT: "statement";
     readonly PASS: "pass";
     readonly IDENTITY: "identity";
-    readonly PAY_CARD: "pay_card";
 };
 type ArtifactType = (typeof ARTIFACT_TYPES)[keyof typeof ARTIFACT_TYPES];
 declare const OfflinePaymentAuthorizationArtifactSchema: z.ZodObject<{
@@ -5850,23 +5913,6 @@ declare const IdentityArtifactSchema: z.ZodObject<{
     claimType: "phone_verified" | "email_verified" | "bvn_verified" | "kyc_tier" | "age_band";
     claimValueHash: string;
 }>;
-declare const PayCardArtifactSchema: z.ZodObject<{
-    userId: z.ZodString;
-    phoneE164: z.ZodString;
-    displayName: z.ZodString;
-    devicePubKeySpkiB64: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    phoneE164: string;
-    userId: string;
-    displayName: string;
-    devicePubKeySpkiB64: string;
-}, {
-    phoneE164: string;
-    userId: string;
-    displayName: string;
-    devicePubKeySpkiB64: string;
-}>;
-type PayCardArtifact = z.infer<typeof PayCardArtifactSchema>;
 declare const ARTIFACT_BODY_SCHEMAS: {
     readonly offline_payment_authorization: z.ZodObject<{
         authorization: z.ZodObject<{
@@ -6507,22 +6553,6 @@ declare const ARTIFACT_BODY_SCHEMAS: {
         claimType: "phone_verified" | "email_verified" | "bvn_verified" | "kyc_tier" | "age_band";
         claimValueHash: string;
     }>;
-    readonly pay_card: z.ZodObject<{
-        userId: z.ZodString;
-        phoneE164: z.ZodString;
-        displayName: z.ZodString;
-        devicePubKeySpkiB64: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        phoneE164: string;
-        userId: string;
-        displayName: string;
-        devicePubKeySpkiB64: string;
-    }, {
-        phoneE164: string;
-        userId: string;
-        displayName: string;
-        devicePubKeySpkiB64: string;
-    }>;
 };
 /** Artifact types whose body schema is fully specified and safe to dispatch. */
 declare const HARDENED_ARTIFACT_TYPES: Set<ArtifactType>;
@@ -6641,154 +6671,4 @@ declare function createOfflinePaymentAuthorizationArtifactUri(input: {
     }>;
 };
 
-/**
- * Pay Card — Tier B of the Flur recipient-trust ladder.
- *
- * A Pay Card is a holder-signed, expiring identity attestation rendered as a
- * QR. When a payer scans a Pay Card and verifies its signature against the
- * holder's registered device-key, they obtain a trusted (userId, phoneE164,
- * displayName, devicePubKey) tuple they can cache locally and reuse to pay
- * the holder fully offline thereafter.
- *
- * Transport: the standard Flur v1 signed-artifact envelope
- *   `flur://v1/pay_card/<base64url(canonical-json(body))>.<base64url(sig)>`
- *
- * Trust model:
- *   - Card is signed by the holder's device key (P-256, ECDSA-SHA256, DER).
- *   - Verifier resolves (issuer=userId, kid) to a SubjectPublicKeyInfo via
- *     Flur's device-key registry — typically online at scan time.
- *   - On successful verify, the scanner upserts the card into its local
- *     verified-contact cache (Tier A) so future pays are offline.
- *
- * This module is the canonical implementation. The backend and mobile MUST
- * use it for build, verify, and freshness checks — no parallel implementations.
- *
- * Industry-standard defaults (configurable per call):
- *   - TTL:                90 days from issue.
- *   - Refresh threshold:  30 days remaining triggers a 'refresh_recommended'
- *                         freshness state.
- *
- * Field policy (enforced by {@link PayCardArtifactSchema}):
- *   - displayName \u2264 64 chars
- *   - phoneE164 must match /^\+[1-9]\d{7,14}$/
- *   - devicePubKeySpkiB64 must be standard base64 (no url-safe variants),
- *     64..256 chars (covers P-256 SPKI = 91 chars plus forward-compat).
- */
-
-/** Default Pay Card lifetime (ms): 90 days. */
-declare const PAY_CARD_DEFAULT_TTL_MS: number;
-/**
- * When the remaining lifetime drops below this threshold (ms),
- * {@link inspectPayCardFreshness} returns `'refresh_recommended'`.
- *
- * Holders should refresh in the background well before hard-expiry so
- * a stale-card scan never blocks a payment.
- */
-declare const PAY_CARD_REFRESH_THRESHOLD_MS: number;
-/** URI prefix for Pay Card artifacts. */
-declare const PAY_CARD_URI_PREFIX: string;
-/**
- * Inputs for {@link createPayCardArtifactUri}. Mirrors the artifact codec
- * inputs but pins type to `pay_card`, validates the data shape, and applies
- * the default TTL when `expiresAtSeconds` is omitted.
- */
-interface CreatePayCardArtifactInput {
-    /** Holder Flur userId (also used as the envelope issuer). */
-    issuer: string;
-    /** Holder device key id. */
-    keyId: string;
-    /** Holder device private key (raw 32-byte P-256 scalar). */
-    privateKey: Uint8Array;
-    /** Pay Card business payload. */
-    data: PayCardArtifact;
-    /** URL-safe nonce, 8..64 chars. Required for envelope uniqueness. */
-    nonce: string;
-    /** Override the issued-at (seconds). Defaults to now. */
-    issuedAtSeconds?: number;
-    /**
-     * Override the expiry (seconds). Defaults to `issuedAt + 90 days`.
-     *
-     * SECURITY: a Pay Card is a holder-signed identity attestation, so a
-     * hard expiry is mandatory at the protocol level — there is no opt-out.
-     * Callers may shorten the TTL but cannot remove it; backend verifiers
-     * additionally reject envelopes without `exp` (`PAY_CARD_NO_EXPIRY`).
-     */
-    expiresAtSeconds?: number;
-}
-/**
- * Build, sign, and encode a Pay Card as a `flur://v1/pay_card/...` URI.
- *
- * Defaults the envelope's `exp` to `iat + 90 days` so callers do not need
- * to compute lifetimes. Refuses to emit a card whose `userId` payload
- * field disagrees with the envelope `issuer` \u2014 the holder must sign their
- * own card.
- */
-declare function createPayCardArtifactUri(input: CreatePayCardArtifactInput): {
-    uri: string;
-    signed: SignedArtifact<PayCardArtifact>;
-};
-/** True when the URI is shaped as a Pay Card artifact (prefix check only). */
-declare function isPayCardArtifactUri(uri: string): boolean;
-interface DecodedPayCard {
-    /** Validated Pay Card body (data + envelope header). */
-    body: ArtifactBody<PayCardArtifact>;
-    /** ASN.1 DER ECDSA P-256 signature, base64 (standard). */
-    sig: string;
-    /** Raw decoded envelope \u2014 useful when re-emitting or relaying. */
-    decoded: DecodedArtifactUri;
-}
-/**
- * Decode a Pay Card URI without verifying its signature. Validates the URI
- * shape, the envelope header, and the data schema. Use when the caller wants
- * to inspect the card before deciding whether/how to verify it.
- */
-declare function decodePayCardArtifact(uri: string): DecodedPayCard;
-/**
- * Verify a Pay Card URI fully:
- *   1. URI + envelope + data schema (via {@link decodePayCardArtifact}).
- *   2. Envelope expiry (unless `options.enforceExpiry === false`).
- *   3. ECDSA P-256 signature against the supplied holder SPKI public key.
- *
- * The caller is responsible for resolving `(issuer, kid)` to the holder's
- * registered SPKI public key (typically via the backend device-key registry).
- */
-declare function verifyPayCardArtifact(uri: string, publicKeySpkiB64: string, options?: VerifyArtifactOptions): DecodedPayCard;
-type PayCardFreshness = 'fresh' | 'refresh_recommended' | 'expired' | 'no_expiry';
-/**
- * Classify a Pay Card by remaining lifetime. Used by holders to decide when
- * to re-fetch a freshly-signed card from the backend, and by scanners to
- * decide whether to prompt the holder to refresh.
- *
- *   - `'expired'`              : envelope.exp \u2264 now
- *   - `'refresh_recommended'`  : 0 < remaining \u2264 PAY_CARD_REFRESH_THRESHOLD_MS
- *   - `'fresh'`                : remaining > PAY_CARD_REFRESH_THRESHOLD_MS
- *   - `'no_expiry'`            : envelope omits `exp` (non-production cards only)
- */
-declare function inspectPayCardFreshness(decoded: DecodedPayCard, nowMs?: number): PayCardFreshness;
-/**
- * Compute the canonical body bytes a backend must sign when issuing a
- * Pay Card on behalf of the holder via a *server-side* signing path.
- *
- * This export exists so a backend (which holds neither the holder's private
- * key nor a parallel envelope implementation) can call into the SDK to
- * obtain the exact bytes to sign with a hardware-backed device key abstraction.
- * Mobile clients that sign locally should use {@link createPayCardArtifactUri}
- * instead.
- *
- * Returned bytes are the same input passed to ECDSA P-256(SHA-256). Callers
- * MUST keep this contract \u2014 changing the signing input is a protocol break.
- */
-declare function buildPayCardSigningInput(input: {
-    issuer: string;
-    keyId: string;
-    data: PayCardArtifact;
-    nonce: string;
-    issuedAtSeconds?: number;
-    /** See {@link CreatePayCardArtifactInput.expiresAtSeconds}. */
-    expiresAtSeconds?: number;
-}): {
-    body: ArtifactBody<PayCardArtifact>;
-    bodyBytes: Uint8Array;
-};
-
-export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OAC_DOMAIN, CONSUMER_OAC_QR_PREFIX, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayCardArtifactInput, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DecodedPayCard, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, type IssuerTrustBundle, IssuerTrustBundleSchema, type IssuerTrustKey, IssuerTrustKeySchema, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OacOfflineIdentity, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, PAY_CARD_DEFAULT_TTL_MS, PAY_CARD_REFRESH_THRESHOLD_MS, PAY_CARD_URI_PREFIX, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCardArtifact, PayCardArtifactSchema, type PayCardFreshness, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type TrustedIssuerKey, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, type VerifyOacOfflineOptions, type VerifyOacOfflineResult, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPayCardSigningInput, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerOacSigningPayload, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createPayCardArtifactUri, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePayCardArtifact, decodePaymentRequestQR, decodeUnverifiedConsumerOacQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerOacQR, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, inspectPayCardFreshness, isConsumerOacQR, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, isPayCardArtifactUri, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOacOffline, verifyOfflineSmsSettleToken, verifyPass, verifyPayCardArtifact, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };
+export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OAC_DOMAIN, CONSUMER_OAC_QR_PREFIX, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, type IssuerTrustBundle, IssuerTrustBundleSchema, type IssuerTrustKey, IssuerTrustKeySchema, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OacOfflineIdentity, type OacPresentmentRequest, OacPresentmentRequestSchema, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type TrustedIssuerKey, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, type VerifyOacOfflineOptions, type VerifyOacOfflineResult, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerOacSigningPayload, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerOacRequest, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePaymentRequestQR, decodeUnverifiedConsumerOacQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerOacQR, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, isConsumerOacQR, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOacOffline, verifyOfflineSmsSettleToken, verifyPass, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };