@parity/product-sdk-bulletin 0.1.0 → 0.2.1

package/dist/index.js

@@ -1,18 +1,22 @@
-// src/client.ts
-import { getChainAPI } from "@parity/product-sdk-chain-client";
-
-// src/authorization.ts
-import { createLogger } from "@parity/product-sdk-logger";
-import { Enum } from "polkadot-api";
+import { parseCid, CidCodec as CidCodec$1, UnixFsDagBuilder, AsyncBulletinClient } from '@parity/bulletin-sdk';
+export { AsyncBulletinClient, AuthCallBuilder, AuthorizationScope, BulletinError, BulletinPreparer, CID, CallBuilder, ChunkStatus, DEFAULT_CHUNKER_CONFIG, DEFAULT_CLIENT_CONFIG, DEFAULT_STORE_OPTIONS, ErrorCode, MAX_CHUNK_SIZE, MAX_FILE_SIZE, MockBulletinClient, StoreBuilder, TxStatus, WaitFor, calculateCid, cidFromBytes, cidToBytes, convertCid, estimateAuthorization, getContentHash, parseCid, reassembleChunks, resolveClientConfig, validateChunkSize } from '@parity/bulletin-sdk';
+import { getChainAPI, createChainClient } from '@parity/product-sdk-chain-client';
+import { createLogger } from '@parity/product-sdk-logger';
+import { submitAndWatch } from '@parity/product-sdk-tx';
+import { Enum } from 'polkadot-api';
+import { getPreimageManager } from '@parity/product-sdk-host';
+import { CID } from 'multiformats/cid';
+import * as Digest from 'multiformats/hashes/digest';
+import { bulletin } from '@parity/product-sdk-descriptors/bulletin';
 
-// src/errors.ts
-var BulletinError = class extends Error {
+// src/client.ts
+var ProductBulletinError = class extends Error {
   constructor(message, options) {
     super(message, options);
-    this.name = "BulletinError";
+    this.name = "ProductBulletinError";
   }
 };
-var BulletinHostUnavailableError = class extends BulletinError {
+var BulletinHostUnavailableError = class extends ProductBulletinError {
   constructor(operation) {
     super(
       `Host preimage API unavailable for ${operation}. Ensure you are running inside a host container (Polkadot Browser / Desktop).`
@@ -20,7 +24,7 @@ var BulletinHostUnavailableError = class extends BulletinError {
     this.name = "BulletinHostUnavailableError";
   }
 };
-var BulletinLookupTimeoutError = class extends BulletinError {
+var BulletinLookupTimeoutError = class extends ProductBulletinError {
   /** The CID that was being looked up. */
   cid;
   /** The timeout duration in milliseconds. */
@@ -32,7 +36,7 @@ var BulletinLookupTimeoutError = class extends BulletinError {
     this.timeoutMs = timeoutMs;
   }
 };
-var BulletinLookupInterruptedError = class extends BulletinError {
+var BulletinLookupInterruptedError = class extends ProductBulletinError {
   /** The CID that was being looked up. */
   cid;
   constructor(cid) {
@@ -41,40 +45,7 @@ var BulletinLookupInterruptedError = class extends BulletinError {
     this.cid = cid;
   }
 };
-var BulletinAuthorizationError = class extends BulletinError {
-  /** The address that was being checked. */
-  address;
-  constructor(address, cause) {
-    super(`Failed to check authorization for ${address}`, { cause });
-    this.name = "BulletinAuthorizationError";
-    this.address = address;
-  }
-};
-var BulletinGatewayUnavailableError = class extends BulletinError {
-  /** The environment that was requested. */
-  environment;
-  constructor(environment) {
-    super(`Bulletin gateway for "${environment}" is not yet available`);
-    this.name = "BulletinGatewayUnavailableError";
-    this.environment = environment;
-  }
-};
-var BulletinGatewayFetchError = class extends BulletinError {
-  /** The CID that was being fetched. */
-  cid;
-  /** The HTTP status code returned by the gateway. */
-  status;
-  /** The HTTP status text returned by the gateway. */
-  statusText;
-  constructor(cid, status, statusText) {
-    super(`Gateway fetch failed for ${cid}: ${status} ${statusText}`);
-    this.name = "BulletinGatewayFetchError";
-    this.cid = cid;
-    this.status = status;
-    this.statusText = statusText;
-  }
-};
-var BulletinCidError = class extends BulletinError {
+var BulletinCidError = class extends ProductBulletinError {
   /** The invalid CID string, if available. */
   cid;
   constructor(message, cid) {
@@ -83,84 +54,15 @@ var BulletinCidError = class extends BulletinError {
     this.cid = cid;
   }
 };
-if (void 0) {
-  const { describe, test, expect } = void 0;
-  describe("BulletinError hierarchy", () => {
-    test("BulletinError is instanceof Error", () => {
-      const err = new BulletinError("test");
-      expect(err).toBeInstanceOf(Error);
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinError");
-    });
-    test("BulletinHostUnavailableError", () => {
-      const err = new BulletinHostUnavailableError("upload");
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinHostUnavailableError");
-      expect(err.message).toContain("upload");
-      expect(err.message).toContain("Host preimage API unavailable");
-    });
-    test("BulletinLookupTimeoutError", () => {
-      const err = new BulletinLookupTimeoutError("bafyabc123", 3e4);
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinLookupTimeoutError");
-      expect(err.cid).toBe("bafyabc123");
-      expect(err.timeoutMs).toBe(3e4);
-      expect(err.message).toContain("30000ms");
-      expect(err.message).toContain("bafyabc123");
-    });
-    test("BulletinLookupInterruptedError", () => {
-      const err = new BulletinLookupInterruptedError("bafyabc123");
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinLookupInterruptedError");
-      expect(err.cid).toBe("bafyabc123");
-      expect(err.message).toContain("interrupted");
-    });
-    test("BulletinAuthorizationError with cause", () => {
-      const cause = new Error("RPC timeout");
-      const err = new BulletinAuthorizationError("5GrwvaEF...", cause);
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinAuthorizationError");
-      expect(err.address).toBe("5GrwvaEF...");
-      expect(err.cause).toBe(cause);
-    });
-    test("BulletinGatewayUnavailableError", () => {
-      const err = new BulletinGatewayUnavailableError("polkadot");
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinGatewayUnavailableError");
-      expect(err.environment).toBe("polkadot");
-      expect(err.message).toContain("polkadot");
-    });
-    test("BulletinGatewayFetchError", () => {
-      const err = new BulletinGatewayFetchError("bafyabc", 404, "Not Found");
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinGatewayFetchError");
-      expect(err.cid).toBe("bafyabc");
-      expect(err.status).toBe(404);
-      expect(err.statusText).toBe("Not Found");
-      expect(err.message).toContain("404");
-    });
-    test("BulletinCidError", () => {
-      const err = new BulletinCidError("Expected CIDv1, got CIDv0", "Qmabc");
-      expect(err).toBeInstanceOf(BulletinError);
-      expect(err.name).toBe("BulletinCidError");
-      expect(err.cid).toBe("Qmabc");
-    });
-    test("all errors can be caught with BulletinError", () => {
-      const errors = [
-        new BulletinHostUnavailableError("query"),
-        new BulletinLookupTimeoutError("cid", 1e3),
-        new BulletinLookupInterruptedError("cid"),
-        new BulletinAuthorizationError("addr"),
-        new BulletinGatewayUnavailableError("env"),
-        new BulletinGatewayFetchError("cid", 500, "Error"),
-        new BulletinCidError("bad cid")
-      ];
-      for (const err of errors) {
-        expect(err).toBeInstanceOf(BulletinError);
-      }
-    });
-  });
-}
+var BulletinAuthorizationError = class extends ProductBulletinError {
+  /** The address that was being checked. */
+  address;
+  constructor(address, cause) {
+    super(`Failed to check authorization for ${address}`, { cause });
+    this.name = "BulletinAuthorizationError";
+    this.address = address;
+  }
+};
 
 // src/authorization.ts
 var log = createLogger("bulletin");
@@ -186,8 +88,11 @@ async function checkAuthorization(api, address) {
   }
   const status = {
     authorized: true,
-    remainingTransactions: auth.extent.transactions,
-    remainingBytes: auth.extent.bytes,
+    remainingTransactions: auth.extent.transactions_allowance - auth.extent.transactions,
+    // `auth` is `any` (TypedApi<any> upstream — see line 53). TS narrows
+    // `any - any` to `number`, so cast each u64 operand to bigint to keep
+    // the subtraction in bigint space. Runtime values are bigints from PAPI.
+    remainingBytes: auth.extent.bytes_allowance - auth.extent.bytes,
     expiration: auth.expiration
   };
   log.debug("checkAuthorization", {
@@ -198,112 +103,41 @@ async function checkAuthorization(api, address) {
   });
   return status;
 }
-if (void 0) {
-  let createMockApi = function(authResult) {
-    return {
-      query: {
-        TransactionStorage: {
-          Authorizations: {
-            getValue: vi.fn().mockResolvedValue(authResult)
-          }
-        }
-      }
-    };
-  };
-  createMockApi2 = createMockApi;
-  const { describe, test, expect, vi } = void 0;
-  describe("checkAuthorization", () => {
-    test("returns not authorized when no authorization exists", async () => {
-      const api = createMockApi(void 0);
-      const status = await checkAuthorization(api, "5GrwvaEF...");
-      expect(status.authorized).toBe(false);
-      expect(status.remainingTransactions).toBe(0);
-      expect(status.remainingBytes).toBe(0n);
-      expect(status.expiration).toBe(0);
-    });
-    test("returns authorization with full quota", async () => {
-      const api = createMockApi({
-        extent: { transactions: 10, bytes: 1000000n },
-        expiration: 999
-      });
-      const status = await checkAuthorization(api, "5GrwvaEF...");
-      expect(status.authorized).toBe(true);
-      expect(status.remainingTransactions).toBe(10);
-      expect(status.remainingBytes).toBe(1000000n);
-      expect(status.expiration).toBe(999);
-    });
-    test("returns authorization with zero transactions remaining", async () => {
-      const api = createMockApi({
-        extent: { transactions: 0, bytes: 1000000n },
-        expiration: 999
-      });
-      const status = await checkAuthorization(api, "5GrwvaEF...");
-      expect(status.authorized).toBe(true);
-      expect(status.remainingTransactions).toBe(0);
-    });
-    test("returns authorization with zero bytes remaining", async () => {
-      const api = createMockApi({
-        extent: { transactions: 5, bytes: 0n },
-        expiration: 999
-      });
-      const status = await checkAuthorization(api, "5GrwvaEF...");
-      expect(status.authorized).toBe(true);
-      expect(status.remainingBytes).toBe(0n);
-    });
-    test("preserves expiration block number", async () => {
-      const api = createMockApi({
-        extent: { transactions: 1, bytes: 500n },
-        expiration: 12345
-      });
-      const status = await checkAuthorization(api, "5GrwvaEF...");
-      expect(status.expiration).toBe(12345);
-    });
-    test("throws BulletinAuthorizationError when query fails", async () => {
-      const api = {
-        query: {
-          TransactionStorage: {
-            Authorizations: {
-              getValue: vi.fn().mockRejectedValue(new Error("RPC connection lost"))
-            }
-          }
-        }
-      };
-      const err = await checkAuthorization(api, "5GrwvaEF...").catch((e) => e);
-      expect(err).toBeInstanceOf(BulletinAuthorizationError);
-      const error = err;
-      expect(error.address).toBe("5GrwvaEF...");
-      expect(error.cause).toBeInstanceOf(Error);
-      expect(error.cause.message).toBe("RPC connection lost");
-    });
-    test("passes correct Enum key to the query", async () => {
-      const getValue = vi.fn().mockResolvedValue(void 0);
-      const api = {
-        query: {
-          TransactionStorage: {
-            Authorizations: { getValue }
-          }
-        }
-      };
-      await checkAuthorization(api, "5GrwvaEF...");
-      expect(getValue).toHaveBeenCalledTimes(1);
-      const arg = getValue.mock.calls[0][0];
-      expect(arg.type).toBe("Account");
-      expect(arg.value).toBe("5GrwvaEF...");
-    });
+async function authorizeAccount(api, who, transactions, bytes, signer, options = {}) {
+  const { viaSudo = false, waitFor, timeoutMs, onStatus } = options;
+  const apiTx = api.tx;
+  log.info("authorizeAccount: building extrinsic", {
+    who,
+    transactions,
+    bytes: bytes.toString(),
+    viaSudo
+  });
+  if (viaSudo && !apiTx.Sudo?.sudo) {
+    throw new ProductBulletinError(
+      "viaSudo: true requires the Sudo pallet, which is not available on this network. On production networks (Polkadot, Kusama), authorize_account requires governance or a different mechanism."
+    );
+  }
+  const authorizeTx = apiTx.TransactionStorage.authorize_account({
+    who,
+    transactions,
+    bytes
+  });
+  const txToSubmit = viaSudo ? apiTx.Sudo.sudo({ call: authorizeTx.decodedCall }) : authorizeTx;
+  const result = await submitAndWatch(txToSubmit, signer, {
+    waitFor,
+    timeoutMs,
+    onStatus
   });
+  log.info("authorizeAccount: included in block", {
+    who,
+    blockHash: result.block.hash
+  });
+  return { blockHash: result.block.hash };
 }
-var createMockApi2;
-
-// src/cid.ts
-import { blake2b256, bytesToHex, hexToBytes } from "@parity/product-sdk-crypto";
-import { createLogger as createLogger2 } from "@parity/product-sdk-logger";
-import { CID } from "multiformats/cid";
-import * as Digest from "multiformats/hashes/digest";
-var log2 = createLogger2("bulletin");
 var HashAlgorithm = {
-  /** BLAKE2b-256 — default for product-sdk and the chain SDK. */
+  /** BLAKE2b-256 — chain default. */
   Blake2b256: 45600,
-  /** SHA2-256 — default for bulletin-deploy. */
+  /** SHA2-256. */
   Sha2_256: 18,
   /** Keccak-256 — Ethereum compatibility. */
   Keccak256: 27
@@ -311,7 +145,7 @@ var HashAlgorithm = {
 var CidCodec = {
   /** Raw binary — default for single-chunk data. */
   Raw: 85,
-  /** DAG-PB — used for multi-chunk manifests / directory structures. */
+  /** DAG-PB — used for multi-chunk manifests / IPFS UnixFS. */
   DagPb: 112,
   /** DAG-CBOR — alternative DAG encoding. */
   DagCbor: 113
@@ -319,29 +153,17 @@ var CidCodec = {
 var SUPPORTED_HASH_CODES = new Set(Object.values(HashAlgorithm));
 var SUPPORTED_CODEC_CODES = new Set(Object.values(CidCodec));
 var EXPECTED_HEX_LENGTH = 66;
-function computeCid(data) {
-  const hash = blake2b256(data);
-  return CID.createV1(CidCodec.Raw, Digest.create(HashAlgorithm.Blake2b256, hash)).toString();
-}
-function cidToPreimageKey(cid) {
-  const parsed = CID.parse(cid);
-  if (parsed.version !== 1) {
-    throw new BulletinCidError(`Expected CIDv1, got CIDv${parsed.version}`, cid);
-  }
-  if (!SUPPORTED_HASH_CODES.has(parsed.multihash.code)) {
-    throw new BulletinCidError(
-      `Unsupported hash algorithm 0x${parsed.multihash.code.toString(16)}; expected one of: ${[...SUPPORTED_HASH_CODES].map((c) => `0x${c.toString(16)}`).join(", ")}`,
-      cid
-    );
-  }
-  return `0x${bytesToHex(parsed.multihash.digest)}`;
-}
 function hashToCid(hexHash, hashCode = HashAlgorithm.Blake2b256, codec = CidCodec.Raw) {
   if (hexHash.length !== EXPECTED_HEX_LENGTH) {
     throw new BulletinCidError(
       `Expected a 0x-prefixed 32-byte hex hash (${EXPECTED_HEX_LENGTH} chars), got ${hexHash.length} chars`
     );
   }
+  if (!/^0x[0-9a-fA-F]{64}$/.test(hexHash)) {
+    throw new BulletinCidError(
+      `Invalid hash format: expected 0x-prefixed 32-byte hex string, got: ${hexHash}`
+    );
+  }
   if (!SUPPORTED_HASH_CODES.has(hashCode)) {
     throw new BulletinCidError(
       `Unsupported hash algorithm 0x${hashCode.toString(16)}; expected one of: ${[...SUPPORTED_HASH_CODES].map((c) => `0x${c.toString(16)}`).join(", ")}`
@@ -352,346 +174,49 @@ function hashToCid(hexHash, hashCode = HashAlgorithm.Blake2b256, codec = CidCode
       `Unsupported CID codec 0x${codec.toString(16)}; expected one of: ${[...SUPPORTED_CODEC_CODES].map((c) => `0x${c.toString(16)}`).join(", ")}`
     );
   }
-  const digest = hexToBytes(hexHash.slice(2));
-  const cid = CID.createV1(codec, Digest.create(hashCode, digest)).toString();
-  log2.debug("hashToCid", { hexHash, hashCode, codec, cid });
-  return cid;
+  const digest = hexToBytes(hexHash);
+  return CID.createV1(codec, Digest.create(hashCode, digest)).toString();
 }
-if (void 0) {
-  const { describe, test, expect } = void 0;
-  describe("computeCid", () => {
-    test("produces known CID for known input", () => {
-      const data = new TextEncoder().encode("hello bulletin");
-      const cid = computeCid(data);
-      expect(cid).toBe(computeCid(new TextEncoder().encode("hello bulletin")));
-      expect(cid).toMatch(/^b[a-z2-7]+$/);
-    });
-    test("deterministic \u2014 same input, same output", () => {
-      const data = new Uint8Array([1, 2, 3, 4, 5]);
-      expect(computeCid(data)).toBe(computeCid(data));
-    });
-    test("different inputs produce different CIDs", () => {
-      const a = computeCid(new Uint8Array([1]));
-      const b = computeCid(new Uint8Array([2]));
-      expect(a).not.toBe(b);
-    });
-    test("empty input produces valid CID", () => {
-      const cid = computeCid(new Uint8Array(0));
-      expect(cid).toMatch(/^b[a-z2-7]+$/);
-    });
-    test("matches reference implementation (manual varint)", () => {
-      const data = new TextEncoder().encode("test");
-      const cid = computeCid(data);
-      expect(cid[0]).toBe("b");
-      const parsed = CID.parse(cid);
-      expect(parsed.version).toBe(1);
-      expect(parsed.code).toBe(CidCodec.Raw);
-    });
-  });
-  describe("cidToPreimageKey", () => {
-    test("round-trips with computeCid \u2014 returns 0x-prefixed 64-char hex", () => {
-      const data = new TextEncoder().encode("hello bulletin");
-      const cid = computeCid(data);
-      const key = cidToPreimageKey(cid);
-      expect(key).toMatch(/^0x[0-9a-f]{64}$/);
-    });
-    test("deterministic \u2014 same CID always yields same key", () => {
-      const cid = computeCid(new Uint8Array([1, 2, 3]));
-      expect(cidToPreimageKey(cid)).toBe(cidToPreimageKey(cid));
-    });
-    test("matches raw blake2b-256 hash", () => {
-      const data = new TextEncoder().encode("test");
-      const cid = computeCid(data);
-      const key = cidToPreimageKey(cid);
-      const hash = blake2b256(data);
-      const expected = `0x${bytesToHex(hash)}`;
-      expect(key).toBe(expected);
-    });
-    test("accepts CIDv1 with sha2-256", () => {
-      const hash = new Uint8Array(32).fill(205);
-      const cidV1 = CID.createV1(CidCodec.Raw, Digest.create(HashAlgorithm.Sha2_256, hash));
-      const key = cidToPreimageKey(cidV1.toString());
-      expect(key).toMatch(/^0x[0-9a-f]{64}$/);
-      expect(key).toBe(`0x${bytesToHex(hash)}`);
-    });
-    test("accepts CIDv1 with keccak-256", () => {
-      const hash = new Uint8Array(32).fill(239);
-      const cidV1 = CID.createV1(CidCodec.Raw, Digest.create(HashAlgorithm.Keccak256, hash));
-      const key = cidToPreimageKey(cidV1.toString());
-      expect(key).toBe(`0x${bytesToHex(hash)}`);
-    });
-    test("throws BulletinCidError for CIDv0 input", () => {
-      const hash = new Uint8Array(32).fill(171);
-      const cidV0 = CID.create(0, 112, Digest.create(HashAlgorithm.Sha2_256, hash));
-      expect(() => cidToPreimageKey(cidV0.toString())).toThrow(BulletinCidError);
-    });
-    test("throws BulletinCidError for CIDv1 with unsupported hash algorithm", () => {
-      const unsupportedCode = 153;
-      const hash = new Uint8Array(32).fill(171);
-      const cidV1 = CID.createV1(CidCodec.Raw, Digest.create(unsupportedCode, hash));
-      expect(() => cidToPreimageKey(cidV1.toString())).toThrow(BulletinCidError);
-    });
-  });
-  describe("hashToCid", () => {
-    test("round-trips with cidToPreimageKey \u2014 hex \u2192 CID \u2192 hex", () => {
-      const data = new TextEncoder().encode("hello bulletin");
-      const originalCid = computeCid(data);
-      const hex = cidToPreimageKey(originalCid);
-      const reconstructed = hashToCid(hex);
-      expect(reconstructed).toBe(originalCid);
-    });
-    test("full cycle: data \u2192 CID \u2192 hex \u2192 CID", () => {
-      const data = new Uint8Array([10, 20, 30, 40, 50]);
-      const cid1 = computeCid(data);
-      const hex = cidToPreimageKey(cid1);
-      const cid2 = hashToCid(hex);
-      expect(cid2).toBe(cid1);
-    });
-    test("deterministic \u2014 same hex always yields same CID", () => {
-      const hex = cidToPreimageKey(computeCid(new Uint8Array([1, 2, 3])));
-      expect(hashToCid(hex)).toBe(hashToCid(hex));
-    });
-    test("produces valid base32-lower CIDv1 (default: blake2b-256, raw)", () => {
-      const hex = cidToPreimageKey(computeCid(new TextEncoder().encode("test")));
-      const cid = hashToCid(hex);
-      expect(cid).toMatch(/^b[a-z2-7]+$/);
-      const parsed = CID.parse(cid);
-      expect(parsed.version).toBe(1);
-      expect(parsed.code).toBe(CidCodec.Raw);
-      expect(parsed.multihash.code).toBe(HashAlgorithm.Blake2b256);
-    });
-    test("sha2-256 produces different CID from blake2b-256 for same hash", () => {
-      const hex = `0x${"ab".repeat(32)}`;
-      const blake = hashToCid(hex, HashAlgorithm.Blake2b256);
-      const sha = hashToCid(hex, HashAlgorithm.Sha2_256);
-      expect(blake).not.toBe(sha);
-      expect(CID.parse(blake).version).toBe(1);
-      expect(CID.parse(sha).version).toBe(1);
-    });
-    test("sha2-256 round-trips through cidToPreimageKey", () => {
-      const hex = `0x${"cd".repeat(32)}`;
-      const cid = hashToCid(hex, HashAlgorithm.Sha2_256);
-      const extracted = cidToPreimageKey(cid);
-      expect(extracted).toBe(hex);
-    });
-    test("keccak-256 round-trips through cidToPreimageKey", () => {
-      const hex = `0x${"ef".repeat(32)}`;
-      const cid = hashToCid(hex, HashAlgorithm.Keccak256);
-      const extracted = cidToPreimageKey(cid);
-      expect(extracted).toBe(hex);
-    });
-    test("dag-pb codec produces different CID from raw for same hash", () => {
-      const hex = `0x${"ab".repeat(32)}`;
-      const rawCid = hashToCid(hex, HashAlgorithm.Blake2b256, CidCodec.Raw);
-      const dagPbCid = hashToCid(hex, HashAlgorithm.Blake2b256, CidCodec.DagPb);
-      expect(rawCid).not.toBe(dagPbCid);
-      expect(CID.parse(dagPbCid).code).toBe(CidCodec.DagPb);
-    });
-    test("dag-cbor codec works", () => {
-      const hex = `0x${"ab".repeat(32)}`;
-      const cid = hashToCid(hex, HashAlgorithm.Blake2b256, CidCodec.DagCbor);
-      expect(CID.parse(cid).code).toBe(CidCodec.DagCbor);
-    });
-    test("throws BulletinCidError for hex that is too short", () => {
-      expect(() => hashToCid("0xabcd")).toThrow(BulletinCidError);
-    });
-    test("throws BulletinCidError for hex that is too long", () => {
-      const tooLong = `0x${"aa".repeat(33)}`;
-      expect(() => hashToCid(tooLong)).toThrow(BulletinCidError);
-    });
-    test("throws for non-hex characters", () => {
-      const bad = `0x${"zz".repeat(32)}`;
-      expect(() => hashToCid(bad)).toThrow();
-    });
-    test("throws BulletinCidError for unsupported hash algorithm", () => {
-      const hex = `0x${"ab".repeat(32)}`;
-      expect(() => hashToCid(hex, 153)).toThrow(BulletinCidError);
-    });
-    test("throws BulletinCidError for unsupported codec", () => {
-      const hex = `0x${"ab".repeat(32)}`;
-      expect(() => hashToCid(hex, HashAlgorithm.Blake2b256, 153)).toThrow(
-        BulletinCidError
-      );
-    });
-  });
-}
-
-// src/gateway.ts
-var GATEWAYS = {
-  paseo: "https://paseo-ipfs.polkadot.io/ipfs/"
-};
-var DEFAULT_FETCH_TIMEOUT_MS = 3e4;
-function getGateway(env) {
-  const gw = GATEWAYS[env];
-  if (!gw) {
-    throw new BulletinGatewayUnavailableError(env);
-  }
-  return gw;
-}
-function gatewayUrl(cid, gateway) {
-  return `${gateway}${cid}`;
-}
-async function cidExists(cid, gateway, options) {
-  const timeoutMs = options?.timeoutMs ?? DEFAULT_FETCH_TIMEOUT_MS;
-  const controller = new AbortController();
-  const timer = setTimeout(() => controller.abort(), timeoutMs);
+function cidToPreimageKey(cid) {
+  let parsed;
   try {
-    const response = await fetch(gatewayUrl(cid, gateway), {
-      method: "HEAD",
-      signal: controller.signal
-    });
-    return response.ok;
+    parsed = CID.parse(cid);
   } catch {
-    return false;
-  } finally {
-    clearTimeout(timer);
+    throw new BulletinCidError(`Invalid CID: ${cid}`, cid);
   }
-}
-async function fetchBytes(cid, gateway, options) {
-  const timeoutMs = options?.timeoutMs ?? DEFAULT_FETCH_TIMEOUT_MS;
-  const controller = new AbortController();
-  const timer = setTimeout(() => controller.abort(), timeoutMs);
-  try {
-    const response = await fetch(gatewayUrl(cid, gateway), { signal: controller.signal });
-    if (!response.ok) {
-      throw new BulletinGatewayFetchError(cid, response.status, response.statusText);
-    }
-    return new Uint8Array(await response.arrayBuffer());
-  } finally {
-    clearTimeout(timer);
+  if (parsed.version !== 1) {
+    throw new BulletinCidError(`Expected CIDv1, got CIDv${parsed.version}`, cid);
+  }
+  if (!SUPPORTED_HASH_CODES.has(parsed.multihash.code)) {
+    throw new BulletinCidError(
+      `Unsupported hash algorithm 0x${parsed.multihash.code.toString(16)}; expected one of: ${[...SUPPORTED_HASH_CODES].map((c) => `0x${c.toString(16)}`).join(", ")}`,
+      cid
+    );
   }
+  return `0x${bytesToHex(parsed.multihash.digest)}`;
 }
-async function fetchJson(cid, gateway, options) {
-  const bytes = await fetchBytes(cid, gateway, options);
-  return JSON.parse(new TextDecoder().decode(bytes));
+function hexToBytes(hex) {
+  const out = new Uint8Array(32);
+  for (let i = 0; i < 32; i++) {
+    out[i] = Number.parseInt(hex.slice(2 + i * 2, 4 + i * 2), 16);
+  }
+  return out;
 }
-if (void 0) {
-  const { describe, test, expect, vi, afterEach } = void 0;
-  afterEach(() => {
-    vi.restoreAllMocks();
-  });
-  describe("getGateway", () => {
-    test("returns known URL for paseo", () => {
-      const gw = getGateway("paseo");
-      expect(gw).toMatch(/^https:\/\//);
-      expect(gw).toMatch(/\/ipfs\/$/);
-    });
-    test("throws BulletinGatewayUnavailableError for environments without a live gateway", () => {
-      expect(() => getGateway("polkadot")).toThrow(BulletinGatewayUnavailableError);
-      expect(() => getGateway("kusama")).toThrow(BulletinGatewayUnavailableError);
-    });
-  });
-  describe("gatewayUrl", () => {
-    test("concatenates gateway and CID", () => {
-      expect(gatewayUrl("bafyabc", "https://gw.example/ipfs/")).toBe(
-        "https://gw.example/ipfs/bafyabc"
-      );
-    });
-  });
-  describe("cidExists", () => {
-    test("returns true for 200 response", async () => {
-      vi.stubGlobal("fetch", vi.fn().mockResolvedValue({ ok: true }));
-      expect(await cidExists("bafyabc", "https://gw/ipfs/")).toBe(true);
-    });
-    test("returns false for 404 response", async () => {
-      vi.stubGlobal("fetch", vi.fn().mockResolvedValue({ ok: false, status: 404 }));
-      expect(await cidExists("bafyabc", "https://gw/ipfs/")).toBe(false);
-    });
-    test("returns false on network error", async () => {
-      vi.stubGlobal("fetch", vi.fn().mockRejectedValue(new Error("network")));
-      expect(await cidExists("bafyabc", "https://gw/ipfs/")).toBe(false);
-    });
-    test("returns false on timeout", async () => {
-      vi.stubGlobal(
-        "fetch",
-        vi.fn().mockImplementation(
-          (_url, init) => new Promise((_resolve, reject) => {
-            init.signal.addEventListener(
-              "abort",
-              () => reject(new DOMException("aborted", "AbortError"))
-            );
-          })
-        )
-      );
-      expect(await cidExists("bafyabc", "https://gw/ipfs/", { timeoutMs: 10 })).toBe(false);
-    });
-  });
-  describe("fetchBytes", () => {
-    test("returns bytes from response", async () => {
-      const payload = new Uint8Array([1, 2, 3]);
-      vi.stubGlobal(
-        "fetch",
-        vi.fn().mockResolvedValue({
-          ok: true,
-          arrayBuffer: () => Promise.resolve(payload.buffer)
-        })
-      );
-      const result = await fetchBytes("bafyabc", "https://gw/ipfs/");
-      expect(result).toEqual(payload);
-    });
-    test("throws BulletinGatewayFetchError on non-ok response", async () => {
-      vi.stubGlobal(
-        "fetch",
-        vi.fn().mockResolvedValue({
-          ok: false,
-          status: 500,
-          statusText: "Internal Server Error"
-        })
-      );
-      const err = await fetchBytes("bafyabc", "https://gw/ipfs/").catch((e) => e);
-      expect(err).toBeInstanceOf(BulletinGatewayFetchError);
-      expect(err.cid).toBe("bafyabc");
-      expect(err.status).toBe(500);
-    });
-    test("throws on timeout", async () => {
-      vi.stubGlobal(
-        "fetch",
-        vi.fn().mockImplementation(
-          (_url, init) => new Promise((_resolve, reject) => {
-            init.signal.addEventListener(
-              "abort",
-              () => reject(new DOMException("aborted", "AbortError"))
-            );
-          })
-        )
-      );
-      await expect(
-        fetchBytes("bafyabc", "https://gw/ipfs/", { timeoutMs: 10 })
-      ).rejects.toThrow();
-    });
-  });
-  describe("fetchJson", () => {
-    test("parses JSON from response", async () => {
-      const obj = { name: "test", value: 42 };
-      const bytes = new TextEncoder().encode(JSON.stringify(obj));
-      vi.stubGlobal(
-        "fetch",
-        vi.fn().mockResolvedValue({
-          ok: true,
-          arrayBuffer: () => Promise.resolve(bytes.buffer)
-        })
-      );
-      const result = await fetchJson(
-        "bafyabc",
-        "https://gw/ipfs/"
-      );
-      expect(result).toEqual(obj);
-    });
-  });
+function bytesToHex(bytes) {
+  let s = "";
+  for (let i = 0; i < bytes.length; i++) {
+    s += bytes[i].toString(16).padStart(2, "0");
+  }
+  return s;
 }
 
-// src/query.ts
-import { createLogger as createLogger4 } from "@parity/product-sdk-logger";
-
 // src/resolve-query.ts
-import { getPreimageManager } from "@parity/product-sdk-host";
-import { createLogger as createLogger3 } from "@parity/product-sdk-logger";
-var log3 = createLogger3("bulletin");
+var log2 = createLogger("bulletin");
 var DEFAULT_LOOKUP_TIMEOUT_MS = 3e4;
 async function resolveQueryStrategy() {
   const preimageManager = await getPreimageManager();
   if (preimageManager) {
-    log3.info("using host preimage lookup for bulletin queries");
+    log2.info("using host preimage lookup for bulletin queries");
     return {
       kind: "host-lookup",
       lookup: (cid, timeoutMs) => lookupViaHost(preimageManager, cid, timeoutMs)
@@ -730,84 +255,9 @@ function lookupViaHost(manager, cid, timeoutMs = DEFAULT_LOOKUP_TIMEOUT_MS) {
     });
   });
 }
-if (void 0) {
-  const { describe, test, expect, vi } = void 0;
-  describe("lookupViaHost", () => {
-    function createMockManager(behavior) {
-      const unsubscribe = vi.fn();
-      const cancelInterrupt = vi.fn();
-      let interruptCb;
-      const lookup = vi.fn((_key, callback) => {
-        const data = new Uint8Array([10, 20, 30]);
-        queueMicrotask(() => {
-          if (behavior === "resolve") {
-            callback(data);
-          } else if (behavior === "null-then-resolve") {
-            callback(null);
-            queueMicrotask(() => callback(data));
-          } else if (behavior === "interrupt") {
-            interruptCb?.();
-          }
-        });
-        return {
-          unsubscribe,
-          onInterrupt: (cb) => {
-            interruptCb = cb;
-            return cancelInterrupt;
-          }
-        };
-      });
-      return { lookup, unsubscribe, cancelInterrupt, submit: vi.fn() };
-    }
-    const testCid = computeCid2(new TextEncoder().encode("test"));
-    test("resolves on first non-null callback", async () => {
-      const manager = createMockManager("resolve");
-      const result = await lookupViaHost(manager, testCid);
-      expect(result).toEqual(new Uint8Array([10, 20, 30]));
-    });
-    test("ignores null callbacks and resolves on subsequent data", async () => {
-      const manager = createMockManager("null-then-resolve");
-      const result = await lookupViaHost(manager, testCid);
-      expect(result).toEqual(new Uint8Array([10, 20, 30]));
-    });
-    test("rejects with BulletinLookupTimeoutError on timeout", async () => {
-      const { BulletinLookupTimeoutError: BulletinLookupTimeoutError2 } = await null;
-      const manager = createMockManager("hang");
-      const err = await lookupViaHost(manager, testCid, 50).catch((e) => e);
-      expect(err).toBeInstanceOf(BulletinLookupTimeoutError2);
-      expect(err.cid).toBe(testCid);
-      expect(err.timeoutMs).toBe(50);
-    });
-    test("rejects with BulletinLookupInterruptedError on interrupt", async () => {
-      const { BulletinLookupInterruptedError: BulletinLookupInterruptedError2 } = await null;
-      const manager = createMockManager("interrupt");
-      const err = await lookupViaHost(manager, testCid).catch((e) => e);
-      expect(err).toBeInstanceOf(BulletinLookupInterruptedError2);
-      expect(err.cid).toBe(testCid);
-    });
-    test("calls unsubscribe and cancelInterrupt on resolution", async () => {
-      const manager = createMockManager("resolve");
-      await lookupViaHost(manager, testCid);
-      expect(manager.unsubscribe).toHaveBeenCalledOnce();
-      expect(manager.cancelInterrupt).toHaveBeenCalledOnce();
-    });
-    test("calls unsubscribe on interrupt", async () => {
-      const manager = createMockManager("interrupt");
-      await lookupViaHost(manager, testCid).catch(() => {
-      });
-      expect(manager.unsubscribe).toHaveBeenCalledOnce();
-    });
-    test("passes correct hex key to manager", async () => {
-      const expectedKey = cidToPreimageKey(testCid);
-      const manager = createMockManager("resolve");
-      await lookupViaHost(manager, testCid);
-      expect(manager.lookup).toHaveBeenCalledWith(expectedKey, expect.any(Function));
-    });
-  });
-}
 
 // src/query.ts
-var log4 = createLogger4("bulletin");
+var log3 = createLogger("bulletin");
 async function queryBytes(cid, options) {
   const strategy = await resolveQueryStrategy();
   return executeQuery(strategy, cid, options);
@@ -817,528 +267,268 @@ async function queryJson(cid, options) {
   return JSON.parse(new TextDecoder().decode(bytes));
 }
 async function executeQuery(strategy, cid, options) {
-  log4.info("querying via host preimage lookup", { cid });
-  return strategy.lookup(cid, options?.lookupTimeoutMs);
+  log3.info("query: host preimage lookup", { cid });
+  const bytes = await strategy.lookup(cid, options?.lookupTimeoutMs);
+  if (options?.noReassemble) return bytes;
+  const parsed = parseCid(cid);
+  if (parsed.code !== CidCodec$1.DagPb) return bytes;
+  log3.info("query: reassembling DAG-PB manifest", { cid });
+  const builder = new UnixFsDagBuilder();
+  const { chunkCids } = await builder.parse(bytes);
+  const chunks = await Promise.all(
+    chunkCids.map((c) => strategy.lookup(c.toString(), options?.lookupTimeoutMs))
+  );
+  let total = 0;
+  for (const chunk of chunks) total += chunk.length;
+  const out = new Uint8Array(total);
+  let offset = 0;
+  for (const chunk of chunks) {
+    out.set(chunk, offset);
+    offset += chunk.length;
+  }
+  return out;
 }
-if (void 0) {
-  const { describe, test, expect, vi } = void 0;
-  describe("executeQuery", () => {
-    const testData = new Uint8Array([1, 2, 3]);
-    test("executes host-lookup strategy", async () => {
-      const lookup = vi.fn().mockResolvedValue(testData);
-      const strategy = { kind: "host-lookup", lookup };
-      const result = await executeQuery(strategy, "bafytest");
-      expect(result).toBe(testData);
-      expect(lookup).toHaveBeenCalledWith("bafytest", void 0);
-    });
-    test("passes lookupTimeoutMs to host-lookup", async () => {
-      const lookup = vi.fn().mockResolvedValue(testData);
-      const strategy = { kind: "host-lookup", lookup };
-      await executeQuery(strategy, "bafytest", { lookupTimeoutMs: 5e3 });
-      expect(lookup).toHaveBeenCalledWith("bafytest", 5e3);
-    });
-  });
-}
-
-// src/upload.ts
-import { createLogger as createLogger6 } from "@parity/product-sdk-logger";
-import { submitAndWatch, withRetry } from "@parity/product-sdk-tx";
-import { Binary } from "polkadot-api";
-
-// src/resolve-signer.ts
-import { getPreimageManager as getPreimageManager2 } from "@parity/product-sdk-host";
-import { createLogger as createLogger5 } from "@parity/product-sdk-logger";
-var log5 = createLogger5("bulletin");
-async function resolveUploadStrategy(explicitSigner) {
-  if (explicitSigner) {
-    log5.debug("using explicit signer provided by caller");
-    return { kind: "signer", signer: explicitSigner };
-  }
-  const preimageManager = await getPreimageManager2();
-  if (preimageManager) {
-    log5.info("using host preimage API for bulletin upload");
-    return { kind: "preimage", submit: (data) => preimageManager.submit(data) };
+var HASH_CODE_TO_ENUM_TYPE = {
+  [HashAlgorithm.Blake2b256]: "Blake2b256",
+  [HashAlgorithm.Sha2_256]: "Sha2_256",
+  [HashAlgorithm.Keccak256]: "Keccak256"
+};
+async function verifyOnChain(api, cid, options) {
+  const parsed = parseCidForVerify(cid);
+  const queryFn = api.query?.TransactionStorage?.Transactions?.getValue;
+  if (!queryFn) {
+    throw new Error(
+      "Bulletin API does not expose query.TransactionStorage.Transactions \u2014 the typed API may be incomplete or the runtime version doesn't match the descriptor."
+    );
   }
-  throw new BulletinHostUnavailableError("upload");
-}
-if (void 0) {
-  const { describe, test, expect, vi } = void 0;
-  describe("resolveUploadStrategy", () => {
-    test("returns explicit signer when provided", async () => {
-      const signer = { publicKey: new Uint8Array(32) };
-      const strategy = await resolveUploadStrategy(signer);
-      expect(strategy.kind).toBe("signer");
-      if (strategy.kind === "signer") {
-        expect(strategy.signer).toBe(signer);
-      }
-    });
-  });
-}
-
-// src/upload.ts
-var log6 = createLogger6("bulletin");
-async function upload(api, data, signer, options) {
-  const strategy = await resolveUploadStrategy(signer);
-  const cid = computeCid(data);
-  if (strategy.kind === "preimage") {
-    log6.info("uploading via host preimage API", { cid, size: data.byteLength });
-    const preimageKey = await strategy.submit(data);
-    log6.info("preimage submitted successfully", { cid, preimageKey });
-    return {
-      kind: "preimage",
-      cid,
-      preimageKey,
-      gatewayUrl: options?.gateway ? gatewayUrl(cid, options.gateway) : void 0
-    };
+  const entries = await queryFn(options.block);
+  if (!entries || entries.length === 0) return null;
+  if (options.index !== void 0) {
+    const entry = entries[options.index];
+    if (entry && matchesEntry(entry, parsed)) {
+      return {
+        block: options.block,
+        index: options.index,
+        size: entry.size,
+        blockChunks: entry.block_chunks
+      };
+    }
+    return null;
   }
-  log6.info("uploading via TransactionStorage.store", { cid, size: data.byteLength });
-  const result = await withRetry(() => {
-    const tx = api.tx.TransactionStorage.store({ data: Binary.fromBytes(data) });
-    return submitAndWatch(tx, strategy.signer, {
-      waitFor: options?.waitFor,
-      timeoutMs: options?.timeoutMs,
-      onStatus: options?.onStatus
-    });
-  });
-  log6.info("transaction included in block", { cid, blockHash: result.block.hash });
-  return {
-    kind: "transaction",
-    cid,
-    blockHash: result.block.hash,
-    gatewayUrl: options?.gateway ? gatewayUrl(cid, options.gateway) : void 0
-  };
-}
-async function batchUpload(api, items, signer, options) {
-  if (items.length === 0) return [];
-  const strategy = await resolveUploadStrategy(signer);
-  const results = [];
-  for (let i = 0; i < items.length; i++) {
-    const item = items[i];
-    const cid = computeCid(item.data);
-    try {
-      if (strategy.kind === "preimage") {
-        log6.info("batch: uploading item via preimage", {
-          label: item.label,
-          index: i,
-          total: items.length
-        });
-        const preimageKey = await strategy.submit(item.data);
-        const entry = {
-          kind: "preimage",
-          label: item.label,
-          cid,
-          success: true,
-          preimageKey,
-          gatewayUrl: options?.gateway ? gatewayUrl(cid, options.gateway) : void 0
-        };
-        results.push(entry);
-        options?.onProgress?.(i + 1, items.length, entry);
-      } else {
-        log6.info("batch: uploading item via transaction", {
-          label: item.label,
-          index: i,
-          total: items.length
-        });
-        const result = await withRetry(() => {
-          const tx = api.tx.TransactionStorage.store({
-            data: Binary.fromBytes(item.data)
-          });
-          return submitAndWatch(tx, strategy.signer, {
-            waitFor: options?.waitFor,
-            timeoutMs: options?.timeoutMs
-          });
-        });
-        const entry = {
-          kind: "transaction",
-          label: item.label,
-          cid,
-          success: true,
-          blockHash: result.block.hash,
-          gatewayUrl: options?.gateway ? gatewayUrl(cid, options.gateway) : void 0
-        };
-        results.push(entry);
-        options?.onProgress?.(i + 1, items.length, entry);
-      }
-    } catch (err) {
-      log6.error("batch: item upload failed", {
-        label: item.label,
+  for (let i = 0; i < entries.length; i++) {
+    const entry = entries[i];
+    if (matchesEntry(entry, parsed)) {
+      return {
+        block: options.block,
         index: i,
-        error: err instanceof Error ? err.message : String(err)
-      });
-      const entry = {
-        kind: strategy.kind === "preimage" ? "preimage" : "transaction",
-        label: item.label,
-        cid,
-        success: false,
-        error: err instanceof Error ? err.message : String(err)
+        size: entry.size,
+        blockChunks: entry.block_chunks
       };
-      results.push(entry);
-      options?.onProgress?.(i + 1, items.length, entry);
     }
   }
-  return results;
+  return null;
 }
-if (void 0) {
-  let createMockApi = function() {
-    return {
-      tx: {
-        TransactionStorage: {
-          store: vi.fn().mockReturnValue({
-            signSubmitAndWatch: () => ({
-              subscribe: (handlers) => {
-                queueMicrotask(() => {
-                  handlers.next({ type: "signed", txHash: "0xtxhash" });
-                  handlers.next({
-                    type: "txBestBlocksState",
-                    txHash: "0xtxhash",
-                    found: true,
-                    ok: true,
-                    block: { hash: "0xblockhash", number: 1, index: 0 },
-                    events: []
-                  });
-                });
-                return { unsubscribe: vi.fn() };
-              }
-            })
-          })
-        }
-      }
-    };
-  };
-  createMockApi2 = createMockApi;
-  const { describe, test, expect, vi } = void 0;
-  const mockSigner = {};
-  describe("upload", () => {
-    test("calls TransactionStorage.store and returns CID + blockHash with explicit signer", async () => {
-      const api = createMockApi();
-      const data = new TextEncoder().encode("test data");
-      const result = await upload(api, data, mockSigner);
-      expect(api.tx.TransactionStorage.store).toHaveBeenCalledOnce();
-      expect(result.kind).toBe("transaction");
-      expect(result.cid).toBeTruthy();
-      if (result.kind === "transaction") {
-        expect(result.blockHash).toBe("0xblockhash");
-      }
-    });
-    test("includes gatewayUrl when gateway option provided", async () => {
-      const api = createMockApi();
-      const data = new TextEncoder().encode("test");
-      const result = await upload(api, data, mockSigner, {
-        gateway: "https://gw/ipfs/"
-      });
-      expect(result.gatewayUrl).toBe(`https://gw/ipfs/${result.cid}`);
-    });
-    test("omits gatewayUrl when no gateway option", async () => {
-      const api = createMockApi();
-      const data = new TextEncoder().encode("test");
-      const result = await upload(api, data, mockSigner);
-      expect(result.gatewayUrl).toBeUndefined();
-    });
-  });
-  describe("batchUpload", () => {
-    test("returns empty array for empty items", async () => {
-      const api = createMockApi();
-      const results = await batchUpload(api, [], mockSigner);
-      expect(results).toEqual([]);
-    });
-    test("processes items sequentially with explicit signer", async () => {
-      const api = createMockApi();
-      const items = [
-        { data: new TextEncoder().encode("a"), label: "file-a" },
-        { data: new TextEncoder().encode("b"), label: "file-b" }
-      ];
-      const results = await batchUpload(api, items, mockSigner);
-      expect(results).toHaveLength(2);
-      expect(results[0].kind).toBe("transaction");
-      expect(results[0].label).toBe("file-a");
-      expect(results[0].success).toBe(true);
-      expect(results[1].kind).toBe("transaction");
-      expect(results[1].label).toBe("file-b");
-      expect(results[1].success).toBe(true);
-    });
-    test("captures individual failures without aborting batch", async () => {
-      const api = createMockApi();
-      let callCount = 0;
-      api.tx.TransactionStorage.store.mockImplementation(() => {
-        callCount++;
-        if (callCount === 2) {
-          return {
-            signSubmitAndWatch: () => ({
-              subscribe: (handlers) => {
-                queueMicrotask(() => {
-                  handlers.next({ type: "signed", txHash: "0x" });
-                  handlers.next({
-                    type: "txBestBlocksState",
-                    txHash: "0x",
-                    found: true,
-                    ok: false,
-                    block: { hash: "0xblock", number: 1, index: 0 },
-                    events: [],
-                    dispatchError: { type: "BadOrigin" }
-                  });
-                });
-                return { unsubscribe: vi.fn() };
-              }
-            })
-          };
-        }
-        return {
-          signSubmitAndWatch: () => ({
-            subscribe: (handlers) => {
-              queueMicrotask(() => {
-                handlers.next({ type: "signed", txHash: "0x" });
-                handlers.next({
-                  type: "txBestBlocksState",
-                  txHash: "0x",
-                  found: true,
-                  ok: true,
-                  block: { hash: "0xblock", number: 1, index: 0 },
-                  events: []
-                });
-              });
-              return { unsubscribe: vi.fn() };
-            }
-          })
-        };
-      });
-      const items = [
-        { data: new TextEncoder().encode("a"), label: "ok" },
-        { data: new TextEncoder().encode("b"), label: "fail" },
-        { data: new TextEncoder().encode("c"), label: "ok2" }
-      ];
-      const results = await batchUpload(api, items, mockSigner);
-      expect(results).toHaveLength(3);
-      expect(results[0].kind).toBe("transaction");
-      expect(results[0].success).toBe(true);
-      const f1 = results[1];
-      expect(f1.kind).toBe("transaction");
-      expect(f1.success).toBe(false);
-      if (!f1.success) expect(f1.error).toContain("BadOrigin");
-      expect(results[2].success).toBe(true);
-    });
-    test("calls onProgress for each item", async () => {
-      const api = createMockApi();
-      const items = [
-        { data: new TextEncoder().encode("a"), label: "a" },
-        { data: new TextEncoder().encode("b"), label: "b" }
-      ];
-      const progress = [];
-      await batchUpload(api, items, mockSigner, {
-        onProgress: (done, total, current) => progress.push([done, total, current.label])
-      });
-      expect(progress).toEqual([
-        [1, 2, "a"],
-        [2, 2, "b"]
-      ]);
-    });
-  });
+function parseCidForVerify(cid) {
+  let parsed;
+  try {
+    parsed = CID.parse(cid);
+  } catch {
+    throw new BulletinCidError(`Invalid CID: ${cid}`, cid);
+  }
+  if (parsed.version !== 1) {
+    throw new BulletinCidError(`Expected CIDv1, got CIDv${parsed.version}`, cid);
+  }
+  const hashType = HASH_CODE_TO_ENUM_TYPE[parsed.multihash.code];
+  if (!hashType) {
+    throw new BulletinCidError(
+      `Unsupported hash algorithm 0x${parsed.multihash.code.toString(16)}`,
+      cid
+    );
+  }
+  return { digest: parsed.multihash.digest, hashType };
+}
+function matchesEntry(entry, target) {
+  if (entry.hashing.type !== target.hashType) return false;
+  const onChainBytes = entry.content_hash instanceof Uint8Array ? entry.content_hash : entry.content_hash.asBytes();
+  if (onChainBytes.length !== target.digest.length) return false;
+  for (let i = 0; i < onChainBytes.length; i++) {
+    if (onChainBytes[i] !== target.digest[i]) return false;
+  }
+  return true;
 }
-var createMockApi2;
 
 // src/client.ts
+var log4 = createLogger("bulletin");
 var BulletinClient = class _BulletinClient {
+  /** Underlying upstream client — exposed for power users. */
+  inner;
+  /** Typed Bulletin Chain API. */
   api;
-  gateway;
+  /** Lazy-resolved host-preimage query strategy, cached for the client lifetime. */
   queryStrategyPromise = null;
-  constructor(api, gateway) {
+  /** Constructed via {@link create} or {@link from}. */
+  constructor(inner, api) {
+    this.inner = inner;
     this.api = api;
-    this.gateway = gateway;
   }
-  /** Lazily resolve and cache the query strategy for the client lifetime. */
+  /** Resolve and cache the host query strategy on first use. */
   resolveQuery() {
     if (!this.queryStrategyPromise) {
       this.queryStrategyPromise = resolveQueryStrategy();
     }
     return this.queryStrategyPromise;
   }
-  /** Create from an environment — resolves API via chain-client, gateway from known list. */
-  static async create(env) {
-    const chain = await getChainAPI(env);
-    return new _BulletinClient(chain.bulletin, getGateway(env));
-  }
-  /** Create from an explicit API and gateway (custom setups, testing). */
-  static from(api, gateway) {
-    return new _BulletinClient(api, gateway);
-  }
-  /** Compute CID without uploading. Static — no instance needed. */
-  static computeCid(data) {
-    return computeCid(data);
-  }
   /**
-   * Reconstruct a CID from a `0x`-prefixed hex hash. Static — no instance needed.
+   * Create a client from an environment shorthand or an explicit network.
    *
-   * Useful for converting on-chain hashes back to CIDs for IPFS gateway lookups.
-   * Pass optional hash algorithm and codec to match the on-chain CID configuration.
+   * Environment form uses our `getChainAPI(env)` to resolve the typed API.
+   * Explicit form skips the environment lookup and lets you pass any
+   * genesis/descriptor combo.
    *
-   * @see {@link hashToCid} for full documentation.
-   */
-  static hashToCid(hexHash, hashCode, codec) {
-    return hashToCid(hexHash, hashCode, codec);
-  }
-  /**
-   * Upload data to the Bulletin Chain.
+   * @example
+   * ```ts
+   * // Shorthand
+   * const client = await BulletinClient.create({ environment: "paseo", signer });
    *
-   * @param data   - Raw bytes to store.
-   * @param signer - Optional signer. When omitted, uses the host preimage API.
-   * @param options - Upload options (timeout, waitFor, status callback).
+   * // Explicit (custom network)
+   * const client = await BulletinClient.create({
+   *   ...BulletinChain.paseo,
+   *   signer,
+   *   config: { defaultChunkSize: 1 << 20 },
+   * });
+   * ```
    */
-  async upload(data, signer, options) {
-    return upload(this.api, data, signer, { ...options, gateway: this.gateway });
+  static async create(options) {
+    if ("environment" in options) {
+      const chain2 = await getChainAPI(options.environment);
+      const inner2 = new AsyncBulletinClient(
+        chain2.bulletin,
+        options.signer,
+        chain2.raw.bulletin.submit,
+        options.config,
+        () => chain2.destroy()
+      );
+      log4.info("BulletinClient created (environment shorthand)", {
+        environment: options.environment
+      });
+      return new _BulletinClient(inner2, chain2.bulletin);
+    }
+    const { genesisHash, descriptor, signer, config } = options;
+    if (descriptor.genesis && genesisHash.toLowerCase() !== descriptor.genesis.toLowerCase()) {
+      throw new Error(
+        `BulletinClient.create: genesisHash (${genesisHash}) does not match descriptor.genesis (${descriptor.genesis}). These must refer to the same network \u2014 check that you're pairing the right descriptor with the right genesis hash.`
+      );
+    }
+    const chain = await createChainClient({
+      chains: { bulletin: descriptor },
+      rpcs: { bulletin: [] }
+    });
+    const inner = new AsyncBulletinClient(
+      chain.bulletin,
+      signer,
+      chain.raw.bulletin.submit,
+      config,
+      () => chain.destroy()
+    );
+    log4.info("BulletinClient created (explicit network)");
+    return new _BulletinClient(inner, chain.bulletin);
   }
   /**
-   * Upload multiple items sequentially.
+   * Construct from a pre-built `AsyncBulletinClient` and PAPI typed API.
    *
-   * @param items  - Array of items to upload, each with data and a label.
-   * @param signer - Optional signer. When omitted, auto-resolved.
-   * @param options - Batch upload options (timeout, progress callback).
+   * Use this when you already own the connection lifecycle (BYOD setups,
+   * tests). The caller is responsible for calling `papiClient.destroy()`
+   * — this client's {@link destroy} only tears down the upstream's
+   * `onDestroy` hook.
    */
-  async batchUpload(items, signer, options) {
-    return batchUpload(this.api, items, signer, { ...options, gateway: this.gateway });
+  static from(inner, api) {
+    return new _BulletinClient(inner, api);
   }
+  // ─── Upload + authorization (forwarded to upstream) ────────────────
+  /** Build a store transaction. See upstream `StoreBuilder` for chained options. */
+  store(data) {
+    return this.inner.store(data);
+  }
+  /** Authorize an account to store data on the chain (sudo required on most networks). */
+  authorizeAccount(who, transactions, bytes) {
+    return this.inner.authorizeAccount(who, transactions, bytes);
+  }
+  /** Authorize content storage by hash (anyone can store; no fees). */
+  authorizePreimage(contentHash, maxSize) {
+    return this.inner.authorizePreimage(contentHash, maxSize);
+  }
+  /** Renew a stored transaction by block + index. */
+  renew(block, index) {
+    return this.inner.renew(block, index);
+  }
+  /** Estimate the authorization (transactions + bytes) needed for `dataSize`. */
+  estimateAuthorization(dataSize) {
+    return this.inner.estimateAuthorization(dataSize);
+  }
+  // ─── Read side (our own helpers) ───────────────────────────────────
   /**
-   * Fetch raw bytes by CID.
+   * Fetch raw bytes for a CID via the host's preimage lookup.
    *
-   * Uses host preimage lookup with caching.
+   * Container-only — outside a Polkadot Browser / Desktop host this
+   * throws {@link BulletinHostUnavailableError}. The chain stores
+   * content metadata (`content_hash`, size, codec) but the bytes
+   * themselves are surfaced through the host's preimage subscription.
+   *
+   * Use {@link verifyOnChain} if you only need to confirm a CID was
+   * recorded on-chain (no byte fetch).
    */
   async fetchBytes(cid, options) {
     const strategy = await this.resolveQuery();
     return executeQuery(strategy, cid, options);
   }
-  /**
-   * Fetch and parse JSON by CID.
-   *
-   * Auto-resolves query path (same as {@link fetchBytes}).
-   */
+  /** Fetch and parse JSON for a CID. */
   async fetchJson(cid, options) {
     const bytes = await this.fetchBytes(cid, options);
     return JSON.parse(new TextDecoder().decode(bytes));
   }
-  /** Check if a CID exists on the gateway. */
-  async cidExists(cid) {
-    return cidExists(cid, this.gateway);
-  }
-  /** Build the full gateway URL for a CID. */
-  gatewayUrl(cid) {
-    return gatewayUrl(cid, this.gateway);
+  /** Pre-flight: check whether `address` can store on the bulletin chain. */
+  async checkAuthorization(address) {
+    return checkAuthorization(this.api, address);
   }
   /**
-   * Check whether an account is authorized to store data on the Bulletin Chain.
-   *
-   * Use as a pre-flight check before {@link upload} to provide clear UX
-   * instead of letting the transaction fail mid-execution.
+   * Verify that a CID was recorded on-chain at the given block.
    *
-   * @param address - SS58-encoded account address to check.
-   * @returns Authorization status with remaining quota.
-   *
-   * @see {@link checkAuthorization} for the standalone function equivalent.
+   * Common pattern: pass `blockNumber` (and optionally `extrinsicIndex`)
+   * from a `store(...).send()` receipt to confirm the upload landed.
+   * See {@link verifyOnChain} for details.
    */
-  async checkAuthorization(address) {
-    return checkAuthorization(this.api, address);
+  async verifyOnChain(cid, options) {
+    return verifyOnChain(this.api, cid, options);
+  }
+  /** Tear down the underlying connection. */
+  async destroy() {
+    await this.inner.destroy();
   }
 };
-if (void 0) {
-  const { describe, test, expect, vi } = void 0;
-  const mockApi = {
-    tx: {
-      TransactionStorage: {
-        store: vi.fn().mockReturnValue({
-          signSubmitAndWatch: () => ({
-            subscribe: (handlers) => {
-              queueMicrotask(() => {
-                handlers.next({ type: "signed", txHash: "0x" });
-                handlers.next({
-                  type: "txBestBlocksState",
-                  txHash: "0x",
-                  found: true,
-                  ok: true,
-                  block: { hash: "0xblock", number: 1, index: 0 },
-                  events: []
-                });
-              });
-              return { unsubscribe: vi.fn() };
-            }
-          })
-        })
-      }
-    }
+var BulletinChain = {
+  paseo: {
+    genesisHash: "0x744960c32e3a3df5440e1ecd4d34096f1ce2230d7016a5ada8a765d5a622b4ea",
+    descriptor: bulletin
+  }
+};
+
+// src/lazy-signer.ts
+function createLazySigner(getSigner, onMissing = "No signer available \u2014 connect a wallet and select an account first.") {
+  const resolve = () => {
+    const inner = getSigner();
+    if (!inner) throw new Error(onMissing);
+    return inner;
   };
-  const GATEWAY = "https://test-gw/ipfs/";
-  describe("BulletinClient", () => {
-    test("from() creates client with given API and gateway", () => {
-      const client = BulletinClient.from(mockApi, GATEWAY);
-      expect(client.api).toBe(mockApi);
-      expect(client.gateway).toBe(GATEWAY);
-    });
-    test("computeCid() is static and delegates to standalone", () => {
-      const data = new TextEncoder().encode("hello");
-      const cid = BulletinClient.computeCid(data);
-      expect(cid).toBe(computeCid(data));
-    });
-    test("hashToCid() is static and delegates to standalone", () => {
-      const data = new TextEncoder().encode("hello");
-      const cid = computeCid(data);
-      const key = cidToPreimageKey2(cid);
-      expect(BulletinClient.hashToCid(key)).toBe(cid);
-    });
-    test("gatewayUrl() returns gateway + cid", () => {
-      const client = BulletinClient.from(mockApi, GATEWAY);
-      expect(client.gatewayUrl("bafyabc")).toBe("https://test-gw/ipfs/bafyabc");
-    });
-    test("upload() passes gateway from client with explicit signer", async () => {
-      const client = BulletinClient.from(mockApi, GATEWAY);
-      const data = new TextEncoder().encode("test");
-      const result = await client.upload(data, {});
-      expect(result.gatewayUrl).toContain(GATEWAY);
-      expect(result.cid).toBeTruthy();
-    });
-    test("checkAuthorization delegates to standalone", async () => {
-      const authMockApi = {
-        ...mockApi,
-        query: {
-          TransactionStorage: {
-            Authorizations: {
-              getValue: vi.fn().mockResolvedValue({
-                extent: { transactions: 5, bytes: 2000n },
-                expiration: 100
-              })
-            }
-          }
-        }
-      };
-      const client = BulletinClient.from(authMockApi, GATEWAY);
-      const status = await client.checkAuthorization("5GrwvaEF...");
-      expect(status.authorized).toBe(true);
-      expect(status.remainingTransactions).toBe(5);
-      expect(status.remainingBytes).toBe(2000n);
-    });
-  });
+  const lazy = {
+    get publicKey() {
+      return resolve().publicKey;
+    },
+    signTx: async (...args) => resolve().signTx(...args),
+    signBytes: async (...args) => resolve().signBytes(...args)
+  };
+  return lazy;
 }
-export {
-  BulletinAuthorizationError,
-  BulletinCidError,
-  BulletinClient,
-  BulletinError,
-  BulletinGatewayFetchError,
-  BulletinGatewayUnavailableError,
-  BulletinHostUnavailableError,
-  BulletinLookupInterruptedError,
-  BulletinLookupTimeoutError,
-  CidCodec,
-  HashAlgorithm,
-  batchUpload,
-  checkAuthorization,
-  cidExists,
-  cidToPreimageKey,
-  computeCid,
-  fetchBytes,
-  fetchJson,
-  gatewayUrl,
-  getGateway,
-  hashToCid,
-  queryBytes,
-  queryJson,
-  resolveQueryStrategy,
-  resolveUploadStrategy,
-  upload
-};
+
+export { BulletinAuthorizationError, BulletinChain, BulletinCidError, BulletinClient, BulletinHostUnavailableError, BulletinLookupInterruptedError, BulletinLookupTimeoutError, CidCodec, HashAlgorithm, ProductBulletinError, authorizeAccount, checkAuthorization, cidToPreimageKey, createLazySigner, executeQuery, hashToCid, queryBytes, queryJson, resolveQueryStrategy, verifyOnChain };
+//# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map