@permissionless-technologies/upp-sdk 0.2.1 → 0.3.0

package/dist/chunk-3YZSIYJC.cjs

@@ -0,0 +1,154 @@
+'use strict';
+
+var chunkBH24DZ5S_cjs = require('./chunk-BH24DZ5S.cjs');
+var viem = require('viem');
+
+var STARK_AMOUNT_SCALE = 10n ** 15n;
+var STARK_STATE_TREE_DEPTH = 32;
+var STARK_ASP_TREE_DEPTH = 20;
+function isStarkAligned(amount) {
+  if (amount <= 0n) return false;
+  const scaled = amount / STARK_AMOUNT_SCALE;
+  return scaled * STARK_AMOUNT_SCALE === amount && scaled < chunkBH24DZ5S_cjs.M31_P;
+}
+function scaleAmountForStark(weiAmount) {
+  const scaled = weiAmount / STARK_AMOUNT_SCALE;
+  if (scaled * STARK_AMOUNT_SCALE !== weiAmount) {
+    throw new Error(`Amount ${weiAmount} not aligned to STARK scale (${STARK_AMOUNT_SCALE})`);
+  }
+  if (scaled >= chunkBH24DZ5S_cjs.M31_P) {
+    throw new Error(`Scaled amount ${scaled} exceeds M31 max (${chunkBH24DZ5S_cjs.M31_P})`);
+  }
+  return Number(scaled);
+}
+function truncateToM31(value) {
+  return Number(value % chunkBH24DZ5S_cjs.M31_P);
+}
+function addressToM31(addr) {
+  return Number(BigInt(addr) % chunkBH24DZ5S_cjs.M31_P);
+}
+function splitSecretToM31Limbs(secret) {
+  const limbs = [];
+  let remaining = secret;
+  for (let i = 0; i < chunkBH24DZ5S_cjs.SECRET_LIMBS; i++) {
+    limbs.push(Number(remaining % chunkBH24DZ5S_cjs.M31_P));
+    remaining = remaining / chunkBH24DZ5S_cjs.M31_P;
+  }
+  return limbs;
+}
+function packM31Digest(digest) {
+  return BigInt(digest[0]) | BigInt(digest[1]) << 32n | BigInt(digest[2]) << 64n | BigInt(digest[3]) << 96n;
+}
+function computeWithdrawPublicInputsSeed(params) {
+  return viem.keccak256(
+    viem.encodePacked(
+      ["bytes32", "uint256", "uint256", "uint256", "address", "uint256", "address", "bool"],
+      [
+        params.nullifier,
+        params.stateRoot,
+        params.aspRoot,
+        params.aspId,
+        params.token,
+        params.amount,
+        params.recipient,
+        params.isRagequit
+      ]
+    )
+  );
+}
+function computeTransferPublicInputsSeed(params) {
+  return viem.keccak256(
+    viem.encodePacked(
+      ["bytes32", "uint256", "uint256", "address", "bytes32", "bytes32"],
+      [
+        params.nullifier,
+        params.stateRoot,
+        params.aspRoot,
+        params.token,
+        params.outputCommitment1,
+        params.outputCommitment2
+      ]
+    )
+  );
+}
+function toBytes32Hex(value) {
+  if (typeof value === "bigint") {
+    return viem.pad(viem.numberToHex(value), { size: 32 });
+  }
+  return value;
+}
+function toAddress20Hex(addr) {
+  return addr.toLowerCase();
+}
+function buildStarkWithdrawWitness(params) {
+  return {
+    owner_secret: params.ownerSecret,
+    input_amount: params.inputAmount,
+    input_blinding: params.inputBlinding,
+    input_origin: params.inputOrigin,
+    token: params.token,
+    leaf_index: params.leafIndex,
+    state_path_elements: new Array(STARK_STATE_TREE_DEPTH).fill(0),
+    state_path_indices: new Array(STARK_STATE_TREE_DEPTH).fill(0),
+    asp_path_elements: new Array(STARK_ASP_TREE_DEPTH).fill(0),
+    asp_path_indices: new Array(STARK_ASP_TREE_DEPTH).fill(0),
+    withdraw_amount: params.withdrawAmount,
+    change_amount: params.changeAmount,
+    change_blinding: params.changeBlinding,
+    recipient: params.recipient,
+    is_ragequit: params.isRagequit,
+    nullifier_hex: params.nullifierHex,
+    state_root_hex: toBytes32Hex(params.stateRootBigInt),
+    asp_root_hex: toBytes32Hex(params.aspRootBigInt),
+    asp_id_hex: toBytes32Hex(params.aspIdBigInt),
+    token_address_hex: toAddress20Hex(params.tokenAddress),
+    amount_hex: toBytes32Hex(params.amountWei),
+    recipient_address_hex: toAddress20Hex(params.recipientAddress),
+    is_ragequit_bool: params.isRagequitBool
+  };
+}
+function buildStarkTransferWitness(params) {
+  return {
+    owner_secret: params.ownerSecret,
+    input_amount: params.inputAmount,
+    input_blinding: params.inputBlinding,
+    input_origin: params.inputOrigin,
+    token: params.token,
+    leaf_index: params.leafIndex,
+    state_path_elements: new Array(STARK_STATE_TREE_DEPTH).fill(0),
+    state_path_indices: new Array(STARK_STATE_TREE_DEPTH).fill(0),
+    asp_path_elements: new Array(STARK_ASP_TREE_DEPTH).fill(0),
+    asp_path_indices: new Array(STARK_ASP_TREE_DEPTH).fill(0),
+    output1_amount: params.output1Amount,
+    output1_owner_hash: params.output1OwnerHash,
+    output1_blinding: params.output1Blinding,
+    output1_origin: params.output1Origin,
+    output2_amount: params.output2Amount,
+    output2_owner_hash: params.output2OwnerHash,
+    output2_blinding: params.output2Blinding,
+    output2_origin: params.output2Origin,
+    is_ragequit: params.isRagequit,
+    nullifier_hex: params.nullifierHex,
+    state_root_hex: toBytes32Hex(params.stateRootBigInt),
+    asp_root_hex: toBytes32Hex(params.aspRootBigInt),
+    token_address_hex: toAddress20Hex(params.tokenAddress),
+    output_commitment_1_hex: params.outputCommitment1Hex,
+    output_commitment_2_hex: params.outputCommitment2Hex
+  };
+}
+
+exports.STARK_AMOUNT_SCALE = STARK_AMOUNT_SCALE;
+exports.STARK_ASP_TREE_DEPTH = STARK_ASP_TREE_DEPTH;
+exports.STARK_STATE_TREE_DEPTH = STARK_STATE_TREE_DEPTH;
+exports.addressToM31 = addressToM31;
+exports.buildStarkTransferWitness = buildStarkTransferWitness;
+exports.buildStarkWithdrawWitness = buildStarkWithdrawWitness;
+exports.computeTransferPublicInputsSeed = computeTransferPublicInputsSeed;
+exports.computeWithdrawPublicInputsSeed = computeWithdrawPublicInputsSeed;
+exports.isStarkAligned = isStarkAligned;
+exports.packM31Digest = packM31Digest;
+exports.scaleAmountForStark = scaleAmountForStark;
+exports.splitSecretToM31Limbs = splitSecretToM31Limbs;
+exports.truncateToM31 = truncateToM31;
+//# sourceMappingURL=chunk-3YZSIYJC.cjs.map
+//# sourceMappingURL=chunk-3YZSIYJC.cjs.map

package/dist/chunk-3YZSIYJC.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/stark.ts"],"names":["M31_P","SECRET_LIMBS","keccak256","encodePacked","pad","numberToHex"],"mappings":";;;;;AAmBO,IAAM,qBAAqB,GAAA,IAAO;AAGlC,IAAM,sBAAA,GAAyB;AAG/B,IAAM,oBAAA,GAAuB;AAO7B,SAAS,eAAe,MAAA,EAAyB;AACtD,EAAA,IAAI,MAAA,IAAU,IAAI,OAAO,KAAA;AACzB,EAAA,MAAM,SAAS,MAAA,GAAS,kBAAA;AACxB,EAAA,OAAO,MAAA,GAAS,kBAAA,KAAuB,MAAA,IAAU,MAAA,GAASA,uBAAA;AAC5D;AASO,SAAS,oBAAoB,SAAA,EAA2B;AAC7D,EAAA,MAAM,SAAS,SAAA,GAAY,kBAAA;AAC3B,EAAA,IAAI,MAAA,GAAS,uBAAuB,SAAA,EAAW;AAC7C,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,OAAA,EAAU,SAAS,CAAA,6BAAA,EAAgC,kBAAkB,CAAA,CAAA,CAAG,CAAA;AAAA,EAC1F;AACA,EAAA,IAAI,UAAUA,uBAAA,EAAO;AACnB,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,MAAM,CAAA,kBAAA,EAAqBA,uBAAK,CAAA,CAAA,CAAG,CAAA;AAAA,EACtE;AACA,EAAA,OAAO,OAAO,MAAM,CAAA;AACtB;AAGO,SAAS,cAAc,KAAA,EAAuB;AACnD,EAAA,OAAO,MAAA,CAAO,QAAQA,uBAAK,CAAA;AAC7B;AAOO,SAAS,aAAa,IAAA,EAAuB;AAClD,EAAA,OAAO,MAAA,CAAO,MAAA,CAAO,IAAI,CAAA,GAAIA,uBAAK,CAAA;AACpC;AAUO,SAAS,sBAAsB,MAAA,EAA0B;AAC9D,EAAA,MAAM,QAAkB,EAAC;AACzB,EAAA,IAAI,SAAA,GAAY,MAAA;AAChB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAIC,8BAAA,EAAc,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,CAAM,IAAA,CAAK,MAAA,CAAO,SAAA,GAAYD,uBAAK,CAAC,CAAA;AACpC,IAAA,SAAA,GAAY,SAAA,GAAYA,uBAAA;AAAA,EAC1B;AACA,EAAA,OAAO,KAAA;AACT;AAMO,SAAS,cAAc,MAAA,EAAkD;AAC9E,EAAA,OAAO,MAAA,CAAO,OAAO,CAAC,CAAC,IAClB,MAAA,CAAO,MAAA,CAAO,CAAC,CAAC,CAAA,IAAK,MACrB,MAAA,CAAO,MAAA,CAAO,CAAC,CAAC,CAAA,IAAK,MACrB,MAAA,CAAO,MAAA,CAAO,CAAC,CAAC,CAAA,IAAK,GAAA;AAC5B;AAUO,SAAS,gCAAgC,MAAA,EASxC;AACN,EAAA,OAAOE,cAAA;AAAA,IACLC,iBAAA;AAAA,MACE,CAAC,WAAW,SAAA,EAAW,SAAA,EAAW,WAAW,SAAA,EAAW,SAAA,EAAW,WAAW,MAAM,CAAA;AAAA,MACpF;AAAA,QACE,MAAA,CAAO,SAAA;AAAA,QACP,MAAA,CAAO,SAAA;AAAA,QACP,MAAA,CAAO,OAAA;AAAA,QACP,MAAA,CAAO,KAAA;AAAA,QACP,MAAA,CAAO,KAAA;AAAA,QACP,MAAA,CAAO,MAAA;AAAA,QACP,MAAA,CAAO,SAAA;AAAA,QACP,MAAA,CAAO;AAAA;AACT;AACF,GACF;AACF;AAMO,SAAS,gCAAgC,MAAA,EAOxC;AACN,EAAA,OAAOD,cAAA;AAAA,IACLC,iBAAA;AAAA,MACE,CAAC,SAAA,EAAW,SAAA,EAAW,SAAA,EAAW,SAAA,EAAW,WAAW,SAAS,CAAA;AAAA,MACjE;AAAA,QACE,MAAA,CAAO,SAAA;AAAA,QACP,MAAA,CAAO,SAAA;AAAA,QACP,MAAA,CAAO,OAAA;AAAA,QACP,MAAA,CAAO,KAAA;AAAA,QACP,MAAA,CAAO,iBAAA;AAAA,QACP,MAAA,CAAO;AAAA;AACT;AACF,GACF;AACF;AA8EA,SAAS,aAAa,KAAA,EAA6B;AACjD,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAOC,SAAIC,gBAAA,CAAY,KAAK,GAAG,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,eAAe,IAAA,EAAuB;AAC7C,EAAA,OAAO,KAAK,WAAA,EAAY;AAC1B;AAKO,SAAS,0BAA0B,MAAA,EAqBjB;AACvB,EAAA,OAAO;AAAA,IACL,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,YAAY,MAAA,CAAO,SAAA;AAAA,IACnB,qBAAqB,IAAI,KAAA,CAAM,sBAAsB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IAC7D,oBAAoB,IAAI,KAAA,CAAM,sBAAsB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IAC5D,mBAAmB,IAAI,KAAA,CAAM,oBAAoB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IACzD,kBAAkB,IAAI,KAAA,CAAM,oBAAoB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IACxD,iBAAiB,MAAA,CAAO,cAAA;AAAA,IACxB,eAAe,MAAA,CAAO,YAAA;AAAA,IACtB,iBAAiB,MAAA,CAAO,cAAA;AAAA,IACxB,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,aAAa,MAAA,CAAO,UAAA;AAAA,IACpB,eAAe,MAAA,CAAO,YAAA;AAAA,IACtB,cAAA,EAAgB,YAAA,CAAa,MAAA,CAAO,eAAe,CAAA;AAAA,IACnD,YAAA,EAAc,YAAA,CAAa,MAAA,CAAO,aAAa,CAAA;AAAA,IAC/C,UAAA,EAAY,YAAA,CAAa,MAAA,CAAO,WAAW,CAAA;AAAA,IAC3C,iBAAA,EAAmB,cAAA,CAAe,MAAA,CAAO,YAAY,CAAA;AAAA,IACrD,UAAA,EAAY,YAAA,CAAa,MAAA,CAAO,SAAS,CAAA;AAAA,IACzC,qBAAA,EAAuB,cAAA,CAAe,MAAA,CAAO,gBAAgB,CAAA;AAAA,IAC7D,kBAAkB,MAAA,CAAO;AAAA,GAC3B;AACF;AAKO,SAAS,0BAA0B,MAAA,EAuBjB;AACvB,EAAA,OAAO;AAAA,IACL,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,YAAY,MAAA,CAAO,SAAA;AAAA,IACnB,qBAAqB,IAAI,KAAA,CAAM,sBAAsB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IAC7D,oBAAoB,IAAI,KAAA,CAAM,sBAAsB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IAC5D,mBAAmB,IAAI,KAAA,CAAM,oBAAoB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IACzD,kBAAkB,IAAI,KAAA,CAAM,oBAAoB,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,IACxD,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,oBAAoB,MAAA,CAAO,gBAAA;AAAA,IAC3B,kBAAkB,MAAA,CAAO,eAAA;AAAA,IACzB,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,oBAAoB,MAAA,CAAO,gBAAA;AAAA,IAC3B,kBAAkB,MAAA,CAAO,eAAA;AAAA,IACzB,gBAAgB,MAAA,CAAO,aAAA;AAAA,IACvB,aAAa,MAAA,CAAO,UAAA;AAAA,IACpB,eAAe,MAAA,CAAO,YAAA;AAAA,IACtB,cAAA,EAAgB,YAAA,CAAa,MAAA,CAAO,eAAe,CAAA;AAAA,IACnD,YAAA,EAAc,YAAA,CAAa,MAAA,CAAO,aAAa,CAAA;AAAA,IAC/C,iBAAA,EAAmB,cAAA,CAAe,MAAA,CAAO,YAAY,CAAA;AAAA,IACrD,yBAAyB,MAAA,CAAO,oBAAA;AAAA,IAChC,yBAAyB,MAAA,CAAO;AAAA,GAClC;AACF","file":"chunk-3YZSIYJC.cjs","sourcesContent":["/**\n * STARK Utilities — Amount scaling, witness building, Fiat-Shamir\n *\n * These functions must produce identical outputs to the Rust Stwo prover\n * (stwo-prover/src/) and the Solidity verifier.\n *\n * M31 field: p = 2^31 - 1 = 2,147,483,647\n * Amount precision: 0.001 tokens (1e15 wei scale factor)\n */\n\nimport type { Address, Hex } from 'viem'\nimport { keccak256, encodePacked, pad, numberToHex } from 'viem'\nimport { M31_P, SECRET_LIMBS } from './keccak-m31.js'\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** Matches Solidity STARK_AMOUNT_SCALE = 1e15 */\nexport const STARK_AMOUNT_SCALE = 10n ** 15n\n\n/** State tree depth (Merkle tree for commitments) */\nexport const STARK_STATE_TREE_DEPTH = 32\n\n/** ASP tree depth */\nexport const STARK_ASP_TREE_DEPTH = 20\n\n// ============================================================================\n// Amount Scaling\n// ============================================================================\n\n/** Check if a wei amount is STARK-scale aligned and fits in M31. */\nexport function isStarkAligned(amount: bigint): boolean {\n  if (amount <= 0n) return false\n  const scaled = amount / STARK_AMOUNT_SCALE\n  return scaled * STARK_AMOUNT_SCALE === amount && scaled < M31_P\n}\n\n/**\n * Scale a wei amount down for the STARK circuit.\n * Precision: 0.001 tokens (1e15 wei). Max: ~2.1M tokens.\n *\n * @returns The scaled amount as a number (fits in M31)\n * @throws If not aligned to STARK_AMOUNT_SCALE or exceeds M31\n */\nexport function scaleAmountForStark(weiAmount: bigint): number {\n  const scaled = weiAmount / STARK_AMOUNT_SCALE\n  if (scaled * STARK_AMOUNT_SCALE !== weiAmount) {\n    throw new Error(`Amount ${weiAmount} not aligned to STARK scale (${STARK_AMOUNT_SCALE})`)\n  }\n  if (scaled >= M31_P) {\n    throw new Error(`Scaled amount ${scaled} exceeds M31 max (${M31_P})`)\n  }\n  return Number(scaled)\n}\n\n/** Truncate a bigint to fit in M31 (modular reduction). */\nexport function truncateToM31(value: bigint): number {\n  return Number(value % M31_P)\n}\n\n// ============================================================================\n// Field Conversions\n// ============================================================================\n\n/** Convert an Ethereum address to an M31 field element (truncated). */\nexport function addressToM31(addr: Address): number {\n  return Number(BigInt(addr) % M31_P)\n}\n\n/**\n * Split a 254-bit spending secret into 8 M31 limbs (248 bits of entropy).\n *\n * Each limb holds 31 bits (reduced mod M31_P). The secret is split\n * little-endian: limb[0] = lowest 31 bits, limb[7] = highest bits.\n *\n * This matches the Rust prover's expectation of `[M31; 8]` for owner_secret.\n */\nexport function splitSecretToM31Limbs(secret: bigint): number[] {\n  const limbs: number[] = []\n  let remaining = secret\n  for (let i = 0; i < SECRET_LIMBS; i++) {\n    limbs.push(Number(remaining % M31_P))\n    remaining = remaining / M31_P\n  }\n  return limbs\n}\n\n/**\n * Pack an M31 digest (4 M31 elements) into a uint128 for Solidity.\n * Each element occupies 32 bits (little-endian packing).\n */\nexport function packM31Digest(digest: [number, number, number, number]): bigint {\n  return BigInt(digest[0])\n    | (BigInt(digest[1]) << 32n)\n    | (BigInt(digest[2]) << 64n)\n    | (BigInt(digest[3]) << 96n)\n}\n\n// ============================================================================\n// Fiat-Shamir Public Input Seeds\n// ============================================================================\n\n/**\n * Compute the Fiat-Shamir public inputs seed for a STARK withdrawal.\n * Must produce the same hash as Solidity and Rust.\n */\nexport function computeWithdrawPublicInputsSeed(params: {\n  nullifier: Hex\n  stateRoot: bigint\n  aspRoot: bigint\n  aspId: bigint\n  token: Address\n  amount: bigint\n  recipient: Address\n  isRagequit: boolean\n}): Hex {\n  return keccak256(\n    encodePacked(\n      ['bytes32', 'uint256', 'uint256', 'uint256', 'address', 'uint256', 'address', 'bool'],\n      [\n        params.nullifier,\n        params.stateRoot,\n        params.aspRoot,\n        params.aspId,\n        params.token,\n        params.amount,\n        params.recipient,\n        params.isRagequit,\n      ],\n    ),\n  )\n}\n\n/**\n * Compute the Fiat-Shamir public inputs seed for a STARK transfer.\n * Must produce the same hash as Solidity and Rust.\n */\nexport function computeTransferPublicInputsSeed(params: {\n  nullifier: Hex\n  stateRoot: bigint\n  aspRoot: bigint\n  token: Address\n  outputCommitment1: Hex\n  outputCommitment2: Hex\n}): Hex {\n  return keccak256(\n    encodePacked(\n      ['bytes32', 'uint256', 'uint256', 'address', 'bytes32', 'bytes32'],\n      [\n        params.nullifier,\n        params.stateRoot,\n        params.aspRoot,\n        params.token,\n        params.outputCommitment1,\n        params.outputCommitment2,\n      ],\n    ),\n  )\n}\n\n// ============================================================================\n// Witness Types\n// ============================================================================\n\n/**\n * Witness inputs for the STARK withdrawal prover.\n * All numeric values are u32 (must fit in M31 field, i.e. < 2^31 - 1).\n * Hex string fields are for Fiat-Shamir seed binding.\n */\nexport interface StarkWithdrawWitness {\n  owner_secret: number[]\n  input_amount: number\n  input_blinding: number\n  input_origin: number\n  token: number\n  leaf_index: number\n  state_path_elements: number[]\n  state_path_indices: number[]\n  asp_path_elements: number[]\n  asp_path_indices: number[]\n  withdraw_amount: number\n  change_amount: number\n  change_blinding: number\n  recipient: number\n  is_ragequit: number\n  // Ethereum-native hex values for Fiat-Shamir seed binding\n  nullifier_hex: string\n  state_root_hex: string\n  asp_root_hex: string\n  asp_id_hex: string\n  token_address_hex: string\n  amount_hex: string\n  recipient_address_hex: string\n  is_ragequit_bool: boolean\n}\n\n/**\n * Witness inputs for the STARK transfer prover (1-in-2-out).\n * All numeric values are u32 (must fit in M31 field).\n */\nexport interface StarkTransferWitness {\n  owner_secret: number[]\n  input_amount: number\n  input_blinding: number\n  input_origin: number\n  token: number\n  leaf_index: number\n  state_path_elements: number[]\n  state_path_indices: number[]\n  asp_path_elements: number[]\n  asp_path_indices: number[]\n  // Output 1\n  output1_amount: number\n  output1_owner_hash: [number, number, number, number]\n  output1_blinding: number\n  output1_origin: number\n  // Output 2\n  output2_amount: number\n  output2_owner_hash: [number, number, number, number]\n  output2_blinding: number\n  output2_origin: number\n  // Ragequit flag\n  is_ragequit: number\n  // Ethereum-native hex values for Fiat-Shamir seed binding\n  nullifier_hex: string\n  state_root_hex: string\n  asp_root_hex: string\n  token_address_hex: string\n  output_commitment_1_hex: string\n  output_commitment_2_hex: string\n}\n\n// ============================================================================\n// Witness Builders\n// ============================================================================\n\nfunction toBytes32Hex(value: bigint | Hex): string {\n  if (typeof value === 'bigint') {\n    return pad(numberToHex(value), { size: 32 })\n  }\n  return value as string\n}\n\nfunction toAddress20Hex(addr: Address): string {\n  return addr.toLowerCase()\n}\n\n/**\n * Build a complete STARK withdrawal witness from note data.\n */\nexport function buildStarkWithdrawWitness(params: {\n  ownerSecret: number[]\n  inputAmount: number\n  inputBlinding: number\n  inputOrigin: number\n  token: number\n  leafIndex: number\n  withdrawAmount: number\n  changeAmount: number\n  changeBlinding: number\n  recipient: number\n  isRagequit: number\n  // Full Ethereum values for seed binding\n  nullifierHex: Hex\n  stateRootBigInt: bigint\n  aspRootBigInt: bigint\n  aspIdBigInt: bigint\n  tokenAddress: Address\n  amountWei: bigint\n  recipientAddress: Address\n  isRagequitBool: boolean\n}): StarkWithdrawWitness {\n  return {\n    owner_secret: params.ownerSecret,\n    input_amount: params.inputAmount,\n    input_blinding: params.inputBlinding,\n    input_origin: params.inputOrigin,\n    token: params.token,\n    leaf_index: params.leafIndex,\n    state_path_elements: new Array(STARK_STATE_TREE_DEPTH).fill(0),\n    state_path_indices: new Array(STARK_STATE_TREE_DEPTH).fill(0),\n    asp_path_elements: new Array(STARK_ASP_TREE_DEPTH).fill(0),\n    asp_path_indices: new Array(STARK_ASP_TREE_DEPTH).fill(0),\n    withdraw_amount: params.withdrawAmount,\n    change_amount: params.changeAmount,\n    change_blinding: params.changeBlinding,\n    recipient: params.recipient,\n    is_ragequit: params.isRagequit,\n    nullifier_hex: params.nullifierHex,\n    state_root_hex: toBytes32Hex(params.stateRootBigInt),\n    asp_root_hex: toBytes32Hex(params.aspRootBigInt),\n    asp_id_hex: toBytes32Hex(params.aspIdBigInt),\n    token_address_hex: toAddress20Hex(params.tokenAddress),\n    amount_hex: toBytes32Hex(params.amountWei),\n    recipient_address_hex: toAddress20Hex(params.recipientAddress),\n    is_ragequit_bool: params.isRagequitBool,\n  }\n}\n\n/**\n * Build a complete STARK transfer witness (1-in-2-out).\n */\nexport function buildStarkTransferWitness(params: {\n  ownerSecret: number[]\n  inputAmount: number\n  inputBlinding: number\n  inputOrigin: number\n  token: number\n  leafIndex: number\n  output1Amount: number\n  output1OwnerHash: [number, number, number, number]\n  output1Blinding: number\n  output1Origin: number\n  output2Amount: number\n  output2OwnerHash: [number, number, number, number]\n  output2Blinding: number\n  output2Origin: number\n  isRagequit: number\n  // Full Ethereum values for seed binding\n  nullifierHex: Hex\n  stateRootBigInt: bigint\n  aspRootBigInt: bigint\n  tokenAddress: Address\n  outputCommitment1Hex: Hex\n  outputCommitment2Hex: Hex\n}): StarkTransferWitness {\n  return {\n    owner_secret: params.ownerSecret,\n    input_amount: params.inputAmount,\n    input_blinding: params.inputBlinding,\n    input_origin: params.inputOrigin,\n    token: params.token,\n    leaf_index: params.leafIndex,\n    state_path_elements: new Array(STARK_STATE_TREE_DEPTH).fill(0),\n    state_path_indices: new Array(STARK_STATE_TREE_DEPTH).fill(0),\n    asp_path_elements: new Array(STARK_ASP_TREE_DEPTH).fill(0),\n    asp_path_indices: new Array(STARK_ASP_TREE_DEPTH).fill(0),\n    output1_amount: params.output1Amount,\n    output1_owner_hash: params.output1OwnerHash,\n    output1_blinding: params.output1Blinding,\n    output1_origin: params.output1Origin,\n    output2_amount: params.output2Amount,\n    output2_owner_hash: params.output2OwnerHash,\n    output2_blinding: params.output2Blinding,\n    output2_origin: params.output2Origin,\n    is_ragequit: params.isRagequit,\n    nullifier_hex: params.nullifierHex,\n    state_root_hex: toBytes32Hex(params.stateRootBigInt),\n    asp_root_hex: toBytes32Hex(params.aspRootBigInt),\n    token_address_hex: toAddress20Hex(params.tokenAddress),\n    output_commitment_1_hex: params.outputCommitment1Hex,\n    output_commitment_2_hex: params.outputCommitment2Hex,\n  }\n}\n"]}

package/dist/{chunk-43U5RGYE.cjs → chunk-4N5BH43P.cjs}

@@ -1004,5 +1004,5 @@ exports.makeRpcIndexer = makeRpcIndexer;
 exports.matchesSearchTag = matchesSearchTag;
 exports.tryDecryptNote = tryDecryptNote;
 exports.unpackNoteData = unpackNoteData;
-//# sourceMappingURL=chunk-43U5RGYE.cjs.map
-//# sourceMappingURL=chunk-43U5RGYE.cjs.map
+//# sourceMappingURL=chunk-4N5BH43P.cjs.map
+//# sourceMappingURL=chunk-4N5BH43P.cjs.map