@ottochain/sdk 2.3.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (287) hide show
  1. package/dist/cjs/apps/compute/index.js +33 -0
  2. package/dist/cjs/apps/compute/state-machines/compute-rule110.js +164 -0
  3. package/dist/cjs/apps/compute/state-machines/index.js +9 -0
  4. package/dist/cjs/apps/contracts/index.js +16 -9
  5. package/dist/cjs/apps/contracts/state-machines/contract-agreement.js +134 -161
  6. package/dist/cjs/apps/contracts/state-machines/contract-escrow.js +192 -170
  7. package/dist/cjs/apps/contracts/state-machines/contract-universal.js +46 -58
  8. package/dist/cjs/apps/corporate/index.js +2 -2
  9. package/dist/cjs/apps/corporate/state-machines/corp-board.js +500 -456
  10. package/dist/cjs/apps/corporate/state-machines/corp-entity.js +487 -361
  11. package/dist/cjs/apps/corporate/state-machines/corp-securities.js +769 -576
  12. package/dist/cjs/apps/corporate/state-machines/corp-shareholders.js +567 -557
  13. package/dist/cjs/apps/governance/index.js +21 -21
  14. package/dist/cjs/apps/governance/state-machines/dao-multisig.js +188 -209
  15. package/dist/cjs/apps/governance/state-machines/dao-reputation.js +181 -228
  16. package/dist/cjs/apps/governance/state-machines/dao-single.js +105 -88
  17. package/dist/cjs/apps/governance/state-machines/dao-token.js +199 -227
  18. package/dist/cjs/apps/governance/state-machines/governance-simple.js +231 -231
  19. package/dist/cjs/apps/governance/state-machines/governance-universal.js +64 -64
  20. package/dist/cjs/apps/identity/constants.js +55 -22
  21. package/dist/cjs/apps/identity/index.js +28 -12
  22. package/dist/cjs/apps/identity/state-machines/identity-agent.js +124 -158
  23. package/dist/cjs/apps/identity/state-machines/identity-oracle.js +158 -173
  24. package/dist/cjs/apps/identity/state-machines/identity-registry.js +262 -0
  25. package/dist/cjs/apps/identity/state-machines/identity-universal.js +51 -57
  26. package/dist/cjs/apps/identity/state-machines/index.js +3 -1
  27. package/dist/cjs/apps/index.js +22 -8
  28. package/dist/cjs/apps/lending/assets.js +247 -0
  29. package/dist/cjs/apps/lending/credit-scoring.js +87 -0
  30. package/dist/cjs/apps/lending/eligibility.js +105 -0
  31. package/dist/cjs/apps/lending/index.js +91 -0
  32. package/dist/cjs/apps/lending/state-machines/index.js +9 -0
  33. package/dist/cjs/apps/lending/state-machines/lending-zk-loan.js +433 -0
  34. package/dist/cjs/apps/markets/index.js +22 -12
  35. package/dist/cjs/apps/markets/state-machines/market-auction.js +116 -134
  36. package/dist/cjs/apps/markets/state-machines/market-crowdfund.js +131 -141
  37. package/dist/cjs/apps/markets/state-machines/market-group-buy.js +163 -184
  38. package/dist/cjs/apps/markets/state-machines/market-prediction.js +226 -233
  39. package/dist/cjs/apps/markets/state-machines/market-universal.js +65 -80
  40. package/dist/cjs/apps/oracles/index.js +3 -3
  41. package/dist/cjs/apps/privacy/index.js +67 -0
  42. package/dist/cjs/apps/privacy/state-machines/index.js +17 -0
  43. package/dist/cjs/apps/privacy/state-machines/mixer-ddhRing.js +286 -0
  44. package/dist/cjs/apps/privacy/state-machines/note-pool.js +476 -0
  45. package/dist/cjs/apps/staked-pool/assets.js +103 -0
  46. package/dist/cjs/apps/staked-pool/base.js +498 -0
  47. package/dist/cjs/apps/staked-pool/consumer.js +55 -0
  48. package/dist/cjs/apps/staked-pool/index.js +83 -0
  49. package/dist/cjs/apps/staked-pool/state-machines/index.js +12 -0
  50. package/dist/cjs/apps/staked-pool/state-machines/staked-pool-base.js +49 -0
  51. package/dist/cjs/apps/staked-pool/state-machines/staked-pool-oracle.js +131 -0
  52. package/dist/cjs/errors.js +3 -3
  53. package/dist/cjs/generated/google/protobuf/struct.js +5 -5
  54. package/dist/cjs/generated/google/protobuf/timestamp.js +1 -1
  55. package/dist/cjs/generated/index.js +11 -7
  56. package/dist/cjs/generated/openapi.js +6 -0
  57. package/dist/cjs/generated/ottochain/apps/contracts/v1/contract.js +51 -51
  58. package/dist/cjs/generated/ottochain/apps/corporate/v1/corporate.js +20 -21
  59. package/dist/cjs/generated/ottochain/apps/governance/v1/governance.js +14 -14
  60. package/dist/cjs/generated/ottochain/apps/identity/v1/attestation.js +5 -5
  61. package/dist/cjs/generated/ottochain/apps/identity/v1/identity.js +125 -131
  62. package/dist/cjs/generated/ottochain/apps/markets/v1/market.js +108 -108
  63. package/dist/cjs/generated/ottochain/v1/common.js +5 -5
  64. package/dist/cjs/generated/ottochain/v1/fiber.js +44 -6
  65. package/dist/cjs/generated/ottochain/v1/messages.js +1 -1
  66. package/dist/cjs/generated/ottochain/v1/records.js +1 -1
  67. package/dist/cjs/index.js +58 -7
  68. package/dist/cjs/openapi.js +2 -0
  69. package/dist/cjs/ottochain/drop-nulls.js +1 -2
  70. package/dist/cjs/ottochain/genesis-manifest.js +17 -11
  71. package/dist/cjs/ottochain/index.js +23 -13
  72. package/dist/cjs/ottochain/metagraph-client.js +81 -16
  73. package/dist/cjs/ottochain/snapshot.js +13 -16
  74. package/dist/cjs/ottochain/transaction.js +67 -14
  75. package/dist/cjs/ottochain/types.js +16 -2
  76. package/dist/cjs/privacy/index.js +14 -0
  77. package/dist/cjs/privacy/sealed-bid.js +213 -0
  78. package/dist/cjs/privacy/shield-app.js +131 -0
  79. package/dist/cjs/schema/effects.js +156 -0
  80. package/dist/cjs/schema/fiber-app.js +150 -15
  81. package/dist/cjs/schema/guard-lint.js +343 -0
  82. package/dist/cjs/schema/guards.js +246 -0
  83. package/dist/cjs/signing.js +80 -0
  84. package/dist/cjs/templates/asset-policy.js +190 -0
  85. package/dist/cjs/templates/index.js +86 -0
  86. package/dist/cjs/templates/machine.js +130 -0
  87. package/dist/cjs/templates/migration.js +39 -0
  88. package/dist/cjs/templates/state-shape.js +38 -0
  89. package/dist/cjs/types.js +2 -3
  90. package/dist/cjs/validation.js +9 -11
  91. package/dist/cjs/verify.js +9 -4
  92. package/dist/cjs/zk/commit.js +53 -0
  93. package/dist/cjs/zk/guard.js +107 -0
  94. package/dist/cjs/zk/index.js +48 -0
  95. package/dist/cjs/zk/preimage.js +37 -0
  96. package/dist/cjs/zk/prover.js +87 -0
  97. package/dist/cjs/zk/registry.js +62 -0
  98. package/dist/cjs/zk/types.js +28 -0
  99. package/dist/cjs/zk/witness.js +19 -0
  100. package/dist/esm/apps/compute/index.js +29 -0
  101. package/dist/esm/apps/compute/state-machines/compute-rule110.js +161 -0
  102. package/dist/esm/apps/compute/state-machines/index.js +5 -0
  103. package/dist/esm/apps/contracts/index.js +9 -5
  104. package/dist/esm/apps/contracts/state-machines/contract-agreement.js +135 -162
  105. package/dist/esm/apps/contracts/state-machines/contract-escrow.js +193 -171
  106. package/dist/esm/apps/contracts/state-machines/contract-universal.js +47 -59
  107. package/dist/esm/apps/corporate/index.js +2 -2
  108. package/dist/esm/apps/corporate/state-machines/corp-board.js +501 -457
  109. package/dist/esm/apps/corporate/state-machines/corp-entity.js +488 -362
  110. package/dist/esm/apps/corporate/state-machines/corp-securities.js +770 -577
  111. package/dist/esm/apps/corporate/state-machines/corp-shareholders.js +568 -558
  112. package/dist/esm/apps/governance/index.js +10 -10
  113. package/dist/esm/apps/governance/state-machines/dao-multisig.js +189 -210
  114. package/dist/esm/apps/governance/state-machines/dao-reputation.js +182 -229
  115. package/dist/esm/apps/governance/state-machines/dao-single.js +106 -89
  116. package/dist/esm/apps/governance/state-machines/dao-token.js +200 -228
  117. package/dist/esm/apps/governance/state-machines/governance-simple.js +232 -232
  118. package/dist/esm/apps/governance/state-machines/governance-universal.js +65 -65
  119. package/dist/esm/apps/identity/constants.js +52 -21
  120. package/dist/esm/apps/identity/index.js +14 -9
  121. package/dist/esm/apps/identity/state-machines/identity-agent.js +125 -159
  122. package/dist/esm/apps/identity/state-machines/identity-oracle.js +159 -174
  123. package/dist/esm/apps/identity/state-machines/identity-registry.js +259 -0
  124. package/dist/esm/apps/identity/state-machines/identity-universal.js +52 -58
  125. package/dist/esm/apps/identity/state-machines/index.js +1 -0
  126. package/dist/esm/apps/index.js +9 -5
  127. package/dist/esm/apps/lending/assets.js +231 -0
  128. package/dist/esm/apps/lending/credit-scoring.js +81 -0
  129. package/dist/esm/apps/lending/eligibility.js +99 -0
  130. package/dist/esm/apps/lending/index.js +69 -0
  131. package/dist/esm/apps/lending/state-machines/index.js +5 -0
  132. package/dist/esm/apps/lending/state-machines/lending-zk-loan.js +430 -0
  133. package/dist/esm/apps/markets/index.js +11 -7
  134. package/dist/esm/apps/markets/state-machines/market-auction.js +117 -135
  135. package/dist/esm/apps/markets/state-machines/market-crowdfund.js +132 -142
  136. package/dist/esm/apps/markets/state-machines/market-group-buy.js +164 -185
  137. package/dist/esm/apps/markets/state-machines/market-prediction.js +227 -234
  138. package/dist/esm/apps/markets/state-machines/market-universal.js +66 -81
  139. package/dist/esm/apps/oracles/index.js +3 -3
  140. package/dist/esm/apps/privacy/index.js +56 -0
  141. package/dist/esm/apps/privacy/state-machines/index.js +6 -0
  142. package/dist/esm/apps/privacy/state-machines/mixer-ddhRing.js +282 -0
  143. package/dist/esm/apps/privacy/state-machines/note-pool.js +470 -0
  144. package/dist/esm/apps/staked-pool/assets.js +91 -0
  145. package/dist/esm/apps/staked-pool/base.js +493 -0
  146. package/dist/esm/apps/staked-pool/consumer.js +49 -0
  147. package/dist/esm/apps/staked-pool/index.js +60 -0
  148. package/dist/esm/apps/staked-pool/state-machines/index.js +6 -0
  149. package/dist/esm/apps/staked-pool/state-machines/staked-pool-base.js +46 -0
  150. package/dist/esm/apps/staked-pool/state-machines/staked-pool-oracle.js +127 -0
  151. package/dist/esm/generated/google/protobuf/struct.js +1 -1
  152. package/dist/esm/generated/google/protobuf/timestamp.js +1 -1
  153. package/dist/esm/generated/index.js +9 -5
  154. package/dist/esm/generated/openapi.js +5 -0
  155. package/dist/esm/generated/ottochain/apps/contracts/v1/contract.js +47 -47
  156. package/dist/esm/generated/ottochain/apps/corporate/v1/corporate.js +1 -1
  157. package/dist/esm/generated/ottochain/apps/governance/v1/governance.js +1 -1
  158. package/dist/esm/generated/ottochain/apps/identity/v1/attestation.js +1 -1
  159. package/dist/esm/generated/ottochain/apps/identity/v1/identity.js +115 -121
  160. package/dist/esm/generated/ottochain/apps/markets/v1/market.js +101 -101
  161. package/dist/esm/generated/ottochain/v1/common.js +1 -1
  162. package/dist/esm/generated/ottochain/v1/fiber.js +40 -2
  163. package/dist/esm/generated/ottochain/v1/messages.js +1 -1
  164. package/dist/esm/generated/ottochain/v1/records.js +1 -1
  165. package/dist/esm/index.js +28 -3
  166. package/dist/esm/openapi.js +1 -0
  167. package/dist/esm/ottochain/genesis-manifest.js +15 -9
  168. package/dist/esm/ottochain/index.js +2 -3
  169. package/dist/esm/ottochain/metagraph-client.js +81 -16
  170. package/dist/esm/ottochain/snapshot.js +6 -8
  171. package/dist/esm/ottochain/transaction.js +51 -3
  172. package/dist/esm/ottochain/types.js +15 -1
  173. package/dist/esm/privacy/index.js +6 -0
  174. package/dist/esm/privacy/sealed-bid.js +209 -0
  175. package/dist/esm/privacy/shield-app.js +127 -0
  176. package/dist/esm/schema/effects.js +145 -0
  177. package/dist/esm/schema/fiber-app.js +139 -8
  178. package/dist/esm/schema/guard-lint.js +337 -0
  179. package/dist/esm/schema/guards.js +228 -0
  180. package/dist/esm/signing.js +74 -0
  181. package/dist/esm/templates/asset-policy.js +182 -0
  182. package/dist/esm/templates/index.js +41 -0
  183. package/dist/esm/templates/machine.js +125 -0
  184. package/dist/esm/templates/migration.js +34 -0
  185. package/dist/esm/templates/state-shape.js +34 -0
  186. package/dist/esm/validation.js +1 -3
  187. package/dist/esm/verify.js +8 -2
  188. package/dist/esm/zk/commit.js +44 -0
  189. package/dist/esm/zk/guard.js +99 -0
  190. package/dist/esm/zk/index.js +19 -0
  191. package/dist/esm/zk/preimage.js +30 -0
  192. package/dist/esm/zk/prover.js +82 -0
  193. package/dist/esm/zk/registry.js +55 -0
  194. package/dist/esm/zk/types.js +25 -0
  195. package/dist/esm/zk/witness.js +15 -0
  196. package/dist/types/apps/compute/index.d.ts +176 -0
  197. package/dist/types/apps/compute/state-machines/compute-rule110.d.ts +157 -0
  198. package/dist/types/apps/compute/state-machines/index.d.ts +5 -0
  199. package/dist/types/apps/contracts/index.d.ts +81 -221
  200. package/dist/types/apps/contracts/state-machines/contract-agreement.d.ts +23 -98
  201. package/dist/types/apps/contracts/state-machines/contract-escrow.d.ts +49 -115
  202. package/dist/types/apps/contracts/state-machines/contract-universal.d.ts +4 -4
  203. package/dist/types/apps/corporate/index.d.ts +1176 -440
  204. package/dist/types/apps/corporate/state-machines/corp-board.d.ts +271 -135
  205. package/dist/types/apps/corporate/state-machines/corp-entity.d.ts +279 -74
  206. package/dist/types/apps/corporate/state-machines/corp-securities.d.ts +373 -149
  207. package/dist/types/apps/corporate/state-machines/corp-shareholders.d.ts +252 -80
  208. package/dist/types/apps/governance/index.d.ts +368 -470
  209. package/dist/types/apps/governance/state-machines/dao-multisig.d.ts +92 -107
  210. package/dist/types/apps/governance/state-machines/dao-reputation.d.ts +61 -85
  211. package/dist/types/apps/governance/state-machines/dao-single.d.ts +25 -47
  212. package/dist/types/apps/governance/state-machines/dao-token.d.ts +79 -68
  213. package/dist/types/apps/governance/state-machines/governance-simple.d.ts +95 -125
  214. package/dist/types/apps/governance/state-machines/governance-universal.d.ts +6 -6
  215. package/dist/types/apps/identity/constants.d.ts +33 -5
  216. package/dist/types/apps/identity/index.d.ts +415 -131
  217. package/dist/types/apps/identity/state-machines/identity-agent.d.ts +23 -23
  218. package/dist/types/apps/identity/state-machines/identity-oracle.d.ts +27 -98
  219. package/dist/types/apps/identity/state-machines/identity-registry.d.ts +379 -0
  220. package/dist/types/apps/identity/state-machines/identity-universal.d.ts +4 -4
  221. package/dist/types/apps/identity/state-machines/index.d.ts +1 -0
  222. package/dist/types/apps/index.d.ts +9 -5
  223. package/dist/types/apps/lending/assets.d.ts +258 -0
  224. package/dist/types/apps/lending/credit-scoring.d.ts +80 -0
  225. package/dist/types/apps/lending/eligibility.d.ts +83 -0
  226. package/dist/types/apps/lending/index.d.ts +556 -0
  227. package/dist/types/apps/lending/state-machines/index.d.ts +5 -0
  228. package/dist/types/apps/lending/state-machines/lending-zk-loan.d.ts +536 -0
  229. package/dist/types/apps/markets/index.d.ts +181 -276
  230. package/dist/types/apps/markets/state-machines/market-auction.d.ts +25 -49
  231. package/dist/types/apps/markets/state-machines/market-crowdfund.d.ts +35 -53
  232. package/dist/types/apps/markets/state-machines/market-group-buy.d.ts +35 -61
  233. package/dist/types/apps/markets/state-machines/market-prediction.d.ts +65 -86
  234. package/dist/types/apps/markets/state-machines/market-universal.d.ts +12 -12
  235. package/dist/types/apps/oracles/index.d.ts +1 -1
  236. package/dist/types/apps/privacy/index.d.ts +328 -0
  237. package/dist/types/apps/privacy/state-machines/index.d.ts +6 -0
  238. package/dist/types/apps/privacy/state-machines/mixer-ddhRing.d.ts +337 -0
  239. package/dist/types/apps/privacy/state-machines/note-pool.d.ts +196 -0
  240. package/dist/types/apps/staked-pool/assets.d.ts +53 -0
  241. package/dist/types/apps/staked-pool/base.d.ts +80 -0
  242. package/dist/types/apps/staked-pool/consumer.d.ts +29 -0
  243. package/dist/types/apps/staked-pool/index.d.ts +51 -0
  244. package/dist/types/apps/staked-pool/state-machines/index.d.ts +6 -0
  245. package/dist/types/apps/staked-pool/state-machines/staked-pool-base.d.ts +8 -0
  246. package/dist/types/apps/staked-pool/state-machines/staked-pool-oracle.d.ts +34 -0
  247. package/dist/types/generated/index.d.ts +5 -5
  248. package/dist/types/generated/openapi.d.ts +1270 -0
  249. package/dist/types/generated/ottochain/apps/contracts/v1/contract.d.ts +5 -5
  250. package/dist/types/generated/ottochain/apps/identity/v1/identity.d.ts +12 -12
  251. package/dist/types/generated/ottochain/apps/markets/v1/market.d.ts +11 -11
  252. package/dist/types/generated/ottochain/v1/fiber.d.ts +7 -0
  253. package/dist/types/index.d.ts +7 -3
  254. package/dist/types/openapi.d.ts +24 -0
  255. package/dist/types/ottochain/genesis-manifest.d.ts +11 -5
  256. package/dist/types/ottochain/index.d.ts +5 -6
  257. package/dist/types/ottochain/metagraph-client.d.ts +49 -7
  258. package/dist/types/ottochain/snapshot.d.ts +6 -6
  259. package/dist/types/ottochain/transaction.d.ts +41 -1
  260. package/dist/types/ottochain/types.d.ts +336 -31
  261. package/dist/types/privacy/index.d.ts +6 -0
  262. package/dist/types/privacy/sealed-bid.d.ts +348 -0
  263. package/dist/types/privacy/shield-app.d.ts +48 -0
  264. package/dist/types/schema/effects.d.ts +141 -0
  265. package/dist/types/schema/fiber-app.d.ts +282 -2
  266. package/dist/types/schema/guard-lint.d.ts +111 -0
  267. package/dist/types/schema/guards.d.ts +146 -0
  268. package/dist/types/signing.d.ts +45 -0
  269. package/dist/types/templates/asset-policy.d.ts +119 -0
  270. package/dist/types/templates/index.d.ts +26 -0
  271. package/dist/types/templates/machine.d.ts +139 -0
  272. package/dist/types/templates/migration.d.ts +34 -0
  273. package/dist/types/templates/state-shape.d.ts +30 -0
  274. package/dist/types/validation.d.ts +22 -217
  275. package/dist/types/verify.d.ts +4 -0
  276. package/dist/types/zk/commit.d.ts +28 -0
  277. package/dist/types/zk/guard.d.ts +46 -0
  278. package/dist/types/zk/index.d.ts +19 -0
  279. package/dist/types/zk/preimage.d.ts +10 -0
  280. package/dist/types/zk/prover.d.ts +34 -0
  281. package/dist/types/zk/registry.d.ts +34 -0
  282. package/dist/types/zk/types.d.ts +33 -0
  283. package/dist/types/zk/witness.d.ts +40 -0
  284. package/package.json +47 -15
  285. package/dist/cjs/ottochain/normalize.js +0 -186
  286. package/dist/esm/ottochain/normalize.js +0 -179
  287. package/dist/types/ottochain/normalize.d.ts +0 -79
@@ -0,0 +1,337 @@
1
+ import type { JsonLogicRule } from '../../../schema/fiber-app.js';
2
+ /**
3
+ * sigma-mixer — a CDS OR-of-`dhtuple` Σ-protocol ring mixer.
4
+ *
5
+ * Anonymity comes from a Cramer–Damgård–Schoenmakers OR-proof over the deposited
6
+ * ring, verified by the `sigma_verify` JLVM opcode; double-spend safety comes
7
+ * from a WITNESS-BOUND nullifier carried as the shared DDH point of an
8
+ * OR-of-`dhtuple` proposition.
9
+ *
10
+ * Each ring branch is a DDH tuple `dhtuple(G, H, P_i, Nf)`. A satisfied dhtuple
11
+ * proves knowledge of one `x` with `P_i = x·G` AND `Nf = x·H` (the verifier uses
12
+ * a SINGLE shared response `z` for both coordinate reconstructions
13
+ * `a1 = z·G − e·P_i`, `a2 = z·H − e·Nf`). The OR uses the SAME
14
+ * `v = event.nullifier` in every branch, so it hides which branch while forcing
15
+ * `event.nullifier = x_j·H` for the one real branch `j`. With `H` a NUMS base of
16
+ * unknown dlog w.r.t. `G`, the map `x ↦ x·H` is injective, so the nullifier is
17
+ * cryptographically bound to the proven secret — closing the
18
+ * witness-unbound-nullifier double-spend hole an OR-of-`dlog` ring leaves open.
19
+ *
20
+ * Verified against `@constellation-network/metagraph-sdk-jlvm@1.8.0-rc.5`: the
21
+ * `sigma_verify` dhtuple operands are exactly `["type","g","h","u","v"]` (each a
22
+ * 64-byte G1 hex), the OR child challenges XOR to the node challenge, and the
23
+ * strong-FS root challenge folds the bound message. Array append uses `merge`
24
+ * (`merge([arr,[item]])` flattens one level == append). All operators used
25
+ * (`sigma_verify`, `has`, `set`, `none`, `cat`, `substr`, `merge`) are in
26
+ * KNOWN_OPERATORS.
27
+ *
28
+ * SCOPE: this base definition is CRYPTO + LIFECYCLE. Production custody
29
+ * (`_transferAsset` in on deposit / out on withdraw), a signer-bound deposit-auth
30
+ * clause, and a `mixerId`-prefixed bound message are layered on by a downstream
31
+ * specialization (see the §8 production-hardening note in the design doc).
32
+ */
33
+ /**
34
+ * Emit the `or`-of-`dhtuple` proposition for an `n`-member ring, unrolling
35
+ * `{"var":"<pointsVar>.k"}` for `k in 0..n-1` as the `u` (commitment) of each
36
+ * branch, with `g = gHex`, `h = hHex` (literal 64-byte G1 hex) and a shared
37
+ * `v = {"var":"<nullifierVar>"}` across ALL branches.
38
+ *
39
+ * `n` is FIXED at definition time (the proposition shape is closed). `u` and `v`
40
+ * are `{"var":...}` map-node values that the evaluator resolves element-wise.
41
+ *
42
+ * @param pointsVar state var holding the ordered ring points, e.g. `"state.points"`.
43
+ * @param nullifierVar event var holding the revealed nullifier, e.g. `"event.nullifier"`.
44
+ * @param gHex the verifier generator `G=(1,2)` as 64-byte `0x` hex.
45
+ * @param hHex the NUMS second base `H` as 64-byte `0x` hex (unknown dlog wrt G).
46
+ * @param n ring size (number of unrolled branches).
47
+ */
48
+ export declare function sigmaDdhRingOf(pointsVar: string, nullifierVar: string, gHex: string, hHex: string, n: number): JsonLogicRule;
49
+ /**
50
+ * sigma-mixer fiber definition (pinned-ring v1, n=4).
51
+ *
52
+ * Trust model: PUBLIC. Anyone may deposit a ring point or submit a withdrawal.
53
+ * Privacy = a CDS OR-proof hides which of the n branches is being spent;
54
+ * anonymity set = exactly n (the ring size is public). Double-spend safety =
55
+ * the witness-bound nullifier + spent-set. Replay/front-run safety = the
56
+ * message-bound recipient.
57
+ */
58
+ export declare const mixerDdhRingDef: {
59
+ metadata: {
60
+ name: string;
61
+ app: string;
62
+ type: string;
63
+ version: string;
64
+ description: string;
65
+ };
66
+ createSchema: {
67
+ required: readonly ["mixerId", "denomination", "anonymityTarget"];
68
+ properties: {
69
+ mixerId: {
70
+ type: "string";
71
+ immutable: true;
72
+ description: string;
73
+ };
74
+ denomination: {
75
+ type: "integer";
76
+ immutable: true;
77
+ description: string;
78
+ };
79
+ nullifierBaseH: {
80
+ type: "string";
81
+ immutable: true;
82
+ description: string;
83
+ };
84
+ anonymityTarget: {
85
+ type: "integer";
86
+ immutable: true;
87
+ description: string;
88
+ };
89
+ points: {
90
+ type: "array";
91
+ items: {
92
+ type: "string";
93
+ };
94
+ default: never[];
95
+ description: string;
96
+ };
97
+ spentNullifiers: {
98
+ type: "object";
99
+ default: {};
100
+ description: string;
101
+ };
102
+ depositCount: {
103
+ type: "integer";
104
+ default: number;
105
+ };
106
+ withdrawCount: {
107
+ type: "integer";
108
+ default: number;
109
+ };
110
+ status: {
111
+ type: "string";
112
+ default: string;
113
+ description: string;
114
+ };
115
+ };
116
+ };
117
+ stateSchema: {
118
+ properties: {
119
+ mixerId: {
120
+ type: "string";
121
+ immutable: true;
122
+ };
123
+ denomination: {
124
+ type: "integer";
125
+ immutable: true;
126
+ };
127
+ nullifierBaseH: {
128
+ type: "string";
129
+ immutable: true;
130
+ };
131
+ anonymityTarget: {
132
+ type: "integer";
133
+ immutable: true;
134
+ };
135
+ points: {
136
+ type: "array";
137
+ items: {
138
+ type: "string";
139
+ };
140
+ computed: true;
141
+ };
142
+ spentNullifiers: {
143
+ type: "object";
144
+ computed: true;
145
+ };
146
+ depositCount: {
147
+ type: "integer";
148
+ computed: true;
149
+ };
150
+ withdrawCount: {
151
+ type: "integer";
152
+ computed: true;
153
+ };
154
+ status: {
155
+ type: "string";
156
+ computed: true;
157
+ };
158
+ };
159
+ };
160
+ eventSchemas: {
161
+ deposit: {
162
+ description: string;
163
+ };
164
+ withdraw: {
165
+ description: string;
166
+ };
167
+ };
168
+ states: {
169
+ filling: {
170
+ id: string;
171
+ isFinal: false;
172
+ metadata: {
173
+ label: string;
174
+ description: string;
175
+ category: "active";
176
+ };
177
+ };
178
+ open: {
179
+ id: string;
180
+ isFinal: false;
181
+ metadata: {
182
+ label: string;
183
+ description: string;
184
+ category: "active";
185
+ };
186
+ };
187
+ drained: {
188
+ id: string;
189
+ isFinal: true;
190
+ metadata: {
191
+ label: string;
192
+ description: string;
193
+ category: "terminal";
194
+ };
195
+ };
196
+ };
197
+ initialState: "filling";
198
+ transitions: ({
199
+ from: "filling";
200
+ to: "open";
201
+ eventName: "deposit";
202
+ guard: {
203
+ and: ({
204
+ '===': ({
205
+ '+': (number | {
206
+ var: string;
207
+ })[];
208
+ var?: undefined;
209
+ } | {
210
+ var: string;
211
+ '+'?: undefined;
212
+ })[];
213
+ '!!'?: undefined;
214
+ none?: undefined;
215
+ } | {
216
+ '!!': {
217
+ var: string;
218
+ }[];
219
+ '==='?: undefined;
220
+ none?: undefined;
221
+ } | {
222
+ none: ({
223
+ var: string;
224
+ '==='?: undefined;
225
+ } | {
226
+ '===': {
227
+ var: string;
228
+ }[];
229
+ var?: undefined;
230
+ })[];
231
+ '==='?: undefined;
232
+ '!!'?: undefined;
233
+ })[];
234
+ };
235
+ effect: {
236
+ merge: ({
237
+ var: string;
238
+ points?: undefined;
239
+ depositCount?: undefined;
240
+ status?: undefined;
241
+ } | {
242
+ points: {
243
+ merge: ({
244
+ var: string;
245
+ } | {
246
+ var: string;
247
+ }[])[];
248
+ };
249
+ depositCount: {
250
+ '+': (number | {
251
+ var: string;
252
+ })[];
253
+ };
254
+ status: string;
255
+ var?: undefined;
256
+ })[];
257
+ };
258
+ dependencies: never[];
259
+ } | {
260
+ from: "filling";
261
+ to: "filling";
262
+ eventName: "deposit";
263
+ guard: {
264
+ and: ({
265
+ '<': ({
266
+ '+': (number | {
267
+ var: string;
268
+ })[];
269
+ var?: undefined;
270
+ } | {
271
+ var: string;
272
+ '+'?: undefined;
273
+ })[];
274
+ '!!'?: undefined;
275
+ none?: undefined;
276
+ } | {
277
+ '!!': {
278
+ var: string;
279
+ }[];
280
+ '<'?: undefined;
281
+ none?: undefined;
282
+ } | {
283
+ none: ({
284
+ var: string;
285
+ '==='?: undefined;
286
+ } | {
287
+ '===': {
288
+ var: string;
289
+ }[];
290
+ var?: undefined;
291
+ })[];
292
+ '<'?: undefined;
293
+ '!!'?: undefined;
294
+ })[];
295
+ };
296
+ effect: {
297
+ merge: ({
298
+ var: string;
299
+ points?: undefined;
300
+ depositCount?: undefined;
301
+ } | {
302
+ points: {
303
+ merge: ({
304
+ var: string;
305
+ } | {
306
+ var: string;
307
+ }[])[];
308
+ };
309
+ depositCount: {
310
+ '+': (number | {
311
+ var: string;
312
+ })[];
313
+ };
314
+ var?: undefined;
315
+ })[];
316
+ };
317
+ dependencies: never[];
318
+ } | {
319
+ from: "open";
320
+ to: "drained";
321
+ eventName: "withdraw";
322
+ guard: {
323
+ and: JsonLogicRule[];
324
+ };
325
+ effect: JsonLogicRule;
326
+ dependencies: never[];
327
+ } | {
328
+ from: "open";
329
+ to: "open";
330
+ eventName: "withdraw";
331
+ guard: {
332
+ and: JsonLogicRule[];
333
+ };
334
+ effect: JsonLogicRule;
335
+ dependencies: never[];
336
+ })[];
337
+ };
@@ -0,0 +1,196 @@
1
+ /**
2
+ * shielded-note-pool — a Tornado-style fixed-denomination UTXO-private asset pool.
3
+ *
4
+ * One fiber instance is one shielded pool. The pool's PUBLIC state is the privacy
5
+ * scaffolding only — a Poseidon-Merkle commitment ROOT window, a spent-NULLIFIER set,
6
+ * an append-only output-COMMITMENT log, and the asset-record UUIDs the pool custodies.
7
+ * The real value model is a UTXO note layer that lives OFF-chain in notes committed to
8
+ * the tree; each spend is attested by a single Groth16 proof of the `zk-shielded` circuit.
9
+ *
10
+ * Division of labour (the Kachina/Midnight split — a general verifier in the VM, the
11
+ * shielded pool as ordinary state + transitions on top of it; see
12
+ * docs/design/ergo-patterns-as-fiber-primitives.md §"shielded-note-pool" and
13
+ * docs/design/shielded-transfer-app-sketch.md):
14
+ * - the CIRCUIT proves membership (Poseidon-Merkle inclusion) ∧ authorization
15
+ * (`owner == Poseidon([nsk])`) ∧ nullifier derivation (`nf == Poseidon([rho, nsk])`)
16
+ * ∧ intra-transfer nullifier uniqueness ∧ per-asset conservation ∧ u64 range;
17
+ * - this GUARD (combine) verifies the proof against the pinned `vkey`, binds the
18
+ * public inputs by slicing them from the VERIFIED `publicValues` bytes, rejects an
19
+ * already-spent nullifier (`none`), checks the spend's anchor is still honored
20
+ * (`in [anchor, knownRoots]`), and pins the fee word to a configured value;
21
+ * - the EFFECT (combine) spends the nullifier, logs the output commitment, advances
22
+ * the rolling anchor window, and (on `unshield`) releases exactly one whole
23
+ * `denom`-valued asset record to a clear recipient.
24
+ *
25
+ * It uses NO new metakit opcode. `groth16_verify` verifies the proof; the public-input
26
+ * words are extracted from the verified `publicValues` string with fixed-offset `substr`
27
+ * and re-prefixed `0x` (`{cat:['0x', {substr:[pv,off,64]}]}`) — slicing the verified
28
+ * bytes IS the binding, so no field can be mauled independently of the proof.
29
+ *
30
+ * ──────────────────────────────────────────────────────────────────────────────────────
31
+ * ⚠ UNAUDITED — TEST ASSETS ONLY. The `zk-shielded` circuit and its Groth16 verifier are
32
+ * UNAUDITED; BN254 is ~100-bit security. This MVP is test-assets-only and pins
33
+ * N=1 input / M=1 output / zero fee, with a SINGLE TRUSTED RELAYER for root advancement.
34
+ * Do NOT deploy with value-bearing assets until the circuit + verifier are audited and the
35
+ * in-circuit `newRoot` (which removes the trusted relayer) has landed. See §"Scope" / the
36
+ * Risks list in the design doc.
37
+ * ──────────────────────────────────────────────────────────────────────────────────────
38
+ *
39
+ * MVP constraints (CONFIRMED DEFAULTS):
40
+ * - test assets only;
41
+ * - single trusted relayer gates root advancement (`event.newRoot` is NOT in the proven
42
+ * public values, so a non-relayer could otherwise flood `knownRoots` and evict honest
43
+ * in-flight anchors — a real DoS). LATER: prove `newRoot` in-circuit and drop the relayer.
44
+ * - fixed denomination; the deposit mint is transparent (Tornado-style), the amount is
45
+ * hidden among same-`denom` notes (anonymity set = all live `denom` notes).
46
+ *
47
+ * On-chain primitive facts this builder relies on (re-verified against
48
+ * `@constellation-network/metagraph-sdk-jlvm@1.8.0-rc.5`, see tests/note-pool.test.ts):
49
+ * - array APPEND is `merge([arr,[item]])` (flatten one level); `cat` on arrays ERRORS
50
+ * ("Unexpected input for `cat`") — never use `cat` for array append on-chain;
51
+ * - every crypto/compare value is `0x`-prefixed; an extracted word MUST be re-prefixed
52
+ * `{cat:['0x', {substr:[pv,off,64]}]}` before comparing with a stored `0x` hash;
53
+ * - `none [arr, {===:[{var:""}, x]}]` fires correctly (fresh→true, spent→false);
54
+ * - `groth16_verify` on a garbage bundle returns `false` (graceful deny, never throws);
55
+ * - `pmt_verify([root, leaf, index, [siblings]])` is Poseidon-Merkle inclusion with
56
+ * ROOT-FIRST siblings and a leaf-position `index` (depth range-checked) — exported as
57
+ * {@link pmtMembership} for off-chain witness building / a membership-gated variant.
58
+ */
59
+ import { type FiberAppDefinition, type JsonLogicRule, type SchemaField } from '../../../schema/fiber-app.js';
60
+ /**
61
+ * The EXACT `publicValues` layout the guard slices, for the N=1 input / M=1 output MVP.
62
+ *
63
+ * `publicValues` is the abi-encoded `ShieldedTransferPublicValues` carried as a single
64
+ * `0x`-prefixed lowercase-hex string. Each 32-byte ABI word is 64 hex chars; word `w`
65
+ * begins at hex offset `2 + 64*w` (the leading `2` skips `0x`).
66
+ *
67
+ * `ShieldedTransferPublicValues { bytes32 anchor; bytes32[] nullifiers; bytes32[] outputCms;
68
+ * uint64 fee; bytes32 feeAsset; }`. The circuit commits this via `alloy_sol_types::abi_encode`,
69
+ * which — the struct being a DYNAMIC tuple (it holds the two dynamic arrays) — emits a single leading
70
+ * `0x20` tuple-offset HEAD WORD before the struct body, then the body's own head of array offsets +
71
+ * a tail of (len, elems). For FIXED N=1/M=1 the tail is static and `substr`-addressable.
72
+ *
73
+ * ┌── field ─────────────┬── hex offset ─┬── width ─┬── notes ─────────────────────────────────┐
74
+ * │ tuple head (0x20) │ 2 │ 64 │ abi_encode dynamic-tuple offset; NOT a field│
75
+ * │ anchor │ 66 │ 64 │ Poseidon-Merkle root the inputs prove under │
76
+ * │ nullifiers off (0xa0)│ 130 │ 64 │ body-relative offset of the nullifiers array│
77
+ * │ outputCms off (0xe0)│ 194 │ 64 │ body-relative offset of the outputCms array │
78
+ * │ fee (uint64 word) │ 258 │ 64 │ transparent fee, right-aligned in the word │
79
+ * │ feeAsset │ 322 │ 64 │ asset-as-Fr the fee is denominated in │
80
+ * │ nullifiers.len │ 386 │ 64 │ == 1 for the N=1 MVP │
81
+ * │ nullifiers[0] │ 450 │ 64 │ the revealed input nullifier │
82
+ * │ outputCms.len │ 514 │ 64 │ == 1 for the M=1 MVP │
83
+ * │ outputCms[0] │ 578 │ 64 │ the revealed output commitment │
84
+ * └──────────────────────┴───────────────┴──────────┴─────────────────────────────────────────────┘
85
+ *
86
+ * The word ORDER and ENCODING a matching SP1 fixture MUST produce (so the placeholder can be
87
+ * swapped for a real proof): the `0x`-string is
88
+ * 0x ‖ 0x20 ‖ anchor ‖ nullifiers.off ‖ outputCms.off ‖ fee ‖ feeAsset ‖
89
+ * nullifiers.len ‖ nullifiers[0] ‖ outputCms.len ‖ outputCms[0]
90
+ * laid out by the circuit's `commit_slice(abi_encode(ShieldedTransferPublicValues{..}))`, such that
91
+ * the five field offsets below land on the words above. Every word is a lowercase 32-byte hex with
92
+ * NO `0x` per-word prefix (the single `0x` is on the whole string).
93
+ *
94
+ * RECONCILED 2026-06 against the REAL `zk-shielded` circuit (~/repos/metakit-sdk/rust/zk-shielded):
95
+ * an earlier version of this layout omitted the leading `0x20` dynamic-tuple head word, so every
96
+ * offset was one 32-byte word (64 hex) too low and the guard sliced the WRONG words. The circuit is
97
+ * the source of truth; the offsets above were corrected (+64 each) to match a real SP1 Groth16 proof
98
+ * whose `publicValues` is `0x ‖ 0x20 ‖ anchor ‖ 0xa0 ‖ 0xe0 ‖ fee ‖ feeAsset ‖ 1 ‖ nf ‖ 1 ‖ cm`.
99
+ *
100
+ * cm / nf preimages (the circuit's, fixed and byte-for-byte across Scala/Rust/TS):
101
+ * - `cm = Poseidon([value_as_fr, owner, asset, rho])` (4-input, MAX poseidon arity);
102
+ * - `owner = Poseidon([nsk])`;
103
+ * - `nf = Poseidon([rho, nsk])` (FIELD ORDER rho, nsk).
104
+ */
105
+ export declare const PV_LAYOUT: {
106
+ /** anchor — word 1 (word 0 is the dynamic-tuple `0x20` head word; see the table). */
107
+ readonly anchor: 66;
108
+ /** fee — word 4 (uint64 right-aligned). MVP pins this whole word to {@link NotePoolOptions.feeWord}. */
109
+ readonly fee: 258;
110
+ /** feeAsset — word 5. */
111
+ readonly feeAsset: 322;
112
+ /** nullifiers[0] — after the nullifiers length word @386. */
113
+ readonly nullifier: 450;
114
+ /** outputCms[0] — after the outputCms length word @514. */
115
+ readonly outputCm: 578;
116
+ };
117
+ /**
118
+ * Lift `publicValues` word at hex `offset` back to a `0x`-hex value comparable with a stored
119
+ * `bytes32`/`hash`. `cat` of two STRINGS is valid on-chain; `cat` of arrays ERRORS — this is
120
+ * strings only. The slice is taken from the SAME bytes `groth16_verify` consumed, so a changed
121
+ * field invalidates the proof: re-prefixing the verified slice IS the public-input binding.
122
+ */
123
+ export declare const pvField: (offset: number) => JsonLogicRule;
124
+ /**
125
+ * `pmt_verify([root, leaf, index, [siblings]])` Poseidon-Merkle inclusion (root-first siblings,
126
+ * leaf-position `index`, depth = `siblings.length`, range-checked). Exported for off-chain witness
127
+ * building and for a membership-gated pool variant. NOTE: the MVP `transfer`/`unshield` guards do
128
+ * NOT call `pmt_verify` — membership is proven INSIDE the circuit (`verify_inclusion`) and bound to
129
+ * the verified `anchor`; the chain only checks `anchor ∈ knownRoots`. This helper exists so a
130
+ * downstream pool that wants an additional ON-CHAIN inclusion check (e.g. for a transparent leaf)
131
+ * can express it with the verified operand format.
132
+ */
133
+ export declare const pmtMembership: (rootVar: JsonLogicRule, leafVar: JsonLogicRule, indexVar: JsonLogicRule, siblingsVar: JsonLogicRule) => JsonLogicRule;
134
+ export interface NotePoolOptions {
135
+ /** zk-shielded program vkey (32B, `0x`-hex). Pinned ONCE at creation; the guard reads it from state. */
136
+ vkey: string;
137
+ /** Merkle depth of the commitment tree, pinned at creation. */
138
+ depth: number;
139
+ /** Fixed note denomination (asset units). Each live note ⇔ one `denom`-valued asset record. */
140
+ denom: number;
141
+ /** Asset policy ref the pool mints/burns note-records under (the deposit authorization surface). */
142
+ poolPolicyRef: string;
143
+ /** `0x` Fr label fees are charged in (== asset-as-Fr). Must equal the proof's `feeAsset` word. */
144
+ feeAsset: string;
145
+ /**
146
+ * The EXACT `0x` 32-byte word `fee` must equal. MVP: the all-zero word (forces fee=0, rejects any
147
+ * value-siphoning fee). LATER, to allow a fixed nonzero fee, compare only the right 16 hex.
148
+ */
149
+ feeWord?: string;
150
+ /** DAG address authorized to advance the root (MVP single trusted relayer; anti-grief). */
151
+ relayer: string;
152
+ /** How many recent anchors stay spendable (rolling window). Default 64. */
153
+ rootWindow?: number;
154
+ }
155
+ /** The all-zero 32-byte word — the MVP `feeWord` (pins fee=0). */
156
+ export declare const ZERO_WORD: string;
157
+ /** Public state every shielded note-pool carries (the note value model itself is private/off-chain). */
158
+ export declare const NOTE_POOL_STATE: Record<string, SchemaField>;
159
+ /** `transfer` / `unshield` carry a Groth16 bundle; `unshield` also carries the record to release. */
160
+ export interface ShieldedSpendPayload {
161
+ /** Groth16 proof bytes (0x hex). */
162
+ proof: string;
163
+ /** abi-encoded `ShieldedTransferPublicValues` (0x hex); see {@link PV_LAYOUT}. */
164
+ publicValues: string;
165
+ }
166
+ /** `transfer` advances the tree; `newRoot` is wallet/relayer-computed (NOT in the proven PV). */
167
+ export interface TransferPayload extends ShieldedSpendPayload {
168
+ /** wallet/relayer-computed root after appending `outputCms[0]`. Authorized by the relayer signer gate. */
169
+ newRoot: string;
170
+ }
171
+ /** `unshield` releases one whole `denom`-valued record the pool holds to a clear recipient. */
172
+ export interface UnshieldPayload extends ShieldedSpendPayload {
173
+ /** assetId UUID of the note-record to release; MUST be `in state.noteRecords`. */
174
+ recordId: string;
175
+ /** clear DAG address (→ `AssetHolder.Wallet`) that receives the released note-record. */
176
+ recipient: string;
177
+ }
178
+ /** `noteMinted` records a deposit's commitment + the freshly-minted record's UUID. */
179
+ export interface NoteMintedPayload {
180
+ /** client-computed `cm = Poseidon([denom, owner, feeAsset, rho])` (0x). */
181
+ commitment: string;
182
+ /** assetId UUID of the `denom`-valued record the deposit minted into `Fiber(poolId)`. */
183
+ recordId: string;
184
+ }
185
+ /**
186
+ * Build the shielded-note-pool fiber app.
187
+ *
188
+ * Single state `ACTIVE → ACTIVE` with three transitions:
189
+ * - `transfer` — note-to-note spend (no public asset move); advances the tree. Relayer-gated.
190
+ * - `noteMinted`— witness transition recording a deposit's commitment + record UUID (the deposit
191
+ * itself is an asset-model `MintAsset` into `Fiber(poolId)`, gated by the
192
+ * `poolPolicyRef` mintPolicy — NOT a fiber transition).
193
+ * - `unshield` — burn a note (nullify), release one whole `denom` note-record to a clear recipient.
194
+ * Self-sufficient because it is CASCADE-REACHABLE (asset transfers fire from cascades).
195
+ */
196
+ export declare function notePoolDef(opts: NotePoolOptions): FiberAppDefinition;
@@ -0,0 +1,53 @@
1
+ /**
2
+ * Asset-subsystem integration for the staked-pool family.
3
+ *
4
+ * Two asset roles:
5
+ * - STAKE token: a governed fungible. Joining is a custody `Transfer` of the whole stake instance into
6
+ * `AssetHolder.Fiber(poolId)` (the loan family's "lock = Transfer into Fiber holder" pattern); the
7
+ * pool's `stake_and_join` guard verifies the custody via `heldAssets` (H5). Withdraw/slash move it back
8
+ * out via the fiber's `_transferAsset` directive.
9
+ * - REWARD token: a shared fungible the pool pre-holds. `claim_reward` moves ONE whole reward instance to
10
+ * a verified in-consensus claimant (per-claim model — the whole-asset transfer has no amount field).
11
+ *
12
+ * Reuses the lending family's asset payload builders (`createAssetPolicyPayload`, `createMintAssetPayload`,
13
+ * `createApplyMorphismPayload`, `fiberHolder`, `walletHolder`) — re-exported here so a staked-pool caller
14
+ * has a single import surface.
15
+ */
16
+ import { createAssetPolicyPayload, createMintAssetPayload, createApplyMorphismPayload, fiberHolder, walletHolder, TokenBehaviors, type CreateAssetPolicyParams, type MintAssetMessage, type ApplyMorphismMessage, type PolicyRef, type JsonLogicRule } from '../lending/assets.js';
17
+ export { createAssetPolicyPayload, createMintAssetPayload, createApplyMorphismPayload, fiberHolder, walletHolder, TokenBehaviors, };
18
+ export type { CreateAssetPolicyParams, MintAssetMessage, ApplyMorphismMessage, PolicyRef, JsonLogicRule };
19
+ /**
20
+ * Stake-token policy: a governed fungible. `Transfer` is the custody move into/out of the pool fiber.
21
+ * Transferable so withdraw/slash can return it (a soulbound stake would fail the R1 transferable check
22
+ * on withdraw — see design §11; not the default here).
23
+ */
24
+ export declare function stakePolicy(name?: string, version?: string): CreateAssetPolicyParams;
25
+ /**
26
+ * Reward-pot policy: a shared fungible the pool pre-holds and pays out one whole instance per claim.
27
+ * `mintGuard` (optional) gates who may mint reward instances into the pool (e.g. the pool authority);
28
+ * omit for an open mint pinned operationally.
29
+ */
30
+ export declare function rewardPotPolicy(mintGuard?: JsonLogicRule | null, name?: string, version?: string): CreateAssetPolicyParams;
31
+ /**
32
+ * stake_and_join driver: the participant Transfers their whole stake instance into the pool fiber BEFORE
33
+ * the `stake_and_join` event (custody = Transfer to `AssetHolder.Fiber`). Mirrors `lockCollateralOp`.
34
+ */
35
+ export declare function stakeJoinOp(args: {
36
+ stakeAssetId: string;
37
+ poolFiberId: string;
38
+ targetSequenceNumber: number;
39
+ }): ApplyMorphismMessage;
40
+ /**
41
+ * Pre-mint reward instances into the pool fiber (sized to expected claimants for the epoch). Mirrors
42
+ * `mintPrincipalOp` but mints to `Fiber(poolId)` so `claim_reward` can later transfer one whole instance.
43
+ */
44
+ export declare function mintRewardInstancesOp(args: {
45
+ rewardAssetId: string;
46
+ rewardPolicyRef: PolicyRef;
47
+ poolFiberId: string;
48
+ amount: number | string;
49
+ witness?: {
50
+ publicValues: string;
51
+ proof: string;
52
+ };
53
+ }): MintAssetMessage;
@@ -0,0 +1,80 @@
1
+ /**
2
+ * Staked-pool BASE factory — a reusable staked-epoch-pool lifecycle skeleton.
3
+ *
4
+ * Lifecycle: FORMING → COLLECTING → SETTLED → COLLECTING (reset) … → CLOSED.
5
+ * FORMING (initial) — accepting stake/join; registry bound; not yet running epochs.
6
+ * COLLECTING — epoch open; participants submit datapoints/votes.
7
+ * SETTLED — result published; entitlement ledger credited; result readable cross-fiber.
8
+ * CLOSED (final) — wound down; stakes + unclaimed rewards still withdrawable/claimable.
9
+ *
10
+ * The base composes EXISTING SDK primitives only:
11
+ * - `signerIsParty` (authority gate), `actorIsSigner`/`actorHasEntry` (effect-key↔signer coupling),
12
+ * `signerHasReputationVia` (the #24 dynamic-dep reputation-gated join), `actorNotInArray` (array dedup),
13
+ * `depInState` (cross-fiber consumer read — used by the consumer, not the pool itself) — `src/schema/guards.ts`.
14
+ * - `addDependency` (#24 bind), `transferAsset` (whole-instance custody move) — `src/schema/effects.ts`.
15
+ *
16
+ * Value model (design §2.1, §4 — resolved):
17
+ * - Submissions are an APPEND-ONLY ARRAY of `{ addr, value }` records (no map-keyed-by-address, because
18
+ * there is no `(array,int)` element-index op). Append is `merge[state.submissions, [record]]` — verified.
19
+ * - finalize emits ZERO asset transfers: it publishes `result` and records the in-consensus address set
20
+ * into `inConsensus` (the entitlement ledger). No reward map-fold (a map-valued `reduce` accumulator is
21
+ * rejected by the VM — `isPrimitive` guard in `opReduce`); entitlement is membership in `inConsensus`.
22
+ * - reward = PER-CLAIM on a shared fungible: `claim_reward` moves ONE whole reward instance the pool holds
23
+ * to a verified, in-consensus, not-yet-claimed signer, and marks `claimed[addr] = true`. ≤1 transfer.
24
+ * - withdraw_stake / hard-slash each emit exactly ONE whole `_transferAsset` ⇒ never the 32-cap.
25
+ *
26
+ * Multi-`from` arms are SPLIT into one transition per source state (chain `from` is a single string):
27
+ * stake_and_join ×2, claim_reward ×2, withdraw_stake ×2, close ×3.
28
+ */
29
+ import type { FiberAppDefinition, Transition } from '../../schema/fiber-app.js';
30
+ /**
31
+ * submit COLLECTING→COLLECTING — append one `{addr,value}` datapoint. OVERRIDABLE per specialization.
32
+ * Guard = joined participant (signer-pinned) AND within window AND not-yet-submitted-this-epoch (array dedup).
33
+ */
34
+ export declare function defaultSubmitArm(): Transition;
35
+ /**
36
+ * Genesis state — EVERY map init'd to `{}` and EVERY array to `[]` so reads stay total (M1: `has`/`get`
37
+ * on null hard-error). `epoch`/`epochStartedAt` are 0 until `open_first_epoch`.
38
+ */
39
+ export declare const baseInitialStateData: {
40
+ readonly status: "FORMING";
41
+ readonly epoch: 0;
42
+ readonly epochStartedAt: 0;
43
+ readonly participants: {};
44
+ readonly stakes: {};
45
+ readonly stakeAssetIds: {};
46
+ readonly submissions: readonly [];
47
+ readonly inConsensus: readonly [];
48
+ readonly claimed: {};
49
+ readonly result: null;
50
+ };
51
+ export interface StakedPoolOverrides {
52
+ /** Metadata identity for the specialization. */
53
+ metadata: {
54
+ name: string;
55
+ type: string;
56
+ description: string;
57
+ version?: string;
58
+ };
59
+ /** Override the COLLECTING→COLLECTING `submit` arm (e.g. oracle datapoint append). Defaults to {@link defaultSubmitArm}. */
60
+ submit?: Transition;
61
+ /** The finalize arm (COLLECTING→SETTLED) — REQUIRED; supplied by the specialization (e.g. trimmed-mean). */
62
+ finalize: Transition;
63
+ /** Extra arms (e.g. governance propose/vote/resolve/challenge/slash) appended after the base arms. */
64
+ extraTransitions?: readonly Transition[];
65
+ /** Extra states (e.g. governance VOTING). */
66
+ extraStates?: Record<string, {
67
+ id: string;
68
+ isFinal: boolean;
69
+ metadata?: unknown;
70
+ }>;
71
+ /** Extra create-schema properties merged onto the base. */
72
+ extraCreateProperties?: Record<string, unknown>;
73
+ /** Extra state-schema properties merged onto the base. */
74
+ extraStateProperties?: Record<string, unknown>;
75
+ }
76
+ /**
77
+ * Build a staked-pool definition from the shared base + a specialization's `submit`/`finalize` (+ extras).
78
+ * Emits all SPLIT multi-`from` arms; no two emitted entries share both `from` and `eventName`.
79
+ */
80
+ export declare function makeStakedPoolDef(overrides: StakedPoolOverrides): FiberAppDefinition;