@permissionless-technologies/upp-sdk 0.4.21 → 0.4.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. package/README.md +7 -3
  2. package/dist/chunk-2BSIUEPO.js +343 -0
  3. package/dist/chunk-2BSIUEPO.js.map +1 -0
  4. package/dist/{chunk-V6MW5VOF.cjs → chunk-632LPXPX.cjs} +4 -4
  5. package/dist/{chunk-V6MW5VOF.cjs.map → chunk-632LPXPX.cjs.map} +1 -1
  6. package/dist/{chunk-ND56VNCF.js → chunk-D4VCRPKS.js} +2 -2
  7. package/dist/{chunk-ND56VNCF.js.map → chunk-D4VCRPKS.js.map} +1 -1
  8. package/dist/{chunk-YHBUCKVS.cjs → chunk-DYSU7JYL.cjs} +23 -23
  9. package/dist/{chunk-YHBUCKVS.cjs.map → chunk-DYSU7JYL.cjs.map} +1 -1
  10. package/dist/{chunk-RYEYGGE7.cjs → chunk-IX7HV5TE.cjs} +18 -5
  11. package/dist/chunk-IX7HV5TE.cjs.map +1 -0
  12. package/dist/{chunk-5H27F6W6.cjs → chunk-IYRCJAME.cjs} +13 -9
  13. package/dist/chunk-IYRCJAME.cjs.map +1 -0
  14. package/dist/{chunk-KRLRJ3HN.js → chunk-KR4GB6VC.js} +18 -5
  15. package/dist/chunk-KR4GB6VC.js.map +1 -0
  16. package/dist/{chunk-C7DUABSG.js → chunk-Q6BLTPWV.js} +13 -9
  17. package/dist/chunk-Q6BLTPWV.js.map +1 -0
  18. package/dist/{chunk-7VPW5T5R.js → chunk-UMWY4ICQ.js} +3 -3
  19. package/dist/{chunk-7VPW5T5R.js.map → chunk-UMWY4ICQ.js.map} +1 -1
  20. package/dist/{chunk-PZAV2S5E.cjs → chunk-UYPIWBKM.cjs} +2 -2
  21. package/dist/{chunk-PZAV2S5E.cjs.map → chunk-UYPIWBKM.cjs.map} +1 -1
  22. package/dist/chunk-VVW5VVY3.cjs +347 -0
  23. package/dist/chunk-VVW5VVY3.cjs.map +1 -0
  24. package/dist/{chunk-OLJFKARA.js → chunk-XDWRMHLY.js} +15 -15
  25. package/dist/{chunk-OLJFKARA.js.map → chunk-XDWRMHLY.js.map} +1 -1
  26. package/dist/core/index.cjs +80 -67
  27. package/dist/core/index.d.cts +2 -2
  28. package/dist/core/index.d.ts +2 -2
  29. package/dist/core/index.js +5 -4
  30. package/dist/core/proof-worker-entry.cjs +8 -8
  31. package/dist/core/proof-worker-entry.cjs.map +1 -1
  32. package/dist/core/proof-worker-entry.js +8 -8
  33. package/dist/core/proof-worker-entry.js.map +1 -1
  34. package/dist/{index-PgqOAfcc.d.cts → index-AooYZ0kF.d.cts} +1 -1
  35. package/dist/{index-DsXMd8zh.d.ts → index-CpfUNGm9.d.ts} +1 -1
  36. package/dist/{index-DmowSsZb.d.ts → index-De5B4r0l.d.ts} +9 -3
  37. package/dist/{index-DcfqeWvk.d.cts → index-hNuffoCo.d.cts} +9 -3
  38. package/dist/index.cjs +88 -75
  39. package/dist/index.cjs.map +1 -1
  40. package/dist/index.d.cts +3 -3
  41. package/dist/index.d.ts +3 -3
  42. package/dist/index.js +6 -5
  43. package/dist/index.js.map +1 -1
  44. package/dist/indexer/index.cjs +6 -6
  45. package/dist/indexer/index.d.cts +5 -5
  46. package/dist/indexer/index.d.ts +5 -5
  47. package/dist/indexer/index.js +1 -1
  48. package/dist/{proof-VINVGL4F.cjs → proof-X3MVQFFZ.cjs} +14 -13
  49. package/dist/{proof-VINVGL4F.cjs.map → proof-X3MVQFFZ.cjs.map} +1 -1
  50. package/dist/{proof-XQG5DN5N.js → proof-YMXBL4D5.js} +4 -3
  51. package/dist/{proof-XQG5DN5N.js.map → proof-YMXBL4D5.js.map} +1 -1
  52. package/dist/react/index.cjs +123 -39
  53. package/dist/react/index.cjs.map +1 -1
  54. package/dist/react/index.d.cts +44 -6
  55. package/dist/react/index.d.ts +44 -6
  56. package/dist/react/index.js +90 -18
  57. package/dist/react/index.js.map +1 -1
  58. package/dist/{transfer-Cqg235q6.d.ts → transfer-BGzySIhC.d.ts} +124 -5
  59. package/dist/{transfer-B4q3ZTJK.d.cts → transfer-BhB-UuBP.d.cts} +124 -5
  60. package/dist/{transfer-7IFAXV5K.cjs → transfer-H6UWWUSN.cjs} +11 -10
  61. package/dist/{transfer-7IFAXV5K.cjs.map → transfer-H6UWWUSN.cjs.map} +1 -1
  62. package/dist/{transfer-FWCRUWWM.js → transfer-MLVRASM3.js} +5 -4
  63. package/dist/{transfer-FWCRUWWM.js.map → transfer-MLVRASM3.js.map} +1 -1
  64. package/package.json +1 -1
  65. package/src/deployments/11155111.json +12 -12
  66. package/dist/chunk-5H27F6W6.cjs.map +0 -1
  67. package/dist/chunk-C7DUABSG.js.map +0 -1
  68. package/dist/chunk-KRLRJ3HN.js.map +0 -1
  69. package/dist/chunk-RYEYGGE7.cjs.map +0 -1
package/dist/{chunk-YHBUCKVS.cjs.map → chunk-DYSU7JYL.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/deployments/31337.json","../src/deployments/11155111.json","../src/deployments/index.ts","../src/core/transfer.ts"],"names":["__default","init_poseidon","STATE_TREE_DEPTH","ASP_TREE_DEPTH","buildMerkleTree","poseidon","computeOwnerHash","computeNoteCommitment","generateASPProof","DEMO_ASP_ID","generateUPPProof","formatPlonkProofForContract","toHex"],"mappings":";;;;;;;;;AAAA,IAAA,SAAA,GAAA;AAAA,EACE,oBAAA,EAAwB,4CAAA;AAAA,EACxB,cAAA,EAAkB,4CAAA;AAAA,EAClB,SAAA,EAAa,4CAAA;AAAA,EACb,UAAA,EAAc,4CAAA;AAAA,EACd,SAAA,EAAa;AAAA,IACX,gBAAA,EAAoB,4CAAA;AAAA,IACpB,aAAA,EAAiB,4CAAA;AAAA,IACjB,gBAAA,EAAoB,4CAAA;AAAA,IACpB,iBAAA,EAAqB,4CAAA;AAAA,IACrB,wBAAA,EAA4B,4CAAA;AAAA,IAC5B,wBAAA,EAA4B;AAAA,GAC9B;AAAA,EACA,cAAA,EAAkB;AAAA,IAChB,mBAAA,EAAuB;AAAA,GACzB;AAAA,EACA,WAAA,EAAe,CAAA;AAAA,EACf,eAAA,EAAmB;AACrB,CAAA;;;AClBA,IAAAA,UAAAA,GAAA;AAAA,EACE,oBAAA,EAAwB,4CAAA;AAAA,EACxB,cAAA,EAAkB,4CAAA;AAAA,EAClB,SAAA,EAAa,4CAAA;AAAA,EACb,UAAA,EAAc,4CAAA;AAAA,EACd,SAAA,EAAa;AAAA,IACX,gBAAA,EAAoB,4CAAA;AAAA,IACpB,aAAA,EAAiB,4CAAA;AAAA,IACjB,gBAAA,EAAoB,4CAAA;AAAA,IACpB,iBAAA,EAAqB,4CAAA;AAAA,IACrB,wBAAA,EAA4B,4CAAA;AAAA,IAC5B,wBAAA,EAA4B;AAAA,GAC9B;AAAA,EACA,cAAA,EAAkB;AAAA,IAChB,mBAAA,EAAuB;AAAA,GACzB;AAAA,EACA,WAAA,EAAe,QAAA;AAAA,EACf,eAAA,EAAmB,aAIrB,CAAA;;;AC0DA,SAAS,eAAA,CACP,MACA,OAAA,EACkB;AAClB,EAAA,OAAO;AAAA,IACL,sBAAsB,IAAA,CAAK,oBAAA;AAAA,IAC3B,gBAAgB,IAAA,CAAK,cAAA;AAAA,IACrB,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,YAAY,IAAA,CAAK,UAAA;AAAA,IACjB,SAAA,EAAW;AAAA,MACT,gBAAA,EAAkB,KAAK,SAAA,CAAU,gBAAA;AAAA,MACjC,aAAA,EAAe,KAAK,SAAA,CAAU,aAAA;AAAA,MAC9B,gBAAA,EAAkB,KAAK,SAAA,CAAU,gBAAA;AAAA,MACjC,iBAAA,EAAmB,KAAK,SAAA,CAAU,iBAAA;AAAA,MAClC,wBAAA,EAA0B,KAAK,SAAA,CAC5B,wBAAA;AAAA,MACH,wBAAA,EAA0B,KAAK,SAAA,CAC5B;AAAA,KACL;AAAA,IACA,cAAA,EAAgB,KAAK,cAAA,GACjB;AAAA,MACE,mBAAA,EAAqB,KAAK,cAAA,CACvB;AAAA,KACL,GACA,MAAA;AAAA,IACJ,OAAA;AAAA,IACA,aAAa,IAAA,CAAK,WAAA;AAAA,IAClB,iBAAiB,IAAA,CAAK;AAAA,GACxB;AACF;AAOA,IAAM,WAAA,GAAgD;AAAA,EACpD,KAAA,EAAO,eAAA,CAAgB,SAAA,EAAoC,KAAK,CAAA;AAAA,EAChE,QAAA,EAAU,eAAA,CAAgBA,UAAAA,EAAsC,QAAQ;AAC1E,CAAA;AAgBO,SAAS,cAAc,OAAA,EAA0C;AACtE,EAAA,OAAO,WAAA,CAAY,OAAO,CAAA,IAAK,IAAA;AACjC;AASO,SAAS,qBAAqB,OAAA,EAAmC;AACtE,EAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,8BAAA,EAAiC,OAAO,CAAA,oBAAA,EACjB,MAAA,CAAO,KAAK,WAAW,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC5D;AAAA,EACF;AACA,EAAA,OAAO,UAAA;AACT;AAKO,SAAS,cAAc,OAAA,EAA0B;AACtD,EAAA,OAAO,OAAA,IAAW,WAAA;AACpB;AAKO,SAAS,oBAAA,GAAiC;AAC/C,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAI,MAAM,CAAA;AAC5C;AAKO,SAAS,gBAAgB,OAAA,EAAiC;AAC/D,EAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,EAAA,IAAI,CAAC,YAAY,OAAO,IAAA;AACxB,EAAA,OAAO,WAAW,SAAA,IAAa,IAAA;AACjC;AAmBO,SAAS,kBAAA,CAAmB,SAAiB,MAAA,EAAgC;AAClF,EAAA,WAAA,CAAY,OAAO,CAAA,GAAI,EAAE,GAAG,QAAQ,OAAA,EAAQ;AAC9C;;;AC5LAC,+BAAA,EAAA;AAiHA,IAAM,cAAA,GAAiB,KAAA;AAQvB,SAAS,mBAAA,CAAuB,KAAU,QAAA,EAAkB;AAC1D,EAAA,IAAI,GAAA,CAAI,UAAUC,kCAAA,EAAkB;AAClC,IAAA,OAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAGA,kCAAgB,CAAA;AAAA,EACtC;AACA,EAAA,OAAO,CAAC,GAAG,GAAA,EAAK,GAAG,KAAA,CAAMA,kCAAA,GAAmB,GAAA,CAAI,MAAM,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAC,CAAA;AACxE;AAQA,SAAS,iBAAA,CAAqB,KAAU,QAAA,EAAkB;AACxD,EAAA,IAAI,GAAA,CAAI,UAAUC,gCAAA,EAAgB;AAChC,IAAA,OAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAGA,gCAAc,CAAA;AAAA,EACpC;AACA,EAAA,OAAO,CAAC,GAAG,GAAA,EAAK,GAAG,KAAA,CAAMA,gCAAA,GAAiB,GAAA,CAAI,MAAM,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAC,CAAA;AACtE;AAOA,IAAM,yBAAA,GAA4B;AAAA,EAChC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,oBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,YAAA,EAAc,SAAS,IAAA,EAAK;AAAA,IACrD,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,WAAA,EAAY;AAAA,IACrC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,WAAA;AAAY;AAEzC,CAAA;AAaA,eAAsB,cAAA,CACpB,cACA,eAAA,EACyE;AACzE,EAAA,MAAM,YAAA,GAAe,MAAM,YAAA,CAAa,cAAA,EAAe;AACvD,EAAA,MAAM,OAAA,GAAU,MAAM,YAAA,CAAa,UAAA,EAAW;AAK9C,EAAA,IAAI,iBAAwB,EAAC;AAE7B,EAAA,IAAI,YAAY,KAAA,EAAO;AAErB,IAAA,cAAA,GAAiB,MAAM,aAAa,OAAA,CAAQ;AAAA,MAC1C,OAAA,EAAS,eAAA;AAAA,MACT,KAAA,EAAO,yBAAA;AAAA,MACP,SAAA,EAAW;AAAA,KACZ,CAAA;AAAA,EACH,CAAA,MAAO;AAEL,IAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,IAAA,IAAI,YAAY,UAAA,EAAY,WAAA,GAAc,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA,GAAI,EAAA;AAC3E,IAAA,OAAA,CAAQ,IAAI,CAAA,uBAAA,EAA0B,OAAO,yBAAyB,SAAS,CAAA,IAAA,EAAO,YAAY,CAAA,CAAE,CAAA;AAEpG,IAAA,OAAO,aAAa,YAAA,EAAc;AAChC,MAAA,MAAM,OAAA,GACJ,SAAA,GAAY,cAAA,GAAiB,YAAA,GAAe,eAAe,SAAA,GAAY,cAAA;AACzE,MAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,OAAA,CAAQ;AAAA,QACvC,OAAA,EAAS,eAAA;AAAA,QACT,KAAA,EAAO,yBAAA;AAAA,QACP,SAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,cAAA,GAAiB,cAAA,CAAe,OAAO,KAAK,CAAA;AAC5C,MAAA,SAAA,GAAY,OAAA,GAAU,EAAA;AAAA,IACxB;AAAA,EACF;AAGA,EAAA,cAAA,CAAe,IAAA,CAAK,CAAC,CAAA,EAAQ,CAAA,KAAW;AACtC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,CAAA,CAAE,IAAA,CAAK,SAAU,CAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,CAAA,CAAE,IAAA,CAAK,SAAU,CAAA;AACrC,IAAA,OAAO,IAAA,GAAO,IAAA;AAAA,EAChB,CAAC,CAAA;AAGD,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,KAAA,MAAW,OAAO,cAAA,EAAgB;AAChC,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,GAAA,CAAI,IAAA,CAAK,SAAU,CAAA;AAC5C,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,IAAA,CAAK,UAAW,CAAA;AAE9C,IAAA,IAAI,MAAA,CAAO,WAAW,SAAA,EAAW;AAC/B,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN,CAAA,6CAAA,EAAgD,MAAA,CAAO,MAAM,CAAA,eAAA,EAAkB,SAAS,CAAA,2CAAA;AAAA,OAE1F;AAAA,IACF;AACA,IAAA,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,EACxB;AAEA,EAAA,MAAM,IAAA,GAAOC,kCAAgB,MAAM,CAAA;AAGnC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,OAAA,EAAQ;AACnC,EAAA,MAAM,WAAA,GAAe,MAAM,YAAA,CAAa,YAAA,CAAa;AAAA,IACnD,OAAA,EAAS,eAAA;AAAA,IACT,GAAA,EAAK;AAAA,MACH;AAAA,QACE,IAAA,EAAM,UAAA;AAAA,QACN,IAAA,EAAM,eAAA;AAAA,QACN,QAAQ,EAAC;AAAA,QACT,OAAA,EAAS,CAAC,EAAE,IAAA,EAAM,WAAW,CAAA;AAAA,QAC7B,eAAA,EAAiB;AAAA;AACnB,KACF;AAAA,IACA,YAAA,EAAc;AAAA,GACf,CAAA;AAED,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,+BAAA,EAAkC,MAAA,CAAO,MAAM,CAAA,CAAE,CAAA;AAC7D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,6BAAA,EAAgC,IAAA,CAAK,KAAK,CAAA,CAAE,CAAA;AACxD,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oCAAA,EAAuC,OAAO,CAAA,CAAE,CAAA;AAC5D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,gCAAA,EAAmC,WAAW,CAAA,CAAE,CAAA;AAC5D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8BAAA,EAAiC,OAAA,KAAY,WAAW,CAAA,CAAE,CAAA;AAEtE,EAAA,IAAI,YAAY,WAAA,EAAa;AAC3B,IAAA,OAAA,CAAQ,IAAI,CAAA,wCAAA,CAA0C,CAAA;AACtD,IAAA,OAAA,CAAQ,GAAA;AAAA,MACN,CAAA,wBAAA,CAAA;AAAA,MACA,MAAA,CAAO,IAAI,CAAC,CAAA,KAAM,OAAO,CAAA,CAAE,QAAA,CAAS,EAAE,CAAC;AAAA,KACzC;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AACxB;AAUA,eAAsB,uBAAA,CACpB,KAAA,EACA,MAAA,EACA,IAAA,EACgC;AAChC,EAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,uBAAoB,CAAA;AAC/D,EAAA,MAAM,SAAgC,EAAC;AAEvC,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAC3C,IAAA,MAAM,YAAY,MAAA,CAAO,SAAA,CAAU,CAAC,CAAA,KAAM,MAAM,YAAY,CAAA;AAE5D,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,2CAAA,EAA8C,IAAA,CAAK,UAAU,CAAA,CAAE,CAAA;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,qDAAA,EAAwD,YAAY,CAAA,CAAE,CAAA;AAClF,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8CAAA,EAAiD,SAAS,CAAA,CAAE,CAAA;AACxE,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,mDAAA,EAAsD,IAAA,CAAK,SAAS,CAAA,CAAE,CAAA;AAElF,IAAA,IAAI,cAAc,EAAA,EAAI;AACpB,MAAA,OAAA,CAAQ,GAAA,CAAI,6CAA6C,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,EAAU,CAAC,CAAA;AACxF,MAAA,MAAM,IAAI,MAAM,CAAA,KAAA,EAAQ,IAAA,CAAK,WAAW,KAAA,CAAM,CAAA,EAAG,EAAE,CAAC,CAAA,sBAAA,CAAwB,CAAA;AAAA,IAC9E;AAEA,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,SAAS,CAAA;AAE3C,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,sCAAA,EAAyC,KAAA,CAAM,IAAI,CAAA,CAAE,CAAA;AACjE,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,2CAAA,EAA8C,KAAA,CAAM,SAAS,CAAA,CAAE,CAAA;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,uCAAA,CAAA,EAA2C,KAAA,CAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,EAAU,CAAC,CAAA;AAClG,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,sCAAA,CAAA,EAA0C,KAAA,CAAM,WAAW,CAAA;AAGvE,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,YAAA,EAAc,KAAK,CAAA;AAC3D,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oDAAA,EAAuD,OAAO,CAAA,CAAE,CAAA;AAE5E,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAA,CAAQ,MAAM,CAAA,2DAAA,CAA6D,CAAA;AAAA,IAC7E;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK,EAAE,KAAA,EAAO,IAAA,EAAM,EAAE,GAAG,IAAA,EAAM,SAAA,EAAU,EAAG,CAAA;AAAA,EACrD;AAEA,EAAA,OAAO,MAAA;AACT;AAgBA,eAAsB,gBAAA,CACpB,WAAA,EACA,SAAA,EACA,UAAA,EACiB;AACjB,EAAA,OAAO,MAAMC,2BAAS,CAAC,WAAA,EAAa,OAAO,SAAS,CAAA,EAAG,UAAU,CAAC,CAAA;AACpE;AAkBA,eAAsB,6BAAA,CACpB,SAAA,EACA,QAAA,EACA,aAAA,EACA,UAAA,EACmC;AACnC,EAAA,MAAM,EAAE,KAAA,EAAO,IAAA,EAAK,GAAI,SAAA;AAGxB,EAAA,MAAM,cAAA,GAAiBC,kCAAA,CAAkB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAC,CAAA;AAIjE,EAAA,MAAM,oBAAA,GAAuBC,uCAAA;AAAA,IAC3B,IAAA,CAAK,MAAA;AAAA,IACL,cAAA;AAAA,IACA,IAAA,CAAK,QAAA;AAAA,IACL,IAAA,CAAK,MAAA;AAAA,IACL,IAAA,CAAK;AAAA,GACP;AAEA,EAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAC/C,EAAA,IAAI,yBAAyB,gBAAA,EAAkB;AAC7C,IAAA,OAAA,CAAQ,MAAM,CAAA,mDAAA,CAAqD,CAAA;AACnE,IAAA,OAAA,CAAQ,MAAM,CAAA,UAAA,EAAa,IAAA,CAAK,MAAM,CAAA,aAAA,EAAgB,cAAc,CAAA,CAAE,CAAA;AACtE,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,YAAA,EAAe,IAAA,CAAK,QAAQ,CAAA,UAAA,EAAa,KAAK,MAAM,CAAA,SAAA,EAAY,IAAA,CAAK,KAAK,CAAA,CAAE,CAAA;AAC1F,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,QAAA,EAAW,oBAAoB,CAAA,SAAA,EAAY,gBAAgB,CAAA,CAAE,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,2JAAA;AAAA,KAEF;AAAA,EACF;AAEA,EAAA,MAAM,YAAY,MAAM,gBAAA;AAAA,IACtB,MAAA,CAAO,KAAK,WAAW,CAAA;AAAA,IACvB,KAAA,CAAM,SAAA;AAAA,IACN,MAAA,CAAO,KAAK,UAAU;AAAA,GACxB;AAEA,EAAA,OAAO;AAAA;AAAA,IAEL,SAAA,EAAW,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAAA,IAC5B,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,OAAO,CAAA;AAAA,IAChC,SAAA,EAAW,OAAO,SAAS,CAAA;AAAA,IAC3B,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,UAAU,CAAA;AAAA,IAClD,iBAAA,EAAmB,MAAA,CAAO,UAAA,CAAW,UAAU,CAAA;AAAA,IAC/C,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA;AAAA,IAGxB,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,kBAAA,EAAoB,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,WAAW,CAAC,CAAA;AAAA,IACnD,aAAA,EAAe,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,IACnC,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,cAAA,EAAgB,MAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AAAA,IACtC,iBAAA,EAAmB,mBAAA,CAAoB,KAAA,CAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA,KAAM,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,GAAG,CAAA;AAAA,IACpF,kBAAkB,mBAAA,CAAoB,KAAA,CAAM,YAAY,GAAA,CAAI,MAAM,GAAG,GAAG,CAAA;AAAA;AAAA,IAGxE,eAAA,EAAiB,iBAAA,CAAkB,QAAA,CAAS,eAAA,CAAgB,GAAA,CAAI,CAAC,CAAA,KAAM,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,GAAG,CAAA;AAAA,IACtF,gBAAgB,iBAAA,CAAkB,QAAA,CAAS,eAAe,GAAA,CAAI,MAAM,GAAG,GAAG,CAAA;AAAA;AAAA,IAG1E,aAAA,EAAe,MAAA,CAAO,aAAA,CAAc,MAAM,CAAA;AAAA,IAC1C,gBAAA,EAAkB,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IAChD,eAAA,EAAiB,MAAA,CAAO,aAAA,CAAc,QAAQ,CAAA;AAAA,IAE9C,aAAA,EAAe,MAAA,CAAO,UAAA,CAAW,MAAM,CAAA;AAAA,IACvC,gBAAA,EAAkB,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,IAC7C,eAAA,EAAiB,MAAA,CAAO,UAAA,CAAW,QAAQ;AAAA,GAC7C;AACF;AAqBA,eAAsB,aAAA,CACpB,GAAA,EACA,YAAA,EACA,aAAA,EACA,YACA,aAAA,EAC8B;AAE9B,EAAA,aAAA,GAAgB,gBAAgB,CAAA;AAChC,EAAA,MAAM,EAAE,MAAM,MAAA,EAAO,GAAI,MAAM,cAAA,CAAe,GAAA,CAAI,YAAA,EAAc,GAAA,CAAI,eAAe,CAAA;AAGnF,EAAA,MAAM,aAAa,MAAM,uBAAA,CAAwB,CAAC,YAAY,CAAA,EAAG,QAAQ,IAAI,CAAA;AAC7E,EAAA,MAAM,SAAA,GAAY,WAAW,CAAC,CAAA;AAG9B,EAAA,MAAM,WAAW,MAAMC,kCAAA;AAAA,IACrB,IAAI,KAAA,IAASC,6BAAA;AAAA,IACb,YAAA,CAAa,MAAA;AAAA,IACb,GAAA,CAAI;AAAA,GACN;AAGA,EAAA,aAAA,GAAgB,kBAAkB,CAAA;AAElC,EAAA,MAAM,gBAAgB,MAAM,6BAAA;AAAA,IAC1B,SAAA;AAAA,IACA,QAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAMC,kCAAA;AAAA,IACtB,UAAA;AAAA,IACA,aAAA;AAAA,IACA,IAAI,cAAA,IAAkB;AAAA,GACxB;AAEA,EAAA,MAAM,cAAA,GAAiB,MAAMC,6CAAA,CAA4B,KAAK,CAAA;AAE9D,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,UAAA;AAAA,IACT,KAAA,EAAO,cAAA;AAAA,IACP,eAAe,KAAA,CAAM,aAAA;AAAA,IACrB,SAAA,EAAW,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IACzC,OAAA,EAAS,MAAA,CAAO,aAAA,CAAc,OAAO,CAAA;AAAA,IACrC,SAAA,EAAW,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IACzC,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,iBAAiB,CAAA;AAAA,IACzD,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,iBAAiB,CAAA;AAAA,IACzD,KAAA,EAAO,MAAA,CAAO,aAAA,CAAc,KAAK,CAAA;AAAA,IACjC,eAAA,EAAiB,aAAA;AAAA,IACjB,YAAA,EAAc,UAAA;AAAA,IACd,UAAA,EAAY,CAAC,YAAY;AAAA,GAC3B;AACF;AAKO,SAAS,wBAAwB,IAAA,EAKtC;AACA,EAAA,OAAO;AAAA,IACL,YAAYC,UAAA,CAAM,IAAA,CAAK,YAAY,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IAC/C,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,eAAe,IAAA,CAAK;AAAA,GACtB;AACF","file":"chunk-YHBUCKVS.cjs","sourcesContent":["{\n \"UniversalPrivatePool\": \"0x2279b7a0a67db372996a5fab50d91eaa73d2ebe6\",\n \"ASPRegistryHub\": \"0xe7f1725e7734ce288f8367e1bb143e90bb3f0512\",\n \"TestToken\": \"0x610178da211fef7d417bc0e6fed39f05609ad788\",\n \"TestToken2\": \"0xb7f8bc63bbcad18155201308c8f3540b07f84f5e\",\n \"verifiers\": {\n \"TransferVerifier\": \"0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0\",\n \"MergeVerifier\": \"0xcf7ed3acca5a467e9e704c703e8d87f634fb0fc9\",\n \"WithdrawVerifier\": \"0xdc64a140aa3e981100a9beca4e685f962f0cf6c9\",\n \"JoinSplitVerifier\": \"0x5fc8d32690cc91d4c39d9d3abcbd16989f875707\",\n \"MergeTransfer2x2Verifier\": \"0x0165878a594ca255338adfa4d48449f69242eb8f\",\n \"MergeTransfer4x2Verifier\": \"0xa513e6e4b8f2a923d98304ec87f64353c4d5c853\"\n },\n \"starkVerifiers\": {\n \"CircleStarkVerifier\": \"0x0dcd1bf9a1b36ce34237eeafef220932846bcd82\"\n },\n \"deployBlock\": 1,\n \"deployTimestamp\": 1774728354492\n}\n","{\n \"UniversalPrivatePool\": \"0x571f7feba5d25638ba4e05c59668a892ddfeaf4f\",\n \"ASPRegistryHub\": \"0xfd11c56a23314aa88dfbcc36254f33e5e8b010df\",\n \"TestToken\": \"0xace09cebc29a3f04002800aceb26931990786538\",\n \"TestToken2\": \"0x3f10afa4e15949fb36957b1ae3e3b5c93986312c\",\n \"verifiers\": {\n \"TransferVerifier\": \"0x29c822a5b740db73707ea033482cb2772e764357\",\n \"MergeVerifier\": \"0x5fbd1596811a8971be776e477759ed50063fea22\",\n \"WithdrawVerifier\": \"0x49e13844d5e39ba4777f237ffc793e0366212fdd\",\n \"JoinSplitVerifier\": \"0xd0d7200b6684c21213e27713662795ea9bdd5923\",\n \"MergeTransfer2x2Verifier\": \"0x1abf58c52ab366c5e77d7164b7e50631707f682e\",\n \"MergeTransfer4x2Verifier\": \"0x83f097a17f9d0defab6a2fe15aa96f8e8a05f0c3\"\n },\n \"starkVerifiers\": {\n \"CircleStarkVerifier\": \"0x14e8259e31ec564fe5d80680fdabe81da264baa6\"\n },\n \"deployBlock\": 10553557,\n \"deployTimestamp\": 1774873429071,\n \"proofSystem\": \"PLONK\",\n \"curve\": \"BLS12-381\",\n \"verifierType\": \"PlonkVerifierBLS12381\"\n}\n","/**\n * Deployment Configuration Loader\n *\n * Loads contract addresses based on chain ID.\n * Built-in: Anvil (31337) and Sepolia (11155111).\n * Custom chains can be registered at runtime via registerDeployment().\n */\n\nimport type { Address } from \"viem\";\n\n/**\n * Verifier contract addresses\n */\nexport interface VerifierAddresses {\n TransferVerifier: Address;\n MergeVerifier: Address;\n WithdrawVerifier: Address;\n JoinSplitVerifier?: Address;\n MergeTransfer2x2Verifier?: Address;\n MergeTransfer4x2Verifier?: Address;\n}\n\n/**\n * STARK verifier contract addresses\n */\nexport interface StarkVerifierAddresses {\n CircleStarkVerifier?: Address;\n}\n\n/**\n * Deployment configuration for a chain\n */\nexport interface DeploymentConfig {\n /** Universal Private Pool contract address */\n UniversalPrivatePool: Address;\n /** ASP Registry Hub contract address */\n ASPRegistryHub: Address;\n /** Test token address (local/testnet) */\n TestToken?: Address;\n /** Test token 2 address — bonding curve token (local/testnet) */\n TestToken2?: Address;\n /** Verifier contract addresses */\n verifiers: VerifierAddresses;\n /** STARK verifier contract addresses */\n starkVerifiers?: StarkVerifierAddresses;\n /** Chain ID */\n chainId: number;\n /** Block number when contracts were deployed (for efficient scanning) */\n deployBlock: number;\n /** Timestamp when contracts were deployed */\n deployTimestamp?: number;\n}\n\n/**\n * Raw JSON file format (without chainId, which is added dynamically)\n */\ninterface DeploymentJSON {\n UniversalPrivatePool: string;\n ASPRegistryHub: string;\n TestToken?: string;\n TestToken2?: string;\n verifiers: {\n TransferVerifier: string;\n MergeVerifier: string;\n WithdrawVerifier: string;\n JoinSplitVerifier?: string;\n MergeTransfer2x2Verifier?: string;\n MergeTransfer4x2Verifier?: string;\n };\n starkVerifiers?: {\n CircleStarkVerifier?: string;\n };\n deployBlock: number;\n deployTimestamp?: number;\n}\n\n/**\n * Parse raw deployment JSON into typed config\n */\nfunction parseDeployment(\n json: DeploymentJSON,\n chainId: number\n): DeploymentConfig {\n return {\n UniversalPrivatePool: json.UniversalPrivatePool as Address,\n ASPRegistryHub: json.ASPRegistryHub as Address,\n TestToken: json.TestToken as Address | undefined,\n TestToken2: json.TestToken2 as Address | undefined,\n verifiers: {\n TransferVerifier: json.verifiers.TransferVerifier as Address,\n MergeVerifier: json.verifiers.MergeVerifier as Address,\n WithdrawVerifier: json.verifiers.WithdrawVerifier as Address,\n JoinSplitVerifier: json.verifiers.JoinSplitVerifier as Address | undefined,\n MergeTransfer2x2Verifier: json.verifiers\n .MergeTransfer2x2Verifier as Address | undefined,\n MergeTransfer4x2Verifier: json.verifiers\n .MergeTransfer4x2Verifier as Address | undefined,\n },\n starkVerifiers: json.starkVerifiers\n ? {\n CircleStarkVerifier: json.starkVerifiers\n .CircleStarkVerifier as Address | undefined,\n }\n : undefined,\n chainId,\n deployBlock: json.deployBlock,\n deployTimestamp: json.deployTimestamp,\n };\n}\n\n// Import deployment configs\n// These will be updated by the extract-deployment.js script\nimport anvil from \"./31337.json\" with { type: \"json\" };\nimport sepolia from \"./11155111.json\" with { type: \"json\" };\n\nconst deployments: Record<number, DeploymentConfig> = {\n 31337: parseDeployment(anvil as unknown as DeploymentJSON, 31337),\n 11155111: parseDeployment(sepolia as unknown as DeploymentJSON, 11155111),\n};\n\n/**\n * Get deployment config for a chain\n *\n * @param chainId - Chain ID to get deployment for\n * @returns Deployment config or null if not found\n *\n * @example\n * ```ts\n * const deployment = getDeployment(31337)\n * if (deployment) {\n * console.log('Pool address:', deployment.UniversalPrivatePool)\n * }\n * ```\n */\nexport function getDeployment(chainId: number): DeploymentConfig | null {\n return deployments[chainId] ?? null;\n}\n\n/**\n * Get deployment config or throw if not found\n *\n * @param chainId - Chain ID to get deployment for\n * @returns Deployment config\n * @throws Error if deployment not found\n */\nexport function getDeploymentOrThrow(chainId: number): DeploymentConfig {\n const deployment = getDeployment(chainId);\n if (!deployment) {\n throw new Error(\n `No deployment found for chain ${chainId}. ` +\n `Supported chains: ${Object.keys(deployments).join(\", \")}`\n );\n }\n return deployment;\n}\n\n/**\n * Check if a chain has a deployment\n */\nexport function hasDeployment(chainId: number): boolean {\n return chainId in deployments;\n}\n\n/**\n * Get all supported chain IDs\n */\nexport function getSupportedChainIds(): number[] {\n return Object.keys(deployments).map(Number);\n}\n\n/**\n * Get the token address for a chain\n */\nexport function getTokenAddress(chainId: number): Address | null {\n const deployment = getDeployment(chainId);\n if (!deployment) return null;\n return deployment.TestToken ?? null;\n}\n\n/**\n * Register a deployment for a custom chain at runtime.\n *\n * Use this when deploying your own pool on a chain not built into the SDK.\n * Overrides any existing deployment for the same chainId.\n *\n * @example\n * ```ts\n * registerDeployment(8453, {\n * UniversalPrivatePool: '0x...',\n * ASPRegistryHub: '0x...',\n * verifiers: { TransferVerifier: '0x...', MergeVerifier: '0x...', WithdrawVerifier: '0x...' },\n * chainId: 8453,\n * deployBlock: 12345678,\n * })\n * ```\n */\nexport function registerDeployment(chainId: number, config: DeploymentConfig): void {\n deployments[chainId] = { ...config, chainId };\n}\n","/**\n * Transfer Module\n *\n * Core logic for building and executing UPP transfers.\n * This module is framework-agnostic (no React).\n */\n\nimport { toHex, type Address, type Hex, type PublicClient } from 'viem'\nimport { getDeployment } from '../deployments/index.js'\nimport { buildMerkleTree, type MerkleProof } from '../utils/merkle.js'\nimport { poseidon, computeOwnerHash as poseidonOwnerHash, computeNoteCommitment } from '../utils/poseidon.js'\nimport {\n generateUPPProof,\n formatPlonkProofForContract,\n STATE_TREE_DEPTH,\n ASP_TREE_DEPTH,\n type UPPCircuitType,\n type UPPTransferCircuitInputs,\n type PlonkProofStruct,\n} from './proof.js'\nimport { generateASPProof, type ASPProof } from './asp.js'\nimport type { NoteCreationResult } from '../react/use-upp-account.js'\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Transfer stage for progress tracking\n */\nexport type TransferStage =\n | 'selecting_notes'\n | 'syncing_merkle'\n | 'creating_outputs'\n | 'generating_proof'\n | 'submitting_tx'\n | 'confirming'\n\n/**\n * A shielded note with all data needed for spending\n *\n * Post-quantum: uses ownerSecret/ownerHash instead of BabyJubJub one-time keys.\n * Ownership is proven via hash preimage: Poseidon(ownerSecret) == ownerHash.\n */\nexport interface SpendableNote {\n amount: bigint\n blinding: bigint\n commitment: string\n /** Owner secret (hash preimage for ownership proof) */\n ownerSecret: string\n /** Owner hash = Poseidon(ownerSecret) - committed in the note */\n ownerHash: string\n leafIndex: number\n /** Origin address (depositor) - required for UPP circuits */\n origin: bigint\n /** Token address - required for UPP circuits */\n token: bigint\n}\n\n/**\n * Merkle proof with associated note\n */\nexport interface MerkleProofWithNote {\n proof: MerkleProof\n note: SpendableNote\n}\n\n/**\n * Transfer context (dependencies)\n */\nexport interface TransferContext {\n /** viem PublicClient for RPC calls */\n publicClient: PublicClient\n /** Contract address */\n contractAddress: Address\n /** Chain ID */\n chainId: number\n /** Circuit base URL (default: '/circuits/') */\n circuitBaseUrl?: string\n /** ASP ID to use (default: DEMO_ASP_ID) */\n aspId?: bigint\n /** All approved origins in the ASP tree (enables multi-origin proofs) */\n aspApprovedOrigins?: bigint[]\n}\n\n/**\n * Transfer result\n */\nexport interface TransferBuildResult {\n /** Circuit type used */\n circuit: UPPCircuitType\n /** Formatted PLONK proof for contract */\n proof: {\n proofStruct: PlonkProofStruct\n publicSignals: bigint[]\n }\n /** Public signals from proof */\n publicSignals: string[]\n /** State tree root */\n stateRoot: bigint\n /** ASP tree root */\n aspRoot: bigint\n /** Nullifier hash */\n nullifier: bigint\n /** Output commitment 1 */\n outputCommitment1: bigint\n /** Output commitment 2 */\n outputCommitment2: bigint\n /** Token address */\n token: bigint\n /** Recipient output */\n recipientOutput: NoteCreationResult\n /** Change output */\n changeOutput: NoteCreationResult\n /** Notes that will be spent */\n spentNotes: SpendableNote[]\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** Chunk size for paginated RPC queries on testnets */\nconst RPC_CHUNK_SIZE = 9000n\n\n/**\n * Pad an array to the state tree depth (32 levels)\n * @param arr - Array to pad\n * @param padValue - Value to use for padding (default: '0')\n * @returns Padded array of length STATE_TREE_DEPTH\n */\nfunction padToStateTreeDepth<T>(arr: T[], padValue: T): T[] {\n if (arr.length >= STATE_TREE_DEPTH) {\n return arr.slice(0, STATE_TREE_DEPTH)\n }\n return [...arr, ...Array(STATE_TREE_DEPTH - arr.length).fill(padValue)]\n}\n\n/**\n * Pad an array to the ASP tree depth (20 levels)\n * @param arr - Array to pad\n * @param padValue - Value to use for padding (default: '0')\n * @returns Padded array of length ASP_TREE_DEPTH\n */\nfunction padToASPTreeDepth<T>(arr: T[], padValue: T): T[] {\n if (arr.length >= ASP_TREE_DEPTH) {\n return arr.slice(0, ASP_TREE_DEPTH)\n }\n return [...arr, ...Array(ASP_TREE_DEPTH - arr.length).fill(padValue)]\n}\n\n/**\n * CommitmentInserted event — emitted by _insertLeaf() for ALL leaf insertions\n * (shield, transfer, merge, swap fill, swap claim, swap cancel).\n * This is the single canonical event for Merkle tree reconstruction.\n */\nconst COMMITMENT_INSERTED_EVENT = {\n type: 'event' as const,\n name: 'CommitmentInserted',\n inputs: [\n { type: 'bytes32', name: 'commitment', indexed: true },\n { type: 'uint256', name: 'leafIndex' },\n { type: 'uint256', name: 'timestamp' },\n ],\n}\n\n// ============================================================================\n// Merkle Tree Functions\n// ============================================================================\n\n/**\n * Fetch all commitments from the contract and build a Merkle tree\n *\n * @param publicClient - viem PublicClient\n * @param contractAddress - Contract address\n * @returns Object with tree and leaves array\n */\nexport async function syncMerkleTree(\n publicClient: PublicClient,\n contractAddress: Address\n): Promise<{ tree: ReturnType<typeof buildMerkleTree>; leaves: bigint[] }> {\n const currentBlock = await publicClient.getBlockNumber()\n const chainId = await publicClient.getChainId()\n\n // Use CommitmentInserted events — the canonical event emitted by _insertLeaf()\n // for ALL operations (shield, transfer, merge, swap fill/claim/cancel).\n // Each event has an explicit leafIndex, so ordering is deterministic.\n let commitmentLogs: any[] = []\n\n if (chainId === 31337) {\n // Anvil - single query is fine\n commitmentLogs = await publicClient.getLogs({\n address: contractAddress,\n event: COMMITMENT_INSERTED_EVENT,\n fromBlock: 0n,\n })\n } else {\n // Testnet/mainnet - paginate to avoid RPC limits\n const deployment = getDeployment(chainId)\n let fromBlock = deployment?.deployBlock ? BigInt(deployment.deployBlock) : 0n\n console.log(`[syncMerkleTree] Chain ${chainId}: scanning from block ${fromBlock} to ${currentBlock}`)\n\n while (fromBlock <= currentBlock) {\n const toBlock =\n fromBlock + RPC_CHUNK_SIZE > currentBlock ? currentBlock : fromBlock + RPC_CHUNK_SIZE\n const chunk = await publicClient.getLogs({\n address: contractAddress,\n event: COMMITMENT_INSERTED_EVENT,\n fromBlock,\n toBlock,\n })\n commitmentLogs = commitmentLogs.concat(chunk)\n fromBlock = toBlock + 1n\n }\n }\n\n // Sort by explicit leafIndex (most reliable), falling back to block+logIndex\n commitmentLogs.sort((a: any, b: any) => {\n const idxA = Number(a.args.leafIndex!)\n const idxB = Number(b.args.leafIndex!)\n return idxA - idxB\n })\n\n // Build leaves array using the explicit leafIndex from each event\n const leaves: bigint[] = []\n for (const log of commitmentLogs) {\n const leafIndex = Number(log.args.leafIndex!)\n const commitment = BigInt(log.args.commitment!)\n\n if (leaves.length !== leafIndex) {\n console.warn(\n `[syncMerkleTree] WARNING: Expected leafIndex ${leaves.length} but event has ${leafIndex}. ` +\n `This may indicate missed events or reorg.`\n )\n }\n leaves.push(commitment)\n }\n\n const tree = buildMerkleTree(leaves)\n\n // Debug: compare our root with on-chain root\n const ourRoot = await tree.getRoot()\n const onChainRoot = (await publicClient.readContract({\n address: contractAddress,\n abi: [\n {\n type: 'function',\n name: 'getMerkleRoot',\n inputs: [],\n outputs: [{ type: 'uint256' }],\n stateMutability: 'view',\n },\n ],\n functionName: 'getMerkleRoot',\n })) as bigint\n\n console.log(`[syncMerkleTree] Leaves count: ${leaves.length}`)\n console.log(`[syncMerkleTree] Tree depth: ${tree.depth}`)\n console.log(`[syncMerkleTree] Our computed root: ${ourRoot}`)\n console.log(`[syncMerkleTree] On-chain root: ${onChainRoot}`)\n console.log(`[syncMerkleTree] Roots match: ${ourRoot === onChainRoot}`)\n\n if (ourRoot !== onChainRoot) {\n console.log(`[syncMerkleTree] WARNING: Root mismatch!`)\n console.log(\n `[syncMerkleTree] Leaves:`,\n leaves.map((l) => '0x' + l.toString(16))\n )\n }\n\n return { tree, leaves }\n}\n\n/**\n * Get Merkle proofs for a set of notes\n *\n * @param notes - Notes to get proofs for\n * @param leaves - All leaves in the tree\n * @param tree - Merkle tree instance\n * @returns Array of proofs with associated notes\n */\nexport async function getMerkleProofsForNotes(\n notes: SpendableNote[],\n leaves: bigint[],\n tree: ReturnType<typeof buildMerkleTree>\n): Promise<MerkleProofWithNote[]> {\n const { verifyMerkleProof } = await import('../utils/merkle.js')\n const proofs: MerkleProofWithNote[] = []\n\n for (const note of notes) {\n const commitmentBI = BigInt(note.commitment)\n const leafIndex = leaves.findIndex((l) => l === commitmentBI)\n\n console.log(`[getMerkleProofsForNotes] Note commitment: ${note.commitment}`)\n console.log(`[getMerkleProofsForNotes] Note commitment as BigInt: ${commitmentBI}`)\n console.log(`[getMerkleProofsForNotes] Found at leafIndex: ${leafIndex}`)\n console.log(`[getMerkleProofsForNotes] Note's stored leafIndex: ${note.leafIndex}`)\n\n if (leafIndex === -1) {\n console.log(`[getMerkleProofsForNotes] Leaves in tree:`, leaves.map((l) => l.toString()))\n throw new Error(`Note ${note.commitment.slice(0, 10)}... not found on-chain`)\n }\n\n const proof = await tree.getProof(leafIndex)\n\n console.log(`[getMerkleProofsForNotes] Proof root: ${proof.root}`)\n console.log(`[getMerkleProofsForNotes] Proof leafIndex: ${proof.leafIndex}`)\n console.log(`[getMerkleProofsForNotes] PathElements:`, proof.pathElements.map((e) => e.toString()))\n console.log(`[getMerkleProofsForNotes] PathIndices:`, proof.pathIndices)\n\n // Verify the proof locally before returning\n const isValid = await verifyMerkleProof(commitmentBI, proof)\n console.log(`[getMerkleProofsForNotes] Local proof verification: ${isValid}`)\n\n if (!isValid) {\n console.error(`[getMerkleProofsForNotes] WARNING: Merkle proof is invalid!`)\n }\n\n proofs.push({ proof, note: { ...note, leafIndex } })\n }\n\n return proofs\n}\n\n// ============================================================================\n// Circuit Input Building\n// ============================================================================\n\n/**\n * Compute nullifier for a UPP note (BLS12-381)\n *\n * nullifier = Poseidon(ownerSecret, leafIndex, commitment)\n *\n * @param ownerSecret - Owner secret (hash preimage)\n * @param leafIndex - Leaf index in Merkle tree\n * @param commitment - Note commitment\n * @returns Nullifier as bigint\n */\nexport async function computeNullifier(\n ownerSecret: bigint,\n leafIndex: number,\n commitment: bigint\n): Promise<bigint> {\n return await poseidon([ownerSecret, BigInt(leafIndex), commitment])\n}\n\n/**\n * Note with amount for circuit building\n */\nexport interface NoteWithAmount extends NoteCreationResult {\n amount: bigint\n}\n\n/**\n * Build circuit inputs for UPP transfer (1-in-2-out)\n *\n * @param noteProof - Merkle proof for input note\n * @param aspProof - ASP membership proof for input note's origin\n * @param recipientNote - Output note for recipient\n * @param changeNote - Output note for change\n * @returns UPP transfer circuit inputs\n */\nexport async function buildUPPTransferCircuitInputs(\n noteProof: MerkleProofWithNote,\n aspProof: ASPProof,\n recipientNote: NoteWithAmount,\n changeNote: NoteWithAmount\n): Promise<UPPTransferCircuitInputs> {\n const { proof, note } = noteProof\n\n // Compute owner hash from secret (hash-based ownership)\n const inputOwnerHash = poseidonOwnerHash(BigInt(note.ownerSecret))\n\n // Verify input commitment locally\n // BLS12-381 commitment: Poseidon(amount, ownerHash, blinding, origin, token)\n const localInputCommitment = computeNoteCommitment(\n note.amount,\n inputOwnerHash,\n note.blinding,\n note.origin,\n note.token,\n )\n\n const storedCommitment = BigInt(note.commitment)\n if (localInputCommitment !== storedCommitment) {\n console.error(`[buildUPPTransferCircuitInputs] COMMITMENT MISMATCH`)\n console.error(` amount: ${note.amount}, ownerHash: ${inputOwnerHash}`)\n console.error(` blinding: ${note.blinding}, origin: ${note.origin}, token: ${note.token}`)\n console.error(` local=${localInputCommitment}, stored=${storedCommitment}`)\n throw new Error(\n `Note commitment mismatch — this note was created with an outdated commitment formula. ` +\n `Clear your shielded account (localStorage) and re-shield tokens.`\n )\n }\n\n const nullifier = await computeNullifier(\n BigInt(note.ownerSecret),\n proof.leafIndex,\n BigInt(note.commitment)\n )\n\n return {\n // Public inputs\n stateRoot: String(proof.root),\n aspRoot: String(aspProof.aspRoot),\n nullifier: String(nullifier),\n outputCommitment1: String(recipientNote.commitment),\n outputCommitment2: String(changeNote.commitment),\n token: String(note.token),\n\n // Private inputs - Input Note\n inputAmount: String(note.amount),\n inputOneTimeSecret: String(BigInt(note.ownerSecret)),\n inputBlinding: String(note.blinding),\n inputOrigin: String(note.origin),\n inputLeafIndex: String(proof.leafIndex),\n inputPathElements: padToStateTreeDepth(proof.pathElements.map((e) => String(e)), '0'),\n inputPathIndices: padToStateTreeDepth(proof.pathIndices.map(String), '0'),\n\n // Private inputs - ASP Membership Proof\n aspPathElements: padToASPTreeDepth(aspProof.aspPathElements.map((e) => String(e)), '0'),\n aspPathIndices: padToASPTreeDepth(aspProof.aspPathIndices.map(String), '0'),\n\n // Private inputs - Output Notes (hash-based ownership)\n outputAmount1: String(recipientNote.amount),\n outputOwnerHash1: String(recipientNote.ownerHash),\n outputBlinding1: String(recipientNote.blinding),\n\n outputAmount2: String(changeNote.amount),\n outputOwnerHash2: String(changeNote.ownerHash),\n outputBlinding2: String(changeNote.blinding),\n }\n}\n\n// ============================================================================\n// Transfer Building\n// ============================================================================\n\nimport { DEMO_ASP_ID } from './asp.js'\n\n/**\n * Build a UPP transfer (proof + outputs)\n *\n * This prepares everything needed to submit the transaction.\n * UPP transfer is 1-in-2-out with ASP membership proof.\n *\n * @param ctx - Transfer context\n * @param selectedNote - Note to spend (UPP transfer uses exactly 1 input)\n * @param recipientNote - Output note for recipient\n * @param changeNote - Output note for change\n * @param onStageChange - Optional callback for stage updates\n * @returns Transfer build result with proof and outputs\n */\nexport async function buildTransfer(\n ctx: TransferContext,\n selectedNote: SpendableNote,\n recipientNote: NoteWithAmount,\n changeNote: NoteWithAmount,\n onStageChange?: (stage: TransferStage) => void\n): Promise<TransferBuildResult> {\n // 1. Sync Merkle tree\n onStageChange?.('syncing_merkle')\n const { tree, leaves } = await syncMerkleTree(ctx.publicClient, ctx.contractAddress)\n\n // 2. Get Merkle proof for note\n const noteProofs = await getMerkleProofsForNotes([selectedNote], leaves, tree)\n const noteProof = noteProofs[0]!\n\n // 3. Generate ASP proof for the note's origin\n const aspProof = await generateASPProof(\n ctx.aspId ?? DEMO_ASP_ID,\n selectedNote.origin,\n ctx.aspApprovedOrigins\n )\n\n // 4. Build circuit inputs and generate proof\n onStageChange?.('generating_proof')\n\n const circuitInputs = await buildUPPTransferCircuitInputs(\n noteProof,\n aspProof,\n recipientNote,\n changeNote\n )\n\n const { proof } = await generateUPPProof(\n 'transfer',\n circuitInputs,\n ctx.circuitBaseUrl ?? '/circuits/'\n )\n\n const formattedProof = await formatPlonkProofForContract(proof)\n\n return {\n circuit: 'transfer',\n proof: formattedProof,\n publicSignals: proof.publicSignals,\n stateRoot: BigInt(circuitInputs.stateRoot),\n aspRoot: BigInt(circuitInputs.aspRoot),\n nullifier: BigInt(circuitInputs.nullifier),\n outputCommitment1: BigInt(circuitInputs.outputCommitment1),\n outputCommitment2: BigInt(circuitInputs.outputCommitment2),\n token: BigInt(circuitInputs.token),\n recipientOutput: recipientNote,\n changeOutput: changeNote,\n spentNotes: [selectedNote],\n }\n}\n\n/**\n * Format output for contract call (post-quantum)\n */\nexport function formatOutputForContract(note: NoteCreationResult): {\n commitment: Hex\n searchTag: bigint\n ownerHash: bigint\n encryptedNote: Hex\n} {\n return {\n commitment: toHex(note.commitment, { size: 32 }),\n searchTag: note.searchTag,\n ownerHash: note.ownerHash,\n encryptedNote: note.encryptedNote as Hex,\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/deployments/31337.json","../src/deployments/11155111.json","../src/deployments/index.ts","../src/core/transfer.ts"],"names":["__default","init_poseidon","STATE_TREE_DEPTH","ASP_TREE_DEPTH","buildMerkleTree","poseidon","computeOwnerHash","computeNoteCommitment","generateASPProof","DEMO_ASP_ID","generateUPPProof","formatPlonkProofForContract","toHex"],"mappings":";;;;;;;;;AAAA,IAAA,SAAA,GAAA;AAAA,EACE,oBAAA,EAAwB,4CAAA;AAAA,EACxB,cAAA,EAAkB,4CAAA;AAAA,EAClB,SAAA,EAAa,4CAAA;AAAA,EACb,UAAA,EAAc,4CAAA;AAAA,EACd,SAAA,EAAa;AAAA,IACX,gBAAA,EAAoB,4CAAA;AAAA,IACpB,aAAA,EAAiB,4CAAA;AAAA,IACjB,gBAAA,EAAoB,4CAAA;AAAA,IACpB,iBAAA,EAAqB,4CAAA;AAAA,IACrB,wBAAA,EAA4B,4CAAA;AAAA,IAC5B,wBAAA,EAA4B;AAAA,GAC9B;AAAA,EACA,cAAA,EAAkB;AAAA,IAChB,mBAAA,EAAuB;AAAA,GACzB;AAAA,EACA,WAAA,EAAe,CAAA;AAAA,EACf,eAAA,EAAmB;AACrB,CAAA;;;AClBA,IAAAA,UAAAA,GAAA;AAAA,EACE,oBAAA,EAAwB,4CAAA;AAAA,EACxB,cAAA,EAAkB,4CAAA;AAAA,EAClB,SAAA,EAAa,4CAAA;AAAA,EACb,UAAA,EAAc,4CAAA;AAAA,EACd,SAAA,EAAa;AAAA,IACX,gBAAA,EAAoB,4CAAA;AAAA,IACpB,aAAA,EAAiB,4CAAA;AAAA,IACjB,gBAAA,EAAoB,4CAAA;AAAA,IACpB,iBAAA,EAAqB,4CAAA;AAAA,IACrB,wBAAA,EAA4B,4CAAA;AAAA,IAC5B,wBAAA,EAA4B;AAAA,GAC9B;AAAA,EACA,cAAA,EAAkB;AAAA,IAChB,mBAAA,EAAuB;AAAA,GACzB;AAAA,EACA,WAAA,EAAe,QAAA;AAAA,EACf,eAAA,EAAmB,aAIrB,CAAA;;;AC0DA,SAAS,eAAA,CACP,MACA,OAAA,EACkB;AAClB,EAAA,OAAO;AAAA,IACL,sBAAsB,IAAA,CAAK,oBAAA;AAAA,IAC3B,gBAAgB,IAAA,CAAK,cAAA;AAAA,IACrB,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,YAAY,IAAA,CAAK,UAAA;AAAA,IACjB,SAAA,EAAW;AAAA,MACT,gBAAA,EAAkB,KAAK,SAAA,CAAU,gBAAA;AAAA,MACjC,aAAA,EAAe,KAAK,SAAA,CAAU,aAAA;AAAA,MAC9B,gBAAA,EAAkB,KAAK,SAAA,CAAU,gBAAA;AAAA,MACjC,iBAAA,EAAmB,KAAK,SAAA,CAAU,iBAAA;AAAA,MAClC,wBAAA,EAA0B,KAAK,SAAA,CAC5B,wBAAA;AAAA,MACH,wBAAA,EAA0B,KAAK,SAAA,CAC5B;AAAA,KACL;AAAA,IACA,cAAA,EAAgB,KAAK,cAAA,GACjB;AAAA,MACE,mBAAA,EAAqB,KAAK,cAAA,CACvB;AAAA,KACL,GACA,MAAA;AAAA,IACJ,OAAA;AAAA,IACA,aAAa,IAAA,CAAK,WAAA;AAAA,IAClB,iBAAiB,IAAA,CAAK;AAAA,GACxB;AACF;AAOA,IAAM,WAAA,GAAgD;AAAA,EACpD,KAAA,EAAO,eAAA,CAAgB,SAAA,EAAoC,KAAK,CAAA;AAAA,EAChE,QAAA,EAAU,eAAA,CAAgBA,UAAAA,EAAsC,QAAQ;AAC1E,CAAA;AAgBO,SAAS,cAAc,OAAA,EAA0C;AACtE,EAAA,OAAO,WAAA,CAAY,OAAO,CAAA,IAAK,IAAA;AACjC;AASO,SAAS,qBAAqB,OAAA,EAAmC;AACtE,EAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,8BAAA,EAAiC,OAAO,CAAA,oBAAA,EACjB,MAAA,CAAO,KAAK,WAAW,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC5D;AAAA,EACF;AACA,EAAA,OAAO,UAAA;AACT;AAKO,SAAS,cAAc,OAAA,EAA0B;AACtD,EAAA,OAAO,OAAA,IAAW,WAAA;AACpB;AAKO,SAAS,oBAAA,GAAiC;AAC/C,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAI,MAAM,CAAA;AAC5C;AAKO,SAAS,gBAAgB,OAAA,EAAiC;AAC/D,EAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,EAAA,IAAI,CAAC,YAAY,OAAO,IAAA;AACxB,EAAA,OAAO,WAAW,SAAA,IAAa,IAAA;AACjC;AAmBO,SAAS,kBAAA,CAAmB,SAAiB,MAAA,EAAgC;AAClF,EAAA,WAAA,CAAY,OAAO,CAAA,GAAI,EAAE,GAAG,QAAQ,OAAA,EAAQ;AAC9C;;;AC5LAC,+BAAA,EAAA;AAiHA,IAAM,cAAA,GAAiB,KAAA;AAQvB,SAAS,mBAAA,CAAuB,KAAU,QAAA,EAAkB;AAC1D,EAAA,IAAI,GAAA,CAAI,UAAUC,kCAAA,EAAkB;AAClC,IAAA,OAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAGA,kCAAgB,CAAA;AAAA,EACtC;AACA,EAAA,OAAO,CAAC,GAAG,GAAA,EAAK,GAAG,KAAA,CAAMA,kCAAA,GAAmB,GAAA,CAAI,MAAM,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAC,CAAA;AACxE;AAQA,SAAS,iBAAA,CAAqB,KAAU,QAAA,EAAkB;AACxD,EAAA,IAAI,GAAA,CAAI,UAAUC,gCAAA,EAAgB;AAChC,IAAA,OAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAGA,gCAAc,CAAA;AAAA,EACpC;AACA,EAAA,OAAO,CAAC,GAAG,GAAA,EAAK,GAAG,KAAA,CAAMA,gCAAA,GAAiB,GAAA,CAAI,MAAM,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAC,CAAA;AACtE;AAOA,IAAM,yBAAA,GAA4B;AAAA,EAChC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,oBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,YAAA,EAAc,SAAS,IAAA,EAAK;AAAA,IACrD,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,WAAA,EAAY;AAAA,IACrC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,WAAA;AAAY;AAEzC,CAAA;AAaA,eAAsB,cAAA,CACpB,cACA,eAAA,EACyE;AACzE,EAAA,MAAM,YAAA,GAAe,MAAM,YAAA,CAAa,cAAA,EAAe;AACvD,EAAA,MAAM,OAAA,GAAU,MAAM,YAAA,CAAa,UAAA,EAAW;AAK9C,EAAA,IAAI,iBAAwB,EAAC;AAE7B,EAAA,IAAI,YAAY,KAAA,EAAO;AAErB,IAAA,cAAA,GAAiB,MAAM,aAAa,OAAA,CAAQ;AAAA,MAC1C,OAAA,EAAS,eAAA;AAAA,MACT,KAAA,EAAO,yBAAA;AAAA,MACP,SAAA,EAAW;AAAA,KACZ,CAAA;AAAA,EACH,CAAA,MAAO;AAEL,IAAA,MAAM,UAAA,GAAa,cAAc,OAAO,CAAA;AACxC,IAAA,IAAI,YAAY,UAAA,EAAY,WAAA,GAAc,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA,GAAI,EAAA;AAC3E,IAAA,OAAA,CAAQ,IAAI,CAAA,uBAAA,EAA0B,OAAO,yBAAyB,SAAS,CAAA,IAAA,EAAO,YAAY,CAAA,CAAE,CAAA;AAEpG,IAAA,OAAO,aAAa,YAAA,EAAc;AAChC,MAAA,MAAM,OAAA,GACJ,SAAA,GAAY,cAAA,GAAiB,YAAA,GAAe,eAAe,SAAA,GAAY,cAAA;AACzE,MAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,OAAA,CAAQ;AAAA,QACvC,OAAA,EAAS,eAAA;AAAA,QACT,KAAA,EAAO,yBAAA;AAAA,QACP,SAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,cAAA,GAAiB,cAAA,CAAe,OAAO,KAAK,CAAA;AAC5C,MAAA,SAAA,GAAY,OAAA,GAAU,EAAA;AAAA,IACxB;AAAA,EACF;AAGA,EAAA,cAAA,CAAe,IAAA,CAAK,CAAC,CAAA,EAAQ,CAAA,KAAW;AACtC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,CAAA,CAAE,IAAA,CAAK,SAAU,CAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,CAAA,CAAE,IAAA,CAAK,SAAU,CAAA;AACrC,IAAA,OAAO,IAAA,GAAO,IAAA;AAAA,EAChB,CAAC,CAAA;AAGD,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,KAAA,MAAW,OAAO,cAAA,EAAgB;AAChC,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,GAAA,CAAI,IAAA,CAAK,SAAU,CAAA;AAC5C,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,IAAA,CAAK,UAAW,CAAA;AAE9C,IAAA,IAAI,MAAA,CAAO,WAAW,SAAA,EAAW;AAC/B,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN,CAAA,6CAAA,EAAgD,MAAA,CAAO,MAAM,CAAA,eAAA,EAAkB,SAAS,CAAA,2CAAA;AAAA,OAE1F;AAAA,IACF;AACA,IAAA,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,EACxB;AAEA,EAAA,MAAM,IAAA,GAAOC,kCAAgB,MAAM,CAAA;AAGnC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,OAAA,EAAQ;AACnC,EAAA,MAAM,WAAA,GAAe,MAAM,YAAA,CAAa,YAAA,CAAa;AAAA,IACnD,OAAA,EAAS,eAAA;AAAA,IACT,GAAA,EAAK;AAAA,MACH;AAAA,QACE,IAAA,EAAM,UAAA;AAAA,QACN,IAAA,EAAM,eAAA;AAAA,QACN,QAAQ,EAAC;AAAA,QACT,OAAA,EAAS,CAAC,EAAE,IAAA,EAAM,WAAW,CAAA;AAAA,QAC7B,eAAA,EAAiB;AAAA;AACnB,KACF;AAAA,IACA,YAAA,EAAc;AAAA,GACf,CAAA;AAED,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,+BAAA,EAAkC,MAAA,CAAO,MAAM,CAAA,CAAE,CAAA;AAC7D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,6BAAA,EAAgC,IAAA,CAAK,KAAK,CAAA,CAAE,CAAA;AACxD,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oCAAA,EAAuC,OAAO,CAAA,CAAE,CAAA;AAC5D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,gCAAA,EAAmC,WAAW,CAAA,CAAE,CAAA;AAC5D,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8BAAA,EAAiC,OAAA,KAAY,WAAW,CAAA,CAAE,CAAA;AAEtE,EAAA,IAAI,YAAY,WAAA,EAAa;AAC3B,IAAA,OAAA,CAAQ,IAAI,CAAA,wCAAA,CAA0C,CAAA;AACtD,IAAA,OAAA,CAAQ,GAAA;AAAA,MACN,CAAA,wBAAA,CAAA;AAAA,MACA,MAAA,CAAO,IAAI,CAAC,CAAA,KAAM,OAAO,CAAA,CAAE,QAAA,CAAS,EAAE,CAAC;AAAA,KACzC;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AACxB;AAUA,eAAsB,uBAAA,CACpB,KAAA,EACA,MAAA,EACA,IAAA,EACgC;AAChC,EAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,uBAAoB,CAAA;AAC/D,EAAA,MAAM,SAAgC,EAAC;AAEvC,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAC3C,IAAA,MAAM,YAAY,MAAA,CAAO,SAAA,CAAU,CAAC,CAAA,KAAM,MAAM,YAAY,CAAA;AAE5D,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,2CAAA,EAA8C,IAAA,CAAK,UAAU,CAAA,CAAE,CAAA;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,qDAAA,EAAwD,YAAY,CAAA,CAAE,CAAA;AAClF,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8CAAA,EAAiD,SAAS,CAAA,CAAE,CAAA;AACxE,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,mDAAA,EAAsD,IAAA,CAAK,SAAS,CAAA,CAAE,CAAA;AAElF,IAAA,IAAI,cAAc,EAAA,EAAI;AACpB,MAAA,OAAA,CAAQ,GAAA,CAAI,6CAA6C,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,EAAU,CAAC,CAAA;AACxF,MAAA,MAAM,IAAI,MAAM,CAAA,KAAA,EAAQ,IAAA,CAAK,WAAW,KAAA,CAAM,CAAA,EAAG,EAAE,CAAC,CAAA,sBAAA,CAAwB,CAAA;AAAA,IAC9E;AAEA,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,SAAS,CAAA;AAE3C,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,sCAAA,EAAyC,KAAA,CAAM,IAAI,CAAA,CAAE,CAAA;AACjE,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,2CAAA,EAA8C,KAAA,CAAM,SAAS,CAAA,CAAE,CAAA;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,uCAAA,CAAA,EAA2C,KAAA,CAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,EAAU,CAAC,CAAA;AAClG,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,sCAAA,CAAA,EAA0C,KAAA,CAAM,WAAW,CAAA;AAGvE,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,YAAA,EAAc,KAAK,CAAA;AAC3D,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oDAAA,EAAuD,OAAO,CAAA,CAAE,CAAA;AAE5E,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAA,CAAQ,MAAM,CAAA,2DAAA,CAA6D,CAAA;AAAA,IAC7E;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK,EAAE,KAAA,EAAO,IAAA,EAAM,EAAE,GAAG,IAAA,EAAM,SAAA,EAAU,EAAG,CAAA;AAAA,EACrD;AAEA,EAAA,OAAO,MAAA;AACT;AAgBA,eAAsB,gBAAA,CACpB,WAAA,EACA,SAAA,EACA,UAAA,EACiB;AACjB,EAAA,OAAO,MAAMC,2BAAS,CAAC,WAAA,EAAa,OAAO,SAAS,CAAA,EAAG,UAAU,CAAC,CAAA;AACpE;AAkBA,eAAsB,6BAAA,CACpB,SAAA,EACA,QAAA,EACA,aAAA,EACA,UAAA,EACmC;AACnC,EAAA,MAAM,EAAE,KAAA,EAAO,IAAA,EAAK,GAAI,SAAA;AAGxB,EAAA,MAAM,cAAA,GAAiBC,kCAAA,CAAkB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAC,CAAA;AAIjE,EAAA,MAAM,oBAAA,GAAuBC,uCAAA;AAAA,IAC3B,IAAA,CAAK,MAAA;AAAA,IACL,cAAA;AAAA,IACA,IAAA,CAAK,QAAA;AAAA,IACL,IAAA,CAAK,MAAA;AAAA,IACL,IAAA,CAAK;AAAA,GACP;AAEA,EAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAC/C,EAAA,IAAI,yBAAyB,gBAAA,EAAkB;AAC7C,IAAA,OAAA,CAAQ,MAAM,CAAA,mDAAA,CAAqD,CAAA;AACnE,IAAA,OAAA,CAAQ,MAAM,CAAA,UAAA,EAAa,IAAA,CAAK,MAAM,CAAA,aAAA,EAAgB,cAAc,CAAA,CAAE,CAAA;AACtE,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,YAAA,EAAe,IAAA,CAAK,QAAQ,CAAA,UAAA,EAAa,KAAK,MAAM,CAAA,SAAA,EAAY,IAAA,CAAK,KAAK,CAAA,CAAE,CAAA;AAC1F,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,QAAA,EAAW,oBAAoB,CAAA,SAAA,EAAY,gBAAgB,CAAA,CAAE,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,2JAAA;AAAA,KAEF;AAAA,EACF;AAEA,EAAA,MAAM,YAAY,MAAM,gBAAA;AAAA,IACtB,MAAA,CAAO,KAAK,WAAW,CAAA;AAAA,IACvB,KAAA,CAAM,SAAA;AAAA,IACN,MAAA,CAAO,KAAK,UAAU;AAAA,GACxB;AAEA,EAAA,OAAO;AAAA;AAAA,IAEL,SAAA,EAAW,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAAA,IAC5B,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,OAAO,CAAA;AAAA,IAChC,SAAA,EAAW,OAAO,SAAS,CAAA;AAAA,IAC3B,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,UAAU,CAAA;AAAA,IAClD,iBAAA,EAAmB,MAAA,CAAO,UAAA,CAAW,UAAU,CAAA;AAAA,IAC/C,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA;AAAA,IAGxB,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,kBAAA,EAAoB,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,WAAW,CAAC,CAAA;AAAA,IACnD,aAAA,EAAe,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,IACnC,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA;AAAA,IAC/B,cAAA,EAAgB,MAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AAAA,IACtC,iBAAA,EAAmB,mBAAA,CAAoB,KAAA,CAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA,KAAM,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,GAAG,CAAA;AAAA,IACpF,kBAAkB,mBAAA,CAAoB,KAAA,CAAM,YAAY,GAAA,CAAI,MAAM,GAAG,GAAG,CAAA;AAAA;AAAA,IAGxE,eAAA,EAAiB,iBAAA,CAAkB,QAAA,CAAS,eAAA,CAAgB,GAAA,CAAI,CAAC,CAAA,KAAM,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,GAAG,CAAA;AAAA,IACtF,gBAAgB,iBAAA,CAAkB,QAAA,CAAS,eAAe,GAAA,CAAI,MAAM,GAAG,GAAG,CAAA;AAAA;AAAA,IAG1E,aAAA,EAAe,MAAA,CAAO,aAAA,CAAc,MAAM,CAAA;AAAA,IAC1C,gBAAA,EAAkB,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IAChD,eAAA,EAAiB,MAAA,CAAO,aAAA,CAAc,QAAQ,CAAA;AAAA,IAE9C,aAAA,EAAe,MAAA,CAAO,UAAA,CAAW,MAAM,CAAA;AAAA,IACvC,gBAAA,EAAkB,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,IAC7C,eAAA,EAAiB,MAAA,CAAO,UAAA,CAAW,QAAQ;AAAA,GAC7C;AACF;AAqBA,eAAsB,aAAA,CACpB,GAAA,EACA,YAAA,EACA,aAAA,EACA,YACA,aAAA,EAC8B;AAE9B,EAAA,aAAA,GAAgB,gBAAgB,CAAA;AAChC,EAAA,MAAM,EAAE,MAAM,MAAA,EAAO,GAAI,MAAM,cAAA,CAAe,GAAA,CAAI,YAAA,EAAc,GAAA,CAAI,eAAe,CAAA;AAGnF,EAAA,MAAM,aAAa,MAAM,uBAAA,CAAwB,CAAC,YAAY,CAAA,EAAG,QAAQ,IAAI,CAAA;AAC7E,EAAA,MAAM,SAAA,GAAY,WAAW,CAAC,CAAA;AAG9B,EAAA,MAAM,WAAW,MAAMC,kCAAA;AAAA,IACrB,IAAI,KAAA,IAASC,6BAAA;AAAA,IACb,YAAA,CAAa,MAAA;AAAA,IACb,GAAA,CAAI;AAAA,GACN;AAGA,EAAA,aAAA,GAAgB,kBAAkB,CAAA;AAElC,EAAA,MAAM,gBAAgB,MAAM,6BAAA;AAAA,IAC1B,SAAA;AAAA,IACA,QAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAMC,kCAAA;AAAA,IACtB,UAAA;AAAA,IACA,aAAA;AAAA,IACA,IAAI,cAAA,IAAkB;AAAA,GACxB;AAEA,EAAA,MAAM,cAAA,GAAiB,MAAMC,6CAAA,CAA4B,KAAK,CAAA;AAE9D,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,UAAA;AAAA,IACT,KAAA,EAAO,cAAA;AAAA,IACP,eAAe,KAAA,CAAM,aAAA;AAAA,IACrB,SAAA,EAAW,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IACzC,OAAA,EAAS,MAAA,CAAO,aAAA,CAAc,OAAO,CAAA;AAAA,IACrC,SAAA,EAAW,MAAA,CAAO,aAAA,CAAc,SAAS,CAAA;AAAA,IACzC,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,iBAAiB,CAAA;AAAA,IACzD,iBAAA,EAAmB,MAAA,CAAO,aAAA,CAAc,iBAAiB,CAAA;AAAA,IACzD,KAAA,EAAO,MAAA,CAAO,aAAA,CAAc,KAAK,CAAA;AAAA,IACjC,eAAA,EAAiB,aAAA;AAAA,IACjB,YAAA,EAAc,UAAA;AAAA,IACd,UAAA,EAAY,CAAC,YAAY;AAAA,GAC3B;AACF;AAKO,SAAS,wBAAwB,IAAA,EAKtC;AACA,EAAA,OAAO;AAAA,IACL,YAAYC,UAAA,CAAM,IAAA,CAAK,YAAY,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IAC/C,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,eAAe,IAAA,CAAK;AAAA,GACtB;AACF","file":"chunk-DYSU7JYL.cjs","sourcesContent":["{\n \"UniversalPrivatePool\": \"0x2279b7a0a67db372996a5fab50d91eaa73d2ebe6\",\n \"ASPRegistryHub\": \"0xe7f1725e7734ce288f8367e1bb143e90bb3f0512\",\n \"TestToken\": \"0x610178da211fef7d417bc0e6fed39f05609ad788\",\n \"TestToken2\": \"0xb7f8bc63bbcad18155201308c8f3540b07f84f5e\",\n \"verifiers\": {\n \"TransferVerifier\": \"0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0\",\n \"MergeVerifier\": \"0xcf7ed3acca5a467e9e704c703e8d87f634fb0fc9\",\n \"WithdrawVerifier\": \"0xdc64a140aa3e981100a9beca4e685f962f0cf6c9\",\n \"JoinSplitVerifier\": \"0x5fc8d32690cc91d4c39d9d3abcbd16989f875707\",\n \"MergeTransfer2x2Verifier\": \"0x0165878a594ca255338adfa4d48449f69242eb8f\",\n \"MergeTransfer4x2Verifier\": \"0xa513e6e4b8f2a923d98304ec87f64353c4d5c853\"\n },\n \"starkVerifiers\": {\n \"CircleStarkVerifier\": \"0x0dcd1bf9a1b36ce34237eeafef220932846bcd82\"\n },\n \"deployBlock\": 1,\n \"deployTimestamp\": 1774728354492\n}\n","{\n \"UniversalPrivatePool\": \"0xba5405375ee4c1b5fdcb1b755381edcc38ae28f2\",\n \"ASPRegistryHub\": \"0xfd11c56a23314aa88dfbcc36254f33e5e8b010df\",\n \"TestToken\": \"0xc3cef670aae8228de206c98b67c3d25c520b8f14\",\n \"TestToken2\": \"0x4de3efd64d4ce9a4b45f538104bdbaadaf170bed\",\n \"verifiers\": {\n \"TransferVerifier\": \"0xe4a737e8e3100709986e1992d8e18cf324965320\",\n \"MergeVerifier\": \"0x3a844672f792d3b1216e4e64acd8c5d0301a3a3e\",\n \"WithdrawVerifier\": \"0x387afb8566d446c8344e03b8a9c54ba96b22233d\",\n \"JoinSplitVerifier\": \"0xe03c270de9b33f72a0656b07ed43f3269d586607\",\n \"MergeTransfer2x2Verifier\": \"0xbc1378d567abdfad063cd32b684e03ca29e79b99\",\n \"MergeTransfer4x2Verifier\": \"0xd1f75b988e6fd6003204bda6e83eb3186a8dec34\"\n },\n \"starkVerifiers\": {\n \"CircleStarkVerifier\": \"0xc92ba214653c616c4546d7edcb7aba8ced3e0a94\"\n },\n \"deployBlock\": 10555332,\n \"deployTimestamp\": 1774895534634,\n \"proofSystem\": \"PLONK\",\n \"curve\": \"BLS12-381\",\n \"verifierType\": \"PlonkVerifierBLS12381\"\n}\n","/**\n * Deployment Configuration Loader\n *\n * Loads contract addresses based on chain ID.\n * Built-in: Anvil (31337) and Sepolia (11155111).\n * Custom chains can be registered at runtime via registerDeployment().\n */\n\nimport type { Address } from \"viem\";\n\n/**\n * Verifier contract addresses\n */\nexport interface VerifierAddresses {\n TransferVerifier: Address;\n MergeVerifier: Address;\n WithdrawVerifier: Address;\n JoinSplitVerifier?: Address;\n MergeTransfer2x2Verifier?: Address;\n MergeTransfer4x2Verifier?: Address;\n}\n\n/**\n * STARK verifier contract addresses\n */\nexport interface StarkVerifierAddresses {\n CircleStarkVerifier?: Address;\n}\n\n/**\n * Deployment configuration for a chain\n */\nexport interface DeploymentConfig {\n /** Universal Private Pool contract address */\n UniversalPrivatePool: Address;\n /** ASP Registry Hub contract address */\n ASPRegistryHub: Address;\n /** Test token address (local/testnet) */\n TestToken?: Address;\n /** Test token 2 address — bonding curve token (local/testnet) */\n TestToken2?: Address;\n /** Verifier contract addresses */\n verifiers: VerifierAddresses;\n /** STARK verifier contract addresses */\n starkVerifiers?: StarkVerifierAddresses;\n /** Chain ID */\n chainId: number;\n /** Block number when contracts were deployed (for efficient scanning) */\n deployBlock: number;\n /** Timestamp when contracts were deployed */\n deployTimestamp?: number;\n}\n\n/**\n * Raw JSON file format (without chainId, which is added dynamically)\n */\ninterface DeploymentJSON {\n UniversalPrivatePool: string;\n ASPRegistryHub: string;\n TestToken?: string;\n TestToken2?: string;\n verifiers: {\n TransferVerifier: string;\n MergeVerifier: string;\n WithdrawVerifier: string;\n JoinSplitVerifier?: string;\n MergeTransfer2x2Verifier?: string;\n MergeTransfer4x2Verifier?: string;\n };\n starkVerifiers?: {\n CircleStarkVerifier?: string;\n };\n deployBlock: number;\n deployTimestamp?: number;\n}\n\n/**\n * Parse raw deployment JSON into typed config\n */\nfunction parseDeployment(\n json: DeploymentJSON,\n chainId: number\n): DeploymentConfig {\n return {\n UniversalPrivatePool: json.UniversalPrivatePool as Address,\n ASPRegistryHub: json.ASPRegistryHub as Address,\n TestToken: json.TestToken as Address | undefined,\n TestToken2: json.TestToken2 as Address | undefined,\n verifiers: {\n TransferVerifier: json.verifiers.TransferVerifier as Address,\n MergeVerifier: json.verifiers.MergeVerifier as Address,\n WithdrawVerifier: json.verifiers.WithdrawVerifier as Address,\n JoinSplitVerifier: json.verifiers.JoinSplitVerifier as Address | undefined,\n MergeTransfer2x2Verifier: json.verifiers\n .MergeTransfer2x2Verifier as Address | undefined,\n MergeTransfer4x2Verifier: json.verifiers\n .MergeTransfer4x2Verifier as Address | undefined,\n },\n starkVerifiers: json.starkVerifiers\n ? {\n CircleStarkVerifier: json.starkVerifiers\n .CircleStarkVerifier as Address | undefined,\n }\n : undefined,\n chainId,\n deployBlock: json.deployBlock,\n deployTimestamp: json.deployTimestamp,\n };\n}\n\n// Import deployment configs\n// These will be updated by the extract-deployment.js script\nimport anvil from \"./31337.json\" with { type: \"json\" };\nimport sepolia from \"./11155111.json\" with { type: \"json\" };\n\nconst deployments: Record<number, DeploymentConfig> = {\n 31337: parseDeployment(anvil as unknown as DeploymentJSON, 31337),\n 11155111: parseDeployment(sepolia as unknown as DeploymentJSON, 11155111),\n};\n\n/**\n * Get deployment config for a chain\n *\n * @param chainId - Chain ID to get deployment for\n * @returns Deployment config or null if not found\n *\n * @example\n * ```ts\n * const deployment = getDeployment(31337)\n * if (deployment) {\n * console.log('Pool address:', deployment.UniversalPrivatePool)\n * }\n * ```\n */\nexport function getDeployment(chainId: number): DeploymentConfig | null {\n return deployments[chainId] ?? null;\n}\n\n/**\n * Get deployment config or throw if not found\n *\n * @param chainId - Chain ID to get deployment for\n * @returns Deployment config\n * @throws Error if deployment not found\n */\nexport function getDeploymentOrThrow(chainId: number): DeploymentConfig {\n const deployment = getDeployment(chainId);\n if (!deployment) {\n throw new Error(\n `No deployment found for chain ${chainId}. ` +\n `Supported chains: ${Object.keys(deployments).join(\", \")}`\n );\n }\n return deployment;\n}\n\n/**\n * Check if a chain has a deployment\n */\nexport function hasDeployment(chainId: number): boolean {\n return chainId in deployments;\n}\n\n/**\n * Get all supported chain IDs\n */\nexport function getSupportedChainIds(): number[] {\n return Object.keys(deployments).map(Number);\n}\n\n/**\n * Get the token address for a chain\n */\nexport function getTokenAddress(chainId: number): Address | null {\n const deployment = getDeployment(chainId);\n if (!deployment) return null;\n return deployment.TestToken ?? null;\n}\n\n/**\n * Register a deployment for a custom chain at runtime.\n *\n * Use this when deploying your own pool on a chain not built into the SDK.\n * Overrides any existing deployment for the same chainId.\n *\n * @example\n * ```ts\n * registerDeployment(8453, {\n * UniversalPrivatePool: '0x...',\n * ASPRegistryHub: '0x...',\n * verifiers: { TransferVerifier: '0x...', MergeVerifier: '0x...', WithdrawVerifier: '0x...' },\n * chainId: 8453,\n * deployBlock: 12345678,\n * })\n * ```\n */\nexport function registerDeployment(chainId: number, config: DeploymentConfig): void {\n deployments[chainId] = { ...config, chainId };\n}\n","/**\n * Transfer Module\n *\n * Core logic for building and executing UPP transfers.\n * This module is framework-agnostic (no React).\n */\n\nimport { toHex, type Address, type Hex, type PublicClient } from 'viem'\nimport { getDeployment } from '../deployments/index.js'\nimport { buildMerkleTree, type MerkleProof } from '../utils/merkle.js'\nimport { poseidon, computeOwnerHash as poseidonOwnerHash, computeNoteCommitment } from '../utils/poseidon.js'\nimport {\n generateUPPProof,\n formatPlonkProofForContract,\n STATE_TREE_DEPTH,\n ASP_TREE_DEPTH,\n type UPPCircuitType,\n type UPPTransferCircuitInputs,\n type PlonkProofStruct,\n} from './proof.js'\nimport { generateASPProof, type ASPProof } from './asp.js'\nimport type { NoteCreationResult } from '../react/use-upp-account.js'\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Transfer stage for progress tracking\n */\nexport type TransferStage =\n | 'selecting_notes'\n | 'syncing_merkle'\n | 'creating_outputs'\n | 'generating_proof'\n | 'submitting_tx'\n | 'confirming'\n\n/**\n * A shielded note with all data needed for spending\n *\n * Post-quantum: uses ownerSecret/ownerHash instead of BabyJubJub one-time keys.\n * Ownership is proven via hash preimage: Poseidon(ownerSecret) == ownerHash.\n */\nexport interface SpendableNote {\n amount: bigint\n blinding: bigint\n commitment: string\n /** Owner secret (hash preimage for ownership proof) */\n ownerSecret: string\n /** Owner hash = Poseidon(ownerSecret) - committed in the note */\n ownerHash: string\n leafIndex: number\n /** Origin address (depositor) - required for UPP circuits */\n origin: bigint\n /** Token address - required for UPP circuits */\n token: bigint\n}\n\n/**\n * Merkle proof with associated note\n */\nexport interface MerkleProofWithNote {\n proof: MerkleProof\n note: SpendableNote\n}\n\n/**\n * Transfer context (dependencies)\n */\nexport interface TransferContext {\n /** viem PublicClient for RPC calls */\n publicClient: PublicClient\n /** Contract address */\n contractAddress: Address\n /** Chain ID */\n chainId: number\n /** Circuit base URL (default: '/circuits/') */\n circuitBaseUrl?: string\n /** ASP ID to use (default: DEMO_ASP_ID) */\n aspId?: bigint\n /** All approved origins in the ASP tree (enables multi-origin proofs) */\n aspApprovedOrigins?: bigint[]\n}\n\n/**\n * Transfer result\n */\nexport interface TransferBuildResult {\n /** Circuit type used */\n circuit: UPPCircuitType\n /** Formatted PLONK proof for contract */\n proof: {\n proofStruct: PlonkProofStruct\n publicSignals: bigint[]\n }\n /** Public signals from proof */\n publicSignals: string[]\n /** State tree root */\n stateRoot: bigint\n /** ASP tree root */\n aspRoot: bigint\n /** Nullifier hash */\n nullifier: bigint\n /** Output commitment 1 */\n outputCommitment1: bigint\n /** Output commitment 2 */\n outputCommitment2: bigint\n /** Token address */\n token: bigint\n /** Recipient output */\n recipientOutput: NoteCreationResult\n /** Change output */\n changeOutput: NoteCreationResult\n /** Notes that will be spent */\n spentNotes: SpendableNote[]\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** Chunk size for paginated RPC queries on testnets */\nconst RPC_CHUNK_SIZE = 9000n\n\n/**\n * Pad an array to the state tree depth (32 levels)\n * @param arr - Array to pad\n * @param padValue - Value to use for padding (default: '0')\n * @returns Padded array of length STATE_TREE_DEPTH\n */\nfunction padToStateTreeDepth<T>(arr: T[], padValue: T): T[] {\n if (arr.length >= STATE_TREE_DEPTH) {\n return arr.slice(0, STATE_TREE_DEPTH)\n }\n return [...arr, ...Array(STATE_TREE_DEPTH - arr.length).fill(padValue)]\n}\n\n/**\n * Pad an array to the ASP tree depth (20 levels)\n * @param arr - Array to pad\n * @param padValue - Value to use for padding (default: '0')\n * @returns Padded array of length ASP_TREE_DEPTH\n */\nfunction padToASPTreeDepth<T>(arr: T[], padValue: T): T[] {\n if (arr.length >= ASP_TREE_DEPTH) {\n return arr.slice(0, ASP_TREE_DEPTH)\n }\n return [...arr, ...Array(ASP_TREE_DEPTH - arr.length).fill(padValue)]\n}\n\n/**\n * CommitmentInserted event — emitted by _insertLeaf() for ALL leaf insertions\n * (shield, transfer, merge, swap fill, swap claim, swap cancel).\n * This is the single canonical event for Merkle tree reconstruction.\n */\nconst COMMITMENT_INSERTED_EVENT = {\n type: 'event' as const,\n name: 'CommitmentInserted',\n inputs: [\n { type: 'bytes32', name: 'commitment', indexed: true },\n { type: 'uint256', name: 'leafIndex' },\n { type: 'uint256', name: 'timestamp' },\n ],\n}\n\n// ============================================================================\n// Merkle Tree Functions\n// ============================================================================\n\n/**\n * Fetch all commitments from the contract and build a Merkle tree\n *\n * @param publicClient - viem PublicClient\n * @param contractAddress - Contract address\n * @returns Object with tree and leaves array\n */\nexport async function syncMerkleTree(\n publicClient: PublicClient,\n contractAddress: Address\n): Promise<{ tree: ReturnType<typeof buildMerkleTree>; leaves: bigint[] }> {\n const currentBlock = await publicClient.getBlockNumber()\n const chainId = await publicClient.getChainId()\n\n // Use CommitmentInserted events — the canonical event emitted by _insertLeaf()\n // for ALL operations (shield, transfer, merge, swap fill/claim/cancel).\n // Each event has an explicit leafIndex, so ordering is deterministic.\n let commitmentLogs: any[] = []\n\n if (chainId === 31337) {\n // Anvil - single query is fine\n commitmentLogs = await publicClient.getLogs({\n address: contractAddress,\n event: COMMITMENT_INSERTED_EVENT,\n fromBlock: 0n,\n })\n } else {\n // Testnet/mainnet - paginate to avoid RPC limits\n const deployment = getDeployment(chainId)\n let fromBlock = deployment?.deployBlock ? BigInt(deployment.deployBlock) : 0n\n console.log(`[syncMerkleTree] Chain ${chainId}: scanning from block ${fromBlock} to ${currentBlock}`)\n\n while (fromBlock <= currentBlock) {\n const toBlock =\n fromBlock + RPC_CHUNK_SIZE > currentBlock ? currentBlock : fromBlock + RPC_CHUNK_SIZE\n const chunk = await publicClient.getLogs({\n address: contractAddress,\n event: COMMITMENT_INSERTED_EVENT,\n fromBlock,\n toBlock,\n })\n commitmentLogs = commitmentLogs.concat(chunk)\n fromBlock = toBlock + 1n\n }\n }\n\n // Sort by explicit leafIndex (most reliable), falling back to block+logIndex\n commitmentLogs.sort((a: any, b: any) => {\n const idxA = Number(a.args.leafIndex!)\n const idxB = Number(b.args.leafIndex!)\n return idxA - idxB\n })\n\n // Build leaves array using the explicit leafIndex from each event\n const leaves: bigint[] = []\n for (const log of commitmentLogs) {\n const leafIndex = Number(log.args.leafIndex!)\n const commitment = BigInt(log.args.commitment!)\n\n if (leaves.length !== leafIndex) {\n console.warn(\n `[syncMerkleTree] WARNING: Expected leafIndex ${leaves.length} but event has ${leafIndex}. ` +\n `This may indicate missed events or reorg.`\n )\n }\n leaves.push(commitment)\n }\n\n const tree = buildMerkleTree(leaves)\n\n // Debug: compare our root with on-chain root\n const ourRoot = await tree.getRoot()\n const onChainRoot = (await publicClient.readContract({\n address: contractAddress,\n abi: [\n {\n type: 'function',\n name: 'getMerkleRoot',\n inputs: [],\n outputs: [{ type: 'uint256' }],\n stateMutability: 'view',\n },\n ],\n functionName: 'getMerkleRoot',\n })) as bigint\n\n console.log(`[syncMerkleTree] Leaves count: ${leaves.length}`)\n console.log(`[syncMerkleTree] Tree depth: ${tree.depth}`)\n console.log(`[syncMerkleTree] Our computed root: ${ourRoot}`)\n console.log(`[syncMerkleTree] On-chain root: ${onChainRoot}`)\n console.log(`[syncMerkleTree] Roots match: ${ourRoot === onChainRoot}`)\n\n if (ourRoot !== onChainRoot) {\n console.log(`[syncMerkleTree] WARNING: Root mismatch!`)\n console.log(\n `[syncMerkleTree] Leaves:`,\n leaves.map((l) => '0x' + l.toString(16))\n )\n }\n\n return { tree, leaves }\n}\n\n/**\n * Get Merkle proofs for a set of notes\n *\n * @param notes - Notes to get proofs for\n * @param leaves - All leaves in the tree\n * @param tree - Merkle tree instance\n * @returns Array of proofs with associated notes\n */\nexport async function getMerkleProofsForNotes(\n notes: SpendableNote[],\n leaves: bigint[],\n tree: ReturnType<typeof buildMerkleTree>\n): Promise<MerkleProofWithNote[]> {\n const { verifyMerkleProof } = await import('../utils/merkle.js')\n const proofs: MerkleProofWithNote[] = []\n\n for (const note of notes) {\n const commitmentBI = BigInt(note.commitment)\n const leafIndex = leaves.findIndex((l) => l === commitmentBI)\n\n console.log(`[getMerkleProofsForNotes] Note commitment: ${note.commitment}`)\n console.log(`[getMerkleProofsForNotes] Note commitment as BigInt: ${commitmentBI}`)\n console.log(`[getMerkleProofsForNotes] Found at leafIndex: ${leafIndex}`)\n console.log(`[getMerkleProofsForNotes] Note's stored leafIndex: ${note.leafIndex}`)\n\n if (leafIndex === -1) {\n console.log(`[getMerkleProofsForNotes] Leaves in tree:`, leaves.map((l) => l.toString()))\n throw new Error(`Note ${note.commitment.slice(0, 10)}... not found on-chain`)\n }\n\n const proof = await tree.getProof(leafIndex)\n\n console.log(`[getMerkleProofsForNotes] Proof root: ${proof.root}`)\n console.log(`[getMerkleProofsForNotes] Proof leafIndex: ${proof.leafIndex}`)\n console.log(`[getMerkleProofsForNotes] PathElements:`, proof.pathElements.map((e) => e.toString()))\n console.log(`[getMerkleProofsForNotes] PathIndices:`, proof.pathIndices)\n\n // Verify the proof locally before returning\n const isValid = await verifyMerkleProof(commitmentBI, proof)\n console.log(`[getMerkleProofsForNotes] Local proof verification: ${isValid}`)\n\n if (!isValid) {\n console.error(`[getMerkleProofsForNotes] WARNING: Merkle proof is invalid!`)\n }\n\n proofs.push({ proof, note: { ...note, leafIndex } })\n }\n\n return proofs\n}\n\n// ============================================================================\n// Circuit Input Building\n// ============================================================================\n\n/**\n * Compute nullifier for a UPP note (BLS12-381)\n *\n * nullifier = Poseidon(ownerSecret, leafIndex, commitment)\n *\n * @param ownerSecret - Owner secret (hash preimage)\n * @param leafIndex - Leaf index in Merkle tree\n * @param commitment - Note commitment\n * @returns Nullifier as bigint\n */\nexport async function computeNullifier(\n ownerSecret: bigint,\n leafIndex: number,\n commitment: bigint\n): Promise<bigint> {\n return await poseidon([ownerSecret, BigInt(leafIndex), commitment])\n}\n\n/**\n * Note with amount for circuit building\n */\nexport interface NoteWithAmount extends NoteCreationResult {\n amount: bigint\n}\n\n/**\n * Build circuit inputs for UPP transfer (1-in-2-out)\n *\n * @param noteProof - Merkle proof for input note\n * @param aspProof - ASP membership proof for input note's origin\n * @param recipientNote - Output note for recipient\n * @param changeNote - Output note for change\n * @returns UPP transfer circuit inputs\n */\nexport async function buildUPPTransferCircuitInputs(\n noteProof: MerkleProofWithNote,\n aspProof: ASPProof,\n recipientNote: NoteWithAmount,\n changeNote: NoteWithAmount\n): Promise<UPPTransferCircuitInputs> {\n const { proof, note } = noteProof\n\n // Compute owner hash from secret (hash-based ownership)\n const inputOwnerHash = poseidonOwnerHash(BigInt(note.ownerSecret))\n\n // Verify input commitment locally\n // BLS12-381 commitment: Poseidon(amount, ownerHash, blinding, origin, token)\n const localInputCommitment = computeNoteCommitment(\n note.amount,\n inputOwnerHash,\n note.blinding,\n note.origin,\n note.token,\n )\n\n const storedCommitment = BigInt(note.commitment)\n if (localInputCommitment !== storedCommitment) {\n console.error(`[buildUPPTransferCircuitInputs] COMMITMENT MISMATCH`)\n console.error(` amount: ${note.amount}, ownerHash: ${inputOwnerHash}`)\n console.error(` blinding: ${note.blinding}, origin: ${note.origin}, token: ${note.token}`)\n console.error(` local=${localInputCommitment}, stored=${storedCommitment}`)\n throw new Error(\n `Note commitment mismatch — this note was created with an outdated commitment formula. ` +\n `Clear your shielded account (localStorage) and re-shield tokens.`\n )\n }\n\n const nullifier = await computeNullifier(\n BigInt(note.ownerSecret),\n proof.leafIndex,\n BigInt(note.commitment)\n )\n\n return {\n // Public inputs\n stateRoot: String(proof.root),\n aspRoot: String(aspProof.aspRoot),\n nullifier: String(nullifier),\n outputCommitment1: String(recipientNote.commitment),\n outputCommitment2: String(changeNote.commitment),\n token: String(note.token),\n\n // Private inputs - Input Note\n inputAmount: String(note.amount),\n inputOneTimeSecret: String(BigInt(note.ownerSecret)),\n inputBlinding: String(note.blinding),\n inputOrigin: String(note.origin),\n inputLeafIndex: String(proof.leafIndex),\n inputPathElements: padToStateTreeDepth(proof.pathElements.map((e) => String(e)), '0'),\n inputPathIndices: padToStateTreeDepth(proof.pathIndices.map(String), '0'),\n\n // Private inputs - ASP Membership Proof\n aspPathElements: padToASPTreeDepth(aspProof.aspPathElements.map((e) => String(e)), '0'),\n aspPathIndices: padToASPTreeDepth(aspProof.aspPathIndices.map(String), '0'),\n\n // Private inputs - Output Notes (hash-based ownership)\n outputAmount1: String(recipientNote.amount),\n outputOwnerHash1: String(recipientNote.ownerHash),\n outputBlinding1: String(recipientNote.blinding),\n\n outputAmount2: String(changeNote.amount),\n outputOwnerHash2: String(changeNote.ownerHash),\n outputBlinding2: String(changeNote.blinding),\n }\n}\n\n// ============================================================================\n// Transfer Building\n// ============================================================================\n\nimport { DEMO_ASP_ID } from './asp.js'\n\n/**\n * Build a UPP transfer (proof + outputs)\n *\n * This prepares everything needed to submit the transaction.\n * UPP transfer is 1-in-2-out with ASP membership proof.\n *\n * @param ctx - Transfer context\n * @param selectedNote - Note to spend (UPP transfer uses exactly 1 input)\n * @param recipientNote - Output note for recipient\n * @param changeNote - Output note for change\n * @param onStageChange - Optional callback for stage updates\n * @returns Transfer build result with proof and outputs\n */\nexport async function buildTransfer(\n ctx: TransferContext,\n selectedNote: SpendableNote,\n recipientNote: NoteWithAmount,\n changeNote: NoteWithAmount,\n onStageChange?: (stage: TransferStage) => void\n): Promise<TransferBuildResult> {\n // 1. Sync Merkle tree\n onStageChange?.('syncing_merkle')\n const { tree, leaves } = await syncMerkleTree(ctx.publicClient, ctx.contractAddress)\n\n // 2. Get Merkle proof for note\n const noteProofs = await getMerkleProofsForNotes([selectedNote], leaves, tree)\n const noteProof = noteProofs[0]!\n\n // 3. Generate ASP proof for the note's origin\n const aspProof = await generateASPProof(\n ctx.aspId ?? DEMO_ASP_ID,\n selectedNote.origin,\n ctx.aspApprovedOrigins\n )\n\n // 4. Build circuit inputs and generate proof\n onStageChange?.('generating_proof')\n\n const circuitInputs = await buildUPPTransferCircuitInputs(\n noteProof,\n aspProof,\n recipientNote,\n changeNote\n )\n\n const { proof } = await generateUPPProof(\n 'transfer',\n circuitInputs,\n ctx.circuitBaseUrl ?? '/circuits/'\n )\n\n const formattedProof = await formatPlonkProofForContract(proof)\n\n return {\n circuit: 'transfer',\n proof: formattedProof,\n publicSignals: proof.publicSignals,\n stateRoot: BigInt(circuitInputs.stateRoot),\n aspRoot: BigInt(circuitInputs.aspRoot),\n nullifier: BigInt(circuitInputs.nullifier),\n outputCommitment1: BigInt(circuitInputs.outputCommitment1),\n outputCommitment2: BigInt(circuitInputs.outputCommitment2),\n token: BigInt(circuitInputs.token),\n recipientOutput: recipientNote,\n changeOutput: changeNote,\n spentNotes: [selectedNote],\n }\n}\n\n/**\n * Format output for contract call (post-quantum)\n */\nexport function formatOutputForContract(note: NoteCreationResult): {\n commitment: Hex\n searchTag: bigint\n ownerHash: bigint\n encryptedNote: Hex\n} {\n return {\n commitment: toHex(note.commitment, { size: 32 }),\n searchTag: note.searchTag,\n ownerHash: note.ownerHash,\n encryptedNote: note.encryptedNote as Hex,\n }\n}\n"]}
package/dist/{chunk-RYEYGGE7.cjs → chunk-IX7HV5TE.cjs} RENAMED
@@ -1,5 +1,7 @@
1
1
  'use strict';
2
2
 
3
+ var chunkVVW5VVY3_cjs = require('./chunk-VVW5VVY3.cjs');
4
+
3
5
  // src/core/proof.ts
4
6
  var snarkjs = null;
5
7
  async function loadSnarkjs() {
@@ -53,9 +55,20 @@ function getStealthCircuitArtifacts(circuit, baseUrl = "/circuits/") {
53
55
  };
54
56
  return circuitMap[circuit];
55
57
  }
56
- async function generateUPPProof(circuitType, inputs, baseUrl = "/circuits/", onProgress) {
58
+ async function generateUPPProof(circuitType, inputs, baseUrl, onProgress, options) {
57
59
  const snarkjs2 = await loadSnarkjs();
58
- const artifacts = getUPPCircuitArtifacts(circuitType, baseUrl);
60
+ let wasmData;
61
+ let zkeyData;
62
+ if (options?.artifacts) {
63
+ wasmData = options.artifacts.wasm;
64
+ zkeyData = options.artifacts.zkey;
65
+ } else {
66
+ onProgress?.("downloading", `Checking ${circuitType} circuit cache...`);
67
+ const cache = chunkVVW5VVY3_cjs.CircuitArtifactCache.shared();
68
+ const resolved = await cache.getArtifacts(circuitType, baseUrl, options?.onDownloadProgress);
69
+ wasmData = resolved.wasm;
70
+ zkeyData = resolved.zkey;
71
+ }
59
72
  onProgress?.("loading", "Loading circuit artifacts...");
60
73
  const logger = onProgress ? {
61
74
  debug: (msg) => {
@@ -74,7 +87,7 @@ async function generateUPPProof(circuitType, inputs, baseUrl = "/circuits/", onP
74
87
  }
75
88
  } : void 0;
76
89
  onProgress?.("witness", "Computing witness...");
77
- const result = await snarkjs2.plonk.fullProve(inputs, artifacts.wasm, artifacts.zkey, logger);
90
+ const result = await snarkjs2.plonk.fullProve(inputs, wasmData, zkeyData, logger);
78
91
  return {
79
92
  proof: {
80
93
  proof: result.proof,
@@ -151,5 +164,5 @@ exports.generateUPPProof = generateUPPProof;
151
164
  exports.getStealthCircuitArtifacts = getStealthCircuitArtifacts;
152
165
  exports.getUPPCircuitArtifacts = getUPPCircuitArtifacts;
153
166
  exports.verifyProof = verifyProof;
154
- //# sourceMappingURL=chunk-RYEYGGE7.cjs.map
155
- //# sourceMappingURL=chunk-RYEYGGE7.cjs.map
167
+ //# sourceMappingURL=chunk-IX7HV5TE.cjs.map
168
+ //# sourceMappingURL=chunk-IX7HV5TE.cjs.map
package/dist/chunk-IX7HV5TE.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/core/proof.ts"],"names":["snarkjs","CircuitArtifactCache"],"mappings":";;;;;AAWA,IAAI,OAAA,GAAe,IAAA;AAKnB,eAAe,WAAA,GAA4B;AACzC,EAAA,IAAI,SAAS,OAAO,OAAA;AACpB,EAAA,OAAA,GAAU,MAAM,OAAO,SAAS,CAAA;AAChC,EAAA,OAAO,OAAA;AACT;AAOO,IAAM,gBAAA,GAAmB;AAGzB,IAAM,cAAA,GAAiB;AA+SvB,SAAS,sBAAA,CACd,OAAA,EACA,OAAA,GAAkB,YAAA,EACA;AAClB,EAAA,MAAM,OAAO,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,GAAI,OAAA,GAAU,GAAG,OAAO,CAAA,CAAA,CAAA;AAEzD,EAAA,MAAM,UAAA,GAAuD;AAAA,IAC3D,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,GAAG,IAAI,CAAA,aAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,aAAA;AAAA,KACf;AAAA,IACA,KAAA,EAAO;AAAA,MACL,IAAA,EAAM,GAAG,IAAI,CAAA,UAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,UAAA;AAAA,KACf;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,GAAG,IAAI,CAAA,aAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,aAAA;AAAA,KACf;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,GAAG,IAAI,CAAA,cAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,cAAA;AAAA,KACf;AAAA,IACA,kBAAA,EAAoB;AAAA,MAClB,IAAA,EAAM,GAAG,IAAI,CAAA,uBAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,uBAAA;AAAA,KACf;AAAA,IACA,kBAAA,EAAoB;AAAA,MAClB,IAAA,EAAM,GAAG,IAAI,CAAA,uBAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,uBAAA;AAAA;AACf,GACF;AAEA,EAAA,OAAO,WAAW,OAAO,CAAA;AAC3B;AAKO,SAAS,0BAAA,CACd,OAAA,EACA,OAAA,GAAkB,YAAA,EACA;AAClB,EAAA,MAAM,OAAO,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,GAAI,OAAA,GAAU,GAAG,OAAO,CAAA,CAAA,CAAA;AAEzD,EAAA,MAAM,UAAA,GAA2D;AAAA,IAC/D,KAAA,EAAO;AAAA,MACL,IAAA,EAAM,GAAG,IAAI,CAAA,qBAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,2BAAA;AAAA,KACf;AAAA,IACA,KAAA,EAAO;AAAA,MACL,IAAA,EAAM,GAAG,IAAI,CAAA,gBAAA,CAAA;AAAA,MACb,IAAA,EAAM,GAAG,IAAI,CAAA,sBAAA;AAAA;AACf,GACF;AAEA,EAAA,OAAO,WAAW,OAAO,CAAA;AAC3B;AAsCA,eAAsB,gBAAA,CACpB,WAAA,EACA,MAAA,EACA,OAAA,EACA,YACA,OAAA,EAMsB;AACtB,EAAA,MAAMA,QAAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI,QAAA;AAEJ,EAAA,IAAI,SAAS,SAAA,EAAW;AACtB,IAAA,QAAA,GAAW,QAAQ,SAAA,CAAU,IAAA;AAC7B,IAAA,QAAA,GAAW,QAAQ,SAAA,CAAU,IAAA;AAAA,EAC/B,CAAA,MAAO;AACL,IAAA,UAAA,GAAa,aAAA,EAAe,CAAA,SAAA,EAAY,WAAW,CAAA,iBAAA,CAAmB,CAAA;AACtE,IAAA,MAAM,KAAA,GAAQC,uCAAqB,MAAA,EAAO;AAC1C,IAAA,MAAM,WAAW,MAAM,KAAA,CAAM,aAAa,WAAA,EAAa,OAAA,EAAS,SAAS,kBAAkB,CAAA;AAC3F,IAAA,QAAA,GAAW,QAAA,CAAS,IAAA;AACpB,IAAA,QAAA,GAAW,QAAA,CAAS,IAAA;AAAA,EACtB;AAEA,EAAA,UAAA,GAAa,WAAW,8BAA8B,CAAA;AAGtD,EAAA,MAAM,SAAS,UAAA,GAAa;AAAA,IAC1B,KAAA,EAAO,CAAC,GAAA,KAAgB;AACtB,MAAA,IAAI,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG,UAAA,CAAW,UAAU,+BAA+B,CAAA;AAAA,WAAA,IACxE,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG,UAAA,CAAW,UAAU,qCAAqC,CAAA;AAAA,WAAA,IACnF,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG,UAAA,CAAW,UAAU,kCAAkC,CAAA;AAAA,WAAA,IAChF,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG,UAAA,CAAW,UAAU,0BAA0B,CAAA;AAAA,WAAA,IACxE,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG,UAAA,CAAW,UAAU,6BAA6B,CAAA;AAAA,WAAA,IAC3E,IAAI,QAAA,CAAS,iBAAiB,CAAA,EAAG,UAAA,CAAW,QAAQ,gBAAgB,CAAA;AAAA,IAC/E,CAAA;AAAA,IACA,MAAM,MAAM;AAAA,IAAC,CAAA;AAAA,IACb,MAAM,MAAM;AAAA,IAAC,CAAA;AAAA,IACb,OAAO,MAAM;AAAA,IAAC;AAAA,GAChB,GAAI,MAAA;AAEJ,EAAA,UAAA,GAAa,WAAW,sBAAsB,CAAA;AAG9C,EAAA,MAAM,MAAA,GAAS,MAAMD,QAAAA,CAAQ,KAAA,CAAM,UAAU,MAAA,EAAQ,QAAA,EAAU,UAAU,MAAM,CAAA;AAE/E,EAAA,OAAO;AAAA,IACL,KAAA,EAAO;AAAA,MACL,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,eAAe,MAAA,CAAO;AAAA,KACxB;AAAA,IACA,eAAe,MAAA,CAAO;AAAA,GACxB;AACF;AAKA,eAAsB,aAAA,CACpB,cACA,OAAA,EACgB;AAChB,EAAA,MAAM,IAAI,MAAM,0CAA0C,CAAA;AAC5D;AAaA,eAAsB,oBAAA,CACpB,OAAA,EACA,MAAA,EACA,OAAA,GAAkB,YAAA,EACI;AACtB,EAAA,MAAMA,QAAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,MAAM,SAAA,GAAY,0BAAA,CAA2B,OAAA,EAAS,OAAO,CAAA;AAE7D,EAAA,MAAM,MAAA,GAAS,MAAMA,QAAAA,CAAQ,OAAA,CAAQ,UAAU,MAAA,EAAQ,SAAA,CAAU,IAAA,EAAM,SAAA,CAAU,IAAI,CAAA;AAErF,EAAA,OAAO;AAAA,IACL,KAAA,EAAO;AAAA,MACL,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,eAAe,MAAA,CAAO;AAAA,KACxB;AAAA,IACA,eAAe,MAAA,CAAO;AAAA,GACxB;AACF;AAKA,eAAsB,WAAA,CACpB,cACA,MAAA,EACkB;AAClB,EAAA,MAAM,IAAI,MAAM,iBAAiB,CAAA;AACnC;AA2BA,SAAS,cAAc,KAAA,EAAgC;AACrD,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAA,EAAK,GAAG,CAAA;AAC1D,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAA,EAAK,GAAG,CAAA;AAC1D,EAAA,OAAO,CAAA,EAAA,EAAK,CAAC,CAAA,EAAG,CAAC,CAAA,CAAA;AACnB;AAQA,eAAsB,4BAA4B,KAAA,EAG/C;AACD,EAAA,MAAM,IAAI,KAAA,CAAM,KAAA;AAEhB,EAAA,OAAO;AAAA,IACL,WAAA,EAAa;AAAA,MACX,CAAA,EAAG,aAAA,CAAc,CAAA,CAAE,CAAC,CAAA;AAAA,MACpB,CAAA,EAAG,aAAA,CAAc,CAAA,CAAE,CAAC,CAAA;AAAA,MACpB,CAAA,EAAG,aAAA,CAAc,CAAA,CAAE,CAAC,CAAA;AAAA,MACpB,CAAA,EAAG,aAAA,CAAc,CAAA,CAAE,CAAC,CAAA;AAAA,MACpB,EAAA,EAAI,aAAA,CAAc,CAAA,CAAE,EAAE,CAAA;AAAA,MACtB,EAAA,EAAI,aAAA,CAAc,CAAA,CAAE,EAAE,CAAA;AAAA,MACtB,EAAA,EAAI,aAAA,CAAc,CAAA,CAAE,EAAE,CAAA;AAAA,MACtB,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,MACvB,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,MACvB,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,MACvB,OAAA,EAAS,MAAA,CAAO,CAAA,CAAE,OAAO,CAAA;AAAA,MACzB,OAAA,EAAS,MAAA,CAAO,CAAA,CAAE,OAAO,CAAA;AAAA,MACzB,OAAA,EAAS,MAAA,CAAO,CAAA,CAAE,OAAO,CAAA;AAAA,MACzB,GAAA,EAAK,aAAA,CAAc,CAAA,CAAE,GAAG,CAAA;AAAA,MACxB,IAAA,EAAM,aAAA,CAAc,CAAA,CAAE,IAAI;AAAA,KAC5B;AAAA,IACA,aAAA,EAAe,MAAM,aAAA,CAAc,GAAA,CAAI,CAAC,CAAA,KAAc,MAAA,CAAO,CAAC,CAAC;AAAA,GACjE;AACF;AAOO,SAAS,uBAAuB,KAAA,EAIrC;AACA,EAAA,MAAM,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,KAAS,KAAA,CAAM,KAAA;AAEnC,EAAA,OAAO;AAAA,IACL,CAAA,EAAG,CAAC,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAC,CAAA;AAAA,IACpC,CAAA,EAAG;AAAA,MACD,CAAC,MAAA,CAAO,IAAA,CAAK,CAAC,EAAE,CAAC,CAAC,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA,CAAE,CAAC,CAAC,CAAC,CAAA;AAAA,MACvC,CAAC,MAAA,CAAO,IAAA,CAAK,CAAC,EAAE,CAAC,CAAC,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA,CAAE,CAAC,CAAC,CAAC;AAAA,KACzC;AAAA,IACA,CAAA,EAAG,CAAC,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAC;AAAA,GACtC;AACF","file":"chunk-IX7HV5TE.cjs","sourcesContent":["/**\n * ZK Proof Generation and Verification (BLS12-381 PLONK)\n *\n * Uses snarkjs for PLONK proof generation over the BLS12-381 curve.\n * PLONK provides a universal trusted setup (no per-circuit ceremony).\n */\n\nimport type { Proof } from './types.js'\nimport { CircuitArtifactCache, type DownloadProgress } from './circuit-cache.js'\n\n// Lazy-loaded snarkjs reference\nlet snarkjs: any = null\n\n/**\n * Load snarkjs dynamically\n */\nasync function loadSnarkjs(): Promise<any> {\n if (snarkjs) return snarkjs\n snarkjs = await import('snarkjs')\n return snarkjs\n}\n\n// ============================================================================\n// UPP Circuit Constants\n// ============================================================================\n\n/** State tree depth (32 levels = ~4B notes) */\nexport const STATE_TREE_DEPTH = 32\n\n/** ASP tree depth (20 levels = ~1M addresses) */\nexport const ASP_TREE_DEPTH = 20\n\n// ============================================================================\n// UPP Circuit Types\n// ============================================================================\n\n/**\n * Circuit types available in UPP (full protocol)\n */\nexport type UPPCircuitType = 'transfer' | 'merge' | 'withdraw' | 'joinsplit' | 'merge_transfer_2x2' | 'merge_transfer_4x2'\n\n/**\n * @deprecated Use UPPCircuitType instead\n */\nexport type CircuitType = 'shield' | 'transfer' | 'merge' | 'withdraw'\n\n/**\n * @deprecated Stealth circuits are being replaced by UPP circuits\n */\nexport type StealthCircuitType = '1x2' | '2x2'\n\n/**\n * Input signals for UPP transfer circuit (1-in-2-out, BLS12-381 PLONK)\n *\n * Matches transfer.circom: Transfer(32, 20)\n * Public: stateRoot, aspRoot, nullifier, outputCommitment1, outputCommitment2, token\n *\n * Note: Uses hash-based ownership (ownerHash) instead of BabyJubJub pubkeys.\n */\nexport interface UPPTransferCircuitInputs {\n // Public inputs\n stateRoot: string\n aspRoot: string\n nullifier: string\n outputCommitment1: string\n outputCommitment2: string\n token: string\n\n // Private inputs - Input Note\n inputAmount: string\n inputOneTimeSecret: string\n inputBlinding: string\n inputOrigin: string\n inputLeafIndex: string\n inputPathElements: string[] // 32 elements\n inputPathIndices: string[] // 32 elements\n\n // Private inputs - ASP Membership Proof\n aspPathElements: string[] // 20 elements\n aspPathIndices: string[] // 20 elements\n\n // Private inputs - Output Notes (hash-based ownership)\n outputAmount1: string\n outputOwnerHash1: string\n outputBlinding1: string\n\n outputAmount2: string\n outputOwnerHash2: string\n outputBlinding2: string\n}\n\n/**\n * Input signals for UPP withdraw circuit (BLS12-381 PLONK)\n *\n * Matches withdraw.circom with optional ASP check (ragequit support)\n */\nexport interface UPPWithdrawCircuitInputs {\n // Public inputs\n stateRoot: string\n aspRoot: string\n nullifier: string\n amount: string\n recipient: string\n token: string\n isRagequit: string // '0' or '1'\n\n // Private inputs - Input Note\n inputAmount: string\n inputOneTimeSecret: string\n inputBlinding: string\n inputOrigin: string\n inputLeafIndex: string\n inputPathElements: string[] // 32 elements\n inputPathIndices: string[] // 32 elements\n\n // Private inputs - ASP Membership Proof (can be zeros if ragequit)\n aspPathElements: string[] // 20 elements\n aspPathIndices: string[] // 20 elements\n}\n\n/**\n * Input signals for UPP merge circuit (2-in-1-out, BLS12-381 PLONK)\n */\nexport interface UPPMergeCircuitInputs {\n // Public inputs\n stateRoot: string\n nullifier1: string\n nullifier2: string\n outputCommitment: string\n merger: string\n token: string\n\n // Private inputs - Input Note 1\n inputAmount1: string\n inputOneTimeSecret1: string\n inputBlinding1: string\n inputOrigin1: string\n inputLeafIndex1: string\n inputPathElements1: string[]\n inputPathIndices1: string[]\n\n // Private inputs - Input Note 2\n inputAmount2: string\n inputOneTimeSecret2: string\n inputBlinding2: string\n inputOrigin2: string\n inputLeafIndex2: string\n inputPathElements2: string[]\n inputPathIndices2: string[]\n\n // Private inputs - Output Note\n outputAmount: string\n outputOwnerHash: string\n outputBlinding: string\n}\n\n/**\n * Input signals for UPP joinsplit circuit (4-in-2-out, BLS12-381 PLONK)\n */\nexport interface UPPJoinSplitCircuitInputs {\n // Public inputs\n stateRoot: string\n aspRoot: string\n nullifier1: string\n nullifier2: string\n nullifier3: string\n nullifier4: string\n outputCommitment1: string\n outputCommitment2: string\n token: string\n\n // Private inputs - 4 Input Notes\n inputAmount1: string; inputOneTimeSecret1: string; inputBlinding1: string\n inputOrigin1: string; inputLeafIndex1: string\n inputPathElements1: string[]; inputPathIndices1: string[]\n\n inputAmount2: string; inputOneTimeSecret2: string; inputBlinding2: string\n inputOrigin2: string; inputLeafIndex2: string\n inputPathElements2: string[]; inputPathIndices2: string[]\n\n inputAmount3: string; inputOneTimeSecret3: string; inputBlinding3: string\n inputOrigin3: string; inputLeafIndex3: string\n inputPathElements3: string[]; inputPathIndices3: string[]\n\n inputAmount4: string; inputOneTimeSecret4: string; inputBlinding4: string\n inputOrigin4: string; inputLeafIndex4: string\n inputPathElements4: string[]; inputPathIndices4: string[]\n\n // Private inputs - ASP Membership Proof\n aspPathElements: string[]\n aspPathIndices: string[]\n\n // Private inputs - Output Notes\n outputAmount1: string; outputOwnerHash1: string; outputBlinding1: string\n outputAmount2: string; outputOwnerHash2: string; outputBlinding2: string\n}\n\n/**\n * @deprecated Use UPPTransferCircuitInputs instead\n */\nexport interface TransferCircuitInputs {\n stateRoot: bigint\n aspRoot: bigint\n nullifier: bigint\n outputCommitment1: bigint\n outputCommitment2: bigint\n token: bigint\n amount: bigint\n blinding: bigint\n origin: bigint\n statePathElements: bigint[]\n statePathIndices: bigint\n aspPathElements: bigint[]\n outAmount1: bigint\n outBlinding1: bigint\n outOrigin1: bigint\n outAmount2: bigint\n outBlinding2: bigint\n outOrigin2: bigint\n}\n\n/**\n * Input signals for shield circuit\n */\nexport interface ShieldCircuitInputs {\n commitment: bigint\n token: bigint\n amount: bigint\n blinding: bigint\n origin: bigint\n}\n\n/**\n * Input signals for merge circuit\n */\nexport interface MergeCircuitInputs {\n stateRoot: bigint\n nullifier1: bigint\n nullifier2: bigint\n outputCommitment: bigint\n newOrigin: bigint\n token: bigint\n amount1: bigint\n blinding1: bigint\n origin1: bigint\n token1: bigint\n pathElements1: bigint[]\n pathIndices1: bigint\n amount2: bigint\n blinding2: bigint\n origin2: bigint\n token2: bigint\n pathElements2: bigint[]\n pathIndices2: bigint\n outputAmount: bigint\n outputBlinding: bigint\n}\n\n/**\n * Input signals for withdraw circuit\n */\nexport interface WithdrawCircuitInputs {\n stateRoot: bigint\n aspRoot: bigint\n nullifier: bigint\n withdrawAmount: bigint\n recipient: bigint\n token: bigint\n isRagequit: bigint\n amount: bigint\n blinding: bigint\n origin: bigint\n statePathElements: bigint[]\n statePathIndices: bigint\n aspPathElements: bigint[]\n}\n\n/**\n * Circuit inputs union type\n */\nexport type CircuitInputs =\n | ShieldCircuitInputs\n | TransferCircuitInputs\n | MergeCircuitInputs\n | WithdrawCircuitInputs\n\n// ============================================================================\n// Stealth Circuit Types (deprecated)\n// ============================================================================\n\n/**\n * @deprecated\n */\nexport interface Stealth1x2CircuitInputs {\n root: string; nullifierHash: string; publicAmount: string\n recipient: string; extDataHash: string\n inputAmount: string; inputOneTimeSecret: string; inputBlinding: string\n inputLeafIndex: string; inputPathElements: string[]; inputPathIndices: string[]\n outputAmount1: string; outputPubkeyX1: string; outputPubkeyY1: string; outputBlinding1: string\n outputAmount2: string; outputPubkeyX2: string; outputPubkeyY2: string; outputBlinding2: string\n}\n\n/**\n * @deprecated\n */\nexport interface Stealth2x2CircuitInputs {\n root: string; nullifierHash1: string; nullifierHash2: string\n publicAmount: string; recipient: string; extDataHash: string\n inputAmount1: string; inputOneTimeSecret1: string; inputBlinding1: string\n inputLeafIndex1: string; inputPathElements1: string[]; inputPathIndices1: string[]\n inputAmount2: string; inputOneTimeSecret2: string; inputBlinding2: string\n inputLeafIndex2: string; inputPathElements2: string[]; inputPathIndices2: string[]\n outputAmount1: string; outputPubkeyX1: string; outputPubkeyY1: string; outputBlinding1: string\n outputAmount2: string; outputPubkeyX2: string; outputPubkeyY2: string; outputBlinding2: string\n}\n\n/** @deprecated */\nexport type StealthCircuitInputs = Stealth1x2CircuitInputs | Stealth2x2CircuitInputs\n\n/**\n * Circuit artifact paths\n */\nexport interface CircuitArtifacts {\n wasm: string\n zkey: string\n}\n\n/**\n * Get circuit artifacts for a UPP circuit\n *\n * @param circuit - UPP circuit type\n * @param baseUrl - Base URL for circuit files (default: '/circuits/')\n */\nexport function getUPPCircuitArtifacts(\n circuit: UPPCircuitType,\n baseUrl: string = '/circuits/'\n): CircuitArtifacts {\n const base = baseUrl.endsWith('/') ? baseUrl : `${baseUrl}/`\n\n const circuitMap: Record<UPPCircuitType, CircuitArtifacts> = {\n transfer: {\n wasm: `${base}transfer.wasm`,\n zkey: `${base}transfer.zkey`,\n },\n merge: {\n wasm: `${base}merge.wasm`,\n zkey: `${base}merge.zkey`,\n },\n withdraw: {\n wasm: `${base}withdraw.wasm`,\n zkey: `${base}withdraw.zkey`,\n },\n joinsplit: {\n wasm: `${base}joinsplit.wasm`,\n zkey: `${base}joinsplit.zkey`,\n },\n merge_transfer_2x2: {\n wasm: `${base}merge_transfer_2x2.wasm`,\n zkey: `${base}merge_transfer_2x2.zkey`,\n },\n merge_transfer_4x2: {\n wasm: `${base}merge_transfer_4x2.wasm`,\n zkey: `${base}merge_transfer_4x2.zkey`,\n },\n }\n\n return circuitMap[circuit]\n}\n\n/**\n * @deprecated Use getUPPCircuitArtifacts instead\n */\nexport function getStealthCircuitArtifacts(\n circuit: StealthCircuitType,\n baseUrl: string = '/circuits/'\n): CircuitArtifacts {\n const base = baseUrl.endsWith('/') ? baseUrl : `${baseUrl}/`\n\n const circuitMap: Record<StealthCircuitType, CircuitArtifacts> = {\n '1x2': {\n wasm: `${base}shielded_stealth.wasm`,\n zkey: `${base}shielded_stealth_final.zkey`,\n },\n '2x2': {\n wasm: `${base}stealth_2x2.wasm`,\n zkey: `${base}stealth_2x2_final.zkey`,\n },\n }\n\n return circuitMap[circuit]\n}\n\n/**\n * UPP circuit inputs union type\n */\nexport type UPPCircuitInputs =\n | UPPTransferCircuitInputs\n | UPPWithdrawCircuitInputs\n | UPPMergeCircuitInputs\n | UPPJoinSplitCircuitInputs\n\n/**\n * PLONK proving stage for progress reporting\n */\nexport type PlonkProvingStage =\n | 'downloading'\n | 'loading'\n | 'witness'\n | 'round1'\n | 'round2'\n | 'round3'\n | 'round4'\n | 'round5'\n | 'done'\n\n/**\n * Generate a ZK proof for a UPP circuit (BLS12-381 PLONK)\n *\n * Downloads circuit artifacts (with caching) and generates a PLONK proof.\n * Artifacts are cached in IndexedDB after first download.\n *\n * @param circuitType - Which UPP circuit to use\n * @param inputs - Circuit input signals\n * @param baseUrl - Base URL for circuit artifacts (defaults to CDN)\n * @param onProgress - Optional callback for proving progress\n * @param options - Optional pre-loaded artifacts or download progress callback\n * @returns Generated proof and public signals\n */\nexport async function generateUPPProof(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl?: string,\n onProgress?: (stage: PlonkProvingStage, message: string) => void,\n options?: {\n /** Pre-loaded artifacts (bypasses download + cache entirely) */\n artifacts?: { wasm: Uint8Array; zkey: Uint8Array }\n /** Download progress callback (bytes downloaded / total) */\n onDownloadProgress?: (p: DownloadProgress) => void\n }\n): Promise<ProofResult> {\n const snarkjs = await loadSnarkjs()\n\n // Resolve circuit artifacts: pre-loaded > cache > download\n let wasmData: Uint8Array | string\n let zkeyData: Uint8Array | string\n\n if (options?.artifacts) {\n wasmData = options.artifacts.wasm\n zkeyData = options.artifacts.zkey\n } else {\n onProgress?.('downloading', `Checking ${circuitType} circuit cache...`)\n const cache = CircuitArtifactCache.shared()\n const resolved = await cache.getArtifacts(circuitType, baseUrl, options?.onDownloadProgress)\n wasmData = resolved.wasm\n zkeyData = resolved.zkey\n }\n\n onProgress?.('loading', 'Loading circuit artifacts...')\n\n // Create a logger that maps snarkjs debug messages to progress stages\n const logger = onProgress ? {\n debug: (msg: string) => {\n if (msg.includes('ROUND 1')) onProgress('round1', 'Computing wire polynomials...')\n else if (msg.includes('ROUND 2')) onProgress('round2', 'Computing permutation polynomial...')\n else if (msg.includes('ROUND 3')) onProgress('round3', 'Computing quotient polynomial...')\n else if (msg.includes('ROUND 4')) onProgress('round4', 'Computing evaluations...')\n else if (msg.includes('ROUND 5')) onProgress('round5', 'Computing opening proofs...')\n else if (msg.includes('PROVER FINISHED')) onProgress('done', 'Proof complete')\n },\n info: () => {},\n warn: () => {},\n error: () => {},\n } : undefined\n\n onProgress?.('witness', 'Computing witness...')\n\n // Use PLONK prover — pass Uint8Array directly (snarkjs/fastfile accepts it)\n const result = await snarkjs.plonk.fullProve(inputs, wasmData, zkeyData, logger)\n\n return {\n proof: {\n proof: result.proof,\n publicSignals: result.publicSignals,\n },\n publicSignals: result.publicSignals,\n }\n}\n\n/**\n * @deprecated Use generateUPPProof instead\n */\nexport async function generateProof(\n _circuitType: CircuitType,\n _inputs: CircuitInputs\n): Promise<Proof> {\n throw new Error('Deprecated: Use generateUPPProof instead')\n}\n\n/**\n * Result from proof generation\n */\nexport interface ProofResult {\n proof: Proof\n publicSignals: string[]\n}\n\n/**\n * @deprecated Stealth circuits use old Groth16 format\n */\nexport async function generateStealthProof(\n circuit: StealthCircuitType,\n inputs: StealthCircuitInputs,\n baseUrl: string = '/circuits/'\n): Promise<ProofResult> {\n const snarkjs = await loadSnarkjs()\n const artifacts = getStealthCircuitArtifacts(circuit, baseUrl)\n\n const result = await snarkjs.groth16.fullProve(inputs, artifacts.wasm, artifacts.zkey)\n\n return {\n proof: {\n proof: result.proof,\n publicSignals: result.publicSignals,\n },\n publicSignals: result.publicSignals,\n }\n}\n\n/**\n * Verify a ZK proof\n */\nexport async function verifyProof(\n _circuitType: CircuitType,\n _proof: Proof\n): Promise<boolean> {\n throw new Error('Not implemented')\n}\n\n/**\n * PLONK proof struct matching PlonkVerifierBLS12381.Proof ABI\n */\nexport interface PlonkProofStruct {\n A: `0x${string}`\n B: `0x${string}`\n C: `0x${string}`\n Z: `0x${string}`\n T1: `0x${string}`\n T2: `0x${string}`\n T3: `0x${string}`\n eval_a: bigint\n eval_b: bigint\n eval_c: bigint\n eval_s1: bigint\n eval_s2: bigint\n eval_zw: bigint\n Wxi: `0x${string}`\n Wxiw: `0x${string}`\n}\n\n/**\n * Encode a BLS12-381 G1 point from snarkjs format [x, y, \"1\"] to 128-byte hex\n * (EIP-2537: 64 bytes x + 64 bytes y, big-endian, zero-padded)\n */\nfunction encodeG1Point(point: string[]): `0x${string}` {\n const x = BigInt(point[0]!).toString(16).padStart(128, '0')\n const y = BigInt(point[1]!).toString(16).padStart(128, '0')\n return `0x${x}${y}`\n}\n\n/**\n * Format PLONK proof for on-chain verification\n *\n * Converts snarkjs PLONK proof to the PlonkVerifierBLS12381.Proof struct\n * that the pool contract expects as a tuple parameter.\n */\nexport async function formatPlonkProofForContract(proof: Proof): Promise<{\n proofStruct: PlonkProofStruct\n publicSignals: bigint[]\n}> {\n const p = proof.proof\n\n return {\n proofStruct: {\n A: encodeG1Point(p.A),\n B: encodeG1Point(p.B),\n C: encodeG1Point(p.C),\n Z: encodeG1Point(p.Z),\n T1: encodeG1Point(p.T1),\n T2: encodeG1Point(p.T2),\n T3: encodeG1Point(p.T3),\n eval_a: BigInt(p.eval_a),\n eval_b: BigInt(p.eval_b),\n eval_c: BigInt(p.eval_c),\n eval_s1: BigInt(p.eval_s1),\n eval_s2: BigInt(p.eval_s2),\n eval_zw: BigInt(p.eval_zw),\n Wxi: encodeG1Point(p.Wxi),\n Wxiw: encodeG1Point(p.Wxiw),\n },\n publicSignals: proof.publicSignals.map((s: string) => BigInt(s)),\n }\n}\n\n/**\n * @deprecated Use formatPlonkProofForContract for PLONK proofs.\n *\n * Format Groth16 proof for on-chain verification (old format).\n */\nexport function formatProofForContract(proof: Proof): {\n a: [bigint, bigint]\n b: [[bigint, bigint], [bigint, bigint]]\n c: [bigint, bigint]\n} {\n const { pi_a, pi_b, pi_c } = proof.proof\n\n return {\n a: [BigInt(pi_a[0]), BigInt(pi_a[1])],\n b: [\n [BigInt(pi_b[0][1]), BigInt(pi_b[0][0])],\n [BigInt(pi_b[1][1]), BigInt(pi_b[1][0])],\n ],\n c: [BigInt(pi_c[0]), BigInt(pi_c[1])],\n }\n}\n"]}
package/dist/{chunk-5H27F6W6.cjs → chunk-IYRCJAME.cjs} RENAMED
@@ -201,6 +201,7 @@ var ProofWorkerManager = class {
201
201
  this.handleMessage(e.data);
202
202
  };
203
203
  this.worker.onerror = (e) => {
204
+ console.error("[ProofWorkerManager] Worker error:", e.message, e);
204
205
  for (const [, p] of this.pending) {
205
206
  p.reject(new Error(`Worker error: ${e.message}`));
206
207
  }
@@ -214,6 +215,9 @@ var ProofWorkerManager = class {
214
215
  case "progress":
215
216
  entry.onProgress?.(data.stage, data.message);
216
217
  break;
218
+ case "download-progress":
219
+ entry.onDownloadProgress?.(data.progress);
220
+ break;
217
221
  case "result":
218
222
  this.pending.delete(data.id);
219
223
  entry.resolve(data.proof);
@@ -230,7 +234,7 @@ var ProofWorkerManager = class {
230
234
  * @param signal - AbortSignal for cancellation. When aborted, the promise
231
235
  * rejects with AbortError. Call terminate() for hard cancellation.
232
236
  */
233
- async prove(circuitType, inputs, baseUrl, onProgress, signal) {
237
+ async prove(circuitType, inputs, baseUrl, onProgress, signal, onDownloadProgress) {
234
238
  if (this.terminated) {
235
239
  throw new Error("Worker has been terminated");
236
240
  }
@@ -240,7 +244,7 @@ var ProofWorkerManager = class {
240
244
  reject(new DOMException("Proof generation aborted", "AbortError"));
241
245
  return;
242
246
  }
243
- this.pending.set(id, { resolve, reject, onProgress });
247
+ this.pending.set(id, { resolve, reject, onProgress, onDownloadProgress });
244
248
  const onAbort = () => {
245
249
  this.pending.delete(id);
246
250
  reject(new DOMException("Proof generation aborted", "AbortError"));
@@ -268,13 +272,13 @@ var ProofWorkerManager = class {
268
272
  this.pending.clear();
269
273
  }
270
274
  };
271
- async function generateUPPProofAsync(circuitType, inputs, baseUrl = "/circuits/", options) {
272
- const { onProgress, signal, worker } = options ?? {};
275
+ async function generateUPPProofAsync(circuitType, inputs, baseUrl, options) {
276
+ const { onProgress, onDownloadProgress, signal, worker } = options ?? {};
273
277
  if (worker) {
274
- return worker.prove(circuitType, inputs, baseUrl, onProgress, signal);
278
+ return worker.prove(circuitType, inputs, baseUrl ?? "", onProgress, signal, onDownloadProgress);
275
279
  }
276
- const { generateUPPProof } = await import('./proof-VINVGL4F.cjs');
277
- return generateUPPProof(circuitType, inputs, baseUrl, onProgress);
280
+ const { generateUPPProof } = await import('./proof-X3MVQFFZ.cjs');
281
+ return generateUPPProof(circuitType, inputs, baseUrl, onProgress, { onDownloadProgress });
278
282
  }
279
283
  var RATE_PRECISION = 10n ** 18n;
280
284
  var SWAP_ORDER_PLACED_EVENT = {
@@ -709,5 +713,5 @@ exports.removeCancelSecret = removeCancelSecret;
709
713
  exports.stealth_exports = stealth_exports;
710
714
  exports.storeCancelSecret = storeCancelSecret;
711
715
  exports.verifyOwnership = verifyOwnership;
712
- //# sourceMappingURL=chunk-5H27F6W6.cjs.map
713
- //# sourceMappingURL=chunk-5H27F6W6.cjs.map
716
+ //# sourceMappingURL=chunk-IYRCJAME.cjs.map
717
+ //# sourceMappingURL=chunk-IYRCJAME.cjs.map
package/dist/chunk-IYRCJAME.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/core/stealth.ts","../src/core/proof-worker.ts","../src/core/swap.ts","../src/core/account.ts","../src/core/note-store.ts"],"names":["__export","ADDRESS_VERSION","STARK_ADDRESS_VERSION","STARK_STEALTH_ADDRESS_PREFIX","STEALTH_ADDRESS_PREFIX","bigintToBytes","bech32m","bytesToBigint","ownerHash","randomFieldElement","__esm","init_crypto","keccak256","encodeAbiParameters","parseAbiParameters","toHex","getAddress"],"mappings":";;;;;;;;AAAA,IAAA,eAAA,GAAA;AAAAA,0BAAA,CAAA,eAAA,EAAA;AAAA,EAAA,eAAA,EAAA,MAAAC,uBAAA;AAAA,EAAA,qBAAA,EAAA,MAAAC,6BAAA;AAAA,EAAA,4BAAA,EAAA,MAAAC,oCAAA;AAAA,EAAA,sBAAA,EAAA,MAAAC,8BAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,eAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAsDO,SAAS,oBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AAER,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,CAAC,CAAA;AAC1C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAIH,uBAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,MAAM,UAAA,GAAaI,+BAAA,CAAc,SAAA,EAAW,EAAE,CAAA;AAC9C,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,YAAA,GAAeA,+BAAA,CAAc,WAAA,EAAa,EAAE,CAAA;AAClD,EAAA,IAAA,CAAK,GAAA,CAAI,cAAc,MAAM,CAAA;AAG7B,EAAA,MAAM,KAAA,GAAQC,cAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAGlC,EAAA,OAAOA,cAAA,CAAQ,MAAA,CAAOF,8BAAA,EAAwB,KAAA,EAAO,aAAa,CAAA;AACpE;AAQO,SAAS,qBAAqB,OAAA,EAKnC;AAEA,EAAA,MAAM,OAAA,GAAUE,cAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAGrD,EAAA,IAAI,OAAA,CAAQ,WAAWF,8BAAA,EAAwB;AAC7C,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6CA,8BAAsB,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACjH;AAGA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAWE,eAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAG5D,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAE7B,EAAA,IAAI,YAAYL,uBAAA,EAAiB;AAC/B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,OAAO,CAAA,YAAA,EAAeA,uBAAe,CAAA,cAAA,CAAgB,CAAA;AAAA,EACvG;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAYM,+BAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAC/D,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,cAAcA,+BAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAEjE,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,sBAAsB,OAAA,EAA0B;AAC9D,EAAA,IAAI;AACF,IAAA,oBAAA,CAAqB,OAAO,CAAA;AAC5B,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,sBAAA,CAAuB,IAAA,EAAkB,OAAA,GAAkB,CAAA,EAAW;AACpF,EAAA,OAAO,oBAAA,CAAqB,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,aAAa,OAAO,CAAA;AACvE;AAeA,eAAsB,iBAAA,CACpB,qBACA,UAAA,EACsB;AACtB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,yBAAsB,CAAA;AAExD,EAAA,IAAI,eAAe,MAAA,EAAW;AAE5B,IAAA,MAAMC,UAAAA,GAAY,MAAM,QAAA,CAAS,CAAC,UAAU,CAAC,CAAA;AAC7C,IAAA,OAAO;AAAA,MACL,aAAA,EAAe,UAAA;AAAA,MACf,SAAA,EAAAA;AAAA,KACF;AAAA,EACF;AAGA,EAAA,MAAM,gBAAgBC,oCAAA,EAAmB;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AAEhD,EAAA,OAAO;AAAA,IACL,aAAA;AAAA,IACA;AAAA,GACF;AACF;AASA,eAAsB,eAAA,CACpB,QACA,iBAAA,EACkB;AAClB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,yBAAsB,CAAA;AACxD,EAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,CAAC,MAAM,CAAC,CAAA;AAC5C,EAAA,OAAO,YAAA,KAAiB,iBAAA;AAC1B;AAYA,eAAsB,wBAAA,CACpB,eACA,KAAA,EACiB;AACjB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,yBAAsB,CAAA;AACxD,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,OAAO,QAAA,CAAS,CAAC,aAAA,EAAe,KAAK,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AACjC;AA4BO,SAAS,yBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,EAAE,CAAA;AAC3C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAIP,6BAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,SAAA,CAAU,CAAC,CAAE,CAAA;AAChC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAGA,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,WAAA,CAAY,CAAC,CAAE,CAAA;AAClC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAEA,EAAA,MAAM,KAAA,GAAQI,cAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAClC,EAAA,OAAOA,cAAA,CAAQ,MAAA,CAAOH,oCAAA,EAA8B,KAAA,EAAO,aAAa,CAAA;AAC1E;AAKO,SAAS,0BAA0B,OAAA,EAKxC;AACA,EAAA,MAAM,OAAA,GAAUG,cAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAErD,EAAA,IAAI,OAAA,CAAQ,WAAWH,oCAAA,EAA8B;AACnD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,gDAAA,EAAmDA,oCAA4B,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA;AAAA,KAC1G;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAWG,eAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAC5D,EAAA,IAAI,MAAA,GAAS,CAAA;AAEb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAC7B,EAAA,IAAI,YAAYJ,6BAAA,EAAuB;AACrC,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,mCAAA,EAAsC,OAAO,CAAA,YAAA,EAAeA,6BAAqB,CAAA,CAAA;AAAA,KACnF;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAsB,EAAC;AAC7B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,SAAA,CAAU,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAChC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAGA,EAAA,MAAM,cAAwB,EAAC;AAC/B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,WAAA,CAAY,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAClC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,2BAA2B,OAAA,EAA0B;AACnE,EAAA,IAAI;AACF,IAAA,yBAAA,CAA0B,OAAO,CAAA;AACjC,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,2BAAA,CACd,IAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,OAAO,yBAAA,CAA0B,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,kBAAkB,OAAO,CAAA;AACtF;AAKO,SAAS,kBAAkB,OAAA,EAAgD;AAChF,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAWE,8BAAA,GAAyB,GAAG,GAAG,OAAO,OAAA;AAC7D,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAWD,oCAAA,GAA+B,GAAG,GAAG,OAAO,OAAA;AACnE,EAAA,OAAO,SAAA;AACT;AA3WaC,uCAAA,CAAA,CAKAH,gCAAA,CAAA,KAKP,aAAA,CAAA,CAwMOE,6CAAA,CAAA,CAKAD;AAvPb,IAAA,YAAA,GAAAQ,uBAAA,CAAA;AAAA,EAAA,qBAAA,GAAA;AAqBA,IAAAC,6BAAA,EAAA;AAWO,IAAMP,8BAAA,GAAyB,KAAA;AAK/B,IAAMH,uBAAA,GAAkB,CAAA;AAK/B,IAAM,aAAA,GAAgB,IAAA;AAwMf,IAAME,oCAAA,GAA+B,KAAA;AAKrC,IAAMD,6BAAA,GAAwB,CAAA;AAAA,EAAA;AAAA,CAAA;;;AChM9B,IAAM,qBAAN,MAAyB;AAAA,EACtB,MAAA;AAAA,EACA,OAAA,uBAAc,GAAA,EAA0B;AAAA,EACxC,UAAA,GAAa,KAAA;AAAA,EAErB,YAAY,MAAA,EAAgB;AAC1B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAEd,IAAA,IAAA,CAAK,MAAA,CAAO,SAAA,GAAY,CAAC,CAAA,KAAyC;AAChE,MAAA,IAAA,CAAK,aAAA,CAAc,EAAE,IAAI,CAAA;AAAA,IAC3B,CAAA;AAEA,IAAA,IAAA,CAAK,MAAA,CAAO,OAAA,GAAU,CAAC,CAAA,KAAkB;AACvC,MAAA,OAAA,CAAQ,KAAA,CAAM,oCAAA,EAAsC,CAAA,CAAE,OAAA,EAAS,CAAC,CAAA;AAChE,MAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,QAAA,CAAA,CAAE,OAAO,IAAI,KAAA,CAAM,iBAAiB,CAAA,CAAE,OAAO,EAAE,CAAC,CAAA;AAAA,MAClD;AACA,MAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,IACrB,CAAA;AAAA,EACF;AAAA,EAEQ,cAAc,IAAA,EAA2B;AAC/C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,KAAK,EAAE,CAAA;AACtC,IAAA,IAAI,CAAC,KAAA,EAAO;AAEZ,IAAA,QAAQ,KAAK,IAAA;AAAM,MACjB,KAAK,UAAA;AACH,QAAA,KAAA,CAAM,UAAA,GAAa,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,QAAA;AAAA,MACF,KAAK,mBAAA;AACH,QAAA,KAAA,CAAM,kBAAA,GAAqB,KAAK,QAAQ,CAAA;AACxC,QAAA;AAAA,MACF,KAAK,QAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,OAAA,CAAQ,KAAK,KAAK,CAAA;AACxB,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,MAAA,CAAO,IAAI,KAAA,CAAM,IAAA,CAAK,OAAO,CAAC,CAAA;AACpC,QAAA;AAAA;AACJ,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAA,CACJ,WAAA,EACA,QACA,OAAA,EACA,UAAA,EACA,QACA,kBAAA,EACsB;AACtB,IAAA,IAAI,KAAK,UAAA,EAAY;AACnB,MAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAAA,IAC9C;AAEA,IAAA,OAAO,IAAI,OAAA,CAAqB,CAAC,OAAA,EAAS,MAAA,KAAW;AACnD,MAAA,MAAM,EAAA,GAAK,OAAO,UAAA,EAAW;AAE7B,MAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AACjE,QAAA;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,OAAA,CAAQ,IAAI,EAAA,EAAI,EAAE,SAAS,MAAA,EAAQ,UAAA,EAAY,oBAAoB,CAAA;AAExE,MAAA,MAAM,UAAU,MAAM;AACpB,QAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,EAAE,CAAA;AACtB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AAAA,MACnE,CAAA;AAEA,MAAA,MAAA,EAAQ,iBAAiB,OAAA,EAAS,OAAA,EAAS,EAAE,IAAA,EAAM,MAAM,CAAA;AAIzD,MAAA,MAAM,eAAA,GAAkB,OAAO,MAAA,KAAW,WAAA,GACtC,IAAI,GAAA,CAAI,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAE,IAAA,GACvC,OAAA;AAEJ,MAAA,IAAA,CAAK,OAAO,WAAA,CAAY;AAAA,QACtB,IAAA,EAAM,OAAA;AAAA,QACN,EAAA;AAAA,QACA,WAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,OACmB,CAAA;AAAA,IAChC,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,SAAA,GAAY;AACV,IAAA,IAAA,CAAK,UAAA,GAAa,IAAA;AAClB,IAAA,IAAA,CAAK,OAAO,SAAA,EAAU;AACtB,IAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,MAAA,CAAA,CAAE,MAAA,CAAO,IAAI,YAAA,CAAa,mBAAA,EAAqB,YAAY,CAAC,CAAA;AAAA,IAC9D;AACA,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AACF;AAcA,eAAsB,qBAAA,CACpB,WAAA,EACA,MAAA,EACA,OAAA,EACA,OAAA,EAMsB;AACtB,EAAA,MAAM,EAAE,UAAA,EAAY,kBAAA,EAAoB,QAAQ,MAAA,EAAO,GAAI,WAAW,EAAC;AAEvE,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,OAAO,MAAA,CAAO,MAAM,WAAA,EAAa,MAAA,EAAQ,WAAW,EAAA,EAAI,UAAA,EAAY,QAAQ,kBAAkB,CAAA;AAAA,EAChG;AAGA,EAAA,MAAM,EAAE,gBAAA,EAAiB,GAAI,MAAM,OAAO,sBAAY,CAAA;AACtD,EAAA,OAAO,iBAAiB,WAAA,EAAa,MAAA,EAAQ,SAAS,UAAA,EAAY,EAAE,oBAAoB,CAAA;AAC1F;ACpFO,IAAM,iBAAiB,GAAA,IAAO;AAM9B,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACpD,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACnD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA;AAAM;AAEtD;AAEO,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAC1D,EAAE,IAAA,EAAM,wBAAA,EAA0B,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACjE,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACvD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,wBAAA,GAA2B;AAAA,EACtC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,kBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,sBAAA,EAAwB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChE,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA,EAAM;AAAA,IAC1D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,0BAAA,GAA6B;AAAA,EACxC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,oBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,eAAA,GAAkB;AAAA,EAC7B,uBAAA;AAAA,EACA,uBAAA;AAAA,EACA,wBAAA;AAAA,EACA;AACF;AAUO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,OAAQ,aAAa,IAAA,GAAQ,cAAA;AAC/B;AAMO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,IAAI,IAAA,KAAS,EAAA,EAAI,MAAM,IAAI,MAAM,qBAAqB,CAAA;AACtD,EAAA,OAAQ,aAAa,cAAA,GAAkB,IAAA;AACzC;AAMO,SAAS,WAAA,CAAY,YAAoB,SAAA,EAA2B;AACzE,EAAA,IAAI,UAAA,KAAe,EAAA,EAAI,MAAM,IAAI,MAAM,4BAA4B,CAAA;AACnE,EAAA,OAAQ,YAAY,cAAA,GAAkB,UAAA;AACxC;AAMO,SAAS,UAAA,CAAW,IAAA,EAAc,QAAA,GAAmB,CAAA,EAAW;AACrE,EAAA,MAAM,QAAQ,IAAA,GAAO,cAAA;AACrB,EAAA,MAAM,OAAO,IAAA,GAAO,cAAA;AACpB,EAAA,MAAM,OAAA,GAAU,IAAA,CAAK,QAAA,EAAS,CAAE,QAAA,CAAS,IAAI,GAAG,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,QAAQ,CAAA;AACnE,EAAA,OAAO,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA;AAC5B;AAUO,SAAS,qBAAqB,YAAA,EAAwB;AAC3D,EAAA,OAAOU,cAAA,CAAUC,wBAAA;AAAA,IACfC,wBAAmB,SAAS,CAAA;AAAA,IAC5B,CAAC,YAAY;AAAA,GACd,CAAA;AACH;AAKO,SAAS,oBAAA,GAA4B;AAC1C,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAOC,WAAM,KAAK,CAAA;AACpB;AASO,SAAS,iBAAA,CACd,QACA,gBAAA,EACkB;AAClB,EAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,gBAAA,CAAiB,IAAI,CAAA,EAAA,KAAM,EAAA,CAAG,QAAA,EAAU,CAAC,CAAA;AAChE,EAAA,OAAO,MAAA,CAAO,OAAO,CAAA,CAAA,KAAK,MAAA,CAAO,IAAI,CAAA,CAAE,UAAA,CAAW,QAAA,EAAU,CAAC,CAAA;AAC/D;AAKO,SAAS,uBAAA,CACd,MAAA,EACA,SAAA,EACA,QAAA,EACkB;AAClB,EAAA,MAAM,IAAA,GAAO,UAAU,WAAA,EAAY;AACnC,EAAA,MAAM,GAAA,GAAM,SAAS,WAAA,EAAY;AACjC,EAAA,OAAO,MAAA,CAAO,MAAA;AAAA,IACZ,CAAA,CAAA,KAAK,EAAE,SAAA,CAAU,WAAA,OAAkB,IAAA,IAAQ,CAAA,CAAE,QAAA,CAAS,WAAA,EAAY,KAAM;AAAA,GAC1E;AACF;AAKO,SAAS,mBAAA,CAAoB,OAAmC,WAAA,EAA8B;AACnG,EAAA,MAAM,QAAA,GAAW,qBAAA,IAAyB,KAAA,GAAQ,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC9E,EAAA,OAAO,QAAA,KAAa,MAAM,QAAA,KAAa,WAAA;AACzC;AAMA,IAAM,oBAAA,GAAuB,kBAAA;AAE7B,SAAS,SAAA,CAAU,SAAiB,OAAA,EAAsB;AACxD,EAAA,OAAO,GAAG,oBAAoB,CAAA,EAAG,QAAQ,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA;AACnE;AAMO,SAAS,iBAAA,CAAkB,OAAA,EAAc,YAAA,EAAmB,OAAA,EAAwB;AACzF,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,GAAG,YAAY,CAAA;AAAA,EAChE;AAEA,EAAA,YAAA,CAAa,QAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,IAAI,YAAY,CAAA;AACxE;AAMO,SAAS,eAAA,CAAgB,SAAc,OAAA,EAA8B;AAC1E,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,IAAA;AAChD,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,SAAS,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAC/D,IAAA,IAAI,QAAQ,OAAO,MAAA;AAAA,EACrB;AAEA,EAAA,OAAO,aAAa,OAAA,CAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AACjE;AAKO,SAAS,kBAAA,CAAmB,SAAc,OAAA,EAAwB;AACvE,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,UAAA,CAAW,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAAA,EACrD;AACA,EAAA,YAAA,CAAa,UAAA,CAAW,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AAC7D;AAMO,SAAS,eAAe,OAAA,EAAyB;AACtD,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,EAAC;AACjD,EAAA,MAAM,MAAA,GAAS,UACX,CAAA,EAAG,oBAAoB,GAAG,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA,CAAA,GAC/C,oBAAA;AACJ,EAAA,MAAM,MAAa,EAAC;AACpB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,YAAA,CAAa,QAAQ,CAAA,EAAA,EAAK;AAC5C,IAAA,MAAM,GAAA,GAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA;AAC9B,IAAA,IAAI,GAAA,EAAK,UAAA,CAAW,MAAM,CAAA,EAAG;AAC3B,MAAA,GAAA,CAAI,IAAA,CAAK,GAAA,CAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAQ,CAAA;AAAA,IAC1C;AAAA,EACF;AACA,EAAA,OAAO,GAAA;AACT;AASO,SAAS,aAAA,CAAc,OAAkB,YAAA,EAA+B;AAC7E,EAAA,OAAO,CAAC,KAAA,CAAM,OAAA,IAAW,CAAC,KAAA,CAAM,aAAa,YAAA,IAAgB,KAAA,CAAM,MAAA,IAAU,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC3G;AAKO,SAAS,qBAAA,CAAsB,YAAoB,IAAA,EAAsB;AAC9E,EAAA,OAAO,iBAAA,CAAkB,YAAY,IAAI,CAAA;AAC3C;AAKO,SAAS,sBAAsB,KAAA,EAA0B;AAC9D,EAAA,IAAI,KAAA,CAAM,UAAA,KAAe,EAAA,EAAI,OAAO,CAAA;AACpC,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,GAAa,KAAA,CAAM,mBAAA;AACxC,EAAA,OAAO,MAAA,CAAQ,MAAA,GAAS,MAAA,GAAU,KAAA,CAAM,UAAU,CAAA,GAAI,GAAA;AACxD;AClUA,SAAS,gBAAA,CAAiB,MAAkB,SAAA,EAAgD;AAC1F,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,CAAA;AAAA,IACT,gBAAgBA,UAAAA,CAAM,IAAA,CAAK,gBAAgB,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACvD,WAAWA,UAAAA,CAAM,IAAA,CAAK,WAAW,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C,eAAeA,UAAAA,CAAM,IAAA,CAAK,eAAe,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACrD,aAAaA,UAAAA,CAAM,IAAA,CAAK,aAAa,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACjD,GAAI,SAAA,GAAY;AAAA,MACd,aAAa,SAAA,CAAU,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACxD,gBAAgB,SAAA,CAAU,cAAA,CAAe,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MAC9D,oBAAoB,SAAA,CAAU,kBAAA,CAAmB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACtE,kBAAkB,SAAA,CAAU,gBAAA,CAAiB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU;AAAA,QAChE;AAAC,GACP;AACF;AAEA,SAAS,mBAAmB,IAAA,EAA4E;AACtG,EAAA,IAAI,IAAA,CAAK,OAAA,KAAY,CAAA,IAAK,CAAC,KAAK,cAAA,EAAgB;AAC9C,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,MAAM,IAAA,GAAmB;AAAA,IACvB,cAAA,EAAgB,MAAA,CAAO,IAAA,CAAK,cAAc,CAAA;AAAA,IAC1C,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA;AAAA,IAChC,aAAA,EAAe,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAAA,IACxC,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,WAAW;AAAA,GACtC;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,KAAK,WAAA,EAAa;AACpB,IAAA,SAAA,GAAY;AAAA,MACV,aAAa,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAChD,gBAAgB,IAAA,CAAK,cAAA,CAAgB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MACvD,oBAAoB,IAAA,CAAK,kBAAA,CAAoB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAC/D,kBAAkB,IAAA,CAAK,gBAAA,CAAkB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC;AAAA,KAC7D;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,MAAM,SAAA,EAAU;AAC3B;AAuBO,IAAM,yBAAN,MAAwD;AAAA,EAG7D,WAAA,CACU,SACR,UAAA,EACA;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGR,IAAA,IAAA,CAAK,UAAA,GAAa,CAAA,QAAA,EAAW,UAAA,CAAW,WAAA,EAAa,CAAA,CAAA;AAAA,EACvD;AAAA,EAPQ,UAAA;AAAA,EASR,MAAM,IAAA,GAA0E;AAC9E,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAuB,KAAK,UAAU,CAAA;AACtE,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,IAAI;AACF,MAAA,OAAO,mBAAmB,IAAI,CAAA;AAAA,IAChC,CAAA,CAAA,MAAQ;AAEN,MAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,IAAA,CAAK,IAAA,EAAkB,SAAA,EAA4C;AACvE,IAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,IAAA,EAAM,SAAS,CAAA;AACnD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAAA,EAC3C;AACF;AAcO,IAAM,uBAAN,MAAsD;AAAA,EAC3D,WAAA,CACU,MACA,SAAA,EACR;AAFQ,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EACP;AAAA,EAEH,MAAM,IAAA,GAAO;AACX,IAAA,OAAO,EAAE,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,SAAA,EAAW,KAAK,SAAA,EAAU;AAAA,EACtD;AAAA,EAEA,MAAM,IAAA,GAAsB;AAAA,EAE5B;AAAA,EAEA,MAAM,KAAA,GAAuB;AAAA,EAE7B;AACF;ACrGO,IAAM,YAAN,MAAsC;AAAA,EAM3C,WAAA,CACU,OAAA,EACA,UAAA,GAAqB,OAAA,EAC7B;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AAAA,EACP;AAAA,EARK,QAAwB,EAAC;AAAA,EACzB,aAAA,uBAAoB,GAAA,EAAY;AAAA,EAChC,SAAA,uBAAgB,GAAA,EAAgB;AAAA,EAChC,KAAA,GAAQ,KAAA;AAAA;AAAA,EAShB,QAAA,GAA2B;AACzB,IAAA,OAAO,CAAC,GAAG,IAAA,CAAK,KAAK,CAAA;AAAA,EACvB;AAAA,EAEA,gBAAgB,WAAA,EAA2C;AACzD,IAAA,IAAI,SAAS,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,CAAA,KAAK,CAAA,CAAE,WAAW,OAAO,CAAA;AACxD,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,MAAA,GAAS,OAAO,MAAA,CAAO,CAAA,CAAA,KAAA,CAAM,CAAA,CAAE,WAAA,IAAe,aAAa,WAAW,CAAA;AAAA,IACxE;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,UAAA,CAAW,OAAgB,WAAA,EAAmC;AAC5D,IAAA,IAAI,KAAA,GAAQ,IAAA,CAAK,eAAA,CAAgB,WAAW,CAAA;AAC5C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,UAAA,GAAa,MAAM,WAAA,EAAY;AACrC,MAAA,KAAA,GAAQ,MAAM,MAAA,CAAO,CAAA,CAAA,KAAK,EAAE,KAAA,CAAM,WAAA,OAAkB,UAAU,CAAA;AAAA,IAChE;AACA,IAAA,OAAO,KAAA,CAAM,OAAO,CAAC,GAAA,EAAK,MAAM,GAAA,GAAM,CAAA,CAAE,QAAQ,EAAE,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,QAAQ,IAAA,EAA6B;AACnC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,IAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,GAAG,OAAO,KAAA;AAGxC,IAAA,MAAM,UAAA,GAA2B;AAAA,MAC/B,GAAG,IAAA;AAAA,MACH,UAAA,EAAY,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AAAA,MACxC,MAAA,EAAQ,cAAA,CAAe,IAAA,CAAK,MAAM,CAAA;AAAA,MAClC,KAAA,EAAO,cAAA,CAAe,IAAA,CAAK,KAAK;AAAA,KAClC;AAEA,IAAA,IAAA,CAAK,KAAA,CAAM,KAAK,UAAU,CAAA;AAC1B,IAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,IAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,KAAA,EAA+B;AACtC,IAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,IAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,MAAA,IAAI,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA,EAAG,KAAA,EAAA;AAAA,IAC1B;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,UAAA,EAA0B;AAClC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,OAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,UAAA,EAA0B;AACpC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,WAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA,CAAgB,YAAoB,SAAA,EAAyB;AAC3D,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,SAAA,KAAc,SAAA,EAAW;AACxC,MAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AACjB,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA,EAIA,MAAM,IAAA,GAAsB;AAC1B,IAAA,MAAM,aAAa,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAsB,KAAK,UAAU,CAAA;AAC3E,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,KAAA,CAAM,OAAA,CAAQ,UAAU,CAAA,EAAG;AAC7C,MAAA,IAAA,CAAK,QAAQ,EAAC;AACd,MAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,MAAA;AAAA,IACF;AAGA,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,KAAA,MAAW,KAAK,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,GAAO,gBAAgB,CAAC,CAAA;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,MAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,CAAA,EAAG;AAAE,QAAA,OAAA,EAAA;AAAW,QAAA;AAAA,MAAS;AACvD,MAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,MAAA,IAAA,CAAK,KAAA,CAAM,KAAK,IAAI,CAAA;AAAA,IACtB;AACA,IAAA,IAAI,UAAU,CAAA,EAAG;AACf,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oBAAA,EAAuB,OAAO,CAAA,wBAAA,CAA0B,CAAA;AACpE,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AAAA,IACf,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,IACf;AAAA,EACF;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,IAAI,CAAC,KAAK,KAAA,EAAO;AACjB,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,aAAa,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAClD,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AACb,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,IAAA,CAAK,MAAA,EAAO;AAAA,EACd;AAAA;AAAA,EAIA,SAAS,QAAA,EAAkC;AACzC,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,QAAQ,CAAA;AAC3B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,EAC7C;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,QAAA,EAAS;AAAA,IACX;AAAA,EACF;AACF;AAMA,SAAS,cAAc,IAAA,EAAoC;AACzD,EAAA,OAAO;AAAA,IACL,GAAG,IAAA;AAAA,IACH,MAAA,EAAQ,IAAA,CAAK,MAAA,CAAO,QAAA,EAAS;AAAA,IAC7B,QAAA,EAAU,IAAA,CAAK,QAAA,CAAS,QAAA;AAAS,GACnC;AACF;AAEA,SAAS,gBAAgB,CAAA,EAAiC;AACxD,EAAA,OAAO;AAAA,IACL,GAAG,CAAA;AAAA,IACH,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,IACvB,QAAA,EAAU,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA;AAAA,IAC3B,WAAA,EAAa,EAAE,WAAA,IAAe;AAAA,GAChC;AACF;AAEA,SAAS,eAAe,IAAA,EAAsB;AAC5C,EAAA,IAAI;AACF,IAAA,OAAOC,gBAAW,IAAI,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF","file":"chunk-IYRCJAME.cjs","sourcesContent":["/**\n * Stealth Address Utilities (Post-Quantum, Hash-Based)\n *\n * Implements stealth addresses using Poseidon hashes with bech32m encoding.\n * No BabyJubJub curve operations — ownership is proven via hash preimage.\n *\n * Address Format (bech32m):\n * 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * Key Flow (self-shield):\n * 1. User derives ownerHash = Poseidon(spendingSecret)\n * 2. Commitment = Poseidon(amount, ownerHash, blinding, origin, token)\n * 3. Encrypt note with key derived from viewingSecret\n *\n * Key Flow (send to others, future):\n * 1. Decode recipient's stealth address (ownerHash, viewingHash)\n * 2. Generate per-note secret and derive ownerHash for the note\n * 3. Encrypt note so recipient's viewingSecret can decrypt\n */\n\nimport { bech32m } from 'bech32'\nimport {\n randomFieldElement,\n bigintToBytes,\n bytesToBigint,\n} from '../utils/crypto.js'\nimport type { MasterKeys, StarkMasterKeys, OneTimeKeys } from '../keys/types.js'\nimport type { M31Digest } from '../utils/keccak-m31.js'\n\n/**\n * Stealth address prefix\n */\nexport const STEALTH_ADDRESS_PREFIX = '0zk'\n\n/**\n * Address version (v2 = hash-based, post-quantum)\n */\nexport const ADDRESS_VERSION = 2\n\n/**\n * Maximum length for bech32m encoding\n */\nconst BECH32M_LIMIT = 1023\n\n/**\n * Encode a stealth address in bech32m format\n *\n * Format: 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * @param ownerHash - Owner hash = Poseidon(spendingSecret)\n * @param viewingHash - Viewing hash = Poseidon(viewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n * @returns bech32m encoded stealth address\n */\nexport function encodeStealthAddress(\n ownerHash: bigint,\n viewingHash: bigint,\n chainId: number = 0\n): string {\n // Build data buffer: version (1 byte) + chainId (4 bytes) + 2 * 32 bytes = 69 bytes\n const data = new Uint8Array(1 + 4 + 32 * 2)\n let offset = 0\n\n // Version\n data[offset++] = ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash (32 bytes)\n const ownerBytes = bigintToBytes(ownerHash, 32)\n data.set(ownerBytes, offset)\n offset += 32\n\n // Viewing hash (32 bytes)\n const viewingBytes = bigintToBytes(viewingHash, 32)\n data.set(viewingBytes, offset)\n\n // Convert to 5-bit words for bech32m\n const words = bech32m.toWords(data)\n\n // Encode with prefix\n return bech32m.encode(STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a bech32m stealth address\n *\n * @param address - bech32m encoded stealth address\n * @returns Decoded hash values\n */\nexport function decodeStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: bigint\n viewingHash: bigint\n} {\n // Decode bech32m\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n // Verify prefix\n if (decoded.prefix !== STEALTH_ADDRESS_PREFIX) {\n throw new Error(`Invalid stealth address prefix: expected '${STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`)\n }\n\n // Convert from 5-bit words back to bytes\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n\n // Parse version\n let offset = 0\n const version = data[offset++]!\n\n if (version !== ADDRESS_VERSION) {\n throw new Error(`Unsupported address version: ${version}. Expected v${ADDRESS_VERSION} (hash-based).`)\n }\n\n // Parse chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Parse owner hash (32 bytes)\n const ownerHash = bytesToBigint(data.slice(offset, offset + 32))\n offset += 32\n\n // Parse viewing hash (32 bytes)\n const viewingHash = bytesToBigint(data.slice(offset, offset + 32))\n\n return {\n version,\n chainId,\n ownerHash,\n viewingHash,\n }\n}\n\n/**\n * Validate a stealth address format\n */\nexport function isValidStealthAddress(address: string): boolean {\n try {\n decodeStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate stealth address from master keys\n */\nexport function generateStealthAddress(keys: MasterKeys, chainId: number = 0): string {\n return encodeStealthAddress(keys.ownerHash, keys.viewingHash, chainId)\n}\n\n/**\n * Create one-time keys for a transaction (hash-based)\n *\n * For self-shield: the user uses their own spendingSecret directly\n * as the ownerSecret, producing ownerHash = Poseidon(spendingSecret).\n *\n * For sending to others (future): generate a random oneTimeSecret\n * and derive ownerHash = Poseidon(oneTimeSecret).\n *\n * @param recipientOwnerHash - Recipient's owner hash (for verification)\n * @param selfSecret - If self-shield, the user's spending secret\n * @returns One-time keys for the note\n */\nexport async function createOneTimeKeys(\n _recipientOwnerHash?: bigint,\n selfSecret?: bigint,\n): Promise<OneTimeKeys> {\n const { poseidon } = await import('../utils/poseidon.js')\n\n if (selfSecret !== undefined) {\n // Self-shield: use own spending secret\n const ownerHash = await poseidon([selfSecret])\n return {\n oneTimeSecret: selfSecret,\n ownerHash,\n }\n }\n\n // Generate random one-time secret for the note\n const oneTimeSecret = randomFieldElement()\n const ownerHash = await poseidon([oneTimeSecret])\n\n return {\n oneTimeSecret,\n ownerHash,\n }\n}\n\n/**\n * Verify ownership of a note by checking hash preimage\n *\n * @param secret - Claimed spending secret\n * @param expectedOwnerHash - Owner hash from the note commitment\n * @returns True if the secret hashes to the expected owner hash\n */\nexport async function verifyOwnership(\n secret: bigint,\n expectedOwnerHash: bigint\n): Promise<boolean> {\n const { poseidon } = await import('../utils/poseidon.js')\n const computedHash = await poseidon([secret])\n return computedHash === expectedOwnerHash\n}\n\n/**\n * Compute shared secret for note encryption/decryption (hash-based)\n *\n * For self-shield: just uses the viewing secret directly.\n * For sending to others (future): use Poseidon(viewingSecret, recipientViewingHash)\n *\n * @param viewingSecret - Sender's or recipient's viewing secret\n * @param nonce - Optional nonce for key derivation\n * @returns Encryption key as bigint\n */\nexport async function computeNoteEncryptionKey(\n viewingSecret: bigint,\n nonce?: bigint\n): Promise<bigint> {\n const { poseidon } = await import('../utils/poseidon.js')\n if (nonce !== undefined) {\n return poseidon([viewingSecret, nonce])\n }\n return poseidon([viewingSecret])\n}\n\n// =========================================================================\n// STARK Stealth Addresses (0zs prefix, M31/Keccak-based)\n// =========================================================================\n\n/**\n * STARK stealth address prefix\n */\nexport const STARK_STEALTH_ADDRESS_PREFIX = '0zs'\n\n/**\n * STARK address version (v1 = M31/Keccak)\n */\nexport const STARK_ADDRESS_VERSION = 1\n\n/**\n * Encode a STARK stealth address in bech32m format\n *\n * Format: 0zs1<version><chainId><ownerHash[0..3]><viewingHash[0..3]>\n *\n * Each M31 element is encoded as 4 bytes (little-endian).\n * Total data: 1 (version) + 4 (chainId) + 16 (ownerHash) + 16 (viewingHash) = 37 bytes.\n *\n * @param ownerHash - 4 M31 elements: keccak_m31(starkSecret)\n * @param viewingHash - 4 M31 elements: keccak_m31(starkViewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n */\nexport function encodeStarkStealthAddress(\n ownerHash: M31Digest,\n viewingHash: M31Digest,\n chainId: number = 0\n): string {\n const data = new Uint8Array(1 + 4 + 16 + 16) // 37 bytes\n let offset = 0\n\n // Version\n data[offset++] = STARK_ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(ownerHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n // Viewing hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(viewingHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n const words = bech32m.toWords(data)\n return bech32m.encode(STARK_STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a STARK stealth address (0zs prefix)\n */\nexport function decodeStarkStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: M31Digest\n viewingHash: M31Digest\n} {\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n if (decoded.prefix !== STARK_STEALTH_ADDRESS_PREFIX) {\n throw new Error(\n `Invalid STARK stealth address prefix: expected '${STARK_STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`\n )\n }\n\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n let offset = 0\n\n const version = data[offset++]!\n if (version !== STARK_ADDRESS_VERSION) {\n throw new Error(\n `Unsupported STARK address version: ${version}. Expected v${STARK_ADDRESS_VERSION}.`\n )\n }\n\n // Chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Owner hash: 4 M31 LE uint32s\n const ownerHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n ownerHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n // Viewing hash: 4 M31 LE uint32s\n const viewingHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n viewingHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n return {\n version,\n chainId,\n ownerHash: ownerHash as unknown as M31Digest,\n viewingHash: viewingHash as unknown as M31Digest,\n }\n}\n\n/**\n * Validate a STARK stealth address format\n */\nexport function isValidStarkStealthAddress(address: string): boolean {\n try {\n decodeStarkStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate a STARK stealth address from STARK master keys\n */\nexport function generateStarkStealthAddress(\n keys: StarkMasterKeys,\n chainId: number = 0\n): string {\n return encodeStarkStealthAddress(keys.starkOwnerHash, keys.starkViewingHash, chainId)\n}\n\n/**\n * Detect whether an address is SNARK (0zk) or STARK (0zs)\n */\nexport function detectAddressType(address: string): 'snark' | 'stark' | 'unknown' {\n if (address.startsWith(STEALTH_ADDRESS_PREFIX + '1')) return 'snark'\n if (address.startsWith(STARK_STEALTH_ADDRESS_PREFIX + '1')) return 'stark'\n return 'unknown'\n}\n","/**\n * Proof Worker Manager — off-main-thread PLONK proof generation.\n *\n * Manages a Web Worker that runs snarkjs proof generation, keeping the\n * main thread (and UI) responsive during the 10-30s proving time.\n *\n * @example\n * ```ts\n * // Create worker (consumer handles bundler integration)\n * const worker = new Worker(\n * new URL('@permissionless-technologies/upp-sdk/worker', import.meta.url)\n * )\n * const manager = new ProofWorkerManager(worker)\n *\n * const result = await manager.prove('transfer', circuitInputs, '/circuits/',\n * (stage, msg) => console.log(stage, msg)\n * )\n *\n * // Cleanup\n * manager.terminate()\n * ```\n */\n\nimport type { UPPCircuitType, UPPCircuitInputs, ProofResult, PlonkProvingStage } from './proof.js'\nimport type { DownloadProgress } from './circuit-cache.js'\n\n// ============================================================================\n// Worker Message Types\n// ============================================================================\n\nexport interface ProofWorkerRequest {\n type: 'prove'\n id: string\n circuitType: string\n inputs: Record<string, any>\n baseUrl: string\n}\n\nexport type ProofWorkerResponse =\n | { type: 'progress'; id: string; stage: PlonkProvingStage; message: string }\n | { type: 'download-progress'; id: string; progress: DownloadProgress }\n | { type: 'result'; id: string; proof: ProofResult }\n | { type: 'error'; id: string; message: string }\n\n// ============================================================================\n// ProofWorkerManager\n// ============================================================================\n\ninterface PendingProof {\n resolve: (result: ProofResult) => void\n reject: (error: Error) => void\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n}\n\nexport class ProofWorkerManager {\n private worker: Worker\n private pending = new Map<string, PendingProof>()\n private terminated = false\n\n constructor(worker: Worker) {\n this.worker = worker\n\n this.worker.onmessage = (e: MessageEvent<ProofWorkerResponse>) => {\n this.handleMessage(e.data)\n }\n\n this.worker.onerror = (e: ErrorEvent) => {\n console.error('[ProofWorkerManager] Worker error:', e.message, e)\n for (const [, p] of this.pending) {\n p.reject(new Error(`Worker error: ${e.message}`))\n }\n this.pending.clear()\n }\n }\n\n private handleMessage(data: ProofWorkerResponse) {\n const entry = this.pending.get(data.id)\n if (!entry) return\n\n switch (data.type) {\n case 'progress':\n entry.onProgress?.(data.stage, data.message)\n break\n case 'download-progress':\n entry.onDownloadProgress?.(data.progress)\n break\n case 'result':\n this.pending.delete(data.id)\n entry.resolve(data.proof)\n break\n case 'error':\n this.pending.delete(data.id)\n entry.reject(new Error(data.message))\n break\n }\n }\n\n /**\n * Generate a proof in the worker.\n *\n * @param signal - AbortSignal for cancellation. When aborted, the promise\n * rejects with AbortError. Call terminate() for hard cancellation.\n */\n async prove(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl: string,\n onProgress?: (stage: PlonkProvingStage, message: string) => void,\n signal?: AbortSignal,\n onDownloadProgress?: (progress: DownloadProgress) => void,\n ): Promise<ProofResult> {\n if (this.terminated) {\n throw new Error('Worker has been terminated')\n }\n\n return new Promise<ProofResult>((resolve, reject) => {\n const id = crypto.randomUUID()\n\n if (signal?.aborted) {\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n return\n }\n\n this.pending.set(id, { resolve, reject, onProgress, onDownloadProgress })\n\n const onAbort = () => {\n this.pending.delete(id)\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n }\n\n signal?.addEventListener('abort', onAbort, { once: true })\n\n // Resolve baseUrl to absolute — workers resolve relative URLs against\n // their own script URL (a webpack chunk), not the page origin.\n const absoluteBaseUrl = typeof window !== 'undefined'\n ? new URL(baseUrl, window.location.href).href\n : baseUrl\n\n this.worker.postMessage({\n type: 'prove',\n id,\n circuitType,\n inputs,\n baseUrl: absoluteBaseUrl,\n } satisfies ProofWorkerRequest)\n })\n }\n\n /**\n * Hard-terminate the worker. All pending proofs are rejected.\n */\n terminate() {\n this.terminated = true\n this.worker.terminate()\n for (const [, p] of this.pending) {\n p.reject(new DOMException('Worker terminated', 'AbortError'))\n }\n this.pending.clear()\n }\n}\n\n// ============================================================================\n// Convenience Function\n// ============================================================================\n\n/**\n * Generate a UPP proof — uses a worker if provided, otherwise main-thread.\n *\n * This is the recommended entry point for proof generation. It provides a\n * unified API regardless of whether a worker is available.\n *\n * Circuit artifacts are automatically cached in IndexedDB after first download.\n */\nexport async function generateUPPProofAsync(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl?: string,\n options?: {\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n signal?: AbortSignal\n worker?: ProofWorkerManager | null\n },\n): Promise<ProofResult> {\n const { onProgress, onDownloadProgress, signal, worker } = options ?? {}\n\n if (worker) {\n return worker.prove(circuitType, inputs, baseUrl ?? '', onProgress, signal, onDownloadProgress)\n }\n\n // Fallback: main-thread proving (with cache)\n const { generateUPPProof } = await import('./proof.js')\n return generateUPPProof(circuitType, inputs, baseUrl, onProgress, { onDownloadProgress })\n}\n","/**\n * Swap Module\n *\n * Core logic for building and interacting with the UPP in-pool swap order book.\n * Framework-agnostic (no React). Reuses withdraw verifier for proofs.\n */\n\nimport { type Address, type Hex, encodeAbiParameters, keccak256, parseAbiParameters, toHex } from 'viem'\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Swap order as stored on-chain\n */\nexport interface SwapOrder {\n /** Order ID (= maker's nullifier) */\n orderId: Hex\n /** Token being sold */\n sellToken: Address\n /** Original total sell amount */\n sellAmount: bigint\n /** Remaining sell amount (decremented on each fill) */\n remainingSellAmount: bigint\n /** Token the maker wants to receive */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Accumulated buy token amount from fills */\n accumulatedBuyAmount: bigint\n /** Maker's ASP ID (public, filterable by takers) */\n makerAspId: bigint\n /** Required filler ASP (0 = any) */\n requiredFillerAspId: bigint\n /** Block number after which order expires */\n expiry: bigint\n /** Whether the maker has claimed */\n claimed: boolean\n /** Whether the order was cancelled */\n cancelled: boolean\n}\n\n/**\n * Parameters to place a swap order\n */\nexport interface SwapOrderParams {\n /** Token to sell */\n sellToken: Address\n /** Amount to sell */\n sellAmount: bigint\n /** Token to buy */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Required filler ASP (0n = accept any) */\n requiredFillerAspId?: bigint\n /** Number of blocks until expiry (from current block) */\n expiryBlocks: bigint\n}\n\n/**\n * Parameters to fill a swap order\n */\nexport interface SwapFillParams {\n /** The order to fill */\n orderId: Hex\n /** How much sellToken the filler wants (≤ remaining) */\n takeAmount: bigint\n}\n\n/**\n * Swap order from event log\n */\nexport interface SwapOrderEvent {\n orderId: Hex\n sellToken: Address\n buyToken: Address\n sellAmount: bigint\n rate: bigint\n makerAspId: bigint\n requiredFillerAspId: bigint\n expiry: bigint\n blockNumber: bigint\n /** On-chain remaining sell amount (populated by useSwapOrderBook) */\n remainingSellAmount?: bigint\n /** Whether the order has been claimed */\n claimed?: boolean\n /** Whether the order has been cancelled */\n cancelled?: boolean\n}\n\n/**\n * Swap fill from event log\n */\nexport interface SwapFillEvent {\n orderId: Hex\n fillerNullifier: Hex\n takeAmount: bigint\n giveAmount: bigint\n fillerAspId: bigint\n remainingSellAmount: bigint\n blockNumber: bigint\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** 1e18 fixed-point precision for swap rates */\nexport const RATE_PRECISION = 10n ** 18n\n\n// ============================================================================\n// Event ABIs (for indexing swap events)\n// ============================================================================\n\nexport const SWAP_ORDER_PLACED_EVENT = {\n type: 'event',\n name: 'SwapOrderPlaced',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'sellToken', type: 'address', indexed: true },\n { name: 'buyToken', type: 'address', indexed: true },\n { name: 'sellAmount', type: 'uint256', indexed: false },\n { name: 'rate', type: 'uint256', indexed: false },\n { name: 'makerAspId', type: 'uint256', indexed: false },\n { name: 'requiredFillerAspId', type: 'uint256', indexed: false },\n { name: 'expiry', type: 'uint256', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_FILLED_EVENT = {\n type: 'event',\n name: 'SwapOrderFilled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'fillerNullifier', type: 'bytes32', indexed: true },\n { name: 'fillerOutputCommitment', type: 'bytes32', indexed: true },\n { name: 'takeAmount', type: 'uint256', indexed: false },\n { name: 'giveAmount', type: 'uint256', indexed: false },\n { name: 'fillerAspId', type: 'uint256', indexed: false },\n { name: 'remainingSellAmount', type: 'uint256', indexed: false },\n { name: 'encryptedFillerNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CLAIMED_EVENT = {\n type: 'event',\n name: 'SwapOrderClaimed',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'accumulatedBuyAmount', type: 'uint256', indexed: false },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'buyOutputCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedBuyNote', type: 'bytes', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CANCELLED_EVENT = {\n type: 'event',\n name: 'SwapOrderCancelled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_EVENTS_ABI = [\n SWAP_ORDER_PLACED_EVENT,\n SWAP_ORDER_FILLED_EVENT,\n SWAP_ORDER_CLAIMED_EVENT,\n SWAP_ORDER_CANCELLED_EVENT,\n] as const\n\n// ============================================================================\n// Rate Calculations\n// ============================================================================\n\n/**\n * Compute the giveAmount (buyToken) for a given takeAmount (sellToken) at a rate.\n * giveAmount = (takeAmount * rate) / 1e18\n */\nexport function computeGiveAmount(takeAmount: bigint, rate: bigint): bigint {\n return (takeAmount * rate) / RATE_PRECISION\n}\n\n/**\n * Compute the maximum takeAmount for a given giveAmount and rate.\n * takeAmount = (giveAmount * 1e18) / rate\n */\nexport function computeTakeAmount(giveAmount: bigint, rate: bigint): bigint {\n if (rate === 0n) throw new Error('Rate cannot be zero')\n return (giveAmount * RATE_PRECISION) / rate\n}\n\n/**\n * Compute rate from a desired trade: I want `buyAmount` of buyToken for `sellAmount` of sellToken.\n * rate = (buyAmount * 1e18) / sellAmount\n */\nexport function computeRate(sellAmount: bigint, buyAmount: bigint): bigint {\n if (sellAmount === 0n) throw new Error('Sell amount cannot be zero')\n return (buyAmount * RATE_PRECISION) / sellAmount\n}\n\n/**\n * Format a rate for human display.\n * Returns a string like \"0.0005\" for rate = 500000000000000n (0.0005e18)\n */\nexport function formatRate(rate: bigint, decimals: number = 6): string {\n const whole = rate / RATE_PRECISION\n const frac = rate % RATE_PRECISION\n const fracStr = frac.toString().padStart(18, '0').slice(0, decimals)\n return `${whole}.${fracStr}`\n}\n\n// ============================================================================\n// Cancel Key Management\n// ============================================================================\n\n/**\n * Generate a cancel key hash from a secret.\n * The secret should be a random 32-byte value stored by the maker.\n */\nexport function computeCancelKeyHash(cancelSecret: Hex): Hex {\n return keccak256(encodeAbiParameters(\n parseAbiParameters('bytes32'),\n [cancelSecret]\n ))\n}\n\n/**\n * Generate a random cancel secret.\n */\nexport function generateCancelSecret(): Hex {\n const bytes = new Uint8Array(32)\n crypto.getRandomValues(bytes)\n return toHex(bytes)\n}\n\n// ============================================================================\n// Order Filtering\n// ============================================================================\n\n/**\n * Filter orders by ASP: only show orders from makers on acceptable ASPs.\n */\nexport function filterOrdersByASP(\n orders: SwapOrderEvent[],\n acceptableAspIds: bigint[]\n): SwapOrderEvent[] {\n const aspSet = new Set(acceptableAspIds.map(id => id.toString()))\n return orders.filter(o => aspSet.has(o.makerAspId.toString()))\n}\n\n/**\n * Filter orders by token pair.\n */\nexport function filterOrdersByTokenPair(\n orders: SwapOrderEvent[],\n sellToken: Address,\n buyToken: Address\n): SwapOrderEvent[] {\n const sell = sellToken.toLowerCase()\n const buy = buyToken.toLowerCase()\n return orders.filter(\n o => o.sellToken.toLowerCase() === sell && o.buyToken.toLowerCase() === buy\n )\n}\n\n/**\n * Check if a filler's ASP is accepted by an order.\n */\nexport function isFillerASPAccepted(order: SwapOrder | SwapOrderEvent, fillerAspId: bigint): boolean {\n const required = 'requiredFillerAspId' in order ? order.requiredFillerAspId : 0n\n return required === 0n || required === fillerAspId\n}\n\n// ============================================================================\n// Cancel Secret Persistence (localStorage)\n// ============================================================================\n\nconst CANCEL_SECRET_PREFIX = 'upp_swap_cancel_'\n\nfunction cancelKey(account: string, orderId: Hex): string {\n return `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_${orderId}`\n}\n\n/**\n * Store a cancel secret in localStorage, scoped by wallet address.\n * Must be called after placing a swap order.\n */\nexport function storeCancelSecret(orderId: Hex, cancelSecret: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.setItem(cancelKey(account, orderId), cancelSecret)\n }\n // Also store unscoped for backward compat\n localStorage.setItem(`${CANCEL_SECRET_PREFIX}${orderId}`, cancelSecret)\n}\n\n/**\n * Retrieve a cancel secret from localStorage.\n * Returns null if not found (e.g. order was placed by someone else).\n */\nexport function getCancelSecret(orderId: Hex, account?: string): Hex | null {\n if (typeof localStorage === 'undefined') return null\n if (account) {\n const scoped = localStorage.getItem(cancelKey(account, orderId))\n if (scoped) return scoped as Hex\n }\n // Fall back to unscoped key\n return localStorage.getItem(`${CANCEL_SECRET_PREFIX}${orderId}`) as Hex | null\n}\n\n/**\n * Remove a cancel secret from localStorage (after claim or cancel).\n */\nexport function removeCancelSecret(orderId: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.removeItem(cancelKey(account, orderId))\n }\n localStorage.removeItem(`${CANCEL_SECRET_PREFIX}${orderId}`)\n}\n\n/**\n * Get all order IDs for a specific wallet address.\n * Falls back to all cancel secrets if no account provided (backward compat).\n */\nexport function getOwnOrderIds(account?: string): Hex[] {\n if (typeof localStorage === 'undefined') return []\n const prefix = account\n ? `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_`\n : CANCEL_SECRET_PREFIX\n const ids: Hex[] = []\n for (let i = 0; i < localStorage.length; i++) {\n const key = localStorage.key(i)\n if (key?.startsWith(prefix)) {\n ids.push(key.slice(prefix.length) as Hex)\n }\n }\n return ids\n}\n\n// ============================================================================\n// Order Status Helpers\n// ============================================================================\n\n/**\n * Check if an order is still active (not claimed, not cancelled, not expired).\n */\nexport function isOrderActive(order: SwapOrder, currentBlock: bigint): boolean {\n return !order.claimed && !order.cancelled && currentBlock <= order.expiry && order.remainingSellAmount > 0n\n}\n\n/**\n * Compute the total buyToken amount the maker would receive for a full fill.\n */\nexport function computeTotalBuyAmount(sellAmount: bigint, rate: bigint): bigint {\n return computeGiveAmount(sellAmount, rate)\n}\n\n/**\n * Compute fill percentage (0-100) for display.\n */\nexport function computeFillPercentage(order: SwapOrder): number {\n if (order.sellAmount === 0n) return 0\n const filled = order.sellAmount - order.remainingSellAmount\n return Number((filled * 10000n) / order.sellAmount) / 100\n}\n","/**\n * Account Adapter — Pluggable account creation and persistence\n *\n * Abstracts how master keys are derived/loaded/stored.\n * The SDK doesn't care if keys come from a wallet signature,\n * seed phrase, hardware wallet, or external KMS.\n *\n * Persistence is handled via StorageAdapter (IndexedDB, localStorage, etc.)\n */\n\nimport type { MasterKeys, StarkMasterKeys } from '../keys/types.js'\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { toHex } from 'viem'\n\n// ============================================================================\n// Interface\n// ============================================================================\n\n/**\n * Account adapter interface — pluggable key source.\n *\n * Implement this to bring your own key derivation:\n * - StorableAccountAdapter: persists keys via StorageAdapter (built-in)\n * - DirectAccountAdapter: pre-derived keys, no persistence (built-in, for testing)\n * - Custom: seed phrase, hardware wallet, external KMS\n */\nexport interface IAccountAdapter {\n /** Load persisted keys (returns null if no saved account) */\n load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null>\n /** Save keys to storage */\n save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void>\n /** Clear persisted keys */\n clear(): Promise<void>\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\ninterface SerializedAccount {\n version: 3\n spendingSecret: string\n ownerHash: string\n viewingSecret: string\n viewingHash: string\n starkSecret?: string[]\n starkOwnerHash?: string[]\n starkViewingSecret?: string[]\n starkViewingHash?: string[]\n}\n\nfunction serializeAccount(keys: MasterKeys, starkKeys?: StarkMasterKeys): SerializedAccount {\n return {\n version: 3,\n spendingSecret: toHex(keys.spendingSecret, { size: 32 }),\n ownerHash: toHex(keys.ownerHash, { size: 32 }),\n viewingSecret: toHex(keys.viewingSecret, { size: 32 }),\n viewingHash: toHex(keys.viewingHash, { size: 32 }),\n ...(starkKeys ? {\n starkSecret: starkKeys.starkSecret.map(v => v.toString()),\n starkOwnerHash: starkKeys.starkOwnerHash.map(v => v.toString()),\n starkViewingSecret: starkKeys.starkViewingSecret.map(v => v.toString()),\n starkViewingHash: starkKeys.starkViewingHash.map(v => v.toString()),\n } : {}),\n }\n}\n\nfunction deserializeAccount(data: SerializedAccount): { keys: MasterKeys; starkKeys?: StarkMasterKeys } {\n if (data.version !== 3 || !data.spendingSecret) {\n throw new Error('Invalid or outdated account data')\n }\n\n const keys: MasterKeys = {\n spendingSecret: BigInt(data.spendingSecret),\n ownerHash: BigInt(data.ownerHash),\n viewingSecret: BigInt(data.viewingSecret),\n viewingHash: BigInt(data.viewingHash),\n }\n\n let starkKeys: StarkMasterKeys | undefined\n if (data.starkSecret) {\n starkKeys = {\n starkSecret: data.starkSecret.map(s => BigInt(s)) as any,\n starkOwnerHash: data.starkOwnerHash!.map(s => BigInt(s)) as any,\n starkViewingSecret: data.starkViewingSecret!.map(s => BigInt(s)) as any,\n starkViewingHash: data.starkViewingHash!.map(s => BigInt(s)) as any,\n }\n }\n\n return { keys, starkKeys }\n}\n\n// ============================================================================\n// StorableAccountAdapter — persists via StorageAdapter\n// ============================================================================\n\n/**\n * Account adapter that persists keys via a pluggable StorageAdapter.\n *\n * Works with IndexedDB, localStorage, memory, Redis, Postgres — anything\n * that implements StorageAdapter.\n *\n * @example\n * ```ts\n * const storage = createAutoAdapter('upp_account')\n * const adapter = new StorableAccountAdapter(storage, ethAddress)\n * const saved = await adapter.load()\n * if (!saved) {\n * const keys = await deriveKeysFromSignature(sig)\n * await adapter.save(keys, starkKeys)\n * }\n * ```\n */\nexport class StorableAccountAdapter implements IAccountAdapter {\n private storageKey: string\n\n constructor(\n private storage: StorageAdapter,\n ethAddress: string,\n ) {\n this.storageKey = `account_${ethAddress.toLowerCase()}`\n }\n\n async load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null> {\n const data = await this.storage.get<SerializedAccount>(this.storageKey)\n if (!data) return null\n try {\n return deserializeAccount(data)\n } catch {\n // Corrupt or outdated — clear it\n await this.storage.delete(this.storageKey)\n return null\n }\n }\n\n async save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void> {\n const serialized = serializeAccount(keys, starkKeys)\n await this.storage.set(this.storageKey, serialized)\n }\n\n async clear(): Promise<void> {\n await this.storage.delete(this.storageKey)\n }\n}\n\n// ============================================================================\n// DirectAccountAdapter — no persistence (testing, KMS)\n// ============================================================================\n\n/**\n * Direct account adapter — accepts pre-derived keys, no persistence.\n *\n * @example\n * ```ts\n * const adapter = new DirectAccountAdapter(masterKeys, starkKeys)\n * ```\n */\nexport class DirectAccountAdapter implements IAccountAdapter {\n constructor(\n private keys: MasterKeys,\n private starkKeys?: StarkMasterKeys,\n ) {}\n\n async load() {\n return { keys: this.keys, starkKeys: this.starkKeys }\n }\n\n async save(): Promise<void> {\n // No-op — keys are in memory only\n }\n\n async clear(): Promise<void> {\n // No-op\n }\n}\n","/**\n * NoteStore — Single source of truth for note state\n *\n * Framework-agnostic. Uses StorageAdapter for persistence.\n * Handles deduplication, status management, balance calculation.\n *\n * Usage:\n * const store = new NoteStore(createMemoryAdapter())\n * await store.load()\n * store.addNote(note) // returns false if duplicate\n * store.getBalance() // sum of unspent notes\n */\n\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { getAddress } from 'viem'\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type NoteStatus = 'pending' | 'confirmed' | 'spent'\nexport type ProofSystem = 'snark' | 'stark'\n\nexport interface ShieldedNote {\n amount: bigint\n blinding: bigint\n commitment: string\n ownerSecret: string\n ownerHash: string\n leafIndex: number\n origin: string\n token: string\n txHash?: string\n status: NoteStatus\n timestamp: number\n proofSystem?: ProofSystem\n}\n\n/** Serialized format for storage (bigints as strings) */\ninterface SerializedNote {\n amount: string\n blinding: string\n commitment: string\n ownerSecret: string\n ownerHash: string\n leafIndex: number\n origin: string\n token: string\n txHash?: string\n status: NoteStatus\n timestamp: number\n proofSystem?: ProofSystem\n}\n\nexport interface INoteStore {\n getNotes(): ShieldedNote[]\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[]\n getBalance(token?: string, proofSystem?: ProofSystem): bigint\n addNote(note: ShieldedNote): boolean\n addNotes(notes: ShieldedNote[]): number\n markSpent(commitment: string): void\n unmarkSpent(commitment: string): void\n updateLeafIndex(commitment: string, leafIndex: number): void\n load(): Promise<void>\n persist(): Promise<void>\n clear(): Promise<void>\n onChange(callback: () => void): () => void\n}\n\n// ============================================================================\n// Implementation\n// ============================================================================\n\nexport class NoteStore implements INoteStore {\n private notes: ShieldedNote[] = []\n private commitmentSet = new Set<string>()\n private listeners = new Set<() => void>()\n private dirty = false\n\n constructor(\n private storage: StorageAdapter,\n private storageKey: string = 'notes',\n ) {}\n\n // ---------- Queries ----------\n\n getNotes(): ShieldedNote[] {\n return [...this.notes]\n }\n\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[] {\n let result = this.notes.filter(n => n.status !== 'spent')\n if (proofSystem) {\n result = result.filter(n => (n.proofSystem ?? 'snark') === proofSystem)\n }\n return result\n }\n\n getBalance(token?: string, proofSystem?: ProofSystem): bigint {\n let notes = this.getUnspentNotes(proofSystem)\n if (token) {\n const normalized = token.toLowerCase()\n notes = notes.filter(n => n.token.toLowerCase() === normalized)\n }\n return notes.reduce((sum, n) => sum + n.amount, 0n)\n }\n\n // ---------- Mutations ----------\n\n /**\n * Add a note. Returns false if duplicate (by commitment).\n * Normalizes token and origin addresses.\n */\n addNote(note: ShieldedNote): boolean {\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) return false\n\n // Normalize addresses\n const normalized: ShieldedNote = {\n ...note,\n commitment: note.commitment.toLowerCase(),\n origin: safeGetAddress(note.origin),\n token: safeGetAddress(note.token),\n }\n\n this.notes.push(normalized)\n this.commitmentSet.add(key)\n this.dirty = true\n this.notify()\n return true\n }\n\n /**\n * Add multiple notes. Returns count of actually added (non-duplicate).\n */\n addNotes(notes: ShieldedNote[]): number {\n let added = 0\n for (const note of notes) {\n if (this.addNote(note)) added++\n }\n return added\n }\n\n /**\n * Mark a note as spent (optimistic — syncNotes reconciles via nullifier check).\n */\n markSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status !== 'spent') {\n note.status = 'spent'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Un-mark a note as spent (reconciliation: nullifier not found on-chain).\n */\n unmarkSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status === 'spent') {\n note.status = 'confirmed'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Update the leafIndex for a note (e.g., after confirming on-chain).\n */\n updateLeafIndex(commitment: string, leafIndex: number): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.leafIndex !== leafIndex) {\n note.leafIndex = leafIndex\n this.dirty = true\n this.notify()\n }\n }\n\n // ---------- Persistence ----------\n\n async load(): Promise<void> {\n const serialized = await this.storage.get<SerializedNote[]>(this.storageKey)\n if (!serialized || !Array.isArray(serialized)) {\n this.notes = []\n this.commitmentSet.clear()\n return\n }\n\n // Deduplicate on load — prevents persisted duplicates from propagating\n this.notes = []\n this.commitmentSet.clear()\n let deduped = 0\n for (const s of serialized) {\n const note = deserializeNote(s)\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) { deduped++; continue }\n this.commitmentSet.add(key)\n this.notes.push(note)\n }\n if (deduped > 0) {\n console.log(`[NoteStore] Removed ${deduped} duplicate notes on load`)\n this.dirty = true // will persist the cleaned version\n } else {\n this.dirty = false\n }\n }\n\n async persist(): Promise<void> {\n if (!this.dirty) return\n const serialized = this.notes.map(serializeNote)\n await this.storage.set(this.storageKey, serialized)\n this.dirty = false\n }\n\n async clear(): Promise<void> {\n this.notes = []\n this.commitmentSet.clear()\n this.dirty = false\n await this.storage.delete(this.storageKey)\n this.notify()\n }\n\n // ---------- Events ----------\n\n onChange(callback: () => void): () => void {\n this.listeners.add(callback)\n return () => this.listeners.delete(callback)\n }\n\n private notify(): void {\n for (const listener of this.listeners) {\n listener()\n }\n }\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\nfunction serializeNote(note: ShieldedNote): SerializedNote {\n return {\n ...note,\n amount: note.amount.toString(),\n blinding: note.blinding.toString(),\n }\n}\n\nfunction deserializeNote(s: SerializedNote): ShieldedNote {\n return {\n ...s,\n amount: BigInt(s.amount),\n blinding: BigInt(s.blinding),\n proofSystem: s.proofSystem ?? 'snark',\n }\n}\n\nfunction safeGetAddress(addr: string): string {\n try {\n return getAddress(addr)\n } catch {\n return addr // return as-is if not a valid address (e.g., bigint-encoded origin)\n }\n}\n"]}
package/dist/{chunk-KRLRJ3HN.js → chunk-KR4GB6VC.js} RENAMED
@@ -1,3 +1,5 @@
1
+ import { CircuitArtifactCache } from './chunk-2BSIUEPO.js';
2
+
1
3
  // src/core/proof.ts
2
4
  var snarkjs = null;
3
5
  async function loadSnarkjs() {
@@ -51,9 +53,20 @@ function getStealthCircuitArtifacts(circuit, baseUrl = "/circuits/") {
51
53
  };
52
54
  return circuitMap[circuit];
53
55
  }
54
- async function generateUPPProof(circuitType, inputs, baseUrl = "/circuits/", onProgress) {
56
+ async function generateUPPProof(circuitType, inputs, baseUrl, onProgress, options) {
55
57
  const snarkjs2 = await loadSnarkjs();
56
- const artifacts = getUPPCircuitArtifacts(circuitType, baseUrl);
58
+ let wasmData;
59
+ let zkeyData;
60
+ if (options?.artifacts) {
61
+ wasmData = options.artifacts.wasm;
62
+ zkeyData = options.artifacts.zkey;
63
+ } else {
64
+ onProgress?.("downloading", `Checking ${circuitType} circuit cache...`);
65
+ const cache = CircuitArtifactCache.shared();
66
+ const resolved = await cache.getArtifacts(circuitType, baseUrl, options?.onDownloadProgress);
67
+ wasmData = resolved.wasm;
68
+ zkeyData = resolved.zkey;
69
+ }
57
70
  onProgress?.("loading", "Loading circuit artifacts...");
58
71
  const logger = onProgress ? {
59
72
  debug: (msg) => {
@@ -72,7 +85,7 @@ async function generateUPPProof(circuitType, inputs, baseUrl = "/circuits/", onP
72
85
  }
73
86
  } : void 0;
74
87
  onProgress?.("witness", "Computing witness...");
75
- const result = await snarkjs2.plonk.fullProve(inputs, artifacts.wasm, artifacts.zkey, logger);
88
+ const result = await snarkjs2.plonk.fullProve(inputs, wasmData, zkeyData, logger);
76
89
  return {
77
90
  proof: {
78
91
  proof: result.proof,
@@ -140,5 +153,5 @@ function formatProofForContract(proof) {
140
153
  }
141
154
 
142
155
  export { ASP_TREE_DEPTH, STATE_TREE_DEPTH, formatPlonkProofForContract, formatProofForContract, generateProof, generateStealthProof, generateUPPProof, getStealthCircuitArtifacts, getUPPCircuitArtifacts, verifyProof };
143
- //# sourceMappingURL=chunk-KRLRJ3HN.js.map
144
- //# sourceMappingURL=chunk-KRLRJ3HN.js.map
156
+ //# sourceMappingURL=chunk-KR4GB6VC.js.map
157
+ //# sourceMappingURL=chunk-KR4GB6VC.js.map