@private.me/xbind 1.2.17 → 1.3.0

package/README.md

@@ -1,7 +1,7 @@
 # @private.me/xbind
 
 ![npm version](https://img.shields.io/npm/v/@private.me/xbind)
-![version](https://img.shields.io/badge/version-1.2.17-blue)
+![version](https://img.shields.io/badge/version-1.3.0-blue)
 ![tests](https://img.shields.io/badge/tests-1245%20passing-brightgreen)
 ![TypeScript](https://img.shields.io/badge/TypeScript-strict-blue)
 ![license](https://img.shields.io/badge/license-Proprietary-blue)
@@ -12,7 +12,7 @@ Build AI agents that communicate securely using ML-DSA-65 DID identity, ML-KEM-7
 
 Part of the **Private.Me** platform—where APIs have keys, but ACIs have identity.
 
-**Version 1.2.17** — **Documentation:** Generic pricing language per Gold Package Requirement #18 (removed specific operation counts). Previous v1.2.16: AWS/gRPC/HTTP Error Mappings - All 49 error codes now include protocol-specific mappings (aws, grpc, http fields) for cross-platform error translation.
+**Version 1.3.0** — **Session 157:** v12.0 Deployment Identity complete - 4-layer Share 2 validation (email, payment, staleness, deploymentID), abuse detection (26 tests), offline detection (15 tests), billing enforcement (14 tests). All 81 tests passing (100%). Previous v1.2.17: Generic pricing language per Gold Package Requirement #18.
 
 ## Install
 
@@ -141,14 +141,104 @@ See [pricing details](../../docs/pricing-reference.md) for current rates and tie
 **ALL API calls are blocked until you verify your email address.** This links your usage to a verified contact for security notifications and billing.
 
 ```bash
-npx xbind setup
+npx xbind setup --email user@example.com
 ```
 
 **What happens:**
-1. Enter your email address
-2. Receive 6-digit verification code (check spam folder)
-3. Enter code to activate account
-4. DeploymentID generated (persistent economic identity)
+1. **DID Generation**: Creates Ed25519 cryptographic identity (did:key:z6Mk...)
+2. **DeploymentID Creation**: Generates persistent economic identity (DEP-202605-XXXXXXXXXX)
+3. **Email Code Delivery**: Sends 6-digit verification code to your email
+4. **Code Verification**: Enter code to link email to DeploymentID
+5. **Identity Storage**: Saves to `~/.xbind/identity.json` (chmod 600)
+6. **Ready to Use**: No additional configuration needed
+
+**Dual-Mode Verification:**
+- **CLI/Programmatic**: 6-digit code (this method)
+- **Web/Browser**: Magic link (auto-verifies on click)
+
+**Command Options:**
+```bash
+npx xbind setup --email user@example.com  # Standard setup
+npx xbind setup --email user@example.com --force  # Overwrite existing identity
+npx xbind setup --dev  # Development mode (mock email provider)
+```
+
+**Security Notes:**
+- Disposable email services blocked (Mailinator, Guerrilla Mail, etc.)
+- Device fingerprinting active (100+ signals for abuse prevention)
+- DID ≠ DeploymentID (see Identity Model section below)
+
+---
+
+### Identity Model: DID vs DeploymentID
+
+**Two complementary identities for different purposes:**
+
+#### DID (Decentralized Identifier)
+- **Format**: `did:key:z6Mk...` (Ed25519 public key)
+- **Purpose**: Cryptographic authentication (message signing)
+- **Lifespan**: Ephemeral - can be rotated for security
+- **Use case**: Proving "I sent this message"
+- **Storage**: `~/.xbind/identity.json` (local only)
+
+#### DeploymentID (Persistent Economic Identity)
+- **Format**: `DEP-YYYYMM-XXXXXXXXXX` (month prefix + 10 hex digits)
+- **Purpose**: Billing and usage tracking (persistent across DIDs)
+- **Lifespan**: Permanent - never changes for your account
+- **Use case**: "This deployment used 50K operations this month"
+- **Prevents**: Economic state reset attacks (DID rotation to bypass usage limits)
+
+**Why Both?**
+- **Security**: Rotate DID without losing billing history
+- **Privacy**: DID is pseudonymous, DeploymentID links to verified email
+- **Billing**: Usage tracked by DeploymentID, even if DID changes
+- **Attack Prevention**: Cannot reset free tier quota by generating new DID
+
+**Example:**
+```
+User creates account:
+  - DID: did:key:z6MkABC123...  (for signing messages)
+  - DeploymentID: DEP-202605-7F3A2B1C  (for billing)
+
+User rotates DID for security:
+  - DID: did:key:z6MkXYZ789...  (NEW cryptographic identity)
+  - DeploymentID: DEP-202605-7F3A2B1C  (SAME billing identity)
+  - Usage history: Preserved ✅
+  - Free tier quota: Cannot reset ✅
+```
+
+---
+
+### Device Fingerprinting & Privacy
+
+**xBind collects device fingerprints for abuse prevention:**
+
+**What We Collect (100+ Signals):**
+1. **Browser**: User agent, language, timezone, screen resolution
+2. **OS**: Platform, CPU cores, memory (approximate)
+3. **Hardware**: GPU vendor, audio context, canvas fingerprint
+4. **Network**: IP address (hashed), connection type
+5. **Behavior**: Timing patterns, interaction signals
+6. **Fonts**: Installed font list (system fingerprint)
+
+**Why We Collect:**
+- Detect multi-accounting (creating unlimited free accounts)
+- Identify coordinated abuse patterns
+- Link DeploymentIDs across devices (same user, different machines)
+- Risk scoring (0-100 scale, manual review ≥70)
+
+**Privacy Protections:**
+- **SHA-256 hashed**: Fingerprints stored as hashes, not raw data
+- **No PII**: Individual signals don't identify you personally
+- **GDPR compliant**: Right to access, deletion, opt-out
+- **Minimization**: Only signals necessary for abuse detection
+- **Retention**: 90 days for fingerprints, 30 days for raw signals
+
+**Opt-Out:**
+Email contact@private.me with subject "Fingerprint Opt-Out" and your DeploymentID. Note: Opting out may trigger manual review for new accounts.
+
+**Transparency:**
+Full fingerprinting source code available at `apps/server/src/device-fingerprinting.ts`
 
 **Note:** Disposable email services (Mailinator, Guerrilla Mail, etc.) are blocked. Use a real email address.
 

package/dist-standalone/_deps/crypto/base64.js

@@ -1,97 +1,209 @@
-const CHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-const URL_CHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
-/**
- * Encode bytes to standard Base64 (RFC 4648).
- *
- * @param data - Bytes to encode
- * @returns Base64-encoded string with padding
- */
-export function toBase64(data) {
-    return encode(data, CHARS, true);
+const a0_0x407ecd = a0_0x55fd;
+function a0_0x79ca() {
+    const _0x269e49 = [
+        'qujdrevgr0HjsKTmtu5puffsu1rvvLDywvPHyMnKzwzNAgLQA2XTBM9WCxjZDhv2D3H5EJaXmJm0nty3odKTxW',
+        'svPqDxi',
+        'mtiWmJm3owzmEwfIuW',
+        'nhLTrLLeEq',
+        'AfroB3e',
+        'wNrbA1e',
+        'sMLeu1m',
+        'mJy2nZiXmhfTzMTKDG',
+        'C2v0',
+        'qujdrevgr0HjsKTmtu5puffsu1rvvLDywvPHyMnKzwzNAgLQA2XTBM9WCxjZDhv2D3H5EJaXmJm0nty3odKRlW',
+        'ntC2otq0A1f6B3n2',
+        'EMnXDgi',
+        'uLDRu3K',
+        'wM5Ore0',
+        'mJi4nZy5mfLqrwjdwG',
+        'ChLVBwG',
+        'CMvWBgfJzq',
+        'z2fyDeG',
+        'mZeXmK1dyw5vyW',
+        'nta2nZKXofP1yLPZva',
+        'BgvUz3rO',
+        'z2v0',
+        'BMrdthC',
+        'zMXVB3i',
+        'D05jCLu',
+        'sKfNAMe',
+        'mZi5mevXuhfkAa',
+        'nta4mZK4C0XTCuri',
+        'B09Tt3a',
+        'B2TLEgi',
+        'A3j2rNy'
+    ];
+    a0_0x79ca = function () {
+        return _0x269e49;
+    };
+    return a0_0x79ca();
 }
-/**
- * Decode standard Base64 string to bytes.
- *
- * @param str - Base64-encoded string
- * @returns Decoded bytes
- */
-export function fromBase64(str) {
-    return decode(str, CHARS);
+(function (_0x37b354, _0x358ec3) {
+    const a0_0x2fc9ac = {
+            _0x3159a2: 0xbd,
+            _0xc1e990: 0xaa
+        }, _0x32b9ff = a0_0x55fd, _0x1340dc = _0x37b354();
+    while (!![]) {
+        try {
+            const _0x55b465 = parseInt(_0x32b9ff(0xa6)) / 0x1 + -parseInt(_0x32b9ff(0xb7)) / 0x2 + -parseInt(_0x32b9ff(a0_0x2fc9ac._0x3159a2)) / 0x3 * (parseInt(_0x32b9ff(0x9f)) / 0x4) + -parseInt(_0x32b9ff(a0_0x2fc9ac._0xc1e990)) / 0x5 + parseInt(_0x32b9ff(0xa3)) / 0x6 + parseInt(_0x32b9ff(0xb6)) / 0x7 * (-parseInt(_0x32b9ff(0xae)) / 0x8) + parseInt(_0x32b9ff(0xaf)) / 0x9;
+            if (_0x55b465 === _0x358ec3)
+                break;
+            else
+                _0x1340dc['push'](_0x1340dc['shift']());
+        } catch (_0xa5b03b) {
+            _0x1340dc['push'](_0x1340dc['shift']());
+        }
+    }
+}(a0_0x79ca, 0x469c5));
+const CHARS = a0_0x407ecd(0xa5), URL_CHARS = a0_0x407ecd(0xbb);
+export function toBase64(_0x7882be) {
+    const a0_0x56e76 = { _0x112634: 0xb8 }, _0x7690e1 = a0_0x55fd, _0x2fb01d = {
+            'oOmOp': function (_0x3fd976, _0x1edb9d, _0x628255, _0x5f0773) {
+                return _0x3fd976(_0x1edb9d, _0x628255, _0x5f0773);
+            }
+        };
+    return _0x2fb01d[_0x7690e1(a0_0x56e76._0x112634)](encode, _0x7882be, CHARS, !![]);
 }
-/**
- * Encode bytes to Base64url (RFC 4648 Section 5).
- * Uses URL-safe characters (-_ instead of +/) and no padding.
- *
- * @param data - Bytes to encode
- * @returns Base64url-encoded string without padding
- */
-export function toBase64Url(data) {
-    return encode(data, URL_CHARS, false);
+export function fromBase64(_0x341c01) {
+    return decode(_0x341c01, CHARS);
 }
-/**
- * Decode Base64url string to bytes.
- *
- * @param str - Base64url-encoded string
- * @returns Decoded bytes
- */
-export function fromBase64Url(str) {
-    return decode(str, URL_CHARS);
+function a0_0x55fd(_0xd2e137, _0x326f65) {
+    _0xd2e137 = _0xd2e137 - 0x9f;
+    const _0x79ca3e = a0_0x79ca();
+    let _0x55fda = _0x79ca3e[_0xd2e137];
+    if (a0_0x55fd['lCKHFT'] === undefined) {
+        var _0x20922a = function (_0x2f78f1) {
+            const _0x5a366b = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';
+            let _0xaa8c87 = '', _0x42b8ab = '';
+            for (let _0x48a87d = 0x0, _0x3057da, _0x637fa1, _0x5e6d9b = 0x0; _0x637fa1 = _0x2f78f1['charAt'](_0x5e6d9b++); ~_0x637fa1 && (_0x3057da = _0x48a87d % 0x4 ? _0x3057da * 0x40 + _0x637fa1 : _0x637fa1, _0x48a87d++ % 0x4) ? _0xaa8c87 += String['fromCharCode'](0xff & _0x3057da >> (-0x2 * _0x48a87d & 0x6)) : 0x0) {
+                _0x637fa1 = _0x5a366b['indexOf'](_0x637fa1);
+            }
+            for (let _0x53b705 = 0x0, _0x186834 = _0xaa8c87['length']; _0x53b705 < _0x186834; _0x53b705++) {
+                _0x42b8ab += '%' + ('00' + _0xaa8c87['charCodeAt'](_0x53b705)['toString'](0x10))['slice'](-0x2);
+            }
+            return decodeURIComponent(_0x42b8ab);
+        };
+        a0_0x55fd['mFQNPa'] = _0x20922a, a0_0x55fd['juyKCU'] = {}, a0_0x55fd['lCKHFT'] = !![];
+    }
+    const _0x57a7e8 = _0x79ca3e[0x0], _0x3d4b6d = _0xd2e137 + _0x57a7e8, _0x4cb20f = a0_0x55fd['juyKCU'][_0x3d4b6d];
+    return !_0x4cb20f ? (_0x55fda = a0_0x55fd['mFQNPa'](_0x55fda), a0_0x55fd['juyKCU'][_0x3d4b6d] = _0x55fda) : _0x55fda = _0x4cb20f, _0x55fda;
 }
-/** Encode bytes using the given alphabet. */
-function encode(data, alphabet, pad) {
-    let result = '';
-    for (let i = 0; i < data.length; i += 3) {
-        const a = data[i];
-        const b = i + 1 < data.length ? data[i + 1] : 0;
-        const c = i + 2 < data.length ? data[i + 2] : 0;
-        result += alphabet[(a >> 2)];
-        result += alphabet[((a & 0x03) << 4) | (b >> 4)];
-        if (i + 1 < data.length) {
-            result += alphabet[((b & 0x0f) << 2) | (c >> 6)];
-        }
-        if (i + 2 < data.length) {
-            result += alphabet[c & 0x3f];
+export function toBase64Url(_0x4625a9) {
+    const a0_0x468f4e = { _0x1d4e5f: 0xab }, _0x1333ce = a0_0x55fd, _0x5a56a7 = {
+            'pyomh': function (_0x37bd11, _0x252733, _0x455435, _0x26f9d3) {
+                return _0x37bd11(_0x252733, _0x455435, _0x26f9d3);
+            }
+        };
+    return _0x5a56a7[_0x1333ce(a0_0x468f4e._0x1d4e5f)](encode, _0x4625a9, URL_CHARS, ![]);
+}
+export function fromBase64Url(_0x36a904) {
+    const _0x29600a = {
+        'NpZNT': function (_0x1046eb, _0x40ebd2, _0x3ba804) {
+            return _0x1046eb(_0x40ebd2, _0x3ba804);
         }
+    };
+    return _0x29600a['NpZNT'](decode, _0x36a904, URL_CHARS);
+}
+function encode(_0x5484d7, _0x4457be, _0x791257) {
+    const a0_0x148662 = {
+            _0x2dde39: 0xa0,
+            _0x47c32b: 0xb0,
+            _0x289972: 0xa9,
+            _0x125c2b: 0xb4,
+            _0x3d67c2: 0xbc
+        }, _0x1ff8cc = a0_0x55fd, _0x430456 = {
+            'gaXtH': function (_0x393610, _0x254377) {
+                return _0x393610 < _0x254377;
+            },
+            'ZtAkQ': function (_0x36ff92, _0xdfd039) {
+                return _0x36ff92 >> _0xdfd039;
+            },
+            'hTNoq': function (_0x202c6d, _0x5e82bd) {
+                return _0x202c6d & _0x5e82bd;
+            },
+            'krvFv': function (_0x3e596f, _0x574957) {
+                return _0x3e596f >> _0x574957;
+            },
+            'ZnhDM': function (_0x389e43, _0x4b1be4) {
+                return _0x389e43 + _0x4b1be4;
+            },
+            'QWYsC': function (_0x2035f0, _0x1631e7) {
+                return _0x2035f0 | _0x1631e7;
+            },
+            'qEwkk': function (_0x42a035, _0x311ce8) {
+                return _0x42a035 << _0x311ce8;
+            },
+            'wNIrU': function (_0x4fd747, _0x11a61b) {
+                return _0x4fd747 & _0x11a61b;
+            },
+            'IZPur': function (_0x5cc965, _0x386a03) {
+                return _0x5cc965 % _0x386a03;
+            },
+            'ndCLw': function (_0x57d725, _0xe46f80) {
+                return _0x57d725 === _0xe46f80;
+            }
+        };
+    let _0x148a12 = '';
+    for (let _0x5029d2 = 0x0; _0x430456['gaXtH'](_0x5029d2, _0x5484d7['length']); _0x5029d2 += 0x3) {
+        const _0x15e920 = _0x5484d7[_0x5029d2], _0x15cf5c = _0x430456['gaXtH'](_0x5029d2 + 0x1, _0x5484d7[_0x1ff8cc(0xb0)]) ? _0x5484d7[_0x5029d2 + 0x1] : 0x0, _0x2d3056 = _0x5029d2 + 0x2 < _0x5484d7[_0x1ff8cc(0xb0)] ? _0x5484d7[_0x5029d2 + 0x2] : 0x0;
+        _0x148a12 += _0x4457be[_0x430456[_0x1ff8cc(0xa1)](_0x15e920, 0x2)], _0x148a12 += _0x4457be[_0x430456[_0x1ff8cc(a0_0x148662._0x2dde39)](_0x15e920, 0x3) << 0x4 | _0x430456[_0x1ff8cc(0xba)](_0x15cf5c, 0x4)], _0x430456[_0x1ff8cc(0xad)](_0x430456[_0x1ff8cc(0xa9)](_0x5029d2, 0x1), _0x5484d7[_0x1ff8cc(a0_0x148662._0x47c32b)]) && (_0x148a12 += _0x4457be[_0x430456['QWYsC'](_0x430456['qEwkk'](_0x15cf5c & 0xf, 0x2), _0x2d3056 >> 0x6)]), _0x430456[_0x1ff8cc(a0_0x148662._0x289972)](_0x5029d2, 0x2) < _0x5484d7[_0x1ff8cc(0xb0)] && (_0x148a12 += _0x4457be[_0x430456[_0x1ff8cc(a0_0x148662._0x125c2b)](_0x2d3056, 0x3f)]);
     }
-    if (pad) {
-        const remainder = data.length % 3;
-        if (remainder === 1)
-            result += '==';
-        else if (remainder === 2)
-            result += '=';
+    if (_0x791257) {
+        const _0x1b68d5 = _0x430456[_0x1ff8cc(a0_0x148662._0x3d67c2)](_0x5484d7[_0x1ff8cc(a0_0x148662._0x47c32b)], 0x3);
+        if (_0x430456[_0x1ff8cc(0xb2)](_0x1b68d5, 0x1))
+            _0x148a12 += '==';
+        else {
+            if (_0x1b68d5 === 0x2)
+                _0x148a12 += '=';
+        }
     }
-    return result;
+    return _0x148a12;
 }
-/** Build a reverse lookup map for a Base64 alphabet. */
-function buildLookup(alphabet) {
-    const map = new Map();
-    for (let i = 0; i < alphabet.length; i++) {
-        map.set(alphabet[i], i);
+function buildLookup(_0x449d7c) {
+    const a0_0x8838e5 = { _0x338677: 0xa4 }, _0x31eebe = a0_0x55fd, _0x194703 = {
+            'zcqtb': function (_0x51f81a, _0x395753) {
+                return _0x51f81a < _0x395753;
+            }
+        }, _0x502bb0 = new Map();
+    for (let _0x1a4104 = 0x0; _0x194703[_0x31eebe(0xa7)](_0x1a4104, _0x449d7c['length']); _0x1a4104++) {
+        _0x502bb0[_0x31eebe(a0_0x8838e5._0x338677)](_0x449d7c[_0x1a4104], _0x1a4104);
     }
-    return map;
+    return _0x502bb0;
 }
-const STD_LOOKUP = buildLookup(CHARS);
-const URL_LOOKUP = buildLookup(URL_CHARS);
-/** Decode a Base64 string using the given lookup. Tolerates whitespace (RFC 2045). */
-function decode(str, alphabet) {
-    const lookup = alphabet === CHARS ? STD_LOOKUP : URL_LOOKUP;
-    const stripped = str.replace(/\s/g, '');
-    const cleaned = stripped.replace(/=+$/, '');
-    const byteLen = Math.floor((cleaned.length * 3) / 4);
-    const result = new Uint8Array(byteLen);
-    let byteIdx = 0;
-    for (let i = 0; i < cleaned.length; i += 4) {
-        const a = lookup.get(cleaned[i]) ?? 0;
-        const b = lookup.get(cleaned[i + 1]) ?? 0;
-        const c = i + 2 < cleaned.length ? (lookup.get(cleaned[i + 2]) ?? 0) : 0;
-        const d = i + 3 < cleaned.length ? (lookup.get(cleaned[i + 3]) ?? 0) : 0;
-        result[byteIdx++] = (a << 2) | (b >> 4);
-        if (i + 2 < cleaned.length) {
-            result[byteIdx++] = ((b & 0x0f) << 4) | (c >> 2);
-        }
-        if (i + 3 < cleaned.length) {
-            result[byteIdx++] = ((c & 0x03) << 6) | d;
-        }
+const STD_LOOKUP = buildLookup(CHARS), URL_LOOKUP = buildLookup(URL_CHARS);
+function decode(_0x1f04f0, _0x6096a3) {
+    const a0_0x37b412 = {
+            _0x4289de: 0xac,
+            _0x36380f: 0xb3,
+            _0x3202d9: 0xb1,
+            _0x2c7911: 0xb9,
+            _0x108b6c: 0xb5,
+            _0x52e6d3: 0xa2,
+            _0x480188: 0xb0
+        }, _0x5ea819 = a0_0x55fd, _0x3e6393 = {
+            'Zfjqh': function (_0x1b257a, _0x265ced) {
+                return _0x1b257a === _0x265ced;
+            },
+            'okexb': function (_0x1178d6, _0x30bfb7) {
+                return _0x1178d6 + _0x30bfb7;
+            },
+            'JAgja': function (_0x112b4c, _0x57090c) {
+                return _0x112b4c < _0x57090c;
+            },
+            'RWkSy': function (_0x35f0a3, _0x42f12c) {
+                return _0x35f0a3 << _0x42f12c;
+            },
+            'JiDSS': function (_0x304cb6, _0x2b69f6) {
+                return _0x304cb6 >> _0x2b69f6;
+            },
+            'WLmSh': function (_0x4ae072, _0xa5baf0) {
+                return _0x4ae072 | _0xa5baf0;
+            }
+        }, _0x52752e = _0x3e6393['Zfjqh'](_0x6096a3, CHARS) ? STD_LOOKUP : URL_LOOKUP, _0x346df1 = _0x1f04f0[_0x5ea819(a0_0x37b412._0x4289de)](/\s/g, ''), _0x2cf2b2 = _0x346df1['replace'](/=+$/, ''), _0x28aed3 = Math[_0x5ea819(a0_0x37b412._0x36380f)](_0x2cf2b2[_0x5ea819(0xb0)] * 0x3 / 0x4), _0x1ccb95 = new Uint8Array(_0x28aed3);
+    let _0x1e37f7 = 0x0;
+    for (let _0x3b4bb1 = 0x0; _0x3b4bb1 < _0x2cf2b2[_0x5ea819(0xb0)]; _0x3b4bb1 += 0x4) {
+        const _0x1f58fb = _0x52752e[_0x5ea819(a0_0x37b412._0x3202d9)](_0x2cf2b2[_0x3b4bb1]) ?? 0x0, _0x285628 = _0x52752e[_0x5ea819(0xb1)](_0x2cf2b2[_0x3e6393[_0x5ea819(a0_0x37b412._0x2c7911)](_0x3b4bb1, 0x1)]) ?? 0x0, _0x271f47 = _0x3e6393[_0x5ea819(0xb9)](_0x3b4bb1, 0x2) < _0x2cf2b2['length'] ? _0x52752e[_0x5ea819(a0_0x37b412._0x3202d9)](_0x2cf2b2[_0x3b4bb1 + 0x2]) ?? 0x0 : 0x0, _0xcdb129 = _0x3b4bb1 + 0x3 < _0x2cf2b2['length'] ? _0x52752e[_0x5ea819(0xb1)](_0x2cf2b2[_0x3b4bb1 + 0x3]) ?? 0x0 : 0x0;
+        _0x1ccb95[_0x1e37f7++] = _0x1f58fb << 0x2 | _0x285628 >> 0x4, _0x3e6393[_0x5ea819(a0_0x37b412._0x108b6c)](_0x3b4bb1 + 0x2, _0x2cf2b2[_0x5ea819(0xb0)]) && (_0x1ccb95[_0x1e37f7++] = _0x3e6393[_0x5ea819(0xa8)](_0x285628 & 0xf, 0x4) | _0x3e6393[_0x5ea819(a0_0x37b412._0x52e6d3)](_0x271f47, 0x2)), _0x3e6393[_0x5ea819(0xb5)](_0x3b4bb1 + 0x3, _0x2cf2b2[_0x5ea819(a0_0x37b412._0x480188)]) && (_0x1ccb95[_0x1e37f7++] = _0x3e6393['WLmSh']((_0x271f47 & 0x3) << 0x6, _0xcdb129));
     }
-    return result;
-}
+    return _0x1ccb95;
+}