@oma3/omatrust 0.1.0-alpha.12 → 0.1.0-alpha.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{index-B5OC9_8B.d.cts → index-CnWY9arI.d.cts} +135 -3
- package/dist/{index-C6WNgPRx.d.ts → index-DREQRFIE.d.ts} +135 -3
- package/dist/index.cjs +299 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +299 -0
- package/dist/index.js.map +1 -1
- package/dist/reputation/index.cjs +398 -14
- package/dist/reputation/index.cjs.map +1 -1
- package/dist/reputation/index.d.cts +1 -1
- package/dist/reputation/index.d.ts +1 -1
- package/dist/reputation/index.js +377 -15
- package/dist/reputation/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/shared/errors.ts","../src/shared/assert.ts","../src/identity/index.ts","../src/identity/caip.ts","../src/identity/jwk.ts","../src/identity/did.ts","../src/identity/did-url.ts","../src/shared/did-document.ts","../src/identity/resolve-key.ts","../src/identity/controller-id.ts","../src/identity/types.ts","../src/identity/data.ts","../src/identity/artifact.ts","../src/identity/did-migration.ts","../src/reputation/index.ts","../src/reputation/encode.ts","../src/reputation/internal.ts","../src/reputation/eas-adapter.ts","../src/reputation/submit.ts","../src/reputation/revoke.ts","../src/reputation/delegated.ts","../src/reputation/query.ts","../src/reputation/proof/tx-encoded-value.ts","../src/reputation/proof/did-json.ts","../src/reputation/proof/eip712.ts","../src/reputation/proof/dns-txt-record.ts","../src/reputation/proof/x402-jws.ts","../src/reputation/proof/x402-eip712.ts","../src/reputation/verify.ts","../src/reputation/schema.ts","../src/reputation/witness.ts","../src/reputation/contract-ownership.ts","../src/shared/trust-anchors.ts","../src/reputation/proof/dns-txt-shared.ts","../src/reputation/attester-authorization.ts","../src/reputation/proof/tx-interaction.ts","../src/reputation/proof/pop-eip712.ts","../src/reputation/proof/pop-jws.ts","../src/reputation/proof/x402.ts","../src/reputation/proof/x402-verify.ts","../src/reputation/proof/evidence-pointer.ts","../src/reputation/proof/dns-txt.ts","../src/reputation/subject-ownership.ts","../src/reputation/schema-proof-verification.ts","../src/app-registry/index.ts","../src/app-registry/traits.ts","../src/app-registry/interfaces.ts","../src/app-registry/status.ts","../src/app-registry/version.ts","../src/app-registry/metadata-keys.ts","../src/app-registry/data-hash.ts"],"names":["code","base64url","id","keccak256","toUtf8Bytes","sha256","digest","digestHex","isAddress","getAddress","verifyDnsTxtControllerDid","ZeroAddress","EAS","canonicalize","REQUIRED_OFFER_FIELDS","REQUIRED_RECEIPT_FIELDS","validateOfferPayload","validateReceiptPayload","failure","verifyTypedData","message","EAS_EVENT_ABI","Contract"],"mappings":";;;;;;;;;;;;;;;;;;AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,IAAA;AAAA,EACA,OAAA;AAAA,EAEA,WAAA,CAAYA,KAAAA,EAAc,OAAA,EAAiB,OAAA,EAAmB;AAC5D,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAOA,KAAAA;AACZ,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AACF;AAEO,SAAS,eAAA,CACdA,KAAAA,EACA,OAAA,EACA,OAAA,EACe;AACf,EAAA,OAAO,IAAI,aAAA,CAAcA,KAAAA,EAAM,OAAA,EAAS,OAAO,CAAA;AACjD;;;AChBO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA0C;AAC1G,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,MAAM,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AAC1D,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,2BAAA,CAAA,EAA+B,EAAE,OAAO,CAAA;AAAA,EAC/E;AACF;AAEO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA0C;AAC1G,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,MAAA,CAAO,KAAA,CAAM,KAAK,CAAA,EAAG;AACpD,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,uBAAA,CAAA,EAA2B,EAAE,OAAO,CAAA;AAAA,EAC3E;AACF;AAEO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA2D;AAC3H,EAAA,IAAI,CAAC,SAAS,OAAO,KAAA,KAAU,YAAY,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AAC/D,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,kBAAA,CAAA,EAAsB,EAAE,OAAO,CAAA;AAAA,EACtE;AACF;AAEO,SAAS,QAAQ,GAAA,EAAqB;AAC3C,EAAA,IAAI,eAAe,KAAA,EAAO;AACxB,IAAA,OAAO,GAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAI,KAAA,CAAM,MAAA,CAAO,GAAG,CAAC,CAAA;AAC9B;;;ACzBA,IAAA,gBAAA,GAAA;AAAA,QAAA,CAAA,gBAAA,EAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;;;ACgBA,IAAM,aAAA,GAAgB,uEAAA;AACtB,IAAM,YAAA,GAAe,wDAAA;AAEd,SAAS,YAAY,KAAA,EAA6B;AACvD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,cAAc,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,aAAa,CAAA;AACzC,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,wBAAA,EAA0B,EAAE,OAAO,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,OAAA;AAE7B,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,IAAa,CAAC,OAAA,EAAS;AACxC,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EACjF;AAEA,EAAA,OAAO,EAAE,SAAA,EAAW,SAAA,EAAW,OAAA,EAAQ;AACzC;AAEO,SAAS,WAAA,CAAY,SAAA,EAAmB,SAAA,EAAmB,OAAA,EAAyB;AACzF,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,cAAc,CAAA;AAC/C,EAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,SAAS,IAAI,OAAO,CAAA,CAAA;AAC7C;AAEO,SAAS,gBAAgB,KAAA,EAAuB;AACrD,EAAA,MAAM,MAAA,GAAS,YAAY,KAAK,CAAA;AAChC,EAAA,MAAM,SAAA,GAAY,MAAA,CAAO,SAAA,CAAU,WAAA,EAAY;AAC/C,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA;AAEzB,EAAA,IAAI,UAAU,MAAA,CAAO,OAAA;AACrB,EAAA,IAAI,cAAc,QAAA,EAAU;AAC1B,IAAA,OAAA,GAAU,QAAQ,WAAA,EAAY;AAAA,EAChC;AAEA,EAAA,OAAO,WAAA,CAAY,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAClD;AAEO,SAAS,UAAA,CAAW,WAAmB,SAAA,EAA2B;AACvE,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAClC;AAEO,SAAS,WAAW,KAAA,EAA4B;AACrD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,cAAc,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,YAAY,CAAA;AACxC,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,uBAAA,EAAyB,EAAE,OAAO,CAAA;AAAA,EAC5E;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,EAAW;AAC5B,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,2BAAA,EAA6B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO,EAAE,WAAW,SAAA,EAAU;AAChC;AC1CA,IAAM,4BAAY,IAAI,GAAA,CAAI,CAAC,IAAA,EAAM,KAAA,EAAO,KAAK,CAAC,CAAA;AAG9C,IAAM,kBAAA,mBAAqB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,KAAK,CAAC,CAAA;AAM3E,IAAM,sBAAA,GAAmD;AAAA,EACvD,EAAA,EAAI,CAAC,KAAA,EAAO,GAAA,EAAK,GAAG,CAAA;AAAA,EACpB,GAAA,EAAK,CAAC,KAAA,EAAO,GAAG,CAAA;AAAA,EAChB,GAAA,EAAK,CAAC,GAAA,EAAK,GAAG;AAChB,CAAA;AAeO,SAAS,kBAAkB,GAAA,EAAmC;AACnE,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,+BAAA,EAAgC;AAAA,EAChE;AAEA,EAAA,MAAM,GAAA,GAAM,GAAA;AAGZ,EAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA,EAAG;AAClD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,KAAA,EAAO,2CAA2C,CAAC,GAAG,SAAS,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,KAC7E;AAAA,EACF;AAGA,EAAA,KAAA,MAAW,SAAS,kBAAA,EAAoB;AACtC,IAAA,IAAI,SAAS,GAAA,EAAK;AAChB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,KAAA,EAAO,mCAAmC,KAAK,CAAA,qCAAA;AAAA,OACjD;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,QAAA,GAAW,uBAAuB,GAAG,CAAA;AAC3C,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,KAAA,MAAW,SAAS,QAAA,EAAU;AAC5B,MAAA,IAAI,EAAE,KAAA,IAAS,GAAA,CAAA,IAAQ,GAAA,CAAI,KAAK,CAAA,KAAM,MAAA,IAAa,GAAA,CAAI,KAAK,CAAA,KAAM,IAAA,IAAQ,GAAA,CAAI,KAAK,MAAM,EAAA,EAAI;AAC3F,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,KAAA;AAAA,UACP,KAAA,EAAO,CAAA,mCAAA,EAAsC,KAAK,CAAA,WAAA,EAAc,GAAG,CAAA,CAAA;AAAA,SACrE;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAUA,SAAS,oBAAoB,GAAA,EAAsC;AACjE,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,IAAA,CAAK,GAAG,EAAE,IAAA,EAAK;AACrC,EAAA,MAAM,MAA+B,EAAC;AACtC,EAAA,KAAA,MAAW,OAAO,MAAA,EAAQ;AACxB,IAAA,GAAA,CAAI,GAAG,CAAA,GAAI,GAAA,CAAI,GAAG,CAAA;AAAA,EACpB;AACA,EAAA,OAAO,IAAA,CAAK,UAAU,GAAG,CAAA;AAC3B;AAYO,SAAS,YAAY,GAAA,EAAsB;AAChD,EAAA,YAAA,CAAa,GAAA,EAAK,OAAO,aAAa,CAAA;AAEtC,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,UAAA,CAAW,SAAS,oBAAA,EAAsB,EAAE,KAAK,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,SAAA,GAAY,oBAAoB,GAA8B,CAAA;AACpE,EAAA,MAAM,OAAA,GAAU,UAAU,MAAA,CAAO,IAAI,aAAY,CAAE,MAAA,CAAO,SAAS,CAAC,CAAA;AACpE,EAAA,OAAO,WAAW,OAAO,CAAA,CAAA;AAC3B;AAYO,SAAS,YAAY,MAAA,EAA2B;AACrD,EAAA,IAAI,OAAO,MAAA,KAAW,QAAA,IAAY,CAAC,MAAA,CAAO,UAAA,CAAW,UAAU,CAAA,EAAG;AAChE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0BAA0B,EAAE,KAAA,EAAO,QAAQ,CAAA;AAAA,EACpF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,mDAAA,EAAqD;AAAA,MAC1F,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,EAAA,IAAI,CAAC,OAAA,IAAW,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0CAAA,EAA4C;AAAA,MACjF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AACtC,IAAA,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,EAC1C,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+CAAA,EAAiD;AAAA,MACtF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,IAAA,CAAK,MAAM,OAAO,CAAA;AAAA,EAC1B,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,8CAAA,EAAgD;AAAA,MACrF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,uCAAA,EAAyC;AAAA,MAC9E,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,UAAA,CAAW,SAAS,+BAAA,EAAiC;AAAA,MAC1F,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA;AACT;AAUA,SAAS,uBAAuB,GAAA,EAAuD;AACrF,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,MAAM,cAAA,uBAAqB,GAAA,CAAI,CAAC,OAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAK,CAAC,CAAA;AAEtE,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AAC9C,IAAA,IAAI,kBAAA,CAAmB,GAAA,CAAI,GAAG,CAAA,EAAG;AACjC,IAAA,IAAI,cAAA,CAAe,GAAA,CAAI,GAAG,CAAA,EAAG;AAC7B,IAAA,MAAA,CAAO,GAAG,CAAA,GAAI,KAAA;AAAA,EAChB;AAEA,EAAA,OAAO,MAAA;AACT;AAcO,SAAS,eAAA,CAAgB,GAAY,CAAA,EAAqB;AAC/D,EAAA,YAAA,CAAa,CAAA,EAAG,KAAK,aAAa,CAAA;AAClC,EAAA,YAAA,CAAa,CAAA,EAAG,KAAK,aAAa,CAAA;AAElC,EAAA,MAAM,IAAA,GAAO,CAAA;AACb,EAAA,MAAM,IAAA,GAAO,CAAA;AAGb,EAAA,KAAA,MAAW,SAAS,kBAAA,EAAoB;AACtC,IAAA,IAAI,SAAS,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,yCAAyC,KAAK,CAAA,CAAA,CAAA;AAAA,QAC9C,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AACA,IAAA,IAAI,SAAS,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,0CAA0C,KAAK,CAAA,CAAA,CAAA;AAAA,QAC/C,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,uBAAuB,IAAI,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,uBAAuB,IAAI,CAAA;AAG3C,EAAA,OAAO,mBAAA,CAAoB,OAAO,CAAA,KAAM,mBAAA,CAAoB,OAAO,CAAA;AACrE;AAoBA,eAAsB,oBAAA,CACpB,GAAA,EACA,eAAA,GAAkD,QAAA,EACjC;AACjB,EAAA,YAAA,CAAa,GAAA,EAAK,OAAO,aAAa,CAAA;AAEtC,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,UAAA,CAAW,SAAS,oBAAA,EAAsB,EAAE,KAAK,CAAA;AAAA,EAC1F;AAGA,EAAA,MAAM,MAAM,eAAA,KAAoB,QAAA,GAAW,QAAA,GACvC,eAAA,KAAoB,WAAW,QAAA,GAC/B,QAAA;AAEJ,EAAA,OAAO,sBAAA,CAAuB,KAAqD,GAAG,CAAA;AACxF;AAUA,eAAsB,eAAe,GAAA,EAA+B;AAClE,EAAA,MAAM,UAAA,GAAa,MAAM,oBAAA,CAAqB,GAAA,EAAK,QAAQ,CAAA;AAC3D,EAAA,OAAO,YAAY,UAAU,CAAA,CAAA;AAC/B;;;AC5TA,IAAM,SAAA,GAAY,qBAAA;AAEX,SAAS,WAAW,GAAA,EAAsB;AAC/C,EAAA,OAAO,SAAA,CAAU,KAAK,GAAG,CAAA;AAC3B;AAEO,SAAS,iBAAiB,GAAA,EAAyB;AACxD,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,oBAAoB,CAAA;AAC5C,EAAA,OAAO,KAAA,GAAQ,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC5B;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,uBAAuB,CAAA;AAC/C,EAAA,OAAO,KAAA,GAAQ,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC5B;AAEO,SAAS,gBAAgB,MAAA,EAAwB;AACtD,EAAA,YAAA,CAAa,MAAA,EAAQ,UAAU,aAAa,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,IAAA,EAAK,CAAE,WAAA,EAAY,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA;AAC5E;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAE3B,EAAA,IAAI,OAAA,CAAQ,WAAW,MAAM,CAAA,IAAK,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACjE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,CAAW,UAAU,IAC5C,OAAA,CAAQ,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA,GAC/B,OAAA;AAEJ,EAAA,MAAM,CAAC,IAAA,EAAM,GAAG,SAAS,CAAA,GAAI,UAAA,CAAW,MAAM,GAAG,CAAA;AACjD,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,MAAM,cAAA,GAAiB,gBAAgB,IAAI,CAAA;AAC3C,EAAA,MAAM,IAAA,GAAO,UAAU,MAAA,GAAS,CAAA,GAAI,IAAI,SAAA,CAAU,IAAA,CAAK,GAAG,CAAC,CAAA,CAAA,GAAK,EAAA;AAChE,EAAA,OAAO,CAAA,QAAA,EAAW,cAAc,CAAA,EAAG,IAAI,CAAA,CAAA;AACzC;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA;AAC/B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,wBAAA,EAA0B,EAAE,OAAO,CAAA;AAAA,EAC5E;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAC1C,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,OAAA,IAAW,CAAC,OAAA,EAAS;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO,CAAA,QAAA,EAAW,UAAU,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA,EAAI,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA;AAC/E;AAEO,SAAS,mBAAmB,KAAA,EAAoB;AACrD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,aAAa,CAAA,EAAG;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,OAAO,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA;AAC/B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,2BAAA,EAA6B,EAAE,OAAO,CAAA;AAAA,EAC/E;AAEA,EAAA,MAAM,KAAK,QAAA,EAAU,QAAQ,CAAA,GAAI,KAAA;AACjC,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC1B,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+BAAA,EAAiC,EAAE,OAAO,CAAA;AAAA,EACnF;AAEA,EAAA,OAAO,CAAA,WAAA,EAAc,QAAA,CAAS,WAAA,EAAa,IAAI,QAAQ,CAAA,CAAA;AACzD;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,OAAO,OAAA;AACT;AAEO,SAAS,aAAa,KAAA,EAAoB;AAC/C,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAE1C,EAAA,MAAM,UAAU,KAAA,CAAM,IAAA,GAAO,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AAEzC,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC/B,IAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,EAChC;AAEA,EAAA,IAAI,CAAC,UAAA,CAAW,OAAO,CAAA,EAAG;AACxB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oBAAA,EAAsB,EAAE,OAAO,CAAA;AAAA,EACxE;AAEA,EAAA,MAAM,MAAA,GAAS,iBAAiB,OAAO,CAAA;AACvC,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,QAAA;AACH,MAAA,OAAO,mBAAmB,OAAO,CAAA;AAAA,IACnC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC;AACE,MAAA,OAAO,OAAA;AAAA;AAEb;AAEO,SAAS,eAAe,GAAA,EAAe;AAC5C,EAAA,MAAM,UAAA,GAAa,aAAa,GAAG,CAAA;AACnC,EAAA,OAAO,SAAA,CAAU,WAAA,CAAY,UAAU,CAAC,CAAA;AAC1C;AAEO,SAAS,kBAAkB,OAAA,EAAmB;AACnD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,aAAa,CAAA;AAC9C,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,OAAO,CAAA,EAAG;AACxC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,SAAS,CAAA;AAAA,EACnF;AAGA,EAAA,OAAO,KAAK,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA,CAAE,aAAa,CAAA,CAAA;AAC9C;AAEO,SAAS,aAAa,GAAA,EAAe;AAC1C,EAAA,OAAO,iBAAA,CAAkB,cAAA,CAAe,GAAG,CAAC,CAAA;AAC9C;AAEO,SAAS,kBAAA,CAAmB,KAAU,OAAA,EAAuB;AAClE,EAAA,IAAI;AACF,IAAA,OAAO,YAAA,CAAa,GAAG,CAAA,CAAE,WAAA,OAAkB,MAAA,CAAO,OAAO,EAAE,WAAA,EAAY;AAAA,EACzE,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEO,SAAS,YAAY,MAAA,EAAqB;AAC/C,EAAA,OAAO,CAAA,QAAA,EAAW,eAAA,CAAgB,MAAM,CAAC,CAAA,CAAA;AAC3C;AAEO,SAAS,WAAA,CACd,SAAA,EACA,OAAA,EACA,OAAA,EACK;AACL,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,aAAa,CAAA;AAClD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,aAAa,CAAA;AAC9C,EAAA,IAAI,OAAA,KAAY,EAAA,IAAM,OAAA,KAAY,IAAA,IAAQ,YAAY,MAAA,EAAW;AAC/D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,qBAAA,EAAuB,EAAE,SAAS,CAAA;AAAA,EAC3E;AACA,EAAA,OAAO,CAAA,QAAA,EAAW,UAAU,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA,EAAI,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA;AAC/E;AAEO,SAAS,cAAA,CAAe,SAA0B,OAAA,EAAsB;AAC7E,EAAA,OAAO,WAAA,CAAY,QAAA,EAAU,OAAA,EAAS,OAAO,CAAA;AAC/C;AAEO,SAAS,sBAAsB,MAAA,EAAqB;AACzD,EAAA,MAAM,MAAA,GAAS,YAAY,MAAM,CAAA;AACjC,EAAA,OAAO,YAAY,MAAA,CAAO,SAAA,EAAW,MAAA,CAAO,SAAA,EAAW,OAAO,OAAO,CAAA;AACvE;AAEA,SAAS,YAAY,GAAA,EAA0E;AAC7F,EAAA,IAAI,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAC1C,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,OAAA,IAAW,CAAC,OAAA,EAAS;AACtC,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,EAAE,SAAA,EAAW,OAAA,EAAS,OAAA,EAAQ;AACvC;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,OAAA,IAAW,IAAA;AACtC;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,OAAA,IAAW,IAAA;AACtC;AAEO,SAAS,uBAAuB,GAAA,EAAyB;AAC9D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,SAAA,IAAa,IAAA;AACxC;AAEO,SAAS,YAAY,GAAA,EAAmB;AAC7C,EAAA,OAAO,sBAAA,CAAuB,GAAG,CAAA,KAAM,QAAA;AACzC;AAEO,SAAS,oBAAoB,GAAA,EAAyB;AAC3D,EAAA,IAAI,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA;AAC9C,EAAA,MAAM,CAAC,MAAM,CAAA,GAAI,UAAA,CAAW,MAAM,GAAG,CAAA;AACrC,EAAA,OAAO,MAAA,IAAU,IAAA;AACnB;AAmBO,SAAS,sBAAsB,UAAA,EAA4B;AAChE,EAAA,YAAA,CAAa,UAAA,EAAY,cAAc,aAAa,CAAA;AAEpD,EAAA,IAAI,UAAA,CAAW,UAAA,CAAW,UAAU,CAAA,EAAG;AACrC,IAAA,MAAM,GAAA,GAAM,WAAA,CAAY,eAAA,CAAgB,UAAU,CAAC,CAAA;AACnD,IAAA,IAAI,CAAC,GAAA,EAAK;AACR,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,YAAY,CAAA;AAAA,IACrF;AACA,IAAA,OAAO,GAAA,CAAI,OAAA;AAAA,EACb;AAEA,EAAA,IAAI,UAAA,CAAW,UAAA,CAAW,WAAW,CAAA,EAAG;AACtC,IAAA,MAAM,QAAQ,UAAA,CAAW,OAAA,CAAQ,aAAa,EAAE,CAAA,CAAE,MAAM,GAAG,CAAA;AAC3D,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,KAAW,CAAA,GAAI,MAAM,CAAC,CAAA,GAAI,MAAM,CAAC,CAAA;AACvD,IAAA,IAAI,CAAC,OAAA,IAAW,CAAC,SAAA,CAAU,OAAO,CAAA,EAAG;AACnC,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,YAAY,CAAA;AAAA,IACtF;AACA,IAAA,OAAO,WAAW,OAAO,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,UAAA,CAAW,KAAA,CAAM,8CAA8C,CAAA,EAAG;AACpE,IAAA,MAAM,MAAA,GAAS,YAAY,UAAU,CAAA;AACrC,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB;AAEA,EAAA,IAAI,SAAA,CAAU,UAAU,CAAA,EAAG;AACzB,IAAA,OAAO,WAAW,UAAU,CAAA;AAAA,EAC9B;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+BAAA,EAAiC,EAAE,YAAY,CAAA;AACxF;AAcA,IAAM,qBAAA,GAAwB,kBAAA;AAG9B,IAAM,eAAA,GAAkB,kBAAA;AAExB,IAAM,gCAAgB,IAAI,GAAA,CAAI,CAAC,IAAA,EAAM,KAAA,EAAO,KAAK,CAAC,CAAA;AAM3C,SAAS,gBAAgB,GAAA,EAAsB;AACpD,EAAA,OAAO,qBAAA,CAAsB,GAAG,CAAA,CAAE,KAAA;AACpC;AAUO,SAAS,sBAAsB,GAAA,EAAsC;AAC1E,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,IAAI,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AACtD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,IAAA,EAAM,OAAO,gCAAA,EAAiC;AAAA,EAC/E;AAEA,EAAA,MAAM,OAAA,GAAU,IAAI,IAAA,EAAK;AACzB,EAAA,MAAM,MAAA,GAAS,iBAAiB,OAAO,CAAA;AAEvC,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,eAAe,OAAO,CAAA;AAAA,IAC/B,KAAK,KAAA;AACH,MAAA,OAAO,eAAe,OAAO,CAAA;AAAA,IAC/B;AACE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO,MAAA,GACH,CAAA,YAAA,EAAe,MAAM,CAAA,wCAAA,CAAA,GACrB;AAAA,OACN;AAAA;AAEN;AAaA,SAAS,eAAe,GAAA,EAAsC;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,uDAAA,EAA0D,KAAA,CAAM,MAAM,CAAA;AAAA,KAC/E;AAAA,EACF;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAE1C,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,mBAAA,EAAoB;AAAA,EACnE;AAEA,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,SAAS,CAAA,EAAG;AAC1C,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,6BAA6B,SAAS,CAAA,mDAAA;AAAA,KAC/C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,8BAAA,EAA+B;AAAA,EAC9E;AAEA,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,iBAAA,EAAkB;AAAA,EACjE;AAGA,EAAA,IAAI,cAAc,QAAA,EAAU;AAE1B,IAAA,IAAI,CAAC,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAA,EAAG;AAC1B,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,4BAA4B,OAAO,CAAA,mBAAA;AAAA,OAC5C;AAAA,IACF;AAGA,IAAA,IAAI,CAAC,SAAA,CAAU,OAAO,CAAA,EAAG;AACvB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,wBAAwB,OAAO,CAAA,6BAAA;AAAA,OACxC;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,cAAc,QAAA,EAAU;AAE1B,IAAA,IAAI,CAAC,+BAAA,CAAgC,IAAA,CAAK,OAAO,CAAA,EAAG;AAClD,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,2BAA2B,OAAO,CAAA,mCAAA;AAAA,OAC3C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAM;AACtC;AAYA,SAAS,eAAe,GAAA,EAAsC;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,uDAAA,EAA0D,KAAA,CAAM,MAAM,CAAA;AAAA,KAC/E;AAAA,EACF;AAEA,EAAA,MAAM,KAAK,OAAO,CAAA,GAAI,KAAA;AAEtB,EAAA,IAAI,CAAC,OAAA,IAAW,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,0CAAA,EAA2C;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,OAAO,CAAA,EAAG;AAClC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQC,SAAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AACtC,IAAA,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,EAC1C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,uCAAA,EAAwC;AAAA,EACvF;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,IAAA,CAAK,MAAM,OAAO,CAAA;AAAA,EAC1B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,sCAAA,EAAuC;AAAA,EACtF;AAEA,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,mCAAA,EAAoC;AAAA,EACnF;AAGA,EAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,aAAA,CAAc,GAAA,CAAI,GAAG,CAAA,EAAG;AACtD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,2DAAA;AAAA,KACT;AAAA,EACF;AAGA,EAAA,IAAI,OAAO,GAAA,EAAK;AACd,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAGA,EAAA,MAAM,aAAA,GAAgB,kBAAkB,GAAG,CAAA;AAC3C,EAAA,IAAI,CAAC,cAAc,KAAA,EAAO;AACxB,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,QAAQ,KAAA,EAAO,KAAA,EAAO,cAAc,KAAA,EAAM;AAAA,EACnE;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAM;AACtC;AAMO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,MAAA,GAAS,eAAe,OAAO,CAAA;AACrC,EAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACjB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,MAAA,CAAO,SAAS,iBAAA,EAAmB,EAAE,OAAO,CAAA;AAAA,EACrF;AAEA,EAAA,OAAO,OAAA;AACT;;;ACxeA,IAAM,aAAA,GAAgB,qBAAA;AAiBf,SAAS,YAAY,KAAA,EAA6B;AACvD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,iBAAiB,CAAA;AAC9C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAG3B,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAErC,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,QAAA;AAEJ,EAAA,IAAI,cAAc,EAAA,EAAI;AACpB,IAAA,GAAA,GAAM,OAAA;AACN,IAAA,QAAA,GAAW,IAAA;AAAA,EACb,CAAA,MAAO;AACL,IAAA,GAAA,GAAM,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,SAAS,CAAA;AAChC,IAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA;AAE/C,IAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,iBAAA;AAAA,QACA,8DAAA;AAAA,QACA,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AAEA,IAAA,QAAA,GAAW,WAAA;AAAA,EACb;AAGA,EAAA,IAAI,CAAC,aAAA,CAAc,IAAA,CAAK,GAAG,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,iBAAA;AAAA,MACA,gDAAA;AAAA,MACA,EAAE,OAAO,GAAA;AAAI,KACf;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,OAAA;AAAA,IACR,GAAA;AAAA,IACA;AAAA,GACF;AACF;AAMO,SAAS,SAAS,KAAA,EAAwB;AAC/C,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,OAAO,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,IAAK,aAAA,CAAc,IAAA,CAAK,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAC1E;AAQO,SAAS,aAAA,CAAc,KAAA,EAAe,SAAA,GAAY,KAAA,EAAa;AACpE,EAAA,YAAA,CAAa,KAAA,EAAO,WAAW,aAAa,CAAA;AAC5C,EAAA,IAAI,QAAA,CAAS,KAAK,CAAA,EAAG;AACnB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,iGAAA,CAAA;AAAA,MACA,EAAE,KAAA;AAAM,KACV;AAAA,EACF;AACF;;;AChGA,eAAsB,iBACpB,MAAA,EACkC;AAClC,EAAA,MAAM,aAAa,MAAA,CAAO,WAAA,EAAY,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AACzD,EAAA,MAAM,GAAA,GAAM,WAAW,UAAU,CAAA,qBAAA,CAAA;AAEjC,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK,EAAE,SAAS,EAAE,MAAA,EAAQ,kBAAA,EAAmB,EAAG,CAAA;AAAA,EACzE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAgC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA,EAAI;AAAA,MACxF,MAAA;AAAA,MACA,QAAQ,QAAA,CAAS;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,OAAQ,MAAM,SAAS,IAAA,EAAK;AAC9B;;;AC0BA,SAAS,sBAAA,CACP,WAAA,EACA,MAAA,EACA,QAAA,EAC2B;AAC3B,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,UAAU,OAAA,EAAiC;AACpD,IAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AAC3C,IAAA,MAAMC,MAAK,MAAA,CAAO,EAAA;AAClB,IAAA,IAAI,OAAOA,QAAO,QAAA,EAAU;AAG5B,IAAA,IAAIA,GAAAA,KAAO,QAAQ,OAAO,MAAA;AAG1B,IAAA,IAAI,QAAA,KAAaA,GAAAA,KAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,IAAMA,IAAG,QAAA,CAAS,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE,CAAA,CAAA,EAAI;AACtE,MAAA,OAAO,MAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAKA,SAAS,gCAAgC,WAAA,EAAgD;AACvF,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,SAAU,EAAC;AACrC,EAAA,OAAQ,OAAA,CACL,MAAA,CAAO,CAAC,CAAA,KAAM,KAAK,OAAO,CAAA,CAAE,EAAA,KAAO,QAAQ,CAAA,CAC3C,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,EAAY,CAAA;AAC9B;AA0BA,eAAsB,wBAAA,CACpB,QACA,OAAA,EAC4B;AAC5B,EAAA,YAAA,CAAa,MAAA,EAAQ,UAAU,iBAAiB,CAAA;AAEhD,EAAA,MAAM,MAAA,GAAS,YAAY,MAAM,CAAA;AACjC,EAAA,MAAM,MAAA,GAAS,gBAAA,CAAiB,MAAA,CAAO,GAAG,CAAA;AAE1C,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,iBAAA,EAAmB,wCAAA,EAA0C;AAAA,MACnF,MAAA;AAAA,MACA,KAAK,MAAA,CAAO;AAAA,KACb,CAAA;AAAA,EACH;AAEA,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,iBAAiB,MAAA,CAAO,MAAA,EAAQ,OAAO,GAAA,EAAK,MAAA,CAAO,UAAU,OAAO,CAAA;AAAA,IAC7E;AACE,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,wBAAA;AAAA,QACA,uDAAuD,MAAM,CAAA,CAAA,CAAA;AAAA,QAC7D,EAAE,QAAQ,MAAA;AAAO,OACnB;AAAA;AAEN;AAcA,eAAsB,4BAAA,CACpB,QACA,OAAA,EACgC;AAChC,EAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,MAAA,EAAQ,OAAO,CAAA;AAC/D,EAAA,MAAM,aAAA,GAAgB,WAAA,CAAY,QAAA,CAAS,YAAY,CAAA;AAEvD,EAAA,OAAO;AAAA,IACL,GAAG,QAAA;AAAA,IACH;AAAA,GACF;AACF;AAMA,eAAe,gBAAA,CACb,MAAA,EACA,GAAA,EACA,QAAA,EACA,OAAA,EAC4B;AAC5B,EAAA,MAAM,MAAA,GAAS,oBAAoB,GAAG,CAAA;AACtC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,iBAAA,EAAmB,wCAAA,EAA0C;AAAA,MACnF,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,OAAA,GAAU,SAAS,gBAAA,IAAoB,gBAAA;AAC7C,EAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,MAAM,CAAA;AAGxC,EAAA,MAAM,MAAA,GAAS,sBAAA,CAAuB,WAAA,EAAa,MAAA,EAAQ,QAAQ,CAAA;AACnE,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,uCAAA,EAA0C,QAAA,GAAW,CAAA,CAAA,EAAI,QAAQ,KAAK,MAAM,CAAA,CAAA,CAAA;AAAA,MAC5E,EAAE,MAAA,EAAQ,QAAA,EAAU,gBAAA,EAAkB,+BAAA,CAAgC,WAAW,CAAA;AAAE,KACrF;AAAA,EACF;AAGA,EAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACrD,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,qBAAA,EAAwB,OAAO,EAAE,CAAA,+BAAA,CAAA;AAAA,MACjC,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,CAAO,EAAA;AAAG,KAC5C;AAAA,EACF;AAGA,EAAA,MAAM,UAAA,GAAa,kBAAkB,YAAY,CAAA;AACjD,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,MAAA,CAAO,EAAE,CAAA,cAAA,EAAiB,WAAW,KAAK,CAAA,CAAA;AAAA,MAClF,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,CAAO,EAAA;AAAG,KAC5C;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,MAAA;AAAA,IACA,GAAA;AAAA,IACA,QAAA;AAAA,IACA,YAAA;AAAA,IACA,sBAAsB,MAAA,CAAO;AAAA,GAC/B;AACF;;;ACtNO,SAAS,kBAAA,CAAmB,GAAW,CAAA,EAAoB;AAEhE,EAAA,IAAI,WAAA,GAA6B,IAAA;AACjC,EAAA,IAAI,WAAA,GAA6B,IAAA;AAEjC,EAAA,IAAI;AACF,IAAA,WAAA,GAAc,aAAa,CAAC,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IAAI;AACF,IAAA,WAAA,GAAc,aAAa,CAAC,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IAAI,WAAA,IAAe,WAAA,IAAe,WAAA,KAAgB,WAAA,EAAa;AAC7D,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,IAAA,GAAO,4BAA4B,CAAC,CAAA;AAC1C,EAAA,MAAM,IAAA,GAAO,4BAA4B,CAAC,CAAA;AAE1C,EAAA,IAAI,QAAQ,IAAA,IAAQ,IAAA,CAAK,aAAY,KAAM,IAAA,CAAK,aAAY,EAAG;AAC7D,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,OAAA,GAAU,iBAAiB,CAAC,CAAA;AAClC,EAAA,MAAM,OAAA,GAAU,iBAAiB,CAAC,CAAA;AAElC,EAAA,IAAI,OAAA,KAAY,KAAA,IAAS,OAAA,KAAY,KAAA,EAAO;AAC1C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,YAAY,CAAC,CAAA;AAC1B,MAAA,MAAM,IAAA,GAAO,YAAY,CAAC,CAAA;AAC1B,MAAA,OAAO,eAAA,CAAgB,MAAM,IAAI,CAAA;AAAA,IACnC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAMO,SAAS,4BAA4B,aAAA,EAAsC;AAChF,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,iBAAiB,aAAa,CAAA;AAC7C,IAAA,IAAI,MAAA,KAAW,KAAA,IAAS,aAAA,CAAc,QAAA,CAAS,QAAQ,CAAA,EAAG;AACxD,MAAA,OAAO,sBAAsB,aAAa,CAAA;AAAA,IAC5C;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,IAAA;AACT;;;ACsFO,SAAS,6BACd,MAAA,EACuB;AACvB,EAAA,MAAM,UAAU,MAAA,CAAO,OAAA;AAEvB,EAAA,MAAM,cAAc,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,GAAW,QAAQ,WAAA,GAAc,IAAA;AACpF,EAAA,MAAM,QAAA,GACJ,OAAO,OAAA,CAAQ,QAAA,KAAa,QAAA,GACxB,OAAA,CAAQ,QAAA,GACR,OAAO,OAAA,CAAQ,QAAA,KAAa,QAAA,GAC1B,OAAA,CAAQ,QAAA,GACR,IAAA;AAGR,EAAA,IAAI,UAAA,GAA4B,IAAA;AAChC,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,WAAW,CAAA;AAC/B,MAAA,UAAA,GAAa,CAAA,QAAA,EAAW,IAAI,QAAQ,CAAA,CAAA;AAAA,IACtC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAGA,EAAA,IAAI,kBAAkB,MAAA,EAAQ;AAE5B,IAAA,MAAM,SAAA,GAAY,MAAA;AAClB,IAAA,OAAO;AAAA,MACL,eAAe,SAAA,CAAU,YAAA;AAAA,MACzB,UAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA,KAAK,SAAA,CAAU,GAAA;AAAA,MACf,cAAc,SAAA,CAAU,YAAA;AAAA,MACxB,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAGA,EAAA,MAAM,YAAA,GAAe,MAAA;AACrB,EAAA,MAAM,aAAA,GAAgB,YAAA,CAAa,MAAA,CAAO,WAAA,EAAY;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,oBAAoB,aAAa,CAAA,CAAA;AAAA,IAChD,UAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,GAAA,EAAK,IAAA;AAAA,IACL,YAAA,EAAc,IAAA;AAAA,IACd,QAAQ,YAAA,CAAa;AAAA,GACvB;AACF;ACxNA,IAAM,mCAAmB,IAAI,GAAA,CAAI,CAAC,WAAA,EAAa,QAAQ,CAAC,CAAA;AAGxD,IAAM,cAAA,GAAiB,EAAA;AAEvB,SAAS,gBAAA,CAAiB,OAAe,OAAA,EAAwB;AAC/D,EAAA,IAAI,QAAQ,cAAA,EAAgB;AAC1B,IAAA,MAAM,GAAA,GAAM,UACR,CAAA,sCAAA,EAAyC,cAAc,OAAO,OAAO,CAAA,CAAA,GACrE,yCAAyC,cAAc,CAAA,CAAA;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,GAAG,CAAA;AAAA,EAC9C;AACF;AAOO,SAAS,gBAAgB,KAAA,EAAwB;AACtD,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAaA,EAAA,MAAM,aAAA,GAAgB,oBAAoB,KAAK,CAAA;AAC/C,EAAA,IAAI,aAAA,CAAc,SAAS,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,qBAAqB,aAAA,CAAc,MAAA,GAAS,CAAA,GAAI,GAAA,GAAM,EAAE,CAAA,WAAA,EAAc,aAAA,CAAc,GAAA,CAAI,CAAA,CAAA,KAAK,IAAI,CAAC,CAAA,CAAA,CAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,MACjH,EAAE,aAAA;AAAc,KAClB;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AACF;AAMA,SAAS,oBAAoB,KAAA,EAAyB;AACpD,EAAA,MAAM,aAAuB,EAAC;AAE9B,EAAA,MAAM,iBAAgC,EAAC;AACvC,EAAA,IAAI,QAAA,GAAW,KAAA;AACf,EAAA,IAAI,OAAA,GAAU,KAAA;AACd,EAAA,IAAI,UAAA,GAAa,EAAA;AACjB,EAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,EAAA,IAAI,UAAA,GAAa,KAAA;AACjB,EAAA,IAAI,CAAA,GAAI,CAAA;AAER,EAAA,OAAO,CAAA,GAAI,MAAM,MAAA,EAAQ;AACvB,IAAA,MAAM,EAAA,GAAK,MAAM,CAAC,CAAA;AAElB,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,OAAA,GAAU,KAAA;AACV,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,IAAA,EAAM;AACf,MAAA,OAAA,GAAU,IAAA;AACV,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,GAAA,EAAK;AACd,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,QAAA,GAAW,IAAA;AAEX,QAAA,IAAI,cAAA,CAAe,MAAA,GAAS,CAAA,IAAK,CAAC,UAAA,EAAY;AAC5C,UAAA,aAAA,GAAgB,IAAA;AAChB,UAAA,UAAA,GAAa,EAAA;AAAA,QACf;AAAA,MACF,CAAA,MAAO;AACL,QAAA,QAAA,GAAW,KAAA;AACX,QAAA,IAAI,aAAA,EAAe;AACjB,UAAA,aAAA,GAAgB,KAAA;AAChB,UAAA,MAAM,MAAA,GAAS,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACvD,UAAA,IAAI,MAAA,CAAO,GAAA,CAAI,UAAU,CAAA,EAAG;AAC1B,YAAA,IAAI,CAAC,UAAA,CAAW,QAAA,CAAS,UAAU,CAAA,EAAG;AACpC,cAAA,UAAA,CAAW,KAAK,UAAU,CAAA;AAAA,YAC5B;AAAA,UACF,CAAA,MAAO;AACL,YAAA,MAAA,CAAO,IAAI,UAAU,CAAA;AAAA,UACvB;AAAA,QACF;AAAA,MACF;AACA,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,OAAO,GAAA,EAAK;AACd,MAAA,cAAA,CAAe,IAAA,iBAAK,IAAI,GAAA,EAAK,CAAA;AAC7B,MAAA,gBAAA,CAAiB,eAAe,MAAM,CAAA;AACtC,MAAA,UAAA,GAAa,KAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,cAAA,CAAe,GAAA,EAAI;AACnB,MAAA,UAAA,GAAa,eAAe,MAAA,GAAS,CAAA;AAAA,IACvC,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AAErB,MAAA,cAAA,CAAe,qBAAK,IAAI,GAAA,CAAI,CAAC,WAAW,CAAC,CAAC,CAAA;AAC1C,MAAA,gBAAA,CAAiB,eAAe,MAAM,CAAA;AACtC,MAAA,UAAA,GAAa,KAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,cAAA,CAAe,GAAA,EAAI;AACnB,MAAA,UAAA,GAAa,eAAe,MAAA,GAAS,CAAA;AAAA,IACvC,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,UAAA,GAAa,IAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,UAAA,GAAa,KAAA;AAAA,IACf;AAEA,IAAA,CAAA,EAAA;AAAA,EACF;AAEA,EAAA,OAAO,UAAA;AACT;AAOO,SAAS,cAAA,CAAe,KAAA,EAAgB,IAAA,GAAe,GAAA,EAAK,QAAgB,CAAA,EAAS;AAC1F,EAAA,gBAAA,CAAiB,OAAO,IAAI,CAAA;AAE5B,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,WAAA,CAAa,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,UAAU,IAAA,EAAM;AAEpB,EAAA,QAAQ,OAAO,KAAA;AAAO,IACpB,KAAK,QAAA;AAAA,IACL,KAAK,SAAA;AACH,MAAA;AAAA,IACF,KAAK,QAAA;AACH,MAAA,IAAI,CAAC,MAAA,CAAO,QAAA,CAAS,KAAK,CAAA,EAAG;AAC3B,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAA0B,IAAI,CAAA,EAAA,EAAK,KAAK,CAAA,wBAAA,CAA0B,CAAA;AAAA,MAC7G;AACA,MAAA;AAAA,IACF,KAAK,QAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,+BAAA,CAAiC,CAAA;AAAA,IAC1G,KAAK,UAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,UAAA,CAAY,CAAA;AAAA,IACrF,KAAK,QAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,QAAA,CAAU,CAAA;AAAA,IACnF,KAAK,QAAA;AACH,MAAA,IAAI,iBAAiB,IAAA,EAAM;AACzB,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,oCAAA,CAAsC,CAAA;AAAA,MAC/G;AACA,MAAA,IAAI,iBAAiB,MAAA,EAAQ;AAC3B,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,QAAA,CAAU,CAAA;AAAA,MACnF;AACA,MAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AACxB,QAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,UAAA,cAAA,CAAe,KAAA,CAAM,CAAC,CAAA,EAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,CAAC,CAAA,CAAA,CAAA,EAAK,KAAA,GAAQ,CAAC,CAAA;AAAA,QACrD;AACA,QAAA;AAAA,MACF;AAEA,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,GAAG,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAC9C,QAAA,cAAA,CAAe,KAAK,CAAA,EAAG,IAAI,IAAI,GAAG,CAAA,CAAA,EAAI,QAAQ,CAAC,CAAA;AAAA,MACjD;AACA,MAAA;AAAA,IACF;AACE,MAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,gBAAA,EAAmB,OAAO,KAAK,CAAA,CAAA,CAAG,CAAA;AAAA;AAE/G;AAEO,SAAS,iBAAiB,GAAA,EAAsB;AACrD,EAAA,cAAA,CAAe,GAAG,CAAA;AAClB,EAAA,MAAM,GAAA,GAAM,aAAa,GAAG,CAAA;AAC5B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AACA,EAAA,OAAO,GAAA;AACT;AAMO,SAAS,yBAAyB,GAAA,EAA8C;AACrF,EAAA,MAAM,OAAA,GAAU,iBAAiB,GAAG,CAAA;AACpC,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,IAAA,EAAMC,SAAAA,CAAUC,WAAAA,CAAY,OAAO,CAAC;AAAA,GACtC;AACF;AAGO,SAAS,oBAAoB,GAAA,EAA8C;AAChF,EAAA,OAAO,yBAAyB,GAAG,CAAA;AACrC;AAEO,SAAS,qBAAA,CAAsB,KAAc,SAAA,EAAwC;AAC1F,EAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,SAAS,CAAA,EAAG;AACpC,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,6BAAA,EAAgC,SAAS,CAAA,mCAAA,CAAA,EAAuC,EAAE,WAAW,CAAA;AAAA,EACxI;AACA,EAAA,MAAM,GAAA,GAAM,iBAAiB,GAAG,CAAA;AAChC,EAAA,MAAM,KAAA,GAAQA,YAAY,GAAG,CAAA;AAC7B,EAAA,OAAQ,cAAc,WAAA,GAAcD,SAAAA,CAAU,KAAK,CAAA,GAAI,OAAO,KAAK,CAAA;AACrE;AC7LA,IAAM,mBAAA,GAAsB,eAAA;AAM5B,IAAM,WAAA,GAAc,CAAA;AAGpB,IAAM,SAAA,GAAgB,GAAA,CAAA,IAAA;AAGtB,IAAM,aAAA,GAAgB,EAAA;AAGtB,IAAM,sBAAA,GAAyB,EAAA;AAgB/B,eAAsB,qBAAqB,KAAA,EAAoC;AAC7E,EAAA,IAAI,EAAE,KAAA,YAAiB,UAAA,CAAA,IAAe,KAAA,CAAM,WAAW,CAAA,EAAG;AACxD,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,MAAME,QAAAA,CAAO,MAAA,CAAO,KAAK,CAAA;AACxC,EAAA,MAAM,GAAA,GAAM,GAAA,CAAI,QAAA,CAAS,SAAA,EAAW,MAAM,CAAA;AAC1C,EAAA,OAAO,GAAG,mBAAmB,CAAA,EAAG,GAAA,CAAI,QAAA,CAAS,MAAM,CAAC,CAAA,CAAA;AACtD;AAgBA,eAAsB,oBAAoB,KAAA,EAAiC;AAEzE,EAAA,MAAM,QAAQ,OAAO,KAAA,KAAU,QAAA,GAAW,eAAA,CAAgB,KAAK,CAAA,GAAI,KAAA;AAGnE,EAAA,MAAM,GAAA,GAAM,iBAAiB,KAAK,CAAA;AAClC,EAAA,MAAM,KAAA,GAAQ,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAE1C,EAAA,MAAM,MAAA,GAAS,MAAMA,QAAAA,CAAO,MAAA,CAAO,KAAK,CAAA;AACxC,EAAA,MAAM,GAAA,GAAM,GAAA,CAAI,QAAA,CAAS,SAAA,EAAW,MAAM,CAAA;AAC1C,EAAA,OAAO,GAAG,mBAAmB,CAAA,EAAG,GAAA,CAAI,QAAA,CAAS,MAAM,CAAC,CAAA,CAAA;AACtD;AAoBO,SAAS,iBAAiB,GAAA,EAAgC;AAC/D,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,mBAAmB,CAAA,EAAG;AACnE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,KAAK,CAAA;AAAA,EAC/E;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,mBAAA,CAAoB,MAAM,CAAA;AACvD,EAAA,IAAI,CAAC,UAAA,IAAc,UAAA,CAAW,MAAA,KAAW,CAAA,EAAG;AAC1C,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACtF;AAGA,EAAA,IAAI,UAAA,CAAW,CAAC,CAAA,KAAM,GAAA,EAAK;AACzB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,0BAAA,EAA6B,UAAA,CAAW,CAAC,CAAC,CAAA,6BAAA,CAAA;AAAA,MAC1C,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,GAAA,CAAI,KAAA,CAAM,UAAA,EAAY,MAAM,CAAA;AAAA,EACpC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,0DAAA;AAAA,MACA,EAAE,GAAA,EAAK,KAAA,EAAO,GAAA;AAAI,KACpB;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,YAAY,WAAA,EAAa;AAC/B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,2BAAA,EAA8B,IAAI,OAAO,CAAA,CAAA;AAAA,MACzC,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAS,SAAA,EAAW;AAC1B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,GAAA,CAAI,IAAA,CAAK,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAA,MAC7D,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAA,CAAU,IAAA,KAAS,aAAA,EAAe;AACxC,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,qDAAqD,GAAA,CAAI,SAAA,CAAU,IAAA,CAAK,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAA,MACpF,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAA,CAAU,MAAA,CAAO,MAAA,KAAW,sBAAA,EAAwB;AAC1D,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,GAAA,CAAI,SAAA,CAAU,MAAA,CAAO,MAAM,CAAA,CAAA;AAAA,MACnE,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,IAAI,SAAA,CAAU,MAAA;AAC7B,EAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,MAAM,CAAA,CAChC,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,EAAA,OAAO,EAAE,GAAA,EAAK,UAAA,EAAY,MAAA,EAAQ,SAAA,EAAU;AAC9C;AA+BA,eAAsB,iBAAA,CACpB,KACA,OAAA,EACqC;AAErC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,iBAAiB,GAAG,CAAA;AAAA,EAC/B,SAAS,GAAA,EAAK;AACZ,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,GAAA,YAAe,aAAA,GAAgB,GAAA,CAAI,OAAA,GAAU;AAAA,KACvD;AAAA,EACF;AAEA,EAAA,MAAM,cAAc,MAAA,CAAO,SAAA;AAG3B,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAa,OAAO,OAAA,KAAY,YAAY,OAAA,KAAY,IAAA,IAAQ,EAAE,OAAA,YAAmB,UAAA,CAAA,EAAc;AACxH,IAAA,IAAI;AACF,MAAA,MAAM,QAAQ,OAAO,OAAA,KAAY,QAAA,GAAW,eAAA,CAAgB,OAAO,CAAA,GAAI,OAAA;AACvE,MAAA,MAAM,GAAA,GAAM,iBAAiB,KAAK,CAAA;AAClC,MAAA,MAAM,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAC7C,MAAA,MAAMC,OAAAA,GAAS,MAAMD,QAAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAC3C,MAAA,MAAME,aAAY,KAAA,CAAM,IAAA,CAAKD,QAAO,MAAM,CAAA,CACvC,IAAI,CAAC,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,MAAA,IAAIC,eAAc,WAAA,EAAa;AAC7B,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAA,EAAO;AAAA,MAC1C;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAGA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI,mBAAmB,UAAA,EAAY;AACjC,IAAA,QAAA,GAAW,OAAA;AAAA,EACb,CAAA,MAAA,IAAW,OAAO,OAAA,KAAY,QAAA,EAAU;AACtC,IAAA,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,OAAO,CAAA;AAAA,EAC7C,CAAA,MAAO;AAEL,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,MAAMF,QAAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAC3C,EAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,OAAO,MAAM,CAAA,CACvC,IAAI,CAAC,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,EAAA,IAAI,cAAc,WAAA,EAAa;AAC7B,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,QAAA,EAAS;AAAA,EAC5C;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ;AAAA,GACV;AACF;AC5QO,SAAS,gBAAgB,GAAA,EAAqB;AACnD,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,KAAK,CAAA;AAAA,EAC3E;AAEA,EAAA,MAAM,SAAA,GAAY,GAAA,CAAI,KAAA,CAAM,WAAA,CAAY,MAAM,CAAA;AAC9C,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI,OAAA;AAIJ,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,GAAG,CAAA;AACjC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AAEtB,IAAA,OAAA,GAAU,GAAA;AACV,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAAA,EACnB,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG;AAE7B,IAAA,MAAM,UAAA,GAAa,MAAM,CAAC,CAAA;AAC1B,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAGjB,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,EAAG;AAC/B,MAAA,OAAA,GAAU,MAAA,CAAO,QAAA,CAAS,UAAA,EAAY,EAAE,CAAC,CAAA;AAAA,IAC3C,CAAA,MAAA,IAAW,OAAA,CAAQ,IAAA,CAAK,UAAU,CAAA,EAAG;AACnC,MAAA,OAAA,GAAU,UAAA;AAAA,IACZ,CAAA,MAAO;AAEL,MAAA,MAAM,UAAA,GAAqC;AAAA,QACzC,OAAA,EAAS,GAAA;AAAA,QACT,MAAA,EAAQ,GAAA;AAAA,QACR,OAAA,EAAS,UAAA;AAAA,QACT,OAAA,EAAS,KAAA;AAAA,QACT,QAAA,EAAU,OAAA;AAAA,QACV,QAAA,EAAU,IAAA;AAAA,QACV,IAAA,EAAM;AAAA,OACR;AACA,MAAA,MAAM,MAAA,GAAS,UAAA,CAAW,UAAA,CAAW,WAAA,EAAa,CAAA;AAClD,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAI,aAAA;AAAA,UACR,aAAA;AAAA,UACA,6BAA6B,UAAU,CAAA,CAAA,CAAA;AAAA,UACvC,EAAE,GAAA,EAAK,OAAA,EAAS,UAAA;AAAW,SAC7B;AAAA,MACF;AACA,MAAA,OAAA,GAAU,MAAA;AAAA,IACZ;AAAA,EACF,CAAA,MAAO;AACL,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,KAAK,CAAA;AAAA,EAC3E;AAEA,EAAA,IAAI,CAACG,SAAAA,CAAU,OAAO,CAAA,EAAG;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0CAAA,EAA4C;AAAA,MACjF,GAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAcC,WAAW,OAAO,CAAA;AACtC,EAAA,OAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,CAAA,EAAI,WAAA,CAAY,aAAa,CAAA,CAAA;AAC/D;AAUA,IAAM,oBAAA,GAAyF;AAAA;AAAA,EAE7F,GAAA,EAAM,EAAE,GAAA,EAAK,KAAA,EAAO,KAAK,SAAA,EAAU;AAAA;AAAA,EAEnC,GAAA,EAAM,EAAE,GAAA,EAAK,KAAA,EAAO,KAAK,QAAA,EAAS;AAAA;AAAA,EAElC,KAAM,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,WAAA,EAAa,WAAW,EAAA,EAAG;AAAA;AAAA,EAEnD,MAAQ,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,OAAA,EAAS,WAAW,EAAA,EAAG;AAAA;AAAA,EAEjD,MAAQ,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,OAAA,EAAS,WAAW,EAAA;AAChD,CAAA;AAMA,SAAS,UAAA,CAAW,OAAmB,MAAA,EAAsD;AAC3F,EAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,EAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,EAAA,IAAI,SAAA,GAAY,CAAA;AAEhB,EAAA,OAAO,MAAA,GAAS,SAAA,GAAY,KAAA,CAAM,MAAA,EAAQ;AACxC,IAAA,MAAM,IAAA,GAAO,KAAA,CAAM,MAAA,GAAS,SAAS,CAAA;AACrC,IAAA,KAAA,IAAA,CAAU,OAAO,GAAA,KAAS,KAAA;AAC1B,IAAA,SAAA,EAAA;AACA,IAAA,IAAA,CAAK,IAAA,GAAO,SAAU,CAAA,EAAG;AACvB,MAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,IAC5B;AACA,IAAA,KAAA,IAAS,CAAA;AACT,IAAA,IAAI,QAAQ,EAAA,EAAI;AACd,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,8CAA8C,CAAA;AAAA,IACvF;AAAA,EACF;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+CAA+C,CAAA;AACxF;AAQA,SAAS,eAAA,CACP,eACA,GAAA,EACkC;AAqBlC,EAAA,MAAM,IAAI,aAAA;AAAA,IACR,sBAAA;AAAA,IACA,qCAAqC,GAAG,CAAA,mIAAA,CAAA;AAAA,IAGxC,EAAE,GAAA,EAAK,SAAA,EAAW,aAAA,CAAc,MAAA;AAAO,GACzC;AACF;AAqBO,SAAS,eAAe,GAAA,EAAqB;AAClD,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC1D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,wBAAA,EAA0B,EAAE,KAAK,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA;AAC9C,EAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,GAAG,CAAA,EAAG;AAC9C,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,qEAAA;AAAA,MACA,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,SAAA,CAAU,OAAO,UAAU,CAAA;AAAA,EACvC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,oDAAA;AAAA,MACA,EAAE,GAAA,EAAK,KAAA,EAAO,GAAA;AAAI,KACpB;AAAA,EACF;AAEA,EAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,iCAAA,EAAmC,EAAE,KAAK,CAAA;AAAA,EACnF;AAGA,EAAA,MAAM,EAAE,KAAA,EAAO,UAAA,EAAY,WAAU,GAAI,UAAA,CAAW,SAAS,CAAC,CAAA;AAE9D,EAAA,MAAM,OAAA,GAAU,qBAAqB,UAAU,CAAA;AAC/C,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,sBAAA;AAAA,MACA,CAAA,kCAAA,EAAqC,UAAA,CAAW,QAAA,CAAS,EAAE,CAAC,CAAA,WAAA,CAAA;AAAA,MAC5D,EAAE,KAAK,KAAA,EAAO,CAAA,EAAA,EAAK,WAAW,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAG,KAC/C;AAAA,EACF;AAGA,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,KAAA,CAAM,SAAS,CAAA;AAExC,EAAA,IAAI,OAAA,CAAQ,QAAQ,KAAA,EAAO;AAEzB,IAAA,IAAI,QAAA,CAAS,WAAW,EAAA,EAAI;AAC1B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,CAAA,iBAAA,EAAoB,OAAA,CAAQ,GAAG,CAAA,UAAA,EAAa,SAAS,MAAM,CAAA,MAAA,CAAA;AAAA,QAC3D,EAAE,GAAA,EAAK,GAAA,EAAK,OAAA,CAAQ,GAAA;AAAI,OAC1B;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM;AAAA,MACV,KAAK,OAAA,CAAQ,GAAA;AAAA,MACb,KAAK,OAAA,CAAQ,GAAA;AAAA,MACb,CAAA,EAAGR,SAAAA,CAAU,MAAA,CAAO,QAAQ;AAAA,KAC9B;AAEA,IAAA,OAAO,YAAY,GAAG,CAAA;AAAA,EACxB;AAGA,EAAA,OAAO,gBAAgB,QAAA,EAAU,OAAA,CAAQ,GAAG,CAAA,CAAE,EAAE,QAAA,EAAS;AAC3D;;;AC7QA,IAAA,kBAAA,GAAA;AAAA,QAAA,CAAA,kBAAA,EAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,gCAAA,EAAA,MAAA,gCAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,oCAAA,EAAA,MAAA,oCAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,8BAAA,EAAA,MAAA,8BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,yBAAA,EAAA,MAAAS,0BAAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACMO,SAAS,gBAAgB,MAAA,EAA+C;AAC7E,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAA8B,CAAA;AAAA,IACzE;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,MAAA,KAAW,QAAA,IAAY,OAAO,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AAC5D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oDAAoD,CAAA;AAAA,EAC/F;AAEA,EAAA,MAAM,MAAA,GAAS,OACZ,KAAA,CAAM,GAAG,EACT,GAAA,CAAI,CAAC,SAAS,IAAA,CAAK,IAAA,EAAM,CAAA,CACzB,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA,CAChC,GAAA,CAAI,CAAC,IAAA,KAAS;AACb,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,KAAK,CAAA;AAC/B,IAAA,IAAI,MAAA,CAAO,SAAS,CAAA,EAAG;AACrB,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,sBAAA,EAAwB,EAAE,MAAM,CAAA;AAAA,IAC3E;AACA,IAAA,MAAM,IAAA,GAAO,OAAO,CAAC,CAAA;AACrB,IAAA,MAAM,OAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA,CAAE,KAAK,GAAG,CAAA;AACrC,IAAA,OAAO,EAAE,MAAM,IAAA,EAAK;AAAA,EACtB,CAAC,CAAA;AAEH,EAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,eAAe,MAAA,EAAwC;AACrE,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,OAAO,MAAA,CAAO,GAAA,CAAI,CAAC,KAAA,KAAU,CAAA,EAAG,KAAA,CAAM,IAAI,CAAA,CAAA,EAAI,KAAA,CAAM,IAAI,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AACvE;AAEO,SAAS,qBAAA,CACd,QACA,IAAA,EACK;AACL,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAEA,EAAA,MAAM,gBAAA,GAAmB,uBAAA,CAAwB,MAAA,EAAQ,IAAI,CAAA;AAC7D,EAAA,IAAI,gBAAA,CAAiB,SAAS,CAAA,EAAG;AAC/B,IAAA,MAAM,UAAU,gBAAA,CACb,GAAA,CAAI,CAAC,KAAA,KAAU,UAAU,KAAA,CAAM,eAAe,CAAA,GAAA,EAAM,KAAA,CAAM,YAAY,CAAA,MAAA,EAAS,KAAA,CAAM,YAAY,CAAA,CAAE,CAAA,CACnG,KAAK,IAAI,CAAA;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,oCAAA,EAAuC,OAAO,CAAA,CAAA,EAAI;AAAA,MACzF,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,YAAA,GAAe,eAAe,MAAM,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,IAAI,aAAA,CAAc,YAAY,CAAA;AAE9C,EAAA,MAAM,UAAU,OAAA,CAAQ,UAAA;AAAA,IACtB,MAAA,CAAO,GAAA,CAAI,CAAC,KAAA,MAAW;AAAA,MACrB,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,IAAI;AAAA,KACxB,CAAE;AAAA,GACJ;AAEA,EAAA,OAAO,OAAA;AACT;AAEA,SAAS,cAAc,KAAA,EAAwB;AAC7C,EAAA,IAAI,UAAU,IAAA,EAAM;AAClB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AACxB,IAAA,OAAO,OAAA;AAAA,EACT;AACA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,MAAA,CAAO,QAAA,CAAS,KAAK,CAAA,GAAI,QAAA,GAAW,mBAAA;AAAA,EAC7C;AACA,EAAA,OAAO,OAAO,KAAA;AAChB;AAEA,SAAS,cAAA,CAAe,OAAgB,aAAA,EAAiC;AACvE,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,iBAAiB,KAAA,IAAS,EAAA;AAAA,EACnC;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,CAAC,OAAO,QAAA,CAAS,KAAK,KAAK,CAAC,MAAA,CAAO,SAAA,CAAU,KAAK,CAAA,EAAG;AACvD,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,OAAO,iBAAiB,KAAA,IAAS,CAAA;AAAA,EACnC;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,MAAM,OAAA,GAAU,gBAAgB,SAAA,GAAY,OAAA;AAC5C,IAAA,OAAO,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,MAAM,KAAA,EAAiC;AAC9C,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,kBAAA,CAAmB,KAAK,KAAK,CAAA;AACnE;AAEA,SAAS,kBAAA,CAAmB,MAAc,KAAA,EAAyB;AACjE,EAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,IAAA,EAAK,CAAE,WAAA,EAAY;AAC/C,EAAA,MAAM,WAAA,GAAc,cAAA,CAAe,KAAA,CAAM,8BAA8B,CAAA;AAEvE,EAAA,IAAI,WAAA,CAAY,IAAA,CAAK,cAAc,CAAA,EAAG;AACpC,IAAA,OAAO,cAAA,CAAe,OAAO,KAAK,CAAA;AAAA,EACpC;AAEA,EAAA,IAAI,UAAA,CAAW,IAAA,CAAK,cAAc,CAAA,EAAG;AACnC,IAAA,OAAO,cAAA,CAAe,OAAO,IAAI,CAAA;AAAA,EACnC;AAEA,EAAA,IAAI,mBAAmB,QAAA,EAAU;AAC/B,IAAA,OAAO,OAAO,KAAA,KAAU,QAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,mBAAmB,UAAA,EAAY;AACjC,IAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,IAAK,KAAA,CAAM,MAAM,CAAC,KAAA,KAAU,OAAO,KAAA,KAAU,QAAQ,CAAA;AAAA,EACjF;AAEA,EAAA,IAAI,mBAAmB,MAAA,EAAQ;AAC7B,IAAA,OAAO,OAAO,KAAA,KAAU,SAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,mBAAmB,SAAA,EAAW;AAChC,IAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAYF,SAAAA,CAAU,KAAK,CAAA;AAAA,EACrD;AAEA,EAAA,IAAI,mBAAmB,OAAA,EAAS;AAC9B,IAAA,OAAO,MAAM,KAAK,CAAA,IAAA,CAAM,KAAA,CAAM,MAAA,GAAS,KAAK,CAAA,KAAM,CAAA;AAAA,EACpD;AAEA,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,MAAM,aAAA,GAAgB,MAAA,CAAO,WAAA,CAAY,CAAC,CAAC,CAAA;AAC3C,IAAA,OAAO,MAAM,KAAK,CAAA,IAAK,KAAA,CAAM,MAAA,KAAW,IAAI,aAAA,GAAgB,CAAA;AAAA,EAC9D;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,uBAAA,CACd,QACA,IAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,CAAC;AAAA,MACN,eAAA,EAAiB,MAAA;AAAA,MACjB,YAAA,EAAc,QAAA;AAAA,MACd,YAAA,EAAc,cAAc,IAAI,CAAA;AAAA,MAChC,aAAA,EAAe;AAAA,KAChB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,SAAuC,EAAC;AAE9C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC7B,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,KAAA,CAAM,IAAA,EAAM,KAAK,CAAA;AACpD,IAAA,IAAI,OAAA,EAAS;AACX,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK;AAAA,MACV,iBAAiB,KAAA,CAAM,IAAA;AAAA,MACvB,cAAc,KAAA,CAAM,IAAA;AAAA,MACpB,YAAA,EAAc,cAAc,KAAK,CAAA;AAAA,MACjC,aAAA,EAAe;AAAA,KAChB,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,qBAAA,CACd,QACA,WAAA,EACyB;AACzB,EAAA,IAAI,OAAO,WAAA,KAAgB,QAAA,IAAY,CAAC,WAAA,CAAY,UAAA,CAAW,IAAI,CAAA,EAAG;AACpE,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAkC,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,YAAA,GAAe,eAAe,MAAM,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,IAAI,aAAA,CAAc,YAAY,CAAA;AAC9C,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAE9C,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,KAAA,MAAW,QAAQ,OAAA,EAAoD;AACrE,IAAA,MAAM,QAAQ,IAAA,CAAK,KAAA;AACnB,IAAA,IAAI,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,IAAY,WAAY,KAAA,EAAmC;AACvF,MAAA,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,GAAK,KAAA,CAA6B,KAAA;AAAA,IACpD,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,GAAI,KAAA;AAAA,IACtB;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,sBACd,IAAA,EAC6B;AAC7B,EAAA,MAAM,KAAA,GAAQ,KAAK,WAAW,CAAA;AAC9B,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM,OAAO,MAAA;AAClD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,OAAO,UAAU,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAK,CAAA,EAAG,OAAO,MAAA,CAAO,KAAK,CAAA;AACzE,EAAA,OAAO,MAAA;AACT;AClOO,IAAM,QAAA,GAAW,oEAAA;AAEjB,SAAS,iBAAA,CAAkB,OAAoC,QAAA,EAA0B;AAC9F,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM;AACzC,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAO,UAAU,QAAA,GAAW,KAAA,GAAQ,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA;AACrE;AAUO,SAAS,sBAAA,CACd,QACA,IAAA,EACyB;AACzB,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,oBAAoB,MAAA,CAAO,IAAA,CAAK,CAAC,KAAA,KAAU,KAAA,CAAM,SAAS,gBAAgB,CAAA;AAChF,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,IAAA,OAAO,EAAE,GAAG,IAAA,EAAK;AAAA,EACnB;AAEA,EAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC7D,IAAA,OAAO;AAAA,MACL,GAAG,IAAA;AAAA,MACH,cAAA,EAAgB,eAAe,OAAO;AAAA,KACxC;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,GAAG,IAAA,EAAK;AACnB;AAEO,SAAS,wBAAwB,IAAA,EAAuC;AAC7E,EAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC7D,IAAA,OAAO,aAAa,OAAO,CAAA;AAAA,EAC7B;AAEA,EAAA,MAAM,iBAAiB,IAAA,CAAK,cAAA;AAC5B,EAAA,IAAI,OAAO,cAAA,KAAmB,QAAA,IAAY,qBAAA,CAAsB,IAAA,CAAK,cAAc,CAAA,EAAG;AACpF,IAAA,OAAO,kBAAkB,cAAqB,CAAA;AAAA,EAChD;AAEA,EAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,EAAA,IAAI,OAAO,SAAA,KAAc,QAAA,IAAYA,SAAAA,CAAU,SAAS,CAAA,EAAG;AACzD,IAAA,OAAOC,WAAW,SAAS,CAAA;AAAA,EAC7B;AAEA,EAAA,OAAO,WAAA;AACT;;;ACzDA,SAAS,SAAS,KAAA,EAAwC;AACxD,EAAA,OAAO,OAAA,CAAQ,KAAK,CAAA,IAAK,OAAO,KAAA,KAAU,QAAA;AAC5C;AAEA,SAAS,QAAQ,KAAA,EAA8B;AAC7C,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,qBAAA,CAAsB,KAAK,KAAK,CAAA;AACtE;AAEO,SAAS,yBAAyB,EAAA,EAAwC;AAC/E,EAAA,IAAI,CAAC,QAAA,CAAS,EAAE,CAAA,EAAG;AACjB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAwB,CAAC,EAAA,CAAG,SAAS,EAAA,CAAG,EAAA,EAAI,GAAG,WAAW,CAAA;AAChE,EAAA,KAAA,MAAW,aAAa,UAAA,EAAY;AAClC,IAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACvB,MAAA,OAAO,SAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,sBAAsB,EAAA,EAA8B;AAClE,EAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAC3C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,cAAc,OAAA,CAAQ,IAAA;AAC5B,IAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,MAAA,OAAO,WAAA;AAAA,IACT;AACA,IAAA,MAAM,kBAAkB,OAAA,CAAQ,eAAA;AAChC,IAAA,IAAI,OAAA,CAAQ,eAAe,CAAA,EAAG;AAC5B,MAAA,OAAO,eAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,IAAI,SAAS,EAAE,CAAA,IAAK,OAAA,CAAQ,EAAA,CAAG,IAAI,CAAA,EAAG;AACpC,IAAA,OAAO,EAAA,CAAG,IAAA;AAAA,EACZ;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,yBAAyB,GAAA,EAAuB;AAC9D,EAAA,IAAI,CAAC,QAAA,CAAS,GAAG,CAAA,EAAG;AAClB,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAU,GAAA,CAAI,OAAA;AACpB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,WAAW,CAAA,EAAG;AACvD,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,OAAO,mBAAA,CAAoB,KAAK,OAAO,CAAA;AACzC;;;AClDA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oBAAoB,CAAA;AAAA,EAC/D;AAEA,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,MAAA,EAAQ,OAAO,IAAI,CAAA;AACtE,EAAA,MAAM,WAAA,GAAc,qBAAA,CAAsB,MAAA,CAAO,MAAA,EAAQ,YAAY,CAAA;AACrE,EAAA,MAAM,UAAA,GAAa,iBAAA;AAAA,IACjB,MAAA,CAAO,cAAA,IAAkB,qBAAA,CAAsB,YAAY,CAAA;AAAA,IAC3D;AAAA,GACF;AACA,EAAA,MAAM,SAAA,GAAY,wBAAwB,YAAY,CAAA;AAEtD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,EAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,MAAe,CAAA;AAElC,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,GAAA,CAAI,MAAA,CAAO;AAAA,MAC1B,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,WAAW,SAAA,IAAaE,WAAAA;AAAA,QACxB,cAAA,EAAgB,UAAA;AAAA,QAChB,SAAA,EAAW,OAAO,SAAA,IAAa,IAAA;AAAA,QAC/B,MAAA,EAAQ,OAAO,MAAA,IAAU,QAAA;AAAA,QACzB,IAAA,EAAM,WAAA;AAAA,QACN,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAM,GAAA,GAAO,MAAM,EAAA,CAAG,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,EAAE,CAAA,IAAK,QAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAE3C,IAAA,OAAO;AAAA,MACL,GAAA;AAAA,MACA,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAAA,EAAgC,EAAE,KAAK,CAAA;AAAA,EAClF;AACF;ACjDA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oBAAoB,CAAA;AAAA,EAC/D;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIC,GAAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,EAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,MAAe,CAAA;AAElC,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,GAAA,CAAI,MAAA,CAAO;AAAA,MAC1B,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAM,GAAG,IAAA,EAAK;AACd,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,EAAE,CAAA,IAAK,QAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAE3C,IAAA,OAAO;AAAA,MACL,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAAA,EAAgC,EAAE,KAAK,CAAA;AAAA,EAClF;AACF;ACVA,SAAS,wBACP,MAAA,EAKA;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,OAAA;AAAA,MACT,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,mBAAmB,MAAA,CAAO;AAAA,KAC5B;AAAA,IACA,KAAA,EAAO;AAAA,MACL,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAU;AAAA,QACpC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,SAAA,EAAU;AAAA,QACrC,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,MAAA,EAAO;AAAA,QAClC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAQ;AAAA,QAC9B,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,QACjC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,QACjC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,QAAA;AAAS;AACrC,KACF;AAAA,IACA,OAAA,EAAS;AAAA,MACP,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,cAAA,EAAgB,iBAAA,CAAkB,MAAA,CAAO,cAAA,EAAgB,EAAE,CAAA;AAAA,MAC3D,SAAA,EAAW,OAAO,SAAA,IAAa,IAAA;AAAA,MAC/B,MAAA,EAAQ,OAAO,MAAA,IAAU,QAAA;AAAA,MACzB,MAAM,MAAA,CAAO,WAAA;AAAA,MACb,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE,CAAA;AAAA,MACzC,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE,CAAA;AAAA,MACzC,QAAA,EAAU,iBAAA,CAAkB,MAAA,CAAO,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,EAAI,GAAI,GAAI,CAAA,GAAI,GAAG,CAAC;AAAA;AAC1F,GACF;AACF;AAEO,SAAS,mCACd,MAAA,EAKA;AACA,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,MAAA,EAAQ,OAAO,IAAI,CAAA;AACtE,EAAA,MAAM,WAAA,GAAc,qBAAA,CAAsB,MAAA,CAAO,MAAA,EAAQ,YAAY,CAAA;AACrE,EAAA,MAAM,SAAA,GAAY,wBAAwB,YAAY,CAAA;AAEtD,EAAA,OAAO,uBAAA,CAAwB;AAAA,IAC7B,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,WAAA;AAAA,IACA,SAAA;AAAA,IACA,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,cAAA,EAAgB,MAAA,CAAO,cAAA,IAAkB,qBAAA,CAAsB,YAAY,CAAA;AAAA,IAC3E,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEO,SAAS,mCACd,MAAA,EAKA;AACA,EAAA,OAAO,uBAAA,CAAwB;AAAA,IAC7B,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,gBAAgB,MAAA,CAAO,cAAA;AAAA,IACvB,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEO,SAAS,eAAe,SAAA,EAAwD;AACrF,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,SAAA,CAAU,IAAA,CAAK,SAAmB,CAAA;AACjD,IAAA,OAAO;AAAA,MACL,GAAG,MAAA,CAAO,CAAA;AAAA,MACV,GAAG,MAAA,CAAO,CAAA;AAAA,MACV,GAAG,MAAA,CAAO;AAAA,KACZ;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mBAAA,EAAqB,EAAE,KAAK,CAAA;AAAA,EACvE;AACF;AAEA,eAAsB,4BACpB,MAAA,EAC4C;AAC5C,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qBAAqB,CAAA;AAAA,EAChE;AAEA,EAAA,MAAM,SAAA,GAAY,mCAAmC,MAAM,CAAA;AAE3D,EAAA,OAAO;AAAA,IACL,gBAAA,EAAkB;AAAA,MAChB,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,MAC3B,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,GAAG,SAAA,CAAU;AAAA,KACf;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,2BACpB,MAAA,EAC2C;AAC3C,EAAA,IAAI,CAAC,MAAA,CAAO,QAAA,IAAY,OAAO,MAAA,CAAO,aAAa,QAAA,EAAU;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,sBAAsB,CAAA;AAAA,EACjE;AAEA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,OAAO,IAAA,CAAK,SAAA;AAAA,MAChB;AAAA,QACE,UAAU,MAAA,CAAO,QAAA;AAAA,QACjB,WAAW,MAAA,CAAO,SAAA;AAAA,QAClB,UAAU,MAAA,CAAO;AAAA,OACnB;AAAA,MACA,CAAC,MAAM,KAAA,KAAW,OAAO,UAAU,QAAA,GAAW,KAAA,CAAM,UAAS,GAAI;AAAA,KACnE;AAEA,IAAA,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,QAAA,EAAU;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wCAAA,EAA0C,EAAE,KAAK,CAAA;AAAA,EAC5F;AAEA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAW,MAAM,SAAS,IAAA,EAAK;AAAA,EACjC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAA,GAAU,EAAC;AAAA,EACb;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,UAAA,GAAgC;AAAA,MACpC,YAAY,QAAA,CAAS,MAAA;AAAA,MACrB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,KAAA,EAAQ,OAAA,CAAQ,KAAA,IAAiC,OAAA,CAAQ,OAAA;AAAA,MACzD;AAAA,KACF;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,iCAAiC,QAAA,CAAS,MAAM,KAAK,UAAU,CAAA;AAAA,EACxG;AAEA,EAAA,MAAM,GAAA,GAAQ,QAAQ,GAAA,IAA8B,QAAA;AACpD,EAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AAGvB,EAAA,MAAM,sBAAA,GACJ,QAAQ,MAAA,KAAW,WAAA,IACnB,QAAQ,OAAA,KAAY,IAAA,IACpB,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA;AACjC,EAAA,MAAM,MAAA,GAAoC,yBAAyB,WAAA,GAAc,WAAA;AAGjF,EAAA,MAAM,QAAuB,EAAC;AAC9B,EAAA,IAAI,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,EAAU,KAAA,CAAM,cAAc,OAAA,CAAQ,WAAA;AACzE,EAAA,IAAI,OAAO,OAAA,CAAQ,KAAA,KAAU,QAAA,EAAU,KAAA,CAAM,QAAQ,OAAA,CAAQ,KAAA;AAC7D,EAAA,IAAI,OAAO,OAAA,CAAQ,OAAA,KAAY,SAAA,EAAW,KAAA,CAAM,UAAU,OAAA,CAAQ,OAAA;AAElE,EAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AACtC,IAAA,IAAI,CAAC,CAAC,KAAA,EAAO,QAAA,EAAU,QAAA,EAAU,aAAA,EAAe,OAAA,EAAS,SAAS,CAAA,CAAE,QAAA,CAAS,GAAG,CAAA,EAAG;AACjF,MAAA,KAAA,CAAM,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAG,CAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAA2C,EAAE,GAAA,EAAK,MAAA,EAAQ,MAAA,EAAO;AACvE,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,SAAS,CAAA,EAAG;AACjC,IAAA,MAAA,CAAO,KAAA,GAAQ,KAAA;AAAA,EACjB;AACA,EAAA,OAAO,MAAA;AACT;ACxNA,IAAM,aAAA,GAAgB;AAAA,EACpB;AACF,CAAA;AAEA,SAAS,iBAAiB,KAAA,EAAiC;AACzD,EAAA,MAAM,SAAU,KAAA,CAAwC,eAAA;AACxD,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,OAAO,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,GAAK,MAAA,GAAiB,MAAA;AAChE;AAEA,SAAS,gBAAA,CACP,WAAA,EACA,MAAA,EACA,MAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAW,YAAY,IAAA,IAA6B,IAAA;AAC1D,EAAA,MAAM,UAAU,MAAA,GAAS,qBAAA,CAAsB,MAAA,EAAQ,OAAO,IAAI,EAAC;AACnE,EAAA,MAAM,YAAA,GAAe,CAAC,KAAA,KAA2B;AAC/C,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,OAAO,OAAO,KAAK,CAAA;AAAA,IACrB;AACA,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,SAAS,CAAA,EAAG;AACjD,MAAA,OAAO,OAAO,KAAK,CAAA;AAAA,IACrB;AACA,IAAA,OAAO,EAAA;AAAA,EACT,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,KAAK,WAAA,CAAY,GAAA;AAAA,IACjB,QAAQ,WAAA,CAAY,MAAA;AAAA,IACpB,UAAU,WAAA,CAAY,QAAA;AAAA,IACtB,WAAW,WAAA,CAAY,SAAA;AAAA,IACvB,MAAA;AAAA,IACA,SAAA,EAAW,OAAA,CAAQ,WAAA,CAAY,SAAS,CAAA;AAAA,IACxC,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,IACvD,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,IACvD,IAAA,EAAM,YAAA,CAAa,WAAA,CAAY,IAAI,CAAA;AAAA,IACnC,QAAQ,WAAA,CAAY,MAAA;AAAA,IACpB,IAAA,EAAM,OAAA;AAAA,IACN,GAAA,EAAK,SAAS,MAAA,GAAY;AAAA,GAC5B;AACF;AAEA,eAAsB,eACpB,MAAA,EACiC;AACjC,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,IAAIA,GAAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,IAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,QAAiB,CAAA;AACpC,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,OAAO,GAAG,CAAA;AAExD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,IAAO,MAAA,CAAO,WAAA,CAAY,GAAG,CAAA,KAAM,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAA,EAAG;AACxF,MAAA,MAAM,IAAI,cAAc,uBAAA,EAAyB,uBAAA,EAAyB,EAAE,GAAA,EAAK,MAAA,CAAO,KAAK,CAAA;AAAA,IAC/F;AAEA,IAAA,OAAO,gBAAA,CAAiB,WAAA,EAAa,MAAA,CAAO,MAAM,CAAA;AAAA,EACpD,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,eAAe,aAAA,EAAe;AAChC,MAAA,MAAM,GAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAAA,EAA8B,EAAE,KAAK,CAAA;AAAA,EAChF;AACF;AAEA,eAAe,sBAAA,CACb,kBAAA,EACA,QAAA,EACA,SAAA,EACA,SACA,OAAA,EACmC;AACnC,EAAA,MAAM,QAAA,GAAW,IAAI,QAAA,CAAS,kBAAA,EAAoB,eAAe,QAAQ,CAAA;AACzE,EAAA,MAAM,MAAA,GAAS,SAAS,OAAA,CAAQ,QAAA,CAAS,SAAS,SAAA,IAAa,IAAA,EAAM,OAAA,EAAS,QAAA,IAAY,IAAI,CAAA;AAE9F,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,MAAM,QAAA,CAAS,WAAA,CAAY,MAAA,EAAQ,WAAW,OAAO,CAAA;AAAA,EAChE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIA,GAAAA,CAAI,kBAAkB,CAAA;AACtC,EAAA,GAAA,CAAI,QAAQ,QAAQ,CAAA;AAEpB,EAAA,MAAM,YAAA,GAAe,SAAS,OAAA,EAAS,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,CAAA;AACjE,EAAA,MAAM,UAAoC,EAAC;AAE3C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,EAAG,MAAA,IAAU,KAAA,IAAU,MAAM,OAAA,CAAQ,KAAA,CAAM,IAAI,CAAA,CAAA,EAAI;AACrD,MAAA;AAAA,IACF;AACA,IAAA,MAAM,OAAO,KAAA,CAAM,IAAA;AACnB,IAAA,MAAM,GAAA,GAAM,OAAO,CAAC,CAAA;AACpB,IAAA,MAAM,SAAA,GAAY,OAAO,CAAC,CAAA;AAE1B,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,SAAA,EAAW;AACtB,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,gBAAgB,CAAC,YAAA,CAAa,SAAS,SAAA,CAAU,WAAA,EAAa,CAAA,EAAG;AACnE,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,GAAG,CAAA;AACjD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,EAAK;AACpC,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,KAAK,gBAAA,CAAiB,WAAA,EAAa,QAAW,gBAAA,CAAiB,KAAK,CAAC,CAAC,CAAA;AAAA,EAChF;AAEA,EAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,OAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAC9C,EAAA,OAAO,OAAA;AACT;AAEA,eAAsB,sBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,IAAY,MAAO,SAAuD,cAAA,EAAe;AAChH,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAClE,EAAA,OAAO,sBAAA;AAAA,IACL,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,WAAW,YAAA,CAAa,MAAA,CAAO,UAAU,CAAA,EAAG,OAAA,EAAS,OAAO,OAAA;AAAQ,GACxE;AACF;AAEA,eAAsB,0BACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,IAAY,MAAO,SAAuD,cAAA,EAAe;AAChH,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAElE,EAAA,IAAI,MAAA,CAAO,KAAA,KAAU,MAAA,IAAa,MAAA,CAAO,SAAS,CAAA,EAAG;AACnD,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,UAAU,MAAM,sBAAA;AAAA,IACpB,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,QAAA,EAAU,MAAA,CAAO,QAAA,EAAU,OAAA,EAAS,OAAO,OAAA;AAAQ,GACvD;AAEA,EAAA,OAAO,MAAA,CAAO,UAAU,MAAA,GAAY,OAAA,CAAQ,MAAM,CAAA,EAAG,MAAA,CAAO,KAAK,CAAA,GAAI,OAAA;AACvE;AAEA,eAAsB,iBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAA,IAAS,EAAA;AAC9B,EAAA,IAAI,SAAS,CAAA,EAAG;AACd,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,qBAAA,CAAsB,MAAM,CAAA;AAClD,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA;AAC/B;AAUA,eAAsB,sBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAO,QAAA,CAAuD,cAAA,EAAe;AAC7F,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAElE,EAAA,MAAM,UAAU,MAAM,sBAAA;AAAA,IACpB,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,OAAA,EAAS,MAAA,CAAO,OAAA;AAAQ,GAC5B;AAEA,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,MAAA,CAAO,SAAS,EAAE,CAAA;AAC5C;AAEO,SAAS,mBAAmB,YAAA,EAAkE;AACnG,EAAA,MAAM,IAAA,uBAAW,GAAA,EAAoC;AAErD,EAAA,KAAA,MAAW,eAAe,YAAA,EAAc;AACtC,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,CAAY,IAAA,CAAK,WAAW,EAAE,CAAA;AACrD,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,CAAY,IAAA,CAAK,WAAW,EAAE,CAAA;AACrD,IAAA,MAAM,KAAA,GAAQ,gBAAgB,OAAO,CAAA;AACrC,IAAA,MAAM,GAAA,GAAM,GAAG,WAAA,CAAY,QAAA,CAAS,aAAa,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA;AAErE,IAAA,IAAI,CAAC,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA,EAAG;AAClB,MAAA,IAAA,CAAK,GAAA,CAAI,KAAK,WAAW,CAAA;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC5B,IAAA,IAAI,WAAA,CAAY,IAAA,GAAO,OAAA,CAAQ,IAAA,EAAM;AACnC,MAAA,IAAA,CAAK,GAAA,CAAI,KAAK,WAAW,CAAA;AAAA,IAC3B;AAAA,EACF;AAEA,EAAA,OAAO,CAAC,GAAG,IAAA,CAAK,MAAA,EAAQ,CAAA;AAC1B;AAEO,SAAS,iCAAiC,YAAA,EAAgD;AAC/F,EAAA,MAAM,OAAA,GAAU,mBAAmB,YAAY,CAAA;AAC/C,EAAA,MAAM,OAAA,GAAU,OAAA,CACb,GAAA,CAAI,CAAC,WAAA,KAAgB,YAAY,IAAA,CAAK,WAAW,CAAA,CACjD,MAAA,CAAO,CAAC,KAAA,KAAU,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,QAAQ,CAAA,CACxE,IAAI,CAAC,KAAA,KAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AAE/B,EAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,IAAA,OAAO,CAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAA,GAAQ,QAAQ,MAAA,CAAO,CAAC,KAAK,KAAA,KAAU,GAAA,GAAM,OAAO,CAAC,CAAA;AAC3D,EAAA,OAAO,QAAQ,OAAA,CAAQ,MAAA;AACzB;AAEO,SAAS,gBAAgB,OAAA,EAAyB;AACvD,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA;AACpC,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B,EAAE,SAAS,CAAA;AAAA,EAClF;AACA,EAAA,OAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AACxB;AChPA,IAAM,aAAA,GAA6C;AAAA,EACjD,CAAA,EAAG;AAAA,IACD,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,sBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,EAAA,EAAI;AAAA,IACF,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,iCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,GAAA,EAAK;AAAA,IACH,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,yBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,sBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,KAAA,EAAO;AAAA,IACL,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,qBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,QAAA,EAAU;AAAA,IACR,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,8BAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,iCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,kBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,KAAA,EAAO;AAAA,IACL,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,yCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,kBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB;AAEJ,CAAA;AAEA,IAAM,aAAA,GAAgB,oBAAA;AAEtB,SAAS,UAAU,OAAA,EAA8B;AAC/C,EAAA,MAAM,MAAA,GAAS,cAAc,OAAO,CAAA;AACpC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,wBAAA,EAA0B;AAAA,MACrE,OAAA;AAAA,MACA,WAAW,oBAAA;AAAqB,KACjC,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,oBAAA,GAAiC;AAC/C,EAAA,OAAO,MAAA,CAAO,KAAK,aAAa,CAAA,CAAE,IAAI,CAACV,GAAAA,KAAO,MAAA,CAAOA,GAAE,CAAC,CAAA;AAC1D;AAEO,SAAS,iBAAiB,OAAA,EAA0B;AACzD,EAAA,OAAO,OAAA,IAAW,aAAA;AACpB;AAEO,SAAS,iBAAA,CAAkB,SAAiB,OAAA,EAAuC;AACxF,EAAA,MAAM,MAAA,GAAS,UAAU,OAAO,CAAA;AAChC,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAChC,EAAA,MAAM,QAAQ,IAAA,GAAO,GAAA;AACrB,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,KAAA;AAAA,IACA,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,cAAc,MAAA,CAAO;AAAA,GACvB;AACF;AAEO,SAAS,aAAA,CACd,cAAA,EACA,mBAAA,EACA,OAAA,EACY;AACZ,EAAA,MAAM,IAAA,GAAO;AAAA,IACX,MAAA,EAAQ,aAAA;AAAA,IACR,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,SAAA,GAAYW,aAAa,IAAI,CAAA;AACnC,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,6BAA6B,CAAA;AAAA,EACxE;AAEA,EAAA,OAAOT,YAAY,SAAS,CAAA;AAC9B;AAEO,SAAS,QAAA,CAAS,WAAuB,OAAA,EAAsB;AACpE,EAAA,IAAI,CAAC,gBAAA,CAAiB,OAAO,CAAA,EAAG;AAC9B,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,wBAAA,EAA0B,EAAE,SAAS,CAAA;AAAA,EACpF;AAGA,EAAA,IAAI,YAAY,CAAA,EAAG;AACjB,IAAA,OAAOC,OAAO,SAAS,CAAA;AAAA,EACzB;AAEA,EAAA,OAAOF,UAAU,SAAS,CAAA;AAC5B;AAEO,SAAS,uBAAA,CACd,OAAA,EACA,YAAA,EACA,OAAA,EACA,OAAA,EACQ;AACR,EAAA,MAAM,EAAE,IAAA,EAAM,KAAA,EAAM,GAAI,iBAAA,CAAkB,SAAS,OAAO,CAAA;AAC1D,EAAA,MAAM,cAAA,GAAiB,eAAe,OAAO,CAAA;AAC7C,EAAA,MAAM,mBAAA,GAAsB,eAAe,YAAY,CAAA;AACvD,EAAA,MAAM,IAAA,GAAO,aAAA,CAAc,cAAA,EAAgB,mBAAA,EAAqB,OAAO,CAAA;AACvE,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,IAAA,EAAM,OAAO,CAAA;AACrC,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,MAAM,CAAA,GAAI,KAAA;AAChC,EAAA,OAAO,IAAA,GAAO,MAAA;AAChB;AAEO,SAAS,oCAAA,CACd,cAAA,EACA,mBAAA,EACA,OAAA,EACA,OAAA,EACQ;AACR,EAAA,OAAO,uBAAA;AAAA,IACL,cAAA,CAAe,SAAS,cAAc,CAAA;AAAA,IACtC,cAAA,CAAe,SAAS,mBAAmB,CAAA;AAAA,IAC3C,OAAA;AAAA,IACA;AAAA,GACF;AACF;AAEO,SAAS,yBAAA,CACd,OAAA,EACA,MAAA,EACA,OAAA,EACqB;AACrB,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,EAAG;AACvC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAA,EAAuC,EAAE,QAAQ,CAAA;AAAA,EAC5F;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,kBAAA;AAAA,IACX,YAAA,EAAc,OAAA;AAAA,IACd,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,UAAU,OAAO,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;AAEO,SAAS,oBAAA,CAAqB,QAAyB,OAAA,EAAyB;AACrF,EAAA,MAAM,MAAA,GAAS,UAAU,OAAO,CAAA;AAChC,EAAA,MAAM,UAAA,GAAa,OAAO,MAAA,KAAW,QAAA,GAAW,OAAO,IAAA,CAAK,KAAA,CAAM,MAAM,CAAC,CAAA,GAAI,MAAA;AAC7E,EAAA,OAAO,CAAA,EAAG,YAAY,UAAA,EAAY,MAAA,CAAO,QAAQ,CAAC,CAAA,CAAA,EAAI,OAAO,YAAY,CAAA,CAAA;AAC3E;AAEO,SAAS,gBAAA,CAAiB,SAAiB,MAAA,EAAqB;AACrE,EAAA,OAAO,GAAG,SAAA,CAAU,OAAO,CAAA,CAAE,QAAQ,OAAO,MAAM,CAAA,CAAA;AACpD;AAEO,SAAS,qBAAA,CAAsB,SAAiB,OAAA,EAAyB;AAC9E,EAAA,OAAO,GAAG,SAAA,CAAU,OAAO,CAAA,CAAE,QAAQ,YAAY,OAAO,CAAA,CAAA;AAC1D;ACvMO,SAAS,mCAAmC,WAAA,EAAgD;AACjG,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAY;AAElC,EAAA,KAAA,MAAW,UAAU,OAAA,EAA2C;AAE9D,IAAA,MAAM,sBAAsB,MAAA,CAAO,mBAAA;AACnC,IAAA,IAAI,OAAO,wBAAwB,QAAA,EAAU;AAC3C,MAAA,IAAI;AACF,QAAA,SAAA,CAAU,GAAA,CAAIM,UAAAA,CAAW,qBAAA,CAAsB,mBAAmB,CAAC,CAAC,CAAA;AAAA,MACtE,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAGA,IAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,IAAA,IAAI,OAAO,iBAAiB,QAAA,EAAU;AACpC,MAAA,MAAM,WAAW,YAAA,CAAa,UAAA,CAAW,IAAI,CAAA,GAAI,YAAA,GAAe,KAAK,YAAY,CAAA,CAAA;AACjF,MAAA,IAAID,SAAAA,CAAU,QAAQ,CAAA,EAAG;AACvB,QAAA,SAAA,CAAU,GAAA,CAAIC,UAAAA,CAAW,QAAQ,CAAC,CAAA;AAAA,MACpC;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,CAAC,GAAG,SAAS,CAAA;AACtB;AAKO,SAAS,2BACd,WAAA,EACgC;AAChC,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,OAAuC,EAAC;AAE9C,EAAA,KAAA,MAAW,UAAU,OAAA,EAA2C;AAC9D,IAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,IAAA,IAAI,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,IAAY,CAAC,KAAA,CAAM,OAAA,CAAQ,YAAY,CAAA,EAAG;AACpF,MAAA,IAAA,CAAK,KAAK,YAAuC,CAAA;AAAA,IACnD;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAWO,SAAS,8BAAA,CACd,aACA,qBAAA,EACqC;AACrC,EAAA,MAAM,MAAA,GAAS,iBAAiB,qBAAqB,CAAA;AAGrD,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,WAAA,GAAc,YAAY,qBAAqB,CAAA;AACrD,MAAA,MAAM,YAAA,GAAe,2BAA2B,WAAW,CAAA;AAE3D,MAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,QAAA,IAAI;AACF,UAAA,IAAI,eAAA,CAAgB,MAAA,EAAQ,WAAW,CAAA,EAAG;AACxC,YAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,UACvB;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACV;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACV;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,eAAA;AACJ,EAAA,IAAI;AACF,IAAA,eAAA,GAAkBA,UAAAA,CAAW,qBAAA,CAAsB,qBAAqB,CAAC,CAAA;AAAA,EAC3E,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,sEAAA,EAAuE;AAAA,EACxG;AAEA,EAAA,MAAM,SAAA,GAAY,mCAAmC,WAAW,CAAA;AAChE,EAAA,IAAI,SAAA,CAAU,IAAA,CAAK,CAAC,OAAA,KAAY,OAAA,CAAQ,aAAY,KAAM,eAAA,CAAgB,WAAA,EAAa,CAAA,EAAG;AACxF,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,uDAAuD,eAAe,CAAA,CAAA;AAAA,GAChF;AACF;AAEA,eAAsB,0BAAA,CACpB,MAAA,EACA,qBAAA,EACA,OAAA,GAA6C,EAAC,EACA;AAC9C,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,gBAAA,GACxB,MAAM,OAAA,CAAQ,iBAAiB,MAAM,CAAA,GACrC,MAAM,gBAAA,CAAiB,MAAM,CAAA;AAEjC,EAAA,OAAO,8BAAA,CAA+B,aAAa,qBAAqB,CAAA;AAC1E;AChJO,SAAS,iBAAA,CACd,IAAA,EACA,OAAA,EACA,OAAA,EACA,iBAAA,EAC4E;AAC5E,EAAA,OAAO,EAAE,IAAA,EAAM,OAAA,EAAS,OAAA,EAAS,iBAAA,EAAkB;AACrD;AAEO,SAAS,2BAAA,GAGd;AACA,EAAA,OAAO;AAAA,IACL,WAAA,EAAa,eAAA;AAAA,IACb,KAAA,EAAO;AAAA,MACL,aAAA,EAAe;AAAA,QACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,QAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,QACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC;AACF,GACF;AACF;AAEO,SAAS,qBAAA,CACd,WAKA,SAAA,EACqC;AACrC,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,eAAA;AAAA,MACb,SAAA,CAAU,MAAA;AAAA,MACV,SAAA,CAAU,KAAA;AAAA,MACV,SAAA,CAAU,OAAA;AAAA,MACV;AAAA,KACF;AAEA,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAO;AAAA,EAC/B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AACF;;;ACnCO,SAAS,kBAAkB,MAAA,EAAoC;AACpE,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,OAAA,GAAU,MAAA,CACb,KAAA,CAAM,QAAQ,CAAA,CACd,GAAA,CAAI,CAAC,KAAA,KAAU,KAAA,CAAM,IAAA,EAAM,CAAA,CAC3B,OAAO,OAAO,CAAA;AAEjB,EAAA,MAAM,SAA6C,EAAC;AACpD,EAAA,MAAM,cAAqB,EAAC;AAE5B,EAAA,KAAA,MAAW,SAAS,OAAA,EAAS;AAC3B,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA;AACjC,IAAA,IAAI,YAAY,EAAA,EAAI;AACpB,IAAA,MAAM,MAAM,KAAA,CAAM,KAAA,CAAM,CAAA,EAAG,OAAO,EAAE,IAAA,EAAK;AACzC,IAAA,MAAM,QAAQ,KAAA,CAAM,KAAA,CAAM,OAAA,GAAU,CAAC,EAAE,IAAA,EAAK;AAC5C,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,KAAA,EAAO;AAEpB,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,WAAA,CAAY,KAAK,KAAK,CAAA;AAAA,IACxB,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI,KAAA;AAAA,IAChB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAS,MAAA,CAAO,CAAA;AAAA,IAChB,UAAA,EAAY,YAAY,CAAC,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEO,SAAS,kBAAkB,aAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,aAAa,aAAa,CAAA;AAC7C,EAAA,OAAO,kBAAkB,UAAU,CAAA,CAAA;AACrC;ACEA,IAAM,qBAAA,GAAwB;AAAA,EAC5B,SAAA;AAAA,EACA,aAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,IAAM,uBAAA,GAA0B;AAAA,EAC9B,SAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,SAAS,qBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAAS,qBAAA,EAAuB;AACzC,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAEA,SAAS,uBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAAS,uBAAA,EAAyB;AAC3C,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAMA,SAAS,OAAA,CAAQT,KAAAA,EAAc,OAAA,EAAiB,OAAA,EAAmE;AACjH,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,KAAA,EAAO,EAAE,IAAA,EAAAA,KAAAA,EAAM,OAAA,EAAQ;AAAA,IACvB,GAAG;AAAA,GACL;AACF;AAyBA,eAAsB,qBAAA,CACpB,UACA,OAAA,EACyD;AAEzD,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAO,OAAA,CAAQ,oBAAoB,oCAAoC,CAAA;AAAA,EACzE;AACA,EAAA,IAAI,QAAA,CAAS,WAAW,KAAA,EAAO;AAC7B,IAAA,OAAO,OAAA,CAAQ,kBAAA,EAAoB,CAAA,4BAAA,EAA+B,QAAA,CAAS,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACtF;AACA,EAAA,IAAI,OAAO,QAAA,CAAS,SAAA,KAAc,YAAY,QAAA,CAAS,SAAA,CAAU,WAAW,CAAA,EAAG;AAC7E,IAAA,OAAO,OAAA,CAAQ,oBAAoB,+CAA+C,CAAA;AAAA,EACpF;AAEA,EAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAG5B,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO,OAAA,CAAQ,iBAAiB,4DAA4D,CAAA;AAAA,EAC9F;AAGA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,sBAAsB,UAAU,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAA,CAAQ,iBAAiB,uCAAuC,CAAA;AAAA,EACzE;AAGA,EAAA,IAAI,CAAC,MAAA,CAAO,GAAA,IAAO,OAAO,MAAA,CAAO,QAAQ,QAAA,EAAU;AACjD,IAAA,OAAO,OAAA,CAAQ,aAAA,EAAe,6BAAA,EAA+B,EAAE,QAAQ,CAAA;AAAA,EACzE;AAGA,EAAA,MAAM,MAAM,OAAO,MAAA,CAAO,GAAA,KAAQ,QAAA,GAAW,OAAO,GAAA,GAAM,IAAA;AAC1D,EAAA,MAAM,cAAc,MAAA,CAAO,GAAA;AAE3B,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,WAAA,EAAa;AACxB,IAAA,OAAO,OAAA;AAAA,MACL,sBAAA;AAAA,MACA,oDAAA;AAAA,MACA,EAAE,MAAA;AAAO,KACX;AAAA,EACF;AAGA,EAAA,IAAI,YAAA;AACJ,EAAA,IAAI,eAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AAEf,IAAA,MAAM,UAAA,GAAa,kBAAkB,WAAW,CAAA;AAChD,IAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,MAAA,OAAO,OAAA;AAAA,QACL,sBAAA;AAAA,QACA,CAAA,yBAAA,EAA4B,WAAW,KAAK,CAAA,CAAA;AAAA,QAC5C,EAAE,MAAA;AAAO,OACX;AAAA,IACF;AAEA,IAAA,YAAA,GAAe,WAAA;AACf,IAAA,eAAA,GAAkB,cAAA;AAGlB,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,GAAA,EAAK,SAAS,cAAc,CAAA;AAC5E,QAAA,IAAI,CAAC,eAAA,CAAgB,YAAA,EAAc,QAAA,CAAS,YAAY,CAAA,EAAG;AACzD,UAAA,OAAO,OAAA;AAAA,YACL,cAAA;AAAA,YACA,0DAAA;AAAA,YACA,EAAE,QAAQ,GAAA;AAAI,WAChB;AAAA,QACF;AAAA,MACF,SAAS,GAAA,EAAK;AAAA,MAKd;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AAEL,IAAA,eAAA,GAAkB,gBAAA;AAClB,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,GAAA,EAAM,SAAS,cAAc,CAAA;AAC7E,MAAA,YAAA,GAAe,QAAA,CAAS,YAAA;AAAA,IAC1B,SAAS,GAAA,EAAK;AACZ,MAAA,MAAM,OAAA,GACJ,GAAA,YAAe,aAAA,GACX,CAAA,uBAAA,EAA0B,GAAG,MAAM,GAAA,CAAI,OAAO,CAAA,CAAA,GAC9C,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAA,CAAA;AACnC,MAAA,OAAO,QAAQ,uBAAA,EAAyB,OAAA,EAAS,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IAClE;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,YAAA,EAAiD,OAAO,GAAa,CAAA;AACjG,IAAA,MAAM,MAAA,GAAS,MAAM,aAAA,CAAc,UAAA,EAAY,GAAG,CAAA;AAGlD,IAAA,MAAM,cAAc,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,OAAO,OAAO,CAAA;AAC3D,IAAA,OAAA,GAAU,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EAClC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,OAAA,GAAU,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,+BAAA;AACrD,IAAA,OAAO,QAAQ,mBAAA,EAAqB,OAAA,EAAS,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC9D;AAGA,EAAA,MAAM,YAAA,GAAe,YAAY,YAAY,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,IAAA;AAAA,IACP,MAAA;AAAA,IACA,OAAA;AAAA,IACA,GAAA;AAAA,IACA,YAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF;AACF;AAiBA,eAAsB,kBAAA,CACpB,UACA,OAAA,EACyD;AACzD,EAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA;AAC5D,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,EAAO,OAAO,MAAA;AAE1B,EAAA,MAAM,YAAA,GAAe,oBAAA,CAAqB,MAAA,CAAO,OAAO,CAAA;AACxD,EAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,IAAA,OAAO,OAAA;AAAA,MACL,uBAAA;AAAA,MACA,CAAA,8BAAA,EAAiC,aAAa,KAAK,CAAA,CAAA;AAAA,MACnD;AAAA,QACE,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,cAAc,MAAA,CAAO,YAAA;AAAA,QACrB,iBAAiB,MAAA,CAAO,eAAA;AAAA,QACxB,cAAc,MAAA,CAAO;AAAA;AACvB,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAiBA,eAAsB,oBAAA,CACpB,UACA,OAAA,EACyD;AACzD,EAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA;AAC5D,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,EAAO,OAAO,MAAA;AAE1B,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,OAAO,CAAA;AAC1D,EAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,IAAA,OAAO,OAAA;AAAA,MACL,yBAAA;AAAA,MACA,CAAA,gCAAA,EAAmC,aAAa,KAAK,CAAA,CAAA;AAAA,MACrD;AAAA,QACE,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,cAAc,MAAA,CAAO,YAAA;AAAA,QACrB,iBAAiB,MAAA,CAAO,eAAA;AAAA,QACxB,cAAc,MAAA,CAAO;AAAA;AACvB,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AC5RA,IAAM,YAAA,GAAe;AAAA,EACnB,IAAA,EAAM,YAAA;AAAA,EACN,OAAA,EAAS,GAAA;AAAA,EACT,OAAA,EAAS;AACX,CAAA;AAKA,IAAM,cAAA,GAAiB;AAAA,EACrB,IAAA,EAAM,cAAA;AAAA,EACN,OAAA,EAAS,GAAA;AAAA,EACT,OAAA,EAAS;AACX,CAAA;AAMA,IAAM,WAAA,GAAc;AAAA,EAClB,KAAA,EAAO;AAAA,IACL,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AAAA,IACnC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA,EAAS;AAAA,IACtC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,QAAA,EAAS;AAAA,IACjC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,QAAA,EAAS;AAAA,IAClC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,QAAA,EAAS;AAAA,IACjC,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA;AAAU;AAE1C,CAAA;AAMA,IAAM,aAAA,GAAgB;AAAA,EACpB,OAAA,EAAS;AAAA,IACP,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AAAA,IACnC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,QAAA,EAAS;AAAA,IAClC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA,EAAS;AAAA,IACtC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAU;AAAA,IACpC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA;AAAS;AAE1C,CAAA;AAMA,IAAMc,sBAAAA,GAAwB;AAAA,EAC5B,SAAA;AAAA,EACA,aAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,IAAMC,wBAAAA,GAA0B;AAAA,EAC9B,SAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,SAASC,sBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAASF,sBAAAA,EAAuB;AACzC,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAEA,SAASG,wBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAASF,wBAAAA,EAAyB;AAC3C,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAMA,SAASG,QAAAA,CACPlB,KAAAA,EACA,OAAA,EACA,OAAA,EAC2B;AAC3B,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,KAAA,EAAO,EAAE,IAAA,EAAAA,KAAAA,EAAM,OAAA,EAAQ;AAAA,IACvB,GAAG;AAAA,GACL;AACF;AAcA,SAAS,oBAAoB,OAAA,EAA2D;AACtF,EAAA,OAAO;AAAA,IACL,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,aAAa,OAAA,CAAQ,WAAA;AAAA,IACrB,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,UAAA,EAAY,QAAQ,UAAA,IAAc;AAAA,GACpC;AACF;AAEA,SAAS,sBAAsB,OAAA,EAA2D;AACxF,EAAA,OAAO;AAAA,IACL,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,aAAa,OAAA,CAAQ,WAAA;AAAA,IACrB,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,WAAA,EAAa,QAAQ,WAAA,IAAe;AAAA,GACtC;AACF;AAgBO,SAAS,wBAAA,CACd,UACA,YAAA,EACsD;AAEtD,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAOkB,QAAAA,CAAQ,oBAAoB,oCAAoC,CAAA;AAAA,EACzE;AACA,EAAA,IAAI,QAAA,CAAS,WAAW,QAAA,EAAU;AAChC,IAAA,OAAOA,QAAAA,CAAQ,kBAAA,EAAoB,CAAA,+BAAA,EAAkC,QAAA,CAAS,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACzF;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,OAAO,QAAA,CAAS,OAAA,KAAY,QAAA,IAAY,KAAA,CAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA,EAAG;AAChG,IAAA,OAAOA,QAAAA,CAAQ,mBAAmB,gDAAgD,CAAA;AAAA,EACpF;AACA,EAAA,IAAI,OAAO,QAAA,CAAS,SAAA,KAAc,YAAY,QAAA,CAAS,SAAA,CAAU,WAAW,CAAA,EAAG;AAC7E,IAAA,OAAOA,QAAAA,CAAQ,qBAAqB,qDAAqD,CAAA;AAAA,EAC3F;AAEA,EAAA,MAAM,UAAU,QAAA,CAAS,OAAA;AAGzB,EAAA,IAAI,iBAAiB,OAAA,EAAS;AAC5B,IAAA,MAAM,KAAA,GAAQF,sBAAqB,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,MAAM,KAAA,EAAO;AAChB,MAAA,OAAOE,QAAAA;AAAA,QACL,uBAAA;AAAA,QACA,CAAA,8BAAA,EAAiC,MAAM,KAAK,CAAA,CAAA;AAAA,QAC5C,EAAE,OAAA;AAAQ,OACZ;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AACL,IAAA,MAAM,KAAA,GAAQD,wBAAuB,OAAO,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAM,KAAA,EAAO;AAChB,MAAA,OAAOC,QAAAA;AAAA,QACL,yBAAA;AAAA,QACA,CAAA,gCAAA,EAAmC,MAAM,KAAK,CAAA,CAAA;AAAA,QAC9C,EAAE,OAAA;AAAQ,OACZ;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,MAAA,GAAS,YAAA,KAAiB,OAAA,GAAU,YAAA,GAAe,cAAA;AACzD,EAAA,MAAM,KAAA,GAAQ,YAAA,KAAiB,OAAA,GAAU,WAAA,GAAc,aAAA;AACvD,EAAA,MAAM,UACJ,YAAA,KAAiB,OAAA,GACb,oBAAoB,OAAO,CAAA,GAC3B,sBAAsB,OAAO,CAAA;AAGnC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAASC,eAAAA;AAAA,MACP,MAAA;AAAA,MACA,KAAA;AAAA,MACA,OAAA;AAAA,MACA,QAAA,CAAS;AAAA,KACX;AACA,IAAA,MAAA,GAASV,WAAW,MAAM,CAAA;AAAA,EAC5B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAMW,QAAAA,GAAU,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,uCAAA;AACrD,IAAA,OAAOF,QAAAA,CAAQ,mBAAA,EAAqBE,QAAAA,EAAS,EAAE,SAAS,CAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,IAAA;AAAA,IACP,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAeO,SAAS,sBACd,QAAA,EACsD;AACtD,EAAA,OAAO,wBAAA,CAAyB,UAAU,OAAO,CAAA;AACnD;AAeO,SAAS,wBACd,QAAA,EACsD;AACtD,EAAA,OAAO,wBAAA,CAAyB,UAAU,SAAS,CAAA;AACrD;;;ACnSA,SAAS,aAAa,KAAA,EAAwB;AAC5C,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AACvB,MAAA,MAAM,GAAG,OAAO,CAAA,GAAI,KAAA,CAAM,MAAM,GAAG,CAAA;AACnC,MAAA,OAAO,OAAO,OAAO,CAAA;AAAA,IACvB;AACA,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAEA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,YAAY,WAAA,EAAqD;AACxE,EAAA,MAAM,SAAA,GAAY,YAAY,IAAA,CAAK,MAAA;AACnC,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,SAAS,CAAA,EAAG;AAC7B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,OAAO,SAAA,CACJ,GAAA,CAAI,CAAC,KAAA,KAAU;AACd,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,IAAI;AACF,QAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,MACzB,CAAA,CAAA,MAAQ;AACN,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,IAAI,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACtC,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,OAAO,IAAA;AAAA,EACT,CAAC,EACA,MAAA,CAAO,CAAC,UAAiC,OAAA,CAAQ,KAAA,EAAO,SAAS,CAAC,CAAA;AACvE;AAEA,SAAS,gBAAgB,KAAA,EAAmC;AAC1D,EAAA,IAAI,KAAA,CAAM,iBAAiB,eAAA,EAAiB;AAC1C,IAAA,OAAO,eAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT;AAEA,SAAS,iBAAiB,UAAA,EAA6C;AACrE,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,2BAAA,EAA6B,4BAA4B,CAAA;AAAA,EACnF;AACA,EAAA,MAAM,UAAA,GAAa,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAChE,EAAA,MAAM,MAAA,GAAS,UAAA,CAAW,MAAA,CAAO,UAAA,CAAW,MAAA,GAAA,CAAW,IAAK,UAAA,CAAW,MAAA,GAAS,CAAA,IAAM,CAAA,EAAI,GAAG,CAAA;AAC7F,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,IAAA,IAAA,GAAO,kBAAA;AAAA,MACL,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,KACZ;AAAA,EACF,CAAA,MAAO;AACL,IAAA,IAAA,GAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,EACtD;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AACxB;AAEA,eAAsB,YAAY,MAAA,EAAuD;AACvF,EAAA,MAAM,EAAE,KAAA,EAAO,QAAA,EAAU,kBAAA,EAAoB,uBAAsB,GAAI,MAAA;AAEvE,EAAA,IAAI;AACF,IAAA,QAAQ,MAAM,SAAA;AAAW,MACvB,KAAK,kBAAA,EAAoB;AACvB,QAAA,IAAI,CAAC,QAAA,EAAU;AACb,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AACA,QAAA,IAAI,CAAC,kBAAA,IAAsB,CAAC,qBAAA,EAAuB;AACjD,UAAA,OAAO;AAAA,YACL,KAAA,EAAO,KAAA;AAAA,YACP,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,MAAA,EAAQ;AAAA,WACV;AAAA,QACF;AAEA,QAAA,MAAM,cAAc,KAAA,CAAM,WAAA;AAC1B,QAAA,MAAM,OAAA,GAAU,YAAA,CAAa,WAAA,CAAY,OAAO,CAAA;AAChD,QAAA,MAAM,EAAA,GAAK,MAAO,QAAA,CAAgE,cAAA;AAAA,UAChF,WAAA,CAAY;AAAA,SACd;AACA,QAAA,IAAI,CAAC,EAAA,EAAI;AACP,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,uBAAA,EAAwB;AAAA,QACrF;AAEA,QAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,UACrB,kBAAA;AAAA,UACA,qBAAA;AAAA,UACA,OAAA;AAAA,UACA,gBAAgB,KAAK;AAAA,SACvB;AAEA,QAAA,MAAM,cAAA,GAAiBX,UAAAA,CAAW,qBAAA,CAAsB,kBAAkB,CAAC,CAAA;AAC3E,QAAA,MAAM,iBAAA,GAAoBA,UAAAA,CAAW,qBAAA,CAAsB,qBAAqB,CAAC,CAAA;AAEjF,QAAA,IAAI,GAAG,IAAA,IAAQA,UAAAA,CAAW,EAAA,CAAG,IAAI,MAAM,cAAA,EAAgB;AACrD,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,6BAAA,EAA8B;AAAA,QAC3F;AAEA,QAAA,IAAI,GAAG,EAAA,IAAMA,UAAAA,CAAW,EAAA,CAAG,EAAE,MAAM,iBAAA,EAAmB;AACpD,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,gCAAA,EAAiC;AAAA,QAC9F;AAEA,QAAA,IAAI,MAAA,CAAO,EAAA,CAAG,KAAK,CAAA,KAAM,cAAA,EAAgB;AACvC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,6BAAA,EAA8B;AAAA,QAC3F;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,gBAAA,EAAkB;AACrB,QAAA,IAAI,CAAC,QAAA,EAAU;AACb,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AACA,QAAA,MAAM,cAAc,KAAA,CAAM,WAAA;AAC1B,QAAA,MAAM,EAAA,GAAK,MAAO,QAAA,CAAgE,cAAA;AAAA,UAChF,WAAA,CAAY;AAAA,SACd;AACA,QAAA,IAAI,CAAC,EAAA,EAAI;AACP,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,uBAAA,EAAwB;AAAA,QACrF;AAEA,QAAA,IAAI,CAAC,GAAG,EAAA,EAAI;AACV,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,4BAAA,EAA6B;AAAA,QAC1F;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,YAAA,EAAc;AACjB,QAAA,MAAM,SAAS,KAAA,CAAM,WAAA;AAMrB,QAAA,MAAM,SAAA,GAAY;AAAA,UAChB,QAAQ,MAAA,CAAO,MAAA;AAAA,UACf,KAAA,EAAO;AAAA,YACL,aAAA,EAAe;AAAA,cACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,cAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,cAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,cACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,cAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,cAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,cACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC,WACF;AAAA,UACA,SAAS,MAAA,CAAO;AAAA,SAClB;AAEA,QAAA,MAAM,YAAA,GAAe,qBAAA,CAAsB,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AACtE,QAAA,IAAI,CAAC,YAAA,CAAa,KAAA,IAAS,CAAC,aAAa,MAAA,EAAQ;AAC/C,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAEA,QAAA,IAAI,OAAO,MAAA,CAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,EAAU;AAC7C,UAAA,MAAM,QAAA,GAAWA,UAAAA,CAAW,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA;AACjD,UAAA,IAAIA,UAAAA,CAAW,YAAA,CAAa,MAAM,CAAA,KAAM,QAAA,EAAU;AAChD,YAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,UACzF;AAAA,QACF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,SAAA,EAAW;AACd,QAAA,IAAI,OAAO,KAAA,CAAM,WAAA,KAAgB,QAAA,EAAU;AACzC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAEA,QAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,KAAA,CAAM,WAAW,CAAA;AAClD,QAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,QAAA,MAAM,MAAM,OAAA,CAAQ,GAAA;AACpB,QAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,GAAM,GAAA,EAAK;AACxC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,mBAAA,EAAoB;AAAA,QACjF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,cAAA;AAAA,MACL,KAAK,YAAA,EAAc;AACjB,QAAA,IAAI,CAAC,KAAA,CAAM,WAAA,IAAe,OAAO,KAAA,CAAM,gBAAgB,QAAA,EAAU;AAC/D,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAGA,QAAA,MAAM,WAAW,KAAA,CAAM,WAAA;AACvB,QAAA,IAAI,SAAS,MAAA,KAAW,KAAA,IAAS,OAAO,QAAA,CAAS,cAAc,QAAA,EAAU;AACvE,UAAA,MAAM,QAAA,GAA4B;AAAA,YAChC,MAAA,EAAQ,KAAA;AAAA,YACR,WAAW,QAAA,CAAS;AAAA,WACtB;AACA,UAAA,MAAM,SAAA,GACJ,KAAA,CAAM,SAAA,KAAc,YAAA,GAChB,MAAM,mBAAmB,QAAQ,CAAA,GACjC,MAAM,oBAAA,CAAqB,QAAQ,CAAA;AAEzC,UAAA,IAAI,CAAC,UAAU,KAAA,EAAO;AACpB,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ,SAAA,CAAU,KAAA,EAAO,OAAA,IAAW;AAAA,aACtC;AAAA,UACF;AACA,UAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,QACnD;AAGA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAW,QAAA,IAAY,OAAO,QAAA,CAAS,SAAA,KAAc,QAAA,IAAY,QAAA,CAAS,OAAA,IAAW,OAAO,QAAA,CAAS,OAAA,KAAY,QAAA,EAAU;AACtI,UAAA,MAAM,QAAA,GAA+B;AAAA,YACnC,MAAA,EAAQ,QAAA;AAAA,YACR,SAAS,QAAA,CAAS,OAAA;AAAA,YAClB,WAAW,QAAA,CAAS;AAAA,WACtB;AACA,UAAA,MAAM,YAAA,GACJ,MAAM,SAAA,KAAc,YAAA,GAChB,sBAAsB,QAAQ,CAAA,GAC9B,wBAAwB,QAAQ,CAAA;AAEtC,UAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ,YAAA,CAAa,KAAA,EAAO,OAAA,IAAW;AAAA,aACzC;AAAA,UACF;AACA,UAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,QACnD;AAGA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,kBAAA,EAAoB;AACvB,QAAA,MAAM,SAAS,KAAA,CAAM,WAAA;AACrB,QAAA,IAAI,CAAC,OAAO,GAAA,EAAK;AACf,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AAEA,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,GAAG,CAAA;AACvC,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,CAAM,WAAW,MAAA,EAAQ,CAAA,uBAAA,EAA0B,QAAA,CAAS,MAAM,CAAA,CAAA,CAAA,EAAI;AAAA,QAC1G;AAEA,QAAA,IAAI,MAAA,CAAO,GAAA,CAAI,QAAA,CAAS,uBAAuB,KAAK,qBAAA,EAAuB;AACzE,UAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AACpC,UAAA,MAAM,QAAA,GAAW,8BAAA,CAA+B,MAAA,EAAQ,qBAAqB,CAAA;AAC7E,UAAA,OAAO;AAAA,YACL,OAAO,QAAA,CAAS,KAAA;AAAA,YAChB,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,QAAQ,QAAA,CAAS;AAAA,WACnB;AAAA,QACF;AAEA,QAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,QAAA,IAAI,qBAAA,IAAyB,CAAC,IAAA,CAAK,QAAA,CAAS,qBAAqB,CAAA,EAAG;AAClE,UAAA,IAAI;AACF,YAAA,MAAM,MAAA,GAAS,kBAAkB,IAAI,CAAA;AACrC,YAAA,IAAI,CAAC,MAAA,CAAO,WAAA,CAAY,QAAA,CAAS,qBAAqB,CAAA,EAAG;AACvD,cAAA,OAAO;AAAA,gBACL,KAAA,EAAO,KAAA;AAAA,gBACP,WAAW,KAAA,CAAM,SAAA;AAAA,gBACjB,MAAA,EAAQ;AAAA,eACV;AAAA,YACF;AAAA,UACF,CAAA,CAAA,MAAQ;AACN,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ;AAAA,aACV;AAAA,UACF;AAAA,QACF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA;AACE,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,wBAAA,EAAyB;AAAA;AACxF,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,2BAAA,EAA6B,2BAAA,EAA6B;AAAA,MAChF,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB;AAAA,KACD,CAAA;AAAA,EACH;AACF;AAEA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,MAAA,CAAO,WAAW,CAAA;AAC7C,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,MAAM,UAAoB,EAAC;AAE3B,EAAA,MAAM,GAAA,GAAM,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAC,CAAA;AAChD,EAAA,IAAI,MAAA,CAAO,WAAA,CAAY,cAAA,GAAiB,EAAA,EAAI;AAC1C,IAAA,MAAA,CAAO,UAAA,GAAa,KAAA;AACpB,IAAA,OAAA,CAAQ,KAAK,qBAAqB,CAAA;AAAA,EACpC,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,EACtB;AAEA,EAAA,IAAI,OAAO,WAAA,CAAY,cAAA,GAAiB,MAAM,MAAA,CAAO,WAAA,CAAY,iBAAiB,GAAA,EAAK;AACrF,IAAA,MAAA,CAAO,UAAA,GAAa,KAAA;AACpB,IAAA,OAAA,CAAQ,KAAK,qBAAqB,CAAA;AAAA,EACpC,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,EACtB;AAEA,EAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,IAAA,MAAA,CAAO,MAAA,GAAS,KAAA;AAChB,IAAA,OAAA,CAAQ,KAAK,oBAAoB,CAAA;AAAA,EACnC;AAEA,EAAA,MAAM,kBAAA,GAAqB,OAAO,MAAA,IAAW,MAAA,CAAO,IAAI,CAAC,KAAA,KAAU,MAAM,SAAS,CAAA;AAElF,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,CAAC,kBAAA,CAAmB,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AACjD,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY;AAAA,MAC/B,KAAA;AAAA,MACA,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,kBAAA,EAAoB,OAAO,OAAA,EAAS,UAAA;AAAA,MACpC,qBAAA,EAAuB,OAAO,OAAA,EAAS;AAAA,KACxC,CAAA;AAED,IAAA,MAAA,CAAO,KAAA,CAAM,SAAS,CAAA,GAAI,MAAA,CAAO,KAAA;AACjC,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACjB,MAAA,OAAA,CAAQ,KAAK,MAAA,CAAO,MAAA,IAAU,CAAA,EAAG,KAAA,CAAM,SAAS,CAAA,oBAAA,CAAsB,CAAA;AAAA,IACxE;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;;;ACvXA,eAAsB,kBAAA,CACpB,gBACA,SAAA,EACkB;AAClB,EAAA,MAAM,QAAA,GAAW,cAAA;AAIjB,EAAA,IAAI;AACF,IAAA,MAAM,SAAS,MAAM,QAAA,CAAS,UAAU,EAAE,GAAA,EAAK,WAAW,CAAA;AAC1D,IAAA,OAAO,OAAA,CAAQ,MAAA,IAAU,MAAA,CAAO,GAAA,IAAO,MAAA,CAAO,QAAQ,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAC,CAAA;AAAA,EAC5E,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,gBAAA,CACpB,gBACA,SAAA,EAC0E;AAC1E,EAAA,MAAM,QAAA,GAAW,cAAA;AASjB,EAAA,IAAI;AACF,IAAA,MAAM,UAAU,MAAM,QAAA,CAAS,UAAU,EAAE,GAAA,EAAK,WAAW,CAAA;AAC3D,IAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAA,CAAQ,GAAA,KAAQ,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAA,EAAG;AACpE,MAAA,MAAM,IAAI,aAAA,CAAc,kBAAA,EAAoB,sBAAA,EAAwB,EAAE,WAAW,CAAA;AAAA,IACnF;AAEA,IAAA,OAAO;AAAA,MACL,GAAA,EAAK,eAAA,CAAgB,OAAA,CAAQ,GAAG,CAAA;AAAA,MAChC,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,UAAU,OAAA,CAAQ,QAAA;AAAA,MAClB,SAAA,EAAW,OAAA,CAAQ,OAAA,CAAQ,SAAS;AAAA,KACtC;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,wBAAA,CAAyB,GAAG,CAAA,EAAG;AACjC,MAAA,MAAM,IAAI,aAAA,CAAc,kBAAA,EAAoB,sBAAA,EAAwB,EAAE,WAAW,CAAA;AAAA,IACnF;AACA,IAAA,IAAI,eAAe,aAAA,EAAe;AAChC,MAAA,MAAM,GAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iCAAiC,EAAE,SAAA,EAAW,KAAK,CAAA;AAAA,EAC9F;AACF;AAEO,SAAS,gBAAgB,SAAA,EAAwB;AACtD,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,uBAAuB,CAAA;AAAA,EAClE;AACA,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,GAAI,SAAA,CAAU,WAAA,EAAY,GAAI,CAAA,EAAA,EAAK,SAAA,CAAU,WAAA,EAAa,CAAA,CAAA;AACjG,EAAA,IAAI,CAAC,kBAAA,CAAmB,IAAA,CAAK,KAAK,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wCAAA,EAA0C,EAAE,WAAW,CAAA;AAAA,EAClG;AACA,EAAA,OAAO,KAAA;AACT;;;AC9DA,eAAe,UAAA,CACb,QACA,MAAA,EAC6C;AAC7C,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,QACnB,gBAAgB,MAAA,CAAO,cAAA;AAAA,QACvB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,aAAa,MAAA,CAAO,WAAA;AAAA,QACpB,WAAW,MAAA,CAAO,SAAA;AAAA,QAClB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,YAAY,MAAA,CAAO,UAAA;AAAA,QACnB;AAAA,OACD,CAAA;AAAA,MACD,MAAA,EAAQ,WAAA,CAAY,OAAA,CAAQ,MAAA,CAAO,aAAa,IAAM;AAAA,KACvD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAqC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC/F;AAEA,EAAA,MAAM,UAAU,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,MAAS,CAAA;AAC3D,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,IAAA;AAAA,IACJ,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,sBACpB,MAAA,EACsC;AACtC,EAAA,MAAM,SAAA,GAAY,MAAM,UAAA,CAAW,MAAA,EAAQ,SAAS,CAAA,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AACtE,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,MAAA,EAAQ,UAAU,CAAA,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AAC3E,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,KAAA;AAAA,IACJ,MAAA,EAAQ;AAAA,GACV;AACF;AAIA,IAAM,8BAAA,GAAiC,gDAAA;AAiBvC,eAAsB,yBACpB,MAAA,EACyC;AACzC,EAAA,MAAM,GAAA,GAAM,OAAO,UAAA,IAAc,8BAAA;AAEjC,EAAA,MAAM,IAAA,GAAgC;AAAA,IACpC,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB,eAAe,MAAA,CAAO;AAAA,GACxB;AAEA,EAAA,IAAI,MAAA,CAAO,YAAY,MAAA,EAAW;AAChC,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO,OAAA;AAAA,EACxB;AAEA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK;AAAA,MAC1B,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,WAAA,EAAa,SAAA;AAAA,MACb,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAAA,MACzB,MAAA,EAAQ,WAAA,CAAY,OAAA,CAAQ,MAAA,CAAO,aAAa,IAAM;AAAA,KACvD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,KAAK,CAAA;AAAA,EACvF;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,SAAA,GAAY,MAAM,QAAA,CAAS,IAAA,EAAK,CAAE,KAAA,CAAM,OAAO,EAAE,KAAA,EAAO,QAAA,CAAS,UAAA,EAAW,CAAE,CAAA;AACpF,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,WAAA;AAAA,MACC,SAAA,CAAqC,KAAA,IAAS,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA;AAAA,MAC5F,EAAE,MAAA,EAAQ,QAAA,CAAS,MAAA,EAAQ,GAAG,SAAA;AAAU,KAC1C;AAAA,EACF;AAEA,EAAA,OAAQ,MAAM,SAAS,IAAA,EAAK;AAC9B;AC5EO,IAAM,kBAAA,GACX,oEAAA;AAEK,IAAM,kBAAA,GAAqB;AAAA,EAChC,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,EAAW,yCAAA,EAA0C;AAAA,EACxE,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,EAAW,yCAAA,EAA0C;AAAA,EACxE,EAAE,MAAA,EAAQ,UAAA,EAAY,SAAA,EAAW,4CAAA;AACnC,CAAA;AAUA,eAAsB,qBAAA,CACpB,QAAA,EACA,eAAA,EACA,SAAA,EACA,MAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,IAAI,SAAA,CAAU,CAAC,SAAS,CAAC,CAAA;AACvC,IAAA,MAAM,IAAA,GAAO,KAAA,CAAM,kBAAA,CAAmB,MAAA,EAAQ,EAAE,CAAA;AAChD,IAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,IAAA,CAAK,EAAE,EAAA,EAAI,eAAA,EAAiB,MAAM,CAAA;AAChE,IAAA,MAAM,CAAC,KAAK,CAAA,GAAI,KAAA,CAAM,oBAAA,CAAqB,QAAQ,MAAM,CAAA;AACzD,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAYD,UAAU,KAAK,CAAA,IAAK,UAAUG,WAAAA,EAAa;AAC1E,MAAA,OAAOF,WAAW,KAAK,CAAA;AAAA,IACzB;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,IAAA;AACT;AAaA,eAAsB,qBAAA,CACpB,UACA,eAAA,EACwB;AAExB,EAAA,IAAI;AACF,IAAA,MAAMT,KAAAA,GAAO,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAe,CAAA;AACnD,IAAA,IAAIA,KAAAA,KAAS,IAAA,IAAQA,KAAAA,KAAS,KAAA,EAAO;AACnC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,KAAA,MAAW,WAAW,kBAAA,EAAoB;AACxC,IAAA,MAAM,UAAU,MAAM,qBAAA;AAAA,MACpB,QAAA;AAAA,MACA,eAAA;AAAA,MACA,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AACA,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,OAAO,OAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,MAAM,QAAA,CAAS,UAAA,CAAW,iBAAiB,kBAAkB,CAAA;AAChF,IAAA,IACE,UAAA,IACA,UAAA,KAAe,IAAA,IACf,UAAA,KAAe,oEAAA,EACf;AACA,MAAA,MAAM,eAAeS,UAAAA,CAAW,CAAA,EAAA,EAAK,WAAW,KAAA,CAAM,CAAA,EAAG,CAAC,CAAA,CAAE,CAAA;AAC5D,MAAA,IAAI,iBAAiBE,WAAAA,EAAa;AAChC,QAAA,OAAO,YAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,OAAO,IAAA;AACT;AAMA,eAAsB,4BAAA,CACpB,QAAA,EACA,eAAA,EACA,OAAA,EACqB;AACrB,EAAA,MAAM,KAAA,GAAQ,MAAM,qBAAA,CAAsB,QAAA,EAAU,eAAe,CAAA;AACnE,EAAA,OAAO,KAAA,GAAQ,cAAA,CAAe,OAAA,EAAS,KAAK,CAAA,GAAI,IAAA;AAClD;AAaA,eAAsB,mBAAA,CACpB,QAAA,EACA,MAAA,EACA,UAAA,EACA,iBACA,OAAA,EACkB;AAClB,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,QAAA,CAAS,cAAA,CAAe,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,EAAA,IAAM,CAAC,GAAG,IAAA,IAAQ,CAAC,GAAG,EAAA,EAAI;AAC7B,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,IAAIF,WAAW,EAAA,CAAG,EAAE,CAAA,KAAMA,UAAAA,CAAW,eAAe,CAAA,EAAG;AACrD,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,WAAA,GAAc,cAAA,CAAe,OAAA,EAAS,eAAe,CAAA;AAC3D,IAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,MACrB,UAAA;AAAA,MACA,WAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,EAAA,CAAG,KAAA,IAAS,EAAE,CAAA;AAEzC,IAAA,OAAO,WAAA,KAAgB,cAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;AClLA,IAAM,yBAAA,GAA4B,2CAAA;AAE3B,IAAM,iBAAA,GAAoB,yBAAA;AA8BjC,IAAI,aAAA,GAAqC,IAAA;AACzC,IAAI,cAAA,GAAiB,CAAA;AACrB,IAAM,YAAA,GAAe,IAAI,EAAA,GAAK,GAAA;AAQ9B,eAAsB,kBAAkB,GAAA,EAAqC;AAC3E,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,aAAA,IAAiB,GAAA,GAAM,cAAA,GAAiB,YAAA,EAAc;AACxD,IAAA,OAAO,aAAA;AAAA,EACT;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,IAAO,iBAAiB,CAAA;AAAA,EAC5C,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,+BAAA,EAAiC,EAAE,KAAK,CAAA;AAAA,EACnF;AAEA,EAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,+BAAA,EAAkC,IAAI,MAAM,CAAA,CAAA,EAAI,GAAA,CAAI,UAAU,CAAA,CAAE,CAAA;AAAA,EAC3G;AAEA,EAAA,MAAM,OAAA,GAAwB,MAAM,GAAA,CAAI,IAAA,EAAK;AAE7C,EAAA,IAAI,CAAC,QAAQ,OAAA,IAAW,CAAC,QAAQ,MAAA,IAAU,OAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,EAAU;AAC7E,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAA8B,CAAA;AAAA,EACzE;AAEA,EAAA,aAAA,GAAgB,OAAA;AAChB,EAAA,cAAA,GAAiB,GAAA;AACjB,EAAA,OAAO,OAAA;AACT;AAMO,SAAS,eAAA,CAAgB,SAAuB,KAAA,EAA6B;AAClF,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAA;AAClC,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,CAAA,MAAA,EAAS,KAAK,CAAA,4BAAA,CAAA,EAAgC;AAAA,MACzF,KAAA;AAAA,MACA,eAAA,EAAiB,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,MAAM;AAAA,KAC5C,CAAA;AAAA,EACH;AACA,EAAA,OAAO,KAAA;AACT;;;AC5EA,eAAsB,yBAAA,CACpB,MAAA,EACA,qBAAA,EACA,OAAA,GAA4C,EAAC,EACkB;AAC/D,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,QAAQ,UAAA,EAAY;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC,EAAE,QAAQ,CAAA;AAAA,EACzF;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,YAAA,IAAgB,cAAA;AACvC,EAAA,MAAM,IAAA,GAAO,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,aAAY,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAA;AAEjE,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,MAAM,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA;AAAA,EACzC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAqC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC/F;AAEA,EAAA,KAAA,MAAW,eAAe,OAAA,EAAS;AACjC,IAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,EAAE,CAAA;AAClC,IAAA,MAAM,MAAA,GAAS,kBAAkB,MAAM,CAAA;AACvC,IAAA,IAAI,MAAA,CAAO,YAAY,GAAA,EAAK;AAE5B,IAAA,KAAA,MAAW,gBAAA,IAAoB,OAAO,WAAA,EAAa;AACjD,MAAA,IAAI,kBAAA,CAAmB,gBAAA,EAAkB,qBAAqB,CAAA,EAAG;AAC/D,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAO;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,6CAAA,EAA8C;AAC/E;;;ACfA,IAAM,aAAA,GAAgB,aAAA;AACtB,IAAM,gBAAA,GAAoC,CAAC,gBAAA,EAAkB,iBAAiB,CAAA;AAiB9E,eAAsB,2BACpB,MAAA,EACwC;AACxC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAA,IAAS,aAAA;AAC9B,EAAA,MAAM,QAAA,GAAW,OAAO,OAAA,IAAW,MAAA,CAAO,QAAQ,MAAA,GAAS,CAAA,GAAI,OAAO,OAAA,GAAU,gBAAA;AAGhF,EAAA,MAAM,aAAA,GAAgB,YAAA,CAAa,MAAA,CAAO,aAAa,CAAA;AACvD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,aAAa,CAAA;AAGvD,EAAA,MAAM,oBAAA,GAAuB,4BAA4B,aAAa,CAAA;AAGtE,EAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,EAAkB;AACxC,EAAA,MAAM,YAAA,GAAe,eAAA,CAAgB,OAAA,EAAS,KAAK,CAAA;AAGnD,EAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,kBAAA,IAAuB,YAAA,CAAa,WAAA;AAEtE,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AAGxB,EAAA,MAAM,0BAAA,GAA6B,YAAA,CAAa,OAAA,CAAQ,oBAAoB,CAAA;AAC5E,EAAA,MAAM,mBAAA,GAAsB,YAAA,CAAa,OAAA,CAAQ,aAAa,CAAA;AAG9D,EAAA,MAAM,cAAA,GAAiB,YAAA,CAAa,MAAA,CAAO,UAAU,CAAA;AAErD,EAAA,IAAI,oBAA8C,EAAC;AAEnD,EAAA,IAAI,0BAAA,EAA4B;AAC9B,IAAA,MAAM,eAAe,MAAM,yBAAA;AAAA,MACzB,kBAAA;AAAA,MACA,QAAA;AAAA,MACA,cAAA;AAAA,MACA,CAAC,0BAA0B,CAAA;AAAA,MAC3B,OAAO,SAAA,IAAa;AAAA,KACtB;AAGA,IAAA,iBAAA,GAAoB,YAAA,CAAa,MAAA,CAAO,CAAC,GAAA,KAAQ;AAC/C,MAAA,MAAM,iBAAA,GAAoB,IAAI,IAAA,EAAM,UAAA;AACpC,MAAA,IAAI,OAAO,iBAAA,KAAsB,QAAA,EAAU,OAAO,KAAA;AAClD,MAAA,OAAO,kBAAA,CAAmB,mBAAmB,aAAa,CAAA;AAAA,IAC5D,CAAC,CAAA;AAGD,IAAA,iBAAA,CAAkB,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,OAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAAA,EAC1D;AAGA,EAAA,MAAM,mBAAA,GAAmD,iBAAA,CAAkB,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,IACvF,KAAK,GAAA,CAAI,GAAA;AAAA,IACT,UAAU,GAAA,CAAI,IAAA;AAAA,IACd,UAAU,GAAA,CAAI,QAAA;AAAA,IACd,MAAA,EAAQ,oBAAA,CAAqB,GAAA,CAAI,IAAA,EAAM,MAAM;AAAA,GAC/C,CAAE,CAAA;AAGF,EAAA,IAAI,aAAA,GAA4B,IAAA;AAChC,EAAA,IAAI,KAAA,GAAuB,IAAA;AAC3B,EAAA,IAAI,gBAAA,GAAsE,cAAA;AAE1E,EAAA,IAAI,mBAAA,EAAqB;AACvB,IAAA,MAAM,cAAc,MAAM,yBAAA;AAAA,MACxB,kBAAA;AAAA,MACA,QAAA;AAAA,MACA,cAAA;AAAA,MACA,CAAC,mBAAmB,CAAA;AAAA,MACpB,OAAO,SAAA,IAAa;AAAA,KACtB;AAGA,IAAA,MAAM,mBAAA,GAAsB,YACzB,MAAA,CAAO,CAAC,QAAQ,2BAAA,CAA4B,GAAA,EAAK,eAAe,gBAAgB,CAAC,EACjF,IAAA,CAAK,CAAC,GAAG,CAAA,KAAM,MAAA,CAAO,EAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAEzC,IAAA,MAAM,kBAAA,GAAqB,mBAAA,CAAoB,CAAC,CAAA,IAAK,IAAA;AAErD,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,aAAA,GAAgB,kBAAA,CAAmB,GAAA;AAGnC,MAAA,IAAI,kBAAA,CAAmB,iBAAiB,EAAA,EAAI;AAC1C,QAAA,KAAA,GAAQ,kBAAA,CAAmB,cAAA;AAAA,MAC7B;AAGA,MAAA,MAAM,WAAA,GAAc,mBAAmB,IAAA,EAAM,UAAA;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,WAAW,CAAA,IAAK,WAAA,CAAY,WAAW,CAAA,EAAG;AAC3D,QAAA,gBAAA,GAAmB,SAAA;AAAA,MACrB,CAAA,MAAO;AACL,QAAA,MAAM,UAAA,GAAa,SAAS,KAAA,CAAM,CAAC,MAAM,WAAA,CAAY,QAAA,CAAS,CAAC,CAAC,CAAA;AAChE,QAAA,gBAAA,GAAmB,aAAa,SAAA,GAAY,UAAA;AAAA,MAC9C;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,iBAAA,GAAoB,KAAA;AACxB,EAAA,IAAI,UAAA,GAAmE,IAAA;AACvE,EAAA,IAAI,qBAAA,GAAwB,KAAA;AAC5B,EAAA,IAAI,mBAAA,GAAqC,IAAA;AAEzC,EAAA,MAAM,aAAA,GAAgB,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,IAAA,MAAM,MAAA,GAAS,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACpD,IAAA,IAAI,MAAA,EAAQ;AAEV,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,GAAY,MAAM,yBAAA,CAA0B,MAAA,EAAQ,aAAA,EAAe;AAAA,UACvE,YAAY,MAAA,CAAO;AAAA,SACpB,CAAA;AACD,QAAA,IAAI,UAAU,KAAA,EAAO;AACnB,UAAA,iBAAA,GAAoB,IAAA;AACpB,UAAA,UAAA,GAAa,KAAA;AAAA,QACf;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAGA,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,IAAI;AACF,UAAA,MAAM,QAAA,GAAW,OAAO,gBAAA,IAAoB,gBAAA;AAC5C,UAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,MAAM,CAAA;AACpC,UAAA,MAAM,aAAA,GAAgB,8BAAA,CAA+B,MAAA,EAAQ,aAAa,CAAA;AAC1E,UAAA,IAAI,cAAc,KAAA,EAAO;AACvB,YAAA,iBAAA,GAAoB,IAAA;AACpB,YAAA,UAAA,GAAa,cAAA;AAAA,UACf;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAA,MAAA,IAAW,kBAAkB,KAAA,EAAO;AAClC,IAAA,IAAI,WAAA,CAAY,MAAA,CAAO,UAAU,CAAA,IAAK,oBAAA,EAAsB;AAE1D,MAAA,MAAM,sBAAA,GAAyB,oBAAA,CAAqB,MAAA,CAAO,UAAU,CAAA;AACrE,MAAA,MAAM,cAAA,GAAiB,oBAAA,CAAqB,MAAA,CAAO,UAAU,CAAA;AAC7D,MAAA,MAAM,UAAA,GAAa,cAAA,GAAiB,MAAA,CAAO,cAAc,CAAA,GAAI,IAAA;AAE7D,MAAA,IAAI,0BAA0B,UAAA,EAAY;AAExC,QAAA,MAAM,eAAe,MAAM,qBAAA;AAAA,UACzB,QAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,IAAI,gBAAgBA,UAAAA,CAAW,YAAY,CAAA,KAAMA,UAAAA,CAAW,oBAAoB,CAAA,EAAG;AACjF,UAAA,iBAAA,GAAoB,IAAA;AACpB,UAAA,UAAA,GAAa,oBAAA;AAAA,QACf;AAGA,QAAA,IAAI,CAAC,qBAAqB,aAAA,EAAe;AACvC,UAAA,MAAM,qBAAqB,MAAM,+BAAA;AAAA,YAC/B,mBAAA;AAAA,YACA,kBAAA;AAAA,YACA,QAAA;AAAA,YACA,cAAA;AAAA,YACA,aAAA;AAAA,YACA,gBAAA;AAAA,YACA,OAAO,SAAA,IAAa;AAAA,WACtB;AAEA,UAAA,IAAI,kBAAA,EAAoB;AACtB,YAAA,MAAM,WAAA,GAAc,mBAAmB,IAAA,EAAM,WAAA;AAC7C,YAAA,IAAI,WAAA,IAAe,qBAAA,CAAsB,IAAA,CAAK,WAAW,CAAA,EAAG;AAC1D,cAAA,MAAM,WAAW,MAAM,mBAAA;AAAA,gBACrB,QAAA;AAAA,gBACA,WAAA;AAAA,gBACA,MAAA,CAAO,UAAA;AAAA,gBACP,oBAAA;AAAA,gBACA;AAAA,eACF;AACA,cAAA,IAAI,QAAA,EAAU;AACZ,gBAAA,qBAAA,GAAwB,IAAA;AACxB,gBAAA,mBAAA,GAAsB,kBAAA,CAAmB,IAAA;AAAA,cAC3C;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAKA,EACF;AAGA,EAAA,MAAM,gBAAgB,iBAAA,CAAkB,MAAA,GAAS,IAAI,iBAAA,CAAkB,CAAC,EAAE,IAAA,GAAO,IAAA;AACjF,EAAA,MAAM,eAAe,aAAA,IAAiB,mBAAA;AAOtC,EAAA,MAAM,gBAAgB,gBAAA,KAAqB,UAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,iBAAA,CAAkB,MAAA,GAAS,CAAA,IAAK,KAAA,KAAU,IAAA;AAChE,EAAA,MAAM,sBAAA,GAAyB,aAAA,KAAkB,IAAA,IAAQ,qBAAA,IAAyB,KAAA,KAAU,IAAA;AAC5F,EAAA,MAAM,aAAa,CAAC,aAAA,KAClB,aAAA,IACC,iBAAA,IAAqB,UAAU,IAAA,IAChC,sBAAA,CAAA;AAGF,EAAA,OAAO;AAAA,IACL,UAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,iBAAA;AAAA,IACA,UAAA;AAAA,IACA,mBAAA;AAAA,IACA,aAAA;AAAA,IACA,gBAAA;AAAA,IACA,uBAAuB,qBAAA,IAAyB;AAAA,GAClD;AACF;AAaA,SAAS,2BAAA,CACP,GAAA,EACA,aAAA,EACA,gBAAA,EACS;AACT,EAAA,MAAM,KAAA,GAAQ,IAAI,IAAA,EAAM,KAAA;AAGxB,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,kBAAA,CAAmB,KAAA,EAAO,aAAa,CAAA,EAAG;AAC5C,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,IAAI,qBAAqB,KAAA,EAAO;AAC9B,IAAA,MAAM,eAAA,GAAkB,IAAI,IAAA,EAAM,YAAA;AAClC,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,IAAI;AACF,QAAA,MAAM,aAAa,OAAO,eAAA,KAAoB,WAC1C,IAAA,CAAK,KAAA,CAAM,eAAe,CAAA,GAC1B,eAAA;AACJ,QAAA,MAAM,aAAA,GAAgB,YAAY,aAAa,CAAA;AAC/C,QAAA,OAAO,eAAA,CAAgB,YAAY,aAAa,CAAA;AAAA,MAClD,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,IAAMY,cAAAA,GAAgB;AAAA,EACpB;AACF,CAAA;AAEA,SAAS,qBACP,KAAA,EACqC;AACrC,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,MAAA;AACtC,EAAA,QAAQ,KAAA;AAAO,IACb,KAAK,KAAA;AAAA,IACL,KAAK,SAAA;AACH,MAAA,OAAO,KAAA;AAAA,IACT,KAAK,cAAA;AAAA,IACL,KAAK,UAAA;AACH,MAAA,OAAO,cAAA;AAAA,IACT,KAAK,QAAA;AACH,MAAA,OAAO,QAAA;AAAA,IACT;AACE,MAAA,OAAO,OAAA;AAAA;AAEb;AAEA,eAAe,yBAAA,CACb,kBAAA,EACA,QAAA,EACA,SAAA,EACA,SACA,SAAA,EACmC;AACnC,EAAA,MAAM,QAAA,GAAW,IAAIC,QAAAA,CAAS,kBAAA,EAAoBD,gBAAe,QAAQ,CAAA;AACzE,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,OAAA,CAAQ,QAAA,CAAS,WAAW,IAAI,CAAA;AAExD,EAAA,MAAM,OAAA,GAAU,MACd,QAAA,CACA,cAAA,EAAe;AAEjB,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,MAAM,QAAA,CAAS,WAAA,CAAY,MAAA,EAAQ,WAAW,OAAO,CAAA;AAAA,EAChE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIT,GAAAA,CAAI,kBAAkB,CAAA;AACtC,EAAA,GAAA,CAAI,QAAQ,QAAQ,CAAA;AAEpB,EAAA,MAAM,eAAe,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,CAAA;AACvD,EAAA,MAAM,UAAoC,EAAC;AAE3C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,EAAE,UAAU,KAAA,CAAA,IAAU,CAAC,MAAM,OAAA,CAAQ,KAAA,CAAM,IAAI,CAAA,EAAG;AACtD,IAAA,MAAM,OAAO,KAAA,CAAM,IAAA;AACnB,IAAA,MAAM,GAAA,GAAM,OAAO,CAAC,CAAA;AACpB,IAAA,MAAM,SAAA,GAAY,OAAO,CAAC,CAAA;AAE1B,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,SAAA,EAAW;AACxB,IAAA,IAAI,CAAC,YAAA,CAAa,QAAA,CAAS,SAAA,CAAU,WAAA,EAAa,CAAA,EAAG;AAErD,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,GAAG,CAAA;AACjD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,EAAK;AAGtC,IAAA,IAAI,OAAgC,EAAC;AACrC,IAAA,MAAM,UAAU,WAAA,CAAY,IAAA;AAC5B,IAAA,IAAI,OAAA,IAAW,YAAY,IAAA,EAAM;AAC/B,MAAA,IAAI;AACF,QAAA,IAAA,GAAO,qBAAA;AAAA,UACL,kDAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI;AACF,UAAA,IAAA,GAAO,qBAAA;AAAA,YACL,mJAAA;AAAA,YACA;AAAA,WACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,CAAC,KAAA,KAA2B;AAC/C,MAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,MAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,OAAO,KAAK,CAAA;AAClD,MAAA,IAAI,OAAO,UAAU,QAAA,IAAY,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,OAAO,KAAK,CAAA;AACtE,MAAA,OAAO,EAAA;AAAA,IACT,CAAA;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,MACX,KAAK,WAAA,CAAY,GAAA;AAAA,MACjB,QAAQ,WAAA,CAAY,MAAA;AAAA,MACpB,UAAU,WAAA,CAAY,QAAA;AAAA,MACtB,WAAW,WAAA,CAAY,SAAA;AAAA,MACvB,SAAA,EAAW,OAAA,CAAQ,WAAA,CAAY,SAAS,CAAA;AAAA,MACxC,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,MACvD,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,MACvD,IAAA,EAAM,YAAA,CAAa,WAAA,CAAY,IAAI,CAAA;AAAA,MACnC,QAAQ,WAAA,CAAY,MAAA;AAAA,MACpB;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,OAAA;AACT;AAKA,eAAe,gCACb,mBAAA,EACA,kBAAA,EACA,UACA,cAAA,EACA,aAAA,EACA,kBACA,SAAA,EACwC;AACxC,EAAA,MAAM,cAAc,MAAM,yBAAA;AAAA,IACxB,kBAAA;AAAA,IACA,QAAA;AAAA,IACA,cAAA;AAAA,IACA,CAAC,mBAAmB,CAAA;AAAA,IACpB;AAAA,GACF;AAGA,EAAA,MAAM,SAAA,GAAY,WAAA,CACf,MAAA,CAAO,CAAC,GAAA,KAAQ;AACf,IAAA,IAAI,CAAC,2BAAA,CAA4B,GAAA,EAAK,aAAA,EAAe,gBAAgB,GAAG,OAAO,KAAA;AAE/E,IAAA,MAAM,MAAA,GAAS,IAAI,IAAA,EAAM,MAAA;AACzB,IAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,MAAA,OAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA,KAAM,OAAO,MAAM,QAAA,IAAY,qBAAA,CAAsB,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,IAClF;AACA,IAAA,OAAO,OAAO,GAAA,CAAI,IAAA,EAAM,WAAA,KAAgB,QAAA;AAAA,EAC1C,CAAC,CAAA,CACA,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,MAAA,CAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAEzC,EAAA,OAAO,SAAA,CAAU,CAAC,CAAA,IAAK,IAAA;AACzB;;;AC/cO,SAAS,wBAAA,CAAyB,SAAiB,MAAA,EAAiC;AACzF,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,EAAG;AACvC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAA,EAAuC,EAAE,QAAQ,CAAA;AAAA,EAC5F;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,gBAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,UAAU,OAAO,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;ACFA,eAAsB,oBAAA,CACpB,QACA,MAAA,EACyB;AACzB,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,IAAU,CAAC,OAAO,gBAAA,EAAkB;AAC9C,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C,EAAE,QAAQ,CAAA;AAAA,EACjG;AAEA,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoB,OAAO,iBAAA,IAAqB,GAAA;AACtD,EAAA,MAAM,mBAAA,GAAsB,MAAA,CAAO,mBAAA,IAAuB,GAAA,GAAM,GAAA;AAChE,EAAA,MAAM,cAAc,MAAA,CAAO,WAAA,IAAgB,OAAA,CAAQ,WAAA,CAAY,EAAE,CAAC,CAAA;AAElE,EAAA,MAAM,OAAA,GAAU;AAAA,IACd,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,kBAAkB,MAAA,CAAO,gBAAA;AAAA,IACzB,gBAAgB,MAAA,CAAO,cAAA;AAAA,IACvB,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,WAAA;AAAA,IACA,SAAA,EAAW,OAAO,SAAA,IAAa;AAAA,GACjC;AAEA,EAAA,MAAM,EAAE,KAAA,EAAO,WAAA,EAAY,GAAI,2BAAA,EAA4B;AAC3D,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,GAAA;AAAA,MACT,SAAS,MAAA,CAAO;AAAA,KAClB;AAAA,IACA,KAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAS,CAAA;AAExC,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,YAAA;AAAA,IACX,WAAA,EAAa;AAAA,MACX,QAAQ,SAAA,CAAU,MAAA;AAAA,MAClB,OAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,QAAA,EAAU,iBAAA;AAAA,IACV,SAAA,EAAW;AAAA,GACb;AACF;;;ACpDA,eAAsB,iBAAA,CACpB,QACA,MAAA,EAIsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,IAAU,CAAC,OAAO,QAAA,EAAU;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC,EAAE,QAAQ,CAAA;AAAA,EACzF;AAEA,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,OAAA,GAAU;AAAA,IACd,KAAK,MAAA,CAAO,MAAA;AAAA,IACZ,KAAK,MAAA,CAAO,QAAA;AAAA,IACZ,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,GAAA,EAAK,OAAO,QAAA,IAAY,GAAA;AAAA,IACxB,GAAA,EAAK,MAAA,CAAO,SAAA,IAAa,GAAA,GAAM,GAAA;AAAA,IAC/B,OACE,MAAA,CAAO,KAAA,KACN,UAAA,CAAW,MAAA,EAAQ,aAAa,UAAA,CAAW,MAAA,CAAO,UAAA,EAAW,GAAI,GAAG,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAI,IAAA,CAAK,QAAQ,CAAA,CAAA;AAAA,GACpG;AAEA,EAAA,MAAM,MAAA,GAAS;AAAA,IACb,GAAA,EAAK,KAAA;AAAA,IACL,GAAA,EAAK;AAAA,GACP;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,OAAA,EAAS,MAAM,CAAA;AAExC,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,SAAA;AAAA,IACX,WAAA,EAAa,GAAA;AAAA,IACb,cAAc,MAAA,CAAO,OAAA;AAAA,IACrB,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,OAAA,CAAQ,GAAA;AAAA,IAClB,WAAW,OAAA,CAAQ;AAAA,GACrB;AACF;;;AChDO,SAAS,uBAAuB,OAAA,EAAoD;AACzF,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,cAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa,OAAA;AAAA,IACb,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;AAEO,SAAS,qBAAqB,KAAA,EAAgD;AACnF,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,YAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa,KAAA;AAAA,IACb,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;;;AC8DA,eAAsB,kBAAA,CACpB,UACA,OAAA,EACiC;AACjC,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,KAAA,EAAO,EAAE,IAAA,EAAM,kBAAA,EAAoB,SAAS,oCAAA;AAAqC,KACnF;AAAA,EACF;AAEA,EAAA,MAAM,SAAU,QAAA,CAAqC,MAAA;AAErD,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA,EAAO;AACV,MAAA,MAAM,WAAA,GAAc,QAAA;AACpB,MAAA,MAAM,aAA+C,OAAA,CAAQ,cAAA,GACzD,EAAE,cAAA,EAAgB,OAAA,CAAQ,gBAAe,GACzC,MAAA;AAEJ,MAAA,IAAI,OAAA,CAAQ,iBAAiB,OAAA,EAAS;AACpC,QAAA,OAAO,kBAAA,CAAmB,aAAa,UAAU,CAAA;AAAA,MACnD;AACA,MAAA,OAAO,oBAAA,CAAqB,aAAa,UAAU,CAAA;AAAA,IACrD;AAAA,IAEA,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,cAAA,GAAiB,QAAA;AACvB,MAAA,IAAI,OAAA,CAAQ,iBAAiB,OAAA,EAAS;AACpC,QAAA,OAAO,sBAAsB,cAAc,CAAA;AAAA,MAC7C;AACA,MAAA,OAAO,wBAAwB,cAAc,CAAA;AAAA,IAC/C;AAAA,IAEA;AACE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,KAAA,EAAO;AAAA,UACL,IAAA,EAAM,oBAAA;AAAA,UACN,OAAA,EAAS,sCAAsC,MAAM,CAAA,CAAA;AAAA;AACvD,OACF;AAAA;AAEN;;;AC1HO,SAAS,2BAA2B,GAAA,EAAmC;AAC5E,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,kBAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,WAAA,EAAa,EAAE,GAAA,EAAI;AAAA,IACnB,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;ACJO,SAASF,0BAAAA,CACd,MAAA,EACA,qBAAA,EACA,OAAA,GAA4C,EAAC,EAC7C;AACA,EAAA,OAAO,yBAAA,CAAa,QAAQ,qBAAA,EAAuB;AAAA,IACjD,GAAG,OAAA;AAAA,IACH,UAAA,EAAY,QAAQ,UAAA,IAAc;AAAA,GACnC,CAAA;AACH;ACqDA,SAAS,yBAAyB,KAAA,EAAoB;AACpD,EAAA,MAAM,UAAA,GAAa,aAAa,KAAK,CAAA;AACrC,EAAA,IAAI,gBAAA,CAAiB,UAAU,CAAA,KAAM,KAAA,EAAO;AAC1C,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C;AAAA,MACnF,kBAAA,EAAoB;AAAA,KACrB,CAAA;AAAA,EACH;AACA,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,oBAAoB,KAAA,EAAoB;AAC/C,EAAA,OAAO,aAAa,KAAK,CAAA;AAC3B;AAEA,eAAsB,sBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,kBAAA,GAAqB,wBAAA,CAAyB,MAAA,CAAO,kBAAkB,CAAA;AAC7E,EAAA,MAAM,MAAA,GAAS,oBAAoB,UAAU,CAAA;AAE7C,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC;AAAA,MAC3E,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,MAAM,yBAAA,CAA0B,MAAA,EAAQ,kBAAA,EAAoB;AAAA,MAC5E,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,cAAc,MAAA,CAAO;AAAA,KACtB,CAAA;AACD,IAAA,IAAI,UAAU,KAAA,EAAO;AACnB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,SAAS,CAAA,+BAAA,EAAmC,MAAA,CAAO,YAAA,IAAgB,cAAe,IAAI,MAAM,CAAA,CAAA;AAAA,QAC5F,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,SAAA,GAAY,SAAA,CAAU,MAAA;AAAA,EACxB,SAAS,KAAA,EAAO;AACd,IAAA,SAAA,GAAY,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,6BAAA;AAAA,EACvD;AAEA,EAAA,IAAI,YAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,iBAAA,GAAoB,MAAM,0BAAA,CAA2B,MAAA,EAAQ,kBAAA,EAAoB;AAAA,MACrF,kBAAkB,MAAA,CAAO;AAAA,KAC1B,CAAA;AACD,IAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,wCAAwC,MAAM,CAAA,qBAAA,CAAA;AAAA,QACvD,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,YAAA,GAAe,iBAAA,CAAkB,MAAA;AAAA,EACnC,SAAS,KAAA,EAAO;AACd,IAAA,YAAA,GAAe,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,kCAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,mCAAA;AAAA,IACR,SAAS,CAAA,WAAA,EAAc,SAAA,IAAa,QAAQ,CAAA,sBAAA,EAAyB,gBAAgB,QAAQ,CAAA,CAAA,CAAA;AAAA,IAC7F,UAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,sBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,kBAAA,GAAqB,wBAAA,CAAyB,MAAA,CAAO,kBAAkB,CAAA;AAE7E,EAAA,IAAI,CAAC,WAAA,CAAY,UAAU,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,uCAAA,EAAyC;AAAA,MAChF,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,qBAAqB,UAAU,CAAA;AACtD,EAAA,MAAM,sBAAA,GAAyB,qBAAqB,kBAAkB,CAAA;AACtE,EAAA,MAAM,UAAA,GAAa,qBAAqB,UAAU,CAAA;AAElD,EAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,sBAAA,IAA0B,CAAC,UAAA,EAAY;AAC7D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C;AAAA,MACnF,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,oBAAoB,MAAA,CAAO;AAAA,KAC5B,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAA,CAAS,OAAO,CAAA,EAAG;AAC7B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC;AAAA,MACzE,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,MAAMV,KAAAA,GAAO,MAAM,MAAA,CAAO,QAAA,CAAS,QAAQ,cAAc,CAAA;AACzD,EAAA,MAAM,UAAA,GAAaA,KAAAA,KAAS,IAAA,IAAQA,KAAAA,KAAS,KAAA;AAE7C,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,IAAIS,UAAAA,CAAW,cAAc,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACrE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,QAAA;AAAA,QACR,OAAA,EAAS,qFAAA;AAAA,QACT,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,qDAAA;AAAA,MACR,OAAA,EAAS,oFAAA;AAAA,MACT,UAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,uBAAuB,MAAM,4BAAA,CAA6B,MAAA,CAAO,QAAA,EAAU,gBAAgB,OAAO,CAAA;AAExG,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,uCAAA;AAAA,QACR,OAAA,EACE,4GAAA;AAAA,QACF,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAK,MAAM,MAAA,CAAO,QAAA,CAAS,cAAA,CAAe,OAAO,MAAM,CAAA;AAC7D,IAAA,IAAI,CAAC,EAAA,EAAI;AACP,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,uBAAA;AAAA,QACR,OAAA,EAAS,CAAA,YAAA,EAAe,MAAA,CAAO,MAAM,2BAA2B,OAAO,CAAA,CAAA,CAAA;AAAA,QACvE,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,UAAU,MAAM,MAAA,CAAO,QAAA,CAAS,qBAAA,CAAsB,OAAO,MAAM,CAAA;AACzE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,2BAAA;AAAA,QACR,OAAA,EAAS,8CAAA;AAAA,QACT,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,wBAAA,GAA2B,qBAAqB,oBAAoB,CAAA;AAC1E,IAAA,IAAI,CAAC,EAAA,CAAG,IAAA,IAAQ,CAAC,wBAAA,IAA4BA,UAAAA,CAAW,EAAA,CAAG,IAAI,CAAA,KAAMA,UAAAA,CAAW,wBAAwB,CAAA,EAAG;AACzG,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,mDAAmD,oBAAoB,CAAA,CAAA,CAAA;AAAA,QAChF,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,GAAG,EAAA,IAAMA,UAAAA,CAAW,GAAG,EAAE,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACtE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,iBAAA;AAAA,QACR,OAAA,EAAS,6CAA6C,kBAAkB,CAAA,CAAA,CAAA;AAAA,QACxE,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,MACrB,UAAA;AAAA,MACA,kBAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,EAAA,CAAG,KAAA,IAAS,EAAE,CAAA;AAEzC,IAAA,IAAI,gBAAgB,cAAA,EAAgB;AAClC,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,mBAAmB,WAAA,CAAY,QAAA,EAAU,CAAA,sCAAA,EAAyC,cAAA,CAAe,UAAU,CAAA,CAAA,CAAA;AAAA,QACpH,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,CAAO,SAAS,cAAA,EAAe;AACrC,IAAA,MAAM,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,OAAA,CAAQ,WAAW,CAAA;AAElD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,MAAA,EAAQ,UAAA;AAAA,MACR,OAAA,EAAS,CAAA,4BAAA,EAA+B,MAAA,CAAO,MAAM,CAAA,CAAA,CAAA;AAAA,MACrD,UAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,KAAA,MAAW,WAAW,kBAAA,EAAoB;AACxC,IAAA,MAAM,eAAe,MAAM,qBAAA;AAAA,MACzB,MAAA,CAAO,QAAA;AAAA,MACP,cAAA;AAAA,MACA,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAEA,IAAA,IAAI,gBAAgBA,UAAAA,CAAW,YAAY,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACnF,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,UAAA;AAAA,QACR,OAAA,EAAS,CAAA,aAAA,EAAgB,OAAA,CAAQ,MAAM,CAAA,mBAAA,CAAA;AAAA,QACvC,UAAA;AAAA,QACA,kBAAA;AAAA,QACA,sBAAsB,oBAAA,IAAwB;AAAA,OAChD;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,QAAA,CAAS,UAAA,CAAW,gBAAgB,kBAAkB,CAAA;AACtF,IAAA,IACE,UAAA,IACA,UAAA,KAAe,IAAA,IACf,UAAA,KAAe,oEAAA,EACf;AACA,MAAA,MAAM,eAAeA,UAAAA,CAAW,CAAA,EAAA,EAAK,WAAW,KAAA,CAAM,CAAA,EAAG,CAAC,CAAA,CAAE,CAAA;AAC5D,MAAA,IAAI,YAAA,KAAiBA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACvD,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,IAAA;AAAA,UACP,MAAA,EAAQ,UAAA;AAAA,UACR,OAAA,EAAS,mCAAA;AAAA,UACT,UAAA;AAAA,UACA,kBAAA;AAAA,UACA,oBAAA,EAAsB,oBAAA,IAAwB,cAAA,CAAe,OAAA,EAAS,YAAY;AAAA,SACpF;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IACEA,WAAW,cAAc,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,KAChE,oBAAA,EACA;AACA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,MAAA,EAAQ,gBAAA;AAAA,MACR,OAAA,EAAS,6FAA6F,oBAAoB,CAAA,CAAA,CAAA;AAAA,MAC1H,UAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,wCAAA;AAAA,IACR,OAAA,EACE,oBAAA,GACI,CAAA,iBAAA,EAAoB,kBAAkB,CAAA,uCAAA,EAA0C,oBAAoB,CAAA,iCAAA,EAAoC,UAAU,CAAA,CAAA,CAAA,GAClJ,CAAA,iCAAA,EAAoC,kBAAkB,CAAA,2BAAA,EAA8B,UAAU,CAAA,CAAA,CAAA;AAAA,IACpG,UAAA;AAAA,IACA,kBAAA;AAAA,IACA,sBAAsB,oBAAA,IAAwB;AAAA,GAChD;AACF;AAEA,eAAsB,uBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,MAAA,GAAS,iBAAiB,UAAU,CAAA;AAE1C,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,OAAO,sBAAsB,MAAqC,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,MAAM,YAAA,GAAe,MAAA;AACrB,IAAA,IAAI,CAAC,aAAa,QAAA,EAAU;AAC1B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,eAAA;AAAA,QACA,yDAAA;AAAA,QACA,EAAE,UAAA;AAAW,OACf;AAAA,IACF;AACA,IAAA,OAAO,sBAAsB,YAAY,CAAA;AAAA,EAC3C;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iDAAA,EAAmD;AAAA,IAC1F;AAAA,GACD,CAAA;AACH;AC5TA,SAAS,oBAAoB,KAAA,EAAsC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,KAAc,KAAA,CAAM,WAAA;AAE7C,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB,MAAA;AAAA,IACA,KAAA,EAAO;AAAA,MACL,aAAA,EAAe;AAAA,QACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,QAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,QACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,SAAA,EAAW,SAAS,CAAA;AACzD,IAAA,OAAO,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,MAAA,GAAS,OAAO,MAAA,GAAS,IAAA;AAAA,EACzD,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,IAAA,CAAK,gDAAgD,GAAG,CAAA;AAChE,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMA,SAAS,oBAAoB,KAAA,EAAoD;AAC/E,EAAA,MAAM,MAAM,KAAA,CAAM,WAAA;AAClB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAU,OAAO,IAAA;AAEpC,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAE/B,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAC/D,IAAA,MAAM,SAAS,SAAA,CAAU,MAAA;AAAA,MACvB,SAAA,CAAU,MAAA,GAAA,CAAW,CAAA,GAAK,SAAA,CAAU,SAAS,CAAA,IAAM,CAAA;AAAA,MACnD;AAAA,KACF;AACA,IAAA,IAAI,UAAA;AACJ,IAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,MAAA,UAAA,GAAa,kBAAA;AAAA,QACX,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,OACZ;AAAA,IACF,CAAA,MAAO;AACL,MAAA,UAAA,GAAa,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,IAC5D;AACA,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,UAAU,CAAA;AACpC,IAAA,OAAQ,OAAO,GAAA,IAAmC,IAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,SAAS,kBAAkB,KAAA,EAAoD;AAC7E,EAAA,MAAM,MAAM,KAAA,CAAM,WAAA;AAClB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAU,OAAO,IAAA;AAEpC,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAE/B,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAChE,IAAA,MAAM,SAAS,UAAA,CAAW,MAAA;AAAA,MACxB,UAAA,CAAW,MAAA,GAAA,CAAW,CAAA,GAAK,UAAA,CAAW,SAAS,CAAA,IAAM,CAAA;AAAA,MACrD;AAAA,KACF;AACA,IAAA,IAAI,WAAA;AACJ,IAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,MAAA,WAAA,GAAc,kBAAA;AAAA,QACZ,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,OACZ;AAAA,IACF,CAAA,MAAO;AACL,MAAA,WAAA,GAAc,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,IAC7D;AACA,IAAA,OAAO,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EAC/B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMA,SAAS,gBAAA,CAAiB,eAAuB,GAAA,EAAmB;AAClE,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,sBAAsB,GAAG,CAAA;AAC5C,IAAA,OAAOA,UAAAA,CAAW,aAAa,CAAA,CAAE,WAAA,OAAkBA,UAAAA,CAAW,UAAU,EAAE,WAAA,EAAY;AAAA,EACxF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKA,SAAS,aAAA,CAAc,KAA8B,GAAA,EAAmB;AACtE,EAAA,MAAM,MAAA,GAAS,iBAAiB,GAAG,CAAA;AAEnC,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,MAAA,OAAO,eAAA,CAAgB,KAAK,MAAM,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT;AAMA,SAAS,qBAAA,CAAsB,OAAqB,GAAA,EAAmB;AACrE,EAAA,QAAQ,MAAM,SAAA;AAAW,IACvB,KAAK,YAAA,EAAc;AACjB,MAAA,MAAM,MAAA,GAAS,oBAAoB,KAAuB,CAAA;AAC1D,MAAA,IAAI,CAAC,QAAQ,OAAO,KAAA;AACpB,MAAA,OAAO,gBAAA,CAAiB,QAAQ,GAAG,CAAA;AAAA,IACrC;AAAA,IAEA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,QAAA,GAAW,KAAA;AACjB,MAAA,MAAM,GAAA,GAAM,oBAAoB,QAAQ,CAAA;AAGxC,MAAA,IAAI,GAAA,IAAO,aAAA,CAAc,GAAA,EAAK,GAAG,GAAG,OAAO,IAAA;AAG3C,MAAA,MAAM,OAAA,GAAU,kBAAkB,QAAQ,CAAA;AAC1C,MAAA,IAAI,OAAA,IAAW,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AAE9C,QAAA,IAAI,OAAA,CAAQ,GAAA,KAAQ,GAAA,EAAK,OAAO,IAAA;AAAA,MAClC;AAEA,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,IAEA,KAAK,kBAAA;AAAA,IACL,KAAK,gBAAA;AAGH,MAAA,OAAO,KAAA;AAAA,IAET,KAAK,kBAAA;AAEH,MAAA,OAAO,KAAA;AAAA,IAET;AACE,MAAA,OAAO,KAAA;AAAA;AAEb;AAOA,SAAS,+BAAA,CAAgC,OAAqB,GAAA,EAAmB;AAC/E,EAAA,QAAQ,MAAM,SAAA;AAAW,IACvB,KAAK,YAAA,EAAc;AACjB,MAAA,MAAM,MAAA,GAAS,KAAA;AACf,MAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,gBAAA;AACpD,MAAA,OAAO,OAAO,gBAAA,KAAqB,QAAA,IAAY,gBAAA,KAAqB,GAAA;AAAA,IACtE;AAAA,IAEA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,OAAA,GAAU,kBAAkB,KAAoB,CAAA;AACtD,MAAA,IAAI,CAAC,SAAS,OAAO,KAAA;AACrB,MAAA,OAAO,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,IAAY,QAAQ,GAAA,KAAQ,GAAA;AAAA,IAC5D;AAAA,IAEA;AACE,MAAA,OAAO,KAAA;AAAA;AAEb;AAuBO,SAAS,6BACd,IAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,IAAA,CAAK,OAAA,IAAW,CAAC,KAAK,QAAA,EAAU;AACnC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,mCAAmC;AAAA,KAC/C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAM,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAA,IAAK,IAAA,CAAK,MAAA,CAAO,MAAA,KAAW,CAAA,EAAG;AAC3D,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,MAAM,SAA6B,EAAC;AACpC,EAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,EAAA,IAAI,cAAA,GAAiB,KAAA;AAErB,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AAC3C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,MAAA,CAAO,CAAC,CAAA;AAG3B,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AAC9C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,mBAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,aAAA,GAAgB,IAAA;AAGhB,MAAA,IAAI,CAAC,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC1D,QAAA,MAAA,CAAO,IAAA,CAAK;AAAA,UACV,UAAA,EAAY,CAAA;AAAA,UACZ,WAAW,KAAA,CAAM,SAAA;AAAA,UACjB,SAAA,EAAW,mBAAA;AAAA,UACX,KAAA,EAAO,KAAA;AAAA,UACP,MAAA,EAAQ;AAAA,SACT,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC/C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,oBAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,cAAA,GAAiB,IAAA;AAGjB,MAAA,IAAI,CAAC,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AACzD,QAAA,MAAA,CAAO,IAAA,CAAK;AAAA,UACV,UAAA,EAAY,CAAA;AAAA,UACZ,WAAW,KAAA,CAAM,SAAA;AAAA,UACjB,SAAA,EAAW,oBAAA;AAAA,UACX,KAAA,EAAO,KAAA;AAAA,UACP,MAAA,EAAQ;AAAA,SACT,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,IAAI,KAAA,CAAM,cAAc,kBAAA,EAAoB;AAI1C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,mBAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AACD,MAAA,aAAA,GAAgB,IAAA;AAAA,IAClB;AAAA,EACF;AAEA,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAA,CAAQ,KAAK,0CAA0C,CAAA;AAAA,EACzD;AACA,EAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,IAAA,OAAA,CAAQ,KAAK,2CAA2C,CAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAqBO,SAAS,uBACd,IAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,IAAA,CAAK,OAAA,IAAW,CAAC,KAAK,KAAA,EAAO;AAChC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAM,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAA,IAAK,IAAA,CAAK,MAAA,CAAO,MAAA,KAAW,CAAA,EAAG;AAC3D,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,MAAM,SAA6B,EAAC;AACpC,EAAA,IAAI,oBAAA,GAAuB,KAAA;AAE3B,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AAC3C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,MAAA,CAAO,CAAC,CAAA;AAG3B,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AAC9C,MAAA,MAAM,aAAA,GAAgB,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,KAAK,CAAA;AAEvE,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,2BAAA;AAAA,QACX,KAAA,EAAO,aAAA;AAAA,QACP,MAAA,EAAQ,gBACJ,MAAA,GACA;AAAA,OACL,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,oBAAA,GAAuB,IAAA;AAAA,MACzB;AAAA,IACF;AAIA,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,KAAK,CAAA,EAAG;AAC5C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,iBAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AAAA,IACH;AAGA,IAAA,IAAI,KAAA,CAAM,cAAc,kBAAA,EAAoB;AAC1C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,2BAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AACD,MAAA,oBAAA,GAAuB,IAAA;AAAA,IACzB;AAAA,EACF;AAGA,EAAA,IAAI,KAAK,YAAA,IAAgB,gBAAA,CAAiB,IAAA,CAAK,KAAK,MAAM,KAAA,EAAO;AAC/D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,WAAA,CAAY,IAAA,CAAK,KAAK,CAAA;AACvC,MAAA,MAAM,aAAA,GAAgB,eAAA,CAAgB,IAAA,CAAK,YAAA,EAAc,QAAQ,CAAA;AACjE,MAAA,IAAI,CAAC,aAAA,EAAe;AAClB,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,KAAA;AAAA,UACP,MAAA;AAAA,UACA,OAAA,EAAS,CAAC,iEAAiE;AAAA,SAC7E;AAAA,MACF;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;;;AC1fA,IAAA,oBAAA,GAAA;AAAA,QAAA,CAAA,oBAAA,EAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,gCAAA,EAAA,MAAA,gCAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,8BAAA,EAAA,MAAA,8BAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,SAAA,EAAA,MAAA,SAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACKO,SAAS,UAAU,KAAA,EAAoB;AAC5C,EAAA,YAAA,CAAa,OAAO,OAAO,CAAA;AAC3B,EAAA,OAAO,GAAG,KAAK,CAAA;AACjB;AAEO,SAAS,WAAW,MAAA,EAAyB;AAClD,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC1B,IAAA,MAAM,IAAI,UAAU,yBAAyB,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,OAAO,GAAA,CAAI,CAAC,KAAA,KAAU,SAAA,CAAU,KAAK,CAAC,CAAA;AAC/C;;;ACZA,IAAM,SAAA,GAAY,CAAA;AAClB,IAAM,OAAA,GAAU,CAAA;AAChB,IAAM,YAAA,GAAe,CAAA;AAEd,SAAS,wBAAwB,KAAA,EAA+B;AACrE,EAAA,OAAA,CAAQ,KAAA,CAAM,KAAA,GAAQ,SAAA,GAAY,CAAA,KAC/B,KAAA,CAAM,MAAM,OAAA,GAAU,CAAA,CAAA,IACtB,KAAA,CAAM,aAAA,GAAgB,YAAA,GAAe,CAAA,CAAA;AAC1C;AAEO,SAAS,mBAAmB,MAAA,EAAgC;AACjE,EAAA,OAAO;AAAA,IACL,KAAA,EAAA,CAAQ,SAAS,SAAA,MAAe,CAAA;AAAA,IAChC,GAAA,EAAA,CAAM,SAAS,OAAA,MAAa,CAAA;AAAA,IAC5B,aAAA,EAAA,CAAgB,SAAS,YAAA,MAAkB;AAAA,GAC7C;AACF;AAEO,SAAS,YAAA,CAAa,QAAgB,IAAA,EAA8B;AACzE,EAAA,QAAQ,IAAA;AAAM,IACZ,KAAK,OAAA;AACH,MAAA,OAAA,CAAQ,SAAS,SAAA,MAAe,CAAA;AAAA,IAClC,KAAK,KAAA;AACH,MAAA,OAAA,CAAQ,SAAS,OAAA,MAAa,CAAA;AAAA,IAChC,KAAK,UAAA;AACH,MAAA,OAAA,CAAQ,SAAS,YAAA,MAAkB,CAAA;AAAA,IACrC;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAAA,EAA8B,EAAE,MAAM,CAAA;AAAA;AAErF;AAEO,SAAS,kBAAkB,MAAA,EAAiC;AACjE,EAAA,MAAM,UAA2B,EAAC;AAClC,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,OAAO,CAAA,EAAG;AACjC,IAAA,OAAA,CAAQ,KAAK,OAAO,CAAA;AAAA,EACtB;AACA,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,KAAK,CAAA,EAAG;AAC/B,IAAA,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACpB;AACA,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,UAAU,CAAA,EAAG;AACpC,IAAA,OAAA,CAAQ,KAAK,UAAU,CAAA;AAAA,EACzB;AACA,EAAA,OAAO,OAAA;AACT;;;AC3CO,SAAS,qBAAqBT,KAAAA,EAA8B;AACjE,EAAA,QAAQA,KAAAA;AAAM,IACZ,KAAK,CAAA;AACH,MAAA,OAAO,QAAA;AAAA,IACT,KAAK,CAAA;AACH,MAAA,OAAO,YAAA;AAAA,IACT,KAAK,CAAA;AACH,MAAA,OAAO,UAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAgC,EAAE,IAAA,EAAAA,OAAM,CAAA;AAAA;AAEvF;AAEO,SAAS,qBAAqB,MAAA,EAAgC;AACnE,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,QAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT,KAAK,YAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT,KAAK,UAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAA,EAA2B,EAAE,QAAQ,CAAA;AAAA;AAEpF;AAEO,SAAS,sBAAsB,MAAA,EAA0C;AAC9E,EAAA,OAAO,MAAA,KAAW,QAAA,IAAY,MAAA,KAAW,YAAA,IAAgB,MAAA,KAAW,UAAA;AACtE;;;AC5BO,SAAS,aAAa,KAAA,EAAwB;AACnD,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,uBAAuB,CAAA;AACjD,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtB,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtB,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC;AAAA,GACxB;AACF;AAEO,SAAS,cAAc,OAAA,EAA0B;AACtD,EAAA,OAAO,CAAA,EAAG,QAAQ,KAAK,CAAA,CAAA,EAAI,QAAQ,KAAK,CAAA,CAAA,EAAI,QAAQ,KAAK,CAAA,CAAA;AAC3D;AAEO,SAAS,eAAA,CAAgB,GAAY,CAAA,EAAwB;AAClE,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,GAAY,CAAA,EAAqB;AAChE,EAAA,OAAO,eAAA,CAAgB,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA;AACnC;AAEO,SAAS,cAAA,CAAe,GAAY,CAAA,EAAqB;AAC9D,EAAA,OAAO,eAAA,CAAgB,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA;AACnC;AAEO,SAAS,iBAAiB,OAAA,EAA6B;AAC5D,EAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iCAAiC,CAAA;AAAA,EAC5E;AAEA,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,OAAA,EAAS,SAAA,KAAc;AAC5C,IAAA,OAAO,eAAA,CAAgB,SAAA,EAAW,OAAO,CAAA,KAAM,IAAI,SAAA,GAAY,OAAA;AAAA,EACjE,CAAC,CAAA;AACH;;;ACjDO,IAAM,gBAAA,GAAmB,UAAA;AACzB,IAAM,qBAAA,GAAwB,cAAA;AAC9B,IAAM,sBAAA,GAAyB,eAAA;AAC/B,IAAM,gCAAA,GAAmC,wBAAA;AACzC,IAAM,mBAAA,GAAsB,aAAA;AAC5B,IAAM,uBAAA,GAA0B,iBAAA;AAChC,IAAM,8BAAA,GAAiC,sBAAA;AACvC,IAAM,wBAAA,GAA2B,iBAAA;AACjC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,yBAAA,GAA4B,kBAAA;AAClC,IAAM,0BAAA,GAA6B,mBAAA;ACL1C,eAAe,UAAU,GAAA,EAA+B;AACtD,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK,EAAE,SAAS,EAAE,MAAA,EAAQ,kBAAA,EAAmB,EAAG,CAAA;AAAA,EACzE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAA4B,EAAE,GAAA,EAAK,KAAK,CAAA;AAAA,EACnF;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B;AAAA,MACnE,GAAA;AAAA,MACA,QAAQ,QAAA,CAAS;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,SAAS,IAAA,EAAK;AAAA,EAC7B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAmC,EAAE,GAAA,EAAK,KAAK,CAAA;AAAA,EAC1F;AACF;AAEA,SAAS,OAAA,CAAQ,SAAiB,SAAA,EAAmC;AACnE,EAAA,MAAM,KAAA,GAAQI,YAAY,OAAO,CAAA;AACjC,EAAA,OAAQ,cAAc,WAAA,GAAcD,SAAAA,CAAU,KAAK,CAAA,GAAIE,OAAO,KAAK,CAAA;AACrE;AAEA,eAAsB,sBAAA,CACpB,KACA,SAAA,EACc;AACd,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AAEA,EAAA,IAAI,SAAA,KAAc,WAAA,IAAe,SAAA,KAAc,QAAA,EAAU;AACvD,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,6BAAA,EAAgC,SAAS,CAAA,mCAAA,CAAA,EAAuC,EAAE,WAAW,CAAA;AAAA,EACxI;AAEA,EAAA,MAAM,IAAA,GAAO,MAAM,SAAA,CAAU,GAAG,CAAA;AAChC,EAAA,MAAM,OAAA,GAAU,iBAAiB,IAAI,CAAA;AACrC,EAAA,OAAO,OAAA,CAAQ,SAAS,SAAS,CAAA;AACnC;AAEA,eAAsB,iBAAA,CACpB,GAAA,EACA,YAAA,EACA,SAAA,EACkB;AAClB,EAAA,MAAM,YAAA,GAAe,MAAM,sBAAA,CAAuB,GAAA,EAAK,SAAS,CAAA;AAChE,EAAA,OAAO,YAAA,CAAa,WAAA,EAAY,KAAM,YAAA,CAAa,WAAA,EAAY;AACjE","file":"index.js","sourcesContent":["export class OmaTrustError extends Error {\n code: string;\n details?: unknown;\n\n constructor(code: string, message: string, details?: unknown) {\n super(message);\n this.name = \"OmaTrustError\";\n this.code = code;\n this.details = details;\n }\n}\n\nexport function toOmaTrustError(\n code: string,\n message: string,\n details?: unknown\n): OmaTrustError {\n return new OmaTrustError(code, message, details);\n}\n","import { OmaTrustError } from \"./errors\";\n\nexport function assertString(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is string {\n if (typeof value !== \"string\" || value.trim().length === 0) {\n throw new OmaTrustError(code, `${name} must be a non-empty string`, { value });\n }\n}\n\nexport function assertNumber(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is number {\n if (typeof value !== \"number\" || Number.isNaN(value)) {\n throw new OmaTrustError(code, `${name} must be a valid number`, { value });\n }\n}\n\nexport function assertObject(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is Record<string, unknown> {\n if (!value || typeof value !== \"object\" || Array.isArray(value)) {\n throw new OmaTrustError(code, `${name} must be an object`, { value });\n }\n}\n\nexport function asError(err: unknown): Error {\n if (err instanceof Error) {\n return err;\n }\n return new Error(String(err));\n}\n","export * from \"./did\";\nexport * from \"./did-url\";\nexport * from \"./jwk\";\nexport * from \"./resolve-key\";\nexport * from \"./controller-id\";\nexport * from \"./types\";\nexport * from \"./caip\";\nexport * from \"./data\";\nexport * from \"./artifact\";\nexport * from \"./did-migration\";\n","import { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\n\nexport type Caip10 = string;\n\nexport type ParsedCaip10 = {\n namespace: string;\n reference: string;\n address: string;\n};\n\nexport type ParsedCaip2 = {\n namespace: string;\n reference: string;\n};\n\nconst CAIP_10_REGEX = /^(?<namespace>[a-z0-9-]+):(?<reference>[a-zA-Z0-9-]+):(?<address>.+)$/;\nconst CAIP_2_REGEX = /^(?<namespace>[a-z0-9-]+):(?<reference>[a-zA-Z0-9-]+)$/;\n\nexport function parseCaip10(input: string): ParsedCaip10 {\n assertString(input, \"input\", \"INVALID_CAIP\");\n const trimmed = input.trim();\n const match = trimmed.match(CAIP_10_REGEX);\n if (!match?.groups) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-10 format\", { input });\n }\n\n const namespace = match.groups.namespace;\n const reference = match.groups.reference;\n const address = match.groups.address;\n\n if (!namespace || !reference || !address) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-10 components\", { input });\n }\n\n return { namespace, reference, address };\n}\n\nexport function buildCaip10(namespace: string, reference: string, address: string): Caip10 {\n assertString(namespace, \"namespace\", \"INVALID_CAIP\");\n assertString(reference, \"reference\", \"INVALID_CAIP\");\n assertString(address, \"address\", \"INVALID_CAIP\");\n return `${namespace}:${reference}:${address}`;\n}\n\nexport function normalizeCaip10(input: string): Caip10 {\n const parsed = parseCaip10(input);\n const namespace = parsed.namespace.toLowerCase();\n const reference = parsed.reference;\n\n let address = parsed.address;\n if (namespace === \"eip155\") {\n address = address.toLowerCase();\n }\n\n return buildCaip10(namespace, reference, address);\n}\n\nexport function buildCaip2(namespace: string, reference: string): string {\n assertString(namespace, \"namespace\", \"INVALID_CAIP\");\n assertString(reference, \"reference\", \"INVALID_CAIP\");\n return `${namespace}:${reference}`;\n}\n\nexport function parseCaip2(caip2: string): ParsedCaip2 {\n assertString(caip2, \"caip2\", \"INVALID_CAIP\");\n const trimmed = caip2.trim();\n const match = trimmed.match(CAIP_2_REGEX);\n if (!match?.groups) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-2 format\", { caip2 });\n }\n\n const namespace = match.groups.namespace;\n const reference = match.groups.reference;\n if (!namespace || !reference) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-2 components\", { caip2 });\n }\n\n return { namespace, reference };\n}\n","/**\n * JWK and did:jwk Helpers — Phase 2\n *\n * Provides conversion between public JWKs and did:jwk DIDs,\n * deterministic JWK comparison, and public JWK validation.\n *\n * did:jwk is the preferred durable DID representation for JWS/JWK public key\n * material. It is immutable (the DID IS the key) and should be used as the\n * controllerDid for authorization checks.\n *\n * Uses the `jose` library for base64url encoding/decoding and JWK thumbprints.\n */\n\nimport { base64url, calculateJwkThumbprint } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertObject } from \"../shared/assert\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Minimal public JWK structure */\nexport interface PublicJwk {\n kty: string;\n [key: string]: unknown;\n}\n\n/** Result of JWK validation */\nexport interface JwkValidationResult {\n valid: boolean;\n error?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst VALID_KTY = new Set([\"EC\", \"OKP\", \"RSA\"]);\n\n/** Private key fields that must not appear in a public JWK */\nconst PRIVATE_KEY_FIELDS = new Set([\"d\", \"p\", \"q\", \"dp\", \"dq\", \"qi\", \"oth\"]);\n\n/**\n * Required public key fields per key type.\n * Used for structural validation.\n */\nconst REQUIRED_PUBLIC_FIELDS: Record<string, string[]> = {\n EC: [\"crv\", \"x\", \"y\"],\n OKP: [\"crv\", \"x\"],\n RSA: [\"n\", \"e\"],\n};\n\n// ---------------------------------------------------------------------------\n// Public JWK Validation\n// ---------------------------------------------------------------------------\n\n/**\n * Validate that a JWK object is a well-formed public key.\n *\n * Requirements:\n * - Must be a non-null object\n * - Must have a valid `kty` (EC, OKP, RSA)\n * - Must have required public key fields for its key type\n * - Must NOT contain private key material (d, p, q, dp, dq, qi, oth)\n */\nexport function validatePublicJwk(jwk: unknown): JwkValidationResult {\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n return { valid: false, error: \"JWK must be a non-null object\" };\n }\n\n const obj = jwk as Record<string, unknown>;\n\n // Check kty\n const kty = obj.kty;\n if (typeof kty !== \"string\" || !VALID_KTY.has(kty)) {\n return {\n valid: false,\n error: `Invalid or missing kty (must be one of: ${[...VALID_KTY].join(\", \")})`,\n };\n }\n\n // Reject private key material\n for (const field of PRIVATE_KEY_FIELDS) {\n if (field in obj) {\n return {\n valid: false,\n error: `JWK contains private key field \"${field}\" — only public keys are allowed`,\n };\n }\n }\n\n // Check required public fields\n const required = REQUIRED_PUBLIC_FIELDS[kty];\n if (required) {\n for (const field of required) {\n if (!(field in obj) || obj[field] === undefined || obj[field] === null || obj[field] === \"\") {\n return {\n valid: false,\n error: `Missing required public key field \"${field}\" for kty=\"${kty}\"`,\n };\n }\n }\n }\n\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// did:jwk Conversion\n// ---------------------------------------------------------------------------\n\n/**\n * Deterministic JSON serialization for JWK.\n * Keys are sorted alphabetically to ensure canonical encoding.\n */\nfunction canonicalizeJwkJson(jwk: Record<string, unknown>): string {\n const sorted = Object.keys(jwk).sort();\n const obj: Record<string, unknown> = {};\n for (const key of sorted) {\n obj[key] = jwk[key];\n }\n return JSON.stringify(obj);\n}\n\n/**\n * Convert a public JWK to a did:jwk DID.\n *\n * Uses deterministic (sorted-key) JSON serialization and base64url encoding.\n * Rejects JWKs containing private key material.\n *\n * @param jwk - A public JWK object\n * @returns The did:jwk DID string\n * @throws OmaTrustError if the JWK is invalid or contains private key material\n */\nexport function jwkToDidJwk(jwk: unknown): string {\n assertObject(jwk, \"jwk\", \"INVALID_JWK\");\n\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_JWK\", validation.error ?? \"Invalid public JWK\", { jwk });\n }\n\n const canonical = canonicalizeJwkJson(jwk as Record<string, unknown>);\n const encoded = base64url.encode(new TextEncoder().encode(canonical));\n return `did:jwk:${encoded}`;\n}\n\n/**\n * Convert a did:jwk DID back to a public JWK object.\n *\n * Validates the DID structure, decodes the base64url payload,\n * parses JSON, and validates the resulting JWK.\n *\n * @param didJwk - A did:jwk DID string\n * @returns The decoded public JWK object\n * @throws OmaTrustError if the DID is malformed or contains private key material\n */\nexport function didJwkToJwk(didJwk: string): PublicJwk {\n if (typeof didJwk !== \"string\" || !didJwk.startsWith(\"did:jwk:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:jwk DID\", { input: didJwk });\n }\n\n const parts = didJwk.split(\":\");\n if (parts.length !== 3) {\n throw new OmaTrustError(\"INVALID_DID\", \"did:jwk must have exactly 3 colon-separated parts\", {\n input: didJwk,\n });\n }\n\n const encoded = parts[2];\n if (!encoded || encoded.length === 0) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing base64url-encoded JWK identifier\", {\n input: didJwk,\n });\n }\n\n // Decode using jose base64url\n let decoded: string;\n try {\n const bytes = base64url.decode(encoded);\n decoded = new TextDecoder().decode(bytes);\n } catch {\n throw new OmaTrustError(\"INVALID_DID\", \"Failed to base64url-decode did:jwk identifier\", {\n input: didJwk,\n });\n }\n\n let jwk: Record<string, unknown>;\n try {\n jwk = JSON.parse(decoded);\n } catch {\n throw new OmaTrustError(\"INVALID_DID\", \"Decoded did:jwk identifier is not valid JSON\", {\n input: didJwk,\n });\n }\n\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Decoded did:jwk must be a JSON object\", {\n input: didJwk,\n });\n }\n\n // Validate as public JWK\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_DID\", validation.error ?? \"Invalid public JWK in did:jwk\", {\n input: didJwk,\n });\n }\n\n return jwk as PublicJwk;\n}\n\n// ---------------------------------------------------------------------------\n// Public JWK Comparison\n// ---------------------------------------------------------------------------\n\n/**\n * Extract only the public key fields from a JWK for comparison purposes.\n * Strips private fields and non-key metadata (kid, use, key_ops, alg, ext).\n */\nfunction extractPublicKeyFields(jwk: Record<string, unknown>): Record<string, unknown> {\n const result: Record<string, unknown> = {};\n const metadataFields = new Set([\"kid\", \"use\", \"key_ops\", \"alg\", \"ext\"]);\n\n for (const [key, value] of Object.entries(jwk)) {\n if (PRIVATE_KEY_FIELDS.has(key)) continue;\n if (metadataFields.has(key)) continue;\n result[key] = value;\n }\n\n return result;\n}\n\n/**\n * Compare two public JWKs for equality.\n *\n * Compares only the public key material fields (kty, crv, x, y, n, e, etc.).\n * Ignores property order, metadata fields (kid, use, alg, key_ops, ext),\n * and rejects/strips private key fields before comparison.\n *\n * @param a - First public JWK\n * @param b - Second public JWK\n * @returns true if both JWKs represent the same public key\n * @throws OmaTrustError if either JWK contains private key material\n */\nexport function publicJwkEquals(a: unknown, b: unknown): boolean {\n assertObject(a, \"a\", \"INVALID_JWK\");\n assertObject(b, \"b\", \"INVALID_JWK\");\n\n const aObj = a as Record<string, unknown>;\n const bObj = b as Record<string, unknown>;\n\n // Reject if either contains private key material\n for (const field of PRIVATE_KEY_FIELDS) {\n if (field in aObj) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `First JWK contains private key field \"${field}\"`,\n { field }\n );\n }\n if (field in bObj) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `Second JWK contains private key field \"${field}\"`,\n { field }\n );\n }\n }\n\n const aPublic = extractPublicKeyFields(aObj);\n const bPublic = extractPublicKeyFields(bObj);\n\n // Compare via canonical JSON\n return canonicalizeJwkJson(aPublic) === canonicalizeJwkJson(bPublic);\n}\n\n\n// ---------------------------------------------------------------------------\n// JWK Thumbprint (RFC 7638)\n// ---------------------------------------------------------------------------\n\n/**\n * Compute an RFC 7638 JWK Thumbprint for a public JWK.\n *\n * Returns the base64url-encoded SHA-256 thumbprint. This is a compact,\n * deterministic fingerprint of the public key material.\n *\n * Used in OMATrust DNS TXT records as: `jkt=S256:<thumbprint>`\n *\n * @param jwk - A public JWK object\n * @param digestAlgorithm - Hash algorithm (default: \"sha256\")\n * @returns base64url-encoded thumbprint string\n * @throws OmaTrustError if the JWK is invalid or contains private key material\n */\nexport async function computeJwkThumbprint(\n jwk: unknown,\n digestAlgorithm: \"sha256\" | \"sha384\" | \"sha512\" = \"sha256\"\n): Promise<string> {\n assertObject(jwk, \"jwk\", \"INVALID_JWK\");\n\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_JWK\", validation.error ?? \"Invalid public JWK\", { jwk });\n }\n\n // jose's calculateJwkThumbprint expects a JWK-like object and a digest algorithm\n const alg = digestAlgorithm === \"sha256\" ? \"sha256\"\n : digestAlgorithm === \"sha384\" ? \"sha384\"\n : \"sha512\";\n\n return calculateJwkThumbprint(jwk as Parameters<typeof calculateJwkThumbprint>[0], alg);\n}\n\n/**\n * Format a JWK thumbprint as an OMATrust DNS TXT `jkt` value.\n *\n * Format: `jkt=S256:<base64url-thumbprint>`\n *\n * @param jwk - A public JWK object\n * @returns Formatted jkt string for DNS TXT records\n */\nexport async function formatJktValue(jwk: unknown): Promise<string> {\n const thumbprint = await computeJwkThumbprint(jwk, \"sha256\");\n return `jkt=S256:${thumbprint}`;\n}\n","import { getAddress, isAddress, keccak256, toUtf8Bytes } from \"ethers\";\nimport { base64url } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\nimport { parseCaip10 } from \"./caip\";\nimport { validatePublicJwk } from \"./jwk\";\n\nexport type Hex = `0x${string}`;\nexport type Did = string;\n\nconst DID_REGEX = /^did:[a-z0-9]+:.+$/i;\n\nexport function isValidDid(did: string): boolean {\n return DID_REGEX.test(did);\n}\n\nexport function extractDidMethod(did: Did): string | null {\n const match = did.match(/^did:([a-z0-9]+):/i);\n return match ? match[1] : null;\n}\n\nexport function extractDidIdentifier(did: Did): string | null {\n const match = did.match(/^did:[a-z0-9]+:(.+)$/i);\n return match ? match[1] : null;\n}\n\nexport function normalizeDomain(domain: string): string {\n assertString(domain, \"domain\", \"INVALID_DID\");\n return domain.trim().toLowerCase().replace(/\\.$/, \"\").replace(/^www\\./, \"\");\n}\n\nexport function normalizeDidWeb(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n\n if (trimmed.startsWith(\"did:\") && !trimmed.startsWith(\"did:web:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:web DID\", { input });\n }\n\n const identifier = trimmed.startsWith(\"did:web:\")\n ? trimmed.slice(\"did:web:\".length)\n : trimmed;\n\n const [host, ...pathParts] = identifier.split(\"/\");\n if (!host) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:web identifier\", { input });\n }\n\n const normalizedHost = normalizeDomain(host);\n const path = pathParts.length > 0 ? `/${pathParts.join(\"/\")}` : \"\";\n return `did:web:${normalizedHost}${path}`;\n}\n\nexport function normalizeDidPkh(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:pkh:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:pkh DID\", { input });\n }\n\n const parts = trimmed.split(\":\");\n if (parts.length !== 5) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh format\", { input });\n }\n\n const [, , namespace, chainId, address] = parts;\n if (!namespace || !chainId || !address) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh components\", { input });\n }\n\n return `did:pkh:${namespace.toLowerCase()}:${chainId}:${address.toLowerCase()}`;\n}\n\nexport function normalizeDidHandle(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:handle:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:handle DID\", { input });\n }\n\n const parts = trimmed.split(\":\");\n if (parts.length !== 4) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:handle format\", { input });\n }\n\n const [, , platform, username] = parts;\n if (!platform || !username) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:handle components\", { input });\n }\n\n return `did:handle:${platform.toLowerCase()}:${username}`;\n}\n\nexport function normalizeDidKey(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:key:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:key DID\", { input });\n }\n\n return trimmed;\n}\n\nexport function normalizeDid(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n // Strip DID URL fragment (#...) — fragments are not part of the DID itself (W3C DID Core §3.5)\n const trimmed = input.trim().split(\"#\")[0];\n\n if (!trimmed.startsWith(\"did:\")) {\n return normalizeDidWeb(trimmed);\n }\n\n if (!isValidDid(trimmed)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid DID format\", { input });\n }\n\n const method = extractDidMethod(trimmed);\n switch (method) {\n case \"web\":\n return normalizeDidWeb(trimmed);\n case \"pkh\":\n return normalizeDidPkh(trimmed);\n case \"handle\":\n return normalizeDidHandle(trimmed);\n case \"key\":\n return normalizeDidKey(trimmed);\n case \"jwk\":\n return normalizeDidJwk(trimmed);\n default:\n return trimmed;\n }\n}\n\nexport function computeDidHash(did: Did): Hex {\n const normalized = normalizeDid(did);\n return keccak256(toUtf8Bytes(normalized)) as Hex;\n}\n\nexport function computeDidAddress(didHash: Hex): Hex {\n assertString(didHash, \"didHash\", \"INVALID_DID\");\n if (!/^0x[0-9a-fA-F]{64}$/.test(didHash)) {\n throw new OmaTrustError(\"INVALID_DID\", \"didHash must be 32-byte hex\", { didHash });\n }\n\n // Spec: low-order 160 bits of didHash, serialized as lowercase 0x-hex.\n return `0x${didHash.slice(-40).toLowerCase()}` as Hex;\n}\n\nexport function didToAddress(did: Did): Hex {\n return computeDidAddress(computeDidHash(did));\n}\n\nexport function validateDidAddress(did: Did, address: Hex): boolean {\n try {\n return didToAddress(did).toLowerCase() === String(address).toLowerCase();\n } catch {\n return false;\n }\n}\n\nexport function buildDidWeb(domain: string): Did {\n return `did:web:${normalizeDomain(domain)}`;\n}\n\nexport function buildDidPkh(\n namespace: string,\n chainId: string | number,\n address: string\n): Did {\n assertString(namespace, \"namespace\", \"INVALID_DID\");\n assertString(address, \"address\", \"INVALID_DID\");\n if (chainId === \"\" || chainId === null || chainId === undefined) {\n throw new OmaTrustError(\"INVALID_DID\", \"chainId is required\", { chainId });\n }\n return `did:pkh:${namespace.toLowerCase()}:${chainId}:${address.toLowerCase()}`;\n}\n\nexport function buildEvmDidPkh(chainId: string | number, address: string): Did {\n return buildDidPkh(\"eip155\", chainId, address);\n}\n\nexport function buildDidPkhFromCaip10(caip10: string): Did {\n const parsed = parseCaip10(caip10);\n return buildDidPkh(parsed.namespace, parsed.reference, parsed.address);\n}\n\nfunction parseDidPkh(did: Did): { namespace: string; chainId: string; address: string } | null {\n if (!did.startsWith(\"did:pkh:\")) {\n return null;\n }\n\n const parts = did.split(\":\");\n if (parts.length !== 5) {\n return null;\n }\n\n const [, , namespace, chainId, address] = parts;\n if (!namespace || !chainId || !address) {\n return null;\n }\n\n return { namespace, chainId, address };\n}\n\nexport function getChainIdFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.chainId ?? null;\n}\n\nexport function getAddressFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.address ?? null;\n}\n\nexport function getNamespaceFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.namespace ?? null;\n}\n\nexport function isEvmDidPkh(did: Did): boolean {\n return getNamespaceFromDidPkh(did) === \"eip155\";\n}\n\nexport function getDomainFromDidWeb(did: Did): string | null {\n if (!did.startsWith(\"did:web:\")) {\n return null;\n }\n\n const identifier = did.slice(\"did:web:\".length);\n const [domain] = identifier.split(\"/\");\n return domain || null;\n}\n\n/**\n * Extract an EVM address from a DID or address-like identifier.\n *\n * Supports:\n * - did:pkh (extracts the address portion — currently EVM only)\n * - did:ethr (extracts the Ethereum address)\n * - CAIP-10 format (e.g. eip155:1:0xABC)\n * - Raw EVM addresses (0x + 40 hex chars)\n *\n * NOTE: This function is EVM-specific. It does not support non-EVM chains\n * (e.g. Solana, Cosmos). Non-EVM did:pkh identifiers will throw.\n * A future version may generalize to support multiple chain families.\n *\n * @param identifier - A DID, CAIP-10 string, or raw EVM address\n * @returns The checksummed EVM address\n * @throws OmaTrustError if the identifier cannot be resolved to an EVM address\n */\nexport function extractAddressFromDid(identifier: string): string {\n assertString(identifier, \"identifier\", \"INVALID_DID\");\n\n if (identifier.startsWith(\"did:pkh:\")) {\n const pkh = parseDidPkh(normalizeDidPkh(identifier));\n if (!pkh) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh identifier\", { identifier });\n }\n return pkh.address;\n }\n\n if (identifier.startsWith(\"did:ethr:\")) {\n const parts = identifier.replace(\"did:ethr:\", \"\").split(\":\");\n const address = parts.length === 1 ? parts[0] : parts[1];\n if (!address || !isAddress(address)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:ethr identifier\", { identifier });\n }\n return getAddress(address);\n }\n\n if (identifier.match(/^[a-z0-9-]+:[a-zA-Z0-9-]+:0x[a-fA-F0-9]{40}$/)) {\n const parsed = parseCaip10(identifier);\n return parsed.address;\n }\n\n if (isAddress(identifier)) {\n return getAddress(identifier);\n }\n\n throw new OmaTrustError(\"INVALID_DID\", \"Unsupported identifier format\", { identifier });\n}\n\n// ---------------------------------------------------------------------------\n// Private-Key DID Validation\n// ---------------------------------------------------------------------------\n\n/** Result of private-key DID validation */\nexport interface PrivateKeyDidValidation {\n valid: boolean;\n method: \"pkh\" | \"jwk\" | null;\n error?: string;\n}\n\n// CAIP-2 namespace: lowercase alphanumeric + hyphens, 3-8 chars per spec\nconst CAIP2_NAMESPACE_REGEX = /^[a-z0-9-]{3,8}$/;\n\n// Base64url character set (no padding required)\nconst BASE64URL_REGEX = /^[A-Za-z0-9_-]+$/;\n\nconst VALID_JWK_KTY = new Set([\"EC\", \"OKP\", \"RSA\"]);\n\n/**\n * Check if a DID uses a private-key method (can sign transactions/messages).\n * Quick boolean check — use validatePrivateKeyDid() for detailed errors.\n */\nexport function isPrivateKeyDid(did: string): boolean {\n return validatePrivateKeyDid(did).valid;\n}\n\n/**\n * Validate that a DID is a well-formed private-key DID.\n * Returns detailed validation result with method identification and error messages.\n *\n * Supported methods:\n * - did:pkh — CAIP-10 blockchain account (deep validation for eip155)\n * - did:jwk — JSON Web Key (structural validation)\n */\nexport function validatePrivateKeyDid(did: string): PrivateKeyDidValidation {\n if (typeof did !== \"string\" || did.trim().length === 0) {\n return { valid: false, method: null, error: \"DID must be a non-empty string\" };\n }\n\n const trimmed = did.trim();\n const method = extractDidMethod(trimmed);\n\n switch (method) {\n case \"pkh\":\n return validateDidPkh(trimmed);\n case \"jwk\":\n return validateDidJwk(trimmed);\n default:\n return {\n valid: false,\n method: null,\n error: method\n ? `DID method \"${method}\" is not a recognized private-key method`\n : \"Invalid DID format\"\n };\n }\n}\n\n/**\n * Validate a did:pkh DID.\n *\n * Format: did:pkh:<namespace>:<chainId>:<address>\n * - Must have exactly 5 colon-separated parts\n * - namespace must be a valid CAIP-2 namespace (lowercase alphanumeric + hyphens, 3-8 chars)\n * - chainId must be non-empty\n * - address must be non-empty\n * - For eip155 namespace: address must be a valid EVM address (0x + 40 hex chars)\n * - For other namespaces: address must be non-empty (permissive fallback)\n */\nfunction validateDidPkh(did: string): PrivateKeyDidValidation {\n const parts = did.split(\":\");\n if (parts.length !== 5) {\n return {\n valid: false,\n method: \"pkh\",\n error: `did:pkh must have exactly 5 colon-separated parts, got ${parts.length}`\n };\n }\n\n const [, , namespace, chainId, address] = parts;\n\n if (!namespace) {\n return { valid: false, method: \"pkh\", error: \"Missing namespace\" };\n }\n\n if (!CAIP2_NAMESPACE_REGEX.test(namespace)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid CAIP-2 namespace \"${namespace}\" (must be 3-8 lowercase alphanumeric/hyphen chars)`\n };\n }\n\n if (!chainId) {\n return { valid: false, method: \"pkh\", error: \"Missing chain ID (reference)\" };\n }\n\n if (!address) {\n return { valid: false, method: \"pkh\", error: \"Missing address\" };\n }\n\n // Deep validation for eip155 (EVM) namespace\n if (namespace === \"eip155\") {\n // Chain ID should be numeric for eip155\n if (!/^\\d+$/.test(chainId)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid eip155 chain ID \"${chainId}\" (must be numeric)`\n };\n }\n\n // Address must be a valid EVM address\n if (!isAddress(address)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid EVM address \"${address}\" (must be 0x + 40 hex chars)`\n };\n }\n }\n\n // Deep validation for solana namespace\n if (namespace === \"solana\") {\n // Solana addresses are base58-encoded public keys, 32-44 characters\n if (!/^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(address)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid Solana address \"${address}\" (must be 32-44 base58 characters)`\n };\n }\n }\n\n return { valid: true, method: \"pkh\" };\n}\n\n/**\n * Validate a did:jwk DID.\n *\n * Format: did:jwk:<base64url-encoded-JWK>\n * - Must have exactly 3 colon-separated parts\n * - Identifier must be valid base64url\n * - Decoded value must be valid JSON\n * - Decoded JSON must contain a valid kty field (EC, OKP, RSA)\n * - Must NOT contain d (private key component)\n */\nfunction validateDidJwk(did: string): PrivateKeyDidValidation {\n const parts = did.split(\":\");\n if (parts.length !== 3) {\n return {\n valid: false,\n method: \"jwk\",\n error: `did:jwk must have exactly 3 colon-separated parts, got ${parts.length}`\n };\n }\n\n const [, , encoded] = parts;\n\n if (!encoded || encoded.length === 0) {\n return { valid: false, method: \"jwk\", error: \"Missing base64url-encoded JWK identifier\" };\n }\n\n if (!BASE64URL_REGEX.test(encoded)) {\n return {\n valid: false,\n method: \"jwk\",\n error: \"Identifier contains invalid base64url characters\"\n };\n }\n\n // Decode base64url to JSON\n let decoded: string;\n try {\n const bytes = base64url.decode(encoded);\n decoded = new TextDecoder().decode(bytes);\n } catch {\n return { valid: false, method: \"jwk\", error: \"Failed to base64url-decode identifier\" };\n }\n\n let jwk: Record<string, unknown>;\n try {\n jwk = JSON.parse(decoded);\n } catch {\n return { valid: false, method: \"jwk\", error: \"Decoded identifier is not valid JSON\" };\n }\n\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n return { valid: false, method: \"jwk\", error: \"Decoded JWK must be a JSON object\" };\n }\n\n // Must have kty\n const kty = jwk.kty;\n if (typeof kty !== \"string\" || !VALID_JWK_KTY.has(kty)) {\n return {\n valid: false,\n method: \"jwk\",\n error: `Invalid or missing kty field (must be one of: EC, OKP, RSA)`\n };\n }\n\n // Must NOT contain private key material\n if (\"d\" in jwk) {\n return {\n valid: false,\n method: \"jwk\",\n error: \"DID must reference a public key — private key component (d) is not allowed\"\n };\n }\n\n // Validate required public key fields per kty (crv/x/y for EC, crv/x for OKP, n/e for RSA)\n const jwkValidation = validatePublicJwk(jwk);\n if (!jwkValidation.valid) {\n return { valid: false, method: \"jwk\", error: jwkValidation.error };\n }\n\n return { valid: true, method: \"jwk\" };\n}\n\n/**\n * Normalize a did:jwk DID.\n * Validates structure and returns the DID unchanged (did:jwk is already canonical).\n */\nexport function normalizeDidJwk(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:jwk:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:jwk DID\", { input });\n }\n\n const result = validateDidJwk(trimmed);\n if (!result.valid) {\n throw new OmaTrustError(\"INVALID_DID\", result.error ?? \"Invalid did:jwk\", { input });\n }\n\n return trimmed;\n}\n","/**\n * DID URL Parsing — Phase 1\n *\n * Parses DID URLs (e.g. did:web:api.example.com#key-1) into their components.\n * DID URLs are mutable key references / lookup handles, not durable controller DIDs.\n */\n\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Parsed DID URL components */\nexport interface ParsedDidUrl {\n /** The original full DID URL */\n didUrl: string;\n /** The base DID (without fragment) */\n did: string;\n /** The fragment identifier (without the '#'), or null if no fragment */\n fragment: string | null;\n}\n\n// ---------------------------------------------------------------------------\n// DID URL Parser\n// ---------------------------------------------------------------------------\n\nconst DID_URL_REGEX = /^did:[a-z0-9]+:.+$/i;\n\n/**\n * Parse a DID URL into its components.\n *\n * A DID URL may include a fragment (e.g. `did:web:api.example.com#key-1`).\n * The fragment identifies a verification method, key reference, or other\n * resource under the DID.\n *\n * DID URLs are mutable key references. They should not be used as durable\n * controller DIDs. Use `resolveDidUrlControllerDid()` to derive a durable\n * `did:jwk` from a DID URL.\n *\n * @param input - A DID URL string\n * @returns Parsed components: didUrl, did, fragment\n * @throws OmaTrustError with code INVALID_DID_URL if input is malformed\n */\nexport function parseDidUrl(input: string): ParsedDidUrl {\n assertString(input, \"input\", \"INVALID_DID_URL\");\n const trimmed = input.trim();\n\n // Split on first '#' to separate DID from fragment\n const hashIndex = trimmed.indexOf(\"#\");\n\n let did: string;\n let fragment: string | null;\n\n if (hashIndex === -1) {\n did = trimmed;\n fragment = null;\n } else {\n did = trimmed.slice(0, hashIndex);\n const rawFragment = trimmed.slice(hashIndex + 1);\n\n if (rawFragment.length === 0) {\n throw new OmaTrustError(\n \"INVALID_DID_URL\",\n \"DID URL has empty fragment (trailing '#' with no identifier)\",\n { input }\n );\n }\n\n fragment = rawFragment;\n }\n\n // Validate the base DID portion\n if (!DID_URL_REGEX.test(did)) {\n throw new OmaTrustError(\n \"INVALID_DID_URL\",\n \"Invalid DID URL: base DID portion is malformed\",\n { input, did }\n );\n }\n\n return {\n didUrl: trimmed,\n did,\n fragment,\n };\n}\n\n/**\n * Check whether a string is a DID URL (contains a fragment).\n * Useful for guards that need to reject DID URLs where a bare DID is expected.\n */\nexport function isDidUrl(input: string): boolean {\n if (typeof input !== \"string\") return false;\n const trimmed = input.trim();\n return trimmed.includes(\"#\") && DID_URL_REGEX.test(trimmed.split(\"#\")[0]);\n}\n\n/**\n * Assert that a string is a bare DID (not a DID URL with a fragment).\n * Throws if the input contains a fragment.\n *\n * Use this in functions that expect a subject DID and must reject DID URLs.\n */\nexport function assertBareDid(input: string, paramName = \"did\"): void {\n assertString(input, paramName, \"INVALID_DID\");\n if (isDidUrl(input)) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Expected a bare DID but received a DID URL with a fragment. Use parseDidUrl() to handle DID URLs.`,\n { input }\n );\n }\n}\n","/**\n * DID Document Fetching — shared utility\n *\n * Fetches did:web DID documents from the well-known endpoint.\n * Used by identity/resolve-key and reputation/proof/did-json.\n */\n\nimport { OmaTrustError } from \"./errors\";\n\n/**\n * Fetch a DID document for a did:web domain.\n *\n * Resolves `https://<domain>/.well-known/did.json` and returns the parsed JSON.\n *\n * @param domain - The domain to fetch the DID document from\n * @returns The parsed DID document\n * @throws OmaTrustError with code NETWORK_ERROR if fetch fails\n */\nexport async function fetchDidDocument(\n domain: string\n): Promise<Record<string, unknown>> {\n const normalized = domain.toLowerCase().replace(/\\.$/, \"\");\n const url = `https://${normalized}/.well-known/did.json`;\n\n let response: Response;\n try {\n response = await fetch(url, { headers: { Accept: \"application/json\" } });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch DID document\", { domain, err });\n }\n\n if (!response.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", `DID document fetch failed: ${response.status}`, {\n domain,\n status: response.status,\n });\n }\n\n return (await response.json()) as Record<string, unknown>;\n}\n","/**\n * DID URL Key Resolution — Phase 3\n *\n * Resolves DID URL key references (e.g. did:web:api.example.com#key-1) to\n * public key material and derives durable did:jwk controller DIDs.\n *\n * DID URLs are mutable key references. This module resolves them to the\n * actual public key material they currently point to, then converts that\n * material into an immutable did:jwk for use as a controller DID.\n */\n\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\nimport { fetchDidDocument } from \"../shared/did-document\";\nimport { parseDidUrl } from \"./did-url\";\nimport { extractDidMethod, getDomainFromDidWeb } from \"./did\";\nimport { validatePublicJwk, jwkToDidJwk, type PublicJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Result of resolving a DID URL to public key material */\nexport interface ResolvedPublicKey {\n /** The original DID URL */\n didUrl: string;\n /** The base DID (without fragment) */\n did: string;\n /** The fragment identifier */\n fragment: string | null;\n /** The resolved public JWK */\n publicKeyJwk: PublicJwk;\n /** The verification method ID that matched */\n verificationMethodId: string;\n}\n\n/** Result of resolving a DID URL to a durable controller DID */\nexport interface ResolvedControllerDid extends ResolvedPublicKey {\n /** The durable did:jwk derived from the resolved public key */\n controllerDid: string;\n}\n\n/** Options for DID URL key resolution */\nexport interface ResolveKeyOptions {\n /**\n * Custom DID document fetcher. If not provided, uses the shared\n * fetchDidDocument which fetches from `/.well-known/did.json`.\n */\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\n// ---------------------------------------------------------------------------\n// Verification Method Search\n// ---------------------------------------------------------------------------\n\ninterface VerificationMethod {\n id: string;\n type?: string;\n publicKeyJwk?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\n/**\n * Find a verification method in a DID document by DID URL or fragment.\n */\nfunction findVerificationMethod(\n didDocument: Record<string, unknown>,\n didUrl: string,\n fragment: string | null\n): VerificationMethod | null {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return null;\n }\n\n for (const method of methods as VerificationMethod[]) {\n if (!method || typeof method !== \"object\") continue;\n const id = method.id;\n if (typeof id !== \"string\") continue;\n\n // Match by full DID URL\n if (id === didUrl) return method;\n\n // Match by fragment (e.g. \"#key-1\" matches \"did:web:example.com#key-1\")\n if (fragment && (id === `#${fragment}` || id.endsWith(`#${fragment}`))) {\n return method;\n }\n }\n\n return null;\n}\n\n/**\n * Extract verification method IDs from a DID document for error reporting.\n */\nfunction extractMethodIdsFromDidDocument(didDocument: Record<string, unknown>): string[] {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) return [];\n return (methods as Array<Record<string, unknown>>)\n .filter((m) => m && typeof m.id === \"string\")\n .map((m) => m.id as string);\n}\n\n// ---------------------------------------------------------------------------\n// Public API\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve a DID URL to public key material.\n *\n * Currently supports:\n * - did:web with fragment (e.g. did:web:api.example.com#key-1)\n *\n * Resolution steps:\n * 1. Parse the DID URL\n * 2. Resolve the base DID (fetch DID document)\n * 3. Find the matching verification method\n * 4. Extract and validate publicKeyJwk\n *\n * This function only obtains key material. It does not make authorization\n * decisions or check Controller Witness / Key Binding records.\n *\n * @param didUrl - A DID URL string (e.g. \"did:web:api.example.com#key-1\")\n * @param options - Optional configuration (custom fetcher, etc.)\n * @returns Resolved public key information\n * @throws OmaTrustError if resolution fails\n */\nexport async function resolveDidUrlToPublicKey(\n didUrl: string,\n options?: ResolveKeyOptions\n): Promise<ResolvedPublicKey> {\n assertString(didUrl, \"didUrl\", \"INVALID_DID_URL\");\n\n const parsed = parseDidUrl(didUrl);\n const method = extractDidMethod(parsed.did);\n\n if (!method) {\n throw new OmaTrustError(\"INVALID_DID_URL\", \"Cannot extract DID method from DID URL\", {\n didUrl,\n did: parsed.did,\n });\n }\n\n switch (method) {\n case \"web\":\n return resolveDidUrlKey(parsed.didUrl, parsed.did, parsed.fragment, options);\n default:\n throw new OmaTrustError(\n \"UNSUPPORTED_DID_METHOD\",\n `DID URL key resolution is not supported for method \"${method}\"`,\n { didUrl, method }\n );\n }\n}\n\n/**\n * Resolve a DID URL to a durable controller DID.\n *\n * This wraps resolveDidUrlToPublicKey and adds the did:jwk conversion step.\n * The returned controllerDid is the durable DID that callers should pass\n * to getControllerAuthorization.\n *\n * @param didUrl - A DID URL string (e.g. \"did:web:api.example.com#key-1\")\n * @param options - Optional configuration (custom fetcher, etc.)\n * @returns Resolved public key plus derived did:jwk controller DID\n * @throws OmaTrustError if resolution fails\n */\nexport async function resolveDidUrlToControllerDid(\n didUrl: string,\n options?: ResolveKeyOptions\n): Promise<ResolvedControllerDid> {\n const resolved = await resolveDidUrlToPublicKey(didUrl, options);\n const controllerDid = jwkToDidJwk(resolved.publicKeyJwk);\n\n return {\n ...resolved,\n controllerDid,\n };\n}\n\n// ---------------------------------------------------------------------------\n// did:web Resolution\n// ---------------------------------------------------------------------------\n\nasync function resolveDidUrlKey(\n didUrl: string,\n did: string,\n fragment: string | null,\n options?: ResolveKeyOptions\n): Promise<ResolvedPublicKey> {\n const domain = getDomainFromDidWeb(did);\n if (!domain) {\n throw new OmaTrustError(\"INVALID_DID_URL\", \"Cannot extract domain from did:web DID\", {\n didUrl,\n did,\n });\n }\n\n // Fetch DID document\n const fetchFn = options?.fetchDidDocument ?? fetchDidDocument;\n const didDocument = await fetchFn(domain);\n\n // Find verification method\n const method = findVerificationMethod(didDocument, didUrl, fragment);\n if (!method) {\n throw new OmaTrustError(\n \"KEY_NOT_FOUND\",\n `No verification method found matching \"${fragment ? `#${fragment}` : didUrl}\"`,\n { didUrl, fragment, availableMethods: extractMethodIdsFromDidDocument(didDocument) }\n );\n }\n\n // Extract publicKeyJwk\n const publicKeyJwk = method.publicKeyJwk;\n if (!publicKeyJwk || typeof publicKeyJwk !== \"object\") {\n throw new OmaTrustError(\n \"KEY_NOT_FOUND\",\n `Verification method \"${method.id}\" does not contain publicKeyJwk`,\n { didUrl, verificationMethodId: method.id }\n );\n }\n\n // Validate the JWK is a valid public key\n const validation = validatePublicJwk(publicKeyJwk);\n if (!validation.valid) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `publicKeyJwk in verification method \"${method.id}\" is invalid: ${validation.error}`,\n { didUrl, verificationMethodId: method.id }\n );\n }\n\n return {\n didUrl,\n did,\n fragment,\n publicKeyJwk: publicKeyJwk as PublicJwk,\n verificationMethodId: method.id,\n };\n}\n","/**\n * Controller ID Comparison\n *\n * Determines whether two controller DIDs refer to the same entity.\n * Handles DID normalization and EVM address-based fallback (chain-agnostic).\n */\n\nimport { normalizeDid, extractDidMethod, extractAddressFromDid } from \"./did\";\nimport { didJwkToJwk, publicJwkEquals } from \"./jwk\";\n\n/**\n * Check if two controller DIDs refer to the same entity.\n *\n * Matching strategies (tried in order):\n * 1. Exact normalized DID string match\n * 2. EVM address match (chain-agnostic): if both DIDs resolve to the same\n * EVM address, they match regardless of chain ID. This handles cases like\n * did:pkh:eip155:1:0xABC matching did:pkh:eip155:137:0xABC.\n * 3. JWK material match: if both are did:jwk, compare the decoded public key\n * material directly (handles non-canonical encoding differences).\n *\n * @param a - First controller DID\n * @param b - Second controller DID\n * @returns true if both DIDs refer to the same controller\n */\nexport function isSameControllerId(a: string, b: string): boolean {\n // Strategy 1: Exact normalized DID string match\n let normalizedA: string | null = null;\n let normalizedB: string | null = null;\n\n try {\n normalizedA = normalizeDid(a);\n } catch {\n // a may not be normalizable\n }\n\n try {\n normalizedB = normalizeDid(b);\n } catch {\n // b may not be normalizable\n }\n\n if (normalizedA && normalizedB && normalizedA === normalizedB) {\n return true;\n }\n\n // Strategy 2: EVM address match (chain-agnostic)\n const evmA = extractControllerEvmAddress(a);\n const evmB = extractControllerEvmAddress(b);\n\n if (evmA && evmB && evmA.toLowerCase() === evmB.toLowerCase()) {\n return true;\n }\n\n // Strategy 3: JWK material match (for did:jwk with different encodings)\n const methodA = extractDidMethod(a);\n const methodB = extractDidMethod(b);\n\n if (methodA === \"jwk\" && methodB === \"jwk\") {\n try {\n const jwkA = didJwkToJwk(a);\n const jwkB = didJwkToJwk(b);\n return publicJwkEquals(jwkA, jwkB);\n } catch {\n return false;\n }\n }\n\n return false;\n}\n\n/**\n * Extract an EVM address from a controller DID, if possible.\n * Returns null for non-EVM controllers (did:jwk, non-eip155 did:pkh, etc.)\n */\nexport function extractControllerEvmAddress(controllerDid: string): string | null {\n try {\n const method = extractDidMethod(controllerDid);\n if (method === \"pkh\" && controllerDid.includes(\"eip155\")) {\n return extractAddressFromDid(controllerDid);\n }\n } catch {\n // Not extractable\n }\n return null;\n}\n","/**\n * Identity Types — Phase 4\n *\n * Types for JWS verification results and authorization metadata.\n * These define the contract between signature verification and\n * downstream authorization checks via getControllerAuthorization.\n */\n\nimport type { PublicJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// JWS Verification Result\n// ---------------------------------------------------------------------------\n\n/** Source of the public key used for JWS signature verification */\nexport type PublicKeySource = \"embedded-jwk\" | \"kid-resolution\";\n\n/**\n * Structured result of JWS signature verification.\n *\n * This result is NOT an authorization result. It does not determine whether\n * the signing key was authorized to act for the service identified by resourceUrl.\n *\n * It provides enough information for callers to perform downstream authorization\n * checks via getControllerAuthorization:\n * - publicKeyDid (did:jwk) is the durable controller DID\n * - resourceUrl identifies the service subject\n * - issuedAt enables authorization-window checks for receipts\n */\nexport interface JwsVerificationResult {\n /** Whether the JWS signature is cryptographically valid */\n valid: boolean;\n\n /** Decoded JWS protected header */\n header: Record<string, unknown>;\n\n /** Decoded JWS payload */\n payload: Record<string, unknown>;\n\n /** kid from the JWS header (a key reference, NOT a controller DID) */\n kid: string | null;\n\n /** The public JWK used for signature verification */\n publicKeyJwk: PublicJwk;\n\n /** How the public key was obtained */\n publicKeySource: PublicKeySource;\n\n /**\n * The durable did:jwk derived from the public key.\n * This is the controller DID for downstream authorization checks.\n * Pass this as controllerDid to getControllerAuthorization.\n */\n publicKeyDid: string;\n\n /** Error details when valid is false */\n error?: JwsVerificationError;\n}\n\n/** Error details for failed JWS verification */\nexport interface JwsVerificationError {\n code: string;\n message: string;\n}\n\n/**\n * Failed JWS verification result.\n * Returned when parsing, decoding, or signature verification fails.\n */\nexport interface JwsVerificationFailure {\n valid: false;\n error: JwsVerificationError;\n header?: Record<string, unknown>;\n payload?: Record<string, unknown>;\n kid?: string | null;\n publicKeyJwk?: PublicJwk;\n publicKeySource?: PublicKeySource;\n publicKeyDid?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Authorization Metadata\n// ---------------------------------------------------------------------------\n\n/**\n * Authorization metadata extracted from a verified x402 artifact.\n *\n * This is the information a caller needs to perform an authorization check\n * after signature verification succeeds (JWS or EIP-712).\n *\n * Usage:\n * 1. Verify artifact → get JwsVerificationResult or Eip712VerificationResult\n * 2. Extract AuthorizationMetadata from the result\n * 3. Call getControllerAuthorization({ subjectDid, controllerDid, purpose })\n * 4. Evaluate the returned authorization window against policy\n */\nexport interface AuthorizationMetadata {\n /**\n * The durable controller DID derived from the verified key material.\n * - JWS: did:jwk derived from the public key\n * - EIP-712: did:pkh:eip155:1:<signer-address>\n * Pass this as controllerDid to getControllerAuthorization.\n */\n controllerDid: string;\n\n /**\n * The subject DID derived from resourceUrl.\n * For x402 artifacts, this is typically did:web:<domain-from-resourceUrl>.\n * Pass this as subjectDid to getControllerAuthorization.\n */\n subjectDid: string | null;\n\n /**\n * The resourceUrl from the signed payload.\n * Identifies the service/resource the artifact is associated with.\n */\n resourceUrl: string | null;\n\n /**\n * The issuedAt timestamp from the signed payload (receipts).\n * Used for authorization-window checks — was the controller authorized at this time?\n * May be a string (ISO) or number (unix seconds) depending on the payload.\n */\n issuedAt: string | number | null;\n\n /**\n * The kid from the JWS header (mutable key reference).\n * Useful for key-pinning lookups but NOT a controller DID.\n * Null for EIP-712 artifacts.\n */\n kid: string | null;\n\n /**\n * The public JWK used for signature verification.\n * Present for JWS artifacts, null for EIP-712.\n */\n publicKeyJwk: PublicJwk | null;\n\n /**\n * The recovered signer address (checksummed).\n * Present for EIP-712 artifacts, null for JWS.\n */\n signer: string | null;\n}\n\n// ---------------------------------------------------------------------------\n// Helper\n// ---------------------------------------------------------------------------\n\n/**\n * Input for extractAuthorizationMetadata.\n * Accepts either a JwsVerificationResult or an Eip712VerificationResult.\n */\nexport type VerificationResultInput =\n | JwsVerificationResult\n | { valid: true; payload: Record<string, unknown>; signer: string; artifactType: string };\n\n/**\n * Extract authorization metadata from a successful verification result.\n *\n * Works with both JWS and EIP-712 verification results:\n * - JWS: controllerDid is did:jwk, publicKeyJwk is populated, kid may be present\n * - EIP-712: controllerDid is did:pkh:eip155:1:<signer>, signer is populated\n *\n * Derives the subject DID from resourceUrl when possible (assumes did:web\n * for HTTPS URLs). Returns null for subjectDid if resourceUrl is missing\n * or cannot be parsed.\n *\n * @param result - A successful verification result (valid === true)\n * @returns Authorization metadata for downstream getControllerAuthorization calls\n */\nexport function extractAuthorizationMetadata(\n result: VerificationResultInput\n): AuthorizationMetadata {\n const payload = result.payload;\n\n const resourceUrl = typeof payload.resourceUrl === \"string\" ? payload.resourceUrl : null;\n const issuedAt =\n typeof payload.issuedAt === \"string\"\n ? payload.issuedAt\n : typeof payload.issuedAt === \"number\"\n ? payload.issuedAt\n : null;\n\n // Derive subject DID from resourceUrl\n let subjectDid: string | null = null;\n if (resourceUrl) {\n try {\n const url = new URL(resourceUrl);\n subjectDid = `did:web:${url.hostname}`;\n } catch {\n // Cannot parse URL — leave subjectDid null\n }\n }\n\n // Detect which result type we have\n if (\"publicKeyDid\" in result) {\n // JWS result\n const jwsResult = result as JwsVerificationResult;\n return {\n controllerDid: jwsResult.publicKeyDid,\n subjectDid,\n resourceUrl,\n issuedAt,\n kid: jwsResult.kid,\n publicKeyJwk: jwsResult.publicKeyJwk,\n signer: null,\n };\n }\n\n // EIP-712 result\n const eip712Result = result as { signer: string; payload: Record<string, unknown> };\n const signerAddress = eip712Result.signer.toLowerCase();\n return {\n controllerDid: `did:pkh:eip155:1:${signerAddress}`,\n subjectDid,\n resourceUrl,\n issuedAt,\n kid: null,\n publicKeyJwk: null,\n signer: eip712Result.signer,\n };\n}\n","import canonicalize from \"canonicalize\";\nimport { keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\n\ntype Hex = `0x${string}`;\n\nconst VALID_ALGORITHMS = new Set([\"keccak256\", \"sha256\"]);\n\n/** Maximum JSON nesting depth allowed. */\nconst MAX_JSON_DEPTH = 32;\n\nfunction assertDepthLimit(depth: number, context?: string): void {\n if (depth > MAX_JSON_DEPTH) {\n const msg = context\n ? `JSON nesting depth exceeds maximum of ${MAX_JSON_DEPTH} at ${context}`\n : `JSON nesting depth exceeds maximum of ${MAX_JSON_DEPTH}`;\n throw new OmaTrustError(\"INVALID_INPUT\", msg);\n }\n}\n\n/**\n * Parse JSON strictly, rejecting duplicate keys.\n * Standard JSON.parse() silently accepts duplicates (last-wins).\n * This function detects duplicates at any nesting depth and throws.\n */\nexport function parseJsonStrict(input: string): unknown {\n if (typeof input !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Input must be a string\");\n }\n\n // First pass: detect duplicate keys by scanning object literals\n const seen = new Map<string, Set<string>>();\n let pathStack: string[] = [];\n let depth = 0;\n\n // Use a reviver to track keys at each depth\n const keyTracker = new Map<number, Set<string>>();\n\n // Parse with a reviver that tracks keys per object depth\n // JSON.parse calls the reviver bottom-up, so we use a different approach:\n // scan the raw string for duplicate keys using a state machine.\n const duplicateKeys = detectDuplicateKeys(input);\n if (duplicateKeys.length > 0) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n `Duplicate JSON key${duplicateKeys.length > 1 ? \"s\" : \"\"} detected: ${duplicateKeys.map(k => `\"${k}\"`).join(\", \")}`,\n { duplicateKeys }\n );\n }\n\n try {\n return JSON.parse(input);\n } catch {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Input is not valid JSON\");\n }\n}\n\n/**\n * Detect duplicate keys in a JSON string.\n * Returns an array of key names that appear more than once in any single object.\n */\nfunction detectDuplicateKeys(input: string): string[] {\n const duplicates: string[] = [];\n // Stack of sets — each set tracks keys for the current object nesting level\n const objectKeyStack: Set<string>[] = [];\n let inString = false;\n let escaped = false;\n let currentKey = \"\";\n let collectingKey = false;\n let afterColon = false;\n let i = 0;\n\n while (i < input.length) {\n const ch = input[i];\n\n if (escaped) {\n if (collectingKey) currentKey += ch;\n escaped = false;\n i++;\n continue;\n }\n\n if (ch === \"\\\\\") {\n escaped = true;\n if (collectingKey) currentKey += ch;\n i++;\n continue;\n }\n\n if (ch === '\"') {\n if (!inString) {\n inString = true;\n // If we're in an object context and not after a colon, this is a key\n if (objectKeyStack.length > 0 && !afterColon) {\n collectingKey = true;\n currentKey = \"\";\n }\n } else {\n inString = false;\n if (collectingKey) {\n collectingKey = false;\n const keySet = objectKeyStack[objectKeyStack.length - 1];\n if (keySet.has(currentKey)) {\n if (!duplicates.includes(currentKey)) {\n duplicates.push(currentKey);\n }\n } else {\n keySet.add(currentKey);\n }\n }\n }\n i++;\n continue;\n }\n\n if (inString) {\n if (collectingKey) currentKey += ch;\n i++;\n continue;\n }\n\n // Outside string\n if (ch === \"{\") {\n objectKeyStack.push(new Set());\n assertDepthLimit(objectKeyStack.length);\n afterColon = false;\n } else if (ch === \"}\") {\n objectKeyStack.pop();\n afterColon = objectKeyStack.length > 0; // restore parent context\n } else if (ch === \"[\") {\n // Arrays don't have keys — push a sentinel\n objectKeyStack.push(new Set([\"__array__\"]));\n assertDepthLimit(objectKeyStack.length);\n afterColon = false;\n } else if (ch === \"]\") {\n objectKeyStack.pop();\n afterColon = objectKeyStack.length > 0;\n } else if (ch === \":\") {\n afterColon = true;\n } else if (ch === \",\") {\n afterColon = false;\n }\n\n i++;\n }\n\n return duplicates;\n}\n\n/**\n * Assert that a value is JSON-safe (representable in JSON without lossy conversion).\n * Rejects: undefined, NaN, Infinity, -Infinity, BigInt, functions, symbols, Date objects.\n * These values would be silently coerced or dropped by JSON.stringify / canonicalize.\n */\nexport function assertJsonSafe(value: unknown, path: string = \"$\", depth: number = 0): void {\n assertDepthLimit(depth, path);\n\n if (value === undefined) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: undefined`);\n }\n\n if (value === null) return;\n\n switch (typeof value) {\n case \"string\":\n case \"boolean\":\n return;\n case \"number\":\n if (!Number.isFinite(value)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: ${value} (must be finite number)`);\n }\n return;\n case \"bigint\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: BigInt (use number or string)`);\n case \"function\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: function`);\n case \"symbol\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: Symbol`);\n case \"object\":\n if (value instanceof Date) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: Date (use ISO string or timestamp)`);\n }\n if (value instanceof RegExp) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: RegExp`);\n }\n if (Array.isArray(value)) {\n for (let i = 0; i < value.length; i++) {\n assertJsonSafe(value[i], `${path}[${i}]`, depth + 1);\n }\n return;\n }\n // Plain object\n for (const [key, val] of Object.entries(value)) {\n assertJsonSafe(val, `${path}.${key}`, depth + 1);\n }\n return;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: unknown type \"${typeof value}\"`);\n }\n}\n\nexport function canonicalizeJson(obj: unknown): string {\n assertJsonSafe(obj);\n const jcs = canonicalize(obj);\n if (!jcs) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Object cannot be canonicalized\", { obj });\n }\n return jcs;\n}\n\n/**\n * Canonicalize a JSON object (JCS / RFC 8785) and compute its keccak256 hash.\n * Returns both the canonical JCS string and the 0x-prefixed hash.\n */\nexport function canonicalizeAndKeccak256(obj: unknown): { jcsJson: string; hash: Hex } {\n const jcsJson = canonicalizeJson(obj);\n return {\n jcsJson,\n hash: keccak256(toUtf8Bytes(jcsJson)) as Hex\n };\n}\n\n/** @deprecated Use canonicalizeAndKeccak256 instead. */\nexport function canonicalizeForHash(obj: unknown): { jcsJson: string; hash: Hex } {\n return canonicalizeAndKeccak256(obj);\n}\n\nexport function hashCanonicalizedJson(obj: unknown, algorithm: \"keccak256\" | \"sha256\"): Hex {\n if (!VALID_ALGORITHMS.has(algorithm)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Unsupported hash algorithm: \"${algorithm}\". Must be \"keccak256\" or \"sha256\".`, { algorithm });\n }\n const jcs = canonicalizeJson(obj);\n const bytes = toUtf8Bytes(jcs);\n return (algorithm === \"keccak256\" ? keccak256(bytes) : sha256(bytes)) as Hex;\n}\n","/**\n * did:artifact — Content-Addressed DID Method\n *\n * Implements construction, parsing, and verification for the did:artifact DID method.\n * A did:artifact DID names an immutable byte sequence by its SHA-256 content hash,\n * encoded as a CIDv1 with raw multicodec and base32-lower multibase.\n *\n * Construction:\n * - artifactDidFromBytes: hash raw bytes (binary artifacts)\n * - artifactDidFromJson: canonicalize JSON then hash (JSON artifacts)\n *\n * Verification:\n * - verifyDidArtifact: verify content matches a did:artifact DID\n * (tries canonical JSON first, then raw bytes)\n *\n * Spec: https://oma3dao.github.io/omatrust-docs/specification/did-artifact-method-spec.html\n */\n\nimport { CID } from \"multiformats/cid\";\nimport { sha256 } from \"multiformats/hashes/sha2\";\nimport * as raw from \"multiformats/codecs/raw\";\nimport { base32 } from \"multiformats/bases/base32\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { canonicalizeJson, parseJsonStrict } from \"./data\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Parsed components of a did:artifact DID */\nexport interface ParsedArtifactDid {\n /** The full DID string */\n did: string;\n /** The method-specific identifier (base32-encoded CIDv1) */\n identifier: string;\n /** The SHA-256 digest as a Uint8Array (32 bytes) */\n digest: Uint8Array;\n /** The SHA-256 digest as lowercase hex */\n digestHex: string;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst DID_ARTIFACT_PREFIX = \"did:artifact:\";\n\n/** Expected binary CID length: 1 (version) + 1 (codec) + 2 (multihash header) + 32 (digest) */\nconst EXPECTED_CID_BYTES = 36;\n\n/** CID version 1 */\nconst CID_VERSION = 1;\n\n/** Multicodec for raw (0x55) */\nconst RAW_CODEC = raw.code; // 0x55\n\n/** Multihash function code for sha2-256 (0x12) */\nconst SHA2_256_CODE = 0x12;\n\n/** Expected digest length for SHA-256 */\nconst SHA2_256_DIGEST_LENGTH = 32;\n\n// ---------------------------------------------------------------------------\n// Construction\n// ---------------------------------------------------------------------------\n\n/**\n * Construct a did:artifact DID from raw bytes.\n *\n * Use this when the artifact is a binary blob (installer, archive, image, etc.)\n * where no canonicalization is needed. The bytes are hashed as-is.\n *\n * @param bytes - The artifact's raw octets\n * @returns The did:artifact DID string\n * @throws OmaTrustError if bytes is empty or not a Uint8Array\n */\nexport async function artifactDidFromBytes(bytes: Uint8Array): Promise<string> {\n if (!(bytes instanceof Uint8Array) || bytes.length === 0) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n \"bytes must be a non-empty Uint8Array\"\n );\n }\n\n const digest = await sha256.digest(bytes);\n const cid = CID.createV1(RAW_CODEC, digest);\n return `${DID_ARTIFACT_PREFIX}${cid.toString(base32)}`;\n}\n\n/**\n * Construct a did:artifact DID from a JSON value.\n *\n * The input is canonicalized using JCS (RFC 8785), then the canonical UTF-8 bytes\n * are hashed with SHA-256. If the input is a string, it is parsed strictly\n * (rejecting duplicate keys, non-JSON-safe values, etc.) before canonicalization.\n *\n * Use this when the artifact is a JSON document and you want identity based on\n * the JSON *value* rather than the exact serialization.\n *\n * @param input - A parsed JSON value (object/array/primitive) or a JSON string\n * @returns The did:artifact DID string\n * @throws OmaTrustError if canonicalization fails (malformed JSON, duplicate keys, etc.)\n */\nexport async function artifactDidFromJson(input: unknown): Promise<string> {\n // If input is a string, parse it strictly first\n const value = typeof input === \"string\" ? parseJsonStrict(input) : input;\n\n // Canonicalize — this validates JSON safety and produces JCS output\n const jcs = canonicalizeJson(value);\n const bytes = new TextEncoder().encode(jcs);\n\n const digest = await sha256.digest(bytes);\n const cid = CID.createV1(RAW_CODEC, digest);\n return `${DID_ARTIFACT_PREFIX}${cid.toString(base32)}`;\n}\n\n// ---------------------------------------------------------------------------\n// Parsing\n// ---------------------------------------------------------------------------\n\n/**\n * Parse and validate a did:artifact DID string.\n *\n * Validates:\n * - Correct prefix\n * - Valid base32-lower multibase encoding\n * - CID version 1\n * - Multicodec is raw (0x55)\n * - Multihash function is sha2-256 (0x12) with 32-byte digest\n *\n * @param did - The DID string to parse\n * @returns Parsed components including the SHA-256 digest\n * @throws OmaTrustError if the DID is malformed or uses unsupported parameters\n */\nexport function parseArtifactDid(did: string): ParsedArtifactDid {\n if (typeof did !== \"string\" || !did.startsWith(DID_ARTIFACT_PREFIX)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:artifact DID\", { did });\n }\n\n const identifier = did.slice(DID_ARTIFACT_PREFIX.length);\n if (!identifier || identifier.length === 0) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing method-specific identifier\", { did });\n }\n\n // Must start with 'b' (base32lower multibase prefix)\n if (identifier[0] !== \"b\") {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Invalid multibase prefix \"${identifier[0]}\", expected \"b\" (base32lower)`,\n { did }\n );\n }\n\n // Decode the CID from base32\n let cid: CID;\n try {\n cid = CID.parse(identifier, base32);\n } catch (err) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"Failed to decode base32 CID from did:artifact identifier\",\n { did, cause: err }\n );\n }\n\n // Validate CID version\n if (cid.version !== CID_VERSION) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `CID version must be 1, got ${cid.version}`,\n { did }\n );\n }\n\n // Validate multicodec (raw = 0x55)\n if (cid.code !== RAW_CODEC) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Multicodec must be raw (0x55), got 0x${cid.code.toString(16)}`,\n { did }\n );\n }\n\n // Validate multihash function (sha2-256 = 0x12)\n if (cid.multihash.code !== SHA2_256_CODE) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Multihash function must be sha2-256 (0x12), got 0x${cid.multihash.code.toString(16)}`,\n { did }\n );\n }\n\n // Validate digest length\n if (cid.multihash.digest.length !== SHA2_256_DIGEST_LENGTH) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `SHA-256 digest must be 32 bytes, got ${cid.multihash.digest.length}`,\n { did }\n );\n }\n\n const digest = cid.multihash.digest;\n const digestHex = Array.from(digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n return { did, identifier, digest, digestHex };\n}\n\n// ---------------------------------------------------------------------------\n// Verification\n// ---------------------------------------------------------------------------\n\n/** Result of artifact verification */\nexport interface ArtifactVerificationResult {\n /** Whether the content matches the DID */\n valid: boolean;\n /** Which interpretation matched: \"json\" if canonical JSON matched, \"binary\" if raw bytes matched */\n matchedAs?: \"json\" | \"binary\";\n /** Error reason when valid is false */\n reason?: string;\n}\n\n/**\n * Verify that content matches a did:artifact DID.\n *\n * Verification strategy:\n * 1. Try to interpret the content as JSON: parse strictly, canonicalize, hash, compare.\n * 2. If JSON interpretation fails or doesn't match, hash the raw bytes and compare.\n * 3. If either matches, verification succeeds.\n *\n * This dual approach is necessary because the verifier doesn't know which path\n * (artifactDidFromJson vs artifactDidFromBytes) was used at construction time.\n *\n * @param did - The did:artifact DID to verify against\n * @param content - The candidate content (Uint8Array for binary, or string/object for JSON)\n * @returns Verification result indicating whether and how the content matched\n */\nexport async function verifyDidArtifact(\n did: string,\n content: Uint8Array | string | unknown\n): Promise<ArtifactVerificationResult> {\n // Parse and validate the DID\n let parsed: ParsedArtifactDid;\n try {\n parsed = parseArtifactDid(did);\n } catch (err) {\n return {\n valid: false,\n reason: err instanceof OmaTrustError ? err.message : \"Invalid did:artifact DID\",\n };\n }\n\n const expectedHex = parsed.digestHex;\n\n // Strategy 1: Try JSON canonicalization\n if (typeof content === \"string\" || (typeof content === \"object\" && content !== null && !(content instanceof Uint8Array))) {\n try {\n const value = typeof content === \"string\" ? parseJsonStrict(content) : content;\n const jcs = canonicalizeJson(value);\n const jcsBytes = new TextEncoder().encode(jcs);\n const digest = await sha256.digest(jcsBytes);\n const digestHex = Array.from(digest.digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n if (digestHex === expectedHex) {\n return { valid: true, matchedAs: \"json\" };\n }\n } catch {\n // JSON canonicalization failed — fall through to binary\n }\n }\n\n // Strategy 2: Try raw bytes\n let rawBytes: Uint8Array;\n if (content instanceof Uint8Array) {\n rawBytes = content;\n } else if (typeof content === \"string\") {\n rawBytes = new TextEncoder().encode(content);\n } else {\n // For objects that didn't match as JSON, we can't try binary\n return {\n valid: false,\n reason: \"Content did not match as canonical JSON and is not raw bytes\",\n };\n }\n\n const digest = await sha256.digest(rawBytes);\n const digestHex = Array.from(digest.digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n if (digestHex === expectedHex) {\n return { valid: true, matchedAs: \"binary\" };\n }\n\n return {\n valid: false,\n reason: \"Content does not match the did:artifact identifier (neither as canonical JSON nor as raw bytes)\",\n };\n}\n","/**\n * DID Method Migration Helpers\n *\n * Provides conversion functions for deprecated DID methods:\n * - did:ethr → did:pkh:eip155 (wallet addresses)\n * - did:key → did:jwk (non-blockchain keys)\n *\n * These methods are being deprecated in favor of their canonical replacements.\n * Use these functions to convert existing identifiers to the preferred format.\n */\n\nimport { base58btc } from \"multiformats/bases/base58\";\nimport { isAddress, getAddress } from \"ethers\";\nimport { base64url } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { jwkToDidJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// did:ethr → did:pkh\n// ---------------------------------------------------------------------------\n\n/**\n * Convert a did:ethr DID to the equivalent did:pkh:eip155 DID.\n *\n * did:ethr format: did:ethr:<address> or did:ethr:<chainId>:<address>\n * did:pkh format: did:pkh:eip155:<chainId>:<address>\n *\n * If the did:ethr DID omits the chain ID, defaults to chain 1 (Ethereum mainnet).\n *\n * @param did - A did:ethr DID string\n * @returns The equivalent did:pkh:eip155 DID\n * @throws OmaTrustError if the input is not a valid did:ethr DID\n */\nexport function didEthrToDidPkh(did: string): string {\n if (typeof did !== \"string\" || !did.startsWith(\"did:ethr:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:ethr DID\", { did });\n }\n\n const remainder = did.slice(\"did:ethr:\".length);\n if (!remainder) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing identifier in did:ethr DID\", { did });\n }\n\n let chainId: string;\n let address: string;\n\n // Check for chain-specific format: did:ethr:<network>:<address>\n // Networks can be hex chain IDs (0x1), named networks, or numeric\n const parts = remainder.split(\":\");\n if (parts.length === 1) {\n // did:ethr:<address> — default to chain 1\n chainId = \"1\";\n address = parts[0];\n } else if (parts.length === 2) {\n // did:ethr:<chainId>:<address>\n const rawChainId = parts[0];\n address = parts[1];\n\n // Parse chain ID: support hex (0x1), numeric, and named networks\n if (rawChainId.startsWith(\"0x\")) {\n chainId = String(parseInt(rawChainId, 16));\n } else if (/^\\d+$/.test(rawChainId)) {\n chainId = rawChainId;\n } else {\n // Named networks — map common names\n const networkMap: Record<string, string> = {\n mainnet: \"1\",\n goerli: \"5\",\n sepolia: \"11155111\",\n polygon: \"137\",\n arbitrum: \"42161\",\n optimism: \"10\",\n base: \"8453\",\n };\n const mapped = networkMap[rawChainId.toLowerCase()];\n if (!mapped) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Unknown did:ethr network \"${rawChainId}\"`,\n { did, network: rawChainId }\n );\n }\n chainId = mapped;\n }\n } else {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:ethr format\", { did });\n }\n\n if (!isAddress(address)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid Ethereum address in did:ethr DID\", {\n did,\n address,\n });\n }\n\n const checksummed = getAddress(address);\n return `did:pkh:eip155:${chainId}:${checksummed.toLowerCase()}`;\n}\n\n// ---------------------------------------------------------------------------\n// did:key → did:jwk\n// ---------------------------------------------------------------------------\n\n/**\n * Multicodec prefixes for key types used in did:key.\n * Each prefix identifies the key algorithm and curve.\n */\nconst MULTICODEC_KEY_TYPES: Record<number, { kty: string; crv: string; coordSize?: number }> = {\n // Ed25519 public key: 0xed (varint encoded as [0xed, 0x01])\n 0xed: { kty: \"OKP\", crv: \"Ed25519\" },\n // X25519 public key: 0xec (varint encoded as [0xec, 0x01])\n 0xec: { kty: \"OKP\", crv: \"X25519\" },\n // secp256k1 public key (compressed): 0xe7 (varint encoded as [0xe7, 0x01])\n 0xe7: { kty: \"EC\", crv: \"secp256k1\", coordSize: 33 },\n // P-256 public key (compressed): 0x80 0x24 (varint 0x1200)\n 0x1200: { kty: \"EC\", crv: \"P-256\", coordSize: 33 },\n // P-384 public key (compressed): 0x81 0x24 (varint 0x1201)\n 0x1201: { kty: \"EC\", crv: \"P-384\", coordSize: 49 },\n};\n\n/**\n * Read a varint from a byte array (unsigned LEB128).\n * Returns the decoded value and the number of bytes consumed.\n */\nfunction readVarint(bytes: Uint8Array, offset: number): { value: number; bytesRead: number } {\n let value = 0;\n let shift = 0;\n let bytesRead = 0;\n\n while (offset + bytesRead < bytes.length) {\n const byte = bytes[offset + bytesRead];\n value |= (byte & 0x7f) << shift;\n bytesRead++;\n if ((byte & 0x80) === 0) {\n return { value, bytesRead };\n }\n shift += 7;\n if (shift > 28) {\n throw new OmaTrustError(\"INVALID_DID\", \"Varint too long in did:key multicodec prefix\");\n }\n }\n\n throw new OmaTrustError(\"INVALID_DID\", \"Truncated varint in did:key multicodec prefix\");\n}\n\n/**\n * Decompress a compressed EC public key to x, y coordinates.\n * Supports secp256k1, P-256, and P-384 (all use the same compressed format).\n *\n * For OKP keys (Ed25519, X25519), the raw bytes ARE the public key — no decompression needed.\n */\nfunction decompressEcKey(\n compressedKey: Uint8Array,\n crv: string\n): { x: Uint8Array; y: Uint8Array } {\n // For EC curves, a compressed key is 33 bytes (P-256, secp256k1) or 49 bytes (P-384)\n // Format: 0x02/0x03 prefix + x-coordinate\n // We can't decompress to y without doing the curve math, but for did:jwk we can\n // use the compressed representation directly IF the curve supports it.\n // However, JWK requires uncompressed x and y for EC keys.\n //\n // Since full decompression requires curve-specific modular arithmetic that's complex\n // to implement in pure JS, and the did:key spec stores compressed keys, we'll use\n // a simpler approach: for secp256k1 keys (the most common case in did:ethr migration),\n // we store just the x-coordinate and mark it with the compression prefix.\n //\n // Actually, for did:key → did:jwk conversion, the standard approach is:\n // - Ed25519/X25519: x = raw 32-byte key (base64url encoded)\n // - EC keys: requires the full uncompressed point\n //\n // The practical path: since did:key typically stores compressed EC keys,\n // and converting compressed → uncompressed requires elliptic curve operations,\n // we reject compressed EC keys that we can't fully decompress and suggest\n // using did:pkh for EVM keys instead.\n\n throw new OmaTrustError(\n \"UNSUPPORTED_KEY_TYPE\",\n `Cannot convert compressed EC key (${crv}) from did:key to did:jwk. ` +\n `Decompressing EC points requires elliptic curve arithmetic. ` +\n `For EVM keys, use didEthrToDidPkh() instead.`,\n { crv, keyLength: compressedKey.length }\n );\n}\n\n/**\n * Convert a did:key DID to the equivalent did:jwk DID.\n *\n * did:key encodes a public key as a multicodec-prefixed, base58btc-encoded value.\n * This function decodes the key, identifies the algorithm from the multicodec prefix,\n * constructs a JWK, and wraps it as did:jwk.\n *\n * Supported key types:\n * - Ed25519 (multicodec 0xed)\n * - X25519 (multicodec 0xec)\n *\n * EC keys (secp256k1, P-256, P-384) are stored compressed in did:key and require\n * elliptic curve decompression to produce a valid JWK. This is not supported;\n * use didEthrToDidPkh() for EVM wallet keys instead.\n *\n * @param did - A did:key DID string\n * @returns The equivalent did:jwk DID\n * @throws OmaTrustError if the input is invalid or uses an unsupported key type\n */\nexport function didKeyToDidJwk(did: string): string {\n if (typeof did !== \"string\" || !did.startsWith(\"did:key:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:key DID\", { did });\n }\n\n const identifier = did.slice(\"did:key:\".length);\n if (!identifier || !identifier.startsWith(\"z\")) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"did:key identifier must start with 'z' (base58btc multibase prefix)\",\n { did }\n );\n }\n\n // Decode base58btc (the 'z' prefix is the multibase indicator)\n let decoded: Uint8Array;\n try {\n decoded = base58btc.decode(identifier);\n } catch (err) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"Failed to decode base58btc from did:key identifier\",\n { did, cause: err }\n );\n }\n\n if (decoded.length < 3) {\n throw new OmaTrustError(\"INVALID_DID\", \"did:key decoded bytes too short\", { did });\n }\n\n // Read the multicodec prefix (varint)\n const { value: codecValue, bytesRead } = readVarint(decoded, 0);\n\n const keyType = MULTICODEC_KEY_TYPES[codecValue];\n if (!keyType) {\n throw new OmaTrustError(\n \"UNSUPPORTED_KEY_TYPE\",\n `Unsupported multicodec key type 0x${codecValue.toString(16)} in did:key`,\n { did, codec: `0x${codecValue.toString(16)}` }\n );\n }\n\n // Extract the raw key bytes after the multicodec prefix\n const keyBytes = decoded.slice(bytesRead);\n\n if (keyType.kty === \"OKP\") {\n // Ed25519 or X25519: raw 32-byte key → JWK with x field\n if (keyBytes.length !== 32) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Expected 32-byte ${keyType.crv} key, got ${keyBytes.length} bytes`,\n { did, crv: keyType.crv }\n );\n }\n\n const jwk = {\n kty: keyType.kty,\n crv: keyType.crv,\n x: base64url.encode(keyBytes),\n };\n\n return jwkToDidJwk(jwk);\n }\n\n // EC keys — compressed, need decompression\n return decompressEcKey(keyBytes, keyType.crv).x.toString(); // This throws\n}\n","export * from \"./types\";\n\nexport * from \"./submit\";\nexport * from \"./revoke\";\nexport * from \"./delegated\";\nexport * from \"./query\";\nexport * from \"./verify\";\nexport * from \"./encode\";\nexport * from \"./schema\";\nexport * from \"./witness\";\nexport * from \"./contract-ownership\";\nexport * from \"./attester-authorization\";\nexport * from \"./proof/index\";\nexport * from \"./schema-proof-verification\";\n","import { SchemaEncoder } from \"@ethereum-attestation-service/eas-sdk\";\nimport type { SchemaItem } from \"@ethereum-attestation-service/eas-sdk\";\nimport { isAddress } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { AttestationValidationError, Hex, SchemaField } from \"./types\";\n\nexport function normalizeSchema(schema: SchemaField[] | string): SchemaField[] {\n if (Array.isArray(schema)) {\n if (schema.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schema array cannot be empty\");\n }\n return schema;\n }\n\n if (typeof schema !== \"string\" || schema.trim().length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schema must be a non-empty string or SchemaField[]\");\n }\n\n const fields = schema\n .split(\",\")\n .map((part) => part.trim())\n .filter((part) => part.length > 0)\n .map((part) => {\n const pieces = part.split(/\\s+/);\n if (pieces.length < 2) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid schema field\", { part });\n }\n const type = pieces[0];\n const name = pieces.slice(1).join(\" \");\n return { type, name };\n });\n\n if (fields.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"No schema fields found\");\n }\n\n return fields;\n}\n\nexport function schemaToString(schema: SchemaField[] | string): string {\n if (typeof schema === \"string\") {\n return schema;\n }\n\n return schema.map((field) => `${field.type} ${field.name}`).join(\", \");\n}\n\nexport function encodeAttestationData(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): Hex {\n if (!data || typeof data !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"data must be an object\");\n }\n\n const validationErrors = validateAttestationData(schema, data);\n if (validationErrors.length > 0) {\n const summary = validationErrors\n .map((error) => `Field \"${error.schemaFieldName}\" (${error.expectedType}) got ${error.providedType}`)\n .join(\"; \");\n throw new OmaTrustError(\"INVALID_INPUT\", `Attestation data validation failed: ${summary}`, {\n errors: validationErrors\n });\n }\n\n const fields = normalizeSchema(schema);\n const schemaString = schemaToString(fields);\n const encoder = new SchemaEncoder(schemaString);\n\n const encoded = encoder.encodeData(\n fields.map((field) => ({\n name: field.name,\n type: field.type,\n value: data[field.name]\n })) as SchemaItem[]\n );\n\n return encoded as Hex;\n}\n\nfunction getActualType(value: unknown): string {\n if (value === null) {\n return \"null\";\n }\n if (value === undefined) {\n return \"undefined\";\n }\n if (Array.isArray(value)) {\n return \"array\";\n }\n if (typeof value === \"number\") {\n return Number.isFinite(value) ? \"number\" : \"non-finite-number\";\n }\n return typeof value;\n}\n\nfunction isNumericValue(value: unknown, allowNegative: boolean): boolean {\n if (typeof value === \"bigint\") {\n return allowNegative || value >= 0n;\n }\n\n if (typeof value === \"number\") {\n if (!Number.isFinite(value) || !Number.isInteger(value)) {\n return false;\n }\n return allowNegative || value >= 0;\n }\n\n if (typeof value === \"string\") {\n if (value.length === 0) {\n return false;\n }\n const pattern = allowNegative ? /^-?\\d+$/ : /^\\d+$/;\n return pattern.test(value);\n }\n\n return false;\n}\n\nfunction isHex(value: unknown): value is string {\n return typeof value === \"string\" && /^0x[0-9a-fA-F]*$/.test(value);\n}\n\nfunction validateFieldValue(type: string, value: unknown): boolean {\n const normalizedType = type.trim().toLowerCase();\n const bytesNMatch = normalizedType.match(/^bytes([1-9]|[12]\\d|3[0-2])$/);\n\n if (/^uint\\d*$/.test(normalizedType)) {\n return isNumericValue(value, false);\n }\n\n if (/^int\\d*$/.test(normalizedType)) {\n return isNumericValue(value, true);\n }\n\n if (normalizedType === \"string\") {\n return typeof value === \"string\";\n }\n\n if (normalizedType === \"string[]\") {\n return Array.isArray(value) && value.every((entry) => typeof entry === \"string\");\n }\n\n if (normalizedType === \"bool\") {\n return typeof value === \"boolean\";\n }\n\n if (normalizedType === \"address\") {\n return typeof value === \"string\" && isAddress(value);\n }\n\n if (normalizedType === \"bytes\") {\n return isHex(value) && (value.length - 2) % 2 === 0;\n }\n\n if (bytesNMatch) {\n const expectedBytes = Number(bytesNMatch[1]);\n return isHex(value) && value.length === 2 + expectedBytes * 2;\n }\n\n return true;\n}\n\nexport function validateAttestationData(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): AttestationValidationError[] {\n if (!data || typeof data !== \"object\") {\n return [{\n schemaFieldName: \"data\",\n expectedType: \"object\",\n providedType: getActualType(data),\n providedValue: data\n }];\n }\n\n const fields = normalizeSchema(schema);\n const errors: AttestationValidationError[] = [];\n\n for (const field of fields) {\n const value = data[field.name];\n const isValid = validateFieldValue(field.type, value);\n if (isValid) {\n continue;\n }\n\n errors.push({\n schemaFieldName: field.name,\n expectedType: field.type,\n providedType: getActualType(value),\n providedValue: value\n });\n }\n\n return errors;\n}\n\nexport function decodeAttestationData(\n schema: SchemaField[] | string,\n encodedData: Hex\n): Record<string, unknown> {\n if (typeof encodedData !== \"string\" || !encodedData.startsWith(\"0x\")) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"encodedData must be a hex string\");\n }\n\n const fields = normalizeSchema(schema);\n const schemaString = schemaToString(fields);\n const encoder = new SchemaEncoder(schemaString);\n const decoded = encoder.decodeData(encodedData);\n\n const result: Record<string, unknown> = {};\n for (const item of decoded as Array<{ name: string; value: unknown }>) {\n const value = item.value as { value?: unknown } | unknown;\n if (value && typeof value === \"object\" && \"value\" in (value as Record<string, unknown>)) {\n result[item.name] = (value as { value: unknown }).value;\n } else {\n result[item.name] = value;\n }\n }\n\n return result;\n}\n\nexport function extractExpirationTime(\n data: Record<string, unknown>\n): bigint | number | undefined {\n const value = data[\"expiresAt\"];\n if (value === undefined || value === null) return undefined;\n if (typeof value === \"bigint\") return value;\n if (typeof value === \"number\") return value;\n if (typeof value === \"string\" && /^\\d+$/.test(value)) return BigInt(value);\n return undefined;\n}\n","import { ZeroAddress, getAddress, isAddress } from \"ethers\";\nimport { computeDidAddress, computeDidHash, didToAddress } from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { Hex, SchemaField } from \"./types\";\nimport { normalizeSchema } from \"./encode\";\n\nexport const ZERO_UID = \"0x0000000000000000000000000000000000000000000000000000000000000000\" as Hex;\n\nexport function toBigIntOrDefault(value: bigint | number | undefined, fallback: bigint): bigint {\n if (value === undefined || value === null) {\n return fallback;\n }\n return typeof value === \"bigint\" ? value : BigInt(Math.floor(value));\n}\n\nexport function normalizeHex32(value: string, field: string): Hex {\n const normalized = value.startsWith(\"0x\") ? value : `0x${value}`;\n if (!/^0x[0-9a-fA-F]{64}$/.test(normalized)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `${field} must be a 32-byte hex string`, { value });\n }\n return normalized as Hex;\n}\n\nexport function withAutoSubjectDidHash(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): Record<string, unknown> {\n const fields = normalizeSchema(schema);\n const hasSubjectDidHash = fields.some((field) => field.name === \"subjectDidHash\");\n if (!hasSubjectDidHash) {\n return { ...data };\n }\n\n const subject = data.subject;\n if (typeof subject === \"string\" && subject.startsWith(\"did:\")) {\n return {\n ...data,\n subjectDidHash: computeDidHash(subject)\n };\n }\n\n return { ...data };\n}\n\nexport function resolveRecipientAddress(data: Record<string, unknown>): string {\n const subject = data.subject;\n if (typeof subject === \"string\" && subject.startsWith(\"did:\")) {\n return didToAddress(subject);\n }\n\n const subjectDidHash = data.subjectDidHash;\n if (typeof subjectDidHash === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(subjectDidHash)) {\n return computeDidAddress(subjectDidHash as Hex);\n }\n\n const recipient = data.recipient;\n if (typeof recipient === \"string\" && isAddress(recipient)) {\n return getAddress(recipient);\n }\n\n return ZeroAddress;\n}\n\nexport function parseProofsField(data: Record<string, unknown>): unknown[] {\n const proofs = data.proofs;\n if (!Array.isArray(proofs)) {\n return [];\n }\n\n return proofs.map((entry) => {\n if (typeof entry === \"string\") {\n try {\n return JSON.parse(entry);\n } catch {\n return entry;\n }\n }\n return entry;\n });\n}\n","import type { Hex } from \"./types\";\n\ntype UnknownRecord = Record<string, unknown>;\n\nfunction isRecord(value: unknown): value is UnknownRecord {\n return Boolean(value) && typeof value === \"object\";\n}\n\nfunction isHex32(value: unknown): value is Hex {\n return typeof value === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(value);\n}\n\nexport function getEasTransactionReceipt(tx: unknown): UnknownRecord | undefined {\n if (!isRecord(tx)) {\n return undefined;\n }\n\n const candidates: unknown[] = [tx.receipt, tx.tx, tx.transaction];\n for (const candidate of candidates) {\n if (isRecord(candidate)) {\n return candidate;\n }\n }\n\n return undefined;\n}\n\nexport function getEasTransactionHash(tx: unknown): Hex | undefined {\n const receipt = getEasTransactionReceipt(tx);\n if (receipt) {\n const receiptHash = receipt.hash;\n if (isHex32(receiptHash)) {\n return receiptHash;\n }\n const transactionHash = receipt.transactionHash;\n if (isHex32(transactionHash)) {\n return transactionHash;\n }\n }\n\n if (isRecord(tx) && isHex32(tx.hash)) {\n return tx.hash;\n }\n\n return undefined;\n}\n\nexport function isEasSchemaNotFoundError(err: unknown): boolean {\n if (!isRecord(err)) {\n return false;\n }\n\n const message = err.message;\n if (typeof message !== \"string\" || message.length === 0) {\n return false;\n }\n\n return /schema not found/i.test(message);\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { ZeroAddress } from \"ethers\";\nimport { encodeAttestationData, extractExpirationTime } from \"./encode\";\nimport { withAutoSubjectDidHash, resolveRecipientAddress, toBigIntOrDefault, ZERO_UID } from \"./internal\";\nimport { getEasTransactionHash, getEasTransactionReceipt } from \"./eas-adapter\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { SubmitAttestationParams, SubmitAttestationResult, Hex } from \"./types\";\n\nexport async function submitAttestation(\n params: SubmitAttestationParams\n): Promise<SubmitAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params must be provided\");\n }\n\n if (!params.signer) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer is required\");\n }\n\n const dataWithHash = withAutoSubjectDidHash(params.schema, params.data);\n const encodedData = encodeAttestationData(params.schema, dataWithHash);\n const expiration = toBigIntOrDefault(\n params.expirationTime ?? extractExpirationTime(dataWithHash),\n 0n\n );\n const recipient = resolveRecipientAddress(dataWithHash);\n\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.signer as never);\n\n try {\n const tx = await eas.attest({\n schema: params.schemaUid,\n data: {\n recipient: recipient || ZeroAddress,\n expirationTime: expiration,\n revocable: params.revocable ?? true,\n refUID: params.refUid ?? ZERO_UID,\n data: encodedData,\n value: toBigIntOrDefault(params.value, 0n)\n }\n });\n\n const uid = (await tx.wait()) as Hex;\n const txHash = getEasTransactionHash(tx) ?? ZERO_UID;\n const receipt = getEasTransactionReceipt(tx);\n\n return {\n uid,\n txHash,\n receipt\n };\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to submit attestation\", { err });\n }\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { getEasTransactionHash, getEasTransactionReceipt } from \"./eas-adapter\";\nimport { toBigIntOrDefault, ZERO_UID } from \"./internal\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { RevokeAttestationParams, RevokeAttestationResult } from \"./types\";\n\nexport async function revokeAttestation(\n params: RevokeAttestationParams\n): Promise<RevokeAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params must be provided\");\n }\n\n if (!params.signer) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer is required\");\n }\n\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.signer as never);\n\n try {\n const tx = await eas.revoke({\n schema: params.schemaUid,\n data: {\n uid: params.uid,\n value: toBigIntOrDefault(params.value, 0n)\n }\n });\n\n await tx.wait();\n const txHash = getEasTransactionHash(tx) ?? ZERO_UID;\n const receipt = getEasTransactionReceipt(tx);\n\n return {\n txHash,\n receipt\n };\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to revoke attestation\", { err });\n }\n}\n","import { Signature } from \"ethers\";\nimport { encodeAttestationData, extractExpirationTime } from \"./encode\";\nimport { resolveRecipientAddress, toBigIntOrDefault, withAutoSubjectDidHash, ZERO_UID } from \"./internal\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type {\n BuildDelegatedTypedDataFromEncodedParams,\n Hex,\n PrepareDelegatedAttestationParams,\n PrepareDelegatedAttestationResult,\n RelayErrorDetails,\n RelayMetadata,\n SubmitDelegatedAttestationParams,\n SubmitDelegatedAttestationResult\n} from \"./types\";\n\ntype BuildDelegatedTypedDataParams = {\n chainId: number;\n easContractAddress: Hex;\n schemaUid: Hex;\n encodedData: Hex;\n recipient: string;\n attester: Hex;\n nonce: bigint | number;\n revocable?: boolean;\n expirationTime?: bigint | number;\n refUid?: Hex;\n value?: bigint | number;\n deadline?: bigint | number;\n};\n\nfunction buildDelegatedTypedData(\n params: BuildDelegatedTypedDataParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n return {\n domain: {\n name: \"EAS\",\n version: \"1.4.0\",\n chainId: params.chainId,\n verifyingContract: params.easContractAddress\n },\n types: {\n Attest: [\n { name: \"attester\", type: \"address\" },\n { name: \"schema\", type: \"bytes32\" },\n { name: \"recipient\", type: \"address\" },\n { name: \"expirationTime\", type: \"uint64\" },\n { name: \"revocable\", type: \"bool\" },\n { name: \"refUID\", type: \"bytes32\" },\n { name: \"data\", type: \"bytes\" },\n { name: \"value\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint64\" }\n ]\n },\n message: {\n attester: params.attester,\n schema: params.schemaUid,\n recipient: params.recipient,\n expirationTime: toBigIntOrDefault(params.expirationTime, 0n),\n revocable: params.revocable ?? true,\n refUID: params.refUid ?? ZERO_UID,\n data: params.encodedData,\n value: toBigIntOrDefault(params.value, 0n),\n nonce: toBigIntOrDefault(params.nonce, 0n),\n deadline: toBigIntOrDefault(params.deadline, BigInt(Math.floor(Date.now() / 1000) + 600))\n }\n };\n}\n\nexport function buildDelegatedAttestationTypedData(\n params: PrepareDelegatedAttestationParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n const dataWithHash = withAutoSubjectDidHash(params.schema, params.data);\n const encodedData = encodeAttestationData(params.schema, dataWithHash);\n const recipient = resolveRecipientAddress(dataWithHash);\n\n return buildDelegatedTypedData({\n chainId: params.chainId,\n easContractAddress: params.easContractAddress,\n schemaUid: params.schemaUid,\n encodedData,\n recipient,\n attester: params.attester,\n nonce: params.nonce,\n revocable: params.revocable,\n expirationTime: params.expirationTime ?? extractExpirationTime(dataWithHash),\n refUid: params.refUid,\n value: params.value,\n deadline: params.deadline\n });\n}\n\nexport function buildDelegatedTypedDataFromEncoded(\n params: BuildDelegatedTypedDataFromEncodedParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n return buildDelegatedTypedData({\n chainId: params.chainId,\n easContractAddress: params.easContractAddress,\n schemaUid: params.schemaUid,\n encodedData: params.encodedData,\n recipient: params.recipient,\n attester: params.attester,\n nonce: params.nonce,\n revocable: params.revocable,\n expirationTime: params.expirationTime,\n refUid: params.refUid,\n value: params.value,\n deadline: params.deadline\n });\n}\n\nexport function splitSignature(signature: Hex | string): { v: number; r: Hex; s: Hex } {\n try {\n const parsed = Signature.from(signature as string);\n return {\n v: parsed.v,\n r: parsed.r as Hex,\n s: parsed.s as Hex\n };\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid signature\", { err });\n }\n}\n\nexport async function prepareDelegatedAttestation(\n params: PrepareDelegatedAttestationParams\n): Promise<PrepareDelegatedAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params are required\");\n }\n\n const typedData = buildDelegatedAttestationTypedData(params);\n\n return {\n delegatedRequest: {\n schema: params.schemaUid,\n attester: params.attester,\n easContractAddress: params.easContractAddress,\n chainId: params.chainId,\n ...typedData.message\n },\n typedData\n };\n}\n\nexport async function submitDelegatedAttestation(\n params: SubmitDelegatedAttestationParams\n): Promise<SubmitDelegatedAttestationResult> {\n if (!params.relayUrl || typeof params.relayUrl !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"relayUrl is required\");\n }\n\n let response: Response;\n try {\n const body = JSON.stringify(\n {\n prepared: params.prepared,\n signature: params.signature,\n attester: params.attester\n },\n (_key, value) => (typeof value === \"bigint\" ? value.toString() : value)\n );\n\n response = await fetch(params.relayUrl, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to submit delegated attestation\", { err });\n }\n\n let payload: Record<string, unknown>;\n try {\n payload = (await response.json()) as Record<string, unknown>;\n } catch {\n payload = {};\n }\n\n if (!response.ok) {\n const relayError: RelayErrorDetails = {\n httpStatus: response.status,\n code: payload.code as string | undefined,\n error: (payload.error as string | undefined) ?? (payload.message as string | undefined),\n payload\n };\n throw new OmaTrustError(\"RELAY_ERROR\", `Relay submission failed (HTTP ${response.status})`, relayError);\n }\n\n const uid = ((payload.uid as string | undefined) ?? ZERO_UID) as Hex;\n const txHash = payload.txHash as Hex | undefined;\n\n // Infer status from relay response semantics\n const hasConfirmationSignals =\n payload.status === \"confirmed\" ||\n payload.success === true ||\n typeof payload.blockNumber === \"number\";\n const status: \"submitted\" | \"confirmed\" = hasConfirmationSignals ? \"confirmed\" : \"submitted\";\n\n // Extract relay metadata (blockNumber, chain, success, and any extra fields)\n const relay: RelayMetadata = {};\n if (typeof payload.blockNumber === \"number\") relay.blockNumber = payload.blockNumber;\n if (typeof payload.chain === \"string\") relay.chain = payload.chain;\n if (typeof payload.success === \"boolean\") relay.success = payload.success;\n // Preserve any additional relay-specific fields consumers might need\n for (const key of Object.keys(payload)) {\n if (![\"uid\", \"txHash\", \"status\", \"blockNumber\", \"chain\", \"success\"].includes(key)) {\n relay[key] = payload[key];\n }\n }\n\n const result: SubmitDelegatedAttestationResult = { uid, txHash, status };\n if (Object.keys(relay).length > 0) {\n result.relay = relay;\n }\n return result;\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { Contract } from \"ethers\";\nimport { didToAddress } from \"../identity/did\";\nimport { decodeAttestationData } from \"./encode\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type {\n AttestationQueryResult,\n GetAttestationsByAttesterParams,\n GetAttestationParams,\n Hex,\n ListAttestationsParams,\n SchemaField\n} from \"./types\";\n\nconst EAS_EVENT_ABI = [\n \"event Attested(address indexed recipient, address indexed attester, bytes32 uid, bytes32 indexed schemaUID)\"\n];\n\nfunction parseEventTxHash(event: unknown): Hex | undefined {\n const txHash = (event as { transactionHash?: unknown }).transactionHash;\n if (typeof txHash !== \"string\") {\n return undefined;\n }\n return /^0x[0-9a-fA-F]{64}$/.test(txHash) ? (txHash as Hex) : undefined;\n}\n\nfunction parseAttestation(\n attestation: Record<string, unknown>,\n schema?: SchemaField[] | string,\n txHash?: Hex\n): AttestationQueryResult {\n const rawData = (attestation.data as Hex | undefined) ?? (\"0x\" as Hex);\n const decoded = schema ? decodeAttestationData(schema, rawData) : {};\n const toBigIntSafe = (value: unknown): bigint => {\n if (typeof value === \"bigint\") {\n return value;\n }\n if (typeof value === \"number\") {\n return BigInt(value);\n }\n if (typeof value === \"string\" && value.length > 0) {\n return BigInt(value);\n }\n return 0n;\n };\n\n return {\n uid: attestation.uid as Hex,\n schema: attestation.schema as Hex,\n attester: attestation.attester as Hex,\n recipient: attestation.recipient as Hex,\n txHash,\n revocable: Boolean(attestation.revocable),\n revocationTime: toBigIntSafe(attestation.revocationTime),\n expirationTime: toBigIntSafe(attestation.expirationTime),\n time: toBigIntSafe(attestation.time),\n refUID: attestation.refUID as Hex,\n data: decoded,\n raw: schema ? undefined : rawData\n };\n}\n\nexport async function getAttestation(\n params: GetAttestationParams\n): Promise<AttestationQueryResult> {\n try {\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.provider as never);\n const attestation = (await eas.getAttestation(params.uid)) as unknown as Record<string, unknown> | null;\n\n if (!attestation || !attestation.uid || String(attestation.uid) === \"0x\".padEnd(66, \"0\")) {\n throw new OmaTrustError(\"ATTESTATION_NOT_FOUND\", \"Attestation not found\", { uid: params.uid });\n }\n\n return parseAttestation(attestation, params.schema);\n } catch (err) {\n if (err instanceof OmaTrustError) {\n throw err;\n }\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to read attestation\", { err });\n }\n}\n\nasync function queryAttestationEvents(\n easContractAddress: Hex,\n provider: never,\n fromBlock: number,\n toBlock: number,\n options?: { recipient?: string | null; attester?: string | null; schemas?: Hex[] }\n): Promise<AttestationQueryResult[]> {\n const contract = new Contract(easContractAddress, EAS_EVENT_ABI, provider);\n const filter = contract.filters.Attested(options?.recipient ?? null, options?.attester ?? null);\n\n let events;\n try {\n events = await contract.queryFilter(filter, fromBlock, toBlock);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to query attestation events\", { err });\n }\n\n const eas = new EAS(easContractAddress);\n eas.connect(provider);\n\n const schemaFilter = options?.schemas?.map((s) => s.toLowerCase());\n const results: AttestationQueryResult[] = [];\n\n for (const event of events) {\n if (!((\"args\" in event) && Array.isArray(event.args))) {\n continue;\n }\n const args = event.args as unknown[];\n const uid = args?.[2] as Hex | undefined;\n const schemaUid = args?.[3] as Hex | undefined;\n\n if (!uid || !schemaUid) {\n continue;\n }\n\n if (schemaFilter && !schemaFilter.includes(schemaUid.toLowerCase())) {\n continue;\n }\n\n const attestation = (await eas.getAttestation(uid)) as unknown as Record<string, unknown> | null;\n if (!attestation || !attestation.uid) {\n continue;\n }\n\n results.push(parseAttestation(attestation, undefined, parseEventTxHash(event)));\n }\n\n results.sort((a, b) => Number(b.time - a.time));\n return results;\n}\n\nexport async function getAttestationsForDid(\n params: ListAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = params.toBlock ?? (await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber());\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n return queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { recipient: didToAddress(params.subjectDid), schemas: params.schemas }\n );\n}\n\nexport async function getAttestationsByAttester(\n params: GetAttestationsByAttesterParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = params.toBlock ?? (await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber());\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n\n if (params.limit !== undefined && params.limit <= 0) {\n return [];\n }\n\n const results = await queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { attester: params.attester, schemas: params.schemas }\n );\n\n return params.limit !== undefined ? results.slice(0, params.limit) : results;\n}\n\nexport async function listAttestations(\n params: ListAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const limit = params.limit ?? 20;\n if (limit <= 0) {\n return [];\n }\n\n const results = await getAttestationsForDid(params);\n return results.slice(0, limit);\n}\n\nexport type GetLatestAttestationsParams = {\n provider: unknown;\n easContractAddress: Hex;\n schemas?: Hex[];\n limit?: number;\n fromBlock?: number;\n};\n\nexport async function getLatestAttestations(\n params: GetLatestAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber();\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n\n const results = await queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { schemas: params.schemas }\n );\n\n return results.slice(0, params.limit ?? 20);\n}\n\nexport function deduplicateReviews(attestations: AttestationQueryResult[]): AttestationQueryResult[] {\n const seen = new Map<string, AttestationQueryResult>();\n\n for (const attestation of attestations) {\n const subject = String(attestation.data.subject ?? \"\");\n const version = String(attestation.data.version ?? \"\");\n const major = getMajorVersion(version);\n const key = `${attestation.attester.toLowerCase()}|${subject}|${major}`;\n\n if (!seen.has(key)) {\n seen.set(key, attestation);\n continue;\n }\n\n const current = seen.get(key)!;\n if (attestation.time > current.time) {\n seen.set(key, attestation);\n }\n }\n\n return [...seen.values()];\n}\n\nexport function calculateAverageUserReviewRating(attestations: AttestationQueryResult[]): number {\n const deduped = deduplicateReviews(attestations);\n const ratings = deduped\n .map((attestation) => attestation.data.ratingValue)\n .filter((value) => typeof value === \"number\" || typeof value === \"bigint\")\n .map((value) => Number(value));\n\n if (ratings.length === 0) {\n return 0;\n }\n\n const total = ratings.reduce((sum, value) => sum + value, 0);\n return total / ratings.length;\n}\n\nexport function getMajorVersion(version: string): number {\n const match = version.match(/^(\\d+)/);\n if (!match) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid semantic version\", { version });\n }\n return Number(match[1]);\n}\n","import canonicalize from \"canonicalize\";\nimport { formatUnits, keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { buildEvmDidPkh, computeDidHash } from \"../../identity/did\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { ChainConstants, Hex, ProofPurpose, TxEncodedValueProof } from \"../types\";\n\ntype ChainConfig = {\n decimals: number;\n nativeSymbol: string;\n explorer: string;\n base: Record<ProofPurpose, bigint>;\n};\n\nconst CHAIN_CONFIGS: Record<number, ChainConfig> = {\n 1: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 10: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://optimistic.etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 137: {\n decimals: 18,\n nativeSymbol: \"POL\",\n explorer: \"https://polygonscan.com\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 8453: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://basescan.org\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 42161: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://arbiscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 11155111: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://sepolia.etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 6623: {\n decimals: 18,\n nativeSymbol: \"OMA\",\n explorer: \"https://explorer.chain.oma3.org\",\n base: {\n \"shared-control\": 10000000000000000n,\n \"commercial-tx\": 100000000000000n\n }\n },\n 66238: {\n decimals: 18,\n nativeSymbol: \"OMA\",\n explorer: \"https://explorer.testnet.chain.oma3.org\",\n base: {\n \"shared-control\": 10000000000000000n,\n \"commercial-tx\": 100000000000000n\n }\n }\n};\n\nconst AMOUNT_DOMAIN = \"OMATrust:Amount:v1\";\n\nfunction getConfig(chainId: number): ChainConfig {\n const config = CHAIN_CONFIGS[chainId];\n if (!config) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", \"Chain is not supported\", {\n chainId,\n supported: getSupportedChainIds()\n });\n }\n return config;\n}\n\nexport function getSupportedChainIds(): number[] {\n return Object.keys(CHAIN_CONFIGS).map((id) => Number(id));\n}\n\nexport function isChainSupported(chainId: number): boolean {\n return chainId in CHAIN_CONFIGS;\n}\n\nexport function getChainConstants(chainId: number, purpose: ProofPurpose): ChainConstants {\n const config = getConfig(chainId);\n const base = config.base[purpose];\n const range = base / 10n;\n return {\n base,\n range,\n decimals: config.decimals,\n nativeSymbol: config.nativeSymbol\n };\n}\n\nexport function constructSeed(\n subjectDidHash: Hex,\n counterpartyDidHash: Hex,\n purpose: ProofPurpose\n): Uint8Array {\n const seed = {\n domain: AMOUNT_DOMAIN,\n subjectDidHash,\n counterpartyIdHash: counterpartyDidHash,\n proofPurpose: purpose\n };\n\n const canonical = canonicalize(seed);\n if (!canonical) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Failed to canonicalize seed\");\n }\n\n return toUtf8Bytes(canonical);\n}\n\nexport function hashSeed(seedBytes: Uint8Array, chainId: number): Hex {\n if (!isChainSupported(chainId)) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", \"Chain is not supported\", { chainId });\n }\n\n // OMATrust currently supports EVM chains in this SDK.\n if (chainId === 0) {\n return sha256(seedBytes) as Hex;\n }\n\n return keccak256(seedBytes) as Hex;\n}\n\nexport function calculateTransferAmount(\n subject: string,\n counterparty: string,\n chainId: number,\n purpose: ProofPurpose\n): bigint {\n const { base, range } = getChainConstants(chainId, purpose);\n const subjectDidHash = computeDidHash(subject);\n const counterpartyDidHash = computeDidHash(counterparty);\n const seed = constructSeed(subjectDidHash, counterpartyDidHash, purpose);\n const hashed = hashSeed(seed, chainId);\n const offset = BigInt(hashed) % range;\n return base + offset;\n}\n\nexport function calculateTransferAmountFromAddresses(\n subjectAddress: string,\n counterpartyAddress: string,\n chainId: number,\n purpose: ProofPurpose\n): bigint {\n return calculateTransferAmount(\n buildEvmDidPkh(chainId, subjectAddress),\n buildEvmDidPkh(chainId, counterpartyAddress),\n chainId,\n purpose\n );\n}\n\nexport function createTxEncodedValueProof(\n chainId: number,\n txHash: Hex,\n purpose: ProofPurpose\n): TxEncodedValueProof {\n if (!/^0x[0-9a-fA-F]{64}$/.test(txHash)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"txHash must be a 32-byte hex string\", { txHash });\n }\n\n return {\n proofType: \"tx-encoded-value\",\n proofPurpose: purpose,\n proofObject: {\n chainId: `eip155:${chainId}`,\n txHash\n },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n\nexport function formatTransferAmount(amount: bigint | number, chainId: number): string {\n const config = getConfig(chainId);\n const normalized = typeof amount === \"number\" ? BigInt(Math.floor(amount)) : amount;\n return `${formatUnits(normalized, config.decimals)} ${config.nativeSymbol}`;\n}\n\nexport function getExplorerTxUrl(chainId: number, txHash: Hex): string {\n return `${getConfig(chainId).explorer}/tx/${txHash}`;\n}\n\nexport function getExplorerAddressUrl(chainId: number, address: string): string {\n return `${getConfig(chainId).explorer}/address/${address}`;\n}\n","import { getAddress, isAddress } from \"ethers\";\nimport { extractAddressFromDid, extractDidMethod } from \"../../identity/did\";\nimport { didJwkToJwk, publicJwkEquals } from \"../../identity/jwk\";\nimport type { Did } from \"../types\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport { fetchDidDocument } from \"../../shared/did-document\";\n\nexport { fetchDidDocument };\n\nexport interface VerifyDidJsonControllerDidOptions {\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\n/**\n * Extract EVM addresses from a DID document's verification methods.\n * Looks at blockchainAccountId and publicKeyHex fields.\n */\nexport function extractEvmAddressesFromDidDocument(didDocument: Record<string, unknown>): string[] {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return [];\n }\n\n const addresses = new Set<string>();\n\n for (const method of methods as Array<Record<string, unknown>>) {\n // Extract from blockchainAccountId (CAIP-10 format, strip chain prefix)\n const blockchainAccountId = method.blockchainAccountId;\n if (typeof blockchainAccountId === \"string\") {\n try {\n addresses.add(getAddress(extractAddressFromDid(blockchainAccountId)));\n } catch {\n // ignore — not a valid EVM address\n }\n }\n\n // Extract from publicKeyHex\n const publicKeyHex = method.publicKeyHex;\n if (typeof publicKeyHex === \"string\") {\n const prefixed = publicKeyHex.startsWith(\"0x\") ? publicKeyHex : `0x${publicKeyHex}`;\n if (isAddress(prefixed)) {\n addresses.add(getAddress(prefixed));\n }\n }\n }\n\n return [...addresses];\n}\n\n/**\n * Extract public JWKs from a DID document's verification methods.\n */\nexport function extractJwksFromDidDocument(\n didDocument: Record<string, unknown>\n): Array<Record<string, unknown>> {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return [];\n }\n\n const jwks: Array<Record<string, unknown>> = [];\n\n for (const method of methods as Array<Record<string, unknown>>) {\n const publicKeyJwk = method.publicKeyJwk;\n if (publicKeyJwk && typeof publicKeyJwk === \"object\" && !Array.isArray(publicKeyJwk)) {\n jwks.push(publicKeyJwk as Record<string, unknown>);\n }\n }\n\n return jwks;\n}\n\n/**\n * Verify that a controller DID is present in a DID document.\n *\n * Matching strategies:\n * - did:pkh (EVM): extract address and compare against blockchainAccountId / publicKeyHex\n * in verification methods. Chain ID is ignored (same address across all EVM chains).\n * - did:jwk: decode the JWK from the DID and compare against publicKeyJwk fields\n * in verification methods.\n */\nexport function verifyDidDocumentControllerDid(\n didDocument: Record<string, unknown>,\n expectedControllerDid: Did\n): { valid: boolean; reason?: string } {\n const method = extractDidMethod(expectedControllerDid);\n\n // did:jwk — match by public key material\n if (method === \"jwk\") {\n try {\n const expectedJwk = didJwkToJwk(expectedControllerDid);\n const documentJwks = extractJwksFromDidDocument(didDocument);\n\n for (const docJwk of documentJwks) {\n try {\n if (publicJwkEquals(docJwk, expectedJwk)) {\n return { valid: true };\n }\n } catch {\n // JWK comparison failed for this method — continue\n }\n }\n\n return {\n valid: false,\n reason: \"No matching publicKeyJwk found in DID document verification methods\",\n };\n } catch {\n return {\n valid: false,\n reason: \"Failed to decode did:jwk controller DID\",\n };\n }\n }\n\n // did:pkh and other address-based methods — match by EVM address\n let expectedAddress: string;\n try {\n expectedAddress = getAddress(extractAddressFromDid(expectedControllerDid));\n } catch {\n return { valid: false, reason: \"Controller DID does not resolve to an EVM address and is not did:jwk\" };\n }\n\n const addresses = extractEvmAddressesFromDidDocument(didDocument);\n if (addresses.some((address) => address.toLowerCase() === expectedAddress.toLowerCase())) {\n return { valid: true };\n }\n\n return {\n valid: false,\n reason: `No matching address found in DID document (expected ${expectedAddress})`,\n };\n}\n\nexport async function verifyDidJsonControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDidJsonControllerDidOptions = {}\n): Promise<{ valid: boolean; reason?: string }> {\n if (!domain || typeof domain !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"domain must be a non-empty string\", { domain });\n }\n\n const didDocument = options.fetchDidDocument\n ? await options.fetchDidDocument(domain)\n : await fetchDidDocument(domain);\n\n return verifyDidDocumentControllerDid(didDocument, expectedControllerDid);\n}\n","import { verifyTypedData } from \"ethers\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Hex } from \"../types\";\n\nexport function buildEip712Domain(\n name: string,\n version: string,\n chainId: number,\n verifyingContract: Hex\n): { name: string; version: string; chainId: number; verifyingContract: Hex } {\n return { name, version, chainId, verifyingContract };\n}\n\nexport function getOmaTrustProofEip712Types(): {\n primaryType: string;\n types: Record<string, Array<{ name: string; type: string }>>;\n} {\n return {\n primaryType: \"OmaTrustProof\",\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" }\n ]\n }\n };\n}\n\nexport function verifyEip712Signature(\n typedData: {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n },\n signature: Hex | string\n): { valid: boolean; signer?: string } {\n try {\n const signer = verifyTypedData(\n typedData.domain,\n typedData.types as Record<string, Array<{ name: string; type: string }>>,\n typedData.message,\n signature\n );\n\n return { valid: true, signer };\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Failed to verify EIP-712 signature\", { err });\n }\n}\n","import { normalizeDid } from \"../../identity/did\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Did } from \"../types\";\n\nexport interface DnsTxtRecordResult {\n version?: string;\n /**\n * @deprecated Use `controllers` instead. This field only returns the first\n * controller value and will be removed in a future release.\n */\n controller?: Did;\n /**\n * All controller DIDs found in the record.\n * A DNS TXT record may contain multiple controller= entries.\n */\n controllers: Did[];\n}\n\nexport function parseDnsTxtRecord(record: string): DnsTxtRecordResult {\n if (!record || typeof record !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"record must be a non-empty string\", { record });\n }\n\n const entries = record\n .split(/[;\\s]+/)\n .map((entry) => entry.trim())\n .filter(Boolean);\n\n const parsed: Record<string, string | undefined> = {};\n const controllers: Did[] = [];\n\n for (const entry of entries) {\n const eqIndex = entry.indexOf(\"=\");\n if (eqIndex === -1) continue;\n const key = entry.slice(0, eqIndex).trim();\n const value = entry.slice(eqIndex + 1).trim();\n if (!key || !value) continue;\n\n if (key === \"controller\") {\n controllers.push(value);\n } else {\n parsed[key] = value;\n }\n }\n\n return {\n version: parsed.v,\n controller: controllers[0],\n controllers,\n };\n}\n\nexport function buildDnsTxtRecord(controllerDid: Did): string {\n const normalized = normalizeDid(controllerDid);\n return `v=1;controller=${normalized}`;\n}\n","/**\n * x402 JWS Verification — Phase 5\n *\n * Verifies x402 signed offer and receipt artifacts using JWS Compact Serialization.\n *\n * Two verification paths:\n * 1. Embedded JWK: header contains `jwk` → validate, verify signature, derive did:jwk\n * 2. KID Resolution: header contains `kid` (no `jwk`) → resolve DID URL → verify → derive did:jwk\n *\n * If both `kid` and `jwk` are present and the resolved key conflicts with the\n * embedded key, verification fails.\n *\n * JWS verification is NOT authorization. It only proves the signature is valid\n * and returns the did:jwk for downstream authorization checks.\n */\n\nimport { compactVerify, decodeProtectedHeader, importJWK } from \"jose\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport {\n validatePublicJwk,\n jwkToDidJwk,\n publicJwkEquals,\n type PublicJwk,\n} from \"../../identity/jwk\";\nimport {\n resolveDidUrlToPublicKey,\n type ResolveKeyOptions,\n} from \"../../identity/resolve-key\";\nimport type {\n JwsVerificationResult,\n JwsVerificationFailure,\n PublicKeySource,\n} from \"../../identity/types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** x402 JWS artifact envelope */\nexport interface X402JwsArtifact {\n format: \"jws\";\n signature: string;\n}\n\n/** Options for x402 JWS verification */\nexport interface X402JwsVerifyOptions {\n /**\n * Options for DID URL key resolution (used when kid is present).\n * Pass a custom fetchDidDocument for testing or non-standard resolution.\n */\n resolveOptions?: ResolveKeyOptions;\n}\n\n// ---------------------------------------------------------------------------\n// Payload Validation\n// ---------------------------------------------------------------------------\n\nconst REQUIRED_OFFER_FIELDS = [\n \"version\",\n \"resourceUrl\",\n \"scheme\",\n \"network\",\n \"asset\",\n \"payTo\",\n \"amount\",\n] as const;\n\nconst REQUIRED_RECEIPT_FIELDS = [\n \"version\",\n \"network\",\n \"resourceUrl\",\n \"payer\",\n \"issuedAt\",\n] as const;\n\nfunction validateOfferPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_OFFER_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\nfunction validateReceiptPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_RECEIPT_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Failure Helper\n// ---------------------------------------------------------------------------\n\nfunction failure(code: string, message: string, partial?: Partial<JwsVerificationFailure>): JwsVerificationFailure {\n return {\n valid: false,\n error: { code, message },\n ...partial,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Core JWS Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS artifact (offer or receipt).\n *\n * This is the core verification function. It:\n * 1. Parses the compact JWS\n * 2. Decodes the protected header\n * 3. Requires `alg` and at least one of `kid` or `jwk`\n * 4. Selects the public key (embedded jwk or resolved kid)\n * 5. Verifies the JWS signature\n * 6. Derives did:jwk from the verified public key\n * 7. Returns a structured result\n *\n * Does NOT validate payload shape — use verifyX402JwsOffer or verifyX402JwsReceipt\n * for payload validation.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options (resolver config, etc.)\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsArtifact(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n // Validate artifact envelope\n if (!artifact || typeof artifact !== \"object\") {\n return failure(\"INVALID_ARTIFACT\", \"Artifact must be a non-null object\");\n }\n if (artifact.format !== \"jws\") {\n return failure(\"INVALID_ARTIFACT\", `Expected format \"jws\", got \"${artifact.format}\"`);\n }\n if (typeof artifact.signature !== \"string\" || artifact.signature.length === 0) {\n return failure(\"INVALID_ARTIFACT\", \"Artifact signature must be a non-empty string\");\n }\n\n const compactJws = artifact.signature;\n\n // Validate compact JWS structure (must have 3 dot-separated parts)\n const parts = compactJws.split(\".\");\n if (parts.length !== 3) {\n return failure(\"MALFORMED_JWS\", \"Invalid compact JWS format: expected 3 dot-separated parts\");\n }\n\n // Decode protected header\n let header: Record<string, unknown>;\n try {\n header = decodeProtectedHeader(compactJws) as Record<string, unknown>;\n } catch {\n return failure(\"MALFORMED_JWS\", \"Failed to decode JWS protected header\");\n }\n\n // Require alg\n if (!header.alg || typeof header.alg !== \"string\") {\n return failure(\"MISSING_ALG\", \"JWS header must include alg\", { header });\n }\n\n // Require at least one of kid or jwk\n const kid = typeof header.kid === \"string\" ? header.kid : null;\n const embeddedJwk = header.jwk as Record<string, unknown> | undefined;\n\n if (!kid && !embeddedJwk) {\n return failure(\n \"MISSING_KEY_MATERIAL\",\n \"JWS header must include at least one of kid or jwk\",\n { header }\n );\n }\n\n // Determine public key and source\n let publicKeyJwk: PublicJwk;\n let publicKeySource: PublicKeySource;\n\n if (embeddedJwk) {\n // Embedded JWK path\n const validation = validatePublicJwk(embeddedJwk);\n if (!validation.valid) {\n return failure(\n \"INVALID_EMBEDDED_JWK\",\n `Embedded JWK is invalid: ${validation.error}`,\n { header }\n );\n }\n\n publicKeyJwk = embeddedJwk as PublicJwk;\n publicKeySource = \"embedded-jwk\";\n\n // If kid is also present, resolve and check for conflict\n if (kid) {\n try {\n const resolved = await resolveDidUrlToPublicKey(kid, options?.resolveOptions);\n if (!publicJwkEquals(publicKeyJwk, resolved.publicKeyJwk)) {\n return failure(\n \"KEY_CONFLICT\",\n \"Embedded jwk conflicts with public key resolved from kid\",\n { header, kid }\n );\n }\n } catch (err) {\n // If kid resolution fails but we have embedded jwk, we can still verify\n // with the embedded key. Only fail if the resolution succeeded but keys conflict.\n // Per spec: \"the SDK may resolve kid if configured\" — resolution failure\n // is not fatal when jwk is present.\n }\n }\n } else {\n // KID resolution path — kid must be present (guaranteed by earlier check)\n publicKeySource = \"kid-resolution\";\n try {\n const resolved = await resolveDidUrlToPublicKey(kid!, options?.resolveOptions);\n publicKeyJwk = resolved.publicKeyJwk;\n } catch (err) {\n const message =\n err instanceof OmaTrustError\n ? `Failed to resolve kid \"${kid}\": ${err.message}`\n : `Failed to resolve kid \"${kid}\"`;\n return failure(\"KID_RESOLUTION_FAILED\", message, { header, kid });\n }\n }\n\n // Verify JWS signature\n let payload: Record<string, unknown>;\n try {\n const key = await importJWK(publicKeyJwk as Parameters<typeof importJWK>[0], header.alg as string);\n const result = await compactVerify(compactJws, key);\n\n // Decode payload\n const payloadText = new TextDecoder().decode(result.payload);\n payload = JSON.parse(payloadText) as Record<string, unknown>;\n } catch (err) {\n const message = err instanceof Error ? err.message : \"Signature verification failed\";\n return failure(\"SIGNATURE_INVALID\", message, { header, kid });\n }\n\n // Derive did:jwk\n const publicKeyDid = jwkToDidJwk(publicKeyJwk);\n\n return {\n valid: true,\n header,\n payload,\n kid,\n publicKeyJwk,\n publicKeySource,\n publicKeyDid,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Offer Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS offer artifact.\n *\n * Performs full JWS signature verification and validates that the payload\n * contains required offer fields: version, resourceUrl, scheme, network,\n * asset, payTo, amount.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsOffer(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n const result = await verifyX402JwsArtifact(artifact, options);\n if (!result.valid) return result;\n\n const payloadCheck = validateOfferPayload(result.payload);\n if (!payloadCheck.valid) {\n return failure(\n \"INVALID_OFFER_PAYLOAD\",\n `Missing required offer field: ${payloadCheck.field}`,\n {\n header: result.header,\n payload: result.payload,\n kid: result.kid,\n publicKeyJwk: result.publicKeyJwk,\n publicKeySource: result.publicKeySource,\n publicKeyDid: result.publicKeyDid,\n }\n );\n }\n\n return result;\n}\n\n// ---------------------------------------------------------------------------\n// Receipt Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS receipt artifact.\n *\n * Performs full JWS signature verification and validates that the payload\n * contains required receipt fields: version, network, resourceUrl, payer,\n * issuedAt.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsReceipt(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n const result = await verifyX402JwsArtifact(artifact, options);\n if (!result.valid) return result;\n\n const payloadCheck = validateReceiptPayload(result.payload);\n if (!payloadCheck.valid) {\n return failure(\n \"INVALID_RECEIPT_PAYLOAD\",\n `Missing required receipt field: ${payloadCheck.field}`,\n {\n header: result.header,\n payload: result.payload,\n kid: result.kid,\n publicKeyJwk: result.publicKeyJwk,\n publicKeySource: result.publicKeySource,\n publicKeyDid: result.publicKeyDid,\n }\n );\n }\n\n return result;\n}\n","/**\n * x402 EIP-712 Verification — Phase 5b\n *\n * Verifies x402 signed offer and receipt artifacts using EIP-712 typed data signatures.\n *\n * EIP-712 is the simpler verification path: the signer address is recovered directly\n * from the signature using ethers verifyTypedData. There is no DID URL resolution or\n * JWK handling — the recovered address is the verification output.\n *\n * EIP-712 verification is NOT authorization. It only proves the signature is valid\n * and returns the recovered signer address for downstream authorization checks.\n */\n\nimport { verifyTypedData, getAddress } from \"ethers\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** x402 EIP-712 artifact envelope */\nexport interface X402Eip712Artifact {\n format: \"eip712\";\n payload: Record<string, unknown>;\n signature: string;\n}\n\n/** Successful EIP-712 verification result */\nexport interface Eip712VerificationResult {\n valid: true;\n /** Decoded payload from the artifact */\n payload: Record<string, unknown>;\n /** Recovered signer address (checksummed) */\n signer: string;\n /** Whether this is an offer or receipt */\n artifactType: \"offer\" | \"receipt\";\n}\n\n/** Failed EIP-712 verification result */\nexport interface Eip712VerificationFailure {\n valid: false;\n error: { code: string; message: string };\n payload?: Record<string, unknown>;\n signer?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Canonical EIP-712 Definitions\n// ---------------------------------------------------------------------------\n\n/**\n * Canonical EIP-712 domain for x402 offers.\n * Per the x402 Offer and Receipt Extension spec:\n * - chainId is hardcoded to 1 (off-chain signing format)\n * - The payment network is identified by the `network` field in the payload\n */\nconst OFFER_DOMAIN = {\n name: \"x402 offer\",\n version: \"1\",\n chainId: 1,\n} as const;\n\n/**\n * Canonical EIP-712 domain for x402 receipts.\n */\nconst RECEIPT_DOMAIN = {\n name: \"x402 receipt\",\n version: \"1\",\n chainId: 1,\n} as const;\n\n/**\n * Canonical EIP-712 types for x402 offers.\n * These are normative and MUST NOT be transmitted on the wire.\n */\nconst OFFER_TYPES = {\n Offer: [\n { name: \"version\", type: \"uint256\" },\n { name: \"resourceUrl\", type: \"string\" },\n { name: \"scheme\", type: \"string\" },\n { name: \"network\", type: \"string\" },\n { name: \"asset\", type: \"string\" },\n { name: \"payTo\", type: \"string\" },\n { name: \"amount\", type: \"string\" },\n { name: \"validUntil\", type: \"uint256\" },\n ],\n} as const;\n\n/**\n * Canonical EIP-712 types for x402 receipts.\n * These are normative and MUST NOT be transmitted on the wire.\n */\nconst RECEIPT_TYPES = {\n Receipt: [\n { name: \"version\", type: \"uint256\" },\n { name: \"network\", type: \"string\" },\n { name: \"resourceUrl\", type: \"string\" },\n { name: \"payer\", type: \"string\" },\n { name: \"issuedAt\", type: \"uint256\" },\n { name: \"transaction\", type: \"string\" },\n ],\n} as const;\n\n// ---------------------------------------------------------------------------\n// Payload Validation\n// ---------------------------------------------------------------------------\n\nconst REQUIRED_OFFER_FIELDS = [\n \"version\",\n \"resourceUrl\",\n \"scheme\",\n \"network\",\n \"asset\",\n \"payTo\",\n \"amount\",\n] as const;\n\nconst REQUIRED_RECEIPT_FIELDS = [\n \"version\",\n \"network\",\n \"resourceUrl\",\n \"payer\",\n \"issuedAt\",\n] as const;\n\nfunction validateOfferPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_OFFER_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\nfunction validateReceiptPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_RECEIPT_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Failure Helper\n// ---------------------------------------------------------------------------\n\nfunction failure(\n code: string,\n message: string,\n partial?: Partial<Eip712VerificationFailure>\n): Eip712VerificationFailure {\n return {\n valid: false,\n error: { code, message },\n ...partial,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Core EIP-712 Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Prepare the EIP-712 message from the artifact payload.\n *\n * For EIP-712, all fields must be present (fixed schema).\n * Optional fields use zero-values when absent:\n * - validUntil: 0 means absent\n * - transaction: \"\" means absent\n */\nfunction prepareOfferMessage(payload: Record<string, unknown>): Record<string, unknown> {\n return {\n version: payload.version,\n resourceUrl: payload.resourceUrl,\n scheme: payload.scheme,\n network: payload.network,\n asset: payload.asset,\n payTo: payload.payTo,\n amount: payload.amount,\n validUntil: payload.validUntil ?? 0,\n };\n}\n\nfunction prepareReceiptMessage(payload: Record<string, unknown>): Record<string, unknown> {\n return {\n version: payload.version,\n network: payload.network,\n resourceUrl: payload.resourceUrl,\n payer: payload.payer,\n issuedAt: payload.issuedAt,\n transaction: payload.transaction ?? \"\",\n };\n}\n\n/**\n * Verify an x402 EIP-712 artifact (offer or receipt).\n *\n * This is the core verification function. It:\n * 1. Validates the artifact envelope (format, payload, signature)\n * 2. Validates payload shape for the artifact type\n * 3. Constructs EIP-712 typed data using canonical domain and types\n * 4. Verifies signature and recovers signer address\n * 5. Returns structured result with recovered signer\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @param artifactType - Whether this is an \"offer\" or \"receipt\"\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Artifact(\n artifact: X402Eip712Artifact,\n artifactType: \"offer\" | \"receipt\"\n): Eip712VerificationResult | Eip712VerificationFailure {\n // Validate artifact envelope\n if (!artifact || typeof artifact !== \"object\") {\n return failure(\"INVALID_ARTIFACT\", \"Artifact must be a non-null object\");\n }\n if (artifact.format !== \"eip712\") {\n return failure(\"INVALID_ARTIFACT\", `Expected format \"eip712\", got \"${artifact.format}\"`);\n }\n if (!artifact.payload || typeof artifact.payload !== \"object\" || Array.isArray(artifact.payload)) {\n return failure(\"MISSING_PAYLOAD\", \"EIP-712 artifact must include a payload object\");\n }\n if (typeof artifact.signature !== \"string\" || artifact.signature.length === 0) {\n return failure(\"MISSING_SIGNATURE\", \"EIP-712 artifact must include a non-empty signature\");\n }\n\n const payload = artifact.payload;\n\n // Validate payload shape\n if (artifactType === \"offer\") {\n const check = validateOfferPayload(payload);\n if (!check.valid) {\n return failure(\n \"INVALID_OFFER_PAYLOAD\",\n `Missing required offer field: ${check.field}`,\n { payload }\n );\n }\n } else {\n const check = validateReceiptPayload(payload);\n if (!check.valid) {\n return failure(\n \"INVALID_RECEIPT_PAYLOAD\",\n `Missing required receipt field: ${check.field}`,\n { payload }\n );\n }\n }\n\n // Select domain, types, and prepare message\n const domain = artifactType === \"offer\" ? OFFER_DOMAIN : RECEIPT_DOMAIN;\n const types = artifactType === \"offer\" ? OFFER_TYPES : RECEIPT_TYPES;\n const message =\n artifactType === \"offer\"\n ? prepareOfferMessage(payload)\n : prepareReceiptMessage(payload);\n\n // Verify signature and recover signer\n let signer: string;\n try {\n signer = verifyTypedData(\n domain,\n types as unknown as Record<string, Array<{ name: string; type: string }>>,\n message,\n artifact.signature\n );\n signer = getAddress(signer);\n } catch (err) {\n const message = err instanceof Error ? err.message : \"EIP-712 signature verification failed\";\n return failure(\"SIGNATURE_INVALID\", message, { payload });\n }\n\n return {\n valid: true,\n payload,\n signer,\n artifactType,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Offer Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 EIP-712 offer artifact.\n *\n * Recovers the signer address and validates that the payload contains\n * required offer fields: version, resourceUrl, scheme, network, asset, payTo, amount.\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Offer(\n artifact: X402Eip712Artifact\n): Eip712VerificationResult | Eip712VerificationFailure {\n return verifyX402Eip712Artifact(artifact, \"offer\");\n}\n\n// ---------------------------------------------------------------------------\n// Receipt Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 EIP-712 receipt artifact.\n *\n * Recovers the signer address and validates that the payload contains\n * required receipt fields: version, network, resourceUrl, payer, issuedAt.\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Receipt(\n artifact: X402Eip712Artifact\n): Eip712VerificationResult | Eip712VerificationFailure {\n return verifyX402Eip712Artifact(artifact, \"receipt\");\n}\n","import { getAddress } from \"ethers\";\nimport { extractAddressFromDid } from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport {\n calculateTransferAmount,\n} from \"./proof/tx-encoded-value\";\nimport { verifyDidDocumentControllerDid } from \"./proof/did-json\";\nimport { verifyEip712Signature } from \"./proof/eip712\";\nimport { parseDnsTxtRecord } from \"./proof/dns-txt-record\";\nimport {\n verifyX402JwsOffer,\n verifyX402JwsReceipt,\n type X402JwsArtifact,\n} from \"./proof/x402-jws\";\nimport {\n verifyX402Eip712Offer,\n verifyX402Eip712Receipt,\n type X402Eip712Artifact,\n} from \"./proof/x402-eip712\";\nimport type {\n AttestationQueryResult,\n ProofPurpose,\n ProofWrapper,\n VerifyAttestationParams,\n VerifyAttestationResult,\n VerifyProofParams,\n VerifyProofResult\n} from \"./types\";\n\nfunction parseChainId(input: unknown): number {\n if (typeof input === \"number\") {\n return input;\n }\n\n if (typeof input === \"string\") {\n if (input.includes(\":\")) {\n const [, chainId] = input.split(\":\");\n return Number(chainId);\n }\n return Number(input);\n }\n\n return NaN;\n}\n\nfunction parseProofs(attestation: AttestationQueryResult): ProofWrapper[] {\n const rawProofs = attestation.data.proofs;\n if (!Array.isArray(rawProofs)) {\n return [];\n }\n\n return rawProofs\n .map((entry) => {\n if (typeof entry === \"string\") {\n try {\n return JSON.parse(entry) as ProofWrapper;\n } catch {\n return null;\n }\n }\n if (entry && typeof entry === \"object\") {\n return entry as ProofWrapper;\n }\n return null;\n })\n .filter((proof): proof is ProofWrapper => Boolean(proof?.proofType));\n}\n\nfunction getProofPurpose(proof: ProofWrapper): ProofPurpose {\n if (proof.proofPurpose === \"commercial-tx\") {\n return \"commercial-tx\";\n }\n return \"shared-control\";\n}\n\nfunction decodeJwtPayload(compactJws: string): Record<string, unknown> {\n const parts = compactJws.split(\".\");\n if (parts.length !== 3) {\n throw new OmaTrustError(\"PROOF_VERIFICATION_FAILED\", \"Invalid compact JWS format\");\n }\n const payloadB64 = parts[1].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = payloadB64.padEnd(payloadB64.length + ((4 - (payloadB64.length % 4)) % 4), \"=\");\n let json: string;\n if (typeof atob === \"function\") {\n json = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n json = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n return JSON.parse(json) as Record<string, unknown>;\n}\n\nexport async function verifyProof(params: VerifyProofParams): Promise<VerifyProofResult> {\n const { proof, provider, expectedSubjectDid, expectedControllerDid } = params;\n\n try {\n switch (proof.proofType) {\n case \"tx-encoded-value\": {\n if (!provider) {\n return { valid: false, proofType: proof.proofType, reason: \"Provider is required\" };\n }\n if (!expectedSubjectDid || !expectedControllerDid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"expectedSubjectDid and expectedControllerDid are required\"\n };\n }\n\n const proofObject = proof.proofObject as { chainId: string; txHash: string };\n const chainId = parseChainId(proofObject.chainId);\n const tx = await (provider as { getTransaction: (hash: string) => Promise<any> }).getTransaction(\n proofObject.txHash\n );\n if (!tx) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction not found\" };\n }\n\n const expectedAmount = calculateTransferAmount(\n expectedSubjectDid,\n expectedControllerDid,\n chainId,\n getProofPurpose(proof)\n );\n\n const subjectAddress = getAddress(extractAddressFromDid(expectedSubjectDid));\n const controllerAddress = getAddress(extractAddressFromDid(expectedControllerDid));\n\n if (tx.from && getAddress(tx.from) !== subjectAddress) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction sender mismatch\" };\n }\n\n if (tx.to && getAddress(tx.to) !== controllerAddress) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction recipient mismatch\" };\n }\n\n if (BigInt(tx.value) !== expectedAmount) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction amount mismatch\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"tx-interaction\": {\n if (!provider) {\n return { valid: false, proofType: proof.proofType, reason: \"Provider is required\" };\n }\n const proofObject = proof.proofObject as { txHash: string };\n const tx = await (provider as { getTransaction: (hash: string) => Promise<any> }).getTransaction(\n proofObject.txHash\n );\n if (!tx) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction not found\" };\n }\n\n if (!tx.to) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction target missing\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"pop-eip712\": {\n const object = proof.proofObject as {\n domain: Record<string, unknown>;\n message: Record<string, unknown>;\n signature: string;\n };\n\n const typedData = {\n domain: object.domain,\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" }\n ]\n },\n message: object.message\n };\n\n const verification = verifyEip712Signature(typedData, object.signature);\n if (!verification.valid || !verification.signer) {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid EIP-712 signature\" };\n }\n\n if (typeof object.message.signer === \"string\") {\n const expected = getAddress(object.message.signer);\n if (getAddress(verification.signer) !== expected) {\n return { valid: false, proofType: proof.proofType, reason: \"Recovered signer mismatch\" };\n }\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"pop-jws\": {\n if (typeof proof.proofObject !== \"string\") {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid JWS proof payload\" };\n }\n\n const payload = decodeJwtPayload(proof.proofObject);\n const now = Math.floor(Date.now() / 1000);\n const exp = payload.exp;\n if (typeof exp === \"number\" && exp < now) {\n return { valid: false, proofType: proof.proofType, reason: \"JWS proof expired\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"x402-receipt\":\n case \"x402-offer\": {\n if (!proof.proofObject || typeof proof.proofObject !== \"object\") {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid x402 proof object\" };\n }\n\n // JWS cryptographic verification when format is \"jws\"\n const proofObj = proof.proofObject as Record<string, unknown>;\n if (proofObj.format === \"jws\" && typeof proofObj.signature === \"string\") {\n const artifact: X402JwsArtifact = {\n format: \"jws\",\n signature: proofObj.signature,\n };\n const jwsResult =\n proof.proofType === \"x402-offer\"\n ? await verifyX402JwsOffer(artifact)\n : await verifyX402JwsReceipt(artifact);\n\n if (!jwsResult.valid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: jwsResult.error?.message ?? \"JWS verification failed\",\n };\n }\n return { valid: true, proofType: proof.proofType };\n }\n\n // EIP-712 cryptographic verification when format is \"eip712\"\n if (proofObj.format === \"eip712\" && typeof proofObj.signature === \"string\" && proofObj.payload && typeof proofObj.payload === \"object\") {\n const artifact: X402Eip712Artifact = {\n format: \"eip712\",\n payload: proofObj.payload as Record<string, unknown>,\n signature: proofObj.signature,\n };\n const eip712Result =\n proof.proofType === \"x402-offer\"\n ? verifyX402Eip712Offer(artifact)\n : verifyX402Eip712Receipt(artifact);\n\n if (!eip712Result.valid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: eip712Result.error?.message ?? \"EIP-712 verification failed\",\n };\n }\n return { valid: true, proofType: proof.proofType };\n }\n\n // Non-JWS/non-EIP-712 x402 proofs: shape-only check (backward compatible)\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"evidence-pointer\": {\n const object = proof.proofObject as { url?: string };\n if (!object.url) {\n return { valid: false, proofType: proof.proofType, reason: \"Missing evidence URL\" };\n }\n\n const response = await fetch(object.url);\n if (!response.ok) {\n return { valid: false, proofType: proof.proofType, reason: `Evidence fetch failed (${response.status})` };\n }\n\n if (object.url.endsWith(\"/.well-known/did.json\") && expectedControllerDid) {\n const didDoc = (await response.json()) as Record<string, unknown>;\n const didCheck = verifyDidDocumentControllerDid(didDoc, expectedControllerDid);\n return {\n valid: didCheck.valid,\n proofType: proof.proofType,\n reason: didCheck.reason\n };\n }\n\n const body = await response.text();\n if (expectedControllerDid && !body.includes(expectedControllerDid)) {\n try {\n const parsed = parseDnsTxtRecord(body);\n if (!parsed.controllers.includes(expectedControllerDid)) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"Evidence does not include expected controller DID\"\n };\n }\n } catch {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"Evidence does not include expected controller DID\"\n };\n }\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n default:\n return { valid: false, proofType: proof.proofType, reason: \"Unsupported proof type\" };\n }\n } catch (err) {\n throw new OmaTrustError(\"PROOF_VERIFICATION_FAILED\", \"Proof verification failed\", {\n proofType: proof.proofType,\n err\n });\n }\n}\n\nexport async function verifyAttestation(\n params: VerifyAttestationParams\n): Promise<VerifyAttestationResult> {\n const proofs = parseProofs(params.attestation);\n const checks: Record<string, boolean> = {};\n const reasons: string[] = [];\n\n const now = BigInt(Math.floor(Date.now() / 1000));\n if (params.attestation.revocationTime > 0n) {\n checks.revocation = false;\n reasons.push(\"attestation revoked\");\n } else {\n checks.revocation = true;\n }\n\n if (params.attestation.expirationTime > 0n && params.attestation.expirationTime < now) {\n checks.expiration = false;\n reasons.push(\"attestation expired\");\n } else {\n checks.expiration = true;\n }\n\n if (proofs.length === 0) {\n checks.proofs = false;\n reasons.push(\"no proofs provided\");\n }\n\n const selectedProofTypes = params.checks ?? (proofs.map((proof) => proof.proofType) as Array<ProofWrapper[\"proofType\"]>);\n\n for (const proof of proofs) {\n if (!selectedProofTypes.includes(proof.proofType)) {\n continue;\n }\n\n const result = await verifyProof({\n proof,\n provider: params.provider,\n expectedSubjectDid: params.context?.subjectDid as string | undefined,\n expectedControllerDid: params.context?.controllerDid as string | undefined\n });\n\n checks[proof.proofType] = result.valid;\n if (!result.valid) {\n reasons.push(result.reason ?? `${proof.proofType} verification failed`);\n }\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons\n };\n}\n","import { OmaTrustError } from \"../shared/errors\";\nimport { isEasSchemaNotFoundError } from \"./eas-adapter\";\nimport type { Hex } from \"./types\";\n\nexport async function verifySchemaExists(\n schemaRegistry: unknown,\n schemaUid: Hex\n): Promise<boolean> {\n const registry = schemaRegistry as {\n getSchema: (params: { uid: string }) => Promise<{ uid: string } | null>;\n };\n\n try {\n const schema = await registry.getSchema({ uid: schemaUid });\n return Boolean(schema && schema.uid && schema.uid !== \"0x\".padEnd(66, \"0\"));\n } catch {\n return false;\n }\n}\n\nexport async function getSchemaDetails(\n schemaRegistry: unknown,\n schemaUid: Hex\n): Promise<{ uid: Hex; schema: string; resolver: Hex; revocable: boolean }> {\n const registry = schemaRegistry as {\n getSchema: (params: { uid: string }) => Promise<{\n uid: string;\n schema: string;\n resolver: string;\n revocable: boolean;\n } | null>;\n };\n\n try {\n const details = await registry.getSchema({ uid: schemaUid });\n if (!details || !details.uid || details.uid === \"0x\".padEnd(66, \"0\")) {\n throw new OmaTrustError(\"SCHEMA_NOT_FOUND\", \"Schema was not found\", { schemaUid });\n }\n\n return {\n uid: formatSchemaUid(details.uid),\n schema: details.schema,\n resolver: details.resolver as Hex,\n revocable: Boolean(details.revocable)\n };\n } catch (err) {\n if (isEasSchemaNotFoundError(err)) {\n throw new OmaTrustError(\"SCHEMA_NOT_FOUND\", \"Schema was not found\", { schemaUid });\n }\n if (err instanceof OmaTrustError) {\n throw err;\n }\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to read schema details\", { schemaUid, err });\n }\n}\n\nexport function formatSchemaUid(schemaUid: string): Hex {\n if (!schemaUid) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schemaUid is required\");\n }\n const value = schemaUid.startsWith(\"0x\") ? schemaUid.toLowerCase() : `0x${schemaUid.toLowerCase()}`;\n if (!/^0x[0-9a-f]{64}$/.test(value)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schemaUid must be a 32-byte hex string\", { schemaUid });\n }\n return value as Hex;\n}\n","import { OmaTrustError } from \"../shared/errors\";\nimport type { CallControllerWitnessParams, CallControllerWitnessResult } from \"./types\";\n\nasync function callMethod(\n params: CallControllerWitnessParams,\n method: \"dns-txt\" | \"did-json\"\n): Promise<CallControllerWitnessResult | null> {\n let response: Response;\n try {\n response = await fetch(params.gatewayUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({\n attestationUid: params.attestationUid,\n chainId: params.chainId,\n easContract: params.easContract,\n schemaUid: params.schemaUid,\n subject: params.subject,\n controller: params.controller,\n method\n }),\n signal: AbortSignal.timeout(params.timeoutMs ?? 15_000)\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Controller witness request failed\", { method, err });\n }\n\n const details = await response.json().catch(() => undefined);\n if (!response.ok) {\n return null;\n }\n\n return {\n ok: true,\n method,\n details\n };\n}\n\nexport async function callControllerWitness(\n params: CallControllerWitnessParams\n): Promise<CallControllerWitnessResult> {\n const dnsResult = await callMethod(params, \"dns-txt\").catch(() => null);\n if (dnsResult) {\n return dnsResult;\n }\n\n const didJsonResult = await callMethod(params, \"did-json\").catch(() => null);\n if (didJsonResult) {\n return didJsonResult;\n }\n\n return {\n ok: false,\n method: \"did-json\"\n };\n}\n\nimport type { RequestControllerWitnessParams, RequestControllerWitnessResult } from \"./types\";\n\nconst DEFAULT_CONTROLLER_WITNESS_URL = \"https://api.omatrust.org/v1/controller-witness\";\n\n/**\n * Request a controller witness attestation from the OMATrust backend.\n *\n * This is the recommended function for requesting controller witnesses.\n * It makes a single API call with the subject and controller DIDs.\n * The backend handles evidence discovery, attestation submission, and\n * write quota deduction.\n *\n * Requires an authenticated session (cookie-based for web clients).\n * Future versions will support x402 and OAuth DCR 2.0 for agents.\n *\n * @deprecated callControllerWitness — use requestControllerWitness instead.\n * callControllerWitness uses the legacy multi-call pattern and will be\n * removed in a future SDK version.\n */\nexport async function requestControllerWitness(\n params: RequestControllerWitnessParams\n): Promise<RequestControllerWitnessResult> {\n const url = params.gatewayUrl ?? DEFAULT_CONTROLLER_WITNESS_URL;\n\n const body: Record<string, unknown> = {\n subjectDid: params.subjectDid,\n controllerDid: params.controllerDid,\n };\n\n if (params.chainId !== undefined) {\n body.chainId = params.chainId;\n }\n\n let response: Response;\n try {\n response = await fetch(url, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n credentials: \"include\",\n body: JSON.stringify(body),\n signal: AbortSignal.timeout(params.timeoutMs ?? 15_000),\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Controller witness request failed\", { err });\n }\n\n if (!response.ok) {\n const errorBody = await response.json().catch(() => ({ error: response.statusText }));\n throw new OmaTrustError(\n \"API_ERROR\",\n (errorBody as Record<string, string>).error ?? `Controller witness failed: ${response.status}`,\n { status: response.status, ...errorBody }\n );\n }\n\n return (await response.json()) as RequestControllerWitnessResult;\n}\n","/**\n * Contract Ownership — shared primitives for discovering contract owners\n * and verifying transfer proofs.\n *\n * Used by:\n * - subject-ownership.ts (full ownership verification flow)\n * - attester-authorization.ts (authorization checks for did:pkh subjects)\n */\n\nimport { Interface, ZeroAddress, getAddress, isAddress } from \"ethers\";\nimport { buildEvmDidPkh } from \"../identity/did\";\nimport { calculateTransferAmount } from \"./proof/tx-encoded-value\";\nimport type { Hex, Did } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Provider interface\n// ---------------------------------------------------------------------------\n\n/**\n * Minimal provider interface for contract ownership reads.\n * Compatible with ethers v6 providers — consumers can pass their provider directly.\n */\nexport interface ContractOwnershipProvider {\n call(transaction: { to: string; data: string }): Promise<string>;\n getCode(address: string): Promise<string>;\n getStorage(address: string, slot: string): Promise<string>;\n getTransaction(hash: string): Promise<{\n from?: string | null;\n to?: string | null;\n value?: bigint | string | number | null;\n blockNumber?: number | null;\n } | null>;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nexport const EIP1967_ADMIN_SLOT =\n \"0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103\" as const;\n\nexport const OWNERSHIP_PATTERNS = [\n { method: \"owner\", signature: \"function owner() view returns (address)\" },\n { method: \"admin\", signature: \"function admin() view returns (address)\" },\n { method: \"getOwner\", signature: \"function getOwner() view returns (address)\" },\n] as const;\n\n// ---------------------------------------------------------------------------\n// Public functions\n// ---------------------------------------------------------------------------\n\n/**\n * Read a single address-returning function from a contract.\n * Returns the checksummed address or null if the call fails or returns zero.\n */\nexport async function readOwnerFromContract(\n provider: ContractOwnershipProvider,\n contractAddress: string,\n signature: string,\n method: string\n): Promise<string | null> {\n try {\n const iface = new Interface([signature]);\n const data = iface.encodeFunctionData(method, []);\n const result = await provider.call({ to: contractAddress, data });\n const [value] = iface.decodeFunctionResult(method, result);\n if (typeof value === \"string\" && isAddress(value) && value !== ZeroAddress) {\n return getAddress(value);\n }\n } catch {\n // Call failed — contract may not implement this method\n }\n return null;\n}\n\n/**\n * Discover the controlling wallet address of a contract.\n *\n * Tries, in order:\n * 1. `owner()` — OpenZeppelin Ownable\n * 2. `admin()` — common admin pattern\n * 3. `getOwner()` — alternative naming\n * 4. EIP-1967 admin storage slot\n *\n * Returns the checksummed owner address, or null if not discoverable.\n */\nexport async function discoverContractOwner(\n provider: ContractOwnershipProvider,\n contractAddress: string\n): Promise<string | null> {\n // Verify it's actually a contract\n try {\n const code = await provider.getCode(contractAddress);\n if (code === \"0x\" || code === \"0x0\") {\n return null;\n }\n } catch {\n return null;\n }\n\n // Try standard ownership patterns\n for (const pattern of OWNERSHIP_PATTERNS) {\n const address = await readOwnerFromContract(\n provider,\n contractAddress,\n pattern.signature,\n pattern.method\n );\n if (address) {\n return address;\n }\n }\n\n // Try EIP-1967 admin slot\n try {\n const adminValue = await provider.getStorage(contractAddress, EIP1967_ADMIN_SLOT);\n if (\n adminValue &&\n adminValue !== \"0x\" &&\n adminValue !== \"0x0000000000000000000000000000000000000000000000000000000000000000\"\n ) {\n const adminAddress = getAddress(`0x${adminValue.slice(-40)}`);\n if (adminAddress !== ZeroAddress) {\n return adminAddress;\n }\n }\n } catch {\n // Slot not readable\n }\n\n return null;\n}\n\n/**\n * Discover the controlling wallet and return it as a did:pkh DID.\n * Convenience wrapper over discoverContractOwner for DID-based flows.\n */\nexport async function discoverControllingWalletDid(\n provider: ContractOwnershipProvider,\n contractAddress: string,\n chainId: number\n): Promise<Did | null> {\n const owner = await discoverContractOwner(provider, contractAddress);\n return owner ? buildEvmDidPkh(chainId, owner) : null;\n}\n\n/**\n * Verify a transfer proof transaction.\n *\n * Checks:\n * - Transaction exists and has from/to\n * - Recipient matches the expected attester address\n * - Transfer amount matches the deterministic proof amount for the subject-attester pair\n *\n * Does NOT verify the sender is the current contract owner — that's a separate\n * concern (the sender may have been the owner at the time of transfer but not now).\n */\nexport async function verifyTransferProof(\n provider: ContractOwnershipProvider,\n txHash: Hex,\n subjectDid: Did,\n attesterAddress: string,\n chainId: number\n): Promise<boolean> {\n try {\n const tx = await provider.getTransaction(txHash);\n if (!tx || !tx.from || !tx.to) {\n return false;\n }\n\n // Recipient must be the attester\n if (getAddress(tx.to) !== getAddress(attesterAddress)) {\n return false;\n }\n\n // Verify the amount matches the deterministic transfer proof amount\n const attesterDid = buildEvmDidPkh(chainId, attesterAddress);\n const expectedAmount = calculateTransferAmount(\n subjectDid,\n attesterDid,\n chainId,\n \"shared-control\"\n );\n const actualValue = BigInt(tx.value ?? 0n);\n\n return actualValue === expectedAmount;\n } catch {\n return false;\n }\n}\n","/**\n * Trust anchors: fetches the OMA3 allowlist of EAS contracts and schemas.\n *\n * Used by the widget signing bridge for request validation and by the\n * reputation module for chain/contract resolution.\n *\n * Chain keys use CAIP-2 identifiers (e.g., \"eip155:66238\").\n */\n\nimport { OmaTrustError } from \"./errors\";\n\nconst DEFAULT_TRUST_ANCHORS_URL = \"https://api.omatrust.org/v1/trust-anchors\";\n\nexport const TRUST_ANCHORS_URL = DEFAULT_TRUST_ANCHORS_URL;\n\nexport type ChainAnchors = {\n name: string;\n easContract: string;\n /** Schema name → schema UID mapping */\n schemas: Record<string, string>;\n};\n\nexport type ApprovedIssuer = {\n address: string;\n label: string;\n schemas: string[];\n status: \"active\" | \"revoked\";\n validFrom: string;\n revokedAt?: string;\n};\n\nexport type TrustAnchors = {\n version: number;\n updatedAt: string;\n widgetOrigins?: string[];\n /** CAIP-2 chain identifier → chain-specific trust anchors */\n chains: Record<string, ChainAnchors>;\n registries?: Array<{\n type: \"approved-issuers\";\n issuers: ApprovedIssuer[];\n }>;\n};\n\nlet cachedAnchors: TrustAnchors | null = null;\nlet cacheTimestamp = 0;\nconst CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes\n\n/**\n * Fetch the trust anchors from the OMA3 API gateway.\n * Caches the result for 5 minutes.\n *\n * @param url Override the trust anchors URL (for testing or custom deployments)\n */\nexport async function fetchTrustAnchors(url?: string): Promise<TrustAnchors> {\n const now = Date.now();\n if (cachedAnchors && now - cacheTimestamp < CACHE_TTL_MS) {\n return cachedAnchors;\n }\n\n let res: Response;\n try {\n res = await fetch(url ?? TRUST_ANCHORS_URL);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch trust anchors\", { err });\n }\n\n if (!res.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", `Failed to fetch trust anchors: ${res.status} ${res.statusText}`);\n }\n\n const anchors: TrustAnchors = await res.json();\n\n if (!anchors.version || !anchors.chains || typeof anchors.chains !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid trust anchors format\");\n }\n\n cachedAnchors = anchors;\n cacheTimestamp = now;\n return anchors;\n}\n\n/**\n * Look up chain anchors by CAIP-2 identifier.\n * Throws UNSUPPORTED_CHAIN if the chain is not in the trust anchors.\n */\nexport function getChainAnchors(anchors: TrustAnchors, caip2: string): ChainAnchors {\n const chain = anchors.chains[caip2];\n if (!chain) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", `Chain ${caip2} is not in the trust anchors`, {\n caip2,\n supportedChains: Object.keys(anchors.chains),\n });\n }\n return chain;\n}\n\n/**\n * Look up a schema UID by name for a given chain.\n * Throws UNSUPPORTED_CHAIN if the chain is not in the trust anchors.\n * Throws INVALID_INPUT if the schema is not deployed on this chain.\n */\nexport function getSchemaAnchor(anchors: TrustAnchors, caip2: string, schemaName: string): string {\n const chain = getChainAnchors(anchors, caip2);\n const uid = chain.schemas[schemaName];\n if (!uid) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Schema \"${schemaName}\" not found in trust anchors for chain ${caip2}`, {\n caip2,\n schemaName,\n availableSchemas: Object.keys(chain.schemas),\n });\n }\n return uid;\n}\n\n/**\n * Extract the allowed contracts and schema UIDs from trust anchors.\n * Returns all contracts and schema UIDs across all chains.\n */\nexport function extractAllowlists(anchors: TrustAnchors): {\n allowedContracts: string[];\n allowedSchemas: string[];\n} {\n const contracts: string[] = [];\n const schemas: string[] = [];\n\n for (const chain of Object.values(anchors.chains)) {\n if (chain.easContract) contracts.push(chain.easContract);\n if (chain.schemas && typeof chain.schemas === \"object\") {\n schemas.push(...Object.values(chain.schemas));\n }\n }\n\n return {\n allowedContracts: [...new Set(contracts)],\n allowedSchemas: [...new Set(schemas)],\n };\n}\n","import { isSameControllerId } from \"../../identity/controller-id\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Did } from \"../types\";\nimport { parseDnsTxtRecord } from \"./dns-txt-record\";\n\nexport interface VerifyDnsTxtControllerDidOptions {\n resolveTxt?: (host: string) => Promise<string[][]>;\n recordPrefix?: string;\n}\n\n/**\n * Verify that a controller DID appears in DNS TXT records for a domain.\n *\n * Uses isSameControllerId for matching, which supports:\n * - Exact normalized DID string match\n * - EVM address match (chain-agnostic)\n * - JWK material match (for did:jwk with different encodings)\n */\nexport async function verifyDnsTxtControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDnsTxtControllerDidOptions = {}\n): Promise<{ valid: boolean; record?: string; reason?: string }> {\n if (!domain || typeof domain !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"domain must be a non-empty string\", { domain });\n }\n\n if (!options.resolveTxt) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"No DNS TXT resolver was provided\", { domain });\n }\n\n const prefix = options.recordPrefix ?? \"_controllers\";\n const host = `${prefix}.${domain.toLowerCase().replace(/\\.$/, \"\")}`;\n\n let records: string[][];\n try {\n records = await options.resolveTxt(host);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to resolve DNS TXT records\", { domain, err });\n }\n\n for (const recordParts of records) {\n const record = recordParts.join(\"\");\n const parsed = parseDnsTxtRecord(record);\n if (parsed.version !== \"1\") continue;\n\n for (const recordController of parsed.controllers) {\n if (isSameControllerId(recordController, expectedControllerDid)) {\n return { valid: true, record };\n }\n }\n }\n\n return { valid: false, reason: \"Controller DID not found in DNS TXT records\" };\n}\n","/**\n * Controller Authorization — verifies the time window during which a controller\n * was authorized for a subject DID.\n *\n * This is the \"read/verify\" counterpart to requestControllerWitness (write).\n *\n * For did:web subjects:\n * - Controller witness attestations (strongest durable evidence)\n * - Key binding with purpose check\n * - Live DNS TXT / did.json verification (current-point-in-time fallback)\n *\n * For did:pkh subjects (smart contracts):\n * - Direct subject ownership check (owner/admin/EIP-1967)\n * - Key binding with transfer proof verification\n * - NOTE: Only EVM chains are currently supported for contract ownership checks.\n * Non-EVM did:pkh subjects (e.g. Solana) will need chain-specific verification.\n */\n\nimport { didToAddress, getDomainFromDidWeb, extractDidMethod, isEvmDidPkh, getAddressFromDidPkh, getChainIdFromDidPkh, normalizeDid } from \"../identity/did\";\nimport { isSameControllerId, extractControllerEvmAddress } from \"../identity/controller-id\";\nimport { didJwkToJwk, publicJwkEquals } from \"../identity/jwk\";\nimport { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { Contract, getAddress } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { fetchTrustAnchors, getChainAnchors } from \"../shared/trust-anchors\";\nimport { fetchDidDocument } from \"../shared/did-document\";\nimport { verifyDnsTxtControllerDid } from \"./proof/dns-txt-shared\";\nimport { verifyDidDocumentControllerDid } from \"./proof/did-json\";\nimport { discoverContractOwner, verifyTransferProof, type ContractOwnershipProvider } from \"./contract-ownership\";\nimport { decodeAttestationData } from \"./encode\";\nimport type {\n AttestationQueryResult,\n ControllerAuthorizationResult,\n ControllerWitnessEvidence,\n GetControllerAuthorizationParams,\n Hex,\n W3CKeyPurpose,\n} from \"./types\";\n\nconst DEFAULT_CHAIN = \"eip155:6623\";\nconst DEFAULT_PURPOSES: W3CKeyPurpose[] = [\"authentication\", \"assertionMethod\"];\n\n/**\n * Determine the authorization window for a controller-subject pair.\n *\n * For did:web subjects, checks:\n * 1. On-chain controller-witness attestations (strongest evidence)\n * 2. On-chain key-binding revocation and purpose status\n * 3. Live DNS TXT / did.json verification (current-point-in-time fallback)\n *\n * For did:pkh subjects (smart contracts), checks:\n * 1. Direct subject ownership (controller is the contract owner/admin)\n * 2. Key binding with transfer proof verification\n *\n * Returns the authorization window so the consumer can filter attestations\n * by timestamp without repeated on-chain queries.\n */\nexport async function getControllerAuthorization(\n params: GetControllerAuthorizationParams\n): Promise<ControllerAuthorizationResult> {\n const chain = params.chain ?? DEFAULT_CHAIN;\n const purposes = params.purpose && params.purpose.length > 0 ? params.purpose : DEFAULT_PURPOSES;\n\n // Normalize the controller DID for consistent matching\n const controllerDid = normalizeDid(params.controllerDid);\n const controllerMethod = extractDidMethod(controllerDid);\n\n // Extract an EVM address from the controller DID when possible (did:pkh:eip155 only)\n const controllerEvmAddress = extractControllerEvmAddress(controllerDid);\n\n // Fetch trust anchors once (cached after first call)\n const anchors = await fetchTrustAnchors();\n const chainAnchors = getChainAnchors(anchors, chain);\n\n // Resolve EAS contract address\n const easContractAddress = params.easContractAddress ?? (chainAnchors.easContract as Hex);\n\n const provider = params.provider as never;\n\n // Get schema UIDs from trust anchors (optional — chain may not have all schemas)\n const controllerWitnessSchemaUid = chainAnchors.schemas[\"controller-witness\"] as Hex | undefined;\n const keyBindingSchemaUid = chainAnchors.schemas[\"key-binding\"] as Hex | undefined;\n\n // Query controller-witness attestations where recipient = subject DID address\n const subjectAddress = didToAddress(params.subjectDid);\n\n let relevantWitnesses: AttestationQueryResult[] = [];\n\n if (controllerWitnessSchemaUid) {\n const rawWitnesses = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [controllerWitnessSchemaUid],\n params.fromBlock ?? 0\n );\n\n // Filter to witnesses that reference this controller DID\n relevantWitnesses = rawWitnesses.filter((att) => {\n const witnessController = att.data?.controller;\n if (typeof witnessController !== \"string\") return false;\n return isSameControllerId(witnessController, controllerDid);\n });\n\n // Sort by time ascending (oldest first)\n relevantWitnesses.sort((a, b) => Number(a.time - b.time));\n }\n\n // Build structured controller witness evidence\n const controllerWitnesses: ControllerWitnessEvidence[] = relevantWitnesses.map((att) => ({\n uid: att.uid,\n issuedAt: att.time,\n attester: att.attester,\n method: resolveWitnessMethod(att.data?.method),\n }));\n\n // Check key binding revocation and purpose\n let keyBindingUid: Hex | null = null;\n let until: bigint | null = null;\n let keyPurposeStatus: ControllerAuthorizationResult[\"keyPurposeStatus\"] = \"not-required\";\n\n if (keyBindingSchemaUid) {\n const keyBindings = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [keyBindingSchemaUid],\n params.fromBlock ?? 0\n );\n\n // Find key bindings for this controller by matching keyId or publicKeyJwk\n const relevantKeyBindings = keyBindings\n .filter((att) => controllerMatchesKeyBinding(att, controllerDid, controllerMethod))\n .sort((a, b) => Number(b.time - a.time)); // newest first\n\n const relevantKeyBinding = relevantKeyBindings[0] ?? null;\n\n if (relevantKeyBinding) {\n keyBindingUid = relevantKeyBinding.uid;\n\n // Check revocation → sets `until`\n if (relevantKeyBinding.revocationTime > 0n) {\n until = relevantKeyBinding.revocationTime;\n }\n\n // Check key purpose\n const keyPurposes = relevantKeyBinding.data?.keyPurpose;\n if (!Array.isArray(keyPurposes) || keyPurposes.length === 0) {\n keyPurposeStatus = \"unknown\";\n } else {\n const allMatched = purposes.every((p) => keyPurposes.includes(p));\n keyPurposeStatus = allMatched ? \"matched\" : \"mismatch\";\n }\n }\n }\n\n // Live DNS/did.json check (did:web subjects) or contract ownership check (did:pkh subjects)\n let currentlyVerified = false;\n let liveMethod: \"dns\" | \"did-document\" | \"contract-ownership\" | null = null;\n let transferProofVerified = false;\n let transferProofAnchor: bigint | null = null;\n\n const subjectMethod = extractDidMethod(params.subjectDid);\n if (subjectMethod === \"web\") {\n const domain = getDomainFromDidWeb(params.subjectDid);\n if (domain) {\n // Try DNS TXT — pass the controllerDid directly\n try {\n const dnsResult = await verifyDnsTxtControllerDid(domain, controllerDid, {\n resolveTxt: params.resolveTxt,\n });\n if (dnsResult.valid) {\n currentlyVerified = true;\n liveMethod = \"dns\";\n }\n } catch {\n // DNS check failed\n }\n\n // Try did.json if DNS didn't work\n if (!currentlyVerified) {\n try {\n const fetchDoc = params.fetchDidDocument ?? fetchDidDocument;\n const didDoc = await fetchDoc(domain);\n const didJsonResult = verifyDidDocumentControllerDid(didDoc, controllerDid);\n if (didJsonResult.valid) {\n currentlyVerified = true;\n liveMethod = \"did-document\";\n }\n } catch {\n // did.json check failed\n }\n }\n }\n } else if (subjectMethod === \"pkh\") {\n if (isEvmDidPkh(params.subjectDid) && controllerEvmAddress) {\n // EVM contract ownership check\n const subjectContractAddress = getAddressFromDidPkh(params.subjectDid);\n const subjectChainId = getChainIdFromDidPkh(params.subjectDid);\n const chainIdNum = subjectChainId ? Number(subjectChainId) : null;\n\n if (subjectContractAddress && chainIdNum) {\n // Check if the controller directly owns the contract\n const ownerAddress = await discoverContractOwner(\n provider as unknown as ContractOwnershipProvider,\n subjectContractAddress\n );\n\n if (ownerAddress && getAddress(ownerAddress) === getAddress(controllerEvmAddress)) {\n currentlyVerified = true;\n liveMethod = \"contract-ownership\";\n }\n\n // If not the direct owner, check key binding transfer proof\n if (!currentlyVerified && keyBindingUid) {\n const relevantKeyBinding = await findKeyBindingWithTransferProof(\n keyBindingSchemaUid!,\n easContractAddress,\n provider,\n subjectAddress,\n controllerDid,\n controllerMethod,\n params.fromBlock ?? 0\n );\n\n if (relevantKeyBinding) {\n const proofTxHash = relevantKeyBinding.data?.proofTxHash as string | undefined;\n if (proofTxHash && /^0x[0-9a-fA-F]{64}$/.test(proofTxHash)) {\n const verified = await verifyTransferProof(\n provider as unknown as ContractOwnershipProvider,\n proofTxHash as Hex,\n params.subjectDid,\n controllerEvmAddress,\n chainIdNum\n );\n if (verified) {\n transferProofVerified = true;\n transferProofAnchor = relevantKeyBinding.time;\n }\n }\n }\n }\n }\n } else {\n // TODO: Non-EVM did:pkh subjects (e.g. Solana) need chain-specific\n // ownership verification. For now, these subjects cannot be verified\n // via contract ownership or transfer proof. Controller witnesses and\n // key bindings still apply.\n }\n }\n\n // Build result\n const witnessAnchor = relevantWitnesses.length > 0 ? relevantWitnesses[0].time : null;\n const anchoredFrom = witnessAnchor ?? transferProofAnchor;\n\n // Authorization requires at least one of:\n // - Controller witnesses with open window\n // - Live verification (DNS/did.json/contract-ownership)\n // - Key binding with verified transfer proof\n // Key purpose mismatch blocks authorization regardless.\n const purposeBlocks = keyPurposeStatus === \"mismatch\";\n const hasOpenWindow = relevantWitnesses.length > 0 && until === null;\n const hasKeyBindingWithProof = keyBindingUid !== null && transferProofVerified && until === null;\n const authorized = !purposeBlocks && (\n hasOpenWindow ||\n (currentlyVerified && until === null) ||\n hasKeyBindingWithProof\n );\n\n return {\n authorized,\n anchoredFrom,\n until,\n currentlyVerified,\n liveMethod,\n controllerWitnesses,\n keyBindingUid,\n keyPurposeStatus,\n transferProofVerified: transferProofVerified || undefined,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Check if a key binding attestation matches the requested controller DID.\n *\n * Matches by:\n * 1. keyId field — uses isSameControllerId for DID comparison\n * 2. publicKeyJwk field — for did:jwk controllers, compare the JWK material\n */\nfunction controllerMatchesKeyBinding(\n att: AttestationQueryResult,\n controllerDid: string,\n controllerMethod: string | null\n): boolean {\n const keyId = att.data?.keyId;\n\n // Match by keyId (DID comparison via isSameControllerId)\n if (typeof keyId === \"string\") {\n if (isSameControllerId(keyId, controllerDid)) {\n return true;\n }\n }\n\n // Match by publicKeyJwk (for did:jwk controllers)\n if (controllerMethod === \"jwk\") {\n const publicKeyJwkRaw = att.data?.publicKeyJwk;\n if (publicKeyJwkRaw) {\n try {\n const onChainJwk = typeof publicKeyJwkRaw === \"string\"\n ? JSON.parse(publicKeyJwkRaw)\n : publicKeyJwkRaw;\n const controllerJwk = didJwkToJwk(controllerDid);\n return publicJwkEquals(onChainJwk, controllerJwk);\n } catch {\n // JWK parsing or comparison failed\n }\n }\n }\n\n return false;\n}\n\nconst EAS_EVENT_ABI = [\n \"event Attested(address indexed recipient, address indexed attester, bytes32 uid, bytes32 indexed schemaUID)\",\n];\n\nfunction resolveWitnessMethod(\n value: unknown\n): ControllerWitnessEvidence[\"method\"] {\n if (typeof value !== \"string\") return undefined;\n switch (value) {\n case \"dns\":\n case \"dns-txt\":\n return \"dns\";\n case \"did-document\":\n case \"did-json\":\n return \"did-document\";\n case \"manual\":\n return \"manual\";\n default:\n return \"other\";\n }\n}\n\nasync function queryByRecipientAndSchema(\n easContractAddress: Hex,\n provider: never,\n recipient: string,\n schemas: Hex[],\n fromBlock: number\n): Promise<AttestationQueryResult[]> {\n const contract = new Contract(easContractAddress, EAS_EVENT_ABI, provider);\n const filter = contract.filters.Attested(recipient, null);\n\n const toBlock = await (\n provider as unknown as { getBlockNumber: () => Promise<number> }\n ).getBlockNumber();\n\n let events;\n try {\n events = await contract.queryFilter(filter, fromBlock, toBlock);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to query attestation events\", { err });\n }\n\n const eas = new EAS(easContractAddress);\n eas.connect(provider);\n\n const schemaFilter = schemas.map((s) => s.toLowerCase());\n const results: AttestationQueryResult[] = [];\n\n for (const event of events) {\n if (!(\"args\" in event) || !Array.isArray(event.args)) continue;\n const args = event.args as unknown[];\n const uid = args?.[2] as Hex | undefined;\n const schemaUid = args?.[3] as Hex | undefined;\n\n if (!uid || !schemaUid) continue;\n if (!schemaFilter.includes(schemaUid.toLowerCase())) continue;\n\n const attestation = (await eas.getAttestation(uid)) as unknown as Record<string, unknown> | null;\n if (!attestation || !attestation.uid) continue;\n\n // Decode attestation data — try controller-witness schema first, then key-binding\n let data: Record<string, unknown> = {};\n const rawData = attestation.data as Hex | undefined;\n if (rawData && rawData !== \"0x\") {\n try {\n data = decodeAttestationData(\n \"string subject, string controller, string method\",\n rawData\n );\n } catch {\n try {\n data = decodeAttestationData(\n \"string subject, string keyId, string publicKeyJwk, string[] keyPurpose, string[] proofs, uint256 issuedAt, uint256 effectiveAt, uint256 expiresAt\",\n rawData\n );\n } catch {\n // Leave data empty — unknown schema format\n }\n }\n }\n\n const toBigIntSafe = (value: unknown): bigint => {\n if (typeof value === \"bigint\") return value;\n if (typeof value === \"number\") return BigInt(value);\n if (typeof value === \"string\" && value.length > 0) return BigInt(value);\n return 0n;\n };\n\n results.push({\n uid: attestation.uid as Hex,\n schema: attestation.schema as Hex,\n attester: attestation.attester as Hex,\n recipient: attestation.recipient as Hex,\n revocable: Boolean(attestation.revocable),\n revocationTime: toBigIntSafe(attestation.revocationTime),\n expirationTime: toBigIntSafe(attestation.expirationTime),\n time: toBigIntSafe(attestation.time),\n refUID: attestation.refUID as Hex,\n data,\n });\n }\n\n return results;\n}\n\n/**\n * Find the key binding attestation that includes a transfer proof for this controller.\n */\nasync function findKeyBindingWithTransferProof(\n keyBindingSchemaUid: Hex,\n easContractAddress: Hex,\n provider: never,\n subjectAddress: string,\n controllerDid: string,\n controllerMethod: string | null,\n fromBlock: number\n): Promise<AttestationQueryResult | null> {\n const keyBindings = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [keyBindingSchemaUid],\n fromBlock\n );\n\n // Find key bindings for this controller that have a proofTxHash in proofs\n const withProof = keyBindings\n .filter((att) => {\n if (!controllerMatchesKeyBinding(att, controllerDid, controllerMethod)) return false;\n // Check if proofs contain a transaction hash\n const proofs = att.data?.proofs;\n if (Array.isArray(proofs)) {\n return proofs.some((p) => typeof p === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(p));\n }\n return typeof att.data?.proofTxHash === \"string\";\n })\n .sort((a, b) => Number(b.time - a.time)); // newest first\n\n return withProof[0] ?? null;\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { Hex, TxInteractionProof } from \"../types\";\n\nexport function createTxInteractionProof(chainId: number, txHash: Hex): TxInteractionProof {\n if (!/^0x[0-9a-fA-F]{64}$/.test(txHash)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"txHash must be a 32-byte hex string\", { txHash });\n }\n\n return {\n proofType: \"tx-interaction\",\n proofPurpose: \"commercial-tx\",\n proofObject: {\n chainId: `eip155:${chainId}`,\n txHash\n },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","import { hexlify, randomBytes } from \"ethers\";\nimport type { Hex, PopEip712Proof, ProofPurpose } from \"../types\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport { getOmaTrustProofEip712Types } from \"./eip712\";\n\nexport type CreatePopEip712ProofParams = {\n signer: string;\n authorizedEntity: string;\n signingPurpose: ProofPurpose;\n chainId: number;\n creationTimestamp?: number;\n expirationTimestamp?: number;\n randomValue?: Hex;\n statement?: string;\n};\n\nexport async function createPopEip712Proof(\n params: CreatePopEip712ProofParams,\n signFn: (typedData: Record<string, unknown>) => Promise<Hex>\n): Promise<PopEip712Proof> {\n if (!params.signer || !params.authorizedEntity) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer and authorizedEntity are required\", { params });\n }\n\n const now = Math.floor(Date.now() / 1000);\n const creationTimestamp = params.creationTimestamp ?? now;\n const expirationTimestamp = params.expirationTimestamp ?? now + 600;\n const randomValue = params.randomValue ?? (hexlify(randomBytes(32)) as Hex);\n\n const message = {\n signer: params.signer,\n authorizedEntity: params.authorizedEntity,\n signingPurpose: params.signingPurpose,\n creationTimestamp,\n expirationTimestamp,\n randomValue,\n statement: params.statement ?? \"This is not a transaction or asset approval.\"\n };\n\n const { types, primaryType } = getOmaTrustProofEip712Types();\n const typedData = {\n domain: {\n name: \"OMATrust Proof\",\n version: \"1\",\n chainId: params.chainId\n },\n types,\n primaryType,\n message\n };\n\n const signature = await signFn(typedData);\n\n return {\n proofType: \"pop-eip712\",\n proofObject: {\n domain: typedData.domain,\n message,\n signature\n },\n version: 1,\n issuedAt: creationTimestamp,\n expiresAt: expirationTimestamp\n };\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { Did, PopJwsProof, ProofPurpose } from \"../types\";\n\nexport type CreatePopJwsProofParams = {\n issuer: Did;\n audience: Did;\n purpose: ProofPurpose;\n issuedAt?: number;\n expiresAt?: number;\n nonce?: string;\n};\n\nexport async function createPopJwsProof(\n params: CreatePopJwsProofParams,\n signFn: (\n payload: Record<string, unknown>,\n header: Record<string, unknown>\n ) => Promise<string>\n): Promise<PopJwsProof> {\n if (!params.issuer || !params.audience) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"issuer and audience are required\", { params });\n }\n\n const now = Math.floor(Date.now() / 1000);\n const payload = {\n iss: params.issuer,\n aud: params.audience,\n purpose: params.purpose,\n iat: params.issuedAt ?? now,\n exp: params.expiresAt ?? now + 600,\n nonce:\n params.nonce ??\n (globalThis.crypto?.randomUUID ? globalThis.crypto.randomUUID() : `${Date.now()}-${Math.random()}`)\n };\n\n const header = {\n typ: \"JWT\",\n alg: \"ES256K\"\n };\n\n const jws = await signFn(payload, header);\n\n return {\n proofType: \"pop-jws\",\n proofObject: jws,\n proofPurpose: params.purpose,\n version: 1,\n issuedAt: payload.iat,\n expiresAt: payload.exp\n };\n}\n","import type { X402OfferProof, X402ReceiptProof } from \"../types\";\n\nexport function createX402ReceiptProof(receipt: Record<string, unknown>): X402ReceiptProof {\n return {\n proofType: \"x402-receipt\",\n proofPurpose: \"commercial-tx\",\n proofObject: receipt,\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n\nexport function createX402OfferProof(offer: Record<string, unknown>): X402OfferProof {\n return {\n proofType: \"x402-offer\",\n proofPurpose: \"commercial-tx\",\n proofObject: offer,\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","/**\n * Unified x402 Artifact Verification\n *\n * Auto-detects format (JWS or EIP-712) and artifact type (offer or receipt),\n * then delegates to the appropriate verifier.\n *\n * This is the recommended entry point for callers who receive an x402 artifact\n * and don't want to branch on format themselves.\n */\n\nimport {\n verifyX402JwsOffer,\n verifyX402JwsReceipt,\n verifyX402JwsArtifact,\n type X402JwsArtifact,\n type X402JwsVerifyOptions,\n} from \"./x402-jws\";\nimport {\n verifyX402Eip712Offer,\n verifyX402Eip712Receipt,\n type X402Eip712Artifact,\n type Eip712VerificationResult,\n type Eip712VerificationFailure,\n} from \"./x402-eip712\";\nimport type {\n JwsVerificationResult,\n JwsVerificationFailure,\n} from \"../../identity/types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Any x402 artifact envelope (JWS or EIP-712) */\nexport type X402Artifact = X402JwsArtifact | X402Eip712Artifact | { format: string; [key: string]: unknown };\n\n/** Options for unified x402 verification */\nexport interface VerifyX402Options {\n /**\n * Artifact type: \"offer\" or \"receipt\".\n * Required so the verifier knows which payload fields to validate.\n */\n artifactType: \"offer\" | \"receipt\";\n\n /**\n * Options for JWS DID URL key resolution (only used for JWS format with kid).\n */\n resolveOptions?: X402JwsVerifyOptions[\"resolveOptions\"];\n}\n\n/** Successful result from unified verification */\nexport type X402VerificationSuccess = JwsVerificationResult | Eip712VerificationResult;\n\n/** Failed result from unified verification */\nexport type X402VerificationFailure = JwsVerificationFailure | Eip712VerificationFailure;\n\n/** Result from unified verification */\nexport type X402VerificationResult = X402VerificationSuccess | X402VerificationFailure;\n\n// ---------------------------------------------------------------------------\n// Unified Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 artifact, auto-detecting format (JWS or EIP-712).\n *\n * This is the recommended single entry point for x402 verification.\n * It inspects the `format` field and delegates to the appropriate verifier.\n *\n * @param artifact - The x402 artifact object (must have a `format` field)\n * @param options - Must specify `artifactType` (\"offer\" or \"receipt\")\n * @returns Verification result (success or failure, format-specific)\n *\n * @example\n * ```ts\n * const result = await verifyX402Artifact(receiptFromServer, { artifactType: \"receipt\" });\n * if (result.valid) {\n * // JWS: result.publicKeyDid is the did:jwk for authorization\n * // EIP-712: result.signer is the recovered address\n * }\n * ```\n */\nexport async function verifyX402Artifact(\n artifact: X402Artifact,\n options: VerifyX402Options\n): Promise<X402VerificationResult> {\n if (!artifact || typeof artifact !== \"object\") {\n return {\n valid: false,\n error: { code: \"INVALID_ARTIFACT\", message: \"Artifact must be a non-null object\" },\n };\n }\n\n const format = (artifact as Record<string, unknown>).format;\n\n switch (format) {\n case \"jws\": {\n const jwsArtifact = artifact as X402JwsArtifact;\n const jwsOptions: X402JwsVerifyOptions | undefined = options.resolveOptions\n ? { resolveOptions: options.resolveOptions }\n : undefined;\n\n if (options.artifactType === \"offer\") {\n return verifyX402JwsOffer(jwsArtifact, jwsOptions);\n }\n return verifyX402JwsReceipt(jwsArtifact, jwsOptions);\n }\n\n case \"eip712\": {\n const eip712Artifact = artifact as X402Eip712Artifact;\n if (options.artifactType === \"offer\") {\n return verifyX402Eip712Offer(eip712Artifact);\n }\n return verifyX402Eip712Receipt(eip712Artifact);\n }\n\n default:\n return {\n valid: false,\n error: {\n code: \"UNSUPPORTED_FORMAT\",\n message: `Unsupported x402 artifact format: \"${format}\"`,\n },\n };\n }\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { EvidencePointerProof } from \"../types\";\n\nexport function createEvidencePointerProof(url: string): EvidencePointerProof {\n if (!url || typeof url !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"url must be a non-empty string\", { url });\n }\n\n return {\n proofType: \"evidence-pointer\",\n proofPurpose: \"shared-control\",\n proofObject: { url },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","import { resolveTxt } from \"node:dns/promises\";\nimport {\n verifyDnsTxtControllerDid as verifyShared,\n type VerifyDnsTxtControllerDidOptions,\n} from \"./dns-txt-shared\";\nimport type { Did } from \"../types\";\n\nexport { parseDnsTxtRecord, buildDnsTxtRecord } from \"./dns-txt-record\";\nexport type { DnsTxtRecordResult } from \"./dns-txt-record\";\nexport type { VerifyDnsTxtControllerDidOptions };\n\nexport function verifyDnsTxtControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDnsTxtControllerDidOptions = {}\n) {\n return verifyShared(domain, expectedControllerDid, {\n ...options,\n resolveTxt: options.resolveTxt ?? resolveTxt,\n });\n}\n","import {\n getAddress,\n isAddress\n} from \"ethers\";\nimport {\n buildEvmDidPkh,\n extractDidMethod,\n getAddressFromDidPkh,\n getChainIdFromDidPkh,\n getDomainFromDidWeb,\n isEvmDidPkh,\n normalizeDid\n} from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { Did, Hex } from \"./types\";\nimport { verifyDidJsonControllerDid } from \"./proof/did-json\";\nimport {\n verifyDnsTxtControllerDid,\n type VerifyDnsTxtControllerDidOptions\n} from \"./proof/dns-txt-shared\";\nimport { calculateTransferAmount } from \"./proof/tx-encoded-value\";\nimport {\n discoverContractOwner,\n discoverControllingWalletDid,\n readOwnerFromContract,\n OWNERSHIP_PATTERNS,\n EIP1967_ADMIN_SLOT,\n type ContractOwnershipProvider\n} from \"./contract-ownership\";\n\nexport type SubjectOwnershipVerificationMethod =\n | \"dns\"\n | \"did-document\"\n | \"wallet\"\n | \"contract\"\n | \"minting-wallet\"\n | \"transfer\";\n\nexport interface SubjectOwnershipVerificationResult {\n valid: boolean;\n method?: SubjectOwnershipVerificationMethod;\n reason?: string;\n details?: string;\n subjectDid: Did;\n connectedWalletDid: Did;\n controllingWalletDid?: Did;\n}\n\nexport interface EvmOwnershipProvider extends ContractOwnershipProvider {\n getTransactionReceipt(hash: string): Promise<{\n blockNumber: number;\n } | null>;\n getBlockNumber(): Promise<number>;\n getBlock(blockNumber: number): Promise<{ timestamp: number } | null>;\n}\n\nexport interface VerifyDidWebOwnershipParams extends VerifyDnsTxtControllerDidOptions {\n subjectDid: Did;\n connectedWalletDid: Did;\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\nexport interface VerifyDidPkhOwnershipParams {\n subjectDid: Did;\n connectedWalletDid: Did;\n provider: EvmOwnershipProvider;\n txHash?: Hex | string;\n}\n\nexport type VerifySubjectOwnershipParams =\n | VerifyDidWebOwnershipParams\n | (VerifyDidPkhOwnershipParams & VerifyDnsTxtControllerDidOptions);\n\nfunction assertConnectedWalletDid(input: string): Did {\n const normalized = normalizeDid(input);\n if (extractDidMethod(normalized) !== \"pkh\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"connectedWalletDid must be a did:pkh DID\", {\n connectedWalletDid: input\n });\n }\n return normalized;\n}\n\nfunction normalizeSubjectDid(input: string): Did {\n return normalizeDid(input);\n}\n\nexport async function verifyDidWebOwnership(\n params: VerifyDidWebOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const connectedWalletDid = assertConnectedWalletDid(params.connectedWalletDid);\n const domain = getDomainFromDidWeb(subjectDid);\n\n if (!domain) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"subjectDid must be a did:web DID\", {\n subjectDid: params.subjectDid\n });\n }\n\n let dnsReason: string | undefined;\n try {\n const dnsResult = await verifyDnsTxtControllerDid(domain, connectedWalletDid, {\n resolveTxt: params.resolveTxt,\n recordPrefix: params.recordPrefix\n });\n if (dnsResult.valid) {\n return {\n valid: true,\n method: \"dns\",\n details: `Verified via DNS TXT record at ${(params.recordPrefix ?? \"_controllers\")}.${domain}`,\n subjectDid,\n connectedWalletDid\n };\n }\n dnsReason = dnsResult.reason;\n } catch (error) {\n dnsReason = error instanceof Error ? error.message : \"DNS TXT verification failed\";\n }\n\n let didDocReason: string | undefined;\n try {\n const didDocumentResult = await verifyDidJsonControllerDid(domain, connectedWalletDid, {\n fetchDidDocument: params.fetchDidDocument\n });\n if (didDocumentResult.valid) {\n return {\n valid: true,\n method: \"did-document\",\n details: `Verified via DID document at https://${domain}/.well-known/did.json`,\n subjectDid,\n connectedWalletDid\n };\n }\n didDocReason = didDocumentResult.reason;\n } catch (error) {\n didDocReason = error instanceof Error ? error.message : \"DID document verification failed\";\n }\n\n return {\n valid: false,\n reason: \"DID ownership verification failed\",\n details: `DNS check: ${dnsReason ?? \"failed\"}. DID document check: ${didDocReason ?? \"failed\"}.`,\n subjectDid,\n connectedWalletDid\n };\n}\n\nexport async function verifyDidPkhOwnership(\n params: VerifyDidPkhOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const connectedWalletDid = assertConnectedWalletDid(params.connectedWalletDid);\n\n if (!isEvmDidPkh(subjectDid)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"subjectDid must be an EVM did:pkh DID\", {\n subjectDid: params.subjectDid\n });\n }\n\n const subjectAddress = getAddressFromDidPkh(subjectDid);\n const connectedWalletAddress = getAddressFromDidPkh(connectedWalletDid);\n const chainIdRaw = getChainIdFromDidPkh(subjectDid);\n\n if (!subjectAddress || !connectedWalletAddress || !chainIdRaw) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Could not parse did:pkh ownership inputs\", {\n subjectDid: params.subjectDid,\n connectedWalletDid: params.connectedWalletDid\n });\n }\n\n const chainId = Number(chainIdRaw);\n if (!Number.isFinite(chainId)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid chain id in subjectDid\", {\n subjectDid: params.subjectDid\n });\n }\n\n const code = await params.provider.getCode(subjectAddress);\n const isContract = code !== \"0x\" && code !== \"0x0\";\n\n if (!isContract) {\n if (getAddress(subjectAddress) === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"wallet\",\n details: \"Verified direct wallet ownership from matching did:pkh subject and connected wallet\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n return {\n valid: false,\n reason: \"EOA did:pkh subject does not match connected wallet\",\n details: \"For direct wallet did:pkh subjects, connectedWalletDid must match the subject DID.\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n const controllingWalletDid = await discoverControllingWalletDid(params.provider, subjectAddress, chainId);\n\n if (params.txHash) {\n if (!controllingWalletDid) {\n return {\n valid: false,\n reason: \"Could not discover controlling wallet\",\n details:\n \"Contract does not expose owner/admin/getOwner or a readable EIP-1967 admin slot for transfer verification.\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n const tx = await params.provider.getTransaction(params.txHash);\n if (!tx) {\n return {\n valid: false,\n reason: \"Transaction not found\",\n details: `Transaction ${params.txHash} was not found on chain ${chainId}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const receipt = await params.provider.getTransactionReceipt(params.txHash);\n if (!receipt) {\n return {\n valid: false,\n reason: \"Transaction not confirmed\",\n details: \"Transaction exists but is not yet confirmed.\",\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const controllingWalletAddress = getAddressFromDidPkh(controllingWalletDid);\n if (!tx.from || !controllingWalletAddress || getAddress(tx.from) !== getAddress(controllingWalletAddress)) {\n return {\n valid: false,\n reason: \"Wrong sender\",\n details: `Transfer must originate from controlling wallet ${controllingWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n if (!tx.to || getAddress(tx.to) !== getAddress(connectedWalletAddress)) {\n return {\n valid: false,\n reason: \"Wrong recipient\",\n details: `Transfer must be sent to connected wallet ${connectedWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const expectedAmount = calculateTransferAmount(\n subjectDid,\n connectedWalletDid,\n chainId,\n \"shared-control\"\n );\n const actualValue = BigInt(tx.value ?? 0n);\n\n if (actualValue !== expectedAmount) {\n return {\n valid: false,\n reason: \"Wrong amount\",\n details: `Transfer amount ${actualValue.toString()} does not match expected proof amount ${expectedAmount.toString()}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n await params.provider.getBlockNumber();\n await params.provider.getBlock(receipt.blockNumber);\n\n return {\n valid: true,\n method: \"transfer\",\n details: `Verified via transfer proof ${params.txHash}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n for (const pattern of OWNERSHIP_PATTERNS) {\n const ownerAddress = await readOwnerFromContract(\n params.provider,\n subjectAddress,\n pattern.signature,\n pattern.method\n );\n\n if (ownerAddress && getAddress(ownerAddress) === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"contract\",\n details: `Verified via ${pattern.method}() ownership check.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? undefined\n };\n }\n }\n\n try {\n const adminValue = await params.provider.getStorage(subjectAddress, EIP1967_ADMIN_SLOT);\n if (\n adminValue &&\n adminValue !== \"0x\" &&\n adminValue !== \"0x0000000000000000000000000000000000000000000000000000000000000000\"\n ) {\n const adminAddress = getAddress(`0x${adminValue.slice(-40)}`);\n if (adminAddress === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"contract\",\n details: \"Verified via EIP-1967 admin slot.\",\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? buildEvmDidPkh(chainId, adminAddress)\n };\n }\n }\n } catch {\n // ignore; final fallback below returns a stable invalid result\n }\n\n if (\n getAddress(subjectAddress) === getAddress(connectedWalletAddress) &&\n controllingWalletDid\n ) {\n return {\n valid: true,\n method: \"minting-wallet\",\n details: `Verified because connected wallet matches the contract DID address. Controlling wallet is ${controllingWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n return {\n valid: false,\n reason: \"Contract ownership verification failed\",\n details:\n controllingWalletDid\n ? `Connected wallet ${connectedWalletDid} does not match the controlling wallet ${controllingWalletDid} or the subject contract address ${subjectDid}.`\n : `Could not match connected wallet ${connectedWalletDid} to contract ownership for ${subjectDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? undefined\n };\n}\n\nexport async function verifySubjectOwnership(\n params: VerifySubjectOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const method = extractDidMethod(subjectDid);\n\n if (method === \"web\") {\n return verifyDidWebOwnership(params as VerifyDidWebOwnershipParams);\n }\n\n if (method === \"pkh\") {\n const didPkhParams = params as VerifyDidPkhOwnershipParams;\n if (!didPkhParams.provider) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n \"provider is required for did:pkh ownership verification\",\n { subjectDid }\n );\n }\n return verifyDidPkhOwnership(didPkhParams);\n }\n\n throw new OmaTrustError(\"INVALID_INPUT\", \"Unsupported DID type for ownership verification\", {\n subjectDid\n });\n}\n","/**\n * Schema-Aware Proof Verification\n *\n * Provides higher-level proof verification that understands attestation schema semantics.\n * Unlike the generic verifyProof() which validates proof structure and signatures,\n * these functions verify that proof signers match the claimed identities in the attestation.\n *\n * - verifyLinkedIdentifierProofs: Verifies that proofs demonstrate shared control\n * between subject and linkedId\n * - verifyKeyBindingProofs: Verifies that proofs demonstrate the subject authorized\n * the keyId binding\n */\n\nimport { getAddress } from \"ethers\";\nimport { extractAddressFromDid, extractDidMethod } from \"../identity/did\";\nimport { didJwkToJwk, publicJwkEquals } from \"../identity/jwk\";\nimport { verifyEip712Signature } from \"./proof/eip712\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { ProofWrapper, PopEip712Proof, PopJwsProof, Did } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Attestation data for a Linked Identifier schema */\nexport interface LinkedIdentifierData {\n subject: Did;\n linkedId: Did;\n proofs: ProofWrapper[];\n attester?: string;\n}\n\n/** Attestation data for a Key Binding schema */\nexport interface KeyBindingData {\n subject: Did;\n keyId: Did;\n publicKeyJwk?: Record<string, unknown>;\n proofs: ProofWrapper[];\n attester?: string;\n}\n\n/** Result of schema-aware proof verification */\nexport interface SchemaProofVerificationResult {\n /** Whether all required proof checks passed */\n valid: boolean;\n /** Individual check results */\n checks: SchemaProofCheck[];\n /** Human-readable reasons for any failures */\n reasons: string[];\n}\n\n/** Individual proof check result */\nexport interface SchemaProofCheck {\n /** Which proof (by index) was checked */\n proofIndex: number;\n /** The proof type */\n proofType: string;\n /** What the check verified */\n checkType: \"signer-is-subject\" | \"signer-is-linkedId\" | \"signer-is-keyId\" | \"signer-is-subject-for-key\";\n /** Whether this check passed */\n valid: boolean;\n /** Failure reason if not valid */\n reason?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Extract the signer identity from a pop-eip712 proof.\n * Recovers the signer address from the EIP-712 signature.\n */\nfunction extractEip712Signer(proof: PopEip712Proof): string | null {\n const { domain, message, signature } = proof.proofObject;\n\n const typedData = {\n domain,\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" },\n ],\n },\n message,\n };\n\n try {\n const result = verifyEip712Signature(typedData, signature);\n return result.valid && result.signer ? result.signer : null;\n } catch (err) {\n console.warn(\"[omatrust] EIP-712 signer extraction failed:\", err);\n return null;\n }\n}\n\n/**\n * Extract the JWK from a pop-jws proof header.\n * Decodes the JWS header to get the embedded public key.\n */\nfunction extractJwsHeaderJwk(proof: PopJwsProof): Record<string, unknown> | null {\n const jws = proof.proofObject;\n if (typeof jws !== \"string\") return null;\n\n const parts = jws.split(\".\");\n if (parts.length !== 3) return null;\n\n try {\n const headerB64 = parts[0].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = headerB64.padEnd(\n headerB64.length + ((4 - (headerB64.length % 4)) % 4),\n \"=\"\n );\n let headerJson: string;\n if (typeof atob === \"function\") {\n headerJson = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n headerJson = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n const header = JSON.parse(headerJson) as Record<string, unknown>;\n return (header.jwk as Record<string, unknown>) ?? null;\n } catch {\n return null;\n }\n}\n\n/**\n * Extract the JWS payload claims.\n */\nfunction extractJwsPayload(proof: PopJwsProof): Record<string, unknown> | null {\n const jws = proof.proofObject;\n if (typeof jws !== \"string\") return null;\n\n const parts = jws.split(\".\");\n if (parts.length !== 3) return null;\n\n try {\n const payloadB64 = parts[1].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = payloadB64.padEnd(\n payloadB64.length + ((4 - (payloadB64.length % 4)) % 4),\n \"=\"\n );\n let payloadJson: string;\n if (typeof atob === \"function\") {\n payloadJson = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n payloadJson = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n return JSON.parse(payloadJson) as Record<string, unknown>;\n } catch {\n return null;\n }\n}\n\n/**\n * Check if a signer address matches a DID.\n * Supports did:pkh (EVM) and did:ethr.\n */\nfunction signerMatchesDid(signerAddress: string, did: Did): boolean {\n try {\n const didAddress = extractAddressFromDid(did);\n return getAddress(signerAddress).toLowerCase() === getAddress(didAddress).toLowerCase();\n } catch {\n return false;\n }\n}\n\n/**\n * Check if a JWK matches a did:jwk or did:key DID.\n */\nfunction jwkMatchesDid(jwk: Record<string, unknown>, did: Did): boolean {\n const method = extractDidMethod(did);\n\n if (method === \"jwk\") {\n try {\n const didJwk = didJwkToJwk(did);\n return publicJwkEquals(jwk, didJwk);\n } catch {\n return false;\n }\n }\n\n // For other methods, can't match by JWK\n return false;\n}\n\n/**\n * Determine if a proof's signer matches a given DID.\n * Works across proof types (pop-eip712, pop-jws).\n */\nfunction proofSignerMatchesDid(proof: ProofWrapper, did: Did): boolean {\n switch (proof.proofType) {\n case \"pop-eip712\": {\n const signer = extractEip712Signer(proof as PopEip712Proof);\n if (!signer) return false;\n return signerMatchesDid(signer, did);\n }\n\n case \"pop-jws\": {\n const jwsProof = proof as PopJwsProof;\n const jwk = extractJwsHeaderJwk(jwsProof);\n\n // Check if the JWK in the header matches the DID\n if (jwk && jwkMatchesDid(jwk, did)) return true;\n\n // Also check the iss claim in the payload\n const payload = extractJwsPayload(jwsProof);\n if (payload && typeof payload.iss === \"string\") {\n // If iss matches the target DID, the proof is from that identity\n if (payload.iss === did) return true;\n }\n\n return false;\n }\n\n case \"tx-encoded-value\":\n case \"tx-interaction\":\n // Transaction proofs: the tx sender is the signer — would need on-chain lookup\n // These are validated separately by verifyProof with provider\n return false;\n\n case \"evidence-pointer\":\n // Evidence pointers don't have a cryptographic signer — they're URL-based\n return false;\n\n default:\n return false;\n }\n}\n\n/**\n * Check the \"authorizedEntity\" (aud) field of a proof matches a DID.\n * For pop-eip712: message.authorizedEntity\n * For pop-jws: payload.aud\n */\nfunction proofAuthorizedEntityMatchesDid(proof: ProofWrapper, did: Did): boolean {\n switch (proof.proofType) {\n case \"pop-eip712\": {\n const eip712 = proof as PopEip712Proof;\n const authorizedEntity = eip712.proofObject.message.authorizedEntity;\n return typeof authorizedEntity === \"string\" && authorizedEntity === did;\n }\n\n case \"pop-jws\": {\n const payload = extractJwsPayload(proof as PopJwsProof);\n if (!payload) return false;\n return typeof payload.aud === \"string\" && payload.aud === did;\n }\n\n default:\n return false;\n }\n}\n\n// ---------------------------------------------------------------------------\n// Schema-Aware Verification: Linked Identifier\n// ---------------------------------------------------------------------------\n\n/**\n * Verify proofs for a Linked Identifier attestation.\n *\n * A Linked Identifier attestation asserts that subject and linkedId are controlled\n * by the same entity. The proof semantics require:\n *\n * - At least one proof where the signer IS the subject (subject proves control)\n * - At least one proof where the signer IS the linkedId (linkedId proves control)\n *\n * OR (for non-signer identities like handles):\n * - Evidence-pointer proofs at locations controlled by the identity\n *\n * The combination demonstrates mutual agreement / shared control.\n *\n * @param data - The linked identifier attestation data\n * @returns Verification result with individual check details\n */\nexport function verifyLinkedIdentifierProofs(\n data: LinkedIdentifierData\n): SchemaProofVerificationResult {\n if (!data.subject || !data.linkedId) {\n return {\n valid: false,\n checks: [],\n reasons: [\"subject and linkedId are required\"],\n };\n }\n\n if (!Array.isArray(data.proofs) || data.proofs.length === 0) {\n return {\n valid: false,\n checks: [],\n reasons: [\"At least one proof is required\"],\n };\n }\n\n const checks: SchemaProofCheck[] = [];\n let subjectProved = false;\n let linkedIdProved = false;\n\n for (let i = 0; i < data.proofs.length; i++) {\n const proof = data.proofs[i];\n\n // Check if this proof's signer is the subject\n if (proofSignerMatchesDid(proof, data.subject)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: true,\n });\n subjectProved = true;\n\n // Also verify the aud/authorizedEntity matches linkedId\n if (!proofAuthorizedEntityMatchesDid(proof, data.linkedId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: false,\n reason: \"Proof from subject does not authorize linkedId (aud mismatch)\",\n });\n }\n }\n\n // Check if this proof's signer is the linkedId\n if (proofSignerMatchesDid(proof, data.linkedId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-linkedId\",\n valid: true,\n });\n linkedIdProved = true;\n\n // Also verify the aud/authorizedEntity matches subject\n if (!proofAuthorizedEntityMatchesDid(proof, data.subject)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-linkedId\",\n valid: false,\n reason: \"Proof from linkedId does not authorize subject (aud mismatch)\",\n });\n }\n }\n\n // Evidence pointers count for non-signer identities\n if (proof.proofType === \"evidence-pointer\") {\n // Evidence pointers prove control of the URL location.\n // We can't definitively map URL → DID without fetching, so we give partial credit.\n // Full verification of evidence-pointer proofs should be done with verifyProof().\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: true,\n reason: \"Evidence pointer accepted (requires URL fetch for full verification)\",\n });\n subjectProved = true;\n }\n }\n\n const reasons: string[] = [];\n if (!subjectProved) {\n reasons.push(\"No proof demonstrates control by subject\");\n }\n if (!linkedIdProved) {\n reasons.push(\"No proof demonstrates control by linkedId\");\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Schema-Aware Verification: Key Binding\n// ---------------------------------------------------------------------------\n\n/**\n * Verify proofs for a Key Binding attestation.\n *\n * A Key Binding attestation asserts that the subject authorized a specific key (keyId).\n * The proof semantics require:\n *\n * - At least one proof where the signer IS the subject (subject authorized the binding)\n * AND the proof's authorizedEntity/aud references the keyId\n *\n * Optionally, if publicKeyJwk is provided:\n * - The proof's signer key material should match publicKeyJwk for did:jwk keyIds\n *\n * @param data - The key binding attestation data\n * @returns Verification result with individual check details\n */\nexport function verifyKeyBindingProofs(\n data: KeyBindingData\n): SchemaProofVerificationResult {\n if (!data.subject || !data.keyId) {\n return {\n valid: false,\n checks: [],\n reasons: [\"subject and keyId are required\"],\n };\n }\n\n if (!Array.isArray(data.proofs) || data.proofs.length === 0) {\n return {\n valid: false,\n checks: [],\n reasons: [\"At least one proof is required\"],\n };\n }\n\n const checks: SchemaProofCheck[] = [];\n let subjectAuthorizedKey = false;\n\n for (let i = 0; i < data.proofs.length; i++) {\n const proof = data.proofs[i];\n\n // Primary check: proof signer is the subject and authorizes the keyId\n if (proofSignerMatchesDid(proof, data.subject)) {\n const authorizesKey = proofAuthorizedEntityMatchesDid(proof, data.keyId);\n\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject-for-key\",\n valid: authorizesKey,\n reason: authorizesKey\n ? undefined\n : \"Proof signed by subject but does not authorize the keyId\",\n });\n\n if (authorizesKey) {\n subjectAuthorizedKey = true;\n }\n }\n\n // Secondary check: proof signer is the keyId itself (self-attestation)\n // This proves the key is active but doesn't prove authorization by subject\n if (proofSignerMatchesDid(proof, data.keyId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-keyId\",\n valid: true,\n reason: \"Key proved possession (supplementary, not sufficient alone)\",\n });\n }\n\n // Evidence pointers\n if (proof.proofType === \"evidence-pointer\") {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject-for-key\",\n valid: true,\n reason: \"Evidence pointer accepted (requires URL fetch for full verification)\",\n });\n subjectAuthorizedKey = true;\n }\n }\n\n // Additional JWK consistency check if publicKeyJwk is provided\n if (data.publicKeyJwk && extractDidMethod(data.keyId) === \"jwk\") {\n try {\n const keyIdJwk = didJwkToJwk(data.keyId);\n const jwkConsistent = publicJwkEquals(data.publicKeyJwk, keyIdJwk);\n if (!jwkConsistent) {\n return {\n valid: false,\n checks,\n reasons: [\"publicKeyJwk does not match the key material in keyId (did:jwk)\"],\n };\n }\n } catch {\n // Can't compare — not a blocking error\n }\n }\n\n const reasons: string[] = [];\n if (!subjectAuthorizedKey) {\n reasons.push(\n \"No proof demonstrates that subject authorized the key binding\"\n );\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons,\n };\n}\n","export * from \"./types\";\nexport * from \"./traits\";\nexport * from \"./interfaces\";\nexport * from \"./status\";\nexport * from \"./version\";\nexport * from \"./metadata-keys\";\nexport * from \"./data-hash\";\n","import { id } from \"ethers\";\nimport { assertString } from \"../shared/assert\";\n\ntype Hex = `0x${string}`;\n\nexport function hashTrait(trait: string): Hex {\n assertString(trait, \"trait\");\n return id(trait) as Hex;\n}\n\nexport function hashTraits(traits: string[]): Hex[] {\n if (!Array.isArray(traits)) {\n throw new TypeError(\"traits must be an array\");\n }\n return traits.map((trait) => hashTrait(trait));\n}\n","import type { InterfaceFlags, InterfaceType } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nconst BIT_HUMAN = 1;\nconst BIT_API = 2;\nconst BIT_CONTRACT = 4;\n\nexport function computeInterfacesBitmap(flags: InterfaceFlags): number {\n return (flags.human ? BIT_HUMAN : 0) +\n (flags.api ? BIT_API : 0) +\n (flags.smartContract ? BIT_CONTRACT : 0);\n}\n\nexport function parseBitmapToFlags(bitmap: number): InterfaceFlags {\n return {\n human: (bitmap & BIT_HUMAN) !== 0,\n api: (bitmap & BIT_API) !== 0,\n smartContract: (bitmap & BIT_CONTRACT) !== 0\n };\n}\n\nexport function hasInterface(bitmap: number, type: InterfaceType): boolean {\n switch (type) {\n case \"human\":\n return (bitmap & BIT_HUMAN) !== 0;\n case \"api\":\n return (bitmap & BIT_API) !== 0;\n case \"contract\":\n return (bitmap & BIT_CONTRACT) !== 0;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Unsupported interface type\", { type });\n }\n}\n\nexport function getInterfaceTypes(bitmap: number): InterfaceType[] {\n const results: InterfaceType[] = [];\n if (hasInterface(bitmap, \"human\")) {\n results.push(\"human\");\n }\n if (hasInterface(bitmap, \"api\")) {\n results.push(\"api\");\n }\n if (hasInterface(bitmap, \"contract\")) {\n results.push(\"contract\");\n }\n return results;\n}\n","import type { RegistryStatus } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nexport function registryCodeToStatus(code: number): RegistryStatus {\n switch (code) {\n case 0:\n return \"Active\";\n case 1:\n return \"Deprecated\";\n case 2:\n return \"Replaced\";\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid registry status code\", { code });\n }\n}\n\nexport function registryStatusToCode(status: RegistryStatus): number {\n switch (status) {\n case \"Active\":\n return 0;\n case \"Deprecated\":\n return 1;\n case \"Replaced\":\n return 2;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid registry status\", { status });\n }\n}\n\nexport function isValidRegistryStatus(status: string): status is RegistryStatus {\n return status === \"Active\" || status === \"Deprecated\" || status === \"Replaced\";\n}\n","import type { Version } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nexport function parseVersion(input: string): Version {\n const match = input.match(/^(\\d+)\\.(\\d+)\\.(\\d+)$/);\n if (!match) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid semantic version\", { input });\n }\n\n return {\n major: Number(match[1]),\n minor: Number(match[2]),\n patch: Number(match[3])\n };\n}\n\nexport function formatVersion(version: Version): string {\n return `${version.major}.${version.minor}.${version.patch}`;\n}\n\nexport function compareVersions(a: Version, b: Version): -1 | 0 | 1 {\n if (a.major !== b.major) {\n return a.major < b.major ? -1 : 1;\n }\n if (a.minor !== b.minor) {\n return a.minor < b.minor ? -1 : 1;\n }\n if (a.patch !== b.patch) {\n return a.patch < b.patch ? -1 : 1;\n }\n return 0;\n}\n\nexport function isVersionGreater(a: Version, b: Version): boolean {\n return compareVersions(a, b) === 1;\n}\n\nexport function isVersionEqual(a: Version, b: Version): boolean {\n return compareVersions(a, b) === 0;\n}\n\nexport function getLatestVersion(history: Version[]): Version {\n if (history.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Version history cannot be empty\");\n }\n\n return history.reduce((current, candidate) => {\n return compareVersions(candidate, current) === 1 ? candidate : current;\n });\n}\n","export const METADATA_KEY_DID = \"omat.did\";\nexport const METADATA_KEY_DID_HASH = \"omat.didHash\";\nexport const METADATA_KEY_DATA_HASH = \"omat.dataHash\";\nexport const METADATA_KEY_DATA_HASH_ALGORITHM = \"omat.dataHashAlgorithm\";\nexport const METADATA_KEY_STATUS = \"omat.status\";\nexport const METADATA_KEY_INTERFACES = \"omat.interfaces\";\nexport const METADATA_KEY_FUNGIBLE_TOKEN_ID = \"omat.fungibleTokenId\";\nexport const METADATA_KEY_CONTRACT_ID = \"omat.contractId\";\nexport const METADATA_KEY_VERSION_MAJOR = \"omat.versionMajor\";\nexport const METADATA_KEY_VERSION_MINOR = \"omat.versionMinor\";\nexport const METADATA_KEY_VERSION_PATCH = \"omat.versionPatch\";\nexport const METADATA_KEY_TRAIT_HASHES = \"omat.traitHashes\";\nexport const METADATA_KEY_METADATA_JSON = \"omat.metadataJson\";\n","import { keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { canonicalizeJson } from \"../identity/data\";\nimport { OmaTrustError } from \"../shared/errors\";\n\ntype Hex = `0x${string}`;\nexport type DataHashAlgorithm = \"keccak256\" | \"sha256\";\n\nasync function fetchJson(url: string): Promise<unknown> {\n let response: Response;\n try {\n response = await fetch(url, { headers: { Accept: \"application/json\" } });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch data URL\", { url, err });\n }\n\n if (!response.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch data URL\", {\n url,\n status: response.status\n });\n }\n\n try {\n return await response.json();\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Response body is not valid JSON\", { url, err });\n }\n}\n\nfunction hashJcs(jcsJson: string, algorithm: DataHashAlgorithm): Hex {\n const bytes = toUtf8Bytes(jcsJson);\n return (algorithm === \"keccak256\" ? keccak256(bytes) : sha256(bytes)) as Hex;\n}\n\nexport async function computeDataHashFromUrl(\n url: string,\n algorithm: DataHashAlgorithm\n): Promise<Hex> {\n if (!url || typeof url !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"url must be a non-empty string\", { url });\n }\n\n if (algorithm !== \"keccak256\" && algorithm !== \"sha256\") {\n throw new OmaTrustError(\"INVALID_INPUT\", `Unsupported hash algorithm: \"${algorithm}\". Must be \"keccak256\" or \"sha256\".`, { algorithm });\n }\n\n const json = await fetchJson(url);\n const jcsJson = canonicalizeJson(json);\n return hashJcs(jcsJson, algorithm);\n}\n\nexport async function verifyDataUrlHash(\n url: string,\n expectedHash: Hex,\n algorithm: DataHashAlgorithm\n): Promise<boolean> {\n const computedHash = await computeDataHashFromUrl(url, algorithm);\n return computedHash.toLowerCase() === expectedHash.toLowerCase();\n}\n"]}
|
|
1
|
+
{"version":3,"sources":["../src/shared/errors.ts","../src/shared/assert.ts","../src/identity/index.ts","../src/identity/caip.ts","../src/identity/jwk.ts","../src/identity/did.ts","../src/identity/did-url.ts","../src/shared/did-document.ts","../src/identity/resolve-key.ts","../src/identity/controller-id.ts","../src/identity/types.ts","../src/identity/data.ts","../src/identity/artifact.ts","../src/identity/did-migration.ts","../src/reputation/index.ts","../src/reputation/encode.ts","../src/reputation/internal.ts","../src/reputation/eas-adapter.ts","../src/reputation/submit.ts","../src/reputation/revoke.ts","../src/reputation/delegated.ts","../src/reputation/query.ts","../src/reputation/proof/tx-encoded-value.ts","../src/reputation/proof/did-json.ts","../src/reputation/proof/eip712.ts","../src/reputation/proof/dns-txt-record.ts","../src/reputation/proof/x402-jws.ts","../src/reputation/proof/x402-eip712.ts","../src/reputation/verify.ts","../src/reputation/schema.ts","../src/reputation/witness.ts","../src/reputation/contract-ownership.ts","../src/shared/trust-anchors.ts","../src/reputation/proof/dns-txt-shared.ts","../src/reputation/attester-authorization.ts","../src/reputation/proof/tx-interaction.ts","../src/reputation/proof/pop-eip712.ts","../src/reputation/proof/pop-jws.ts","../src/reputation/proof/x402.ts","../src/reputation/proof/x402-verify.ts","../src/reputation/proof/evidence-pointer.ts","../src/reputation/proof/dns-txt.ts","../src/reputation/subject-ownership.ts","../src/reputation/schema-proof-verification.ts","../src/reputation/artifact-verification.ts","../src/app-registry/index.ts","../src/app-registry/traits.ts","../src/app-registry/interfaces.ts","../src/app-registry/status.ts","../src/app-registry/version.ts","../src/app-registry/metadata-keys.ts","../src/app-registry/data-hash.ts"],"names":["code","base64url","id","keccak256","toUtf8Bytes","sha256","digest","digestHex","isAddress","getAddress","verifyDnsTxtControllerDid","ZeroAddress","EAS","canonicalize","REQUIRED_OFFER_FIELDS","REQUIRED_RECEIPT_FIELDS","validateOfferPayload","validateReceiptPayload","failure","verifyTypedData","message","EAS_EVENT_ABI","Contract"],"mappings":";;;;;;;;;;;;;;;;;;AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,IAAA;AAAA,EACA,OAAA;AAAA,EAEA,WAAA,CAAYA,KAAAA,EAAc,OAAA,EAAiB,OAAA,EAAmB;AAC5D,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAOA,KAAAA;AACZ,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AACF;AAEO,SAAS,eAAA,CACdA,KAAAA,EACA,OAAA,EACA,OAAA,EACe;AACf,EAAA,OAAO,IAAI,aAAA,CAAcA,KAAAA,EAAM,OAAA,EAAS,OAAO,CAAA;AACjD;;;AChBO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA0C;AAC1G,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,MAAM,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AAC1D,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,2BAAA,CAAA,EAA+B,EAAE,OAAO,CAAA;AAAA,EAC/E;AACF;AAEO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA0C;AAC1G,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,MAAA,CAAO,KAAA,CAAM,KAAK,CAAA,EAAG;AACpD,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,uBAAA,CAAA,EAA2B,EAAE,OAAO,CAAA;AAAA,EAC3E;AACF;AAEO,SAAS,YAAA,CAAa,KAAA,EAAgB,IAAA,EAAcA,KAAAA,GAAO,eAAA,EAA2D;AAC3H,EAAA,IAAI,CAAC,SAAS,OAAO,KAAA,KAAU,YAAY,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AAC/D,IAAA,MAAM,IAAI,cAAcA,KAAAA,EAAM,CAAA,EAAG,IAAI,CAAA,kBAAA,CAAA,EAAsB,EAAE,OAAO,CAAA;AAAA,EACtE;AACF;AAEO,SAAS,QAAQ,GAAA,EAAqB;AAC3C,EAAA,IAAI,eAAe,KAAA,EAAO;AACxB,IAAA,OAAO,GAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAI,KAAA,CAAM,MAAA,CAAO,GAAG,CAAC,CAAA;AAC9B;;;ACzBA,IAAA,gBAAA,GAAA;AAAA,QAAA,CAAA,gBAAA,EAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;;;ACgBA,IAAM,aAAA,GAAgB,uEAAA;AACtB,IAAM,YAAA,GAAe,wDAAA;AAEd,SAAS,YAAY,KAAA,EAA6B;AACvD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,cAAc,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,aAAa,CAAA;AACzC,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,wBAAA,EAA0B,EAAE,OAAO,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,OAAA;AAE7B,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,IAAa,CAAC,OAAA,EAAS;AACxC,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EACjF;AAEA,EAAA,OAAO,EAAE,SAAA,EAAW,SAAA,EAAW,OAAA,EAAQ;AACzC;AAEO,SAAS,WAAA,CAAY,SAAA,EAAmB,SAAA,EAAmB,OAAA,EAAyB;AACzF,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,cAAc,CAAA;AAC/C,EAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,SAAS,IAAI,OAAO,CAAA,CAAA;AAC7C;AAEO,SAAS,gBAAgB,KAAA,EAAuB;AACrD,EAAA,MAAM,MAAA,GAAS,YAAY,KAAK,CAAA;AAChC,EAAA,MAAM,SAAA,GAAY,MAAA,CAAO,SAAA,CAAU,WAAA,EAAY;AAC/C,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA;AAEzB,EAAA,IAAI,UAAU,MAAA,CAAO,OAAA;AACrB,EAAA,IAAI,cAAc,QAAA,EAAU;AAC1B,IAAA,OAAA,GAAU,QAAQ,WAAA,EAAY;AAAA,EAChC;AAEA,EAAA,OAAO,WAAA,CAAY,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAClD;AAEO,SAAS,UAAA,CAAW,WAAmB,SAAA,EAA2B;AACvE,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,cAAc,CAAA;AACnD,EAAA,OAAO,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAClC;AAEO,SAAS,WAAW,KAAA,EAA4B;AACrD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,cAAc,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,YAAY,CAAA;AACxC,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,uBAAA,EAAyB,EAAE,OAAO,CAAA;AAAA,EAC5E;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA;AAC/B,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,EAAW;AAC5B,IAAA,MAAM,IAAI,aAAA,CAAc,cAAA,EAAgB,2BAAA,EAA6B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO,EAAE,WAAW,SAAA,EAAU;AAChC;AC1CA,IAAM,4BAAY,IAAI,GAAA,CAAI,CAAC,IAAA,EAAM,KAAA,EAAO,KAAK,CAAC,CAAA;AAG9C,IAAM,kBAAA,mBAAqB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,KAAK,CAAC,CAAA;AAM3E,IAAM,sBAAA,GAAmD;AAAA,EACvD,EAAA,EAAI,CAAC,KAAA,EAAO,GAAA,EAAK,GAAG,CAAA;AAAA,EACpB,GAAA,EAAK,CAAC,KAAA,EAAO,GAAG,CAAA;AAAA,EAChB,GAAA,EAAK,CAAC,GAAA,EAAK,GAAG;AAChB,CAAA;AAeO,SAAS,kBAAkB,GAAA,EAAmC;AACnE,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,+BAAA,EAAgC;AAAA,EAChE;AAEA,EAAA,MAAM,GAAA,GAAM,GAAA;AAGZ,EAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA,EAAG;AAClD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,KAAA,EAAO,2CAA2C,CAAC,GAAG,SAAS,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,KAC7E;AAAA,EACF;AAGA,EAAA,KAAA,MAAW,SAAS,kBAAA,EAAoB;AACtC,IAAA,IAAI,SAAS,GAAA,EAAK;AAChB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,KAAA,EAAO,mCAAmC,KAAK,CAAA,qCAAA;AAAA,OACjD;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,QAAA,GAAW,uBAAuB,GAAG,CAAA;AAC3C,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,KAAA,MAAW,SAAS,QAAA,EAAU;AAC5B,MAAA,IAAI,EAAE,KAAA,IAAS,GAAA,CAAA,IAAQ,GAAA,CAAI,KAAK,CAAA,KAAM,MAAA,IAAa,GAAA,CAAI,KAAK,CAAA,KAAM,IAAA,IAAQ,GAAA,CAAI,KAAK,MAAM,EAAA,EAAI;AAC3F,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,KAAA;AAAA,UACP,KAAA,EAAO,CAAA,mCAAA,EAAsC,KAAK,CAAA,WAAA,EAAc,GAAG,CAAA,CAAA;AAAA,SACrE;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAUA,SAAS,oBAAoB,GAAA,EAAsC;AACjE,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,IAAA,CAAK,GAAG,EAAE,IAAA,EAAK;AACrC,EAAA,MAAM,MAA+B,EAAC;AACtC,EAAA,KAAA,MAAW,OAAO,MAAA,EAAQ;AACxB,IAAA,GAAA,CAAI,GAAG,CAAA,GAAI,GAAA,CAAI,GAAG,CAAA;AAAA,EACpB;AACA,EAAA,OAAO,IAAA,CAAK,UAAU,GAAG,CAAA;AAC3B;AAYO,SAAS,YAAY,GAAA,EAAsB;AAChD,EAAA,YAAA,CAAa,GAAA,EAAK,OAAO,aAAa,CAAA;AAEtC,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,UAAA,CAAW,SAAS,oBAAA,EAAsB,EAAE,KAAK,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,SAAA,GAAY,oBAAoB,GAA8B,CAAA;AACpE,EAAA,MAAM,OAAA,GAAU,UAAU,MAAA,CAAO,IAAI,aAAY,CAAE,MAAA,CAAO,SAAS,CAAC,CAAA;AACpE,EAAA,OAAO,WAAW,OAAO,CAAA,CAAA;AAC3B;AAYO,SAAS,YAAY,MAAA,EAA2B;AACrD,EAAA,IAAI,OAAO,MAAA,KAAW,QAAA,IAAY,CAAC,MAAA,CAAO,UAAA,CAAW,UAAU,CAAA,EAAG;AAChE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0BAA0B,EAAE,KAAA,EAAO,QAAQ,CAAA;AAAA,EACpF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,mDAAA,EAAqD;AAAA,MAC1F,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,EAAA,IAAI,CAAC,OAAA,IAAW,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0CAAA,EAA4C;AAAA,MACjF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AACtC,IAAA,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,EAC1C,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+CAAA,EAAiD;AAAA,MACtF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,IAAA,CAAK,MAAM,OAAO,CAAA;AAAA,EAC1B,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,8CAAA,EAAgD;AAAA,MACrF,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,uCAAA,EAAyC;AAAA,MAC9E,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,UAAA,CAAW,SAAS,+BAAA,EAAiC;AAAA,MAC1F,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA;AACT;AAUA,SAAS,uBAAuB,GAAA,EAAuD;AACrF,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,MAAM,cAAA,uBAAqB,GAAA,CAAI,CAAC,OAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAK,CAAC,CAAA;AAEtE,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AAC9C,IAAA,IAAI,kBAAA,CAAmB,GAAA,CAAI,GAAG,CAAA,EAAG;AACjC,IAAA,IAAI,cAAA,CAAe,GAAA,CAAI,GAAG,CAAA,EAAG;AAC7B,IAAA,MAAA,CAAO,GAAG,CAAA,GAAI,KAAA;AAAA,EAChB;AAEA,EAAA,OAAO,MAAA;AACT;AAcO,SAAS,eAAA,CAAgB,GAAY,CAAA,EAAqB;AAC/D,EAAA,YAAA,CAAa,CAAA,EAAG,KAAK,aAAa,CAAA;AAClC,EAAA,YAAA,CAAa,CAAA,EAAG,KAAK,aAAa,CAAA;AAElC,EAAA,MAAM,IAAA,GAAO,CAAA;AACb,EAAA,MAAM,IAAA,GAAO,CAAA;AAGb,EAAA,KAAA,MAAW,SAAS,kBAAA,EAAoB;AACtC,IAAA,IAAI,SAAS,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,yCAAyC,KAAK,CAAA,CAAA,CAAA;AAAA,QAC9C,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AACA,IAAA,IAAI,SAAS,IAAA,EAAM;AACjB,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,0CAA0C,KAAK,CAAA,CAAA,CAAA;AAAA,QAC/C,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,uBAAuB,IAAI,CAAA;AAC3C,EAAA,MAAM,OAAA,GAAU,uBAAuB,IAAI,CAAA;AAG3C,EAAA,OAAO,mBAAA,CAAoB,OAAO,CAAA,KAAM,mBAAA,CAAoB,OAAO,CAAA;AACrE;AAoBA,eAAsB,oBAAA,CACpB,GAAA,EACA,eAAA,GAAkD,QAAA,EACjC;AACjB,EAAA,YAAA,CAAa,GAAA,EAAK,OAAO,aAAa,CAAA;AAEtC,EAAA,MAAM,UAAA,GAAa,kBAAkB,GAAG,CAAA;AACxC,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,UAAA,CAAW,SAAS,oBAAA,EAAsB,EAAE,KAAK,CAAA;AAAA,EAC1F;AAGA,EAAA,MAAM,MAAM,eAAA,KAAoB,QAAA,GAAW,QAAA,GACvC,eAAA,KAAoB,WAAW,QAAA,GAC/B,QAAA;AAEJ,EAAA,OAAO,sBAAA,CAAuB,KAAqD,GAAG,CAAA;AACxF;AAUA,eAAsB,eAAe,GAAA,EAA+B;AAClE,EAAA,MAAM,UAAA,GAAa,MAAM,oBAAA,CAAqB,GAAA,EAAK,QAAQ,CAAA;AAC3D,EAAA,OAAO,YAAY,UAAU,CAAA,CAAA;AAC/B;;;AC5TA,IAAM,SAAA,GAAY,qBAAA;AAEX,SAAS,WAAW,GAAA,EAAsB;AAC/C,EAAA,OAAO,SAAA,CAAU,KAAK,GAAG,CAAA;AAC3B;AAEO,SAAS,iBAAiB,GAAA,EAAyB;AACxD,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,oBAAoB,CAAA;AAC5C,EAAA,OAAO,KAAA,GAAQ,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC5B;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,uBAAuB,CAAA;AAC/C,EAAA,OAAO,KAAA,GAAQ,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC5B;AAEO,SAAS,gBAAgB,MAAA,EAAwB;AACtD,EAAA,YAAA,CAAa,MAAA,EAAQ,UAAU,aAAa,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,IAAA,EAAK,CAAE,WAAA,EAAY,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA;AAC5E;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAE3B,EAAA,IAAI,OAAA,CAAQ,WAAW,MAAM,CAAA,IAAK,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACjE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,CAAW,UAAU,IAC5C,OAAA,CAAQ,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA,GAC/B,OAAA;AAEJ,EAAA,MAAM,CAAC,IAAA,EAAM,GAAG,SAAS,CAAA,GAAI,UAAA,CAAW,MAAM,GAAG,CAAA;AACjD,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,MAAM,cAAA,GAAiB,gBAAgB,IAAI,CAAA;AAC3C,EAAA,MAAM,IAAA,GAAO,UAAU,MAAA,GAAS,CAAA,GAAI,IAAI,SAAA,CAAU,IAAA,CAAK,GAAG,CAAC,CAAA,CAAA,GAAK,EAAA;AAChE,EAAA,OAAO,CAAA,QAAA,EAAW,cAAc,CAAA,EAAG,IAAI,CAAA,CAAA;AACzC;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA;AAC/B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,wBAAA,EAA0B,EAAE,OAAO,CAAA;AAAA,EAC5E;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAC1C,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,OAAA,IAAW,CAAC,OAAA,EAAS;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO,CAAA,QAAA,EAAW,UAAU,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA,EAAI,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA;AAC/E;AAEO,SAAS,mBAAmB,KAAA,EAAoB;AACrD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,aAAa,CAAA,EAAG;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,OAAO,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA;AAC/B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,2BAAA,EAA6B,EAAE,OAAO,CAAA;AAAA,EAC/E;AAEA,EAAA,MAAM,KAAK,QAAA,EAAU,QAAQ,CAAA,GAAI,KAAA;AACjC,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC1B,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+BAAA,EAAiC,EAAE,OAAO,CAAA;AAAA,EACnF;AAEA,EAAA,OAAO,CAAA,WAAA,EAAc,QAAA,CAAS,WAAA,EAAa,IAAI,QAAQ,CAAA,CAAA;AACzD;AAEO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,OAAO,OAAA;AACT;AAEO,SAAS,aAAa,KAAA,EAAoB;AAC/C,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAE1C,EAAA,MAAM,UAAU,KAAA,CAAM,IAAA,GAAO,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AAEzC,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC/B,IAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,EAChC;AAEA,EAAA,IAAI,CAAC,UAAA,CAAW,OAAO,CAAA,EAAG;AACxB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oBAAA,EAAsB,EAAE,OAAO,CAAA;AAAA,EACxE;AAEA,EAAA,MAAM,MAAA,GAAS,iBAAiB,OAAO,CAAA;AACvC,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,QAAA;AACH,MAAA,OAAO,mBAAmB,OAAO,CAAA;AAAA,IACnC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC,KAAK,KAAA;AACH,MAAA,OAAO,gBAAgB,OAAO,CAAA;AAAA,IAChC;AACE,MAAA,OAAO,OAAA;AAAA;AAEb;AAEO,SAAS,eAAe,GAAA,EAAe;AAC5C,EAAA,MAAM,UAAA,GAAa,aAAa,GAAG,CAAA;AACnC,EAAA,OAAO,SAAA,CAAU,WAAA,CAAY,UAAU,CAAC,CAAA;AAC1C;AAEO,SAAS,kBAAkB,OAAA,EAAmB;AACnD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,aAAa,CAAA;AAC9C,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,OAAO,CAAA,EAAG;AACxC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,SAAS,CAAA;AAAA,EACnF;AAGA,EAAA,OAAO,KAAK,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA,CAAE,aAAa,CAAA,CAAA;AAC9C;AAEO,SAAS,aAAa,GAAA,EAAe;AAC1C,EAAA,OAAO,iBAAA,CAAkB,cAAA,CAAe,GAAG,CAAC,CAAA;AAC9C;AAEO,SAAS,kBAAA,CAAmB,KAAU,OAAA,EAAuB;AAClE,EAAA,IAAI;AACF,IAAA,OAAO,YAAA,CAAa,GAAG,CAAA,CAAE,WAAA,OAAkB,MAAA,CAAO,OAAO,EAAE,WAAA,EAAY;AAAA,EACzE,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEO,SAAS,YAAY,MAAA,EAAqB;AAC/C,EAAA,OAAO,CAAA,QAAA,EAAW,eAAA,CAAgB,MAAM,CAAC,CAAA,CAAA;AAC3C;AAEO,SAAS,WAAA,CACd,SAAA,EACA,OAAA,EACA,OAAA,EACK;AACL,EAAA,YAAA,CAAa,SAAA,EAAW,aAAa,aAAa,CAAA;AAClD,EAAA,YAAA,CAAa,OAAA,EAAS,WAAW,aAAa,CAAA;AAC9C,EAAA,IAAI,OAAA,KAAY,EAAA,IAAM,OAAA,KAAY,IAAA,IAAQ,YAAY,MAAA,EAAW;AAC/D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,qBAAA,EAAuB,EAAE,SAAS,CAAA;AAAA,EAC3E;AACA,EAAA,OAAO,CAAA,QAAA,EAAW,UAAU,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA,EAAI,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA;AAC/E;AAEO,SAAS,cAAA,CAAe,SAA0B,OAAA,EAAsB;AAC7E,EAAA,OAAO,WAAA,CAAY,QAAA,EAAU,OAAA,EAAS,OAAO,CAAA;AAC/C;AAEO,SAAS,sBAAsB,MAAA,EAAqB;AACzD,EAAA,MAAM,MAAA,GAAS,YAAY,MAAM,CAAA;AACjC,EAAA,OAAO,YAAY,MAAA,CAAO,SAAA,EAAW,MAAA,CAAO,SAAA,EAAW,OAAO,OAAO,CAAA;AACvE;AAEA,SAAS,YAAY,GAAA,EAA0E;AAC7F,EAAA,IAAI,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAC1C,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,OAAA,IAAW,CAAC,OAAA,EAAS;AACtC,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,EAAE,SAAA,EAAW,OAAA,EAAS,OAAA,EAAQ;AACvC;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,OAAA,IAAW,IAAA;AACtC;AAEO,SAAS,qBAAqB,GAAA,EAAyB;AAC5D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,OAAA,IAAW,IAAA;AACtC;AAEO,SAAS,uBAAuB,GAAA,EAAyB;AAC9D,EAAA,OAAO,WAAA,CAAY,GAAG,CAAA,EAAG,SAAA,IAAa,IAAA;AACxC;AAEO,SAAS,YAAY,GAAA,EAAmB;AAC7C,EAAA,OAAO,sBAAA,CAAuB,GAAG,CAAA,KAAM,QAAA;AACzC;AAEO,SAAS,oBAAoB,GAAA,EAAyB;AAC3D,EAAA,IAAI,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA;AAC9C,EAAA,MAAM,CAAC,MAAM,CAAA,GAAI,UAAA,CAAW,MAAM,GAAG,CAAA;AACrC,EAAA,OAAO,MAAA,IAAU,IAAA;AACnB;AAmBO,SAAS,sBAAsB,UAAA,EAA4B;AAChE,EAAA,YAAA,CAAa,UAAA,EAAY,cAAc,aAAa,CAAA;AAEpD,EAAA,IAAI,UAAA,CAAW,UAAA,CAAW,UAAU,CAAA,EAAG;AACrC,IAAA,MAAM,GAAA,GAAM,WAAA,CAAY,eAAA,CAAgB,UAAU,CAAC,CAAA;AACnD,IAAA,IAAI,CAAC,GAAA,EAAK;AACR,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,4BAAA,EAA8B,EAAE,YAAY,CAAA;AAAA,IACrF;AACA,IAAA,OAAO,GAAA,CAAI,OAAA;AAAA,EACb;AAEA,EAAA,IAAI,UAAA,CAAW,UAAA,CAAW,WAAW,CAAA,EAAG;AACtC,IAAA,MAAM,QAAQ,UAAA,CAAW,OAAA,CAAQ,aAAa,EAAE,CAAA,CAAE,MAAM,GAAG,CAAA;AAC3D,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,KAAW,CAAA,GAAI,MAAM,CAAC,CAAA,GAAI,MAAM,CAAC,CAAA;AACvD,IAAA,IAAI,CAAC,OAAA,IAAW,CAAC,SAAA,CAAU,OAAO,CAAA,EAAG;AACnC,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,YAAY,CAAA;AAAA,IACtF;AACA,IAAA,OAAO,WAAW,OAAO,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,UAAA,CAAW,KAAA,CAAM,8CAA8C,CAAA,EAAG;AACpE,IAAA,MAAM,MAAA,GAAS,YAAY,UAAU,CAAA;AACrC,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB;AAEA,EAAA,IAAI,SAAA,CAAU,UAAU,CAAA,EAAG;AACzB,IAAA,OAAO,WAAW,UAAU,CAAA;AAAA,EAC9B;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+BAAA,EAAiC,EAAE,YAAY,CAAA;AACxF;AAcA,IAAM,qBAAA,GAAwB,kBAAA;AAG9B,IAAM,eAAA,GAAkB,kBAAA;AAExB,IAAM,gCAAgB,IAAI,GAAA,CAAI,CAAC,IAAA,EAAM,KAAA,EAAO,KAAK,CAAC,CAAA;AAM3C,SAAS,gBAAgB,GAAA,EAAsB;AACpD,EAAA,OAAO,qBAAA,CAAsB,GAAG,CAAA,CAAE,KAAA;AACpC;AAUO,SAAS,sBAAsB,GAAA,EAAsC;AAC1E,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,IAAI,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AACtD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,IAAA,EAAM,OAAO,gCAAA,EAAiC;AAAA,EAC/E;AAEA,EAAA,MAAM,OAAA,GAAU,IAAI,IAAA,EAAK;AACzB,EAAA,MAAM,MAAA,GAAS,iBAAiB,OAAO,CAAA;AAEvC,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,eAAe,OAAO,CAAA;AAAA,IAC/B,KAAK,KAAA;AACH,MAAA,OAAO,eAAe,OAAO,CAAA;AAAA,IAC/B;AACE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO,MAAA,GACH,CAAA,YAAA,EAAe,MAAM,CAAA,wCAAA,CAAA,GACrB;AAAA,OACN;AAAA;AAEN;AAaA,SAAS,eAAe,GAAA,EAAsC;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,uDAAA,EAA0D,KAAA,CAAM,MAAM,CAAA;AAAA,KAC/E;AAAA,EACF;AAEA,EAAA,MAAM,KAAK,SAAA,EAAW,OAAA,EAAS,OAAO,CAAA,GAAI,KAAA;AAE1C,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,mBAAA,EAAoB;AAAA,EACnE;AAEA,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,SAAS,CAAA,EAAG;AAC1C,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,6BAA6B,SAAS,CAAA,mDAAA;AAAA,KAC/C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,8BAAA,EAA+B;AAAA,EAC9E;AAEA,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,iBAAA,EAAkB;AAAA,EACjE;AAGA,EAAA,IAAI,cAAc,QAAA,EAAU;AAE1B,IAAA,IAAI,CAAC,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAA,EAAG;AAC1B,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,4BAA4B,OAAO,CAAA,mBAAA;AAAA,OAC5C;AAAA,IACF;AAGA,IAAA,IAAI,CAAC,SAAA,CAAU,OAAO,CAAA,EAAG;AACvB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,wBAAwB,OAAO,CAAA,6BAAA;AAAA,OACxC;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,cAAc,QAAA,EAAU;AAE1B,IAAA,IAAI,CAAC,+BAAA,CAAgC,IAAA,CAAK,OAAO,CAAA,EAAG;AAClD,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,KAAA,EAAO,2BAA2B,OAAO,CAAA,mCAAA;AAAA,OAC3C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAM;AACtC;AAYA,SAAS,eAAe,GAAA,EAAsC;AAC5D,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,uDAAA,EAA0D,KAAA,CAAM,MAAM,CAAA;AAAA,KAC/E;AAAA,EACF;AAEA,EAAA,MAAM,KAAK,OAAO,CAAA,GAAI,KAAA;AAEtB,EAAA,IAAI,CAAC,OAAA,IAAW,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,0CAAA,EAA2C;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,OAAO,CAAA,EAAG;AAClC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQC,SAAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AACtC,IAAA,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,EAC1C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,uCAAA,EAAwC;AAAA,EACvF;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,IAAA,CAAK,MAAM,OAAO,CAAA;AAAA,EAC1B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,sCAAA,EAAuC;AAAA,EACtF;AAEA,EAAA,IAAI,CAAC,OAAO,OAAO,GAAA,KAAQ,YAAY,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA,EAAG;AACzD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,mCAAA,EAAoC;AAAA,EACnF;AAGA,EAAA,MAAM,MAAM,GAAA,CAAI,GAAA;AAChB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,aAAA,CAAc,GAAA,CAAI,GAAG,CAAA,EAAG;AACtD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO,CAAA,2DAAA;AAAA,KACT;AAAA,EACF;AAGA,EAAA,IAAI,OAAO,GAAA,EAAK;AACd,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAGA,EAAA,MAAM,aAAA,GAAgB,kBAAkB,GAAG,CAAA;AAC3C,EAAA,IAAI,CAAC,cAAc,KAAA,EAAO;AACxB,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,QAAQ,KAAA,EAAO,KAAA,EAAO,cAAc,KAAA,EAAM;AAAA,EACnE;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAM;AACtC;AAMO,SAAS,gBAAgB,KAAA,EAAoB;AAClD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,aAAa,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,sBAAA,EAAwB,EAAE,OAAO,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,MAAA,GAAS,eAAe,OAAO,CAAA;AACrC,EAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACjB,IAAA,MAAM,IAAI,cAAc,aAAA,EAAe,MAAA,CAAO,SAAS,iBAAA,EAAmB,EAAE,OAAO,CAAA;AAAA,EACrF;AAEA,EAAA,OAAO,OAAA;AACT;;;ACxeA,IAAM,aAAA,GAAgB,qBAAA;AAiBf,SAAS,YAAY,KAAA,EAA6B;AACvD,EAAA,YAAA,CAAa,KAAA,EAAO,SAAS,iBAAiB,CAAA;AAC9C,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAG3B,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAErC,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,QAAA;AAEJ,EAAA,IAAI,cAAc,EAAA,EAAI;AACpB,IAAA,GAAA,GAAM,OAAA;AACN,IAAA,QAAA,GAAW,IAAA;AAAA,EACb,CAAA,MAAO;AACL,IAAA,GAAA,GAAM,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,SAAS,CAAA;AAChC,IAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA;AAE/C,IAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,iBAAA;AAAA,QACA,8DAAA;AAAA,QACA,EAAE,KAAA;AAAM,OACV;AAAA,IACF;AAEA,IAAA,QAAA,GAAW,WAAA;AAAA,EACb;AAGA,EAAA,IAAI,CAAC,aAAA,CAAc,IAAA,CAAK,GAAG,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,iBAAA;AAAA,MACA,gDAAA;AAAA,MACA,EAAE,OAAO,GAAA;AAAI,KACf;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,OAAA;AAAA,IACR,GAAA;AAAA,IACA;AAAA,GACF;AACF;AAMO,SAAS,SAAS,KAAA,EAAwB;AAC/C,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,OAAO,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,IAAK,aAAA,CAAc,IAAA,CAAK,OAAA,CAAQ,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAC1E;AAQO,SAAS,aAAA,CAAc,KAAA,EAAe,SAAA,GAAY,KAAA,EAAa;AACpE,EAAA,YAAA,CAAa,KAAA,EAAO,WAAW,aAAa,CAAA;AAC5C,EAAA,IAAI,QAAA,CAAS,KAAK,CAAA,EAAG;AACnB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,iGAAA,CAAA;AAAA,MACA,EAAE,KAAA;AAAM,KACV;AAAA,EACF;AACF;;;AChGA,eAAsB,iBACpB,MAAA,EACkC;AAClC,EAAA,MAAM,aAAa,MAAA,CAAO,WAAA,EAAY,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AACzD,EAAA,MAAM,GAAA,GAAM,WAAW,UAAU,CAAA,qBAAA,CAAA;AAEjC,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK,EAAE,SAAS,EAAE,MAAA,EAAQ,kBAAA,EAAmB,EAAG,CAAA;AAAA,EACzE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAgC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA,EAAI;AAAA,MACxF,MAAA;AAAA,MACA,QAAQ,QAAA,CAAS;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,OAAQ,MAAM,SAAS,IAAA,EAAK;AAC9B;;;AC0BA,SAAS,sBAAA,CACP,WAAA,EACA,MAAA,EACA,QAAA,EAC2B;AAC3B,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,UAAU,OAAA,EAAiC;AACpD,IAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AAC3C,IAAA,MAAMC,MAAK,MAAA,CAAO,EAAA;AAClB,IAAA,IAAI,OAAOA,QAAO,QAAA,EAAU;AAG5B,IAAA,IAAIA,GAAAA,KAAO,QAAQ,OAAO,MAAA;AAG1B,IAAA,IAAI,QAAA,KAAaA,GAAAA,KAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,IAAMA,IAAG,QAAA,CAAS,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE,CAAA,CAAA,EAAI;AACtE,MAAA,OAAO,MAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAKA,SAAS,gCAAgC,WAAA,EAAgD;AACvF,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,SAAU,EAAC;AACrC,EAAA,OAAQ,OAAA,CACL,MAAA,CAAO,CAAC,CAAA,KAAM,KAAK,OAAO,CAAA,CAAE,EAAA,KAAO,QAAQ,CAAA,CAC3C,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,EAAY,CAAA;AAC9B;AA0BA,eAAsB,wBAAA,CACpB,QACA,OAAA,EAC4B;AAC5B,EAAA,YAAA,CAAa,MAAA,EAAQ,UAAU,iBAAiB,CAAA;AAEhD,EAAA,MAAM,MAAA,GAAS,YAAY,MAAM,CAAA;AACjC,EAAA,MAAM,MAAA,GAAS,gBAAA,CAAiB,MAAA,CAAO,GAAG,CAAA;AAE1C,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,iBAAA,EAAmB,wCAAA,EAA0C;AAAA,MACnF,MAAA;AAAA,MACA,KAAK,MAAA,CAAO;AAAA,KACb,CAAA;AAAA,EACH;AAEA,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA;AACH,MAAA,OAAO,iBAAiB,MAAA,CAAO,MAAA,EAAQ,OAAO,GAAA,EAAK,MAAA,CAAO,UAAU,OAAO,CAAA;AAAA,IAC7E;AACE,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,wBAAA;AAAA,QACA,uDAAuD,MAAM,CAAA,CAAA,CAAA;AAAA,QAC7D,EAAE,QAAQ,MAAA;AAAO,OACnB;AAAA;AAEN;AAcA,eAAsB,4BAAA,CACpB,QACA,OAAA,EACgC;AAChC,EAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,MAAA,EAAQ,OAAO,CAAA;AAC/D,EAAA,MAAM,aAAA,GAAgB,WAAA,CAAY,QAAA,CAAS,YAAY,CAAA;AAEvD,EAAA,OAAO;AAAA,IACL,GAAG,QAAA;AAAA,IACH;AAAA,GACF;AACF;AAMA,eAAe,gBAAA,CACb,MAAA,EACA,GAAA,EACA,QAAA,EACA,OAAA,EAC4B;AAC5B,EAAA,MAAM,MAAA,GAAS,oBAAoB,GAAG,CAAA;AACtC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,iBAAA,EAAmB,wCAAA,EAA0C;AAAA,MACnF,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAGA,EAAA,MAAM,OAAA,GAAU,SAAS,gBAAA,IAAoB,gBAAA;AAC7C,EAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,MAAM,CAAA;AAGxC,EAAA,MAAM,MAAA,GAAS,sBAAA,CAAuB,WAAA,EAAa,MAAA,EAAQ,QAAQ,CAAA;AACnE,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,uCAAA,EAA0C,QAAA,GAAW,CAAA,CAAA,EAAI,QAAQ,KAAK,MAAM,CAAA,CAAA,CAAA;AAAA,MAC5E,EAAE,MAAA,EAAQ,QAAA,EAAU,gBAAA,EAAkB,+BAAA,CAAgC,WAAW,CAAA;AAAE,KACrF;AAAA,EACF;AAGA,EAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACrD,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,qBAAA,EAAwB,OAAO,EAAE,CAAA,+BAAA,CAAA;AAAA,MACjC,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,CAAO,EAAA;AAAG,KAC5C;AAAA,EACF;AAGA,EAAA,MAAM,UAAA,GAAa,kBAAkB,YAAY,CAAA;AACjD,EAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,MAAA,CAAO,EAAE,CAAA,cAAA,EAAiB,WAAW,KAAK,CAAA,CAAA;AAAA,MAClF,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,CAAO,EAAA;AAAG,KAC5C;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,MAAA;AAAA,IACA,GAAA;AAAA,IACA,QAAA;AAAA,IACA,YAAA;AAAA,IACA,sBAAsB,MAAA,CAAO;AAAA,GAC/B;AACF;;;ACtNO,SAAS,kBAAA,CAAmB,GAAW,CAAA,EAAoB;AAEhE,EAAA,IAAI,WAAA,GAA6B,IAAA;AACjC,EAAA,IAAI,WAAA,GAA6B,IAAA;AAEjC,EAAA,IAAI;AACF,IAAA,WAAA,GAAc,aAAa,CAAC,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IAAI;AACF,IAAA,WAAA,GAAc,aAAa,CAAC,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IAAI,WAAA,IAAe,WAAA,IAAe,WAAA,KAAgB,WAAA,EAAa;AAC7D,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,IAAA,GAAO,4BAA4B,CAAC,CAAA;AAC1C,EAAA,MAAM,IAAA,GAAO,4BAA4B,CAAC,CAAA;AAE1C,EAAA,IAAI,QAAQ,IAAA,IAAQ,IAAA,CAAK,aAAY,KAAM,IAAA,CAAK,aAAY,EAAG;AAC7D,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,OAAA,GAAU,iBAAiB,CAAC,CAAA;AAClC,EAAA,MAAM,OAAA,GAAU,iBAAiB,CAAC,CAAA;AAElC,EAAA,IAAI,OAAA,KAAY,KAAA,IAAS,OAAA,KAAY,KAAA,EAAO;AAC1C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,YAAY,CAAC,CAAA;AAC1B,MAAA,MAAM,IAAA,GAAO,YAAY,CAAC,CAAA;AAC1B,MAAA,OAAO,eAAA,CAAgB,MAAM,IAAI,CAAA;AAAA,IACnC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAMO,SAAS,4BAA4B,aAAA,EAAsC;AAChF,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,iBAAiB,aAAa,CAAA;AAC7C,IAAA,IAAI,MAAA,KAAW,KAAA,IAAS,aAAA,CAAc,QAAA,CAAS,QAAQ,CAAA,EAAG;AACxD,MAAA,OAAO,sBAAsB,aAAa,CAAA;AAAA,IAC5C;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,IAAA;AACT;;;ACsFO,SAAS,6BACd,MAAA,EACuB;AACvB,EAAA,MAAM,UAAU,MAAA,CAAO,OAAA;AAEvB,EAAA,MAAM,cAAc,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,GAAW,QAAQ,WAAA,GAAc,IAAA;AACpF,EAAA,MAAM,QAAA,GACJ,OAAO,OAAA,CAAQ,QAAA,KAAa,QAAA,GACxB,OAAA,CAAQ,QAAA,GACR,OAAO,OAAA,CAAQ,QAAA,KAAa,QAAA,GAC1B,OAAA,CAAQ,QAAA,GACR,IAAA;AAGR,EAAA,IAAI,UAAA,GAA4B,IAAA;AAChC,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,WAAW,CAAA;AAC/B,MAAA,UAAA,GAAa,CAAA,QAAA,EAAW,IAAI,QAAQ,CAAA,CAAA;AAAA,IACtC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAGA,EAAA,IAAI,kBAAkB,MAAA,EAAQ;AAE5B,IAAA,MAAM,SAAA,GAAY,MAAA;AAClB,IAAA,OAAO;AAAA,MACL,eAAe,SAAA,CAAU,YAAA;AAAA,MACzB,UAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA,KAAK,SAAA,CAAU,GAAA;AAAA,MACf,cAAc,SAAA,CAAU,YAAA;AAAA,MACxB,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAGA,EAAA,MAAM,YAAA,GAAe,MAAA;AACrB,EAAA,MAAM,aAAA,GAAgB,YAAA,CAAa,MAAA,CAAO,WAAA,EAAY;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,oBAAoB,aAAa,CAAA,CAAA;AAAA,IAChD,UAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,GAAA,EAAK,IAAA;AAAA,IACL,YAAA,EAAc,IAAA;AAAA,IACd,QAAQ,YAAA,CAAa;AAAA,GACvB;AACF;ACxNA,IAAM,mCAAmB,IAAI,GAAA,CAAI,CAAC,WAAA,EAAa,QAAQ,CAAC,CAAA;AAGxD,IAAM,cAAA,GAAiB,EAAA;AAEvB,SAAS,gBAAA,CAAiB,OAAe,OAAA,EAAwB;AAC/D,EAAA,IAAI,QAAQ,cAAA,EAAgB;AAC1B,IAAA,MAAM,GAAA,GAAM,UACR,CAAA,sCAAA,EAAyC,cAAc,OAAO,OAAO,CAAA,CAAA,GACrE,yCAAyC,cAAc,CAAA,CAAA;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,GAAG,CAAA;AAAA,EAC9C;AACF;AAOO,SAAS,gBAAgB,KAAA,EAAwB;AACtD,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAaA,EAAA,MAAM,aAAA,GAAgB,oBAAoB,KAAK,CAAA;AAC/C,EAAA,IAAI,aAAA,CAAc,SAAS,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA,qBAAqB,aAAA,CAAc,MAAA,GAAS,CAAA,GAAI,GAAA,GAAM,EAAE,CAAA,WAAA,EAAc,aAAA,CAAc,GAAA,CAAI,CAAA,CAAA,KAAK,IAAI,CAAC,CAAA,CAAA,CAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,MACjH,EAAE,aAAA;AAAc,KAClB;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AACF;AAMA,SAAS,oBAAoB,KAAA,EAAyB;AACpD,EAAA,MAAM,aAAuB,EAAC;AAE9B,EAAA,MAAM,iBAAgC,EAAC;AACvC,EAAA,IAAI,QAAA,GAAW,KAAA;AACf,EAAA,IAAI,OAAA,GAAU,KAAA;AACd,EAAA,IAAI,UAAA,GAAa,EAAA;AACjB,EAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,EAAA,IAAI,UAAA,GAAa,KAAA;AACjB,EAAA,IAAI,CAAA,GAAI,CAAA;AAER,EAAA,OAAO,CAAA,GAAI,MAAM,MAAA,EAAQ;AACvB,IAAA,MAAM,EAAA,GAAK,MAAM,CAAC,CAAA;AAElB,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,OAAA,GAAU,KAAA;AACV,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,IAAA,EAAM;AACf,MAAA,OAAA,GAAU,IAAA;AACV,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,GAAA,EAAK;AACd,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,QAAA,GAAW,IAAA;AAEX,QAAA,IAAI,cAAA,CAAe,MAAA,GAAS,CAAA,IAAK,CAAC,UAAA,EAAY;AAC5C,UAAA,aAAA,GAAgB,IAAA;AAChB,UAAA,UAAA,GAAa,EAAA;AAAA,QACf;AAAA,MACF,CAAA,MAAO;AACL,QAAA,QAAA,GAAW,KAAA;AACX,QAAA,IAAI,aAAA,EAAe;AACjB,UAAA,aAAA,GAAgB,KAAA;AAChB,UAAA,MAAM,MAAA,GAAS,cAAA,CAAe,cAAA,CAAe,MAAA,GAAS,CAAC,CAAA;AACvD,UAAA,IAAI,MAAA,CAAO,GAAA,CAAI,UAAU,CAAA,EAAG;AAC1B,YAAA,IAAI,CAAC,UAAA,CAAW,QAAA,CAAS,UAAU,CAAA,EAAG;AACpC,cAAA,UAAA,CAAW,KAAK,UAAU,CAAA;AAAA,YAC5B;AAAA,UACF,CAAA,MAAO;AACL,YAAA,MAAA,CAAO,IAAI,UAAU,CAAA;AAAA,UACvB;AAAA,QACF;AAAA,MACF;AACA,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,IAAI,eAAe,UAAA,IAAc,EAAA;AACjC,MAAA,CAAA,EAAA;AACA,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,OAAO,GAAA,EAAK;AACd,MAAA,cAAA,CAAe,IAAA,iBAAK,IAAI,GAAA,EAAK,CAAA;AAC7B,MAAA,gBAAA,CAAiB,eAAe,MAAM,CAAA;AACtC,MAAA,UAAA,GAAa,KAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,cAAA,CAAe,GAAA,EAAI;AACnB,MAAA,UAAA,GAAa,eAAe,MAAA,GAAS,CAAA;AAAA,IACvC,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AAErB,MAAA,cAAA,CAAe,qBAAK,IAAI,GAAA,CAAI,CAAC,WAAW,CAAC,CAAC,CAAA;AAC1C,MAAA,gBAAA,CAAiB,eAAe,MAAM,CAAA;AACtC,MAAA,UAAA,GAAa,KAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,cAAA,CAAe,GAAA,EAAI;AACnB,MAAA,UAAA,GAAa,eAAe,MAAA,GAAS,CAAA;AAAA,IACvC,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,UAAA,GAAa,IAAA;AAAA,IACf,CAAA,MAAA,IAAW,OAAO,GAAA,EAAK;AACrB,MAAA,UAAA,GAAa,KAAA;AAAA,IACf;AAEA,IAAA,CAAA,EAAA;AAAA,EACF;AAEA,EAAA,OAAO,UAAA;AACT;AAOO,SAAS,cAAA,CAAe,KAAA,EAAgB,IAAA,GAAe,GAAA,EAAK,QAAgB,CAAA,EAAS;AAC1F,EAAA,gBAAA,CAAiB,OAAO,IAAI,CAAA;AAE5B,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,WAAA,CAAa,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,UAAU,IAAA,EAAM;AAEpB,EAAA,QAAQ,OAAO,KAAA;AAAO,IACpB,KAAK,QAAA;AAAA,IACL,KAAK,SAAA;AACH,MAAA;AAAA,IACF,KAAK,QAAA;AACH,MAAA,IAAI,CAAC,MAAA,CAAO,QAAA,CAAS,KAAK,CAAA,EAAG;AAC3B,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAA0B,IAAI,CAAA,EAAA,EAAK,KAAK,CAAA,wBAAA,CAA0B,CAAA;AAAA,MAC7G;AACA,MAAA;AAAA,IACF,KAAK,QAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,+BAAA,CAAiC,CAAA;AAAA,IAC1G,KAAK,UAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,UAAA,CAAY,CAAA;AAAA,IACrF,KAAK,QAAA;AACH,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,QAAA,CAAU,CAAA;AAAA,IACnF,KAAK,QAAA;AACH,MAAA,IAAI,iBAAiB,IAAA,EAAM;AACzB,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,oCAAA,CAAsC,CAAA;AAAA,MAC/G;AACA,MAAA,IAAI,iBAAiB,MAAA,EAAQ;AAC3B,QAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,QAAA,CAAU,CAAA;AAAA,MACnF;AACA,MAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AACxB,QAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,UAAA,cAAA,CAAe,KAAA,CAAM,CAAC,CAAA,EAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,CAAC,CAAA,CAAA,CAAA,EAAK,KAAA,GAAQ,CAAC,CAAA;AAAA,QACrD;AACA,QAAA;AAAA,MACF;AAEA,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,GAAG,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAC9C,QAAA,cAAA,CAAe,KAAK,CAAA,EAAG,IAAI,IAAI,GAAG,CAAA,CAAA,EAAI,QAAQ,CAAC,CAAA;AAAA,MACjD;AACA,MAAA;AAAA,IACF;AACE,MAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,uBAAA,EAA0B,IAAI,CAAA,gBAAA,EAAmB,OAAO,KAAK,CAAA,CAAA,CAAG,CAAA;AAAA;AAE/G;AAEO,SAAS,iBAAiB,GAAA,EAAsB;AACrD,EAAA,cAAA,CAAe,GAAG,CAAA;AAClB,EAAA,MAAM,GAAA,GAAM,aAAa,GAAG,CAAA;AAC5B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AACA,EAAA,OAAO,GAAA;AACT;AAMO,SAAS,yBAAyB,GAAA,EAA8C;AACrF,EAAA,MAAM,OAAA,GAAU,iBAAiB,GAAG,CAAA;AACpC,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,IAAA,EAAMC,SAAAA,CAAUC,WAAAA,CAAY,OAAO,CAAC;AAAA,GACtC;AACF;AAGO,SAAS,oBAAoB,GAAA,EAA8C;AAChF,EAAA,OAAO,yBAAyB,GAAG,CAAA;AACrC;AAEO,SAAS,qBAAA,CAAsB,KAAc,SAAA,EAAwC;AAC1F,EAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,SAAS,CAAA,EAAG;AACpC,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,6BAAA,EAAgC,SAAS,CAAA,mCAAA,CAAA,EAAuC,EAAE,WAAW,CAAA;AAAA,EACxI;AACA,EAAA,MAAM,GAAA,GAAM,iBAAiB,GAAG,CAAA;AAChC,EAAA,MAAM,KAAA,GAAQA,YAAY,GAAG,CAAA;AAC7B,EAAA,OAAQ,cAAc,WAAA,GAAcD,SAAAA,CAAU,KAAK,CAAA,GAAI,OAAO,KAAK,CAAA;AACrE;AC7LA,IAAM,mBAAA,GAAsB,eAAA;AAM5B,IAAM,WAAA,GAAc,CAAA;AAGpB,IAAM,SAAA,GAAgB,GAAA,CAAA,IAAA;AAGtB,IAAM,aAAA,GAAgB,EAAA;AAGtB,IAAM,sBAAA,GAAyB,EAAA;AAgB/B,eAAsB,qBAAqB,KAAA,EAAoC;AAC7E,EAAA,IAAI,EAAE,KAAA,YAAiB,UAAA,CAAA,IAAe,KAAA,CAAM,WAAW,CAAA,EAAG;AACxD,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,MAAME,QAAAA,CAAO,MAAA,CAAO,KAAK,CAAA;AACxC,EAAA,MAAM,GAAA,GAAM,GAAA,CAAI,QAAA,CAAS,SAAA,EAAW,MAAM,CAAA;AAC1C,EAAA,OAAO,GAAG,mBAAmB,CAAA,EAAG,GAAA,CAAI,QAAA,CAAS,MAAM,CAAC,CAAA,CAAA;AACtD;AAgBA,eAAsB,oBAAoB,KAAA,EAAiC;AAEzE,EAAA,MAAM,QAAQ,OAAO,KAAA,KAAU,QAAA,GAAW,eAAA,CAAgB,KAAK,CAAA,GAAI,KAAA;AAGnE,EAAA,MAAM,GAAA,GAAM,iBAAiB,KAAK,CAAA;AAClC,EAAA,MAAM,KAAA,GAAQ,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAE1C,EAAA,MAAM,MAAA,GAAS,MAAMA,QAAAA,CAAO,MAAA,CAAO,KAAK,CAAA;AACxC,EAAA,MAAM,GAAA,GAAM,GAAA,CAAI,QAAA,CAAS,SAAA,EAAW,MAAM,CAAA;AAC1C,EAAA,OAAO,GAAG,mBAAmB,CAAA,EAAG,GAAA,CAAI,QAAA,CAAS,MAAM,CAAC,CAAA,CAAA;AACtD;AAoBO,SAAS,iBAAiB,GAAA,EAAgC;AAC/D,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,mBAAmB,CAAA,EAAG;AACnE,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,6BAAA,EAA+B,EAAE,KAAK,CAAA;AAAA,EAC/E;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,mBAAA,CAAoB,MAAM,CAAA;AACvD,EAAA,IAAI,CAAC,UAAA,IAAc,UAAA,CAAW,MAAA,KAAW,CAAA,EAAG;AAC1C,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACtF;AAGA,EAAA,IAAI,UAAA,CAAW,CAAC,CAAA,KAAM,GAAA,EAAK;AACzB,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,0BAAA,EAA6B,UAAA,CAAW,CAAC,CAAC,CAAA,6BAAA,CAAA;AAAA,MAC1C,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,GAAA,CAAI,KAAA,CAAM,UAAA,EAAY,MAAM,CAAA;AAAA,EACpC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,0DAAA;AAAA,MACA,EAAE,GAAA,EAAK,KAAA,EAAO,GAAA;AAAI,KACpB;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,YAAY,WAAA,EAAa;AAC/B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,2BAAA,EAA8B,IAAI,OAAO,CAAA,CAAA;AAAA,MACzC,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAS,SAAA,EAAW;AAC1B,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,GAAA,CAAI,IAAA,CAAK,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAA,MAC7D,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAA,CAAU,IAAA,KAAS,aAAA,EAAe;AACxC,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,qDAAqD,GAAA,CAAI,SAAA,CAAU,IAAA,CAAK,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAA,MACpF,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,SAAA,CAAU,MAAA,CAAO,MAAA,KAAW,sBAAA,EAAwB;AAC1D,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,CAAA,qCAAA,EAAwC,GAAA,CAAI,SAAA,CAAU,MAAA,CAAO,MAAM,CAAA,CAAA;AAAA,MACnE,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,IAAI,SAAA,CAAU,MAAA;AAC7B,EAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,MAAM,CAAA,CAChC,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,EAAA,OAAO,EAAE,GAAA,EAAK,UAAA,EAAY,MAAA,EAAQ,SAAA,EAAU;AAC9C;AA+BA,eAAsB,iBAAA,CACpB,KACA,OAAA,EACqC;AAErC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,iBAAiB,GAAG,CAAA;AAAA,EAC/B,SAAS,GAAA,EAAK;AACZ,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,GAAA,YAAe,aAAA,GAAgB,GAAA,CAAI,OAAA,GAAU;AAAA,KACvD;AAAA,EACF;AAEA,EAAA,MAAM,cAAc,MAAA,CAAO,SAAA;AAG3B,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAa,OAAO,OAAA,KAAY,YAAY,OAAA,KAAY,IAAA,IAAQ,EAAE,OAAA,YAAmB,UAAA,CAAA,EAAc;AACxH,IAAA,IAAI;AACF,MAAA,MAAM,QAAQ,OAAO,OAAA,KAAY,QAAA,GAAW,eAAA,CAAgB,OAAO,CAAA,GAAI,OAAA;AACvE,MAAA,MAAM,GAAA,GAAM,iBAAiB,KAAK,CAAA;AAClC,MAAA,MAAM,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAC7C,MAAA,MAAMC,OAAAA,GAAS,MAAMD,QAAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAC3C,MAAA,MAAME,aAAY,KAAA,CAAM,IAAA,CAAKD,QAAO,MAAM,CAAA,CACvC,IAAI,CAAC,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,MAAA,IAAIC,eAAc,WAAA,EAAa;AAC7B,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAA,EAAO;AAAA,MAC1C;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAGA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI,mBAAmB,UAAA,EAAY;AACjC,IAAA,QAAA,GAAW,OAAA;AAAA,EACb,CAAA,MAAA,IAAW,OAAO,OAAA,KAAY,QAAA,EAAU;AACtC,IAAA,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,OAAO,CAAA;AAAA,EAC7C,CAAA,MAAO;AAEL,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAAS,MAAMF,QAAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAC3C,EAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,OAAO,MAAM,CAAA,CACvC,IAAI,CAAC,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAEV,EAAA,IAAI,cAAc,WAAA,EAAa;AAC7B,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,QAAA,EAAS;AAAA,EAC5C;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ;AAAA,GACV;AACF;AC5QO,SAAS,gBAAgB,GAAA,EAAqB;AACnD,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,KAAK,CAAA;AAAA,EAC3E;AAEA,EAAA,MAAM,SAAA,GAAY,GAAA,CAAI,KAAA,CAAM,WAAA,CAAY,MAAM,CAAA;AAC9C,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACtF;AAEA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI,OAAA;AAIJ,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,GAAG,CAAA;AACjC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AAEtB,IAAA,OAAA,GAAU,GAAA;AACV,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAAA,EACnB,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG;AAE7B,IAAA,MAAM,UAAA,GAAa,MAAM,CAAC,CAAA;AAC1B,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAGjB,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,EAAG;AAC/B,MAAA,OAAA,GAAU,MAAA,CAAO,QAAA,CAAS,UAAA,EAAY,EAAE,CAAC,CAAA;AAAA,IAC3C,CAAA,MAAA,IAAW,OAAA,CAAQ,IAAA,CAAK,UAAU,CAAA,EAAG;AACnC,MAAA,OAAA,GAAU,UAAA;AAAA,IACZ,CAAA,MAAO;AAEL,MAAA,MAAM,UAAA,GAAqC;AAAA,QACzC,OAAA,EAAS,GAAA;AAAA,QACT,MAAA,EAAQ,GAAA;AAAA,QACR,OAAA,EAAS,UAAA;AAAA,QACT,OAAA,EAAS,KAAA;AAAA,QACT,QAAA,EAAU,OAAA;AAAA,QACV,QAAA,EAAU,IAAA;AAAA,QACV,IAAA,EAAM;AAAA,OACR;AACA,MAAA,MAAM,MAAA,GAAS,UAAA,CAAW,UAAA,CAAW,WAAA,EAAa,CAAA;AAClD,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAI,aAAA;AAAA,UACR,aAAA;AAAA,UACA,6BAA6B,UAAU,CAAA,CAAA,CAAA;AAAA,UACvC,EAAE,GAAA,EAAK,OAAA,EAAS,UAAA;AAAW,SAC7B;AAAA,MACF;AACA,MAAA,OAAA,GAAU,MAAA;AAAA,IACZ;AAAA,EACF,CAAA,MAAO;AACL,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,yBAAA,EAA2B,EAAE,KAAK,CAAA;AAAA,EAC3E;AAEA,EAAA,IAAI,CAACG,SAAAA,CAAU,OAAO,CAAA,EAAG;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,0CAAA,EAA4C;AAAA,MACjF,GAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAcC,WAAW,OAAO,CAAA;AACtC,EAAA,OAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,CAAA,EAAI,WAAA,CAAY,aAAa,CAAA,CAAA;AAC/D;AAUA,IAAM,oBAAA,GAAyF;AAAA;AAAA,EAE7F,GAAA,EAAM,EAAE,GAAA,EAAK,KAAA,EAAO,KAAK,SAAA,EAAU;AAAA;AAAA,EAEnC,GAAA,EAAM,EAAE,GAAA,EAAK,KAAA,EAAO,KAAK,QAAA,EAAS;AAAA;AAAA,EAElC,KAAM,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,WAAA,EAAa,WAAW,EAAA,EAAG;AAAA;AAAA,EAEnD,MAAQ,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,OAAA,EAAS,WAAW,EAAA,EAAG;AAAA;AAAA,EAEjD,MAAQ,EAAE,GAAA,EAAK,MAAM,GAAA,EAAK,OAAA,EAAS,WAAW,EAAA;AAChD,CAAA;AAMA,SAAS,UAAA,CAAW,OAAmB,MAAA,EAAsD;AAC3F,EAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,EAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,EAAA,IAAI,SAAA,GAAY,CAAA;AAEhB,EAAA,OAAO,MAAA,GAAS,SAAA,GAAY,KAAA,CAAM,MAAA,EAAQ;AACxC,IAAA,MAAM,IAAA,GAAO,KAAA,CAAM,MAAA,GAAS,SAAS,CAAA;AACrC,IAAA,KAAA,IAAA,CAAU,OAAO,GAAA,KAAS,KAAA;AAC1B,IAAA,SAAA,EAAA;AACA,IAAA,IAAA,CAAK,IAAA,GAAO,SAAU,CAAA,EAAG;AACvB,MAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,IAC5B;AACA,IAAA,KAAA,IAAS,CAAA;AACT,IAAA,IAAI,QAAQ,EAAA,EAAI;AACd,MAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,8CAA8C,CAAA;AAAA,IACvF;AAAA,EACF;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,+CAA+C,CAAA;AACxF;AAQA,SAAS,eAAA,CACP,eACA,GAAA,EACkC;AAqBlC,EAAA,MAAM,IAAI,aAAA;AAAA,IACR,sBAAA;AAAA,IACA,qCAAqC,GAAG,CAAA,mIAAA,CAAA;AAAA,IAGxC,EAAE,GAAA,EAAK,SAAA,EAAW,aAAA,CAAc,MAAA;AAAO,GACzC;AACF;AAqBO,SAAS,eAAe,GAAA,EAAqB;AAClD,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,CAAC,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC1D,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,wBAAA,EAA0B,EAAE,KAAK,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,MAAM,CAAA;AAC9C,EAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,GAAG,CAAA,EAAG;AAC9C,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,qEAAA;AAAA,MACA,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,SAAA,CAAU,OAAO,UAAU,CAAA;AAAA,EACvC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,aAAA;AAAA,MACA,oDAAA;AAAA,MACA,EAAE,GAAA,EAAK,KAAA,EAAO,GAAA;AAAI,KACpB;AAAA,EACF;AAEA,EAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,iCAAA,EAAmC,EAAE,KAAK,CAAA;AAAA,EACnF;AAGA,EAAA,MAAM,EAAE,KAAA,EAAO,UAAA,EAAY,WAAU,GAAI,UAAA,CAAW,SAAS,CAAC,CAAA;AAE9D,EAAA,MAAM,OAAA,GAAU,qBAAqB,UAAU,CAAA;AAC/C,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,sBAAA;AAAA,MACA,CAAA,kCAAA,EAAqC,UAAA,CAAW,QAAA,CAAS,EAAE,CAAC,CAAA,WAAA,CAAA;AAAA,MAC5D,EAAE,KAAK,KAAA,EAAO,CAAA,EAAA,EAAK,WAAW,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA;AAAG,KAC/C;AAAA,EACF;AAGA,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,KAAA,CAAM,SAAS,CAAA;AAExC,EAAA,IAAI,OAAA,CAAQ,QAAQ,KAAA,EAAO;AAEzB,IAAA,IAAI,QAAA,CAAS,WAAW,EAAA,EAAI;AAC1B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,aAAA;AAAA,QACA,CAAA,iBAAA,EAAoB,OAAA,CAAQ,GAAG,CAAA,UAAA,EAAa,SAAS,MAAM,CAAA,MAAA,CAAA;AAAA,QAC3D,EAAE,GAAA,EAAK,GAAA,EAAK,OAAA,CAAQ,GAAA;AAAI,OAC1B;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM;AAAA,MACV,KAAK,OAAA,CAAQ,GAAA;AAAA,MACb,KAAK,OAAA,CAAQ,GAAA;AAAA,MACb,CAAA,EAAGR,SAAAA,CAAU,MAAA,CAAO,QAAQ;AAAA,KAC9B;AAEA,IAAA,OAAO,YAAY,GAAG,CAAA;AAAA,EACxB;AAGA,EAAA,OAAO,gBAAgB,QAAA,EAAU,OAAA,CAAQ,GAAG,CAAA,CAAE,EAAE,QAAA,EAAS;AAC3D;;;AC7QA,IAAA,kBAAA,GAAA;AAAA,QAAA,CAAA,kBAAA,EAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,gCAAA,EAAA,MAAA,gCAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,oCAAA,EAAA,MAAA,oCAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kCAAA,EAAA,MAAA,kCAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,+BAAA,EAAA,MAAA,+BAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,8BAAA,EAAA,MAAA,8BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,yBAAA,EAAA,MAAAS,0BAAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACMO,SAAS,gBAAgB,MAAA,EAA+C;AAC7E,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAA8B,CAAA;AAAA,IACzE;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,MAAA,KAAW,QAAA,IAAY,OAAO,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AAC5D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oDAAoD,CAAA;AAAA,EAC/F;AAEA,EAAA,MAAM,MAAA,GAAS,OACZ,KAAA,CAAM,GAAG,EACT,GAAA,CAAI,CAAC,SAAS,IAAA,CAAK,IAAA,EAAM,CAAA,CACzB,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA,CAChC,GAAA,CAAI,CAAC,IAAA,KAAS;AACb,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,KAAK,CAAA;AAC/B,IAAA,IAAI,MAAA,CAAO,SAAS,CAAA,EAAG;AACrB,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,sBAAA,EAAwB,EAAE,MAAM,CAAA;AAAA,IAC3E;AACA,IAAA,MAAM,IAAA,GAAO,OAAO,CAAC,CAAA;AACrB,IAAA,MAAM,OAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA,CAAE,KAAK,GAAG,CAAA;AACrC,IAAA,OAAO,EAAE,MAAM,IAAA,EAAK;AAAA,EACtB,CAAC,CAAA;AAEH,EAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,eAAe,MAAA,EAAwC;AACrE,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,OAAO,MAAA,CAAO,GAAA,CAAI,CAAC,KAAA,KAAU,CAAA,EAAG,KAAA,CAAM,IAAI,CAAA,CAAA,EAAI,KAAA,CAAM,IAAI,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AACvE;AAEO,SAAS,qBAAA,CACd,QACA,IAAA,EACK;AACL,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wBAAwB,CAAA;AAAA,EACnE;AAEA,EAAA,MAAM,gBAAA,GAAmB,uBAAA,CAAwB,MAAA,EAAQ,IAAI,CAAA;AAC7D,EAAA,IAAI,gBAAA,CAAiB,SAAS,CAAA,EAAG;AAC/B,IAAA,MAAM,UAAU,gBAAA,CACb,GAAA,CAAI,CAAC,KAAA,KAAU,UAAU,KAAA,CAAM,eAAe,CAAA,GAAA,EAAM,KAAA,CAAM,YAAY,CAAA,MAAA,EAAS,KAAA,CAAM,YAAY,CAAA,CAAE,CAAA,CACnG,KAAK,IAAI,CAAA;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,CAAA,oCAAA,EAAuC,OAAO,CAAA,CAAA,EAAI;AAAA,MACzF,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,YAAA,GAAe,eAAe,MAAM,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,IAAI,aAAA,CAAc,YAAY,CAAA;AAE9C,EAAA,MAAM,UAAU,OAAA,CAAQ,UAAA;AAAA,IACtB,MAAA,CAAO,GAAA,CAAI,CAAC,KAAA,MAAW;AAAA,MACrB,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,IAAI;AAAA,KACxB,CAAE;AAAA,GACJ;AAEA,EAAA,OAAO,OAAA;AACT;AAEA,SAAS,cAAc,KAAA,EAAwB;AAC7C,EAAA,IAAI,UAAU,IAAA,EAAM;AAClB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AACxB,IAAA,OAAO,OAAA;AAAA,EACT;AACA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,MAAA,CAAO,QAAA,CAAS,KAAK,CAAA,GAAI,QAAA,GAAW,mBAAA;AAAA,EAC7C;AACA,EAAA,OAAO,OAAO,KAAA;AAChB;AAEA,SAAS,cAAA,CAAe,OAAgB,aAAA,EAAiC;AACvE,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,iBAAiB,KAAA,IAAS,EAAA;AAAA,EACnC;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,CAAC,OAAO,QAAA,CAAS,KAAK,KAAK,CAAC,MAAA,CAAO,SAAA,CAAU,KAAK,CAAA,EAAG;AACvD,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,OAAO,iBAAiB,KAAA,IAAS,CAAA;AAAA,EACnC;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,MAAM,OAAA,GAAU,gBAAgB,SAAA,GAAY,OAAA;AAC5C,IAAA,OAAO,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,MAAM,KAAA,EAAiC;AAC9C,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,kBAAA,CAAmB,KAAK,KAAK,CAAA;AACnE;AAEA,SAAS,kBAAA,CAAmB,MAAc,KAAA,EAAyB;AACjE,EAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,IAAA,EAAK,CAAE,WAAA,EAAY;AAC/C,EAAA,MAAM,WAAA,GAAc,cAAA,CAAe,KAAA,CAAM,8BAA8B,CAAA;AAEvE,EAAA,IAAI,WAAA,CAAY,IAAA,CAAK,cAAc,CAAA,EAAG;AACpC,IAAA,OAAO,cAAA,CAAe,OAAO,KAAK,CAAA;AAAA,EACpC;AAEA,EAAA,IAAI,UAAA,CAAW,IAAA,CAAK,cAAc,CAAA,EAAG;AACnC,IAAA,OAAO,cAAA,CAAe,OAAO,IAAI,CAAA;AAAA,EACnC;AAEA,EAAA,IAAI,mBAAmB,QAAA,EAAU;AAC/B,IAAA,OAAO,OAAO,KAAA,KAAU,QAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,mBAAmB,UAAA,EAAY;AACjC,IAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,IAAK,KAAA,CAAM,MAAM,CAAC,KAAA,KAAU,OAAO,KAAA,KAAU,QAAQ,CAAA;AAAA,EACjF;AAEA,EAAA,IAAI,mBAAmB,MAAA,EAAQ;AAC7B,IAAA,OAAO,OAAO,KAAA,KAAU,SAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,mBAAmB,SAAA,EAAW;AAChC,IAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAYF,SAAAA,CAAU,KAAK,CAAA;AAAA,EACrD;AAEA,EAAA,IAAI,mBAAmB,OAAA,EAAS;AAC9B,IAAA,OAAO,MAAM,KAAK,CAAA,IAAA,CAAM,KAAA,CAAM,MAAA,GAAS,KAAK,CAAA,KAAM,CAAA;AAAA,EACpD;AAEA,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,MAAM,aAAA,GAAgB,MAAA,CAAO,WAAA,CAAY,CAAC,CAAC,CAAA;AAC3C,IAAA,OAAO,MAAM,KAAK,CAAA,IAAK,KAAA,CAAM,MAAA,KAAW,IAAI,aAAA,GAAgB,CAAA;AAAA,EAC9D;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,uBAAA,CACd,QACA,IAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,CAAC;AAAA,MACN,eAAA,EAAiB,MAAA;AAAA,MACjB,YAAA,EAAc,QAAA;AAAA,MACd,YAAA,EAAc,cAAc,IAAI,CAAA;AAAA,MAChC,aAAA,EAAe;AAAA,KAChB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,SAAuC,EAAC;AAE9C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC7B,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,KAAA,CAAM,IAAA,EAAM,KAAK,CAAA;AACpD,IAAA,IAAI,OAAA,EAAS;AACX,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK;AAAA,MACV,iBAAiB,KAAA,CAAM,IAAA;AAAA,MACvB,cAAc,KAAA,CAAM,IAAA;AAAA,MACpB,YAAA,EAAc,cAAc,KAAK,CAAA;AAAA,MACjC,aAAA,EAAe;AAAA,KAChB,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,qBAAA,CACd,QACA,WAAA,EACyB;AACzB,EAAA,IAAI,OAAO,WAAA,KAAgB,QAAA,IAAY,CAAC,WAAA,CAAY,UAAA,CAAW,IAAI,CAAA,EAAG;AACpE,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAkC,CAAA;AAAA,EAC7E;AAEA,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,YAAA,GAAe,eAAe,MAAM,CAAA;AAC1C,EAAA,MAAM,OAAA,GAAU,IAAI,aAAA,CAAc,YAAY,CAAA;AAC9C,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAE9C,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,KAAA,MAAW,QAAQ,OAAA,EAAoD;AACrE,IAAA,MAAM,QAAQ,IAAA,CAAK,KAAA;AACnB,IAAA,IAAI,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,IAAY,WAAY,KAAA,EAAmC;AACvF,MAAA,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,GAAK,KAAA,CAA6B,KAAA;AAAA,IACpD,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,GAAI,KAAA;AAAA,IACtB;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,sBACd,IAAA,EAC6B;AAC7B,EAAA,MAAM,KAAA,GAAQ,KAAK,WAAW,CAAA;AAC9B,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM,OAAO,MAAA;AAClD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,OAAO,UAAU,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAK,CAAA,EAAG,OAAO,MAAA,CAAO,KAAK,CAAA;AACzE,EAAA,OAAO,MAAA;AACT;AClOO,IAAM,QAAA,GAAW,oEAAA;AAEjB,SAAS,iBAAA,CAAkB,OAAoC,QAAA,EAA0B;AAC9F,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM;AACzC,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAO,UAAU,QAAA,GAAW,KAAA,GAAQ,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA;AACrE;AAUO,SAAS,sBAAA,CACd,QACA,IAAA,EACyB;AACzB,EAAA,MAAM,MAAA,GAAS,gBAAgB,MAAM,CAAA;AACrC,EAAA,MAAM,oBAAoB,MAAA,CAAO,IAAA,CAAK,CAAC,KAAA,KAAU,KAAA,CAAM,SAAS,gBAAgB,CAAA;AAChF,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,IAAA,OAAO,EAAE,GAAG,IAAA,EAAK;AAAA,EACnB;AAEA,EAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC7D,IAAA,OAAO;AAAA,MACL,GAAG,IAAA;AAAA,MACH,cAAA,EAAgB,eAAe,OAAO;AAAA,KACxC;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,GAAG,IAAA,EAAK;AACnB;AAEO,SAAS,wBAAwB,IAAA,EAAuC;AAC7E,EAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EAAG;AAC7D,IAAA,OAAO,aAAa,OAAO,CAAA;AAAA,EAC7B;AAEA,EAAA,MAAM,iBAAiB,IAAA,CAAK,cAAA;AAC5B,EAAA,IAAI,OAAO,cAAA,KAAmB,QAAA,IAAY,qBAAA,CAAsB,IAAA,CAAK,cAAc,CAAA,EAAG;AACpF,IAAA,OAAO,kBAAkB,cAAqB,CAAA;AAAA,EAChD;AAEA,EAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,EAAA,IAAI,OAAO,SAAA,KAAc,QAAA,IAAYA,SAAAA,CAAU,SAAS,CAAA,EAAG;AACzD,IAAA,OAAOC,WAAW,SAAS,CAAA;AAAA,EAC7B;AAEA,EAAA,OAAO,WAAA;AACT;;;ACzDA,SAAS,SAAS,KAAA,EAAwC;AACxD,EAAA,OAAO,OAAA,CAAQ,KAAK,CAAA,IAAK,OAAO,KAAA,KAAU,QAAA;AAC5C;AAEA,SAAS,QAAQ,KAAA,EAA8B;AAC7C,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,qBAAA,CAAsB,KAAK,KAAK,CAAA;AACtE;AAEO,SAAS,yBAAyB,EAAA,EAAwC;AAC/E,EAAA,IAAI,CAAC,QAAA,CAAS,EAAE,CAAA,EAAG;AACjB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAwB,CAAC,EAAA,CAAG,SAAS,EAAA,CAAG,EAAA,EAAI,GAAG,WAAW,CAAA;AAChE,EAAA,KAAA,MAAW,aAAa,UAAA,EAAY;AAClC,IAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACvB,MAAA,OAAO,SAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,sBAAsB,EAAA,EAA8B;AAClE,EAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAC3C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,cAAc,OAAA,CAAQ,IAAA;AAC5B,IAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,MAAA,OAAO,WAAA;AAAA,IACT;AACA,IAAA,MAAM,kBAAkB,OAAA,CAAQ,eAAA;AAChC,IAAA,IAAI,OAAA,CAAQ,eAAe,CAAA,EAAG;AAC5B,MAAA,OAAO,eAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,IAAI,SAAS,EAAE,CAAA,IAAK,OAAA,CAAQ,EAAA,CAAG,IAAI,CAAA,EAAG;AACpC,IAAA,OAAO,EAAA,CAAG,IAAA;AAAA,EACZ;AAEA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,yBAAyB,GAAA,EAAuB;AAC9D,EAAA,IAAI,CAAC,QAAA,CAAS,GAAG,CAAA,EAAG;AAClB,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAU,GAAA,CAAI,OAAA;AACpB,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,CAAQ,WAAW,CAAA,EAAG;AACvD,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,OAAO,mBAAA,CAAoB,KAAK,OAAO,CAAA;AACzC;;;AClDA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oBAAoB,CAAA;AAAA,EAC/D;AAEA,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,MAAA,EAAQ,OAAO,IAAI,CAAA;AACtE,EAAA,MAAM,WAAA,GAAc,qBAAA,CAAsB,MAAA,CAAO,MAAA,EAAQ,YAAY,CAAA;AACrE,EAAA,MAAM,UAAA,GAAa,iBAAA;AAAA,IACjB,MAAA,CAAO,cAAA,IAAkB,qBAAA,CAAsB,YAAY,CAAA;AAAA,IAC3D;AAAA,GACF;AACA,EAAA,MAAM,SAAA,GAAY,wBAAwB,YAAY,CAAA;AAEtD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,EAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,MAAe,CAAA;AAElC,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,GAAA,CAAI,MAAA,CAAO;AAAA,MAC1B,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,WAAW,SAAA,IAAaE,WAAAA;AAAA,QACxB,cAAA,EAAgB,UAAA;AAAA,QAChB,SAAA,EAAW,OAAO,SAAA,IAAa,IAAA;AAAA,QAC/B,MAAA,EAAQ,OAAO,MAAA,IAAU,QAAA;AAAA,QACzB,IAAA,EAAM,WAAA;AAAA,QACN,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAM,GAAA,GAAO,MAAM,EAAA,CAAG,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,EAAE,CAAA,IAAK,QAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAE3C,IAAA,OAAO;AAAA,MACL,GAAA;AAAA,MACA,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAAA,EAAgC,EAAE,KAAK,CAAA;AAAA,EAClF;AACF;ACjDA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAyB,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oBAAoB,CAAA;AAAA,EAC/D;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIC,GAAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,EAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,MAAe,CAAA;AAElC,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,GAAA,CAAI,MAAA,CAAO;AAAA,MAC1B,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAM,GAAG,IAAA,EAAK;AACd,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,EAAE,CAAA,IAAK,QAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,yBAAyB,EAAE,CAAA;AAE3C,IAAA,OAAO;AAAA,MACL,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAAA,EAAgC,EAAE,KAAK,CAAA;AAAA,EAClF;AACF;ACVA,SAAS,wBACP,MAAA,EAKA;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,OAAA;AAAA,MACT,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,mBAAmB,MAAA,CAAO;AAAA,KAC5B;AAAA,IACA,KAAA,EAAO;AAAA,MACL,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAU;AAAA,QACpC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,SAAA,EAAU;AAAA,QACrC,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,MAAA,EAAO;AAAA,QAClC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAQ;AAAA,QAC9B,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,QACjC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,QACjC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,QAAA;AAAS;AACrC,KACF;AAAA,IACA,OAAA,EAAS;AAAA,MACP,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,cAAA,EAAgB,iBAAA,CAAkB,MAAA,CAAO,cAAA,EAAgB,EAAE,CAAA;AAAA,MAC3D,SAAA,EAAW,OAAO,SAAA,IAAa,IAAA;AAAA,MAC/B,MAAA,EAAQ,OAAO,MAAA,IAAU,QAAA;AAAA,MACzB,MAAM,MAAA,CAAO,WAAA;AAAA,MACb,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE,CAAA;AAAA,MACzC,KAAA,EAAO,iBAAA,CAAkB,MAAA,CAAO,KAAA,EAAO,EAAE,CAAA;AAAA,MACzC,QAAA,EAAU,iBAAA,CAAkB,MAAA,CAAO,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,EAAI,GAAI,GAAI,CAAA,GAAI,GAAG,CAAC;AAAA;AAC1F,GACF;AACF;AAEO,SAAS,mCACd,MAAA,EAKA;AACA,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,MAAA,EAAQ,OAAO,IAAI,CAAA;AACtE,EAAA,MAAM,WAAA,GAAc,qBAAA,CAAsB,MAAA,CAAO,MAAA,EAAQ,YAAY,CAAA;AACrE,EAAA,MAAM,SAAA,GAAY,wBAAwB,YAAY,CAAA;AAEtD,EAAA,OAAO,uBAAA,CAAwB;AAAA,IAC7B,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,WAAA;AAAA,IACA,SAAA;AAAA,IACA,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,cAAA,EAAgB,MAAA,CAAO,cAAA,IAAkB,qBAAA,CAAsB,YAAY,CAAA;AAAA,IAC3E,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEO,SAAS,mCACd,MAAA,EAKA;AACA,EAAA,OAAO,uBAAA,CAAwB;AAAA,IAC7B,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,gBAAgB,MAAA,CAAO,cAAA;AAAA,IACvB,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEO,SAAS,eAAe,SAAA,EAAwD;AACrF,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,SAAA,CAAU,IAAA,CAAK,SAAmB,CAAA;AACjD,IAAA,OAAO;AAAA,MACL,GAAG,MAAA,CAAO,CAAA;AAAA,MACV,GAAG,MAAA,CAAO,CAAA;AAAA,MACV,GAAG,MAAA,CAAO;AAAA,KACZ;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mBAAA,EAAqB,EAAE,KAAK,CAAA;AAAA,EACvE;AACF;AAEA,eAAsB,4BACpB,MAAA,EAC4C;AAC5C,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qBAAqB,CAAA;AAAA,EAChE;AAEA,EAAA,MAAM,SAAA,GAAY,mCAAmC,MAAM,CAAA;AAE3D,EAAA,OAAO;AAAA,IACL,gBAAA,EAAkB;AAAA,MAChB,QAAQ,MAAA,CAAO,SAAA;AAAA,MACf,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,MAC3B,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,GAAG,SAAA,CAAU;AAAA,KACf;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,2BACpB,MAAA,EAC2C;AAC3C,EAAA,IAAI,CAAC,MAAA,CAAO,QAAA,IAAY,OAAO,MAAA,CAAO,aAAa,QAAA,EAAU;AAC3D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,sBAAsB,CAAA;AAAA,EACjE;AAEA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,OAAO,IAAA,CAAK,SAAA;AAAA,MAChB;AAAA,QACE,UAAU,MAAA,CAAO,QAAA;AAAA,QACjB,WAAW,MAAA,CAAO,SAAA;AAAA,QAClB,UAAU,MAAA,CAAO;AAAA,OACnB;AAAA,MACA,CAAC,MAAM,KAAA,KAAW,OAAO,UAAU,QAAA,GAAW,KAAA,CAAM,UAAS,GAAI;AAAA,KACnE;AAEA,IAAA,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,QAAA,EAAU;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wCAAA,EAA0C,EAAE,KAAK,CAAA;AAAA,EAC5F;AAEA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAW,MAAM,SAAS,IAAA,EAAK;AAAA,EACjC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAA,GAAU,EAAC;AAAA,EACb;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,UAAA,GAAgC;AAAA,MACpC,YAAY,QAAA,CAAS,MAAA;AAAA,MACrB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,KAAA,EAAQ,OAAA,CAAQ,KAAA,IAAiC,OAAA,CAAQ,OAAA;AAAA,MACzD;AAAA,KACF;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,aAAA,EAAe,iCAAiC,QAAA,CAAS,MAAM,KAAK,UAAU,CAAA;AAAA,EACxG;AAEA,EAAA,MAAM,GAAA,GAAQ,QAAQ,GAAA,IAA8B,QAAA;AACpD,EAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AAGvB,EAAA,MAAM,sBAAA,GACJ,QAAQ,MAAA,KAAW,WAAA,IACnB,QAAQ,OAAA,KAAY,IAAA,IACpB,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA;AACjC,EAAA,MAAM,MAAA,GAAoC,yBAAyB,WAAA,GAAc,WAAA;AAGjF,EAAA,MAAM,QAAuB,EAAC;AAC9B,EAAA,IAAI,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,EAAU,KAAA,CAAM,cAAc,OAAA,CAAQ,WAAA;AACzE,EAAA,IAAI,OAAO,OAAA,CAAQ,KAAA,KAAU,QAAA,EAAU,KAAA,CAAM,QAAQ,OAAA,CAAQ,KAAA;AAC7D,EAAA,IAAI,OAAO,OAAA,CAAQ,OAAA,KAAY,SAAA,EAAW,KAAA,CAAM,UAAU,OAAA,CAAQ,OAAA;AAElE,EAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AACtC,IAAA,IAAI,CAAC,CAAC,KAAA,EAAO,QAAA,EAAU,QAAA,EAAU,aAAA,EAAe,OAAA,EAAS,SAAS,CAAA,CAAE,QAAA,CAAS,GAAG,CAAA,EAAG;AACjF,MAAA,KAAA,CAAM,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAG,CAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,MAAM,MAAA,GAA2C,EAAE,GAAA,EAAK,MAAA,EAAQ,MAAA,EAAO;AACvE,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,SAAS,CAAA,EAAG;AACjC,IAAA,MAAA,CAAO,KAAA,GAAQ,KAAA;AAAA,EACjB;AACA,EAAA,OAAO,MAAA;AACT;ACxNA,IAAM,aAAA,GAAgB;AAAA,EACpB;AACF,CAAA;AAEA,SAAS,iBAAiB,KAAA,EAAiC;AACzD,EAAA,MAAM,SAAU,KAAA,CAAwC,eAAA;AACxD,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,OAAO,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,GAAK,MAAA,GAAiB,MAAA;AAChE;AAEA,SAAS,gBAAA,CACP,WAAA,EACA,MAAA,EACA,MAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAW,YAAY,IAAA,IAA6B,IAAA;AAC1D,EAAA,MAAM,UAAU,MAAA,GAAS,qBAAA,CAAsB,MAAA,EAAQ,OAAO,IAAI,EAAC;AACnE,EAAA,MAAM,YAAA,GAAe,CAAC,KAAA,KAA2B;AAC/C,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,OAAO,OAAO,KAAK,CAAA;AAAA,IACrB;AACA,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,SAAS,CAAA,EAAG;AACjD,MAAA,OAAO,OAAO,KAAK,CAAA;AAAA,IACrB;AACA,IAAA,OAAO,EAAA;AAAA,EACT,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,KAAK,WAAA,CAAY,GAAA;AAAA,IACjB,QAAQ,WAAA,CAAY,MAAA;AAAA,IACpB,UAAU,WAAA,CAAY,QAAA;AAAA,IACtB,WAAW,WAAA,CAAY,SAAA;AAAA,IACvB,MAAA;AAAA,IACA,SAAA,EAAW,OAAA,CAAQ,WAAA,CAAY,SAAS,CAAA;AAAA,IACxC,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,IACvD,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,IACvD,IAAA,EAAM,YAAA,CAAa,WAAA,CAAY,IAAI,CAAA;AAAA,IACnC,QAAQ,WAAA,CAAY,MAAA;AAAA,IACpB,IAAA,EAAM,OAAA;AAAA,IACN,GAAA,EAAK,SAAS,MAAA,GAAY;AAAA,GAC5B;AACF;AAEA,eAAsB,eACpB,MAAA,EACiC;AACjC,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,IAAIA,GAAAA,CAAI,MAAA,CAAO,kBAAkB,CAAA;AAC7C,IAAA,GAAA,CAAI,OAAA,CAAQ,OAAO,QAAiB,CAAA;AACpC,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,OAAO,GAAG,CAAA;AAExD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,IAAO,MAAA,CAAO,WAAA,CAAY,GAAG,CAAA,KAAM,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAA,EAAG;AACxF,MAAA,MAAM,IAAI,cAAc,uBAAA,EAAyB,uBAAA,EAAyB,EAAE,GAAA,EAAK,MAAA,CAAO,KAAK,CAAA;AAAA,IAC/F;AAEA,IAAA,OAAO,gBAAA,CAAiB,WAAA,EAAa,MAAA,CAAO,MAAM,CAAA;AAAA,EACpD,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,eAAe,aAAA,EAAe;AAChC,MAAA,MAAM,GAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAAA,EAA8B,EAAE,KAAK,CAAA;AAAA,EAChF;AACF;AAEA,eAAe,sBAAA,CACb,kBAAA,EACA,QAAA,EACA,SAAA,EACA,SACA,OAAA,EACmC;AACnC,EAAA,MAAM,QAAA,GAAW,IAAI,QAAA,CAAS,kBAAA,EAAoB,eAAe,QAAQ,CAAA;AACzE,EAAA,MAAM,MAAA,GAAS,SAAS,OAAA,CAAQ,QAAA,CAAS,SAAS,SAAA,IAAa,IAAA,EAAM,OAAA,EAAS,QAAA,IAAY,IAAI,CAAA;AAE9F,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,MAAM,QAAA,CAAS,WAAA,CAAY,MAAA,EAAQ,WAAW,OAAO,CAAA;AAAA,EAChE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIA,GAAAA,CAAI,kBAAkB,CAAA;AACtC,EAAA,GAAA,CAAI,QAAQ,QAAQ,CAAA;AAEpB,EAAA,MAAM,YAAA,GAAe,SAAS,OAAA,EAAS,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,CAAA;AACjE,EAAA,MAAM,UAAoC,EAAC;AAE3C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,EAAG,MAAA,IAAU,KAAA,IAAU,MAAM,OAAA,CAAQ,KAAA,CAAM,IAAI,CAAA,CAAA,EAAI;AACrD,MAAA;AAAA,IACF;AACA,IAAA,MAAM,OAAO,KAAA,CAAM,IAAA;AACnB,IAAA,MAAM,GAAA,GAAM,OAAO,CAAC,CAAA;AACpB,IAAA,MAAM,SAAA,GAAY,OAAO,CAAC,CAAA;AAE1B,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,SAAA,EAAW;AACtB,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,gBAAgB,CAAC,YAAA,CAAa,SAAS,SAAA,CAAU,WAAA,EAAa,CAAA,EAAG;AACnE,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,GAAG,CAAA;AACjD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,EAAK;AACpC,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,KAAK,gBAAA,CAAiB,WAAA,EAAa,QAAW,gBAAA,CAAiB,KAAK,CAAC,CAAC,CAAA;AAAA,EAChF;AAEA,EAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,OAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAC9C,EAAA,OAAO,OAAA;AACT;AAEA,eAAsB,sBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,IAAY,MAAO,SAAuD,cAAA,EAAe;AAChH,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAClE,EAAA,OAAO,sBAAA;AAAA,IACL,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,WAAW,YAAA,CAAa,MAAA,CAAO,UAAU,CAAA,EAAG,OAAA,EAAS,OAAO,OAAA;AAAQ,GACxE;AACF;AAEA,eAAsB,0BACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,IAAY,MAAO,SAAuD,cAAA,EAAe;AAChH,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAElE,EAAA,IAAI,MAAA,CAAO,KAAA,KAAU,MAAA,IAAa,MAAA,CAAO,SAAS,CAAA,EAAG;AACnD,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,UAAU,MAAM,sBAAA;AAAA,IACpB,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,QAAA,EAAU,MAAA,CAAO,QAAA,EAAU,OAAA,EAAS,OAAO,OAAA;AAAQ,GACvD;AAEA,EAAA,OAAO,MAAA,CAAO,UAAU,MAAA,GAAY,OAAA,CAAQ,MAAM,CAAA,EAAG,MAAA,CAAO,KAAK,CAAA,GAAI,OAAA;AACvE;AAEA,eAAsB,iBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAA,IAAS,EAAA;AAC9B,EAAA,IAAI,SAAS,CAAA,EAAG;AACd,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,qBAAA,CAAsB,MAAM,CAAA;AAClD,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA;AAC/B;AAUA,eAAsB,sBACpB,MAAA,EACmC;AACnC,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AACxB,EAAA,MAAM,OAAA,GAAU,MAAO,QAAA,CAAuD,cAAA,EAAe;AAC7F,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,KAAK,GAAA,CAAI,CAAA,EAAG,UAAU,GAAM,CAAA;AAElE,EAAA,MAAM,UAAU,MAAM,sBAAA;AAAA,IACpB,MAAA,CAAO,kBAAA;AAAA,IACP,QAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,OAAA,EAAS,MAAA,CAAO,OAAA;AAAQ,GAC5B;AAEA,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,MAAA,CAAO,SAAS,EAAE,CAAA;AAC5C;AAEO,SAAS,mBAAmB,YAAA,EAAkE;AACnG,EAAA,MAAM,IAAA,uBAAW,GAAA,EAAoC;AAErD,EAAA,KAAA,MAAW,eAAe,YAAA,EAAc;AACtC,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,CAAY,IAAA,CAAK,WAAW,EAAE,CAAA;AACrD,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,CAAY,IAAA,CAAK,WAAW,EAAE,CAAA;AACrD,IAAA,MAAM,KAAA,GAAQ,gBAAgB,OAAO,CAAA;AACrC,IAAA,MAAM,GAAA,GAAM,GAAG,WAAA,CAAY,QAAA,CAAS,aAAa,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA;AAErE,IAAA,IAAI,CAAC,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA,EAAG;AAClB,MAAA,IAAA,CAAK,GAAA,CAAI,KAAK,WAAW,CAAA;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC5B,IAAA,IAAI,WAAA,CAAY,IAAA,GAAO,OAAA,CAAQ,IAAA,EAAM;AACnC,MAAA,IAAA,CAAK,GAAA,CAAI,KAAK,WAAW,CAAA;AAAA,IAC3B;AAAA,EACF;AAEA,EAAA,OAAO,CAAC,GAAG,IAAA,CAAK,MAAA,EAAQ,CAAA;AAC1B;AAEO,SAAS,iCAAiC,YAAA,EAAgD;AAC/F,EAAA,MAAM,OAAA,GAAU,mBAAmB,YAAY,CAAA;AAC/C,EAAA,MAAM,OAAA,GAAU,OAAA,CACb,GAAA,CAAI,CAAC,WAAA,KAAgB,YAAY,IAAA,CAAK,WAAW,CAAA,CACjD,MAAA,CAAO,CAAC,KAAA,KAAU,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,QAAQ,CAAA,CACxE,IAAI,CAAC,KAAA,KAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AAE/B,EAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,IAAA,OAAO,CAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAA,GAAQ,QAAQ,MAAA,CAAO,CAAC,KAAK,KAAA,KAAU,GAAA,GAAM,OAAO,CAAC,CAAA;AAC3D,EAAA,OAAO,QAAQ,OAAA,CAAQ,MAAA;AACzB;AAEO,SAAS,gBAAgB,OAAA,EAAyB;AACvD,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA;AACpC,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B,EAAE,SAAS,CAAA;AAAA,EAClF;AACA,EAAA,OAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AACxB;AChPA,IAAM,aAAA,GAA6C;AAAA,EACjD,CAAA,EAAG;AAAA,IACD,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,sBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,EAAA,EAAI;AAAA,IACF,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,iCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,GAAA,EAAK;AAAA,IACH,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,yBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,sBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,KAAA,EAAO;AAAA,IACL,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,qBAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,QAAA,EAAU;AAAA,IACR,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,8BAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,gBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,iCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,kBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB,GACF;AAAA,EACA,KAAA,EAAO;AAAA,IACL,QAAA,EAAU,EAAA;AAAA,IACV,YAAA,EAAc,KAAA;AAAA,IACd,QAAA,EAAU,yCAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACJ,gBAAA,EAAkB,kBAAA;AAAA,MAClB,eAAA,EAAiB;AAAA;AACnB;AAEJ,CAAA;AAEA,IAAM,aAAA,GAAgB,oBAAA;AAEtB,SAAS,UAAU,OAAA,EAA8B;AAC/C,EAAA,MAAM,MAAA,GAAS,cAAc,OAAO,CAAA;AACpC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,wBAAA,EAA0B;AAAA,MACrE,OAAA;AAAA,MACA,WAAW,oBAAA;AAAqB,KACjC,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,oBAAA,GAAiC;AAC/C,EAAA,OAAO,MAAA,CAAO,KAAK,aAAa,CAAA,CAAE,IAAI,CAACV,GAAAA,KAAO,MAAA,CAAOA,GAAE,CAAC,CAAA;AAC1D;AAEO,SAAS,iBAAiB,OAAA,EAA0B;AACzD,EAAA,OAAO,OAAA,IAAW,aAAA;AACpB;AAEO,SAAS,iBAAA,CAAkB,SAAiB,OAAA,EAAuC;AACxF,EAAA,MAAM,MAAA,GAAS,UAAU,OAAO,CAAA;AAChC,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAChC,EAAA,MAAM,QAAQ,IAAA,GAAO,GAAA;AACrB,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,KAAA;AAAA,IACA,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,cAAc,MAAA,CAAO;AAAA,GACvB;AACF;AAEO,SAAS,aAAA,CACd,cAAA,EACA,mBAAA,EACA,OAAA,EACY;AACZ,EAAA,MAAM,IAAA,GAAO;AAAA,IACX,MAAA,EAAQ,aAAA;AAAA,IACR,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,SAAA,GAAYW,aAAa,IAAI,CAAA;AACnC,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,6BAA6B,CAAA;AAAA,EACxE;AAEA,EAAA,OAAOT,YAAY,SAAS,CAAA;AAC9B;AAEO,SAAS,QAAA,CAAS,WAAuB,OAAA,EAAsB;AACpE,EAAA,IAAI,CAAC,gBAAA,CAAiB,OAAO,CAAA,EAAG;AAC9B,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,wBAAA,EAA0B,EAAE,SAAS,CAAA;AAAA,EACpF;AAGA,EAAA,IAAI,YAAY,CAAA,EAAG;AACjB,IAAA,OAAOC,OAAO,SAAS,CAAA;AAAA,EACzB;AAEA,EAAA,OAAOF,UAAU,SAAS,CAAA;AAC5B;AAEO,SAAS,uBAAA,CACd,OAAA,EACA,YAAA,EACA,OAAA,EACA,OAAA,EACQ;AACR,EAAA,MAAM,EAAE,IAAA,EAAM,KAAA,EAAM,GAAI,iBAAA,CAAkB,SAAS,OAAO,CAAA;AAC1D,EAAA,MAAM,cAAA,GAAiB,eAAe,OAAO,CAAA;AAC7C,EAAA,MAAM,mBAAA,GAAsB,eAAe,YAAY,CAAA;AACvD,EAAA,MAAM,IAAA,GAAO,aAAA,CAAc,cAAA,EAAgB,mBAAA,EAAqB,OAAO,CAAA;AACvE,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,IAAA,EAAM,OAAO,CAAA;AACrC,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,MAAM,CAAA,GAAI,KAAA;AAChC,EAAA,OAAO,IAAA,GAAO,MAAA;AAChB;AAEO,SAAS,oCAAA,CACd,cAAA,EACA,mBAAA,EACA,OAAA,EACA,OAAA,EACQ;AACR,EAAA,OAAO,uBAAA;AAAA,IACL,cAAA,CAAe,SAAS,cAAc,CAAA;AAAA,IACtC,cAAA,CAAe,SAAS,mBAAmB,CAAA;AAAA,IAC3C,OAAA;AAAA,IACA;AAAA,GACF;AACF;AAEO,SAAS,yBAAA,CACd,OAAA,EACA,MAAA,EACA,OAAA,EACqB;AACrB,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,EAAG;AACvC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAA,EAAuC,EAAE,QAAQ,CAAA;AAAA,EAC5F;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,kBAAA;AAAA,IACX,YAAA,EAAc,OAAA;AAAA,IACd,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,UAAU,OAAO,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;AAEO,SAAS,oBAAA,CAAqB,QAAyB,OAAA,EAAyB;AACrF,EAAA,MAAM,MAAA,GAAS,UAAU,OAAO,CAAA;AAChC,EAAA,MAAM,UAAA,GAAa,OAAO,MAAA,KAAW,QAAA,GAAW,OAAO,IAAA,CAAK,KAAA,CAAM,MAAM,CAAC,CAAA,GAAI,MAAA;AAC7E,EAAA,OAAO,CAAA,EAAG,YAAY,UAAA,EAAY,MAAA,CAAO,QAAQ,CAAC,CAAA,CAAA,EAAI,OAAO,YAAY,CAAA,CAAA;AAC3E;AAEO,SAAS,gBAAA,CAAiB,SAAiB,MAAA,EAAqB;AACrE,EAAA,OAAO,GAAG,SAAA,CAAU,OAAO,CAAA,CAAE,QAAQ,OAAO,MAAM,CAAA,CAAA;AACpD;AAEO,SAAS,qBAAA,CAAsB,SAAiB,OAAA,EAAyB;AAC9E,EAAA,OAAO,GAAG,SAAA,CAAU,OAAO,CAAA,CAAE,QAAQ,YAAY,OAAO,CAAA,CAAA;AAC1D;ACvMO,SAAS,mCAAmC,WAAA,EAAgD;AACjG,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAY;AAElC,EAAA,KAAA,MAAW,UAAU,OAAA,EAA2C;AAE9D,IAAA,MAAM,sBAAsB,MAAA,CAAO,mBAAA;AACnC,IAAA,IAAI,OAAO,wBAAwB,QAAA,EAAU;AAC3C,MAAA,IAAI;AACF,QAAA,SAAA,CAAU,GAAA,CAAIM,UAAAA,CAAW,qBAAA,CAAsB,mBAAmB,CAAC,CAAC,CAAA;AAAA,MACtE,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAGA,IAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,IAAA,IAAI,OAAO,iBAAiB,QAAA,EAAU;AACpC,MAAA,MAAM,WAAW,YAAA,CAAa,UAAA,CAAW,IAAI,CAAA,GAAI,YAAA,GAAe,KAAK,YAAY,CAAA,CAAA;AACjF,MAAA,IAAID,SAAAA,CAAU,QAAQ,CAAA,EAAG;AACvB,QAAA,SAAA,CAAU,GAAA,CAAIC,UAAAA,CAAW,QAAQ,CAAC,CAAA;AAAA,MACpC;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,CAAC,GAAG,SAAS,CAAA;AACtB;AAKO,SAAS,2BACd,WAAA,EACgC;AAChC,EAAA,MAAM,UAAU,WAAA,CAAY,kBAAA;AAC5B,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC3B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,MAAM,OAAuC,EAAC;AAE9C,EAAA,KAAA,MAAW,UAAU,OAAA,EAA2C;AAC9D,IAAA,MAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,IAAA,IAAI,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,IAAY,CAAC,KAAA,CAAM,OAAA,CAAQ,YAAY,CAAA,EAAG;AACpF,MAAA,IAAA,CAAK,KAAK,YAAuC,CAAA;AAAA,IACnD;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAWO,SAAS,8BAAA,CACd,aACA,qBAAA,EACqC;AACrC,EAAA,MAAM,MAAA,GAAS,iBAAiB,qBAAqB,CAAA;AAGrD,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,WAAA,GAAc,YAAY,qBAAqB,CAAA;AACrD,MAAA,MAAM,YAAA,GAAe,2BAA2B,WAAW,CAAA;AAE3D,MAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,QAAA,IAAI;AACF,UAAA,IAAI,eAAA,CAAgB,MAAA,EAAQ,WAAW,CAAA,EAAG;AACxC,YAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,UACvB;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACV;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACV;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,eAAA;AACJ,EAAA,IAAI;AACF,IAAA,eAAA,GAAkBA,UAAAA,CAAW,qBAAA,CAAsB,qBAAqB,CAAC,CAAA;AAAA,EAC3E,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,sEAAA,EAAuE;AAAA,EACxG;AAEA,EAAA,MAAM,SAAA,GAAY,mCAAmC,WAAW,CAAA;AAChE,EAAA,IAAI,SAAA,CAAU,IAAA,CAAK,CAAC,OAAA,KAAY,OAAA,CAAQ,aAAY,KAAM,eAAA,CAAgB,WAAA,EAAa,CAAA,EAAG;AACxF,IAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AAAA,EACvB;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,uDAAuD,eAAe,CAAA,CAAA;AAAA,GAChF;AACF;AAEA,eAAsB,0BAAA,CACpB,MAAA,EACA,qBAAA,EACA,OAAA,GAA6C,EAAC,EACA;AAC9C,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,gBAAA,GACxB,MAAM,OAAA,CAAQ,iBAAiB,MAAM,CAAA,GACrC,MAAM,gBAAA,CAAiB,MAAM,CAAA;AAEjC,EAAA,OAAO,8BAAA,CAA+B,aAAa,qBAAqB,CAAA;AAC1E;AChJO,SAAS,iBAAA,CACd,IAAA,EACA,OAAA,EACA,OAAA,EACA,iBAAA,EAC4E;AAC5E,EAAA,OAAO,EAAE,IAAA,EAAM,OAAA,EAAS,OAAA,EAAS,iBAAA,EAAkB;AACrD;AAEO,SAAS,2BAAA,GAGd;AACA,EAAA,OAAO;AAAA,IACL,WAAA,EAAa,eAAA;AAAA,IACb,KAAA,EAAO;AAAA,MACL,aAAA,EAAe;AAAA,QACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,QAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,QACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC;AACF,GACF;AACF;AAEO,SAAS,qBAAA,CACd,WAKA,SAAA,EACqC;AACrC,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,eAAA;AAAA,MACb,SAAA,CAAU,MAAA;AAAA,MACV,SAAA,CAAU,KAAA;AAAA,MACV,SAAA,CAAU,OAAA;AAAA,MACV;AAAA,KACF;AAEA,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAO;AAAA,EAC/B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AACF;;;ACnCO,SAAS,kBAAkB,MAAA,EAAoC;AACpE,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,OAAA,GAAU,MAAA,CACb,KAAA,CAAM,QAAQ,CAAA,CACd,GAAA,CAAI,CAAC,KAAA,KAAU,KAAA,CAAM,IAAA,EAAM,CAAA,CAC3B,OAAO,OAAO,CAAA;AAEjB,EAAA,MAAM,SAA6C,EAAC;AACpD,EAAA,MAAM,cAAqB,EAAC;AAE5B,EAAA,KAAA,MAAW,SAAS,OAAA,EAAS;AAC3B,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA;AACjC,IAAA,IAAI,YAAY,EAAA,EAAI;AACpB,IAAA,MAAM,MAAM,KAAA,CAAM,KAAA,CAAM,CAAA,EAAG,OAAO,EAAE,IAAA,EAAK;AACzC,IAAA,MAAM,QAAQ,KAAA,CAAM,KAAA,CAAM,OAAA,GAAU,CAAC,EAAE,IAAA,EAAK;AAC5C,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,KAAA,EAAO;AAEpB,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,WAAA,CAAY,KAAK,KAAK,CAAA;AAAA,IACxB,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI,KAAA;AAAA,IAChB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAS,MAAA,CAAO,CAAA;AAAA,IAChB,UAAA,EAAY,YAAY,CAAC,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEO,SAAS,kBAAkB,aAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,aAAa,aAAa,CAAA;AAC7C,EAAA,OAAO,kBAAkB,UAAU,CAAA,CAAA;AACrC;ACEA,IAAM,qBAAA,GAAwB;AAAA,EAC5B,SAAA;AAAA,EACA,aAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,IAAM,uBAAA,GAA0B;AAAA,EAC9B,SAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,SAAS,qBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAAS,qBAAA,EAAuB;AACzC,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAEA,SAAS,uBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAAS,uBAAA,EAAyB;AAC3C,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAMA,SAAS,OAAA,CAAQT,KAAAA,EAAc,OAAA,EAAiB,OAAA,EAAmE;AACjH,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,KAAA,EAAO,EAAE,IAAA,EAAAA,KAAAA,EAAM,OAAA,EAAQ;AAAA,IACvB,GAAG;AAAA,GACL;AACF;AAyBA,eAAsB,qBAAA,CACpB,UACA,OAAA,EACyD;AAEzD,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAO,OAAA,CAAQ,oBAAoB,oCAAoC,CAAA;AAAA,EACzE;AACA,EAAA,IAAI,QAAA,CAAS,WAAW,KAAA,EAAO;AAC7B,IAAA,OAAO,OAAA,CAAQ,kBAAA,EAAoB,CAAA,4BAAA,EAA+B,QAAA,CAAS,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACtF;AACA,EAAA,IAAI,OAAO,QAAA,CAAS,SAAA,KAAc,YAAY,QAAA,CAAS,SAAA,CAAU,WAAW,CAAA,EAAG;AAC7E,IAAA,OAAO,OAAA,CAAQ,oBAAoB,+CAA+C,CAAA;AAAA,EACpF;AAEA,EAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAG5B,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,OAAO,OAAA,CAAQ,iBAAiB,4DAA4D,CAAA;AAAA,EAC9F;AAGA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,sBAAsB,UAAU,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAA,CAAQ,iBAAiB,uCAAuC,CAAA;AAAA,EACzE;AAGA,EAAA,IAAI,CAAC,MAAA,CAAO,GAAA,IAAO,OAAO,MAAA,CAAO,QAAQ,QAAA,EAAU;AACjD,IAAA,OAAO,OAAA,CAAQ,aAAA,EAAe,6BAAA,EAA+B,EAAE,QAAQ,CAAA;AAAA,EACzE;AAGA,EAAA,MAAM,MAAM,OAAO,MAAA,CAAO,GAAA,KAAQ,QAAA,GAAW,OAAO,GAAA,GAAM,IAAA;AAC1D,EAAA,MAAM,cAAc,MAAA,CAAO,GAAA;AAE3B,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,WAAA,EAAa;AACxB,IAAA,OAAO,OAAA;AAAA,MACL,sBAAA;AAAA,MACA,oDAAA;AAAA,MACA,EAAE,MAAA;AAAO,KACX;AAAA,EACF;AAGA,EAAA,IAAI,YAAA;AACJ,EAAA,IAAI,eAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AAEf,IAAA,MAAM,UAAA,GAAa,kBAAkB,WAAW,CAAA;AAChD,IAAA,IAAI,CAAC,WAAW,KAAA,EAAO;AACrB,MAAA,OAAO,OAAA;AAAA,QACL,sBAAA;AAAA,QACA,CAAA,yBAAA,EAA4B,WAAW,KAAK,CAAA,CAAA;AAAA,QAC5C,EAAE,MAAA;AAAO,OACX;AAAA,IACF;AAEA,IAAA,YAAA,GAAe,WAAA;AACf,IAAA,eAAA,GAAkB,cAAA;AAGlB,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,GAAA,EAAK,SAAS,cAAc,CAAA;AAC5E,QAAA,IAAI,CAAC,eAAA,CAAgB,YAAA,EAAc,QAAA,CAAS,YAAY,CAAA,EAAG;AACzD,UAAA,OAAO,OAAA;AAAA,YACL,cAAA;AAAA,YACA,0DAAA;AAAA,YACA,EAAE,QAAQ,GAAA;AAAI,WAChB;AAAA,QACF;AAAA,MACF,SAAS,GAAA,EAAK;AAAA,MAKd;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AAEL,IAAA,eAAA,GAAkB,gBAAA;AAClB,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,wBAAA,CAAyB,GAAA,EAAM,SAAS,cAAc,CAAA;AAC7E,MAAA,YAAA,GAAe,QAAA,CAAS,YAAA;AAAA,IAC1B,SAAS,GAAA,EAAK;AACZ,MAAA,MAAM,OAAA,GACJ,GAAA,YAAe,aAAA,GACX,CAAA,uBAAA,EAA0B,GAAG,MAAM,GAAA,CAAI,OAAO,CAAA,CAAA,GAC9C,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAA,CAAA;AACnC,MAAA,OAAO,QAAQ,uBAAA,EAAyB,OAAA,EAAS,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IAClE;AAAA,EACF;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,YAAA,EAAiD,OAAO,GAAa,CAAA;AACjG,IAAA,MAAM,MAAA,GAAS,MAAM,aAAA,CAAc,UAAA,EAAY,GAAG,CAAA;AAGlD,IAAA,MAAM,cAAc,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,OAAO,OAAO,CAAA;AAC3D,IAAA,OAAA,GAAU,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EAClC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,OAAA,GAAU,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,+BAAA;AACrD,IAAA,OAAO,QAAQ,mBAAA,EAAqB,OAAA,EAAS,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC9D;AAGA,EAAA,MAAM,YAAA,GAAe,YAAY,YAAY,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,IAAA;AAAA,IACP,MAAA;AAAA,IACA,OAAA;AAAA,IACA,GAAA;AAAA,IACA,YAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF;AACF;AAiBA,eAAsB,kBAAA,CACpB,UACA,OAAA,EACyD;AACzD,EAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA;AAC5D,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,EAAO,OAAO,MAAA;AAE1B,EAAA,MAAM,YAAA,GAAe,oBAAA,CAAqB,MAAA,CAAO,OAAO,CAAA;AACxD,EAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,IAAA,OAAO,OAAA;AAAA,MACL,uBAAA;AAAA,MACA,CAAA,8BAAA,EAAiC,aAAa,KAAK,CAAA,CAAA;AAAA,MACnD;AAAA,QACE,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,cAAc,MAAA,CAAO,YAAA;AAAA,QACrB,iBAAiB,MAAA,CAAO,eAAA;AAAA,QACxB,cAAc,MAAA,CAAO;AAAA;AACvB,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAiBA,eAAsB,oBAAA,CACpB,UACA,OAAA,EACyD;AACzD,EAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA;AAC5D,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,EAAO,OAAO,MAAA;AAE1B,EAAA,MAAM,YAAA,GAAe,sBAAA,CAAuB,MAAA,CAAO,OAAO,CAAA;AAC1D,EAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,IAAA,OAAO,OAAA;AAAA,MACL,yBAAA;AAAA,MACA,CAAA,gCAAA,EAAmC,aAAa,KAAK,CAAA,CAAA;AAAA,MACrD;AAAA,QACE,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,KAAK,MAAA,CAAO,GAAA;AAAA,QACZ,cAAc,MAAA,CAAO,YAAA;AAAA,QACrB,iBAAiB,MAAA,CAAO,eAAA;AAAA,QACxB,cAAc,MAAA,CAAO;AAAA;AACvB,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AC5RA,IAAM,YAAA,GAAe;AAAA,EACnB,IAAA,EAAM,YAAA;AAAA,EACN,OAAA,EAAS,GAAA;AAAA,EACT,OAAA,EAAS;AACX,CAAA;AAKA,IAAM,cAAA,GAAiB;AAAA,EACrB,IAAA,EAAM,cAAA;AAAA,EACN,OAAA,EAAS,GAAA;AAAA,EACT,OAAA,EAAS;AACX,CAAA;AAMA,IAAM,WAAA,GAAc;AAAA,EAClB,KAAA,EAAO;AAAA,IACL,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AAAA,IACnC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA,EAAS;AAAA,IACtC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,QAAA,EAAS;AAAA,IACjC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,QAAA,EAAS;AAAA,IAClC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,QAAA,EAAS;AAAA,IACjC,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA;AAAU;AAE1C,CAAA;AAMA,IAAM,aAAA,GAAgB;AAAA,EACpB,OAAA,EAAS;AAAA,IACP,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AAAA,IACnC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,QAAA,EAAS;AAAA,IAClC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA,EAAS;AAAA,IACtC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,QAAA,EAAS;AAAA,IAChC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAU;AAAA,IACpC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,QAAA;AAAS;AAE1C,CAAA;AAMA,IAAMc,sBAAAA,GAAwB;AAAA,EAC5B,SAAA;AAAA,EACA,aAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,IAAMC,wBAAAA,GAA0B;AAAA,EAC9B,SAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA;AAEA,SAASC,sBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAASF,sBAAAA,EAAuB;AACzC,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAEA,SAASG,wBACP,OAAA,EACmD;AACnD,EAAA,KAAA,MAAW,SAASF,wBAAAA,EAAyB;AAC3C,IAAA,IAAI,EAAE,KAAA,IAAS,OAAA,CAAA,IAAY,OAAA,CAAQ,KAAK,MAAM,MAAA,IAAa,OAAA,CAAQ,KAAK,CAAA,KAAM,IAAA,EAAM;AAClF,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,IAC/B;AAAA,EACF;AACA,EAAA,OAAO,EAAE,OAAO,IAAA,EAAK;AACvB;AAMA,SAASG,QAAAA,CACPlB,KAAAA,EACA,OAAA,EACA,OAAA,EAC2B;AAC3B,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,KAAA,EAAO,EAAE,IAAA,EAAAA,KAAAA,EAAM,OAAA,EAAQ;AAAA,IACvB,GAAG;AAAA,GACL;AACF;AAcA,SAAS,oBAAoB,OAAA,EAA2D;AACtF,EAAA,OAAO;AAAA,IACL,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,aAAa,OAAA,CAAQ,WAAA;AAAA,IACrB,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,UAAA,EAAY,QAAQ,UAAA,IAAc;AAAA,GACpC;AACF;AAEA,SAAS,sBAAsB,OAAA,EAA2D;AACxF,EAAA,OAAO;AAAA,IACL,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,aAAa,OAAA,CAAQ,WAAA;AAAA,IACrB,OAAO,OAAA,CAAQ,KAAA;AAAA,IACf,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,WAAA,EAAa,QAAQ,WAAA,IAAe;AAAA,GACtC;AACF;AAgBO,SAAS,wBAAA,CACd,UACA,YAAA,EACsD;AAEtD,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAOkB,QAAAA,CAAQ,oBAAoB,oCAAoC,CAAA;AAAA,EACzE;AACA,EAAA,IAAI,QAAA,CAAS,WAAW,QAAA,EAAU;AAChC,IAAA,OAAOA,QAAAA,CAAQ,kBAAA,EAAoB,CAAA,+BAAA,EAAkC,QAAA,CAAS,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACzF;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,OAAO,QAAA,CAAS,OAAA,KAAY,QAAA,IAAY,KAAA,CAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA,EAAG;AAChG,IAAA,OAAOA,QAAAA,CAAQ,mBAAmB,gDAAgD,CAAA;AAAA,EACpF;AACA,EAAA,IAAI,OAAO,QAAA,CAAS,SAAA,KAAc,YAAY,QAAA,CAAS,SAAA,CAAU,WAAW,CAAA,EAAG;AAC7E,IAAA,OAAOA,QAAAA,CAAQ,qBAAqB,qDAAqD,CAAA;AAAA,EAC3F;AAEA,EAAA,MAAM,UAAU,QAAA,CAAS,OAAA;AAGzB,EAAA,IAAI,iBAAiB,OAAA,EAAS;AAC5B,IAAA,MAAM,KAAA,GAAQF,sBAAqB,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,MAAM,KAAA,EAAO;AAChB,MAAA,OAAOE,QAAAA;AAAA,QACL,uBAAA;AAAA,QACA,CAAA,8BAAA,EAAiC,MAAM,KAAK,CAAA,CAAA;AAAA,QAC5C,EAAE,OAAA;AAAQ,OACZ;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AACL,IAAA,MAAM,KAAA,GAAQD,wBAAuB,OAAO,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAM,KAAA,EAAO;AAChB,MAAA,OAAOC,QAAAA;AAAA,QACL,yBAAA;AAAA,QACA,CAAA,gCAAA,EAAmC,MAAM,KAAK,CAAA,CAAA;AAAA,QAC9C,EAAE,OAAA;AAAQ,OACZ;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,MAAA,GAAS,YAAA,KAAiB,OAAA,GAAU,YAAA,GAAe,cAAA;AACzD,EAAA,MAAM,KAAA,GAAQ,YAAA,KAAiB,OAAA,GAAU,WAAA,GAAc,aAAA;AACvD,EAAA,MAAM,UACJ,YAAA,KAAiB,OAAA,GACb,oBAAoB,OAAO,CAAA,GAC3B,sBAAsB,OAAO,CAAA;AAGnC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAASC,eAAAA;AAAA,MACP,MAAA;AAAA,MACA,KAAA;AAAA,MACA,OAAA;AAAA,MACA,QAAA,CAAS;AAAA,KACX;AACA,IAAA,MAAA,GAASV,WAAW,MAAM,CAAA;AAAA,EAC5B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAMW,QAAAA,GAAU,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,uCAAA;AACrD,IAAA,OAAOF,QAAAA,CAAQ,mBAAA,EAAqBE,QAAAA,EAAS,EAAE,SAAS,CAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,IAAA;AAAA,IACP,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAeO,SAAS,sBACd,QAAA,EACsD;AACtD,EAAA,OAAO,wBAAA,CAAyB,UAAU,OAAO,CAAA;AACnD;AAeO,SAAS,wBACd,QAAA,EACsD;AACtD,EAAA,OAAO,wBAAA,CAAyB,UAAU,SAAS,CAAA;AACrD;;;ACnSA,SAAS,aAAa,KAAA,EAAwB;AAC5C,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AACvB,MAAA,MAAM,GAAG,OAAO,CAAA,GAAI,KAAA,CAAM,MAAM,GAAG,CAAA;AACnC,MAAA,OAAO,OAAO,OAAO,CAAA;AAAA,IACvB;AACA,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAEA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,YAAY,WAAA,EAAqD;AACxE,EAAA,MAAM,SAAA,GAAY,YAAY,IAAA,CAAK,MAAA;AACnC,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,SAAS,CAAA,EAAG;AAC7B,IAAA,OAAO,EAAC;AAAA,EACV;AAEA,EAAA,OAAO,SAAA,CACJ,GAAA,CAAI,CAAC,KAAA,KAAU;AACd,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,MAAA,IAAI;AACF,QAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,MACzB,CAAA,CAAA,MAAQ;AACN,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,IAAI,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACtC,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,OAAO,IAAA;AAAA,EACT,CAAC,EACA,MAAA,CAAO,CAAC,UAAiC,OAAA,CAAQ,KAAA,EAAO,SAAS,CAAC,CAAA;AACvE;AAEA,SAAS,gBAAgB,KAAA,EAAmC;AAC1D,EAAA,IAAI,KAAA,CAAM,iBAAiB,eAAA,EAAiB;AAC1C,IAAA,OAAO,eAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT;AAEA,SAAS,iBAAiB,UAAA,EAA6C;AACrE,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,aAAA,CAAc,2BAAA,EAA6B,4BAA4B,CAAA;AAAA,EACnF;AACA,EAAA,MAAM,UAAA,GAAa,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAChE,EAAA,MAAM,MAAA,GAAS,UAAA,CAAW,MAAA,CAAO,UAAA,CAAW,MAAA,GAAA,CAAW,IAAK,UAAA,CAAW,MAAA,GAAS,CAAA,IAAM,CAAA,EAAI,GAAG,CAAA;AAC7F,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,IAAA,IAAA,GAAO,kBAAA;AAAA,MACL,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,KACZ;AAAA,EACF,CAAA,MAAO;AACL,IAAA,IAAA,GAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,EACtD;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AACxB;AAEA,eAAsB,YAAY,MAAA,EAAuD;AACvF,EAAA,MAAM,EAAE,KAAA,EAAO,QAAA,EAAU,kBAAA,EAAoB,uBAAsB,GAAI,MAAA;AAEvE,EAAA,IAAI;AACF,IAAA,QAAQ,MAAM,SAAA;AAAW,MACvB,KAAK,kBAAA,EAAoB;AACvB,QAAA,IAAI,CAAC,QAAA,EAAU;AACb,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AACA,QAAA,IAAI,CAAC,kBAAA,IAAsB,CAAC,qBAAA,EAAuB;AACjD,UAAA,OAAO;AAAA,YACL,KAAA,EAAO,KAAA;AAAA,YACP,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,MAAA,EAAQ;AAAA,WACV;AAAA,QACF;AAEA,QAAA,MAAM,cAAc,KAAA,CAAM,WAAA;AAC1B,QAAA,MAAM,OAAA,GAAU,YAAA,CAAa,WAAA,CAAY,OAAO,CAAA;AAChD,QAAA,MAAM,EAAA,GAAK,MAAO,QAAA,CAAgE,cAAA;AAAA,UAChF,WAAA,CAAY;AAAA,SACd;AACA,QAAA,IAAI,CAAC,EAAA,EAAI;AACP,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,uBAAA,EAAwB;AAAA,QACrF;AAEA,QAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,UACrB,kBAAA;AAAA,UACA,qBAAA;AAAA,UACA,OAAA;AAAA,UACA,gBAAgB,KAAK;AAAA,SACvB;AAEA,QAAA,MAAM,cAAA,GAAiBX,UAAAA,CAAW,qBAAA,CAAsB,kBAAkB,CAAC,CAAA;AAC3E,QAAA,MAAM,iBAAA,GAAoBA,UAAAA,CAAW,qBAAA,CAAsB,qBAAqB,CAAC,CAAA;AAEjF,QAAA,IAAI,GAAG,IAAA,IAAQA,UAAAA,CAAW,EAAA,CAAG,IAAI,MAAM,cAAA,EAAgB;AACrD,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,6BAAA,EAA8B;AAAA,QAC3F;AAEA,QAAA,IAAI,GAAG,EAAA,IAAMA,UAAAA,CAAW,EAAA,CAAG,EAAE,MAAM,iBAAA,EAAmB;AACpD,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,gCAAA,EAAiC;AAAA,QAC9F;AAEA,QAAA,IAAI,MAAA,CAAO,EAAA,CAAG,KAAK,CAAA,KAAM,cAAA,EAAgB;AACvC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,6BAAA,EAA8B;AAAA,QAC3F;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,gBAAA,EAAkB;AACrB,QAAA,IAAI,CAAC,QAAA,EAAU;AACb,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AACA,QAAA,MAAM,cAAc,KAAA,CAAM,WAAA;AAC1B,QAAA,MAAM,EAAA,GAAK,MAAO,QAAA,CAAgE,cAAA;AAAA,UAChF,WAAA,CAAY;AAAA,SACd;AACA,QAAA,IAAI,CAAC,EAAA,EAAI;AACP,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,uBAAA,EAAwB;AAAA,QACrF;AAEA,QAAA,IAAI,CAAC,GAAG,EAAA,EAAI;AACV,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,4BAAA,EAA6B;AAAA,QAC1F;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,YAAA,EAAc;AACjB,QAAA,MAAM,SAAS,KAAA,CAAM,WAAA;AAMrB,QAAA,MAAM,SAAA,GAAY;AAAA,UAChB,QAAQ,MAAA,CAAO,MAAA;AAAA,UACf,KAAA,EAAO;AAAA,YACL,aAAA,EAAe;AAAA,cACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,cAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,cAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,cACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,cAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,cAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,cACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC,WACF;AAAA,UACA,SAAS,MAAA,CAAO;AAAA,SAClB;AAEA,QAAA,MAAM,YAAA,GAAe,qBAAA,CAAsB,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AACtE,QAAA,IAAI,CAAC,YAAA,CAAa,KAAA,IAAS,CAAC,aAAa,MAAA,EAAQ;AAC/C,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAEA,QAAA,IAAI,OAAO,MAAA,CAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,EAAU;AAC7C,UAAA,MAAM,QAAA,GAAWA,UAAAA,CAAW,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA;AACjD,UAAA,IAAIA,UAAAA,CAAW,YAAA,CAAa,MAAM,CAAA,KAAM,QAAA,EAAU;AAChD,YAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,UACzF;AAAA,QACF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,SAAA,EAAW;AACd,QAAA,IAAI,OAAO,KAAA,CAAM,WAAA,KAAgB,QAAA,EAAU;AACzC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAEA,QAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,KAAA,CAAM,WAAW,CAAA;AAClD,QAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,QAAA,MAAM,MAAM,OAAA,CAAQ,GAAA;AACpB,QAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,GAAM,GAAA,EAAK;AACxC,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,mBAAA,EAAoB;AAAA,QACjF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,cAAA;AAAA,MACL,KAAK,YAAA,EAAc;AACjB,QAAA,IAAI,CAAC,KAAA,CAAM,WAAA,IAAe,OAAO,KAAA,CAAM,gBAAgB,QAAA,EAAU;AAC/D,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,2BAAA,EAA4B;AAAA,QACzF;AAGA,QAAA,MAAM,WAAW,KAAA,CAAM,WAAA;AACvB,QAAA,IAAI,SAAS,MAAA,KAAW,KAAA,IAAS,OAAO,QAAA,CAAS,cAAc,QAAA,EAAU;AACvE,UAAA,MAAM,QAAA,GAA4B;AAAA,YAChC,MAAA,EAAQ,KAAA;AAAA,YACR,WAAW,QAAA,CAAS;AAAA,WACtB;AACA,UAAA,MAAM,SAAA,GACJ,KAAA,CAAM,SAAA,KAAc,YAAA,GAChB,MAAM,mBAAmB,QAAQ,CAAA,GACjC,MAAM,oBAAA,CAAqB,QAAQ,CAAA;AAEzC,UAAA,IAAI,CAAC,UAAU,KAAA,EAAO;AACpB,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ,SAAA,CAAU,KAAA,EAAO,OAAA,IAAW;AAAA,aACtC;AAAA,UACF;AACA,UAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,QACnD;AAGA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAW,QAAA,IAAY,OAAO,QAAA,CAAS,SAAA,KAAc,QAAA,IAAY,QAAA,CAAS,OAAA,IAAW,OAAO,QAAA,CAAS,OAAA,KAAY,QAAA,EAAU;AACtI,UAAA,MAAM,QAAA,GAA+B;AAAA,YACnC,MAAA,EAAQ,QAAA;AAAA,YACR,SAAS,QAAA,CAAS,OAAA;AAAA,YAClB,WAAW,QAAA,CAAS;AAAA,WACtB;AACA,UAAA,MAAM,YAAA,GACJ,MAAM,SAAA,KAAc,YAAA,GAChB,sBAAsB,QAAQ,CAAA,GAC9B,wBAAwB,QAAQ,CAAA;AAEtC,UAAA,IAAI,CAAC,aAAa,KAAA,EAAO;AACvB,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ,YAAA,CAAa,KAAA,EAAO,OAAA,IAAW;AAAA,aACzC;AAAA,UACF;AACA,UAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,QACnD;AAGA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA,KAAK,kBAAA,EAAoB;AACvB,QAAA,MAAM,SAAS,KAAA,CAAM,WAAA;AACrB,QAAA,IAAI,CAAC,OAAO,GAAA,EAAK;AACf,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,sBAAA,EAAuB;AAAA,QACpF;AAEA,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,GAAG,CAAA;AACvC,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,CAAM,WAAW,MAAA,EAAQ,CAAA,uBAAA,EAA0B,QAAA,CAAS,MAAM,CAAA,CAAA,CAAA,EAAI;AAAA,QAC1G;AAEA,QAAA,IAAI,MAAA,CAAO,GAAA,CAAI,QAAA,CAAS,uBAAuB,KAAK,qBAAA,EAAuB;AACzE,UAAA,MAAM,MAAA,GAAU,MAAM,QAAA,CAAS,IAAA,EAAK;AACpC,UAAA,MAAM,QAAA,GAAW,8BAAA,CAA+B,MAAA,EAAQ,qBAAqB,CAAA;AAC7E,UAAA,OAAO;AAAA,YACL,OAAO,QAAA,CAAS,KAAA;AAAA,YAChB,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,QAAQ,QAAA,CAAS;AAAA,WACnB;AAAA,QACF;AAEA,QAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,QAAA,IAAI,qBAAA,IAAyB,CAAC,IAAA,CAAK,QAAA,CAAS,qBAAqB,CAAA,EAAG;AAClE,UAAA,IAAI;AACF,YAAA,MAAM,MAAA,GAAS,kBAAkB,IAAI,CAAA;AACrC,YAAA,IAAI,CAAC,MAAA,CAAO,WAAA,CAAY,QAAA,CAAS,qBAAqB,CAAA,EAAG;AACvD,cAAA,OAAO;AAAA,gBACL,KAAA,EAAO,KAAA;AAAA,gBACP,WAAW,KAAA,CAAM,SAAA;AAAA,gBACjB,MAAA,EAAQ;AAAA,eACV;AAAA,YACF;AAAA,UACF,CAAA,CAAA,MAAQ;AACN,YAAA,OAAO;AAAA,cACL,KAAA,EAAO,KAAA;AAAA,cACP,WAAW,KAAA,CAAM,SAAA;AAAA,cACjB,MAAA,EAAQ;AAAA,aACV;AAAA,UACF;AAAA,QACF;AAEA,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,MACnD;AAAA,MAEA;AACE,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,WAAW,KAAA,CAAM,SAAA,EAAW,QAAQ,wBAAA,EAAyB;AAAA;AACxF,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,2BAAA,EAA6B,2BAAA,EAA6B;AAAA,MAChF,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB;AAAA,KACD,CAAA;AAAA,EACH;AACF;AAEA,eAAsB,kBACpB,MAAA,EACkC;AAClC,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,MAAA,CAAO,WAAW,CAAA;AAC7C,EAAA,MAAM,SAAkC,EAAC;AACzC,EAAA,MAAM,UAAoB,EAAC;AAE3B,EAAA,MAAM,GAAA,GAAM,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAC,CAAA;AAChD,EAAA,IAAI,MAAA,CAAO,WAAA,CAAY,cAAA,GAAiB,EAAA,EAAI;AAC1C,IAAA,MAAA,CAAO,UAAA,GAAa,KAAA;AACpB,IAAA,OAAA,CAAQ,KAAK,qBAAqB,CAAA;AAAA,EACpC,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,EACtB;AAEA,EAAA,IAAI,OAAO,WAAA,CAAY,cAAA,GAAiB,MAAM,MAAA,CAAO,WAAA,CAAY,iBAAiB,GAAA,EAAK;AACrF,IAAA,MAAA,CAAO,UAAA,GAAa,KAAA;AACpB,IAAA,OAAA,CAAQ,KAAK,qBAAqB,CAAA;AAAA,EACpC,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,EACtB;AAEA,EAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,IAAA,MAAA,CAAO,MAAA,GAAS,KAAA;AAChB,IAAA,OAAA,CAAQ,KAAK,oBAAoB,CAAA;AAAA,EACnC;AAEA,EAAA,MAAM,kBAAA,GAAqB,OAAO,MAAA,IAAW,MAAA,CAAO,IAAI,CAAC,KAAA,KAAU,MAAM,SAAS,CAAA;AAElF,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,CAAC,kBAAA,CAAmB,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AACjD,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY;AAAA,MAC/B,KAAA;AAAA,MACA,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,kBAAA,EAAoB,OAAO,OAAA,EAAS,UAAA;AAAA,MACpC,qBAAA,EAAuB,OAAO,OAAA,EAAS;AAAA,KACxC,CAAA;AAED,IAAA,MAAA,CAAO,KAAA,CAAM,SAAS,CAAA,GAAI,MAAA,CAAO,KAAA;AACjC,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACjB,MAAA,OAAA,CAAQ,KAAK,MAAA,CAAO,MAAA,IAAU,CAAA,EAAG,KAAA,CAAM,SAAS,CAAA,oBAAA,CAAsB,CAAA;AAAA,IACxE;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;;;ACvXA,eAAsB,kBAAA,CACpB,gBACA,SAAA,EACkB;AAClB,EAAA,MAAM,QAAA,GAAW,cAAA;AAIjB,EAAA,IAAI;AACF,IAAA,MAAM,SAAS,MAAM,QAAA,CAAS,UAAU,EAAE,GAAA,EAAK,WAAW,CAAA;AAC1D,IAAA,OAAO,OAAA,CAAQ,MAAA,IAAU,MAAA,CAAO,GAAA,IAAO,MAAA,CAAO,QAAQ,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAC,CAAA;AAAA,EAC5E,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,gBAAA,CACpB,gBACA,SAAA,EAC0E;AAC1E,EAAA,MAAM,QAAA,GAAW,cAAA;AASjB,EAAA,IAAI;AACF,IAAA,MAAM,UAAU,MAAM,QAAA,CAAS,UAAU,EAAE,GAAA,EAAK,WAAW,CAAA;AAC3D,IAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAA,CAAQ,GAAA,KAAQ,IAAA,CAAK,MAAA,CAAO,EAAA,EAAI,GAAG,CAAA,EAAG;AACpE,MAAA,MAAM,IAAI,aAAA,CAAc,kBAAA,EAAoB,sBAAA,EAAwB,EAAE,WAAW,CAAA;AAAA,IACnF;AAEA,IAAA,OAAO;AAAA,MACL,GAAA,EAAK,eAAA,CAAgB,OAAA,CAAQ,GAAG,CAAA;AAAA,MAChC,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,UAAU,OAAA,CAAQ,QAAA;AAAA,MAClB,SAAA,EAAW,OAAA,CAAQ,OAAA,CAAQ,SAAS;AAAA,KACtC;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,wBAAA,CAAyB,GAAG,CAAA,EAAG;AACjC,MAAA,MAAM,IAAI,aAAA,CAAc,kBAAA,EAAoB,sBAAA,EAAwB,EAAE,WAAW,CAAA;AAAA,IACnF;AACA,IAAA,IAAI,eAAe,aAAA,EAAe;AAChC,MAAA,MAAM,GAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iCAAiC,EAAE,SAAA,EAAW,KAAK,CAAA;AAAA,EAC9F;AACF;AAEO,SAAS,gBAAgB,SAAA,EAAwB;AACtD,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,uBAAuB,CAAA;AAAA,EAClE;AACA,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,GAAI,SAAA,CAAU,WAAA,EAAY,GAAI,CAAA,EAAA,EAAK,SAAA,CAAU,WAAA,EAAa,CAAA,CAAA;AACjG,EAAA,IAAI,CAAC,kBAAA,CAAmB,IAAA,CAAK,KAAK,CAAA,EAAG;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,wCAAA,EAA0C,EAAE,WAAW,CAAA;AAAA,EAClG;AACA,EAAA,OAAO,KAAA;AACT;;;AC9DA,eAAe,UAAA,CACb,QACA,MAAA,EAC6C;AAC7C,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,KAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,QACnB,gBAAgB,MAAA,CAAO,cAAA;AAAA,QACvB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,aAAa,MAAA,CAAO,WAAA;AAAA,QACpB,WAAW,MAAA,CAAO,SAAA;AAAA,QAClB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,YAAY,MAAA,CAAO,UAAA;AAAA,QACnB;AAAA,OACD,CAAA;AAAA,MACD,MAAA,EAAQ,WAAA,CAAY,OAAA,CAAQ,MAAA,CAAO,aAAa,IAAM;AAAA,KACvD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAqC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC/F;AAEA,EAAA,MAAM,UAAU,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,MAAS,CAAA;AAC3D,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,IAAA;AAAA,IACJ,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,sBACpB,MAAA,EACsC;AACtC,EAAA,MAAM,SAAA,GAAY,MAAM,UAAA,CAAW,MAAA,EAAQ,SAAS,CAAA,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AACtE,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,MAAA,EAAQ,UAAU,CAAA,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AAC3E,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,KAAA;AAAA,IACJ,MAAA,EAAQ;AAAA,GACV;AACF;AAIA,IAAM,8BAAA,GAAiC,gDAAA;AAiBvC,eAAsB,yBACpB,MAAA,EACyC;AACzC,EAAA,MAAM,GAAA,GAAM,OAAO,UAAA,IAAc,8BAAA;AAEjC,EAAA,MAAM,IAAA,GAAgC;AAAA,IACpC,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB,eAAe,MAAA,CAAO;AAAA,GACxB;AAEA,EAAA,IAAI,MAAA,CAAO,YAAY,MAAA,EAAW;AAChC,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO,OAAA;AAAA,EACxB;AAEA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK;AAAA,MAC1B,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,WAAA,EAAa,SAAA;AAAA,MACb,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAAA,MACzB,MAAA,EAAQ,WAAA,CAAY,OAAA,CAAQ,MAAA,CAAO,aAAa,IAAM;AAAA,KACvD,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,KAAK,CAAA;AAAA,EACvF;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,SAAA,GAAY,MAAM,QAAA,CAAS,IAAA,EAAK,CAAE,KAAA,CAAM,OAAO,EAAE,KAAA,EAAO,QAAA,CAAS,UAAA,EAAW,CAAE,CAAA;AACpF,IAAA,MAAM,IAAI,aAAA;AAAA,MACR,WAAA;AAAA,MACC,SAAA,CAAqC,KAAA,IAAS,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,CAAA,CAAA;AAAA,MAC5F,EAAE,MAAA,EAAQ,QAAA,CAAS,MAAA,EAAQ,GAAG,SAAA;AAAU,KAC1C;AAAA,EACF;AAEA,EAAA,OAAQ,MAAM,SAAS,IAAA,EAAK;AAC9B;AC5EO,IAAM,kBAAA,GACX,oEAAA;AAEK,IAAM,kBAAA,GAAqB;AAAA,EAChC,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,EAAW,yCAAA,EAA0C;AAAA,EACxE,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,EAAW,yCAAA,EAA0C;AAAA,EACxE,EAAE,MAAA,EAAQ,UAAA,EAAY,SAAA,EAAW,4CAAA;AACnC,CAAA;AAUA,eAAsB,qBAAA,CACpB,QAAA,EACA,eAAA,EACA,SAAA,EACA,MAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,IAAI,SAAA,CAAU,CAAC,SAAS,CAAC,CAAA;AACvC,IAAA,MAAM,IAAA,GAAO,KAAA,CAAM,kBAAA,CAAmB,MAAA,EAAQ,EAAE,CAAA;AAChD,IAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,IAAA,CAAK,EAAE,EAAA,EAAI,eAAA,EAAiB,MAAM,CAAA;AAChE,IAAA,MAAM,CAAC,KAAK,CAAA,GAAI,KAAA,CAAM,oBAAA,CAAqB,QAAQ,MAAM,CAAA;AACzD,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAYD,UAAU,KAAK,CAAA,IAAK,UAAUG,WAAAA,EAAa;AAC1E,MAAA,OAAOF,WAAW,KAAK,CAAA;AAAA,IACzB;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,IAAA;AACT;AAaA,eAAsB,qBAAA,CACpB,UACA,eAAA,EACwB;AAExB,EAAA,IAAI;AACF,IAAA,MAAMT,KAAAA,GAAO,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAe,CAAA;AACnD,IAAA,IAAIA,KAAAA,KAAS,IAAA,IAAQA,KAAAA,KAAS,KAAA,EAAO;AACnC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,KAAA,MAAW,WAAW,kBAAA,EAAoB;AACxC,IAAA,MAAM,UAAU,MAAM,qBAAA;AAAA,MACpB,QAAA;AAAA,MACA,eAAA;AAAA,MACA,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AACA,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,OAAO,OAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,MAAM,QAAA,CAAS,UAAA,CAAW,iBAAiB,kBAAkB,CAAA;AAChF,IAAA,IACE,UAAA,IACA,UAAA,KAAe,IAAA,IACf,UAAA,KAAe,oEAAA,EACf;AACA,MAAA,MAAM,eAAeS,UAAAA,CAAW,CAAA,EAAA,EAAK,WAAW,KAAA,CAAM,CAAA,EAAG,CAAC,CAAA,CAAE,CAAA;AAC5D,MAAA,IAAI,iBAAiBE,WAAAA,EAAa;AAChC,QAAA,OAAO,YAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,OAAO,IAAA;AACT;AAMA,eAAsB,4BAAA,CACpB,QAAA,EACA,eAAA,EACA,OAAA,EACqB;AACrB,EAAA,MAAM,KAAA,GAAQ,MAAM,qBAAA,CAAsB,QAAA,EAAU,eAAe,CAAA;AACnE,EAAA,OAAO,KAAA,GAAQ,cAAA,CAAe,OAAA,EAAS,KAAK,CAAA,GAAI,IAAA;AAClD;AAaA,eAAsB,mBAAA,CACpB,QAAA,EACA,MAAA,EACA,UAAA,EACA,iBACA,OAAA,EACkB;AAClB,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,QAAA,CAAS,cAAA,CAAe,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,EAAA,IAAM,CAAC,GAAG,IAAA,IAAQ,CAAC,GAAG,EAAA,EAAI;AAC7B,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,IAAIF,WAAW,EAAA,CAAG,EAAE,CAAA,KAAMA,UAAAA,CAAW,eAAe,CAAA,EAAG;AACrD,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,WAAA,GAAc,cAAA,CAAe,OAAA,EAAS,eAAe,CAAA;AAC3D,IAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,MACrB,UAAA;AAAA,MACA,WAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,EAAA,CAAG,KAAA,IAAS,EAAE,CAAA;AAEzC,IAAA,OAAO,WAAA,KAAgB,cAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;AClLA,IAAM,yBAAA,GAA4B,2CAAA;AAE3B,IAAM,iBAAA,GAAoB,yBAAA;AA8BjC,IAAI,aAAA,GAAqC,IAAA;AACzC,IAAI,cAAA,GAAiB,CAAA;AACrB,IAAM,YAAA,GAAe,IAAI,EAAA,GAAK,GAAA;AAQ9B,eAAsB,kBAAkB,GAAA,EAAqC;AAC3E,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,aAAA,IAAiB,GAAA,GAAM,cAAA,GAAiB,YAAA,EAAc;AACxD,IAAA,OAAO,aAAA;AAAA,EACT;AAEA,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI;AACF,IAAA,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,IAAO,iBAAiB,CAAA;AAAA,EAC5C,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,+BAAA,EAAiC,EAAE,KAAK,CAAA;AAAA,EACnF;AAEA,EAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,+BAAA,EAAkC,IAAI,MAAM,CAAA,CAAA,EAAI,GAAA,CAAI,UAAU,CAAA,CAAE,CAAA;AAAA,EAC3G;AAEA,EAAA,MAAM,OAAA,GAAwB,MAAM,GAAA,CAAI,IAAA,EAAK;AAE7C,EAAA,IAAI,CAAC,QAAQ,OAAA,IAAW,CAAC,QAAQ,MAAA,IAAU,OAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,EAAU;AAC7E,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,8BAA8B,CAAA;AAAA,EACzE;AAEA,EAAA,aAAA,GAAgB,OAAA;AAChB,EAAA,cAAA,GAAiB,GAAA;AACjB,EAAA,OAAO,OAAA;AACT;AAMO,SAAS,eAAA,CAAgB,SAAuB,KAAA,EAA6B;AAClF,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAA;AAClC,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,mBAAA,EAAqB,CAAA,MAAA,EAAS,KAAK,CAAA,4BAAA,CAAA,EAAgC;AAAA,MACzF,KAAA;AAAA,MACA,eAAA,EAAiB,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,MAAM;AAAA,KAC5C,CAAA;AAAA,EACH;AACA,EAAA,OAAO,KAAA;AACT;;;AC5EA,eAAsB,yBAAA,CACpB,MAAA,EACA,qBAAA,EACA,OAAA,GAA4C,EAAC,EACkB;AAC/D,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAA,EAAqC,EAAE,QAAQ,CAAA;AAAA,EAC1F;AAEA,EAAA,IAAI,CAAC,QAAQ,UAAA,EAAY;AACvB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC,EAAE,QAAQ,CAAA;AAAA,EACzF;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,YAAA,IAAgB,cAAA;AACvC,EAAA,MAAM,IAAA,GAAO,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,aAAY,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAA;AAEjE,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,MAAM,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA;AAAA,EACzC,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAqC,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,EAC/F;AAEA,EAAA,KAAA,MAAW,eAAe,OAAA,EAAS;AACjC,IAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,EAAE,CAAA;AAClC,IAAA,MAAM,MAAA,GAAS,kBAAkB,MAAM,CAAA;AACvC,IAAA,IAAI,MAAA,CAAO,YAAY,GAAA,EAAK;AAE5B,IAAA,KAAA,MAAW,gBAAA,IAAoB,OAAO,WAAA,EAAa;AACjD,MAAA,IAAI,kBAAA,CAAmB,gBAAA,EAAkB,qBAAqB,CAAA,EAAG;AAC/D,QAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAO;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,6CAAA,EAA8C;AAC/E;;;ACfA,IAAM,aAAA,GAAgB,aAAA;AACtB,IAAM,gBAAA,GAAoC,CAAC,gBAAA,EAAkB,iBAAiB,CAAA;AAiB9E,eAAsB,2BACpB,MAAA,EACwC;AACxC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAA,IAAS,aAAA;AAC9B,EAAA,MAAM,QAAA,GAAW,OAAO,OAAA,IAAW,MAAA,CAAO,QAAQ,MAAA,GAAS,CAAA,GAAI,OAAO,OAAA,GAAU,gBAAA;AAGhF,EAAA,MAAM,aAAA,GAAgB,YAAA,CAAa,MAAA,CAAO,aAAa,CAAA;AACvD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,aAAa,CAAA;AAGvD,EAAA,MAAM,oBAAA,GAAuB,4BAA4B,aAAa,CAAA;AAGtE,EAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,EAAkB;AACxC,EAAA,MAAM,YAAA,GAAe,eAAA,CAAgB,OAAA,EAAS,KAAK,CAAA;AAGnD,EAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,kBAAA,IAAuB,YAAA,CAAa,WAAA;AAEtE,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AAGxB,EAAA,MAAM,0BAAA,GAA6B,YAAA,CAAa,OAAA,CAAQ,oBAAoB,CAAA;AAC5E,EAAA,MAAM,mBAAA,GAAsB,YAAA,CAAa,OAAA,CAAQ,aAAa,CAAA;AAG9D,EAAA,MAAM,cAAA,GAAiB,YAAA,CAAa,MAAA,CAAO,UAAU,CAAA;AAErD,EAAA,IAAI,oBAA8C,EAAC;AAEnD,EAAA,IAAI,0BAAA,EAA4B;AAC9B,IAAA,MAAM,eAAe,MAAM,yBAAA;AAAA,MACzB,kBAAA;AAAA,MACA,QAAA;AAAA,MACA,cAAA;AAAA,MACA,CAAC,0BAA0B,CAAA;AAAA,MAC3B,OAAO,SAAA,IAAa;AAAA,KACtB;AAGA,IAAA,iBAAA,GAAoB,YAAA,CAAa,MAAA,CAAO,CAAC,GAAA,KAAQ;AAC/C,MAAA,MAAM,iBAAA,GAAoB,IAAI,IAAA,EAAM,UAAA;AACpC,MAAA,IAAI,OAAO,iBAAA,KAAsB,QAAA,EAAU,OAAO,KAAA;AAClD,MAAA,OAAO,kBAAA,CAAmB,mBAAmB,aAAa,CAAA;AAAA,IAC5D,CAAC,CAAA;AAGD,IAAA,iBAAA,CAAkB,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,OAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAAA,EAC1D;AAGA,EAAA,MAAM,mBAAA,GAAmD,iBAAA,CAAkB,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,IACvF,KAAK,GAAA,CAAI,GAAA;AAAA,IACT,UAAU,GAAA,CAAI,IAAA;AAAA,IACd,UAAU,GAAA,CAAI,QAAA;AAAA,IACd,MAAA,EAAQ,oBAAA,CAAqB,GAAA,CAAI,IAAA,EAAM,MAAM;AAAA,GAC/C,CAAE,CAAA;AAGF,EAAA,IAAI,aAAA,GAA4B,IAAA;AAChC,EAAA,IAAI,KAAA,GAAuB,IAAA;AAC3B,EAAA,IAAI,gBAAA,GAAsE,cAAA;AAE1E,EAAA,IAAI,mBAAA,EAAqB;AACvB,IAAA,MAAM,cAAc,MAAM,yBAAA;AAAA,MACxB,kBAAA;AAAA,MACA,QAAA;AAAA,MACA,cAAA;AAAA,MACA,CAAC,mBAAmB,CAAA;AAAA,MACpB,OAAO,SAAA,IAAa;AAAA,KACtB;AAGA,IAAA,MAAM,mBAAA,GAAsB,YACzB,MAAA,CAAO,CAAC,QAAQ,2BAAA,CAA4B,GAAA,EAAK,eAAe,gBAAgB,CAAC,EACjF,IAAA,CAAK,CAAC,GAAG,CAAA,KAAM,MAAA,CAAO,EAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAEzC,IAAA,MAAM,kBAAA,GAAqB,mBAAA,CAAoB,CAAC,CAAA,IAAK,IAAA;AAErD,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,aAAA,GAAgB,kBAAA,CAAmB,GAAA;AAGnC,MAAA,IAAI,kBAAA,CAAmB,iBAAiB,EAAA,EAAI;AAC1C,QAAA,KAAA,GAAQ,kBAAA,CAAmB,cAAA;AAAA,MAC7B;AAGA,MAAA,MAAM,WAAA,GAAc,mBAAmB,IAAA,EAAM,UAAA;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,WAAW,CAAA,IAAK,WAAA,CAAY,WAAW,CAAA,EAAG;AAC3D,QAAA,gBAAA,GAAmB,SAAA;AAAA,MACrB,CAAA,MAAO;AACL,QAAA,MAAM,UAAA,GAAa,SAAS,KAAA,CAAM,CAAC,MAAM,WAAA,CAAY,QAAA,CAAS,CAAC,CAAC,CAAA;AAChE,QAAA,gBAAA,GAAmB,aAAa,SAAA,GAAY,UAAA;AAAA,MAC9C;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,iBAAA,GAAoB,KAAA;AACxB,EAAA,IAAI,UAAA,GAAmE,IAAA;AACvE,EAAA,IAAI,qBAAA,GAAwB,KAAA;AAC5B,EAAA,IAAI,mBAAA,GAAqC,IAAA;AAEzC,EAAA,MAAM,aAAA,GAAgB,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,IAAA,MAAM,MAAA,GAAS,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACpD,IAAA,IAAI,MAAA,EAAQ;AAEV,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,GAAY,MAAM,yBAAA,CAA0B,MAAA,EAAQ,aAAA,EAAe;AAAA,UACvE,YAAY,MAAA,CAAO;AAAA,SACpB,CAAA;AACD,QAAA,IAAI,UAAU,KAAA,EAAO;AACnB,UAAA,iBAAA,GAAoB,IAAA;AACpB,UAAA,UAAA,GAAa,KAAA;AAAA,QACf;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAGA,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,IAAI;AACF,UAAA,MAAM,QAAA,GAAW,OAAO,gBAAA,IAAoB,gBAAA;AAC5C,UAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,MAAM,CAAA;AACpC,UAAA,MAAM,aAAA,GAAgB,8BAAA,CAA+B,MAAA,EAAQ,aAAa,CAAA;AAC1E,UAAA,IAAI,cAAc,KAAA,EAAO;AACvB,YAAA,iBAAA,GAAoB,IAAA;AACpB,YAAA,UAAA,GAAa,cAAA;AAAA,UACf;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAA,MAAA,IAAW,kBAAkB,KAAA,EAAO;AAClC,IAAA,IAAI,WAAA,CAAY,MAAA,CAAO,UAAU,CAAA,IAAK,oBAAA,EAAsB;AAE1D,MAAA,MAAM,sBAAA,GAAyB,oBAAA,CAAqB,MAAA,CAAO,UAAU,CAAA;AACrE,MAAA,MAAM,cAAA,GAAiB,oBAAA,CAAqB,MAAA,CAAO,UAAU,CAAA;AAC7D,MAAA,MAAM,UAAA,GAAa,cAAA,GAAiB,MAAA,CAAO,cAAc,CAAA,GAAI,IAAA;AAE7D,MAAA,IAAI,0BAA0B,UAAA,EAAY;AAExC,QAAA,MAAM,eAAe,MAAM,qBAAA;AAAA,UACzB,QAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,IAAI,gBAAgBA,UAAAA,CAAW,YAAY,CAAA,KAAMA,UAAAA,CAAW,oBAAoB,CAAA,EAAG;AACjF,UAAA,iBAAA,GAAoB,IAAA;AACpB,UAAA,UAAA,GAAa,oBAAA;AAAA,QACf;AAGA,QAAA,IAAI,CAAC,qBAAqB,aAAA,EAAe;AACvC,UAAA,MAAM,qBAAqB,MAAM,+BAAA;AAAA,YAC/B,mBAAA;AAAA,YACA,kBAAA;AAAA,YACA,QAAA;AAAA,YACA,cAAA;AAAA,YACA,aAAA;AAAA,YACA,gBAAA;AAAA,YACA,OAAO,SAAA,IAAa;AAAA,WACtB;AAEA,UAAA,IAAI,kBAAA,EAAoB;AACtB,YAAA,MAAM,WAAA,GAAc,mBAAmB,IAAA,EAAM,WAAA;AAC7C,YAAA,IAAI,WAAA,IAAe,qBAAA,CAAsB,IAAA,CAAK,WAAW,CAAA,EAAG;AAC1D,cAAA,MAAM,WAAW,MAAM,mBAAA;AAAA,gBACrB,QAAA;AAAA,gBACA,WAAA;AAAA,gBACA,MAAA,CAAO,UAAA;AAAA,gBACP,oBAAA;AAAA,gBACA;AAAA,eACF;AACA,cAAA,IAAI,QAAA,EAAU;AACZ,gBAAA,qBAAA,GAAwB,IAAA;AACxB,gBAAA,mBAAA,GAAsB,kBAAA,CAAmB,IAAA;AAAA,cAC3C;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAKA,EACF;AAGA,EAAA,MAAM,gBAAgB,iBAAA,CAAkB,MAAA,GAAS,IAAI,iBAAA,CAAkB,CAAC,EAAE,IAAA,GAAO,IAAA;AACjF,EAAA,MAAM,eAAe,aAAA,IAAiB,mBAAA;AAOtC,EAAA,MAAM,gBAAgB,gBAAA,KAAqB,UAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,iBAAA,CAAkB,MAAA,GAAS,CAAA,IAAK,KAAA,KAAU,IAAA;AAChE,EAAA,MAAM,sBAAA,GAAyB,aAAA,KAAkB,IAAA,IAAQ,qBAAA,IAAyB,KAAA,KAAU,IAAA;AAC5F,EAAA,MAAM,aAAa,CAAC,aAAA,KAClB,aAAA,IACC,iBAAA,IAAqB,UAAU,IAAA,IAChC,sBAAA,CAAA;AAGF,EAAA,OAAO;AAAA,IACL,UAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,iBAAA;AAAA,IACA,UAAA;AAAA,IACA,mBAAA;AAAA,IACA,aAAA;AAAA,IACA,gBAAA;AAAA,IACA,uBAAuB,qBAAA,IAAyB;AAAA,GAClD;AACF;AAaA,SAAS,2BAAA,CACP,GAAA,EACA,aAAA,EACA,gBAAA,EACS;AACT,EAAA,MAAM,KAAA,GAAQ,IAAI,IAAA,EAAM,KAAA;AAGxB,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,kBAAA,CAAmB,KAAA,EAAO,aAAa,CAAA,EAAG;AAC5C,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,IAAI,qBAAqB,KAAA,EAAO;AAC9B,IAAA,MAAM,eAAA,GAAkB,IAAI,IAAA,EAAM,YAAA;AAClC,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,IAAI;AACF,QAAA,MAAM,aAAa,OAAO,eAAA,KAAoB,WAC1C,IAAA,CAAK,KAAA,CAAM,eAAe,CAAA,GAC1B,eAAA;AACJ,QAAA,MAAM,aAAA,GAAgB,YAAY,aAAa,CAAA;AAC/C,QAAA,OAAO,eAAA,CAAgB,YAAY,aAAa,CAAA;AAAA,MAClD,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,IAAMY,cAAAA,GAAgB;AAAA,EACpB;AACF,CAAA;AAEA,SAAS,qBACP,KAAA,EACqC;AACrC,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,MAAA;AACtC,EAAA,QAAQ,KAAA;AAAO,IACb,KAAK,KAAA;AAAA,IACL,KAAK,SAAA;AACH,MAAA,OAAO,KAAA;AAAA,IACT,KAAK,cAAA;AAAA,IACL,KAAK,UAAA;AACH,MAAA,OAAO,cAAA;AAAA,IACT,KAAK,QAAA;AACH,MAAA,OAAO,QAAA;AAAA,IACT;AACE,MAAA,OAAO,OAAA;AAAA;AAEb;AAEA,eAAe,yBAAA,CACb,kBAAA,EACA,QAAA,EACA,SAAA,EACA,SACA,SAAA,EACmC;AACnC,EAAA,MAAM,QAAA,GAAW,IAAIC,QAAAA,CAAS,kBAAA,EAAoBD,gBAAe,QAAQ,CAAA;AACzE,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,OAAA,CAAQ,QAAA,CAAS,WAAW,IAAI,CAAA;AAExD,EAAA,MAAM,OAAA,GAAU,MACd,QAAA,CACA,cAAA,EAAe;AAEjB,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,MAAM,QAAA,CAAS,WAAA,CAAY,MAAA,EAAQ,WAAW,OAAO,CAAA;AAAA,EAChE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,oCAAA,EAAsC,EAAE,KAAK,CAAA;AAAA,EACxF;AAEA,EAAA,MAAM,GAAA,GAAM,IAAIT,GAAAA,CAAI,kBAAkB,CAAA;AACtC,EAAA,GAAA,CAAI,QAAQ,QAAQ,CAAA;AAEpB,EAAA,MAAM,eAAe,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,CAAA;AACvD,EAAA,MAAM,UAAoC,EAAC;AAE3C,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,IAAA,IAAI,EAAE,UAAU,KAAA,CAAA,IAAU,CAAC,MAAM,OAAA,CAAQ,KAAA,CAAM,IAAI,CAAA,EAAG;AACtD,IAAA,MAAM,OAAO,KAAA,CAAM,IAAA;AACnB,IAAA,MAAM,GAAA,GAAM,OAAO,CAAC,CAAA;AACpB,IAAA,MAAM,SAAA,GAAY,OAAO,CAAC,CAAA;AAE1B,IAAA,IAAI,CAAC,GAAA,IAAO,CAAC,SAAA,EAAW;AACxB,IAAA,IAAI,CAAC,YAAA,CAAa,QAAA,CAAS,SAAA,CAAU,WAAA,EAAa,CAAA,EAAG;AAErD,IAAA,MAAM,WAAA,GAAe,MAAM,GAAA,CAAI,cAAA,CAAe,GAAG,CAAA;AACjD,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,CAAY,GAAA,EAAK;AAGtC,IAAA,IAAI,OAAgC,EAAC;AACrC,IAAA,MAAM,UAAU,WAAA,CAAY,IAAA;AAC5B,IAAA,IAAI,OAAA,IAAW,YAAY,IAAA,EAAM;AAC/B,MAAA,IAAI;AACF,QAAA,IAAA,GAAO,qBAAA;AAAA,UACL,kDAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI;AACF,UAAA,IAAA,GAAO,qBAAA;AAAA,YACL,mJAAA;AAAA,YACA;AAAA,WACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,CAAC,KAAA,KAA2B;AAC/C,MAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,MAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,OAAO,KAAK,CAAA;AAClD,MAAA,IAAI,OAAO,UAAU,QAAA,IAAY,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,OAAO,KAAK,CAAA;AACtE,MAAA,OAAO,EAAA;AAAA,IACT,CAAA;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,MACX,KAAK,WAAA,CAAY,GAAA;AAAA,MACjB,QAAQ,WAAA,CAAY,MAAA;AAAA,MACpB,UAAU,WAAA,CAAY,QAAA;AAAA,MACtB,WAAW,WAAA,CAAY,SAAA;AAAA,MACvB,SAAA,EAAW,OAAA,CAAQ,WAAA,CAAY,SAAS,CAAA;AAAA,MACxC,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,MACvD,cAAA,EAAgB,YAAA,CAAa,WAAA,CAAY,cAAc,CAAA;AAAA,MACvD,IAAA,EAAM,YAAA,CAAa,WAAA,CAAY,IAAI,CAAA;AAAA,MACnC,QAAQ,WAAA,CAAY,MAAA;AAAA,MACpB;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,OAAA;AACT;AAKA,eAAe,gCACb,mBAAA,EACA,kBAAA,EACA,UACA,cAAA,EACA,aAAA,EACA,kBACA,SAAA,EACwC;AACxC,EAAA,MAAM,cAAc,MAAM,yBAAA;AAAA,IACxB,kBAAA;AAAA,IACA,QAAA;AAAA,IACA,cAAA;AAAA,IACA,CAAC,mBAAmB,CAAA;AAAA,IACpB;AAAA,GACF;AAGA,EAAA,MAAM,SAAA,GAAY,WAAA,CACf,MAAA,CAAO,CAAC,GAAA,KAAQ;AACf,IAAA,IAAI,CAAC,2BAAA,CAA4B,GAAA,EAAK,aAAA,EAAe,gBAAgB,GAAG,OAAO,KAAA;AAE/E,IAAA,MAAM,MAAA,GAAS,IAAI,IAAA,EAAM,MAAA;AACzB,IAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,MAAA,OAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA,KAAM,OAAO,MAAM,QAAA,IAAY,qBAAA,CAAsB,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,IAClF;AACA,IAAA,OAAO,OAAO,GAAA,CAAI,IAAA,EAAM,WAAA,KAAgB,QAAA;AAAA,EAC1C,CAAC,CAAA,CACA,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,MAAA,CAAO,CAAA,CAAE,IAAA,GAAO,CAAA,CAAE,IAAI,CAAC,CAAA;AAEzC,EAAA,OAAO,SAAA,CAAU,CAAC,CAAA,IAAK,IAAA;AACzB;;;AC/cO,SAAS,wBAAA,CAAyB,SAAiB,MAAA,EAAiC;AACzF,EAAA,IAAI,CAAC,qBAAA,CAAsB,IAAA,CAAK,MAAM,CAAA,EAAG;AACvC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,qCAAA,EAAuC,EAAE,QAAQ,CAAA;AAAA,EAC5F;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,gBAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,UAAU,OAAO,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;ACFA,eAAsB,oBAAA,CACpB,QACA,MAAA,EACyB;AACzB,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,IAAU,CAAC,OAAO,gBAAA,EAAkB;AAC9C,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C,EAAE,QAAQ,CAAA;AAAA,EACjG;AAEA,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoB,OAAO,iBAAA,IAAqB,GAAA;AACtD,EAAA,MAAM,mBAAA,GAAsB,MAAA,CAAO,mBAAA,IAAuB,GAAA,GAAM,GAAA;AAChE,EAAA,MAAM,cAAc,MAAA,CAAO,WAAA,IAAgB,OAAA,CAAQ,WAAA,CAAY,EAAE,CAAC,CAAA;AAElE,EAAA,MAAM,OAAA,GAAU;AAAA,IACd,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,kBAAkB,MAAA,CAAO,gBAAA;AAAA,IACzB,gBAAgB,MAAA,CAAO,cAAA;AAAA,IACvB,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,WAAA;AAAA,IACA,SAAA,EAAW,OAAO,SAAA,IAAa;AAAA,GACjC;AAEA,EAAA,MAAM,EAAE,KAAA,EAAO,WAAA,EAAY,GAAI,2BAAA,EAA4B;AAC3D,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,GAAA;AAAA,MACT,SAAS,MAAA,CAAO;AAAA,KAClB;AAAA,IACA,KAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAS,CAAA;AAExC,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,YAAA;AAAA,IACX,WAAA,EAAa;AAAA,MACX,QAAQ,SAAA,CAAU,MAAA;AAAA,MAClB,OAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,OAAA,EAAS,CAAA;AAAA,IACT,QAAA,EAAU,iBAAA;AAAA,IACV,SAAA,EAAW;AAAA,GACb;AACF;;;ACpDA,eAAsB,iBAAA,CACpB,QACA,MAAA,EAIsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,IAAU,CAAC,OAAO,QAAA,EAAU;AACtC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC,EAAE,QAAQ,CAAA;AAAA,EACzF;AAEA,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,OAAA,GAAU;AAAA,IACd,KAAK,MAAA,CAAO,MAAA;AAAA,IACZ,KAAK,MAAA,CAAO,QAAA;AAAA,IACZ,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,GAAA,EAAK,OAAO,QAAA,IAAY,GAAA;AAAA,IACxB,GAAA,EAAK,MAAA,CAAO,SAAA,IAAa,GAAA,GAAM,GAAA;AAAA,IAC/B,OACE,MAAA,CAAO,KAAA,KACN,UAAA,CAAW,MAAA,EAAQ,aAAa,UAAA,CAAW,MAAA,CAAO,UAAA,EAAW,GAAI,GAAG,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAI,IAAA,CAAK,QAAQ,CAAA,CAAA;AAAA,GACpG;AAEA,EAAA,MAAM,MAAA,GAAS;AAAA,IACb,GAAA,EAAK,KAAA;AAAA,IACL,GAAA,EAAK;AAAA,GACP;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,OAAA,EAAS,MAAM,CAAA;AAExC,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,SAAA;AAAA,IACX,WAAA,EAAa,GAAA;AAAA,IACb,cAAc,MAAA,CAAO,OAAA;AAAA,IACrB,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,OAAA,CAAQ,GAAA;AAAA,IAClB,WAAW,OAAA,CAAQ;AAAA,GACrB;AACF;;;AChDO,SAAS,uBAAuB,OAAA,EAAoD;AACzF,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,cAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa,OAAA;AAAA,IACb,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;AAEO,SAAS,qBAAqB,KAAA,EAAgD;AACnF,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,YAAA;AAAA,IACX,YAAA,EAAc,eAAA;AAAA,IACd,WAAA,EAAa,KAAA;AAAA,IACb,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;;;AC8DA,eAAsB,kBAAA,CACpB,UACA,OAAA,EACiC;AACjC,EAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAC7C,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,KAAA,EAAO,EAAE,IAAA,EAAM,kBAAA,EAAoB,SAAS,oCAAA;AAAqC,KACnF;AAAA,EACF;AAEA,EAAA,MAAM,SAAU,QAAA,CAAqC,MAAA;AAErD,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,KAAA,EAAO;AACV,MAAA,MAAM,WAAA,GAAc,QAAA;AACpB,MAAA,MAAM,aAA+C,OAAA,CAAQ,cAAA,GACzD,EAAE,cAAA,EAAgB,OAAA,CAAQ,gBAAe,GACzC,MAAA;AAEJ,MAAA,IAAI,OAAA,CAAQ,iBAAiB,OAAA,EAAS;AACpC,QAAA,OAAO,kBAAA,CAAmB,aAAa,UAAU,CAAA;AAAA,MACnD;AACA,MAAA,OAAO,oBAAA,CAAqB,aAAa,UAAU,CAAA;AAAA,IACrD;AAAA,IAEA,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,cAAA,GAAiB,QAAA;AACvB,MAAA,IAAI,OAAA,CAAQ,iBAAiB,OAAA,EAAS;AACpC,QAAA,OAAO,sBAAsB,cAAc,CAAA;AAAA,MAC7C;AACA,MAAA,OAAO,wBAAwB,cAAc,CAAA;AAAA,IAC/C;AAAA,IAEA;AACE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,KAAA,EAAO;AAAA,UACL,IAAA,EAAM,oBAAA;AAAA,UACN,OAAA,EAAS,sCAAsC,MAAM,CAAA,CAAA;AAAA;AACvD,OACF;AAAA;AAEN;;;AC1HO,SAAS,2BAA2B,GAAA,EAAmC;AAC5E,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,kBAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,WAAA,EAAa,EAAE,GAAA,EAAI;AAAA,IACnB,OAAA,EAAS,CAAA;AAAA,IACT,UAAU,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACxC;AACF;ACJO,SAASF,0BAAAA,CACd,MAAA,EACA,qBAAA,EACA,OAAA,GAA4C,EAAC,EAC7C;AACA,EAAA,OAAO,yBAAA,CAAa,QAAQ,qBAAA,EAAuB;AAAA,IACjD,GAAG,OAAA;AAAA,IACH,UAAA,EAAY,QAAQ,UAAA,IAAc;AAAA,GACnC,CAAA;AACH;ACqDA,SAAS,yBAAyB,KAAA,EAAoB;AACpD,EAAA,MAAM,UAAA,GAAa,aAAa,KAAK,CAAA;AACrC,EAAA,IAAI,gBAAA,CAAiB,UAAU,CAAA,KAAM,KAAA,EAAO;AAC1C,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C;AAAA,MACnF,kBAAA,EAAoB;AAAA,KACrB,CAAA;AAAA,EACH;AACA,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,oBAAoB,KAAA,EAAoB;AAC/C,EAAA,OAAO,aAAa,KAAK,CAAA;AAC3B;AAEA,eAAsB,sBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,kBAAA,GAAqB,wBAAA,CAAyB,MAAA,CAAO,kBAAkB,CAAA;AAC7E,EAAA,MAAM,MAAA,GAAS,oBAAoB,UAAU,CAAA;AAE7C,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,kCAAA,EAAoC;AAAA,MAC3E,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,MAAM,yBAAA,CAA0B,MAAA,EAAQ,kBAAA,EAAoB;AAAA,MAC5E,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,cAAc,MAAA,CAAO;AAAA,KACtB,CAAA;AACD,IAAA,IAAI,UAAU,KAAA,EAAO;AACnB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,KAAA;AAAA,QACR,SAAS,CAAA,+BAAA,EAAmC,MAAA,CAAO,YAAA,IAAgB,cAAe,IAAI,MAAM,CAAA,CAAA;AAAA,QAC5F,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,SAAA,GAAY,SAAA,CAAU,MAAA;AAAA,EACxB,SAAS,KAAA,EAAO;AACd,IAAA,SAAA,GAAY,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,6BAAA;AAAA,EACvD;AAEA,EAAA,IAAI,YAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,iBAAA,GAAoB,MAAM,0BAAA,CAA2B,MAAA,EAAQ,kBAAA,EAAoB;AAAA,MACrF,kBAAkB,MAAA,CAAO;AAAA,KAC1B,CAAA;AACD,IAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,wCAAwC,MAAM,CAAA,qBAAA,CAAA;AAAA,QACvD,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,YAAA,GAAe,iBAAA,CAAkB,MAAA;AAAA,EACnC,SAAS,KAAA,EAAO;AACd,IAAA,YAAA,GAAe,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,kCAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,mCAAA;AAAA,IACR,SAAS,CAAA,WAAA,EAAc,SAAA,IAAa,QAAQ,CAAA,sBAAA,EAAyB,gBAAgB,QAAQ,CAAA,CAAA,CAAA;AAAA,IAC7F,UAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAsB,sBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,kBAAA,GAAqB,wBAAA,CAAyB,MAAA,CAAO,kBAAkB,CAAA;AAE7E,EAAA,IAAI,CAAC,WAAA,CAAY,UAAU,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,uCAAA,EAAyC;AAAA,MAChF,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,qBAAqB,UAAU,CAAA;AACtD,EAAA,MAAM,sBAAA,GAAyB,qBAAqB,kBAAkB,CAAA;AACtE,EAAA,MAAM,UAAA,GAAa,qBAAqB,UAAU,CAAA;AAElD,EAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,sBAAA,IAA0B,CAAC,UAAA,EAAY;AAC7D,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0CAAA,EAA4C;AAAA,MACnF,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,oBAAoB,MAAA,CAAO;AAAA,KAC5B,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAA,CAAS,OAAO,CAAA,EAAG;AAC7B,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC;AAAA,MACzE,YAAY,MAAA,CAAO;AAAA,KACpB,CAAA;AAAA,EACH;AAEA,EAAA,MAAMV,KAAAA,GAAO,MAAM,MAAA,CAAO,QAAA,CAAS,QAAQ,cAAc,CAAA;AACzD,EAAA,MAAM,UAAA,GAAaA,KAAAA,KAAS,IAAA,IAAQA,KAAAA,KAAS,KAAA;AAE7C,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,IAAIS,UAAAA,CAAW,cAAc,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACrE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,QAAA;AAAA,QACR,OAAA,EAAS,qFAAA;AAAA,QACT,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,MAAA,EAAQ,qDAAA;AAAA,MACR,OAAA,EAAS,oFAAA;AAAA,MACT,UAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,uBAAuB,MAAM,4BAAA,CAA6B,MAAA,CAAO,QAAA,EAAU,gBAAgB,OAAO,CAAA;AAExG,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,uCAAA;AAAA,QACR,OAAA,EACE,4GAAA;AAAA,QACF,UAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAK,MAAM,MAAA,CAAO,QAAA,CAAS,cAAA,CAAe,OAAO,MAAM,CAAA;AAC7D,IAAA,IAAI,CAAC,EAAA,EAAI;AACP,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,uBAAA;AAAA,QACR,OAAA,EAAS,CAAA,YAAA,EAAe,MAAA,CAAO,MAAM,2BAA2B,OAAO,CAAA,CAAA,CAAA;AAAA,QACvE,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,UAAU,MAAM,MAAA,CAAO,QAAA,CAAS,qBAAA,CAAsB,OAAO,MAAM,CAAA;AACzE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,2BAAA;AAAA,QACR,OAAA,EAAS,8CAAA;AAAA,QACT,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,wBAAA,GAA2B,qBAAqB,oBAAoB,CAAA;AAC1E,IAAA,IAAI,CAAC,EAAA,CAAG,IAAA,IAAQ,CAAC,wBAAA,IAA4BA,UAAAA,CAAW,EAAA,CAAG,IAAI,CAAA,KAAMA,UAAAA,CAAW,wBAAwB,CAAA,EAAG;AACzG,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,mDAAmD,oBAAoB,CAAA,CAAA,CAAA;AAAA,QAChF,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,GAAG,EAAA,IAAMA,UAAAA,CAAW,GAAG,EAAE,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACtE,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,iBAAA;AAAA,QACR,OAAA,EAAS,6CAA6C,kBAAkB,CAAA,CAAA,CAAA;AAAA,QACxE,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,uBAAA;AAAA,MACrB,UAAA;AAAA,MACA,kBAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,EAAA,CAAG,KAAA,IAAS,EAAE,CAAA;AAEzC,IAAA,IAAI,gBAAgB,cAAA,EAAgB;AAClC,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,KAAA;AAAA,QACP,MAAA,EAAQ,cAAA;AAAA,QACR,OAAA,EAAS,mBAAmB,WAAA,CAAY,QAAA,EAAU,CAAA,sCAAA,EAAyC,cAAA,CAAe,UAAU,CAAA,CAAA,CAAA;AAAA,QACpH,UAAA;AAAA,QACA,kBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,CAAO,SAAS,cAAA,EAAe;AACrC,IAAA,MAAM,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,OAAA,CAAQ,WAAW,CAAA;AAElD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,MAAA,EAAQ,UAAA;AAAA,MACR,OAAA,EAAS,CAAA,4BAAA,EAA+B,MAAA,CAAO,MAAM,CAAA,CAAA,CAAA;AAAA,MACrD,UAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,KAAA,MAAW,WAAW,kBAAA,EAAoB;AACxC,IAAA,MAAM,eAAe,MAAM,qBAAA;AAAA,MACzB,MAAA,CAAO,QAAA;AAAA,MACP,cAAA;AAAA,MACA,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAEA,IAAA,IAAI,gBAAgBA,UAAAA,CAAW,YAAY,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACnF,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ,UAAA;AAAA,QACR,OAAA,EAAS,CAAA,aAAA,EAAgB,OAAA,CAAQ,MAAM,CAAA,mBAAA,CAAA;AAAA,QACvC,UAAA;AAAA,QACA,kBAAA;AAAA,QACA,sBAAsB,oBAAA,IAAwB;AAAA,OAChD;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,QAAA,CAAS,UAAA,CAAW,gBAAgB,kBAAkB,CAAA;AACtF,IAAA,IACE,UAAA,IACA,UAAA,KAAe,IAAA,IACf,UAAA,KAAe,oEAAA,EACf;AACA,MAAA,MAAM,eAAeA,UAAAA,CAAW,CAAA,EAAA,EAAK,WAAW,KAAA,CAAM,CAAA,EAAG,CAAC,CAAA,CAAE,CAAA;AAC5D,MAAA,IAAI,YAAA,KAAiBA,UAAAA,CAAW,sBAAsB,CAAA,EAAG;AACvD,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,IAAA;AAAA,UACP,MAAA,EAAQ,UAAA;AAAA,UACR,OAAA,EAAS,mCAAA;AAAA,UACT,UAAA;AAAA,UACA,kBAAA;AAAA,UACA,oBAAA,EAAsB,oBAAA,IAAwB,cAAA,CAAe,OAAA,EAAS,YAAY;AAAA,SACpF;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,IACEA,WAAW,cAAc,CAAA,KAAMA,UAAAA,CAAW,sBAAsB,KAChE,oBAAA,EACA;AACA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,MAAA,EAAQ,gBAAA;AAAA,MACR,OAAA,EAAS,6FAA6F,oBAAoB,CAAA,CAAA,CAAA;AAAA,MAC1H,UAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,MAAA,EAAQ,wCAAA;AAAA,IACR,OAAA,EACE,oBAAA,GACI,CAAA,iBAAA,EAAoB,kBAAkB,CAAA,uCAAA,EAA0C,oBAAoB,CAAA,iCAAA,EAAoC,UAAU,CAAA,CAAA,CAAA,GAClJ,CAAA,iCAAA,EAAoC,kBAAkB,CAAA,2BAAA,EAA8B,UAAU,CAAA,CAAA,CAAA;AAAA,IACpG,UAAA;AAAA,IACA,kBAAA;AAAA,IACA,sBAAsB,oBAAA,IAAwB;AAAA,GAChD;AACF;AAEA,eAAsB,uBACpB,MAAA,EAC6C;AAC7C,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,MAAM,MAAA,GAAS,iBAAiB,UAAU,CAAA;AAE1C,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,OAAO,sBAAsB,MAAqC,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,MAAM,YAAA,GAAe,MAAA;AACrB,IAAA,IAAI,CAAC,aAAa,QAAA,EAAU;AAC1B,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,eAAA;AAAA,QACA,yDAAA;AAAA,QACA,EAAE,UAAA;AAAW,OACf;AAAA,IACF;AACA,IAAA,OAAO,sBAAsB,YAAY,CAAA;AAAA,EAC3C;AAEA,EAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iDAAA,EAAmD;AAAA,IAC1F;AAAA,GACD,CAAA;AACH;AC5TA,SAAS,oBAAoB,KAAA,EAAsC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,SAAA,KAAc,KAAA,CAAM,WAAA;AAE7C,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB,MAAA;AAAA,IACA,KAAA,EAAO;AAAA,MACL,aAAA,EAAe;AAAA,QACb,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAU;AAAA,QAClC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAS;AAAA,QAC3C,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,QAAA,EAAS;AAAA,QACzC,EAAE,IAAA,EAAM,mBAAA,EAAqB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC7C,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAU;AAAA,QAC/C,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,QACvC,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,QAAA;AAAS;AACtC,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,qBAAA,CAAsB,SAAA,EAAW,SAAS,CAAA;AACzD,IAAA,OAAO,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,MAAA,GAAS,OAAO,MAAA,GAAS,IAAA;AAAA,EACzD,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,IAAA,CAAK,gDAAgD,GAAG,CAAA;AAChE,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMA,SAAS,oBAAoB,KAAA,EAAoD;AAC/E,EAAA,MAAM,MAAM,KAAA,CAAM,WAAA;AAClB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAU,OAAO,IAAA;AAEpC,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAE/B,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAC/D,IAAA,MAAM,SAAS,SAAA,CAAU,MAAA;AAAA,MACvB,SAAA,CAAU,MAAA,GAAA,CAAW,CAAA,GAAK,SAAA,CAAU,SAAS,CAAA,IAAM,CAAA;AAAA,MACnD;AAAA,KACF;AACA,IAAA,IAAI,UAAA;AACJ,IAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,MAAA,UAAA,GAAa,kBAAA;AAAA,QACX,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,OACZ;AAAA,IACF,CAAA,MAAO;AACL,MAAA,UAAA,GAAa,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,IAC5D;AACA,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,UAAU,CAAA;AACpC,IAAA,OAAQ,OAAO,GAAA,IAAmC,IAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,SAAS,kBAAkB,KAAA,EAAoD;AAC7E,EAAA,MAAM,MAAM,KAAA,CAAM,WAAA;AAClB,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAU,OAAO,IAAA;AAEpC,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAE/B,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAChE,IAAA,MAAM,SAAS,UAAA,CAAW,MAAA;AAAA,MACxB,UAAA,CAAW,MAAA,GAAA,CAAW,CAAA,GAAK,UAAA,CAAW,SAAS,CAAA,IAAM,CAAA;AAAA,MACrD;AAAA,KACF;AACA,IAAA,IAAI,WAAA;AACJ,IAAA,IAAI,OAAO,SAAS,UAAA,EAAY;AAC9B,MAAA,WAAA,GAAc,kBAAA;AAAA,QACZ,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAM,CAAC,EACpB,GAAA,CAAI,CAAC,IAAA,KAAS,CAAA,CAAA,EAAI,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA,CACpE,IAAA,CAAK,EAAE;AAAA,OACZ;AAAA,IACF,CAAA,MAAO;AACL,MAAA,WAAA,GAAc,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,IAC7D;AACA,IAAA,OAAO,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EAC/B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMA,SAAS,gBAAA,CAAiB,eAAuB,GAAA,EAAmB;AAClE,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,sBAAsB,GAAG,CAAA;AAC5C,IAAA,OAAOA,UAAAA,CAAW,aAAa,CAAA,CAAE,WAAA,OAAkBA,UAAAA,CAAW,UAAU,EAAE,WAAA,EAAY;AAAA,EACxF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKA,SAAS,aAAA,CAAc,KAA8B,GAAA,EAAmB;AACtE,EAAA,MAAM,MAAA,GAAS,iBAAiB,GAAG,CAAA;AAEnC,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,MAAA,OAAO,eAAA,CAAgB,KAAK,MAAM,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT;AAMA,SAAS,qBAAA,CAAsB,OAAqB,GAAA,EAAmB;AACrE,EAAA,QAAQ,MAAM,SAAA;AAAW,IACvB,KAAK,YAAA,EAAc;AACjB,MAAA,MAAM,MAAA,GAAS,oBAAoB,KAAuB,CAAA;AAC1D,MAAA,IAAI,CAAC,QAAQ,OAAO,KAAA;AACpB,MAAA,OAAO,gBAAA,CAAiB,QAAQ,GAAG,CAAA;AAAA,IACrC;AAAA,IAEA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,QAAA,GAAW,KAAA;AACjB,MAAA,MAAM,GAAA,GAAM,oBAAoB,QAAQ,CAAA;AAGxC,MAAA,IAAI,GAAA,IAAO,aAAA,CAAc,GAAA,EAAK,GAAG,GAAG,OAAO,IAAA;AAG3C,MAAA,MAAM,OAAA,GAAU,kBAAkB,QAAQ,CAAA;AAC1C,MAAA,IAAI,OAAA,IAAW,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AAE9C,QAAA,IAAI,OAAA,CAAQ,GAAA,KAAQ,GAAA,EAAK,OAAO,IAAA;AAAA,MAClC;AAEA,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,IAEA,KAAK,kBAAA;AAAA,IACL,KAAK,gBAAA;AAGH,MAAA,OAAO,KAAA;AAAA,IAET,KAAK,kBAAA;AAEH,MAAA,OAAO,KAAA;AAAA,IAET;AACE,MAAA,OAAO,KAAA;AAAA;AAEb;AAOA,SAAS,+BAAA,CAAgC,OAAqB,GAAA,EAAmB;AAC/E,EAAA,QAAQ,MAAM,SAAA;AAAW,IACvB,KAAK,YAAA,EAAc;AACjB,MAAA,MAAM,MAAA,GAAS,KAAA;AACf,MAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,gBAAA;AACpD,MAAA,OAAO,OAAO,gBAAA,KAAqB,QAAA,IAAY,gBAAA,KAAqB,GAAA;AAAA,IACtE;AAAA,IAEA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,OAAA,GAAU,kBAAkB,KAAoB,CAAA;AACtD,MAAA,IAAI,CAAC,SAAS,OAAO,KAAA;AACrB,MAAA,OAAO,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,IAAY,QAAQ,GAAA,KAAQ,GAAA;AAAA,IAC5D;AAAA,IAEA;AACE,MAAA,OAAO,KAAA;AAAA;AAEb;AAuBO,SAAS,6BACd,IAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,IAAA,CAAK,OAAA,IAAW,CAAC,KAAK,QAAA,EAAU;AACnC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,mCAAmC;AAAA,KAC/C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAM,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAA,IAAK,IAAA,CAAK,MAAA,CAAO,MAAA,KAAW,CAAA,EAAG;AAC3D,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,MAAM,SAA6B,EAAC;AACpC,EAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,EAAA,IAAI,cAAA,GAAiB,KAAA;AAErB,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AAC3C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,MAAA,CAAO,CAAC,CAAA;AAG3B,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AAC9C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,mBAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,aAAA,GAAgB,IAAA;AAGhB,MAAA,IAAI,CAAC,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC1D,QAAA,MAAA,CAAO,IAAA,CAAK;AAAA,UACV,UAAA,EAAY,CAAA;AAAA,UACZ,WAAW,KAAA,CAAM,SAAA;AAAA,UACjB,SAAA,EAAW,mBAAA;AAAA,UACX,KAAA,EAAO,KAAA;AAAA,UACP,MAAA,EAAQ;AAAA,SACT,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC/C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,oBAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,cAAA,GAAiB,IAAA;AAGjB,MAAA,IAAI,CAAC,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AACzD,QAAA,MAAA,CAAO,IAAA,CAAK;AAAA,UACV,UAAA,EAAY,CAAA;AAAA,UACZ,WAAW,KAAA,CAAM,SAAA;AAAA,UACjB,SAAA,EAAW,oBAAA;AAAA,UACX,KAAA,EAAO,KAAA;AAAA,UACP,MAAA,EAAQ;AAAA,SACT,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,IAAI,KAAA,CAAM,cAAc,kBAAA,EAAoB;AAI1C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,mBAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AACD,MAAA,aAAA,GAAgB,IAAA;AAAA,IAClB;AAAA,EACF;AAEA,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAA,CAAQ,KAAK,0CAA0C,CAAA;AAAA,EACzD;AACA,EAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,IAAA,OAAA,CAAQ,KAAK,2CAA2C,CAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAqBO,SAAS,uBACd,IAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,IAAA,CAAK,OAAA,IAAW,CAAC,KAAK,KAAA,EAAO;AAChC,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAM,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAA,IAAK,IAAA,CAAK,MAAA,CAAO,MAAA,KAAW,CAAA,EAAG;AAC3D,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,QAAQ,EAAC;AAAA,MACT,OAAA,EAAS,CAAC,gCAAgC;AAAA,KAC5C;AAAA,EACF;AAEA,EAAA,MAAM,SAA6B,EAAC;AACpC,EAAA,IAAI,oBAAA,GAAuB,KAAA;AAE3B,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AAC3C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,MAAA,CAAO,CAAC,CAAA;AAG3B,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AAC9C,MAAA,MAAM,aAAA,GAAgB,+BAAA,CAAgC,KAAA,EAAO,IAAA,CAAK,KAAK,CAAA;AAEvE,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,2BAAA;AAAA,QACX,KAAA,EAAO,aAAA;AAAA,QACP,MAAA,EAAQ,gBACJ,MAAA,GACA;AAAA,OACL,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,oBAAA,GAAuB,IAAA;AAAA,MACzB;AAAA,IACF;AAIA,IAAA,IAAI,qBAAA,CAAsB,KAAA,EAAO,IAAA,CAAK,KAAK,CAAA,EAAG;AAC5C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,iBAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AAAA,IACH;AAGA,IAAA,IAAI,KAAA,CAAM,cAAc,kBAAA,EAAoB;AAC1C,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,UAAA,EAAY,CAAA;AAAA,QACZ,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,SAAA,EAAW,2BAAA;AAAA,QACX,KAAA,EAAO,IAAA;AAAA,QACP,MAAA,EAAQ;AAAA,OACT,CAAA;AACD,MAAA,oBAAA,GAAuB,IAAA;AAAA,IACzB;AAAA,EACF;AAGA,EAAA,IAAI,KAAK,YAAA,IAAgB,gBAAA,CAAiB,IAAA,CAAK,KAAK,MAAM,KAAA,EAAO;AAC/D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,WAAA,CAAY,IAAA,CAAK,KAAK,CAAA;AACvC,MAAA,MAAM,aAAA,GAAgB,eAAA,CAAgB,IAAA,CAAK,YAAA,EAAc,QAAQ,CAAA;AACjE,MAAA,IAAI,CAAC,aAAA,EAAe;AAClB,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,KAAA;AAAA,UACP,MAAA;AAAA,UACA,OAAA,EAAS,CAAC,iEAAiE;AAAA,SAC7E;AAAA,MACF;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,QAAQ,MAAA,KAAW,CAAA;AAAA,IAC1B,MAAA;AAAA,IACA;AAAA,GACF;AACF;;;ACzWA,eAAsB,0BACpB,MAAA,EAC0C;AAC1C,EAAA,MAAM;AAAA,IACJ,WAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,kBAAA;AAAA,IACA,KAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF,GAAI,MAAA;AAEJ,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,MAAM,MAAA,GAAS;AAAA,IACb,WAAA,EAAa,KAAA;AAAA,IACb,cAAA,EAAgB,KAAA;AAAA,IAChB,UAAA,EAAY,KAAA;AAAA,IACZ,kBAAA,EAAoB,KAAA;AAAA,IACpB,oBAAA,EAAsB,KAAA;AAAA,IACtB,+BAAA,EAAiC;AAAA,GACnC;AAGA,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAA,GAAU,qBAAA,CAAsB,+BAAA,EAAiC,WAAA,CAAY,GAAG,CAAA;AAAA,IAClF,WAAW,WAAA,CAAY,IAAA,IAAQ,OAAO,WAAA,CAAY,SAAS,QAAA,EAAU;AACnE,MAAA,OAAA,GAAU,WAAA,CAAY,IAAA;AAAA,IACxB,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,KAAK,yCAAyC,CAAA;AACtD,MAAA,OAAO,iBAAA,CAAkB,QAAQ,OAAO,CAAA;AAAA,IAC1C;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN,CAAA,mCAAA,EAAsC,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,UAAU,eAAe,CAAA;AAAA,KAC5F;AACA,IAAA,OAAO,iBAAA,CAAkB,QAAQ,OAAO,CAAA;AAAA,EAC1C;AAGA,EAAA,MAAM,mBAAmB,OAAA,CAAQ,gBAAA;AACjC,EAAA,MAAM,UAAU,OAAA,CAAQ,OAAA;AACxB,EAAA,MAAM,qBAAqB,OAAA,CAAQ,kBAAA;AACnC,EAAA,MAAM,WAAW,OAAA,CAAQ,QAAA;AACzB,EAAA,MAAM,cAAc,OAAA,CAAQ,WAAA;AAC5B,EAAA,MAAM,YAAY,OAAA,CAAQ,SAAA;AAC1B,EAAA,MAAM,eAAe,OAAA,CAAQ,YAAA;AAE7B,EAAA,IAAI,CAAC,gBAAA,IAAoB,CAAC,WAAW,CAAC,kBAAA,IAAsB,CAAC,QAAA,EAAU;AACrE,IAAA,IAAI,CAAC,gBAAA,EAAkB,OAAA,CAAQ,IAAA,CAAK,0CAA0C,CAAA;AAC9E,IAAA,IAAI,CAAC,OAAA,EAAS,OAAA,CAAQ,IAAA,CAAK,iCAAiC,CAAA;AAC5D,IAAA,IAAI,CAAC,kBAAA,EAAoB,OAAA,CAAQ,IAAA,CAAK,4CAA4C,CAAA;AAClF,IAAA,IAAI,CAAC,QAAA,EAAU,OAAA,CAAQ,IAAA,CAAK,kCAAkC,CAAA;AAC9D,IAAA,OAAO,iBAAA,CAAkB,QAAQ,OAAA,EAAS;AAAA,MACxC,gBAAA;AAAA,MAEA,YAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,kBAAkB,CAAA,IAAK,kBAAA,CAAmB,WAAW,CAAA,EAAG;AACzE,IAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,IAAA,OAAO,iBAAA,CAAkB,QAAQ,OAAA,EAAS;AAAA,MACxC,gBAAA;AAAA,MAEA,YAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,MAAA,CAAO,WAAA,GAAc,IAAA;AAGrB,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,MAAA,CAAO,cAAA,GAAiB,OAAA,CAAQ,WAAA,EAAY,KAAM,YAAY,WAAA,EAAY;AAC1E,IAAA,IAAI,CAAC,OAAO,cAAA,EAAgB;AAC1B,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,SAAA,EAAY,OAAO,CAAA,oCAAA,EAAuC,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,IACvF;AAAA,EACF,CAAA,MAAO;AAEL,IAAA,MAAA,CAAO,cAAA,GAAiB,IAAA;AAAA,EAC1B;AAGA,EAAA,MAAA,CAAO,UAAA,GAAa,WAAA,CAAY,cAAA,KAAmB,MAAA,CAAO,CAAC,CAAA;AAC3D,EAAA,IAAI,CAAC,OAAO,UAAA,EAAY;AACtB,IAAA,OAAA,CAAQ,KAAK,8BAA8B,CAAA;AAAA,EAC7C;AAGA,EAAA,MAAM,GAAA,GAAM,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAC,CAAA;AAChD,EAAA,MAAM,aAAA,GAAgB,SAAS,WAAW,CAAA;AAC1C,EAAA,MAAM,cAAA,GAAiB,SAAS,SAAS,CAAA;AAEzC,EAAA,MAAM,WAAA,GAAc,aAAA,KAAkB,MAAA,CAAO,CAAC,KAAK,aAAA,IAAiB,GAAA;AACpE,EAAA,MAAM,YAAA,GAAe,cAAA,KAAmB,MAAA,CAAO,CAAC,KAAK,cAAA,GAAiB,GAAA;AACtE,EAAA,MAAA,CAAO,qBAAqB,WAAA,IAAe,YAAA;AAE3C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAA,CAAQ,KAAK,kCAAkC,CAAA;AAAA,EACjD;AACA,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,OAAA,CAAQ,KAAK,yBAAyB,CAAA;AAAA,EACxC;AAGA,EAAA,MAAM,gBAAgB,CAAA,eAAA,EAAkB,OAAO,IAAI,WAAA,CAAY,QAAA,CAAS,aAAa,CAAA,CAAA;AAGrF,EAAA,IAAI,aAAA,GAAsD,IAAA;AAC1D,EAAA,IAAI;AACF,IAAA,MAAM,aAAA,GAAgB,KAAA,IAAS,CAAA,OAAA,EAAU,OAAO,CAAA,CAAA;AAChD,IAAA,aAAA,GAAgB,MAAM,0BAAA,CAA2B;AAAA,MAC/C,UAAA,EAAY,gBAAA;AAAA,MACZ,aAAA;AAAA,MACA,QAAA;AAAA,MACA,KAAA,EAAO,aAAA;AAAA,MACP;AAAA,KACD,CAAA;AAGD,IAAA,MAAA,CAAO,uBAAuB,aAAA,CAAc,UAAA;AAC5C,IAAA,IAAI,CAAC,OAAO,oBAAA,EAAsB;AAChC,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,WAAA,EAAc,aAAa,CAAA,uBAAA,EAA0B,gBAAgB,CAAA,CAAE,CAAA;AAAA,IACtF;AAGA,IAAA,IAAI,aAAA,CAAc,UAAA,IAAc,aAAA,CAAc,YAAA,KAAiB,IAAA,EAAM;AACnE,MAAA,MAAM,cAAA,GAAiB,SAAS,QAAQ,CAAA;AACxC,MAAA,MAAM,UAAA,GAAa,kBAAkB,aAAA,CAAc,YAAA;AACnD,MAAA,MAAM,SAAA,GACJ,aAAA,CAAc,KAAA,KAAU,IAAA,IAAQ,kBAAkB,aAAA,CAAc,KAAA;AAClE,MAAA,MAAA,CAAO,kCAAkC,UAAA,IAAc,SAAA;AAEvD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,OAAA,CAAQ,KAAK,gEAAgE,CAAA;AAAA,MAC/E;AACA,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,OAAA,CAAQ,KAAK,6DAA6D,CAAA;AAAA,MAC5E;AAAA,IACF,CAAA,MAAA,IAAW,aAAA,CAAc,UAAA,IAAc,aAAA,CAAc,iBAAiB,IAAA,EAAM;AAE1E,MAAA,MAAA,CAAO,+BAAA,GAAkC,IAAA;AAAA,IAC3C,CAAA,MAAO;AAEL,MAAA,MAAA,CAAO,+BAAA,GAAkC,KAAA;AAAA,IAC3C;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN,CAAA,uCAAA,EAA0C,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,UAAU,eAAe,CAAA;AAAA,KAChG;AACA,IAAA,MAAA,CAAO,oBAAA,GAAuB,KAAA;AAC9B,IAAA,MAAA,CAAO,+BAAA,GAAkC,KAAA;AAAA,EAC3C;AAEA,EAAA,MAAM,QAAQ,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA,CAAE,MAAM,OAAO,CAAA;AAEjD,EAAA,OAAO;AAAA,IACL,KAAA;AAAA,IACA,gBAAA;AAAA,IACA,aAAA;AAAA,IACA,mBAAA,EAAqB,kBAAA;AAAA,IACrB,cAAc,YAAA,IAAgB,MAAA;AAAA,IAC9B,aAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAMA,eAAsB,gCACpB,MAAA,EACgD;AAChD,EAAA,MAAM;AAAA,IACJ,WAAA;AAAA,IACA,QAAA;AAAA,IACA,kBAAA;AAAA,IACA,KAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA;AAAA,IACA,4BAAA;AAAA,IACA,+BAAA;AAAA,IACA,2BAAA;AAAA,IACA,sBAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF,GAAI,MAAA;AAGJ,EAAA,gBAAA,CAAiB,WAAW,CAAA;AAE5B,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,IAAA,OAAO;AAAA,MACL,WAAA;AAAA,MACA,sBAAsB,EAAC;AAAA,MACvB,qBAAqB,EAAC;AAAA,MACtB,gBAAgB,EAAC;AAAA,MACjB,mBAAmB;AAAC,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GAAU,MAAM,gBAAA,CAAiB;AAAA,IACrC,UAAA,EAAY,WAAA;AAAA,IACZ,QAAA;AAAA,IACA,kBAAA;AAAA,IACA,OAAA,EAAS,UAAA;AAAA,IACT,OAAO,KAAA,IAAS,GAAA;AAAA,IAChB;AAAA,GACD,CAAA;AAGD,EAAA,MAAM,uBAAsD,EAAC;AAC7D,EAAA,MAAM,sBAAqD,EAAC;AAC5D,EAAA,MAAM,iBAAgD,EAAC;AACvD,EAAA,MAAM,oBAAmD,EAAC;AAE1D,EAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,IAAA,MAAM,cAAA,GAAiB,GAAA,CAAI,MAAA,CAAO,WAAA,EAAY;AAE9C,IAAA,IAAI,cAAA,KAAmB,4BAAA,CAA6B,WAAA,EAAY,EAAG;AAEjE,MAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B;AAAA,QACnD,WAAA,EAAa,GAAA;AAAA,QACb,WAAA;AAAA,QACA,QAAA;AAAA,QACA,kBAAA;AAAA,QACA,KAAA;AAAA,QACA,OAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,oBAAA,CAAqB,IAAA,CAAK,EAAE,WAAA,EAAa,GAAA,EAAK,cAAc,CAAA;AAAA,IAC9D,CAAA,MAAA,IACE,2BAAA,IACA,cAAA,KAAmB,2BAAA,CAA4B,aAAY,EAC3D;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,uBAAA,CAAwB,GAAA,EAAK,QAAQ,CAAA;AAChE,MAAA,mBAAA,CAAoB,IAAA,CAAK,EAAE,WAAA,EAAa,GAAA,EAAK,cAAc,CAAA;AAAA,IAC7D,CAAA,MAAA,IACE,sBAAA,IACA,cAAA,KAAmB,sBAAA,CAAuB,aAAY,EACtD;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,uBAAA,CAAwB,GAAA,EAAK,QAAQ,CAAA;AAChE,MAAA,cAAA,CAAe,IAAA,CAAK,EAAE,WAAA,EAAa,GAAA,EAAK,cAAc,CAAA;AAAA,IACxD,CAAA,MAAO;AACL,MAAA,MAAM,YAAA,GAAe,MAAM,uBAAA,CAAwB,GAAA,EAAK,QAAQ,CAAA;AAChE,MAAA,iBAAA,CAAkB,IAAA,CAAK,EAAE,WAAA,EAAa,GAAA,EAAK,cAAc,CAAA;AAAA,IAC3D;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,WAAA;AAAA,IACA,oBAAA;AAAA,IACA,mBAAA;AAAA,IACA,cAAA;AAAA,IACA;AAAA,GACF;AACF;AAMA,eAAsB,oBACpB,MAAA,EACoC;AACpC,EAAA,MAAM,EAAE,WAAA,EAAa,gBAAA,EAAkB,mBAAA,EAAoB,GAAI,MAAA;AAE/D,EAAA,MAAM,MAAA,GAAS,MAAM,+BAAA,CAAgC;AAAA,IACnD,WAAA;AAAA,IACA,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB,8BAA8B,MAAA,CAAO,4BAAA;AAAA,IACrC,iCAAiC,MAAA,CAAO,+BAAA;AAAA,IACxC,6BAA6B,MAAA,CAAO,2BAAA;AAAA,IACpC,wBAAwB,MAAA,CAAO;AAAA,GAChC,CAAA;AAGD,EAAA,MAAM,cAAA,GAAiB,OAAO,oBAAA,CAAqB,MAAA;AAAA,IACjD,CAAC,UACC,KAAA,CAAM,YAAA,CAAa,iBAAiB,WAAA,EAAY,KAChD,iBAAiB,WAAA;AAAY,GACjC;AAGA,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA,CAAO,CAAC,KAAA,KAAU,KAAA,CAAM,aAAa,KAAK,CAAA;AAG7E,EAAA,IAAI,WAAA,GAAc,WAAA;AAClB,EAAA,IAAI,eAAyB,EAAC;AAE9B,EAAA,IAAI,mBAAA,IAAuB,mBAAA,CAAoB,MAAA,GAAS,CAAA,EAAG;AACzD,IAAA,WAAA,GAAc,WAAA,CAAY,MAAA;AAAA,MAAO,CAAC,KAAA,KAChC,KAAA,CAAM,YAAA,CAAa,mBAAA,CAAoB,IAAA;AAAA,QAAK,CAAC,CAAA,KAC3C,mBAAA,CAAoB,QAAA,CAAS,CAAC;AAAA;AAChC,KACF;AACA,IAAA,YAAA,GAAe;AAAA,MACb,GAAG,IAAI,GAAA;AAAA,QACL,WAAA,CAAY,OAAA;AAAA,UAAQ,CAAC,KAAA,KACnB,KAAA,CAAM,YAAA,CAAa,mBAAA,CAAoB,MAAA;AAAA,YAAO,CAAC,CAAA,KAC7C,mBAAA,CAAoB,QAAA,CAAS,CAAC;AAAA;AAChC;AACF;AACF,KACF;AAAA,EACF,CAAA,MAAO;AACL,IAAA,YAAA,GAAe;AAAA,MACb,GAAG,IAAI,GAAA;AAAA,QACL,YAAY,OAAA,CAAQ,CAAC,KAAA,KAAU,KAAA,CAAM,aAAa,mBAAmB;AAAA;AACvE,KACF;AAAA,EACF;AAEA,EAAA,MAAM,UAAoB,EAAC;AAC3B,EAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,IAAA,IAAI,cAAA,CAAe,WAAW,CAAA,EAAG;AAC/B,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN,uCAAuC,gBAAgB,CAAA,kBAAA;AAAA,OACzD;AAAA,IACF,CAAA,MAAA,IAAW,WAAA,CAAY,MAAA,KAAW,CAAA,EAAG;AACnC,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN,eAAe,gBAAgB,CAAA,mCAAA;AAAA,OACjC;AAAA,IACF,WAAW,mBAAA,EAAqB;AAC9B,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN,CAAA,sDAAA,EAAyD,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,OACzF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,YAAY,MAAA,GAAS,CAAA;AAAA,IAC9B,MAAA,EAAQ,WAAA;AAAA,IACR,0BAAA,EAA4B,YAAA;AAAA,IAC5B;AAAA,GACF;AACF;AAMA,SAAS,SAAS,KAAA,EAA4C;AAC5D,EAAA,IAAI,UAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM,OAAO,OAAO,CAAC,CAAA;AAC1D,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,OAAO,OAAO,KAAK,CAAA;AACrB;AAEA,SAAS,iBAAA,CACP,MAAA,EACA,OAAA,EACA,OAAA,EAMiC;AACjC,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,KAAA;AAAA,IACP,gBAAA,EAAkB,SAAS,gBAAA,IAAoB,EAAA;AAAA,IAC/C,aAAA,EAAe,EAAA;AAAA,IACf,mBAAA,EAAqB,OAAA,EAAS,kBAAA,IAAsB,EAAC;AAAA,IACrD,YAAA,EAAc,SAAS,YAAA,IAAgB,MAAA;AAAA,IACvC,aAAA,EAAe,IAAA;AAAA,IACf,MAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAe,uBAAA,CACb,aACA,QAAA,EAC8C;AAC9C,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,iBAAA,CAAkB,EAAE,WAAA,EAAa,UAAU,CAAA;AAAA,EAC1D,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,MAAA;AAAA,EACT;AACF;;;ACvhBA,IAAA,oBAAA,GAAA;AAAA,QAAA,CAAA,oBAAA,EAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,gCAAA,EAAA,MAAA,gCAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,8BAAA,EAAA,MAAA,8BAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,mBAAA,EAAA,MAAA,mBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,uBAAA,EAAA,MAAA,uBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,SAAA,EAAA,MAAA,SAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,gBAAA,EAAA,MAAA,gBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACKO,SAAS,UAAU,KAAA,EAAoB;AAC5C,EAAA,YAAA,CAAa,OAAO,OAAO,CAAA;AAC3B,EAAA,OAAO,GAAG,KAAK,CAAA;AACjB;AAEO,SAAS,WAAW,MAAA,EAAyB;AAClD,EAAA,IAAI,CAAC,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC1B,IAAA,MAAM,IAAI,UAAU,yBAAyB,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,OAAO,GAAA,CAAI,CAAC,KAAA,KAAU,SAAA,CAAU,KAAK,CAAC,CAAA;AAC/C;;;ACZA,IAAM,SAAA,GAAY,CAAA;AAClB,IAAM,OAAA,GAAU,CAAA;AAChB,IAAM,YAAA,GAAe,CAAA;AAEd,SAAS,wBAAwB,KAAA,EAA+B;AACrE,EAAA,OAAA,CAAQ,KAAA,CAAM,KAAA,GAAQ,SAAA,GAAY,CAAA,KAC/B,KAAA,CAAM,MAAM,OAAA,GAAU,CAAA,CAAA,IACtB,KAAA,CAAM,aAAA,GAAgB,YAAA,GAAe,CAAA,CAAA;AAC1C;AAEO,SAAS,mBAAmB,MAAA,EAAgC;AACjE,EAAA,OAAO;AAAA,IACL,KAAA,EAAA,CAAQ,SAAS,SAAA,MAAe,CAAA;AAAA,IAChC,GAAA,EAAA,CAAM,SAAS,OAAA,MAAa,CAAA;AAAA,IAC5B,aAAA,EAAA,CAAgB,SAAS,YAAA,MAAkB;AAAA,GAC7C;AACF;AAEO,SAAS,YAAA,CAAa,QAAgB,IAAA,EAA8B;AACzE,EAAA,QAAQ,IAAA;AAAM,IACZ,KAAK,OAAA;AACH,MAAA,OAAA,CAAQ,SAAS,SAAA,MAAe,CAAA;AAAA,IAClC,KAAK,KAAA;AACH,MAAA,OAAA,CAAQ,SAAS,OAAA,MAAa,CAAA;AAAA,IAChC,KAAK,UAAA;AACH,MAAA,OAAA,CAAQ,SAAS,YAAA,MAAkB,CAAA;AAAA,IACrC;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAAA,EAA8B,EAAE,MAAM,CAAA;AAAA;AAErF;AAEO,SAAS,kBAAkB,MAAA,EAAiC;AACjE,EAAA,MAAM,UAA2B,EAAC;AAClC,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,OAAO,CAAA,EAAG;AACjC,IAAA,OAAA,CAAQ,KAAK,OAAO,CAAA;AAAA,EACtB;AACA,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,KAAK,CAAA,EAAG;AAC/B,IAAA,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACpB;AACA,EAAA,IAAI,YAAA,CAAa,MAAA,EAAQ,UAAU,CAAA,EAAG;AACpC,IAAA,OAAA,CAAQ,KAAK,UAAU,CAAA;AAAA,EACzB;AACA,EAAA,OAAO,OAAA;AACT;;;AC3CO,SAAS,qBAAqBT,KAAAA,EAA8B;AACjE,EAAA,QAAQA,KAAAA;AAAM,IACZ,KAAK,CAAA;AACH,MAAA,OAAO,QAAA;AAAA,IACT,KAAK,CAAA;AACH,MAAA,OAAO,YAAA;AAAA,IACT,KAAK,CAAA;AACH,MAAA,OAAO,UAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAgC,EAAE,IAAA,EAAAA,OAAM,CAAA;AAAA;AAEvF;AAEO,SAAS,qBAAqB,MAAA,EAAgC;AACnE,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,QAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT,KAAK,YAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT,KAAK,UAAA;AACH,MAAA,OAAO,CAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,yBAAA,EAA2B,EAAE,QAAQ,CAAA;AAAA;AAEpF;AAEO,SAAS,sBAAsB,MAAA,EAA0C;AAC9E,EAAA,OAAO,MAAA,KAAW,QAAA,IAAY,MAAA,KAAW,YAAA,IAAgB,MAAA,KAAW,UAAA;AACtE;;;AC5BO,SAAS,aAAa,KAAA,EAAwB;AACnD,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,uBAAuB,CAAA;AACjD,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B,EAAE,OAAO,CAAA;AAAA,EAChF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtB,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtB,KAAA,EAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAC;AAAA,GACxB;AACF;AAEO,SAAS,cAAc,OAAA,EAA0B;AACtD,EAAA,OAAO,CAAA,EAAG,QAAQ,KAAK,CAAA,CAAA,EAAI,QAAQ,KAAK,CAAA,CAAA,EAAI,QAAQ,KAAK,CAAA,CAAA;AAC3D;AAEO,SAAS,eAAA,CAAgB,GAAY,CAAA,EAAwB;AAClE,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,IAAI,CAAA,CAAE,KAAA,KAAU,CAAA,CAAE,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,CAAE,KAAA,GAAQ,CAAA,CAAE,KAAA,GAAQ,EAAA,GAAK,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,GAAY,CAAA,EAAqB;AAChE,EAAA,OAAO,eAAA,CAAgB,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA;AACnC;AAEO,SAAS,cAAA,CAAe,GAAY,CAAA,EAAqB;AAC9D,EAAA,OAAO,eAAA,CAAgB,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA;AACnC;AAEO,SAAS,iBAAiB,OAAA,EAA6B;AAC5D,EAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,iCAAiC,CAAA;AAAA,EAC5E;AAEA,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,OAAA,EAAS,SAAA,KAAc;AAC5C,IAAA,OAAO,eAAA,CAAgB,SAAA,EAAW,OAAO,CAAA,KAAM,IAAI,SAAA,GAAY,OAAA;AAAA,EACjE,CAAC,CAAA;AACH;;;ACjDO,IAAM,gBAAA,GAAmB,UAAA;AACzB,IAAM,qBAAA,GAAwB,cAAA;AAC9B,IAAM,sBAAA,GAAyB,eAAA;AAC/B,IAAM,gCAAA,GAAmC,wBAAA;AACzC,IAAM,mBAAA,GAAsB,aAAA;AAC5B,IAAM,uBAAA,GAA0B,iBAAA;AAChC,IAAM,8BAAA,GAAiC,sBAAA;AACvC,IAAM,wBAAA,GAA2B,iBAAA;AACjC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,0BAAA,GAA6B,mBAAA;AACnC,IAAM,yBAAA,GAA4B,kBAAA;AAClC,IAAM,0BAAA,GAA6B,mBAAA;ACL1C,eAAe,UAAU,GAAA,EAA+B;AACtD,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,QAAA,GAAW,MAAM,MAAM,GAAA,EAAK,EAAE,SAAS,EAAE,MAAA,EAAQ,kBAAA,EAAmB,EAAG,CAAA;AAAA,EACzE,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,4BAA4B,EAAE,GAAA,EAAK,KAAK,CAAA;AAAA,EACnF;AAEA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,0BAAA,EAA4B;AAAA,MACnE,GAAA;AAAA,MACA,QAAQ,QAAA,CAAS;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,SAAS,IAAA,EAAK;AAAA,EAC7B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,mCAAmC,EAAE,GAAA,EAAK,KAAK,CAAA;AAAA,EAC1F;AACF;AAEA,SAAS,OAAA,CAAQ,SAAiB,SAAA,EAAmC;AACnE,EAAA,MAAM,KAAA,GAAQI,YAAY,OAAO,CAAA;AACjC,EAAA,OAAQ,cAAc,WAAA,GAAcD,SAAAA,CAAU,KAAK,CAAA,GAAIE,OAAO,KAAK,CAAA;AACrE;AAEA,eAAsB,sBAAA,CACpB,KACA,SAAA,EACc;AACd,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,aAAA,CAAc,eAAA,EAAiB,gCAAA,EAAkC,EAAE,KAAK,CAAA;AAAA,EACpF;AAEA,EAAA,IAAI,SAAA,KAAc,WAAA,IAAe,SAAA,KAAc,QAAA,EAAU;AACvD,IAAA,MAAM,IAAI,cAAc,eAAA,EAAiB,CAAA,6BAAA,EAAgC,SAAS,CAAA,mCAAA,CAAA,EAAuC,EAAE,WAAW,CAAA;AAAA,EACxI;AAEA,EAAA,MAAM,IAAA,GAAO,MAAM,SAAA,CAAU,GAAG,CAAA;AAChC,EAAA,MAAM,OAAA,GAAU,iBAAiB,IAAI,CAAA;AACrC,EAAA,OAAO,OAAA,CAAQ,SAAS,SAAS,CAAA;AACnC;AAEA,eAAsB,iBAAA,CACpB,GAAA,EACA,YAAA,EACA,SAAA,EACkB;AAClB,EAAA,MAAM,YAAA,GAAe,MAAM,sBAAA,CAAuB,GAAA,EAAK,SAAS,CAAA;AAChE,EAAA,OAAO,YAAA,CAAa,WAAA,EAAY,KAAM,YAAA,CAAa,WAAA,EAAY;AACjE","file":"index.js","sourcesContent":["export class OmaTrustError extends Error {\n code: string;\n details?: unknown;\n\n constructor(code: string, message: string, details?: unknown) {\n super(message);\n this.name = \"OmaTrustError\";\n this.code = code;\n this.details = details;\n }\n}\n\nexport function toOmaTrustError(\n code: string,\n message: string,\n details?: unknown\n): OmaTrustError {\n return new OmaTrustError(code, message, details);\n}\n","import { OmaTrustError } from \"./errors\";\n\nexport function assertString(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is string {\n if (typeof value !== \"string\" || value.trim().length === 0) {\n throw new OmaTrustError(code, `${name} must be a non-empty string`, { value });\n }\n}\n\nexport function assertNumber(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is number {\n if (typeof value !== \"number\" || Number.isNaN(value)) {\n throw new OmaTrustError(code, `${name} must be a valid number`, { value });\n }\n}\n\nexport function assertObject(value: unknown, name: string, code = \"INVALID_INPUT\"): asserts value is Record<string, unknown> {\n if (!value || typeof value !== \"object\" || Array.isArray(value)) {\n throw new OmaTrustError(code, `${name} must be an object`, { value });\n }\n}\n\nexport function asError(err: unknown): Error {\n if (err instanceof Error) {\n return err;\n }\n return new Error(String(err));\n}\n","export * from \"./did\";\nexport * from \"./did-url\";\nexport * from \"./jwk\";\nexport * from \"./resolve-key\";\nexport * from \"./controller-id\";\nexport * from \"./types\";\nexport * from \"./caip\";\nexport * from \"./data\";\nexport * from \"./artifact\";\nexport * from \"./did-migration\";\n","import { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\n\nexport type Caip10 = string;\n\nexport type ParsedCaip10 = {\n namespace: string;\n reference: string;\n address: string;\n};\n\nexport type ParsedCaip2 = {\n namespace: string;\n reference: string;\n};\n\nconst CAIP_10_REGEX = /^(?<namespace>[a-z0-9-]+):(?<reference>[a-zA-Z0-9-]+):(?<address>.+)$/;\nconst CAIP_2_REGEX = /^(?<namespace>[a-z0-9-]+):(?<reference>[a-zA-Z0-9-]+)$/;\n\nexport function parseCaip10(input: string): ParsedCaip10 {\n assertString(input, \"input\", \"INVALID_CAIP\");\n const trimmed = input.trim();\n const match = trimmed.match(CAIP_10_REGEX);\n if (!match?.groups) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-10 format\", { input });\n }\n\n const namespace = match.groups.namespace;\n const reference = match.groups.reference;\n const address = match.groups.address;\n\n if (!namespace || !reference || !address) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-10 components\", { input });\n }\n\n return { namespace, reference, address };\n}\n\nexport function buildCaip10(namespace: string, reference: string, address: string): Caip10 {\n assertString(namespace, \"namespace\", \"INVALID_CAIP\");\n assertString(reference, \"reference\", \"INVALID_CAIP\");\n assertString(address, \"address\", \"INVALID_CAIP\");\n return `${namespace}:${reference}:${address}`;\n}\n\nexport function normalizeCaip10(input: string): Caip10 {\n const parsed = parseCaip10(input);\n const namespace = parsed.namespace.toLowerCase();\n const reference = parsed.reference;\n\n let address = parsed.address;\n if (namespace === \"eip155\") {\n address = address.toLowerCase();\n }\n\n return buildCaip10(namespace, reference, address);\n}\n\nexport function buildCaip2(namespace: string, reference: string): string {\n assertString(namespace, \"namespace\", \"INVALID_CAIP\");\n assertString(reference, \"reference\", \"INVALID_CAIP\");\n return `${namespace}:${reference}`;\n}\n\nexport function parseCaip2(caip2: string): ParsedCaip2 {\n assertString(caip2, \"caip2\", \"INVALID_CAIP\");\n const trimmed = caip2.trim();\n const match = trimmed.match(CAIP_2_REGEX);\n if (!match?.groups) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-2 format\", { caip2 });\n }\n\n const namespace = match.groups.namespace;\n const reference = match.groups.reference;\n if (!namespace || !reference) {\n throw new OmaTrustError(\"INVALID_CAIP\", \"Invalid CAIP-2 components\", { caip2 });\n }\n\n return { namespace, reference };\n}\n","/**\n * JWK and did:jwk Helpers — Phase 2\n *\n * Provides conversion between public JWKs and did:jwk DIDs,\n * deterministic JWK comparison, and public JWK validation.\n *\n * did:jwk is the preferred durable DID representation for JWS/JWK public key\n * material. It is immutable (the DID IS the key) and should be used as the\n * controllerDid for authorization checks.\n *\n * Uses the `jose` library for base64url encoding/decoding and JWK thumbprints.\n */\n\nimport { base64url, calculateJwkThumbprint } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertObject } from \"../shared/assert\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Minimal public JWK structure */\nexport interface PublicJwk {\n kty: string;\n [key: string]: unknown;\n}\n\n/** Result of JWK validation */\nexport interface JwkValidationResult {\n valid: boolean;\n error?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst VALID_KTY = new Set([\"EC\", \"OKP\", \"RSA\"]);\n\n/** Private key fields that must not appear in a public JWK */\nconst PRIVATE_KEY_FIELDS = new Set([\"d\", \"p\", \"q\", \"dp\", \"dq\", \"qi\", \"oth\"]);\n\n/**\n * Required public key fields per key type.\n * Used for structural validation.\n */\nconst REQUIRED_PUBLIC_FIELDS: Record<string, string[]> = {\n EC: [\"crv\", \"x\", \"y\"],\n OKP: [\"crv\", \"x\"],\n RSA: [\"n\", \"e\"],\n};\n\n// ---------------------------------------------------------------------------\n// Public JWK Validation\n// ---------------------------------------------------------------------------\n\n/**\n * Validate that a JWK object is a well-formed public key.\n *\n * Requirements:\n * - Must be a non-null object\n * - Must have a valid `kty` (EC, OKP, RSA)\n * - Must have required public key fields for its key type\n * - Must NOT contain private key material (d, p, q, dp, dq, qi, oth)\n */\nexport function validatePublicJwk(jwk: unknown): JwkValidationResult {\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n return { valid: false, error: \"JWK must be a non-null object\" };\n }\n\n const obj = jwk as Record<string, unknown>;\n\n // Check kty\n const kty = obj.kty;\n if (typeof kty !== \"string\" || !VALID_KTY.has(kty)) {\n return {\n valid: false,\n error: `Invalid or missing kty (must be one of: ${[...VALID_KTY].join(\", \")})`,\n };\n }\n\n // Reject private key material\n for (const field of PRIVATE_KEY_FIELDS) {\n if (field in obj) {\n return {\n valid: false,\n error: `JWK contains private key field \"${field}\" — only public keys are allowed`,\n };\n }\n }\n\n // Check required public fields\n const required = REQUIRED_PUBLIC_FIELDS[kty];\n if (required) {\n for (const field of required) {\n if (!(field in obj) || obj[field] === undefined || obj[field] === null || obj[field] === \"\") {\n return {\n valid: false,\n error: `Missing required public key field \"${field}\" for kty=\"${kty}\"`,\n };\n }\n }\n }\n\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// did:jwk Conversion\n// ---------------------------------------------------------------------------\n\n/**\n * Deterministic JSON serialization for JWK.\n * Keys are sorted alphabetically to ensure canonical encoding.\n */\nfunction canonicalizeJwkJson(jwk: Record<string, unknown>): string {\n const sorted = Object.keys(jwk).sort();\n const obj: Record<string, unknown> = {};\n for (const key of sorted) {\n obj[key] = jwk[key];\n }\n return JSON.stringify(obj);\n}\n\n/**\n * Convert a public JWK to a did:jwk DID.\n *\n * Uses deterministic (sorted-key) JSON serialization and base64url encoding.\n * Rejects JWKs containing private key material.\n *\n * @param jwk - A public JWK object\n * @returns The did:jwk DID string\n * @throws OmaTrustError if the JWK is invalid or contains private key material\n */\nexport function jwkToDidJwk(jwk: unknown): string {\n assertObject(jwk, \"jwk\", \"INVALID_JWK\");\n\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_JWK\", validation.error ?? \"Invalid public JWK\", { jwk });\n }\n\n const canonical = canonicalizeJwkJson(jwk as Record<string, unknown>);\n const encoded = base64url.encode(new TextEncoder().encode(canonical));\n return `did:jwk:${encoded}`;\n}\n\n/**\n * Convert a did:jwk DID back to a public JWK object.\n *\n * Validates the DID structure, decodes the base64url payload,\n * parses JSON, and validates the resulting JWK.\n *\n * @param didJwk - A did:jwk DID string\n * @returns The decoded public JWK object\n * @throws OmaTrustError if the DID is malformed or contains private key material\n */\nexport function didJwkToJwk(didJwk: string): PublicJwk {\n if (typeof didJwk !== \"string\" || !didJwk.startsWith(\"did:jwk:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:jwk DID\", { input: didJwk });\n }\n\n const parts = didJwk.split(\":\");\n if (parts.length !== 3) {\n throw new OmaTrustError(\"INVALID_DID\", \"did:jwk must have exactly 3 colon-separated parts\", {\n input: didJwk,\n });\n }\n\n const encoded = parts[2];\n if (!encoded || encoded.length === 0) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing base64url-encoded JWK identifier\", {\n input: didJwk,\n });\n }\n\n // Decode using jose base64url\n let decoded: string;\n try {\n const bytes = base64url.decode(encoded);\n decoded = new TextDecoder().decode(bytes);\n } catch {\n throw new OmaTrustError(\"INVALID_DID\", \"Failed to base64url-decode did:jwk identifier\", {\n input: didJwk,\n });\n }\n\n let jwk: Record<string, unknown>;\n try {\n jwk = JSON.parse(decoded);\n } catch {\n throw new OmaTrustError(\"INVALID_DID\", \"Decoded did:jwk identifier is not valid JSON\", {\n input: didJwk,\n });\n }\n\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Decoded did:jwk must be a JSON object\", {\n input: didJwk,\n });\n }\n\n // Validate as public JWK\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_DID\", validation.error ?? \"Invalid public JWK in did:jwk\", {\n input: didJwk,\n });\n }\n\n return jwk as PublicJwk;\n}\n\n// ---------------------------------------------------------------------------\n// Public JWK Comparison\n// ---------------------------------------------------------------------------\n\n/**\n * Extract only the public key fields from a JWK for comparison purposes.\n * Strips private fields and non-key metadata (kid, use, key_ops, alg, ext).\n */\nfunction extractPublicKeyFields(jwk: Record<string, unknown>): Record<string, unknown> {\n const result: Record<string, unknown> = {};\n const metadataFields = new Set([\"kid\", \"use\", \"key_ops\", \"alg\", \"ext\"]);\n\n for (const [key, value] of Object.entries(jwk)) {\n if (PRIVATE_KEY_FIELDS.has(key)) continue;\n if (metadataFields.has(key)) continue;\n result[key] = value;\n }\n\n return result;\n}\n\n/**\n * Compare two public JWKs for equality.\n *\n * Compares only the public key material fields (kty, crv, x, y, n, e, etc.).\n * Ignores property order, metadata fields (kid, use, alg, key_ops, ext),\n * and rejects/strips private key fields before comparison.\n *\n * @param a - First public JWK\n * @param b - Second public JWK\n * @returns true if both JWKs represent the same public key\n * @throws OmaTrustError if either JWK contains private key material\n */\nexport function publicJwkEquals(a: unknown, b: unknown): boolean {\n assertObject(a, \"a\", \"INVALID_JWK\");\n assertObject(b, \"b\", \"INVALID_JWK\");\n\n const aObj = a as Record<string, unknown>;\n const bObj = b as Record<string, unknown>;\n\n // Reject if either contains private key material\n for (const field of PRIVATE_KEY_FIELDS) {\n if (field in aObj) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `First JWK contains private key field \"${field}\"`,\n { field }\n );\n }\n if (field in bObj) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `Second JWK contains private key field \"${field}\"`,\n { field }\n );\n }\n }\n\n const aPublic = extractPublicKeyFields(aObj);\n const bPublic = extractPublicKeyFields(bObj);\n\n // Compare via canonical JSON\n return canonicalizeJwkJson(aPublic) === canonicalizeJwkJson(bPublic);\n}\n\n\n// ---------------------------------------------------------------------------\n// JWK Thumbprint (RFC 7638)\n// ---------------------------------------------------------------------------\n\n/**\n * Compute an RFC 7638 JWK Thumbprint for a public JWK.\n *\n * Returns the base64url-encoded SHA-256 thumbprint. This is a compact,\n * deterministic fingerprint of the public key material.\n *\n * Used in OMATrust DNS TXT records as: `jkt=S256:<thumbprint>`\n *\n * @param jwk - A public JWK object\n * @param digestAlgorithm - Hash algorithm (default: \"sha256\")\n * @returns base64url-encoded thumbprint string\n * @throws OmaTrustError if the JWK is invalid or contains private key material\n */\nexport async function computeJwkThumbprint(\n jwk: unknown,\n digestAlgorithm: \"sha256\" | \"sha384\" | \"sha512\" = \"sha256\"\n): Promise<string> {\n assertObject(jwk, \"jwk\", \"INVALID_JWK\");\n\n const validation = validatePublicJwk(jwk);\n if (!validation.valid) {\n throw new OmaTrustError(\"INVALID_JWK\", validation.error ?? \"Invalid public JWK\", { jwk });\n }\n\n // jose's calculateJwkThumbprint expects a JWK-like object and a digest algorithm\n const alg = digestAlgorithm === \"sha256\" ? \"sha256\"\n : digestAlgorithm === \"sha384\" ? \"sha384\"\n : \"sha512\";\n\n return calculateJwkThumbprint(jwk as Parameters<typeof calculateJwkThumbprint>[0], alg);\n}\n\n/**\n * Format a JWK thumbprint as an OMATrust DNS TXT `jkt` value.\n *\n * Format: `jkt=S256:<base64url-thumbprint>`\n *\n * @param jwk - A public JWK object\n * @returns Formatted jkt string for DNS TXT records\n */\nexport async function formatJktValue(jwk: unknown): Promise<string> {\n const thumbprint = await computeJwkThumbprint(jwk, \"sha256\");\n return `jkt=S256:${thumbprint}`;\n}\n","import { getAddress, isAddress, keccak256, toUtf8Bytes } from \"ethers\";\nimport { base64url } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\nimport { parseCaip10 } from \"./caip\";\nimport { validatePublicJwk } from \"./jwk\";\n\nexport type Hex = `0x${string}`;\nexport type Did = string;\n\nconst DID_REGEX = /^did:[a-z0-9]+:.+$/i;\n\nexport function isValidDid(did: string): boolean {\n return DID_REGEX.test(did);\n}\n\nexport function extractDidMethod(did: Did): string | null {\n const match = did.match(/^did:([a-z0-9]+):/i);\n return match ? match[1] : null;\n}\n\nexport function extractDidIdentifier(did: Did): string | null {\n const match = did.match(/^did:[a-z0-9]+:(.+)$/i);\n return match ? match[1] : null;\n}\n\nexport function normalizeDomain(domain: string): string {\n assertString(domain, \"domain\", \"INVALID_DID\");\n return domain.trim().toLowerCase().replace(/\\.$/, \"\").replace(/^www\\./, \"\");\n}\n\nexport function normalizeDidWeb(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n\n if (trimmed.startsWith(\"did:\") && !trimmed.startsWith(\"did:web:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:web DID\", { input });\n }\n\n const identifier = trimmed.startsWith(\"did:web:\")\n ? trimmed.slice(\"did:web:\".length)\n : trimmed;\n\n const [host, ...pathParts] = identifier.split(\"/\");\n if (!host) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:web identifier\", { input });\n }\n\n const normalizedHost = normalizeDomain(host);\n const path = pathParts.length > 0 ? `/${pathParts.join(\"/\")}` : \"\";\n return `did:web:${normalizedHost}${path}`;\n}\n\nexport function normalizeDidPkh(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:pkh:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:pkh DID\", { input });\n }\n\n const parts = trimmed.split(\":\");\n if (parts.length !== 5) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh format\", { input });\n }\n\n const [, , namespace, chainId, address] = parts;\n if (!namespace || !chainId || !address) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh components\", { input });\n }\n\n return `did:pkh:${namespace.toLowerCase()}:${chainId}:${address.toLowerCase()}`;\n}\n\nexport function normalizeDidHandle(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:handle:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:handle DID\", { input });\n }\n\n const parts = trimmed.split(\":\");\n if (parts.length !== 4) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:handle format\", { input });\n }\n\n const [, , platform, username] = parts;\n if (!platform || !username) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:handle components\", { input });\n }\n\n return `did:handle:${platform.toLowerCase()}:${username}`;\n}\n\nexport function normalizeDidKey(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:key:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:key DID\", { input });\n }\n\n return trimmed;\n}\n\nexport function normalizeDid(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n // Strip DID URL fragment (#...) — fragments are not part of the DID itself (W3C DID Core §3.5)\n const trimmed = input.trim().split(\"#\")[0];\n\n if (!trimmed.startsWith(\"did:\")) {\n return normalizeDidWeb(trimmed);\n }\n\n if (!isValidDid(trimmed)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid DID format\", { input });\n }\n\n const method = extractDidMethod(trimmed);\n switch (method) {\n case \"web\":\n return normalizeDidWeb(trimmed);\n case \"pkh\":\n return normalizeDidPkh(trimmed);\n case \"handle\":\n return normalizeDidHandle(trimmed);\n case \"key\":\n return normalizeDidKey(trimmed);\n case \"jwk\":\n return normalizeDidJwk(trimmed);\n default:\n return trimmed;\n }\n}\n\nexport function computeDidHash(did: Did): Hex {\n const normalized = normalizeDid(did);\n return keccak256(toUtf8Bytes(normalized)) as Hex;\n}\n\nexport function computeDidAddress(didHash: Hex): Hex {\n assertString(didHash, \"didHash\", \"INVALID_DID\");\n if (!/^0x[0-9a-fA-F]{64}$/.test(didHash)) {\n throw new OmaTrustError(\"INVALID_DID\", \"didHash must be 32-byte hex\", { didHash });\n }\n\n // Spec: low-order 160 bits of didHash, serialized as lowercase 0x-hex.\n return `0x${didHash.slice(-40).toLowerCase()}` as Hex;\n}\n\nexport function didToAddress(did: Did): Hex {\n return computeDidAddress(computeDidHash(did));\n}\n\nexport function validateDidAddress(did: Did, address: Hex): boolean {\n try {\n return didToAddress(did).toLowerCase() === String(address).toLowerCase();\n } catch {\n return false;\n }\n}\n\nexport function buildDidWeb(domain: string): Did {\n return `did:web:${normalizeDomain(domain)}`;\n}\n\nexport function buildDidPkh(\n namespace: string,\n chainId: string | number,\n address: string\n): Did {\n assertString(namespace, \"namespace\", \"INVALID_DID\");\n assertString(address, \"address\", \"INVALID_DID\");\n if (chainId === \"\" || chainId === null || chainId === undefined) {\n throw new OmaTrustError(\"INVALID_DID\", \"chainId is required\", { chainId });\n }\n return `did:pkh:${namespace.toLowerCase()}:${chainId}:${address.toLowerCase()}`;\n}\n\nexport function buildEvmDidPkh(chainId: string | number, address: string): Did {\n return buildDidPkh(\"eip155\", chainId, address);\n}\n\nexport function buildDidPkhFromCaip10(caip10: string): Did {\n const parsed = parseCaip10(caip10);\n return buildDidPkh(parsed.namespace, parsed.reference, parsed.address);\n}\n\nfunction parseDidPkh(did: Did): { namespace: string; chainId: string; address: string } | null {\n if (!did.startsWith(\"did:pkh:\")) {\n return null;\n }\n\n const parts = did.split(\":\");\n if (parts.length !== 5) {\n return null;\n }\n\n const [, , namespace, chainId, address] = parts;\n if (!namespace || !chainId || !address) {\n return null;\n }\n\n return { namespace, chainId, address };\n}\n\nexport function getChainIdFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.chainId ?? null;\n}\n\nexport function getAddressFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.address ?? null;\n}\n\nexport function getNamespaceFromDidPkh(did: Did): string | null {\n return parseDidPkh(did)?.namespace ?? null;\n}\n\nexport function isEvmDidPkh(did: Did): boolean {\n return getNamespaceFromDidPkh(did) === \"eip155\";\n}\n\nexport function getDomainFromDidWeb(did: Did): string | null {\n if (!did.startsWith(\"did:web:\")) {\n return null;\n }\n\n const identifier = did.slice(\"did:web:\".length);\n const [domain] = identifier.split(\"/\");\n return domain || null;\n}\n\n/**\n * Extract an EVM address from a DID or address-like identifier.\n *\n * Supports:\n * - did:pkh (extracts the address portion — currently EVM only)\n * - did:ethr (extracts the Ethereum address)\n * - CAIP-10 format (e.g. eip155:1:0xABC)\n * - Raw EVM addresses (0x + 40 hex chars)\n *\n * NOTE: This function is EVM-specific. It does not support non-EVM chains\n * (e.g. Solana, Cosmos). Non-EVM did:pkh identifiers will throw.\n * A future version may generalize to support multiple chain families.\n *\n * @param identifier - A DID, CAIP-10 string, or raw EVM address\n * @returns The checksummed EVM address\n * @throws OmaTrustError if the identifier cannot be resolved to an EVM address\n */\nexport function extractAddressFromDid(identifier: string): string {\n assertString(identifier, \"identifier\", \"INVALID_DID\");\n\n if (identifier.startsWith(\"did:pkh:\")) {\n const pkh = parseDidPkh(normalizeDidPkh(identifier));\n if (!pkh) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:pkh identifier\", { identifier });\n }\n return pkh.address;\n }\n\n if (identifier.startsWith(\"did:ethr:\")) {\n const parts = identifier.replace(\"did:ethr:\", \"\").split(\":\");\n const address = parts.length === 1 ? parts[0] : parts[1];\n if (!address || !isAddress(address)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:ethr identifier\", { identifier });\n }\n return getAddress(address);\n }\n\n if (identifier.match(/^[a-z0-9-]+:[a-zA-Z0-9-]+:0x[a-fA-F0-9]{40}$/)) {\n const parsed = parseCaip10(identifier);\n return parsed.address;\n }\n\n if (isAddress(identifier)) {\n return getAddress(identifier);\n }\n\n throw new OmaTrustError(\"INVALID_DID\", \"Unsupported identifier format\", { identifier });\n}\n\n// ---------------------------------------------------------------------------\n// Private-Key DID Validation\n// ---------------------------------------------------------------------------\n\n/** Result of private-key DID validation */\nexport interface PrivateKeyDidValidation {\n valid: boolean;\n method: \"pkh\" | \"jwk\" | null;\n error?: string;\n}\n\n// CAIP-2 namespace: lowercase alphanumeric + hyphens, 3-8 chars per spec\nconst CAIP2_NAMESPACE_REGEX = /^[a-z0-9-]{3,8}$/;\n\n// Base64url character set (no padding required)\nconst BASE64URL_REGEX = /^[A-Za-z0-9_-]+$/;\n\nconst VALID_JWK_KTY = new Set([\"EC\", \"OKP\", \"RSA\"]);\n\n/**\n * Check if a DID uses a private-key method (can sign transactions/messages).\n * Quick boolean check — use validatePrivateKeyDid() for detailed errors.\n */\nexport function isPrivateKeyDid(did: string): boolean {\n return validatePrivateKeyDid(did).valid;\n}\n\n/**\n * Validate that a DID is a well-formed private-key DID.\n * Returns detailed validation result with method identification and error messages.\n *\n * Supported methods:\n * - did:pkh — CAIP-10 blockchain account (deep validation for eip155)\n * - did:jwk — JSON Web Key (structural validation)\n */\nexport function validatePrivateKeyDid(did: string): PrivateKeyDidValidation {\n if (typeof did !== \"string\" || did.trim().length === 0) {\n return { valid: false, method: null, error: \"DID must be a non-empty string\" };\n }\n\n const trimmed = did.trim();\n const method = extractDidMethod(trimmed);\n\n switch (method) {\n case \"pkh\":\n return validateDidPkh(trimmed);\n case \"jwk\":\n return validateDidJwk(trimmed);\n default:\n return {\n valid: false,\n method: null,\n error: method\n ? `DID method \"${method}\" is not a recognized private-key method`\n : \"Invalid DID format\"\n };\n }\n}\n\n/**\n * Validate a did:pkh DID.\n *\n * Format: did:pkh:<namespace>:<chainId>:<address>\n * - Must have exactly 5 colon-separated parts\n * - namespace must be a valid CAIP-2 namespace (lowercase alphanumeric + hyphens, 3-8 chars)\n * - chainId must be non-empty\n * - address must be non-empty\n * - For eip155 namespace: address must be a valid EVM address (0x + 40 hex chars)\n * - For other namespaces: address must be non-empty (permissive fallback)\n */\nfunction validateDidPkh(did: string): PrivateKeyDidValidation {\n const parts = did.split(\":\");\n if (parts.length !== 5) {\n return {\n valid: false,\n method: \"pkh\",\n error: `did:pkh must have exactly 5 colon-separated parts, got ${parts.length}`\n };\n }\n\n const [, , namespace, chainId, address] = parts;\n\n if (!namespace) {\n return { valid: false, method: \"pkh\", error: \"Missing namespace\" };\n }\n\n if (!CAIP2_NAMESPACE_REGEX.test(namespace)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid CAIP-2 namespace \"${namespace}\" (must be 3-8 lowercase alphanumeric/hyphen chars)`\n };\n }\n\n if (!chainId) {\n return { valid: false, method: \"pkh\", error: \"Missing chain ID (reference)\" };\n }\n\n if (!address) {\n return { valid: false, method: \"pkh\", error: \"Missing address\" };\n }\n\n // Deep validation for eip155 (EVM) namespace\n if (namespace === \"eip155\") {\n // Chain ID should be numeric for eip155\n if (!/^\\d+$/.test(chainId)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid eip155 chain ID \"${chainId}\" (must be numeric)`\n };\n }\n\n // Address must be a valid EVM address\n if (!isAddress(address)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid EVM address \"${address}\" (must be 0x + 40 hex chars)`\n };\n }\n }\n\n // Deep validation for solana namespace\n if (namespace === \"solana\") {\n // Solana addresses are base58-encoded public keys, 32-44 characters\n if (!/^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(address)) {\n return {\n valid: false,\n method: \"pkh\",\n error: `Invalid Solana address \"${address}\" (must be 32-44 base58 characters)`\n };\n }\n }\n\n return { valid: true, method: \"pkh\" };\n}\n\n/**\n * Validate a did:jwk DID.\n *\n * Format: did:jwk:<base64url-encoded-JWK>\n * - Must have exactly 3 colon-separated parts\n * - Identifier must be valid base64url\n * - Decoded value must be valid JSON\n * - Decoded JSON must contain a valid kty field (EC, OKP, RSA)\n * - Must NOT contain d (private key component)\n */\nfunction validateDidJwk(did: string): PrivateKeyDidValidation {\n const parts = did.split(\":\");\n if (parts.length !== 3) {\n return {\n valid: false,\n method: \"jwk\",\n error: `did:jwk must have exactly 3 colon-separated parts, got ${parts.length}`\n };\n }\n\n const [, , encoded] = parts;\n\n if (!encoded || encoded.length === 0) {\n return { valid: false, method: \"jwk\", error: \"Missing base64url-encoded JWK identifier\" };\n }\n\n if (!BASE64URL_REGEX.test(encoded)) {\n return {\n valid: false,\n method: \"jwk\",\n error: \"Identifier contains invalid base64url characters\"\n };\n }\n\n // Decode base64url to JSON\n let decoded: string;\n try {\n const bytes = base64url.decode(encoded);\n decoded = new TextDecoder().decode(bytes);\n } catch {\n return { valid: false, method: \"jwk\", error: \"Failed to base64url-decode identifier\" };\n }\n\n let jwk: Record<string, unknown>;\n try {\n jwk = JSON.parse(decoded);\n } catch {\n return { valid: false, method: \"jwk\", error: \"Decoded identifier is not valid JSON\" };\n }\n\n if (!jwk || typeof jwk !== \"object\" || Array.isArray(jwk)) {\n return { valid: false, method: \"jwk\", error: \"Decoded JWK must be a JSON object\" };\n }\n\n // Must have kty\n const kty = jwk.kty;\n if (typeof kty !== \"string\" || !VALID_JWK_KTY.has(kty)) {\n return {\n valid: false,\n method: \"jwk\",\n error: `Invalid or missing kty field (must be one of: EC, OKP, RSA)`\n };\n }\n\n // Must NOT contain private key material\n if (\"d\" in jwk) {\n return {\n valid: false,\n method: \"jwk\",\n error: \"DID must reference a public key — private key component (d) is not allowed\"\n };\n }\n\n // Validate required public key fields per kty (crv/x/y for EC, crv/x for OKP, n/e for RSA)\n const jwkValidation = validatePublicJwk(jwk);\n if (!jwkValidation.valid) {\n return { valid: false, method: \"jwk\", error: jwkValidation.error };\n }\n\n return { valid: true, method: \"jwk\" };\n}\n\n/**\n * Normalize a did:jwk DID.\n * Validates structure and returns the DID unchanged (did:jwk is already canonical).\n */\nexport function normalizeDidJwk(input: string): Did {\n assertString(input, \"input\", \"INVALID_DID\");\n const trimmed = input.trim();\n if (!trimmed.startsWith(\"did:jwk:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected did:jwk DID\", { input });\n }\n\n const result = validateDidJwk(trimmed);\n if (!result.valid) {\n throw new OmaTrustError(\"INVALID_DID\", result.error ?? \"Invalid did:jwk\", { input });\n }\n\n return trimmed;\n}\n","/**\n * DID URL Parsing — Phase 1\n *\n * Parses DID URLs (e.g. did:web:api.example.com#key-1) into their components.\n * DID URLs are mutable key references / lookup handles, not durable controller DIDs.\n */\n\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Parsed DID URL components */\nexport interface ParsedDidUrl {\n /** The original full DID URL */\n didUrl: string;\n /** The base DID (without fragment) */\n did: string;\n /** The fragment identifier (without the '#'), or null if no fragment */\n fragment: string | null;\n}\n\n// ---------------------------------------------------------------------------\n// DID URL Parser\n// ---------------------------------------------------------------------------\n\nconst DID_URL_REGEX = /^did:[a-z0-9]+:.+$/i;\n\n/**\n * Parse a DID URL into its components.\n *\n * A DID URL may include a fragment (e.g. `did:web:api.example.com#key-1`).\n * The fragment identifies a verification method, key reference, or other\n * resource under the DID.\n *\n * DID URLs are mutable key references. They should not be used as durable\n * controller DIDs. Use `resolveDidUrlControllerDid()` to derive a durable\n * `did:jwk` from a DID URL.\n *\n * @param input - A DID URL string\n * @returns Parsed components: didUrl, did, fragment\n * @throws OmaTrustError with code INVALID_DID_URL if input is malformed\n */\nexport function parseDidUrl(input: string): ParsedDidUrl {\n assertString(input, \"input\", \"INVALID_DID_URL\");\n const trimmed = input.trim();\n\n // Split on first '#' to separate DID from fragment\n const hashIndex = trimmed.indexOf(\"#\");\n\n let did: string;\n let fragment: string | null;\n\n if (hashIndex === -1) {\n did = trimmed;\n fragment = null;\n } else {\n did = trimmed.slice(0, hashIndex);\n const rawFragment = trimmed.slice(hashIndex + 1);\n\n if (rawFragment.length === 0) {\n throw new OmaTrustError(\n \"INVALID_DID_URL\",\n \"DID URL has empty fragment (trailing '#' with no identifier)\",\n { input }\n );\n }\n\n fragment = rawFragment;\n }\n\n // Validate the base DID portion\n if (!DID_URL_REGEX.test(did)) {\n throw new OmaTrustError(\n \"INVALID_DID_URL\",\n \"Invalid DID URL: base DID portion is malformed\",\n { input, did }\n );\n }\n\n return {\n didUrl: trimmed,\n did,\n fragment,\n };\n}\n\n/**\n * Check whether a string is a DID URL (contains a fragment).\n * Useful for guards that need to reject DID URLs where a bare DID is expected.\n */\nexport function isDidUrl(input: string): boolean {\n if (typeof input !== \"string\") return false;\n const trimmed = input.trim();\n return trimmed.includes(\"#\") && DID_URL_REGEX.test(trimmed.split(\"#\")[0]);\n}\n\n/**\n * Assert that a string is a bare DID (not a DID URL with a fragment).\n * Throws if the input contains a fragment.\n *\n * Use this in functions that expect a subject DID and must reject DID URLs.\n */\nexport function assertBareDid(input: string, paramName = \"did\"): void {\n assertString(input, paramName, \"INVALID_DID\");\n if (isDidUrl(input)) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Expected a bare DID but received a DID URL with a fragment. Use parseDidUrl() to handle DID URLs.`,\n { input }\n );\n }\n}\n","/**\n * DID Document Fetching — shared utility\n *\n * Fetches did:web DID documents from the well-known endpoint.\n * Used by identity/resolve-key and reputation/proof/did-json.\n */\n\nimport { OmaTrustError } from \"./errors\";\n\n/**\n * Fetch a DID document for a did:web domain.\n *\n * Resolves `https://<domain>/.well-known/did.json` and returns the parsed JSON.\n *\n * @param domain - The domain to fetch the DID document from\n * @returns The parsed DID document\n * @throws OmaTrustError with code NETWORK_ERROR if fetch fails\n */\nexport async function fetchDidDocument(\n domain: string\n): Promise<Record<string, unknown>> {\n const normalized = domain.toLowerCase().replace(/\\.$/, \"\");\n const url = `https://${normalized}/.well-known/did.json`;\n\n let response: Response;\n try {\n response = await fetch(url, { headers: { Accept: \"application/json\" } });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch DID document\", { domain, err });\n }\n\n if (!response.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", `DID document fetch failed: ${response.status}`, {\n domain,\n status: response.status,\n });\n }\n\n return (await response.json()) as Record<string, unknown>;\n}\n","/**\n * DID URL Key Resolution — Phase 3\n *\n * Resolves DID URL key references (e.g. did:web:api.example.com#key-1) to\n * public key material and derives durable did:jwk controller DIDs.\n *\n * DID URLs are mutable key references. This module resolves them to the\n * actual public key material they currently point to, then converts that\n * material into an immutable did:jwk for use as a controller DID.\n */\n\nimport { OmaTrustError } from \"../shared/errors\";\nimport { assertString } from \"../shared/assert\";\nimport { fetchDidDocument } from \"../shared/did-document\";\nimport { parseDidUrl } from \"./did-url\";\nimport { extractDidMethod, getDomainFromDidWeb } from \"./did\";\nimport { validatePublicJwk, jwkToDidJwk, type PublicJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Result of resolving a DID URL to public key material */\nexport interface ResolvedPublicKey {\n /** The original DID URL */\n didUrl: string;\n /** The base DID (without fragment) */\n did: string;\n /** The fragment identifier */\n fragment: string | null;\n /** The resolved public JWK */\n publicKeyJwk: PublicJwk;\n /** The verification method ID that matched */\n verificationMethodId: string;\n}\n\n/** Result of resolving a DID URL to a durable controller DID */\nexport interface ResolvedControllerDid extends ResolvedPublicKey {\n /** The durable did:jwk derived from the resolved public key */\n controllerDid: string;\n}\n\n/** Options for DID URL key resolution */\nexport interface ResolveKeyOptions {\n /**\n * Custom DID document fetcher. If not provided, uses the shared\n * fetchDidDocument which fetches from `/.well-known/did.json`.\n */\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\n// ---------------------------------------------------------------------------\n// Verification Method Search\n// ---------------------------------------------------------------------------\n\ninterface VerificationMethod {\n id: string;\n type?: string;\n publicKeyJwk?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\n/**\n * Find a verification method in a DID document by DID URL or fragment.\n */\nfunction findVerificationMethod(\n didDocument: Record<string, unknown>,\n didUrl: string,\n fragment: string | null\n): VerificationMethod | null {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return null;\n }\n\n for (const method of methods as VerificationMethod[]) {\n if (!method || typeof method !== \"object\") continue;\n const id = method.id;\n if (typeof id !== \"string\") continue;\n\n // Match by full DID URL\n if (id === didUrl) return method;\n\n // Match by fragment (e.g. \"#key-1\" matches \"did:web:example.com#key-1\")\n if (fragment && (id === `#${fragment}` || id.endsWith(`#${fragment}`))) {\n return method;\n }\n }\n\n return null;\n}\n\n/**\n * Extract verification method IDs from a DID document for error reporting.\n */\nfunction extractMethodIdsFromDidDocument(didDocument: Record<string, unknown>): string[] {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) return [];\n return (methods as Array<Record<string, unknown>>)\n .filter((m) => m && typeof m.id === \"string\")\n .map((m) => m.id as string);\n}\n\n// ---------------------------------------------------------------------------\n// Public API\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve a DID URL to public key material.\n *\n * Currently supports:\n * - did:web with fragment (e.g. did:web:api.example.com#key-1)\n *\n * Resolution steps:\n * 1. Parse the DID URL\n * 2. Resolve the base DID (fetch DID document)\n * 3. Find the matching verification method\n * 4. Extract and validate publicKeyJwk\n *\n * This function only obtains key material. It does not make authorization\n * decisions or check Controller Witness / Key Binding records.\n *\n * @param didUrl - A DID URL string (e.g. \"did:web:api.example.com#key-1\")\n * @param options - Optional configuration (custom fetcher, etc.)\n * @returns Resolved public key information\n * @throws OmaTrustError if resolution fails\n */\nexport async function resolveDidUrlToPublicKey(\n didUrl: string,\n options?: ResolveKeyOptions\n): Promise<ResolvedPublicKey> {\n assertString(didUrl, \"didUrl\", \"INVALID_DID_URL\");\n\n const parsed = parseDidUrl(didUrl);\n const method = extractDidMethod(parsed.did);\n\n if (!method) {\n throw new OmaTrustError(\"INVALID_DID_URL\", \"Cannot extract DID method from DID URL\", {\n didUrl,\n did: parsed.did,\n });\n }\n\n switch (method) {\n case \"web\":\n return resolveDidUrlKey(parsed.didUrl, parsed.did, parsed.fragment, options);\n default:\n throw new OmaTrustError(\n \"UNSUPPORTED_DID_METHOD\",\n `DID URL key resolution is not supported for method \"${method}\"`,\n { didUrl, method }\n );\n }\n}\n\n/**\n * Resolve a DID URL to a durable controller DID.\n *\n * This wraps resolveDidUrlToPublicKey and adds the did:jwk conversion step.\n * The returned controllerDid is the durable DID that callers should pass\n * to getControllerAuthorization.\n *\n * @param didUrl - A DID URL string (e.g. \"did:web:api.example.com#key-1\")\n * @param options - Optional configuration (custom fetcher, etc.)\n * @returns Resolved public key plus derived did:jwk controller DID\n * @throws OmaTrustError if resolution fails\n */\nexport async function resolveDidUrlToControllerDid(\n didUrl: string,\n options?: ResolveKeyOptions\n): Promise<ResolvedControllerDid> {\n const resolved = await resolveDidUrlToPublicKey(didUrl, options);\n const controllerDid = jwkToDidJwk(resolved.publicKeyJwk);\n\n return {\n ...resolved,\n controllerDid,\n };\n}\n\n// ---------------------------------------------------------------------------\n// did:web Resolution\n// ---------------------------------------------------------------------------\n\nasync function resolveDidUrlKey(\n didUrl: string,\n did: string,\n fragment: string | null,\n options?: ResolveKeyOptions\n): Promise<ResolvedPublicKey> {\n const domain = getDomainFromDidWeb(did);\n if (!domain) {\n throw new OmaTrustError(\"INVALID_DID_URL\", \"Cannot extract domain from did:web DID\", {\n didUrl,\n did,\n });\n }\n\n // Fetch DID document\n const fetchFn = options?.fetchDidDocument ?? fetchDidDocument;\n const didDocument = await fetchFn(domain);\n\n // Find verification method\n const method = findVerificationMethod(didDocument, didUrl, fragment);\n if (!method) {\n throw new OmaTrustError(\n \"KEY_NOT_FOUND\",\n `No verification method found matching \"${fragment ? `#${fragment}` : didUrl}\"`,\n { didUrl, fragment, availableMethods: extractMethodIdsFromDidDocument(didDocument) }\n );\n }\n\n // Extract publicKeyJwk\n const publicKeyJwk = method.publicKeyJwk;\n if (!publicKeyJwk || typeof publicKeyJwk !== \"object\") {\n throw new OmaTrustError(\n \"KEY_NOT_FOUND\",\n `Verification method \"${method.id}\" does not contain publicKeyJwk`,\n { didUrl, verificationMethodId: method.id }\n );\n }\n\n // Validate the JWK is a valid public key\n const validation = validatePublicJwk(publicKeyJwk);\n if (!validation.valid) {\n throw new OmaTrustError(\n \"INVALID_JWK\",\n `publicKeyJwk in verification method \"${method.id}\" is invalid: ${validation.error}`,\n { didUrl, verificationMethodId: method.id }\n );\n }\n\n return {\n didUrl,\n did,\n fragment,\n publicKeyJwk: publicKeyJwk as PublicJwk,\n verificationMethodId: method.id,\n };\n}\n","/**\n * Controller ID Comparison\n *\n * Determines whether two controller DIDs refer to the same entity.\n * Handles DID normalization and EVM address-based fallback (chain-agnostic).\n */\n\nimport { normalizeDid, extractDidMethod, extractAddressFromDid } from \"./did\";\nimport { didJwkToJwk, publicJwkEquals } from \"./jwk\";\n\n/**\n * Check if two controller DIDs refer to the same entity.\n *\n * Matching strategies (tried in order):\n * 1. Exact normalized DID string match\n * 2. EVM address match (chain-agnostic): if both DIDs resolve to the same\n * EVM address, they match regardless of chain ID. This handles cases like\n * did:pkh:eip155:1:0xABC matching did:pkh:eip155:137:0xABC.\n * 3. JWK material match: if both are did:jwk, compare the decoded public key\n * material directly (handles non-canonical encoding differences).\n *\n * @param a - First controller DID\n * @param b - Second controller DID\n * @returns true if both DIDs refer to the same controller\n */\nexport function isSameControllerId(a: string, b: string): boolean {\n // Strategy 1: Exact normalized DID string match\n let normalizedA: string | null = null;\n let normalizedB: string | null = null;\n\n try {\n normalizedA = normalizeDid(a);\n } catch {\n // a may not be normalizable\n }\n\n try {\n normalizedB = normalizeDid(b);\n } catch {\n // b may not be normalizable\n }\n\n if (normalizedA && normalizedB && normalizedA === normalizedB) {\n return true;\n }\n\n // Strategy 2: EVM address match (chain-agnostic)\n const evmA = extractControllerEvmAddress(a);\n const evmB = extractControllerEvmAddress(b);\n\n if (evmA && evmB && evmA.toLowerCase() === evmB.toLowerCase()) {\n return true;\n }\n\n // Strategy 3: JWK material match (for did:jwk with different encodings)\n const methodA = extractDidMethod(a);\n const methodB = extractDidMethod(b);\n\n if (methodA === \"jwk\" && methodB === \"jwk\") {\n try {\n const jwkA = didJwkToJwk(a);\n const jwkB = didJwkToJwk(b);\n return publicJwkEquals(jwkA, jwkB);\n } catch {\n return false;\n }\n }\n\n return false;\n}\n\n/**\n * Extract an EVM address from a controller DID, if possible.\n * Returns null for non-EVM controllers (did:jwk, non-eip155 did:pkh, etc.)\n */\nexport function extractControllerEvmAddress(controllerDid: string): string | null {\n try {\n const method = extractDidMethod(controllerDid);\n if (method === \"pkh\" && controllerDid.includes(\"eip155\")) {\n return extractAddressFromDid(controllerDid);\n }\n } catch {\n // Not extractable\n }\n return null;\n}\n","/**\n * Identity Types — Phase 4\n *\n * Types for JWS verification results and authorization metadata.\n * These define the contract between signature verification and\n * downstream authorization checks via getControllerAuthorization.\n */\n\nimport type { PublicJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// JWS Verification Result\n// ---------------------------------------------------------------------------\n\n/** Source of the public key used for JWS signature verification */\nexport type PublicKeySource = \"embedded-jwk\" | \"kid-resolution\";\n\n/**\n * Structured result of JWS signature verification.\n *\n * This result is NOT an authorization result. It does not determine whether\n * the signing key was authorized to act for the service identified by resourceUrl.\n *\n * It provides enough information for callers to perform downstream authorization\n * checks via getControllerAuthorization:\n * - publicKeyDid (did:jwk) is the durable controller DID\n * - resourceUrl identifies the service subject\n * - issuedAt enables authorization-window checks for receipts\n */\nexport interface JwsVerificationResult {\n /** Whether the JWS signature is cryptographically valid */\n valid: boolean;\n\n /** Decoded JWS protected header */\n header: Record<string, unknown>;\n\n /** Decoded JWS payload */\n payload: Record<string, unknown>;\n\n /** kid from the JWS header (a key reference, NOT a controller DID) */\n kid: string | null;\n\n /** The public JWK used for signature verification */\n publicKeyJwk: PublicJwk;\n\n /** How the public key was obtained */\n publicKeySource: PublicKeySource;\n\n /**\n * The durable did:jwk derived from the public key.\n * This is the controller DID for downstream authorization checks.\n * Pass this as controllerDid to getControllerAuthorization.\n */\n publicKeyDid: string;\n\n /** Error details when valid is false */\n error?: JwsVerificationError;\n}\n\n/** Error details for failed JWS verification */\nexport interface JwsVerificationError {\n code: string;\n message: string;\n}\n\n/**\n * Failed JWS verification result.\n * Returned when parsing, decoding, or signature verification fails.\n */\nexport interface JwsVerificationFailure {\n valid: false;\n error: JwsVerificationError;\n header?: Record<string, unknown>;\n payload?: Record<string, unknown>;\n kid?: string | null;\n publicKeyJwk?: PublicJwk;\n publicKeySource?: PublicKeySource;\n publicKeyDid?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Authorization Metadata\n// ---------------------------------------------------------------------------\n\n/**\n * Authorization metadata extracted from a verified x402 artifact.\n *\n * This is the information a caller needs to perform an authorization check\n * after signature verification succeeds (JWS or EIP-712).\n *\n * Usage:\n * 1. Verify artifact → get JwsVerificationResult or Eip712VerificationResult\n * 2. Extract AuthorizationMetadata from the result\n * 3. Call getControllerAuthorization({ subjectDid, controllerDid, purpose })\n * 4. Evaluate the returned authorization window against policy\n */\nexport interface AuthorizationMetadata {\n /**\n * The durable controller DID derived from the verified key material.\n * - JWS: did:jwk derived from the public key\n * - EIP-712: did:pkh:eip155:1:<signer-address>\n * Pass this as controllerDid to getControllerAuthorization.\n */\n controllerDid: string;\n\n /**\n * The subject DID derived from resourceUrl.\n * For x402 artifacts, this is typically did:web:<domain-from-resourceUrl>.\n * Pass this as subjectDid to getControllerAuthorization.\n */\n subjectDid: string | null;\n\n /**\n * The resourceUrl from the signed payload.\n * Identifies the service/resource the artifact is associated with.\n */\n resourceUrl: string | null;\n\n /**\n * The issuedAt timestamp from the signed payload (receipts).\n * Used for authorization-window checks — was the controller authorized at this time?\n * May be a string (ISO) or number (unix seconds) depending on the payload.\n */\n issuedAt: string | number | null;\n\n /**\n * The kid from the JWS header (mutable key reference).\n * Useful for key-pinning lookups but NOT a controller DID.\n * Null for EIP-712 artifacts.\n */\n kid: string | null;\n\n /**\n * The public JWK used for signature verification.\n * Present for JWS artifacts, null for EIP-712.\n */\n publicKeyJwk: PublicJwk | null;\n\n /**\n * The recovered signer address (checksummed).\n * Present for EIP-712 artifacts, null for JWS.\n */\n signer: string | null;\n}\n\n// ---------------------------------------------------------------------------\n// Helper\n// ---------------------------------------------------------------------------\n\n/**\n * Input for extractAuthorizationMetadata.\n * Accepts either a JwsVerificationResult or an Eip712VerificationResult.\n */\nexport type VerificationResultInput =\n | JwsVerificationResult\n | { valid: true; payload: Record<string, unknown>; signer: string; artifactType: string };\n\n/**\n * Extract authorization metadata from a successful verification result.\n *\n * Works with both JWS and EIP-712 verification results:\n * - JWS: controllerDid is did:jwk, publicKeyJwk is populated, kid may be present\n * - EIP-712: controllerDid is did:pkh:eip155:1:<signer>, signer is populated\n *\n * Derives the subject DID from resourceUrl when possible (assumes did:web\n * for HTTPS URLs). Returns null for subjectDid if resourceUrl is missing\n * or cannot be parsed.\n *\n * @param result - A successful verification result (valid === true)\n * @returns Authorization metadata for downstream getControllerAuthorization calls\n */\nexport function extractAuthorizationMetadata(\n result: VerificationResultInput\n): AuthorizationMetadata {\n const payload = result.payload;\n\n const resourceUrl = typeof payload.resourceUrl === \"string\" ? payload.resourceUrl : null;\n const issuedAt =\n typeof payload.issuedAt === \"string\"\n ? payload.issuedAt\n : typeof payload.issuedAt === \"number\"\n ? payload.issuedAt\n : null;\n\n // Derive subject DID from resourceUrl\n let subjectDid: string | null = null;\n if (resourceUrl) {\n try {\n const url = new URL(resourceUrl);\n subjectDid = `did:web:${url.hostname}`;\n } catch {\n // Cannot parse URL — leave subjectDid null\n }\n }\n\n // Detect which result type we have\n if (\"publicKeyDid\" in result) {\n // JWS result\n const jwsResult = result as JwsVerificationResult;\n return {\n controllerDid: jwsResult.publicKeyDid,\n subjectDid,\n resourceUrl,\n issuedAt,\n kid: jwsResult.kid,\n publicKeyJwk: jwsResult.publicKeyJwk,\n signer: null,\n };\n }\n\n // EIP-712 result\n const eip712Result = result as { signer: string; payload: Record<string, unknown> };\n const signerAddress = eip712Result.signer.toLowerCase();\n return {\n controllerDid: `did:pkh:eip155:1:${signerAddress}`,\n subjectDid,\n resourceUrl,\n issuedAt,\n kid: null,\n publicKeyJwk: null,\n signer: eip712Result.signer,\n };\n}\n","import canonicalize from \"canonicalize\";\nimport { keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\n\ntype Hex = `0x${string}`;\n\nconst VALID_ALGORITHMS = new Set([\"keccak256\", \"sha256\"]);\n\n/** Maximum JSON nesting depth allowed. */\nconst MAX_JSON_DEPTH = 32;\n\nfunction assertDepthLimit(depth: number, context?: string): void {\n if (depth > MAX_JSON_DEPTH) {\n const msg = context\n ? `JSON nesting depth exceeds maximum of ${MAX_JSON_DEPTH} at ${context}`\n : `JSON nesting depth exceeds maximum of ${MAX_JSON_DEPTH}`;\n throw new OmaTrustError(\"INVALID_INPUT\", msg);\n }\n}\n\n/**\n * Parse JSON strictly, rejecting duplicate keys.\n * Standard JSON.parse() silently accepts duplicates (last-wins).\n * This function detects duplicates at any nesting depth and throws.\n */\nexport function parseJsonStrict(input: string): unknown {\n if (typeof input !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Input must be a string\");\n }\n\n // First pass: detect duplicate keys by scanning object literals\n const seen = new Map<string, Set<string>>();\n let pathStack: string[] = [];\n let depth = 0;\n\n // Use a reviver to track keys at each depth\n const keyTracker = new Map<number, Set<string>>();\n\n // Parse with a reviver that tracks keys per object depth\n // JSON.parse calls the reviver bottom-up, so we use a different approach:\n // scan the raw string for duplicate keys using a state machine.\n const duplicateKeys = detectDuplicateKeys(input);\n if (duplicateKeys.length > 0) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n `Duplicate JSON key${duplicateKeys.length > 1 ? \"s\" : \"\"} detected: ${duplicateKeys.map(k => `\"${k}\"`).join(\", \")}`,\n { duplicateKeys }\n );\n }\n\n try {\n return JSON.parse(input);\n } catch {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Input is not valid JSON\");\n }\n}\n\n/**\n * Detect duplicate keys in a JSON string.\n * Returns an array of key names that appear more than once in any single object.\n */\nfunction detectDuplicateKeys(input: string): string[] {\n const duplicates: string[] = [];\n // Stack of sets — each set tracks keys for the current object nesting level\n const objectKeyStack: Set<string>[] = [];\n let inString = false;\n let escaped = false;\n let currentKey = \"\";\n let collectingKey = false;\n let afterColon = false;\n let i = 0;\n\n while (i < input.length) {\n const ch = input[i];\n\n if (escaped) {\n if (collectingKey) currentKey += ch;\n escaped = false;\n i++;\n continue;\n }\n\n if (ch === \"\\\\\") {\n escaped = true;\n if (collectingKey) currentKey += ch;\n i++;\n continue;\n }\n\n if (ch === '\"') {\n if (!inString) {\n inString = true;\n // If we're in an object context and not after a colon, this is a key\n if (objectKeyStack.length > 0 && !afterColon) {\n collectingKey = true;\n currentKey = \"\";\n }\n } else {\n inString = false;\n if (collectingKey) {\n collectingKey = false;\n const keySet = objectKeyStack[objectKeyStack.length - 1];\n if (keySet.has(currentKey)) {\n if (!duplicates.includes(currentKey)) {\n duplicates.push(currentKey);\n }\n } else {\n keySet.add(currentKey);\n }\n }\n }\n i++;\n continue;\n }\n\n if (inString) {\n if (collectingKey) currentKey += ch;\n i++;\n continue;\n }\n\n // Outside string\n if (ch === \"{\") {\n objectKeyStack.push(new Set());\n assertDepthLimit(objectKeyStack.length);\n afterColon = false;\n } else if (ch === \"}\") {\n objectKeyStack.pop();\n afterColon = objectKeyStack.length > 0; // restore parent context\n } else if (ch === \"[\") {\n // Arrays don't have keys — push a sentinel\n objectKeyStack.push(new Set([\"__array__\"]));\n assertDepthLimit(objectKeyStack.length);\n afterColon = false;\n } else if (ch === \"]\") {\n objectKeyStack.pop();\n afterColon = objectKeyStack.length > 0;\n } else if (ch === \":\") {\n afterColon = true;\n } else if (ch === \",\") {\n afterColon = false;\n }\n\n i++;\n }\n\n return duplicates;\n}\n\n/**\n * Assert that a value is JSON-safe (representable in JSON without lossy conversion).\n * Rejects: undefined, NaN, Infinity, -Infinity, BigInt, functions, symbols, Date objects.\n * These values would be silently coerced or dropped by JSON.stringify / canonicalize.\n */\nexport function assertJsonSafe(value: unknown, path: string = \"$\", depth: number = 0): void {\n assertDepthLimit(depth, path);\n\n if (value === undefined) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: undefined`);\n }\n\n if (value === null) return;\n\n switch (typeof value) {\n case \"string\":\n case \"boolean\":\n return;\n case \"number\":\n if (!Number.isFinite(value)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: ${value} (must be finite number)`);\n }\n return;\n case \"bigint\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: BigInt (use number or string)`);\n case \"function\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: function`);\n case \"symbol\":\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: Symbol`);\n case \"object\":\n if (value instanceof Date) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: Date (use ISO string or timestamp)`);\n }\n if (value instanceof RegExp) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: RegExp`);\n }\n if (Array.isArray(value)) {\n for (let i = 0; i < value.length; i++) {\n assertJsonSafe(value[i], `${path}[${i}]`, depth + 1);\n }\n return;\n }\n // Plain object\n for (const [key, val] of Object.entries(value)) {\n assertJsonSafe(val, `${path}.${key}`, depth + 1);\n }\n return;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", `Non-JSON-safe value at ${path}: unknown type \"${typeof value}\"`);\n }\n}\n\nexport function canonicalizeJson(obj: unknown): string {\n assertJsonSafe(obj);\n const jcs = canonicalize(obj);\n if (!jcs) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Object cannot be canonicalized\", { obj });\n }\n return jcs;\n}\n\n/**\n * Canonicalize a JSON object (JCS / RFC 8785) and compute its keccak256 hash.\n * Returns both the canonical JCS string and the 0x-prefixed hash.\n */\nexport function canonicalizeAndKeccak256(obj: unknown): { jcsJson: string; hash: Hex } {\n const jcsJson = canonicalizeJson(obj);\n return {\n jcsJson,\n hash: keccak256(toUtf8Bytes(jcsJson)) as Hex\n };\n}\n\n/** @deprecated Use canonicalizeAndKeccak256 instead. */\nexport function canonicalizeForHash(obj: unknown): { jcsJson: string; hash: Hex } {\n return canonicalizeAndKeccak256(obj);\n}\n\nexport function hashCanonicalizedJson(obj: unknown, algorithm: \"keccak256\" | \"sha256\"): Hex {\n if (!VALID_ALGORITHMS.has(algorithm)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Unsupported hash algorithm: \"${algorithm}\". Must be \"keccak256\" or \"sha256\".`, { algorithm });\n }\n const jcs = canonicalizeJson(obj);\n const bytes = toUtf8Bytes(jcs);\n return (algorithm === \"keccak256\" ? keccak256(bytes) : sha256(bytes)) as Hex;\n}\n","/**\n * did:artifact — Content-Addressed DID Method\n *\n * Implements construction, parsing, and verification for the did:artifact DID method.\n * A did:artifact DID names an immutable byte sequence by its SHA-256 content hash,\n * encoded as a CIDv1 with raw multicodec and base32-lower multibase.\n *\n * Construction:\n * - artifactDidFromBytes: hash raw bytes (binary artifacts)\n * - artifactDidFromJson: canonicalize JSON then hash (JSON artifacts)\n *\n * Verification:\n * - verifyDidArtifact: verify content matches a did:artifact DID\n * (tries canonical JSON first, then raw bytes)\n *\n * Spec: https://oma3dao.github.io/omatrust-docs/specification/did-artifact-method-spec.html\n */\n\nimport { CID } from \"multiformats/cid\";\nimport { sha256 } from \"multiformats/hashes/sha2\";\nimport * as raw from \"multiformats/codecs/raw\";\nimport { base32 } from \"multiformats/bases/base32\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { canonicalizeJson, parseJsonStrict } from \"./data\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Parsed components of a did:artifact DID */\nexport interface ParsedArtifactDid {\n /** The full DID string */\n did: string;\n /** The method-specific identifier (base32-encoded CIDv1) */\n identifier: string;\n /** The SHA-256 digest as a Uint8Array (32 bytes) */\n digest: Uint8Array;\n /** The SHA-256 digest as lowercase hex */\n digestHex: string;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst DID_ARTIFACT_PREFIX = \"did:artifact:\";\n\n/** Expected binary CID length: 1 (version) + 1 (codec) + 2 (multihash header) + 32 (digest) */\nconst EXPECTED_CID_BYTES = 36;\n\n/** CID version 1 */\nconst CID_VERSION = 1;\n\n/** Multicodec for raw (0x55) */\nconst RAW_CODEC = raw.code; // 0x55\n\n/** Multihash function code for sha2-256 (0x12) */\nconst SHA2_256_CODE = 0x12;\n\n/** Expected digest length for SHA-256 */\nconst SHA2_256_DIGEST_LENGTH = 32;\n\n// ---------------------------------------------------------------------------\n// Construction\n// ---------------------------------------------------------------------------\n\n/**\n * Construct a did:artifact DID from raw bytes.\n *\n * Use this when the artifact is a binary blob (installer, archive, image, etc.)\n * where no canonicalization is needed. The bytes are hashed as-is.\n *\n * @param bytes - The artifact's raw octets\n * @returns The did:artifact DID string\n * @throws OmaTrustError if bytes is empty or not a Uint8Array\n */\nexport async function artifactDidFromBytes(bytes: Uint8Array): Promise<string> {\n if (!(bytes instanceof Uint8Array) || bytes.length === 0) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n \"bytes must be a non-empty Uint8Array\"\n );\n }\n\n const digest = await sha256.digest(bytes);\n const cid = CID.createV1(RAW_CODEC, digest);\n return `${DID_ARTIFACT_PREFIX}${cid.toString(base32)}`;\n}\n\n/**\n * Construct a did:artifact DID from a JSON value.\n *\n * The input is canonicalized using JCS (RFC 8785), then the canonical UTF-8 bytes\n * are hashed with SHA-256. If the input is a string, it is parsed strictly\n * (rejecting duplicate keys, non-JSON-safe values, etc.) before canonicalization.\n *\n * Use this when the artifact is a JSON document and you want identity based on\n * the JSON *value* rather than the exact serialization.\n *\n * @param input - A parsed JSON value (object/array/primitive) or a JSON string\n * @returns The did:artifact DID string\n * @throws OmaTrustError if canonicalization fails (malformed JSON, duplicate keys, etc.)\n */\nexport async function artifactDidFromJson(input: unknown): Promise<string> {\n // If input is a string, parse it strictly first\n const value = typeof input === \"string\" ? parseJsonStrict(input) : input;\n\n // Canonicalize — this validates JSON safety and produces JCS output\n const jcs = canonicalizeJson(value);\n const bytes = new TextEncoder().encode(jcs);\n\n const digest = await sha256.digest(bytes);\n const cid = CID.createV1(RAW_CODEC, digest);\n return `${DID_ARTIFACT_PREFIX}${cid.toString(base32)}`;\n}\n\n// ---------------------------------------------------------------------------\n// Parsing\n// ---------------------------------------------------------------------------\n\n/**\n * Parse and validate a did:artifact DID string.\n *\n * Validates:\n * - Correct prefix\n * - Valid base32-lower multibase encoding\n * - CID version 1\n * - Multicodec is raw (0x55)\n * - Multihash function is sha2-256 (0x12) with 32-byte digest\n *\n * @param did - The DID string to parse\n * @returns Parsed components including the SHA-256 digest\n * @throws OmaTrustError if the DID is malformed or uses unsupported parameters\n */\nexport function parseArtifactDid(did: string): ParsedArtifactDid {\n if (typeof did !== \"string\" || !did.startsWith(DID_ARTIFACT_PREFIX)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:artifact DID\", { did });\n }\n\n const identifier = did.slice(DID_ARTIFACT_PREFIX.length);\n if (!identifier || identifier.length === 0) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing method-specific identifier\", { did });\n }\n\n // Must start with 'b' (base32lower multibase prefix)\n if (identifier[0] !== \"b\") {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Invalid multibase prefix \"${identifier[0]}\", expected \"b\" (base32lower)`,\n { did }\n );\n }\n\n // Decode the CID from base32\n let cid: CID;\n try {\n cid = CID.parse(identifier, base32);\n } catch (err) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"Failed to decode base32 CID from did:artifact identifier\",\n { did, cause: err }\n );\n }\n\n // Validate CID version\n if (cid.version !== CID_VERSION) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `CID version must be 1, got ${cid.version}`,\n { did }\n );\n }\n\n // Validate multicodec (raw = 0x55)\n if (cid.code !== RAW_CODEC) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Multicodec must be raw (0x55), got 0x${cid.code.toString(16)}`,\n { did }\n );\n }\n\n // Validate multihash function (sha2-256 = 0x12)\n if (cid.multihash.code !== SHA2_256_CODE) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Multihash function must be sha2-256 (0x12), got 0x${cid.multihash.code.toString(16)}`,\n { did }\n );\n }\n\n // Validate digest length\n if (cid.multihash.digest.length !== SHA2_256_DIGEST_LENGTH) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `SHA-256 digest must be 32 bytes, got ${cid.multihash.digest.length}`,\n { did }\n );\n }\n\n const digest = cid.multihash.digest;\n const digestHex = Array.from(digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n return { did, identifier, digest, digestHex };\n}\n\n// ---------------------------------------------------------------------------\n// Verification\n// ---------------------------------------------------------------------------\n\n/** Result of artifact verification */\nexport interface ArtifactVerificationResult {\n /** Whether the content matches the DID */\n valid: boolean;\n /** Which interpretation matched: \"json\" if canonical JSON matched, \"binary\" if raw bytes matched */\n matchedAs?: \"json\" | \"binary\";\n /** Error reason when valid is false */\n reason?: string;\n}\n\n/**\n * Verify that content matches a did:artifact DID.\n *\n * Verification strategy:\n * 1. Try to interpret the content as JSON: parse strictly, canonicalize, hash, compare.\n * 2. If JSON interpretation fails or doesn't match, hash the raw bytes and compare.\n * 3. If either matches, verification succeeds.\n *\n * This dual approach is necessary because the verifier doesn't know which path\n * (artifactDidFromJson vs artifactDidFromBytes) was used at construction time.\n *\n * @param did - The did:artifact DID to verify against\n * @param content - The candidate content (Uint8Array for binary, or string/object for JSON)\n * @returns Verification result indicating whether and how the content matched\n */\nexport async function verifyDidArtifact(\n did: string,\n content: Uint8Array | string | unknown\n): Promise<ArtifactVerificationResult> {\n // Parse and validate the DID\n let parsed: ParsedArtifactDid;\n try {\n parsed = parseArtifactDid(did);\n } catch (err) {\n return {\n valid: false,\n reason: err instanceof OmaTrustError ? err.message : \"Invalid did:artifact DID\",\n };\n }\n\n const expectedHex = parsed.digestHex;\n\n // Strategy 1: Try JSON canonicalization\n if (typeof content === \"string\" || (typeof content === \"object\" && content !== null && !(content instanceof Uint8Array))) {\n try {\n const value = typeof content === \"string\" ? parseJsonStrict(content) : content;\n const jcs = canonicalizeJson(value);\n const jcsBytes = new TextEncoder().encode(jcs);\n const digest = await sha256.digest(jcsBytes);\n const digestHex = Array.from(digest.digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n if (digestHex === expectedHex) {\n return { valid: true, matchedAs: \"json\" };\n }\n } catch {\n // JSON canonicalization failed — fall through to binary\n }\n }\n\n // Strategy 2: Try raw bytes\n let rawBytes: Uint8Array;\n if (content instanceof Uint8Array) {\n rawBytes = content;\n } else if (typeof content === \"string\") {\n rawBytes = new TextEncoder().encode(content);\n } else {\n // For objects that didn't match as JSON, we can't try binary\n return {\n valid: false,\n reason: \"Content did not match as canonical JSON and is not raw bytes\",\n };\n }\n\n const digest = await sha256.digest(rawBytes);\n const digestHex = Array.from(digest.digest)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\");\n\n if (digestHex === expectedHex) {\n return { valid: true, matchedAs: \"binary\" };\n }\n\n return {\n valid: false,\n reason: \"Content does not match the did:artifact identifier (neither as canonical JSON nor as raw bytes)\",\n };\n}\n","/**\n * DID Method Migration Helpers\n *\n * Provides conversion functions for deprecated DID methods:\n * - did:ethr → did:pkh:eip155 (wallet addresses)\n * - did:key → did:jwk (non-blockchain keys)\n *\n * These methods are being deprecated in favor of their canonical replacements.\n * Use these functions to convert existing identifiers to the preferred format.\n */\n\nimport { base58btc } from \"multiformats/bases/base58\";\nimport { isAddress, getAddress } from \"ethers\";\nimport { base64url } from \"jose\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { jwkToDidJwk } from \"./jwk\";\n\n// ---------------------------------------------------------------------------\n// did:ethr → did:pkh\n// ---------------------------------------------------------------------------\n\n/**\n * Convert a did:ethr DID to the equivalent did:pkh:eip155 DID.\n *\n * did:ethr format: did:ethr:<address> or did:ethr:<chainId>:<address>\n * did:pkh format: did:pkh:eip155:<chainId>:<address>\n *\n * If the did:ethr DID omits the chain ID, defaults to chain 1 (Ethereum mainnet).\n *\n * @param did - A did:ethr DID string\n * @returns The equivalent did:pkh:eip155 DID\n * @throws OmaTrustError if the input is not a valid did:ethr DID\n */\nexport function didEthrToDidPkh(did: string): string {\n if (typeof did !== \"string\" || !did.startsWith(\"did:ethr:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:ethr DID\", { did });\n }\n\n const remainder = did.slice(\"did:ethr:\".length);\n if (!remainder) {\n throw new OmaTrustError(\"INVALID_DID\", \"Missing identifier in did:ethr DID\", { did });\n }\n\n let chainId: string;\n let address: string;\n\n // Check for chain-specific format: did:ethr:<network>:<address>\n // Networks can be hex chain IDs (0x1), named networks, or numeric\n const parts = remainder.split(\":\");\n if (parts.length === 1) {\n // did:ethr:<address> — default to chain 1\n chainId = \"1\";\n address = parts[0];\n } else if (parts.length === 2) {\n // did:ethr:<chainId>:<address>\n const rawChainId = parts[0];\n address = parts[1];\n\n // Parse chain ID: support hex (0x1), numeric, and named networks\n if (rawChainId.startsWith(\"0x\")) {\n chainId = String(parseInt(rawChainId, 16));\n } else if (/^\\d+$/.test(rawChainId)) {\n chainId = rawChainId;\n } else {\n // Named networks — map common names\n const networkMap: Record<string, string> = {\n mainnet: \"1\",\n goerli: \"5\",\n sepolia: \"11155111\",\n polygon: \"137\",\n arbitrum: \"42161\",\n optimism: \"10\",\n base: \"8453\",\n };\n const mapped = networkMap[rawChainId.toLowerCase()];\n if (!mapped) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Unknown did:ethr network \"${rawChainId}\"`,\n { did, network: rawChainId }\n );\n }\n chainId = mapped;\n }\n } else {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid did:ethr format\", { did });\n }\n\n if (!isAddress(address)) {\n throw new OmaTrustError(\"INVALID_DID\", \"Invalid Ethereum address in did:ethr DID\", {\n did,\n address,\n });\n }\n\n const checksummed = getAddress(address);\n return `did:pkh:eip155:${chainId}:${checksummed.toLowerCase()}`;\n}\n\n// ---------------------------------------------------------------------------\n// did:key → did:jwk\n// ---------------------------------------------------------------------------\n\n/**\n * Multicodec prefixes for key types used in did:key.\n * Each prefix identifies the key algorithm and curve.\n */\nconst MULTICODEC_KEY_TYPES: Record<number, { kty: string; crv: string; coordSize?: number }> = {\n // Ed25519 public key: 0xed (varint encoded as [0xed, 0x01])\n 0xed: { kty: \"OKP\", crv: \"Ed25519\" },\n // X25519 public key: 0xec (varint encoded as [0xec, 0x01])\n 0xec: { kty: \"OKP\", crv: \"X25519\" },\n // secp256k1 public key (compressed): 0xe7 (varint encoded as [0xe7, 0x01])\n 0xe7: { kty: \"EC\", crv: \"secp256k1\", coordSize: 33 },\n // P-256 public key (compressed): 0x80 0x24 (varint 0x1200)\n 0x1200: { kty: \"EC\", crv: \"P-256\", coordSize: 33 },\n // P-384 public key (compressed): 0x81 0x24 (varint 0x1201)\n 0x1201: { kty: \"EC\", crv: \"P-384\", coordSize: 49 },\n};\n\n/**\n * Read a varint from a byte array (unsigned LEB128).\n * Returns the decoded value and the number of bytes consumed.\n */\nfunction readVarint(bytes: Uint8Array, offset: number): { value: number; bytesRead: number } {\n let value = 0;\n let shift = 0;\n let bytesRead = 0;\n\n while (offset + bytesRead < bytes.length) {\n const byte = bytes[offset + bytesRead];\n value |= (byte & 0x7f) << shift;\n bytesRead++;\n if ((byte & 0x80) === 0) {\n return { value, bytesRead };\n }\n shift += 7;\n if (shift > 28) {\n throw new OmaTrustError(\"INVALID_DID\", \"Varint too long in did:key multicodec prefix\");\n }\n }\n\n throw new OmaTrustError(\"INVALID_DID\", \"Truncated varint in did:key multicodec prefix\");\n}\n\n/**\n * Decompress a compressed EC public key to x, y coordinates.\n * Supports secp256k1, P-256, and P-384 (all use the same compressed format).\n *\n * For OKP keys (Ed25519, X25519), the raw bytes ARE the public key — no decompression needed.\n */\nfunction decompressEcKey(\n compressedKey: Uint8Array,\n crv: string\n): { x: Uint8Array; y: Uint8Array } {\n // For EC curves, a compressed key is 33 bytes (P-256, secp256k1) or 49 bytes (P-384)\n // Format: 0x02/0x03 prefix + x-coordinate\n // We can't decompress to y without doing the curve math, but for did:jwk we can\n // use the compressed representation directly IF the curve supports it.\n // However, JWK requires uncompressed x and y for EC keys.\n //\n // Since full decompression requires curve-specific modular arithmetic that's complex\n // to implement in pure JS, and the did:key spec stores compressed keys, we'll use\n // a simpler approach: for secp256k1 keys (the most common case in did:ethr migration),\n // we store just the x-coordinate and mark it with the compression prefix.\n //\n // Actually, for did:key → did:jwk conversion, the standard approach is:\n // - Ed25519/X25519: x = raw 32-byte key (base64url encoded)\n // - EC keys: requires the full uncompressed point\n //\n // The practical path: since did:key typically stores compressed EC keys,\n // and converting compressed → uncompressed requires elliptic curve operations,\n // we reject compressed EC keys that we can't fully decompress and suggest\n // using did:pkh for EVM keys instead.\n\n throw new OmaTrustError(\n \"UNSUPPORTED_KEY_TYPE\",\n `Cannot convert compressed EC key (${crv}) from did:key to did:jwk. ` +\n `Decompressing EC points requires elliptic curve arithmetic. ` +\n `For EVM keys, use didEthrToDidPkh() instead.`,\n { crv, keyLength: compressedKey.length }\n );\n}\n\n/**\n * Convert a did:key DID to the equivalent did:jwk DID.\n *\n * did:key encodes a public key as a multicodec-prefixed, base58btc-encoded value.\n * This function decodes the key, identifies the algorithm from the multicodec prefix,\n * constructs a JWK, and wraps it as did:jwk.\n *\n * Supported key types:\n * - Ed25519 (multicodec 0xed)\n * - X25519 (multicodec 0xec)\n *\n * EC keys (secp256k1, P-256, P-384) are stored compressed in did:key and require\n * elliptic curve decompression to produce a valid JWK. This is not supported;\n * use didEthrToDidPkh() for EVM wallet keys instead.\n *\n * @param did - A did:key DID string\n * @returns The equivalent did:jwk DID\n * @throws OmaTrustError if the input is invalid or uses an unsupported key type\n */\nexport function didKeyToDidJwk(did: string): string {\n if (typeof did !== \"string\" || !did.startsWith(\"did:key:\")) {\n throw new OmaTrustError(\"INVALID_DID\", \"Expected a did:key DID\", { did });\n }\n\n const identifier = did.slice(\"did:key:\".length);\n if (!identifier || !identifier.startsWith(\"z\")) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"did:key identifier must start with 'z' (base58btc multibase prefix)\",\n { did }\n );\n }\n\n // Decode base58btc (the 'z' prefix is the multibase indicator)\n let decoded: Uint8Array;\n try {\n decoded = base58btc.decode(identifier);\n } catch (err) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n \"Failed to decode base58btc from did:key identifier\",\n { did, cause: err }\n );\n }\n\n if (decoded.length < 3) {\n throw new OmaTrustError(\"INVALID_DID\", \"did:key decoded bytes too short\", { did });\n }\n\n // Read the multicodec prefix (varint)\n const { value: codecValue, bytesRead } = readVarint(decoded, 0);\n\n const keyType = MULTICODEC_KEY_TYPES[codecValue];\n if (!keyType) {\n throw new OmaTrustError(\n \"UNSUPPORTED_KEY_TYPE\",\n `Unsupported multicodec key type 0x${codecValue.toString(16)} in did:key`,\n { did, codec: `0x${codecValue.toString(16)}` }\n );\n }\n\n // Extract the raw key bytes after the multicodec prefix\n const keyBytes = decoded.slice(bytesRead);\n\n if (keyType.kty === \"OKP\") {\n // Ed25519 or X25519: raw 32-byte key → JWK with x field\n if (keyBytes.length !== 32) {\n throw new OmaTrustError(\n \"INVALID_DID\",\n `Expected 32-byte ${keyType.crv} key, got ${keyBytes.length} bytes`,\n { did, crv: keyType.crv }\n );\n }\n\n const jwk = {\n kty: keyType.kty,\n crv: keyType.crv,\n x: base64url.encode(keyBytes),\n };\n\n return jwkToDidJwk(jwk);\n }\n\n // EC keys — compressed, need decompression\n return decompressEcKey(keyBytes, keyType.crv).x.toString(); // This throws\n}\n","export * from \"./types\";\n\nexport * from \"./submit\";\nexport * from \"./revoke\";\nexport * from \"./delegated\";\nexport * from \"./query\";\nexport * from \"./verify\";\nexport * from \"./encode\";\nexport * from \"./schema\";\nexport * from \"./witness\";\nexport * from \"./contract-ownership\";\nexport * from \"./attester-authorization\";\nexport * from \"./proof/index\";\nexport * from \"./schema-proof-verification\";\nexport * from \"./artifact-verification\";\n","import { SchemaEncoder } from \"@ethereum-attestation-service/eas-sdk\";\nimport type { SchemaItem } from \"@ethereum-attestation-service/eas-sdk\";\nimport { isAddress } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { AttestationValidationError, Hex, SchemaField } from \"./types\";\n\nexport function normalizeSchema(schema: SchemaField[] | string): SchemaField[] {\n if (Array.isArray(schema)) {\n if (schema.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schema array cannot be empty\");\n }\n return schema;\n }\n\n if (typeof schema !== \"string\" || schema.trim().length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schema must be a non-empty string or SchemaField[]\");\n }\n\n const fields = schema\n .split(\",\")\n .map((part) => part.trim())\n .filter((part) => part.length > 0)\n .map((part) => {\n const pieces = part.split(/\\s+/);\n if (pieces.length < 2) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid schema field\", { part });\n }\n const type = pieces[0];\n const name = pieces.slice(1).join(\" \");\n return { type, name };\n });\n\n if (fields.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"No schema fields found\");\n }\n\n return fields;\n}\n\nexport function schemaToString(schema: SchemaField[] | string): string {\n if (typeof schema === \"string\") {\n return schema;\n }\n\n return schema.map((field) => `${field.type} ${field.name}`).join(\", \");\n}\n\nexport function encodeAttestationData(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): Hex {\n if (!data || typeof data !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"data must be an object\");\n }\n\n const validationErrors = validateAttestationData(schema, data);\n if (validationErrors.length > 0) {\n const summary = validationErrors\n .map((error) => `Field \"${error.schemaFieldName}\" (${error.expectedType}) got ${error.providedType}`)\n .join(\"; \");\n throw new OmaTrustError(\"INVALID_INPUT\", `Attestation data validation failed: ${summary}`, {\n errors: validationErrors\n });\n }\n\n const fields = normalizeSchema(schema);\n const schemaString = schemaToString(fields);\n const encoder = new SchemaEncoder(schemaString);\n\n const encoded = encoder.encodeData(\n fields.map((field) => ({\n name: field.name,\n type: field.type,\n value: data[field.name]\n })) as SchemaItem[]\n );\n\n return encoded as Hex;\n}\n\nfunction getActualType(value: unknown): string {\n if (value === null) {\n return \"null\";\n }\n if (value === undefined) {\n return \"undefined\";\n }\n if (Array.isArray(value)) {\n return \"array\";\n }\n if (typeof value === \"number\") {\n return Number.isFinite(value) ? \"number\" : \"non-finite-number\";\n }\n return typeof value;\n}\n\nfunction isNumericValue(value: unknown, allowNegative: boolean): boolean {\n if (typeof value === \"bigint\") {\n return allowNegative || value >= 0n;\n }\n\n if (typeof value === \"number\") {\n if (!Number.isFinite(value) || !Number.isInteger(value)) {\n return false;\n }\n return allowNegative || value >= 0;\n }\n\n if (typeof value === \"string\") {\n if (value.length === 0) {\n return false;\n }\n const pattern = allowNegative ? /^-?\\d+$/ : /^\\d+$/;\n return pattern.test(value);\n }\n\n return false;\n}\n\nfunction isHex(value: unknown): value is string {\n return typeof value === \"string\" && /^0x[0-9a-fA-F]*$/.test(value);\n}\n\nfunction validateFieldValue(type: string, value: unknown): boolean {\n const normalizedType = type.trim().toLowerCase();\n const bytesNMatch = normalizedType.match(/^bytes([1-9]|[12]\\d|3[0-2])$/);\n\n if (/^uint\\d*$/.test(normalizedType)) {\n return isNumericValue(value, false);\n }\n\n if (/^int\\d*$/.test(normalizedType)) {\n return isNumericValue(value, true);\n }\n\n if (normalizedType === \"string\") {\n return typeof value === \"string\";\n }\n\n if (normalizedType === \"string[]\") {\n return Array.isArray(value) && value.every((entry) => typeof entry === \"string\");\n }\n\n if (normalizedType === \"bool\") {\n return typeof value === \"boolean\";\n }\n\n if (normalizedType === \"address\") {\n return typeof value === \"string\" && isAddress(value);\n }\n\n if (normalizedType === \"bytes\") {\n return isHex(value) && (value.length - 2) % 2 === 0;\n }\n\n if (bytesNMatch) {\n const expectedBytes = Number(bytesNMatch[1]);\n return isHex(value) && value.length === 2 + expectedBytes * 2;\n }\n\n return true;\n}\n\nexport function validateAttestationData(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): AttestationValidationError[] {\n if (!data || typeof data !== \"object\") {\n return [{\n schemaFieldName: \"data\",\n expectedType: \"object\",\n providedType: getActualType(data),\n providedValue: data\n }];\n }\n\n const fields = normalizeSchema(schema);\n const errors: AttestationValidationError[] = [];\n\n for (const field of fields) {\n const value = data[field.name];\n const isValid = validateFieldValue(field.type, value);\n if (isValid) {\n continue;\n }\n\n errors.push({\n schemaFieldName: field.name,\n expectedType: field.type,\n providedType: getActualType(value),\n providedValue: value\n });\n }\n\n return errors;\n}\n\nexport function decodeAttestationData(\n schema: SchemaField[] | string,\n encodedData: Hex\n): Record<string, unknown> {\n if (typeof encodedData !== \"string\" || !encodedData.startsWith(\"0x\")) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"encodedData must be a hex string\");\n }\n\n const fields = normalizeSchema(schema);\n const schemaString = schemaToString(fields);\n const encoder = new SchemaEncoder(schemaString);\n const decoded = encoder.decodeData(encodedData);\n\n const result: Record<string, unknown> = {};\n for (const item of decoded as Array<{ name: string; value: unknown }>) {\n const value = item.value as { value?: unknown } | unknown;\n if (value && typeof value === \"object\" && \"value\" in (value as Record<string, unknown>)) {\n result[item.name] = (value as { value: unknown }).value;\n } else {\n result[item.name] = value;\n }\n }\n\n return result;\n}\n\nexport function extractExpirationTime(\n data: Record<string, unknown>\n): bigint | number | undefined {\n const value = data[\"expiresAt\"];\n if (value === undefined || value === null) return undefined;\n if (typeof value === \"bigint\") return value;\n if (typeof value === \"number\") return value;\n if (typeof value === \"string\" && /^\\d+$/.test(value)) return BigInt(value);\n return undefined;\n}\n","import { ZeroAddress, getAddress, isAddress } from \"ethers\";\nimport { computeDidAddress, computeDidHash, didToAddress } from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { Hex, SchemaField } from \"./types\";\nimport { normalizeSchema } from \"./encode\";\n\nexport const ZERO_UID = \"0x0000000000000000000000000000000000000000000000000000000000000000\" as Hex;\n\nexport function toBigIntOrDefault(value: bigint | number | undefined, fallback: bigint): bigint {\n if (value === undefined || value === null) {\n return fallback;\n }\n return typeof value === \"bigint\" ? value : BigInt(Math.floor(value));\n}\n\nexport function normalizeHex32(value: string, field: string): Hex {\n const normalized = value.startsWith(\"0x\") ? value : `0x${value}`;\n if (!/^0x[0-9a-fA-F]{64}$/.test(normalized)) {\n throw new OmaTrustError(\"INVALID_INPUT\", `${field} must be a 32-byte hex string`, { value });\n }\n return normalized as Hex;\n}\n\nexport function withAutoSubjectDidHash(\n schema: SchemaField[] | string,\n data: Record<string, unknown>\n): Record<string, unknown> {\n const fields = normalizeSchema(schema);\n const hasSubjectDidHash = fields.some((field) => field.name === \"subjectDidHash\");\n if (!hasSubjectDidHash) {\n return { ...data };\n }\n\n const subject = data.subject;\n if (typeof subject === \"string\" && subject.startsWith(\"did:\")) {\n return {\n ...data,\n subjectDidHash: computeDidHash(subject)\n };\n }\n\n return { ...data };\n}\n\nexport function resolveRecipientAddress(data: Record<string, unknown>): string {\n const subject = data.subject;\n if (typeof subject === \"string\" && subject.startsWith(\"did:\")) {\n return didToAddress(subject);\n }\n\n const subjectDidHash = data.subjectDidHash;\n if (typeof subjectDidHash === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(subjectDidHash)) {\n return computeDidAddress(subjectDidHash as Hex);\n }\n\n const recipient = data.recipient;\n if (typeof recipient === \"string\" && isAddress(recipient)) {\n return getAddress(recipient);\n }\n\n return ZeroAddress;\n}\n\nexport function parseProofsField(data: Record<string, unknown>): unknown[] {\n const proofs = data.proofs;\n if (!Array.isArray(proofs)) {\n return [];\n }\n\n return proofs.map((entry) => {\n if (typeof entry === \"string\") {\n try {\n return JSON.parse(entry);\n } catch {\n return entry;\n }\n }\n return entry;\n });\n}\n","import type { Hex } from \"./types\";\n\ntype UnknownRecord = Record<string, unknown>;\n\nfunction isRecord(value: unknown): value is UnknownRecord {\n return Boolean(value) && typeof value === \"object\";\n}\n\nfunction isHex32(value: unknown): value is Hex {\n return typeof value === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(value);\n}\n\nexport function getEasTransactionReceipt(tx: unknown): UnknownRecord | undefined {\n if (!isRecord(tx)) {\n return undefined;\n }\n\n const candidates: unknown[] = [tx.receipt, tx.tx, tx.transaction];\n for (const candidate of candidates) {\n if (isRecord(candidate)) {\n return candidate;\n }\n }\n\n return undefined;\n}\n\nexport function getEasTransactionHash(tx: unknown): Hex | undefined {\n const receipt = getEasTransactionReceipt(tx);\n if (receipt) {\n const receiptHash = receipt.hash;\n if (isHex32(receiptHash)) {\n return receiptHash;\n }\n const transactionHash = receipt.transactionHash;\n if (isHex32(transactionHash)) {\n return transactionHash;\n }\n }\n\n if (isRecord(tx) && isHex32(tx.hash)) {\n return tx.hash;\n }\n\n return undefined;\n}\n\nexport function isEasSchemaNotFoundError(err: unknown): boolean {\n if (!isRecord(err)) {\n return false;\n }\n\n const message = err.message;\n if (typeof message !== \"string\" || message.length === 0) {\n return false;\n }\n\n return /schema not found/i.test(message);\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { ZeroAddress } from \"ethers\";\nimport { encodeAttestationData, extractExpirationTime } from \"./encode\";\nimport { withAutoSubjectDidHash, resolveRecipientAddress, toBigIntOrDefault, ZERO_UID } from \"./internal\";\nimport { getEasTransactionHash, getEasTransactionReceipt } from \"./eas-adapter\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { SubmitAttestationParams, SubmitAttestationResult, Hex } from \"./types\";\n\nexport async function submitAttestation(\n params: SubmitAttestationParams\n): Promise<SubmitAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params must be provided\");\n }\n\n if (!params.signer) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer is required\");\n }\n\n const dataWithHash = withAutoSubjectDidHash(params.schema, params.data);\n const encodedData = encodeAttestationData(params.schema, dataWithHash);\n const expiration = toBigIntOrDefault(\n params.expirationTime ?? extractExpirationTime(dataWithHash),\n 0n\n );\n const recipient = resolveRecipientAddress(dataWithHash);\n\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.signer as never);\n\n try {\n const tx = await eas.attest({\n schema: params.schemaUid,\n data: {\n recipient: recipient || ZeroAddress,\n expirationTime: expiration,\n revocable: params.revocable ?? true,\n refUID: params.refUid ?? ZERO_UID,\n data: encodedData,\n value: toBigIntOrDefault(params.value, 0n)\n }\n });\n\n const uid = (await tx.wait()) as Hex;\n const txHash = getEasTransactionHash(tx) ?? ZERO_UID;\n const receipt = getEasTransactionReceipt(tx);\n\n return {\n uid,\n txHash,\n receipt\n };\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to submit attestation\", { err });\n }\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { getEasTransactionHash, getEasTransactionReceipt } from \"./eas-adapter\";\nimport { toBigIntOrDefault, ZERO_UID } from \"./internal\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { RevokeAttestationParams, RevokeAttestationResult } from \"./types\";\n\nexport async function revokeAttestation(\n params: RevokeAttestationParams\n): Promise<RevokeAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params must be provided\");\n }\n\n if (!params.signer) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer is required\");\n }\n\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.signer as never);\n\n try {\n const tx = await eas.revoke({\n schema: params.schemaUid,\n data: {\n uid: params.uid,\n value: toBigIntOrDefault(params.value, 0n)\n }\n });\n\n await tx.wait();\n const txHash = getEasTransactionHash(tx) ?? ZERO_UID;\n const receipt = getEasTransactionReceipt(tx);\n\n return {\n txHash,\n receipt\n };\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to revoke attestation\", { err });\n }\n}\n","import { Signature } from \"ethers\";\nimport { encodeAttestationData, extractExpirationTime } from \"./encode\";\nimport { resolveRecipientAddress, toBigIntOrDefault, withAutoSubjectDidHash, ZERO_UID } from \"./internal\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type {\n BuildDelegatedTypedDataFromEncodedParams,\n Hex,\n PrepareDelegatedAttestationParams,\n PrepareDelegatedAttestationResult,\n RelayErrorDetails,\n RelayMetadata,\n SubmitDelegatedAttestationParams,\n SubmitDelegatedAttestationResult\n} from \"./types\";\n\ntype BuildDelegatedTypedDataParams = {\n chainId: number;\n easContractAddress: Hex;\n schemaUid: Hex;\n encodedData: Hex;\n recipient: string;\n attester: Hex;\n nonce: bigint | number;\n revocable?: boolean;\n expirationTime?: bigint | number;\n refUid?: Hex;\n value?: bigint | number;\n deadline?: bigint | number;\n};\n\nfunction buildDelegatedTypedData(\n params: BuildDelegatedTypedDataParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n return {\n domain: {\n name: \"EAS\",\n version: \"1.4.0\",\n chainId: params.chainId,\n verifyingContract: params.easContractAddress\n },\n types: {\n Attest: [\n { name: \"attester\", type: \"address\" },\n { name: \"schema\", type: \"bytes32\" },\n { name: \"recipient\", type: \"address\" },\n { name: \"expirationTime\", type: \"uint64\" },\n { name: \"revocable\", type: \"bool\" },\n { name: \"refUID\", type: \"bytes32\" },\n { name: \"data\", type: \"bytes\" },\n { name: \"value\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint64\" }\n ]\n },\n message: {\n attester: params.attester,\n schema: params.schemaUid,\n recipient: params.recipient,\n expirationTime: toBigIntOrDefault(params.expirationTime, 0n),\n revocable: params.revocable ?? true,\n refUID: params.refUid ?? ZERO_UID,\n data: params.encodedData,\n value: toBigIntOrDefault(params.value, 0n),\n nonce: toBigIntOrDefault(params.nonce, 0n),\n deadline: toBigIntOrDefault(params.deadline, BigInt(Math.floor(Date.now() / 1000) + 600))\n }\n };\n}\n\nexport function buildDelegatedAttestationTypedData(\n params: PrepareDelegatedAttestationParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n const dataWithHash = withAutoSubjectDidHash(params.schema, params.data);\n const encodedData = encodeAttestationData(params.schema, dataWithHash);\n const recipient = resolveRecipientAddress(dataWithHash);\n\n return buildDelegatedTypedData({\n chainId: params.chainId,\n easContractAddress: params.easContractAddress,\n schemaUid: params.schemaUid,\n encodedData,\n recipient,\n attester: params.attester,\n nonce: params.nonce,\n revocable: params.revocable,\n expirationTime: params.expirationTime ?? extractExpirationTime(dataWithHash),\n refUid: params.refUid,\n value: params.value,\n deadline: params.deadline\n });\n}\n\nexport function buildDelegatedTypedDataFromEncoded(\n params: BuildDelegatedTypedDataFromEncodedParams\n): {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n} {\n return buildDelegatedTypedData({\n chainId: params.chainId,\n easContractAddress: params.easContractAddress,\n schemaUid: params.schemaUid,\n encodedData: params.encodedData,\n recipient: params.recipient,\n attester: params.attester,\n nonce: params.nonce,\n revocable: params.revocable,\n expirationTime: params.expirationTime,\n refUid: params.refUid,\n value: params.value,\n deadline: params.deadline\n });\n}\n\nexport function splitSignature(signature: Hex | string): { v: number; r: Hex; s: Hex } {\n try {\n const parsed = Signature.from(signature as string);\n return {\n v: parsed.v,\n r: parsed.r as Hex,\n s: parsed.s as Hex\n };\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid signature\", { err });\n }\n}\n\nexport async function prepareDelegatedAttestation(\n params: PrepareDelegatedAttestationParams\n): Promise<PrepareDelegatedAttestationResult> {\n if (!params || typeof params !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"params are required\");\n }\n\n const typedData = buildDelegatedAttestationTypedData(params);\n\n return {\n delegatedRequest: {\n schema: params.schemaUid,\n attester: params.attester,\n easContractAddress: params.easContractAddress,\n chainId: params.chainId,\n ...typedData.message\n },\n typedData\n };\n}\n\nexport async function submitDelegatedAttestation(\n params: SubmitDelegatedAttestationParams\n): Promise<SubmitDelegatedAttestationResult> {\n if (!params.relayUrl || typeof params.relayUrl !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"relayUrl is required\");\n }\n\n let response: Response;\n try {\n const body = JSON.stringify(\n {\n prepared: params.prepared,\n signature: params.signature,\n attester: params.attester\n },\n (_key, value) => (typeof value === \"bigint\" ? value.toString() : value)\n );\n\n response = await fetch(params.relayUrl, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to submit delegated attestation\", { err });\n }\n\n let payload: Record<string, unknown>;\n try {\n payload = (await response.json()) as Record<string, unknown>;\n } catch {\n payload = {};\n }\n\n if (!response.ok) {\n const relayError: RelayErrorDetails = {\n httpStatus: response.status,\n code: payload.code as string | undefined,\n error: (payload.error as string | undefined) ?? (payload.message as string | undefined),\n payload\n };\n throw new OmaTrustError(\"RELAY_ERROR\", `Relay submission failed (HTTP ${response.status})`, relayError);\n }\n\n const uid = ((payload.uid as string | undefined) ?? ZERO_UID) as Hex;\n const txHash = payload.txHash as Hex | undefined;\n\n // Infer status from relay response semantics\n const hasConfirmationSignals =\n payload.status === \"confirmed\" ||\n payload.success === true ||\n typeof payload.blockNumber === \"number\";\n const status: \"submitted\" | \"confirmed\" = hasConfirmationSignals ? \"confirmed\" : \"submitted\";\n\n // Extract relay metadata (blockNumber, chain, success, and any extra fields)\n const relay: RelayMetadata = {};\n if (typeof payload.blockNumber === \"number\") relay.blockNumber = payload.blockNumber;\n if (typeof payload.chain === \"string\") relay.chain = payload.chain;\n if (typeof payload.success === \"boolean\") relay.success = payload.success;\n // Preserve any additional relay-specific fields consumers might need\n for (const key of Object.keys(payload)) {\n if (![\"uid\", \"txHash\", \"status\", \"blockNumber\", \"chain\", \"success\"].includes(key)) {\n relay[key] = payload[key];\n }\n }\n\n const result: SubmitDelegatedAttestationResult = { uid, txHash, status };\n if (Object.keys(relay).length > 0) {\n result.relay = relay;\n }\n return result;\n}\n","import { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { Contract } from \"ethers\";\nimport { didToAddress } from \"../identity/did\";\nimport { decodeAttestationData } from \"./encode\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type {\n AttestationQueryResult,\n GetAttestationsByAttesterParams,\n GetAttestationParams,\n Hex,\n ListAttestationsParams,\n SchemaField\n} from \"./types\";\n\nconst EAS_EVENT_ABI = [\n \"event Attested(address indexed recipient, address indexed attester, bytes32 uid, bytes32 indexed schemaUID)\"\n];\n\nfunction parseEventTxHash(event: unknown): Hex | undefined {\n const txHash = (event as { transactionHash?: unknown }).transactionHash;\n if (typeof txHash !== \"string\") {\n return undefined;\n }\n return /^0x[0-9a-fA-F]{64}$/.test(txHash) ? (txHash as Hex) : undefined;\n}\n\nfunction parseAttestation(\n attestation: Record<string, unknown>,\n schema?: SchemaField[] | string,\n txHash?: Hex\n): AttestationQueryResult {\n const rawData = (attestation.data as Hex | undefined) ?? (\"0x\" as Hex);\n const decoded = schema ? decodeAttestationData(schema, rawData) : {};\n const toBigIntSafe = (value: unknown): bigint => {\n if (typeof value === \"bigint\") {\n return value;\n }\n if (typeof value === \"number\") {\n return BigInt(value);\n }\n if (typeof value === \"string\" && value.length > 0) {\n return BigInt(value);\n }\n return 0n;\n };\n\n return {\n uid: attestation.uid as Hex,\n schema: attestation.schema as Hex,\n attester: attestation.attester as Hex,\n recipient: attestation.recipient as Hex,\n txHash,\n revocable: Boolean(attestation.revocable),\n revocationTime: toBigIntSafe(attestation.revocationTime),\n expirationTime: toBigIntSafe(attestation.expirationTime),\n time: toBigIntSafe(attestation.time),\n refUID: attestation.refUID as Hex,\n data: decoded,\n raw: schema ? undefined : rawData\n };\n}\n\nexport async function getAttestation(\n params: GetAttestationParams\n): Promise<AttestationQueryResult> {\n try {\n const eas = new EAS(params.easContractAddress);\n eas.connect(params.provider as never);\n const attestation = (await eas.getAttestation(params.uid)) as unknown as Record<string, unknown> | null;\n\n if (!attestation || !attestation.uid || String(attestation.uid) === \"0x\".padEnd(66, \"0\")) {\n throw new OmaTrustError(\"ATTESTATION_NOT_FOUND\", \"Attestation not found\", { uid: params.uid });\n }\n\n return parseAttestation(attestation, params.schema);\n } catch (err) {\n if (err instanceof OmaTrustError) {\n throw err;\n }\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to read attestation\", { err });\n }\n}\n\nasync function queryAttestationEvents(\n easContractAddress: Hex,\n provider: never,\n fromBlock: number,\n toBlock: number,\n options?: { recipient?: string | null; attester?: string | null; schemas?: Hex[] }\n): Promise<AttestationQueryResult[]> {\n const contract = new Contract(easContractAddress, EAS_EVENT_ABI, provider);\n const filter = contract.filters.Attested(options?.recipient ?? null, options?.attester ?? null);\n\n let events;\n try {\n events = await contract.queryFilter(filter, fromBlock, toBlock);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to query attestation events\", { err });\n }\n\n const eas = new EAS(easContractAddress);\n eas.connect(provider);\n\n const schemaFilter = options?.schemas?.map((s) => s.toLowerCase());\n const results: AttestationQueryResult[] = [];\n\n for (const event of events) {\n if (!((\"args\" in event) && Array.isArray(event.args))) {\n continue;\n }\n const args = event.args as unknown[];\n const uid = args?.[2] as Hex | undefined;\n const schemaUid = args?.[3] as Hex | undefined;\n\n if (!uid || !schemaUid) {\n continue;\n }\n\n if (schemaFilter && !schemaFilter.includes(schemaUid.toLowerCase())) {\n continue;\n }\n\n const attestation = (await eas.getAttestation(uid)) as unknown as Record<string, unknown> | null;\n if (!attestation || !attestation.uid) {\n continue;\n }\n\n results.push(parseAttestation(attestation, undefined, parseEventTxHash(event)));\n }\n\n results.sort((a, b) => Number(b.time - a.time));\n return results;\n}\n\nexport async function getAttestationsForDid(\n params: ListAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = params.toBlock ?? (await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber());\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n return queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { recipient: didToAddress(params.subjectDid), schemas: params.schemas }\n );\n}\n\nexport async function getAttestationsByAttester(\n params: GetAttestationsByAttesterParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = params.toBlock ?? (await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber());\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n\n if (params.limit !== undefined && params.limit <= 0) {\n return [];\n }\n\n const results = await queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { attester: params.attester, schemas: params.schemas }\n );\n\n return params.limit !== undefined ? results.slice(0, params.limit) : results;\n}\n\nexport async function listAttestations(\n params: ListAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const limit = params.limit ?? 20;\n if (limit <= 0) {\n return [];\n }\n\n const results = await getAttestationsForDid(params);\n return results.slice(0, limit);\n}\n\nexport type GetLatestAttestationsParams = {\n provider: unknown;\n easContractAddress: Hex;\n schemas?: Hex[];\n limit?: number;\n fromBlock?: number;\n};\n\nexport async function getLatestAttestations(\n params: GetLatestAttestationsParams\n): Promise<AttestationQueryResult[]> {\n const provider = params.provider as never;\n const toBlock = await (provider as { getBlockNumber: () => Promise<number> }).getBlockNumber();\n const fromBlock = params.fromBlock ?? Math.max(0, toBlock - 50_000);\n\n const results = await queryAttestationEvents(\n params.easContractAddress,\n provider,\n fromBlock,\n toBlock,\n { schemas: params.schemas }\n );\n\n return results.slice(0, params.limit ?? 20);\n}\n\nexport function deduplicateReviews(attestations: AttestationQueryResult[]): AttestationQueryResult[] {\n const seen = new Map<string, AttestationQueryResult>();\n\n for (const attestation of attestations) {\n const subject = String(attestation.data.subject ?? \"\");\n const version = String(attestation.data.version ?? \"\");\n const major = getMajorVersion(version);\n const key = `${attestation.attester.toLowerCase()}|${subject}|${major}`;\n\n if (!seen.has(key)) {\n seen.set(key, attestation);\n continue;\n }\n\n const current = seen.get(key)!;\n if (attestation.time > current.time) {\n seen.set(key, attestation);\n }\n }\n\n return [...seen.values()];\n}\n\nexport function calculateAverageUserReviewRating(attestations: AttestationQueryResult[]): number {\n const deduped = deduplicateReviews(attestations);\n const ratings = deduped\n .map((attestation) => attestation.data.ratingValue)\n .filter((value) => typeof value === \"number\" || typeof value === \"bigint\")\n .map((value) => Number(value));\n\n if (ratings.length === 0) {\n return 0;\n }\n\n const total = ratings.reduce((sum, value) => sum + value, 0);\n return total / ratings.length;\n}\n\nexport function getMajorVersion(version: string): number {\n const match = version.match(/^(\\d+)/);\n if (!match) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid semantic version\", { version });\n }\n return Number(match[1]);\n}\n","import canonicalize from \"canonicalize\";\nimport { formatUnits, keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { buildEvmDidPkh, computeDidHash } from \"../../identity/did\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { ChainConstants, Hex, ProofPurpose, TxEncodedValueProof } from \"../types\";\n\ntype ChainConfig = {\n decimals: number;\n nativeSymbol: string;\n explorer: string;\n base: Record<ProofPurpose, bigint>;\n};\n\nconst CHAIN_CONFIGS: Record<number, ChainConfig> = {\n 1: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 10: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://optimistic.etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 137: {\n decimals: 18,\n nativeSymbol: \"POL\",\n explorer: \"https://polygonscan.com\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 8453: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://basescan.org\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 42161: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://arbiscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 11155111: {\n decimals: 18,\n nativeSymbol: \"ETH\",\n explorer: \"https://sepolia.etherscan.io\",\n base: {\n \"shared-control\": 100000000000000n,\n \"commercial-tx\": 1000000000000n\n }\n },\n 6623: {\n decimals: 18,\n nativeSymbol: \"OMA\",\n explorer: \"https://explorer.chain.oma3.org\",\n base: {\n \"shared-control\": 10000000000000000n,\n \"commercial-tx\": 100000000000000n\n }\n },\n 66238: {\n decimals: 18,\n nativeSymbol: \"OMA\",\n explorer: \"https://explorer.testnet.chain.oma3.org\",\n base: {\n \"shared-control\": 10000000000000000n,\n \"commercial-tx\": 100000000000000n\n }\n }\n};\n\nconst AMOUNT_DOMAIN = \"OMATrust:Amount:v1\";\n\nfunction getConfig(chainId: number): ChainConfig {\n const config = CHAIN_CONFIGS[chainId];\n if (!config) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", \"Chain is not supported\", {\n chainId,\n supported: getSupportedChainIds()\n });\n }\n return config;\n}\n\nexport function getSupportedChainIds(): number[] {\n return Object.keys(CHAIN_CONFIGS).map((id) => Number(id));\n}\n\nexport function isChainSupported(chainId: number): boolean {\n return chainId in CHAIN_CONFIGS;\n}\n\nexport function getChainConstants(chainId: number, purpose: ProofPurpose): ChainConstants {\n const config = getConfig(chainId);\n const base = config.base[purpose];\n const range = base / 10n;\n return {\n base,\n range,\n decimals: config.decimals,\n nativeSymbol: config.nativeSymbol\n };\n}\n\nexport function constructSeed(\n subjectDidHash: Hex,\n counterpartyDidHash: Hex,\n purpose: ProofPurpose\n): Uint8Array {\n const seed = {\n domain: AMOUNT_DOMAIN,\n subjectDidHash,\n counterpartyIdHash: counterpartyDidHash,\n proofPurpose: purpose\n };\n\n const canonical = canonicalize(seed);\n if (!canonical) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Failed to canonicalize seed\");\n }\n\n return toUtf8Bytes(canonical);\n}\n\nexport function hashSeed(seedBytes: Uint8Array, chainId: number): Hex {\n if (!isChainSupported(chainId)) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", \"Chain is not supported\", { chainId });\n }\n\n // OMATrust currently supports EVM chains in this SDK.\n if (chainId === 0) {\n return sha256(seedBytes) as Hex;\n }\n\n return keccak256(seedBytes) as Hex;\n}\n\nexport function calculateTransferAmount(\n subject: string,\n counterparty: string,\n chainId: number,\n purpose: ProofPurpose\n): bigint {\n const { base, range } = getChainConstants(chainId, purpose);\n const subjectDidHash = computeDidHash(subject);\n const counterpartyDidHash = computeDidHash(counterparty);\n const seed = constructSeed(subjectDidHash, counterpartyDidHash, purpose);\n const hashed = hashSeed(seed, chainId);\n const offset = BigInt(hashed) % range;\n return base + offset;\n}\n\nexport function calculateTransferAmountFromAddresses(\n subjectAddress: string,\n counterpartyAddress: string,\n chainId: number,\n purpose: ProofPurpose\n): bigint {\n return calculateTransferAmount(\n buildEvmDidPkh(chainId, subjectAddress),\n buildEvmDidPkh(chainId, counterpartyAddress),\n chainId,\n purpose\n );\n}\n\nexport function createTxEncodedValueProof(\n chainId: number,\n txHash: Hex,\n purpose: ProofPurpose\n): TxEncodedValueProof {\n if (!/^0x[0-9a-fA-F]{64}$/.test(txHash)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"txHash must be a 32-byte hex string\", { txHash });\n }\n\n return {\n proofType: \"tx-encoded-value\",\n proofPurpose: purpose,\n proofObject: {\n chainId: `eip155:${chainId}`,\n txHash\n },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n\nexport function formatTransferAmount(amount: bigint | number, chainId: number): string {\n const config = getConfig(chainId);\n const normalized = typeof amount === \"number\" ? BigInt(Math.floor(amount)) : amount;\n return `${formatUnits(normalized, config.decimals)} ${config.nativeSymbol}`;\n}\n\nexport function getExplorerTxUrl(chainId: number, txHash: Hex): string {\n return `${getConfig(chainId).explorer}/tx/${txHash}`;\n}\n\nexport function getExplorerAddressUrl(chainId: number, address: string): string {\n return `${getConfig(chainId).explorer}/address/${address}`;\n}\n","import { getAddress, isAddress } from \"ethers\";\nimport { extractAddressFromDid, extractDidMethod } from \"../../identity/did\";\nimport { didJwkToJwk, publicJwkEquals } from \"../../identity/jwk\";\nimport type { Did } from \"../types\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport { fetchDidDocument } from \"../../shared/did-document\";\n\nexport { fetchDidDocument };\n\nexport interface VerifyDidJsonControllerDidOptions {\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\n/**\n * Extract EVM addresses from a DID document's verification methods.\n * Looks at blockchainAccountId and publicKeyHex fields.\n */\nexport function extractEvmAddressesFromDidDocument(didDocument: Record<string, unknown>): string[] {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return [];\n }\n\n const addresses = new Set<string>();\n\n for (const method of methods as Array<Record<string, unknown>>) {\n // Extract from blockchainAccountId (CAIP-10 format, strip chain prefix)\n const blockchainAccountId = method.blockchainAccountId;\n if (typeof blockchainAccountId === \"string\") {\n try {\n addresses.add(getAddress(extractAddressFromDid(blockchainAccountId)));\n } catch {\n // ignore — not a valid EVM address\n }\n }\n\n // Extract from publicKeyHex\n const publicKeyHex = method.publicKeyHex;\n if (typeof publicKeyHex === \"string\") {\n const prefixed = publicKeyHex.startsWith(\"0x\") ? publicKeyHex : `0x${publicKeyHex}`;\n if (isAddress(prefixed)) {\n addresses.add(getAddress(prefixed));\n }\n }\n }\n\n return [...addresses];\n}\n\n/**\n * Extract public JWKs from a DID document's verification methods.\n */\nexport function extractJwksFromDidDocument(\n didDocument: Record<string, unknown>\n): Array<Record<string, unknown>> {\n const methods = didDocument.verificationMethod;\n if (!Array.isArray(methods)) {\n return [];\n }\n\n const jwks: Array<Record<string, unknown>> = [];\n\n for (const method of methods as Array<Record<string, unknown>>) {\n const publicKeyJwk = method.publicKeyJwk;\n if (publicKeyJwk && typeof publicKeyJwk === \"object\" && !Array.isArray(publicKeyJwk)) {\n jwks.push(publicKeyJwk as Record<string, unknown>);\n }\n }\n\n return jwks;\n}\n\n/**\n * Verify that a controller DID is present in a DID document.\n *\n * Matching strategies:\n * - did:pkh (EVM): extract address and compare against blockchainAccountId / publicKeyHex\n * in verification methods. Chain ID is ignored (same address across all EVM chains).\n * - did:jwk: decode the JWK from the DID and compare against publicKeyJwk fields\n * in verification methods.\n */\nexport function verifyDidDocumentControllerDid(\n didDocument: Record<string, unknown>,\n expectedControllerDid: Did\n): { valid: boolean; reason?: string } {\n const method = extractDidMethod(expectedControllerDid);\n\n // did:jwk — match by public key material\n if (method === \"jwk\") {\n try {\n const expectedJwk = didJwkToJwk(expectedControllerDid);\n const documentJwks = extractJwksFromDidDocument(didDocument);\n\n for (const docJwk of documentJwks) {\n try {\n if (publicJwkEquals(docJwk, expectedJwk)) {\n return { valid: true };\n }\n } catch {\n // JWK comparison failed for this method — continue\n }\n }\n\n return {\n valid: false,\n reason: \"No matching publicKeyJwk found in DID document verification methods\",\n };\n } catch {\n return {\n valid: false,\n reason: \"Failed to decode did:jwk controller DID\",\n };\n }\n }\n\n // did:pkh and other address-based methods — match by EVM address\n let expectedAddress: string;\n try {\n expectedAddress = getAddress(extractAddressFromDid(expectedControllerDid));\n } catch {\n return { valid: false, reason: \"Controller DID does not resolve to an EVM address and is not did:jwk\" };\n }\n\n const addresses = extractEvmAddressesFromDidDocument(didDocument);\n if (addresses.some((address) => address.toLowerCase() === expectedAddress.toLowerCase())) {\n return { valid: true };\n }\n\n return {\n valid: false,\n reason: `No matching address found in DID document (expected ${expectedAddress})`,\n };\n}\n\nexport async function verifyDidJsonControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDidJsonControllerDidOptions = {}\n): Promise<{ valid: boolean; reason?: string }> {\n if (!domain || typeof domain !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"domain must be a non-empty string\", { domain });\n }\n\n const didDocument = options.fetchDidDocument\n ? await options.fetchDidDocument(domain)\n : await fetchDidDocument(domain);\n\n return verifyDidDocumentControllerDid(didDocument, expectedControllerDid);\n}\n","import { verifyTypedData } from \"ethers\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Hex } from \"../types\";\n\nexport function buildEip712Domain(\n name: string,\n version: string,\n chainId: number,\n verifyingContract: Hex\n): { name: string; version: string; chainId: number; verifyingContract: Hex } {\n return { name, version, chainId, verifyingContract };\n}\n\nexport function getOmaTrustProofEip712Types(): {\n primaryType: string;\n types: Record<string, Array<{ name: string; type: string }>>;\n} {\n return {\n primaryType: \"OmaTrustProof\",\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" }\n ]\n }\n };\n}\n\nexport function verifyEip712Signature(\n typedData: {\n domain: Record<string, unknown>;\n types: Record<string, unknown>;\n message: Record<string, unknown>;\n },\n signature: Hex | string\n): { valid: boolean; signer?: string } {\n try {\n const signer = verifyTypedData(\n typedData.domain,\n typedData.types as Record<string, Array<{ name: string; type: string }>>,\n typedData.message,\n signature\n );\n\n return { valid: true, signer };\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Failed to verify EIP-712 signature\", { err });\n }\n}\n","import { normalizeDid } from \"../../identity/did\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Did } from \"../types\";\n\nexport interface DnsTxtRecordResult {\n version?: string;\n /**\n * @deprecated Use `controllers` instead. This field only returns the first\n * controller value and will be removed in a future release.\n */\n controller?: Did;\n /**\n * All controller DIDs found in the record.\n * A DNS TXT record may contain multiple controller= entries.\n */\n controllers: Did[];\n}\n\nexport function parseDnsTxtRecord(record: string): DnsTxtRecordResult {\n if (!record || typeof record !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"record must be a non-empty string\", { record });\n }\n\n const entries = record\n .split(/[;\\s]+/)\n .map((entry) => entry.trim())\n .filter(Boolean);\n\n const parsed: Record<string, string | undefined> = {};\n const controllers: Did[] = [];\n\n for (const entry of entries) {\n const eqIndex = entry.indexOf(\"=\");\n if (eqIndex === -1) continue;\n const key = entry.slice(0, eqIndex).trim();\n const value = entry.slice(eqIndex + 1).trim();\n if (!key || !value) continue;\n\n if (key === \"controller\") {\n controllers.push(value);\n } else {\n parsed[key] = value;\n }\n }\n\n return {\n version: parsed.v,\n controller: controllers[0],\n controllers,\n };\n}\n\nexport function buildDnsTxtRecord(controllerDid: Did): string {\n const normalized = normalizeDid(controllerDid);\n return `v=1;controller=${normalized}`;\n}\n","/**\n * x402 JWS Verification — Phase 5\n *\n * Verifies x402 signed offer and receipt artifacts using JWS Compact Serialization.\n *\n * Two verification paths:\n * 1. Embedded JWK: header contains `jwk` → validate, verify signature, derive did:jwk\n * 2. KID Resolution: header contains `kid` (no `jwk`) → resolve DID URL → verify → derive did:jwk\n *\n * If both `kid` and `jwk` are present and the resolved key conflicts with the\n * embedded key, verification fails.\n *\n * JWS verification is NOT authorization. It only proves the signature is valid\n * and returns the did:jwk for downstream authorization checks.\n */\n\nimport { compactVerify, decodeProtectedHeader, importJWK } from \"jose\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport {\n validatePublicJwk,\n jwkToDidJwk,\n publicJwkEquals,\n type PublicJwk,\n} from \"../../identity/jwk\";\nimport {\n resolveDidUrlToPublicKey,\n type ResolveKeyOptions,\n} from \"../../identity/resolve-key\";\nimport type {\n JwsVerificationResult,\n JwsVerificationFailure,\n PublicKeySource,\n} from \"../../identity/types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** x402 JWS artifact envelope */\nexport interface X402JwsArtifact {\n format: \"jws\";\n signature: string;\n}\n\n/** Options for x402 JWS verification */\nexport interface X402JwsVerifyOptions {\n /**\n * Options for DID URL key resolution (used when kid is present).\n * Pass a custom fetchDidDocument for testing or non-standard resolution.\n */\n resolveOptions?: ResolveKeyOptions;\n}\n\n// ---------------------------------------------------------------------------\n// Payload Validation\n// ---------------------------------------------------------------------------\n\nconst REQUIRED_OFFER_FIELDS = [\n \"version\",\n \"resourceUrl\",\n \"scheme\",\n \"network\",\n \"asset\",\n \"payTo\",\n \"amount\",\n] as const;\n\nconst REQUIRED_RECEIPT_FIELDS = [\n \"version\",\n \"network\",\n \"resourceUrl\",\n \"payer\",\n \"issuedAt\",\n] as const;\n\nfunction validateOfferPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_OFFER_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\nfunction validateReceiptPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_RECEIPT_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Failure Helper\n// ---------------------------------------------------------------------------\n\nfunction failure(code: string, message: string, partial?: Partial<JwsVerificationFailure>): JwsVerificationFailure {\n return {\n valid: false,\n error: { code, message },\n ...partial,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Core JWS Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS artifact (offer or receipt).\n *\n * This is the core verification function. It:\n * 1. Parses the compact JWS\n * 2. Decodes the protected header\n * 3. Requires `alg` and at least one of `kid` or `jwk`\n * 4. Selects the public key (embedded jwk or resolved kid)\n * 5. Verifies the JWS signature\n * 6. Derives did:jwk from the verified public key\n * 7. Returns a structured result\n *\n * Does NOT validate payload shape — use verifyX402JwsOffer or verifyX402JwsReceipt\n * for payload validation.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options (resolver config, etc.)\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsArtifact(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n // Validate artifact envelope\n if (!artifact || typeof artifact !== \"object\") {\n return failure(\"INVALID_ARTIFACT\", \"Artifact must be a non-null object\");\n }\n if (artifact.format !== \"jws\") {\n return failure(\"INVALID_ARTIFACT\", `Expected format \"jws\", got \"${artifact.format}\"`);\n }\n if (typeof artifact.signature !== \"string\" || artifact.signature.length === 0) {\n return failure(\"INVALID_ARTIFACT\", \"Artifact signature must be a non-empty string\");\n }\n\n const compactJws = artifact.signature;\n\n // Validate compact JWS structure (must have 3 dot-separated parts)\n const parts = compactJws.split(\".\");\n if (parts.length !== 3) {\n return failure(\"MALFORMED_JWS\", \"Invalid compact JWS format: expected 3 dot-separated parts\");\n }\n\n // Decode protected header\n let header: Record<string, unknown>;\n try {\n header = decodeProtectedHeader(compactJws) as Record<string, unknown>;\n } catch {\n return failure(\"MALFORMED_JWS\", \"Failed to decode JWS protected header\");\n }\n\n // Require alg\n if (!header.alg || typeof header.alg !== \"string\") {\n return failure(\"MISSING_ALG\", \"JWS header must include alg\", { header });\n }\n\n // Require at least one of kid or jwk\n const kid = typeof header.kid === \"string\" ? header.kid : null;\n const embeddedJwk = header.jwk as Record<string, unknown> | undefined;\n\n if (!kid && !embeddedJwk) {\n return failure(\n \"MISSING_KEY_MATERIAL\",\n \"JWS header must include at least one of kid or jwk\",\n { header }\n );\n }\n\n // Determine public key and source\n let publicKeyJwk: PublicJwk;\n let publicKeySource: PublicKeySource;\n\n if (embeddedJwk) {\n // Embedded JWK path\n const validation = validatePublicJwk(embeddedJwk);\n if (!validation.valid) {\n return failure(\n \"INVALID_EMBEDDED_JWK\",\n `Embedded JWK is invalid: ${validation.error}`,\n { header }\n );\n }\n\n publicKeyJwk = embeddedJwk as PublicJwk;\n publicKeySource = \"embedded-jwk\";\n\n // If kid is also present, resolve and check for conflict\n if (kid) {\n try {\n const resolved = await resolveDidUrlToPublicKey(kid, options?.resolveOptions);\n if (!publicJwkEquals(publicKeyJwk, resolved.publicKeyJwk)) {\n return failure(\n \"KEY_CONFLICT\",\n \"Embedded jwk conflicts with public key resolved from kid\",\n { header, kid }\n );\n }\n } catch (err) {\n // If kid resolution fails but we have embedded jwk, we can still verify\n // with the embedded key. Only fail if the resolution succeeded but keys conflict.\n // Per spec: \"the SDK may resolve kid if configured\" — resolution failure\n // is not fatal when jwk is present.\n }\n }\n } else {\n // KID resolution path — kid must be present (guaranteed by earlier check)\n publicKeySource = \"kid-resolution\";\n try {\n const resolved = await resolveDidUrlToPublicKey(kid!, options?.resolveOptions);\n publicKeyJwk = resolved.publicKeyJwk;\n } catch (err) {\n const message =\n err instanceof OmaTrustError\n ? `Failed to resolve kid \"${kid}\": ${err.message}`\n : `Failed to resolve kid \"${kid}\"`;\n return failure(\"KID_RESOLUTION_FAILED\", message, { header, kid });\n }\n }\n\n // Verify JWS signature\n let payload: Record<string, unknown>;\n try {\n const key = await importJWK(publicKeyJwk as Parameters<typeof importJWK>[0], header.alg as string);\n const result = await compactVerify(compactJws, key);\n\n // Decode payload\n const payloadText = new TextDecoder().decode(result.payload);\n payload = JSON.parse(payloadText) as Record<string, unknown>;\n } catch (err) {\n const message = err instanceof Error ? err.message : \"Signature verification failed\";\n return failure(\"SIGNATURE_INVALID\", message, { header, kid });\n }\n\n // Derive did:jwk\n const publicKeyDid = jwkToDidJwk(publicKeyJwk);\n\n return {\n valid: true,\n header,\n payload,\n kid,\n publicKeyJwk,\n publicKeySource,\n publicKeyDid,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Offer Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS offer artifact.\n *\n * Performs full JWS signature verification and validates that the payload\n * contains required offer fields: version, resourceUrl, scheme, network,\n * asset, payTo, amount.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsOffer(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n const result = await verifyX402JwsArtifact(artifact, options);\n if (!result.valid) return result;\n\n const payloadCheck = validateOfferPayload(result.payload);\n if (!payloadCheck.valid) {\n return failure(\n \"INVALID_OFFER_PAYLOAD\",\n `Missing required offer field: ${payloadCheck.field}`,\n {\n header: result.header,\n payload: result.payload,\n kid: result.kid,\n publicKeyJwk: result.publicKeyJwk,\n publicKeySource: result.publicKeySource,\n publicKeyDid: result.publicKeyDid,\n }\n );\n }\n\n return result;\n}\n\n// ---------------------------------------------------------------------------\n// Receipt Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 JWS receipt artifact.\n *\n * Performs full JWS signature verification and validates that the payload\n * contains required receipt fields: version, network, resourceUrl, payer,\n * issuedAt.\n *\n * @param artifact - The x402 JWS artifact envelope\n * @param options - Optional verification options\n * @returns JwsVerificationResult on success, JwsVerificationFailure on failure\n */\nexport async function verifyX402JwsReceipt(\n artifact: X402JwsArtifact,\n options?: X402JwsVerifyOptions\n): Promise<JwsVerificationResult | JwsVerificationFailure> {\n const result = await verifyX402JwsArtifact(artifact, options);\n if (!result.valid) return result;\n\n const payloadCheck = validateReceiptPayload(result.payload);\n if (!payloadCheck.valid) {\n return failure(\n \"INVALID_RECEIPT_PAYLOAD\",\n `Missing required receipt field: ${payloadCheck.field}`,\n {\n header: result.header,\n payload: result.payload,\n kid: result.kid,\n publicKeyJwk: result.publicKeyJwk,\n publicKeySource: result.publicKeySource,\n publicKeyDid: result.publicKeyDid,\n }\n );\n }\n\n return result;\n}\n","/**\n * x402 EIP-712 Verification — Phase 5b\n *\n * Verifies x402 signed offer and receipt artifacts using EIP-712 typed data signatures.\n *\n * EIP-712 is the simpler verification path: the signer address is recovered directly\n * from the signature using ethers verifyTypedData. There is no DID URL resolution or\n * JWK handling — the recovered address is the verification output.\n *\n * EIP-712 verification is NOT authorization. It only proves the signature is valid\n * and returns the recovered signer address for downstream authorization checks.\n */\n\nimport { verifyTypedData, getAddress } from \"ethers\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** x402 EIP-712 artifact envelope */\nexport interface X402Eip712Artifact {\n format: \"eip712\";\n payload: Record<string, unknown>;\n signature: string;\n}\n\n/** Successful EIP-712 verification result */\nexport interface Eip712VerificationResult {\n valid: true;\n /** Decoded payload from the artifact */\n payload: Record<string, unknown>;\n /** Recovered signer address (checksummed) */\n signer: string;\n /** Whether this is an offer or receipt */\n artifactType: \"offer\" | \"receipt\";\n}\n\n/** Failed EIP-712 verification result */\nexport interface Eip712VerificationFailure {\n valid: false;\n error: { code: string; message: string };\n payload?: Record<string, unknown>;\n signer?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Canonical EIP-712 Definitions\n// ---------------------------------------------------------------------------\n\n/**\n * Canonical EIP-712 domain for x402 offers.\n * Per the x402 Offer and Receipt Extension spec:\n * - chainId is hardcoded to 1 (off-chain signing format)\n * - The payment network is identified by the `network` field in the payload\n */\nconst OFFER_DOMAIN = {\n name: \"x402 offer\",\n version: \"1\",\n chainId: 1,\n} as const;\n\n/**\n * Canonical EIP-712 domain for x402 receipts.\n */\nconst RECEIPT_DOMAIN = {\n name: \"x402 receipt\",\n version: \"1\",\n chainId: 1,\n} as const;\n\n/**\n * Canonical EIP-712 types for x402 offers.\n * These are normative and MUST NOT be transmitted on the wire.\n */\nconst OFFER_TYPES = {\n Offer: [\n { name: \"version\", type: \"uint256\" },\n { name: \"resourceUrl\", type: \"string\" },\n { name: \"scheme\", type: \"string\" },\n { name: \"network\", type: \"string\" },\n { name: \"asset\", type: \"string\" },\n { name: \"payTo\", type: \"string\" },\n { name: \"amount\", type: \"string\" },\n { name: \"validUntil\", type: \"uint256\" },\n ],\n} as const;\n\n/**\n * Canonical EIP-712 types for x402 receipts.\n * These are normative and MUST NOT be transmitted on the wire.\n */\nconst RECEIPT_TYPES = {\n Receipt: [\n { name: \"version\", type: \"uint256\" },\n { name: \"network\", type: \"string\" },\n { name: \"resourceUrl\", type: \"string\" },\n { name: \"payer\", type: \"string\" },\n { name: \"issuedAt\", type: \"uint256\" },\n { name: \"transaction\", type: \"string\" },\n ],\n} as const;\n\n// ---------------------------------------------------------------------------\n// Payload Validation\n// ---------------------------------------------------------------------------\n\nconst REQUIRED_OFFER_FIELDS = [\n \"version\",\n \"resourceUrl\",\n \"scheme\",\n \"network\",\n \"asset\",\n \"payTo\",\n \"amount\",\n] as const;\n\nconst REQUIRED_RECEIPT_FIELDS = [\n \"version\",\n \"network\",\n \"resourceUrl\",\n \"payer\",\n \"issuedAt\",\n] as const;\n\nfunction validateOfferPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_OFFER_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\nfunction validateReceiptPayload(\n payload: Record<string, unknown>\n): { valid: true } | { valid: false; field: string } {\n for (const field of REQUIRED_RECEIPT_FIELDS) {\n if (!(field in payload) || payload[field] === undefined || payload[field] === null) {\n return { valid: false, field };\n }\n }\n return { valid: true };\n}\n\n// ---------------------------------------------------------------------------\n// Failure Helper\n// ---------------------------------------------------------------------------\n\nfunction failure(\n code: string,\n message: string,\n partial?: Partial<Eip712VerificationFailure>\n): Eip712VerificationFailure {\n return {\n valid: false,\n error: { code, message },\n ...partial,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Core EIP-712 Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Prepare the EIP-712 message from the artifact payload.\n *\n * For EIP-712, all fields must be present (fixed schema).\n * Optional fields use zero-values when absent:\n * - validUntil: 0 means absent\n * - transaction: \"\" means absent\n */\nfunction prepareOfferMessage(payload: Record<string, unknown>): Record<string, unknown> {\n return {\n version: payload.version,\n resourceUrl: payload.resourceUrl,\n scheme: payload.scheme,\n network: payload.network,\n asset: payload.asset,\n payTo: payload.payTo,\n amount: payload.amount,\n validUntil: payload.validUntil ?? 0,\n };\n}\n\nfunction prepareReceiptMessage(payload: Record<string, unknown>): Record<string, unknown> {\n return {\n version: payload.version,\n network: payload.network,\n resourceUrl: payload.resourceUrl,\n payer: payload.payer,\n issuedAt: payload.issuedAt,\n transaction: payload.transaction ?? \"\",\n };\n}\n\n/**\n * Verify an x402 EIP-712 artifact (offer or receipt).\n *\n * This is the core verification function. It:\n * 1. Validates the artifact envelope (format, payload, signature)\n * 2. Validates payload shape for the artifact type\n * 3. Constructs EIP-712 typed data using canonical domain and types\n * 4. Verifies signature and recovers signer address\n * 5. Returns structured result with recovered signer\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @param artifactType - Whether this is an \"offer\" or \"receipt\"\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Artifact(\n artifact: X402Eip712Artifact,\n artifactType: \"offer\" | \"receipt\"\n): Eip712VerificationResult | Eip712VerificationFailure {\n // Validate artifact envelope\n if (!artifact || typeof artifact !== \"object\") {\n return failure(\"INVALID_ARTIFACT\", \"Artifact must be a non-null object\");\n }\n if (artifact.format !== \"eip712\") {\n return failure(\"INVALID_ARTIFACT\", `Expected format \"eip712\", got \"${artifact.format}\"`);\n }\n if (!artifact.payload || typeof artifact.payload !== \"object\" || Array.isArray(artifact.payload)) {\n return failure(\"MISSING_PAYLOAD\", \"EIP-712 artifact must include a payload object\");\n }\n if (typeof artifact.signature !== \"string\" || artifact.signature.length === 0) {\n return failure(\"MISSING_SIGNATURE\", \"EIP-712 artifact must include a non-empty signature\");\n }\n\n const payload = artifact.payload;\n\n // Validate payload shape\n if (artifactType === \"offer\") {\n const check = validateOfferPayload(payload);\n if (!check.valid) {\n return failure(\n \"INVALID_OFFER_PAYLOAD\",\n `Missing required offer field: ${check.field}`,\n { payload }\n );\n }\n } else {\n const check = validateReceiptPayload(payload);\n if (!check.valid) {\n return failure(\n \"INVALID_RECEIPT_PAYLOAD\",\n `Missing required receipt field: ${check.field}`,\n { payload }\n );\n }\n }\n\n // Select domain, types, and prepare message\n const domain = artifactType === \"offer\" ? OFFER_DOMAIN : RECEIPT_DOMAIN;\n const types = artifactType === \"offer\" ? OFFER_TYPES : RECEIPT_TYPES;\n const message =\n artifactType === \"offer\"\n ? prepareOfferMessage(payload)\n : prepareReceiptMessage(payload);\n\n // Verify signature and recover signer\n let signer: string;\n try {\n signer = verifyTypedData(\n domain,\n types as unknown as Record<string, Array<{ name: string; type: string }>>,\n message,\n artifact.signature\n );\n signer = getAddress(signer);\n } catch (err) {\n const message = err instanceof Error ? err.message : \"EIP-712 signature verification failed\";\n return failure(\"SIGNATURE_INVALID\", message, { payload });\n }\n\n return {\n valid: true,\n payload,\n signer,\n artifactType,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Offer Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 EIP-712 offer artifact.\n *\n * Recovers the signer address and validates that the payload contains\n * required offer fields: version, resourceUrl, scheme, network, asset, payTo, amount.\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Offer(\n artifact: X402Eip712Artifact\n): Eip712VerificationResult | Eip712VerificationFailure {\n return verifyX402Eip712Artifact(artifact, \"offer\");\n}\n\n// ---------------------------------------------------------------------------\n// Receipt Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 EIP-712 receipt artifact.\n *\n * Recovers the signer address and validates that the payload contains\n * required receipt fields: version, network, resourceUrl, payer, issuedAt.\n *\n * @param artifact - The x402 EIP-712 artifact envelope\n * @returns Eip712VerificationResult on success, Eip712VerificationFailure on failure\n */\nexport function verifyX402Eip712Receipt(\n artifact: X402Eip712Artifact\n): Eip712VerificationResult | Eip712VerificationFailure {\n return verifyX402Eip712Artifact(artifact, \"receipt\");\n}\n","import { getAddress } from \"ethers\";\nimport { extractAddressFromDid } from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport {\n calculateTransferAmount,\n} from \"./proof/tx-encoded-value\";\nimport { verifyDidDocumentControllerDid } from \"./proof/did-json\";\nimport { verifyEip712Signature } from \"./proof/eip712\";\nimport { parseDnsTxtRecord } from \"./proof/dns-txt-record\";\nimport {\n verifyX402JwsOffer,\n verifyX402JwsReceipt,\n type X402JwsArtifact,\n} from \"./proof/x402-jws\";\nimport {\n verifyX402Eip712Offer,\n verifyX402Eip712Receipt,\n type X402Eip712Artifact,\n} from \"./proof/x402-eip712\";\nimport type {\n AttestationQueryResult,\n ProofPurpose,\n ProofWrapper,\n VerifyAttestationParams,\n VerifyAttestationResult,\n VerifyProofParams,\n VerifyProofResult\n} from \"./types\";\n\nfunction parseChainId(input: unknown): number {\n if (typeof input === \"number\") {\n return input;\n }\n\n if (typeof input === \"string\") {\n if (input.includes(\":\")) {\n const [, chainId] = input.split(\":\");\n return Number(chainId);\n }\n return Number(input);\n }\n\n return NaN;\n}\n\nfunction parseProofs(attestation: AttestationQueryResult): ProofWrapper[] {\n const rawProofs = attestation.data.proofs;\n if (!Array.isArray(rawProofs)) {\n return [];\n }\n\n return rawProofs\n .map((entry) => {\n if (typeof entry === \"string\") {\n try {\n return JSON.parse(entry) as ProofWrapper;\n } catch {\n return null;\n }\n }\n if (entry && typeof entry === \"object\") {\n return entry as ProofWrapper;\n }\n return null;\n })\n .filter((proof): proof is ProofWrapper => Boolean(proof?.proofType));\n}\n\nfunction getProofPurpose(proof: ProofWrapper): ProofPurpose {\n if (proof.proofPurpose === \"commercial-tx\") {\n return \"commercial-tx\";\n }\n return \"shared-control\";\n}\n\nfunction decodeJwtPayload(compactJws: string): Record<string, unknown> {\n const parts = compactJws.split(\".\");\n if (parts.length !== 3) {\n throw new OmaTrustError(\"PROOF_VERIFICATION_FAILED\", \"Invalid compact JWS format\");\n }\n const payloadB64 = parts[1].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = payloadB64.padEnd(payloadB64.length + ((4 - (payloadB64.length % 4)) % 4), \"=\");\n let json: string;\n if (typeof atob === \"function\") {\n json = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n json = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n return JSON.parse(json) as Record<string, unknown>;\n}\n\nexport async function verifyProof(params: VerifyProofParams): Promise<VerifyProofResult> {\n const { proof, provider, expectedSubjectDid, expectedControllerDid } = params;\n\n try {\n switch (proof.proofType) {\n case \"tx-encoded-value\": {\n if (!provider) {\n return { valid: false, proofType: proof.proofType, reason: \"Provider is required\" };\n }\n if (!expectedSubjectDid || !expectedControllerDid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"expectedSubjectDid and expectedControllerDid are required\"\n };\n }\n\n const proofObject = proof.proofObject as { chainId: string; txHash: string };\n const chainId = parseChainId(proofObject.chainId);\n const tx = await (provider as { getTransaction: (hash: string) => Promise<any> }).getTransaction(\n proofObject.txHash\n );\n if (!tx) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction not found\" };\n }\n\n const expectedAmount = calculateTransferAmount(\n expectedSubjectDid,\n expectedControllerDid,\n chainId,\n getProofPurpose(proof)\n );\n\n const subjectAddress = getAddress(extractAddressFromDid(expectedSubjectDid));\n const controllerAddress = getAddress(extractAddressFromDid(expectedControllerDid));\n\n if (tx.from && getAddress(tx.from) !== subjectAddress) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction sender mismatch\" };\n }\n\n if (tx.to && getAddress(tx.to) !== controllerAddress) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction recipient mismatch\" };\n }\n\n if (BigInt(tx.value) !== expectedAmount) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction amount mismatch\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"tx-interaction\": {\n if (!provider) {\n return { valid: false, proofType: proof.proofType, reason: \"Provider is required\" };\n }\n const proofObject = proof.proofObject as { txHash: string };\n const tx = await (provider as { getTransaction: (hash: string) => Promise<any> }).getTransaction(\n proofObject.txHash\n );\n if (!tx) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction not found\" };\n }\n\n if (!tx.to) {\n return { valid: false, proofType: proof.proofType, reason: \"Transaction target missing\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"pop-eip712\": {\n const object = proof.proofObject as {\n domain: Record<string, unknown>;\n message: Record<string, unknown>;\n signature: string;\n };\n\n const typedData = {\n domain: object.domain,\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" }\n ]\n },\n message: object.message\n };\n\n const verification = verifyEip712Signature(typedData, object.signature);\n if (!verification.valid || !verification.signer) {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid EIP-712 signature\" };\n }\n\n if (typeof object.message.signer === \"string\") {\n const expected = getAddress(object.message.signer);\n if (getAddress(verification.signer) !== expected) {\n return { valid: false, proofType: proof.proofType, reason: \"Recovered signer mismatch\" };\n }\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"pop-jws\": {\n if (typeof proof.proofObject !== \"string\") {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid JWS proof payload\" };\n }\n\n const payload = decodeJwtPayload(proof.proofObject);\n const now = Math.floor(Date.now() / 1000);\n const exp = payload.exp;\n if (typeof exp === \"number\" && exp < now) {\n return { valid: false, proofType: proof.proofType, reason: \"JWS proof expired\" };\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"x402-receipt\":\n case \"x402-offer\": {\n if (!proof.proofObject || typeof proof.proofObject !== \"object\") {\n return { valid: false, proofType: proof.proofType, reason: \"Invalid x402 proof object\" };\n }\n\n // JWS cryptographic verification when format is \"jws\"\n const proofObj = proof.proofObject as Record<string, unknown>;\n if (proofObj.format === \"jws\" && typeof proofObj.signature === \"string\") {\n const artifact: X402JwsArtifact = {\n format: \"jws\",\n signature: proofObj.signature,\n };\n const jwsResult =\n proof.proofType === \"x402-offer\"\n ? await verifyX402JwsOffer(artifact)\n : await verifyX402JwsReceipt(artifact);\n\n if (!jwsResult.valid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: jwsResult.error?.message ?? \"JWS verification failed\",\n };\n }\n return { valid: true, proofType: proof.proofType };\n }\n\n // EIP-712 cryptographic verification when format is \"eip712\"\n if (proofObj.format === \"eip712\" && typeof proofObj.signature === \"string\" && proofObj.payload && typeof proofObj.payload === \"object\") {\n const artifact: X402Eip712Artifact = {\n format: \"eip712\",\n payload: proofObj.payload as Record<string, unknown>,\n signature: proofObj.signature,\n };\n const eip712Result =\n proof.proofType === \"x402-offer\"\n ? verifyX402Eip712Offer(artifact)\n : verifyX402Eip712Receipt(artifact);\n\n if (!eip712Result.valid) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: eip712Result.error?.message ?? \"EIP-712 verification failed\",\n };\n }\n return { valid: true, proofType: proof.proofType };\n }\n\n // Non-JWS/non-EIP-712 x402 proofs: shape-only check (backward compatible)\n return { valid: true, proofType: proof.proofType };\n }\n\n case \"evidence-pointer\": {\n const object = proof.proofObject as { url?: string };\n if (!object.url) {\n return { valid: false, proofType: proof.proofType, reason: \"Missing evidence URL\" };\n }\n\n const response = await fetch(object.url);\n if (!response.ok) {\n return { valid: false, proofType: proof.proofType, reason: `Evidence fetch failed (${response.status})` };\n }\n\n if (object.url.endsWith(\"/.well-known/did.json\") && expectedControllerDid) {\n const didDoc = (await response.json()) as Record<string, unknown>;\n const didCheck = verifyDidDocumentControllerDid(didDoc, expectedControllerDid);\n return {\n valid: didCheck.valid,\n proofType: proof.proofType,\n reason: didCheck.reason\n };\n }\n\n const body = await response.text();\n if (expectedControllerDid && !body.includes(expectedControllerDid)) {\n try {\n const parsed = parseDnsTxtRecord(body);\n if (!parsed.controllers.includes(expectedControllerDid)) {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"Evidence does not include expected controller DID\"\n };\n }\n } catch {\n return {\n valid: false,\n proofType: proof.proofType,\n reason: \"Evidence does not include expected controller DID\"\n };\n }\n }\n\n return { valid: true, proofType: proof.proofType };\n }\n\n default:\n return { valid: false, proofType: proof.proofType, reason: \"Unsupported proof type\" };\n }\n } catch (err) {\n throw new OmaTrustError(\"PROOF_VERIFICATION_FAILED\", \"Proof verification failed\", {\n proofType: proof.proofType,\n err\n });\n }\n}\n\nexport async function verifyAttestation(\n params: VerifyAttestationParams\n): Promise<VerifyAttestationResult> {\n const proofs = parseProofs(params.attestation);\n const checks: Record<string, boolean> = {};\n const reasons: string[] = [];\n\n const now = BigInt(Math.floor(Date.now() / 1000));\n if (params.attestation.revocationTime > 0n) {\n checks.revocation = false;\n reasons.push(\"attestation revoked\");\n } else {\n checks.revocation = true;\n }\n\n if (params.attestation.expirationTime > 0n && params.attestation.expirationTime < now) {\n checks.expiration = false;\n reasons.push(\"attestation expired\");\n } else {\n checks.expiration = true;\n }\n\n if (proofs.length === 0) {\n checks.proofs = false;\n reasons.push(\"no proofs provided\");\n }\n\n const selectedProofTypes = params.checks ?? (proofs.map((proof) => proof.proofType) as Array<ProofWrapper[\"proofType\"]>);\n\n for (const proof of proofs) {\n if (!selectedProofTypes.includes(proof.proofType)) {\n continue;\n }\n\n const result = await verifyProof({\n proof,\n provider: params.provider,\n expectedSubjectDid: params.context?.subjectDid as string | undefined,\n expectedControllerDid: params.context?.controllerDid as string | undefined\n });\n\n checks[proof.proofType] = result.valid;\n if (!result.valid) {\n reasons.push(result.reason ?? `${proof.proofType} verification failed`);\n }\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons\n };\n}\n","import { OmaTrustError } from \"../shared/errors\";\nimport { isEasSchemaNotFoundError } from \"./eas-adapter\";\nimport type { Hex } from \"./types\";\n\nexport async function verifySchemaExists(\n schemaRegistry: unknown,\n schemaUid: Hex\n): Promise<boolean> {\n const registry = schemaRegistry as {\n getSchema: (params: { uid: string }) => Promise<{ uid: string } | null>;\n };\n\n try {\n const schema = await registry.getSchema({ uid: schemaUid });\n return Boolean(schema && schema.uid && schema.uid !== \"0x\".padEnd(66, \"0\"));\n } catch {\n return false;\n }\n}\n\nexport async function getSchemaDetails(\n schemaRegistry: unknown,\n schemaUid: Hex\n): Promise<{ uid: Hex; schema: string; resolver: Hex; revocable: boolean }> {\n const registry = schemaRegistry as {\n getSchema: (params: { uid: string }) => Promise<{\n uid: string;\n schema: string;\n resolver: string;\n revocable: boolean;\n } | null>;\n };\n\n try {\n const details = await registry.getSchema({ uid: schemaUid });\n if (!details || !details.uid || details.uid === \"0x\".padEnd(66, \"0\")) {\n throw new OmaTrustError(\"SCHEMA_NOT_FOUND\", \"Schema was not found\", { schemaUid });\n }\n\n return {\n uid: formatSchemaUid(details.uid),\n schema: details.schema,\n resolver: details.resolver as Hex,\n revocable: Boolean(details.revocable)\n };\n } catch (err) {\n if (isEasSchemaNotFoundError(err)) {\n throw new OmaTrustError(\"SCHEMA_NOT_FOUND\", \"Schema was not found\", { schemaUid });\n }\n if (err instanceof OmaTrustError) {\n throw err;\n }\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to read schema details\", { schemaUid, err });\n }\n}\n\nexport function formatSchemaUid(schemaUid: string): Hex {\n if (!schemaUid) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schemaUid is required\");\n }\n const value = schemaUid.startsWith(\"0x\") ? schemaUid.toLowerCase() : `0x${schemaUid.toLowerCase()}`;\n if (!/^0x[0-9a-f]{64}$/.test(value)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"schemaUid must be a 32-byte hex string\", { schemaUid });\n }\n return value as Hex;\n}\n","import { OmaTrustError } from \"../shared/errors\";\nimport type { CallControllerWitnessParams, CallControllerWitnessResult } from \"./types\";\n\nasync function callMethod(\n params: CallControllerWitnessParams,\n method: \"dns-txt\" | \"did-json\"\n): Promise<CallControllerWitnessResult | null> {\n let response: Response;\n try {\n response = await fetch(params.gatewayUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({\n attestationUid: params.attestationUid,\n chainId: params.chainId,\n easContract: params.easContract,\n schemaUid: params.schemaUid,\n subject: params.subject,\n controller: params.controller,\n method\n }),\n signal: AbortSignal.timeout(params.timeoutMs ?? 15_000)\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Controller witness request failed\", { method, err });\n }\n\n const details = await response.json().catch(() => undefined);\n if (!response.ok) {\n return null;\n }\n\n return {\n ok: true,\n method,\n details\n };\n}\n\nexport async function callControllerWitness(\n params: CallControllerWitnessParams\n): Promise<CallControllerWitnessResult> {\n const dnsResult = await callMethod(params, \"dns-txt\").catch(() => null);\n if (dnsResult) {\n return dnsResult;\n }\n\n const didJsonResult = await callMethod(params, \"did-json\").catch(() => null);\n if (didJsonResult) {\n return didJsonResult;\n }\n\n return {\n ok: false,\n method: \"did-json\"\n };\n}\n\nimport type { RequestControllerWitnessParams, RequestControllerWitnessResult } from \"./types\";\n\nconst DEFAULT_CONTROLLER_WITNESS_URL = \"https://api.omatrust.org/v1/controller-witness\";\n\n/**\n * Request a controller witness attestation from the OMATrust backend.\n *\n * This is the recommended function for requesting controller witnesses.\n * It makes a single API call with the subject and controller DIDs.\n * The backend handles evidence discovery, attestation submission, and\n * write quota deduction.\n *\n * Requires an authenticated session (cookie-based for web clients).\n * Future versions will support x402 and OAuth DCR 2.0 for agents.\n *\n * @deprecated callControllerWitness — use requestControllerWitness instead.\n * callControllerWitness uses the legacy multi-call pattern and will be\n * removed in a future SDK version.\n */\nexport async function requestControllerWitness(\n params: RequestControllerWitnessParams\n): Promise<RequestControllerWitnessResult> {\n const url = params.gatewayUrl ?? DEFAULT_CONTROLLER_WITNESS_URL;\n\n const body: Record<string, unknown> = {\n subjectDid: params.subjectDid,\n controllerDid: params.controllerDid,\n };\n\n if (params.chainId !== undefined) {\n body.chainId = params.chainId;\n }\n\n let response: Response;\n try {\n response = await fetch(url, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n credentials: \"include\",\n body: JSON.stringify(body),\n signal: AbortSignal.timeout(params.timeoutMs ?? 15_000),\n });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Controller witness request failed\", { err });\n }\n\n if (!response.ok) {\n const errorBody = await response.json().catch(() => ({ error: response.statusText }));\n throw new OmaTrustError(\n \"API_ERROR\",\n (errorBody as Record<string, string>).error ?? `Controller witness failed: ${response.status}`,\n { status: response.status, ...errorBody }\n );\n }\n\n return (await response.json()) as RequestControllerWitnessResult;\n}\n","/**\n * Contract Ownership — shared primitives for discovering contract owners\n * and verifying transfer proofs.\n *\n * Used by:\n * - subject-ownership.ts (full ownership verification flow)\n * - attester-authorization.ts (authorization checks for did:pkh subjects)\n */\n\nimport { Interface, ZeroAddress, getAddress, isAddress } from \"ethers\";\nimport { buildEvmDidPkh } from \"../identity/did\";\nimport { calculateTransferAmount } from \"./proof/tx-encoded-value\";\nimport type { Hex, Did } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Provider interface\n// ---------------------------------------------------------------------------\n\n/**\n * Minimal provider interface for contract ownership reads.\n * Compatible with ethers v6 providers — consumers can pass their provider directly.\n */\nexport interface ContractOwnershipProvider {\n call(transaction: { to: string; data: string }): Promise<string>;\n getCode(address: string): Promise<string>;\n getStorage(address: string, slot: string): Promise<string>;\n getTransaction(hash: string): Promise<{\n from?: string | null;\n to?: string | null;\n value?: bigint | string | number | null;\n blockNumber?: number | null;\n } | null>;\n}\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nexport const EIP1967_ADMIN_SLOT =\n \"0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103\" as const;\n\nexport const OWNERSHIP_PATTERNS = [\n { method: \"owner\", signature: \"function owner() view returns (address)\" },\n { method: \"admin\", signature: \"function admin() view returns (address)\" },\n { method: \"getOwner\", signature: \"function getOwner() view returns (address)\" },\n] as const;\n\n// ---------------------------------------------------------------------------\n// Public functions\n// ---------------------------------------------------------------------------\n\n/**\n * Read a single address-returning function from a contract.\n * Returns the checksummed address or null if the call fails or returns zero.\n */\nexport async function readOwnerFromContract(\n provider: ContractOwnershipProvider,\n contractAddress: string,\n signature: string,\n method: string\n): Promise<string | null> {\n try {\n const iface = new Interface([signature]);\n const data = iface.encodeFunctionData(method, []);\n const result = await provider.call({ to: contractAddress, data });\n const [value] = iface.decodeFunctionResult(method, result);\n if (typeof value === \"string\" && isAddress(value) && value !== ZeroAddress) {\n return getAddress(value);\n }\n } catch {\n // Call failed — contract may not implement this method\n }\n return null;\n}\n\n/**\n * Discover the controlling wallet address of a contract.\n *\n * Tries, in order:\n * 1. `owner()` — OpenZeppelin Ownable\n * 2. `admin()` — common admin pattern\n * 3. `getOwner()` — alternative naming\n * 4. EIP-1967 admin storage slot\n *\n * Returns the checksummed owner address, or null if not discoverable.\n */\nexport async function discoverContractOwner(\n provider: ContractOwnershipProvider,\n contractAddress: string\n): Promise<string | null> {\n // Verify it's actually a contract\n try {\n const code = await provider.getCode(contractAddress);\n if (code === \"0x\" || code === \"0x0\") {\n return null;\n }\n } catch {\n return null;\n }\n\n // Try standard ownership patterns\n for (const pattern of OWNERSHIP_PATTERNS) {\n const address = await readOwnerFromContract(\n provider,\n contractAddress,\n pattern.signature,\n pattern.method\n );\n if (address) {\n return address;\n }\n }\n\n // Try EIP-1967 admin slot\n try {\n const adminValue = await provider.getStorage(contractAddress, EIP1967_ADMIN_SLOT);\n if (\n adminValue &&\n adminValue !== \"0x\" &&\n adminValue !== \"0x0000000000000000000000000000000000000000000000000000000000000000\"\n ) {\n const adminAddress = getAddress(`0x${adminValue.slice(-40)}`);\n if (adminAddress !== ZeroAddress) {\n return adminAddress;\n }\n }\n } catch {\n // Slot not readable\n }\n\n return null;\n}\n\n/**\n * Discover the controlling wallet and return it as a did:pkh DID.\n * Convenience wrapper over discoverContractOwner for DID-based flows.\n */\nexport async function discoverControllingWalletDid(\n provider: ContractOwnershipProvider,\n contractAddress: string,\n chainId: number\n): Promise<Did | null> {\n const owner = await discoverContractOwner(provider, contractAddress);\n return owner ? buildEvmDidPkh(chainId, owner) : null;\n}\n\n/**\n * Verify a transfer proof transaction.\n *\n * Checks:\n * - Transaction exists and has from/to\n * - Recipient matches the expected attester address\n * - Transfer amount matches the deterministic proof amount for the subject-attester pair\n *\n * Does NOT verify the sender is the current contract owner — that's a separate\n * concern (the sender may have been the owner at the time of transfer but not now).\n */\nexport async function verifyTransferProof(\n provider: ContractOwnershipProvider,\n txHash: Hex,\n subjectDid: Did,\n attesterAddress: string,\n chainId: number\n): Promise<boolean> {\n try {\n const tx = await provider.getTransaction(txHash);\n if (!tx || !tx.from || !tx.to) {\n return false;\n }\n\n // Recipient must be the attester\n if (getAddress(tx.to) !== getAddress(attesterAddress)) {\n return false;\n }\n\n // Verify the amount matches the deterministic transfer proof amount\n const attesterDid = buildEvmDidPkh(chainId, attesterAddress);\n const expectedAmount = calculateTransferAmount(\n subjectDid,\n attesterDid,\n chainId,\n \"shared-control\"\n );\n const actualValue = BigInt(tx.value ?? 0n);\n\n return actualValue === expectedAmount;\n } catch {\n return false;\n }\n}\n","/**\n * Trust anchors: fetches the OMA3 allowlist of EAS contracts and schemas.\n *\n * Used by the widget signing bridge for request validation and by the\n * reputation module for chain/contract resolution.\n *\n * Chain keys use CAIP-2 identifiers (e.g., \"eip155:66238\").\n */\n\nimport { OmaTrustError } from \"./errors\";\n\nconst DEFAULT_TRUST_ANCHORS_URL = \"https://api.omatrust.org/v1/trust-anchors\";\n\nexport const TRUST_ANCHORS_URL = DEFAULT_TRUST_ANCHORS_URL;\n\nexport type ChainAnchors = {\n name: string;\n easContract: string;\n /** Schema name → schema UID mapping */\n schemas: Record<string, string>;\n};\n\nexport type ApprovedIssuer = {\n address: string;\n label: string;\n schemas: string[];\n status: \"active\" | \"revoked\";\n validFrom: string;\n revokedAt?: string;\n};\n\nexport type TrustAnchors = {\n version: number;\n updatedAt: string;\n widgetOrigins?: string[];\n /** CAIP-2 chain identifier → chain-specific trust anchors */\n chains: Record<string, ChainAnchors>;\n registries?: Array<{\n type: \"approved-issuers\";\n issuers: ApprovedIssuer[];\n }>;\n};\n\nlet cachedAnchors: TrustAnchors | null = null;\nlet cacheTimestamp = 0;\nconst CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes\n\n/**\n * Fetch the trust anchors from the OMA3 API gateway.\n * Caches the result for 5 minutes.\n *\n * @param url Override the trust anchors URL (for testing or custom deployments)\n */\nexport async function fetchTrustAnchors(url?: string): Promise<TrustAnchors> {\n const now = Date.now();\n if (cachedAnchors && now - cacheTimestamp < CACHE_TTL_MS) {\n return cachedAnchors;\n }\n\n let res: Response;\n try {\n res = await fetch(url ?? TRUST_ANCHORS_URL);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch trust anchors\", { err });\n }\n\n if (!res.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", `Failed to fetch trust anchors: ${res.status} ${res.statusText}`);\n }\n\n const anchors: TrustAnchors = await res.json();\n\n if (!anchors.version || !anchors.chains || typeof anchors.chains !== \"object\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid trust anchors format\");\n }\n\n cachedAnchors = anchors;\n cacheTimestamp = now;\n return anchors;\n}\n\n/**\n * Look up chain anchors by CAIP-2 identifier.\n * Throws UNSUPPORTED_CHAIN if the chain is not in the trust anchors.\n */\nexport function getChainAnchors(anchors: TrustAnchors, caip2: string): ChainAnchors {\n const chain = anchors.chains[caip2];\n if (!chain) {\n throw new OmaTrustError(\"UNSUPPORTED_CHAIN\", `Chain ${caip2} is not in the trust anchors`, {\n caip2,\n supportedChains: Object.keys(anchors.chains),\n });\n }\n return chain;\n}\n\n/**\n * Look up a schema UID by name for a given chain.\n * Throws UNSUPPORTED_CHAIN if the chain is not in the trust anchors.\n * Throws INVALID_INPUT if the schema is not deployed on this chain.\n */\nexport function getSchemaAnchor(anchors: TrustAnchors, caip2: string, schemaName: string): string {\n const chain = getChainAnchors(anchors, caip2);\n const uid = chain.schemas[schemaName];\n if (!uid) {\n throw new OmaTrustError(\"INVALID_INPUT\", `Schema \"${schemaName}\" not found in trust anchors for chain ${caip2}`, {\n caip2,\n schemaName,\n availableSchemas: Object.keys(chain.schemas),\n });\n }\n return uid;\n}\n\n/**\n * Extract the allowed contracts and schema UIDs from trust anchors.\n * Returns all contracts and schema UIDs across all chains.\n */\nexport function extractAllowlists(anchors: TrustAnchors): {\n allowedContracts: string[];\n allowedSchemas: string[];\n} {\n const contracts: string[] = [];\n const schemas: string[] = [];\n\n for (const chain of Object.values(anchors.chains)) {\n if (chain.easContract) contracts.push(chain.easContract);\n if (chain.schemas && typeof chain.schemas === \"object\") {\n schemas.push(...Object.values(chain.schemas));\n }\n }\n\n return {\n allowedContracts: [...new Set(contracts)],\n allowedSchemas: [...new Set(schemas)],\n };\n}\n","import { isSameControllerId } from \"../../identity/controller-id\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport type { Did } from \"../types\";\nimport { parseDnsTxtRecord } from \"./dns-txt-record\";\n\nexport interface VerifyDnsTxtControllerDidOptions {\n resolveTxt?: (host: string) => Promise<string[][]>;\n recordPrefix?: string;\n}\n\n/**\n * Verify that a controller DID appears in DNS TXT records for a domain.\n *\n * Uses isSameControllerId for matching, which supports:\n * - Exact normalized DID string match\n * - EVM address match (chain-agnostic)\n * - JWK material match (for did:jwk with different encodings)\n */\nexport async function verifyDnsTxtControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDnsTxtControllerDidOptions = {}\n): Promise<{ valid: boolean; record?: string; reason?: string }> {\n if (!domain || typeof domain !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"domain must be a non-empty string\", { domain });\n }\n\n if (!options.resolveTxt) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"No DNS TXT resolver was provided\", { domain });\n }\n\n const prefix = options.recordPrefix ?? \"_controllers\";\n const host = `${prefix}.${domain.toLowerCase().replace(/\\.$/, \"\")}`;\n\n let records: string[][];\n try {\n records = await options.resolveTxt(host);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to resolve DNS TXT records\", { domain, err });\n }\n\n for (const recordParts of records) {\n const record = recordParts.join(\"\");\n const parsed = parseDnsTxtRecord(record);\n if (parsed.version !== \"1\") continue;\n\n for (const recordController of parsed.controllers) {\n if (isSameControllerId(recordController, expectedControllerDid)) {\n return { valid: true, record };\n }\n }\n }\n\n return { valid: false, reason: \"Controller DID not found in DNS TXT records\" };\n}\n","/**\n * Controller Authorization — verifies the time window during which a controller\n * was authorized for a subject DID.\n *\n * This is the \"read/verify\" counterpart to requestControllerWitness (write).\n *\n * For did:web subjects:\n * - Controller witness attestations (strongest durable evidence)\n * - Key binding with purpose check\n * - Live DNS TXT / did.json verification (current-point-in-time fallback)\n *\n * For did:pkh subjects (smart contracts):\n * - Direct subject ownership check (owner/admin/EIP-1967)\n * - Key binding with transfer proof verification\n * - NOTE: Only EVM chains are currently supported for contract ownership checks.\n * Non-EVM did:pkh subjects (e.g. Solana) will need chain-specific verification.\n */\n\nimport { didToAddress, getDomainFromDidWeb, extractDidMethod, isEvmDidPkh, getAddressFromDidPkh, getChainIdFromDidPkh, normalizeDid } from \"../identity/did\";\nimport { isSameControllerId, extractControllerEvmAddress } from \"../identity/controller-id\";\nimport { didJwkToJwk, publicJwkEquals } from \"../identity/jwk\";\nimport { EAS } from \"@ethereum-attestation-service/eas-sdk\";\nimport { Contract, getAddress } from \"ethers\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport { fetchTrustAnchors, getChainAnchors } from \"../shared/trust-anchors\";\nimport { fetchDidDocument } from \"../shared/did-document\";\nimport { verifyDnsTxtControllerDid } from \"./proof/dns-txt-shared\";\nimport { verifyDidDocumentControllerDid } from \"./proof/did-json\";\nimport { discoverContractOwner, verifyTransferProof, type ContractOwnershipProvider } from \"./contract-ownership\";\nimport { decodeAttestationData } from \"./encode\";\nimport type {\n AttestationQueryResult,\n ControllerAuthorizationResult,\n ControllerWitnessEvidence,\n GetControllerAuthorizationParams,\n Hex,\n W3CKeyPurpose,\n} from \"./types\";\n\nconst DEFAULT_CHAIN = \"eip155:6623\";\nconst DEFAULT_PURPOSES: W3CKeyPurpose[] = [\"authentication\", \"assertionMethod\"];\n\n/**\n * Determine the authorization window for a controller-subject pair.\n *\n * For did:web subjects, checks:\n * 1. On-chain controller-witness attestations (strongest evidence)\n * 2. On-chain key-binding revocation and purpose status\n * 3. Live DNS TXT / did.json verification (current-point-in-time fallback)\n *\n * For did:pkh subjects (smart contracts), checks:\n * 1. Direct subject ownership (controller is the contract owner/admin)\n * 2. Key binding with transfer proof verification\n *\n * Returns the authorization window so the consumer can filter attestations\n * by timestamp without repeated on-chain queries.\n */\nexport async function getControllerAuthorization(\n params: GetControllerAuthorizationParams\n): Promise<ControllerAuthorizationResult> {\n const chain = params.chain ?? DEFAULT_CHAIN;\n const purposes = params.purpose && params.purpose.length > 0 ? params.purpose : DEFAULT_PURPOSES;\n\n // Normalize the controller DID for consistent matching\n const controllerDid = normalizeDid(params.controllerDid);\n const controllerMethod = extractDidMethod(controllerDid);\n\n // Extract an EVM address from the controller DID when possible (did:pkh:eip155 only)\n const controllerEvmAddress = extractControllerEvmAddress(controllerDid);\n\n // Fetch trust anchors once (cached after first call)\n const anchors = await fetchTrustAnchors();\n const chainAnchors = getChainAnchors(anchors, chain);\n\n // Resolve EAS contract address\n const easContractAddress = params.easContractAddress ?? (chainAnchors.easContract as Hex);\n\n const provider = params.provider as never;\n\n // Get schema UIDs from trust anchors (optional — chain may not have all schemas)\n const controllerWitnessSchemaUid = chainAnchors.schemas[\"controller-witness\"] as Hex | undefined;\n const keyBindingSchemaUid = chainAnchors.schemas[\"key-binding\"] as Hex | undefined;\n\n // Query controller-witness attestations where recipient = subject DID address\n const subjectAddress = didToAddress(params.subjectDid);\n\n let relevantWitnesses: AttestationQueryResult[] = [];\n\n if (controllerWitnessSchemaUid) {\n const rawWitnesses = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [controllerWitnessSchemaUid],\n params.fromBlock ?? 0\n );\n\n // Filter to witnesses that reference this controller DID\n relevantWitnesses = rawWitnesses.filter((att) => {\n const witnessController = att.data?.controller;\n if (typeof witnessController !== \"string\") return false;\n return isSameControllerId(witnessController, controllerDid);\n });\n\n // Sort by time ascending (oldest first)\n relevantWitnesses.sort((a, b) => Number(a.time - b.time));\n }\n\n // Build structured controller witness evidence\n const controllerWitnesses: ControllerWitnessEvidence[] = relevantWitnesses.map((att) => ({\n uid: att.uid,\n issuedAt: att.time,\n attester: att.attester,\n method: resolveWitnessMethod(att.data?.method),\n }));\n\n // Check key binding revocation and purpose\n let keyBindingUid: Hex | null = null;\n let until: bigint | null = null;\n let keyPurposeStatus: ControllerAuthorizationResult[\"keyPurposeStatus\"] = \"not-required\";\n\n if (keyBindingSchemaUid) {\n const keyBindings = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [keyBindingSchemaUid],\n params.fromBlock ?? 0\n );\n\n // Find key bindings for this controller by matching keyId or publicKeyJwk\n const relevantKeyBindings = keyBindings\n .filter((att) => controllerMatchesKeyBinding(att, controllerDid, controllerMethod))\n .sort((a, b) => Number(b.time - a.time)); // newest first\n\n const relevantKeyBinding = relevantKeyBindings[0] ?? null;\n\n if (relevantKeyBinding) {\n keyBindingUid = relevantKeyBinding.uid;\n\n // Check revocation → sets `until`\n if (relevantKeyBinding.revocationTime > 0n) {\n until = relevantKeyBinding.revocationTime;\n }\n\n // Check key purpose\n const keyPurposes = relevantKeyBinding.data?.keyPurpose;\n if (!Array.isArray(keyPurposes) || keyPurposes.length === 0) {\n keyPurposeStatus = \"unknown\";\n } else {\n const allMatched = purposes.every((p) => keyPurposes.includes(p));\n keyPurposeStatus = allMatched ? \"matched\" : \"mismatch\";\n }\n }\n }\n\n // Live DNS/did.json check (did:web subjects) or contract ownership check (did:pkh subjects)\n let currentlyVerified = false;\n let liveMethod: \"dns\" | \"did-document\" | \"contract-ownership\" | null = null;\n let transferProofVerified = false;\n let transferProofAnchor: bigint | null = null;\n\n const subjectMethod = extractDidMethod(params.subjectDid);\n if (subjectMethod === \"web\") {\n const domain = getDomainFromDidWeb(params.subjectDid);\n if (domain) {\n // Try DNS TXT — pass the controllerDid directly\n try {\n const dnsResult = await verifyDnsTxtControllerDid(domain, controllerDid, {\n resolveTxt: params.resolveTxt,\n });\n if (dnsResult.valid) {\n currentlyVerified = true;\n liveMethod = \"dns\";\n }\n } catch {\n // DNS check failed\n }\n\n // Try did.json if DNS didn't work\n if (!currentlyVerified) {\n try {\n const fetchDoc = params.fetchDidDocument ?? fetchDidDocument;\n const didDoc = await fetchDoc(domain);\n const didJsonResult = verifyDidDocumentControllerDid(didDoc, controllerDid);\n if (didJsonResult.valid) {\n currentlyVerified = true;\n liveMethod = \"did-document\";\n }\n } catch {\n // did.json check failed\n }\n }\n }\n } else if (subjectMethod === \"pkh\") {\n if (isEvmDidPkh(params.subjectDid) && controllerEvmAddress) {\n // EVM contract ownership check\n const subjectContractAddress = getAddressFromDidPkh(params.subjectDid);\n const subjectChainId = getChainIdFromDidPkh(params.subjectDid);\n const chainIdNum = subjectChainId ? Number(subjectChainId) : null;\n\n if (subjectContractAddress && chainIdNum) {\n // Check if the controller directly owns the contract\n const ownerAddress = await discoverContractOwner(\n provider as unknown as ContractOwnershipProvider,\n subjectContractAddress\n );\n\n if (ownerAddress && getAddress(ownerAddress) === getAddress(controllerEvmAddress)) {\n currentlyVerified = true;\n liveMethod = \"contract-ownership\";\n }\n\n // If not the direct owner, check key binding transfer proof\n if (!currentlyVerified && keyBindingUid) {\n const relevantKeyBinding = await findKeyBindingWithTransferProof(\n keyBindingSchemaUid!,\n easContractAddress,\n provider,\n subjectAddress,\n controllerDid,\n controllerMethod,\n params.fromBlock ?? 0\n );\n\n if (relevantKeyBinding) {\n const proofTxHash = relevantKeyBinding.data?.proofTxHash as string | undefined;\n if (proofTxHash && /^0x[0-9a-fA-F]{64}$/.test(proofTxHash)) {\n const verified = await verifyTransferProof(\n provider as unknown as ContractOwnershipProvider,\n proofTxHash as Hex,\n params.subjectDid,\n controllerEvmAddress,\n chainIdNum\n );\n if (verified) {\n transferProofVerified = true;\n transferProofAnchor = relevantKeyBinding.time;\n }\n }\n }\n }\n }\n } else {\n // TODO: Non-EVM did:pkh subjects (e.g. Solana) need chain-specific\n // ownership verification. For now, these subjects cannot be verified\n // via contract ownership or transfer proof. Controller witnesses and\n // key bindings still apply.\n }\n }\n\n // Build result\n const witnessAnchor = relevantWitnesses.length > 0 ? relevantWitnesses[0].time : null;\n const anchoredFrom = witnessAnchor ?? transferProofAnchor;\n\n // Authorization requires at least one of:\n // - Controller witnesses with open window\n // - Live verification (DNS/did.json/contract-ownership)\n // - Key binding with verified transfer proof\n // Key purpose mismatch blocks authorization regardless.\n const purposeBlocks = keyPurposeStatus === \"mismatch\";\n const hasOpenWindow = relevantWitnesses.length > 0 && until === null;\n const hasKeyBindingWithProof = keyBindingUid !== null && transferProofVerified && until === null;\n const authorized = !purposeBlocks && (\n hasOpenWindow ||\n (currentlyVerified && until === null) ||\n hasKeyBindingWithProof\n );\n\n return {\n authorized,\n anchoredFrom,\n until,\n currentlyVerified,\n liveMethod,\n controllerWitnesses,\n keyBindingUid,\n keyPurposeStatus,\n transferProofVerified: transferProofVerified || undefined,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Check if a key binding attestation matches the requested controller DID.\n *\n * Matches by:\n * 1. keyId field — uses isSameControllerId for DID comparison\n * 2. publicKeyJwk field — for did:jwk controllers, compare the JWK material\n */\nfunction controllerMatchesKeyBinding(\n att: AttestationQueryResult,\n controllerDid: string,\n controllerMethod: string | null\n): boolean {\n const keyId = att.data?.keyId;\n\n // Match by keyId (DID comparison via isSameControllerId)\n if (typeof keyId === \"string\") {\n if (isSameControllerId(keyId, controllerDid)) {\n return true;\n }\n }\n\n // Match by publicKeyJwk (for did:jwk controllers)\n if (controllerMethod === \"jwk\") {\n const publicKeyJwkRaw = att.data?.publicKeyJwk;\n if (publicKeyJwkRaw) {\n try {\n const onChainJwk = typeof publicKeyJwkRaw === \"string\"\n ? JSON.parse(publicKeyJwkRaw)\n : publicKeyJwkRaw;\n const controllerJwk = didJwkToJwk(controllerDid);\n return publicJwkEquals(onChainJwk, controllerJwk);\n } catch {\n // JWK parsing or comparison failed\n }\n }\n }\n\n return false;\n}\n\nconst EAS_EVENT_ABI = [\n \"event Attested(address indexed recipient, address indexed attester, bytes32 uid, bytes32 indexed schemaUID)\",\n];\n\nfunction resolveWitnessMethod(\n value: unknown\n): ControllerWitnessEvidence[\"method\"] {\n if (typeof value !== \"string\") return undefined;\n switch (value) {\n case \"dns\":\n case \"dns-txt\":\n return \"dns\";\n case \"did-document\":\n case \"did-json\":\n return \"did-document\";\n case \"manual\":\n return \"manual\";\n default:\n return \"other\";\n }\n}\n\nasync function queryByRecipientAndSchema(\n easContractAddress: Hex,\n provider: never,\n recipient: string,\n schemas: Hex[],\n fromBlock: number\n): Promise<AttestationQueryResult[]> {\n const contract = new Contract(easContractAddress, EAS_EVENT_ABI, provider);\n const filter = contract.filters.Attested(recipient, null);\n\n const toBlock = await (\n provider as unknown as { getBlockNumber: () => Promise<number> }\n ).getBlockNumber();\n\n let events;\n try {\n events = await contract.queryFilter(filter, fromBlock, toBlock);\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to query attestation events\", { err });\n }\n\n const eas = new EAS(easContractAddress);\n eas.connect(provider);\n\n const schemaFilter = schemas.map((s) => s.toLowerCase());\n const results: AttestationQueryResult[] = [];\n\n for (const event of events) {\n if (!(\"args\" in event) || !Array.isArray(event.args)) continue;\n const args = event.args as unknown[];\n const uid = args?.[2] as Hex | undefined;\n const schemaUid = args?.[3] as Hex | undefined;\n\n if (!uid || !schemaUid) continue;\n if (!schemaFilter.includes(schemaUid.toLowerCase())) continue;\n\n const attestation = (await eas.getAttestation(uid)) as unknown as Record<string, unknown> | null;\n if (!attestation || !attestation.uid) continue;\n\n // Decode attestation data — try controller-witness schema first, then key-binding\n let data: Record<string, unknown> = {};\n const rawData = attestation.data as Hex | undefined;\n if (rawData && rawData !== \"0x\") {\n try {\n data = decodeAttestationData(\n \"string subject, string controller, string method\",\n rawData\n );\n } catch {\n try {\n data = decodeAttestationData(\n \"string subject, string keyId, string publicKeyJwk, string[] keyPurpose, string[] proofs, uint256 issuedAt, uint256 effectiveAt, uint256 expiresAt\",\n rawData\n );\n } catch {\n // Leave data empty — unknown schema format\n }\n }\n }\n\n const toBigIntSafe = (value: unknown): bigint => {\n if (typeof value === \"bigint\") return value;\n if (typeof value === \"number\") return BigInt(value);\n if (typeof value === \"string\" && value.length > 0) return BigInt(value);\n return 0n;\n };\n\n results.push({\n uid: attestation.uid as Hex,\n schema: attestation.schema as Hex,\n attester: attestation.attester as Hex,\n recipient: attestation.recipient as Hex,\n revocable: Boolean(attestation.revocable),\n revocationTime: toBigIntSafe(attestation.revocationTime),\n expirationTime: toBigIntSafe(attestation.expirationTime),\n time: toBigIntSafe(attestation.time),\n refUID: attestation.refUID as Hex,\n data,\n });\n }\n\n return results;\n}\n\n/**\n * Find the key binding attestation that includes a transfer proof for this controller.\n */\nasync function findKeyBindingWithTransferProof(\n keyBindingSchemaUid: Hex,\n easContractAddress: Hex,\n provider: never,\n subjectAddress: string,\n controllerDid: string,\n controllerMethod: string | null,\n fromBlock: number\n): Promise<AttestationQueryResult | null> {\n const keyBindings = await queryByRecipientAndSchema(\n easContractAddress,\n provider,\n subjectAddress,\n [keyBindingSchemaUid],\n fromBlock\n );\n\n // Find key bindings for this controller that have a proofTxHash in proofs\n const withProof = keyBindings\n .filter((att) => {\n if (!controllerMatchesKeyBinding(att, controllerDid, controllerMethod)) return false;\n // Check if proofs contain a transaction hash\n const proofs = att.data?.proofs;\n if (Array.isArray(proofs)) {\n return proofs.some((p) => typeof p === \"string\" && /^0x[0-9a-fA-F]{64}$/.test(p));\n }\n return typeof att.data?.proofTxHash === \"string\";\n })\n .sort((a, b) => Number(b.time - a.time)); // newest first\n\n return withProof[0] ?? null;\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { Hex, TxInteractionProof } from \"../types\";\n\nexport function createTxInteractionProof(chainId: number, txHash: Hex): TxInteractionProof {\n if (!/^0x[0-9a-fA-F]{64}$/.test(txHash)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"txHash must be a 32-byte hex string\", { txHash });\n }\n\n return {\n proofType: \"tx-interaction\",\n proofPurpose: \"commercial-tx\",\n proofObject: {\n chainId: `eip155:${chainId}`,\n txHash\n },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","import { hexlify, randomBytes } from \"ethers\";\nimport type { Hex, PopEip712Proof, ProofPurpose } from \"../types\";\nimport { OmaTrustError } from \"../../shared/errors\";\nimport { getOmaTrustProofEip712Types } from \"./eip712\";\n\nexport type CreatePopEip712ProofParams = {\n signer: string;\n authorizedEntity: string;\n signingPurpose: ProofPurpose;\n chainId: number;\n creationTimestamp?: number;\n expirationTimestamp?: number;\n randomValue?: Hex;\n statement?: string;\n};\n\nexport async function createPopEip712Proof(\n params: CreatePopEip712ProofParams,\n signFn: (typedData: Record<string, unknown>) => Promise<Hex>\n): Promise<PopEip712Proof> {\n if (!params.signer || !params.authorizedEntity) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"signer and authorizedEntity are required\", { params });\n }\n\n const now = Math.floor(Date.now() / 1000);\n const creationTimestamp = params.creationTimestamp ?? now;\n const expirationTimestamp = params.expirationTimestamp ?? now + 600;\n const randomValue = params.randomValue ?? (hexlify(randomBytes(32)) as Hex);\n\n const message = {\n signer: params.signer,\n authorizedEntity: params.authorizedEntity,\n signingPurpose: params.signingPurpose,\n creationTimestamp,\n expirationTimestamp,\n randomValue,\n statement: params.statement ?? \"This is not a transaction or asset approval.\"\n };\n\n const { types, primaryType } = getOmaTrustProofEip712Types();\n const typedData = {\n domain: {\n name: \"OMATrust Proof\",\n version: \"1\",\n chainId: params.chainId\n },\n types,\n primaryType,\n message\n };\n\n const signature = await signFn(typedData);\n\n return {\n proofType: \"pop-eip712\",\n proofObject: {\n domain: typedData.domain,\n message,\n signature\n },\n version: 1,\n issuedAt: creationTimestamp,\n expiresAt: expirationTimestamp\n };\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { Did, PopJwsProof, ProofPurpose } from \"../types\";\n\nexport type CreatePopJwsProofParams = {\n issuer: Did;\n audience: Did;\n purpose: ProofPurpose;\n issuedAt?: number;\n expiresAt?: number;\n nonce?: string;\n};\n\nexport async function createPopJwsProof(\n params: CreatePopJwsProofParams,\n signFn: (\n payload: Record<string, unknown>,\n header: Record<string, unknown>\n ) => Promise<string>\n): Promise<PopJwsProof> {\n if (!params.issuer || !params.audience) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"issuer and audience are required\", { params });\n }\n\n const now = Math.floor(Date.now() / 1000);\n const payload = {\n iss: params.issuer,\n aud: params.audience,\n purpose: params.purpose,\n iat: params.issuedAt ?? now,\n exp: params.expiresAt ?? now + 600,\n nonce:\n params.nonce ??\n (globalThis.crypto?.randomUUID ? globalThis.crypto.randomUUID() : `${Date.now()}-${Math.random()}`)\n };\n\n const header = {\n typ: \"JWT\",\n alg: \"ES256K\"\n };\n\n const jws = await signFn(payload, header);\n\n return {\n proofType: \"pop-jws\",\n proofObject: jws,\n proofPurpose: params.purpose,\n version: 1,\n issuedAt: payload.iat,\n expiresAt: payload.exp\n };\n}\n","import type { X402OfferProof, X402ReceiptProof } from \"../types\";\n\nexport function createX402ReceiptProof(receipt: Record<string, unknown>): X402ReceiptProof {\n return {\n proofType: \"x402-receipt\",\n proofPurpose: \"commercial-tx\",\n proofObject: receipt,\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n\nexport function createX402OfferProof(offer: Record<string, unknown>): X402OfferProof {\n return {\n proofType: \"x402-offer\",\n proofPurpose: \"commercial-tx\",\n proofObject: offer,\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","/**\n * Unified x402 Artifact Verification\n *\n * Auto-detects format (JWS or EIP-712) and artifact type (offer or receipt),\n * then delegates to the appropriate verifier.\n *\n * This is the recommended entry point for callers who receive an x402 artifact\n * and don't want to branch on format themselves.\n */\n\nimport {\n verifyX402JwsOffer,\n verifyX402JwsReceipt,\n verifyX402JwsArtifact,\n type X402JwsArtifact,\n type X402JwsVerifyOptions,\n} from \"./x402-jws\";\nimport {\n verifyX402Eip712Offer,\n verifyX402Eip712Receipt,\n type X402Eip712Artifact,\n type Eip712VerificationResult,\n type Eip712VerificationFailure,\n} from \"./x402-eip712\";\nimport type {\n JwsVerificationResult,\n JwsVerificationFailure,\n} from \"../../identity/types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Any x402 artifact envelope (JWS or EIP-712) */\nexport type X402Artifact = X402JwsArtifact | X402Eip712Artifact | { format: string; [key: string]: unknown };\n\n/** Options for unified x402 verification */\nexport interface VerifyX402Options {\n /**\n * Artifact type: \"offer\" or \"receipt\".\n * Required so the verifier knows which payload fields to validate.\n */\n artifactType: \"offer\" | \"receipt\";\n\n /**\n * Options for JWS DID URL key resolution (only used for JWS format with kid).\n */\n resolveOptions?: X402JwsVerifyOptions[\"resolveOptions\"];\n}\n\n/** Successful result from unified verification */\nexport type X402VerificationSuccess = JwsVerificationResult | Eip712VerificationResult;\n\n/** Failed result from unified verification */\nexport type X402VerificationFailure = JwsVerificationFailure | Eip712VerificationFailure;\n\n/** Result from unified verification */\nexport type X402VerificationResult = X402VerificationSuccess | X402VerificationFailure;\n\n// ---------------------------------------------------------------------------\n// Unified Verification\n// ---------------------------------------------------------------------------\n\n/**\n * Verify an x402 artifact, auto-detecting format (JWS or EIP-712).\n *\n * This is the recommended single entry point for x402 verification.\n * It inspects the `format` field and delegates to the appropriate verifier.\n *\n * @param artifact - The x402 artifact object (must have a `format` field)\n * @param options - Must specify `artifactType` (\"offer\" or \"receipt\")\n * @returns Verification result (success or failure, format-specific)\n *\n * @example\n * ```ts\n * const result = await verifyX402Artifact(receiptFromServer, { artifactType: \"receipt\" });\n * if (result.valid) {\n * // JWS: result.publicKeyDid is the did:jwk for authorization\n * // EIP-712: result.signer is the recovered address\n * }\n * ```\n */\nexport async function verifyX402Artifact(\n artifact: X402Artifact,\n options: VerifyX402Options\n): Promise<X402VerificationResult> {\n if (!artifact || typeof artifact !== \"object\") {\n return {\n valid: false,\n error: { code: \"INVALID_ARTIFACT\", message: \"Artifact must be a non-null object\" },\n };\n }\n\n const format = (artifact as Record<string, unknown>).format;\n\n switch (format) {\n case \"jws\": {\n const jwsArtifact = artifact as X402JwsArtifact;\n const jwsOptions: X402JwsVerifyOptions | undefined = options.resolveOptions\n ? { resolveOptions: options.resolveOptions }\n : undefined;\n\n if (options.artifactType === \"offer\") {\n return verifyX402JwsOffer(jwsArtifact, jwsOptions);\n }\n return verifyX402JwsReceipt(jwsArtifact, jwsOptions);\n }\n\n case \"eip712\": {\n const eip712Artifact = artifact as X402Eip712Artifact;\n if (options.artifactType === \"offer\") {\n return verifyX402Eip712Offer(eip712Artifact);\n }\n return verifyX402Eip712Receipt(eip712Artifact);\n }\n\n default:\n return {\n valid: false,\n error: {\n code: \"UNSUPPORTED_FORMAT\",\n message: `Unsupported x402 artifact format: \"${format}\"`,\n },\n };\n }\n}\n","import { OmaTrustError } from \"../../shared/errors\";\nimport type { EvidencePointerProof } from \"../types\";\n\nexport function createEvidencePointerProof(url: string): EvidencePointerProof {\n if (!url || typeof url !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"url must be a non-empty string\", { url });\n }\n\n return {\n proofType: \"evidence-pointer\",\n proofPurpose: \"shared-control\",\n proofObject: { url },\n version: 1,\n issuedAt: Math.floor(Date.now() / 1000)\n };\n}\n","import { resolveTxt } from \"node:dns/promises\";\nimport {\n verifyDnsTxtControllerDid as verifyShared,\n type VerifyDnsTxtControllerDidOptions,\n} from \"./dns-txt-shared\";\nimport type { Did } from \"../types\";\n\nexport { parseDnsTxtRecord, buildDnsTxtRecord } from \"./dns-txt-record\";\nexport type { DnsTxtRecordResult } from \"./dns-txt-record\";\nexport type { VerifyDnsTxtControllerDidOptions };\n\nexport function verifyDnsTxtControllerDid(\n domain: string,\n expectedControllerDid: Did,\n options: VerifyDnsTxtControllerDidOptions = {}\n) {\n return verifyShared(domain, expectedControllerDid, {\n ...options,\n resolveTxt: options.resolveTxt ?? resolveTxt,\n });\n}\n","import {\n getAddress,\n isAddress\n} from \"ethers\";\nimport {\n buildEvmDidPkh,\n extractDidMethod,\n getAddressFromDidPkh,\n getChainIdFromDidPkh,\n getDomainFromDidWeb,\n isEvmDidPkh,\n normalizeDid\n} from \"../identity/did\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { Did, Hex } from \"./types\";\nimport { verifyDidJsonControllerDid } from \"./proof/did-json\";\nimport {\n verifyDnsTxtControllerDid,\n type VerifyDnsTxtControllerDidOptions\n} from \"./proof/dns-txt-shared\";\nimport { calculateTransferAmount } from \"./proof/tx-encoded-value\";\nimport {\n discoverContractOwner,\n discoverControllingWalletDid,\n readOwnerFromContract,\n OWNERSHIP_PATTERNS,\n EIP1967_ADMIN_SLOT,\n type ContractOwnershipProvider\n} from \"./contract-ownership\";\n\nexport type SubjectOwnershipVerificationMethod =\n | \"dns\"\n | \"did-document\"\n | \"wallet\"\n | \"contract\"\n | \"minting-wallet\"\n | \"transfer\";\n\nexport interface SubjectOwnershipVerificationResult {\n valid: boolean;\n method?: SubjectOwnershipVerificationMethod;\n reason?: string;\n details?: string;\n subjectDid: Did;\n connectedWalletDid: Did;\n controllingWalletDid?: Did;\n}\n\nexport interface EvmOwnershipProvider extends ContractOwnershipProvider {\n getTransactionReceipt(hash: string): Promise<{\n blockNumber: number;\n } | null>;\n getBlockNumber(): Promise<number>;\n getBlock(blockNumber: number): Promise<{ timestamp: number } | null>;\n}\n\nexport interface VerifyDidWebOwnershipParams extends VerifyDnsTxtControllerDidOptions {\n subjectDid: Did;\n connectedWalletDid: Did;\n fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;\n}\n\nexport interface VerifyDidPkhOwnershipParams {\n subjectDid: Did;\n connectedWalletDid: Did;\n provider: EvmOwnershipProvider;\n txHash?: Hex | string;\n}\n\nexport type VerifySubjectOwnershipParams =\n | VerifyDidWebOwnershipParams\n | (VerifyDidPkhOwnershipParams & VerifyDnsTxtControllerDidOptions);\n\nfunction assertConnectedWalletDid(input: string): Did {\n const normalized = normalizeDid(input);\n if (extractDidMethod(normalized) !== \"pkh\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"connectedWalletDid must be a did:pkh DID\", {\n connectedWalletDid: input\n });\n }\n return normalized;\n}\n\nfunction normalizeSubjectDid(input: string): Did {\n return normalizeDid(input);\n}\n\nexport async function verifyDidWebOwnership(\n params: VerifyDidWebOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const connectedWalletDid = assertConnectedWalletDid(params.connectedWalletDid);\n const domain = getDomainFromDidWeb(subjectDid);\n\n if (!domain) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"subjectDid must be a did:web DID\", {\n subjectDid: params.subjectDid\n });\n }\n\n let dnsReason: string | undefined;\n try {\n const dnsResult = await verifyDnsTxtControllerDid(domain, connectedWalletDid, {\n resolveTxt: params.resolveTxt,\n recordPrefix: params.recordPrefix\n });\n if (dnsResult.valid) {\n return {\n valid: true,\n method: \"dns\",\n details: `Verified via DNS TXT record at ${(params.recordPrefix ?? \"_controllers\")}.${domain}`,\n subjectDid,\n connectedWalletDid\n };\n }\n dnsReason = dnsResult.reason;\n } catch (error) {\n dnsReason = error instanceof Error ? error.message : \"DNS TXT verification failed\";\n }\n\n let didDocReason: string | undefined;\n try {\n const didDocumentResult = await verifyDidJsonControllerDid(domain, connectedWalletDid, {\n fetchDidDocument: params.fetchDidDocument\n });\n if (didDocumentResult.valid) {\n return {\n valid: true,\n method: \"did-document\",\n details: `Verified via DID document at https://${domain}/.well-known/did.json`,\n subjectDid,\n connectedWalletDid\n };\n }\n didDocReason = didDocumentResult.reason;\n } catch (error) {\n didDocReason = error instanceof Error ? error.message : \"DID document verification failed\";\n }\n\n return {\n valid: false,\n reason: \"DID ownership verification failed\",\n details: `DNS check: ${dnsReason ?? \"failed\"}. DID document check: ${didDocReason ?? \"failed\"}.`,\n subjectDid,\n connectedWalletDid\n };\n}\n\nexport async function verifyDidPkhOwnership(\n params: VerifyDidPkhOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const connectedWalletDid = assertConnectedWalletDid(params.connectedWalletDid);\n\n if (!isEvmDidPkh(subjectDid)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"subjectDid must be an EVM did:pkh DID\", {\n subjectDid: params.subjectDid\n });\n }\n\n const subjectAddress = getAddressFromDidPkh(subjectDid);\n const connectedWalletAddress = getAddressFromDidPkh(connectedWalletDid);\n const chainIdRaw = getChainIdFromDidPkh(subjectDid);\n\n if (!subjectAddress || !connectedWalletAddress || !chainIdRaw) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Could not parse did:pkh ownership inputs\", {\n subjectDid: params.subjectDid,\n connectedWalletDid: params.connectedWalletDid\n });\n }\n\n const chainId = Number(chainIdRaw);\n if (!Number.isFinite(chainId)) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid chain id in subjectDid\", {\n subjectDid: params.subjectDid\n });\n }\n\n const code = await params.provider.getCode(subjectAddress);\n const isContract = code !== \"0x\" && code !== \"0x0\";\n\n if (!isContract) {\n if (getAddress(subjectAddress) === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"wallet\",\n details: \"Verified direct wallet ownership from matching did:pkh subject and connected wallet\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n return {\n valid: false,\n reason: \"EOA did:pkh subject does not match connected wallet\",\n details: \"For direct wallet did:pkh subjects, connectedWalletDid must match the subject DID.\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n const controllingWalletDid = await discoverControllingWalletDid(params.provider, subjectAddress, chainId);\n\n if (params.txHash) {\n if (!controllingWalletDid) {\n return {\n valid: false,\n reason: \"Could not discover controlling wallet\",\n details:\n \"Contract does not expose owner/admin/getOwner or a readable EIP-1967 admin slot for transfer verification.\",\n subjectDid,\n connectedWalletDid\n };\n }\n\n const tx = await params.provider.getTransaction(params.txHash);\n if (!tx) {\n return {\n valid: false,\n reason: \"Transaction not found\",\n details: `Transaction ${params.txHash} was not found on chain ${chainId}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const receipt = await params.provider.getTransactionReceipt(params.txHash);\n if (!receipt) {\n return {\n valid: false,\n reason: \"Transaction not confirmed\",\n details: \"Transaction exists but is not yet confirmed.\",\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const controllingWalletAddress = getAddressFromDidPkh(controllingWalletDid);\n if (!tx.from || !controllingWalletAddress || getAddress(tx.from) !== getAddress(controllingWalletAddress)) {\n return {\n valid: false,\n reason: \"Wrong sender\",\n details: `Transfer must originate from controlling wallet ${controllingWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n if (!tx.to || getAddress(tx.to) !== getAddress(connectedWalletAddress)) {\n return {\n valid: false,\n reason: \"Wrong recipient\",\n details: `Transfer must be sent to connected wallet ${connectedWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n const expectedAmount = calculateTransferAmount(\n subjectDid,\n connectedWalletDid,\n chainId,\n \"shared-control\"\n );\n const actualValue = BigInt(tx.value ?? 0n);\n\n if (actualValue !== expectedAmount) {\n return {\n valid: false,\n reason: \"Wrong amount\",\n details: `Transfer amount ${actualValue.toString()} does not match expected proof amount ${expectedAmount.toString()}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n await params.provider.getBlockNumber();\n await params.provider.getBlock(receipt.blockNumber);\n\n return {\n valid: true,\n method: \"transfer\",\n details: `Verified via transfer proof ${params.txHash}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n for (const pattern of OWNERSHIP_PATTERNS) {\n const ownerAddress = await readOwnerFromContract(\n params.provider,\n subjectAddress,\n pattern.signature,\n pattern.method\n );\n\n if (ownerAddress && getAddress(ownerAddress) === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"contract\",\n details: `Verified via ${pattern.method}() ownership check.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? undefined\n };\n }\n }\n\n try {\n const adminValue = await params.provider.getStorage(subjectAddress, EIP1967_ADMIN_SLOT);\n if (\n adminValue &&\n adminValue !== \"0x\" &&\n adminValue !== \"0x0000000000000000000000000000000000000000000000000000000000000000\"\n ) {\n const adminAddress = getAddress(`0x${adminValue.slice(-40)}`);\n if (adminAddress === getAddress(connectedWalletAddress)) {\n return {\n valid: true,\n method: \"contract\",\n details: \"Verified via EIP-1967 admin slot.\",\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? buildEvmDidPkh(chainId, adminAddress)\n };\n }\n }\n } catch {\n // ignore; final fallback below returns a stable invalid result\n }\n\n if (\n getAddress(subjectAddress) === getAddress(connectedWalletAddress) &&\n controllingWalletDid\n ) {\n return {\n valid: true,\n method: \"minting-wallet\",\n details: `Verified because connected wallet matches the contract DID address. Controlling wallet is ${controllingWalletDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid\n };\n }\n\n return {\n valid: false,\n reason: \"Contract ownership verification failed\",\n details:\n controllingWalletDid\n ? `Connected wallet ${connectedWalletDid} does not match the controlling wallet ${controllingWalletDid} or the subject contract address ${subjectDid}.`\n : `Could not match connected wallet ${connectedWalletDid} to contract ownership for ${subjectDid}.`,\n subjectDid,\n connectedWalletDid,\n controllingWalletDid: controllingWalletDid ?? undefined\n };\n}\n\nexport async function verifySubjectOwnership(\n params: VerifySubjectOwnershipParams\n): Promise<SubjectOwnershipVerificationResult> {\n const subjectDid = normalizeSubjectDid(params.subjectDid);\n const method = extractDidMethod(subjectDid);\n\n if (method === \"web\") {\n return verifyDidWebOwnership(params as VerifyDidWebOwnershipParams);\n }\n\n if (method === \"pkh\") {\n const didPkhParams = params as VerifyDidPkhOwnershipParams;\n if (!didPkhParams.provider) {\n throw new OmaTrustError(\n \"INVALID_INPUT\",\n \"provider is required for did:pkh ownership verification\",\n { subjectDid }\n );\n }\n return verifyDidPkhOwnership(didPkhParams);\n }\n\n throw new OmaTrustError(\"INVALID_INPUT\", \"Unsupported DID type for ownership verification\", {\n subjectDid\n });\n}\n","/**\n * Schema-Aware Proof Verification\n *\n * Provides higher-level proof verification that understands attestation schema semantics.\n * Unlike the generic verifyProof() which validates proof structure and signatures,\n * these functions verify that proof signers match the claimed identities in the attestation.\n *\n * - verifyLinkedIdentifierProofs: Verifies that proofs demonstrate shared control\n * between subject and linkedId\n * - verifyKeyBindingProofs: Verifies that proofs demonstrate the subject authorized\n * the keyId binding\n */\n\nimport { getAddress } from \"ethers\";\nimport { extractAddressFromDid, extractDidMethod } from \"../identity/did\";\nimport { didJwkToJwk, publicJwkEquals } from \"../identity/jwk\";\nimport { verifyEip712Signature } from \"./proof/eip712\";\nimport { OmaTrustError } from \"../shared/errors\";\nimport type { ProofWrapper, PopEip712Proof, PopJwsProof, Did } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Attestation data for a Linked Identifier schema */\nexport interface LinkedIdentifierData {\n subject: Did;\n linkedId: Did;\n proofs: ProofWrapper[];\n attester?: string;\n}\n\n/** Attestation data for a Key Binding schema */\nexport interface KeyBindingData {\n subject: Did;\n keyId: Did;\n publicKeyJwk?: Record<string, unknown>;\n proofs: ProofWrapper[];\n attester?: string;\n}\n\n/** Result of schema-aware proof verification */\nexport interface SchemaProofVerificationResult {\n /** Whether all required proof checks passed */\n valid: boolean;\n /** Individual check results */\n checks: SchemaProofCheck[];\n /** Human-readable reasons for any failures */\n reasons: string[];\n}\n\n/** Individual proof check result */\nexport interface SchemaProofCheck {\n /** Which proof (by index) was checked */\n proofIndex: number;\n /** The proof type */\n proofType: string;\n /** What the check verified */\n checkType: \"signer-is-subject\" | \"signer-is-linkedId\" | \"signer-is-keyId\" | \"signer-is-subject-for-key\";\n /** Whether this check passed */\n valid: boolean;\n /** Failure reason if not valid */\n reason?: string;\n}\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Extract the signer identity from a pop-eip712 proof.\n * Recovers the signer address from the EIP-712 signature.\n */\nfunction extractEip712Signer(proof: PopEip712Proof): string | null {\n const { domain, message, signature } = proof.proofObject;\n\n const typedData = {\n domain,\n types: {\n OmaTrustProof: [\n { name: \"signer\", type: \"address\" },\n { name: \"authorizedEntity\", type: \"string\" },\n { name: \"signingPurpose\", type: \"string\" },\n { name: \"creationTimestamp\", type: \"uint256\" },\n { name: \"expirationTimestamp\", type: \"uint256\" },\n { name: \"randomValue\", type: \"bytes32\" },\n { name: \"statement\", type: \"string\" },\n ],\n },\n message,\n };\n\n try {\n const result = verifyEip712Signature(typedData, signature);\n return result.valid && result.signer ? result.signer : null;\n } catch (err) {\n console.warn(\"[omatrust] EIP-712 signer extraction failed:\", err);\n return null;\n }\n}\n\n/**\n * Extract the JWK from a pop-jws proof header.\n * Decodes the JWS header to get the embedded public key.\n */\nfunction extractJwsHeaderJwk(proof: PopJwsProof): Record<string, unknown> | null {\n const jws = proof.proofObject;\n if (typeof jws !== \"string\") return null;\n\n const parts = jws.split(\".\");\n if (parts.length !== 3) return null;\n\n try {\n const headerB64 = parts[0].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = headerB64.padEnd(\n headerB64.length + ((4 - (headerB64.length % 4)) % 4),\n \"=\"\n );\n let headerJson: string;\n if (typeof atob === \"function\") {\n headerJson = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n headerJson = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n const header = JSON.parse(headerJson) as Record<string, unknown>;\n return (header.jwk as Record<string, unknown>) ?? null;\n } catch {\n return null;\n }\n}\n\n/**\n * Extract the JWS payload claims.\n */\nfunction extractJwsPayload(proof: PopJwsProof): Record<string, unknown> | null {\n const jws = proof.proofObject;\n if (typeof jws !== \"string\") return null;\n\n const parts = jws.split(\".\");\n if (parts.length !== 3) return null;\n\n try {\n const payloadB64 = parts[1].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = payloadB64.padEnd(\n payloadB64.length + ((4 - (payloadB64.length % 4)) % 4),\n \"=\"\n );\n let payloadJson: string;\n if (typeof atob === \"function\") {\n payloadJson = decodeURIComponent(\n Array.from(atob(padded))\n .map((char) => `%${char.charCodeAt(0).toString(16).padStart(2, \"0\")}`)\n .join(\"\")\n );\n } else {\n payloadJson = Buffer.from(padded, \"base64\").toString(\"utf8\");\n }\n return JSON.parse(payloadJson) as Record<string, unknown>;\n } catch {\n return null;\n }\n}\n\n/**\n * Check if a signer address matches a DID.\n * Supports did:pkh (EVM) and did:ethr.\n */\nfunction signerMatchesDid(signerAddress: string, did: Did): boolean {\n try {\n const didAddress = extractAddressFromDid(did);\n return getAddress(signerAddress).toLowerCase() === getAddress(didAddress).toLowerCase();\n } catch {\n return false;\n }\n}\n\n/**\n * Check if a JWK matches a did:jwk or did:key DID.\n */\nfunction jwkMatchesDid(jwk: Record<string, unknown>, did: Did): boolean {\n const method = extractDidMethod(did);\n\n if (method === \"jwk\") {\n try {\n const didJwk = didJwkToJwk(did);\n return publicJwkEquals(jwk, didJwk);\n } catch {\n return false;\n }\n }\n\n // For other methods, can't match by JWK\n return false;\n}\n\n/**\n * Determine if a proof's signer matches a given DID.\n * Works across proof types (pop-eip712, pop-jws).\n */\nfunction proofSignerMatchesDid(proof: ProofWrapper, did: Did): boolean {\n switch (proof.proofType) {\n case \"pop-eip712\": {\n const signer = extractEip712Signer(proof as PopEip712Proof);\n if (!signer) return false;\n return signerMatchesDid(signer, did);\n }\n\n case \"pop-jws\": {\n const jwsProof = proof as PopJwsProof;\n const jwk = extractJwsHeaderJwk(jwsProof);\n\n // Check if the JWK in the header matches the DID\n if (jwk && jwkMatchesDid(jwk, did)) return true;\n\n // Also check the iss claim in the payload\n const payload = extractJwsPayload(jwsProof);\n if (payload && typeof payload.iss === \"string\") {\n // If iss matches the target DID, the proof is from that identity\n if (payload.iss === did) return true;\n }\n\n return false;\n }\n\n case \"tx-encoded-value\":\n case \"tx-interaction\":\n // Transaction proofs: the tx sender is the signer — would need on-chain lookup\n // These are validated separately by verifyProof with provider\n return false;\n\n case \"evidence-pointer\":\n // Evidence pointers don't have a cryptographic signer — they're URL-based\n return false;\n\n default:\n return false;\n }\n}\n\n/**\n * Check the \"authorizedEntity\" (aud) field of a proof matches a DID.\n * For pop-eip712: message.authorizedEntity\n * For pop-jws: payload.aud\n */\nfunction proofAuthorizedEntityMatchesDid(proof: ProofWrapper, did: Did): boolean {\n switch (proof.proofType) {\n case \"pop-eip712\": {\n const eip712 = proof as PopEip712Proof;\n const authorizedEntity = eip712.proofObject.message.authorizedEntity;\n return typeof authorizedEntity === \"string\" && authorizedEntity === did;\n }\n\n case \"pop-jws\": {\n const payload = extractJwsPayload(proof as PopJwsProof);\n if (!payload) return false;\n return typeof payload.aud === \"string\" && payload.aud === did;\n }\n\n default:\n return false;\n }\n}\n\n// ---------------------------------------------------------------------------\n// Schema-Aware Verification: Linked Identifier\n// ---------------------------------------------------------------------------\n\n/**\n * Verify proofs for a Linked Identifier attestation.\n *\n * A Linked Identifier attestation asserts that subject and linkedId are controlled\n * by the same entity. The proof semantics require:\n *\n * - At least one proof where the signer IS the subject (subject proves control)\n * - At least one proof where the signer IS the linkedId (linkedId proves control)\n *\n * OR (for non-signer identities like handles):\n * - Evidence-pointer proofs at locations controlled by the identity\n *\n * The combination demonstrates mutual agreement / shared control.\n *\n * @param data - The linked identifier attestation data\n * @returns Verification result with individual check details\n */\nexport function verifyLinkedIdentifierProofs(\n data: LinkedIdentifierData\n): SchemaProofVerificationResult {\n if (!data.subject || !data.linkedId) {\n return {\n valid: false,\n checks: [],\n reasons: [\"subject and linkedId are required\"],\n };\n }\n\n if (!Array.isArray(data.proofs) || data.proofs.length === 0) {\n return {\n valid: false,\n checks: [],\n reasons: [\"At least one proof is required\"],\n };\n }\n\n const checks: SchemaProofCheck[] = [];\n let subjectProved = false;\n let linkedIdProved = false;\n\n for (let i = 0; i < data.proofs.length; i++) {\n const proof = data.proofs[i];\n\n // Check if this proof's signer is the subject\n if (proofSignerMatchesDid(proof, data.subject)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: true,\n });\n subjectProved = true;\n\n // Also verify the aud/authorizedEntity matches linkedId\n if (!proofAuthorizedEntityMatchesDid(proof, data.linkedId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: false,\n reason: \"Proof from subject does not authorize linkedId (aud mismatch)\",\n });\n }\n }\n\n // Check if this proof's signer is the linkedId\n if (proofSignerMatchesDid(proof, data.linkedId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-linkedId\",\n valid: true,\n });\n linkedIdProved = true;\n\n // Also verify the aud/authorizedEntity matches subject\n if (!proofAuthorizedEntityMatchesDid(proof, data.subject)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-linkedId\",\n valid: false,\n reason: \"Proof from linkedId does not authorize subject (aud mismatch)\",\n });\n }\n }\n\n // Evidence pointers count for non-signer identities\n if (proof.proofType === \"evidence-pointer\") {\n // Evidence pointers prove control of the URL location.\n // We can't definitively map URL → DID without fetching, so we give partial credit.\n // Full verification of evidence-pointer proofs should be done with verifyProof().\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject\",\n valid: true,\n reason: \"Evidence pointer accepted (requires URL fetch for full verification)\",\n });\n subjectProved = true;\n }\n }\n\n const reasons: string[] = [];\n if (!subjectProved) {\n reasons.push(\"No proof demonstrates control by subject\");\n }\n if (!linkedIdProved) {\n reasons.push(\"No proof demonstrates control by linkedId\");\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Schema-Aware Verification: Key Binding\n// ---------------------------------------------------------------------------\n\n/**\n * Verify proofs for a Key Binding attestation.\n *\n * A Key Binding attestation asserts that the subject authorized a specific key (keyId).\n * The proof semantics require:\n *\n * - At least one proof where the signer IS the subject (subject authorized the binding)\n * AND the proof's authorizedEntity/aud references the keyId\n *\n * Optionally, if publicKeyJwk is provided:\n * - The proof's signer key material should match publicKeyJwk for did:jwk keyIds\n *\n * @param data - The key binding attestation data\n * @returns Verification result with individual check details\n */\nexport function verifyKeyBindingProofs(\n data: KeyBindingData\n): SchemaProofVerificationResult {\n if (!data.subject || !data.keyId) {\n return {\n valid: false,\n checks: [],\n reasons: [\"subject and keyId are required\"],\n };\n }\n\n if (!Array.isArray(data.proofs) || data.proofs.length === 0) {\n return {\n valid: false,\n checks: [],\n reasons: [\"At least one proof is required\"],\n };\n }\n\n const checks: SchemaProofCheck[] = [];\n let subjectAuthorizedKey = false;\n\n for (let i = 0; i < data.proofs.length; i++) {\n const proof = data.proofs[i];\n\n // Primary check: proof signer is the subject and authorizes the keyId\n if (proofSignerMatchesDid(proof, data.subject)) {\n const authorizesKey = proofAuthorizedEntityMatchesDid(proof, data.keyId);\n\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject-for-key\",\n valid: authorizesKey,\n reason: authorizesKey\n ? undefined\n : \"Proof signed by subject but does not authorize the keyId\",\n });\n\n if (authorizesKey) {\n subjectAuthorizedKey = true;\n }\n }\n\n // Secondary check: proof signer is the keyId itself (self-attestation)\n // This proves the key is active but doesn't prove authorization by subject\n if (proofSignerMatchesDid(proof, data.keyId)) {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-keyId\",\n valid: true,\n reason: \"Key proved possession (supplementary, not sufficient alone)\",\n });\n }\n\n // Evidence pointers\n if (proof.proofType === \"evidence-pointer\") {\n checks.push({\n proofIndex: i,\n proofType: proof.proofType,\n checkType: \"signer-is-subject-for-key\",\n valid: true,\n reason: \"Evidence pointer accepted (requires URL fetch for full verification)\",\n });\n subjectAuthorizedKey = true;\n }\n }\n\n // Additional JWK consistency check if publicKeyJwk is provided\n if (data.publicKeyJwk && extractDidMethod(data.keyId) === \"jwk\") {\n try {\n const keyIdJwk = didJwkToJwk(data.keyId);\n const jwkConsistent = publicJwkEquals(data.publicKeyJwk, keyIdJwk);\n if (!jwkConsistent) {\n return {\n valid: false,\n checks,\n reasons: [\"publicKeyJwk does not match the key material in keyId (did:jwk)\"],\n };\n }\n } catch {\n // Can't compare — not a blocking error\n }\n }\n\n const reasons: string[] = [];\n if (!subjectAuthorizedKey) {\n reasons.push(\n \"No proof demonstrates that subject authorized the key binding\"\n );\n }\n\n return {\n valid: reasons.length === 0,\n checks,\n reasons,\n };\n}\n","/**\n * Artifact Verification\n *\n * Implements Responsibility Claim verification for did:artifact subjects.\n * Extracted from the rep-attestation-frontend in Phase 2.\n *\n * These functions verify that a Responsibility Claim attestation was issued\n * by an authorized controller of the claimed responsible party, within a valid\n * time window, and for the correct artifact subject.\n */\n\nimport { parseArtifactDid } from \"../identity/artifact\";\nimport { decodeAttestationData } from \"./encode\";\nimport { listAttestations } from \"./query\";\nimport { verifyAttestation } from \"./verify\";\nimport { getControllerAuthorization } from \"./attester-authorization\";\nimport type {\n AttestationQueryResult,\n ControllerAuthorizationResult,\n Hex,\n VerifyAttestationResult,\n} from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport type VerifyResponsibilityClaimParams = {\n /** The attestation to verify */\n attestation: AttestationQueryResult;\n /** If provided, cross-check that the attestation subject matches this DID */\n artifactDid?: string;\n /** ethers v6 Provider for on-chain reads */\n provider: unknown;\n /** EAS contract address */\n easContractAddress?: Hex;\n /** CAIP-2 chain identifier (e.g. \"eip155:6623\") */\n chain?: string;\n /** Chain ID as a number — used to derive the controller DID from the attester address */\n chainId: number;\n /** The EAS schema string for the Responsibility Claim schema */\n responsibilityClaimSchemaString: string;\n};\n\nexport type VerifyResponsibilityClaimResult = {\n valid: boolean;\n responsibleParty: string;\n controllerDid: string;\n responsibilityTypes: string[];\n subjectLabel?: string;\n authorization: ControllerAuthorizationResult | null;\n checks: {\n schemaValid: boolean;\n subjectMatches: boolean;\n notRevoked: boolean;\n currentlyEffective: boolean;\n controllerAuthorized: boolean;\n issuedDuringAuthorizationWindow: boolean;\n };\n reasons: string[];\n};\n\nexport type GetVerifiedArtifactAttestationsParams = {\n /** The did:artifact to query */\n artifactDid: string;\n /** ethers v6 Provider for on-chain reads */\n provider: unknown;\n /** EAS contract address */\n easContractAddress: Hex;\n /** CAIP-2 chain identifier (e.g. \"eip155:6623\") */\n chain?: string;\n /** Chain ID as a number */\n chainId: number;\n /** Schema UIDs to query for — all deployed schema UIDs on this chain */\n schemaUids: Hex[];\n /** The UID of the Responsibility Claim schema on this chain */\n responsibilityClaimSchemaUid: Hex;\n /** The EAS schema string for the Responsibility Claim schema */\n responsibilityClaimSchemaString: string;\n /** Optional schema UID for security-assessment attestations */\n securityAssessmentSchemaUid?: Hex;\n /** Optional schema UID for certification attestations */\n certificationSchemaUid?: Hex;\n /** Start block for event scanning */\n fromBlock?: number;\n /** Maximum number of attestations to retrieve */\n limit?: number;\n};\n\nexport type VerifiedArtifactAttestation = {\n attestation: AttestationQueryResult;\n verification?: VerifyAttestationResult;\n};\n\nexport type VerifiedResponsibilityClaim = {\n attestation: AttestationQueryResult;\n verification: VerifyResponsibilityClaimResult;\n};\n\nexport type GetVerifiedArtifactAttestationsResult = {\n artifactDid: string;\n responsibilityClaims: VerifiedResponsibilityClaim[];\n securityAssessments: VerifiedArtifactAttestation[];\n certifications: VerifiedArtifactAttestation[];\n otherAttestations: VerifiedArtifactAttestation[];\n};\n\nexport type IsArtifactClaimedByParams = {\n /** The did:artifact to check */\n artifactDid: string;\n /** The responsible party DID to check for */\n responsibleParty: string;\n /** ethers v6 Provider for on-chain reads */\n provider: unknown;\n /** EAS contract address */\n easContractAddress: Hex;\n /** CAIP-2 chain identifier */\n chain?: string;\n /** Chain ID as a number */\n chainId: number;\n /** Schema UIDs to query for */\n schemaUids: Hex[];\n /** The UID of the Responsibility Claim schema on this chain */\n responsibilityClaimSchemaUid: Hex;\n /** The EAS schema string for the Responsibility Claim schema */\n responsibilityClaimSchemaString: string;\n /** Optional schema UID for security-assessment attestations */\n securityAssessmentSchemaUid?: Hex;\n /** Optional schema UID for certification attestations */\n certificationSchemaUid?: Hex;\n /** Filter by specific responsibility types (e.g. [\"creator\", \"maintainer\"]) */\n responsibilityTypes?: string[];\n};\n\nexport type IsArtifactClaimedByResult = {\n claimed: boolean;\n claims: VerifiedResponsibilityClaim[];\n matchedResponsibilityTypes: string[];\n reasons: string[];\n};\n\n// ---------------------------------------------------------------------------\n// verifyResponsibilityClaim\n// ---------------------------------------------------------------------------\n\nexport async function verifyResponsibilityClaim(\n params: VerifyResponsibilityClaimParams\n): Promise<VerifyResponsibilityClaimResult> {\n const {\n attestation,\n artifactDid,\n provider,\n easContractAddress,\n chain,\n chainId,\n responsibilityClaimSchemaString,\n } = params;\n\n const reasons: string[] = [];\n const checks = {\n schemaValid: false,\n subjectMatches: false,\n notRevoked: false,\n currentlyEffective: false,\n controllerAuthorized: false,\n issuedDuringAuthorizationWindow: false,\n };\n\n // 1. Decode attestation data\n let decoded: Record<string, unknown>;\n try {\n if (attestation.raw) {\n decoded = decodeAttestationData(responsibilityClaimSchemaString, attestation.raw);\n } else if (attestation.data && typeof attestation.data === \"object\") {\n decoded = attestation.data as Record<string, unknown>;\n } else {\n reasons.push(\"No attestation data available to decode\");\n return buildFailedResult(checks, reasons);\n }\n } catch (err) {\n reasons.push(\n `Failed to decode attestation data: ${err instanceof Error ? err.message : \"unknown error\"}`\n );\n return buildFailedResult(checks, reasons);\n }\n\n // 2. Validate required fields\n const responsibleParty = decoded.responsibleParty as string | undefined;\n const subject = decoded.subject as string | undefined;\n const responsibilityType = decoded.responsibilityType as string[] | undefined;\n const issuedAt = decoded.issuedAt as bigint | number | undefined;\n const effectiveAt = decoded.effectiveAt as bigint | number | undefined;\n const expiresAt = decoded.expiresAt as bigint | number | undefined;\n const subjectLabel = decoded.subjectLabel as string | undefined;\n\n if (!responsibleParty || !subject || !responsibilityType || !issuedAt) {\n if (!responsibleParty) reasons.push(\"Missing required field: responsibleParty\");\n if (!subject) reasons.push(\"Missing required field: subject\");\n if (!responsibilityType) reasons.push(\"Missing required field: responsibilityType\");\n if (!issuedAt) reasons.push(\"Missing required field: issuedAt\");\n return buildFailedResult(checks, reasons, {\n responsibleParty,\n subject,\n subjectLabel,\n responsibilityType,\n });\n }\n\n if (!Array.isArray(responsibilityType) || responsibilityType.length === 0) {\n reasons.push(\"responsibilityType must be a non-empty array\");\n return buildFailedResult(checks, reasons, {\n responsibleParty,\n subject,\n subjectLabel,\n responsibilityType,\n });\n }\n\n checks.schemaValid = true;\n\n // 3. Subject match check\n if (artifactDid) {\n checks.subjectMatches = subject.toLowerCase() === artifactDid.toLowerCase();\n if (!checks.subjectMatches) {\n reasons.push(`Subject \"${subject}\" does not match expected artifact \"${artifactDid}\"`);\n }\n } else {\n // No cross-check requested\n checks.subjectMatches = true;\n }\n\n // 4. Revocation check\n checks.notRevoked = attestation.revocationTime === BigInt(0);\n if (!checks.notRevoked) {\n reasons.push(\"Attestation has been revoked\");\n }\n\n // 5. Effective/expiration date check\n const now = BigInt(Math.floor(Date.now() / 1000));\n const effectiveTime = toBigInt(effectiveAt);\n const expirationTime = toBigInt(expiresAt);\n\n const isEffective = effectiveTime === BigInt(0) || effectiveTime <= now;\n const isNotExpired = expirationTime === BigInt(0) || expirationTime > now;\n checks.currentlyEffective = isEffective && isNotExpired;\n\n if (!isEffective) {\n reasons.push(\"Attestation is not yet effective\");\n }\n if (!isNotExpired) {\n reasons.push(\"Attestation has expired\");\n }\n\n // 6. Derive controller DID from attester\n const controllerDid = `did:pkh:eip155:${chainId}:${attestation.attester.toLowerCase()}`;\n\n // 7. Controller authorization\n let authorization: ControllerAuthorizationResult | null = null;\n try {\n const resolvedChain = chain ?? `eip155:${chainId}`;\n authorization = await getControllerAuthorization({\n subjectDid: responsibleParty,\n controllerDid,\n provider,\n chain: resolvedChain,\n easContractAddress,\n });\n\n // 8. Check authorized\n checks.controllerAuthorized = authorization.authorized;\n if (!checks.controllerAuthorized) {\n reasons.push(`Controller ${controllerDid} is not authorized for ${responsibleParty}`);\n }\n\n // 9. Check issuedAt within authorization window\n if (authorization.authorized && authorization.anchoredFrom !== null) {\n const issuedAtBigInt = toBigInt(issuedAt);\n const afterStart = issuedAtBigInt >= authorization.anchoredFrom;\n const beforeEnd =\n authorization.until === null || issuedAtBigInt <= authorization.until;\n checks.issuedDuringAuthorizationWindow = afterStart && beforeEnd;\n\n if (!afterStart) {\n reasons.push(\"Attestation was issued before the authorization window started\");\n }\n if (!beforeEnd) {\n reasons.push(\"Attestation was issued after the authorization window ended\");\n }\n } else if (authorization.authorized && authorization.anchoredFrom === null) {\n // Authorization is live-only (DNS/did.json), no anchored window — accept\n checks.issuedDuringAuthorizationWindow = true;\n } else {\n // Not authorized — window check is moot\n checks.issuedDuringAuthorizationWindow = false;\n }\n } catch (err) {\n reasons.push(\n `Controller authorization check failed: ${err instanceof Error ? err.message : \"unknown error\"}`\n );\n checks.controllerAuthorized = false;\n checks.issuedDuringAuthorizationWindow = false;\n }\n\n const valid = Object.values(checks).every(Boolean);\n\n return {\n valid,\n responsibleParty,\n controllerDid,\n responsibilityTypes: responsibilityType,\n subjectLabel: subjectLabel || undefined,\n authorization,\n checks,\n reasons,\n };\n}\n\n// ---------------------------------------------------------------------------\n// getVerifiedArtifactAttestations\n// ---------------------------------------------------------------------------\n\nexport async function getVerifiedArtifactAttestations(\n params: GetVerifiedArtifactAttestationsParams\n): Promise<GetVerifiedArtifactAttestationsResult> {\n const {\n artifactDid,\n provider,\n easContractAddress,\n chain,\n chainId,\n schemaUids,\n responsibilityClaimSchemaUid,\n responsibilityClaimSchemaString,\n securityAssessmentSchemaUid,\n certificationSchemaUid,\n fromBlock,\n limit,\n } = params;\n\n // Validate did:artifact input\n parseArtifactDid(artifactDid); // throws if invalid\n\n if (schemaUids.length === 0) {\n return {\n artifactDid,\n responsibilityClaims: [],\n securityAssessments: [],\n certifications: [],\n otherAttestations: [],\n };\n }\n\n // Query all attestations for this artifact DID\n const results = await listAttestations({\n subjectDid: artifactDid,\n provider,\n easContractAddress,\n schemas: schemaUids,\n limit: limit ?? 100,\n fromBlock,\n });\n\n // Group by schema\n const responsibilityClaims: VerifiedResponsibilityClaim[] = [];\n const securityAssessments: VerifiedArtifactAttestation[] = [];\n const certifications: VerifiedArtifactAttestation[] = [];\n const otherAttestations: VerifiedArtifactAttestation[] = [];\n\n for (const att of results) {\n const schemaUidLower = att.schema.toLowerCase();\n\n if (schemaUidLower === responsibilityClaimSchemaUid.toLowerCase()) {\n // Verify responsibility claim\n const verification = await verifyResponsibilityClaim({\n attestation: att,\n artifactDid,\n provider,\n easContractAddress,\n chain,\n chainId,\n responsibilityClaimSchemaString,\n });\n responsibilityClaims.push({ attestation: att, verification });\n } else if (\n securityAssessmentSchemaUid &&\n schemaUidLower === securityAssessmentSchemaUid.toLowerCase()\n ) {\n const verification = await runStandardVerification(att, provider);\n securityAssessments.push({ attestation: att, verification });\n } else if (\n certificationSchemaUid &&\n schemaUidLower === certificationSchemaUid.toLowerCase()\n ) {\n const verification = await runStandardVerification(att, provider);\n certifications.push({ attestation: att, verification });\n } else {\n const verification = await runStandardVerification(att, provider);\n otherAttestations.push({ attestation: att, verification });\n }\n }\n\n return {\n artifactDid,\n responsibilityClaims,\n securityAssessments,\n certifications,\n otherAttestations,\n };\n}\n\n// ---------------------------------------------------------------------------\n// isArtifactClaimedBy\n// ---------------------------------------------------------------------------\n\nexport async function isArtifactClaimedBy(\n params: IsArtifactClaimedByParams\n): Promise<IsArtifactClaimedByResult> {\n const { artifactDid, responsibleParty, responsibilityTypes } = params;\n\n const result = await getVerifiedArtifactAttestations({\n artifactDid,\n provider: params.provider,\n easContractAddress: params.easContractAddress,\n chain: params.chain,\n chainId: params.chainId,\n schemaUids: params.schemaUids,\n responsibilityClaimSchemaUid: params.responsibilityClaimSchemaUid,\n responsibilityClaimSchemaString: params.responsibilityClaimSchemaString,\n securityAssessmentSchemaUid: params.securityAssessmentSchemaUid,\n certificationSchemaUid: params.certificationSchemaUid,\n });\n\n // Filter to claims from the specified responsible party\n const matchingClaims = result.responsibilityClaims.filter(\n (claim) =>\n claim.verification.responsibleParty.toLowerCase() ===\n responsibleParty.toLowerCase()\n );\n\n // Only include claims that passed verification\n const validClaims = matchingClaims.filter((claim) => claim.verification.valid);\n\n // Filter by responsibility types if specified\n let finalClaims = validClaims;\n let matchedTypes: string[] = [];\n\n if (responsibilityTypes && responsibilityTypes.length > 0) {\n finalClaims = validClaims.filter((claim) =>\n claim.verification.responsibilityTypes.some((t) =>\n responsibilityTypes.includes(t)\n )\n );\n matchedTypes = [\n ...new Set(\n finalClaims.flatMap((claim) =>\n claim.verification.responsibilityTypes.filter((t) =>\n responsibilityTypes.includes(t)\n )\n )\n ),\n ];\n } else {\n matchedTypes = [\n ...new Set(\n validClaims.flatMap((claim) => claim.verification.responsibilityTypes)\n ),\n ];\n }\n\n const reasons: string[] = [];\n if (finalClaims.length === 0) {\n if (matchingClaims.length === 0) {\n reasons.push(\n `No responsibility claims found from ${responsibleParty} for this artifact`\n );\n } else if (validClaims.length === 0) {\n reasons.push(\n `Claims from ${responsibleParty} exist but none passed verification`\n );\n } else if (responsibilityTypes) {\n reasons.push(\n `No claims matched the requested responsibility types: ${responsibilityTypes.join(\", \")}`\n );\n }\n }\n\n return {\n claimed: finalClaims.length > 0,\n claims: finalClaims,\n matchedResponsibilityTypes: matchedTypes,\n reasons,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\nfunction toBigInt(value: bigint | number | undefined): bigint {\n if (value === undefined || value === null) return BigInt(0);\n if (typeof value === \"bigint\") return value;\n return BigInt(value);\n}\n\nfunction buildFailedResult(\n checks: VerifyResponsibilityClaimResult[\"checks\"],\n reasons: string[],\n decoded?: {\n responsibleParty?: string;\n subject?: string;\n subjectLabel?: string;\n responsibilityType?: string[];\n }\n): VerifyResponsibilityClaimResult {\n return {\n valid: false,\n responsibleParty: decoded?.responsibleParty ?? \"\",\n controllerDid: \"\",\n responsibilityTypes: decoded?.responsibilityType ?? [],\n subjectLabel: decoded?.subjectLabel || undefined,\n authorization: null,\n checks,\n reasons,\n };\n}\n\nasync function runStandardVerification(\n attestation: AttestationQueryResult,\n provider: unknown\n): Promise<VerifyAttestationResult | undefined> {\n try {\n return await verifyAttestation({ attestation, provider });\n } catch {\n return undefined;\n }\n}\n","export * from \"./types\";\nexport * from \"./traits\";\nexport * from \"./interfaces\";\nexport * from \"./status\";\nexport * from \"./version\";\nexport * from \"./metadata-keys\";\nexport * from \"./data-hash\";\n","import { id } from \"ethers\";\nimport { assertString } from \"../shared/assert\";\n\ntype Hex = `0x${string}`;\n\nexport function hashTrait(trait: string): Hex {\n assertString(trait, \"trait\");\n return id(trait) as Hex;\n}\n\nexport function hashTraits(traits: string[]): Hex[] {\n if (!Array.isArray(traits)) {\n throw new TypeError(\"traits must be an array\");\n }\n return traits.map((trait) => hashTrait(trait));\n}\n","import type { InterfaceFlags, InterfaceType } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nconst BIT_HUMAN = 1;\nconst BIT_API = 2;\nconst BIT_CONTRACT = 4;\n\nexport function computeInterfacesBitmap(flags: InterfaceFlags): number {\n return (flags.human ? BIT_HUMAN : 0) +\n (flags.api ? BIT_API : 0) +\n (flags.smartContract ? BIT_CONTRACT : 0);\n}\n\nexport function parseBitmapToFlags(bitmap: number): InterfaceFlags {\n return {\n human: (bitmap & BIT_HUMAN) !== 0,\n api: (bitmap & BIT_API) !== 0,\n smartContract: (bitmap & BIT_CONTRACT) !== 0\n };\n}\n\nexport function hasInterface(bitmap: number, type: InterfaceType): boolean {\n switch (type) {\n case \"human\":\n return (bitmap & BIT_HUMAN) !== 0;\n case \"api\":\n return (bitmap & BIT_API) !== 0;\n case \"contract\":\n return (bitmap & BIT_CONTRACT) !== 0;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Unsupported interface type\", { type });\n }\n}\n\nexport function getInterfaceTypes(bitmap: number): InterfaceType[] {\n const results: InterfaceType[] = [];\n if (hasInterface(bitmap, \"human\")) {\n results.push(\"human\");\n }\n if (hasInterface(bitmap, \"api\")) {\n results.push(\"api\");\n }\n if (hasInterface(bitmap, \"contract\")) {\n results.push(\"contract\");\n }\n return results;\n}\n","import type { RegistryStatus } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nexport function registryCodeToStatus(code: number): RegistryStatus {\n switch (code) {\n case 0:\n return \"Active\";\n case 1:\n return \"Deprecated\";\n case 2:\n return \"Replaced\";\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid registry status code\", { code });\n }\n}\n\nexport function registryStatusToCode(status: RegistryStatus): number {\n switch (status) {\n case \"Active\":\n return 0;\n case \"Deprecated\":\n return 1;\n case \"Replaced\":\n return 2;\n default:\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid registry status\", { status });\n }\n}\n\nexport function isValidRegistryStatus(status: string): status is RegistryStatus {\n return status === \"Active\" || status === \"Deprecated\" || status === \"Replaced\";\n}\n","import type { Version } from \"./types\";\nimport { OmaTrustError } from \"../shared/errors\";\n\nexport function parseVersion(input: string): Version {\n const match = input.match(/^(\\d+)\\.(\\d+)\\.(\\d+)$/);\n if (!match) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Invalid semantic version\", { input });\n }\n\n return {\n major: Number(match[1]),\n minor: Number(match[2]),\n patch: Number(match[3])\n };\n}\n\nexport function formatVersion(version: Version): string {\n return `${version.major}.${version.minor}.${version.patch}`;\n}\n\nexport function compareVersions(a: Version, b: Version): -1 | 0 | 1 {\n if (a.major !== b.major) {\n return a.major < b.major ? -1 : 1;\n }\n if (a.minor !== b.minor) {\n return a.minor < b.minor ? -1 : 1;\n }\n if (a.patch !== b.patch) {\n return a.patch < b.patch ? -1 : 1;\n }\n return 0;\n}\n\nexport function isVersionGreater(a: Version, b: Version): boolean {\n return compareVersions(a, b) === 1;\n}\n\nexport function isVersionEqual(a: Version, b: Version): boolean {\n return compareVersions(a, b) === 0;\n}\n\nexport function getLatestVersion(history: Version[]): Version {\n if (history.length === 0) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Version history cannot be empty\");\n }\n\n return history.reduce((current, candidate) => {\n return compareVersions(candidate, current) === 1 ? candidate : current;\n });\n}\n","export const METADATA_KEY_DID = \"omat.did\";\nexport const METADATA_KEY_DID_HASH = \"omat.didHash\";\nexport const METADATA_KEY_DATA_HASH = \"omat.dataHash\";\nexport const METADATA_KEY_DATA_HASH_ALGORITHM = \"omat.dataHashAlgorithm\";\nexport const METADATA_KEY_STATUS = \"omat.status\";\nexport const METADATA_KEY_INTERFACES = \"omat.interfaces\";\nexport const METADATA_KEY_FUNGIBLE_TOKEN_ID = \"omat.fungibleTokenId\";\nexport const METADATA_KEY_CONTRACT_ID = \"omat.contractId\";\nexport const METADATA_KEY_VERSION_MAJOR = \"omat.versionMajor\";\nexport const METADATA_KEY_VERSION_MINOR = \"omat.versionMinor\";\nexport const METADATA_KEY_VERSION_PATCH = \"omat.versionPatch\";\nexport const METADATA_KEY_TRAIT_HASHES = \"omat.traitHashes\";\nexport const METADATA_KEY_METADATA_JSON = \"omat.metadataJson\";\n","import { keccak256, sha256, toUtf8Bytes } from \"ethers\";\nimport { canonicalizeJson } from \"../identity/data\";\nimport { OmaTrustError } from \"../shared/errors\";\n\ntype Hex = `0x${string}`;\nexport type DataHashAlgorithm = \"keccak256\" | \"sha256\";\n\nasync function fetchJson(url: string): Promise<unknown> {\n let response: Response;\n try {\n response = await fetch(url, { headers: { Accept: \"application/json\" } });\n } catch (err) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch data URL\", { url, err });\n }\n\n if (!response.ok) {\n throw new OmaTrustError(\"NETWORK_ERROR\", \"Failed to fetch data URL\", {\n url,\n status: response.status\n });\n }\n\n try {\n return await response.json();\n } catch (err) {\n throw new OmaTrustError(\"INVALID_INPUT\", \"Response body is not valid JSON\", { url, err });\n }\n}\n\nfunction hashJcs(jcsJson: string, algorithm: DataHashAlgorithm): Hex {\n const bytes = toUtf8Bytes(jcsJson);\n return (algorithm === \"keccak256\" ? keccak256(bytes) : sha256(bytes)) as Hex;\n}\n\nexport async function computeDataHashFromUrl(\n url: string,\n algorithm: DataHashAlgorithm\n): Promise<Hex> {\n if (!url || typeof url !== \"string\") {\n throw new OmaTrustError(\"INVALID_INPUT\", \"url must be a non-empty string\", { url });\n }\n\n if (algorithm !== \"keccak256\" && algorithm !== \"sha256\") {\n throw new OmaTrustError(\"INVALID_INPUT\", `Unsupported hash algorithm: \"${algorithm}\". Must be \"keccak256\" or \"sha256\".`, { algorithm });\n }\n\n const json = await fetchJson(url);\n const jcsJson = canonicalizeJson(json);\n return hashJcs(jcsJson, algorithm);\n}\n\nexport async function verifyDataUrlHash(\n url: string,\n expectedHash: Hex,\n algorithm: DataHashAlgorithm\n): Promise<boolean> {\n const computedHash = await computeDataHashFromUrl(url, algorithm);\n return computedHash.toLowerCase() === expectedHash.toLowerCase();\n}\n"]}
|