@ozura/elements 0.1.0-beta.6 → 0.1.0-beta.7

package/README.md

@@ -4,7 +4,7 @@ PCI-compliant card tokenization SDK for the Ozura Vault.
 
 OzElements renders secure, iframe-isolated card input fields on your page and tokenizes card data directly to the Ozura Vault. Your JavaScript never touches raw card numbers, CVVs, or expiry dates — the iframes handle everything. You get back a token. Use it with your own payment processor, your own backend systems, or with the Ozura Pay API.
 
-All you need is a vault API key.
+You need a **vault public key** (`pk_…`) for the browser SDK and your **vault API key** on the server only — it mints short-lived **wax keys** so the secret never reaches the browser. **Integration expectations and examples are in this README** (section [Wax keys (merchant integration)](#wax-keys-merchant-integration)). [WAX_KEY_IMPLEMENTATION.md](./WAX_KEY_IMPLEMENTATION.md) is an optional deep dive (design history, dev server, security notes).
 
 ---
 
@@ -14,7 +14,7 @@ If you need to collect card data, you have a PCI compliance problem. OzElements
 
 The Ozura Vault stores and tokenizes sensitive card data. OzElements is the frontend SDK for the vault — it gives you drop-in card fields that are fully isolated inside Ozura-controlled iframes. Your page never sees raw card data, which keeps your PCI scope minimal (SAQ-A).
 
-**You don't need to be an OzuraPay merchant to use this.** You just need a vault API key. Once you have a token, you can use it however you want — with your own processor, your own systems, or optionally with the Ozura Pay API.
+**You don't need to be an OzuraPay merchant to use this.** You need vault credentials: a **public key** for the browser and the **vault API key** on your server (for minting wax only). Once you have a token, you can use it however you want — with your own processor, your own systems, or optionally with the Ozura Pay API.
 
 ---
 
@@ -25,7 +25,7 @@ Your page (yoursite.com)
 │
 │  import { OzVault } from '@ozura/elements'
 │
-│  const vault = new OzVault('vault_api_key');
+│  const vault = await OzVault.create({ pubKey, fetchWaxKey });
 │
 │  const cardNumber = vault.createElement('cardNumber', { style: { ... } });
 │  cardNumber.mount('#card-number');
@@ -47,6 +47,8 @@ Your page (yoursite.com)
 
 Raw card data travels one path: element iframe → tokenizer iframe (direct same-origin `postMessage`). Your SDK only ever sees metadata (valid/complete/cardBrand) and the final token.
 
+The tokenizer POSTs to the vault with **`X-Wax-Key`** (minted on your backend). The vault secret must **never** appear in the browser or in tokenize requests.
+
 ---
 
 ## Installation
@@ -70,8 +72,17 @@ For production, pin a version: `.../npm/@ozura/elements@1.0.0/dist/oz-elements.u
 ```js
 import { OzVault } from '@ozura/elements';
 
-const vault = new OzVault('your_vault_api_key', {
+const vault = await OzVault.create({
   pubKey: 'your_pub_key',
+  fetchWaxKey: async (sessionId) => {
+    // Your backend mints a session-bound wax key using the vault secret
+    const { waxKey } = await fetch('/api/mint-wax', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId }),
+    }).then(r => r.json());
+    return waxKey;
+  },
 });
 
 const cardNumber = vault.createElement('cardNumber', {
@@ -113,16 +124,135 @@ document.getElementById('tokenize').addEventListener('click', async () => {
 
 ---
 
+## Wax keys (merchant integration)
+
+The vault `/tokenize` call must not use your vault secret from the browser. Instead:
+
+1. During `OzVault.create()`, the SDK generates a `sessionId` (UUID) and calls **`fetchWaxKey(sessionId)`** once.
+2. Your **`fetchWaxKey`** implementation should `POST` to **your** backend (e.g. `/api/mint-wax`) with that `sessionId`.
+3. Your backend uses the **vault API key only on the server** to mint a short-lived **wax key** from the vault, then returns `{ waxKey }` to the browser.
+4. The hidden tokenizer iframe sends **`X-Wax-Key`** (and related headers) to the vault — **never `X-API-Key`**.
+
+### Vault mint contract (your backend → vault)
+
+Your server calls the vault (the SDK’s `Ozura.mintWaxKey` does this for you):
+
+| | |
+|---|---|
+| **Method / URL** | `POST {vaultBaseUrl}/internal/wax-session` |
+| **Auth** | `X-API-Key: <vault API key>` (server only) |
+| **Body** | `{ "checkout_session_id": "<sessionId>" }` — optional; correlates with the SDK session. `{}` is valid. |
+| **Success** | HTTP **201** · `{ "data": { "wax_key": "<uuid>", "expires_in_seconds": 1800 } }` (TTL is typically 30 minutes) |
+| **Errors** | JSON such as `{ "message", "error_code" }` — treat like any API error |
+
+If your vault hostname differs from the default used by published iframe builds, pass **`vaultUrl`** on `Ozura` so mint/revoke hit the correct host.
+
+### One-line handlers (`@ozura/elements/server`)
+
+Both helpers accept **`sessionId`** or **`tokenizationSessionId`** in the JSON body. They respond with **`{ waxKey }`** on success.
+
+**Next.js App Router** (or any runtime with `Request` / `Response`):
+
+```ts
+import { Ozura, createMintWaxHandler } from '@ozura/elements/server';
+
+const ozura = new Ozura({
+  merchantId: process.env.MERCHANT_ID!,
+  apiKey:     process.env.MERCHANT_API_KEY!,
+  vaultKey:   process.env.VAULT_API_KEY!,
+  // vaultUrl: process.env.VAULT_URL,  // optional override
+});
+
+export const POST = createMintWaxHandler(ozura);
+```
+
+**Express** (register JSON body parsing **before** the middleware):
+
+```ts
+import express from 'express';
+import { Ozura, createMintWaxMiddleware } from '@ozura/elements/server';
+
+const app = express();
+const ozura = new Ozura({
+  merchantId: process.env.MERCHANT_ID!,
+  apiKey:     process.env.MERCHANT_API_KEY!,
+  vaultKey:   process.env.VAULT_API_KEY!,
+});
+
+app.use(express.json());
+app.post('/api/mint-wax', createMintWaxMiddleware(ozura));
+```
+
+### Manual route
+
+Use this if you need to persist `waxKey` server-side for later revocation:
+
+```ts
+app.post('/api/mint-wax', async (req, res) => {
+  const sessionId = req.body?.sessionId ?? req.body?.tokenizationSessionId;
+  const { waxKey, expiresInSeconds } = await ozura.mintWaxKey(
+    typeof sessionId === 'string' && sessionId
+      ? { tokenizationSessionId: sessionId }
+      : {},
+  );
+  // await saveWaxForSession(sessionId, waxKey);
+  res.json({ waxKey });
+});
+```
+
+`mintWaxKey` throws **`OzuraError`** on failure (vault 4xx/5xx). The one-line handlers catch that and respond with **`{ error: string }`**: HTTP status is the vault status when ≥ 400, otherwise **502** (e.g. network failure).
+
+### Browser: handle mint failures
+
+Check the response from your mint endpoint before calling `createToken`:
+
+```js
+fetchWaxKey: async (sessionId) => {
+  const res = await fetch('/api/mint-wax', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ sessionId }),
+  });
+  const data = await res.json().catch(() => ({}));
+  if (!res.ok) {
+    throw new Error(typeof data.error === 'string' ? data.error : 'Could not mint wax key');
+  }
+  if (!data.waxKey) throw new Error('Mint response missing waxKey');
+  return data.waxKey;
+},
+```
+
+### Optional: revoke when the checkout session ends
+
+To shorten exposure before TTL, call **`await ozura.revokeWaxKey(waxKey)`** from your server when the session completes successfully, the user cancels, or your session times out. It is best-effort (does not throw). **Do not** revoke on card decline — the user may fix the card and call `createToken()` again without a full new `OzVault.create()`.
+
+### Expired or consumed wax
+
+If tokenization fails with an auth-style error after the wax key expired or was consumed, create a **new** vault instance: `await OzVault.create({ pubKey, fetchWaxKey })` so `fetchWaxKey` runs again.
+
+### More detail
+
+[WAX_KEY_IMPLEMENTATION.md](./WAX_KEY_IMPLEMENTATION.md) covers revocation scenarios, local dev-server behaviour, and security notes in depth.
+
+---
+
 ## API
 
-### `new OzVault(apiKey, options)`
+### `OzVault.create(options)`
+
+Returns `Promise<OzVault>`. The static factory is the only way to create a vault — the constructor is private.
 
 | Option | Type | Default | Description |
 |---|---|---|---|
-| `apiKey` | `string` | required | Your Ozura vault API key |
 | `options.pubKey` | `string` | required | System pub key for the tokenize endpoint. Obtain from Ozura admin. |
-| `options.apiUrl` | `string` | Ozura prod vault | Vault base URL |
+| `options.fetchWaxKey` | `(sessionId: string) => Promise<string>` | required | Called once during `create()`. Receives an SDK-generated session UUID; your implementation passes it to your backend, which mints a session-bound wax key from the vault using your vault secret. Returns the wax key string. |
 | `options.frameBaseUrl` | `string` | `https://elements.ozura.com` | Where iframe assets are served from |
+| `options.fonts` | `FontSource[]` | `[]` | Custom fonts to inject into element iframes |
+| `options.appearance` | `ElementStyleConfig` | — | Default style applied to all created elements |
+| `options.onLoadError` | `() => void` | — | Called if the tokenizer iframe fails to load within `loadTimeoutMs` |
+| `options.loadTimeoutMs` | `number` | `10000` | Timeout in ms before `onLoadError` fires |
+
+Implement **`/api/mint-wax`** on your server using `@ozura/elements/server` — see [Wax keys (merchant integration)](#wax-keys-merchant-integration) for Next.js, Express, manual mint, errors, and optional revocation.
 
 ### `vault.createElement(type, options?)`
 
@@ -235,6 +365,23 @@ Updates `style`, `placeholder`, or `disabled` on a mounted element without remou
 
 ---
 
+## Server SDK (`@ozura/elements/server`)
+
+Import `Ozura` and optional wax helpers from `@ozura/elements/server`:
+
+| Export | Role |
+|--------|------|
+| `new Ozura({ merchantId, apiKey, vaultKey, apiUrl?, vaultUrl?, … })` | Pay API (`cardSale`, `listTransactions`) and vault wax calls |
+| `ozura.mintWaxKey({ tokenizationSessionId? })` | `POST /internal/wax-session` — implement or use helpers below |
+| `ozura.revokeWaxKey(waxKey)` | Best-effort revoke when the checkout session ends |
+| `createMintWaxHandler(ozura)` | Fetch API handler (Next.js App Router, Workers, Edge) → `{ waxKey }` |
+| `createMintWaxMiddleware(ozura)` | Express / Connect middleware → `{ waxKey }` |
+| `getClientIp(req)` | Helper for `cardSale` client IP |
+
+See [Wax keys (merchant integration)](#wax-keys-merchant-integration) in this README for vault contract, examples, and client error handling. Extra depth (dev server, threat notes): [WAX_KEY_IMPLEMENTATION.md](./WAX_KEY_IMPLEMENTATION.md).
+
+---
+
 ## React
 
 ```bash
@@ -336,8 +483,15 @@ function CheckoutForm() {
 export default function App() {
   return (
     <OzElements
-      apiKey="your_vault_api_key"
       pubKey="your_pub_key"
+      fetchWaxKey={async (sessionId) => {
+        const { waxKey } = await fetch('/api/mint-wax', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ sessionId }),
+        }).then(r => r.json());
+        return waxKey;
+      }}
       frameBaseUrl="https://elements.ozura.com"
     >
       <CheckoutForm />
@@ -350,9 +504,13 @@ export default function App() {
 
 | Prop | Type | Description |
 |---|---|---|
-| `apiKey` | `string` | Your Ozura vault API key |
-| `apiUrl` | `string?` | Vault API base URL |
+| `fetchWaxKey` | `(sessionId: string) => Promise<string>` | Called once on mount. Pass the received `sessionId` to your backend; your backend mints a wax key from the vault and returns it. |
+| `pubKey` | `string` | System pub key for the tokenize endpoint |
 | `frameBaseUrl` | `string?` | Where iframe assets are hosted |
+| `fonts` | `FontSource[]?` | Custom fonts to inject into element iframes |
+| `onLoadError` | `() => void?` | Called if vault init fails (fetchWaxKey error or tokenizer iframe timeout) |
+| `loadTimeoutMs` | `number?` | Timeout before `onLoadError` fires (default: 10 000) |
+| `appearance` | `Appearance?` | Global theme / variable overrides |
 
 ### `useOzElements()` return
 
@@ -382,7 +540,7 @@ If you're an OzuraPay merchant and want to charge cards through Ozura's processo
 
 | Credential | Where it goes |
 |-----------|---------------|
-| Vault API key | Frontend: `new OzVault(vaultApiKey)`. Backend: `vault-api-key` header |
+| Vault API key | **Server only.** Browser calls `fetchWaxKey` → your backend mints a wax key with this secret; never send the secret in the browser. Pay API `cardSale` also sends it as `vault-api-key` from the server. |
 | Pay API key | Backend only: `x-api-key` header |
 | Merchant ID | Backend only: `merchantId` in request body |
 
@@ -393,8 +551,16 @@ For the full credential setup, billing form field requirements, validation rules
 ```js
 import { OzVault, normalizeCardSaleError } from '@ozura/elements';
 
-const vault = new OzVault('vault_api_key_here', {
+const vault = await OzVault.create({
   pubKey: 'your_pub_key',
+  fetchWaxKey: async (sessionId) => {
+    const { waxKey } = await fetch('/api/mint-wax', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId }),
+    }).then(r => r.json());
+    return waxKey;
+  },
 });
 
 // … mount card elements …
@@ -654,8 +820,8 @@ The test suite covers: Luhn algorithm, card brand detection, card number formatt
 ```bash
 npm install
 npm run dev      # build + serve demo at http://localhost:4242/demo/index.html
-npm run build    # production build
 npm run watch    # rebuild on save
+npm run build    # production build
 ```
 
 Build outputs in `dist/`:
@@ -668,8 +834,9 @@ Build outputs in `dist/`:
 | `frame/tokenizer-frame.js` | IIFE | loaded by tokenizer iframe |
 | `react/index.esm.js` | ESM | `import ... from '@ozura/elements/react'` |
 | `react/index.cjs.js` | CJS | `require('@ozura/elements/react')` |
+| `server/index.*.js` | ESM + CJS | `import { Ozura, createMintWaxHandler } from '@ozura/elements/server'` |
 
-See [ARCHITECTURE.md](./ARCHITECTURE.md) for architecture detail, security model, and pre-production requirements.
+Maintainer notes: [DEVELOPMENT.md](./DEVELOPMENT.md). Merchants: [Wax keys (merchant integration)](#wax-keys-merchant-integration) in this file; supplementary detail in [WAX_KEY_IMPLEMENTATION.md](./WAX_KEY_IMPLEMENTATION.md).
 
 ---
 

package/dist/frame/tokenizer-frame.js

@@ -67,7 +67,8 @@ var _OzTokenizerFrame = (function (exports) {
                     this.pending.set(msg.requestId, {
                         kind: 'card',
                         requestId: msg.requestId,
-                        apiKey: msg.apiKey,
+                        waxKey: msg.waxKey || '',
+                        tokenizationSessionId: msg.tokenizationSessionId || '',
                         pubKey: msg.pubKey || '',
                         firstName: msg.firstName || '',
                         lastName: msg.lastName || '',
@@ -83,7 +84,8 @@ var _OzTokenizerFrame = (function (exports) {
                     this.pendingBank.set(msg.requestId, {
                         kind: 'bank',
                         requestId: msg.requestId,
-                        apiKey: msg.apiKey,
+                        waxKey: msg.waxKey || '',
+                        tokenizationSessionId: msg.tokenizationSessionId || '',
                         pubKey: msg.pubKey || '',
                         firstName: msg.firstName || '',
                         lastName: msg.lastName || '',
@@ -141,7 +143,7 @@ var _OzTokenizerFrame = (function (exports) {
          * `token` string, or `null` if an error was already reported via
          * postMessage to `target`.
          */
-        async postToVault(requestId, apiUrl, apiKey, pubKey, body, target, logLabel) {
+        async postToVault(requestId, apiUrl, waxKey, pubKey, body, target, logLabel, tokenizationSessionId) {
             var _a, _b;
             if (!isAllowedVaultOrigin(apiUrl)) {
                 let error;
@@ -156,15 +158,39 @@ var _OzTokenizerFrame = (function (exports) {
                 window.parent.postMessage({ __oz: true, vaultId: this.vaultId, type: 'OZ_TOKEN_ERROR', requestId, error, errorCode: 'config' }, target);
                 return null;
             }
+            if (!waxKey) {
+                const error = 'Wax key is missing. Ensure OzVault.create() completed successfully before calling createToken().';
+                console.error(`[OzTokenizer] ${error}`);
+                window.parent.postMessage({ __oz: true, vaultId: this.vaultId, type: 'OZ_TOKEN_ERROR', requestId, error, errorCode: 'config' }, target);
+                return null;
+            }
             try {
                 const headers = {
                     'Content-Type': 'application/json',
-                    'X-API-Key': apiKey,
+                    'X-Wax-Key': waxKey,
                     'X-Request-ID': requestId,
                 };
                 if (pubKey) {
                     headers['X-Pub-Key'] = pubKey;
                 }
+                if (tokenizationSessionId) {
+                    headers['X-Tokenization-Session-Id'] = tokenizationSessionId;
+                }
+                // ── Security enforcement ──────────────────────────────────────────────
+                // x-api-key is a merchant secret and must NEVER be sent to the vault
+                // tokenize endpoint. The vault authenticates tokenize requests via
+                // X-Wax-Key (session-scoped) only. Any accidental inclusion here is a
+                // configuration bug that must surface immediately, not silently degrade.
+                const forbiddenKey = Object.keys(headers).find(k => k.toLowerCase() === 'x-api-key');
+                if (forbiddenKey) {
+                    const msg = `[OzTokenizer] SECURITY: 'x-api-key' must not be sent to the vault ` +
+                        `tokenize endpoint (found as '${forbiddenKey}'). ` +
+                        `Vault tokenize authenticates via X-Wax-Key only.`;
+                    console.error(msg);
+                    window.parent.postMessage({ __oz: true, vaultId: this.vaultId, type: 'OZ_TOKEN_ERROR', requestId, error: msg, errorCode: 'config' }, target);
+                    return null;
+                }
+                // ─────────────────────────────────────────────────────────────────────
                 const data = await this.fetchWithRetry(`${apiUrl}/tokenize`, {
                     method: 'POST',
                     headers,
@@ -190,7 +216,7 @@ var _OzTokenizerFrame = (function (exports) {
         }
         async tokenize(session) {
             var _a, _b, _c, _d;
-            const { requestId, apiKey, pubKey, firstName, lastName, values, cardMeta, hostOrigin } = session;
+            const { requestId, waxKey, tokenizationSessionId, pubKey, firstName, lastName, values, cardMeta, hostOrigin } = session;
             const target = hostOrigin || window.location.origin;
             const cardNumber = values.get('cardNumber') || '';
             const cvv = values.get('cvv') || '';
@@ -213,7 +239,7 @@ var _OzTokenizerFrame = (function (exports) {
                     },
                 },
             };
-            const data = await this.postToVault(requestId, VAULT_API_URL, apiKey, pubKey, body, target, 'card');
+            const data = await this.postToVault(requestId, VAULT_API_URL, waxKey, pubKey, body, target, 'card', tokenizationSessionId);
             if (!data)
                 return;
             const { token } = data;
@@ -230,7 +256,7 @@ var _OzTokenizerFrame = (function (exports) {
             window.parent.postMessage(Object.assign({ __oz: true, vaultId: this.vaultId, type: 'OZ_TOKEN_RESULT', requestId, token, cvcSession }, (hasFullCardMeta ? { card: cardMeta } : {})), target);
         }
         async tokenizeBank(session) {
-            const { requestId, apiKey, pubKey, firstName, lastName, values, bankMeta, hostOrigin } = session;
+            const { requestId, waxKey, tokenizationSessionId, pubKey, firstName, lastName, values, bankMeta, hostOrigin } = session;
             const target = hostOrigin || window.location.origin;
             const body = {
                 type: 'bank',
@@ -246,7 +272,7 @@ var _OzTokenizerFrame = (function (exports) {
                     },
                 },
             };
-            const data = await this.postToVault(requestId, VAULT_API_URL, apiKey, pubKey, body, target, 'bank');
+            const data = await this.postToVault(requestId, VAULT_API_URL, waxKey, pubKey, body, target, 'bank', tokenizationSessionId);
             if (!data)
                 return;
             const { token } = data;

package/dist/frame/tokenizer-frame.js.map

@@ -1 +1 @@
-{"version":3,"file":"tokenizer-frame.js","sources":["../../src/frame/tokenizerFrame.ts"],"sourcesContent":[null],"names":[],"mappings":";;;IAAA;;;;;;;;;;;IAWG;IAIH,MAAM,aAAa,GAAG,wEAAiB;IAEvC;;;;;;;IAOG;IACG,SAAU,oBAAoB,CAAC,MAAc,EAAA;IACjD,IAAA,IAAI,MAAW;IACf,IAAA,IAAI;IACF,QAAA,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC;QAC1B;IAAE,IAAA,OAAA,EAAA,EAAM;IACN,QAAA,OAAO,KAAK;QACd;IAEA,IAAA,IAAI;IACF,QAAA,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC;IACtC,QAAA,OAAO,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM;QACzC;IAAE,IAAA,OAAA,EAAA,EAAM;IACN,QAAA,OAAO,KAAK;QACd;IACF;IAmCA,MAAM,cAAc,CAAA;IAMlB,IAAA,WAAA,GAAA;YAJQ,IAAA,CAAA,UAAU,GAAG,EAAE;IACf,QAAA,IAAA,CAAA,OAAO,GAAG,IAAI,GAAG,EAA0B;IAC3C,QAAA,IAAA,CAAA,WAAW,GAAG,IAAI,GAAG,EAA8B;IAGzD,QAAA,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrD,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE;YACrC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC;IACrC,QAAA,IAAI,OAAO;IAAE,YAAA,IAAI,CAAC,UAAU,GAAG,OAAO;IAEtC,QAAA,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE7D,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,EAAE,EACvF,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1C;QACH;IAEQ,IAAA,SAAS,CAAC,KAAmB,EAAA;IACnC,QAAA,MAAM,GAAG,GAAG,KAAK,CAAC,IAAiB;IACnC,QAAA,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,IAAI,IAAI,GAAG,CAAC,OAAO,KAAK,IAAI,CAAC,OAAO;gBAAE;IAE/D,QAAA,QAAQ,GAAG,CAAC,IAAI;IACd,YAAA,KAAK,SAAS;IACZ,gBAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;IACpB,oBAAA,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM;oBAChC;oBACA;IAEF,YAAA,KAAK,aAAa;oBAChB,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU;wBAAE;oBAC1D,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE;IACxC,oBAAA,IAAI,EAAE,MAAM;wBACZ,SAAS,EAAE,GAAG,CAAC,SAAmB;wBAClC,MAAM,EAAE,GAAG,CAAC,MAAgB;IAC5B,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,SAAS,EAAG,GAAG,CAAC,SAAoB,IAAI,EAAE;IAC1C,oBAAA,QAAQ,EAAG,GAAG,CAAC,QAAmB,IAAI,EAAE;IACxC,oBAAA,UAAU,EAAG,GAAG,CAAC,UAAqB,IAAI,CAAC;wBAC3C,MAAM,EAAE,IAAI,GAAG,EAAE;IACjB,oBAAA,QAAQ,EAAE,EAAE;wBACZ,UAAU,EAAE,KAAK,CAAC,MAAM;IACzB,iBAAA,CAAC;oBACF;IAEF,YAAA,KAAK,kBAAkB;oBACrB,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU;wBAAE;oBAC1D,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE;IAC5C,oBAAA,IAAI,EAAE,MAAM;wBACZ,SAAS,EAAE,GAAG,CAAC,SAAmB;wBAClC,MAAM,EAAE,GAAG,CAAC,MAAgB;IAC5B,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,SAAS,EAAG,GAAG,CAAC,SAAoB,IAAI,EAAE;IAC1C,oBAAA,QAAQ,EAAG,GAAG,CAAC,QAAmB,IAAI,EAAE;IACxC,oBAAA,UAAU,EAAG,GAAG,CAAC,UAAqB,IAAI,CAAC;wBAC3C,MAAM,EAAE,IAAI,GAAG,EAAE;IACjB,oBAAA,QAAQ,EAAE,EAAE;wBACZ,UAAU,EAAE,KAAK,CAAC,MAAM;IACzB,iBAAA,CAAC;oBACF;gBAEF,KAAK,gBAAgB,EAAE;;oBAErB,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE;wBACpC,OAAO,CAAC,IAAI,CAAC,0DAA0D,EAAE,KAAK,CAAC,MAAM,CAAC;wBACtF;oBACF;;IAGA,gBAAA,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,CAAC;oBACzD,IAAI,OAAO,EAAE;IACX,oBAAA,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE,GAAG,CAAC,KAAe,CAAC;wBAEhE,IAAI,GAAG,CAAC,KAAK;4BAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;wBAC3D,IAAI,GAAG,CAAC,KAAK;4BAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;wBAC3D,IAAI,GAAG,CAAC,QAAQ;4BAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAkB;wBACpE,IAAI,GAAG,CAAC,OAAO;4BAAE,OAAO,CAAC,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,OAAiB;wBAEjE,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE;4BAC7C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;IACtC,wBAAA,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;wBACxB;oBACF;;IAGA,gBAAA,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,CAAC;oBACjE,IAAI,WAAW,EAAE;IACf,oBAAA,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE,GAAG,CAAC,KAAe,CAAC;wBAEpE,IAAI,GAAG,CAAC,SAAS,KAAK,eAAe,IAAI,GAAG,CAAC,KAAK;4BAAE,WAAW,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;IACpG,oBAAA,IAAI,GAAG,CAAC,SAAS,KAAK,eAAe;4BAAE,WAAW,CAAC,QAAQ,CAAC,aAAa,GAAG,GAAG,CAAC,KAAe;wBAE/F,IAAI,WAAW,CAAC,MAAM,CAAC,IAAI,IAAI,WAAW,CAAC,UAAU,EAAE;4BACrD,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;IAC9C,wBAAA,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;wBAChC;oBACF;oBACA;gBACF;;QAEJ;IAEA;;;;;;;IAOG;IACK,IAAA,MAAM,WAAW,CACvB,SAAiB,EACjB,MAAc,EACd,MAAc,EACd,MAAc,EACd,IAA6B,EAC7B,MAAc,EACd,QAAgB,EAAA;;IAEhB,QAAA,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,EAAE;IACjC,YAAA,IAAI,KAAa;IACjB,YAAA,IAAI;IACF,gBAAA,IAAI,GAAG,CAAC,MAAM,CAAC;oBACf,KAAK,GAAG,iCAAiC;gBAC3C;IAAE,YAAA,OAAA,EAAA,EAAM;oBACN,KAAK,GAAG,wBAAwB;gBAClC;gBACA,OAAO,CAAC,KAAK,CAAC,CAAA,sBAAA,EAAyB,QAAQ,CAAA,yBAAA,CAA2B,EAAE,MAAM,CAAC;IACnF,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,EACpG,MAAM,CACP;IACD,YAAA,OAAO,IAAI;YACb;IAEA,QAAA,IAAI;IACF,YAAA,MAAM,OAAO,GAA2B;IACtC,gBAAA,cAAc,EAAE,kBAAkB;IAClC,gBAAA,WAAW,EAAE,MAAM;IACnB,gBAAA,cAAc,EAAE,SAAS;iBAC1B;gBACD,IAAI,MAAM,EAAE;IACV,gBAAA,OAAO,CAAC,WAAW,CAAC,GAAG,MAAM;gBAC/B;gBAEA,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,CAAA,EAAG,MAAM,CAAA,SAAA,CAAW,EAAE;IAC3D,gBAAA,MAAM,EAAE,MAAM;oBACd,OAAO;IACP,gBAAA,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC3B,aAAA,CAAC;gBAEF,MAAM,KAAK,GAAG,MAAM,CAAC,CAAA,EAAA,GAAA,MAAA,IAAI,KAAA,IAAA,IAAJ,IAAI,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAJ,IAAI,CAAE,KAAK,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,EAAA,GAAI,IAAI,KAAA,IAAA,IAAJ,IAAI,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAJ,IAAI,CAAE,EAAE,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,EAAA,GAAI,EAAE,CAAC;gBACnD,IAAI,CAAC,KAAK,EAAE;IACV,gBAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB;IACE,oBAAA,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS;IACpE,oBAAA,KAAK,EAAE,4EAA4E;IACnF,oBAAA,SAAS,EAAE,QAAQ;qBACpB,EACD,MAAM,CACP;IACD,gBAAA,OAAO,IAAI;gBACb;gBAEA,OAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,EAAA,EAAY,IAAI,CAAA,EAAA,EAAE,KAAK,EAAA,CAAA;YACzB;YAAE,OAAO,GAAY,EAAE;IACrB,YAAA,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,GAAG,GAAG,CAAC,OAAO,GAAG,CAAA,EAAG,QAAQ,sBAAsB;IACtF,YAAA,MAAM,SAAS,GAAG,CAAC,GAAG,YAAY,KAAK,IAAK,GAAsC,CAAC,SAAS,KAAK,SAAS;IAC1G,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,EACnG,MAAM,CACP;IACD,YAAA,OAAO,IAAI;YACb;QACF;QAEQ,MAAM,QAAQ,CAAC,OAAuB,EAAA;;IAC5C,QAAA,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO;YAChG,MAAM,MAAM,GAAG,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM;YAEnD,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE;YACjD,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE;IACnC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;YAClD,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1C,QAAA,MAAM,cAAc,GAAG,CAAA,EAAA,EAAK,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA,CAAE;IAEhD,QAAA,MAAM,IAAI,GAAG;IACX,YAAA,IAAI,EAAE,MAAM;IACZ,YAAA,IAAI,EAAE;oBACJ,UAAU;oBACV,GAAG;oBACH,eAAe;oBACf,cAAc;IACd,gBAAA,UAAU,EAAE,SAAS;IACrB,gBAAA,SAAS,EAAE,QAAQ;IACpB,aAAA;IACD,YAAA,aAAa,EAAE;IACb,gBAAA,KAAK,EAAE;IACL,oBAAA,WAAW,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE;IAChE,iBAAA;IACF,aAAA;aACF;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC;IACnG,QAAA,IAAI,CAAC,IAAI;gBAAE;IAEX,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI;YACtB,MAAM,UAAU,GAAG,MAAM,CACvB,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAAI,CAAC,UAAU,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACf,IAAI,CAAC,SAAS,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACd,IAAI,CAAC,eAAe,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACpB,IAAI,CAAC,cAAc,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACnB,EAAE,CACH;YAED,IAAI,CAAC,UAAU,EAAE;IACf,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB;IACE,gBAAA,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS;IACpE,gBAAA,KAAK,EAAE,6FAA6F;IACpG,gBAAA,SAAS,EAAE,QAAQ;iBACpB,EACD,MAAM,CACP;gBACD;YACF;IAEA,QAAA,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,OAAO;IACjG,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CAAA,MAAA,CAAA,MAAA,CAAA,EAErB,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,KACpF,eAAe,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAC,EAEhD,MAAM,CACP;QACH;QAEQ,MAAM,YAAY,CAAC,OAA2B,EAAA;IACpD,QAAA,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO;YAChG,MAAM,MAAM,GAAG,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM;IAEnD,QAAA,MAAM,IAAI,GAAG;IACX,YAAA,IAAI,EAAE,MAAM;IACZ,YAAA,IAAI,EAAE;oBACJ,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;oBAChD,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;IAChD,gBAAA,UAAU,EAAE,SAAS;IACrB,gBAAA,SAAS,EAAE,QAAQ;IACpB,aAAA;IACD,YAAA,aAAa,EAAE;IACb,gBAAA,KAAK,EAAE;IACL,oBAAA,cAAc,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE;IACnE,iBAAA;IACF,aAAA;aACF;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC;IACnG,QAAA,IAAI,CAAC,IAAI;gBAAE;IAEX,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI;IACtB,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CAAA,MAAA,CAAA,MAAA,CAAA,EAErB,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,SAAS,EAAE,KAAK,EAAA,GAC7E,QAAQ,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAC,EAE/C,MAAM,CACP;QACH;QAEQ,OAAO,kBAAkB,CAAC,MAAc,EAAA;IAC9C,QAAA,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG;IAAE,YAAA,OAAO,MAAM;IACnD,QAAA,IAAI,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG;IAAE,YAAA,OAAO,YAAY;YACtD,IAAI,MAAM,IAAI,GAAG;IAAE,YAAA,OAAO,QAAQ;IAClC,QAAA,OAAO,SAAS;QAClB;IAEA;;;;;;IAMG;QACK,MAAM,cAAc,CAAC,GAAW,EAAE,IAAiB,EAAE,OAAO,GAAG,CAAC,EAAA;IACtE,QAAA,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE;IACxC,QAAA,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,KAAM,CAAC;IAE9D,QAAA,IAAI;IACF,YAAA,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,EAAA,EAAO,IAAI,CAAA,EAAA,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,IAAG;gBACpE,YAAY,CAAC,SAAS,CAAC;IAEvB,YAAA,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;oBACX,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IACrE,gBAAA,MAAM,MAAM,GAAG,CAAA,GAAG,KAAA,IAAA,IAAH,GAAG,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAH,GAAG,CAAE,KAAK,KAAI,CAAA,KAAA,EAAQ,GAAG,CAAC,MAAM,EAAE;oBACjD,MAAM,IAAI,GAAG,cAAc,CAAC,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC;oBAE1D,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,EAAE;IACpC,oBAAA,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3C,oBAAA,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC;oBACpD;IACA,gBAAA,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC;IAC1B,gBAAA,CAAmC,CAAC,SAAS,GAAG,IAAI;IACrD,gBAAA,MAAM,CAAC;gBACT;IAEA,YAAA,OAAO,MAAM,GAAG,CAAC,IAAI,EAAE;YACzB;YAAE,OAAO,GAAY,EAAE;gBACrB,YAAY,CAAC,SAAS,CAAC;gBAEvB,IAAI,GAAG,YAAY,KAAK,IAAK,GAAsC,CAAC,SAAS,EAAE;IAC7E,gBAAA,MAAM,GAAG;gBACX;gBAEA,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY;IACjE,YAAA,MAAM,cAAc,GAAG,GAAG,YAAY,SAAS;gBAC/C,IAAI,CAAC,OAAO,IAAI,cAAc,IAAI,OAAO,GAAG,CAAC,EAAE;IAC7C,gBAAA,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3C,gBAAA,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC;gBACpD;gBAEA,IAAI,OAAO,EAAE;IACX,gBAAA,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACvE,gBAAA,CAAmC,CAAC,SAAS,GAAG,SAAS;IAC1D,gBAAA,MAAM,CAAC;gBACT;gBACA,IAAI,cAAc,EAAE;oBAClB,MAAM,CAAC,GAAG,IAAI,KAAK,CAAE,GAAiB,CAAC,OAAO,IAAI,eAAe,CAAC;IACjE,gBAAA,CAAmC,CAAC,SAAS,GAAG,SAAS;IAC1D,gBAAA,MAAM,CAAC;gBACT;IACA,YAAA,MAAM,GAAG;YACX;QACF;IACD;IAED,IAAI,cAAc,EAAE;;;;;;;;;;"}
+{"version":3,"file":"tokenizer-frame.js","sources":["../../src/frame/tokenizerFrame.ts"],"sourcesContent":[null],"names":[],"mappings":";;;IAAA;;;;;;;;;;;IAWG;IAIH,MAAM,aAAa,GAAG,wEAAiB;IAEvC;;;;;;;IAOG;IACG,SAAU,oBAAoB,CAAC,MAAc,EAAA;IACjD,IAAA,IAAI,MAAW;IACf,IAAA,IAAI;IACF,QAAA,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC;QAC1B;IAAE,IAAA,OAAA,EAAA,EAAM;IACN,QAAA,OAAO,KAAK;QACd;IAEA,IAAA,IAAI;IACF,QAAA,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC;IACtC,QAAA,OAAO,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM;QACzC;IAAE,IAAA,OAAA,EAAA,EAAM;IACN,QAAA,OAAO,KAAK;QACd;IACF;IAoCA,MAAM,cAAc,CAAA;IAMlB,IAAA,WAAA,GAAA;YAJQ,IAAA,CAAA,UAAU,GAAG,EAAE;IACf,QAAA,IAAA,CAAA,OAAO,GAAG,IAAI,GAAG,EAA0B;IAC3C,QAAA,IAAA,CAAA,WAAW,GAAG,IAAI,GAAG,EAA8B;IAGzD,QAAA,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrD,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE;YACrC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC;IACrC,QAAA,IAAI,OAAO;IAAE,YAAA,IAAI,CAAC,UAAU,GAAG,OAAO;IAEtC,QAAA,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE7D,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,EAAE,EACvF,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1C;QACH;IAEQ,IAAA,SAAS,CAAC,KAAmB,EAAA;IACnC,QAAA,MAAM,GAAG,GAAG,KAAK,CAAC,IAAiB;IACnC,QAAA,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,IAAI,IAAI,GAAG,CAAC,OAAO,KAAK,IAAI,CAAC,OAAO;gBAAE;IAE/D,QAAA,QAAQ,GAAG,CAAC,IAAI;IACd,YAAA,KAAK,SAAS;IACZ,gBAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;IACpB,oBAAA,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM;oBAChC;oBACA;IAEF,YAAA,KAAK,aAAa;oBAChB,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU;wBAAE;oBAC1D,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE;IACxC,oBAAA,IAAI,EAAE,MAAM;wBACZ,SAAS,EAAE,GAAG,CAAC,SAAmB;IAClC,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,qBAAqB,EAAG,GAAG,CAAC,qBAAgC,IAAI,EAAE;IAClE,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,SAAS,EAAG,GAAG,CAAC,SAAoB,IAAI,EAAE;IAC1C,oBAAA,QAAQ,EAAG,GAAG,CAAC,QAAmB,IAAI,EAAE;IACxC,oBAAA,UAAU,EAAG,GAAG,CAAC,UAAqB,IAAI,CAAC;wBAC3C,MAAM,EAAE,IAAI,GAAG,EAAE;IACjB,oBAAA,QAAQ,EAAE,EAAE;wBACZ,UAAU,EAAE,KAAK,CAAC,MAAM;IACzB,iBAAA,CAAC;oBACF;IAEF,YAAA,KAAK,kBAAkB;oBACrB,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU;wBAAE;oBAC1D,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE;IAC5C,oBAAA,IAAI,EAAE,MAAM;wBACZ,SAAS,EAAE,GAAG,CAAC,SAAmB;IAClC,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,qBAAqB,EAAG,GAAG,CAAC,qBAAgC,IAAI,EAAE;IAClE,oBAAA,MAAM,EAAG,GAAG,CAAC,MAAiB,IAAI,EAAE;IACpC,oBAAA,SAAS,EAAG,GAAG,CAAC,SAAoB,IAAI,EAAE;IAC1C,oBAAA,QAAQ,EAAG,GAAG,CAAC,QAAmB,IAAI,EAAE;IACxC,oBAAA,UAAU,EAAG,GAAG,CAAC,UAAqB,IAAI,CAAC;wBAC3C,MAAM,EAAE,IAAI,GAAG,EAAE;IACjB,oBAAA,QAAQ,EAAE,EAAE;wBACZ,UAAU,EAAE,KAAK,CAAC,MAAM;IACzB,iBAAA,CAAC;oBACF;gBAEF,KAAK,gBAAgB,EAAE;;oBAErB,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE;wBACpC,OAAO,CAAC,IAAI,CAAC,0DAA0D,EAAE,KAAK,CAAC,MAAM,CAAC;wBACtF;oBACF;;IAGA,gBAAA,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,CAAC;oBACzD,IAAI,OAAO,EAAE;IACX,oBAAA,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE,GAAG,CAAC,KAAe,CAAC;wBAEhE,IAAI,GAAG,CAAC,KAAK;4BAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;wBAC3D,IAAI,GAAG,CAAC,KAAK;4BAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;wBAC3D,IAAI,GAAG,CAAC,QAAQ;4BAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAkB;wBACpE,IAAI,GAAG,CAAC,OAAO;4BAAE,OAAO,CAAC,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,OAAiB;wBAEjE,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE;4BAC7C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;IACtC,wBAAA,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;wBACxB;oBACF;;IAGA,gBAAA,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,CAAC;oBACjE,IAAI,WAAW,EAAE;IACf,oBAAA,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,SAAmB,EAAE,GAAG,CAAC,KAAe,CAAC;wBAEpE,IAAI,GAAG,CAAC,SAAS,KAAK,eAAe,IAAI,GAAG,CAAC,KAAK;4BAAE,WAAW,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAe;IACpG,oBAAA,IAAI,GAAG,CAAC,SAAS,KAAK,eAAe;4BAAE,WAAW,CAAC,QAAQ,CAAC,aAAa,GAAG,GAAG,CAAC,KAAe;wBAE/F,IAAI,WAAW,CAAC,MAAM,CAAC,IAAI,IAAI,WAAW,CAAC,UAAU,EAAE;4BACrD,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;IAC9C,wBAAA,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;wBAChC;oBACF;oBACA;gBACF;;QAEJ;IAEA;;;;;;;IAOG;IACK,IAAA,MAAM,WAAW,CACvB,SAAiB,EACjB,MAAc,EACd,MAAc,EACd,MAAc,EACd,IAA6B,EAC7B,MAAc,EACd,QAAgB,EAChB,qBAA6B,EAAA;;IAE7B,QAAA,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,EAAE;IACjC,YAAA,IAAI,KAAa;IACjB,YAAA,IAAI;IACF,gBAAA,IAAI,GAAG,CAAC,MAAM,CAAC;oBACf,KAAK,GAAG,iCAAiC;gBAC3C;IAAE,YAAA,OAAA,EAAA,EAAM;oBACN,KAAK,GAAG,wBAAwB;gBAClC;gBACA,OAAO,CAAC,KAAK,CAAC,CAAA,sBAAA,EAAyB,QAAQ,CAAA,yBAAA,CAA2B,EAAE,MAAM,CAAC;IACnF,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,EACpG,MAAM,CACP;IACD,YAAA,OAAO,IAAI;YACb;YAEA,IAAI,CAAC,MAAM,EAAE;gBACX,MAAM,KAAK,GAAG,kGAAkG;IAChH,YAAA,OAAO,CAAC,KAAK,CAAC,iBAAiB,KAAK,CAAA,CAAE,CAAC;IACvC,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,EACpG,MAAM,CACP;IACD,YAAA,OAAO,IAAI;YACb;IAEA,QAAA,IAAI;IACF,YAAA,MAAM,OAAO,GAA2B;IACtC,gBAAA,cAAc,EAAE,kBAAkB;IAClC,gBAAA,WAAW,EAAE,MAAM;IACnB,gBAAA,cAAc,EAAE,SAAS;iBAC1B;gBACD,IAAI,MAAM,EAAE;IACV,gBAAA,OAAO,CAAC,WAAW,CAAC,GAAG,MAAM;gBAC/B;gBACA,IAAI,qBAAqB,EAAE;IACzB,gBAAA,OAAO,CAAC,2BAA2B,CAAC,GAAG,qBAAqB;gBAC9D;;;;;;gBAOA,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAC5C,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,WAAW,CACrC;gBACD,IAAI,YAAY,EAAE;oBAChB,MAAM,GAAG,GACP,CAAA,kEAAA,CAAoE;IACpE,oBAAA,CAAA,6BAAA,EAAgC,YAAY,CAAA,IAAA,CAAM;IAClD,oBAAA,CAAA,gDAAA,CAAkD;IACpD,gBAAA,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC;IAClB,gBAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,EACzG,MAAM,CACP;IACD,gBAAA,OAAO,IAAI;gBACb;;gBAGA,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,CAAA,EAAG,MAAM,CAAA,SAAA,CAAW,EAAE;IAC3D,gBAAA,MAAM,EAAE,MAAM;oBACd,OAAO;IACP,gBAAA,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC3B,aAAA,CAAC;gBAEF,MAAM,KAAK,GAAG,MAAM,CAAC,CAAA,EAAA,GAAA,MAAA,IAAI,KAAA,IAAA,IAAJ,IAAI,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAJ,IAAI,CAAE,KAAK,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,EAAA,GAAI,IAAI,KAAA,IAAA,IAAJ,IAAI,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAJ,IAAI,CAAE,EAAE,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,EAAA,GAAI,EAAE,CAAC;gBACnD,IAAI,CAAC,KAAK,EAAE;IACV,gBAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB;IACE,oBAAA,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS;IACpE,oBAAA,KAAK,EAAE,4EAA4E;IACnF,oBAAA,SAAS,EAAE,QAAQ;qBACpB,EACD,MAAM,CACP;IACD,gBAAA,OAAO,IAAI;gBACb;gBAEA,OAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,EAAA,EAAY,IAAI,CAAA,EAAA,EAAE,KAAK,EAAA,CAAA;YACzB;YAAE,OAAO,GAAY,EAAE;IACrB,YAAA,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,GAAG,GAAG,CAAC,OAAO,GAAG,CAAA,EAAG,QAAQ,sBAAsB;IACtF,YAAA,MAAM,SAAS,GAAG,CAAC,GAAG,YAAY,KAAK,IAAK,GAAsC,CAAC,SAAS,KAAK,SAAS;IAC1G,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,EACnG,MAAM,CACP;IACD,YAAA,OAAO,IAAI;YACb;QACF;QAEQ,MAAM,QAAQ,CAAC,OAAuB,EAAA;;YAC5C,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,qBAAqB,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO;YACvH,MAAM,MAAM,GAAG,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM;YAEnD,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE;YACjD,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE;IACnC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;YAClD,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1C,QAAA,MAAM,cAAc,GAAG,CAAA,EAAA,EAAK,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA,CAAE;IAEhD,QAAA,MAAM,IAAI,GAAG;IACX,YAAA,IAAI,EAAE,MAAM;IACZ,YAAA,IAAI,EAAE;oBACJ,UAAU;oBACV,GAAG;oBACH,eAAe;oBACf,cAAc;IACd,gBAAA,UAAU,EAAE,SAAS;IACrB,gBAAA,SAAS,EAAE,QAAQ;IACpB,aAAA;IACD,YAAA,aAAa,EAAE;IACb,gBAAA,KAAK,EAAE;IACL,oBAAA,WAAW,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE;IAChE,iBAAA;IACF,aAAA;aACF;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,qBAAqB,CAAC;IAC1H,QAAA,IAAI,CAAC,IAAI;gBAAE;IAEX,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI;YACtB,MAAM,UAAU,GAAG,MAAM,CACvB,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,CAAA,EAAA,GAAA,IAAI,CAAC,UAAU,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACf,IAAI,CAAC,SAAS,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACd,IAAI,CAAC,eAAe,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACpB,IAAI,CAAC,cAAc,MAAA,IAAA,IAAA,EAAA,KAAA,MAAA,GAAA,EAAA,GACnB,EAAE,CACH;YAED,IAAI,CAAC,UAAU,EAAE;IACf,YAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CACvB;IACE,gBAAA,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS;IACpE,gBAAA,KAAK,EAAE,6FAA6F;IACpG,gBAAA,SAAS,EAAE,QAAQ;iBACpB,EACD,MAAM,CACP;gBACD;YACF;IAEA,QAAA,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,OAAO;IACjG,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CAAA,MAAA,CAAA,MAAA,CAAA,EAErB,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,KACpF,eAAe,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAC,EAEhD,MAAM,CACP;QACH;QAEQ,MAAM,YAAY,CAAC,OAA2B,EAAA;YACpD,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,qBAAqB,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO;YACvH,MAAM,MAAM,GAAG,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM;IAEnD,QAAA,MAAM,IAAI,GAAG;IACX,YAAA,IAAI,EAAE,MAAM;IACZ,YAAA,IAAI,EAAE;oBACJ,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;oBAChD,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;IAChD,gBAAA,UAAU,EAAE,SAAS;IACrB,gBAAA,SAAS,EAAE,QAAQ;IACpB,aAAA;IACD,YAAA,aAAa,EAAE;IACb,gBAAA,KAAK,EAAE;IACL,oBAAA,cAAc,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE;IACnE,iBAAA;IACF,aAAA;aACF;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,qBAAqB,CAAC;IAC1H,QAAA,IAAI,CAAC,IAAI;gBAAE;IAEX,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI;IACtB,QAAA,MAAM,CAAC,MAAM,CAAC,WAAW,CAAA,MAAA,CAAA,MAAA,CAAA,EAErB,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,SAAS,EAAE,KAAK,EAAA,GAC7E,QAAQ,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAC,EAE/C,MAAM,CACP;QACH;QAEQ,OAAO,kBAAkB,CAAC,MAAc,EAAA;IAC9C,QAAA,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG;IAAE,YAAA,OAAO,MAAM;IACnD,QAAA,IAAI,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG;IAAE,YAAA,OAAO,YAAY;YACtD,IAAI,MAAM,IAAI,GAAG;IAAE,YAAA,OAAO,QAAQ;IAClC,QAAA,OAAO,SAAS;QAClB;IAEA;;;;;;IAMG;QACK,MAAM,cAAc,CAAC,GAAW,EAAE,IAAiB,EAAE,OAAO,GAAG,CAAC,EAAA;IACtE,QAAA,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE;IACxC,QAAA,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,KAAM,CAAC;IAE9D,QAAA,IAAI;IACF,YAAA,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,MAAA,CAAA,EAAA,EAAO,IAAI,CAAA,EAAA,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,IAAG;gBACpE,YAAY,CAAC,SAAS,CAAC;IAEvB,YAAA,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;oBACX,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IACrE,gBAAA,MAAM,MAAM,GAAG,CAAA,GAAG,KAAA,IAAA,IAAH,GAAG,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAH,GAAG,CAAE,KAAK,KAAI,CAAA,KAAA,EAAQ,GAAG,CAAC,MAAM,EAAE;oBACjD,MAAM,IAAI,GAAG,cAAc,CAAC,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC;oBAE1D,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,EAAE;IACpC,oBAAA,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3C,oBAAA,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC;oBACpD;IACA,gBAAA,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC;IAC1B,gBAAA,CAAmC,CAAC,SAAS,GAAG,IAAI;IACrD,gBAAA,MAAM,CAAC;gBACT;IAEA,YAAA,OAAO,MAAM,GAAG,CAAC,IAAI,EAAE;YACzB;YAAE,OAAO,GAAY,EAAE;gBACrB,YAAY,CAAC,SAAS,CAAC;gBAEvB,IAAI,GAAG,YAAY,KAAK,IAAK,GAAsC,CAAC,SAAS,EAAE;IAC7E,gBAAA,MAAM,GAAG;gBACX;gBAEA,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY;IACjE,YAAA,MAAM,cAAc,GAAG,GAAG,YAAY,SAAS;gBAC/C,IAAI,CAAC,OAAO,IAAI,cAAc,IAAI,OAAO,GAAG,CAAC,EAAE;IAC7C,gBAAA,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3C,gBAAA,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC;gBACpD;gBAEA,IAAI,OAAO,EAAE;IACX,gBAAA,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACvE,gBAAA,CAAmC,CAAC,SAAS,GAAG,SAAS;IAC1D,gBAAA,MAAM,CAAC;gBACT;gBACA,IAAI,cAAc,EAAE;oBAClB,MAAM,CAAC,GAAG,IAAI,KAAK,CAAE,GAAiB,CAAC,OAAO,IAAI,eAAe,CAAC;IACjE,gBAAA,CAAmC,CAAC,SAAS,GAAG,SAAS;IAC1D,gBAAA,MAAM,CAAC;gBACT;IACA,YAAA,MAAM,GAAG;YACX;QACF;IACD;IAED,IAAI,cAAc,EAAE;;;;;;;;;;"}

package/dist/oz-elements.esm.js

@@ -729,8 +729,20 @@ const DEFAULT_FRAME_BASE_URL = "https://lively-hill-097170c0f.4.azurestaticapps.
  * The main entry point for OzElements. Creates and manages iframe-based
  * card input elements that keep raw card data isolated from the merchant page.
  *
+ * Use the static `OzVault.create()` factory — do not call `new OzVault()` directly.
+ *
  * @example
- * const vault = new OzVault('your_vault_api_key');
+ * const vault = await OzVault.create({
+ *   pubKey: 'pk_live_...',
+ *   fetchWaxKey: async (sessionId) => {
+ *     // Call your backend — which calls ozura.mintWaxKey() from oz-elements/server
+ *     const { waxKey } = await fetch('/api/mint-wax', {
+ *       method: 'POST',
+ *       body: JSON.stringify({ sessionId }),
+ *     }).then(r => r.json());
+ *     return waxKey;
+ *   },
+ * });
  * const cardNum = vault.createElement('cardNumber');
  * cardNum.mount('#card-number');
  * const { token, cvcSession } = await vault.createToken({
@@ -738,7 +750,12 @@ const DEFAULT_FRAME_BASE_URL = "https://lively-hill-097170c0f.4.azurestaticapps.
  * });
  */
 class OzVault {
-    constructor(apiKey, options) {
+    /**
+     * Internal constructor — use `OzVault.create()` instead.
+     * The constructor mounts the tokenizer iframe immediately so it can start
+     * loading in parallel while `fetchWaxKey` is being awaited.
+     */
+    constructor(options, waxKey, tokenizationSessionId) {
         var _a, _b;
         this.elements = new Map();
         this.elementsByType = new Map();
@@ -754,10 +771,8 @@ class OzVault {
         this._destroyed = false;
         this._pendingMount = null;
         this.loadErrorTimeoutId = null;
-        if (!apiKey || !apiKey.trim()) {
-            throw new OzError('A non-empty vault API key is required. Pass your key as the first argument to new OzVault().');
-        }
-        this.apiKey = apiKey;
+        this.waxKey = waxKey;
+        this.tokenizationSessionId = tokenizationSessionId;
         this.pubKey = options.pubKey;
         this.frameBaseUrl = options.frameBaseUrl || DEFAULT_FRAME_BASE_URL;
         this.frameOrigin = new URL(this.frameBaseUrl).origin;
@@ -778,6 +793,52 @@ class OzVault {
             }, timeout);
         }
     }
+    /**
+     * Creates and returns a ready `OzVault` instance.
+     *
+     * Internally this:
+     * 1. Generates a `tokenizationSessionId` (UUID).
+     * 2. Starts loading the hidden tokenizer iframe immediately.
+     * 3. Calls `options.fetchWaxKey(tokenizationSessionId)` concurrently — your
+     *    backend mints a session-bound wax key from the vault and returns it.
+     * 4. Resolves with the vault instance once the wax key is stored. The iframe
+     *    has been loading the whole time, so `isReady` may already be true or
+     *    will fire shortly after.
+     *
+     * The returned vault is ready to create elements immediately. `createToken()`
+     * additionally requires `vault.isReady` (tokenizer iframe loaded).
+     *
+     * @throws {OzError} if `fetchWaxKey` throws or returns an empty string.
+     */
+    static async create(options) {
+        if (!options.pubKey || !options.pubKey.trim()) {
+            throw new OzError('pubKey is required in options. Obtain your public key from the Ozura admin.');
+        }
+        if (typeof options.fetchWaxKey !== 'function') {
+            throw new OzError('fetchWaxKey must be a function. See OzVault.create() docs for the expected signature.');
+        }
+        const tokenizationSessionId = crypto.randomUUID();
+        // Construct the vault immediately — this mounts the tokenizer iframe so it
+        // starts loading while fetchWaxKey is in flight. The waxKey field starts
+        // empty and is set below before create() returns.
+        const vault = new OzVault(options, '', tokenizationSessionId);
+        let waxKey;
+        try {
+            waxKey = await options.fetchWaxKey(tokenizationSessionId);
+        }
+        catch (err) {
+            vault.destroy();
+            const msg = err instanceof Error ? err.message : 'Unknown error';
+            throw new OzError(`fetchWaxKey threw an error: ${msg}`);
+        }
+        if (!waxKey || !waxKey.trim()) {
+            vault.destroy();
+            throw new OzError('fetchWaxKey must return a non-empty wax key string. Check your mint endpoint.');
+        }
+        // Static methods can access private fields of instances of the same class.
+        vault.waxKey = waxKey;
+        return vault;
+    }
     /**
      * True once the hidden tokenizer iframe has loaded and signalled ready.
      * Use this to gate the pay button when building custom UIs without React.
@@ -818,7 +879,7 @@ class OzVault {
     }
     createElementInto(typeMap, type, options) {
         if (this._destroyed) {
-            throw new OzError('Cannot create elements on a destroyed vault. Create a new OzVault instance.');
+            throw new OzError('Cannot create elements on a destroyed vault. Call await OzVault.create() to get a new instance.');
         }
         const existing = typeMap.get(type);
         if (existing) {
@@ -850,7 +911,7 @@ class OzVault {
     async createBankToken(options) {
         var _a, _b;
         if (this._destroyed) {
-            throw new OzError('Cannot tokenize on a destroyed vault. Create a new OzVault instance.');
+            throw new OzError('Cannot tokenize on a destroyed vault. Call await OzVault.create() to get a new instance.');
         }
         if (!this.tokenizerReady) {
             throw new OzError('Vault not ready. Ensure the page is fully loaded before calling createBankToken.');
@@ -897,7 +958,8 @@ class OzVault {
             this.sendToTokenizer({
                 type: 'OZ_BANK_TOKENIZE',
                 requestId,
-                apiKey: this.apiKey,
+                waxKey: this.waxKey,
+                tokenizationSessionId: this.tokenizationSessionId,
                 pubKey: this.pubKey,
                 firstName: options.firstName.trim(),
                 lastName: options.lastName.trim(),
@@ -922,7 +984,7 @@ class OzVault {
     async createToken(options = {}) {
         var _a, _b;
         if (this._destroyed) {
-            throw new OzError('Cannot tokenize on a destroyed vault. Create a new OzVault instance.');
+            throw new OzError('Cannot tokenize on a destroyed vault. Call await OzVault.create() to get a new instance.');
         }
         if (!this.tokenizerReady) {
             throw new OzError('Vault not ready. Ensure the page is fully loaded before calling createToken.');
@@ -982,7 +1044,8 @@ class OzVault {
             this.sendToTokenizer({
                 type: 'OZ_TOKENIZE',
                 requestId,
-                apiKey: this.apiKey,
+                waxKey: this.waxKey,
+                tokenizationSessionId: this.tokenizationSessionId,
                 pubKey: this.pubKey,
                 firstName,
                 lastName,