@novasamatech/statement-store 0.8.7-2 → 0.8.7-4

package/dist/adapter/rpc.js

@@ -97,9 +97,9 @@ export function createPapiStatementStoreAdapter(lazyClient) {
                             case 'dataTooLarge':
                                 return errAsync(new DataTooLargeError(result.submitted_size, result.available_size));
                             case 'channelPriorityTooLow':
-                                return errAsync(new ExpiryTooLowError(result.submitted_expiry, result.min_expiry));
+                                return errAsync(new ExpiryTooLowError(BigInt(result.submitted_expiry), BigInt(result.min_expiry)));
                             case 'accountFull':
-                                return errAsync(new AccountFullError(result.submitted_expiry, result.min_expiry));
+                                return errAsync(new AccountFullError(BigInt(result.submitted_expiry), BigInt(result.min_expiry)));
                             case 'storeFull':
                                 return errAsync(new StorageFullError());
                             case 'noAllowance':

package/dist/index.d.ts

@@ -19,5 +19,11 @@ export { createInMemoryStatementStore } from './adapter/inMemory.js';
 export type { StatementStoreAdapter } from './adapter/types.js';
 export { AccountFullError, AlreadyExpiredError, BadProofError, DataTooLargeError, EncodingTooLargeError, ExpiryTooLowError, InternalStoreError, KnownExpiredError, NoAllowanceError, NoProofError, StorageFullError, } from './adapter/types.js';
 export { createPapiStatementStoreAdapter } from './adapter/rpc.js';
+export type { ExpiryAllocator } from './submit/allocator.js';
+export { PRIORITY_EPOCH_OFFSET, createExpiryAllocator } from './submit/allocator.js';
+export type { SubmitRetryOptions } from './submit/retry.js';
+export { isPriorityTooLow, submitWithRetry } from './submit/retry.js';
+export type { SubmitStatementParams } from './submit/submitStatement.js';
+export { signAndSubmitStatement, submitStatementOnce } from './submit/submitStatement.js';
 export { createSr25519Derivation, createSr25519Secret, deriveSlotAccountPublicKey, deriveSr25519PublicKey, ensureSubstrateSlotSr25519Ready, ensureSubstrateSr25519Ready, khash, signSlotAccountSecret, signWithSr25519Secret, verifySlotAccountSignature, verifySr25519Signature, } from './crypto.js';
 export { substrateSr25519PublicKey } from './substrateSr25519.js';

package/dist/index.js

@@ -9,5 +9,8 @@ export { createLazyClient } from './adapter/lazyClient.js';
 export { createInMemoryStatementStore } from './adapter/inMemory.js';
 export { AccountFullError, AlreadyExpiredError, BadProofError, DataTooLargeError, EncodingTooLargeError, ExpiryTooLowError, InternalStoreError, KnownExpiredError, NoAllowanceError, NoProofError, StorageFullError, } from './adapter/types.js';
 export { createPapiStatementStoreAdapter } from './adapter/rpc.js';
+export { PRIORITY_EPOCH_OFFSET, createExpiryAllocator } from './submit/allocator.js';
+export { isPriorityTooLow, submitWithRetry } from './submit/retry.js';
+export { signAndSubmitStatement, submitStatementOnce } from './submit/submitStatement.js';
 export { createSr25519Derivation, createSr25519Secret, deriveSlotAccountPublicKey, deriveSr25519PublicKey, ensureSubstrateSlotSr25519Ready, ensureSubstrateSr25519Ready, khash, signSlotAccountSecret, signWithSr25519Secret, verifySlotAccountSignature, verifySr25519Signature, } from './crypto.js';
 export { substrateSr25519PublicKey } from './substrateSr25519.js';

package/dist/session/priority.d.ts

@@ -1 +1,9 @@
+/**
+ * Priority epoch base: seconds at 2025-11-15T00:00:00Z. The low word is a u32 priority counted FROM
+ * this epoch (spec §1), not the raw Unix timestamp. iOS (StatementPriorityFactory.unixOffset) and
+ * Android subtract the same offset; omitting it makes the TS low word ~1.76e9 larger than every
+ * mobile client's, so any cross-client or shared-channel priority comparison would always rank a
+ * TS-written statement above a mobile-written one. Keeping the base aligned removes that landmine.
+ */
+export declare const PRIORITY_EPOCH_OFFSET = 1763164800n;
 export declare function nextExpiry(current: bigint): bigint;

package/dist/session/priority.js

@@ -13,7 +13,7 @@ const NEVER_EXPIRE_HIGH = 0xffffffffn;
  * mobile client's, so any cross-client or shared-channel priority comparison would always rank a
  * TS-written statement above a mobile-written one. Keeping the base aligned removes that landmine.
  */
-const PRIORITY_EPOCH_OFFSET = 1763164800n;
+export const PRIORITY_EPOCH_OFFSET = 1763164800n;
 export function nextExpiry(current) {
     const nowSecs = BigInt(Math.floor(Date.now() / 1000));
     const priority = nowSecs > PRIORITY_EPOCH_OFFSET ? nowSecs - PRIORITY_EPOCH_OFFSET : 0n;

package/dist/session/session.d.ts

@@ -1,5 +1,6 @@
 import type { StatementStoreAdapter } from '../adapter/types.js';
 import type { LocalSessionAccount, RemoteSessionAccount } from '../model/sessionAccount.js';
+import type { ExpiryAllocator } from '../submit/allocator.js';
 import type { Encryption } from './encyption.js';
 import type { StatementProver } from './statementProver.js';
 import type { Session } from './types.js';
@@ -23,6 +24,13 @@ export type SessionParams = {
      * throw.
      */
     sessionKey: Uint8Array;
+    /**
+     * Expiry source for this session's submits. Inject ONE shared allocator when
+     * several writers (sessions, raw submits) sign with the same account, so
+     * same-second submits cannot tie. Defaults to a private allocator —
+     * identical to the previous per-session behavior.
+     */
+    allocator?: ExpiryAllocator;
     maxRequestSize?: number;
 };
 /**
@@ -32,4 +40,4 @@ export type SessionParams = {
  * `maxStatementSize - overhead` rather than the raw statement limit.
  */
 export declare const STATEMENT_OVERHEAD: number;
-export declare function createSession({ localAccount, remoteAccount, statementStore, encryption, prover, sessionKey, maxRequestSize, }: SessionParams): Session;
+export declare function createSession({ localAccount, remoteAccount, statementStore, encryption, prover, sessionKey, allocator, maxRequestSize, }: SessionParams): Session;

package/dist/session/session.js

@@ -1,14 +1,15 @@
+import { toHex } from '@novasamatech/scale';
 import { nanoid } from 'nanoid';
 import { ResultAsync, err, errAsync, fromPromise, fromThrowable, ok, okAsync } from 'neverthrow';
-import { toHex } from 'polkadot-api/utils';
 import { Struct, str } from 'scale-ts';
-import { ExpiryTooLowError } from '../adapter/types.js';
 import { khash, stringToBytes } from '../crypto.js';
 import { nonNullable, toError } from '../helpers.js';
 import { createSessionId } from '../model/session.js';
+import { createExpiryAllocator } from '../submit/allocator.js';
+import { isPriorityTooLow, submitWithRetry } from '../submit/retry.js';
+import { submitStatementOnce } from '../submit/submitStatement.js';
 import { DecodingError, DecryptionError, UnknownError } from './error.js';
 import { toMessage } from './messageMapper.js';
-import { nextExpiry } from './priority.js';
 import { StatementData } from './scale/statementData.js';
 const DEFAULT_MAX_REQUEST_SIZE = 4096;
 // Rejection reason shared by dispose() and the disposed guards on submit*, so a torn-down session
@@ -68,38 +69,17 @@ function makeDeferred() {
     promise.catch(() => undefined);
     return { resolve, reject, promise };
 }
-// Retry a submit on failure with a short backoff. `shouldRetry` is re-checked before each retry:
-// once the submission is superseded, aborted, or the session is disposed it returns false, so a
-// stale retry can never resurrect an old statement.
-//
-// ExpiryTooLow is treated specially: it is never a chain/statement failure, only a sign our
-// in-memory expiry lagged the channel's on-chain priority. submitStatementData has already resynced
-// us above the reported minimum, so the next attempt submits higher. We therefore retry ExpiryTooLow
-// WITHOUT spending the `attemptsLeft` transient-failure budget — keeping at it until it lands or the
-// submission is superseded — and, once superseded, swallow it as success. The upshot: ExpiryTooLow
-// never surfaces to callers. (Other errors keep the bounded retry and propagate when exhausted.)
-function submitWithRetry(submit, attemptsLeft, shouldRetry) {
-    // How to settle once we stop retrying: a no-longer-live submission rejected with ExpiryTooLow
-    // simply lost the channel race to a newer, higher-priority statement — benign, so report success.
-    const settle = (error) => !shouldRetry() && error instanceof ExpiryTooLowError ? okAsync(undefined) : errAsync(error);
-    return submit().orElse(error => {
-        const expiryTooLow = error instanceof ExpiryTooLowError;
-        if (!shouldRetry() || (!expiryTooLow && attemptsLeft <= 0))
-            return settle(error);
-        // ExpiryTooLow is always recoverable while live, so it doesn't consume the retry budget.
-        const nextAttempts = expiryTooLow ? attemptsLeft : attemptsLeft - 1;
-        return ResultAsync.fromSafePromise(new Promise(resolve => setTimeout(resolve, RETRY_DELAY_MS))).andThen(() => shouldRetry() ? submitWithRetry(submit, nextAttempts, shouldRetry) : settle(error));
-    });
-}
-export function createSession({ localAccount, remoteAccount, statementStore, encryption, prover, sessionKey, maxRequestSize = DEFAULT_MAX_REQUEST_SIZE, }) {
+export function createSession({ localAccount, remoteAccount, statementStore, encryption, prover, sessionKey, allocator = createExpiryAllocator(), maxRequestSize = DEFAULT_MAX_REQUEST_SIZE, }) {
     const outgoingSessionId = createSessionId(sessionKey, localAccount, remoteAccount);
     const incomingSessionId = createSessionId(sessionKey, remoteAccount, localAccount);
+    // Session-constant channel hashes — derived once so retries don't re-hash them per attempt.
+    const requestChannel = createRequestChannel(outgoingSessionId);
+    const responseChannel = createResponseChannel(outgoingSessionId);
     // Message bytes must fit within the statement limit minus the fixed wire overhead.
     const maxPayloadSize = Math.max(0, maxRequestSize - STATEMENT_OVERHEAD);
     const state = {
         phase: 'initialization',
         initError: null,
-        expiry: 0n,
         outgoingRequest: null,
         incomingRequests: new Map(),
         messageQueue: [],
@@ -118,28 +98,13 @@ export function createSession({ localAccount, remoteAccount, statementStore, enc
     // Id of the most recent response we initiated (responses share one channel, so only the
     // latest is live — a retry for an older one must not resurrect it).
     let lastResponseRequestId = null;
-    // Submit on `channel`/`topicSessionId` at the next (strictly increasing) expiry.
+    // Encrypt, then submit on `channel`/`topicSessionId` at the allocator's next (strictly
+    // increasing) expiry. On a priority rejection submitStatementOnce resyncs the allocator to the
+    // chain-reported minimum before propagating, so the retry — and every later submit — clears it.
     function submitStatementData(channel, topicSessionId, data) {
-        state.expiry = nextExpiry(state.expiry);
-        const expiry = state.expiry;
         return encryption
             .encrypt(data)
-            .map(encrypted => ({
-            expiry,
-            channel: toHex(channel),
-            topics: [toHex(topicSessionId)],
-            data: encrypted,
-        }))
-            .asyncAndThen(prover.generateMessageProof)
-            .andThen(statementStore.submitStatement)
-            .orElse(error => {
-            // The chain is the source of truth for a channel's priority. If our in-memory counter
-            // drifted behind it (a prior run, another writer, or propagation lag), resync to the
-            // reported minimum so the retry — and every later submit — clears it.
-            if (error instanceof ExpiryTooLowError && error.min > state.expiry)
-                state.expiry = error.min;
-            return errAsync(error);
-        });
+            .asyncAndThen(encrypted => submitStatementOnce({ statementStore, prover, allocator, channel, topics: [topicSessionId], data: encrypted }));
     }
     // Settle and remove the pending-delivery entries for the given tokens.
     function settleTokens(tokens, settle) {
@@ -151,19 +116,32 @@ export function createSession({ localAccount, remoteAccount, statementStore, enc
             }
         }
     }
+    // Session retry policy (this and every submitWithRetry call below): priority errors
+    // (ExpiryTooLow / AccountFull) are retried with `priorityAttempts: 'unbounded'` — they never
+    // consume the transient-failure budget, because submitStatementData has already resynced the
+    // allocator above the chain-reported minimum, so the next attempt submits higher. We keep at it
+    // until the statement lands or the submission is superseded; once superseded, a priority
+    // rejection is swallowed as success (it merely lost the channel race to a newer, higher-priority
+    // statement). The upshot: priority errors never surface to session callers. Other errors keep
+    // the bounded retry and propagate when exhausted. `shouldRetry` is re-checked before each retry:
+    // once the submission is superseded, aborted, or the session is disposed it returns false, so a
+    // stale retry can never resurrect an old statement.
     function encodeAndSubmitRequest(requestId, messages) {
         encodeStatementData({ tag: 'request', value: { requestId, data: messages } })
-            .asyncAndThen(data => submitWithRetry(() => submitStatementData(createRequestChannel(outgoingSessionId), outgoingSessionId, data), MAX_SUBMIT_RETRIES, 
-        // Only keep retrying while this is still the live submission (not superseded by a
-        // newer retransmit, aborted via clearOutgoingStatement, or disposed).
-        () => !disposed && state.outgoingRequest?.requestIds.at(-1) === requestId))
+            .asyncAndThen(data => submitWithRetry(() => submitStatementData(requestChannel, outgoingSessionId, data), {
+            attempts: MAX_SUBMIT_RETRIES,
+            priorityAttempts: 'unbounded',
+            delaysMs: RETRY_DELAY_MS,
+            // Only keep retrying while this is still the live submission (not superseded by a
+            // newer retransmit, aborted via clearOutgoingStatement, or disposed).
+            shouldRetry: () => !disposed && state.outgoingRequest?.requestIds.at(-1) === requestId,
+        }))
             .mapErr(e => {
-            // ExpiryTooLow is handled in submitWithRetry (retried until it lands, swallowed once
-            // superseded), so an error reaching here is a different, genuine failure. If this submission
-            // was already superseded by a newer retransmit (same tokens) it is not the live request's
-            // concern — drop it silently; the newer one carries the waiters. Otherwise the bounded
-            // retries are exhausted on the LIVE submission: the request never landed, so fail its
-            // waiters rather than let them hang.
+            // Priority errors never reach here (see the policy note above), so this is a genuine
+            // failure. If this submission was already superseded by a newer retransmit (same tokens)
+            // it is not the live request's concern — drop it silently; the newer one carries the
+            // waiters. Otherwise the bounded retries are exhausted on the LIVE submission: the
+            // request never landed, so fail its waiters rather than let them hang.
             const outgoing = state.outgoingRequest;
             if (disposed || !outgoing || outgoing.requestIds.at(-1) !== requestId)
                 return;
@@ -368,14 +346,12 @@ export function createSession({ localAccount, remoteAccount, statementStore, enc
             if (s.expiry !== undefined && s.expiry > maxExpiry)
                 maxExpiry = s.expiry;
         }
-        // Never regress the counter. The query is a snapshot taken when init() began; a statement
-        // submitted while init was in flight (e.g. an auto-ACK for a peer request that arrived during
-        // the query) has already advanced both state.expiry and the on-chain channel past that
-        // snapshot. Overwriting unconditionally would drop the counter below the on-chain priority,
-        // making the next submit collide at an equal expiry.
-        const seeded = nextExpiry(maxExpiry);
-        if (seeded > state.expiry)
-            state.expiry = seeded;
+        // Adopt the snapshot's maximum as the allocator floor. raiseFloor is monotonic — the floor
+        // never regresses — so a statement submitted while init was in flight (e.g. an auto-ACK for a
+        // peer request that arrived during the query) keeps the counter ahead of this snapshot, the
+        // same guarantee the old conditional seeding gave. The next submit then draws strictly above
+        // the seen on-chain maximum and at least the wall-clock priority, so it cannot collide at an equal expiry.
+        allocator.raiseFloor(maxExpiry);
         for (const s of [...ownStatements, ...peerStatements]) {
             if (s.data)
                 state.seenStatements.add(toHex(s.data));
@@ -474,28 +450,29 @@ export function createSession({ localAccount, remoteAccount, statementStore, enc
             lastResponseRequestId = requestId;
             // Responses go on OUR outgoing topic/response-channel (per spec: the responder
             // publishes on SessionId(self, peer)); the requester reads them from its incoming topic.
-            return (submitWithRetry(() => submitStatementData(createResponseChannel(outgoingSessionId), outgoingSessionId, encoded.value), MAX_SUBMIT_RETRIES, 
-            // Stop retrying once a newer response supersedes this one (shared response channel) or disposed.
-            () => !disposed && lastResponseRequestId === requestId)
-                // Answered: it no longer needs replaying to future subscribers.
-                .andTee(() => pruneBufferedRequest(requestId))
+            return (submitWithRetry(() => submitStatementData(responseChannel, outgoingSessionId, encoded.value), {
+                attempts: MAX_SUBMIT_RETRIES,
+                priorityAttempts: 'unbounded',
+                delaysMs: RETRY_DELAY_MS,
+                // Stop retrying once a newer response supersedes this one (shared response channel) or disposed.
+                shouldRetry: () => !disposed && lastResponseRequestId === requestId,
+            })
                 .orElse(error => {
-                // ExpiryTooLow is handled in submitWithRetry (swallowed once a newer response supersedes
-                // this one on the shared channel), so an error here is a different failure. If this is no
-                // longer the latest response (superseded) or the session is disposed, keep the request
-                // marked answered — re-answering would only clobber the newer response — and absorb the
-                // error. NOTE: the shared response channel still only exposes the latest response to the
-                // peer, so reliably ACKing several outstanding requests needs the protocol-level fix
-                // tracked separately.
-                if (disposed || lastResponseRequestId !== requestId) {
-                    pruneBufferedRequest(requestId);
+                // Priority errors never reach here (see the policy note above), so this is a genuine
+                // failure. If this is no longer the latest response (superseded) or the session is
+                // disposed, keep the request marked answered — re-answering would only clobber the
+                // newer response — and absorb the error. NOTE: the shared response channel still only
+                // exposes the latest response to the peer, so reliably ACKing several outstanding
+                // requests needs the protocol-level fix tracked separately.
+                if (disposed || lastResponseRequestId !== requestId)
                     return okAsync(undefined);
-                }
                 // The live response genuinely failed after exhausting retries — roll back so a later
                 // peer retransmit can still be answered, and surface the error.
                 incoming.responded = false;
                 return errAsync(error);
-            }));
+            })
+                // Answered (or absorbed as such): it no longer needs replaying to future subscribers.
+                .andTee(() => pruneBufferedRequest(requestId)));
         },
         waitForRequestMessage(codec, filter) {
             const promise = new Promise((resolve, reject) => {
@@ -595,12 +572,12 @@ export function createSession({ localAccount, remoteAccount, statementStore, enc
                 return errAsync(encoded.error);
             // Supersede the live batch with an empty one. Use submitStatementData so the
             // empty statement goes out at a STRICTLY higher expiry — the store rejects an
-            // equal-or-lower expiry on the same channel, so reusing state.expiry would
-            // leave the original request live on-chain. Route through submitWithRetry with
-            // shouldRetry:()=>false so it inherits the single ExpiryTooLow policy — a rejection
-            // means the channel already advanced past us, so the clear already happened → absorb it —
-            // without retrying (clearing is a one-shot supersede, not a request that must land).
-            return submitWithRetry(() => submitStatementData(createRequestChannel(outgoingSessionId), outgoingSessionId, encoded.value), 0, () => false);
+            // equal-or-lower expiry on the same channel, so reusing the last allocated expiry
+            // would leave the original request live on-chain. One shot, no retry (clearing is a
+            // supersede, not a request that must land); a priority rejection (ExpiryTooLow /
+            // AccountFull) means the channel already advanced past us, so the clear already
+            // happened → absorb it as success.
+            return submitStatementData(requestChannel, outgoingSessionId, encoded.value).orElse(error => isPriorityTooLow(error) ? okAsync(undefined) : errAsync(error));
         },
         dispose() {
             disposed = true;

package/dist/session/session.spec.js

@@ -3,7 +3,7 @@ import { ResultAsync, err, errAsync, ok, okAsync } from 'neverthrow';
 import { Bytes, Struct, str } from 'scale-ts';
 import { describe, expect, it, vi } from 'vitest';
 import { createInMemoryStatementStore } from '../adapter/inMemory.js';
-import { ExpiryTooLowError } from '../adapter/types.js';
+import { AccountFullError, ExpiryTooLowError } from '../adapter/types.js';
 import { createAccountId, createLocalSessionAccount, createRemoteSessionAccount } from '../model/sessionAccount.js';
 import { DecodingError, UnknownError } from './error.js';
 import { StatementData } from './scale/statementData.js';
@@ -747,13 +747,16 @@ describe('session', () => {
             expect(second.isOk()).toBe(true);
             expect(adapter.submitStatement.mock.calls.length).toBeGreaterThan(submitsBefore);
         }, 3000);
-        it('absorbs a superseded response rejected as ExpiryTooLow and keeps the request answered', async () => {
+        it.each([
+            ['ExpiryTooLow', ExpiryTooLowError],
+            ['AccountFull', AccountFullError],
+        ])('absorbs a superseded response rejected as %s and keeps the request answered', async (_name, PriorityError) => {
             // Two incoming requests are answered on the SHARED response channel. The response to A is in
             // flight when the response to B takes over the channel; A then lands at a now-lower expiry and
-            // the store rejects it (ExpiryTooLow). That supersession is expected: B's response owns the
-            // channel, so A's rejection must be absorbed (not surfaced) and A must stay marked answered —
-            // re-answering would only clobber B. (Returning ok here is also what stops respondToRequests
-            // from logging it as a failed response.)
+            // the store rejects it with a priority error. That supersession is expected: B's response owns
+            // the channel, so A's rejection must be absorbed (not surfaced) and A must stay marked
+            // answered — re-answering would only clobber B. (Returning ok here is also what stops
+            // respondToRequests from logging it as a failed response.)
             const reqA = makeStatement({ tag: 'request', value: { requestId: 'A', data: [] } });
             const { subscribeStatements, callbacks } = capturingSubscribe();
             const { submitStatement, pendings } = deferredSubmit();
@@ -768,7 +771,7 @@ describe('session', () => {
             await delay(); // both reach submitStatement
             expect(pendings).toHaveLength(2);
             pendings.find(p => p.requestId === 'B').settle(ok(undefined)); // B lands, owns the channel
-            pendings.find(p => p.requestId === 'A').settle(err(new ExpiryTooLowError(0n, 0n))); // A lands late, rejected
+            pendings.find(p => p.requestId === 'A').settle(err(new PriorityError(0n, 0n))); // A lands late, rejected
             const resA = await resAPromise;
             const resB = await resBPromise;
             expect(resB.isOk()).toBe(true);
@@ -950,14 +953,18 @@ describe('session', () => {
             expect(adapter.submitStatement.mock.calls.length).toBeGreaterThanOrEqual(2); // 1 failure + ≥1 retry
             session.dispose();
         }, 3000);
-        it('resyncs its expiry above the chain minimum after an ExpiryTooLow rejection', async () => {
-            // The in-memory expiry counter has drifted behind the channel's real priority (prior run /
-            // other writer / propagation lag). The chain reports the minimum; the retry must clear it.
+        it.each([
+            ['ExpiryTooLow', ExpiryTooLowError],
+            ['AccountFull', AccountFullError],
+        ])('resyncs its expiry above the chain minimum after an %s rejection', async (_name, PriorityError) => {
+            // The in-memory expiry counter has drifted behind the chain's real priority floor (prior run /
+            // other writer / propagation lag / account full of higher-priority statements). The chain
+            // reports the minimum; the retry must clear it.
             const CHAIN_MIN = (0xffffffffn << 32n) | 4000000000n; // well above the wall-clock priority
             let calls = 0;
             const submitStatement = vi.fn((stmt) => {
                 calls++;
-                return calls === 1 ? errAsync(new ExpiryTooLowError(stmt.expiry ?? 0n, CHAIN_MIN)) : okAsync(undefined);
+                return calls === 1 ? errAsync(new PriorityError(stmt.expiry ?? 0n, CHAIN_MIN)) : okAsync(undefined);
             });
             const { session, adapter } = makeSession({ submitStatement });
             await delay();
@@ -968,14 +975,17 @@ describe('session', () => {
             expect(retried.expiry ?? 0n).toBeGreaterThan(CHAIN_MIN); // healed past the chain minimum
             session.dispose();
         }, 3000);
-        it('keeps retrying a live ExpiryTooLow past the transient-retry cap until it lands', async () => {
-            // ExpiryTooLow is a sync artifact, not a chain failure: while the submission is still live the
-            // session keeps retrying (resyncing each time) BEYOND MAX_SUBMIT_RETRIES until it lands, and
-            // never surfaces ExpiryTooLow to the caller. (A non-ExpiryTooLow error gives up at the cap —
+        it.each([
+            ['ExpiryTooLow', ExpiryTooLowError],
+            ['AccountFull', AccountFullError],
+        ])('keeps retrying a live %s past the transient-retry cap until it lands', async (_name, PriorityError) => {
+            // Priority errors are sync artifacts, not chain failures: while the submission is still live
+            // the session keeps retrying (resyncing each time) BEYOND MAX_SUBMIT_RETRIES until it lands,
+            // and never surfaces the error to the caller. (A non-priority error gives up at the cap —
             // see the test below.)
             const CHAIN_MIN = (0xffffffffn << 32n) | 4000000000n;
             let calls = 0;
-            const submitStatement = vi.fn((stmt) => ++calls <= 6 ? errAsync(new ExpiryTooLowError(stmt.expiry ?? 0n, CHAIN_MIN)) : okAsync(undefined));
+            const submitStatement = vi.fn((stmt) => ++calls <= 6 ? errAsync(new PriorityError(stmt.expiry ?? 0n, CHAIN_MIN)) : okAsync(undefined));
             const { session } = makeSession({ submitStatement });
             await delay();
             const errorSpy = vi.spyOn(console, 'error').mockImplementation(() => undefined);
@@ -986,7 +996,7 @@ describe('session', () => {
                 await new Promise(resolve => setTimeout(resolve, 300)); // 6 retries × 25ms backoff + slack
                 expect(calls).toBeGreaterThanOrEqual(7); // retried well past the 3-attempt cap, then landed
                 expect(errorSpy).not.toHaveBeenCalledWith('submitRequest failed:', expect.anything());
-                expect(waiterRejected).toBe(false); // ExpiryTooLow never surfaced to the caller
+                expect(waiterRejected).toBe(false); // the priority error never surfaced to the caller
             }
             finally {
                 errorSpy.mockRestore();

package/dist/session/statementProver.js

@@ -1,7 +1,7 @@
+import { fromHex } from '@novasamatech/scale';
 import { getStatementSigner, statementCodec } from '@novasamatech/sdk-statement';
-import { compact } from '@polkadot-api/substrate-bindings';
 import { errAsync, fromPromise, fromThrowable, okAsync } from 'neverthrow';
-import { fromHex } from 'polkadot-api/utils';
+import { compact } from 'scale-ts';
 import { deriveSlotAccountPublicKey, deriveSr25519PublicKey, signSlotAccountSecret, signWithSr25519Secret, verifySlotAccountSignature, verifySr25519Signature, } from '../crypto.js';
 import { toError } from '../helpers.js';
 function createSr25519SchemeProver(secret, scheme) {

package/dist/submit/allocator.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Priority epoch base: seconds at 2025-11-15T00:00:00Z. The low word is a u32 priority counted FROM
+ * this epoch (spec §1), not the raw Unix timestamp. iOS (StatementPriorityFactory.unixOffset) and
+ * Android subtract the same offset; omitting it makes the TS low word ~1.76e9 larger than every
+ * mobile client's, so any cross-client or shared-channel priority comparison would always rank a
+ * TS-written statement above a mobile-written one. Keeping the base aligned removes that landmine.
+ */
+export declare const PRIORITY_EPOCH_OFFSET = 1763164800n;
+/**
+ * Strictly-increasing source of statement expiries for one signing account,
+ * with a floor that can be raised to a chain-reported minimum.
+ *
+ * Layout: u64 = (0xFFFFFFFF << 32) | priority — see the module doc above.
+ * Supersession and account-quota eviction compare the whole u64 with
+ * strictly-greater semantics, so every writer signing with the SAME account
+ * must draw from ONE allocator instance: independent counters produce
+ * same-second priority ties that the store rejects.
+ */
+export type ExpiryAllocator = {
+    /** Next expiry: wall-clock-floored priority, bumped to stay strictly increasing. */
+    next(): bigint;
+    /**
+     * Adopt a chain-reported minimum (`AccountFullError` / `ExpiryTooLowError`
+     * `.min`, or the max expiry seen in channel history) so the next `next()`
+     * clears it. The chain is the source of truth for the floor; recomputing
+     * from the wall clock can never clear a pinned-high minimum.
+     */
+    raiseFloor(min: bigint): void;
+};
+export declare function createExpiryAllocator(): ExpiryAllocator;

package/dist/submit/allocator.js

@@ -0,0 +1,35 @@
+/**
+ * Statement expiry/priority, u64 = (expiration_epoch << 32) | priority (spec layout).
+ * We pin the high word to 0xFFFFFFFF (max → effectively non-expiring, matching iOS &
+ * Android) and use the low word as a wall-clock-floored monotonic priority, so channel
+ * supersession is driven by the priority regardless of how the store compares the field.
+ */
+const NEVER_EXPIRE_HIGH = 0xffffffffn;
+/**
+ * Priority epoch base: seconds at 2025-11-15T00:00:00Z. The low word is a u32 priority counted FROM
+ * this epoch (spec §1), not the raw Unix timestamp. iOS (StatementPriorityFactory.unixOffset) and
+ * Android subtract the same offset; omitting it makes the TS low word ~1.76e9 larger than every
+ * mobile client's, so any cross-client or shared-channel priority comparison would always rank a
+ * TS-written statement above a mobile-written one. Keeping the base aligned removes that landmine.
+ */
+export const PRIORITY_EPOCH_OFFSET = 1763164800n;
+/** Returns a value strictly greater than `current` (i.e. `max(current + 1, now-priority)`). */
+function nextExpiry(current) {
+    const nowSecs = BigInt(Math.floor(Date.now() / 1000));
+    const priority = nowSecs > PRIORITY_EPOCH_OFFSET ? nowSecs - PRIORITY_EPOCH_OFFSET : 0n;
+    const timestampPriority = (NEVER_EXPIRE_HIGH << 32n) | priority;
+    return timestampPriority > current ? timestampPriority : current + 1n;
+}
+export function createExpiryAllocator() {
+    let current = 0n;
+    return {
+        next() {
+            current = nextExpiry(current);
+            return current;
+        },
+        raiseFloor(min) {
+            if (min > current)
+                current = min;
+        },
+    };
+}

package/dist/submit/allocator.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/submit/allocator.spec.js

@@ -0,0 +1,42 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { PRIORITY_EPOCH_OFFSET, createExpiryAllocator } from './allocator.js';
+const NOW_SECS = 1_790_000_000; // 2026-09-22, safely past the 2025-11-15 priority epoch
+describe('createExpiryAllocator', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+        vi.setSystemTime(NOW_SECS * 1000);
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    it('pins the high 32 bits to 0xFFFFFFFF and counts the low word from the priority epoch', () => {
+        const allocator = createExpiryAllocator();
+        const expiry = allocator.next();
+        expect(expiry >> 32n).toBe(0xffffffffn);
+        expect(expiry & 0xffffffffn).toBe(BigInt(NOW_SECS) - PRIORITY_EPOCH_OFFSET);
+    });
+    it('is strictly monotonic within the same second', () => {
+        const allocator = createExpiryAllocator();
+        const first = allocator.next();
+        const second = allocator.next();
+        expect(second).toBe(first + 1n);
+    });
+    it('jumps above a raised floor so the next submit clears the chain minimum', () => {
+        const allocator = createExpiryAllocator();
+        const chainMin = (0xffffffffn << 32n) | 4000000000n; // a poisoned account's minimum
+        allocator.raiseFloor(chainMin);
+        expect(allocator.next()).toBeGreaterThan(chainMin);
+    });
+    it('ignores a floor below the current value', () => {
+        const allocator = createExpiryAllocator();
+        const before = allocator.next();
+        allocator.raiseFloor(0n);
+        expect(allocator.next()).toBeGreaterThan(before);
+    });
+    it('keeps independent instances independent', () => {
+        const a = createExpiryAllocator();
+        const b = createExpiryAllocator();
+        a.raiseFloor((0xffffffffn << 32n) | 4000000000n);
+        expect(b.next() & 0xffffffffn).toBe(BigInt(NOW_SECS) - PRIORITY_EPOCH_OFFSET);
+    });
+});

package/dist/submit/retry.d.ts

@@ -0,0 +1,32 @@
+import { ResultAsync } from 'neverthrow';
+import { AccountFullError, ExpiryTooLowError } from '../adapter/types.js';
+/**
+ * AccountFull / ExpiryTooLow are priority errors: never a chain/statement
+ * failure, only a sign the submitter's expiry lagged the chain's priority
+ * floor (channel supersession for ExpiryTooLow, account-quota eviction for
+ * AccountFull — both report the minimum to clear).
+ */
+export declare function isPriorityTooLow(error: unknown): error is ExpiryTooLowError | AccountFullError;
+export type SubmitRetryOptions = {
+    /** Retry budget for non-priority (transient infra) errors. 0 = propagate immediately. */
+    attempts: number;
+    /**
+     * Retry budget for priority errors. A number gives bounded retries then
+     * propagation (for callers with their own outer retry/outbox). 'unbounded'
+     * retries while `shouldRetry()` holds and, once it no longer does, settles a
+     * priority rejection as success — the submission lost the channel race to a
+     * newer statement, which is benign (session semantics).
+     */
+    priorityAttempts: number | 'unbounded';
+    /** Backoff before each retry: a constant, or a per-retry schedule (last entry repeats). */
+    delaysMs: number | number[];
+    /** Liveness gate, re-checked before every retry. Default: always live. */
+    shouldRetry?: () => boolean;
+    /** Observe each scheduled retry (logging hook). `attempt` is 0-based. */
+    onRetry?: (info: {
+        attempt: number;
+        delayMs: number;
+        error: Error;
+    }) => void;
+};
+export declare function submitWithRetry(submit: () => ResultAsync<void, Error>, options: SubmitRetryOptions): ResultAsync<void, Error>;

package/dist/submit/retry.js

@@ -0,0 +1,52 @@
+import { ResultAsync, err, ok } from 'neverthrow';
+import { AccountFullError, ExpiryTooLowError } from '../adapter/types.js';
+/**
+ * AccountFull / ExpiryTooLow are priority errors: never a chain/statement
+ * failure, only a sign the submitter's expiry lagged the chain's priority
+ * floor (channel supersession for ExpiryTooLow, account-quota eviction for
+ * AccountFull — both report the minimum to clear).
+ */
+export function isPriorityTooLow(error) {
+    return error instanceof ExpiryTooLowError || error instanceof AccountFullError;
+}
+function delayFor(delaysMs, attempt) {
+    if (typeof delaysMs === 'number')
+        return delaysMs;
+    return delaysMs[Math.min(attempt, delaysMs.length - 1)] ?? 0;
+}
+export function submitWithRetry(submit, options) {
+    const { attempts, priorityAttempts, delaysMs, shouldRetry = () => true, onRetry } = options;
+    // How to settle once we stop retrying: under the 'unbounded' policy a
+    // no-longer-live submission rejected with a priority error simply lost the
+    // channel race to a newer, higher-priority statement — benign, so report success.
+    const settle = (error) => priorityAttempts === 'unbounded' && !shouldRetry() && isPriorityTooLow(error) ? ok() : err(error);
+    // Iterative on purpose: a recursive ResultAsync chain holds one pending wrapper
+    // promise per attempt, which grows without bound under 'unbounded' retries.
+    const run = async () => {
+        let attemptsLeft = attempts;
+        let priorityLeft = priorityAttempts;
+        for (let attempt = 0;; attempt++) {
+            const result = await submit();
+            if (result.isOk())
+                return result;
+            const error = result.error;
+            const priority = isPriorityTooLow(error);
+            const budgetLeft = priority ? priorityLeft : attemptsLeft;
+            if (!shouldRetry() || (typeof budgetLeft === 'number' && budgetLeft <= 0))
+                return settle(error);
+            const delayMs = delayFor(delaysMs, attempt);
+            onRetry?.({ attempt, delayMs, error });
+            if (priority) {
+                if (priorityLeft !== 'unbounded')
+                    priorityLeft -= 1;
+            }
+            else {
+                attemptsLeft -= 1;
+            }
+            await new Promise(resolve => setTimeout(resolve, delayMs));
+            if (!shouldRetry())
+                return settle(error);
+        }
+    };
+    return new ResultAsync(run());
+}

package/dist/submit/retry.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/submit/retry.spec.js

@@ -0,0 +1,105 @@
+import { errAsync, okAsync } from 'neverthrow';
+import { describe, expect, it, vi } from 'vitest';
+import { AccountFullError, ExpiryTooLowError } from '../adapter/types.js';
+import { isPriorityTooLow, submitWithRetry } from './retry.js';
+const FAST = { delaysMs: 1 }; // keep wall-clock time negligible
+describe('isPriorityTooLow', () => {
+    it('matches exactly the two priority error classes', () => {
+        expect(isPriorityTooLow(new AccountFullError(0n, 1n))).toBe(true);
+        expect(isPriorityTooLow(new ExpiryTooLowError(0n, 1n))).toBe(true);
+        expect(isPriorityTooLow(new Error('store rejected'))).toBe(false);
+    });
+});
+describe('submitWithRetry', () => {
+    it("priorityAttempts 'unbounded': priority errors retry past the non-priority budget until they land", async () => {
+        let calls = 0;
+        const submit = vi.fn(() => ++calls <= 6 ? errAsync(new AccountFullError(0n, 1n)) : okAsync(undefined));
+        const result = await submitWithRetry(submit, { ...FAST, attempts: 3, priorityAttempts: 'unbounded' });
+        expect(result.isOk()).toBe(true);
+        expect(calls).toBe(7);
+    });
+    it("priorityAttempts 'unbounded': a no-longer-live priority rejection settles as success", async () => {
+        const submit = vi.fn(() => errAsync(new ExpiryTooLowError(0n, 1n)));
+        const result = await submitWithRetry(submit, {
+            ...FAST,
+            attempts: 3,
+            priorityAttempts: 'unbounded',
+            shouldRetry: () => false,
+        });
+        expect(result.isOk()).toBe(true); // lost the channel race — benign
+        expect(submit).toHaveBeenCalledTimes(1);
+    });
+    it('priorityAttempts budgeted: priority errors consume their budget then propagate', async () => {
+        const submit = vi.fn(() => errAsync(new AccountFullError(0n, 1n)));
+        const result = await submitWithRetry(submit, { ...FAST, attempts: 0, priorityAttempts: 3 });
+        expect(result.isErr()).toBe(true);
+        expect(result._unsafeUnwrapErr()).toBeInstanceOf(AccountFullError);
+        expect(submit).toHaveBeenCalledTimes(4); // 1 initial + 3 retries
+    });
+    it('attempts 0: a non-priority error propagates immediately', async () => {
+        const submit = vi.fn(() => errAsync(new Error('store rejected')));
+        const result = await submitWithRetry(submit, { ...FAST, attempts: 0, priorityAttempts: 3 });
+        expect(result.isErr()).toBe(true);
+        expect(submit).toHaveBeenCalledTimes(1);
+    });
+    it('non-priority errors consume the attempts budget then propagate', async () => {
+        const submit = vi.fn(() => errAsync(new Error('store rejected')));
+        const result = await submitWithRetry(submit, { ...FAST, attempts: 2, priorityAttempts: 'unbounded' });
+        expect(result.isErr()).toBe(true);
+        expect(submit).toHaveBeenCalledTimes(3); // 1 initial + 2 retries
+    });
+    it('per-attempt delay schedule is honored and reported via onRetry', async () => {
+        let calls = 0;
+        const submit = vi.fn(() => ++calls <= 2 ? errAsync(new AccountFullError(0n, 1n)) : okAsync(undefined));
+        const seen = [];
+        const result = await submitWithRetry(submit, {
+            attempts: 0,
+            priorityAttempts: 3,
+            delaysMs: [1, 2, 3],
+            onRetry: ({ attempt, delayMs }) => seen.push({ attempt, delayMs }),
+        });
+        expect(result.isOk()).toBe(true);
+        expect(seen).toEqual([
+            { attempt: 0, delayMs: 1 },
+            { attempt: 1, delayMs: 2 },
+        ]);
+    });
+    it('a negative budget propagates immediately instead of looping', async () => {
+        const submit = vi.fn(() => errAsync(new Error('store rejected')));
+        const result = await submitWithRetry(submit, { ...FAST, attempts: -1, priorityAttempts: 3 });
+        expect(result.isErr()).toBe(true);
+        expect(submit).toHaveBeenCalledTimes(1);
+    });
+    it('a shouldRetry flip during the backoff settles a priority rejection as success', async () => {
+        let live = true;
+        const submit = vi.fn(() => {
+            queueMicrotask(() => {
+                live = false; // superseded while the backoff sleep is pending
+            });
+            return errAsync(new ExpiryTooLowError(0n, 1n));
+        });
+        const result = await submitWithRetry(submit, {
+            ...FAST,
+            attempts: 0,
+            priorityAttempts: 'unbounded',
+            shouldRetry: () => live,
+        });
+        expect(result.isOk()).toBe(true); // settled after the delay, no second attempt
+        expect(submit).toHaveBeenCalledTimes(1);
+    });
+    it('shouldRetry is re-checked before each retry and stops the loop', async () => {
+        let live = true;
+        const submit = vi.fn(() => {
+            live = false; // superseded after the first attempt
+            return errAsync(new Error('store rejected'));
+        });
+        const result = await submitWithRetry(submit, {
+            ...FAST,
+            attempts: 3,
+            priorityAttempts: 'unbounded',
+            shouldRetry: () => live,
+        });
+        expect(result.isErr()).toBe(true); // non-priority + not live → propagate, no settle
+        expect(submit).toHaveBeenCalledTimes(1);
+    });
+});

package/dist/submit/submitStatement.d.ts

@@ -0,0 +1,28 @@
+import type { ResultAsync } from 'neverthrow';
+import type { StatementStoreAdapter } from '../adapter/types.js';
+import type { StatementProver } from '../session/statementProver.js';
+import type { ExpiryAllocator } from './allocator.js';
+import type { SubmitRetryOptions } from './retry.js';
+export type SubmitStatementParams = {
+    statementStore: StatementStoreAdapter;
+    prover: StatementProver;
+    /**
+     * Shared per-signing-account expiry source
+     **/
+    allocator: ExpiryAllocator;
+    channel: Uint8Array;
+    topics: Uint8Array[];
+    /**
+     * Opaque payload — encryption (if any) is the caller's concern.
+     **/
+    data: Uint8Array;
+};
+/**
+ * One submit attempt: allocate the next expiry, build and prove the
+ * statement, submit it, and on a priority rejection adopt the chain-reported
+ * minimum into the allocator so the NEXT attempt clears it.
+ */
+export declare function submitStatementOnce(params: SubmitStatementParams): ResultAsync<void, Error>;
+export declare function signAndSubmitStatement(params: SubmitStatementParams & {
+    retry: SubmitRetryOptions;
+}): ResultAsync<void, Error>;

package/dist/submit/submitStatement.js

@@ -0,0 +1,28 @@
+import { toHex } from '@novasamatech/scale';
+import { isPriorityTooLow, submitWithRetry } from './retry.js';
+/**
+ * One submit attempt: allocate the next expiry, build and prove the
+ * statement, submit it, and on a priority rejection adopt the chain-reported
+ * minimum into the allocator so the NEXT attempt clears it.
+ */
+export function submitStatementOnce(params) {
+    const { statementStore, prover, allocator, channel, topics, data } = params;
+    const unsigned = {
+        expiry: allocator.next(),
+        channel: toHex(channel),
+        topics: topics.map(toHex),
+        data,
+    };
+    return prover
+        .generateMessageProof(unsigned)
+        .andThen(statementStore.submitStatement)
+        .orTee(error => {
+        // The chain is the source of truth for the account/channel priority floor.
+        if (isPriorityTooLow(error)) {
+            allocator.raiseFloor(error.min);
+        }
+    });
+}
+export function signAndSubmitStatement(params) {
+    return submitWithRetry(() => submitStatementOnce(params), params.retry);
+}

package/dist/submit/submitStatement.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/submit/submitStatement.spec.js

@@ -0,0 +1,99 @@
+import { errAsync, okAsync } from 'neverthrow';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { AccountFullError } from '../adapter/types.js';
+import { createExpiryAllocator } from './allocator.js';
+import { signAndSubmitStatement, submitStatementOnce } from './submitStatement.js';
+const NOW_SECS = 1_790_000_000;
+// Passthrough prover: "signs" by returning the statement unchanged.
+const fakeProver = {
+    generateMessageProof: (stmt) => okAsync(stmt),
+};
+function makeStore(failFirstWithMin) {
+    const submitted = [];
+    let calls = 0;
+    const adapter = {
+        submitStatement: vi.fn((stmt) => {
+            submitted.push(stmt);
+            calls += 1;
+            return failFirstWithMin !== undefined && calls === 1
+                ? errAsync(new AccountFullError(stmt.expiry ?? 0n, failFirstWithMin))
+                : okAsync(undefined);
+        }),
+    };
+    return { adapter, submitted };
+}
+const baseParams = (adapter) => ({
+    statementStore: adapter,
+    prover: fakeProver,
+    allocator: createExpiryAllocator(),
+    channel: new Uint8Array(32),
+    topics: [new Uint8Array(32)],
+    data: new Uint8Array([1]),
+});
+describe('submitStatementOnce', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+        vi.setSystemTime(NOW_SECS * 1000);
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    it('submits with the pinned-high expiry layout', async () => {
+        const { adapter, submitted } = makeStore();
+        const result = await submitStatementOnce(baseParams(adapter));
+        expect(result.isOk()).toBe(true);
+        expect(submitted).toHaveLength(1);
+        expect((submitted[0].expiry ?? 0n) >> 32n).toBe(0xffffffffn);
+    });
+    it('raises the allocator floor on a priority rejection so the next attempt clears the minimum', async () => {
+        const chainMin = (0xffffffffn << 32n) | 4000000000n;
+        const { adapter, submitted } = makeStore(chainMin);
+        const params = baseParams(adapter);
+        const first = await submitStatementOnce(params);
+        const second = await submitStatementOnce(params);
+        expect(first.isErr()).toBe(true);
+        expect(second.isOk()).toBe(true);
+        expect(submitted[1].expiry ?? 0n).toBeGreaterThan(chainMin); // adopted min, not wall clock
+    });
+});
+describe('signAndSubmitStatement', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+        vi.setSystemTime(NOW_SECS * 1000);
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    it('retries a priority rejection above the chain-reported minimum within the priority budget', async () => {
+        const chainMin = (0xffffffffn << 32n) | 4000000000n;
+        const { adapter, submitted } = makeStore(chainMin);
+        const promise = signAndSubmitStatement({
+            ...baseParams(adapter),
+            retry: { attempts: 0, priorityAttempts: 3, delaysMs: [500, 1500, 3000] },
+        });
+        await vi.advanceTimersByTimeAsync(600); // cover the 500ms first backoff
+        const result = await promise;
+        expect(result.isOk()).toBe(true);
+        expect(submitted).toHaveLength(2);
+        expect(submitted[1].expiry ?? 0n).toBeGreaterThan(chainMin);
+    });
+    it('propagates after exhausting the priority budget on a persistent rejection', async () => {
+        const submitted = [];
+        const adapter = {
+            submitStatement: vi.fn((stmt) => {
+                submitted.push(stmt);
+                // Chain min keeps rising above whatever we submit — never lands.
+                return errAsync(new AccountFullError(stmt.expiry ?? 0n, (stmt.expiry ?? 0n) + 1000000n));
+            }),
+        };
+        const promise = signAndSubmitStatement({
+            ...baseParams(adapter),
+            retry: { attempts: 0, priorityAttempts: 3, delaysMs: 1 },
+        });
+        await vi.advanceTimersByTimeAsync(50);
+        const result = await promise;
+        expect(result.isErr()).toBe(true);
+        expect(result._unsafeUnwrapErr()).toBeInstanceOf(AccountFullError);
+        expect(submitted).toHaveLength(4); // 1 initial + 3 priority retries
+    });
+});

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@novasamatech/statement-store",
   "type": "module",
-  "version": "0.8.7-2",
+  "version": "0.8.7-4",
   "description": "Statement store integration",
   "license": "Apache-2.0",
   "repository": {
@@ -25,9 +25,9 @@
     "README.md"
   ],
   "dependencies": {
-    "@novasamatech/scale": "0.8.7-2",
+    "@novasamatech/scale": "0.8.7-4",
     "@novasamatech/sdk-statement": "^0.6.0",
-    "@novasamatech/substrate-slot-sr25519-wasm": "0.8.7-2",
+    "@novasamatech/substrate-slot-sr25519-wasm": "0.8.7-4",
     "@polkadot-api/substrate-bindings": "^0.20.3",
     "@polkadot-api/substrate-client": "^0.7.0",
     "@polkadot-labs/hdkd-helpers": "^0.0.30",