@permissionless-technologies/upp-sdk 0.1.0

package/dist/transfer-KTCXKHS4.js

@@ -0,0 +1,8 @@
+export { buildTransfer, buildUPPTransferCircuitInputs, computeNullifier, formatOutputForContract, getMerkleProofsForNotes, syncMerkleTree } from './chunk-PWHOUQOZ.js';
+import './chunk-P37MRZ73.js';
+import './chunk-ZU6J7KMY.js';
+import './chunk-V23OSL25.js';
+import './chunk-S4B7GYLN.js';
+import './chunk-Z6ZWNWWR.js';
+//# sourceMappingURL=transfer-KTCXKHS4.js.map
+//# sourceMappingURL=transfer-KTCXKHS4.js.map

package/dist/transfer-KTCXKHS4.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"transfer-KTCXKHS4.js"}

package/dist/types-CJSbxv4q.d.cts

@@ -0,0 +1,143 @@
+import { Hex, Address } from 'viem';
+import { M as M31Secret, a as M31Digest } from './keccak-m31-B_AqBbRF.cjs';
+
+/**
+ * Key Type Definitions for UPP SDK
+ *
+ * Post-quantum key structure (hash-based, no elliptic curves):
+ *
+ * Wallet Signature → Seed
+ *     ├── Spending Secret → Owner Hash = Poseidon(spendingSecret)
+ *     └── Viewing Secret (for note encryption, derived from seed)
+ *
+ * Ownership is proven via hash preimage: "I know secret such that Poseidon(secret) == ownerHash"
+ * This replaces the previous BabyJubJub ECDLP-based ownership proof.
+ */
+
+/**
+ * Master keys derived from wallet signature
+ *
+ * Post-quantum: uses hash-based ownership instead of BabyJubJub curve.
+ * ownerHash = Poseidon(spendingSecret) replaces spendingPubKey (curve point).
+ */
+interface MasterKeys {
+    /** Spending secret - for note ownership proofs (hash preimage) */
+    spendingSecret: bigint;
+    /** Owner hash = Poseidon(spendingSecret) - publicly committed in notes */
+    ownerHash: bigint;
+    /** Viewing secret - for note encryption/decryption (symmetric key derivation) */
+    viewingSecret: bigint;
+    /** Viewing hash = Poseidon(viewingSecret) - for search tags and indexing */
+    viewingHash: bigint;
+}
+/**
+ * Per-transaction viewing key (for decryption)
+ *
+ * Can be shared with auditors to reveal specific transactions
+ * without compromising the master viewing secret.
+ *
+ * Post-quantum: uses hash-based key derivation instead of ECDH.
+ */
+interface TransactionViewingKey {
+    /** The Merkle leaf index (for locating the on-chain event) */
+    leafIndex: number;
+    /** The per-note nonce (used in key derivation) */
+    nonce: bigint;
+    /** The per-note decryption key (derived from viewingSecret + nonce) */
+    decryptionKey: Hex;
+}
+/**
+ * Exported viewing keys for audit
+ *
+ * Contains the minimum information needed for an auditor
+ * to decrypt specific transactions.
+ */
+interface AuditKeyExport {
+    /** Version for forward compatibility (v4 = post-quantum hash-based) */
+    version: 4;
+    /** Ethereum address that signed to derive keys (for identification) */
+    signerAddress: Address;
+    /** The viewing hash (for verification) */
+    viewingHash: bigint;
+    /** Per-transaction viewing keys */
+    viewingKeys: TransactionViewingKey[];
+    /** Instructions for auditor */
+    instructions: string;
+}
+/**
+ * Stealth address components (simplified for hash-based system)
+ * Published once, used by senders to encrypt notes
+ */
+interface StealthAddressComponents {
+    /** Owner hash = Poseidon(spendingSecret) */
+    ownerHash: bigint;
+    /** Viewing hash = Poseidon(viewingSecret) - for encryption */
+    viewingHash: bigint;
+    /** Optional chain ID (for multi-chain support) */
+    chainId?: number;
+}
+/**
+ * Configuration for key derivation
+ */
+interface KeyDerivationConfig {
+    /** The message to sign for key derivation */
+    message: string;
+    /** Version number for the key derivation scheme */
+    version: 1;
+}
+/**
+ * Default key derivation configuration
+ */
+declare const DEFAULT_KEY_DERIVATION_CONFIG: KeyDerivationConfig;
+/**
+ * Result of deriving one-time keys for a transaction (hash-based)
+ */
+interface OneTimeKeys {
+    /** One-time secret (for the owner to spend the note) */
+    oneTimeSecret: bigint;
+    /** One-time owner hash = Poseidon(oneTimeSecret) - in the commitment */
+    ownerHash: bigint;
+}
+/**
+ * Serialized key format for storage
+ */
+interface SerializedKeys {
+    version: 1;
+    /** Hex-encoded encrypted key data */
+    encryptedData: Hex;
+    /** Salt for key derivation (if password protected) */
+    salt?: Hex;
+    /** Nonce for encryption */
+    nonce: Hex;
+}
+
+/** Which proving system to use */
+type ProvingSystem = 'snark' | 'stark';
+/**
+ * STARK master keys derived from wallet signature.
+ *
+ * Uses M31 field and keccak-256 hashing — no elliptic curves.
+ * ownerHash = keccak_m31(starkSecret) — 4 M31 elements.
+ */
+interface StarkMasterKeys {
+    /** 8 M31 limbs (248 bits of entropy) — for ownership proofs */
+    starkSecret: M31Secret;
+    /** keccak_m31(starkSecret) — publicly committed in STARK notes */
+    starkOwnerHash: M31Digest;
+    /** 8 M31 limbs — for note encryption/decryption */
+    starkViewingSecret: M31Secret;
+    /** keccak_m31(starkViewingSecret) — for search tags and indexing */
+    starkViewingHash: M31Digest;
+}
+/**
+ * Dual master keys: both SNARK (BN254/Poseidon) and STARK (M31/Keccak).
+ *
+ * Derived from the same wallet signature via domain-separated keccak256.
+ * Breaking BJJ (quantum) does NOT compromise STARK keys (keccak preimage resistance).
+ */
+interface DualMasterKeys {
+    snark: MasterKeys;
+    stark: StarkMasterKeys;
+}
+
+export { type AuditKeyExport as A, DEFAULT_KEY_DERIVATION_CONFIG as D, type KeyDerivationConfig as K, type MasterKeys as M, type OneTimeKeys as O, type ProvingSystem as P, type SerializedKeys as S, type TransactionViewingKey as T, type DualMasterKeys as a, type StarkMasterKeys as b, type StealthAddressComponents as c };

package/dist/types-mLybMxNR.d.ts

@@ -0,0 +1,143 @@
+import { Hex, Address } from 'viem';
+import { M as M31Secret, a as M31Digest } from './keccak-m31-B_AqBbRF.js';
+
+/**
+ * Key Type Definitions for UPP SDK
+ *
+ * Post-quantum key structure (hash-based, no elliptic curves):
+ *
+ * Wallet Signature → Seed
+ *     ├── Spending Secret → Owner Hash = Poseidon(spendingSecret)
+ *     └── Viewing Secret (for note encryption, derived from seed)
+ *
+ * Ownership is proven via hash preimage: "I know secret such that Poseidon(secret) == ownerHash"
+ * This replaces the previous BabyJubJub ECDLP-based ownership proof.
+ */
+
+/**
+ * Master keys derived from wallet signature
+ *
+ * Post-quantum: uses hash-based ownership instead of BabyJubJub curve.
+ * ownerHash = Poseidon(spendingSecret) replaces spendingPubKey (curve point).
+ */
+interface MasterKeys {
+    /** Spending secret - for note ownership proofs (hash preimage) */
+    spendingSecret: bigint;
+    /** Owner hash = Poseidon(spendingSecret) - publicly committed in notes */
+    ownerHash: bigint;
+    /** Viewing secret - for note encryption/decryption (symmetric key derivation) */
+    viewingSecret: bigint;
+    /** Viewing hash = Poseidon(viewingSecret) - for search tags and indexing */
+    viewingHash: bigint;
+}
+/**
+ * Per-transaction viewing key (for decryption)
+ *
+ * Can be shared with auditors to reveal specific transactions
+ * without compromising the master viewing secret.
+ *
+ * Post-quantum: uses hash-based key derivation instead of ECDH.
+ */
+interface TransactionViewingKey {
+    /** The Merkle leaf index (for locating the on-chain event) */
+    leafIndex: number;
+    /** The per-note nonce (used in key derivation) */
+    nonce: bigint;
+    /** The per-note decryption key (derived from viewingSecret + nonce) */
+    decryptionKey: Hex;
+}
+/**
+ * Exported viewing keys for audit
+ *
+ * Contains the minimum information needed for an auditor
+ * to decrypt specific transactions.
+ */
+interface AuditKeyExport {
+    /** Version for forward compatibility (v4 = post-quantum hash-based) */
+    version: 4;
+    /** Ethereum address that signed to derive keys (for identification) */
+    signerAddress: Address;
+    /** The viewing hash (for verification) */
+    viewingHash: bigint;
+    /** Per-transaction viewing keys */
+    viewingKeys: TransactionViewingKey[];
+    /** Instructions for auditor */
+    instructions: string;
+}
+/**
+ * Stealth address components (simplified for hash-based system)
+ * Published once, used by senders to encrypt notes
+ */
+interface StealthAddressComponents {
+    /** Owner hash = Poseidon(spendingSecret) */
+    ownerHash: bigint;
+    /** Viewing hash = Poseidon(viewingSecret) - for encryption */
+    viewingHash: bigint;
+    /** Optional chain ID (for multi-chain support) */
+    chainId?: number;
+}
+/**
+ * Configuration for key derivation
+ */
+interface KeyDerivationConfig {
+    /** The message to sign for key derivation */
+    message: string;
+    /** Version number for the key derivation scheme */
+    version: 1;
+}
+/**
+ * Default key derivation configuration
+ */
+declare const DEFAULT_KEY_DERIVATION_CONFIG: KeyDerivationConfig;
+/**
+ * Result of deriving one-time keys for a transaction (hash-based)
+ */
+interface OneTimeKeys {
+    /** One-time secret (for the owner to spend the note) */
+    oneTimeSecret: bigint;
+    /** One-time owner hash = Poseidon(oneTimeSecret) - in the commitment */
+    ownerHash: bigint;
+}
+/**
+ * Serialized key format for storage
+ */
+interface SerializedKeys {
+    version: 1;
+    /** Hex-encoded encrypted key data */
+    encryptedData: Hex;
+    /** Salt for key derivation (if password protected) */
+    salt?: Hex;
+    /** Nonce for encryption */
+    nonce: Hex;
+}
+
+/** Which proving system to use */
+type ProvingSystem = 'snark' | 'stark';
+/**
+ * STARK master keys derived from wallet signature.
+ *
+ * Uses M31 field and keccak-256 hashing — no elliptic curves.
+ * ownerHash = keccak_m31(starkSecret) — 4 M31 elements.
+ */
+interface StarkMasterKeys {
+    /** 8 M31 limbs (248 bits of entropy) — for ownership proofs */
+    starkSecret: M31Secret;
+    /** keccak_m31(starkSecret) — publicly committed in STARK notes */
+    starkOwnerHash: M31Digest;
+    /** 8 M31 limbs — for note encryption/decryption */
+    starkViewingSecret: M31Secret;
+    /** keccak_m31(starkViewingSecret) — for search tags and indexing */
+    starkViewingHash: M31Digest;
+}
+/**
+ * Dual master keys: both SNARK (BN254/Poseidon) and STARK (M31/Keccak).
+ *
+ * Derived from the same wallet signature via domain-separated keccak256.
+ * Breaking BJJ (quantum) does NOT compromise STARK keys (keccak preimage resistance).
+ */
+interface DualMasterKeys {
+    snark: MasterKeys;
+    stark: StarkMasterKeys;
+}
+
+export { type AuditKeyExport as A, DEFAULT_KEY_DERIVATION_CONFIG as D, type KeyDerivationConfig as K, type MasterKeys as M, type OneTimeKeys as O, type ProvingSystem as P, type SerializedKeys as S, type TransactionViewingKey as T, type DualMasterKeys as a, type StarkMasterKeys as b, type StealthAddressComponents as c };

package/dist/utils/index.cjs

@@ -0,0 +1,178 @@
+'use strict';
+
+require('../chunk-GQV47S3N.cjs');
+var chunkTSF6HEVS_cjs = require('../chunk-TSF6HEVS.cjs');
+var chunkEUP7MBAH_cjs = require('../chunk-EUP7MBAH.cjs');
+var chunkBH24DZ5S_cjs = require('../chunk-BH24DZ5S.cjs');
+var chunk3HQ7A6ZM_cjs = require('../chunk-3HQ7A6ZM.cjs');
+var chunkJWNXBALH_cjs = require('../chunk-JWNXBALH.cjs');
+require('../chunk-G7VZBCD6.cjs');
+
+
+
+Object.defineProperty(exports, "addPoints", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.addPoints; }
+});
+Object.defineProperty(exports, "computeSharedSecret", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.computeSharedSecret; }
+});
+Object.defineProperty(exports, "deriveDecryptionViewingKey", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.deriveDecryptionViewingKey; }
+});
+Object.defineProperty(exports, "deriveEncryptionViewingKey", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.deriveEncryptionViewingKey; }
+});
+Object.defineProperty(exports, "getBasePoint", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.getBasePoint; }
+});
+Object.defineProperty(exports, "getSubOrder", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.getSubOrder; }
+});
+Object.defineProperty(exports, "isOnCurve", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.isOnCurve; }
+});
+Object.defineProperty(exports, "mulPointScalar", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.mulPointScalar; }
+});
+Object.defineProperty(exports, "packPoint", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.packPoint; }
+});
+Object.defineProperty(exports, "pointToTuple", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.pointToTuple; }
+});
+Object.defineProperty(exports, "privateToPublic", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.privateToPublic; }
+});
+Object.defineProperty(exports, "tupleToPoint", {
+  enumerable: true,
+  get: function () { return chunkTSF6HEVS_cjs.tupleToPoint; }
+});
+Object.defineProperty(exports, "MAX_TREE_DEPTH", {
+  enumerable: true,
+  get: function () { return chunkEUP7MBAH_cjs.MAX_TREE_DEPTH; }
+});
+Object.defineProperty(exports, "MerkleTree", {
+  enumerable: true,
+  get: function () { return chunkEUP7MBAH_cjs.MerkleTree; }
+});
+Object.defineProperty(exports, "buildMerkleTree", {
+  enumerable: true,
+  get: function () { return chunkEUP7MBAH_cjs.buildMerkleTree; }
+});
+Object.defineProperty(exports, "getMerkleProof", {
+  enumerable: true,
+  get: function () { return chunkEUP7MBAH_cjs.getMerkleProof; }
+});
+Object.defineProperty(exports, "verifyMerkleProof", {
+  enumerable: true,
+  get: function () { return chunkEUP7MBAH_cjs.verifyMerkleProof; }
+});
+Object.defineProperty(exports, "DIGEST_SIZE", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.DIGEST_SIZE; }
+});
+Object.defineProperty(exports, "M31_P", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.M31_P; }
+});
+Object.defineProperty(exports, "SECRET_LIMBS", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.SECRET_LIMBS; }
+});
+Object.defineProperty(exports, "computeStarkCommitment", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.computeStarkCommitment; }
+});
+Object.defineProperty(exports, "computeStarkNullifier", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.computeStarkNullifier; }
+});
+Object.defineProperty(exports, "computeStarkOwnerHash", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.computeStarkOwnerHash; }
+});
+Object.defineProperty(exports, "keccakHashTwo", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.keccakHashTwo; }
+});
+Object.defineProperty(exports, "keccakM31", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.keccakM31; }
+});
+Object.defineProperty(exports, "splitToM31Limbs", {
+  enumerable: true,
+  get: function () { return chunkBH24DZ5S_cjs.splitToM31Limbs; }
+});
+Object.defineProperty(exports, "bigintToBytes", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.bigintToBytes; }
+});
+Object.defineProperty(exports, "bytesToBigint", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.bytesToBigint; }
+});
+Object.defineProperty(exports, "bytesToHex", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.bytesToHex; }
+});
+Object.defineProperty(exports, "hexToBytes", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.hexToBytes; }
+});
+Object.defineProperty(exports, "randomBytes", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.randomBytes; }
+});
+Object.defineProperty(exports, "randomFieldElement", {
+  enumerable: true,
+  get: function () { return chunk3HQ7A6ZM_cjs.randomFieldElement; }
+});
+Object.defineProperty(exports, "BABYJUBJUB_SUBORDER", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.BABYJUBJUB_SUBORDER; }
+});
+Object.defineProperty(exports, "FIELD_PRIME", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.FIELD_PRIME; }
+});
+Object.defineProperty(exports, "addressToField", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.addressToField; }
+});
+Object.defineProperty(exports, "fieldToAddress", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.fieldToAddress; }
+});
+Object.defineProperty(exports, "isValidFieldElement", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.isValidFieldElement; }
+});
+Object.defineProperty(exports, "poseidon", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.poseidon; }
+});
+Object.defineProperty(exports, "poseidonHash", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.poseidonHash; }
+});
+Object.defineProperty(exports, "poseidonScalar", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.poseidonScalar; }
+});
+Object.defineProperty(exports, "toFieldElement", {
+  enumerable: true,
+  get: function () { return chunkJWNXBALH_cjs.toFieldElement; }
+});
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/utils/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.cjs"}

package/dist/utils/index.d.cts

@@ -0,0 +1,88 @@
+export { M as MAX_TREE_DEPTH, a as MerkleProof, b as MerkleTree, P as Point, c as addPoints, d as buildMerkleTree, e as computeSharedSecret, f as deriveDecryptionViewingKey, g as deriveEncryptionViewingKey, h as getBasePoint, i as getMerkleProof, j as getSubOrder, k as isOnCurve, m as mulPointScalar, p as packPoint, l as pointToTuple, n as privateToPublic, t as tupleToPoint, v as verifyMerkleProof } from '../merkle-mteVOlDf.cjs';
+export { D as DIGEST_SIZE, a as M31Digest, M as M31Secret, b as M31_P, S as SECRET_LIMBS, c as computeStarkCommitment, d as computeStarkNullifier, e as computeStarkOwnerHash, k as keccakHashTwo, f as keccakM31, s as splitToM31Limbs } from '../keccak-m31-B_AqBbRF.cjs';
+
+/**
+ * Poseidon Hash Utilities
+ *
+ * Wrapper around circomlibjs Poseidon hash implementation.
+ * Used for commitments, nullifiers, and key derivation.
+ */
+/**
+ * BN254 field prime (same as used in Circom/snarkjs)
+ */
+declare const FIELD_PRIME = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+/**
+ * BabyJubJub subgroup order
+ */
+declare const BABYJUBJUB_SUBORDER = 2736030358979909402780800718157159386076813972158567259200215660948447373041n;
+/**
+ * Compute Poseidon hash of inputs
+ *
+ * @param inputs - Array of field elements to hash (up to 16 elements)
+ * @returns Hash as bigint
+ *
+ * @example
+ * ```ts
+ * const commitment = await poseidon([amount, blinding, origin, token])
+ * ```
+ */
+declare function poseidon(inputs: bigint[]): Promise<bigint>;
+/**
+ * Compute Poseidon hash and return as hex string
+ */
+declare function poseidonHash(inputs: bigint[]): Promise<`0x${string}`>;
+/**
+ * Compute Poseidon hash modulo BabyJubJub suborder
+ * Used for deriving scalars for curve operations
+ */
+declare function poseidonScalar(inputs: bigint[]): Promise<bigint>;
+/**
+ * Convert an address to a field element
+ */
+declare function addressToField(address: `0x${string}`): bigint;
+/**
+ * Convert a field element to an address (20 bytes)
+ */
+declare function fieldToAddress(field: bigint): `0x${string}`;
+/**
+ * Check if a value is within the field
+ */
+declare function isValidFieldElement(value: bigint): boolean;
+/**
+ * Reduce a value modulo field prime
+ */
+declare function toFieldElement(value: bigint): bigint;
+
+/**
+ * Cryptographic Utilities
+ *
+ * Secure random number generation and field arithmetic.
+ */
+/**
+ * Generate cryptographically secure random bytes
+ */
+declare function randomBytes(length: number): Uint8Array;
+/**
+ * Generate a random field element (for blinding factors, etc.)
+ *
+ * Returns a value in range [0, FIELD_PRIME)
+ */
+declare function randomFieldElement(): bigint;
+/**
+ * Convert bytes to hex string
+ */
+declare function bytesToHex(bytes: Uint8Array): `0x${string}`;
+/**
+ * Convert hex string to bytes
+ */
+declare function hexToBytes(hex: `0x${string}`): Uint8Array;
+/**
+ * Convert bigint to bytes (big-endian)
+ */
+declare function bigintToBytes(value: bigint, length: number): Uint8Array;
+/**
+ * Convert bytes to bigint (big-endian)
+ */
+declare function bytesToBigint(bytes: Uint8Array): bigint;
+
+export { BABYJUBJUB_SUBORDER, FIELD_PRIME, addressToField, bigintToBytes, bytesToBigint, bytesToHex, fieldToAddress, hexToBytes, isValidFieldElement, poseidon, poseidonHash, poseidonScalar, randomBytes, randomFieldElement, toFieldElement };

package/dist/utils/index.d.ts

@@ -0,0 +1,88 @@
+export { M as MAX_TREE_DEPTH, a as MerkleProof, b as MerkleTree, P as Point, c as addPoints, d as buildMerkleTree, e as computeSharedSecret, f as deriveDecryptionViewingKey, g as deriveEncryptionViewingKey, h as getBasePoint, i as getMerkleProof, j as getSubOrder, k as isOnCurve, m as mulPointScalar, p as packPoint, l as pointToTuple, n as privateToPublic, t as tupleToPoint, v as verifyMerkleProof } from '../merkle-mteVOlDf.js';
+export { D as DIGEST_SIZE, a as M31Digest, M as M31Secret, b as M31_P, S as SECRET_LIMBS, c as computeStarkCommitment, d as computeStarkNullifier, e as computeStarkOwnerHash, k as keccakHashTwo, f as keccakM31, s as splitToM31Limbs } from '../keccak-m31-B_AqBbRF.js';
+
+/**
+ * Poseidon Hash Utilities
+ *
+ * Wrapper around circomlibjs Poseidon hash implementation.
+ * Used for commitments, nullifiers, and key derivation.
+ */
+/**
+ * BN254 field prime (same as used in Circom/snarkjs)
+ */
+declare const FIELD_PRIME = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
+/**
+ * BabyJubJub subgroup order
+ */
+declare const BABYJUBJUB_SUBORDER = 2736030358979909402780800718157159386076813972158567259200215660948447373041n;
+/**
+ * Compute Poseidon hash of inputs
+ *
+ * @param inputs - Array of field elements to hash (up to 16 elements)
+ * @returns Hash as bigint
+ *
+ * @example
+ * ```ts
+ * const commitment = await poseidon([amount, blinding, origin, token])
+ * ```
+ */
+declare function poseidon(inputs: bigint[]): Promise<bigint>;
+/**
+ * Compute Poseidon hash and return as hex string
+ */
+declare function poseidonHash(inputs: bigint[]): Promise<`0x${string}`>;
+/**
+ * Compute Poseidon hash modulo BabyJubJub suborder
+ * Used for deriving scalars for curve operations
+ */
+declare function poseidonScalar(inputs: bigint[]): Promise<bigint>;
+/**
+ * Convert an address to a field element
+ */
+declare function addressToField(address: `0x${string}`): bigint;
+/**
+ * Convert a field element to an address (20 bytes)
+ */
+declare function fieldToAddress(field: bigint): `0x${string}`;
+/**
+ * Check if a value is within the field
+ */
+declare function isValidFieldElement(value: bigint): boolean;
+/**
+ * Reduce a value modulo field prime
+ */
+declare function toFieldElement(value: bigint): bigint;
+
+/**
+ * Cryptographic Utilities
+ *
+ * Secure random number generation and field arithmetic.
+ */
+/**
+ * Generate cryptographically secure random bytes
+ */
+declare function randomBytes(length: number): Uint8Array;
+/**
+ * Generate a random field element (for blinding factors, etc.)
+ *
+ * Returns a value in range [0, FIELD_PRIME)
+ */
+declare function randomFieldElement(): bigint;
+/**
+ * Convert bytes to hex string
+ */
+declare function bytesToHex(bytes: Uint8Array): `0x${string}`;
+/**
+ * Convert hex string to bytes
+ */
+declare function hexToBytes(hex: `0x${string}`): Uint8Array;
+/**
+ * Convert bigint to bytes (big-endian)
+ */
+declare function bigintToBytes(value: bigint, length: number): Uint8Array;
+/**
+ * Convert bytes to bigint (big-endian)
+ */
+declare function bytesToBigint(bytes: Uint8Array): bigint;
+
+export { BABYJUBJUB_SUBORDER, FIELD_PRIME, addressToField, bigintToBytes, bytesToBigint, bytesToHex, fieldToAddress, hexToBytes, isValidFieldElement, poseidon, poseidonHash, poseidonScalar, randomBytes, randomFieldElement, toFieldElement };

package/dist/utils/index.js

@@ -0,0 +1,9 @@
+import '../chunk-NCW4AE7L.js';
+export { addPoints, computeSharedSecret, deriveDecryptionViewingKey, deriveEncryptionViewingKey, getBasePoint, getSubOrder, isOnCurve, mulPointScalar, packPoint, pointToTuple, privateToPublic, tupleToPoint } from '../chunk-YOWDERVC.js';
+export { MAX_TREE_DEPTH, MerkleTree, buildMerkleTree, getMerkleProof, verifyMerkleProof } from '../chunk-ZU6J7KMY.js';
+export { DIGEST_SIZE, M31_P, SECRET_LIMBS, computeStarkCommitment, computeStarkNullifier, computeStarkOwnerHash, keccakHashTwo, keccakM31, splitToM31Limbs } from '../chunk-5V5HSN6Y.js';
+export { bigintToBytes, bytesToBigint, bytesToHex, hexToBytes, randomBytes, randomFieldElement } from '../chunk-W77GRBO4.js';
+export { BABYJUBJUB_SUBORDER, FIELD_PRIME, addressToField, fieldToAddress, isValidFieldElement, poseidon, poseidonHash, poseidonScalar, toFieldElement } from '../chunk-V23OSL25.js';
+import '../chunk-Z6ZWNWWR.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}