npm - @openvtc/pnm-core - Versions diffs - 0.1.0 - Mend

@openvtc/pnm-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

package/README.md +129 -0
package/dist/did/derive-signing-key.d.ts +19 -0
package/dist/did/derive-signing-key.d.ts.map +1 -0
package/dist/did/derive-signing-key.js +96 -0
package/dist/did/derive-signing-key.js.map +1 -0
package/dist/did/index.d.ts +5 -0
package/dist/did/index.d.ts.map +1 -0
package/dist/did/index.js +5 -0
package/dist/did/index.js.map +1 -0
package/dist/did/peer.d.ts +37 -0
package/dist/did/peer.d.ts.map +1 -0
package/dist/did/peer.js +49 -0
package/dist/did/peer.js.map +1 -0
package/dist/did/verification-method.d.ts +43 -0
package/dist/did/verification-method.d.ts.map +1 -0
package/dist/did/verification-method.js +32 -0
package/dist/did/verification-method.js.map +1 -0
package/dist/did/verify.d.ts +49 -0
package/dist/did/verify.d.ts.map +1 -0
package/dist/did/verify.js +89 -0
package/dist/did/verify.js.map +1 -0
package/dist/didcomm/index.d.ts +235 -0
package/dist/didcomm/index.d.ts.map +1 -0
package/dist/didcomm/index.js +415 -0
package/dist/didcomm/index.js.map +1 -0
package/dist/inbound/confirm.d.ts +50 -0
package/dist/inbound/confirm.d.ts.map +1 -0
package/dist/inbound/confirm.js +64 -0
package/dist/inbound/confirm.js.map +1 -0
package/dist/inbound/dedup.d.ts +9 -0
package/dist/inbound/dedup.d.ts.map +1 -0
package/dist/inbound/dedup.js +31 -0
package/dist/inbound/dedup.js.map +1 -0
package/dist/inbound/index.d.ts +3 -0
package/dist/inbound/index.d.ts.map +1 -0
package/dist/inbound/index.js +3 -0
package/dist/inbound/index.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +14 -0
package/dist/index.js.map +1 -0
package/dist/onboarding/index.d.ts +2 -0
package/dist/onboarding/index.d.ts.map +1 -0
package/dist/onboarding/index.js +2 -0
package/dist/onboarding/index.js.map +1 -0
package/dist/onboarding/swap.d.ts +60 -0
package/dist/onboarding/swap.d.ts.map +1 -0
package/dist/onboarding/swap.js +148 -0
package/dist/onboarding/swap.js.map +1 -0
package/dist/provision/adopt.d.ts +31 -0
package/dist/provision/adopt.d.ts.map +1 -0
package/dist/provision/adopt.js +114 -0
package/dist/provision/adopt.js.map +1 -0
package/dist/provision/armor.d.ts +19 -0
package/dist/provision/armor.d.ts.map +1 -0
package/dist/provision/armor.js +243 -0
package/dist/provision/armor.js.map +1 -0
package/dist/provision/crc24.d.ts +5 -0
package/dist/provision/crc24.d.ts.map +1 -0
package/dist/provision/crc24.js +30 -0
package/dist/provision/crc24.js.map +1 -0
package/dist/provision/hpke.d.ts +17 -0
package/dist/provision/hpke.d.ts.map +1 -0
package/dist/provision/hpke.js +60 -0
package/dist/provision/hpke.js.map +1 -0
package/dist/provision/index.d.ts +10 -0
package/dist/provision/index.d.ts.map +1 -0
package/dist/provision/index.js +16 -0
package/dist/provision/index.js.map +1 -0
package/dist/provision/open.d.ts +28 -0
package/dist/provision/open.d.ts.map +1 -0
package/dist/provision/open.js +224 -0
package/dist/provision/open.js.map +1 -0
package/dist/provision/request.d.ts +65 -0
package/dist/provision/request.d.ts.map +1 -0
package/dist/provision/request.js +53 -0
package/dist/provision/request.js.map +1 -0
package/dist/provision/run.d.ts +76 -0
package/dist/provision/run.d.ts.map +1 -0
package/dist/provision/run.js +110 -0
package/dist/provision/run.js.map +1 -0
package/dist/provision/send.d.ts +85 -0
package/dist/provision/send.d.ts.map +1 -0
package/dist/provision/send.js +87 -0
package/dist/provision/send.js.map +1 -0
package/dist/provision/types.d.ts +110 -0
package/dist/provision/types.d.ts.map +1 -0
package/dist/provision/types.js +17 -0
package/dist/provision/types.js.map +1 -0
package/dist/rp-login/didcomm.d.ts +34 -0
package/dist/rp-login/didcomm.d.ts.map +1 -0
package/dist/rp-login/didcomm.js +72 -0
package/dist/rp-login/didcomm.js.map +1 -0
package/dist/rp-login/index.d.ts +3 -0
package/dist/rp-login/index.d.ts.map +1 -0
package/dist/rp-login/index.js +3 -0
package/dist/rp-login/index.js.map +1 -0
package/dist/rp-login/step-up.d.ts +43 -0
package/dist/rp-login/step-up.d.ts.map +1 -0
package/dist/rp-login/step-up.js +118 -0
package/dist/rp-login/step-up.js.map +1 -0
package/dist/siop/index.d.ts +3 -0
package/dist/siop/index.d.ts.map +1 -0
package/dist/siop/index.js +3 -0
package/dist/siop/index.js.map +1 -0
package/dist/siop/login-client.d.ts +29 -0
package/dist/siop/login-client.d.ts.map +1 -0
package/dist/siop/login-client.js +79 -0
package/dist/siop/login-client.js.map +1 -0
package/dist/siop/self-issued.d.ts +96 -0
package/dist/siop/self-issued.d.ts.map +1 -0
package/dist/siop/self-issued.js +162 -0
package/dist/siop/self-issued.js.map +1 -0
package/dist/store/holder-identity.d.ts +241 -0
package/dist/store/holder-identity.d.ts.map +1 -0
package/dist/store/holder-identity.js +441 -0
package/dist/store/holder-identity.js.map +1 -0
package/dist/store/index.d.ts +4 -0
package/dist/store/index.d.ts.map +1 -0
package/dist/store/index.js +4 -0
package/dist/store/index.js.map +1 -0
package/dist/store/kv-store.d.ts +51 -0
package/dist/store/kv-store.d.ts.map +1 -0
package/dist/store/kv-store.js +100 -0
package/dist/store/kv-store.js.map +1 -0
package/dist/store/secret-wrap.d.ts +109 -0
package/dist/store/secret-wrap.d.ts.map +1 -0
package/dist/store/secret-wrap.js +85 -0
package/dist/store/secret-wrap.js.map +1 -0
package/dist/trust-tasks/index.d.ts +2 -0
package/dist/trust-tasks/index.d.ts.map +1 -0
package/dist/trust-tasks/index.js +2 -0
package/dist/trust-tasks/index.js.map +1 -0
package/dist/trust-tasks/sign.d.ts +31 -0
package/dist/trust-tasks/sign.d.ts.map +1 -0
package/dist/trust-tasks/sign.js +141 -0
package/dist/trust-tasks/sign.js.map +1 -0
package/dist/util/timing.d.ts +14 -0
package/dist/util/timing.d.ts.map +1 -0
package/dist/util/timing.js +20 -0
package/dist/util/timing.js.map +1 -0
package/dist/vault/delete.d.ts +19 -0
package/dist/vault/delete.d.ts.map +1 -0
package/dist/vault/delete.js +35 -0
package/dist/vault/delete.js.map +1 -0
package/dist/vault/index.d.ts +8 -0
package/dist/vault/index.d.ts.map +1 -0
package/dist/vault/index.js +7 -0
package/dist/vault/index.js.map +1 -0
package/dist/vault/list.d.ts +96 -0
package/dist/vault/list.d.ts.map +1 -0
package/dist/vault/list.js +106 -0
package/dist/vault/list.js.map +1 -0
package/dist/vault/proxy-login.d.ts +100 -0
package/dist/vault/proxy-login.d.ts.map +1 -0
package/dist/vault/proxy-login.js +106 -0
package/dist/vault/proxy-login.js.map +1 -0
package/dist/vault/release.d.ts +33 -0
package/dist/vault/release.d.ts.map +1 -0
package/dist/vault/release.js +83 -0
package/dist/vault/release.js.map +1 -0
package/dist/vault/sign-trust-task.d.ts +26 -0
package/dist/vault/sign-trust-task.d.ts.map +1 -0
package/dist/vault/sign-trust-task.js +53 -0
package/dist/vault/sign-trust-task.js.map +1 -0
package/dist/vault/transport.d.ts +50 -0
package/dist/vault/transport.d.ts.map +1 -0
package/dist/vault/transport.js +118 -0
package/dist/vault/transport.js.map +1 -0
package/dist/vault/upsert.d.ts +102 -0
package/dist/vault/upsert.d.ts.map +1 -0
package/dist/vault/upsert.js +92 -0
package/dist/vault/upsert.js.map +1 -0
package/dist/vta/bridge-mediator-session.d.ts +26 -0
package/dist/vta/bridge-mediator-session.d.ts.map +1 -0
package/dist/vta/bridge-mediator-session.js +37 -0
package/dist/vta/bridge-mediator-session.js.map +1 -0
package/dist/vta/bridge-memory.d.ts +80 -0
package/dist/vta/bridge-memory.d.ts.map +1 -0
package/dist/vta/bridge-memory.js +162 -0
package/dist/vta/bridge-memory.js.map +1 -0
package/dist/vta/client.d.ts +40 -0
package/dist/vta/client.d.ts.map +1 -0
package/dist/vta/client.js +91 -0
package/dist/vta/client.js.map +1 -0
package/dist/vta/contexts.d.ts +60 -0
package/dist/vta/contexts.d.ts.map +1 -0
package/dist/vta/contexts.js +118 -0
package/dist/vta/contexts.js.map +1 -0
package/dist/vta/didcomm.d.ts +57 -0
package/dist/vta/didcomm.d.ts.map +1 -0
package/dist/vta/didcomm.js +138 -0
package/dist/vta/didcomm.js.map +1 -0
package/dist/vta/errors.d.ts +20 -0
package/dist/vta/errors.d.ts.map +1 -0
package/dist/vta/errors.js +64 -0
package/dist/vta/errors.js.map +1 -0
package/dist/vta/index.d.ts +15 -0
package/dist/vta/index.d.ts.map +1 -0
package/dist/vta/index.js +15 -0
package/dist/vta/index.js.map +1 -0
package/dist/vta/mediation.d.ts +80 -0
package/dist/vta/mediation.d.ts.map +1 -0
package/dist/vta/mediation.js +29 -0
package/dist/vta/mediation.js.map +1 -0
package/dist/vta/mediator-client.d.ts +66 -0
package/dist/vta/mediator-client.d.ts.map +1 -0
package/dist/vta/mediator-client.js +139 -0
package/dist/vta/mediator-client.js.map +1 -0
package/dist/vta/pickup.d.ts +81 -0
package/dist/vta/pickup.d.ts.map +1 -0
package/dist/vta/pickup.js +30 -0
package/dist/vta/pickup.js.map +1 -0
package/dist/vta/protocol.d.ts +76 -0
package/dist/vta/protocol.d.ts.map +1 -0
package/dist/vta/protocol.js +30 -0
package/dist/vta/protocol.js.map +1 -0
package/dist/vta/smoke.d.ts +59 -0
package/dist/vta/smoke.d.ts.map +1 -0
package/dist/vta/smoke.js +408 -0
package/dist/vta/smoke.js.map +1 -0
package/dist/vta/transport.d.ts +55 -0
package/dist/vta/transport.d.ts.map +1 -0
package/dist/vta/transport.js +2 -0
package/dist/vta/transport.js.map +1 -0
package/dist/vta/types.d.ts +50 -0
package/dist/vta/types.d.ts.map +1 -0
package/dist/vta/types.js +2 -0
package/dist/vta/types.js.map +1 -0
package/dist/vta/wallet-session.d.ts +87 -0
package/dist/vta/wallet-session.d.ts.map +1 -0
package/dist/vta/wallet-session.js +106 -0
package/dist/vta/wallet-session.js.map +1 -0
package/dist/webauthn/base64url.d.ts +3 -0
package/dist/webauthn/base64url.d.ts.map +1 -0
package/dist/webauthn/base64url.js +17 -0
package/dist/webauthn/base64url.js.map +1 -0
package/dist/webauthn/index.d.ts +4 -0
package/dist/webauthn/index.d.ts.map +1 -0
package/dist/webauthn/index.js +4 -0
package/dist/webauthn/index.js.map +1 -0
package/dist/webauthn/multikey.d.ts +26 -0
package/dist/webauthn/multikey.d.ts.map +1 -0
package/dist/webauthn/multikey.js +91 -0
package/dist/webauthn/multikey.js.map +1 -0
package/dist/webauthn/register.d.ts +36 -0
package/dist/webauthn/register.d.ts.map +1 -0
package/dist/webauthn/register.js +77 -0
package/dist/webauthn/register.js.map +1 -0
package/package.json +56 -0

package/dist/store/holder-identity.js ADDED Viewed

@@ -0,0 +1,441 @@
+import { ed25519, x25519 } from "@noble/curves/ed25519.js";
+import { base64url } from "@openvtc/vti-didcomm-js";
+import { createDidPeer2 } from "../did/index.js";
+import { Identity } from "../didcomm/index.js";
+import { unwrapSecret, wrapSecret, } from "./secret-wrap.js";
+// v3: the holder is a single **Ed25519-rooted `did:peer:2`** the wallet
+// MINTS locally on first run. v2 used a `did:key`, which can sign + derive
+// an X25519 keyAgreement key but CANNOT advertise a service endpoint — so
+// an RP can't reach the wallet for inbound (RP-initiated) requests. A
+// did:peer:2 encodes both keys plus the wallet's mediator service inline,
+// making the wallet reachable, while staying self-certifying (resolves
+// with no network).
+//
+// v4: the holder is an Ed25519 **`did:key`** the VTA MINTS during the
+// provision-integration flow. The wallet ships its ephemeral did:key to
+// the VTA, which mints a long-term admin DID + keys + authorization VC
+// and ships them back HPKE-sealed; the wallet adopts the result as its
+// holder. The DID method changes — did:key has no service endpoint, so
+// the wallet is no longer reachable inbound at the holder layer. RP-
+// initiated DIDComm is out-of-scope for v4 (the wallet only initiates).
+//
+// v4 reads ALWAYS preferred over v3 by the strict loader; v3 records left
+// over from a pre-v4 wallet surface as `RequiresReonboardError` so the
+// operator can re-onboard at a VTA and adopt a freshly-minted v4 identity.
+//
+// The Ed25519 secret is the persisted root in both shapes: it IS the
+// authentication key, and the X25519 keyAgreement key is its Montgomery
+// form, re-derived on every load.
+const STORE_KEY = "pnm/holder-identity/v3";
+// Legacy single-VTA v4 key. Read-only after multi-VTA landed; records
+// found here are migrated to the per-vta path on first access and the
+// legacy key is deleted. Kept defined (not exported) so the migration
+// helper can read it without re-typing the constant.
+const STORE_KEY_V4_LEGACY = "pnm/holder-identity/v4";
+// Per-VTA v4 key prefix. Each VTA the wallet has been onboarded at
+// has its own record under `{prefix}{vtaDid}`. The trailing `/`
+// disambiguates the prefix-scan from the legacy singleton key so a
+// caller listing records doesn't accidentally pick up the legacy
+// row before its migration ran.
+const STORE_KEY_V4_PREFIX = "pnm/holder-identity/v4/";
+function v4Key(vtaDid) {
+    return STORE_KEY_V4_PREFIX + vtaDid;
+}
+/**
+ * Migrate the legacy single-VTA v4 record (if present) to its
+ * per-vta key, using the record's own `vtaDid` field as the path
+ * suffix. Idempotent: a second call after migration is a no-op
+ * (legacy key is gone, return value is `null`). Returns the migrated
+ * record so the immediate caller can use it without a second read.
+ *
+ * Called inline from every read path so installs predating multi-VTA
+ * are picked up on whichever read fires first after upgrade.
+ */
+async function migrateLegacyV4Record(store) {
+    const legacy = await store.get(STORE_KEY_V4_LEGACY);
+    if (!legacy)
+        return null;
+    // Write FIRST, delete after — a crash between the two leaves the
+    // legacy row in place; the next read re-runs the migration.
+    await store.put(v4Key(legacy.vtaDid), legacy);
+    await store.delete(STORE_KEY_V4_LEGACY);
+    return legacy;
+}
+/**
+ * Generate-or-load the wallet's holder identity (a `did:peer:2`) from a
+ * `KVStore`. Only the Ed25519 secret is persisted; the DID + kids are
+ * persisted alongside it (the DID is immutable once minted), and the X25519
+ * keyAgreement key is re-derived on every load.
+ *
+ * Persistence is wrapped via the optional [`HolderIdentityOptions.secretWrap`]
+ * — production extensions supply a `WebAuthnPrfSecretWrap` so storage
+ * exfil yields ciphertext, not the wallet's signing key. Callers that
+ * omit the wrap fall back to plaintext (legacy behaviour); the
+ * loader handles both shapes for backward compatibility.
+ */
+export async function generateOrLoadHolderIdentity(store, opts) {
+    const persisted = await store.get(STORE_KEY);
+    if (persisted) {
+        let edSecret;
+        if (persisted.wrappedSecret) {
+            // New shape: read through the wrap. A wrap-algorithm
+            // mismatch (record wrapped with X, caller supplied Y)
+            // throws — the loader can't silently fall back without
+            // risking a secret leak.
+            edSecret = await unwrapSecret(persisted.wrappedSecret, opts?.secretWrap);
+        }
+        else if (persisted.edSecretB64u) {
+            // Legacy shape: plaintext base64url. Pre-H1 wallets.
+            edSecret = base64url.decode(persisted.edSecretB64u);
+        }
+        else {
+            throw new Error("persisted holder record missing both wrappedSecret and edSecretB64u");
+        }
+        return {
+            ...buildHolder(edSecret, persisted.did, persisted.signingKid, persisted.keyAgreementKid),
+            freshlyMinted: false,
+        };
+    }
+    const edSecret = ed25519.utils.randomSecretKey();
+    const edPublic = ed25519.getPublicKey(edSecret);
+    const x25519Public = x25519.getPublicKey(ed25519.utils.toMontgomerySecret(edSecret));
+    const peer = createDidPeer2({
+        ed25519PublicKey: edPublic,
+        x25519PublicKey: x25519Public,
+        ...(opts?.mediatorDid ? { service: { serviceEndpoint: opts.mediatorDid } } : {}),
+    });
+    const wrapped = await wrapSecret(edSecret, opts?.secretWrap);
+    const record = {
+        did: peer.did,
+        signingKid: peer.authKid,
+        keyAgreementKid: peer.keyAgreementKid,
+        wrappedSecret: wrapped,
+        ...(opts?.mediatorDid ? { mediatorDid: opts.mediatorDid } : {}),
+    };
+    await store.put(STORE_KEY, record);
+    return {
+        ...buildHolder(edSecret, peer.did, peer.authKid, peer.keyAgreementKid),
+        freshlyMinted: true,
+    };
+}
+/** Reconstruct the signing + DIDComm identities from the Ed25519 root secret
+ *  and the (persisted/minted) did:peer + its VM ids. */
+function buildHolder(edSecret, did, signingKid, keyAgreementKid) {
+    const edPublic = ed25519.getPublicKey(edSecret);
+    const xPrivate = ed25519.utils.toMontgomerySecret(edSecret);
+    const xPublic = x25519.getPublicKey(xPrivate);
+    const signing = {
+        did,
+        kid: signingKid,
+        privateKey: edSecret,
+        publicKey: edPublic,
+    };
+    const identity = Identity.fromSecretJwk({
+        did,
+        kid: keyAgreementKid,
+        jwk: {
+            kty: "OKP",
+            crv: "X25519",
+            x: base64url.encode(xPublic),
+            d: base64url.encode(xPrivate),
+        },
+    });
+    return { identity, signing };
+}
+/** Forget every persisted holder identity. Mostly for tests / hard
+ *  reset (the options page "wipe wallet" button). Clears the v3 row,
+ *  the legacy single-VTA v4 row, AND every per-vta v4 record. After
+ *  this the wallet looks freshly installed at every VTA. */
+export async function clearHolderIdentity(store) {
+    await store.delete(STORE_KEY);
+    await store.delete(STORE_KEY_V4_LEGACY);
+    const perVtaKeys = await store.keys(STORE_KEY_V4_PREFIX);
+    for (const k of perVtaKeys) {
+        await store.delete(k);
+    }
+}
+/** Thrown by `loadHolderStrict` when neither a v3 nor a v4 holder record
+ *  exists — the wallet is on a fresh install and the operator should
+ *  proceed with onboarding. */
+export class NoHolderError extends Error {
+    constructor() {
+        super("no persisted holder identity — onboard with a VTA");
+        this.name = "NoHolderError";
+    }
+}
+/** Thrown by `loadHolderStrict` when a v3 (self-derived did:peer) record
+ *  exists but no v4 (VTA-minted did:key) record. The wallet was built
+ *  before the M2C identity migration; the operator must re-onboard so the
+ *  VTA mints a fresh long-term DID. The old did:peer is unusable as the
+ *  wallet's holder going forward — every RP that recognised it must be
+ *  re-granted with the new VTA-minted DID.
+ *
+ *  `previousDid` is the v3 DID, surfaced for the migration UI so the
+ *  operator can audit what they're abandoning. */
+export class RequiresReonboardError extends Error {
+    previousDid;
+    constructor(previousDid) {
+        super(`pre-v4 holder identity (${previousDid}) — re-onboard required: ` +
+            "this build expects a VTA-minted holder DID. Connect to a VTA to mint a fresh identity.");
+        this.name = "RequiresReonboardError";
+        this.previousDid = previousDid;
+    }
+}
+/** Load the wallet's holder identity for the given VTA, strictly
+ *  preferring v4.
+ *
+ *  - v4 record for `vtaDid` present → return the VTA-minted holder.
+ *  - no v4 record for `vtaDid` but a legacy single-VTA v4 record
+ *    exists → migrate it to the per-vta path (transparently) and
+ *    return if its `vtaDid` matches the requested one.
+ *  - no v4 (for `vtaDid` or legacy) but v3 present → throw
+ *    `RequiresReonboardError` (the operator needs to re-onboard so the
+ *    VTA mints a v4 identity).
+ *  - none of the above → throw `NoHolderError` (fresh install). */
+export async function loadHolderStrict(store, opts) {
+    let v4 = await store.get(v4Key(opts.vtaDid));
+    if (!v4) {
+        // Inline migration of the legacy single-VTA v4 record. If the
+        // legacy row's vtaDid matches the requested one, use it now;
+        // otherwise fall through (the wallet is onboarded at a different
+        // VTA than the one being asked for).
+        const migrated = await migrateLegacyV4Record(store);
+        if (migrated && migrated.vtaDid === opts.vtaDid) {
+            v4 = migrated;
+        }
+    }
+    if (v4) {
+        const edSecret = await unwrapSecret(v4.wrappedSecret, opts.secretWrap);
+        return {
+            ...buildHolder(edSecret, v4.did, v4.signingKid, v4.keyAgreementKid),
+            freshlyMinted: false,
+        };
+    }
+    const v3 = await store.get(STORE_KEY);
+    if (v3) {
+        throw new RequiresReonboardError(v3.did);
+    }
+    throw new NoHolderError();
+}
+/** Persist a freshly-minted VTA holder as the wallet's v4 identity.
+ *
+ *  Returns the rebuilt `HolderIdentityResult` so the caller can use the
+ *  identity immediately without an extra load. Clears any pre-existing
+ *  v3 record on a successful install — the migration is a one-way move
+ *  and a stale v3 record sitting alongside v4 is just a footgun for a
+ *  future loader. */
+export async function installVtaMintedHolder(store, opts) {
+    if (opts.edSeed.length !== 32) {
+        throw new Error(`installVtaMintedHolder: edSeed must be 32 bytes (got ${opts.edSeed.length})`);
+    }
+    const wrapped = await wrapSecret(opts.edSeed, opts.secretWrap);
+    const record = {
+        did: opts.did,
+        signingKid: opts.signingKid,
+        keyAgreementKid: opts.keyAgreementKid,
+        wrappedSecret: wrapped,
+        vtaDid: opts.vtaDid,
+        ...(opts.vtaUrl ? { vtaUrl: opts.vtaUrl } : {}),
+        schemaVersion: 4,
+    };
+    await store.put(v4Key(opts.vtaDid), record);
+    // Migration: drop the legacy did:peer record so the next strict load
+    // doesn't re-prompt the operator to re-onboard. Without this, a wallet
+    // that successfully onboarded but kept the v3 row would loop on its
+    // first reload.
+    await store.delete(STORE_KEY);
+    // Also drop the legacy single-VTA v4 record if present — the per-vta
+    // record is the new source of truth. Idempotent: a no-op if the
+    // legacy row was already migrated or never existed.
+    await store.delete(STORE_KEY_V4_LEGACY);
+    return {
+        ...buildHolder(opts.edSeed, opts.did, opts.signingKid, opts.keyAgreementKid),
+        freshlyMinted: true,
+    };
+}
+/** Re-wrap the persisted v4 holder secret in place, preserving the
+ *  wallet's DID + verification-method ids + VTA provenance.
+ *
+ *  The canonical caller is the popup's post-onboard "Encrypt your
+ *  wallet?" prompt: the operator clicks the button, the popup runs
+ *  `navigator.credentials.create` (visible context, fresh user
+ *  gesture), and re-wraps the existing passthrough record under
+ *  the PRF-derived AES-GCM key. The wallet DID stays the same — no
+ *  re-grant in any RP ACL, no re-onboarding.
+ *
+ *  Mirrors the v3 `rewrapHolderSecret` but reads + writes the v4
+ *  record (`STORE_KEY_V4`). Future cleanup could consolidate the
+ *  two into one schema-version-aware function; kept separate for
+ *  now so the v3 path's legacy `edSecretB64u` fallback doesn't
+ *  leak into v4's cleaner shape.
+ *
+ *  Throws if no v4 record exists. The popup should only invoke this
+ *  AFTER `installVtaMintedHolder` has run. */
+export async function rewrapHolderV4Secret(store, opts) {
+    let persisted = await store.get(v4Key(opts.vtaDid));
+    if (!persisted) {
+        // Try migrating a legacy single-VTA row into the per-vta path,
+        // then re-read. Same idempotent helper used by `loadHolderStrict`.
+        const migrated = await migrateLegacyV4Record(store);
+        if (migrated && migrated.vtaDid === opts.vtaDid) {
+            persisted = migrated;
+        }
+    }
+    if (!persisted) {
+        throw new Error(`no persisted v4 holder identity to re-wrap for ${opts.vtaDid}`);
+    }
+    // 1. Recover the raw seed using the from-wrap. `unwrapSecret`
+    //    dispatches on the stored record's `algorithm`, so a
+    //    PassthroughWrap record opens regardless of which wrap the
+    //    caller supplies (they're typically passing the new
+    //    encryption-target wrap, not the existing passthrough).
+    const edSecret = await unwrapSecret(persisted.wrappedSecret, opts.fromWrap);
+    // 2. Re-wrap with the to-wrap and write back. Same shape as
+    //    `installVtaMintedHolder`'s write path; only `wrappedSecret`
+    //    actually changes.
+    const wrapped = await wrapSecret(edSecret, opts.toWrap);
+    const next = {
+        did: persisted.did,
+        signingKid: persisted.signingKid,
+        keyAgreementKid: persisted.keyAgreementKid,
+        wrappedSecret: wrapped,
+        vtaDid: persisted.vtaDid,
+        ...(persisted.vtaUrl ? { vtaUrl: persisted.vtaUrl } : {}),
+        schemaVersion: 4,
+    };
+    await store.put(v4Key(persisted.vtaDid), next);
+    return {
+        ...buildHolder(edSecret, persisted.did, persisted.signingKid, persisted.keyAgreementKid),
+        freshlyMinted: false,
+    };
+}
+/** Inspect the persisted state without throwing. Used by the popup to
+ *  decide which onboarding screen to show.
+ *
+ *  For v4 records, `wrapAlgorithm` reveals whether the secret is
+ *  encrypted at rest. `"passthrough"` means plaintext (the operator
+ *  hasn't enabled encryption); anything else (currently only
+ *  `"webauthn-prf-aes-gcm"`) means the popup needs to run an
+ *  unlock ceremony before offscreen can load the holder identity.
+ *
+ *  When `vtaDid` is passed: returns the state for that specific
+ *  VTA's holder record. Used by the popup's active-VTA probe.
+ *  When `vtaDid` is omitted: returns the first v4 record found
+ *  (after migrating any legacy single-VTA row), else falls back to
+ *  v3 / none. Used for the initial fresh-install / migration-banner
+ *  decision before an active VTA has been selected. */
+export async function holderIdentityState(store, vtaDid) {
+    // Migrate the legacy row if present — it joins the per-vta keyspace
+    // and will be picked up by the lookups below.
+    await migrateLegacyV4Record(store);
+    if (vtaDid !== undefined) {
+        const v4 = await store.get(v4Key(vtaDid));
+        if (v4) {
+            return {
+                kind: "v4",
+                did: v4.did,
+                vtaDid: v4.vtaDid,
+                wrapAlgorithm: v4.wrappedSecret.algorithm,
+            };
+        }
+    }
+    else {
+        // No specific VTA — scan the per-vta keyspace and return the
+        // first match. The popup uses this for the migration banner
+        // detection (any v4 present at all → skip the v3 banner).
+        const keys = await store.keys(STORE_KEY_V4_PREFIX);
+        if (keys.length > 0) {
+            const first = await store.get(keys[0]);
+            if (first) {
+                return {
+                    kind: "v4",
+                    did: first.did,
+                    vtaDid: first.vtaDid,
+                    wrapAlgorithm: first.wrappedSecret.algorithm,
+                };
+            }
+        }
+    }
+    const v3 = await store.get(STORE_KEY);
+    if (v3)
+        return { kind: "v3", did: v3.did };
+    return { kind: "none" };
+}
+/** Enumerate every v4 holder record on disk — one per VTA the wallet
+ *  has been onboarded at. Powers the popup's multi-VTA dropdown
+ *  (PR 2). Migrates the legacy single-VTA row inline so a wallet
+ *  upgraded from a single-VTA build surfaces its one wallet here. */
+export async function listHolderRecords(store) {
+    await migrateLegacyV4Record(store);
+    const keys = await store.keys(STORE_KEY_V4_PREFIX);
+    const out = [];
+    for (const k of keys) {
+        const r = await store.get(k);
+        if (!r)
+            continue;
+        out.push({
+            vtaDid: r.vtaDid,
+            did: r.did,
+            wrapAlgorithm: r.wrappedSecret.algorithm,
+        });
+    }
+    return out;
+}
+/** Delete the v4 holder record for a specific VTA. Companion to
+ *  `installVtaMintedHolder`. Idempotent: a no-op when the record is
+ *  already gone. Other VTAs' records are left alone — call
+ *  `clearHolderIdentity` to wipe every wallet on this device. */
+export async function forgetHolderRecord(store, vtaDid) {
+    await store.delete(v4Key(vtaDid));
+}
+/**
+ * Re-wrap the persisted holder secret in place, preserving the
+ * wallet's DID + verification-method ids + mediator endpoint.
+ *
+ * Used by the extension's settings UI when the operator flips
+ * the `encryptHolderSecret` toggle — the existing wallet keeps
+ * its identity (no re-grant in any RP ACL) but the on-disk
+ * secret transitions between plaintext and wrap-encrypted.
+ *
+ * Returns the rebuilt `HolderIdentityResult` so the caller can
+ * report the (unchanged) DID back to the operator immediately.
+ *
+ * Errors if no persisted record exists — caller should check
+ * `freshlyMinted` semantics first (a fresh-mint wallet has no
+ * pre-existing secret to re-wrap).
+ */
+export async function rewrapHolderSecret(store, opts) {
+    const persisted = await store.get(STORE_KEY);
+    if (!persisted) {
+        throw new Error("no persisted holder identity to re-wrap");
+    }
+    // 1. Recover the raw secret using the from-wrap.
+    let edSecret;
+    if (persisted.wrappedSecret) {
+        edSecret = await unwrapSecret(persisted.wrappedSecret, opts.fromWrap);
+    }
+    else if (persisted.edSecretB64u) {
+        edSecret = base64url.decode(persisted.edSecretB64u);
+    }
+    else {
+        throw new Error("persisted record missing both wrappedSecret and edSecretB64u");
+    }
+    // 2. Re-wrap with the to-wrap and write back. Drop the legacy
+    //    plaintext slot on the way out so a partially-migrated
+    //    record can't load through the legacy path on the next
+    //    boot.
+    const wrapped = await wrapSecret(edSecret, opts.toWrap);
+    const next = {
+        did: persisted.did,
+        signingKid: persisted.signingKid,
+        keyAgreementKid: persisted.keyAgreementKid,
+        wrappedSecret: wrapped,
+        ...(persisted.mediatorDid ? { mediatorDid: persisted.mediatorDid } : {}),
+    };
+    await store.put(STORE_KEY, next);
+    return {
+        ...buildHolder(edSecret, persisted.did, persisted.signingKid, persisted.keyAgreementKid),
+        freshlyMinted: false,
+    };
+}
+//# sourceMappingURL=holder-identity.js.map

package/dist/store/holder-identity.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"holder-identity.js","sourceRoot":"","sources":["../../src/store/holder-identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAkB,MAAM,qBAAqB,CAAC;AAG/D,OAAO,EAGL,YAAY,EACZ,UAAU,GACX,MAAM,kBAAkB,CAAC;AAE1B,wEAAwE;AACxE,2EAA2E;AAC3E,0EAA0E;AAC1E,sEAAsE;AACtE,0EAA0E;AAC1E,uEAAuE;AACvE,oBAAoB;AACpB,EAAE;AACF,sEAAsE;AACtE,wEAAwE;AACxE,uEAAuE;AACvE,uEAAuE;AACvE,uEAAuE;AACvE,qEAAqE;AACrE,wEAAwE;AACxE,EAAE;AACF,0EAA0E;AAC1E,uEAAuE;AACvE,2EAA2E;AAC3E,EAAE;AACF,qEAAqE;AACrE,wEAAwE;AACxE,kCAAkC;AAClC,MAAM,SAAS,GAAG,wBAAwB,CAAC;AAC3C,sEAAsE;AACtE,sEAAsE;AACtE,sEAAsE;AACtE,qDAAqD;AACrD,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AACrD,mEAAmE;AACnE,gEAAgE;AAChE,mEAAmE;AACnE,iEAAiE;AACjE,gCAAgC;AAChC,MAAM,mBAAmB,GAAG,yBAAyB,CAAC;AAEtD,SAAS,KAAK,CAAC,MAAc;IAC3B,OAAO,mBAAmB,GAAG,MAAM,CAAC;AACtC,CAAC;AAED;;;;;;;;;GASG;AACH,KAAK,UAAU,qBAAqB,CAAC,KAAc;IACjD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,mBAAmB,CAAC,CAAC;IACvE,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,iEAAiE;IACjE,4DAA4D;IAC5D,MAAM,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAC;IAC9C,MAAM,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IACxC,OAAO,MAAM,CAAC;AAChB,CAAC;AAkED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,KAAc,EACd,IAA4B;IAE5B,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAkB,SAAS,CAAC,CAAC;IAC9D,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,QAAoB,CAAC;QACzB,IAAI,SAAS,CAAC,aAAa,EAAE,CAAC;YAC5B,qDAAqD;YACrD,sDAAsD;YACtD,uDAAuD;YACvD,yBAAyB;YACzB,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QAC3E,CAAC;aAAM,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;YAClC,qDAAqD;YACrD,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;QACD,OAAO;YACL,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,eAAe,CAAC;YACxF,aAAa,EAAE,KAAK;SACrB,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;IACjD,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC;IAErF,MAAM,IAAI,GAAG,cAAc,CAAC;QAC1B,gBAAgB,EAAE,QAAQ;QAC1B,eAAe,EAAE,YAAY;QAC7B,GAAG,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,eAAe,EAAE,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACjF,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAoB;QAC9B,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,UAAU,EAAE,IAAI,CAAC,OAAO;QACxB,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,aAAa,EAAE,OAAO;QACtB,GAAG,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChE,CAAC;IACF,MAAM,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAEnC,OAAO;QACL,GAAG,WAAW,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC;QACtE,aAAa,EAAE,IAAI;KACpB,CAAC;AACJ,CAAC;AAED;wDACwD;AACxD,SAAS,WAAW,CAClB,QAAoB,EACpB,GAAW,EACX,UAAkB,EAClB,eAAuB;IAEvB,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAC5D,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IAE9C,MAAM,OAAO,GAAoB;QAC/B,GAAG;QACH,GAAG,EAAE,UAAU;QACf,UAAU,EAAE,QAAQ;QACpB,SAAS,EAAE,QAAQ;KACpB,CAAC;IAEF,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAC;QACtC,GAAG;QACH,GAAG,EAAE,eAAe;QACpB,GAAG,EAAE;YACH,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,QAAQ;YACb,CAAC,EAAE,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC;YAC5B,CAAC,EAAE,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC;SACjB;KACf,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED;;;4DAG4D;AAC5D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,KAAc;IACtD,MAAM,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC9B,MAAM,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACzD,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;AACH,CAAC;AA8BD;;+BAE+B;AAC/B,MAAM,OAAO,aAAc,SAAQ,KAAK;IACtC;QACE,KAAK,CAAC,mDAAmD,CAAC,CAAC;QAC3D,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;CACF;AAED;;;;;;;;kDAQkD;AAClD,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IACtC,WAAW,CAAS;IAC7B,YAAY,WAAmB;QAC7B,KAAK,CACH,2BAA2B,WAAW,2BAA2B;YAC/D,wFAAwF,CAC3F,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;CACF;AAeD;;;;;;;;;;mEAUmE;AACnE,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAc,EACd,IAA6B;IAE7B,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAChE,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,8DAA8D;QAC9D,6DAA6D;QAC7D,iEAAiE;QACjE,qCAAqC;QACrC,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;QACpD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YAChD,EAAE,GAAG,QAAQ,CAAC;QAChB,CAAC;IACH,CAAC;IACD,IAAI,EAAE,EAAE,CAAC;QACP,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACvE,OAAO;YACL,GAAG,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,EAAE,EAAE,CAAC,eAAe,CAAC;YACnE,aAAa,EAAE,KAAK;SACrB,CAAC;IACJ,CAAC;IACD,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAkB,SAAS,CAAC,CAAC;IACvD,IAAI,EAAE,EAAE,CAAC;QACP,MAAM,IAAI,sBAAsB,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,IAAI,aAAa,EAAE,CAAC;AAC5B,CAAC;AAyBD;;;;;;qBAMqB;AACrB,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,KAAc,EACd,IAAmC;IAEnC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,wDAAwD,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAC9E,CAAC;IACJ,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAsB;QAChC,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,aAAa,EAAE,OAAO;QACtB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,aAAa,EAAE,CAAC;KACjB,CAAC;IACF,MAAM,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAC;IAC5C,qEAAqE;IACrE,uEAAuE;IACvE,oEAAoE;IACpE,gBAAgB;IAChB,MAAM,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC9B,qEAAqE;IACrE,gEAAgE;IAChE,oDAAoD;IACpD,MAAM,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IACxC,OAAO;QACL,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,eAAe,CAAC;QAC5E,aAAa,EAAE,IAAI;KACpB,CAAC;AACJ,CAAC;AAkBD;;;;;;;;;;;;;;;;;8CAiB8C;AAC9C,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAc,EACd,IAA2B;IAE3B,IAAI,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACvE,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,+DAA+D;QAC/D,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;QACpD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YAChD,SAAS,GAAG,QAAQ,CAAC;QACvB,CAAC;IACH,CAAC;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,kDAAkD,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,8DAA8D;IAC9D,yDAAyD;IACzD,+DAA+D;IAC/D,wDAAwD;IACxD,4DAA4D;IAC5D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAE5E,4DAA4D;IAC5D,iEAAiE;IACjE,uBAAuB;IACvB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,IAAI,GAAsB;QAC9B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,OAAO;QACtB,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,aAAa,EAAE,CAAC;KACjB,CAAC;IACF,MAAM,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IAE/C,OAAO;QACL,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,eAAe,CAAC;QACxF,aAAa,EAAE,KAAK;KACrB,CAAC;AACJ,CAAC;AAOD;;;;;;;;;;;;;;uDAcuD;AACvD,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAc,EACd,MAAe;IAEf,oEAAoE;IACpE,8CAA8C;IAC9C,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC7D,IAAI,EAAE,EAAE,CAAC;YACP,OAAO;gBACL,IAAI,EAAE,IAAI;gBACV,GAAG,EAAE,EAAE,CAAC,GAAG;gBACX,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,SAAS;aAC1C,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,6DAA6D;QAC7D,4DAA4D;QAC5D,0DAA0D;QAC1D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;YAC3D,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO;oBACL,IAAI,EAAE,IAAI;oBACV,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,SAAS;iBAC7C,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAkB,SAAS,CAAC,CAAC;IACvD,IAAI,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC;IAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;AAC1B,CAAC;AAUD;;;qEAGqE;AACrE,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,KAAc;IACpD,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACnD,MAAM,GAAG,GAA0B,EAAE,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,GAAG,CAAoB,CAAC,CAAC,CAAC;QAChD,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,GAAG,CAAC,IAAI,CAAC;YACP,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,aAAa,EAAE,CAAC,CAAC,aAAa,CAAC,SAAS;SACzC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;iEAGiE;AACjE,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,KAAc,EAAE,MAAc;IACrE,MAAM,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;AACpC,CAAC;AAiBD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAc,EACd,IAAmB;IAEnB,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAkB,SAAS,CAAC,CAAC;IAC9D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,iDAAiD;IACjD,IAAI,QAAoB,CAAC;IACzB,IAAI,SAAS,CAAC,aAAa,EAAE,CAAC;QAC5B,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxE,CAAC;SAAM,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;QAClC,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IAED,8DAA8D;IAC9D,2DAA2D;IAC3D,2DAA2D;IAC3D,WAAW;IACX,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,IAAI,GAAoB;QAC5B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,OAAO;QACtB,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,SAAS,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACzE,CAAC;IACF,MAAM,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAEjC,OAAO;QACL,GAAG,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,eAAe,CAAC;QACxF,aAAa,EAAE,KAAK;KACrB,CAAC;AACJ,CAAC"}

package/dist/store/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * from "./kv-store.js";
+export * from "./holder-identity.js";
+export * from "./secret-wrap.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/store/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/store/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC"}

package/dist/store/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+export * from "./kv-store.js";
+export * from "./holder-identity.js";
+export * from "./secret-wrap.js";
+//# sourceMappingURL=index.js.map

package/dist/store/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/store/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC"}

package/dist/store/kv-store.d.ts ADDED Viewed

@@ -0,0 +1,51 @@
+/**
+ * Minimal async key/value store. Two implementations ship:
+ *
+ * - `InMemoryKVStore` — for tests and ephemeral sessions.
+ * - `IndexedDBKVStore` — for browser persistence.
+ *
+ * Anything stored MUST be JSON-serialisable. The store does not
+ * encrypt at rest — callers wrap values in WebAuthn PRF-derived keys
+ * (or similar) before writing if the value is sensitive (e.g. a
+ * holder identity's secret JWK).
+ */
+export interface KVStore {
+    get<T = unknown>(key: string): Promise<T | undefined>;
+    put(key: string, value: unknown): Promise<void>;
+    delete(key: string): Promise<void>;
+    /** Enumerate keys, optionally filtered to those starting with
+     *  `prefix`. Order is unspecified. Used for prefix-scanned
+     *  collections (e.g. multi-VTA holder records under
+     *  `pnm/holder-identity/v4/`). */
+    keys(prefix?: string): Promise<string[]>;
+}
+/** Backing for tests. Forgets state on process exit. */
+export declare class InMemoryKVStore implements KVStore {
+    private readonly map;
+    get<T>(key: string): Promise<T | undefined>;
+    put(key: string, value: unknown): Promise<void>;
+    delete(key: string): Promise<void>;
+    keys(prefix?: string): Promise<string[]>;
+}
+/**
+ * `IndexedDB`-backed `KVStore`. Single object store, single
+ * database. Suitable for browser + extension contexts where
+ * `indexedDB` is available. Node 22+ has `indexedDB` via the
+ * `node:sqlite`-backed implementation behind a flag; tests should
+ * use `InMemoryKVStore` instead.
+ */
+export declare class IndexedDBKVStore implements KVStore {
+    private readonly dbName;
+    private readonly storeName;
+    private dbPromise;
+    constructor(opts?: {
+        dbName?: string;
+        storeName?: string;
+    });
+    get<T>(key: string): Promise<T | undefined>;
+    put(key: string, value: unknown): Promise<void>;
+    delete(key: string): Promise<void>;
+    keys(prefix?: string): Promise<string[]>;
+    private openDb;
+}
+//# sourceMappingURL=kv-store.d.ts.map

package/dist/store/kv-store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"kv-store.d.ts","sourceRoot":"","sources":["../../src/store/kv-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,MAAM,WAAW,OAAO;IACtB,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC;IACtD,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnC;;;sCAGkC;IAClC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC1C;AAED,wDAAwD;AACxD,qBAAa,eAAgB,YAAW,OAAO;IAC7C,OAAO,CAAC,QAAQ,CAAC,GAAG,CAA8B;IAE5C,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAK3C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;CAO/C;AAED;;;;;;GAMG;AACH,qBAAa,gBAAiB,YAAW,OAAO;IAC9C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,SAAS,CAAqC;gBAE1C,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE;IAKpD,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAU3C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAU/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAoB9C,OAAO,CAAC,MAAM;CAef"}

package/dist/store/kv-store.js ADDED Viewed

@@ -0,0 +1,100 @@
+/** Backing for tests. Forgets state on process exit. */
+export class InMemoryKVStore {
+    map = new Map();
+    async get(key) {
+        const v = this.map.get(key);
+        return v === undefined ? undefined : structuredClone(v);
+    }
+    async put(key, value) {
+        this.map.set(key, structuredClone(value));
+    }
+    async delete(key) {
+        this.map.delete(key);
+    }
+    async keys(prefix) {
+        const out = [];
+        for (const k of this.map.keys()) {
+            if (prefix === undefined || k.startsWith(prefix))
+                out.push(k);
+        }
+        return out;
+    }
+}
+/**
+ * `IndexedDB`-backed `KVStore`. Single object store, single
+ * database. Suitable for browser + extension contexts where
+ * `indexedDB` is available. Node 22+ has `indexedDB` via the
+ * `node:sqlite`-backed implementation behind a flag; tests should
+ * use `InMemoryKVStore` instead.
+ */
+export class IndexedDBKVStore {
+    dbName;
+    storeName;
+    dbPromise = null;
+    constructor(opts) {
+        this.dbName = opts?.dbName ?? "pnm";
+        this.storeName = opts?.storeName ?? "kv";
+    }
+    async get(key) {
+        const db = await this.openDb();
+        return new Promise((resolve, reject) => {
+            const tx = db.transaction(this.storeName, "readonly");
+            const req = tx.objectStore(this.storeName).get(key);
+            req.onsuccess = () => resolve(req.result);
+            req.onerror = () => reject(req.error);
+        });
+    }
+    async put(key, value) {
+        const db = await this.openDb();
+        await new Promise((resolve, reject) => {
+            const tx = db.transaction(this.storeName, "readwrite");
+            tx.objectStore(this.storeName).put(value, key);
+            tx.oncomplete = () => resolve();
+            tx.onerror = () => reject(tx.error);
+        });
+    }
+    async delete(key) {
+        const db = await this.openDb();
+        await new Promise((resolve, reject) => {
+            const tx = db.transaction(this.storeName, "readwrite");
+            tx.objectStore(this.storeName).delete(key);
+            tx.oncomplete = () => resolve();
+            tx.onerror = () => reject(tx.error);
+        });
+    }
+    async keys(prefix) {
+        const db = await this.openDb();
+        // Use a key range when a prefix is provided so IndexedDB does the
+        // filtering — avoids walking the entire keyspace for a handful of
+        // matches. The upper bound is `prefix + ''` (the highest
+        // BMP code point), giving a half-open range that captures every
+        // string starting with `prefix`.
+        const range = prefix !== undefined
+            ? IDBKeyRange.bound(prefix, prefix + "", false, false)
+            : undefined;
+        return new Promise((resolve, reject) => {
+            const tx = db.transaction(this.storeName, "readonly");
+            const store = tx.objectStore(this.storeName);
+            const req = range !== undefined ? store.getAllKeys(range) : store.getAllKeys();
+            req.onsuccess = () => resolve(req.result.map(String));
+            req.onerror = () => reject(req.error);
+        });
+    }
+    openDb() {
+        if (this.dbPromise)
+            return this.dbPromise;
+        this.dbPromise = new Promise((resolve, reject) => {
+            const req = indexedDB.open(this.dbName, 1);
+            req.onupgradeneeded = () => {
+                const db = req.result;
+                if (!db.objectStoreNames.contains(this.storeName)) {
+                    db.createObjectStore(this.storeName);
+                }
+            };
+            req.onsuccess = () => resolve(req.result);
+            req.onerror = () => reject(req.error);
+        });
+        return this.dbPromise;
+    }
+}
+//# sourceMappingURL=kv-store.js.map

package/dist/store/kv-store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"kv-store.js","sourceRoot":"","sources":["../../src/store/kv-store.ts"],"names":[],"mappings":"AAsBA,wDAAwD;AACxD,MAAM,OAAO,eAAe;IACT,GAAG,GAAG,IAAI,GAAG,EAAmB,CAAC;IAElD,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,eAAe,CAAC,CAAC,CAAO,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAc;QACnC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,MAAM,GAAG,GAAa,EAAE,CAAC;QACzB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC;YAChC,IAAI,MAAM,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,OAAO,gBAAgB;IACV,MAAM,CAAS;IACf,SAAS,CAAS;IAC3B,SAAS,GAAgC,IAAI,CAAC;IAEtD,YAAY,IAA8C;QACxD,IAAI,CAAC,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,EAAE,SAAS,IAAI,IAAI,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAC/B,OAAO,IAAI,OAAO,CAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpD,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;YACtD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACpD,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,MAAuB,CAAC,CAAC;YAC3D,GAAG,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAc;QACnC,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAC/B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACvD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAC/C,EAAE,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;YAChC,EAAE,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAC/B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACvD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC3C,EAAE,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;YAChC,EAAE,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAC/B,kEAAkE;QAClE,kEAAkE;QAClE,0DAA0D;QAC1D,gEAAgE;QAChE,iCAAiC;QACjC,MAAM,KAAK,GACT,MAAM,KAAK,SAAS;YAClB,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC;YACvD,CAAC,CAAC,SAAS,CAAC;QAChB,OAAO,IAAI,OAAO,CAAW,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC/C,MAAM,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;YACtD,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7C,MAAM,GAAG,GAAG,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YAC/E,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC,OAAO,CAAE,GAAG,CAAC,MAAwB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;YACzE,GAAG,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,MAAM;QACZ,IAAI,IAAI,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,SAAS,GAAG,IAAI,OAAO,CAAc,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC5D,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YAC3C,GAAG,CAAC,eAAe,GAAG,GAAG,EAAE;gBACzB,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;gBACtB,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;oBAClD,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC,CAAC;YACF,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,GAAG,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;CACF"}