@permissionless-technologies/upp-sdk 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (90) hide show
  1. package/dist/{chunk-Q6BLTPWV.js → chunk-2NKFTLPD.js} +3 -3
  2. package/dist/{chunk-Q6BLTPWV.js.map → chunk-2NKFTLPD.js.map} +1 -1
  3. package/dist/{chunk-EHGH6TAW.js → chunk-37RFFZU2.js} +3 -3
  4. package/dist/{chunk-EHGH6TAW.js.map → chunk-37RFFZU2.js.map} +1 -1
  5. package/dist/{chunk-UQIM2KT3.js → chunk-4E23V3AT.js} +29 -4
  6. package/dist/chunk-4E23V3AT.js.map +1 -0
  7. package/dist/{chunk-53JACDGZ.js → chunk-A6IYQ7UF.js} +3 -3
  8. package/dist/chunk-A6IYQ7UF.js.map +1 -0
  9. package/dist/{chunk-7T4CUE6E.js → chunk-AVSR443A.js} +3 -3
  10. package/dist/{chunk-7T4CUE6E.js.map → chunk-AVSR443A.js.map} +1 -1
  11. package/dist/{chunk-UFEDJJSH.cjs → chunk-BCSMUH4L.cjs} +30 -3
  12. package/dist/chunk-BCSMUH4L.cjs.map +1 -0
  13. package/dist/{chunk-IYRCJAME.cjs → chunk-C3HXJ5A6.cjs} +9 -9
  14. package/dist/{chunk-IYRCJAME.cjs.map → chunk-C3HXJ5A6.cjs.map} +1 -1
  15. package/dist/{chunk-DD4NT4D7.js → chunk-CRUJLZV7.js} +4 -3
  16. package/dist/chunk-CRUJLZV7.js.map +1 -0
  17. package/dist/{chunk-DTEAFJG7.js → chunk-FTEXUSHR.js} +4 -4
  18. package/dist/{chunk-DTEAFJG7.js.map → chunk-FTEXUSHR.js.map} +1 -1
  19. package/dist/chunk-FW2U6TKQ.js +498 -0
  20. package/dist/chunk-FW2U6TKQ.js.map +1 -0
  21. package/dist/{chunk-6TFDBBAQ.js → chunk-H4NDMIPF.js} +3 -3
  22. package/dist/{chunk-6TFDBBAQ.js.map → chunk-H4NDMIPF.js.map} +1 -1
  23. package/dist/{chunk-4T5DWZBN.cjs → chunk-HVSP62AH.cjs} +22 -36
  24. package/dist/chunk-HVSP62AH.cjs.map +1 -0
  25. package/dist/{chunk-7BNJV2ZS.cjs → chunk-LKXC3OQT.cjs} +14 -14
  26. package/dist/{chunk-7BNJV2ZS.cjs.map → chunk-LKXC3OQT.cjs.map} +1 -1
  27. package/dist/{chunk-HB43C26P.cjs → chunk-NGXEIUQ6.cjs} +4 -4
  28. package/dist/chunk-NGXEIUQ6.cjs.map +1 -0
  29. package/dist/{chunk-O2SKZZAP.cjs → chunk-P6E3LE7T.cjs} +4 -3
  30. package/dist/chunk-P6E3LE7T.cjs.map +1 -0
  31. package/dist/chunk-PGIV2GDM.cjs +511 -0
  32. package/dist/chunk-PGIV2GDM.cjs.map +1 -0
  33. package/dist/{chunk-4W7BBQ4H.js → chunk-UHMHZQZV.js} +6 -20
  34. package/dist/chunk-UHMHZQZV.js.map +1 -0
  35. package/dist/{chunk-I5EKGD4P.cjs → chunk-XNSMPNY6.cjs} +4 -4
  36. package/dist/{chunk-I5EKGD4P.cjs.map → chunk-XNSMPNY6.cjs.map} +1 -1
  37. package/dist/{chunk-U3YFYMWF.cjs → chunk-XSJ5VVH4.cjs} +5 -5
  38. package/dist/{chunk-U3YFYMWF.cjs.map → chunk-XSJ5VVH4.cjs.map} +1 -1
  39. package/dist/{chunk-SWTNJPK5.cjs → chunk-Y6WCXYOC.cjs} +11 -11
  40. package/dist/{chunk-SWTNJPK5.cjs.map → chunk-Y6WCXYOC.cjs.map} +1 -1
  41. package/dist/core/index.cjs +62 -66
  42. package/dist/core/index.d.cts +2 -5
  43. package/dist/core/index.d.ts +2 -5
  44. package/dist/core/index.js +6 -6
  45. package/dist/crypto-FWREDAVI.js +8 -0
  46. package/dist/crypto-FWREDAVI.js.map +1 -0
  47. package/dist/crypto-IZKHHFDU.cjs +42 -0
  48. package/dist/crypto-IZKHHFDU.cjs.map +1 -0
  49. package/dist/{index-BRgBwiBM.d.ts → index-DLvLv3mg.d.ts} +11 -23
  50. package/dist/{index-D6YhhbRP.d.cts → index-DOiHUft6.d.cts} +3 -4
  51. package/dist/{index-DHW5lKcd.d.ts → index-DY0XAmFw.d.ts} +3 -4
  52. package/dist/{index-brLSTa0y.d.cts → index-KTJgQUxb.d.cts} +11 -23
  53. package/dist/index.cjs +126 -126
  54. package/dist/index.d.cts +4 -7
  55. package/dist/index.d.ts +4 -7
  56. package/dist/index.js +9 -9
  57. package/dist/indexer/index.cjs +62 -11
  58. package/dist/indexer/index.d.cts +196 -12
  59. package/dist/indexer/index.d.ts +196 -12
  60. package/dist/indexer/index.js +4 -1
  61. package/dist/keys/index.cjs +17 -17
  62. package/dist/keys/index.js +3 -3
  63. package/dist/react/index.cjs +214 -690
  64. package/dist/react/index.cjs.map +1 -1
  65. package/dist/react/index.d.cts +138 -6
  66. package/dist/react/index.d.ts +138 -6
  67. package/dist/react/index.js +193 -669
  68. package/dist/react/index.js.map +1 -1
  69. package/dist/{transfer-CKA4PU2C.js → transfer-2UYFZMIK.js} +3 -3
  70. package/dist/{transfer-CKA4PU2C.js.map → transfer-2UYFZMIK.js.map} +1 -1
  71. package/dist/{transfer-QFTVCREE.cjs → transfer-6OW3XKVC.cjs} +9 -9
  72. package/dist/{transfer-QFTVCREE.cjs.map → transfer-6OW3XKVC.cjs.map} +1 -1
  73. package/dist/{transfer-p-NXHdGY.d.cts → transfer-C1XU_z-6.d.cts} +46 -156
  74. package/dist/{transfer-BxiDgCvx.d.ts → transfer-DgjxZlR7.d.ts} +46 -156
  75. package/dist/utils/index.cjs +44 -44
  76. package/dist/utils/index.d.cts +186 -5
  77. package/dist/utils/index.d.ts +186 -5
  78. package/dist/utils/index.js +4 -4
  79. package/package.json +1 -1
  80. package/src/deployments/31337.json +2 -1
  81. package/dist/chunk-4T5DWZBN.cjs.map +0 -1
  82. package/dist/chunk-4W7BBQ4H.js.map +0 -1
  83. package/dist/chunk-53JACDGZ.js.map +0 -1
  84. package/dist/chunk-DD4NT4D7.js.map +0 -1
  85. package/dist/chunk-HB43C26P.cjs.map +0 -1
  86. package/dist/chunk-O2SKZZAP.cjs.map +0 -1
  87. package/dist/chunk-UFEDJJSH.cjs.map +0 -1
  88. package/dist/chunk-UQIM2KT3.js.map +0 -1
  89. package/dist/stark-BcTD1OaJ.d.cts +0 -185
  90. package/dist/stark-BcTD1OaJ.d.ts +0 -185
package/dist/{chunk-Q6BLTPWV.js → chunk-2NKFTLPD.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { bigintToBytes, bytesToBigint, randomFieldElement, init_crypto } from './chunk-UQIM2KT3.js';
1
+ import { bigintToBytes, bytesToBigint, randomFieldElement, init_crypto } from './chunk-4E23V3AT.js';
2
2
  import { __export, __esm } from './chunk-Z6ZWNWWR.js';
3
3
  import { bech32m } from 'bech32';
4
4
  import { keccak256, encodeAbiParameters, parseAbiParameters, toHex, getAddress } from 'viem';
@@ -671,5 +671,5 @@ function safeGetAddress(addr) {
671
671
  }
672
672
 
673
673
  export { ADDRESS_VERSION, DirectAccountAdapter, NoteStore, ProofWorkerManager, RATE_PRECISION, STARK_ADDRESS_VERSION, STARK_STEALTH_ADDRESS_PREFIX, STEALTH_ADDRESS_PREFIX, SWAP_EVENTS_ABI, SWAP_ORDER_CANCELLED_EVENT, SWAP_ORDER_CLAIMED_EVENT, SWAP_ORDER_FILLED_EVENT, SWAP_ORDER_PLACED_EVENT, StorableAccountAdapter, computeCancelKeyHash, computeFillPercentage, computeGiveAmount, computeNoteEncryptionKey, computeRate, computeTakeAmount, computeTotalBuyAmount, createOneTimeKeys, decodeStarkStealthAddress, decodeStealthAddress, detectAddressType, encodeStarkStealthAddress, encodeStealthAddress, filterOrdersByASP, filterOrdersByTokenPair, formatRate, generateCancelSecret, generateStarkStealthAddress, generateStealthAddress, generateUPPProofAsync, getCancelSecret, getOwnOrderIds, init_stealth, isFillerASPAccepted, isOrderActive, isValidStarkStealthAddress, isValidStealthAddress, removeCancelSecret, stealth_exports, storeCancelSecret, verifyOwnership };
674
- //# sourceMappingURL=chunk-Q6BLTPWV.js.map
675
- //# sourceMappingURL=chunk-Q6BLTPWV.js.map
674
+ //# sourceMappingURL=chunk-2NKFTLPD.js.map
675
+ //# sourceMappingURL=chunk-2NKFTLPD.js.map
package/dist/{chunk-Q6BLTPWV.js.map → chunk-2NKFTLPD.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/core/stealth.ts","../src/core/proof-worker.ts","../src/core/swap.ts","../src/core/account.ts","../src/core/note-store.ts"],"names":["ownerHash","toHex"],"mappings":";;;;;;AAAA,IAAA,eAAA,GAAA;AAAA,QAAA,CAAA,eAAA,EAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,eAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAsDO,SAAS,oBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AAER,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,CAAC,CAAA;AAC1C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAI,eAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,MAAM,UAAA,GAAa,aAAA,CAAc,SAAA,EAAW,EAAE,CAAA;AAC9C,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,YAAA,GAAe,aAAA,CAAc,WAAA,EAAa,EAAE,CAAA;AAClD,EAAA,IAAA,CAAK,GAAA,CAAI,cAAc,MAAM,CAAA;AAG7B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAGlC,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,sBAAA,EAAwB,KAAA,EAAO,aAAa,CAAA;AACpE;AAQO,SAAS,qBAAqB,OAAA,EAKnC;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAGrD,EAAA,IAAI,OAAA,CAAQ,WAAW,sBAAA,EAAwB;AAC7C,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,sBAAsB,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACjH;AAGA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,QAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAG5D,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAE7B,EAAA,IAAI,YAAY,eAAA,EAAiB;AAC/B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,OAAO,CAAA,YAAA,EAAe,eAAe,CAAA,cAAA,CAAgB,CAAA;AAAA,EACvG;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAY,aAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAC/D,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,cAAc,aAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAEjE,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,sBAAsB,OAAA,EAA0B;AAC9D,EAAA,IAAI;AACF,IAAA,oBAAA,CAAqB,OAAO,CAAA;AAC5B,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,sBAAA,CAAuB,IAAA,EAAkB,OAAA,GAAkB,CAAA,EAAW;AACpF,EAAA,OAAO,oBAAA,CAAqB,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,aAAa,OAAO,CAAA;AACvE;AAeA,eAAsB,iBAAA,CACpB,qBACA,UAAA,EACsB;AACtB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AAExD,EAAA,IAAI,eAAe,MAAA,EAAW;AAE5B,IAAA,MAAMA,UAAAA,GAAY,MAAM,QAAA,CAAS,CAAC,UAAU,CAAC,CAAA;AAC7C,IAAA,OAAO;AAAA,MACL,aAAA,EAAe,UAAA;AAAA,MACf,SAAA,EAAAA;AAAA,KACF;AAAA,EACF;AAGA,EAAA,MAAM,gBAAgB,kBAAA,EAAmB;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AAEhD,EAAA,OAAO;AAAA,IACL,aAAA;AAAA,IACA;AAAA,GACF;AACF;AASA,eAAsB,eAAA,CACpB,QACA,iBAAA,EACkB;AAClB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AACxD,EAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,CAAC,MAAM,CAAC,CAAA;AAC5C,EAAA,OAAO,YAAA,KAAiB,iBAAA;AAC1B;AAYA,eAAsB,wBAAA,CACpB,eACA,KAAA,EACiB;AACjB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AACxD,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,OAAO,QAAA,CAAS,CAAC,aAAA,EAAe,KAAK,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AACjC;AA4BO,SAAS,yBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,EAAE,CAAA;AAC3C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAI,qBAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,SAAA,CAAU,CAAC,CAAE,CAAA;AAChC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAGA,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,WAAA,CAAY,CAAC,CAAE,CAAA;AAClC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAClC,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,4BAAA,EAA8B,KAAA,EAAO,aAAa,CAAA;AAC1E;AAKO,SAAS,0BAA0B,OAAA,EAKxC;AACA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAErD,EAAA,IAAI,OAAA,CAAQ,WAAW,4BAAA,EAA8B;AACnD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,gDAAA,EAAmD,4BAA4B,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA;AAAA,KAC1G;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,QAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAC5D,EAAA,IAAI,MAAA,GAAS,CAAA;AAEb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAC7B,EAAA,IAAI,YAAY,qBAAA,EAAuB;AACrC,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,mCAAA,EAAsC,OAAO,CAAA,YAAA,EAAe,qBAAqB,CAAA,CAAA;AAAA,KACnF;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAsB,EAAC;AAC7B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,SAAA,CAAU,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAChC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAGA,EAAA,MAAM,cAAwB,EAAC;AAC/B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,WAAA,CAAY,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAClC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,2BAA2B,OAAA,EAA0B;AACnE,EAAA,IAAI;AACF,IAAA,yBAAA,CAA0B,OAAO,CAAA;AACjC,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,2BAAA,CACd,IAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,OAAO,yBAAA,CAA0B,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,kBAAkB,OAAO,CAAA;AACtF;AAKO,SAAS,kBAAkB,OAAA,EAAgD;AAChF,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,sBAAA,GAAyB,GAAG,GAAG,OAAO,OAAA;AAC7D,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,4BAAA,GAA+B,GAAG,GAAG,OAAO,OAAA;AACnE,EAAA,OAAO,SAAA;AACT;AA3YA,IAgCa,sBAAA,CAAA,CAKA,eAAA,CAAA,CAKP,aAAA,CAAA,CAwMO,4BAAA,CAAA,CAKA;AAvPb,IAAA,YAAA,GAAA,KAAA,CAAA;AAAA,EAAA,qBAAA,GAAA;AAqBA,IAAA,WAAA,EAAA;AAWO,IAAM,sBAAA,GAAyB,KAAA;AAK/B,IAAM,eAAA,GAAkB,CAAA;AAK/B,IAAM,aAAA,GAAgB,IAAA;AAwMf,IAAM,4BAAA,GAA+B,KAAA;AAKrC,IAAM,qBAAA,GAAwB,CAAA;AAAA,EAAA;AAAA,CAAA;;;AChM9B,IAAM,qBAAN,MAAyB;AAAA,EACtB,MAAA;AAAA,EACA,OAAA,uBAAc,GAAA,EAA0B;AAAA,EACxC,UAAA,GAAa,KAAA;AAAA,EAErB,YAAY,MAAA,EAAgB;AAC1B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAEd,IAAA,IAAA,CAAK,MAAA,CAAO,SAAA,GAAY,CAAC,CAAA,KAAyC;AAChE,MAAA,IAAA,CAAK,aAAA,CAAc,EAAE,IAAI,CAAA;AAAA,IAC3B,CAAA;AAEA,IAAA,IAAA,CAAK,MAAA,CAAO,OAAA,GAAU,CAAC,CAAA,KAAkB;AACvC,MAAA,OAAA,CAAQ,KAAA,CAAM,oCAAA,EAAsC,CAAA,CAAE,OAAA,EAAS,CAAC,CAAA;AAChE,MAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,QAAA,CAAA,CAAE,OAAO,IAAI,KAAA,CAAM,iBAAiB,CAAA,CAAE,OAAO,EAAE,CAAC,CAAA;AAAA,MAClD;AACA,MAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,IACrB,CAAA;AAAA,EACF;AAAA,EAEQ,cAAc,IAAA,EAA2B;AAC/C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,KAAK,EAAE,CAAA;AACtC,IAAA,IAAI,CAAC,KAAA,EAAO;AAEZ,IAAA,QAAQ,KAAK,IAAA;AAAM,MACjB,KAAK,UAAA;AACH,QAAA,KAAA,CAAM,UAAA,GAAa,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,QAAA;AAAA,MACF,KAAK,mBAAA;AACH,QAAA,KAAA,CAAM,kBAAA,GAAqB,KAAK,QAAQ,CAAA;AACxC,QAAA;AAAA,MACF,KAAK,QAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,OAAA,CAAQ,KAAK,KAAK,CAAA;AACxB,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,MAAA,CAAO,IAAI,KAAA,CAAM,IAAA,CAAK,OAAO,CAAC,CAAA;AACpC,QAAA;AAAA;AACJ,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAA,CACJ,WAAA,EACA,QACA,OAAA,EACA,UAAA,EACA,QACA,kBAAA,EACsB;AACtB,IAAA,IAAI,KAAK,UAAA,EAAY;AACnB,MAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAAA,IAC9C;AAEA,IAAA,OAAO,IAAI,OAAA,CAAqB,CAAC,OAAA,EAAS,MAAA,KAAW;AACnD,MAAA,MAAM,EAAA,GAAK,OAAO,UAAA,EAAW;AAE7B,MAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AACjE,QAAA;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,OAAA,CAAQ,IAAI,EAAA,EAAI,EAAE,SAAS,MAAA,EAAQ,UAAA,EAAY,oBAAoB,CAAA;AAExE,MAAA,MAAM,UAAU,MAAM;AACpB,QAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,EAAE,CAAA;AACtB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AAAA,MACnE,CAAA;AAEA,MAAA,MAAA,EAAQ,iBAAiB,OAAA,EAAS,OAAA,EAAS,EAAE,IAAA,EAAM,MAAM,CAAA;AAIzD,MAAA,MAAM,eAAA,GAAkB,OAAO,MAAA,KAAW,WAAA,GACtC,IAAI,GAAA,CAAI,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAE,IAAA,GACvC,OAAA;AAEJ,MAAA,IAAA,CAAK,OAAO,WAAA,CAAY;AAAA,QACtB,IAAA,EAAM,OAAA;AAAA,QACN,EAAA;AAAA,QACA,WAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,OACmB,CAAA;AAAA,IAChC,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,SAAA,GAAY;AACV,IAAA,IAAA,CAAK,UAAA,GAAa,IAAA;AAClB,IAAA,IAAA,CAAK,OAAO,SAAA,EAAU;AACtB,IAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,MAAA,CAAA,CAAE,MAAA,CAAO,IAAI,YAAA,CAAa,mBAAA,EAAqB,YAAY,CAAC,CAAA;AAAA,IAC9D;AACA,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AACF;AAcA,eAAsB,qBAAA,CACpB,WAAA,EACA,MAAA,EACA,OAAA,EACA,OAAA,EAMsB;AACtB,EAAA,MAAM,EAAE,UAAA,EAAY,kBAAA,EAAoB,QAAQ,MAAA,EAAO,GAAI,WAAW,EAAC;AAEvE,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,OAAO,MAAA,CAAO,MAAM,WAAA,EAAa,MAAA,EAAQ,WAAW,EAAA,EAAI,UAAA,EAAY,QAAQ,kBAAkB,CAAA;AAAA,EAChG;AAGA,EAAA,MAAM,EAAE,gBAAA,EAAiB,GAAI,MAAM,OAAO,qBAAY,CAAA;AACtD,EAAA,OAAO,iBAAiB,WAAA,EAAa,MAAA,EAAQ,SAAS,UAAA,EAAY,EAAE,oBAAoB,CAAA;AAC1F;ACpFO,IAAM,iBAAiB,GAAA,IAAO;AAM9B,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACpD,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACnD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA;AAAM;AAEtD;AAEO,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAC1D,EAAE,IAAA,EAAM,wBAAA,EAA0B,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACjE,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACvD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,wBAAA,GAA2B;AAAA,EACtC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,kBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,sBAAA,EAAwB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChE,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA,EAAM;AAAA,IAC1D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,0BAAA,GAA6B;AAAA,EACxC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,oBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,eAAA,GAAkB;AAAA,EAC7B,uBAAA;AAAA,EACA,uBAAA;AAAA,EACA,wBAAA;AAAA,EACA;AACF;AAUO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,OAAQ,aAAa,IAAA,GAAQ,cAAA;AAC/B;AAMO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,IAAI,IAAA,KAAS,EAAA,EAAI,MAAM,IAAI,MAAM,qBAAqB,CAAA;AACtD,EAAA,OAAQ,aAAa,cAAA,GAAkB,IAAA;AACzC;AAMO,SAAS,WAAA,CAAY,YAAoB,SAAA,EAA2B;AACzE,EAAA,IAAI,UAAA,KAAe,EAAA,EAAI,MAAM,IAAI,MAAM,4BAA4B,CAAA;AACnE,EAAA,OAAQ,YAAY,cAAA,GAAkB,UAAA;AACxC;AAMO,SAAS,UAAA,CAAW,IAAA,EAAc,QAAA,GAAmB,CAAA,EAAW;AACrE,EAAA,MAAM,QAAQ,IAAA,GAAO,cAAA;AACrB,EAAA,MAAM,OAAO,IAAA,GAAO,cAAA;AACpB,EAAA,MAAM,OAAA,GAAU,IAAA,CAAK,QAAA,EAAS,CAAE,QAAA,CAAS,IAAI,GAAG,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,QAAQ,CAAA;AACnE,EAAA,OAAO,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA;AAC5B;AAUO,SAAS,qBAAqB,YAAA,EAAwB;AAC3D,EAAA,OAAO,SAAA,CAAU,mBAAA;AAAA,IACf,mBAAmB,SAAS,CAAA;AAAA,IAC5B,CAAC,YAAY;AAAA,GACd,CAAA;AACH;AAKO,SAAS,oBAAA,GAA4B;AAC1C,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,MAAM,KAAK,CAAA;AACpB;AASO,SAAS,iBAAA,CACd,QACA,gBAAA,EACkB;AAClB,EAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,gBAAA,CAAiB,IAAI,CAAA,EAAA,KAAM,EAAA,CAAG,QAAA,EAAU,CAAC,CAAA;AAChE,EAAA,OAAO,MAAA,CAAO,OAAO,CAAA,CAAA,KAAK,MAAA,CAAO,IAAI,CAAA,CAAE,UAAA,CAAW,QAAA,EAAU,CAAC,CAAA;AAC/D;AAKO,SAAS,uBAAA,CACd,MAAA,EACA,SAAA,EACA,QAAA,EACkB;AAClB,EAAA,MAAM,IAAA,GAAO,UAAU,WAAA,EAAY;AACnC,EAAA,MAAM,GAAA,GAAM,SAAS,WAAA,EAAY;AACjC,EAAA,OAAO,MAAA,CAAO,MAAA;AAAA,IACZ,CAAA,CAAA,KAAK,EAAE,SAAA,CAAU,WAAA,OAAkB,IAAA,IAAQ,CAAA,CAAE,QAAA,CAAS,WAAA,EAAY,KAAM;AAAA,GAC1E;AACF;AAKO,SAAS,mBAAA,CAAoB,OAAmC,WAAA,EAA8B;AACnG,EAAA,MAAM,QAAA,GAAW,qBAAA,IAAyB,KAAA,GAAQ,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC9E,EAAA,OAAO,QAAA,KAAa,MAAM,QAAA,KAAa,WAAA;AACzC;AAMA,IAAM,oBAAA,GAAuB,kBAAA;AAE7B,SAAS,SAAA,CAAU,SAAiB,OAAA,EAAsB;AACxD,EAAA,OAAO,GAAG,oBAAoB,CAAA,EAAG,QAAQ,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA;AACnE;AAMO,SAAS,iBAAA,CAAkB,OAAA,EAAc,YAAA,EAAmB,OAAA,EAAwB;AACzF,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,GAAG,YAAY,CAAA;AAAA,EAChE;AAEA,EAAA,YAAA,CAAa,QAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,IAAI,YAAY,CAAA;AACxE;AAMO,SAAS,eAAA,CAAgB,SAAc,OAAA,EAA8B;AAC1E,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,IAAA;AAChD,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,SAAS,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAC/D,IAAA,IAAI,QAAQ,OAAO,MAAA;AAAA,EACrB;AAEA,EAAA,OAAO,aAAa,OAAA,CAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AACjE;AAKO,SAAS,kBAAA,CAAmB,SAAc,OAAA,EAAwB;AACvE,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,UAAA,CAAW,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAAA,EACrD;AACA,EAAA,YAAA,CAAa,UAAA,CAAW,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AAC7D;AAMO,SAAS,eAAe,OAAA,EAAyB;AACtD,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,EAAC;AACjD,EAAA,MAAM,MAAA,GAAS,UACX,CAAA,EAAG,oBAAoB,GAAG,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA,CAAA,GAC/C,oBAAA;AACJ,EAAA,MAAM,MAAa,EAAC;AACpB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,YAAA,CAAa,QAAQ,CAAA,EAAA,EAAK;AAC5C,IAAA,MAAM,GAAA,GAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA;AAC9B,IAAA,IAAI,GAAA,EAAK,UAAA,CAAW,MAAM,CAAA,EAAG;AAC3B,MAAA,GAAA,CAAI,IAAA,CAAK,GAAA,CAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAQ,CAAA;AAAA,IAC1C;AAAA,EACF;AACA,EAAA,OAAO,GAAA;AACT;AASO,SAAS,aAAA,CAAc,OAAkB,YAAA,EAA+B;AAC7E,EAAA,OAAO,CAAC,KAAA,CAAM,OAAA,IAAW,CAAC,KAAA,CAAM,aAAa,YAAA,IAAgB,KAAA,CAAM,MAAA,IAAU,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC3G;AAKO,SAAS,qBAAA,CAAsB,YAAoB,IAAA,EAAsB;AAC9E,EAAA,OAAO,iBAAA,CAAkB,YAAY,IAAI,CAAA;AAC3C;AAKO,SAAS,sBAAsB,KAAA,EAA0B;AAC9D,EAAA,IAAI,KAAA,CAAM,UAAA,KAAe,EAAA,EAAI,OAAO,CAAA;AACpC,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,GAAa,KAAA,CAAM,mBAAA;AACxC,EAAA,OAAO,MAAA,CAAQ,MAAA,GAAS,MAAA,GAAU,KAAA,CAAM,UAAU,CAAA,GAAI,GAAA;AACxD;AClUA,SAAS,gBAAA,CAAiB,MAAkB,SAAA,EAAgD;AAC1F,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,CAAA;AAAA,IACT,gBAAgBC,KAAAA,CAAM,IAAA,CAAK,gBAAgB,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACvD,WAAWA,KAAAA,CAAM,IAAA,CAAK,WAAW,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C,eAAeA,KAAAA,CAAM,IAAA,CAAK,eAAe,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACrD,aAAaA,KAAAA,CAAM,IAAA,CAAK,aAAa,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACjD,GAAI,SAAA,GAAY;AAAA,MACd,aAAa,SAAA,CAAU,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACxD,gBAAgB,SAAA,CAAU,cAAA,CAAe,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MAC9D,oBAAoB,SAAA,CAAU,kBAAA,CAAmB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACtE,kBAAkB,SAAA,CAAU,gBAAA,CAAiB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU;AAAA,QAChE;AAAC,GACP;AACF;AAEA,SAAS,mBAAmB,IAAA,EAA4E;AACtG,EAAA,IAAI,IAAA,CAAK,OAAA,KAAY,CAAA,IAAK,CAAC,KAAK,cAAA,EAAgB;AAC9C,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,MAAM,IAAA,GAAmB;AAAA,IACvB,cAAA,EAAgB,MAAA,CAAO,IAAA,CAAK,cAAc,CAAA;AAAA,IAC1C,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA;AAAA,IAChC,aAAA,EAAe,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAAA,IACxC,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,WAAW;AAAA,GACtC;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,KAAK,WAAA,EAAa;AACpB,IAAA,SAAA,GAAY;AAAA,MACV,aAAa,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAChD,gBAAgB,IAAA,CAAK,cAAA,CAAgB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MACvD,oBAAoB,IAAA,CAAK,kBAAA,CAAoB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAC/D,kBAAkB,IAAA,CAAK,gBAAA,CAAkB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC;AAAA,KAC7D;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,MAAM,SAAA,EAAU;AAC3B;AAuBO,IAAM,yBAAN,MAAwD;AAAA,EAG7D,WAAA,CACU,SACR,UAAA,EACA;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGR,IAAA,IAAA,CAAK,UAAA,GAAa,CAAA,QAAA,EAAW,UAAA,CAAW,WAAA,EAAa,CAAA,CAAA;AAAA,EACvD;AAAA,EAPQ,UAAA;AAAA,EASR,MAAM,IAAA,GAA0E;AAC9E,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAuB,KAAK,UAAU,CAAA;AACtE,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,IAAI;AACF,MAAA,OAAO,mBAAmB,IAAI,CAAA;AAAA,IAChC,CAAA,CAAA,MAAQ;AAEN,MAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,IAAA,CAAK,IAAA,EAAkB,SAAA,EAA4C;AACvE,IAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,IAAA,EAAM,SAAS,CAAA;AACnD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAAA,EAC3C;AACF;AAcO,IAAM,uBAAN,MAAsD;AAAA,EAC3D,WAAA,CACU,MACA,SAAA,EACR;AAFQ,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EACP;AAAA,EAEH,MAAM,IAAA,GAAO;AACX,IAAA,OAAO,EAAE,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,SAAA,EAAW,KAAK,SAAA,EAAU;AAAA,EACtD;AAAA,EAEA,MAAM,IAAA,GAAsB;AAAA,EAE5B;AAAA,EAEA,MAAM,KAAA,GAAuB;AAAA,EAE7B;AACF;ACrGO,IAAM,YAAN,MAAsC;AAAA,EAM3C,WAAA,CACU,OAAA,EACA,UAAA,GAAqB,OAAA,EAC7B;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AAAA,EACP;AAAA,EARK,QAAwB,EAAC;AAAA,EACzB,aAAA,uBAAoB,GAAA,EAAY;AAAA,EAChC,SAAA,uBAAgB,GAAA,EAAgB;AAAA,EAChC,KAAA,GAAQ,KAAA;AAAA;AAAA,EAShB,QAAA,GAA2B;AACzB,IAAA,OAAO,CAAC,GAAG,IAAA,CAAK,KAAK,CAAA;AAAA,EACvB;AAAA,EAEA,gBAAgB,WAAA,EAA2C;AACzD,IAAA,IAAI,SAAS,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,CAAA,KAAK,CAAA,CAAE,WAAW,OAAO,CAAA;AACxD,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,MAAA,GAAS,OAAO,MAAA,CAAO,CAAA,CAAA,KAAA,CAAM,CAAA,CAAE,WAAA,IAAe,aAAa,WAAW,CAAA;AAAA,IACxE;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,UAAA,CAAW,OAAgB,WAAA,EAAmC;AAC5D,IAAA,IAAI,KAAA,GAAQ,IAAA,CAAK,eAAA,CAAgB,WAAW,CAAA;AAC5C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,UAAA,GAAa,MAAM,WAAA,EAAY;AACrC,MAAA,KAAA,GAAQ,MAAM,MAAA,CAAO,CAAA,CAAA,KAAK,EAAE,KAAA,CAAM,WAAA,OAAkB,UAAU,CAAA;AAAA,IAChE;AACA,IAAA,OAAO,KAAA,CAAM,OAAO,CAAC,GAAA,EAAK,MAAM,GAAA,GAAM,CAAA,CAAE,QAAQ,EAAE,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,QAAQ,IAAA,EAA6B;AACnC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,IAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,GAAG,OAAO,KAAA;AAGxC,IAAA,MAAM,UAAA,GAA2B;AAAA,MAC/B,GAAG,IAAA;AAAA,MACH,UAAA,EAAY,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AAAA,MACxC,MAAA,EAAQ,cAAA,CAAe,IAAA,CAAK,MAAM,CAAA;AAAA,MAClC,KAAA,EAAO,cAAA,CAAe,IAAA,CAAK,KAAK;AAAA,KAClC;AAEA,IAAA,IAAA,CAAK,KAAA,CAAM,KAAK,UAAU,CAAA;AAC1B,IAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,IAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,KAAA,EAA+B;AACtC,IAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,IAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,MAAA,IAAI,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA,EAAG,KAAA,EAAA;AAAA,IAC1B;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,UAAA,EAA0B;AAClC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,OAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,UAAA,EAA0B;AACpC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,WAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA,CAAgB,YAAoB,SAAA,EAAyB;AAC3D,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,SAAA,KAAc,SAAA,EAAW;AACxC,MAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AACjB,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA,EAIA,MAAM,IAAA,GAAsB;AAC1B,IAAA,MAAM,aAAa,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAsB,KAAK,UAAU,CAAA;AAC3E,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,KAAA,CAAM,OAAA,CAAQ,UAAU,CAAA,EAAG;AAC7C,MAAA,IAAA,CAAK,QAAQ,EAAC;AACd,MAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,MAAA;AAAA,IACF;AAGA,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,KAAA,MAAW,KAAK,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,GAAO,gBAAgB,CAAC,CAAA;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,MAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,CAAA,EAAG;AAAE,QAAA,OAAA,EAAA;AAAW,QAAA;AAAA,MAAS;AACvD,MAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,MAAA,IAAA,CAAK,KAAA,CAAM,KAAK,IAAI,CAAA;AAAA,IACtB;AACA,IAAA,IAAI,UAAU,CAAA,EAAG;AACf,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oBAAA,EAAuB,OAAO,CAAA,wBAAA,CAA0B,CAAA;AACpE,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AAAA,IACf,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,IACf;AAAA,EACF;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,IAAI,CAAC,KAAK,KAAA,EAAO;AACjB,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,aAAa,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAClD,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AACb,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,IAAA,CAAK,MAAA,EAAO;AAAA,EACd;AAAA;AAAA,EAIA,SAAS,QAAA,EAAkC;AACzC,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,QAAQ,CAAA;AAC3B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,EAC7C;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,QAAA,EAAS;AAAA,IACX;AAAA,EACF;AACF;AAMA,SAAS,cAAc,IAAA,EAAoC;AACzD,EAAA,OAAO;AAAA,IACL,GAAG,IAAA;AAAA,IACH,MAAA,EAAQ,IAAA,CAAK,MAAA,CAAO,QAAA,EAAS;AAAA,IAC7B,QAAA,EAAU,IAAA,CAAK,QAAA,CAAS,QAAA;AAAS,GACnC;AACF;AAEA,SAAS,gBAAgB,CAAA,EAAiC;AACxD,EAAA,OAAO;AAAA,IACL,GAAG,CAAA;AAAA,IACH,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,IACvB,QAAA,EAAU,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA;AAAA,IAC3B,WAAA,EAAa,EAAE,WAAA,IAAe;AAAA,GAChC;AACF;AAEA,SAAS,eAAe,IAAA,EAAsB;AAC5C,EAAA,IAAI;AACF,IAAA,OAAO,WAAW,IAAI,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF","file":"chunk-Q6BLTPWV.js","sourcesContent":["/**\n * Stealth Address Utilities (Post-Quantum, Hash-Based)\n *\n * Implements stealth addresses using Poseidon hashes with bech32m encoding.\n * No BabyJubJub curve operations — ownership is proven via hash preimage.\n *\n * Address Format (bech32m):\n * 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * Key Flow (self-shield):\n * 1. User derives ownerHash = Poseidon(spendingSecret)\n * 2. Commitment = Poseidon(amount, ownerHash, blinding, origin, token)\n * 3. Encrypt note with key derived from viewingSecret\n *\n * Key Flow (send to others, future):\n * 1. Decode recipient's stealth address (ownerHash, viewingHash)\n * 2. Generate per-note secret and derive ownerHash for the note\n * 3. Encrypt note so recipient's viewingSecret can decrypt\n */\n\nimport { bech32m } from 'bech32'\nimport {\n randomFieldElement,\n bigintToBytes,\n bytesToBigint,\n} from '../utils/crypto.js'\nimport type { MasterKeys, StarkMasterKeys, OneTimeKeys } from '../keys/types.js'\nimport type { M31Digest } from '../utils/keccak-m31.js'\n\n/**\n * Stealth address prefix\n */\nexport const STEALTH_ADDRESS_PREFIX = '0zk'\n\n/**\n * Address version (v2 = hash-based, post-quantum)\n */\nexport const ADDRESS_VERSION = 2\n\n/**\n * Maximum length for bech32m encoding\n */\nconst BECH32M_LIMIT = 1023\n\n/**\n * Encode a stealth address in bech32m format\n *\n * Format: 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * @param ownerHash - Owner hash = Poseidon(spendingSecret)\n * @param viewingHash - Viewing hash = Poseidon(viewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n * @returns bech32m encoded stealth address\n */\nexport function encodeStealthAddress(\n ownerHash: bigint,\n viewingHash: bigint,\n chainId: number = 0\n): string {\n // Build data buffer: version (1 byte) + chainId (4 bytes) + 2 * 32 bytes = 69 bytes\n const data = new Uint8Array(1 + 4 + 32 * 2)\n let offset = 0\n\n // Version\n data[offset++] = ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash (32 bytes)\n const ownerBytes = bigintToBytes(ownerHash, 32)\n data.set(ownerBytes, offset)\n offset += 32\n\n // Viewing hash (32 bytes)\n const viewingBytes = bigintToBytes(viewingHash, 32)\n data.set(viewingBytes, offset)\n\n // Convert to 5-bit words for bech32m\n const words = bech32m.toWords(data)\n\n // Encode with prefix\n return bech32m.encode(STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a bech32m stealth address\n *\n * @param address - bech32m encoded stealth address\n * @returns Decoded hash values\n */\nexport function decodeStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: bigint\n viewingHash: bigint\n} {\n // Decode bech32m\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n // Verify prefix\n if (decoded.prefix !== STEALTH_ADDRESS_PREFIX) {\n throw new Error(`Invalid stealth address prefix: expected '${STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`)\n }\n\n // Convert from 5-bit words back to bytes\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n\n // Parse version\n let offset = 0\n const version = data[offset++]!\n\n if (version !== ADDRESS_VERSION) {\n throw new Error(`Unsupported address version: ${version}. Expected v${ADDRESS_VERSION} (hash-based).`)\n }\n\n // Parse chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Parse owner hash (32 bytes)\n const ownerHash = bytesToBigint(data.slice(offset, offset + 32))\n offset += 32\n\n // Parse viewing hash (32 bytes)\n const viewingHash = bytesToBigint(data.slice(offset, offset + 32))\n\n return {\n version,\n chainId,\n ownerHash,\n viewingHash,\n }\n}\n\n/**\n * Validate a stealth address format\n */\nexport function isValidStealthAddress(address: string): boolean {\n try {\n decodeStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate stealth address from master keys\n */\nexport function generateStealthAddress(keys: MasterKeys, chainId: number = 0): string {\n return encodeStealthAddress(keys.ownerHash, keys.viewingHash, chainId)\n}\n\n/**\n * Create one-time keys for a transaction (hash-based)\n *\n * For self-shield: the user uses their own spendingSecret directly\n * as the ownerSecret, producing ownerHash = Poseidon(spendingSecret).\n *\n * For sending to others (future): generate a random oneTimeSecret\n * and derive ownerHash = Poseidon(oneTimeSecret).\n *\n * @param recipientOwnerHash - Recipient's owner hash (for verification)\n * @param selfSecret - If self-shield, the user's spending secret\n * @returns One-time keys for the note\n */\nexport async function createOneTimeKeys(\n _recipientOwnerHash?: bigint,\n selfSecret?: bigint,\n): Promise<OneTimeKeys> {\n const { poseidon } = await import('../utils/poseidon.js')\n\n if (selfSecret !== undefined) {\n // Self-shield: use own spending secret\n const ownerHash = await poseidon([selfSecret])\n return {\n oneTimeSecret: selfSecret,\n ownerHash,\n }\n }\n\n // Generate random one-time secret for the note\n const oneTimeSecret = randomFieldElement()\n const ownerHash = await poseidon([oneTimeSecret])\n\n return {\n oneTimeSecret,\n ownerHash,\n }\n}\n\n/**\n * Verify ownership of a note by checking hash preimage\n *\n * @param secret - Claimed spending secret\n * @param expectedOwnerHash - Owner hash from the note commitment\n * @returns True if the secret hashes to the expected owner hash\n */\nexport async function verifyOwnership(\n secret: bigint,\n expectedOwnerHash: bigint\n): Promise<boolean> {\n const { poseidon } = await import('../utils/poseidon.js')\n const computedHash = await poseidon([secret])\n return computedHash === expectedOwnerHash\n}\n\n/**\n * Compute shared secret for note encryption/decryption (hash-based)\n *\n * For self-shield: just uses the viewing secret directly.\n * For sending to others (future): use Poseidon(viewingSecret, recipientViewingHash)\n *\n * @param viewingSecret - Sender's or recipient's viewing secret\n * @param nonce - Optional nonce for key derivation\n * @returns Encryption key as bigint\n */\nexport async function computeNoteEncryptionKey(\n viewingSecret: bigint,\n nonce?: bigint\n): Promise<bigint> {\n const { poseidon } = await import('../utils/poseidon.js')\n if (nonce !== undefined) {\n return poseidon([viewingSecret, nonce])\n }\n return poseidon([viewingSecret])\n}\n\n// =========================================================================\n// STARK Stealth Addresses (0zs prefix, M31/Keccak-based)\n// =========================================================================\n\n/**\n * STARK stealth address prefix\n */\nexport const STARK_STEALTH_ADDRESS_PREFIX = '0zs'\n\n/**\n * STARK address version (v1 = M31/Keccak)\n */\nexport const STARK_ADDRESS_VERSION = 1\n\n/**\n * Encode a STARK stealth address in bech32m format\n *\n * Format: 0zs1<version><chainId><ownerHash[0..3]><viewingHash[0..3]>\n *\n * Each M31 element is encoded as 4 bytes (little-endian).\n * Total data: 1 (version) + 4 (chainId) + 16 (ownerHash) + 16 (viewingHash) = 37 bytes.\n *\n * @param ownerHash - 4 M31 elements: keccak_m31(starkSecret)\n * @param viewingHash - 4 M31 elements: keccak_m31(starkViewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n */\nexport function encodeStarkStealthAddress(\n ownerHash: M31Digest,\n viewingHash: M31Digest,\n chainId: number = 0\n): string {\n const data = new Uint8Array(1 + 4 + 16 + 16) // 37 bytes\n let offset = 0\n\n // Version\n data[offset++] = STARK_ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(ownerHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n // Viewing hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(viewingHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n const words = bech32m.toWords(data)\n return bech32m.encode(STARK_STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a STARK stealth address (0zs prefix)\n */\nexport function decodeStarkStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: M31Digest\n viewingHash: M31Digest\n} {\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n if (decoded.prefix !== STARK_STEALTH_ADDRESS_PREFIX) {\n throw new Error(\n `Invalid STARK stealth address prefix: expected '${STARK_STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`\n )\n }\n\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n let offset = 0\n\n const version = data[offset++]!\n if (version !== STARK_ADDRESS_VERSION) {\n throw new Error(\n `Unsupported STARK address version: ${version}. Expected v${STARK_ADDRESS_VERSION}.`\n )\n }\n\n // Chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Owner hash: 4 M31 LE uint32s\n const ownerHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n ownerHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n // Viewing hash: 4 M31 LE uint32s\n const viewingHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n viewingHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n return {\n version,\n chainId,\n ownerHash: ownerHash as unknown as M31Digest,\n viewingHash: viewingHash as unknown as M31Digest,\n }\n}\n\n/**\n * Validate a STARK stealth address format\n */\nexport function isValidStarkStealthAddress(address: string): boolean {\n try {\n decodeStarkStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate a STARK stealth address from STARK master keys\n */\nexport function generateStarkStealthAddress(\n keys: StarkMasterKeys,\n chainId: number = 0\n): string {\n return encodeStarkStealthAddress(keys.starkOwnerHash, keys.starkViewingHash, chainId)\n}\n\n/**\n * Detect whether an address is SNARK (0zk) or STARK (0zs)\n */\nexport function detectAddressType(address: string): 'snark' | 'stark' | 'unknown' {\n if (address.startsWith(STEALTH_ADDRESS_PREFIX + '1')) return 'snark'\n if (address.startsWith(STARK_STEALTH_ADDRESS_PREFIX + '1')) return 'stark'\n return 'unknown'\n}\n","/**\n * Proof Worker Manager — off-main-thread PLONK proof generation.\n *\n * Manages a Web Worker that runs snarkjs proof generation, keeping the\n * main thread (and UI) responsive during the 10-30s proving time.\n *\n * @example\n * ```ts\n * // Create worker (consumer handles bundler integration)\n * const worker = new Worker(\n * new URL('@permissionless-technologies/upp-sdk/worker', import.meta.url)\n * )\n * const manager = new ProofWorkerManager(worker)\n *\n * const result = await manager.prove('transfer', circuitInputs, '/circuits/',\n * (stage, msg) => console.log(stage, msg)\n * )\n *\n * // Cleanup\n * manager.terminate()\n * ```\n */\n\nimport type { UPPCircuitType, UPPCircuitInputs, ProofResult, PlonkProvingStage } from './proof.js'\nimport type { DownloadProgress } from './circuit-cache.js'\n\n// ============================================================================\n// Worker Message Types\n// ============================================================================\n\nexport interface ProofWorkerRequest {\n type: 'prove'\n id: string\n circuitType: string\n inputs: Record<string, any>\n baseUrl: string\n}\n\nexport type ProofWorkerResponse =\n | { type: 'progress'; id: string; stage: PlonkProvingStage; message: string }\n | { type: 'download-progress'; id: string; progress: DownloadProgress }\n | { type: 'result'; id: string; proof: ProofResult }\n | { type: 'error'; id: string; message: string }\n\n// ============================================================================\n// ProofWorkerManager\n// ============================================================================\n\ninterface PendingProof {\n resolve: (result: ProofResult) => void\n reject: (error: Error) => void\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n}\n\nexport class ProofWorkerManager {\n private worker: Worker\n private pending = new Map<string, PendingProof>()\n private terminated = false\n\n constructor(worker: Worker) {\n this.worker = worker\n\n this.worker.onmessage = (e: MessageEvent<ProofWorkerResponse>) => {\n this.handleMessage(e.data)\n }\n\n this.worker.onerror = (e: ErrorEvent) => {\n console.error('[ProofWorkerManager] Worker error:', e.message, e)\n for (const [, p] of this.pending) {\n p.reject(new Error(`Worker error: ${e.message}`))\n }\n this.pending.clear()\n }\n }\n\n private handleMessage(data: ProofWorkerResponse) {\n const entry = this.pending.get(data.id)\n if (!entry) return\n\n switch (data.type) {\n case 'progress':\n entry.onProgress?.(data.stage, data.message)\n break\n case 'download-progress':\n entry.onDownloadProgress?.(data.progress)\n break\n case 'result':\n this.pending.delete(data.id)\n entry.resolve(data.proof)\n break\n case 'error':\n this.pending.delete(data.id)\n entry.reject(new Error(data.message))\n break\n }\n }\n\n /**\n * Generate a proof in the worker.\n *\n * @param signal - AbortSignal for cancellation. When aborted, the promise\n * rejects with AbortError. Call terminate() for hard cancellation.\n */\n async prove(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl: string,\n onProgress?: (stage: PlonkProvingStage, message: string) => void,\n signal?: AbortSignal,\n onDownloadProgress?: (progress: DownloadProgress) => void,\n ): Promise<ProofResult> {\n if (this.terminated) {\n throw new Error('Worker has been terminated')\n }\n\n return new Promise<ProofResult>((resolve, reject) => {\n const id = crypto.randomUUID()\n\n if (signal?.aborted) {\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n return\n }\n\n this.pending.set(id, { resolve, reject, onProgress, onDownloadProgress })\n\n const onAbort = () => {\n this.pending.delete(id)\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n }\n\n signal?.addEventListener('abort', onAbort, { once: true })\n\n // Resolve baseUrl to absolute — workers resolve relative URLs against\n // their own script URL (a webpack chunk), not the page origin.\n const absoluteBaseUrl = typeof window !== 'undefined'\n ? new URL(baseUrl, window.location.href).href\n : baseUrl\n\n this.worker.postMessage({\n type: 'prove',\n id,\n circuitType,\n inputs,\n baseUrl: absoluteBaseUrl,\n } satisfies ProofWorkerRequest)\n })\n }\n\n /**\n * Hard-terminate the worker. All pending proofs are rejected.\n */\n terminate() {\n this.terminated = true\n this.worker.terminate()\n for (const [, p] of this.pending) {\n p.reject(new DOMException('Worker terminated', 'AbortError'))\n }\n this.pending.clear()\n }\n}\n\n// ============================================================================\n// Convenience Function\n// ============================================================================\n\n/**\n * Generate a UPP proof — uses a worker if provided, otherwise main-thread.\n *\n * This is the recommended entry point for proof generation. It provides a\n * unified API regardless of whether a worker is available.\n *\n * Circuit artifacts are automatically cached in IndexedDB after first download.\n */\nexport async function generateUPPProofAsync(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl?: string,\n options?: {\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n signal?: AbortSignal\n worker?: ProofWorkerManager | null\n },\n): Promise<ProofResult> {\n const { onProgress, onDownloadProgress, signal, worker } = options ?? {}\n\n if (worker) {\n return worker.prove(circuitType, inputs, baseUrl ?? '', onProgress, signal, onDownloadProgress)\n }\n\n // Fallback: main-thread proving (with cache)\n const { generateUPPProof } = await import('./proof.js')\n return generateUPPProof(circuitType, inputs, baseUrl, onProgress, { onDownloadProgress })\n}\n","/**\n * Swap Module\n *\n * Core logic for building and interacting with the UPP in-pool swap order book.\n * Framework-agnostic (no React). Reuses withdraw verifier for proofs.\n */\n\nimport { type Address, type Hex, encodeAbiParameters, keccak256, parseAbiParameters, toHex } from 'viem'\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Swap order as stored on-chain\n */\nexport interface SwapOrder {\n /** Order ID (= maker's nullifier) */\n orderId: Hex\n /** Token being sold */\n sellToken: Address\n /** Original total sell amount */\n sellAmount: bigint\n /** Remaining sell amount (decremented on each fill) */\n remainingSellAmount: bigint\n /** Token the maker wants to receive */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Accumulated buy token amount from fills */\n accumulatedBuyAmount: bigint\n /** Maker's ASP ID (public, filterable by takers) */\n makerAspId: bigint\n /** Required filler ASP (0 = any) */\n requiredFillerAspId: bigint\n /** Block number after which order expires */\n expiry: bigint\n /** Whether the maker has claimed */\n claimed: boolean\n /** Whether the order was cancelled */\n cancelled: boolean\n}\n\n/**\n * Parameters to place a swap order\n */\nexport interface SwapOrderParams {\n /** Token to sell */\n sellToken: Address\n /** Amount to sell */\n sellAmount: bigint\n /** Token to buy */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Required filler ASP (0n = accept any) */\n requiredFillerAspId?: bigint\n /** Number of blocks until expiry (from current block) */\n expiryBlocks: bigint\n}\n\n/**\n * Parameters to fill a swap order\n */\nexport interface SwapFillParams {\n /** The order to fill */\n orderId: Hex\n /** How much sellToken the filler wants (≤ remaining) */\n takeAmount: bigint\n}\n\n/**\n * Swap order from event log\n */\nexport interface SwapOrderEvent {\n orderId: Hex\n sellToken: Address\n buyToken: Address\n sellAmount: bigint\n rate: bigint\n makerAspId: bigint\n requiredFillerAspId: bigint\n expiry: bigint\n blockNumber: bigint\n /** On-chain remaining sell amount (populated by useSwapOrderBook) */\n remainingSellAmount?: bigint\n /** Whether the order has been claimed */\n claimed?: boolean\n /** Whether the order has been cancelled */\n cancelled?: boolean\n}\n\n/**\n * Swap fill from event log\n */\nexport interface SwapFillEvent {\n orderId: Hex\n fillerNullifier: Hex\n takeAmount: bigint\n giveAmount: bigint\n fillerAspId: bigint\n remainingSellAmount: bigint\n blockNumber: bigint\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** 1e18 fixed-point precision for swap rates */\nexport const RATE_PRECISION = 10n ** 18n\n\n// ============================================================================\n// Event ABIs (for indexing swap events)\n// ============================================================================\n\nexport const SWAP_ORDER_PLACED_EVENT = {\n type: 'event',\n name: 'SwapOrderPlaced',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'sellToken', type: 'address', indexed: true },\n { name: 'buyToken', type: 'address', indexed: true },\n { name: 'sellAmount', type: 'uint256', indexed: false },\n { name: 'rate', type: 'uint256', indexed: false },\n { name: 'makerAspId', type: 'uint256', indexed: false },\n { name: 'requiredFillerAspId', type: 'uint256', indexed: false },\n { name: 'expiry', type: 'uint256', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_FILLED_EVENT = {\n type: 'event',\n name: 'SwapOrderFilled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'fillerNullifier', type: 'bytes32', indexed: true },\n { name: 'fillerOutputCommitment', type: 'bytes32', indexed: true },\n { name: 'takeAmount', type: 'uint256', indexed: false },\n { name: 'giveAmount', type: 'uint256', indexed: false },\n { name: 'fillerAspId', type: 'uint256', indexed: false },\n { name: 'remainingSellAmount', type: 'uint256', indexed: false },\n { name: 'encryptedFillerNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CLAIMED_EVENT = {\n type: 'event',\n name: 'SwapOrderClaimed',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'accumulatedBuyAmount', type: 'uint256', indexed: false },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'buyOutputCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedBuyNote', type: 'bytes', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CANCELLED_EVENT = {\n type: 'event',\n name: 'SwapOrderCancelled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_EVENTS_ABI = [\n SWAP_ORDER_PLACED_EVENT,\n SWAP_ORDER_FILLED_EVENT,\n SWAP_ORDER_CLAIMED_EVENT,\n SWAP_ORDER_CANCELLED_EVENT,\n] as const\n\n// ============================================================================\n// Rate Calculations\n// ============================================================================\n\n/**\n * Compute the giveAmount (buyToken) for a given takeAmount (sellToken) at a rate.\n * giveAmount = (takeAmount * rate) / 1e18\n */\nexport function computeGiveAmount(takeAmount: bigint, rate: bigint): bigint {\n return (takeAmount * rate) / RATE_PRECISION\n}\n\n/**\n * Compute the maximum takeAmount for a given giveAmount and rate.\n * takeAmount = (giveAmount * 1e18) / rate\n */\nexport function computeTakeAmount(giveAmount: bigint, rate: bigint): bigint {\n if (rate === 0n) throw new Error('Rate cannot be zero')\n return (giveAmount * RATE_PRECISION) / rate\n}\n\n/**\n * Compute rate from a desired trade: I want `buyAmount` of buyToken for `sellAmount` of sellToken.\n * rate = (buyAmount * 1e18) / sellAmount\n */\nexport function computeRate(sellAmount: bigint, buyAmount: bigint): bigint {\n if (sellAmount === 0n) throw new Error('Sell amount cannot be zero')\n return (buyAmount * RATE_PRECISION) / sellAmount\n}\n\n/**\n * Format a rate for human display.\n * Returns a string like \"0.0005\" for rate = 500000000000000n (0.0005e18)\n */\nexport function formatRate(rate: bigint, decimals: number = 6): string {\n const whole = rate / RATE_PRECISION\n const frac = rate % RATE_PRECISION\n const fracStr = frac.toString().padStart(18, '0').slice(0, decimals)\n return `${whole}.${fracStr}`\n}\n\n// ============================================================================\n// Cancel Key Management\n// ============================================================================\n\n/**\n * Generate a cancel key hash from a secret.\n * The secret should be a random 32-byte value stored by the maker.\n */\nexport function computeCancelKeyHash(cancelSecret: Hex): Hex {\n return keccak256(encodeAbiParameters(\n parseAbiParameters('bytes32'),\n [cancelSecret]\n ))\n}\n\n/**\n * Generate a random cancel secret.\n */\nexport function generateCancelSecret(): Hex {\n const bytes = new Uint8Array(32)\n crypto.getRandomValues(bytes)\n return toHex(bytes)\n}\n\n// ============================================================================\n// Order Filtering\n// ============================================================================\n\n/**\n * Filter orders by ASP: only show orders from makers on acceptable ASPs.\n */\nexport function filterOrdersByASP(\n orders: SwapOrderEvent[],\n acceptableAspIds: bigint[]\n): SwapOrderEvent[] {\n const aspSet = new Set(acceptableAspIds.map(id => id.toString()))\n return orders.filter(o => aspSet.has(o.makerAspId.toString()))\n}\n\n/**\n * Filter orders by token pair.\n */\nexport function filterOrdersByTokenPair(\n orders: SwapOrderEvent[],\n sellToken: Address,\n buyToken: Address\n): SwapOrderEvent[] {\n const sell = sellToken.toLowerCase()\n const buy = buyToken.toLowerCase()\n return orders.filter(\n o => o.sellToken.toLowerCase() === sell && o.buyToken.toLowerCase() === buy\n )\n}\n\n/**\n * Check if a filler's ASP is accepted by an order.\n */\nexport function isFillerASPAccepted(order: SwapOrder | SwapOrderEvent, fillerAspId: bigint): boolean {\n const required = 'requiredFillerAspId' in order ? order.requiredFillerAspId : 0n\n return required === 0n || required === fillerAspId\n}\n\n// ============================================================================\n// Cancel Secret Persistence (localStorage)\n// ============================================================================\n\nconst CANCEL_SECRET_PREFIX = 'upp_swap_cancel_'\n\nfunction cancelKey(account: string, orderId: Hex): string {\n return `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_${orderId}`\n}\n\n/**\n * Store a cancel secret in localStorage, scoped by wallet address.\n * Must be called after placing a swap order.\n */\nexport function storeCancelSecret(orderId: Hex, cancelSecret: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.setItem(cancelKey(account, orderId), cancelSecret)\n }\n // Also store unscoped for backward compat\n localStorage.setItem(`${CANCEL_SECRET_PREFIX}${orderId}`, cancelSecret)\n}\n\n/**\n * Retrieve a cancel secret from localStorage.\n * Returns null if not found (e.g. order was placed by someone else).\n */\nexport function getCancelSecret(orderId: Hex, account?: string): Hex | null {\n if (typeof localStorage === 'undefined') return null\n if (account) {\n const scoped = localStorage.getItem(cancelKey(account, orderId))\n if (scoped) return scoped as Hex\n }\n // Fall back to unscoped key\n return localStorage.getItem(`${CANCEL_SECRET_PREFIX}${orderId}`) as Hex | null\n}\n\n/**\n * Remove a cancel secret from localStorage (after claim or cancel).\n */\nexport function removeCancelSecret(orderId: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.removeItem(cancelKey(account, orderId))\n }\n localStorage.removeItem(`${CANCEL_SECRET_PREFIX}${orderId}`)\n}\n\n/**\n * Get all order IDs for a specific wallet address.\n * Falls back to all cancel secrets if no account provided (backward compat).\n */\nexport function getOwnOrderIds(account?: string): Hex[] {\n if (typeof localStorage === 'undefined') return []\n const prefix = account\n ? `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_`\n : CANCEL_SECRET_PREFIX\n const ids: Hex[] = []\n for (let i = 0; i < localStorage.length; i++) {\n const key = localStorage.key(i)\n if (key?.startsWith(prefix)) {\n ids.push(key.slice(prefix.length) as Hex)\n }\n }\n return ids\n}\n\n// ============================================================================\n// Order Status Helpers\n// ============================================================================\n\n/**\n * Check if an order is still active (not claimed, not cancelled, not expired).\n */\nexport function isOrderActive(order: SwapOrder, currentBlock: bigint): boolean {\n return !order.claimed && !order.cancelled && currentBlock <= order.expiry && order.remainingSellAmount > 0n\n}\n\n/**\n * Compute the total buyToken amount the maker would receive for a full fill.\n */\nexport function computeTotalBuyAmount(sellAmount: bigint, rate: bigint): bigint {\n return computeGiveAmount(sellAmount, rate)\n}\n\n/**\n * Compute fill percentage (0-100) for display.\n */\nexport function computeFillPercentage(order: SwapOrder): number {\n if (order.sellAmount === 0n) return 0\n const filled = order.sellAmount - order.remainingSellAmount\n return Number((filled * 10000n) / order.sellAmount) / 100\n}\n","/**\n * Account Adapter — Pluggable account creation and persistence\n *\n * Abstracts how master keys are derived/loaded/stored.\n * The SDK doesn't care if keys come from a wallet signature,\n * seed phrase, hardware wallet, or external KMS.\n *\n * Persistence is handled via StorageAdapter (IndexedDB, localStorage, etc.)\n */\n\nimport type { MasterKeys, StarkMasterKeys } from '../keys/types.js'\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { toHex } from 'viem'\n\n// ============================================================================\n// Interface\n// ============================================================================\n\n/**\n * Account adapter interface — pluggable key source.\n *\n * Implement this to bring your own key derivation:\n * - StorableAccountAdapter: persists keys via StorageAdapter (built-in)\n * - DirectAccountAdapter: pre-derived keys, no persistence (built-in, for testing)\n * - Custom: seed phrase, hardware wallet, external KMS\n */\nexport interface IAccountAdapter {\n /** Load persisted keys (returns null if no saved account) */\n load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null>\n /** Save keys to storage */\n save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void>\n /** Clear persisted keys */\n clear(): Promise<void>\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\ninterface SerializedAccount {\n version: 3\n spendingSecret: string\n ownerHash: string\n viewingSecret: string\n viewingHash: string\n starkSecret?: string[]\n starkOwnerHash?: string[]\n starkViewingSecret?: string[]\n starkViewingHash?: string[]\n}\n\nfunction serializeAccount(keys: MasterKeys, starkKeys?: StarkMasterKeys): SerializedAccount {\n return {\n version: 3,\n spendingSecret: toHex(keys.spendingSecret, { size: 32 }),\n ownerHash: toHex(keys.ownerHash, { size: 32 }),\n viewingSecret: toHex(keys.viewingSecret, { size: 32 }),\n viewingHash: toHex(keys.viewingHash, { size: 32 }),\n ...(starkKeys ? {\n starkSecret: starkKeys.starkSecret.map(v => v.toString()),\n starkOwnerHash: starkKeys.starkOwnerHash.map(v => v.toString()),\n starkViewingSecret: starkKeys.starkViewingSecret.map(v => v.toString()),\n starkViewingHash: starkKeys.starkViewingHash.map(v => v.toString()),\n } : {}),\n }\n}\n\nfunction deserializeAccount(data: SerializedAccount): { keys: MasterKeys; starkKeys?: StarkMasterKeys } {\n if (data.version !== 3 || !data.spendingSecret) {\n throw new Error('Invalid or outdated account data')\n }\n\n const keys: MasterKeys = {\n spendingSecret: BigInt(data.spendingSecret),\n ownerHash: BigInt(data.ownerHash),\n viewingSecret: BigInt(data.viewingSecret),\n viewingHash: BigInt(data.viewingHash),\n }\n\n let starkKeys: StarkMasterKeys | undefined\n if (data.starkSecret) {\n starkKeys = {\n starkSecret: data.starkSecret.map(s => BigInt(s)) as any,\n starkOwnerHash: data.starkOwnerHash!.map(s => BigInt(s)) as any,\n starkViewingSecret: data.starkViewingSecret!.map(s => BigInt(s)) as any,\n starkViewingHash: data.starkViewingHash!.map(s => BigInt(s)) as any,\n }\n }\n\n return { keys, starkKeys }\n}\n\n// ============================================================================\n// StorableAccountAdapter — persists via StorageAdapter\n// ============================================================================\n\n/**\n * Account adapter that persists keys via a pluggable StorageAdapter.\n *\n * Works with IndexedDB, localStorage, memory, Redis, Postgres — anything\n * that implements StorageAdapter.\n *\n * @example\n * ```ts\n * const storage = createAutoAdapter('upp_account')\n * const adapter = new StorableAccountAdapter(storage, ethAddress)\n * const saved = await adapter.load()\n * if (!saved) {\n * const keys = await deriveKeysFromSignature(sig)\n * await adapter.save(keys, starkKeys)\n * }\n * ```\n */\nexport class StorableAccountAdapter implements IAccountAdapter {\n private storageKey: string\n\n constructor(\n private storage: StorageAdapter,\n ethAddress: string,\n ) {\n this.storageKey = `account_${ethAddress.toLowerCase()}`\n }\n\n async load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null> {\n const data = await this.storage.get<SerializedAccount>(this.storageKey)\n if (!data) return null\n try {\n return deserializeAccount(data)\n } catch {\n // Corrupt or outdated — clear it\n await this.storage.delete(this.storageKey)\n return null\n }\n }\n\n async save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void> {\n const serialized = serializeAccount(keys, starkKeys)\n await this.storage.set(this.storageKey, serialized)\n }\n\n async clear(): Promise<void> {\n await this.storage.delete(this.storageKey)\n }\n}\n\n// ============================================================================\n// DirectAccountAdapter — no persistence (testing, KMS)\n// ============================================================================\n\n/**\n * Direct account adapter — accepts pre-derived keys, no persistence.\n *\n * @example\n * ```ts\n * const adapter = new DirectAccountAdapter(masterKeys, starkKeys)\n * ```\n */\nexport class DirectAccountAdapter implements IAccountAdapter {\n constructor(\n private keys: MasterKeys,\n private starkKeys?: StarkMasterKeys,\n ) {}\n\n async load() {\n return { keys: this.keys, starkKeys: this.starkKeys }\n }\n\n async save(): Promise<void> {\n // No-op — keys are in memory only\n }\n\n async clear(): Promise<void> {\n // No-op\n }\n}\n","/**\n * NoteStore — Single source of truth for note state\n *\n * Framework-agnostic. Uses StorageAdapter for persistence.\n * Handles deduplication, status management, balance calculation.\n *\n * Usage:\n * const store = new NoteStore(createMemoryAdapter())\n * await store.load()\n * store.addNote(note) // returns false if duplicate\n * store.getBalance() // sum of unspent notes\n */\n\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { getAddress } from 'viem'\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type NoteStatus = 'pending' | 'confirmed' | 'spent'\nexport type ProofSystem = 'snark' | 'stark'\n\nexport interface ShieldedNote {\n amount: bigint\n blinding: bigint\n commitment: string\n ownerSecret: string\n ownerHash: string\n leafIndex: number\n origin: string\n token: string\n txHash?: string\n status: NoteStatus\n timestamp: number\n proofSystem?: ProofSystem\n}\n\n/** Serialized format for storage (bigints as strings) */\ninterface SerializedNote {\n amount: string\n blinding: string\n commitment: string\n ownerSecret: string\n ownerHash: string\n leafIndex: number\n origin: string\n token: string\n txHash?: string\n status: NoteStatus\n timestamp: number\n proofSystem?: ProofSystem\n}\n\nexport interface INoteStore {\n getNotes(): ShieldedNote[]\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[]\n getBalance(token?: string, proofSystem?: ProofSystem): bigint\n addNote(note: ShieldedNote): boolean\n addNotes(notes: ShieldedNote[]): number\n markSpent(commitment: string): void\n unmarkSpent(commitment: string): void\n updateLeafIndex(commitment: string, leafIndex: number): void\n load(): Promise<void>\n persist(): Promise<void>\n clear(): Promise<void>\n onChange(callback: () => void): () => void\n}\n\n// ============================================================================\n// Implementation\n// ============================================================================\n\nexport class NoteStore implements INoteStore {\n private notes: ShieldedNote[] = []\n private commitmentSet = new Set<string>()\n private listeners = new Set<() => void>()\n private dirty = false\n\n constructor(\n private storage: StorageAdapter,\n private storageKey: string = 'notes',\n ) {}\n\n // ---------- Queries ----------\n\n getNotes(): ShieldedNote[] {\n return [...this.notes]\n }\n\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[] {\n let result = this.notes.filter(n => n.status !== 'spent')\n if (proofSystem) {\n result = result.filter(n => (n.proofSystem ?? 'snark') === proofSystem)\n }\n return result\n }\n\n getBalance(token?: string, proofSystem?: ProofSystem): bigint {\n let notes = this.getUnspentNotes(proofSystem)\n if (token) {\n const normalized = token.toLowerCase()\n notes = notes.filter(n => n.token.toLowerCase() === normalized)\n }\n return notes.reduce((sum, n) => sum + n.amount, 0n)\n }\n\n // ---------- Mutations ----------\n\n /**\n * Add a note. Returns false if duplicate (by commitment).\n * Normalizes token and origin addresses.\n */\n addNote(note: ShieldedNote): boolean {\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) return false\n\n // Normalize addresses\n const normalized: ShieldedNote = {\n ...note,\n commitment: note.commitment.toLowerCase(),\n origin: safeGetAddress(note.origin),\n token: safeGetAddress(note.token),\n }\n\n this.notes.push(normalized)\n this.commitmentSet.add(key)\n this.dirty = true\n this.notify()\n return true\n }\n\n /**\n * Add multiple notes. Returns count of actually added (non-duplicate).\n */\n addNotes(notes: ShieldedNote[]): number {\n let added = 0\n for (const note of notes) {\n if (this.addNote(note)) added++\n }\n return added\n }\n\n /**\n * Mark a note as spent (optimistic — syncNotes reconciles via nullifier check).\n */\n markSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status !== 'spent') {\n note.status = 'spent'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Un-mark a note as spent (reconciliation: nullifier not found on-chain).\n */\n unmarkSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status === 'spent') {\n note.status = 'confirmed'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Update the leafIndex for a note (e.g., after confirming on-chain).\n */\n updateLeafIndex(commitment: string, leafIndex: number): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.leafIndex !== leafIndex) {\n note.leafIndex = leafIndex\n this.dirty = true\n this.notify()\n }\n }\n\n // ---------- Persistence ----------\n\n async load(): Promise<void> {\n const serialized = await this.storage.get<SerializedNote[]>(this.storageKey)\n if (!serialized || !Array.isArray(serialized)) {\n this.notes = []\n this.commitmentSet.clear()\n return\n }\n\n // Deduplicate on load — prevents persisted duplicates from propagating\n this.notes = []\n this.commitmentSet.clear()\n let deduped = 0\n for (const s of serialized) {\n const note = deserializeNote(s)\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) { deduped++; continue }\n this.commitmentSet.add(key)\n this.notes.push(note)\n }\n if (deduped > 0) {\n console.log(`[NoteStore] Removed ${deduped} duplicate notes on load`)\n this.dirty = true // will persist the cleaned version\n } else {\n this.dirty = false\n }\n }\n\n async persist(): Promise<void> {\n if (!this.dirty) return\n const serialized = this.notes.map(serializeNote)\n await this.storage.set(this.storageKey, serialized)\n this.dirty = false\n }\n\n async clear(): Promise<void> {\n this.notes = []\n this.commitmentSet.clear()\n this.dirty = false\n await this.storage.delete(this.storageKey)\n this.notify()\n }\n\n // ---------- Events ----------\n\n onChange(callback: () => void): () => void {\n this.listeners.add(callback)\n return () => this.listeners.delete(callback)\n }\n\n private notify(): void {\n for (const listener of this.listeners) {\n listener()\n }\n }\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\nfunction serializeNote(note: ShieldedNote): SerializedNote {\n return {\n ...note,\n amount: note.amount.toString(),\n blinding: note.blinding.toString(),\n }\n}\n\nfunction deserializeNote(s: SerializedNote): ShieldedNote {\n return {\n ...s,\n amount: BigInt(s.amount),\n blinding: BigInt(s.blinding),\n proofSystem: s.proofSystem ?? 'snark',\n }\n}\n\nfunction safeGetAddress(addr: string): string {\n try {\n return getAddress(addr)\n } catch {\n return addr // return as-is if not a valid address (e.g., bigint-encoded origin)\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/core/stealth.ts","../src/core/proof-worker.ts","../src/core/swap.ts","../src/core/account.ts","../src/core/note-store.ts"],"names":["ownerHash","toHex"],"mappings":";;;;;;AAAA,IAAA,eAAA,GAAA;AAAA,QAAA,CAAA,eAAA,EAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,2BAAA,EAAA,MAAA,2BAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,eAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAsDO,SAAS,oBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AAER,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,CAAC,CAAA;AAC1C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAI,eAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,MAAM,UAAA,GAAa,aAAA,CAAc,SAAA,EAAW,EAAE,CAAA;AAC9C,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,YAAA,GAAe,aAAA,CAAc,WAAA,EAAa,EAAE,CAAA;AAClD,EAAA,IAAA,CAAK,GAAA,CAAI,cAAc,MAAM,CAAA;AAG7B,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAGlC,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,sBAAA,EAAwB,KAAA,EAAO,aAAa,CAAA;AACpE;AAQO,SAAS,qBAAqB,OAAA,EAKnC;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAGrD,EAAA,IAAI,OAAA,CAAQ,WAAW,sBAAA,EAAwB;AAC7C,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,sBAAsB,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACjH;AAGA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,QAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAG5D,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAE7B,EAAA,IAAI,YAAY,eAAA,EAAiB;AAC/B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,OAAO,CAAA,YAAA,EAAe,eAAe,CAAA,cAAA,CAAgB,CAAA;AAAA,EACvG;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAY,aAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAC/D,EAAA,MAAA,IAAU,EAAA;AAGV,EAAA,MAAM,cAAc,aAAA,CAAc,IAAA,CAAK,MAAM,MAAA,EAAQ,MAAA,GAAS,EAAE,CAAC,CAAA;AAEjE,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,sBAAsB,OAAA,EAA0B;AAC9D,EAAA,IAAI;AACF,IAAA,oBAAA,CAAqB,OAAO,CAAA;AAC5B,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,sBAAA,CAAuB,IAAA,EAAkB,OAAA,GAAkB,CAAA,EAAW;AACpF,EAAA,OAAO,oBAAA,CAAqB,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,aAAa,OAAO,CAAA;AACvE;AAeA,eAAsB,iBAAA,CACpB,qBACA,UAAA,EACsB;AACtB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AAExD,EAAA,IAAI,eAAe,MAAA,EAAW;AAE5B,IAAA,MAAMA,UAAAA,GAAY,MAAM,QAAA,CAAS,CAAC,UAAU,CAAC,CAAA;AAC7C,IAAA,OAAO;AAAA,MACL,aAAA,EAAe,UAAA;AAAA,MACf,SAAA,EAAAA;AAAA,KACF;AAAA,EACF;AAGA,EAAA,MAAM,gBAAgB,kBAAA,EAAmB;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AAEhD,EAAA,OAAO;AAAA,IACL,aAAA;AAAA,IACA;AAAA,GACF;AACF;AASA,eAAsB,eAAA,CACpB,QACA,iBAAA,EACkB;AAClB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AACxD,EAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,CAAC,MAAM,CAAC,CAAA;AAC5C,EAAA,OAAO,YAAA,KAAiB,iBAAA;AAC1B;AAYA,eAAsB,wBAAA,CACpB,eACA,KAAA,EACiB;AACjB,EAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,OAAO,wBAAsB,CAAA;AACxD,EAAA,IAAI,UAAU,MAAA,EAAW;AACvB,IAAA,OAAO,QAAA,CAAS,CAAC,aAAA,EAAe,KAAK,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,QAAA,CAAS,CAAC,aAAa,CAAC,CAAA;AACjC;AA4BO,SAAS,yBAAA,CACd,SAAA,EACA,WAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,CAAA,GAAI,CAAA,GAAI,KAAK,EAAE,CAAA;AAC3C,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,IAAA,CAAK,QAAQ,CAAA,GAAI,qBAAA;AAGjB,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,EAAA,GAAM,GAAA;AACnC,EAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,OAAA,IAAW,CAAA,GAAK,GAAA;AAClC,EAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,OAAA,GAAU,GAAA;AAG3B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,SAAA,CAAU,CAAC,CAAE,CAAA;AAChC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAGA,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,GAAA,GAAM,MAAA,CAAO,WAAA,CAAY,CAAC,CAAE,CAAA;AAClC,IAAA,IAAA,CAAK,MAAA,EAAQ,IAAI,GAAA,GAAM,GAAA;AACvB,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,CAAA,GAAK,GAAA;AAC9B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAC/B,IAAA,IAAA,CAAK,MAAA,EAAQ,CAAA,GAAK,GAAA,IAAO,EAAA,GAAM,GAAA;AAAA,EACjC;AAEA,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,IAAI,CAAA;AAClC,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,4BAAA,EAA8B,KAAA,EAAO,aAAa,CAAA;AAC1E;AAKO,SAAS,0BAA0B,OAAA,EAKxC;AACA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,OAAA,EAAS,aAAa,CAAA;AAErD,EAAA,IAAI,OAAA,CAAQ,WAAW,4BAAA,EAA8B;AACnD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,gDAAA,EAAmD,4BAA4B,CAAA,QAAA,EAAW,OAAA,CAAQ,MAAM,CAAA,CAAA;AAAA,KAC1G;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,IAAI,UAAA,CAAW,QAAQ,SAAA,CAAU,OAAA,CAAQ,KAAK,CAAC,CAAA;AAC5D,EAAA,IAAI,MAAA,GAAS,CAAA;AAEb,EAAA,MAAM,OAAA,GAAU,KAAK,MAAA,EAAQ,CAAA;AAC7B,EAAA,IAAI,YAAY,qBAAA,EAAuB;AACrC,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,mCAAA,EAAsC,OAAO,CAAA,YAAA,EAAe,qBAAqB,CAAA,CAAA;AAAA,KACnF;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GACH,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,KACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,EAAA,GACnB,IAAA,CAAK,MAAA,EAAQ,CAAA,IAAM,CAAA,GACpB,KAAK,MAAA,EAAQ,CAAA;AAGf,EAAA,MAAM,YAAsB,EAAC;AAC7B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,SAAA,CAAU,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAChC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAGA,EAAA,MAAM,cAAwB,EAAC;AAC/B,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,MACJ,IAAA,CAAK,MAAM,CAAA,GACV,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,CAAA,GACrB,IAAA,CAAK,SAAS,CAAC,CAAA,IAAM,KACrB,IAAA,CAAK,MAAA,GAAS,CAAC,CAAA,IAAM,EAAA;AACxB,IAAA,WAAA,CAAY,IAAA,CAAK,MAAA,CAAO,GAAA,KAAQ,CAAC,CAAC,CAAA;AAClC,IAAA,MAAA,IAAU,CAAA;AAAA,EACZ;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAKO,SAAS,2BAA2B,OAAA,EAA0B;AACnE,EAAA,IAAI;AACF,IAAA,yBAAA,CAA0B,OAAO,CAAA;AACjC,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKO,SAAS,2BAAA,CACd,IAAA,EACA,OAAA,GAAkB,CAAA,EACV;AACR,EAAA,OAAO,yBAAA,CAA0B,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,kBAAkB,OAAO,CAAA;AACtF;AAKO,SAAS,kBAAkB,OAAA,EAAgD;AAChF,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,sBAAA,GAAyB,GAAG,GAAG,OAAO,OAAA;AAC7D,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,4BAAA,GAA+B,GAAG,GAAG,OAAO,OAAA;AACnE,EAAA,OAAO,SAAA;AACT;AA3YA,IAgCa,sBAAA,CAAA,CAKA,eAAA,CAAA,CAKP,aAAA,CAAA,CAwMO,4BAAA,CAAA,CAKA;AAvPb,IAAA,YAAA,GAAA,KAAA,CAAA;AAAA,EAAA,qBAAA,GAAA;AAqBA,IAAA,WAAA,EAAA;AAWO,IAAM,sBAAA,GAAyB,KAAA;AAK/B,IAAM,eAAA,GAAkB,CAAA;AAK/B,IAAM,aAAA,GAAgB,IAAA;AAwMf,IAAM,4BAAA,GAA+B,KAAA;AAKrC,IAAM,qBAAA,GAAwB,CAAA;AAAA,EAAA;AAAA,CAAA;;;AChM9B,IAAM,qBAAN,MAAyB;AAAA,EACtB,MAAA;AAAA,EACA,OAAA,uBAAc,GAAA,EAA0B;AAAA,EACxC,UAAA,GAAa,KAAA;AAAA,EAErB,YAAY,MAAA,EAAgB;AAC1B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAEd,IAAA,IAAA,CAAK,MAAA,CAAO,SAAA,GAAY,CAAC,CAAA,KAAyC;AAChE,MAAA,IAAA,CAAK,aAAA,CAAc,EAAE,IAAI,CAAA;AAAA,IAC3B,CAAA;AAEA,IAAA,IAAA,CAAK,MAAA,CAAO,OAAA,GAAU,CAAC,CAAA,KAAkB;AACvC,MAAA,OAAA,CAAQ,KAAA,CAAM,oCAAA,EAAsC,CAAA,CAAE,OAAA,EAAS,CAAC,CAAA;AAChE,MAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,QAAA,CAAA,CAAE,OAAO,IAAI,KAAA,CAAM,iBAAiB,CAAA,CAAE,OAAO,EAAE,CAAC,CAAA;AAAA,MAClD;AACA,MAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,IACrB,CAAA;AAAA,EACF;AAAA,EAEQ,cAAc,IAAA,EAA2B;AAC/C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,KAAK,EAAE,CAAA;AACtC,IAAA,IAAI,CAAC,KAAA,EAAO;AAEZ,IAAA,QAAQ,KAAK,IAAA;AAAM,MACjB,KAAK,UAAA;AACH,QAAA,KAAA,CAAM,UAAA,GAAa,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,QAAA;AAAA,MACF,KAAK,mBAAA;AACH,QAAA,KAAA,CAAM,kBAAA,GAAqB,KAAK,QAAQ,CAAA;AACxC,QAAA;AAAA,MACF,KAAK,QAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,OAAA,CAAQ,KAAK,KAAK,CAAA;AACxB,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,EAAE,CAAA;AAC3B,QAAA,KAAA,CAAM,MAAA,CAAO,IAAI,KAAA,CAAM,IAAA,CAAK,OAAO,CAAC,CAAA;AACpC,QAAA;AAAA;AACJ,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAA,CACJ,WAAA,EACA,QACA,OAAA,EACA,UAAA,EACA,QACA,kBAAA,EACsB;AACtB,IAAA,IAAI,KAAK,UAAA,EAAY;AACnB,MAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAAA,IAC9C;AAEA,IAAA,OAAO,IAAI,OAAA,CAAqB,CAAC,OAAA,EAAS,MAAA,KAAW;AACnD,MAAA,MAAM,EAAA,GAAK,OAAO,UAAA,EAAW;AAE7B,MAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AACjE,QAAA;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,OAAA,CAAQ,IAAI,EAAA,EAAI,EAAE,SAAS,MAAA,EAAQ,UAAA,EAAY,oBAAoB,CAAA;AAExE,MAAA,MAAM,UAAU,MAAM;AACpB,QAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,EAAE,CAAA;AACtB,QAAA,MAAA,CAAO,IAAI,YAAA,CAAa,0BAAA,EAA4B,YAAY,CAAC,CAAA;AAAA,MACnE,CAAA;AAEA,MAAA,MAAA,EAAQ,iBAAiB,OAAA,EAAS,OAAA,EAAS,EAAE,IAAA,EAAM,MAAM,CAAA;AAIzD,MAAA,MAAM,eAAA,GAAkB,OAAO,MAAA,KAAW,WAAA,GACtC,IAAI,GAAA,CAAI,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAE,IAAA,GACvC,OAAA;AAEJ,MAAA,IAAA,CAAK,OAAO,WAAA,CAAY;AAAA,QACtB,IAAA,EAAM,OAAA;AAAA,QACN,EAAA;AAAA,QACA,WAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,OACmB,CAAA;AAAA,IAChC,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,SAAA,GAAY;AACV,IAAA,IAAA,CAAK,UAAA,GAAa,IAAA;AAClB,IAAA,IAAA,CAAK,OAAO,SAAA,EAAU;AACtB,IAAA,KAAA,MAAW,GAAG,CAAC,CAAA,IAAK,KAAK,OAAA,EAAS;AAChC,MAAA,CAAA,CAAE,MAAA,CAAO,IAAI,YAAA,CAAa,mBAAA,EAAqB,YAAY,CAAC,CAAA;AAAA,IAC9D;AACA,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AACF;AAcA,eAAsB,qBAAA,CACpB,WAAA,EACA,MAAA,EACA,OAAA,EACA,OAAA,EAMsB;AACtB,EAAA,MAAM,EAAE,UAAA,EAAY,kBAAA,EAAoB,QAAQ,MAAA,EAAO,GAAI,WAAW,EAAC;AAEvE,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,OAAO,MAAA,CAAO,MAAM,WAAA,EAAa,MAAA,EAAQ,WAAW,EAAA,EAAI,UAAA,EAAY,QAAQ,kBAAkB,CAAA;AAAA,EAChG;AAGA,EAAA,MAAM,EAAE,gBAAA,EAAiB,GAAI,MAAM,OAAO,qBAAY,CAAA;AACtD,EAAA,OAAO,iBAAiB,WAAA,EAAa,MAAA,EAAQ,SAAS,UAAA,EAAY,EAAE,oBAAoB,CAAA;AAC1F;ACpFO,IAAM,iBAAiB,GAAA,IAAO;AAM9B,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACpD,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACnD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA;AAAM;AAEtD;AAEO,IAAM,uBAAA,GAA0B;AAAA,EACrC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,iBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAC1D,EAAE,IAAA,EAAM,wBAAA,EAA0B,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IACjE,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACtD,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IACvD,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,wBAAA,GAA2B;AAAA,EACtC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,kBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,sBAAA,EAAwB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAChE,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC/D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA,EAAM;AAAA,IAC1D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,0BAAA,GAA6B;AAAA,EACxC,IAAA,EAAM,OAAA;AAAA,EACN,IAAA,EAAM,oBAAA;AAAA,EACN,MAAA,EAAQ;AAAA,IACN,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAW,SAAS,IAAA,EAAK;AAAA,IAClD,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC9D,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,SAAA,EAAW,SAAS,KAAA,EAAM;AAAA,IAC5D,EAAE,IAAA,EAAM,qBAAA,EAAuB,IAAA,EAAM,OAAA,EAAS,SAAS,KAAA;AAAM;AAEjE;AAEO,IAAM,eAAA,GAAkB;AAAA,EAC7B,uBAAA;AAAA,EACA,uBAAA;AAAA,EACA,wBAAA;AAAA,EACA;AACF;AAUO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,OAAQ,aAAa,IAAA,GAAQ,cAAA;AAC/B;AAMO,SAAS,iBAAA,CAAkB,YAAoB,IAAA,EAAsB;AAC1E,EAAA,IAAI,IAAA,KAAS,EAAA,EAAI,MAAM,IAAI,MAAM,qBAAqB,CAAA;AACtD,EAAA,OAAQ,aAAa,cAAA,GAAkB,IAAA;AACzC;AAMO,SAAS,WAAA,CAAY,YAAoB,SAAA,EAA2B;AACzE,EAAA,IAAI,UAAA,KAAe,EAAA,EAAI,MAAM,IAAI,MAAM,4BAA4B,CAAA;AACnE,EAAA,OAAQ,YAAY,cAAA,GAAkB,UAAA;AACxC;AAMO,SAAS,UAAA,CAAW,IAAA,EAAc,QAAA,GAAmB,CAAA,EAAW;AACrE,EAAA,MAAM,QAAQ,IAAA,GAAO,cAAA;AACrB,EAAA,MAAM,OAAO,IAAA,GAAO,cAAA;AACpB,EAAA,MAAM,OAAA,GAAU,IAAA,CAAK,QAAA,EAAS,CAAE,QAAA,CAAS,IAAI,GAAG,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,QAAQ,CAAA;AACnE,EAAA,OAAO,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA;AAC5B;AAUO,SAAS,qBAAqB,YAAA,EAAwB;AAC3D,EAAA,OAAO,SAAA,CAAU,mBAAA;AAAA,IACf,mBAAmB,SAAS,CAAA;AAAA,IAC5B,CAAC,YAAY;AAAA,GACd,CAAA;AACH;AAKO,SAAS,oBAAA,GAA4B;AAC1C,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,MAAM,KAAK,CAAA;AACpB;AASO,SAAS,iBAAA,CACd,QACA,gBAAA,EACkB;AAClB,EAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,gBAAA,CAAiB,IAAI,CAAA,EAAA,KAAM,EAAA,CAAG,QAAA,EAAU,CAAC,CAAA;AAChE,EAAA,OAAO,MAAA,CAAO,OAAO,CAAA,CAAA,KAAK,MAAA,CAAO,IAAI,CAAA,CAAE,UAAA,CAAW,QAAA,EAAU,CAAC,CAAA;AAC/D;AAKO,SAAS,uBAAA,CACd,MAAA,EACA,SAAA,EACA,QAAA,EACkB;AAClB,EAAA,MAAM,IAAA,GAAO,UAAU,WAAA,EAAY;AACnC,EAAA,MAAM,GAAA,GAAM,SAAS,WAAA,EAAY;AACjC,EAAA,OAAO,MAAA,CAAO,MAAA;AAAA,IACZ,CAAA,CAAA,KAAK,EAAE,SAAA,CAAU,WAAA,OAAkB,IAAA,IAAQ,CAAA,CAAE,QAAA,CAAS,WAAA,EAAY,KAAM;AAAA,GAC1E;AACF;AAKO,SAAS,mBAAA,CAAoB,OAAmC,WAAA,EAA8B;AACnG,EAAA,MAAM,QAAA,GAAW,qBAAA,IAAyB,KAAA,GAAQ,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC9E,EAAA,OAAO,QAAA,KAAa,MAAM,QAAA,KAAa,WAAA;AACzC;AAMA,IAAM,oBAAA,GAAuB,kBAAA;AAE7B,SAAS,SAAA,CAAU,SAAiB,OAAA,EAAsB;AACxD,EAAA,OAAO,GAAG,oBAAoB,CAAA,EAAG,QAAQ,WAAA,EAAa,IAAI,OAAO,CAAA,CAAA;AACnE;AAMO,SAAS,iBAAA,CAAkB,OAAA,EAAc,YAAA,EAAmB,OAAA,EAAwB;AACzF,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,GAAG,YAAY,CAAA;AAAA,EAChE;AAEA,EAAA,YAAA,CAAa,QAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,IAAI,YAAY,CAAA;AACxE;AAMO,SAAS,eAAA,CAAgB,SAAc,OAAA,EAA8B;AAC1E,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,IAAA;AAChD,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,SAAS,YAAA,CAAa,OAAA,CAAQ,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAC/D,IAAA,IAAI,QAAQ,OAAO,MAAA;AAAA,EACrB;AAEA,EAAA,OAAO,aAAa,OAAA,CAAQ,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AACjE;AAKO,SAAS,kBAAA,CAAmB,SAAc,OAAA,EAAwB;AACvE,EAAA,IAAI,OAAO,iBAAiB,WAAA,EAAa;AACzC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,YAAA,CAAa,UAAA,CAAW,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AAAA,EACrD;AACA,EAAA,YAAA,CAAa,UAAA,CAAW,CAAA,EAAG,oBAAoB,CAAA,EAAG,OAAO,CAAA,CAAE,CAAA;AAC7D;AAMO,SAAS,eAAe,OAAA,EAAyB;AACtD,EAAA,IAAI,OAAO,YAAA,KAAiB,WAAA,EAAa,OAAO,EAAC;AACjD,EAAA,MAAM,MAAA,GAAS,UACX,CAAA,EAAG,oBAAoB,GAAG,OAAA,CAAQ,WAAA,EAAa,CAAA,CAAA,CAAA,GAC/C,oBAAA;AACJ,EAAA,MAAM,MAAa,EAAC;AACpB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,YAAA,CAAa,QAAQ,CAAA,EAAA,EAAK;AAC5C,IAAA,MAAM,GAAA,GAAM,YAAA,CAAa,GAAA,CAAI,CAAC,CAAA;AAC9B,IAAA,IAAI,GAAA,EAAK,UAAA,CAAW,MAAM,CAAA,EAAG;AAC3B,MAAA,GAAA,CAAI,IAAA,CAAK,GAAA,CAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAQ,CAAA;AAAA,IAC1C;AAAA,EACF;AACA,EAAA,OAAO,GAAA;AACT;AASO,SAAS,aAAA,CAAc,OAAkB,YAAA,EAA+B;AAC7E,EAAA,OAAO,CAAC,KAAA,CAAM,OAAA,IAAW,CAAC,KAAA,CAAM,aAAa,YAAA,IAAgB,KAAA,CAAM,MAAA,IAAU,KAAA,CAAM,mBAAA,GAAsB,EAAA;AAC3G;AAKO,SAAS,qBAAA,CAAsB,YAAoB,IAAA,EAAsB;AAC9E,EAAA,OAAO,iBAAA,CAAkB,YAAY,IAAI,CAAA;AAC3C;AAKO,SAAS,sBAAsB,KAAA,EAA0B;AAC9D,EAAA,IAAI,KAAA,CAAM,UAAA,KAAe,EAAA,EAAI,OAAO,CAAA;AACpC,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,GAAa,KAAA,CAAM,mBAAA;AACxC,EAAA,OAAO,MAAA,CAAQ,MAAA,GAAS,MAAA,GAAU,KAAA,CAAM,UAAU,CAAA,GAAI,GAAA;AACxD;AClUA,SAAS,gBAAA,CAAiB,MAAkB,SAAA,EAAgD;AAC1F,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,CAAA;AAAA,IACT,gBAAgBC,KAAAA,CAAM,IAAA,CAAK,gBAAgB,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACvD,WAAWA,KAAAA,CAAM,IAAA,CAAK,WAAW,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C,eAAeA,KAAAA,CAAM,IAAA,CAAK,eAAe,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACrD,aAAaA,KAAAA,CAAM,IAAA,CAAK,aAAa,EAAE,IAAA,EAAM,IAAI,CAAA;AAAA,IACjD,GAAI,SAAA,GAAY;AAAA,MACd,aAAa,SAAA,CAAU,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACxD,gBAAgB,SAAA,CAAU,cAAA,CAAe,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MAC9D,oBAAoB,SAAA,CAAU,kBAAA,CAAmB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU,CAAA;AAAA,MACtE,kBAAkB,SAAA,CAAU,gBAAA,CAAiB,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,UAAU;AAAA,QAChE;AAAC,GACP;AACF;AAEA,SAAS,mBAAmB,IAAA,EAA4E;AACtG,EAAA,IAAI,IAAA,CAAK,OAAA,KAAY,CAAA,IAAK,CAAC,KAAK,cAAA,EAAgB;AAC9C,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,MAAM,IAAA,GAAmB;AAAA,IACvB,cAAA,EAAgB,MAAA,CAAO,IAAA,CAAK,cAAc,CAAA;AAAA,IAC1C,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA;AAAA,IAChC,aAAA,EAAe,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAAA,IACxC,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,WAAW;AAAA,GACtC;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,KAAK,WAAA,EAAa;AACpB,IAAA,SAAA,GAAY;AAAA,MACV,aAAa,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAChD,gBAAgB,IAAA,CAAK,cAAA,CAAgB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MACvD,oBAAoB,IAAA,CAAK,kBAAA,CAAoB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,MAC/D,kBAAkB,IAAA,CAAK,gBAAA,CAAkB,IAAI,CAAA,CAAA,KAAK,MAAA,CAAO,CAAC,CAAC;AAAA,KAC7D;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,MAAM,SAAA,EAAU;AAC3B;AAuBO,IAAM,yBAAN,MAAwD;AAAA,EAG7D,WAAA,CACU,SACR,UAAA,EACA;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGR,IAAA,IAAA,CAAK,UAAA,GAAa,CAAA,QAAA,EAAW,UAAA,CAAW,WAAA,EAAa,CAAA,CAAA;AAAA,EACvD;AAAA,EAPQ,UAAA;AAAA,EASR,MAAM,IAAA,GAA0E;AAC9E,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAuB,KAAK,UAAU,CAAA;AACtE,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,IAAI;AACF,MAAA,OAAO,mBAAmB,IAAI,CAAA;AAAA,IAChC,CAAA,CAAA,MAAQ;AAEN,MAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,IAAA,CAAK,IAAA,EAAkB,SAAA,EAA4C;AACvE,IAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,IAAA,EAAM,SAAS,CAAA;AACnD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AAAA,EAC3C;AACF;AAcO,IAAM,uBAAN,MAAsD;AAAA,EAC3D,WAAA,CACU,MACA,SAAA,EACR;AAFQ,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EACP;AAAA,EAEH,MAAM,IAAA,GAAO;AACX,IAAA,OAAO,EAAE,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,SAAA,EAAW,KAAK,SAAA,EAAU;AAAA,EACtD;AAAA,EAEA,MAAM,IAAA,GAAsB;AAAA,EAE5B;AAAA,EAEA,MAAM,KAAA,GAAuB;AAAA,EAE7B;AACF;ACvHO,IAAM,YAAN,MAAsC;AAAA,EAM3C,WAAA,CACU,OAAA,EACA,UAAA,GAAqB,OAAA,EAC7B;AAFQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AAAA,EACP;AAAA,EARK,QAAwB,EAAC;AAAA,EACzB,aAAA,uBAAoB,GAAA,EAAY;AAAA,EAChC,SAAA,uBAAgB,GAAA,EAAgB;AAAA,EAChC,KAAA,GAAQ,KAAA;AAAA;AAAA,EAShB,QAAA,GAA2B;AACzB,IAAA,OAAO,CAAC,GAAG,IAAA,CAAK,KAAK,CAAA;AAAA,EACvB;AAAA,EAEA,gBAAgB,WAAA,EAA2C;AACzD,IAAA,IAAI,SAAS,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,CAAA,KAAK,CAAA,CAAE,WAAW,OAAO,CAAA;AACxD,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,MAAA,GAAS,OAAO,MAAA,CAAO,CAAA,CAAA,KAAA,CAAM,CAAA,CAAE,WAAA,IAAe,aAAa,WAAW,CAAA;AAAA,IACxE;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,UAAA,CAAW,OAAgB,WAAA,EAAmC;AAC5D,IAAA,IAAI,KAAA,GAAQ,IAAA,CAAK,eAAA,CAAgB,WAAW,CAAA;AAC5C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,UAAA,GAAa,MAAM,WAAA,EAAY;AACrC,MAAA,KAAA,GAAQ,MAAM,MAAA,CAAO,CAAA,CAAA,KAAK,EAAE,KAAA,CAAM,WAAA,OAAkB,UAAU,CAAA;AAAA,IAChE;AACA,IAAA,OAAO,KAAA,CAAM,OAAO,CAAC,GAAA,EAAK,MAAM,GAAA,GAAM,CAAA,CAAE,QAAQ,EAAE,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,QAAQ,IAAA,EAA6B;AACnC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,IAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,GAAG,OAAO,KAAA;AAGxC,IAAA,MAAM,UAAA,GAA2B;AAAA,MAC/B,GAAG,IAAA;AAAA,MACH,UAAA,EAAY,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AAAA,MACxC,MAAA,EAAQ,cAAA,CAAe,IAAA,CAAK,MAAM,CAAA;AAAA,MAClC,KAAA,EAAO,cAAA,CAAe,IAAA,CAAK,KAAK;AAAA,KAClC;AAEA,IAAA,IAAA,CAAK,KAAA,CAAM,KAAK,UAAU,CAAA;AAC1B,IAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,IAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,KAAA,EAA+B;AACtC,IAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,IAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,MAAA,IAAI,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA,EAAG,KAAA,EAAA;AAAA,IAC1B;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,UAAA,EAA0B;AAClC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,OAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,UAAA,EAA0B;AACpC,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,KAAW,OAAA,EAAS;AACnC,MAAA,IAAA,CAAK,MAAA,GAAS,WAAA;AACd,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA,CAAgB,YAAoB,SAAA,EAAyB;AAC3D,IAAA,MAAM,GAAA,GAAM,WAAW,WAAA,EAAY;AACnC,IAAA,MAAM,IAAA,GAAO,KAAK,KAAA,CAAM,IAAA,CAAK,OAAK,CAAA,CAAE,UAAA,CAAW,WAAA,EAAY,KAAM,GAAG,CAAA;AACpE,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,SAAA,KAAc,SAAA,EAAW;AACxC,MAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AACjB,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AACb,MAAA,IAAA,CAAK,MAAA,EAAO;AAAA,IACd;AAAA,EACF;AAAA;AAAA,EAIA,MAAM,IAAA,GAAsB;AAC1B,IAAA,MAAM,aAAa,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAsB,KAAK,UAAU,CAAA;AAC3E,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,KAAA,CAAM,OAAA,CAAQ,UAAU,CAAA,EAAG;AAC7C,MAAA,IAAA,CAAK,QAAQ,EAAC;AACd,MAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,MAAA;AAAA,IACF;AAGA,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,KAAA,MAAW,KAAK,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,GAAO,gBAAgB,CAAC,CAAA;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,CAAW,WAAA,EAAY;AACxC,MAAA,IAAI,IAAA,CAAK,aAAA,CAAc,GAAA,CAAI,GAAG,CAAA,EAAG;AAAE,QAAA,OAAA,EAAA;AAAW,QAAA;AAAA,MAAS;AACvD,MAAA,IAAA,CAAK,aAAA,CAAc,IAAI,GAAG,CAAA;AAC1B,MAAA,IAAA,CAAK,KAAA,CAAM,KAAK,IAAI,CAAA;AAAA,IACtB;AACA,IAAA,IAAI,UAAU,CAAA,EAAG;AACf,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oBAAA,EAAuB,OAAO,CAAA,wBAAA,CAA0B,CAAA;AACpE,MAAA,IAAA,CAAK,KAAA,GAAQ,IAAA;AAAA,IACf,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,IACf;AAAA,EACF;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,IAAI,CAAC,KAAK,KAAA,EAAO;AACjB,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,aAAa,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,YAAY,UAAU,CAAA;AAClD,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,MAAM,KAAA,GAAuB;AAC3B,IAAA,IAAA,CAAK,QAAQ,EAAC;AACd,IAAA,IAAA,CAAK,cAAc,KAAA,EAAM;AACzB,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AACb,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,IAAA,CAAK,MAAA,EAAO;AAAA,EACd;AAAA;AAAA,EAIA,SAAS,QAAA,EAAkC;AACzC,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,QAAQ,CAAA;AAC3B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,EAC7C;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,QAAA,EAAS;AAAA,IACX;AAAA,EACF;AACF;AAMA,SAAS,cAAc,IAAA,EAAoC;AACzD,EAAA,OAAO;AAAA,IACL,GAAG,IAAA;AAAA,IACH,MAAA,EAAQ,IAAA,CAAK,MAAA,CAAO,QAAA,EAAS;AAAA,IAC7B,QAAA,EAAU,IAAA,CAAK,QAAA,CAAS,QAAA;AAAS,GACnC;AACF;AAEA,SAAS,gBAAgB,CAAA,EAAiC;AACxD,EAAA,OAAO;AAAA,IACL,GAAG,CAAA;AAAA,IACH,MAAA,EAAQ,MAAA,CAAO,CAAA,CAAE,MAAM,CAAA;AAAA,IACvB,QAAA,EAAU,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA;AAAA,IAC3B,WAAA,EAAa,EAAE,WAAA,IAAe;AAAA,GAChC;AACF;AAEA,SAAS,eAAe,IAAA,EAAsB;AAC5C,EAAA,IAAI;AACF,IAAA,OAAO,WAAW,IAAI,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF","file":"chunk-2NKFTLPD.js","sourcesContent":["/**\n * Stealth Address Utilities (Post-Quantum, Hash-Based)\n *\n * Implements stealth addresses using Poseidon hashes with bech32m encoding.\n * No BabyJubJub curve operations — ownership is proven via hash preimage.\n *\n * Address Format (bech32m):\n * 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * Key Flow (self-shield):\n * 1. User derives ownerHash = Poseidon(spendingSecret)\n * 2. Commitment = Poseidon(amount, ownerHash, blinding, origin, token)\n * 3. Encrypt note with key derived from viewingSecret\n *\n * Key Flow (send to others, future):\n * 1. Decode recipient's stealth address (ownerHash, viewingHash)\n * 2. Generate per-note secret and derive ownerHash for the note\n * 3. Encrypt note so recipient's viewingSecret can decrypt\n */\n\nimport { bech32m } from 'bech32'\nimport {\n randomFieldElement,\n bigintToBytes,\n bytesToBigint,\n} from '../utils/crypto.js'\nimport type { MasterKeys, StarkMasterKeys, OneTimeKeys } from '../keys/types.js'\nimport type { M31Digest } from '../utils/keccak-m31.js'\n\n/**\n * Stealth address prefix\n */\nexport const STEALTH_ADDRESS_PREFIX = '0zk'\n\n/**\n * Address version (v2 = hash-based, post-quantum)\n */\nexport const ADDRESS_VERSION = 2\n\n/**\n * Maximum length for bech32m encoding\n */\nconst BECH32M_LIMIT = 1023\n\n/**\n * Encode a stealth address in bech32m format\n *\n * Format: 0zk1<version><chainId><ownerHash><viewingHash>\n *\n * @param ownerHash - Owner hash = Poseidon(spendingSecret)\n * @param viewingHash - Viewing hash = Poseidon(viewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n * @returns bech32m encoded stealth address\n */\nexport function encodeStealthAddress(\n ownerHash: bigint,\n viewingHash: bigint,\n chainId: number = 0\n): string {\n // Build data buffer: version (1 byte) + chainId (4 bytes) + 2 * 32 bytes = 69 bytes\n const data = new Uint8Array(1 + 4 + 32 * 2)\n let offset = 0\n\n // Version\n data[offset++] = ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash (32 bytes)\n const ownerBytes = bigintToBytes(ownerHash, 32)\n data.set(ownerBytes, offset)\n offset += 32\n\n // Viewing hash (32 bytes)\n const viewingBytes = bigintToBytes(viewingHash, 32)\n data.set(viewingBytes, offset)\n\n // Convert to 5-bit words for bech32m\n const words = bech32m.toWords(data)\n\n // Encode with prefix\n return bech32m.encode(STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a bech32m stealth address\n *\n * @param address - bech32m encoded stealth address\n * @returns Decoded hash values\n */\nexport function decodeStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: bigint\n viewingHash: bigint\n} {\n // Decode bech32m\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n // Verify prefix\n if (decoded.prefix !== STEALTH_ADDRESS_PREFIX) {\n throw new Error(`Invalid stealth address prefix: expected '${STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`)\n }\n\n // Convert from 5-bit words back to bytes\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n\n // Parse version\n let offset = 0\n const version = data[offset++]!\n\n if (version !== ADDRESS_VERSION) {\n throw new Error(`Unsupported address version: ${version}. Expected v${ADDRESS_VERSION} (hash-based).`)\n }\n\n // Parse chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Parse owner hash (32 bytes)\n const ownerHash = bytesToBigint(data.slice(offset, offset + 32))\n offset += 32\n\n // Parse viewing hash (32 bytes)\n const viewingHash = bytesToBigint(data.slice(offset, offset + 32))\n\n return {\n version,\n chainId,\n ownerHash,\n viewingHash,\n }\n}\n\n/**\n * Validate a stealth address format\n */\nexport function isValidStealthAddress(address: string): boolean {\n try {\n decodeStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate stealth address from master keys\n */\nexport function generateStealthAddress(keys: MasterKeys, chainId: number = 0): string {\n return encodeStealthAddress(keys.ownerHash, keys.viewingHash, chainId)\n}\n\n/**\n * Create one-time keys for a transaction (hash-based)\n *\n * For self-shield: the user uses their own spendingSecret directly\n * as the ownerSecret, producing ownerHash = Poseidon(spendingSecret).\n *\n * For sending to others (future): generate a random oneTimeSecret\n * and derive ownerHash = Poseidon(oneTimeSecret).\n *\n * @param recipientOwnerHash - Recipient's owner hash (for verification)\n * @param selfSecret - If self-shield, the user's spending secret\n * @returns One-time keys for the note\n */\nexport async function createOneTimeKeys(\n _recipientOwnerHash?: bigint,\n selfSecret?: bigint,\n): Promise<OneTimeKeys> {\n const { poseidon } = await import('../utils/poseidon.js')\n\n if (selfSecret !== undefined) {\n // Self-shield: use own spending secret\n const ownerHash = await poseidon([selfSecret])\n return {\n oneTimeSecret: selfSecret,\n ownerHash,\n }\n }\n\n // Generate random one-time secret for the note\n const oneTimeSecret = randomFieldElement()\n const ownerHash = await poseidon([oneTimeSecret])\n\n return {\n oneTimeSecret,\n ownerHash,\n }\n}\n\n/**\n * Verify ownership of a note by checking hash preimage\n *\n * @param secret - Claimed spending secret\n * @param expectedOwnerHash - Owner hash from the note commitment\n * @returns True if the secret hashes to the expected owner hash\n */\nexport async function verifyOwnership(\n secret: bigint,\n expectedOwnerHash: bigint\n): Promise<boolean> {\n const { poseidon } = await import('../utils/poseidon.js')\n const computedHash = await poseidon([secret])\n return computedHash === expectedOwnerHash\n}\n\n/**\n * Compute shared secret for note encryption/decryption (hash-based)\n *\n * For self-shield: just uses the viewing secret directly.\n * For sending to others (future): use Poseidon(viewingSecret, recipientViewingHash)\n *\n * @param viewingSecret - Sender's or recipient's viewing secret\n * @param nonce - Optional nonce for key derivation\n * @returns Encryption key as bigint\n */\nexport async function computeNoteEncryptionKey(\n viewingSecret: bigint,\n nonce?: bigint\n): Promise<bigint> {\n const { poseidon } = await import('../utils/poseidon.js')\n if (nonce !== undefined) {\n return poseidon([viewingSecret, nonce])\n }\n return poseidon([viewingSecret])\n}\n\n// =========================================================================\n// STARK Stealth Addresses (0zs prefix, M31/Keccak-based)\n// =========================================================================\n\n/**\n * STARK stealth address prefix\n */\nexport const STARK_STEALTH_ADDRESS_PREFIX = '0zs'\n\n/**\n * STARK address version (v1 = M31/Keccak)\n */\nexport const STARK_ADDRESS_VERSION = 1\n\n/**\n * Encode a STARK stealth address in bech32m format\n *\n * Format: 0zs1<version><chainId><ownerHash[0..3]><viewingHash[0..3]>\n *\n * Each M31 element is encoded as 4 bytes (little-endian).\n * Total data: 1 (version) + 4 (chainId) + 16 (ownerHash) + 16 (viewingHash) = 37 bytes.\n *\n * @param ownerHash - 4 M31 elements: keccak_m31(starkSecret)\n * @param viewingHash - 4 M31 elements: keccak_m31(starkViewingSecret)\n * @param chainId - Optional chain ID (0 = any chain)\n */\nexport function encodeStarkStealthAddress(\n ownerHash: M31Digest,\n viewingHash: M31Digest,\n chainId: number = 0\n): string {\n const data = new Uint8Array(1 + 4 + 16 + 16) // 37 bytes\n let offset = 0\n\n // Version\n data[offset++] = STARK_ADDRESS_VERSION\n\n // Chain ID (4 bytes, big-endian)\n data[offset++] = (chainId >> 24) & 0xff\n data[offset++] = (chainId >> 16) & 0xff\n data[offset++] = (chainId >> 8) & 0xff\n data[offset++] = chainId & 0xff\n\n // Owner hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(ownerHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n // Viewing hash: 4 M31 elements, each 4 bytes LE\n for (let i = 0; i < 4; i++) {\n const val = Number(viewingHash[i]!)\n data[offset++] = val & 0xff\n data[offset++] = (val >> 8) & 0xff\n data[offset++] = (val >> 16) & 0xff\n data[offset++] = (val >> 24) & 0xff\n }\n\n const words = bech32m.toWords(data)\n return bech32m.encode(STARK_STEALTH_ADDRESS_PREFIX, words, BECH32M_LIMIT)\n}\n\n/**\n * Decode a STARK stealth address (0zs prefix)\n */\nexport function decodeStarkStealthAddress(address: string): {\n version: number\n chainId: number\n ownerHash: M31Digest\n viewingHash: M31Digest\n} {\n const decoded = bech32m.decode(address, BECH32M_LIMIT)\n\n if (decoded.prefix !== STARK_STEALTH_ADDRESS_PREFIX) {\n throw new Error(\n `Invalid STARK stealth address prefix: expected '${STARK_STEALTH_ADDRESS_PREFIX}', got '${decoded.prefix}'`\n )\n }\n\n const data = new Uint8Array(bech32m.fromWords(decoded.words))\n let offset = 0\n\n const version = data[offset++]!\n if (version !== STARK_ADDRESS_VERSION) {\n throw new Error(\n `Unsupported STARK address version: ${version}. Expected v${STARK_ADDRESS_VERSION}.`\n )\n }\n\n // Chain ID\n const chainId =\n (data[offset++]! << 24) |\n (data[offset++]! << 16) |\n (data[offset++]! << 8) |\n data[offset++]!\n\n // Owner hash: 4 M31 LE uint32s\n const ownerHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n ownerHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n // Viewing hash: 4 M31 LE uint32s\n const viewingHash: bigint[] = []\n for (let i = 0; i < 4; i++) {\n const val =\n data[offset]! |\n (data[offset + 1]! << 8) |\n (data[offset + 2]! << 16) |\n (data[offset + 3]! << 24)\n viewingHash.push(BigInt(val >>> 0))\n offset += 4\n }\n\n return {\n version,\n chainId,\n ownerHash: ownerHash as unknown as M31Digest,\n viewingHash: viewingHash as unknown as M31Digest,\n }\n}\n\n/**\n * Validate a STARK stealth address format\n */\nexport function isValidStarkStealthAddress(address: string): boolean {\n try {\n decodeStarkStealthAddress(address)\n return true\n } catch {\n return false\n }\n}\n\n/**\n * Generate a STARK stealth address from STARK master keys\n */\nexport function generateStarkStealthAddress(\n keys: StarkMasterKeys,\n chainId: number = 0\n): string {\n return encodeStarkStealthAddress(keys.starkOwnerHash, keys.starkViewingHash, chainId)\n}\n\n/**\n * Detect whether an address is SNARK (0zk) or STARK (0zs)\n */\nexport function detectAddressType(address: string): 'snark' | 'stark' | 'unknown' {\n if (address.startsWith(STEALTH_ADDRESS_PREFIX + '1')) return 'snark'\n if (address.startsWith(STARK_STEALTH_ADDRESS_PREFIX + '1')) return 'stark'\n return 'unknown'\n}\n","/**\n * Proof Worker Manager — off-main-thread PLONK proof generation.\n *\n * Manages a Web Worker that runs snarkjs proof generation, keeping the\n * main thread (and UI) responsive during the 10-30s proving time.\n *\n * @example\n * ```ts\n * // Create worker (consumer handles bundler integration)\n * const worker = new Worker(\n * new URL('@permissionless-technologies/upp-sdk/worker', import.meta.url)\n * )\n * const manager = new ProofWorkerManager(worker)\n *\n * const result = await manager.prove('transfer', circuitInputs, '/circuits/',\n * (stage, msg) => console.log(stage, msg)\n * )\n *\n * // Cleanup\n * manager.terminate()\n * ```\n */\n\nimport type { UPPCircuitType, UPPCircuitInputs, ProofResult, PlonkProvingStage } from './proof.js'\nimport type { DownloadProgress } from './circuit-cache.js'\n\n// ============================================================================\n// Worker Message Types\n// ============================================================================\n\nexport interface ProofWorkerRequest {\n type: 'prove'\n id: string\n circuitType: string\n inputs: Record<string, any>\n baseUrl: string\n}\n\nexport type ProofWorkerResponse =\n | { type: 'progress'; id: string; stage: PlonkProvingStage; message: string }\n | { type: 'download-progress'; id: string; progress: DownloadProgress }\n | { type: 'result'; id: string; proof: ProofResult }\n | { type: 'error'; id: string; message: string }\n\n// ============================================================================\n// ProofWorkerManager\n// ============================================================================\n\ninterface PendingProof {\n resolve: (result: ProofResult) => void\n reject: (error: Error) => void\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n}\n\nexport class ProofWorkerManager {\n private worker: Worker\n private pending = new Map<string, PendingProof>()\n private terminated = false\n\n constructor(worker: Worker) {\n this.worker = worker\n\n this.worker.onmessage = (e: MessageEvent<ProofWorkerResponse>) => {\n this.handleMessage(e.data)\n }\n\n this.worker.onerror = (e: ErrorEvent) => {\n console.error('[ProofWorkerManager] Worker error:', e.message, e)\n for (const [, p] of this.pending) {\n p.reject(new Error(`Worker error: ${e.message}`))\n }\n this.pending.clear()\n }\n }\n\n private handleMessage(data: ProofWorkerResponse) {\n const entry = this.pending.get(data.id)\n if (!entry) return\n\n switch (data.type) {\n case 'progress':\n entry.onProgress?.(data.stage, data.message)\n break\n case 'download-progress':\n entry.onDownloadProgress?.(data.progress)\n break\n case 'result':\n this.pending.delete(data.id)\n entry.resolve(data.proof)\n break\n case 'error':\n this.pending.delete(data.id)\n entry.reject(new Error(data.message))\n break\n }\n }\n\n /**\n * Generate a proof in the worker.\n *\n * @param signal - AbortSignal for cancellation. When aborted, the promise\n * rejects with AbortError. Call terminate() for hard cancellation.\n */\n async prove(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl: string,\n onProgress?: (stage: PlonkProvingStage, message: string) => void,\n signal?: AbortSignal,\n onDownloadProgress?: (progress: DownloadProgress) => void,\n ): Promise<ProofResult> {\n if (this.terminated) {\n throw new Error('Worker has been terminated')\n }\n\n return new Promise<ProofResult>((resolve, reject) => {\n const id = crypto.randomUUID()\n\n if (signal?.aborted) {\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n return\n }\n\n this.pending.set(id, { resolve, reject, onProgress, onDownloadProgress })\n\n const onAbort = () => {\n this.pending.delete(id)\n reject(new DOMException('Proof generation aborted', 'AbortError'))\n }\n\n signal?.addEventListener('abort', onAbort, { once: true })\n\n // Resolve baseUrl to absolute — workers resolve relative URLs against\n // their own script URL (a webpack chunk), not the page origin.\n const absoluteBaseUrl = typeof window !== 'undefined'\n ? new URL(baseUrl, window.location.href).href\n : baseUrl\n\n this.worker.postMessage({\n type: 'prove',\n id,\n circuitType,\n inputs,\n baseUrl: absoluteBaseUrl,\n } satisfies ProofWorkerRequest)\n })\n }\n\n /**\n * Hard-terminate the worker. All pending proofs are rejected.\n */\n terminate() {\n this.terminated = true\n this.worker.terminate()\n for (const [, p] of this.pending) {\n p.reject(new DOMException('Worker terminated', 'AbortError'))\n }\n this.pending.clear()\n }\n}\n\n// ============================================================================\n// Convenience Function\n// ============================================================================\n\n/**\n * Generate a UPP proof — uses a worker if provided, otherwise main-thread.\n *\n * This is the recommended entry point for proof generation. It provides a\n * unified API regardless of whether a worker is available.\n *\n * Circuit artifacts are automatically cached in IndexedDB after first download.\n */\nexport async function generateUPPProofAsync(\n circuitType: UPPCircuitType,\n inputs: UPPCircuitInputs,\n baseUrl?: string,\n options?: {\n onProgress?: (stage: PlonkProvingStage, message: string) => void\n onDownloadProgress?: (progress: DownloadProgress) => void\n signal?: AbortSignal\n worker?: ProofWorkerManager | null\n },\n): Promise<ProofResult> {\n const { onProgress, onDownloadProgress, signal, worker } = options ?? {}\n\n if (worker) {\n return worker.prove(circuitType, inputs, baseUrl ?? '', onProgress, signal, onDownloadProgress)\n }\n\n // Fallback: main-thread proving (with cache)\n const { generateUPPProof } = await import('./proof.js')\n return generateUPPProof(circuitType, inputs, baseUrl, onProgress, { onDownloadProgress })\n}\n","/**\n * Swap Module\n *\n * Core logic for building and interacting with the UPP in-pool swap order book.\n * Framework-agnostic (no React). Reuses withdraw verifier for proofs.\n */\n\nimport { type Address, type Hex, encodeAbiParameters, keccak256, parseAbiParameters, toHex } from 'viem'\n\n// ============================================================================\n// Types\n// ============================================================================\n\n/**\n * Swap order as stored on-chain\n */\nexport interface SwapOrder {\n /** Order ID (= maker's nullifier) */\n orderId: Hex\n /** Token being sold */\n sellToken: Address\n /** Original total sell amount */\n sellAmount: bigint\n /** Remaining sell amount (decremented on each fill) */\n remainingSellAmount: bigint\n /** Token the maker wants to receive */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Accumulated buy token amount from fills */\n accumulatedBuyAmount: bigint\n /** Maker's ASP ID (public, filterable by takers) */\n makerAspId: bigint\n /** Required filler ASP (0 = any) */\n requiredFillerAspId: bigint\n /** Block number after which order expires */\n expiry: bigint\n /** Whether the maker has claimed */\n claimed: boolean\n /** Whether the order was cancelled */\n cancelled: boolean\n}\n\n/**\n * Parameters to place a swap order\n */\nexport interface SwapOrderParams {\n /** Token to sell */\n sellToken: Address\n /** Amount to sell */\n sellAmount: bigint\n /** Token to buy */\n buyToken: Address\n /** Price: buyToken per sellToken (1e18 fixed-point) */\n rate: bigint\n /** Required filler ASP (0n = accept any) */\n requiredFillerAspId?: bigint\n /** Number of blocks until expiry (from current block) */\n expiryBlocks: bigint\n}\n\n/**\n * Parameters to fill a swap order\n */\nexport interface SwapFillParams {\n /** The order to fill */\n orderId: Hex\n /** How much sellToken the filler wants (≤ remaining) */\n takeAmount: bigint\n}\n\n/**\n * Swap order from event log\n */\nexport interface SwapOrderEvent {\n orderId: Hex\n sellToken: Address\n buyToken: Address\n sellAmount: bigint\n rate: bigint\n makerAspId: bigint\n requiredFillerAspId: bigint\n expiry: bigint\n blockNumber: bigint\n /** On-chain remaining sell amount (populated by useSwapOrderBook) */\n remainingSellAmount?: bigint\n /** Whether the order has been claimed */\n claimed?: boolean\n /** Whether the order has been cancelled */\n cancelled?: boolean\n}\n\n/**\n * Swap fill from event log\n */\nexport interface SwapFillEvent {\n orderId: Hex\n fillerNullifier: Hex\n takeAmount: bigint\n giveAmount: bigint\n fillerAspId: bigint\n remainingSellAmount: bigint\n blockNumber: bigint\n}\n\n// ============================================================================\n// Constants\n// ============================================================================\n\n/** 1e18 fixed-point precision for swap rates */\nexport const RATE_PRECISION = 10n ** 18n\n\n// ============================================================================\n// Event ABIs (for indexing swap events)\n// ============================================================================\n\nexport const SWAP_ORDER_PLACED_EVENT = {\n type: 'event',\n name: 'SwapOrderPlaced',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'sellToken', type: 'address', indexed: true },\n { name: 'buyToken', type: 'address', indexed: true },\n { name: 'sellAmount', type: 'uint256', indexed: false },\n { name: 'rate', type: 'uint256', indexed: false },\n { name: 'makerAspId', type: 'uint256', indexed: false },\n { name: 'requiredFillerAspId', type: 'uint256', indexed: false },\n { name: 'expiry', type: 'uint256', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_FILLED_EVENT = {\n type: 'event',\n name: 'SwapOrderFilled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'fillerNullifier', type: 'bytes32', indexed: true },\n { name: 'fillerOutputCommitment', type: 'bytes32', indexed: true },\n { name: 'takeAmount', type: 'uint256', indexed: false },\n { name: 'giveAmount', type: 'uint256', indexed: false },\n { name: 'fillerAspId', type: 'uint256', indexed: false },\n { name: 'remainingSellAmount', type: 'uint256', indexed: false },\n { name: 'encryptedFillerNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CLAIMED_EVENT = {\n type: 'event',\n name: 'SwapOrderClaimed',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'accumulatedBuyAmount', type: 'uint256', indexed: false },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'buyOutputCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedBuyNote', type: 'bytes', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_ORDER_CANCELLED_EVENT = {\n type: 'event',\n name: 'SwapOrderCancelled',\n inputs: [\n { name: 'orderId', type: 'bytes32', indexed: true },\n { name: 'refundedSellAmount', type: 'uint256', indexed: false },\n { name: 'refundCommitment', type: 'bytes32', indexed: false },\n { name: 'encryptedRefundNote', type: 'bytes', indexed: false },\n ],\n} as const\n\nexport const SWAP_EVENTS_ABI = [\n SWAP_ORDER_PLACED_EVENT,\n SWAP_ORDER_FILLED_EVENT,\n SWAP_ORDER_CLAIMED_EVENT,\n SWAP_ORDER_CANCELLED_EVENT,\n] as const\n\n// ============================================================================\n// Rate Calculations\n// ============================================================================\n\n/**\n * Compute the giveAmount (buyToken) for a given takeAmount (sellToken) at a rate.\n * giveAmount = (takeAmount * rate) / 1e18\n */\nexport function computeGiveAmount(takeAmount: bigint, rate: bigint): bigint {\n return (takeAmount * rate) / RATE_PRECISION\n}\n\n/**\n * Compute the maximum takeAmount for a given giveAmount and rate.\n * takeAmount = (giveAmount * 1e18) / rate\n */\nexport function computeTakeAmount(giveAmount: bigint, rate: bigint): bigint {\n if (rate === 0n) throw new Error('Rate cannot be zero')\n return (giveAmount * RATE_PRECISION) / rate\n}\n\n/**\n * Compute rate from a desired trade: I want `buyAmount` of buyToken for `sellAmount` of sellToken.\n * rate = (buyAmount * 1e18) / sellAmount\n */\nexport function computeRate(sellAmount: bigint, buyAmount: bigint): bigint {\n if (sellAmount === 0n) throw new Error('Sell amount cannot be zero')\n return (buyAmount * RATE_PRECISION) / sellAmount\n}\n\n/**\n * Format a rate for human display.\n * Returns a string like \"0.0005\" for rate = 500000000000000n (0.0005e18)\n */\nexport function formatRate(rate: bigint, decimals: number = 6): string {\n const whole = rate / RATE_PRECISION\n const frac = rate % RATE_PRECISION\n const fracStr = frac.toString().padStart(18, '0').slice(0, decimals)\n return `${whole}.${fracStr}`\n}\n\n// ============================================================================\n// Cancel Key Management\n// ============================================================================\n\n/**\n * Generate a cancel key hash from a secret.\n * The secret should be a random 32-byte value stored by the maker.\n */\nexport function computeCancelKeyHash(cancelSecret: Hex): Hex {\n return keccak256(encodeAbiParameters(\n parseAbiParameters('bytes32'),\n [cancelSecret]\n ))\n}\n\n/**\n * Generate a random cancel secret.\n */\nexport function generateCancelSecret(): Hex {\n const bytes = new Uint8Array(32)\n crypto.getRandomValues(bytes)\n return toHex(bytes)\n}\n\n// ============================================================================\n// Order Filtering\n// ============================================================================\n\n/**\n * Filter orders by ASP: only show orders from makers on acceptable ASPs.\n */\nexport function filterOrdersByASP(\n orders: SwapOrderEvent[],\n acceptableAspIds: bigint[]\n): SwapOrderEvent[] {\n const aspSet = new Set(acceptableAspIds.map(id => id.toString()))\n return orders.filter(o => aspSet.has(o.makerAspId.toString()))\n}\n\n/**\n * Filter orders by token pair.\n */\nexport function filterOrdersByTokenPair(\n orders: SwapOrderEvent[],\n sellToken: Address,\n buyToken: Address\n): SwapOrderEvent[] {\n const sell = sellToken.toLowerCase()\n const buy = buyToken.toLowerCase()\n return orders.filter(\n o => o.sellToken.toLowerCase() === sell && o.buyToken.toLowerCase() === buy\n )\n}\n\n/**\n * Check if a filler's ASP is accepted by an order.\n */\nexport function isFillerASPAccepted(order: SwapOrder | SwapOrderEvent, fillerAspId: bigint): boolean {\n const required = 'requiredFillerAspId' in order ? order.requiredFillerAspId : 0n\n return required === 0n || required === fillerAspId\n}\n\n// ============================================================================\n// Cancel Secret Persistence (localStorage)\n// ============================================================================\n\nconst CANCEL_SECRET_PREFIX = 'upp_swap_cancel_'\n\nfunction cancelKey(account: string, orderId: Hex): string {\n return `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_${orderId}`\n}\n\n/**\n * Store a cancel secret in localStorage, scoped by wallet address.\n * Must be called after placing a swap order.\n */\nexport function storeCancelSecret(orderId: Hex, cancelSecret: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.setItem(cancelKey(account, orderId), cancelSecret)\n }\n // Also store unscoped for backward compat\n localStorage.setItem(`${CANCEL_SECRET_PREFIX}${orderId}`, cancelSecret)\n}\n\n/**\n * Retrieve a cancel secret from localStorage.\n * Returns null if not found (e.g. order was placed by someone else).\n */\nexport function getCancelSecret(orderId: Hex, account?: string): Hex | null {\n if (typeof localStorage === 'undefined') return null\n if (account) {\n const scoped = localStorage.getItem(cancelKey(account, orderId))\n if (scoped) return scoped as Hex\n }\n // Fall back to unscoped key\n return localStorage.getItem(`${CANCEL_SECRET_PREFIX}${orderId}`) as Hex | null\n}\n\n/**\n * Remove a cancel secret from localStorage (after claim or cancel).\n */\nexport function removeCancelSecret(orderId: Hex, account?: string): void {\n if (typeof localStorage === 'undefined') return\n if (account) {\n localStorage.removeItem(cancelKey(account, orderId))\n }\n localStorage.removeItem(`${CANCEL_SECRET_PREFIX}${orderId}`)\n}\n\n/**\n * Get all order IDs for a specific wallet address.\n * Falls back to all cancel secrets if no account provided (backward compat).\n */\nexport function getOwnOrderIds(account?: string): Hex[] {\n if (typeof localStorage === 'undefined') return []\n const prefix = account\n ? `${CANCEL_SECRET_PREFIX}${account.toLowerCase()}_`\n : CANCEL_SECRET_PREFIX\n const ids: Hex[] = []\n for (let i = 0; i < localStorage.length; i++) {\n const key = localStorage.key(i)\n if (key?.startsWith(prefix)) {\n ids.push(key.slice(prefix.length) as Hex)\n }\n }\n return ids\n}\n\n// ============================================================================\n// Order Status Helpers\n// ============================================================================\n\n/**\n * Check if an order is still active (not claimed, not cancelled, not expired).\n */\nexport function isOrderActive(order: SwapOrder, currentBlock: bigint): boolean {\n return !order.claimed && !order.cancelled && currentBlock <= order.expiry && order.remainingSellAmount > 0n\n}\n\n/**\n * Compute the total buyToken amount the maker would receive for a full fill.\n */\nexport function computeTotalBuyAmount(sellAmount: bigint, rate: bigint): bigint {\n return computeGiveAmount(sellAmount, rate)\n}\n\n/**\n * Compute fill percentage (0-100) for display.\n */\nexport function computeFillPercentage(order: SwapOrder): number {\n if (order.sellAmount === 0n) return 0\n const filled = order.sellAmount - order.remainingSellAmount\n return Number((filled * 10000n) / order.sellAmount) / 100\n}\n","/**\n * Account Adapter — Pluggable account creation and persistence\n *\n * Abstracts how master keys are derived/loaded/stored.\n * The SDK doesn't care if keys come from a wallet signature,\n * seed phrase, hardware wallet, or external KMS.\n *\n * Persistence is handled via StorageAdapter (IndexedDB, localStorage, etc.)\n */\n\nimport type { MasterKeys, StarkMasterKeys } from '../keys/types.js'\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { toHex } from 'viem'\n\n// ============================================================================\n// Interface\n// ============================================================================\n\n/**\n * Account adapter interface — pluggable key source.\n *\n * Implement this to bring your own key derivation:\n * - StorableAccountAdapter: persists keys via StorageAdapter (built-in)\n * - DirectAccountAdapter: pre-derived keys, no persistence (built-in, for testing)\n * - Custom: seed phrase, hardware wallet, external KMS\n */\nexport interface IAccountAdapter {\n /** Load persisted keys (returns null if no saved account) */\n load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null>\n /** Save keys to storage */\n save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void>\n /** Clear persisted keys */\n clear(): Promise<void>\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\ninterface SerializedAccount {\n version: 3\n spendingSecret: string\n ownerHash: string\n viewingSecret: string\n viewingHash: string\n starkSecret?: string[]\n starkOwnerHash?: string[]\n starkViewingSecret?: string[]\n starkViewingHash?: string[]\n}\n\nfunction serializeAccount(keys: MasterKeys, starkKeys?: StarkMasterKeys): SerializedAccount {\n return {\n version: 3,\n spendingSecret: toHex(keys.spendingSecret, { size: 32 }),\n ownerHash: toHex(keys.ownerHash, { size: 32 }),\n viewingSecret: toHex(keys.viewingSecret, { size: 32 }),\n viewingHash: toHex(keys.viewingHash, { size: 32 }),\n ...(starkKeys ? {\n starkSecret: starkKeys.starkSecret.map(v => v.toString()),\n starkOwnerHash: starkKeys.starkOwnerHash.map(v => v.toString()),\n starkViewingSecret: starkKeys.starkViewingSecret.map(v => v.toString()),\n starkViewingHash: starkKeys.starkViewingHash.map(v => v.toString()),\n } : {}),\n }\n}\n\nfunction deserializeAccount(data: SerializedAccount): { keys: MasterKeys; starkKeys?: StarkMasterKeys } {\n if (data.version !== 3 || !data.spendingSecret) {\n throw new Error('Invalid or outdated account data')\n }\n\n const keys: MasterKeys = {\n spendingSecret: BigInt(data.spendingSecret),\n ownerHash: BigInt(data.ownerHash),\n viewingSecret: BigInt(data.viewingSecret),\n viewingHash: BigInt(data.viewingHash),\n }\n\n let starkKeys: StarkMasterKeys | undefined\n if (data.starkSecret) {\n starkKeys = {\n starkSecret: data.starkSecret.map(s => BigInt(s)) as any,\n starkOwnerHash: data.starkOwnerHash!.map(s => BigInt(s)) as any,\n starkViewingSecret: data.starkViewingSecret!.map(s => BigInt(s)) as any,\n starkViewingHash: data.starkViewingHash!.map(s => BigInt(s)) as any,\n }\n }\n\n return { keys, starkKeys }\n}\n\n// ============================================================================\n// StorableAccountAdapter — persists via StorageAdapter\n// ============================================================================\n\n/**\n * Account adapter that persists keys via a pluggable StorageAdapter.\n *\n * Works with IndexedDB, localStorage, memory, Redis, Postgres — anything\n * that implements StorageAdapter.\n *\n * @example\n * ```ts\n * const storage = createAutoAdapter('upp_account')\n * const adapter = new StorableAccountAdapter(storage, ethAddress)\n * const saved = await adapter.load()\n * if (!saved) {\n * const keys = await deriveKeysFromSignature(sig)\n * await adapter.save(keys, starkKeys)\n * }\n * ```\n */\nexport class StorableAccountAdapter implements IAccountAdapter {\n private storageKey: string\n\n constructor(\n private storage: StorageAdapter,\n ethAddress: string,\n ) {\n this.storageKey = `account_${ethAddress.toLowerCase()}`\n }\n\n async load(): Promise<{ keys: MasterKeys; starkKeys?: StarkMasterKeys } | null> {\n const data = await this.storage.get<SerializedAccount>(this.storageKey)\n if (!data) return null\n try {\n return deserializeAccount(data)\n } catch {\n // Corrupt or outdated — clear it\n await this.storage.delete(this.storageKey)\n return null\n }\n }\n\n async save(keys: MasterKeys, starkKeys?: StarkMasterKeys): Promise<void> {\n const serialized = serializeAccount(keys, starkKeys)\n await this.storage.set(this.storageKey, serialized)\n }\n\n async clear(): Promise<void> {\n await this.storage.delete(this.storageKey)\n }\n}\n\n// ============================================================================\n// DirectAccountAdapter — no persistence (testing, KMS)\n// ============================================================================\n\n/**\n * Direct account adapter — accepts pre-derived keys, no persistence.\n *\n * @example\n * ```ts\n * const adapter = new DirectAccountAdapter(masterKeys, starkKeys)\n * ```\n */\nexport class DirectAccountAdapter implements IAccountAdapter {\n constructor(\n private keys: MasterKeys,\n private starkKeys?: StarkMasterKeys,\n ) {}\n\n async load() {\n return { keys: this.keys, starkKeys: this.starkKeys }\n }\n\n async save(): Promise<void> {\n // No-op — keys are in memory only\n }\n\n async clear(): Promise<void> {\n // No-op\n }\n}\n","/**\n * NoteStore — Single source of truth for note state\n *\n * Framework-agnostic. Uses StorageAdapter for persistence.\n * Handles deduplication, status management, balance calculation.\n *\n * Usage:\n * const store = new NoteStore(createMemoryAdapter())\n * await store.load()\n * store.addNote(note) // returns false if duplicate\n * store.getBalance() // sum of unspent notes\n */\n\nimport type { StorageAdapter } from '../indexer/types.js'\nimport { getAddress } from 'viem'\nimport type { ShieldedNote, NoteStatus, ProofSystem } from './types.js'\n\n// Note: ShieldedNote, NoteStatus, ProofSystem are exported from core/index.ts\n// via `export * from './types.js'`. No re-export here to avoid DTS duplication.\n\n/** Serialized format for storage (bigints as strings) */\ninterface SerializedNote {\n amount: string\n blinding: string\n commitment: string\n ownerSecret: string\n ownerHash: string\n leafIndex: number\n origin: string\n token: string\n txHash?: string\n status: NoteStatus\n timestamp: number\n proofSystem?: ProofSystem\n}\n\nexport interface INoteStore {\n getNotes(): ShieldedNote[]\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[]\n getBalance(token?: string, proofSystem?: ProofSystem): bigint\n addNote(note: ShieldedNote): boolean\n addNotes(notes: ShieldedNote[]): number\n markSpent(commitment: string): void\n unmarkSpent(commitment: string): void\n updateLeafIndex(commitment: string, leafIndex: number): void\n load(): Promise<void>\n persist(): Promise<void>\n clear(): Promise<void>\n onChange(callback: () => void): () => void\n}\n\n// ============================================================================\n// Implementation\n// ============================================================================\n\nexport class NoteStore implements INoteStore {\n private notes: ShieldedNote[] = []\n private commitmentSet = new Set<string>()\n private listeners = new Set<() => void>()\n private dirty = false\n\n constructor(\n private storage: StorageAdapter,\n private storageKey: string = 'notes',\n ) {}\n\n // ---------- Queries ----------\n\n getNotes(): ShieldedNote[] {\n return [...this.notes]\n }\n\n getUnspentNotes(proofSystem?: ProofSystem): ShieldedNote[] {\n let result = this.notes.filter(n => n.status !== 'spent')\n if (proofSystem) {\n result = result.filter(n => (n.proofSystem ?? 'snark') === proofSystem)\n }\n return result\n }\n\n getBalance(token?: string, proofSystem?: ProofSystem): bigint {\n let notes = this.getUnspentNotes(proofSystem)\n if (token) {\n const normalized = token.toLowerCase()\n notes = notes.filter(n => n.token.toLowerCase() === normalized)\n }\n return notes.reduce((sum, n) => sum + n.amount, 0n)\n }\n\n // ---------- Mutations ----------\n\n /**\n * Add a note. Returns false if duplicate (by commitment).\n * Normalizes token and origin addresses.\n */\n addNote(note: ShieldedNote): boolean {\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) return false\n\n // Normalize addresses\n const normalized: ShieldedNote = {\n ...note,\n commitment: note.commitment.toLowerCase(),\n origin: safeGetAddress(note.origin),\n token: safeGetAddress(note.token),\n }\n\n this.notes.push(normalized)\n this.commitmentSet.add(key)\n this.dirty = true\n this.notify()\n return true\n }\n\n /**\n * Add multiple notes. Returns count of actually added (non-duplicate).\n */\n addNotes(notes: ShieldedNote[]): number {\n let added = 0\n for (const note of notes) {\n if (this.addNote(note)) added++\n }\n return added\n }\n\n /**\n * Mark a note as spent (optimistic — syncNotes reconciles via nullifier check).\n */\n markSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status !== 'spent') {\n note.status = 'spent'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Un-mark a note as spent (reconciliation: nullifier not found on-chain).\n */\n unmarkSpent(commitment: string): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.status === 'spent') {\n note.status = 'confirmed'\n this.dirty = true\n this.notify()\n }\n }\n\n /**\n * Update the leafIndex for a note (e.g., after confirming on-chain).\n */\n updateLeafIndex(commitment: string, leafIndex: number): void {\n const key = commitment.toLowerCase()\n const note = this.notes.find(n => n.commitment.toLowerCase() === key)\n if (note && note.leafIndex !== leafIndex) {\n note.leafIndex = leafIndex\n this.dirty = true\n this.notify()\n }\n }\n\n // ---------- Persistence ----------\n\n async load(): Promise<void> {\n const serialized = await this.storage.get<SerializedNote[]>(this.storageKey)\n if (!serialized || !Array.isArray(serialized)) {\n this.notes = []\n this.commitmentSet.clear()\n return\n }\n\n // Deduplicate on load — prevents persisted duplicates from propagating\n this.notes = []\n this.commitmentSet.clear()\n let deduped = 0\n for (const s of serialized) {\n const note = deserializeNote(s)\n const key = note.commitment.toLowerCase()\n if (this.commitmentSet.has(key)) { deduped++; continue }\n this.commitmentSet.add(key)\n this.notes.push(note)\n }\n if (deduped > 0) {\n console.log(`[NoteStore] Removed ${deduped} duplicate notes on load`)\n this.dirty = true // will persist the cleaned version\n } else {\n this.dirty = false\n }\n }\n\n async persist(): Promise<void> {\n if (!this.dirty) return\n const serialized = this.notes.map(serializeNote)\n await this.storage.set(this.storageKey, serialized)\n this.dirty = false\n }\n\n async clear(): Promise<void> {\n this.notes = []\n this.commitmentSet.clear()\n this.dirty = false\n await this.storage.delete(this.storageKey)\n this.notify()\n }\n\n // ---------- Events ----------\n\n onChange(callback: () => void): () => void {\n this.listeners.add(callback)\n return () => this.listeners.delete(callback)\n }\n\n private notify(): void {\n for (const listener of this.listeners) {\n listener()\n }\n }\n}\n\n// ============================================================================\n// Serialization\n// ============================================================================\n\nfunction serializeNote(note: ShieldedNote): SerializedNote {\n return {\n ...note,\n amount: note.amount.toString(),\n blinding: note.blinding.toString(),\n }\n}\n\nfunction deserializeNote(s: SerializedNote): ShieldedNote {\n return {\n ...s,\n amount: BigInt(s.amount),\n blinding: BigInt(s.blinding),\n proofSystem: s.proofSystem ?? 'snark',\n }\n}\n\nfunction safeGetAddress(addr: string): string {\n try {\n return getAddress(addr)\n } catch {\n return addr // return as-is if not a valid address (e.g., bigint-encoded origin)\n }\n}\n"]}
package/dist/{chunk-EHGH6TAW.js → chunk-37RFFZU2.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { init_crypto } from './chunk-UQIM2KT3.js';
1
+ import { init_crypto } from './chunk-4E23V3AT.js';
2
2
  import { init_poseidon, BABYJUBJUB_SUBORDER } from './chunk-5QSSX3KR.js';
3
3
 
4
4
  // src/utils/index.ts
@@ -96,5 +96,5 @@ async function deriveDecryptionViewingKey(masterViewingPrivKey, masterViewingPub
96
96
  init_crypto();
97
97
 
98
98
  export { addPoints, computeSharedSecret, deriveDecryptionViewingKey, deriveEncryptionViewingKey, getBasePoint, getSubOrder, isOnCurve, mulPointScalar, packPoint, pointToTuple, privateToPublic, tupleToPoint };
99
- //# sourceMappingURL=chunk-EHGH6TAW.js.map
100
- //# sourceMappingURL=chunk-EHGH6TAW.js.map
99
+ //# sourceMappingURL=chunk-37RFFZU2.js.map
100
+ //# sourceMappingURL=chunk-37RFFZU2.js.map
package/dist/{chunk-EHGH6TAW.js.map → chunk-37RFFZU2.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/utils/index.ts","../src/utils/babyjubjub.ts"],"names":["poseidonScalar"],"mappings":";;;;AAKA,aAAA,EAAA;;;ACKA,aAAA,EAAA;AA+BA,IAAI,eAAA,GAAqC,IAAA;AAKzC,eAAe,WAAA,GAAmC;AAChD,EAAA,IAAI,oBAAoB,IAAA,EAAM;AAC5B,IAAA,MAAM,EAAE,YAAA,EAAa,GAAI,MAAM,OAAO,aAAa,CAAA;AACnD,IAAA,eAAA,GAAkB,MAAM,YAAA,EAAa;AAAA,EACvC;AACA,EAAA,OAAO,eAAA;AACT;AAKA,eAAsB,WAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO,OAAA,CAAQ,QAAA;AACjB;AAKA,eAAsB,YAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtC,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC;AAAA,GACxC;AACF;AAKA,eAAsB,UAAU,KAAA,EAAgC;AAC9D,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAC5D,EAAA,OAAO,OAAA,CAAQ,QAAQ,QAAQ,CAAA;AACjC;AASA,eAAsB,cAAA,CAAe,OAAc,MAAA,EAAgC;AACjF,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAG5D,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,QAAA,EAAU,MAAM,CAAA;AAEvD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAKA,eAAsB,SAAA,CAAU,IAAW,EAAA,EAA2B;AACpE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AACvD,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,SAAA,EAAW,SAAS,CAAA;AAEpD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AASA,eAAsB,gBAAgB,UAAA,EAAoC;AACxE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,aAAa,OAAA,CAAQ,QAAA;AAGpC,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAE5D,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAUA,eAAsB,mBAAA,CACpB,cACA,cAAA,EACgB;AAChB,EAAA,OAAO,cAAA,CAAe,gBAAgB,YAAY,CAAA;AACpD;AAMO,SAAS,UAAU,KAAA,EAAsB;AAE9C,EAAA,MAAM,KAAA,GAAQ,MAAM,CAAA,GAAI,EAAA;AACxB,EAAA,OAAO,KAAA,CAAM,IAAK,KAAA,IAAS,IAAA;AAC7B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,CAAC,KAAA,CAAM,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA;AAC1B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,EAAE,GAAG,KAAA,CAAM,CAAC,GAAG,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA,EAAE;AACpC;AA2LA,eAAsB,0BAAA,CACpB,qBACA,KAAA,EACgB;AAEhB,EAAA,MAAM,EAAE,cAAA,EAAAA,eAAAA,EAAe,GAAI,MAAM,OAAO,wBAAe,CAAA;AAEvD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,MAAMA,eAAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAG5D,EAAA,MAAM,WAAA,GAAc;AAAA,IAClB,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC,CAAA;AAAA,IACjC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC;AAAA,GACnC;AAGA,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,WAAA,EAAa,MAAM,CAAA;AAEnD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAeA,eAAsB,0BAAA,CACpB,oBAAA,EACA,mBAAA,EACA,KAAA,EACiB;AAEjB,EAAA,MAAM,EAAE,cAAA,EAAAA,eAAAA,EAAe,GAAI,MAAM,OAAO,wBAAe,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,MAAMA,eAAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,OAAA,CAAQ,uBAAuB,MAAA,IAAU,mBAAA;AAC3C;;;AD5XA,WAAA,EAAA","file":"chunk-EHGH6TAW.js","sourcesContent":["/**\n * Utility functions for UPP SDK\n */\n\n// Poseidon hash\nexport {\n poseidon,\n poseidonHash,\n poseidonScalar,\n FIELD_PRIME,\n BABYJUBJUB_SUBORDER,\n addressToField,\n fieldToAddress,\n isValidFieldElement,\n toFieldElement,\n} from './poseidon.js'\n\n// BabyJubJub curve operations\nexport {\n type Point,\n getSubOrder,\n getBasePoint,\n isOnCurve,\n mulPointScalar,\n addPoints,\n privateToPublic,\n computeSharedSecret,\n packPoint,\n pointToTuple,\n tupleToPoint,\n deriveEncryptionViewingKey,\n deriveDecryptionViewingKey,\n} from './babyjubjub.js'\n\n// Merkle tree\nexport {\n MerkleTree,\n buildMerkleTree,\n getMerkleProof,\n verifyMerkleProof,\n type MerkleProof,\n MAX_TREE_DEPTH,\n} from './merkle.js'\n\n// Crypto utilities\nexport {\n randomBytes,\n randomFieldElement,\n bytesToHex,\n hexToBytes,\n bigintToBytes,\n bytesToBigint,\n} from './crypto.js'\n\n// STARK utilities (amount scaling, witness building, Fiat-Shamir)\nexport {\n STARK_AMOUNT_SCALE,\n STARK_STATE_TREE_DEPTH,\n STARK_ASP_TREE_DEPTH,\n isStarkAligned,\n scaleAmountForStark,\n truncateToM31,\n addressToM31,\n splitSecretToM31Limbs,\n packM31Digest,\n computeWithdrawPublicInputsSeed,\n computeTransferPublicInputsSeed,\n buildStarkWithdrawWitness,\n buildStarkTransferWitness,\n type StarkWithdrawWitness,\n type StarkTransferWitness,\n} from './stark.js'\n\n// Keccak-M31 hashing (STARK)\nexport {\n keccakM31,\n keccakHashTwo,\n computeStarkOwnerHash,\n computeStarkCommitment,\n computeStarkNullifier,\n splitToM31Limbs,\n M31_P,\n DIGEST_SIZE,\n SECRET_LIMBS,\n type M31Digest,\n type M31Secret,\n} from './keccak-m31.js'\n","/**\n * BabyJubJub Elliptic Curve Utilities\n *\n * Wrapper around circomlibjs BabyJubJub implementation.\n * Used for stealth addresses, key derivation, and ECDH.\n *\n * BabyJubJub is a twisted Edwards curve embedded in BN254's scalar field,\n * making it efficient for use in zk-SNARKs.\n */\n\nimport { BABYJUBJUB_SUBORDER } from './poseidon.js'\n\n/**\n * A point on the BabyJubJub curve\n */\nexport interface Point {\n x: bigint\n y: bigint\n}\n\n/**\n * Internal BabyJubJub field type from circomlibjs\n */\ntype BabyJubJubField = {\n e: (val: bigint) => unknown\n toObject: (val: unknown) => bigint\n}\n\n/**\n * BabyJubJub instance type from circomlibjs\n */\ntype BabyJubJub = {\n F: BabyJubJubField\n Base8: [unknown, unknown]\n subOrder: bigint\n mulPointEscalar: (p: [unknown, unknown], scalar: bigint) => [unknown, unknown]\n addPoint: (p1: [unknown, unknown], p2: [unknown, unknown]) => [unknown, unknown]\n inCurve: (p: [unknown, unknown]) => boolean\n}\n\n// Lazily initialized BabyJubJub instance\nlet babyjubInstance: BabyJubJub | null = null\n\n/**\n * Initialize BabyJubJub curve (lazy loading)\n */\nasync function initBabyJub(): Promise<BabyJubJub> {\n if (babyjubInstance === null) {\n const { buildBabyjub } = await import('circomlibjs')\n babyjubInstance = await buildBabyjub() as BabyJubJub\n }\n return babyjubInstance as BabyJubJub\n}\n\n/**\n * Get the BabyJubJub subgroup order\n */\nexport async function getSubOrder(): Promise<bigint> {\n const babyjub = await initBabyJub()\n return babyjub.subOrder\n}\n\n/**\n * Get the generator point (Base8)\n */\nexport async function getBasePoint(): Promise<Point> {\n const babyjub = await initBabyJub()\n return {\n x: babyjub.F.toObject(babyjub.Base8[0]),\n y: babyjub.F.toObject(babyjub.Base8[1]),\n }\n}\n\n/**\n * Check if a point is on the curve\n */\nexport async function isOnCurve(point: Point): Promise<boolean> {\n const babyjub = await initBabyJub()\n const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n return babyjub.inCurve(internal)\n}\n\n/**\n * Scalar multiplication: point * scalar\n *\n * @param point - Point on the curve\n * @param scalar - Scalar value (mod subOrder)\n * @returns Resulting point\n */\nexport async function mulPointScalar(point: Point, scalar: bigint): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Convert to internal format\n const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n\n // Perform scalar multiplication\n const result = babyjub.mulPointEscalar(internal, scalar)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Point addition: p1 + p2\n */\nexport async function addPoints(p1: Point, p2: Point): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Convert to internal format\n const internal1 = [babyjub.F.e(p1.x), babyjub.F.e(p1.y)] as [unknown, unknown]\n const internal2 = [babyjub.F.e(p2.x), babyjub.F.e(p2.y)] as [unknown, unknown]\n\n // Add points\n const result = babyjub.addPoint(internal1, internal2)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Generate public key from private key\n * pubKey = privateKey * Base8\n *\n * @param privateKey - Private key scalar (must be < subOrder)\n * @returns Public key point\n */\nexport async function privateToPublic(privateKey: bigint): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Ensure private key is in valid range\n const scalar = privateKey % babyjub.subOrder\n\n // pubKey = scalar * Base8\n const result = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Compute ECDH shared secret\n * sharedSecret = myPrivateKey * theirPublicKey\n *\n * @param myPrivateKey - Your private key\n * @param theirPublicKey - Their public key\n * @returns Shared secret point\n */\nexport async function computeSharedSecret(\n myPrivateKey: bigint,\n theirPublicKey: Point\n): Promise<Point> {\n return mulPointScalar(theirPublicKey, myPrivateKey)\n}\n\n/**\n * Pack a point into a single bigint (compressed form)\n * Uses the x-coordinate and a sign bit for y\n */\nexport function packPoint(point: Point): bigint {\n // Use x-coordinate with y sign bit in high position\n const ySign = point.y % 2n\n return point.x | (ySign << 254n)\n}\n\n/**\n * Convert a point to tuple format [x, y] for use with snarkjs\n */\nexport function pointToTuple(point: Point): [bigint, bigint] {\n return [point.x, point.y]\n}\n\n/**\n * Convert a tuple [x, y] to Point format\n */\nexport function tupleToPoint(tuple: [bigint, bigint]): Point {\n return { x: tuple[0], y: tuple[1] }\n}\n\n// BabyJubJub curve parameters\n// Curve: a*x² + y² = 1 + d*x²*y²\nconst BABYJUBJUB_A = 168700n\nconst BABYJUBJUB_D = 168696n\n// Field prime (BN254 scalar field)\nconst BABYJUBJUB_P = 21888242871839275222246405745257275088548364400416034343698204186575808495617n\n\n/**\n * Modular exponentiation: base^exp mod p\n */\nfunction modPow(base: bigint, exp: bigint, p: bigint): bigint {\n let result = 1n\n base = ((base % p) + p) % p\n while (exp > 0n) {\n if (exp % 2n === 1n) {\n result = (result * base) % p\n }\n exp = exp / 2n\n base = (base * base) % p\n }\n return result\n}\n\n/**\n * Modular inverse using Fermat's little theorem: a^(-1) = a^(p-2) mod p\n */\nfunction modInverse(a: bigint, p: bigint): bigint {\n return modPow(a, p - 2n, p)\n}\n\n/**\n * Tonelli-Shanks algorithm for modular square root\n * Returns sqrt(n) mod p, or null if no square root exists\n */\nfunction modSqrt(n: bigint, p: bigint): bigint | null {\n n = ((n % p) + p) % p\n if (n === 0n) return 0n\n\n // Check if n is a quadratic residue (Euler's criterion)\n if (modPow(n, (p - 1n) / 2n, p) !== 1n) {\n return null // No square root exists\n }\n\n // For p ≡ 3 (mod 4), sqrt(n) = n^((p+1)/4) mod p\n // BN254 scalar field: p ≡ 1 (mod 4), so we need Tonelli-Shanks\n\n // Factor out powers of 2 from p - 1\n let q = p - 1n\n let s = 0n\n while (q % 2n === 0n) {\n q = q / 2n\n s++\n }\n\n // Find a quadratic non-residue\n let z = 2n\n while (modPow(z, (p - 1n) / 2n, p) !== p - 1n) {\n z++\n }\n\n let m = s\n let c = modPow(z, q, p)\n let t = modPow(n, q, p)\n let r = modPow(n, (q + 1n) / 2n, p)\n\n while (true) {\n if (t === 1n) return r\n\n // Find the least i such that t^(2^i) = 1\n let i = 1n\n let temp = (t * t) % p\n while (temp !== 1n) {\n temp = (temp * temp) % p\n i++\n }\n\n // Update values\n const b = modPow(c, modPow(2n, m - i - 1n, p - 1n), p)\n m = i\n c = (b * b) % p\n t = (t * c) % p\n r = (r * b) % p\n }\n}\n\n/**\n * Reconstruct a BabyJubJub point from its x-coordinate\n *\n * BabyJubJub curve equation: a*x² + y² = 1 + d*x²*y²\n * Solving for y²: y² = (1 - a*x²) / (1 - d*x²)\n *\n * Returns the point with the smaller y value (canonical form),\n * or null if x is not on the curve.\n *\n * @param x - The x-coordinate\n * @returns Point with the given x, or null if invalid\n */\nexport async function reconstructPointFromX(x: bigint): Promise<Point | null> {\n const p = BABYJUBJUB_P\n x = ((x % p) + p) % p\n\n // Compute x²\n const x2 = (x * x) % p\n\n // Compute numerator: 1 - a*x²\n const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n\n // Compute denominator: 1 - d*x²\n const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n if (denominator === 0n) {\n return null // Division by zero\n }\n\n // Compute y² = numerator / denominator\n const y2 = (numerator * modInverse(denominator, p)) % p\n\n // Compute y = sqrt(y²)\n const y = modSqrt(y2, p)\n if (y === null) {\n return null // x is not on the curve\n }\n\n // Return the point with smaller y (canonical form)\n const yAlt = p - y\n const yCanonical = y < yAlt ? y : yAlt\n\n const point = { x, y: yCanonical }\n\n // Verify the point is actually on the curve\n if (!(await isOnCurve(point))) {\n // Try the other y\n const pointAlt = { x, y: y < yAlt ? yAlt : y }\n if (!(await isOnCurve(pointAlt))) {\n return null\n }\n return pointAlt\n }\n\n return point\n}\n\n/**\n * Reconstruct a BabyJubJub point from x-coordinate and y parity bit\n *\n * @param x - The x-coordinate\n * @param yParity - 0 for even y, 1 for odd y\n * @returns Point with matching parity, or null if invalid\n */\nexport async function reconstructPointFromXWithParity(\n x: bigint,\n yParity: 0 | 1\n): Promise<Point | null> {\n const p = BABYJUBJUB_P\n x = ((x % p) + p) % p\n\n const x2 = (x * x) % p\n const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n if (denominator === 0n) return null\n\n const y2 = (numerator * modInverse(denominator, p)) % p\n const y = modSqrt(y2, p)\n if (y === null) return null\n\n // Select y based on parity\n const actualParity = Number(y % 2n)\n const finalY = actualParity === yParity ? y : p - y\n\n return { x, y: finalY }\n}\n\n/**\n * Derive a per-transaction viewing public key (EVK)\n *\n * EVK = MVK_pub + Poseidon(MVK_pub.x, MVK_pub.y, nonce) * Base8\n *\n * This allows the sender to derive a unique encryption key for each transaction\n * without knowing the recipient's private key.\n *\n * @param masterViewingPubKey - Recipient's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction encryption viewing key\n */\nexport async function deriveEncryptionViewingKey(\n masterViewingPubKey: Point,\n nonce: bigint\n): Promise<Point> {\n // Import poseidonScalar to avoid circular dependency\n const { poseidonScalar } = await import('./poseidon.js')\n\n const babyjub = await initBabyJub()\n\n // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n // Compute offset: scalar * Base8\n const offset = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n // Convert MVK_pub to internal format\n const mvkInternal = [\n babyjub.F.e(masterViewingPubKey.x),\n babyjub.F.e(masterViewingPubKey.y),\n ] as [unknown, unknown]\n\n // EVK = MVK_pub + offset\n const result = babyjub.addPoint(mvkInternal, offset)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Derive a per-transaction viewing private key (DVK)\n *\n * DVK = MVK_priv + Poseidon(MVK_pub.x, MVK_pub.y, nonce)\n *\n * Only the owner with MVK_priv can compute this.\n * DVK can be shared with auditors to decrypt specific transactions.\n *\n * @param masterViewingPrivKey - Owner's master viewing private key\n * @param masterViewingPubKey - Owner's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction decryption viewing key\n */\nexport async function deriveDecryptionViewingKey(\n masterViewingPrivKey: bigint,\n masterViewingPubKey: Point,\n nonce: bigint\n): Promise<bigint> {\n // Import poseidonScalar to avoid circular dependency\n const { poseidonScalar } = await import('./poseidon.js')\n\n // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n // DVK = MVK_priv + scalar (mod subOrder)\n return (masterViewingPrivKey + scalar) % BABYJUBJUB_SUBORDER\n}\n\n"]}
1
+ {"version":3,"sources":["../src/utils/index.ts","../src/utils/babyjubjub.ts"],"names":["poseidonScalar"],"mappings":";;;;AAKA,aAAA,EAAA;;;ACKA,aAAA,EAAA;AA+BA,IAAI,eAAA,GAAqC,IAAA;AAKzC,eAAe,WAAA,GAAmC;AAChD,EAAA,IAAI,oBAAoB,IAAA,EAAM;AAC5B,IAAA,MAAM,EAAE,YAAA,EAAa,GAAI,MAAM,OAAO,aAAa,CAAA;AACnD,IAAA,eAAA,GAAkB,MAAM,YAAA,EAAa;AAAA,EACvC;AACA,EAAA,OAAO,eAAA;AACT;AAKA,eAAsB,WAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO,OAAA,CAAQ,QAAA;AACjB;AAKA,eAAsB,YAAA,GAA+B;AACnD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,IACtC,GAAG,OAAA,CAAQ,CAAA,CAAE,SAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAC;AAAA,GACxC;AACF;AAKA,eAAsB,UAAU,KAAA,EAAgC;AAC9D,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAClC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAC5D,EAAA,OAAO,OAAA,CAAQ,QAAQ,QAAQ,CAAA;AACjC;AASA,eAAsB,cAAA,CAAe,OAAc,MAAA,EAAgC;AACjF,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,QAAA,GAAW,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,KAAA,CAAM,CAAC,CAAC,CAAA;AAG5D,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,QAAA,EAAU,MAAM,CAAA;AAEvD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAKA,eAAsB,SAAA,CAAU,IAAW,EAAA,EAA2B;AACpE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AACvD,EAAA,MAAM,SAAA,GAAY,CAAC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAA,EAAG,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,EAAA,CAAG,CAAC,CAAC,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,SAAA,EAAW,SAAS,CAAA;AAEpD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AASA,eAAsB,gBAAgB,UAAA,EAAoC;AACxE,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,aAAa,OAAA,CAAQ,QAAA;AAGpC,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAE5D,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAUA,eAAsB,mBAAA,CACpB,cACA,cAAA,EACgB;AAChB,EAAA,OAAO,cAAA,CAAe,gBAAgB,YAAY,CAAA;AACpD;AAMO,SAAS,UAAU,KAAA,EAAsB;AAE9C,EAAA,MAAM,KAAA,GAAQ,MAAM,CAAA,GAAI,EAAA;AACxB,EAAA,OAAO,KAAA,CAAM,IAAK,KAAA,IAAS,IAAA;AAC7B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,CAAC,KAAA,CAAM,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA;AAC1B;AAKO,SAAS,aAAa,KAAA,EAAgC;AAC3D,EAAA,OAAO,EAAE,GAAG,KAAA,CAAM,CAAC,GAAG,CAAA,EAAG,KAAA,CAAM,CAAC,CAAA,EAAE;AACpC;AA2LA,eAAsB,0BAAA,CACpB,qBACA,KAAA,EACgB;AAEhB,EAAA,MAAM,EAAE,cAAA,EAAAA,eAAAA,EAAe,GAAI,MAAM,OAAO,wBAAe,CAAA;AAEvD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,EAAY;AAGlC,EAAA,MAAM,MAAA,GAAS,MAAMA,eAAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,eAAA,CAAgB,OAAA,CAAQ,OAAO,MAAM,CAAA;AAG5D,EAAA,MAAM,WAAA,GAAc;AAAA,IAClB,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC,CAAA;AAAA,IACjC,OAAA,CAAQ,CAAA,CAAE,CAAA,CAAE,mBAAA,CAAoB,CAAC;AAAA,GACnC;AAGA,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,QAAA,CAAS,WAAA,EAAa,MAAM,CAAA;AAEnD,EAAA,OAAO;AAAA,IACL,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC/B,GAAG,OAAA,CAAQ,CAAA,CAAE,QAAA,CAAS,MAAA,CAAO,CAAC,CAAC;AAAA,GACjC;AACF;AAeA,eAAsB,0BAAA,CACpB,oBAAA,EACA,mBAAA,EACA,KAAA,EACiB;AAEjB,EAAA,MAAM,EAAE,cAAA,EAAAA,eAAAA,EAAe,GAAI,MAAM,OAAO,wBAAe,CAAA;AAGvD,EAAA,MAAM,MAAA,GAAS,MAAMA,eAAAA,CAAe,CAAC,oBAAoB,CAAA,EAAG,mBAAA,CAAoB,CAAA,EAAG,KAAK,CAAC,CAAA;AAGzF,EAAA,OAAA,CAAQ,uBAAuB,MAAA,IAAU,mBAAA;AAC3C;;;AD5XA,WAAA,EAAA","file":"chunk-37RFFZU2.js","sourcesContent":["/**\n * Utility functions for UPP SDK\n */\n\n// Poseidon hash\nexport {\n poseidon,\n poseidonHash,\n poseidonScalar,\n FIELD_PRIME,\n BABYJUBJUB_SUBORDER,\n addressToField,\n fieldToAddress,\n isValidFieldElement,\n toFieldElement,\n} from './poseidon.js'\n\n// BabyJubJub curve operations\nexport {\n type Point,\n getSubOrder,\n getBasePoint,\n isOnCurve,\n mulPointScalar,\n addPoints,\n privateToPublic,\n computeSharedSecret,\n packPoint,\n pointToTuple,\n tupleToPoint,\n deriveEncryptionViewingKey,\n deriveDecryptionViewingKey,\n} from './babyjubjub.js'\n\n// Merkle tree\nexport {\n MerkleTree,\n buildMerkleTree,\n getMerkleProof,\n verifyMerkleProof,\n type MerkleProof,\n MAX_TREE_DEPTH,\n} from './merkle.js'\n\n// Crypto utilities\nexport {\n randomBytes,\n randomFieldElement,\n bytesToHex,\n hexToBytes,\n bigintToBytes,\n bytesToBigint,\n} from './crypto.js'\n\n// STARK utilities (amount scaling, witness building, Fiat-Shamir)\nexport {\n STARK_AMOUNT_SCALE,\n STARK_STATE_TREE_DEPTH,\n STARK_ASP_TREE_DEPTH,\n isStarkAligned,\n scaleAmountForStark,\n truncateToM31,\n addressToM31,\n splitSecretToM31Limbs,\n packM31Digest,\n computeWithdrawPublicInputsSeed,\n computeTransferPublicInputsSeed,\n buildStarkWithdrawWitness,\n buildStarkTransferWitness,\n type StarkWithdrawWitness,\n type StarkTransferWitness,\n} from './stark.js'\n\n// Keccak-M31 hashing (STARK)\nexport {\n keccakM31,\n keccakHashTwo,\n computeStarkOwnerHash,\n computeStarkCommitment,\n computeStarkNullifier,\n splitToM31Limbs,\n M31_P,\n DIGEST_SIZE,\n SECRET_LIMBS,\n type M31Digest,\n type M31Secret,\n} from './keccak-m31.js'\n","/**\n * BabyJubJub Elliptic Curve Utilities\n *\n * Wrapper around circomlibjs BabyJubJub implementation.\n * Used for stealth addresses, key derivation, and ECDH.\n *\n * BabyJubJub is a twisted Edwards curve embedded in BN254's scalar field,\n * making it efficient for use in zk-SNARKs.\n */\n\nimport { BABYJUBJUB_SUBORDER } from './poseidon.js'\n\n/**\n * A point on the BabyJubJub curve\n */\nexport interface Point {\n x: bigint\n y: bigint\n}\n\n/**\n * Internal BabyJubJub field type from circomlibjs\n */\ntype BabyJubJubField = {\n e: (val: bigint) => unknown\n toObject: (val: unknown) => bigint\n}\n\n/**\n * BabyJubJub instance type from circomlibjs\n */\ntype BabyJubJub = {\n F: BabyJubJubField\n Base8: [unknown, unknown]\n subOrder: bigint\n mulPointEscalar: (p: [unknown, unknown], scalar: bigint) => [unknown, unknown]\n addPoint: (p1: [unknown, unknown], p2: [unknown, unknown]) => [unknown, unknown]\n inCurve: (p: [unknown, unknown]) => boolean\n}\n\n// Lazily initialized BabyJubJub instance\nlet babyjubInstance: BabyJubJub | null = null\n\n/**\n * Initialize BabyJubJub curve (lazy loading)\n */\nasync function initBabyJub(): Promise<BabyJubJub> {\n if (babyjubInstance === null) {\n const { buildBabyjub } = await import('circomlibjs')\n babyjubInstance = await buildBabyjub() as BabyJubJub\n }\n return babyjubInstance as BabyJubJub\n}\n\n/**\n * Get the BabyJubJub subgroup order\n */\nexport async function getSubOrder(): Promise<bigint> {\n const babyjub = await initBabyJub()\n return babyjub.subOrder\n}\n\n/**\n * Get the generator point (Base8)\n */\nexport async function getBasePoint(): Promise<Point> {\n const babyjub = await initBabyJub()\n return {\n x: babyjub.F.toObject(babyjub.Base8[0]),\n y: babyjub.F.toObject(babyjub.Base8[1]),\n }\n}\n\n/**\n * Check if a point is on the curve\n */\nexport async function isOnCurve(point: Point): Promise<boolean> {\n const babyjub = await initBabyJub()\n const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n return babyjub.inCurve(internal)\n}\n\n/**\n * Scalar multiplication: point * scalar\n *\n * @param point - Point on the curve\n * @param scalar - Scalar value (mod subOrder)\n * @returns Resulting point\n */\nexport async function mulPointScalar(point: Point, scalar: bigint): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Convert to internal format\n const internal = [babyjub.F.e(point.x), babyjub.F.e(point.y)] as [unknown, unknown]\n\n // Perform scalar multiplication\n const result = babyjub.mulPointEscalar(internal, scalar)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Point addition: p1 + p2\n */\nexport async function addPoints(p1: Point, p2: Point): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Convert to internal format\n const internal1 = [babyjub.F.e(p1.x), babyjub.F.e(p1.y)] as [unknown, unknown]\n const internal2 = [babyjub.F.e(p2.x), babyjub.F.e(p2.y)] as [unknown, unknown]\n\n // Add points\n const result = babyjub.addPoint(internal1, internal2)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Generate public key from private key\n * pubKey = privateKey * Base8\n *\n * @param privateKey - Private key scalar (must be < subOrder)\n * @returns Public key point\n */\nexport async function privateToPublic(privateKey: bigint): Promise<Point> {\n const babyjub = await initBabyJub()\n\n // Ensure private key is in valid range\n const scalar = privateKey % babyjub.subOrder\n\n // pubKey = scalar * Base8\n const result = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Compute ECDH shared secret\n * sharedSecret = myPrivateKey * theirPublicKey\n *\n * @param myPrivateKey - Your private key\n * @param theirPublicKey - Their public key\n * @returns Shared secret point\n */\nexport async function computeSharedSecret(\n myPrivateKey: bigint,\n theirPublicKey: Point\n): Promise<Point> {\n return mulPointScalar(theirPublicKey, myPrivateKey)\n}\n\n/**\n * Pack a point into a single bigint (compressed form)\n * Uses the x-coordinate and a sign bit for y\n */\nexport function packPoint(point: Point): bigint {\n // Use x-coordinate with y sign bit in high position\n const ySign = point.y % 2n\n return point.x | (ySign << 254n)\n}\n\n/**\n * Convert a point to tuple format [x, y] for use with snarkjs\n */\nexport function pointToTuple(point: Point): [bigint, bigint] {\n return [point.x, point.y]\n}\n\n/**\n * Convert a tuple [x, y] to Point format\n */\nexport function tupleToPoint(tuple: [bigint, bigint]): Point {\n return { x: tuple[0], y: tuple[1] }\n}\n\n// BabyJubJub curve parameters\n// Curve: a*x² + y² = 1 + d*x²*y²\nconst BABYJUBJUB_A = 168700n\nconst BABYJUBJUB_D = 168696n\n// Field prime (BN254 scalar field)\nconst BABYJUBJUB_P = 21888242871839275222246405745257275088548364400416034343698204186575808495617n\n\n/**\n * Modular exponentiation: base^exp mod p\n */\nfunction modPow(base: bigint, exp: bigint, p: bigint): bigint {\n let result = 1n\n base = ((base % p) + p) % p\n while (exp > 0n) {\n if (exp % 2n === 1n) {\n result = (result * base) % p\n }\n exp = exp / 2n\n base = (base * base) % p\n }\n return result\n}\n\n/**\n * Modular inverse using Fermat's little theorem: a^(-1) = a^(p-2) mod p\n */\nfunction modInverse(a: bigint, p: bigint): bigint {\n return modPow(a, p - 2n, p)\n}\n\n/**\n * Tonelli-Shanks algorithm for modular square root\n * Returns sqrt(n) mod p, or null if no square root exists\n */\nfunction modSqrt(n: bigint, p: bigint): bigint | null {\n n = ((n % p) + p) % p\n if (n === 0n) return 0n\n\n // Check if n is a quadratic residue (Euler's criterion)\n if (modPow(n, (p - 1n) / 2n, p) !== 1n) {\n return null // No square root exists\n }\n\n // For p ≡ 3 (mod 4), sqrt(n) = n^((p+1)/4) mod p\n // BN254 scalar field: p ≡ 1 (mod 4), so we need Tonelli-Shanks\n\n // Factor out powers of 2 from p - 1\n let q = p - 1n\n let s = 0n\n while (q % 2n === 0n) {\n q = q / 2n\n s++\n }\n\n // Find a quadratic non-residue\n let z = 2n\n while (modPow(z, (p - 1n) / 2n, p) !== p - 1n) {\n z++\n }\n\n let m = s\n let c = modPow(z, q, p)\n let t = modPow(n, q, p)\n let r = modPow(n, (q + 1n) / 2n, p)\n\n while (true) {\n if (t === 1n) return r\n\n // Find the least i such that t^(2^i) = 1\n let i = 1n\n let temp = (t * t) % p\n while (temp !== 1n) {\n temp = (temp * temp) % p\n i++\n }\n\n // Update values\n const b = modPow(c, modPow(2n, m - i - 1n, p - 1n), p)\n m = i\n c = (b * b) % p\n t = (t * c) % p\n r = (r * b) % p\n }\n}\n\n/**\n * Reconstruct a BabyJubJub point from its x-coordinate\n *\n * BabyJubJub curve equation: a*x² + y² = 1 + d*x²*y²\n * Solving for y²: y² = (1 - a*x²) / (1 - d*x²)\n *\n * Returns the point with the smaller y value (canonical form),\n * or null if x is not on the curve.\n *\n * @param x - The x-coordinate\n * @returns Point with the given x, or null if invalid\n */\nexport async function reconstructPointFromX(x: bigint): Promise<Point | null> {\n const p = BABYJUBJUB_P\n x = ((x % p) + p) % p\n\n // Compute x²\n const x2 = (x * x) % p\n\n // Compute numerator: 1 - a*x²\n const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n\n // Compute denominator: 1 - d*x²\n const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n if (denominator === 0n) {\n return null // Division by zero\n }\n\n // Compute y² = numerator / denominator\n const y2 = (numerator * modInverse(denominator, p)) % p\n\n // Compute y = sqrt(y²)\n const y = modSqrt(y2, p)\n if (y === null) {\n return null // x is not on the curve\n }\n\n // Return the point with smaller y (canonical form)\n const yAlt = p - y\n const yCanonical = y < yAlt ? y : yAlt\n\n const point = { x, y: yCanonical }\n\n // Verify the point is actually on the curve\n if (!(await isOnCurve(point))) {\n // Try the other y\n const pointAlt = { x, y: y < yAlt ? yAlt : y }\n if (!(await isOnCurve(pointAlt))) {\n return null\n }\n return pointAlt\n }\n\n return point\n}\n\n/**\n * Reconstruct a BabyJubJub point from x-coordinate and y parity bit\n *\n * @param x - The x-coordinate\n * @param yParity - 0 for even y, 1 for odd y\n * @returns Point with matching parity, or null if invalid\n */\nexport async function reconstructPointFromXWithParity(\n x: bigint,\n yParity: 0 | 1\n): Promise<Point | null> {\n const p = BABYJUBJUB_P\n x = ((x % p) + p) % p\n\n const x2 = (x * x) % p\n const numerator = ((1n - BABYJUBJUB_A * x2) % p + p) % p\n const denominator = ((1n - BABYJUBJUB_D * x2) % p + p) % p\n\n if (denominator === 0n) return null\n\n const y2 = (numerator * modInverse(denominator, p)) % p\n const y = modSqrt(y2, p)\n if (y === null) return null\n\n // Select y based on parity\n const actualParity = Number(y % 2n)\n const finalY = actualParity === yParity ? y : p - y\n\n return { x, y: finalY }\n}\n\n/**\n * Derive a per-transaction viewing public key (EVK)\n *\n * EVK = MVK_pub + Poseidon(MVK_pub.x, MVK_pub.y, nonce) * Base8\n *\n * This allows the sender to derive a unique encryption key for each transaction\n * without knowing the recipient's private key.\n *\n * @param masterViewingPubKey - Recipient's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction encryption viewing key\n */\nexport async function deriveEncryptionViewingKey(\n masterViewingPubKey: Point,\n nonce: bigint\n): Promise<Point> {\n // Import poseidonScalar to avoid circular dependency\n const { poseidonScalar } = await import('./poseidon.js')\n\n const babyjub = await initBabyJub()\n\n // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n // Compute offset: scalar * Base8\n const offset = babyjub.mulPointEscalar(babyjub.Base8, scalar)\n\n // Convert MVK_pub to internal format\n const mvkInternal = [\n babyjub.F.e(masterViewingPubKey.x),\n babyjub.F.e(masterViewingPubKey.y),\n ] as [unknown, unknown]\n\n // EVK = MVK_pub + offset\n const result = babyjub.addPoint(mvkInternal, offset)\n\n return {\n x: babyjub.F.toObject(result[0]),\n y: babyjub.F.toObject(result[1]),\n }\n}\n\n/**\n * Derive a per-transaction viewing private key (DVK)\n *\n * DVK = MVK_priv + Poseidon(MVK_pub.x, MVK_pub.y, nonce)\n *\n * Only the owner with MVK_priv can compute this.\n * DVK can be shared with auditors to decrypt specific transactions.\n *\n * @param masterViewingPrivKey - Owner's master viewing private key\n * @param masterViewingPubKey - Owner's master viewing public key\n * @param nonce - Unique per-note nonce (R.x — ephemeral public key x-coordinate)\n * @returns Per-transaction decryption viewing key\n */\nexport async function deriveDecryptionViewingKey(\n masterViewingPrivKey: bigint,\n masterViewingPubKey: Point,\n nonce: bigint\n): Promise<bigint> {\n // Import poseidonScalar to avoid circular dependency\n const { poseidonScalar } = await import('./poseidon.js')\n\n // Compute scalar: Poseidon(MVK_pub.x, MVK_pub.y, nonce) mod subOrder\n const scalar = await poseidonScalar([masterViewingPubKey.x, masterViewingPubKey.y, nonce])\n\n // DVK = MVK_priv + scalar (mod subOrder)\n return (masterViewingPrivKey + scalar) % BABYJUBJUB_SUBORDER\n}\n\n"]}
package/dist/{chunk-UQIM2KT3.js → chunk-4E23V3AT.js} RENAMED
@@ -19,7 +19,7 @@ function bytesToHex(bytes) {
19
19
  return `0x${Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
20
20
  }
21
21
  function hexToBytes(hex) {
22
- const str = hex.slice(2);
22
+ const str = hex.startsWith("0x") ? hex.slice(2) : hex;
23
23
  const bytes = new Uint8Array(str.length / 2);
24
24
  for (let i = 0; i < bytes.length; i++) {
25
25
  bytes[i] = parseInt(str.slice(i * 2, i * 2 + 2), 16);
@@ -42,12 +42,37 @@ function bytesToBigint(bytes) {
42
42
  }
43
43
  return value;
44
44
  }
45
+ function modPow(base, exp, modulus) {
46
+ let result = 1n;
47
+ base = base % modulus;
48
+ while (exp > 0n) {
49
+ if (exp % 2n === 1n) {
50
+ result = result * base % modulus;
51
+ }
52
+ exp = exp >> 1n;
53
+ base = base * base % modulus;
54
+ }
55
+ return result;
56
+ }
57
+ function modInverse(a, modulus) {
58
+ let [oldR, r] = [a, modulus];
59
+ let [oldS, s] = [1n, 0n];
60
+ while (r !== 0n) {
61
+ const quotient = oldR / r;
62
+ [oldR, r] = [r, oldR - quotient * r];
63
+ [oldS, s] = [s, oldS - quotient * s];
64
+ }
65
+ if (oldR !== 1n) {
66
+ throw new Error("Modular inverse does not exist");
67
+ }
68
+ return (oldS % modulus + modulus) % modulus;
69
+ }
45
70
  var init_crypto = __esm({
46
71
  "src/utils/crypto.ts"() {
47
72
  init_poseidon();
48
73
  }
49
74
  });
50
75
 
51
- export { bigintToBytes, bytesToBigint, bytesToHex, hexToBytes, init_crypto, randomBytes, randomFieldElement };
52
- //# sourceMappingURL=chunk-UQIM2KT3.js.map
53
- //# sourceMappingURL=chunk-UQIM2KT3.js.map
76
+ export { bigintToBytes, bytesToBigint, bytesToHex, hexToBytes, init_crypto, modInverse, modPow, randomBytes, randomFieldElement };
77
+ //# sourceMappingURL=chunk-4E23V3AT.js.map
78
+ //# sourceMappingURL=chunk-4E23V3AT.js.map
package/dist/chunk-4E23V3AT.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/utils/crypto.ts"],"names":[],"mappings":";;;;AAWO,SAAS,YAAY,MAAA,EAA4B;AACtD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,kBAAA,GAA6B;AAE3C,EAAA,MAAM,KAAA,GAAQ,YAAY,EAAE,CAAA;AAG5B,EAAA,IAAI,KAAA,GAAQ,EAAA;AACZ,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,GAAA,CAAS,KAAA,IAAS,EAAA,IAAM,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EAC1C;AAGA,EAAA,OAAO,KAAA,GAAQ,WAAA;AACjB;AAKO,SAAS,WAAW,KAAA,EAAkC;AAC3D,EAAA,OAAO,KAAK,KAAA,CAAM,IAAA,CAAK,KAAK,CAAA,CACzB,GAAA,CAAI,OAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CACxC,IAAA,CAAK,EAAE,CAAC,CAAA,CAAA;AACb;AAKO,SAAS,WAAW,GAAA,EAAyB;AAClD,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,IAAI,IAAI,GAAA,CAAI,KAAA,CAAM,CAAC,CAAA,GAAI,GAAA;AAClD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,GAAA,CAAI,SAAS,CAAC,CAAA;AAC3C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,GAAA,CAAI,KAAA,CAAM,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,GAAI,CAAC,CAAA,EAAG,EAAE,CAAA;AAAA,EACrD;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,aAAA,CAAc,OAAe,MAAA,EAA4B;AACvE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,IAAA,GAAO,KAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AACpC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,IAAA,GAAO,KAAK,CAAA;AAC9B,IAAA,IAAA,KAAS,EAAA;AAAA,EACX;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,cAAc,KAAA,EAA2B;AACvD,EAAA,IAAI,KAAA,GAAQ,EAAA;AACZ,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,KAAA,GAAA,CAAS,KAAA,IAAS,EAAA,IAAM,MAAA,CAAO,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,MAAA,CAAO,IAAA,EAAc,GAAA,EAAa,OAAA,EAAyB;AACzE,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAA,GAAO,IAAA,GAAO,OAAA;AAEd,EAAA,OAAO,MAAM,EAAA,EAAI;AACf,IAAA,IAAI,GAAA,GAAM,OAAO,EAAA,EAAI;AACnB,MAAA,MAAA,GAAU,SAAS,IAAA,GAAQ,OAAA;AAAA,IAC7B;AACA,IAAA,GAAA,GAAM,GAAA,IAAO,EAAA;AACb,IAAA,IAAA,GAAQ,OAAO,IAAA,GAAQ,OAAA;AAAA,EACzB;AAEA,EAAA,OAAO,MAAA;AACT;AAKO,SAAS,UAAA,CAAW,GAAW,OAAA,EAAyB;AAC7D,EAAA,IAAI,CAAC,IAAA,EAAM,CAAC,CAAA,GAAI,CAAC,GAAG,OAAO,CAAA;AAC3B,EAAA,IAAI,CAAC,IAAA,EAAM,CAAC,CAAA,GAAI,CAAC,IAAI,EAAE,CAAA;AAEvB,EAAA,OAAO,MAAM,EAAA,EAAI;AACf,IAAA,MAAM,WAAW,IAAA,GAAO,CAAA;AACvB,IAAA,CAAC,MAAM,CAAC,CAAA,GAAI,CAAC,CAAA,EAAG,IAAA,GAAO,WAAW,CAAC,CAAA;AACnC,IAAA,CAAC,MAAM,CAAC,CAAA,GAAI,CAAC,CAAA,EAAG,IAAA,GAAO,WAAW,CAAC,CAAA;AAAA,EACtC;AAEA,EAAA,IAAI,SAAS,EAAA,EAAI;AACf,IAAA,MAAM,IAAI,MAAM,gCAAgC,CAAA;AAAA,EAClD;AAEA,EAAA,OAAA,CAAS,IAAA,GAAO,UAAW,OAAA,IAAW,OAAA;AACxC;AArHA,IAAA,WAAA,GAAA,KAAA,CAAA;AAAA,EAAA,qBAAA,GAAA;AAMA,IAAA,aAAA,EAAA;AAAA,EAAA;AAAA,CAAA","file":"chunk-4E23V3AT.js","sourcesContent":["/**\n * Cryptographic Utilities\n *\n * Secure random number generation and field arithmetic.\n */\n\nimport { FIELD_PRIME } from './poseidon.js'\n\n/**\n * Generate cryptographically secure random bytes\n */\nexport function randomBytes(length: number): Uint8Array {\n const bytes = new Uint8Array(length)\n crypto.getRandomValues(bytes)\n return bytes\n}\n\n/**\n * Generate a random field element (for blinding factors, etc.)\n *\n * Returns a value in range [0, FIELD_PRIME)\n */\nexport function randomFieldElement(): bigint {\n // Generate 32 bytes of randomness\n const bytes = randomBytes(32)\n\n // Convert to bigint\n let value = 0n\n for (let i = 0; i < bytes.length; i++) {\n value = (value << 8n) + BigInt(bytes[i]!)\n }\n\n // Reduce modulo field prime\n return value % FIELD_PRIME\n}\n\n/**\n * Convert bytes to hex string\n */\nexport function bytesToHex(bytes: Uint8Array): `0x${string}` {\n return `0x${Array.from(bytes)\n .map(b => b.toString(16).padStart(2, '0'))\n .join('')}`\n}\n\n/**\n * Convert hex string to bytes (handles with or without 0x prefix)\n */\nexport function hexToBytes(hex: string): Uint8Array {\n const str = hex.startsWith('0x') ? hex.slice(2) : hex\n const bytes = new Uint8Array(str.length / 2)\n for (let i = 0; i < bytes.length; i++) {\n bytes[i] = parseInt(str.slice(i * 2, i * 2 + 2), 16)\n }\n return bytes\n}\n\n/**\n * Convert bigint to bytes (big-endian)\n */\nexport function bigintToBytes(value: bigint, length: number): Uint8Array {\n const bytes = new Uint8Array(length)\n let temp = value\n for (let i = length - 1; i >= 0; i--) {\n bytes[i] = Number(temp & 0xffn)\n temp >>= 8n\n }\n return bytes\n}\n\n/**\n * Convert bytes to bigint (big-endian)\n */\nexport function bytesToBigint(bytes: Uint8Array): bigint {\n let value = 0n\n for (let i = 0; i < bytes.length; i++) {\n value = (value << 8n) + BigInt(bytes[i]!)\n }\n return value\n}\n\n/**\n * Modular exponentiation: base^exp mod modulus\n */\nexport function modPow(base: bigint, exp: bigint, modulus: bigint): bigint {\n let result = 1n\n base = base % modulus\n\n while (exp > 0n) {\n if (exp % 2n === 1n) {\n result = (result * base) % modulus\n }\n exp = exp >> 1n\n base = (base * base) % modulus\n }\n\n return result\n}\n\n/**\n * Modular inverse using extended Euclidean algorithm\n */\nexport function modInverse(a: bigint, modulus: bigint): bigint {\n let [oldR, r] = [a, modulus]\n let [oldS, s] = [1n, 0n]\n\n while (r !== 0n) {\n const quotient = oldR / r\n ;[oldR, r] = [r, oldR - quotient * r]\n ;[oldS, s] = [s, oldS - quotient * s]\n }\n\n if (oldR !== 1n) {\n throw new Error('Modular inverse does not exist')\n }\n\n return ((oldS % modulus) + modulus) % modulus\n}\n"]}
package/dist/{chunk-53JACDGZ.js → chunk-A6IYQ7UF.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { init_stealth } from './chunk-Q6BLTPWV.js';
1
+ import { init_stealth } from './chunk-2NKFTLPD.js';
2
2
 
3
3
  // src/core/client.ts
4
4
  function createUPPClient(_config) {
@@ -127,5 +127,5 @@ async function _verifyProxyImpl(client, checks, name, proxyAddress, expectedImpl
127
127
  }
128
128
 
129
129
  export { NOTE_VERSION, checkImplementation, createNote, createUPPClient, decryptNote, encryptNote, verifyDeployment };
130
- //# sourceMappingURL=chunk-53JACDGZ.js.map
131
- //# sourceMappingURL=chunk-53JACDGZ.js.map
130
+ //# sourceMappingURL=chunk-A6IYQ7UF.js.map
131
+ //# sourceMappingURL=chunk-A6IYQ7UF.js.map