@permissionless-technologies/upp-sdk 0.1.0

package/dist/chunk-TSF6HEVS.cjs

@@ -0,0 +1,201 @@
+'use strict';
+
+var chunkJWNXBALH_cjs = require('./chunk-JWNXBALH.cjs');
+
+// src/utils/babyjubjub.ts
+chunkJWNXBALH_cjs.init_poseidon();
+var babyjubInstance = null;
+async function initBabyJub() {
+  if (babyjubInstance === null) {
+    const { buildBabyjub } = await import('circomlibjs');
+    babyjubInstance = await buildBabyjub();
+  }
+  return babyjubInstance;
+}
+async function getSubOrder() {
+  const babyjub = await initBabyJub();
+  return babyjub.subOrder;
+}
+async function getBasePoint() {
+  const babyjub = await initBabyJub();
+  return {
+    x: babyjub.F.toObject(babyjub.Base8[0]),
+    y: babyjub.F.toObject(babyjub.Base8[1])
+  };
+}
+async function isOnCurve(point) {
+  const babyjub = await initBabyJub();
+  const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)];
+  return babyjub.inCurve(internal);
+}
+async function mulPointScalar(point, scalar) {
+  const babyjub = await initBabyJub();
+  const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)];
+  const result = babyjub.mulPointEscalar(internal, scalar);
+  return {
+    x: babyjub.F.toObject(result[0]),
+    y: babyjub.F.toObject(result[1])
+  };
+}
+async function addPoints(p1, p2) {
+  const babyjub = await initBabyJub();
+  const internal1 = [babyjub.F.e(p1.x), babyjub.F.e(p1.y)];
+  const internal2 = [babyjub.F.e(p2.x), babyjub.F.e(p2.y)];
+  const result = babyjub.addPoint(internal1, internal2);
+  return {
+    x: babyjub.F.toObject(result[0]),
+    y: babyjub.F.toObject(result[1])
+  };
+}
+async function privateToPublic(privateKey) {
+  const babyjub = await initBabyJub();
+  const scalar = privateKey % babyjub.subOrder;
+  const result = babyjub.mulPointEscalar(babyjub.Base8, scalar);
+  return {
+    x: babyjub.F.toObject(result[0]),
+    y: babyjub.F.toObject(result[1])
+  };
+}
+async function computeSharedSecret(myPrivateKey, theirPublicKey) {
+  return mulPointScalar(theirPublicKey, myPrivateKey);
+}
+function packPoint(point) {
+  const ySign = point.y % 2n;
+  return point.x | ySign << 254n;
+}
+function pointToTuple(point) {
+  return [point.x, point.y];
+}
+function tupleToPoint(tuple) {
+  return { x: tuple[0], y: tuple[1] };
+}
+var BABYJUBJUB_A = 168700n;
+var BABYJUBJUB_D = 168696n;
+var BABYJUBJUB_P = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+function modPow(base, exp, p) {
+  let result = 1n;
+  base = (base % p + p) % p;
+  while (exp > 0n) {
+    if (exp % 2n === 1n) {
+      result = result * base % p;
+    }
+    exp = exp / 2n;
+    base = base * base % p;
+  }
+  return result;
+}
+function modInverse(a, p) {
+  return modPow(a, p - 2n, p);
+}
+function modSqrt(n, p) {
+  n = (n % p + p) % p;
+  if (n === 0n) return 0n;
+  if (modPow(n, (p - 1n) / 2n, p) !== 1n) {
+    return null;
+  }
+  let q = p - 1n;
+  let s = 0n;
+  while (q % 2n === 0n) {
+    q = q / 2n;
+    s++;
+  }
+  let z = 2n;
+  while (modPow(z, (p - 1n) / 2n, p) !== p - 1n) {
+    z++;
+  }
+  let m = s;
+  let c = modPow(z, q, p);
+  let t = modPow(n, q, p);
+  let r = modPow(n, (q + 1n) / 2n, p);
+  while (true) {
+    if (t === 1n) return r;
+    let i = 1n;
+    let temp = t * t % p;
+    while (temp !== 1n) {
+      temp = temp * temp % p;
+      i++;
+    }
+    const b = modPow(c, modPow(2n, m - i - 1n, p - 1n), p);
+    m = i;
+    c = b * b % p;
+    t = t * c % p;
+    r = r * b % p;
+  }
+}
+async function reconstructPointFromX(x) {
+  const p = BABYJUBJUB_P;
+  x = (x % p + p) % p;
+  const x2 = x * x % p;
+  const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p;
+  const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p;
+  if (denominator === 0n) {
+    return null;
+  }
+  const y2 = numerator * modInverse(denominator, p) % p;
+  const y = modSqrt(y2, p);
+  if (y === null) {
+    return null;
+  }
+  const yAlt = p - y;
+  const yCanonical = y < yAlt ? y : yAlt;
+  const point = { x, y: yCanonical };
+  if (!await isOnCurve(point)) {
+    const pointAlt = { x, y: y < yAlt ? yAlt : y };
+    if (!await isOnCurve(pointAlt)) {
+      return null;
+    }
+    return pointAlt;
+  }
+  return point;
+}
+async function reconstructPointFromXWithParity(x, yParity) {
+  const p = BABYJUBJUB_P;
+  x = (x % p + p) % p;
+  const x2 = x * x % p;
+  const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p;
+  const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p;
+  if (denominator === 0n) return null;
+  const y2 = numerator * modInverse(denominator, p) % p;
+  const y = modSqrt(y2, p);
+  if (y === null) return null;
+  const actualParity = Number(y % 2n);
+  const finalY = actualParity === yParity ? y : p - y;
+  return { x, y: finalY };
+}
+async function deriveEncryptionViewingKey(masterViewingPubKey, nonce) {
+  const { poseidonScalar } = await import('./poseidon-WHJSZSNP.cjs');
+  const babyjub = await initBabyJub();
+  const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce]);
+  const offset = babyjub.mulPointEscalar(babyjub.Base8, scalar);
+  const mvkInternal = [
+    babyjub.F.e(masterViewingPubKey.x),
+    babyjub.F.e(masterViewingPubKey.y)
+  ];
+  const result = babyjub.addPoint(mvkInternal, offset);
+  return {
+    x: babyjub.F.toObject(result[0]),
+    y: babyjub.F.toObject(result[1])
+  };
+}
+async function deriveDecryptionViewingKey(masterViewingPrivKey, masterViewingPubKey, nonce) {
+  const { poseidonScalar } = await import('./poseidon-WHJSZSNP.cjs');
+  const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce]);
+  return (masterViewingPrivKey + scalar) % chunkJWNXBALH_cjs.BABYJUBJUB_SUBORDER;
+}
+
+exports.addPoints = addPoints;
+exports.computeSharedSecret = computeSharedSecret;
+exports.deriveDecryptionViewingKey = deriveDecryptionViewingKey;
+exports.deriveEncryptionViewingKey = deriveEncryptionViewingKey;
+exports.getBasePoint = getBasePoint;
+exports.getSubOrder = getSubOrder;
+exports.isOnCurve = isOnCurve;
+exports.mulPointScalar = mulPointScalar;
+exports.packPoint = packPoint;
+exports.pointToTuple = pointToTuple;
+exports.privateToPublic = privateToPublic;
+exports.reconstructPointFromX = reconstructPointFromX;
+exports.reconstructPointFromXWithParity = reconstructPointFromXWithParity;
+exports.tupleToPoint = tupleToPoint;
+//# sourceMappingURL=chunk-TSF6HEVS.cjs.map
+//# sourceMappingURL=chunk-TSF6HEVS.cjs.map

package/dist/chunk-TSF6HEVS.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/babyjubjub.ts"],"names":["init_poseidon","BABYJUBJUB_SUBORDER"],"mappings":";;;;;AAUAA,+BAAA,EAAA;AA+BA,IAAI,eAAA,GAAqC,IAAA;AAKzC,eAAe,WAAA,GAAmC;AAChD,EAAA,IAAI,oBAAoB,IAAA,EAAM;AAC5B,IAAA,MAAM,EAAE,YAAA,EAAa,GAAI,MAAM,OAAO,aAAa,CAAA;AACnD,IAAA,eAAA,GAAkB,MAAM,YAAA,EAAa;AAAA,EACvC;AACA,EAAA,OAAO,eAAA;AACT;AAKA,eAAsB,WAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO,OAAA,CAAQ,QAAA;AACjB;AAKA,eAAsB,YAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtC,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC;AAAA,GACxC;AACF;AAKA,eAAsB,UAAU,KAAA,EAAgC;AAC9D,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAC5D,EAAA,OAAO,OAAA,CAAQ,QAAQ,QAAQ,CAAA;AACjC;AASA,eAAsB,cAAA,CAAe,OAAc,MAAA,EAAgC;AACjF,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAG5D,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,QAAA,EAAU,MAAM,CAAA;AAEvD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAKA,eAAsB,SAAA,CAAU,IAAW,EAAA,EAA2B;AACpE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AACvD,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,SAAA,EAAW,SAAS,CAAA;AAEpD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AASA,eAAsB,gBAAgB,UAAA,EAAoC;AACxE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,aAAa,OAAA,CAAQ,QAAA;AAGpC,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAE5D,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAUA,eAAsB,mBAAA,CACpB,cACA,cAAA,EACgB;AAChB,EAAA,OAAO,cAAA,CAAe,gBAAgB,YAAY,CAAA;AACpD;AAMO,SAAS,UAAU,KAAA,EAAsB;AAE9C,EAAA,MAAM,KAAA,GAAQ,MAAM,CAAA,GAAI,EAAA;AACxB,EAAA,OAAO,KAAA,CAAM,IAAK,KAAA,IAAS,IAAA;AAC7B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,CAAC,KAAA,CAAM,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA;AAC1B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,EAAE,GAAG,KAAA,CAAM,CAAC,GAAG,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA,EAAE;AACpC;AAIA,IAAM,YAAA,GAAe,OAAA;AACrB,IAAM,YAAA,GAAe,OAAA;AAErB,IAAM,YAAA,GAAe,8EAAA;AAKrB,SAAS,MAAA,CAAO,IAAA,EAAc,GAAA,EAAa,CAAA,EAAmB;AAC5D,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAA,GAAA,CAAS,IAAA,GAAO,IAAK,CAAA,IAAK,CAAA;AAC1B,EAAA,OAAO,MAAM,EAAA,EAAI;AACf,IAAA,IAAI,GAAA,GAAM,OAAO,EAAA,EAAI;AACnB,MAAA,MAAA,GAAU,SAAS,IAAA,GAAQ,CAAA;AAAA,IAC7B;AACA,IAAA,GAAA,GAAM,GAAA,GAAM,EAAA;AACZ,IAAA,IAAA,GAAQ,OAAO,IAAA,GAAQ,CAAA;AAAA,EACzB;AACA,EAAA,OAAO,MAAA;AACT;AAKA,SAAS,UAAA,CAAW,GAAW,CAAA,EAAmB;AAChD,EAAA,OAAO,MAAA,CAAO,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAC,CAAA;AAC5B;AAMA,SAAS,OAAA,CAAQ,GAAW,CAAA,EAA0B;AACpD,EAAA,CAAA,GAAA,CAAM,CAAA,GAAI,IAAK,CAAA,IAAK,CAAA;AACpB,EAAA,IAAI,CAAA,KAAM,IAAI,OAAO,EAAA;AAGrB,EAAA,IAAI,OAAO,CAAA,EAAA,CAAI,CAAA,GAAI,MAAM,EAAA,EAAI,CAAC,MAAM,EAAA,EAAI;AACtC,IAAA,OAAO,IAAA;AAAA,EACT;AAMA,EAAA,IAAI,IAAI,CAAA,GAAI,EAAA;AACZ,EAAA,IAAI,CAAA,GAAI,EAAA;AACR,EAAA,OAAO,CAAA,GAAI,OAAO,EAAA,EAAI;AACpB,IAAA,CAAA,GAAI,CAAA,GAAI,EAAA;AACR,IAAA,CAAA,EAAA;AAAA,EACF;AAGA,EAAA,IAAI,CAAA,GAAI,EAAA;AACR,EAAA,OAAO,MAAA,CAAO,IAAI,CAAA,GAAI,EAAA,IAAM,IAAI,CAAC,CAAA,KAAM,IAAI,EAAA,EAAI;AAC7C,IAAA,CAAA,EAAA;AAAA,EACF;AAEA,EAAA,IAAI,CAAA,GAAI,CAAA;AACR,EAAA,IAAI,CAAA,GAAI,MAAA,CAAO,CAAA,EAAG,CAAA,EAAG,CAAC,CAAA;AACtB,EAAA,IAAI,CAAA,GAAI,MAAA,CAAO,CAAA,EAAG,CAAA,EAAG,CAAC,CAAA;AACtB,EAAA,IAAI,IAAI,MAAA,CAAO,CAAA,EAAA,CAAI,CAAA,GAAI,EAAA,IAAM,IAAI,CAAC,CAAA;AAElC,EAAA,OAAO,IAAA,EAAM;AACX,IAAA,IAAI,CAAA,KAAM,IAAI,OAAO,CAAA;AAGrB,IAAA,IAAI,CAAA,GAAI,EAAA;AACR,IAAA,IAAI,IAAA,GAAQ,IAAI,CAAA,GAAK,CAAA;AACrB,IAAA,OAAO,SAAS,EAAA,EAAI;AAClB,MAAA,IAAA,GAAQ,OAAO,IAAA,GAAQ,CAAA;AACvB,MAAA,CAAA,EAAA;AAAA,IACF;AAGA,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAA,EAAG,MAAA,CAAO,EAAA,EAAI,CAAA,GAAI,CAAA,GAAI,EAAA,EAAI,CAAA,GAAI,EAAE,CAAA,EAAG,CAAC,CAAA;AACrD,IAAA,CAAA,GAAI,CAAA;AACJ,IAAA,CAAA,GAAK,IAAI,CAAA,GAAK,CAAA;AACd,IAAA,CAAA,GAAK,IAAI,CAAA,GAAK,CAAA;AACd,IAAA,CAAA,GAAK,IAAI,CAAA,GAAK,CAAA;AAAA,EAChB;AACF;AAcA,eAAsB,sBAAsB,CAAA,EAAkC;AAC5E,EAAA,MAAM,CAAA,GAAI,YAAA;AACV,EAAA,CAAA,GAAA,CAAM,CAAA,GAAI,IAAK,CAAA,IAAK,CAAA;AAGpB,EAAA,MAAM,EAAA,GAAM,IAAI,CAAA,GAAK,CAAA;AAGrB,EAAA,MAAM,SAAA,GAAA,CAAA,CAAc,EAAA,GAAK,YAAA,GAAe,EAAA,IAAM,IAAI,CAAA,IAAK,CAAA;AAGvD,EAAA,MAAM,WAAA,GAAA,CAAA,CAAgB,EAAA,GAAK,YAAA,GAAe,EAAA,IAAM,IAAI,CAAA,IAAK,CAAA;AAEzD,EAAA,IAAI,gBAAgB,EAAA,EAAI;AACtB,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,EAAA,GAAM,SAAA,GAAY,UAAA,CAAW,WAAA,EAAa,CAAC,CAAA,GAAK,CAAA;AAGtD,EAAA,MAAM,CAAA,GAAI,OAAA,CAAQ,EAAA,EAAI,CAAC,CAAA;AACvB,EAAA,IAAI,MAAM,IAAA,EAAM;AACd,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,MAAM,OAAO,CAAA,GAAI,CAAA;AACjB,EAAA,MAAM,UAAA,GAAa,CAAA,GAAI,IAAA,GAAO,CAAA,GAAI,IAAA;AAElC,EAAA,MAAM,KAAA,GAAQ,EAAE,CAAA,EAAG,CAAA,EAAG,UAAA,EAAW;AAGjC,EAAA,IAAI,CAAE,MAAM,SAAA,CAAU,KAAK,CAAA,EAAI;AAE7B,IAAA,MAAM,WAAW,EAAE,CAAA,EAAG,GAAG,CAAA,GAAI,IAAA,GAAO,OAAO,CAAA,EAAE;AAC7C,IAAA,IAAI,CAAE,MAAM,SAAA,CAAU,QAAQ,CAAA,EAAI;AAChC,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,OAAO,KAAA;AACT;AASA,eAAsB,+BAAA,CACpB,GACA,OAAA,EACuB;AACvB,EAAA,MAAM,CAAA,GAAI,YAAA;AACV,EAAA,CAAA,GAAA,CAAM,CAAA,GAAI,IAAK,CAAA,IAAK,CAAA;AAEpB,EAAA,MAAM,EAAA,GAAM,IAAI,CAAA,GAAK,CAAA;AACrB,EAAA,MAAM,SAAA,GAAA,CAAA,CAAc,EAAA,GAAK,YAAA,GAAe,EAAA,IAAM,IAAI,CAAA,IAAK,CAAA;AACvD,EAAA,MAAM,WAAA,GAAA,CAAA,CAAgB,EAAA,GAAK,YAAA,GAAe,EAAA,IAAM,IAAI,CAAA,IAAK,CAAA;AAEzD,EAAA,IAAI,WAAA,KAAgB,IAAI,OAAO,IAAA;AAE/B,EAAA,MAAM,EAAA,GAAM,SAAA,GAAY,UAAA,CAAW,WAAA,EAAa,CAAC,CAAA,GAAK,CAAA;AACtD,EAAA,MAAM,CAAA,GAAI,OAAA,CAAQ,EAAA,EAAI,CAAC,CAAA;AACvB,EAAA,IAAI,CAAA,KAAM,MAAM,OAAO,IAAA;AAGvB,EAAA,MAAM,YAAA,GAAe,MAAA,CAAO,CAAA,GAAI,EAAE,CAAA;AAClC,EAAA,MAAM,MAAA,GAAS,YAAA,KAAiB,OAAA,GAAU,CAAA,GAAI,CAAA,GAAI,CAAA;AAElD,EAAA,OAAO,EAAE,CAAA,EAAG,CAAA,EAAG,MAAA,EAAO;AACxB;AAcA,eAAsB,0BAAA,CACpB,qBACA,KAAA,EACgB;AAEhB,EAAA,MAAM,EAAE,cAAA,EAAe,GAAI,MAAM,OAAO,yBAAe,CAAA;AAEvD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAG5D,EAAA,MAAM,WAAA,GAAc;AAAA,IAClB,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC,CAAA;AAAA,IACjC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC;AAAA,GACnC;AAGA,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,WAAA,EAAa,MAAM,CAAA;AAEnD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAeA,eAAsB,0BAAA,CACpB,oBAAA,EACA,mBAAA,EACA,KAAA,EACiB;AAEjB,EAAA,MAAM,EAAE,cAAA,EAAe,GAAI,MAAM,OAAO,yBAAe,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,OAAA,CAAQ,uBAAuB,MAAA,IAAUC,qCAAA;AAC3C","file":"chunk-TSF6HEVS.cjs","sourcesContent":["/**\n * BabyJubJub Elliptic Curve Utilities\n *\n * Wrapper around circomlibjs BabyJubJub implementation.\n * Used for stealth addresses, key derivation, and ECDH.\n *\n * BabyJubJub is a twisted Edwards curve embedded in BN254's scalar field,\n * making it efficient for use in zk-SNARKs.\n */\n\nimport { BABYJUBJUB_SUBORDER } from './poseidon.js'\n\n/**\n * A point on the BabyJubJub curve\n */\nexport interface Point {\n  x: bigint\n  y: bigint\n}\n\n/**\n * Internal BabyJubJub field type from circomlibjs\n */\ntype BabyJubJubField = {\n  e: (val: bigint) => unknown\n  toObject: (val: unknown) => bigint\n}\n\n/**\n * BabyJubJub instance type from circomlibjs\n */\ntype BabyJubJub = {\n  F: BabyJubJubField\n  Base8: [unknown, unknown]\n  subOrder: bigint\n  mulPointEscalar: (p: [unknown, unknown], scalar: bigint) => [unknown, unknown]\n  addPoint: (p1: [unknown, unknown], p2: [unknown, unknown]) => [unknown, unknown]\n  inCurve: (p: [unknown, unknown]) => boolean\n}\n\n// Lazily initialized BabyJubJub instance\nlet babyjubInstance: BabyJubJub | null = null\n\n/**\n * Initialize BabyJubJub curve (lazy loading)\n */\nasync function initBabyJub(): Promise<BabyJubJub> {\n  if (babyjubInstance === null) {\n    const { buildBabyjub } = await import('circomlibjs')\n    babyjubInstance = await buildBabyjub() as BabyJubJub\n  }\n  return babyjubInstance as BabyJubJub\n}\n\n/**\n * Get the BabyJubJub subgroup order\n */\nexport async function getSubOrder(): Promise<bigint> {\n  const babyjub = await initBabyJub()\n  return babyjub.subOrder\n}\n\n/**\n * Get the generator point (Base8)\n */\nexport async function getBasePoint(): Promise<Point> {\n  const babyjub = await initBabyJub()\n  return {\n    x: babyjub.F.toObject(babyjub.Base8[0]),\n    y: babyjub.F.toObject(babyjub.Base8[1]),\n  }\n}\n\n/**\n * Check if a point is on the curve\n */\nexport async function isOnCurve(point: Point): Promise<boolean> {\n  const babyjub = await initBabyJub()\n  const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n  return babyjub.inCurve(internal)\n}\n\n/**\n * Scalar multiplication: point * scalar\n *\n * @param point - Point on the curve\n * @param scalar - Scalar value (mod subOrder)\n * @returns Resulting point\n */\nexport async function mulPointScalar(point: Point, scalar: bigint): Promise<Point> {\n  const babyjub = await initBabyJub()\n\n  // Convert to internal format\n  const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n\n  // Perform scalar multiplication\n  const result = babyjub.mulPointEscalar(internal, scalar)\n\n  return {\n    x: babyjub.F.toObject(result[0]),\n    y: babyjub.F.toObject(result[1]),\n  }\n}\n\n/**\n * Point addition: p1 + p2\n */\nexport async function addPoints(p1: Point, p2: Point): Promise<Point> {\n  const babyjub = await initBabyJub()\n\n  // Convert to internal format\n  const internal1 = [babyjub.F.e(p1.x), babyjub.F.e(p1.y)] as [unknown, unknown]\n  const internal2 = [babyjub.F.e(p2.x), babyjub.F.e(p2.y)] as [unknown, unknown]\n\n  // Add points\n  const result = babyjub.addPoint(internal1, internal2)\n\n  return {\n    x: babyjub.F.toObject(result[0]),\n    y: babyjub.F.toObject(result[1]),\n  }\n}\n\n/**\n * Generate public key from private key\n * pubKey = privateKey * Base8\n *\n * @param privateKey - Private key scalar (must be < subOrder)\n * @returns Public key point\n */\nexport async function privateToPublic(privateKey: bigint): Promise<Point> {\n  const babyjub = await initBabyJub()\n\n  // Ensure private key is in valid range\n  const scalar = privateKey % babyjub.subOrder\n\n  // pubKey = scalar * Base8\n  const result = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n  return {\n    x: babyjub.F.toObject(result[0]),\n    y: babyjub.F.toObject(result[1]),\n  }\n}\n\n/**\n * Compute ECDH shared secret\n * sharedSecret = myPrivateKey * theirPublicKey\n *\n * @param myPrivateKey - Your private key\n * @param theirPublicKey - Their public key\n * @returns Shared secret point\n */\nexport async function computeSharedSecret(\n  myPrivateKey: bigint,\n  theirPublicKey: Point\n): Promise<Point> {\n  return mulPointScalar(theirPublicKey, myPrivateKey)\n}\n\n/**\n * Pack a point into a single bigint (compressed form)\n * Uses the x-coordinate and a sign bit for y\n */\nexport function packPoint(point: Point): bigint {\n  // Use x-coordinate with y sign bit in high position\n  const ySign = point.y % 2n\n  return point.x | (ySign << 254n)\n}\n\n/**\n * Convert a point to tuple format [x, y] for use with snarkjs\n */\nexport function pointToTuple(point: Point): [bigint, bigint] {\n  return [point.x, point.y]\n}\n\n/**\n * Convert a tuple [x, y] to Point format\n */\nexport function tupleToPoint(tuple: [bigint, bigint]): Point {\n  return { x: tuple[0], y: tuple[1] }\n}\n\n// BabyJubJub curve parameters\n// Curve: a*x² + y² = 1 + d*x²*y²\nconst BABYJUBJUB_A = 168700n\nconst BABYJUBJUB_D = 168696n\n// Field prime (BN254 scalar field)\nconst BABYJUBJUB_P = 21888242871839275222246405745257275088548364400416034343698204186575808495617n\n\n/**\n * Modular exponentiation: base^exp mod p\n */\nfunction modPow(base: bigint, exp: bigint, p: bigint): bigint {\n  let result = 1n\n  base = ((base % p) + p) % p\n  while (exp > 0n) {\n    if (exp % 2n === 1n) {\n      result = (result * base) % p\n    }\n    exp = exp / 2n\n    base = (base * base) % p\n  }\n  return result\n}\n\n/**\n * Modular inverse using Fermat's little theorem: a^(-1) = a^(p-2) mod p\n */\nfunction modInverse(a: bigint, p: bigint): bigint {\n  return modPow(a, p - 2n, p)\n}\n\n/**\n * Tonelli-Shanks algorithm for modular square root\n * Returns sqrt(n) mod p, or null if no square root exists\n */\nfunction modSqrt(n: bigint, p: bigint): bigint | null {\n  n = ((n % p) + p) % p\n  if (n === 0n) return 0n\n\n  // Check if n is a quadratic residue (Euler's criterion)\n  if (modPow(n, (p - 1n) / 2n, p) !== 1n) {\n    return null // No square root exists\n  }\n\n  // For p ≡ 3 (mod 4), sqrt(n) = n^((p+1)/4) mod p\n  // BN254 scalar field: p ≡ 1 (mod 4), so we need Tonelli-Shanks\n\n  // Factor out powers of 2 from p - 1\n  let q = p - 1n\n  let s = 0n\n  while (q % 2n === 0n) {\n    q = q / 2n\n    s++\n  }\n\n  // Find a quadratic non-residue\n  let z = 2n\n  while (modPow(z, (p - 1n) / 2n, p) !== p - 1n) {\n    z++\n  }\n\n  let m = s\n  let c = modPow(z, q, p)\n  let t = modPow(n, q, p)\n  let r = modPow(n, (q + 1n) / 2n, p)\n\n  while (true) {\n    if (t === 1n) return r\n\n    // Find the least i such that t^(2^i) = 1\n    let i = 1n\n    let temp = (t * t) % p\n    while (temp !== 1n) {\n      temp = (temp * temp) % p\n      i++\n    }\n\n    // Update values\n    const b = modPow(c, modPow(2n, m - i - 1n, p - 1n), p)\n    m = i\n    c = (b * b) % p\n    t = (t * c) % p\n    r = (r * b) % p\n  }\n}\n\n/**\n * Reconstruct a BabyJubJub point from its x-coordinate\n *\n * BabyJubJub curve equation: a*x² + y² = 1 + d*x²*y²\n * Solving for y²: y² = (1 - a*x²) / (1 - d*x²)\n *\n * Returns the point with the smaller y value (canonical form),\n * or null if x is not on the curve.\n *\n * @param x - The x-coordinate\n * @returns Point with the given x, or null if invalid\n */\nexport async function reconstructPointFromX(x: bigint): Promise<Point | null> {\n  const p = BABYJUBJUB_P\n  x = ((x % p) + p) % p\n\n  // Compute x²\n  const x2 = (x * x) % p\n\n  // Compute numerator: 1 - a*x²\n  const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n\n  // Compute denominator: 1 - d*x²\n  const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n  if (denominator === 0n) {\n    return null // Division by zero\n  }\n\n  // Compute y² = numerator / denominator\n  const y2 = (numerator * modInverse(denominator, p)) % p\n\n  // Compute y = sqrt(y²)\n  const y = modSqrt(y2, p)\n  if (y === null) {\n    return null // x is not on the curve\n  }\n\n  // Return the point with smaller y (canonical form)\n  const yAlt = p - y\n  const yCanonical = y < yAlt ? y : yAlt\n\n  const point = { x, y: yCanonical }\n\n  // Verify the point is actually on the curve\n  if (!(await isOnCurve(point))) {\n    // Try the other y\n    const pointAlt = { x, y: y < yAlt ? yAlt : y }\n    if (!(await isOnCurve(pointAlt))) {\n      return null\n    }\n    return pointAlt\n  }\n\n  return point\n}\n\n/**\n * Reconstruct a BabyJubJub point from x-coordinate and y parity bit\n *\n * @param x - The x-coordinate\n * @param yParity - 0 for even y, 1 for odd y\n * @returns Point with matching parity, or null if invalid\n */\nexport async function reconstructPointFromXWithParity(\n  x: bigint,\n  yParity: 0 | 1\n): Promise<Point | null> {\n  const p = BABYJUBJUB_P\n  x = ((x % p) + p) % p\n\n  const x2 = (x * x) % p\n  const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n  const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n  if (denominator === 0n) return null\n\n  const y2 = (numerator * modInverse(denominator, p)) % p\n  const y = modSqrt(y2, p)\n  if (y === null) return null\n\n  // Select y based on parity\n  const actualParity = Number(y % 2n)\n  const finalY = actualParity === yParity ? y : p - y\n\n  return { x, y: finalY }\n}\n\n/**\n * Derive a per-transaction viewing public key (EVK)\n *\n * EVK = MVK_pub + Poseidon(MVK_pub.x, MVK_pub.y, nonce) * Base8\n *\n * This allows the sender to derive a unique encryption key for each transaction\n * without knowing the recipient's private key.\n *\n * @param masterViewingPubKey - Recipient's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction encryption viewing key\n */\nexport async function deriveEncryptionViewingKey(\n  masterViewingPubKey: Point,\n  nonce: bigint\n): Promise<Point> {\n  // Import poseidonScalar to avoid circular dependency\n  const { poseidonScalar } = await import('./poseidon.js')\n\n  const babyjub = await initBabyJub()\n\n  // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n  const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n  // Compute offset: scalar * Base8\n  const offset = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n  // Convert MVK_pub to internal format\n  const mvkInternal = [\n    babyjub.F.e(masterViewingPubKey.x),\n    babyjub.F.e(masterViewingPubKey.y),\n  ] as [unknown, unknown]\n\n  // EVK = MVK_pub + offset\n  const result = babyjub.addPoint(mvkInternal, offset)\n\n  return {\n    x: babyjub.F.toObject(result[0]),\n    y: babyjub.F.toObject(result[1]),\n  }\n}\n\n/**\n * Derive a per-transaction viewing private key (DVK)\n *\n * DVK = MVK_priv + Poseidon(MVK_pub.x, MVK_pub.y, nonce)\n *\n * Only the owner with MVK_priv can compute this.\n * DVK can be shared with auditors to decrypt specific transactions.\n *\n * @param masterViewingPrivKey - Owner's master viewing private key\n * @param masterViewingPubKey - Owner's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction decryption viewing key\n */\nexport async function deriveDecryptionViewingKey(\n  masterViewingPrivKey: bigint,\n  masterViewingPubKey: Point,\n  nonce: bigint\n): Promise<bigint> {\n  // Import poseidonScalar to avoid circular dependency\n  const { poseidonScalar } = await import('./poseidon.js')\n\n  // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n  const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n  // DVK = MVK_priv + scalar (mod subOrder)\n  return (masterViewingPrivKey + scalar) % BABYJUBJUB_SUBORDER\n}\n\n"]}

package/dist/chunk-V23OSL25.js

@@ -0,0 +1,48 @@
+import { __esm } from './chunk-Z6ZWNWWR.js';
+
+// src/utils/poseidon.ts
+async function initPoseidon() {
+  if (!poseidonInstance) {
+    const { buildPoseidon } = await import('circomlibjs');
+    poseidonInstance = await buildPoseidon();
+  }
+  return poseidonInstance;
+}
+async function poseidon(inputs) {
+  const poseidonFn = await initPoseidon();
+  const hash = poseidonFn(inputs);
+  return poseidonFn.F.toObject(hash);
+}
+async function poseidonHash(inputs) {
+  const hash = await poseidon(inputs);
+  return `0x${hash.toString(16).padStart(64, "0")}`;
+}
+async function poseidonScalar(inputs) {
+  const hash = await poseidon(inputs);
+  return hash % BABYJUBJUB_SUBORDER;
+}
+function addressToField(address) {
+  return BigInt(address);
+}
+function fieldToAddress(field) {
+  const masked = field & (1n << 160n) - 1n;
+  return `0x${masked.toString(16).padStart(40, "0")}`;
+}
+function isValidFieldElement(value) {
+  return value >= 0n && value < FIELD_PRIME;
+}
+function toFieldElement(value) {
+  return (value % FIELD_PRIME + FIELD_PRIME) % FIELD_PRIME;
+}
+var poseidonInstance, FIELD_PRIME, BABYJUBJUB_SUBORDER;
+var init_poseidon = __esm({
+  "src/utils/poseidon.ts"() {
+    poseidonInstance = null;
+    FIELD_PRIME = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+    BABYJUBJUB_SUBORDER = 2736030358979909402780800718157159386076813972158567259200215660948447373041n;
+  }
+});
+
+export { BABYJUBJUB_SUBORDER, FIELD_PRIME, addressToField, fieldToAddress, init_poseidon, isValidFieldElement, poseidon, poseidonHash, poseidonScalar, toFieldElement };
+//# sourceMappingURL=chunk-V23OSL25.js.map
+//# sourceMappingURL=chunk-V23OSL25.js.map

package/dist/chunk-V23OSL25.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/poseidon.ts"],"names":[],"mappings":";;;AAgCA,eAAe,YAAA,GAAoC;AACjD,EAAA,IAAI,CAAC,gBAAA,EAAkB;AACrB,IAAA,MAAM,EAAE,aAAA,EAAc,GAAI,MAAM,OAAO,aAAa,CAAA;AACpD,IAAA,gBAAA,GAAmB,MAAM,aAAA,EAAc;AAAA,EACzC;AACA,EAAA,OAAO,gBAAA;AACT;AAaA,eAAsB,SAAS,MAAA,EAAmC;AAChE,EAAA,MAAM,UAAA,GAAa,MAAM,YAAA,EAAa;AACtC,EAAA,MAAM,IAAA,GAAO,WAAW,MAAM,CAAA;AAC9B,EAAA,OAAO,UAAA,CAAW,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA;AACnC;AAKA,eAAsB,aAAa,MAAA,EAA0C;AAC3E,EAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,MAAM,CAAA;AAClC,EAAA,OAAO,CAAA,EAAA,EAAK,KAAK,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,EAAA,EAAI,GAAG,CAAC,CAAA,CAAA;AACjD;AAMA,eAAsB,eAAe,MAAA,EAAmC;AACtE,EAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,MAAM,CAAA;AAClC,EAAA,OAAO,IAAA,GAAO,mBAAA;AAChB;AAKO,SAAS,eAAe,OAAA,EAAgC;AAC7D,EAAA,OAAO,OAAO,OAAO,CAAA;AACvB;AAKO,SAAS,eAAe,KAAA,EAA8B;AAE3D,EAAA,MAAM,MAAA,GAAS,KAAA,GAAA,CAAU,EAAA,IAAM,IAAA,IAAQ,EAAA;AACvC,EAAA,OAAO,CAAA,EAAA,EAAK,OAAO,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,EAAA,EAAI,GAAG,CAAC,CAAA,CAAA;AACnD;AAKO,SAAS,oBAAoB,KAAA,EAAwB;AAC1D,EAAA,OAAO,KAAA,IAAS,MAAM,KAAA,GAAQ,WAAA;AAChC;AAKO,SAAS,eAAe,KAAA,EAAuB;AACpD,EAAA,OAAA,CAAS,KAAA,GAAQ,cAAe,WAAA,IAAe,WAAA;AACjD;AAtGA,IAiBI,kBAKS,WAAA,CAAA,CAKA;AA3Bb,IAAA,aAAA,GAAA,KAAA,CAAA;AAAA,EAAA,uBAAA,GAAA;AAiBA,IAAI,gBAAA,GAAsC,IAAA;AAKnC,IAAM,WAAA,GAAc,8EAAA;AAKpB,IAAM,mBAAA,GAAsB,6EAAA;AAAA,EAAA;AAAA,CAAA","file":"chunk-V23OSL25.js","sourcesContent":["/**\n * Poseidon Hash Utilities\n *\n * Wrapper around circomlibjs Poseidon hash implementation.\n * Used for commitments, nullifiers, and key derivation.\n */\n\n// circomlibjs types (not exported by the library)\ntype PoseidonFn = {\n  (inputs: bigint[]): Uint8Array\n  F: {\n    toObject: (val: Uint8Array) => bigint\n    e: (val: bigint) => unknown\n  }\n}\n\n// Lazily initialized Poseidon instance\nlet poseidonInstance: PoseidonFn | null = null\n\n/**\n * BN254 field prime (same as used in Circom/snarkjs)\n */\nexport const FIELD_PRIME = 21888242871839275222246405745257275088548364400416034343698204186575808495617n\n\n/**\n * BabyJubJub subgroup order\n */\nexport const BABYJUBJUB_SUBORDER = 2736030358979909402780800718157159386076813972158567259200215660948447373041n\n\n/**\n * Initialize Poseidon hash function (lazy loading)\n */\nasync function initPoseidon(): Promise<PoseidonFn> {\n  if (!poseidonInstance) {\n    const { buildPoseidon } = await import('circomlibjs')\n    poseidonInstance = await buildPoseidon()\n  }\n  return poseidonInstance\n}\n\n/**\n * Compute Poseidon hash of inputs\n *\n * @param inputs - Array of field elements to hash (up to 16 elements)\n * @returns Hash as bigint\n *\n * @example\n * ```ts\n * const commitment = await poseidon([amount, blinding, origin, token])\n * ```\n */\nexport async function poseidon(inputs: bigint[]): Promise<bigint> {\n  const poseidonFn = await initPoseidon()\n  const hash = poseidonFn(inputs)\n  return poseidonFn.F.toObject(hash)\n}\n\n/**\n * Compute Poseidon hash and return as hex string\n */\nexport async function poseidonHash(inputs: bigint[]): Promise<`0x${string}`> {\n  const hash = await poseidon(inputs)\n  return `0x${hash.toString(16).padStart(64, '0')}`\n}\n\n/**\n * Compute Poseidon hash modulo BabyJubJub suborder\n * Used for deriving scalars for curve operations\n */\nexport async function poseidonScalar(inputs: bigint[]): Promise<bigint> {\n  const hash = await poseidon(inputs)\n  return hash % BABYJUBJUB_SUBORDER\n}\n\n/**\n * Convert an address to a field element\n */\nexport function addressToField(address: `0x${string}`): bigint {\n  return BigInt(address)\n}\n\n/**\n * Convert a field element to an address (20 bytes)\n */\nexport function fieldToAddress(field: bigint): `0x${string}` {\n  // Mask to 160 bits (20 bytes) for address\n  const masked = field & ((1n << 160n) - 1n)\n  return `0x${masked.toString(16).padStart(40, '0')}`\n}\n\n/**\n * Check if a value is within the field\n */\nexport function isValidFieldElement(value: bigint): boolean {\n  return value >= 0n && value < FIELD_PRIME\n}\n\n/**\n * Reduce a value modulo field prime\n */\nexport function toFieldElement(value: bigint): bigint {\n  return ((value % FIELD_PRIME) + FIELD_PRIME) % FIELD_PRIME\n}\n"]}

package/dist/chunk-W77GRBO4.js

@@ -0,0 +1,53 @@
+import { init_poseidon, FIELD_PRIME } from './chunk-V23OSL25.js';
+import { __esm } from './chunk-Z6ZWNWWR.js';
+
+// src/utils/crypto.ts
+function randomBytes(length) {
+  const bytes = new Uint8Array(length);
+  crypto.getRandomValues(bytes);
+  return bytes;
+}
+function randomFieldElement() {
+  const bytes = randomBytes(32);
+  let value = 0n;
+  for (let i = 0; i < bytes.length; i++) {
+    value = (value << 8n) + BigInt(bytes[i]);
+  }
+  return value % FIELD_PRIME;
+}
+function bytesToHex(bytes) {
+  return `0x${Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+}
+function hexToBytes(hex) {
+  const str = hex.slice(2);
+  const bytes = new Uint8Array(str.length / 2);
+  for (let i = 0; i < bytes.length; i++) {
+    bytes[i] = parseInt(str.slice(i * 2, i * 2 + 2), 16);
+  }
+  return bytes;
+}
+function bigintToBytes(value, length) {
+  const bytes = new Uint8Array(length);
+  let temp = value;
+  for (let i = length - 1; i >= 0; i--) {
+    bytes[i] = Number(temp & 0xffn);
+    temp >>= 8n;
+  }
+  return bytes;
+}
+function bytesToBigint(bytes) {
+  let value = 0n;
+  for (let i = 0; i < bytes.length; i++) {
+    value = (value << 8n) + BigInt(bytes[i]);
+  }
+  return value;
+}
+var init_crypto = __esm({
+  "src/utils/crypto.ts"() {
+    init_poseidon();
+  }
+});
+
+export { bigintToBytes, bytesToBigint, bytesToHex, hexToBytes, init_crypto, randomBytes, randomFieldElement };
+//# sourceMappingURL=chunk-W77GRBO4.js.map
+//# sourceMappingURL=chunk-W77GRBO4.js.map

package/dist/chunk-W77GRBO4.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/crypto.ts"],"names":[],"mappings":";;;;AAWO,SAAS,YAAY,MAAA,EAA4B;AACtD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,kBAAA,GAA6B;AAE3C,EAAA,MAAM,KAAA,GAAQ,YAAY,EAAE,CAAA;AAG5B,EAAA,IAAI,KAAA,GAAQ,EAAA;AACZ,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,GAAA,CAAS,KAAA,IAAS,EAAA,IAAM,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EAC1C;AAGA,EAAA,OAAO,KAAA,GAAQ,WAAA;AACjB;AAKO,SAAS,WAAW,KAAA,EAAkC;AAC3D,EAAA,OAAO,KAAK,KAAA,CAAM,IAAA,CAAK,KAAK,CAAA,CACzB,GAAA,CAAI,OAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CACxC,IAAA,CAAK,EAAE,CAAC,CAAA,CAAA;AACb;AAKO,SAAS,WAAW,GAAA,EAAgC;AACzD,EAAA,MAAM,GAAA,GAAM,GAAA,CAAI,KAAA,CAAM,CAAC,CAAA;AACvB,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,GAAA,CAAI,SAAS,CAAC,CAAA;AAC3C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,GAAA,CAAI,KAAA,CAAM,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,GAAI,CAAC,CAAA,EAAG,EAAE,CAAA;AAAA,EACrD;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,aAAA,CAAc,OAAe,MAAA,EAA4B;AACvE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,IAAA,GAAO,KAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AACpC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,IAAA,GAAO,KAAK,CAAA;AAC9B,IAAA,IAAA,KAAS,EAAA;AAAA,EACX;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,cAAc,KAAA,EAA2B;AACvD,EAAA,IAAI,KAAA,GAAQ,EAAA;AACZ,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,GAAA,CAAS,KAAA,IAAS,EAAA,IAAM,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,KAAA;AACT;AA/EA,IAAA,WAAA,GAAA,KAAA,CAAA;AAAA,EAAA,qBAAA,GAAA;AAMA,IAAA,aAAA,EAAA;AAAA,EAAA;AAAA,CAAA","file":"chunk-W77GRBO4.js","sourcesContent":["/**\n * Cryptographic Utilities\n *\n * Secure random number generation and field arithmetic.\n */\n\nimport { FIELD_PRIME } from './poseidon.js'\n\n/**\n * Generate cryptographically secure random bytes\n */\nexport function randomBytes(length: number): Uint8Array {\n  const bytes = new Uint8Array(length)\n  crypto.getRandomValues(bytes)\n  return bytes\n}\n\n/**\n * Generate a random field element (for blinding factors, etc.)\n *\n * Returns a value in range [0, FIELD_PRIME)\n */\nexport function randomFieldElement(): bigint {\n  // Generate 32 bytes of randomness\n  const bytes = randomBytes(32)\n\n  // Convert to bigint\n  let value = 0n\n  for (let i = 0; i < bytes.length; i++) {\n    value = (value << 8n) + BigInt(bytes[i]!)\n  }\n\n  // Reduce modulo field prime\n  return value % FIELD_PRIME\n}\n\n/**\n * Convert bytes to hex string\n */\nexport function bytesToHex(bytes: Uint8Array): `0x${string}` {\n  return `0x${Array.from(bytes)\n    .map(b => b.toString(16).padStart(2, '0'))\n    .join('')}`\n}\n\n/**\n * Convert hex string to bytes\n */\nexport function hexToBytes(hex: `0x${string}`): Uint8Array {\n  const str = hex.slice(2)\n  const bytes = new Uint8Array(str.length / 2)\n  for (let i = 0; i < bytes.length; i++) {\n    bytes[i] = parseInt(str.slice(i * 2, i * 2 + 2), 16)\n  }\n  return bytes\n}\n\n/**\n * Convert bigint to bytes (big-endian)\n */\nexport function bigintToBytes(value: bigint, length: number): Uint8Array {\n  const bytes = new Uint8Array(length)\n  let temp = value\n  for (let i = length - 1; i >= 0; i--) {\n    bytes[i] = Number(temp & 0xffn)\n    temp >>= 8n\n  }\n  return bytes\n}\n\n/**\n * Convert bytes to bigint (big-endian)\n */\nexport function bytesToBigint(bytes: Uint8Array): bigint {\n  let value = 0n\n  for (let i = 0; i < bytes.length; i++) {\n    value = (value << 8n) + BigInt(bytes[i]!)\n  }\n  return value\n}\n\n/**\n * Modular exponentiation: base^exp mod modulus\n */\nexport function modPow(base: bigint, exp: bigint, modulus: bigint): bigint {\n  let result = 1n\n  base = base % modulus\n\n  while (exp > 0n) {\n    if (exp % 2n === 1n) {\n      result = (result * base) % modulus\n    }\n    exp = exp >> 1n\n    base = (base * base) % modulus\n  }\n\n  return result\n}\n\n/**\n * Modular inverse using extended Euclidean algorithm\n */\nexport function modInverse(a: bigint, modulus: bigint): bigint {\n  let [oldR, r] = [a, modulus]\n  let [oldS, s] = [1n, 0n]\n\n  while (r !== 0n) {\n    const quotient = oldR / r\n    ;[oldR, r] = [r, oldR - quotient * r]\n    ;[oldS, s] = [s, oldS - quotient * s]\n  }\n\n  if (oldR !== 1n) {\n    throw new Error('Modular inverse does not exist')\n  }\n\n  return ((oldS % modulus) + modulus) % modulus\n}\n"]}