@parity/product-deploy 0.7.28 → 0.7.30-rc.0

package/dist/{chunk-6Y3XJGV7.js → chunk-MZ4Z5AXI.js}

@@ -1,16 +1,17 @@
 import {
   isTestnetSpecName
-} from "./chunk-Y7XKC43A.js";
+} from "./chunk-FIKBEVYL.js";
 import {
   captureWarning,
+  markCodePath,
   setDeployAttribute,
   setDeploySentryTag,
   truncateAddress,
   withSpan
-} from "./chunk-LFKP64TQ.js";
+} from "./chunk-YP6AS724.js";
 import {
   validateContractAddresses
-} from "./chunk-HZKRLQLG.js";
+} from "./chunk-GL2HHK4G.js";
 import {
   NonRetryableError
 } from "./chunk-ZOC4GITL.js";
@@ -39,6 +40,17 @@ import {
   concatHex
 } from "viem";
 import { CID } from "multiformats/cid";
+
+// src/code-paths.ts
+var CODE_PATHS = {
+  // Auto-account-mapping branch (ensureMappedAccountReady, dotns.ts)
+  // true  → automated mapping via EVM key derivation
+  // false → standard check (already-mapped or manually register)
+  DOTNS_AUTO_MAPPING: "dotns.auto-mapping",
+  DOTNS_MANUAL_MAPPING: "dotns.manual-mapping"
+};
+
+// src/dotns.ts
 var TX_KIND_HASH = "hash";
 var TX_KIND_NONCE_ADVANCED = "nonce-advanced";
 var ATTR_TX_RESOLUTION_KIND = "deploy.dotns.tx_resolution_kind";
@@ -400,7 +412,7 @@ function sanitizeDomainLabel(label) {
   return label;
 }
 function validateDomainLabel(label, opts = {}) {
-  if (!/^[a-z0-9-]{3,}$/.test(label)) throw new Error("Invalid domain label: must contain only lowercase letters, digits, and hyphens, min 3 chars");
+  if (!/^[a-z0-9-]{3,63}$/.test(label)) throw new Error("Invalid domain label: must be 3-63 chars and contain only lowercase letters, digits, and hyphens");
   if (label.startsWith("-") || label.endsWith("-")) throw new Error("Invalid domain label: cannot start or end with hyphen");
   const sanitized = opts.skipSanitize ? label : sanitizeDomainLabel(label);
   if (!opts.skipSanitize && /-\d+$/.test(sanitized)) {
@@ -431,10 +443,10 @@ function isCommitmentTimingBarerevert(msg) {
 function classifyDotnsLabel(label) {
   const totalLength = label.length;
   const trailingDigits = countTrailingDigits(label);
-  if (trailingDigits > 2) {
+  if (trailingDigits === 1 || trailingDigits > 2) {
     return {
       status: ProofOfPersonhoodStatus.Reserved,
-      message: `Name has ${trailingDigits} trailing digits; DotNS allows at most 2 trailing digits. Use a base name with 0-2 trailing digits.`
+      message: `Name has ${trailingDigits} trailing digit${trailingDigits === 1 ? "" : "s"}; DotNS allows exactly 0 or 2 trailing digits. Use a base name with no trailing digits or a 2-digit suffix.`
     };
   }
   const baselength = totalLength - trailingDigits;
@@ -448,10 +460,9 @@ function classifyDotnsLabel(label) {
     if (trailingDigits === 2) return { status: ProofOfPersonhoodStatus.ProofOfPersonhoodLite, message: "Requires Light personhood verification" };
     return { status: ProofOfPersonhoodStatus.ProofOfPersonhoodFull, message: "Requires Full personhood verification" };
   }
-  if (trailingDigits === 2) return { status: ProofOfPersonhoodStatus.NoStatus, message: "Available to all" };
-  return { status: ProofOfPersonhoodStatus.ProofOfPersonhoodFull, message: "Requires Full personhood verification" };
+  return { status: ProofOfPersonhoodStatus.NoStatus, message: "Available to all" };
 }
-function canRegister(requiredStatus, userStatus, trailingDigits) {
+function canRegister(requiredStatus, userStatus) {
   if (requiredStatus === ProofOfPersonhoodStatus.Reserved) return false;
   if (requiredStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodFull) {
     return userStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodFull;
@@ -459,7 +470,7 @@ function canRegister(requiredStatus, userStatus, trailingDigits) {
   if (requiredStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodLite) {
     return userStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodLite || userStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodFull;
   }
-  return trailingDigits !== 0 && userStatus !== ProofOfPersonhoodStatus.ProofOfPersonhoodLite;
+  return true;
 }
 function exampleNoStatusLabel(label) {
   const base = stripTrailingDigits(validateDomainLabel(label, { checkReserved: false })).replace(/[^a-z0-9-]/g, "x");
@@ -810,6 +821,16 @@ function logTxResolution(res) {
   }
 }
 var DOTNS_CONTEXT_HEX_LOWER = "0x646f746e73000000000000000000000000000000000000000000000000000000";
+function classifyAliasAccountRow(row) {
+  if (!row) return { state: "not-bound" };
+  const r = row;
+  const contextHex = typeof r.ca?.context === "string" ? r.ca.context.toLowerCase() : "";
+  const revision = Number(r.revision ?? 0);
+  if (contextHex === DOTNS_CONTEXT_HEX_LOWER) {
+    return { state: "bound-likely-stale", storedContextHex: contextHex, revision };
+  }
+  return { state: "wrong-context", storedContextHex: contextHex, revision };
+}
 function formatPersonhoodRemediation(state, popSelfServe, environmentId) {
   if (!popSelfServe?.stateAwareGuidance) {
     return "Self-attestation is no longer available. Contact the DotNS team for whitelisting / Personhood status help.";
@@ -977,10 +998,12 @@ var DotNS = class {
       throw new Error("Account mapping unavailable before DotNS signer is initialized");
     }
     if (autoAccountMapping) {
+      markCodePath(CODE_PATHS.DOTNS_AUTO_MAPPING);
       setDeployAttribute("deploy.dotns.mapping_source", "auto-account-mapping");
       await this.ensureAutoMappedAccountReady();
       return;
     }
+    markCodePath(CODE_PATHS.DOTNS_MANUAL_MAPPING);
     if (await this.clientWrapper.checkIfAccountMapped(this.substrateAddress)) {
       setDeployAttribute("deploy.dotns.mapping_source", "already-mapped");
       console.log(`   Account: mapped`);
@@ -1095,17 +1118,7 @@ var DotNS = class {
     try {
       const api = this.clientWrapper.client;
       const row = await api.query.AliasAccounts.AccountToAlias.getValue(ss58, { at: "best" });
-      if (!row) return { state: "not-bound" };
-      const contextHex = typeof row.ca?.context === "string" ? row.ca.context.toLowerCase() : "";
-      const paid = Boolean(row.paid);
-      const revision = Number(row.revision ?? 0);
-      if (paid && contextHex === DOTNS_CONTEXT_HEX_LOWER) {
-        return { state: "bound-likely-stale", storedContextHex: contextHex, paid, revision };
-      }
-      if (!paid || contextHex !== DOTNS_CONTEXT_HEX_LOWER) {
-        return { state: "wrong-context", storedContextHex: contextHex, paid, revision };
-      }
-      return { state: "bound-fresh", storedContextHex: contextHex, paid, revision };
+      return classifyAliasAccountRow(row);
     } catch {
       return { state: "not-bound" };
     }
@@ -1727,8 +1740,43 @@ var DotNS = class {
         console.log(`   Already published \u2014 skipping`);
         return { status: "already-published" };
       }
+      const MAX_VERIFY_CHAIN_SECONDS = 30;
+      const PUBLISH_POLL_INTERVAL_MS = 2e3;
+      const verifyEffect = async () => {
+        const wrapper = this.clientWrapper;
+        if (!this.connected || !wrapper) return false;
+        const startChainMs = Number(await wrapper.client.query.Timestamp.Now.getValue());
+        let lastPrintedElapsed = -1;
+        while (true) {
+          const liveWrapper = this.clientWrapper;
+          if (!this.connected || !liveWrapper) return false;
+          const [published, nowChainMs] = await Promise.all([
+            this.contractCall(publisher, PUBLISHER_ABI, "isPublished", [labelhash]),
+            liveWrapper.client.query.Timestamp.Now.getValue().then(Number)
+          ]);
+          if (published === true) return true;
+          const chainElapsed = (nowChainMs - startChainMs) / 1e3;
+          if (chainElapsed >= MAX_VERIFY_CHAIN_SECONDS) return false;
+          const floored = Math.floor(chainElapsed);
+          if (floored > lastPrintedElapsed) {
+            console.log(`   Awaiting publish finalization [verifyEffect] (chain time +${floored}s / ${MAX_VERIFY_CHAIN_SECONDS}s)...`);
+            lastPrintedElapsed = floored;
+          }
+          await new Promise((r) => setTimeout(r, PUBLISH_POLL_INTERVAL_MS));
+        }
+      };
       try {
-        const txRes = await this.contractTransaction(publisher, 0n, PUBLISHER_ABI, "publish", [label], (s) => console.log(`      ${s}`), { useNoncePolling: true });
+        const txRes = await this.contractTransaction(publisher, 0n, PUBLISHER_ABI, "publish", [label], (s) => console.log(`      ${s}`), { useNoncePolling: true, verifyEffect });
+        const finalPublished = await withTimeout(
+          this.contractCall(publisher, PUBLISHER_ABI, "isPublished", [labelhash]),
+          3e4,
+          "isPublished"
+        );
+        if (finalPublished !== true) {
+          throw new Error(
+            `Post-publish verification failed for ${label}.dot: isPublished returned ${finalPublished} after the publish tx. The publish tx may have silently failed via nonce-advance, or another party removed the label. Re-run to retry.`
+          );
+        }
         logTxResolution(txRes);
         const txHash = txRes.kind === TX_KIND_HASH ? txRes.hash : TX_KIND_NONCE_ADVANCED;
         return { status: "published", txHash };
@@ -1765,8 +1813,43 @@ var DotNS = class {
         console.log(`   Not currently published \u2014 skipping`);
         return { status: "already-unpublished" };
       }
+      const MAX_VERIFY_CHAIN_SECONDS = 30;
+      const UNPUBLISH_POLL_INTERVAL_MS = 2e3;
+      const verifyEffect = async () => {
+        const wrapper = this.clientWrapper;
+        if (!this.connected || !wrapper) return false;
+        const startChainMs = Number(await wrapper.client.query.Timestamp.Now.getValue());
+        let lastPrintedElapsed = -1;
+        while (true) {
+          const liveWrapper = this.clientWrapper;
+          if (!this.connected || !liveWrapper) return false;
+          const [published, nowChainMs] = await Promise.all([
+            this.contractCall(publisher, PUBLISHER_ABI, "isPublished", [labelhash]),
+            liveWrapper.client.query.Timestamp.Now.getValue().then(Number)
+          ]);
+          if (published !== true) return true;
+          const chainElapsed = (nowChainMs - startChainMs) / 1e3;
+          if (chainElapsed >= MAX_VERIFY_CHAIN_SECONDS) return false;
+          const floored = Math.floor(chainElapsed);
+          if (floored > lastPrintedElapsed) {
+            console.log(`   Awaiting unpublish finalization [verifyEffect] (chain time +${floored}s / ${MAX_VERIFY_CHAIN_SECONDS}s)...`);
+            lastPrintedElapsed = floored;
+          }
+          await new Promise((r) => setTimeout(r, UNPUBLISH_POLL_INTERVAL_MS));
+        }
+      };
       try {
-        const txRes = await this.contractTransaction(publisher, 0n, PUBLISHER_ABI, "unpublish", [label], (s) => console.log(`      ${s}`), { useNoncePolling: true });
+        const txRes = await this.contractTransaction(publisher, 0n, PUBLISHER_ABI, "unpublish", [label], (s) => console.log(`      ${s}`), { useNoncePolling: true, verifyEffect });
+        const finalPublished = await withTimeout(
+          this.contractCall(publisher, PUBLISHER_ABI, "isPublished", [labelhash]),
+          3e4,
+          "isPublished"
+        );
+        if (finalPublished === true) {
+          throw new Error(
+            `Post-unpublish verification failed for ${label}.dot: isPublished still returned true after the unpublish tx. The unpublish tx may have silently failed via nonce-advance, or another party re-published the label. Re-run to retry.`
+          );
+        }
         logTxResolution(txRes);
         const txHash = txRes.kind === TX_KIND_HASH ? txRes.hash : TX_KIND_NONCE_ADVANCED;
         return { status: "unpublished", txHash };
@@ -1891,15 +1974,10 @@ var DotNS = class {
     const message = classificationResult[1];
     const userStatus = await this.getUserPopStatus();
     if (requiredStatus === ProofOfPersonhoodStatus.Reserved) throw new Error(message);
-    if (requiredStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodFull) {
-      if (userStatus !== ProofOfPersonhoodStatus.ProofOfPersonhoodFull) throw new Error("Requires Full Personhood verification");
-    } else if (requiredStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodLite) {
-      if (userStatus !== ProofOfPersonhoodStatus.ProofOfPersonhoodLite && userStatus !== ProofOfPersonhoodStatus.ProofOfPersonhoodFull) throw new Error("Requires Personhood Lite verification");
-    } else {
-      const trailingDigitCount = countTrailingDigits(label);
-      if (trailingDigitCount === 0 || userStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodLite) {
-        throw new Error("Personhood Lite cannot register base names \u2014 this name class requires a Full or NoStatus signer");
-      }
+    if (!canRegister(requiredStatus, userStatus)) {
+      throw new Error(
+        requiredStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodFull ? "Requires Full Personhood verification" : "Requires Personhood Lite verification"
+      );
     }
     const priceMeta = await withTimeout(this.contractCall(this._contracts.POP_RULES, POP_RULES_ABI, "priceWithCheck", [label, this.evmAddress]), 3e4, "priceWithCheck");
     const priceRaw = priceMeta?.price;
@@ -2056,27 +2134,7 @@ var DotNS = class {
         };
       }
       const targetPopStatus = userStatus;
-      if (!canRegister(classification.status, userStatus, trailingDigits)) {
-        if (classification.status === ProofOfPersonhoodStatus.NoStatus && userStatus === ProofOfPersonhoodStatus.ProofOfPersonhoodLite) {
-          return {
-            label: validated,
-            classification,
-            userStatus,
-            trailingDigits,
-            baselength,
-            isAvailable: true,
-            existingOwner: null,
-            isBaseNameReserved: isReserved,
-            reservationOwner,
-            isTestnet,
-            canProceed: false,
-            reason: `${validated}.dot: this name class is NoStatus-compatible, but Personhood Lite signers cannot register NoStatus-class labels. Self-attestation is no longer available. Use a NoStatus or Full signer, or contact the DotNS team for whitelisting / Personhood status help.`,
-            plannedAction: "abort",
-            needsPopUpgrade: false,
-            targetPopStatus,
-            signerFreeBalance
-          };
-        }
+      if (!canRegister(classification.status, userStatus)) {
         if (userStatus === ProofOfPersonhoodStatus.NoStatus && isTestnet && this._popSelfServe?.stateAwareGuidance === true && this.substrateAddress) {
           const aliasState = await this.classifyAliasAccountState(this.substrateAddress);
           if (aliasState.state === "bound-likely-stale" && !this._usesExternalSigner && this._localMnemonic && !reproveAttempted) {
@@ -2246,7 +2304,6 @@ var DotNS = class {
     return withSpan("deploy.dotns.register", `2a. register ${label}.dot`, {}, async () => {
       if (!this.connected) await this.connect(options);
       label = validateDomainLabel(label);
-      const trailingDigitCount = countTrailingDigits(label);
       const preClassification = classifyDotnsLabel(label);
       const preRequiredStatus = preClassification.status;
       if (preRequiredStatus === ProofOfPersonhoodStatus.Reserved) {
@@ -2255,11 +2312,6 @@ var DotNS = class {
       const isTestnet = await this.isTestnet();
       const registerAliasState = isTestnet && this._popSelfServe?.stateAwareGuidance === true && this.substrateAddress ? await this.classifyAliasAccountState(this.substrateAddress) : null;
       const rejectIneligible = (statusRequired, userStatus2) => {
-        if (statusRequired === ProofOfPersonhoodStatus.NoStatus && userStatus2 === ProofOfPersonhoodStatus.ProofOfPersonhoodLite) {
-          throw new Error(
-            `${label}.dot: this name class is NoStatus-compatible, but Personhood Lite signers cannot register NoStatus-class labels. Self-attestation is no longer available. Use a NoStatus or Full signer, or contact the DotNS team for whitelisting / Personhood status help.`
-          );
-        }
         throw new Error(
           formatPopShortfallReason({
             label,
@@ -2283,7 +2335,7 @@ var DotNS = class {
         throw new Error(classification.message);
       }
       const userStatus = await this.getUserPopStatus();
-      if (!canRegister(requiredStatus, userStatus, trailingDigitCount)) {
+      if (!canRegister(requiredStatus, userStatus)) {
         rejectIneligible(requiredStatus, userStatus);
       }
       const doCommitAndRegister = async () => {
@@ -2338,8 +2390,8 @@ var DotNS = class {
         account: this.substrateAddress,
         memberKey,
         signCall: this.signer,
-        buildRingProof: async ({ members, context, msg }) => {
-          const r = verifiable.one_shot(memberEntropy, members, context, msg);
+        buildRingProof: async ({ ringExponent, members, context, msg }) => {
+          const r = verifiable.one_shot(ringExponent, memberEntropy, members, context, msg);
           return { proof: r.proof, alias: r.alias };
         }
       });
@@ -2425,6 +2477,7 @@ export {
   parseProofOfPersonhoodStatus,
   popStatusName,
   formatDispatchError,
+  classifyAliasAccountRow,
   formatPersonhoodRemediation,
   formatPopShortfallReason,
   DotNS,

package/dist/{chunk-T7EEVWNU.js → chunk-SI2ZUOYD.js}

@@ -13,11 +13,11 @@ var PGAS_ASSET_LOCATION = {
     ]
   }
 };
-var PROOF_BYTES = 788;
-var BANDERSNATCH_SIGNATURE_BYTES = 96;
-var PEOPLE_MEMBER_IDENTIFIER_HEX = "0x70656f706c652020202020202020202020202020202020202020202020202020";
+var PROOF_BYTES = 785;
+var BANDERSNATCH_SIGNATURE_BYTES = 64;
+var PEOPLE_MEMBER_IDENTIFIER_HEX = "0x706f703a706f6c6b61646f742e6e6574776f726b2f70656f706c652020202020";
 var MEMBER_ENTROPY_KEY = new TextEncoder().encode("candidate");
-var PAID_PROOF_TAG = new TextEncoder().encode("alias-accounts:paid");
+var ALIAS_PROOF_TAG = new TextEncoder().encode("alias-accounts");
 
 export {
   DOTNS_CONTEXT_HEX,
@@ -28,5 +28,5 @@ export {
   BANDERSNATCH_SIGNATURE_BYTES,
   PEOPLE_MEMBER_IDENTIFIER_HEX,
   MEMBER_ENTROPY_KEY,
-  PAID_PROOF_TAG
+  ALIAS_PROOF_TAG
 };

package/dist/chunk-SLE4P6MO.js

@@ -0,0 +1,39 @@
+import {
+  ALIAS_PROOF_TAG
+} from "./chunk-SI2ZUOYD.js";
+import {
+  blake2_256,
+  concatBytes
+} from "./chunk-ZYVGHDMU.js";
+
+// src/personhood/proof-validity.ts
+var u64LeBytes = (v) => {
+  const buf = new Uint8Array(8);
+  new DataView(buf.buffer).setBigUint64(
+    0,
+    v,
+    true
+    /* little-endian */
+  );
+  return buf;
+};
+var buildAliasProofMessage = (accountPub, proofValidAt) => {
+  if (accountPub.length !== 32) {
+    throw new Error(
+      `buildAliasProofMessage: accountPub must be 32 bytes, got ${accountPub.length}`
+    );
+  }
+  return blake2_256(
+    concatBytes(ALIAS_PROOF_TAG, accountPub, u64LeBytes(proofValidAt))
+  );
+};
+var getProofValidAtSec = async (ahApi) => {
+  const nowMs = await ahApi.query.Timestamp.Now.getValue({ at: "best" });
+  return nowMs / 1000n;
+};
+
+export {
+  u64LeBytes,
+  buildAliasProofMessage,
+  getProofValidAtSec
+};

package/dist/chunk-XAB7WM3S.js

@@ -0,0 +1,90 @@
+import {
+  PGAS_ASSET_ID
+} from "./chunk-SI2ZUOYD.js";
+
+// src/personhood/chain-prereqs.ts
+var NATIVE_LOC = {
+  parents: 1,
+  interior: { type: "Here", value: void 0 }
+};
+var PGAS_LOC = {
+  parents: 0,
+  interior: {
+    type: "X2",
+    value: [
+      { type: "PalletInstance", value: 50 },
+      { type: "GeneralIndex", value: BigInt(PGAS_ASSET_ID) }
+    ]
+  }
+};
+async function probeRingCollectionExponents(ahUnsafeApi, peopleIdent) {
+  const ah = ahUnsafeApi;
+  let exp;
+  try {
+    exp = await ah.query.MembersSubscriber.RingCollectionExponents.getValue(
+      peopleIdent,
+      { at: "best" }
+    );
+  } catch (err) {
+    throw new Error(
+      `chain prerequisite check failed: MembersSubscriber.RingCollectionExponents.getValue threw \u2014 RPC error or storage not available. Cause: ${err instanceof Error ? err.message : String(err)}`,
+      { cause: err }
+    );
+  }
+  if (exp === void 0 || exp === null) {
+    throw new Error(
+      `chain prerequisite missing: MembersSubscriber.RingCollectionExponents[${peopleIdent}] is not set. Every ring-VRF proof will be rejected with InvalidTransaction::BadProof (CollectionNotFound). Chain operator must populate this entry (run sudo-fix-preview-people-exponent.ts or equivalent). See docs-internal/dotns-bootstrap-handover.md \xA76.1.`
+    );
+  }
+}
+async function probePgasAsset(ahUnsafeApi) {
+  const ah = ahUnsafeApi;
+  let pgas;
+  try {
+    pgas = await ah.query.Assets.Asset.getValue(PGAS_ASSET_ID, { at: "best" });
+  } catch (err) {
+    throw new Error(
+      `chain prerequisite check failed: Assets.Asset.getValue(${PGAS_ASSET_ID}) threw \u2014 RPC error or storage not available. Cause: ${err instanceof Error ? err.message : String(err)}`,
+      { cause: err }
+    );
+  }
+  if (pgas === void 0 || pgas === null) {
+    throw new Error(
+      `chain prerequisite missing: Assets.Asset[${PGAS_ASSET_ID}] (PGAS) is not created on this chain. Pgas.claim_pgas will reject with InvalidTransaction::Custom(233) = PgasAssetNotCreated. Chain operator must create the PGAS asset via Pgas.create_pgas_asset (authorized origin). See docs-internal/dotns-bootstrap-handover.md \xA76.3.`
+    );
+  }
+}
+async function probePgasNativePool(ahUnsafeApi, nativeLoc = NATIVE_LOC, pgasLoc = PGAS_LOC) {
+  const ah = ahUnsafeApi;
+  let pool;
+  try {
+    pool = await ah.query.AssetConversion.Pools.getValue(
+      [nativeLoc, pgasLoc],
+      { at: "best" }
+    );
+  } catch (err) {
+    throw new Error(
+      `chain prerequisite check failed: AssetConversion.Pools.getValue threw \u2014 RPC error or storage not available. Cause: ${err instanceof Error ? err.message : String(err)}`,
+      { cause: err }
+    );
+  }
+  if (pool === void 0 || pool === null) {
+    throw new Error(
+      `chain prerequisite missing: AssetConversion.Pools[NATIVE\u2194PGAS] does not exist on this chain. PGAS-fee routing via ChargeAssetTxPayment will fail with InvalidTransaction::Payment. Chain operator must create the pool (sudo-create-pgas-pool.ts or equivalent). See docs-internal/dotns-bootstrap-handover.md \xA76.2.`
+    );
+  }
+}
+async function runChainPrereqProbes(ahUnsafeApi, peopleIdent) {
+  await probeRingCollectionExponents(ahUnsafeApi, peopleIdent);
+  await probePgasAsset(ahUnsafeApi);
+  await probePgasNativePool(ahUnsafeApi);
+}
+
+export {
+  NATIVE_LOC,
+  PGAS_LOC,
+  probeRingCollectionExponents,
+  probePgasAsset,
+  probePgasNativePool,
+  runChainPrereqProbes
+};

package/dist/{chunk-64KTKZ7H.js → chunk-YCVK36KC.js}

@@ -1,6 +1,6 @@
 import {
   VERSION
-} from "./chunk-LFKP64TQ.js";
+} from "./chunk-YP6AS724.js";
 
 // src/version-check.ts
 import { execSync, execFileSync } from "child_process";

package/dist/{chunk-LFKP64TQ.js → chunk-YP6AS724.js}

@@ -1,7 +1,7 @@
 import {
   package_default,
   writeRunState
-} from "./chunk-37M4NISG.js";
+} from "./chunk-2WWR3DVD.js";
 
 // src/memory-report.ts
 import * as fs2 from "fs";
@@ -550,6 +550,9 @@ function setDeploySentryTag(key, value) {
   if (!Sentry) return;
   Sentry.setTag(key, value);
 }
+function markCodePath(id) {
+  setDeployAttribute(`code.path.${id}`, "true");
+}
 function captureWarning(message, context) {
   if (!Sentry) return;
   try {
@@ -726,6 +729,7 @@ export {
   __setSentryForTest,
   getCurrentSentryTraceId,
   setDeploySentryTag,
+  markCodePath,
   captureWarning,
   flush
 };

package/dist/{chunk-7NKOV5SU.js → chunk-ZGH7YHV5.js}

@@ -1,6 +1,6 @@
 import {
   captureWarning
-} from "./chunk-LFKP64TQ.js";
+} from "./chunk-YP6AS724.js";
 
 // src/chunk-probe.ts
 import { Twox128, Blake2128Concat, decAnyMetadata, unifyMetadata } from "@polkadot-api/substrate-bindings";

package/dist/chunk-probe.js

@@ -5,9 +5,9 @@ import {
   _decodeStorageValue,
   _resetProbeSession,
   probeChunks
-} from "./chunk-7NKOV5SU.js";
-import "./chunk-LFKP64TQ.js";
-import "./chunk-37M4NISG.js";
+} from "./chunk-ZGH7YHV5.js";
+import "./chunk-YP6AS724.js";
+import "./chunk-2WWR3DVD.js";
 export {
   ChainProbeCrossValidationError,
   ChainProbeMetadataError,

package/dist/deploy.d.ts

@@ -75,6 +75,8 @@ declare const ENCRYPT_TAG_LEN = 16;
 declare const ENCRYPT_KEY_LEN = 32;
 declare const ENCRYPT_PBKDF2_ITERATIONS = 100000;
 declare function encryptContent(data: Uint8Array, password: string): Promise<Uint8Array>;
+/** Signer > mnemonic > pool precedence, mirroring resolveDotnsConnectOptions. Exported for unit testing. */
+declare function __selectStorageProviderModeForTest(options: Pick<DeployOptions, "signer" | "signerAddress" | "mnemonic">): "signer" | "direct" | "pool";
 declare function storeFile(contentBytes: Uint8Array, { client: existingClient, unsafeApi: existingApi, signer: existingSigner }?: ExistingProvider): Promise<string>;
 /**
  * Pre-compute dense nonces for chunks that need submission.
@@ -295,4 +297,4 @@ declare function unpublish(domainName: string, options?: {
 }>;
 declare function deploy(content: DeployContent, domainName?: string | null, options?: DeployOptions): Promise<DeployResult>;
 
-export { CHUNK_MORTALITY_PERIOD, DEFAULT_BULLETIN_RPC, DEFAULT_POOL_SIZE, type DeployContent, type DeployOptions, type DeployResult, ENCRYPT_KEY_LEN, ENCRYPT_MAGIC, ENCRYPT_NONCE_LEN, ENCRYPT_PBKDF2_ITERATIONS, ENCRYPT_SALT_LEN, ENCRYPT_TAG_LEN, type SizeDecision, type StoreDirectoryOptions, __assignDenseNoncesForTest, applyManifestFetchAttributes, assertSubdomainOwnerMatchesSigner, buildFilesMap, checkDeploySize, chunk, computeStorageCid, createCID, deploy, deriveRootSigner, detectFramework, encodeContenthash, encryptContent, estimateUploadBytes, friendlyChainError, hasIPFS, isConnectionError, merkleize, resolveDotnsConnectOptions, resolveReproducibleTimestamp, retryBudgetExhausted, setWsHaltCallback, storeChunkedContent, storeDirectory, storeDirectoryV2, storeFile, unpublish };
+export { CHUNK_MORTALITY_PERIOD, DEFAULT_BULLETIN_RPC, DEFAULT_POOL_SIZE, type DeployContent, type DeployOptions, type DeployResult, ENCRYPT_KEY_LEN, ENCRYPT_MAGIC, ENCRYPT_NONCE_LEN, ENCRYPT_PBKDF2_ITERATIONS, ENCRYPT_SALT_LEN, ENCRYPT_TAG_LEN, type SizeDecision, type StoreDirectoryOptions, __assignDenseNoncesForTest, __selectStorageProviderModeForTest, applyManifestFetchAttributes, assertSubdomainOwnerMatchesSigner, buildFilesMap, checkDeploySize, chunk, computeStorageCid, createCID, deploy, deriveRootSigner, detectFramework, encodeContenthash, encryptContent, estimateUploadBytes, friendlyChainError, hasIPFS, isConnectionError, merkleize, resolveDotnsConnectOptions, resolveReproducibleTimestamp, retryBudgetExhausted, setWsHaltCallback, storeChunkedContent, storeDirectory, storeDirectoryV2, storeFile, unpublish };

package/dist/deploy.js

@@ -9,6 +9,7 @@ import {
   ENCRYPT_SALT_LEN,
   ENCRYPT_TAG_LEN,
   __assignDenseNoncesForTest,
+  __selectStorageProviderModeForTest,
   applyManifestFetchAttributes,
   assertSubdomainOwnerMatchesSigner,
   buildFilesMap,
@@ -35,20 +36,20 @@ import {
   storeDirectoryV2,
   storeFile,
   unpublish
-} from "./chunk-TPDF24MG.js";
+} from "./chunk-2ULXHYB4.js";
 import "./chunk-IW3X2MJF.js";
 import "./chunk-KOSF5FDO.js";
 import "./chunk-L2SKSKB6.js";
 import "./chunk-S7EM5VMW.js";
-import "./chunk-THZU3FZU.js";
-import "./chunk-64KTKZ7H.js";
-import "./chunk-7NKOV5SU.js";
+import "./chunk-E62JHC4N.js";
+import "./chunk-YCVK36KC.js";
+import "./chunk-ZGH7YHV5.js";
 import "./chunk-C2TS5MER.js";
-import "./chunk-6Y3XJGV7.js";
-import "./chunk-Y7XKC43A.js";
-import "./chunk-LFKP64TQ.js";
-import "./chunk-37M4NISG.js";
-import "./chunk-HZKRLQLG.js";
+import "./chunk-MZ4Z5AXI.js";
+import "./chunk-FIKBEVYL.js";
+import "./chunk-YP6AS724.js";
+import "./chunk-2WWR3DVD.js";
+import "./chunk-GL2HHK4G.js";
 import {
   EXIT_CODE_NO_RETRY,
   NonRetryableError
@@ -67,6 +68,7 @@ export {
   EXIT_CODE_NO_RETRY,
   NonRetryableError,
   __assignDenseNoncesForTest,
+  __selectStorageProviderModeForTest,
   applyManifestFetchAttributes,
   assertSubdomainOwnerMatchesSigner,
   buildFilesMap,

package/dist/dotns.d.ts

@@ -4,6 +4,7 @@ import { PolkadotSigner } from 'polkadot-api';
 import './personhood/bind-personal-id.js';
 import './personhood/claim-pgas.js';
 import './personhood/bind-paid-alias.js';
+import './personhood/chain-prereqs.js';
 
 interface DotNSConnectOptions {
     rpc?: string;
@@ -240,7 +241,7 @@ declare function classifyDotnsLabel(label: string): {
     status: number;
     message: string;
 };
-declare function canRegister(requiredStatus: number, userStatus: number, trailingDigits: number): boolean;
+declare function canRegister(requiredStatus: number, userStatus: number): boolean;
 declare function parseDomainName(input: string): ParsedDomainName;
 declare function parseProofOfPersonhoodStatus(status: string): number;
 declare function popStatusName(status: number): string;
@@ -305,6 +306,22 @@ interface AliasAccountClassification {
     paid?: boolean;
     revision?: number;
 }
+/**
+ * Pure classifier — interprets an `AliasAccounts.AccountToAlias` storage row
+ * (or `undefined` for "no row") and returns the alias-state classification.
+ *
+ * Split out from `classifyAliasAccountState` so the row → state mapping can
+ * be unit-tested without a chain connection.
+ *
+ * AliasAccounts pallet rewrite (paritytech/individuality#955, May 2026)
+ * collapsed the paid/free path split — every binding now pays `AliasFee`
+ * and the `paid` field no longer exists on the row. Classification keys
+ * on context alone: rows under the `dotns` context are heuristically
+ * flagged stale for reprove; rows under any other context are wrong-context;
+ * absent rows are not-bound. See docs-internal/dotns-bootstrap-handover.md
+ * §3 for the pallet contract.
+ */
+declare function classifyAliasAccountRow(row: unknown): AliasAccountClassification;
 /**
  * Format a user-facing remediation message for the "no personhood" preflight failure.
  * Pure function — unit-testable without a chain connection.
@@ -512,4 +529,4 @@ declare class DotNS {
 }
 declare const dotns: DotNS;
 
-export { ATTR_TX_RESOLUTION_KIND, type AliasAccountClassification, type AliasAccountState, CONNECTION_TIMEOUT_MS, CONTRACTS, ContractDryRunRevertError, DECIMALS, DEFAULT_MNEMONIC, DOTNS_TX_MAX_ATTEMPTS, DOT_NODE, DotNS, type DotNSConnectOptions, type DotnsPreflightResult, type DotnsSuccessAction, MINIMUM_REGISTER_STORAGE_DEPOSIT, NATIVE_TO_ETH_RATIO, OPERATION_TIMEOUT_MS, type OwnershipResult, PUBLISHER_ABI, type ParsedDomainName, type PriceValidationResult, ProofOfPersonhoodStatus, PublisherNotSupportedError, RPC_ENDPOINTS, TX_CHAIN_TIME_BUDGET_MS, TX_KIND_HASH, TX_KIND_NONCE_ADVANCED, TX_NO_PROGRESS_MS, TX_TIMEOUT_MS, TX_WALL_CLOCK_CEILING_MS, type TxResolution, WS_HEARTBEAT_TIMEOUT_MS, __formatContractDryRunFailureForTest, canRegister, classifyDotnsLabel, classifyTxRetryDecision, computeDomainTokenId, convertToHexString, convertWeiToNative, countTrailingDigits, decodePublisherRevert, dotns, feeFloorFor, fetchNonce, fmtPas, formatDispatchError, formatPersonhoodRemediation, formatPopShortfallReason, isCommitmentMature, isCommitmentTimingBarerevert, parseDomainName, parseProofOfPersonhoodStatus, popStatusName, sanitizeDomainLabel, stripTrailingDigits, validateDomainLabel, verifyNonceAdvanced };
+export { ATTR_TX_RESOLUTION_KIND, type AliasAccountClassification, type AliasAccountState, CONNECTION_TIMEOUT_MS, CONTRACTS, ContractDryRunRevertError, DECIMALS, DEFAULT_MNEMONIC, DOTNS_TX_MAX_ATTEMPTS, DOT_NODE, DotNS, type DotNSConnectOptions, type DotnsPreflightResult, type DotnsSuccessAction, MINIMUM_REGISTER_STORAGE_DEPOSIT, NATIVE_TO_ETH_RATIO, OPERATION_TIMEOUT_MS, type OwnershipResult, PUBLISHER_ABI, type ParsedDomainName, type PriceValidationResult, ProofOfPersonhoodStatus, PublisherNotSupportedError, RPC_ENDPOINTS, TX_CHAIN_TIME_BUDGET_MS, TX_KIND_HASH, TX_KIND_NONCE_ADVANCED, TX_NO_PROGRESS_MS, TX_TIMEOUT_MS, TX_WALL_CLOCK_CEILING_MS, type TxResolution, WS_HEARTBEAT_TIMEOUT_MS, __formatContractDryRunFailureForTest, canRegister, classifyAliasAccountRow, classifyDotnsLabel, classifyTxRetryDecision, computeDomainTokenId, convertToHexString, convertWeiToNative, countTrailingDigits, decodePublisherRevert, dotns, feeFloorFor, fetchNonce, fmtPas, formatDispatchError, formatPersonhoodRemediation, formatPopShortfallReason, isCommitmentMature, isCommitmentTimingBarerevert, parseDomainName, parseProofOfPersonhoodStatus, popStatusName, sanitizeDomainLabel, stripTrailingDigits, validateDomainLabel, verifyNonceAdvanced };