@protontech/openpgp 6.1.1-patch.4 → 6.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +13 -2
  2. package/dist/lightweight/argon2id.min.mjs +2 -2
  3. package/dist/lightweight/argon2id.min.mjs.map +1 -1
  4. package/dist/lightweight/argon2id.mjs +4 -4
  5. package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
  6. package/dist/lightweight/legacy_ciphers.min.mjs.map +1 -1
  7. package/dist/lightweight/legacy_ciphers.mjs +10 -10
  8. package/dist/lightweight/nacl-fast.min.mjs +3 -0
  9. package/dist/lightweight/nacl-fast.min.mjs.map +1 -0
  10. package/dist/lightweight/nacl-fast.mjs +1382 -0
  11. package/dist/lightweight/noble_curves.min.mjs +11 -12
  12. package/dist/lightweight/noble_curves.min.mjs.map +1 -1
  13. package/dist/lightweight/noble_curves.mjs +2175 -1752
  14. package/dist/lightweight/noble_hashes.min.mjs +2 -2
  15. package/dist/lightweight/noble_hashes.min.mjs.map +1 -1
  16. package/dist/lightweight/noble_hashes.mjs +80 -51
  17. package/dist/lightweight/noble_post_quantum.min.mjs +3 -4
  18. package/dist/lightweight/noble_post_quantum.min.mjs.map +1 -1
  19. package/dist/lightweight/noble_post_quantum.mjs +352 -10
  20. package/dist/lightweight/openpgp.min.mjs +3 -4
  21. package/dist/lightweight/openpgp.min.mjs.map +1 -1
  22. package/dist/lightweight/openpgp.mjs +998 -2820
  23. package/dist/lightweight/seek-bzip.min.mjs +2 -2
  24. package/dist/lightweight/seek-bzip.min.mjs.map +1 -1
  25. package/dist/lightweight/seek-bzip.mjs +780 -746
  26. package/dist/lightweight/sha512.min.mjs +4 -2
  27. package/dist/lightweight/sha512.min.mjs.map +1 -1
  28. package/dist/lightweight/sha512.mjs +672 -130
  29. package/dist/node/openpgp.cjs +10685 -10141
  30. package/dist/node/openpgp.min.cjs +14 -17
  31. package/dist/node/openpgp.min.cjs.map +1 -1
  32. package/dist/node/openpgp.min.mjs +14 -17
  33. package/dist/node/openpgp.min.mjs.map +1 -1
  34. package/dist/node/openpgp.mjs +10685 -10140
  35. package/dist/openpgp.js +11728 -11188
  36. package/dist/openpgp.min.js +14 -17
  37. package/dist/openpgp.min.js.map +1 -1
  38. package/dist/openpgp.min.mjs +14 -17
  39. package/dist/openpgp.min.mjs.map +1 -1
  40. package/dist/openpgp.mjs +11728 -11188
  41. package/{src → dist/types}/config/config.d.ts +1 -21
  42. package/{openpgp.d.ts → dist/types/index.d.ts} +94 -76
  43. package/dist/types/packet/grammar.d.ts +33 -0
  44. package/package.json +40 -39
  45. package/dist/lightweight/sha3.min.mjs +0 -4
  46. package/dist/lightweight/sha3.min.mjs.map +0 -1
  47. package/dist/lightweight/sha3.mjs +0 -401
  48. /package/{src → dist/types}/config/index.d.ts +0 -0
  49. /package/{src → dist/types}/enums.d.ts +0 -0
package/dist/lightweight/noble_curves.min.mjs CHANGED
@@ -1,14 +1,13 @@
1
- /*! OpenPGP.js v6.1.1-patch.4 - 2025-07-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
2
- "undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{s as t,a as e,b as n}from"./sha512.min.mjs";import{H as r,a as f,t as i,b as o,c as s,d as a,r as c,w as d,u,s as l}from"./sha3.min.mjs";class h extends r{constructor(t,e){super(),this.finished=!1,this.destroyed=!1,f(t);const n=i(e);if(this.iHash=t.create(),"function"!=typeof this.iHash.update)throw Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const r=this.blockLen,o=new Uint8Array(r);o.set(n.length>r?t.create().update(n).digest():n);for(let t=0;t<o.length;t++)o[t]^=54;this.iHash.update(o),this.oHash=t.create();for(let t=0;t<o.length;t++)o[t]^=106;this.oHash.update(o),o.fill(0)}update(t){return o(this),this.iHash.update(t),this}digestInto(t){o(this),s(t,this.outputLen),this.finished=!0,this.iHash.digestInto(t),this.oHash.update(t),this.oHash.digestInto(t),this.destroy()}digest(){const t=new Uint8Array(this.oHash.outputLen);return this.digestInto(t),t}_cloneInto(t){t||(t=Object.create(Object.getPrototypeOf(this),{}));const{oHash:e,iHash:n,finished:r,destroyed:f,blockLen:i,outputLen:o}=this;return t.finished=r,t.destroyed=f,t.blockLen=i,t.outputLen=o,t.oHash=e._cloneInto(t.oHash),t.iHash=n._cloneInto(t.iHash),t}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const g=(t,e,n)=>new h(t,e).update(n).digest();g.create=(t,e)=>new h(t,e)
3
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */;const b=/* @__PURE__ */BigInt(0),y=/* @__PURE__ */BigInt(1),p=/* @__PURE__ */BigInt(2);function m(t){return t instanceof Uint8Array||ArrayBuffer.isView(t)&&"Uint8Array"===t.constructor.name}function w(t){if(!m(t))throw Error("Uint8Array expected")}function B(t,e){if("boolean"!=typeof e)throw Error(t+" boolean expected, got "+e)}const E=/* @__PURE__ */Array.from({length:256},((t,e)=>e.toString(16).padStart(2,"0")));function x(t){w(t);let e="";for(let n=0;n<t.length;n++)e+=E[t[n]];return e}function I(t){const e=t.toString(16);return 1&e.length?"0"+e:e}function v(t){if("string"!=typeof t)throw Error("hex string expected, got "+typeof t);return""===t?b:BigInt("0x"+t)}const S={_0:48,_9:57,A:65,F:70,a:97,f:102};function A(t){return t>=S._0&&t<=S._9?t-S._0:t>=S.A&&t<=S.F?t-(S.A-10):t>=S.a&&t<=S.f?t-(S.a-10):void 0}function O(t){if("string"!=typeof t)throw Error("hex string expected, got "+typeof t);const e=t.length,n=e/2;if(e%2)throw Error("hex string expected, got unpadded hex of length "+e);const r=new Uint8Array(n);for(let e=0,f=0;e<n;e++,f+=2){const n=A(t.charCodeAt(f)),i=A(t.charCodeAt(f+1));if(void 0===n||void 0===i){const e=t[f]+t[f+1];throw Error('hex string expected, got non-hex character "'+e+'" at index '+f)}r[e]=16*n+i}return r}function R(t){return v(x(t))}function z(t){return w(t),v(x(Uint8Array.from(t).reverse()))}function q(t,e){return O(t.toString(16).padStart(2*e,"0"))}function P(t,e){return q(t,e).reverse()}function N(t,e,n){let r;if("string"==typeof e)try{r=O(e)}catch(e){throw Error(t+" must be hex string or Uint8Array, cause: "+e)}else{if(!m(e))throw Error(t+" must be hex string or Uint8Array");r=Uint8Array.from(e)}const f=r.length;if("number"==typeof n&&f!==n)throw Error(t+" of length "+n+" expected, got "+f);return r}function H(...t){let e=0;for(let n=0;n<t.length;n++){const r=t[n];w(r),e+=r.length}const n=new Uint8Array(e);for(let e=0,r=0;e<t.length;e++){const f=t[e];n.set(f,r),r+=f.length}return n}const L=t=>"bigint"==typeof t&&b<=t;function T(t,e,n){return L(t)&&L(e)&&L(n)&&e<=t&&t<n}function F(t,e,n,r){if(!T(e,n,r))throw Error("expected valid "+t+": "+n+" <= n < "+r+", got "+e)}function U(t){let e;for(e=0;t>b;t>>=y,e+=1);return e}const Z=t=>(p<<BigInt(t-1))-y,k=t=>new Uint8Array(t),G=t=>Uint8Array.from(t);function C(t,e,n){if("number"!=typeof t||t<2)throw Error("hashLen must be a number");if("number"!=typeof e||e<2)throw Error("qByteLen must be a number");if("function"!=typeof n)throw Error("hmacFn must be a function");let r=k(t),f=k(t),i=0;const o=()=>{r.fill(1),f.fill(0),i=0},s=(...t)=>n(f,r,...t),a=(t=k())=>{f=s(G([0]),t),r=s(),0!==t.length&&(f=s(G([1]),t),r=s())},c=()=>{if(i++>=1e3)throw Error("drbg: tried 1000 values");let t=0;const n=[];for(;t<e;){r=s();const e=r.slice();n.push(e),t+=r.length}return H(...n)};return(t,e)=>{let n;for(o(),a(t);!(n=e(c()));)a();return o(),n}}const j={bigint:t=>"bigint"==typeof t,function:t=>"function"==typeof t,boolean:t=>"boolean"==typeof t,string:t=>"string"==typeof t,stringOrUint8Array:t=>"string"==typeof t||m(t),isSafeInteger:t=>Number.isSafeInteger(t),array:t=>Array.isArray(t),field:(t,e)=>e.Fp.isValid(t),hash:t=>"function"==typeof t&&Number.isSafeInteger(t.outputLen)};function V(t,e,n={}){const r=(e,n,r)=>{const f=j[n];if("function"!=typeof f)throw Error("invalid validator function");const i=t[e];if(!(r&&void 0===i||f(i,t)))throw Error("param "+e+" is invalid. Expected "+n+", got "+i)};for(const[t,n]of Object.entries(e))r(t,n,!1);for(const[t,e]of Object.entries(n))r(t,e,!0);return t}function _(t){const e=new WeakMap;return(n,...r)=>{const f=e.get(n);if(void 0!==f)return f;const i=t(n,...r);return e.set(n,i),i}}var K=/*#__PURE__*/Object.freeze({__proto__:null,aInRange:F,abool:B,abytes:w,bitGet:function(t,e){return t>>BigInt(e)&y},bitLen:U,bitMask:Z,bitSet:function(t,e,n){return t|(n?y:b)<<BigInt(e)},bytesToHex:x,bytesToNumberBE:R,bytesToNumberLE:z,concatBytes:H,createHmacDrbg:C,ensureBytes:N,equalBytes:function(t,e){if(t.length!==e.length)return!1;let n=0;for(let r=0;r<t.length;r++)n|=t[r]^e[r];return 0===n},hexToBytes:O,hexToNumber:v,inRange:T,isBytes:m,memoized:_,notImplemented:()=>{throw Error("not implemented")},numberToBytesBE:q,numberToBytesLE:P,numberToHexUnpadded:I,numberToVarBytesBE:function(t){return O(I(t))},utf8ToBytes:function(t){if("string"!=typeof t)throw Error("string expected");return new Uint8Array((new TextEncoder).encode(t))},validateObject:V});
4
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Y=BigInt(0),M=BigInt(1),D=/* @__PURE__ */BigInt(2),W=/* @__PURE__ */BigInt(3),J=/* @__PURE__ */BigInt(4),Q=/* @__PURE__ */BigInt(5),X=/* @__PURE__ */BigInt(8);function $(t,e){const n=t%e;return n>=Y?n:e+n}function tt(t,e,n){if(e<Y)throw Error("invalid exponent, negatives unsupported");if(n<=Y)throw Error("invalid modulus");if(n===M)return Y;let r=M;for(;e>Y;)e&M&&(r=r*t%n),t=t*t%n,e>>=M;return r}function et(t,e,n){let r=t;for(;e-- >Y;)r*=r,r%=n;return r}function nt(t,e){if(t===Y)throw Error("invert: expected non-zero number");if(e<=Y)throw Error("invert: expected positive modulus, got "+e);let n=$(t,e),r=e,f=Y,i=M;for(;n!==Y;){const t=r%n,e=f-i*(r/n);r=n,n=t,f=i,i=e}if(r!==M)throw Error("invert: does not exist");return $(f,e)}function rt(t){if(t%J===W){const e=(t+M)/J;return function(t,n){const r=t.pow(n,e);if(!t.eql(t.sqr(r),n))throw Error("Cannot find square root");return r}}if(t%X===Q){const e=(t-Q)/X;return function(t,n){const r=t.mul(n,D),f=t.pow(r,e),i=t.mul(n,f),o=t.mul(t.mul(i,D),f),s=t.mul(i,t.sub(o,t.ONE));if(!t.eql(t.sqr(s),n))throw Error("Cannot find square root");return s}}return function(t){const e=(t-M)/D;let n,r,f;for(n=t-M,r=0;n%D===Y;n/=D,r++);for(f=D;f<t&&tt(f,e,t)!==t-M;f++)if(f>1e3)throw Error("Cannot find square root: likely non-prime P");if(1===r){const e=(t+M)/J;return function(t,n){const r=t.pow(n,e);if(!t.eql(t.sqr(r),n))throw Error("Cannot find square root");return r}}const i=(n+M)/D;return function(t,o){if(t.pow(o,e)===t.neg(t.ONE))throw Error("Cannot find square root");let s=r,a=t.pow(t.mul(t.ONE,f),n),c=t.pow(o,i),d=t.pow(o,n);for(;!t.eql(d,t.ONE);){if(t.eql(d,t.ZERO))return t.ZERO;let e=1;for(let n=t.sqr(d);e<s&&!t.eql(n,t.ONE);e++)n=t.sqr(n);const n=t.pow(a,M<<BigInt(s-e-1));a=t.sqr(n),c=t.mul(c,n),d=t.mul(d,a),s=e}return c}}(t)}const ft=["create","isValid","is0","neg","inv","sqrt","sqr","eql","add","sub","mul","pow","div","addN","subN","mulN","sqrN"];function it(t,e){const n=void 0!==e?e:t.toString(2).length;return{nBitLength:n,nByteLength:Math.ceil(n/8)}}function ot(t,e,n=!1,r={}){if(t<=Y)throw Error("invalid field: expected ORDER > 0, got "+t);const{nBitLength:f,nByteLength:i}=it(t,e);if(i>2048)throw Error("invalid field: expected ORDER of <= 2048 bytes");let o;const s=Object.freeze({ORDER:t,BITS:f,BYTES:i,MASK:Z(f),ZERO:Y,ONE:M,create:e=>$(e,t),isValid:e=>{if("bigint"!=typeof e)throw Error("invalid field element: expected bigint, got "+typeof e);return Y<=e&&e<t},is0:t=>t===Y,isOdd:t=>(t&M)===M,neg:e=>$(-e,t),eql:(t,e)=>t===e,sqr:e=>$(e*e,t),add:(e,n)=>$(e+n,t),sub:(e,n)=>$(e-n,t),mul:(e,n)=>$(e*n,t),pow:(t,e)=>function(t,e,n){if(n<Y)throw Error("invalid exponent, negatives unsupported");if(n===Y)return t.ONE;if(n===M)return e;let r=t.ONE,f=e;for(;n>Y;)n&M&&(r=t.mul(r,f)),f=t.sqr(f),n>>=M;return r}(s,t,e),div:(e,n)=>$(e*nt(n,t),t),sqrN:t=>t*t,addN:(t,e)=>t+e,subN:(t,e)=>t-e,mulN:(t,e)=>t*e,inv:e=>nt(e,t),sqrt:r.sqrt||(e=>(o||(o=rt(t)),o(s,e))),invertBatch:t=>function(t,e){const n=Array(e.length),r=e.reduce(((e,r,f)=>t.is0(r)?e:(n[f]=e,t.mul(e,r))),t.ONE),f=t.inv(r);return e.reduceRight(((e,r,f)=>t.is0(r)?e:(n[f]=t.mul(e,n[f]),t.mul(e,r))),f),n}(s,t),cmov:(t,e,n)=>n?e:t,toBytes:t=>n?P(t,i):q(t,i),fromBytes:t=>{if(t.length!==i)throw Error("Field.fromBytes: expected "+i+" bytes, got "+t.length);return n?z(t):R(t)}});return Object.freeze(s)}function st(t){if("bigint"!=typeof t)throw Error("field order must be bigint");const e=t.toString(2).length;return Math.ceil(e/8)}function at(t){const e=st(t);return e+Math.ceil(e/2)}
1
+ /*! OpenPGP.js v6.2.1 - 2025-08-28 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
2
+ "undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{h as t,a as e,b as f,i as r,c as n,d as o,H as i,e as s,t as c,f as a,g as d,r as u,s as l,j as h,k as b,l as g,m as p,n as y,o as m,p as B}from"./sha512.min.mjs";
3
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const w=/* @__PURE__ */BigInt(0),E=/* @__PURE__ */BigInt(1);function x(t,e=""){if("boolean"!=typeof t){throw Error((e&&`"${e}"`)+"expected boolean, got type="+typeof t)}return t}function v(t,e,f=""){const n=r(t),o=t?.length,i=void 0!==e;if(!n||i&&o!==e){throw Error((f&&`"${f}" `)+"expected Uint8Array"+(i?" of length "+e:"")+", got "+(n?"length="+o:"type="+typeof t))}return t}function I(t){const e=t.toString(16);return 1&e.length?"0"+e:e}function S(t){if("string"!=typeof t)throw Error("hex string expected, got "+typeof t);return""===t?w:BigInt("0x"+t)}function O(t){return S(f(t))}function R(t){return e(t),S(f(Uint8Array.from(t).reverse()))}function F(e,f){return t(e.toString(16).padStart(2*f,"0"))}function A(t,e){return F(t,e).reverse()}function q(e,f,n){let o;if("string"==typeof f)try{o=t(f)}catch(t){throw Error(e+" must be hex string or Uint8Array, cause: "+t)}else{if(!r(f))throw Error(e+" must be hex string or Uint8Array");o=Uint8Array.from(f)}const i=o.length;if("number"==typeof n&&i!==n)throw Error(e+" of length "+n+" expected, got "+i);return o}function Z(t){return Uint8Array.from(t)}const P=t=>"bigint"==typeof t&&w<=t;function K(t,e,f,r){if(!function(t,e,f){return P(t)&&P(e)&&P(f)&&e<=t&&t<f}(e,f,r))throw Error("expected valid "+t+": "+f+" <= n < "+r+", got "+e)}function N(t){let e;for(e=0;t>w;t>>=E,e+=1);return e}const U=t=>(E<<BigInt(t))-E;function V(t,e,f={}){if(!t||"object"!=typeof t)throw Error("expected valid options object");function r(e,f,r){const n=t[e];if(r&&void 0===n)return;const o=typeof n;if(o!==f||null===n)throw Error(`param "${e}" is invalid: expected ${f}, got ${o}`)}Object.entries(e).forEach((([t,e])=>r(t,e,!1))),Object.entries(f).forEach((([t,e])=>r(t,e,!0)))}function T(t){const e=new WeakMap;return(f,...r)=>{const n=e.get(f);if(void 0!==n)return n;const o=t(f,...r);return e.set(f,o),o}}
4
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const C=BigInt(0),k=BigInt(1),j=/* @__PURE__ */BigInt(2),L=/* @__PURE__ */BigInt(3),G=/* @__PURE__ */BigInt(4),H=/* @__PURE__ */BigInt(5),Y=/* @__PURE__ */BigInt(7),z=/* @__PURE__ */BigInt(8),_=/* @__PURE__ */BigInt(9),D=/* @__PURE__ */BigInt(16);function X(t,e){const f=t%e;return f>=C?f:e+f}function M(t,e,f){let r=t;for(;e-- >C;)r*=r,r%=f;return r}function $(t,e){if(t===C)throw Error("invert: expected non-zero number");if(e<=C)throw Error("invert: expected positive modulus, got "+e);let f=X(t,e),r=e,n=C,o=k;for(;f!==C;){const t=r%f,e=n-o*(r/f);r=f,f=t,n=o,o=e}if(r!==k)throw Error("invert: does not exist");return X(n,e)}function W(t,e,f){if(!t.eql(t.sqr(e),f))throw Error("Cannot find square root")}function J(t,e){const f=(t.ORDER+k)/G,r=t.pow(e,f);return W(t,r,e),r}function Q(t,e){const f=(t.ORDER-H)/z,r=t.mul(e,j),n=t.pow(r,f),o=t.mul(e,n),i=t.mul(t.mul(o,j),n),s=t.mul(o,t.sub(i,t.ONE));return W(t,s,e),s}function tt(t){if(t<L)throw Error("sqrt is not defined for small field");let e=t-k,f=0;for(;e%j===C;)e/=j,f++;let r=j;const n=it(t);for(;1===nt(n,r);)if(r++>1e3)throw Error("Cannot find square root: probably non-prime P");if(1===f)return J;let o=n.pow(r,e);const i=(e+k)/j;return function(t,r){if(t.is0(r))return r;if(1!==nt(t,r))throw Error("Cannot find square root");let n=f,s=t.mul(t.ONE,o),c=t.pow(r,e),a=t.pow(r,i);for(;!t.eql(c,t.ONE);){if(t.is0(c))return t.ZERO;let e=1,f=t.sqr(c);for(;!t.eql(f,t.ONE);)if(e++,f=t.sqr(f),e===n)throw Error("Cannot find square root");const r=k<<BigInt(n-e-1),o=t.pow(s,r);n=e,s=t.sqr(o),c=t.mul(c,s),a=t.mul(a,o)}return a}}function et(t){return t%G===L?J:t%z===H?Q:t%D===_?function(t){const e=it(t),f=tt(t),r=f(e,e.neg(e.ONE)),n=f(e,r),o=f(e,e.neg(r)),i=(t+Y)/D;return(t,e)=>{let f=t.pow(e,i),s=t.mul(f,r);const c=t.mul(f,n),a=t.mul(f,o),d=t.eql(t.sqr(s),e),u=t.eql(t.sqr(c),e);f=t.cmov(f,s,d),s=t.cmov(a,c,u);const l=t.eql(t.sqr(s),e),h=t.cmov(f,s,l);return W(t,h,e),h}}(t):tt(t)}const ft=["create","isValid","is0","neg","inv","sqrt","sqr","eql","add","sub","mul","pow","div","addN","subN","mulN","sqrN"];function rt(t,e,f=!1){const r=Array(e.length).fill(f?t.ZERO:void 0),n=e.reduce(((e,f,n)=>t.is0(f)?e:(r[n]=e,t.mul(e,f))),t.ONE),o=t.inv(n);return e.reduceRight(((e,f,n)=>t.is0(f)?e:(r[n]=t.mul(e,r[n]),t.mul(e,f))),o),r}function nt(t,e){const f=(t.ORDER-k)/j,r=t.pow(e,f),n=t.eql(r,t.ONE),o=t.eql(r,t.ZERO),i=t.eql(r,t.neg(t.ONE));if(!n&&!o&&!i)throw Error("invalid Legendre symbol result");return n?1:o?0:-1}function ot(t,e){void 0!==e&&o(e);const f=void 0!==e?e:t.toString(2).length;return{nBitLength:f,nByteLength:Math.ceil(f/8)}}function it(t,e,f=!1,r={}){if(t<=C)throw Error("invalid field: expected ORDER > 0, got "+t);let n,o,i,s=!1;if("object"==typeof e&&null!=e){if(r.sqrt||f)throw Error("cannot specify opts in two arguments");const t=e;t.BITS&&(n=t.BITS),t.sqrt&&(o=t.sqrt),"boolean"==typeof t.isLE&&(f=t.isLE),"boolean"==typeof t.modFromBytes&&(s=t.modFromBytes),i=t.allowedLengths}else"number"==typeof e&&(n=e),r.sqrt&&(o=r.sqrt);const{nBitLength:c,nByteLength:a}=ot(t,n);if(a>2048)throw Error("invalid field: expected ORDER of <= 2048 bytes");let d;const u=Object.freeze({ORDER:t,isLE:f,BITS:c,BYTES:a,MASK:U(c),ZERO:C,ONE:k,allowedLengths:i,create:e=>X(e,t),isValid:e=>{if("bigint"!=typeof e)throw Error("invalid field element: expected bigint, got "+typeof e);return C<=e&&e<t},is0:t=>t===C,isValidNot0:t=>!u.is0(t)&&u.isValid(t),isOdd:t=>(t&k)===k,neg:e=>X(-e,t),eql:(t,e)=>t===e,sqr:e=>X(e*e,t),add:(e,f)=>X(e+f,t),sub:(e,f)=>X(e-f,t),mul:(e,f)=>X(e*f,t),pow:(t,e)=>function(t,e,f){if(f<C)throw Error("invalid exponent, negatives unsupported");if(f===C)return t.ONE;if(f===k)return e;let r=t.ONE,n=e;for(;f>C;)f&k&&(r=t.mul(r,n)),n=t.sqr(n),f>>=k;return r}(u,t,e),div:(e,f)=>X(e*$(f,t),t),sqrN:t=>t*t,addN:(t,e)=>t+e,subN:(t,e)=>t-e,mulN:(t,e)=>t*e,inv:e=>$(e,t),sqrt:o||(e=>(d||(d=et(t)),d(u,e))),toBytes:t=>f?A(t,a):F(t,a),fromBytes:(e,r=!0)=>{if(i){if(!i.includes(e.length)||e.length>a)throw Error("Field.fromBytes: expected "+i+" bytes, got "+e.length);const t=new Uint8Array(a);t.set(e,f?0:t.length-e.length),e=t}if(e.length!==a)throw Error("Field.fromBytes: expected "+a+" bytes, got "+e.length);let n=f?R(e):O(e);if(s&&(n=X(n,t)),!r&&!u.isValid(n))throw Error("invalid field element: outside of range 0..ORDER");return n},invertBatch:t=>rt(u,t),cmov:(t,e,f)=>f?e:t});return Object.freeze(u)}function st(t){if("bigint"!=typeof t)throw Error("field order must be bigint");const e=t.toString(2).length;return Math.ceil(e/8)}function ct(t){const e=st(t);return e+Math.ceil(e/2)}class at extends i{constructor(t,e){super(),this.finished=!1,this.destroyed=!1,s(t);const f=c(e);if(this.iHash=t.create(),"function"!=typeof this.iHash.update)throw Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const r=this.blockLen,n=new Uint8Array(r);n.set(f.length>r?t.create().update(f).digest():f);for(let t=0;t<n.length;t++)n[t]^=54;this.iHash.update(n),this.oHash=t.create();for(let t=0;t<n.length;t++)n[t]^=106;this.oHash.update(n),a(n)}update(t){return d(this),this.iHash.update(t),this}digestInto(t){d(this),e(t,this.outputLen),this.finished=!0,this.iHash.digestInto(t),this.oHash.update(t),this.oHash.digestInto(t),this.destroy()}digest(){const t=new Uint8Array(this.oHash.outputLen);return this.digestInto(t),t}_cloneInto(t){t||(t=Object.create(Object.getPrototypeOf(this),{}));const{oHash:e,iHash:f,finished:r,destroyed:n,blockLen:o,outputLen:i}=this;return t.finished=r,t.destroyed=n,t.blockLen=o,t.outputLen=i,t.oHash=e._cloneInto(t.oHash),t.iHash=f._cloneInto(t.iHash),t}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const dt=(t,e,f)=>new at(t,e).update(f).digest();dt.create=(t,e)=>new at(t,e)
5
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */;const ut=BigInt(0),lt=BigInt(1);function ht(t,e){const f=e.negate();return t?f:e}function bt(t,e){const f=rt(t.Fp,e.map((t=>t.Z)));return e.map(((e,r)=>t.fromAffine(e.toAffine(f[r]))))}function gt(t,e){if(!Number.isSafeInteger(t)||t<=0||t>e)throw Error("invalid window size, expected [1.."+e+"], got W="+t)}function pt(t,e){gt(t,e);const f=2**t;return{windows:Math.ceil(e/t)+1,windowSize:2**(t-1),mask:U(t),maxNumber:f,shiftBy:BigInt(t)}}function yt(t,e,f){const{windowSize:r,mask:n,maxNumber:o,shiftBy:i}=f;let s=Number(t&n),c=t>>i;s>r&&(s-=o,c+=lt);const a=e*r;return{nextN:c,offset:a+Math.abs(s)-1,isZero:0===s,isNeg:s<0,isNegF:e%2!=0,offsetF:a}}const mt=new WeakMap,Bt=new WeakMap;function wt(t){return Bt.get(t)||1}function Et(t){if(t!==ut)throw Error("invalid wNAF")}class xt{constructor(t,e){this.BASE=t.BASE,this.ZERO=t.ZERO,this.Fn=t.Fn,this.bits=e}_unsafeLadder(t,e,f=this.ZERO){let r=t;for(;e>ut;)e&lt&&(f=f.add(r)),r=r.double(),e>>=lt;return f}precomputeWindow(t,e){const{windows:f,windowSize:r}=pt(e,this.bits),n=[];let o=t,i=o;for(let t=0;t<f;t++){i=o,n.push(i);for(let t=1;t<r;t++)i=i.add(o),n.push(i);o=i.double()}return n}wNAF(t,e,f){if(!this.Fn.isValid(f))throw Error("invalid scalar");let r=this.ZERO,n=this.BASE;const o=pt(t,this.bits);for(let t=0;t<o.windows;t++){const{nextN:i,offset:s,isZero:c,isNeg:a,isNegF:d,offsetF:u}=yt(f,t,o);f=i,c?n=n.add(ht(d,e[u])):r=r.add(ht(a,e[s]))}return Et(f),{p:r,f:n}}wNAFUnsafe(t,e,f,r=this.ZERO){const n=pt(t,this.bits);for(let t=0;t<n.windows&&f!==ut;t++){const{nextN:o,offset:i,isZero:s,isNeg:c}=yt(f,t,n);if(f=o,!s){const t=e[i];r=r.add(c?t.negate():t)}}return Et(f),r}getPrecomputes(t,e,f){let r=mt.get(e);return r||(r=this.precomputeWindow(e,t),1!==t&&("function"==typeof f&&(r=f(r)),mt.set(e,r))),r}cached(t,e,f){const r=wt(t);return this.wNAF(r,this.getPrecomputes(r,t,f),e)}unsafe(t,e,f,r){const n=wt(t);return 1===n?this._unsafeLadder(t,e,r):this.wNAFUnsafe(n,this.getPrecomputes(n,t,f),e,r)}createCache(t,e){gt(e,this.bits),Bt.set(t,e),mt.delete(t)}hasCache(t){return 1!==wt(t)}}function vt(t,e,f,r){!function(t,e){if(!Array.isArray(t))throw Error("array expected");t.forEach(((t,f)=>{if(!(t instanceof e))throw Error("invalid point at index "+f)}))}(f,t),function(t,e){if(!Array.isArray(t))throw Error("array of scalars expected");t.forEach(((t,f)=>{if(!e.isValid(t))throw Error("invalid scalar at index "+f)}))}(r,e);const n=f.length,o=r.length;if(n!==o)throw Error("arrays of points and scalars must have equal length");const i=t.ZERO,s=N(BigInt(n));let c=1;s>12?c=s-3:s>4?c=s-2:s>0&&(c=2);const a=U(c),d=Array(Number(a)+1).fill(i);let u=i;for(let t=Math.floor((e.BITS-1)/c)*c;t>=0;t-=c){d.fill(i);for(let e=0;e<o;e++){const n=r[e],o=Number(n>>BigInt(t)&a);d[o]=d[o].add(f[e])}let e=i;for(let t=d.length-1,f=i;t>0;t--)f=f.add(d[t]),e=e.add(f);if(u=u.add(e),0!==t)for(let t=0;t<c;t++)u=u.double()}return u}function It(t,e,f){if(e){if(e.ORDER!==t)throw Error("Field.ORDER must match order: Fp == p, Fn == n");return function(t){V(t,ft.reduce(((t,e)=>(t[e]="function",t)),{ORDER:"bigint",MASK:"bigint",BYTES:"number",BITS:"number"}))}(e),e}return it(t,{isLE:f})}function St(t,e,f={},r){if(void 0===r&&(r="edwards"===t),!e||"object"!=typeof e)throw Error(`expected valid ${t} CURVE object`);for(const t of["p","n","h"]){const f=e[t];if(!("bigint"==typeof f&&f>ut))throw Error(`CURVE.${t} must be positive bigint`)}const n=It(e.p,f.Fp,r),o=It(e.n,f.Fn,r),i=["Gx","Gy","a","weierstrass"===t?"b":"d"];for(const t of i)if(!n.isValid(e[t]))throw Error(`CURVE.${t} must be valid field element of CURVE.Fp`);return{CURVE:e=Object.freeze(Object.assign({},e)),Fp:n,Fn:o}}
6
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ot=(t,e)=>(t+(t>=0?e:-e)/Pt)/e;function Rt(t){if(!["compact","recovered","der"].includes(t))throw Error('Signature format must be "compact", "recovered", or "der"');return t}function Ft(t,e){const f={};for(let r of Object.keys(e))f[r]=void 0===t[r]?e[r]:t[r];return x(f.lowS,"lowS"),x(f.prehash,"prehash"),void 0!==f.format&&Rt(f.format),f}const At={Err:class extends Error{constructor(t=""){super(t)}},_tlv:{encode:(t,e)=>{const{Err:f}=At;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(1&e.length)throw new f("tlv.encode: unpadded data");const r=e.length/2,n=I(r);if(n.length/2&128)throw new f("tlv.encode: long form length too big");const o=r>127?I(n.length/2|128):"";return I(t)+o+n+e},decode(t,e){const{Err:f}=At;let r=0;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(e.length<2||e[r++]!==t)throw new f("tlv.decode: wrong tlv");const n=e[r++];let o=0;if(!!(128&n)){const t=127&n;if(!t)throw new f("tlv.decode(long): indefinite length not supported");if(t>4)throw new f("tlv.decode(long): byte length is too big");const i=e.subarray(r,r+t);if(i.length!==t)throw new f("tlv.decode: length bytes not complete");if(0===i[0])throw new f("tlv.decode(long): zero leftmost byte");for(const t of i)o=o<<8|t;if(r+=t,o<128)throw new f("tlv.decode(long): not minimal encoding")}else o=n;const i=e.subarray(r,r+o);if(i.length!==o)throw new f("tlv.decode: wrong value length");return{v:i,l:e.subarray(r+o)}}},_int:{encode(t){const{Err:e}=At;if(t<qt)throw new e("integer: negative integers are not allowed");let f=I(t);if(8&Number.parseInt(f[0],16)&&(f="00"+f),1&f.length)throw new e("unexpected DER parsing assertion: unpadded hex");return f},decode(t){const{Err:e}=At;if(128&t[0])throw new e("invalid signature integer: negative");if(0===t[0]&&!(128&t[1]))throw new e("invalid signature integer: unnecessary leading zero");return O(t)}},toSig(t){const{Err:e,_int:f,_tlv:r}=At,n=q("signature",t),{v:o,l:i}=r.decode(48,n);if(i.length)throw new e("invalid signature: left bytes after parsing");const{v:s,l:c}=r.decode(2,o),{v:a,l:d}=r.decode(2,c);if(d.length)throw new e("invalid signature: left bytes after parsing");return{r:f.decode(s),s:f.decode(a)}},hexFromSig(t){const{_tlv:e,_int:f}=At,r=e.encode(2,f.encode(t.r))+e.encode(2,f.encode(t.s));return e.encode(48,r)}},qt=BigInt(0),Zt=BigInt(1),Pt=BigInt(2),Kt=BigInt(3),Nt=BigInt(4);function Ut(t,e){const{BYTES:f}=t;let r;if("bigint"==typeof e)r=e;else{let n=q("private key",e);try{r=t.fromBytes(n)}catch(t){throw Error(`invalid private key: expected ui8a of size ${f}, got ${typeof e}`)}}if(!t.isValidNot0(r))throw Error("invalid private key: out of range [1..N-1]");return r}function Vt(t,e={}){const r=St("weierstrass",t,e),{Fp:o,Fn:i}=r;let s=r.CURVE;const{h:c,n:a}=s;V(e,{},{allowInfinityPoint:"boolean",clearCofactor:"function",isTorsionFree:"function",fromBytes:"function",toBytes:"function",endo:"object",wrapPrivateKey:"boolean"});const{endo:d}=e;if(d&&(!o.is0(s.a)||"bigint"!=typeof d.beta||!Array.isArray(d.basises)))throw Error('invalid endo: expected "beta": bigint and "basises": array');const u=Ct(o,i);function l(){if(!o.isOdd)throw Error("compression is not supported: Field does not have .isOdd()")}const h=e.toBytes||function(t,e,f){const{x:r,y:i}=e.toAffine(),s=o.toBytes(r);if(x(f,"isCompressed"),f){l();const t=!o.isOdd(i);return n(Tt(t),s)}return n(Uint8Array.of(4),s,o.toBytes(i))},b=e.fromBytes||function(t){v(t,void 0,"Point");const{publicKey:e,publicKeyUncompressed:f}=u,r=t.length,n=t[0],i=t.subarray(1);if(r!==e||2!==n&&3!==n){if(r===f&&4===n){const t=o.BYTES,e=o.fromBytes(i.subarray(0,t)),f=o.fromBytes(i.subarray(t,2*t));if(!p(e,f))throw Error("bad point: is not on curve");return{x:e,y:f}}throw Error(`bad point: got length ${r}, expected compressed=${e} or uncompressed=${f}`)}{const t=o.fromBytes(i);if(!o.isValid(t))throw Error("bad point: is not on curve, wrong x");const e=g(t);let f;try{f=o.sqrt(e)}catch(t){const e=t instanceof Error?": "+t.message:"";throw Error("bad point: is not on curve, sqrt error"+e)}l();return!(1&~n)!==o.isOdd(f)&&(f=o.neg(f)),{x:t,y:f}}};function g(t){const e=o.sqr(t),f=o.mul(e,t);return o.add(o.add(f,o.mul(t,s.a)),s.b)}function p(t,e){const f=o.sqr(e),r=g(t);return o.eql(f,r)}if(!p(s.Gx,s.Gy))throw Error("bad curve params: generator point");const y=o.mul(o.pow(s.a,Kt),Nt),m=o.mul(o.sqr(s.b),BigInt(27));if(o.is0(o.add(y,m)))throw Error("bad curve params: a or b");function B(t,e,f=!1){if(!o.isValid(e)||f&&o.is0(e))throw Error("bad point coordinate "+t);return e}function w(t){if(!(t instanceof R))throw Error("ProjectivePoint expected")}function E(t){if(!d||!d.basises)throw Error("no endo");return function(t,e,f){const[[r,n],[o,i]]=e,s=Ot(i*t,f),c=Ot(-n*t,f);let a=t-s*r-c*o,d=-s*n-c*i;const u=a<qt,l=d<qt;u&&(a=-a),l&&(d=-d);const h=U(Math.ceil(N(f)/2))+Zt;if(a<qt||a>=h||d<qt||d>=h)throw Error("splitScalar (endomorphism): failed, k="+t);return{k1neg:u,k1:a,k2neg:l,k2:d}}(t,d.basises,i.ORDER)}const I=T(((t,e)=>{const{X:f,Y:r,Z:n}=t;if(o.eql(n,o.ONE))return{x:f,y:r};const i=t.is0();null==e&&(e=i?o.ONE:o.inv(n));const s=o.mul(f,e),c=o.mul(r,e),a=o.mul(n,e);if(i)return{x:o.ZERO,y:o.ZERO};if(!o.eql(a,o.ONE))throw Error("invZ was invalid");return{x:s,y:c}})),S=T((t=>{if(t.is0()){if(e.allowInfinityPoint&&!o.is0(t.Y))return;throw Error("bad point: ZERO")}const{x:f,y:r}=t.toAffine();if(!o.isValid(f)||!o.isValid(r))throw Error("bad point: x or y not field elements");if(!p(f,r))throw Error("bad point: equation left != right");if(!t.isTorsionFree())throw Error("bad point: not in prime-order subgroup");return!0}));function O(t,e,f,r,n){return f=new R(o.mul(f.X,t),f.Y,f.Z),e=ht(r,e),f=ht(n,f),e.add(f)}class R{constructor(t,e,f){this.X=B("x",t),this.Y=B("y",e,!0),this.Z=B("z",f),Object.freeze(this)}static CURVE(){return s}static fromAffine(t){const{x:e,y:f}=t||{};if(!t||!o.isValid(e)||!o.isValid(f))throw Error("invalid affine point");if(t instanceof R)throw Error("projective point not allowed");return o.is0(e)&&o.is0(f)?R.ZERO:new R(e,f,o.ONE)}static fromBytes(t){const e=R.fromAffine(b(v(t,void 0,"point")));return e.assertValidity(),e}static fromHex(t){return R.fromBytes(q("pointHex",t))}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return A.createCache(this,t),e||this.multiply(Kt),this}assertValidity(){S(this)}hasEvenY(){const{y:t}=this.toAffine();if(!o.isOdd)throw Error("Field doesn't support isOdd");return!o.isOdd(t)}equals(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:s}=t,c=o.eql(o.mul(e,s),o.mul(n,r)),a=o.eql(o.mul(f,s),o.mul(i,r));return c&&a}negate(){return new R(this.X,o.neg(this.Y),this.Z)}double(){const{a:t,b:e}=s,f=o.mul(e,Kt),{X:r,Y:n,Z:i}=this;let c=o.ZERO,a=o.ZERO,d=o.ZERO,u=o.mul(r,r),l=o.mul(n,n),h=o.mul(i,i),b=o.mul(r,n);return b=o.add(b,b),d=o.mul(r,i),d=o.add(d,d),c=o.mul(t,d),a=o.mul(f,h),a=o.add(c,a),c=o.sub(l,a),a=o.add(l,a),a=o.mul(c,a),c=o.mul(b,c),d=o.mul(f,d),h=o.mul(t,h),b=o.sub(u,h),b=o.mul(t,b),b=o.add(b,d),d=o.add(u,u),u=o.add(d,u),u=o.add(u,h),u=o.mul(u,b),a=o.add(a,u),h=o.mul(n,i),h=o.add(h,h),u=o.mul(h,b),c=o.sub(c,u),d=o.mul(h,l),d=o.add(d,d),d=o.add(d,d),new R(c,a,d)}add(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:c}=t;let a=o.ZERO,d=o.ZERO,u=o.ZERO;const l=s.a,h=o.mul(s.b,Kt);let b=o.mul(e,n),g=o.mul(f,i),p=o.mul(r,c),y=o.add(e,f),m=o.add(n,i);y=o.mul(y,m),m=o.add(b,g),y=o.sub(y,m),m=o.add(e,r);let B=o.add(n,c);return m=o.mul(m,B),B=o.add(b,p),m=o.sub(m,B),B=o.add(f,r),a=o.add(i,c),B=o.mul(B,a),a=o.add(g,p),B=o.sub(B,a),u=o.mul(l,m),a=o.mul(h,p),u=o.add(a,u),a=o.sub(g,u),u=o.add(g,u),d=o.mul(a,u),g=o.add(b,b),g=o.add(g,b),p=o.mul(l,p),m=o.mul(h,m),g=o.add(g,p),p=o.sub(b,p),p=o.mul(l,p),m=o.add(m,p),b=o.mul(g,m),d=o.add(d,b),b=o.mul(B,m),a=o.mul(y,a),a=o.sub(a,b),b=o.mul(y,g),u=o.mul(B,u),u=o.add(u,b),new R(a,d,u)}subtract(t){return this.add(t.negate())}is0(){return this.equals(R.ZERO)}multiply(t){const{endo:f}=e;if(!i.isValidNot0(t))throw Error("invalid scalar: out of range");let r,n;const o=t=>A.cached(this,t,(t=>bt(R,t)));if(f){const{k1neg:e,k1:i,k2neg:s,k2:c}=E(t),{p:a,f:d}=o(i),{p:u,f:l}=o(c);n=d.add(l),r=O(f.beta,a,u,e,s)}else{const{p:e,f}=o(t);r=e,n=f}return bt(R,[r,n])[0]}multiplyUnsafe(t){const{endo:f}=e,r=this;if(!i.isValid(t))throw Error("invalid scalar: out of range");if(t===qt||r.is0())return R.ZERO;if(t===Zt)return r;if(A.hasCache(this))return this.multiply(t);if(f){const{k1neg:e,k1:n,k2neg:o,k2:i}=E(t),{p1:s,p2:c}=function(t,e,f,r){let n=e,o=t.ZERO,i=t.ZERO;for(;f>ut||r>ut;)f&lt&&(o=o.add(n)),r&lt&&(i=i.add(n)),n=n.double(),f>>=lt,r>>=lt;return{p1:o,p2:i}}(R,r,n,i);return O(f.beta,s,c,e,o)}return A.unsafe(r,t)}multiplyAndAddUnsafe(t,e,f){const r=this.multiplyUnsafe(e).add(t.multiplyUnsafe(f));return r.is0()?void 0:r}toAffine(t){return I(this,t)}isTorsionFree(){const{isTorsionFree:t}=e;return c===Zt||(t?t(R,this):A.unsafe(this,a).is0())}clearCofactor(){const{clearCofactor:t}=e;return c===Zt?this:t?t(R,this):this.multiplyUnsafe(c)}isSmallOrder(){return this.multiplyUnsafe(c).is0()}toBytes(t=!0){return x(t,"isCompressed"),this.assertValidity(),h(R,this,t)}toHex(t=!0){return f(this.toBytes(t))}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get px(){return this.X}get py(){return this.X}get pz(){return this.Z}toRawBytes(t=!0){return this.toBytes(t)}_setWindowSize(t){this.precompute(t)}static normalizeZ(t){return bt(R,t)}static msm(t,e){return vt(R,i,t,e)}static fromPrivateKey(t){return R.BASE.multiply(Ut(i,t))}}R.BASE=new R(s.Gx,s.Gy,o.ONE),R.ZERO=new R(o.ZERO,o.ONE,o.ZERO),R.Fp=o,R.Fn=i;const F=i.BITS,A=new xt(R,e.endo?Math.ceil(F/2):F);return R.BASE.precompute(8),R}function Tt(t){return Uint8Array.of(t?2:3)}function Ct(t,e){return{secretKey:e.BYTES,publicKey:1+t.BYTES,publicKeyUncompressed:1+2*t.BYTES,publicKeyHasPrefix:!0,signature:2*e.BYTES}}function kt(t,e={}){const{Fn:f}=t,r=e.randomBytes||u,n=Object.assign(Ct(t.Fp,f),{seed:ct(f.ORDER)});function o(t){try{return!!Ut(f,t)}catch(t){return!1}}function i(t=r(n.seed)){return function(t,e,f=!1){const r=t.length,n=st(e),o=ct(e);if(r<16||r<o||r>1024)throw Error("expected "+o+"-1024 bytes of input, got "+r);const i=X(f?R(t):O(t),e-k)+k;return f?A(i,n):F(i,n)}(v(t,n.seed,"seed"),f.ORDER)}function s(e,r=!0){return t.BASE.multiply(Ut(f,e)).toBytes(r)}function c(e){if("bigint"==typeof e)return!1;if(e instanceof t)return!0;const{secretKey:r,publicKey:o,publicKeyUncompressed:i}=n;if(f.allowedLengths||r===o)return;const s=q("key",e).length;return s===o||s===i}const a={isValidSecretKey:o,isValidPublicKey:function(e,f){const{publicKey:r,publicKeyUncompressed:o}=n;try{const n=e.length;return(!0!==f||n===r)&&((!1!==f||n===o)&&!!t.fromBytes(e))}catch(t){return!1}},randomSecretKey:i,isValidPrivateKey:o,randomPrivateKey:i,normPrivateKeyToScalar:t=>Ut(f,t),precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({getPublicKey:s,getSharedSecret:function(e,r,n=!0){if(!0===c(e))throw Error("first arg must be private key");if(!1===c(r))throw Error("second arg must be public key");const o=Ut(f,e);return t.fromHex(r).multiply(o).toBytes(n)},keygen:function(t){const e=i(t);return{secretKey:e,publicKey:s(e)}},Point:t,utils:a,lengths:n})}function jt(e,o,i={}){s(o),V(i,{},{hmac:"function",lowS:"boolean",randomBytes:"function",bits2int:"function",bits2int_modN:"function"});const c=i.randomBytes||u,a=i.hmac||((t,...e)=>dt(o,t,n(...e))),{Fp:d,Fn:l}=e,{ORDER:h,BITS:b}=l,{keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B}=kt(e,i),w={prehash:!1,lowS:"boolean"==typeof i.lowS&&i.lowS,format:void 0,extraEntropy:!1},E="compact";function x(t){return t>h>>Zt}function I(t,e){if(!l.isValidNot0(e))throw Error(`invalid signature ${t}: out of range 1..Point.Fn.ORDER`);return e}class S{constructor(t,e,f){this.r=I("r",t),this.s=I("s",e),null!=f&&(this.recovery=f),Object.freeze(this)}static fromBytes(t,e=E){let f;if(function(t,e){Rt(e);const f=B.signature;v(t,"compact"===e?f:"recovered"===e?f+1:void 0,e+" signature")}(t,e),"der"===e){const{r:e,s:f}=At.toSig(v(t));return new S(e,f)}"recovered"===e&&(f=t[0],e="compact",t=t.subarray(1));const r=l.BYTES,n=t.subarray(0,r),o=t.subarray(r,2*r);return new S(l.fromBytes(n),l.fromBytes(o),f)}static fromHex(e,f){return this.fromBytes(t(e),f)}addRecoveryBit(t){return new S(this.r,this.s,t)}recoverPublicKey(t){const f=d.ORDER,{r,s:o,recovery:i}=this;if(null==i||![0,1,2,3].includes(i))throw Error("recovery id invalid");if(h*Pt<f&&i>1)throw Error("recovery id is ambiguous for h>1 curve");const s=2===i||3===i?r+h:r;if(!d.isValid(s))throw Error("recovery id 2 or 3 invalid");const c=d.toBytes(s),a=e.fromBytes(n(Tt(!(1&i)),c)),u=l.inv(s),b=F(q("msgHash",t)),g=l.create(-b*u),p=l.create(o*u),y=e.BASE.multiplyUnsafe(g).add(a.multiplyUnsafe(p));if(y.is0())throw Error("point at infinify");return y.assertValidity(),y}hasHighS(){return x(this.s)}toBytes(e=E){if(Rt(e),"der"===e)return t(At.hexFromSig(this));const f=l.toBytes(this.r),r=l.toBytes(this.s);if("recovered"===e){if(null==this.recovery)throw Error("recovery bit must be present");return n(Uint8Array.of(this.recovery),f,r)}return n(f,r)}toHex(t){return f(this.toBytes(t))}assertValidity(){}static fromCompact(t){return S.fromBytes(q("sig",t),"compact")}static fromDER(t){return S.fromBytes(q("sig",t),"der")}normalizeS(){return this.hasHighS()?new S(this.r,l.neg(this.s),this.recovery):this}toDERRawBytes(){return this.toBytes("der")}toDERHex(){return f(this.toBytes("der"))}toCompactRawBytes(){return this.toBytes("compact")}toCompactHex(){return f(this.toBytes("compact"))}}const R=i.bits2int||function(t){if(t.length>8192)throw Error("input is too large");const e=O(t),f=8*t.length-b;return f>0?e>>BigInt(f):e},F=i.bits2int_modN||function(t){return l.create(R(t))},A=U(b);function Z(t){return K("num < 2^"+b,t,qt,A),l.toBytes(t)}function P(t,e){return v(t,void 0,"message"),e?v(o(t),void 0,"prehashed message"):t}return Object.freeze({keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B,Point:e,sign:function(t,f,r={}){t=q("message",t);const{seed:i,k2sig:s}=function(t,f,r){if(["recovered","canonical"].some((t=>t in r)))throw Error("sign() legacy options not supported");const{lowS:o,prehash:i,extraEntropy:s}=Ft(r,w);t=P(t,i);const a=F(t),d=Ut(l,f),u=[Z(d),Z(a)];if(null!=s&&!1!==s){const t=!0===s?c(B.secretKey):s;u.push(q("extraEntropy",t))}const h=n(...u),b=a;return{seed:h,k2sig:function(t){const f=R(t);if(!l.isValidNot0(f))return;const r=l.inv(f),n=e.BASE.multiply(f).toAffine(),i=l.create(n.x);if(i===qt)return;const s=l.create(r*l.create(b+i*d));if(s===qt)return;let c=(n.x===i?0:2)|Number(n.y&Zt),a=s;return o&&x(s)&&(a=l.neg(s),c^=1),new S(i,a,c)}}}(t,f,r);return function(t,e,f){if("number"!=typeof t||t<2)throw Error("hashLen must be a number");if("number"!=typeof e||e<2)throw Error("qByteLen must be a number");if("function"!=typeof f)throw Error("hmacFn must be a function");const r=t=>new Uint8Array(t),o=t=>Uint8Array.of(t);let i=r(t),s=r(t),c=0;const a=()=>{i.fill(1),s.fill(0),c=0},d=(...t)=>f(s,i,...t),u=(t=r(0))=>{s=d(o(0),t),i=d(),0!==t.length&&(s=d(o(1),t),i=d())},l=()=>{if(c++>=1e3)throw Error("drbg: tried 1000 values");let t=0;const f=[];for(;t<e;){i=d();const e=i.slice();f.push(e),t+=i.length}return n(...f)};return(t,e)=>{let f;for(a(),u(t);!(f=e(l()));)u();return a(),f}}(o.outputLen,l.BYTES,a)(i,s)},verify:function(t,f,n,o={}){const{lowS:i,prehash:s,format:c}=Ft(o,w);if(n=q("publicKey",n),f=P(q("message",f),s),"strict"in o)throw Error("options.strict was renamed to lowS");const a=void 0===c?function(t){let e;const f="string"==typeof t||r(t),n=!f&&null!==t&&"object"==typeof t&&"bigint"==typeof t.r&&"bigint"==typeof t.s;if(!f&&!n)throw Error("invalid signature, expected Uint8Array, hex string or Signature instance");if(n)e=new S(t.r,t.s);else if(f){try{e=S.fromBytes(q("sig",t),"der")}catch(t){if(!(t instanceof At.Err))throw t}if(!e)try{e=S.fromBytes(q("sig",t),"compact")}catch(t){return!1}}return e||!1}(t):S.fromBytes(q("sig",t),c);if(!1===a)return!1;try{const t=e.fromBytes(n);if(i&&a.hasHighS())return!1;const{r,s:o}=a,s=F(f),c=l.inv(o),d=l.create(s*c),u=l.create(r*c),h=e.BASE.multiplyUnsafe(d).add(t.multiplyUnsafe(u));if(h.is0())return!1;return l.create(h.x)===r}catch(t){return!1}},recoverPublicKey:function(t,e,f={}){const{prehash:r}=Ft(f,w);return e=P(e,r),S.fromBytes(t,"recovered").recoverPublicKey(e).toBytes()},Signature:S,hash:o})}function Lt(t){const{CURVE:e,curveOpts:f}=function(t){const e={a:t.a,b:t.b,p:t.Fp.ORDER,n:t.n,h:t.h,Gx:t.Gx,Gy:t.Gy},f=t.Fp;let r=t.allowedPrivateKeyLengths?Array.from(new Set(t.allowedPrivateKeyLengths.map((t=>Math.ceil(t/2))))):void 0;return{CURVE:e,curveOpts:{Fp:f,Fn:it(e.n,{BITS:t.nBitLength,allowedLengths:r,modFromBytes:t.wrapPrivateKey}),allowInfinityPoint:t.allowInfinityPoint,endo:t.endo,isTorsionFree:t.isTorsionFree,clearCofactor:t.clearCofactor,fromBytes:t.fromBytes,toBytes:t.toBytes}}}(t),r={hmac:t.hmac,randomBytes:t.randomBytes,lowS:t.lowS,bits2int:t.bits2int,bits2int_modN:t.bits2int_modN};return{CURVE:e,curveOpts:f,hash:t.hash,ecdsaOpts:r}}function Gt(t){const{CURVE:e,curveOpts:f,hash:r,ecdsaOpts:n}=Lt(t);return function(t,e){const f=e.Point;return Object.assign({},e,{ProjectivePoint:f,CURVE:Object.assign({},t,ot(f.Fn.ORDER,f.Fn.BITS))})}(t,jt(Vt(e,f),r,n))}
7
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function Ht(t,e){const f=e=>Gt({...t,hash:e});return{...f(e),create:f}}
8
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Yt={p:BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"),n:BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),h:BigInt(1),a:BigInt("0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc"),b:BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b"),Gx:BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),Gy:BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5")},zt={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"),n:BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),h:BigInt(1),a:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc"),b:BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef"),Gx:BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),Gy:BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f")},_t={p:BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"),n:BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),h:BigInt(1),a:BigInt("0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"),b:BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00"),Gx:BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),Gy:BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650")},Dt=it(Yt.p),Xt=it(zt.p),Mt=it(_t.p),$t=Ht({...Yt,Fp:Dt,lowS:!1},l),Wt=Ht({...zt,Fp:Xt,lowS:!1},h),Jt=Ht({..._t,Fp:Mt,lowS:!1,allowedPrivateKeyLengths:[130,131,132]},b),Qt=BigInt(0),te=BigInt(1),ee=BigInt(2),fe=BigInt(8);function re(t,e={}){const r=St("edwards",t,e,e.FpFnLE),{Fp:n,Fn:o}=r;let i=r.CURVE;const{h:s}=i;V(e,{},{uvRatio:"function"});const c=ee<<BigInt(8*o.BYTES)-te,a=t=>n.create(t),d=e.uvRatio||((t,e)=>{try{return{isValid:!0,value:n.sqrt(n.div(t,e))}}catch(t){return{isValid:!1,value:Qt}}});if(!function(t,e,f,r){const n=t.sqr(f),o=t.sqr(r),i=t.add(t.mul(e.a,n),o),s=t.add(t.ONE,t.mul(e.d,t.mul(n,o)));return t.eql(i,s)}(n,i,i.Gx,i.Gy))throw Error("bad curve params: generator point");function u(t,e,f=!1){return K("coordinate "+t,e,f?te:Qt,c),e}function l(t){if(!(t instanceof g))throw Error("ExtendedPoint expected")}const h=T(((t,e)=>{const{X:f,Y:r,Z:o}=t,i=t.is0();null==e&&(e=i?fe:n.inv(o));const s=a(f*e),c=a(r*e),d=n.mul(o,e);if(i)return{x:Qt,y:te};if(d!==te)throw Error("invZ was invalid");return{x:s,y:c}})),b=T((t=>{const{a:e,d:f}=i;if(t.is0())throw Error("bad point: ZERO");const{X:r,Y:n,Z:o,T:s}=t,c=a(r*r),d=a(n*n),u=a(o*o),l=a(u*u),h=a(c*e);if(a(u*a(h+d))!==a(l+a(f*a(c*d))))throw Error("bad point: equation left != right (1)");if(a(r*n)!==a(o*s))throw Error("bad point: equation left != right (2)");return!0}));class g{constructor(t,e,f,r){this.X=u("x",t),this.Y=u("y",e),this.Z=u("z",f,!0),this.T=u("t",r),Object.freeze(this)}static CURVE(){return i}static fromAffine(t){if(t instanceof g)throw Error("extended point not allowed");const{x:e,y:f}=t||{};return u("x",e),u("y",f),new g(e,f,te,a(e*f))}static fromBytes(t,e=!1){const f=n.BYTES,{a:r,d:o}=i;t=Z(v(t,f,"point")),x(e,"zip215");const s=Z(t),u=t[f-1];s[f-1]=-129&u;const l=R(s),h=e?c:n.ORDER;K("point.y",l,Qt,h);const b=a(l*l),p=a(b-te),y=a(o*b-r);let{isValid:m,value:B}=d(p,y);if(!m)throw Error("bad point: invalid y coordinate");const w=(B&te)===te,E=!!(128&u);if(!e&&B===Qt&&E)throw Error("bad point: x=0 and x_0=1");return E!==w&&(B=a(-B)),g.fromAffine({x:B,y:l})}static fromHex(t,e=!1){return g.fromBytes(q("point",t),e)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return p.createCache(this,t),e||this.multiply(ee),this}assertValidity(){b(this)}equals(t){l(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:o,Z:i}=t,s=a(e*i),c=a(n*r),d=a(f*i),u=a(o*r);return s===c&&d===u}is0(){return this.equals(g.ZERO)}negate(){return new g(a(-this.X),this.Y,this.Z,a(-this.T))}double(){const{a:t}=i,{X:e,Y:f,Z:r}=this,n=a(e*e),o=a(f*f),s=a(ee*a(r*r)),c=a(t*n),d=e+f,u=a(a(d*d)-n-o),l=c+o,h=l-s,b=c-o,p=a(u*h),y=a(l*b),m=a(u*b),B=a(h*l);return new g(p,y,B,m)}add(t){l(t);const{a:e,d:f}=i,{X:r,Y:n,Z:o,T:s}=this,{X:c,Y:d,Z:u,T:h}=t,b=a(r*c),p=a(n*d),y=a(s*f*h),m=a(o*u),B=a((r+n)*(c+d)-b-p),w=m-y,E=m+y,x=a(p-e*b),v=a(B*w),I=a(E*x),S=a(B*x),O=a(w*E);return new g(v,I,O,S)}subtract(t){return this.add(t.negate())}multiply(t){if(!o.isValidNot0(t))throw Error("invalid scalar: expected 1 <= sc < curve.n");const{p:e,f}=p.cached(this,t,(t=>bt(g,t)));return bt(g,[e,f])[0]}multiplyUnsafe(t,e=g.ZERO){if(!o.isValid(t))throw Error("invalid scalar: expected 0 <= sc < curve.n");return t===Qt?g.ZERO:this.is0()||t===te?this:p.unsafe(this,t,(t=>bt(g,t)),e)}isSmallOrder(){return this.multiplyUnsafe(s).is0()}isTorsionFree(){return p.unsafe(this,i.n).is0()}toAffine(t){return h(this,t)}clearCofactor(){return s===te?this:this.multiplyUnsafe(s)}toBytes(){const{x:t,y:e}=this.toAffine(),f=n.toBytes(e);return f[f.length-1]|=t&te?128:0,f}toHex(){return f(this.toBytes())}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get ex(){return this.X}get ey(){return this.Y}get ez(){return this.Z}get et(){return this.T}static normalizeZ(t){return bt(g,t)}static msm(t,e){return vt(g,o,t,e)}_setWindowSize(t){this.precompute(t)}toRawBytes(){return this.toBytes()}}g.BASE=new g(i.Gx,i.Gy,te,a(i.Gx*i.Gy)),g.ZERO=new g(Qt,te,te,Qt),g.Fp=n,g.Fn=o;const p=new xt(g,o.BITS);return g.BASE.precompute(8),g}function ne(t,e,f={}){if("function"!=typeof e)throw Error('"hash" function param is required');V(f,{},{adjustScalarBytes:"function",randomBytes:"function",domain:"function",prehash:"function",mapToCurve:"function"});const{prehash:o}=f,{BASE:i,Fp:s,Fn:c}=t,a=f.randomBytes||u,d=f.adjustScalarBytes||(t=>t),l=f.domain||((t,e,f)=>{if(x(f,"phflag"),e.length||f)throw Error("Contexts/pre-hash are not supported");return t});function h(t){return c.create(R(t))}function b(t){const{head:f,prefix:r,scalar:n}=function(t){const f=B.secretKey;t=q("private key",t,f);const r=q("hashed private key",e(t),2*f),n=d(r.slice(0,f));return{head:n,prefix:r.slice(f,2*f),scalar:h(n)}}(t),o=i.multiply(n),s=o.toBytes();return{head:f,prefix:r,scalar:n,point:o,pointBytes:s}}function g(t){return b(t).pointBytes}function p(t=Uint8Array.of(),...f){const r=n(...f);return h(e(l(r,q("context",t),!!o)))}const y={zip215:!0};const m=s.BYTES,B={secretKey:m,publicKey:m,signature:2*m,seed:m};function w(t=a(B.seed)){return v(t,B.seed,"seed")}const E={getExtendedPublicKey:b,randomSecretKey:w,isValidSecretKey:function(t){return r(t)&&t.length===c.BYTES},isValidPublicKey:function(e,f){try{return!!t.fromBytes(e,f)}catch(t){return!1}},toMontgomery(e){const{y:f}=t.fromBytes(e),r=B.publicKey,n=32===r;if(!n&&57!==r)throw Error("only defined for 25519 and 448");const o=n?s.div(te+f,te-f):s.div(f-te,f+te);return s.toBytes(o)},toMontgomeryPriv(t){const f=B.secretKey;v(t,f);const r=e(t.subarray(0,f));return d(r).subarray(0,f)},randomPrivateKey:w,precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({keygen:function(t){const e=E.randomSecretKey(t);return{secretKey:e,publicKey:g(e)}},getPublicKey:g,sign:function(t,e,f={}){t=q("message",t),o&&(t=o(t));const{prefix:r,scalar:s,pointBytes:a}=b(e),d=p(f.context,r,t),u=i.multiply(d).toBytes(),l=p(f.context,u,a,t),h=c.create(d+l*s);if(!c.isValid(h))throw Error("sign failed: invalid s");return v(n(u,c.toBytes(h)),B.signature,"result")},verify:function(e,f,r,n=y){const{context:s,zip215:c}=n,a=B.signature;e=q("signature",e,a),f=q("message",f),r=q("publicKey",r,B.publicKey),void 0!==c&&x(c,"zip215"),o&&(f=o(f));const d=a/2,u=e.subarray(0,d),l=R(e.subarray(d,a));let h,b,g;try{h=t.fromBytes(r,c),b=t.fromBytes(u,c),g=i.multiplyUnsafe(l)}catch(t){return!1}if(!c&&h.isSmallOrder())return!1;const m=p(s,b.toBytes(),h.toBytes(),f);return b.add(h.multiplyUnsafe(m)).subtract(g).clearCofactor().is0()},utils:E,Point:t,lengths:B})}
5
9
  /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
6
- const ct=BigInt(0),dt=BigInt(1);function ut(t,e){const n=e.negate();return t?n:e}function lt(t,e){if(!Number.isSafeInteger(t)||t<=0||t>e)throw Error("invalid window size, expected [1.."+e+"], got W="+t)}function ht(t,e){lt(t,e);return{windows:Math.ceil(e/t)+1,windowSize:2**(t-1)}}const gt=new WeakMap,bt=new WeakMap;function yt(t){return bt.get(t)||1}function pt(t,e){return{constTimeNegate:ut,hasPrecomputes:t=>1!==yt(t),unsafeLadder(e,n,r=t.ZERO){let f=e;for(;n>ct;)n&dt&&(r=r.add(f)),f=f.double(),n>>=dt;return r},precomputeWindow(t,n){const{windows:r,windowSize:f}=ht(n,e),i=[];let o=t,s=o;for(let t=0;t<r;t++){s=o,i.push(s);for(let t=1;t<f;t++)s=s.add(o),i.push(s);o=s.double()}return i},wNAF(n,r,f){const{windows:i,windowSize:o}=ht(n,e);let s=t.ZERO,a=t.BASE;const c=BigInt(2**n-1),d=2**n,u=BigInt(n);for(let t=0;t<i;t++){const e=t*o;let n=Number(f&c);f>>=u,n>o&&(n-=d,f+=dt);const i=e,l=e+Math.abs(n)-1,h=t%2!=0,g=n<0;0===n?a=a.add(ut(h,r[i])):s=s.add(ut(g,r[l]))}return{p:s,f:a}},wNAFUnsafe(n,r,f,i=t.ZERO){const{windows:o,windowSize:s}=ht(n,e),a=BigInt(2**n-1),c=2**n,d=BigInt(n);for(let t=0;t<o;t++){const e=t*s;if(f===ct)break;let n=Number(f&a);if(f>>=d,n>s&&(n-=c,f+=dt),0===n)continue;let o=r[e+Math.abs(n)-1];n<0&&(o=o.negate()),i=i.add(o)}return i},getPrecomputes(t,e,n){let r=gt.get(e);return r||(r=this.precomputeWindow(e,t),1!==t&&gt.set(e,n(r))),r},wNAFCached(t,e,n){const r=yt(t);return this.wNAF(r,this.getPrecomputes(r,t,n),e)},wNAFCachedUnsafe(t,e,n,r){const f=yt(t);return 1===f?this.unsafeLadder(t,e,r):this.wNAFUnsafe(f,this.getPrecomputes(f,t,n),e,r)},setWindowSize(t,n){lt(n,e),bt.set(t,n),gt.delete(t)}}}function mt(t,e,n,r){if(function(t,e){if(!Array.isArray(t))throw Error("array expected");t.forEach(((t,n)=>{if(!(t instanceof e))throw Error("invalid point at index "+n)}))}(n,t),function(t,e){if(!Array.isArray(t))throw Error("array of scalars expected");t.forEach(((t,n)=>{if(!e.isValid(t))throw Error("invalid scalar at index "+n)}))}(r,e),n.length!==r.length)throw Error("arrays of points and scalars must have equal length");const f=t.ZERO,i=U(BigInt(n.length)),o=i>12?i-3:i>4?i-2:i?2:1,s=(1<<o)-1,a=Array(s+1).fill(f);let c=f;for(let t=Math.floor((e.BITS-1)/o)*o;t>=0;t-=o){a.fill(f);for(let e=0;e<r.length;e++){const f=r[e],i=Number(f>>BigInt(t)&BigInt(s));a[i]=a[i].add(n[e])}let e=f;for(let t=a.length-1,n=f;t>0;t--)n=n.add(a[t]),e=e.add(n);if(c=c.add(e),0!==t)for(let t=0;t<o;t++)c=c.double()}return c}function wt(t){return V(t.Fp,ft.reduce(((t,e)=>(t[e]="function",t)),{ORDER:"bigint",MASK:"bigint",BYTES:"isSafeInteger",BITS:"isSafeInteger"})),V(t,{n:"bigint",h:"bigint",Gx:"field",Gy:"field"},{nBitLength:"isSafeInteger",nByteLength:"isSafeInteger"}),Object.freeze({...it(t.n,t.nBitLength),...t,p:t.Fp.ORDER})}
7
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function Bt(t){void 0!==t.lowS&&B("lowS",t.lowS),void 0!==t.prehash&&B("prehash",t.prehash)}const{bytesToNumberBE:Et,hexToBytes:xt}=K,It={Err:class extends Error{constructor(t=""){super(t)}},_tlv:{encode:(t,e)=>{const{Err:n}=It;if(t<0||t>256)throw new n("tlv.encode: wrong tag");if(1&e.length)throw new n("tlv.encode: unpadded data");const r=e.length/2,f=I(r);if(f.length/2&128)throw new n("tlv.encode: long form length too big");const i=r>127?I(f.length/2|128):"";return I(t)+i+f+e},decode(t,e){const{Err:n}=It;let r=0;if(t<0||t>256)throw new n("tlv.encode: wrong tag");if(e.length<2||e[r++]!==t)throw new n("tlv.decode: wrong tlv");const f=e[r++];let i=0;if(!!(128&f)){const t=127&f;if(!t)throw new n("tlv.decode(long): indefinite length not supported");if(t>4)throw new n("tlv.decode(long): byte length is too big");const o=e.subarray(r,r+t);if(o.length!==t)throw new n("tlv.decode: length bytes not complete");if(0===o[0])throw new n("tlv.decode(long): zero leftmost byte");for(const t of o)i=i<<8|t;if(r+=t,i<128)throw new n("tlv.decode(long): not minimal encoding")}else i=f;const o=e.subarray(r,r+i);if(o.length!==i)throw new n("tlv.decode: wrong value length");return{v:o,l:e.subarray(r+i)}}},_int:{encode(t){const{Err:e}=It;if(t<vt)throw new e("integer: negative integers are not allowed");let n=I(t);if(8&Number.parseInt(n[0],16)&&(n="00"+n),1&n.length)throw new e("unexpected DER parsing assertion: unpadded hex");return n},decode(t){const{Err:e}=It;if(128&t[0])throw new e("invalid signature integer: negative");if(0===t[0]&&!(128&t[1]))throw new e("invalid signature integer: unnecessary leading zero");return Et(t)}},toSig(t){const{Err:e,_int:n,_tlv:r}=It,f="string"==typeof t?xt(t):t;w(f);const{v:i,l:o}=r.decode(48,f);if(o.length)throw new e("invalid signature: left bytes after parsing");const{v:s,l:a}=r.decode(2,i),{v:c,l:d}=r.decode(2,a);if(d.length)throw new e("invalid signature: left bytes after parsing");return{r:n.decode(s),s:n.decode(c)}},hexFromSig(t){const{_tlv:e,_int:n}=It,r=e.encode(2,n.encode(t.r))+e.encode(2,n.encode(t.s));return e.encode(48,r)}},vt=BigInt(0),St=BigInt(1);BigInt(2);const At=BigInt(3);function Ot(t){const e=function(t){const e=wt(t);V(e,{a:"field",b:"field"},{allowedPrivateKeyLengths:"array",wrapPrivateKey:"boolean",isTorsionFree:"function",clearCofactor:"function",allowInfinityPoint:"boolean",fromBytes:"function",toBytes:"function"});const{endo:n,Fp:r,a:f}=e;if(n){if(!r.eql(f,r.ZERO))throw Error("invalid endomorphism, can only be defined for Koblitz curves that have a=0");if("object"!=typeof n||"bigint"!=typeof n.beta||"function"!=typeof n.splitScalar)throw Error("invalid endomorphism, expected beta: bigint and splitScalar: function")}return Object.freeze({...e})}(t),{Fp:n}=e,r=ot(e.n,e.nBitLength),f=e.toBytes||((t,e,r)=>{const f=e.toAffine();return H(Uint8Array.from([4]),n.toBytes(f.x),n.toBytes(f.y))}),i=e.fromBytes||(t=>{const e=t.subarray(1);return{x:n.fromBytes(e.subarray(0,n.BYTES)),y:n.fromBytes(e.subarray(n.BYTES,2*n.BYTES))}});function o(t){const{a:r,b:f}=e,i=n.sqr(t),o=n.mul(i,t);return n.add(n.add(o,n.mul(t,r)),f)}if(!n.eql(n.sqr(e.Gy),o(e.Gx)))throw Error("bad generator point: equation left != right");function s(t){const{allowedPrivateKeyLengths:n,nByteLength:r,wrapPrivateKey:f,n:i}=e;if(n&&"bigint"!=typeof t){if(m(t)&&(t=x(t)),"string"!=typeof t||!n.includes(t.length))throw Error("invalid private key");t=t.padStart(2*r,"0")}let o;try{o="bigint"==typeof t?t:R(N("private key",t,r))}catch(e){throw Error("invalid private key, expected hex or "+r+" bytes, got "+typeof t)}return f&&(o=$(o,i)),F("private key",o,St,i),o}function a(t){if(!(t instanceof u))throw Error("ProjectivePoint expected")}const c=_(((t,e)=>{const{px:r,py:f,pz:i}=t;if(n.eql(i,n.ONE))return{x:r,y:f};const o=t.is0();null==e&&(e=o?n.ONE:n.inv(i));const s=n.mul(r,e),a=n.mul(f,e),c=n.mul(i,e);if(o)return{x:n.ZERO,y:n.ZERO};if(!n.eql(c,n.ONE))throw Error("invZ was invalid");return{x:s,y:a}})),d=_((t=>{if(t.is0()){if(e.allowInfinityPoint&&!n.is0(t.py))return;throw Error("bad point: ZERO")}const{x:r,y:f}=t.toAffine();if(!n.isValid(r)||!n.isValid(f))throw Error("bad point: x or y not FE");const i=n.sqr(f),s=o(r);if(!n.eql(i,s))throw Error("bad point: equation left != right");if(!t.isTorsionFree())throw Error("bad point: not in prime-order subgroup");return!0}));class u{constructor(t,e,r){if(this.px=t,this.py=e,this.pz=r,null==t||!n.isValid(t))throw Error("x required");if(null==e||!n.isValid(e))throw Error("y required");if(null==r||!n.isValid(r))throw Error("z required");Object.freeze(this)}static fromAffine(t){const{x:e,y:r}=t||{};if(!t||!n.isValid(e)||!n.isValid(r))throw Error("invalid affine point");if(t instanceof u)throw Error("projective point not allowed");const f=t=>n.eql(t,n.ZERO);return f(e)&&f(r)?u.ZERO:new u(e,r,n.ONE)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}static normalizeZ(t){const e=n.invertBatch(t.map((t=>t.pz)));return t.map(((t,n)=>t.toAffine(e[n]))).map(u.fromAffine)}static fromHex(t){const e=u.fromAffine(i(N("pointHex",t)));return e.assertValidity(),e}static fromPrivateKey(t){return u.BASE.multiply(s(t))}static msm(t,e){return mt(u,r,t,e)}_setWindowSize(t){h.setWindowSize(this,t)}assertValidity(){d(this)}hasEvenY(){const{y:t}=this.toAffine();if(n.isOdd)return!n.isOdd(t);throw Error("Field doesn't support isOdd")}equals(t){a(t);const{px:e,py:r,pz:f}=this,{px:i,py:o,pz:s}=t,c=n.eql(n.mul(e,s),n.mul(i,f)),d=n.eql(n.mul(r,s),n.mul(o,f));return c&&d}negate(){return new u(this.px,n.neg(this.py),this.pz)}double(){const{a:t,b:r}=e,f=n.mul(r,At),{px:i,py:o,pz:s}=this;let a=n.ZERO,c=n.ZERO,d=n.ZERO,l=n.mul(i,i),h=n.mul(o,o),g=n.mul(s,s),b=n.mul(i,o);return b=n.add(b,b),d=n.mul(i,s),d=n.add(d,d),a=n.mul(t,d),c=n.mul(f,g),c=n.add(a,c),a=n.sub(h,c),c=n.add(h,c),c=n.mul(a,c),a=n.mul(b,a),d=n.mul(f,d),g=n.mul(t,g),b=n.sub(l,g),b=n.mul(t,b),b=n.add(b,d),d=n.add(l,l),l=n.add(d,l),l=n.add(l,g),l=n.mul(l,b),c=n.add(c,l),g=n.mul(o,s),g=n.add(g,g),l=n.mul(g,b),a=n.sub(a,l),d=n.mul(g,h),d=n.add(d,d),d=n.add(d,d),new u(a,c,d)}add(t){a(t);const{px:r,py:f,pz:i}=this,{px:o,py:s,pz:c}=t;let d=n.ZERO,l=n.ZERO,h=n.ZERO;const g=e.a,b=n.mul(e.b,At);let y=n.mul(r,o),p=n.mul(f,s),m=n.mul(i,c),w=n.add(r,f),B=n.add(o,s);w=n.mul(w,B),B=n.add(y,p),w=n.sub(w,B),B=n.add(r,i);let E=n.add(o,c);return B=n.mul(B,E),E=n.add(y,m),B=n.sub(B,E),E=n.add(f,i),d=n.add(s,c),E=n.mul(E,d),d=n.add(p,m),E=n.sub(E,d),h=n.mul(g,B),d=n.mul(b,m),h=n.add(d,h),d=n.sub(p,h),h=n.add(p,h),l=n.mul(d,h),p=n.add(y,y),p=n.add(p,y),m=n.mul(g,m),B=n.mul(b,B),p=n.add(p,m),m=n.sub(y,m),m=n.mul(g,m),B=n.add(B,m),y=n.mul(p,B),l=n.add(l,y),y=n.mul(E,B),d=n.mul(w,d),d=n.sub(d,y),y=n.mul(w,p),h=n.mul(E,h),h=n.add(h,y),new u(d,l,h)}subtract(t){return this.add(t.negate())}is0(){return this.equals(u.ZERO)}wNAF(t){return h.wNAFCached(this,t,u.normalizeZ)}multiplyUnsafe(t){const{endo:r,n:f}=e;F("scalar",t,vt,f);const i=u.ZERO;if(t===vt)return i;if(this.is0()||t===St)return this;if(!r||h.hasPrecomputes(this))return h.wNAFCachedUnsafe(this,t,u.normalizeZ);let{k1neg:o,k1:s,k2neg:a,k2:c}=r.splitScalar(t),d=i,l=i,g=this;for(;s>vt||c>vt;)s&St&&(d=d.add(g)),c&St&&(l=l.add(g)),g=g.double(),s>>=St,c>>=St;return o&&(d=d.negate()),a&&(l=l.negate()),l=new u(n.mul(l.px,r.beta),l.py,l.pz),d.add(l)}multiply(t){const{endo:r,n:f}=e;let i,o;if(F("scalar",t,St,f),r){const{k1neg:e,k1:f,k2neg:s,k2:a}=r.splitScalar(t);let{p:c,f:d}=this.wNAF(f),{p:l,f:g}=this.wNAF(a);c=h.constTimeNegate(e,c),l=h.constTimeNegate(s,l),l=new u(n.mul(l.px,r.beta),l.py,l.pz),i=c.add(l),o=d.add(g)}else{const{p:e,f:n}=this.wNAF(t);i=e,o=n}return u.normalizeZ([i,o])[0]}multiplyAndAddUnsafe(t,e,n){const r=u.BASE,f=(t,e)=>e!==vt&&e!==St&&t.equals(r)?t.multiply(e):t.multiplyUnsafe(e),i=f(this,e).add(f(t,n));return i.is0()?void 0:i}toAffine(t){return c(this,t)}isTorsionFree(){const{h:t,isTorsionFree:n}=e;if(t===St)return!0;if(n)return n(u,this);throw Error("isTorsionFree() has not been declared for the elliptic curve")}clearCofactor(){const{h:t,clearCofactor:n}=e;return t===St?this:n?n(u,this):this.multiplyUnsafe(e.h)}toRawBytes(t=!0){return B("isCompressed",t),this.assertValidity(),f(u,this,t)}toHex(t=!0){return B("isCompressed",t),x(this.toRawBytes(t))}}u.BASE=new u(e.Gx,e.Gy,n.ONE),u.ZERO=new u(n.ZERO,n.ONE,n.ZERO);const l=e.nBitLength,h=pt(u,e.endo?Math.ceil(l/2):l);return{CURVE:e,ProjectivePoint:u,normPrivateKeyToScalar:s,weierstrassEquation:o,isWithinCurveOrder:function(t){return T(t,St,e.n)}}}function Rt(t){const e=function(t){const e=wt(t);return V(e,{hash:"hash",hmac:"function",randomBytes:"function"},{bits2int:"function",bits2int_modN:"function",lowS:"boolean"}),Object.freeze({lowS:!0,...e})}(t),{Fp:n,n:r}=e,f=n.BYTES+1,i=2*n.BYTES+1;function o(t){return $(t,r)}function s(t){return nt(t,r)}const{ProjectivePoint:a,normPrivateKeyToScalar:c,weierstrassEquation:d,isWithinCurveOrder:u}=Ot({...e,toBytes(t,e,r){const f=e.toAffine(),i=n.toBytes(f.x),o=H;return B("isCompressed",r),r?o(Uint8Array.from([e.hasEvenY()?2:3]),i):o(Uint8Array.from([4]),i,n.toBytes(f.y))},fromBytes(t){const e=t.length,r=t[0],o=t.subarray(1);if(e!==f||2!==r&&3!==r){if(e===i&&4===r){return{x:n.fromBytes(o.subarray(0,n.BYTES)),y:n.fromBytes(o.subarray(n.BYTES,2*n.BYTES))}}throw Error("invalid Point, expected length of "+f+", or uncompressed "+i+", got "+e)}{const t=R(o);if(!T(t,St,n.ORDER))throw Error("Point is not on curve");const e=d(t);let f;try{f=n.sqrt(e)}catch(t){const e=t instanceof Error?": "+t.message:"";throw Error("Point is not on curve"+e)}return!(1&~r)!==((f&St)===St)&&(f=n.neg(f)),{x:t,y:f}}}}),l=t=>x(q(t,e.nByteLength));function h(t){return t>r>>St}const g=(t,e,n)=>R(t.slice(e,n));class b{constructor(t,e,n){this.r=t,this.s=e,this.recovery=n,this.assertValidity()}static fromCompact(t){const n=e.nByteLength;return t=N("compactSignature",t,2*n),new b(g(t,0,n),g(t,n,2*n))}static fromDER(t){const{r:e,s:n}=It.toSig(N("DER",t));return new b(e,n)}assertValidity(){F("r",this.r,St,r),F("s",this.s,St,r)}addRecoveryBit(t){return new b(this.r,this.s,t)}recoverPublicKey(t){const{r,s:f,recovery:i}=this,c=E(N("msgHash",t));if(null==i||![0,1,2,3].includes(i))throw Error("recovery id invalid");const d=2===i||3===i?r+e.n:r;if(d>=n.ORDER)throw Error("recovery id 2 or 3 invalid");const u=1&i?"03":"02",h=a.fromHex(u+l(d)),g=s(d),b=o(-c*g),y=o(f*g),p=a.BASE.multiplyAndAddUnsafe(h,b,y);if(!p)throw Error("point at infinify");return p.assertValidity(),p}hasHighS(){return h(this.s)}normalizeS(){return this.hasHighS()?new b(this.r,o(-this.s),this.recovery):this}toDERRawBytes(){return O(this.toDERHex())}toDERHex(){return It.hexFromSig({r:this.r,s:this.s})}toCompactRawBytes(){return O(this.toCompactHex())}toCompactHex(){return l(this.r)+l(this.s)}}const y={isValidPrivateKey(t){try{return c(t),!0}catch(t){return!1}},normPrivateKeyToScalar:c,randomPrivateKey:()=>{const t=at(e.n);return function(t,e,n=!1){const r=t.length,f=st(e),i=at(e);if(r<16||r<i||r>1024)throw Error("expected "+i+"-1024 bytes of input, got "+r);const o=$(n?R(t):z(t),e-M)+M;return n?P(o,f):q(o,f)}(e.randomBytes(t),e.n)},precompute:(t=8,e=a.BASE)=>(e._setWindowSize(t),e.multiply(BigInt(3)),e)};function p(t){const e=m(t),n="string"==typeof t,r=(e||n)&&t.length;return e?r===f||r===i:n?r===2*f||r===2*i:t instanceof a}const w=e.bits2int||function(t){if(t.length>8192)throw Error("input is too large");const n=R(t),r=8*t.length-e.nBitLength;return r>0?n>>BigInt(r):n},E=e.bits2int_modN||function(t){return o(w(t))},I=Z(e.nBitLength);function v(t){return F("num < 2^"+e.nBitLength,t,vt,I),q(t,e.nByteLength)}function S(t,r,f=A){if(["recovered","canonical"].some((t=>t in f)))throw Error("sign() legacy options not supported");const{hash:i,randomBytes:d}=e;let{lowS:l,prehash:g,extraEntropy:y}=f;null==l&&(l=!0),t=N("msgHash",t),Bt(f),g&&(t=N("prehashed msgHash",i(t)));const p=E(t),m=c(r),B=[v(m),v(p)];if(null!=y&&!1!==y){const t=!0===y?d(n.BYTES):y;B.push(N("extraEntropy",t))}const x=H(...B),I=p;return{seed:x,k2sig:function(t){const e=w(t);if(!u(e))return;const n=s(e),r=a.BASE.multiply(e).toAffine(),f=o(r.x);if(f===vt)return;const i=o(n*o(I+f*m));if(i===vt)return;let c=(r.x===f?0:2)|Number(r.y&St),d=i;return l&&h(i)&&(d=function(t){return h(t)?o(-t):t}(i),c^=1),new b(f,d,c)}}}const A={lowS:e.lowS,prehash:!1},L={lowS:e.lowS,prehash:!1};return a.BASE._setWindowSize(8),{CURVE:e,getPublicKey:function(t,e=!0){return a.fromPrivateKey(t).toRawBytes(e)},getSharedSecret:function(t,e,n=!0){if(p(t))throw Error("first arg must be private key");if(!p(e))throw Error("second arg must be public key");return a.fromHex(e).multiply(c(t)).toRawBytes(n)},sign:function(t,n,r=A){const{seed:f,k2sig:i}=S(t,n,r),o=e;return C(o.hash.outputLen,o.nByteLength,o.hmac)(f,i)},verify:function(t,n,r,f=L){const i=t;n=N("msgHash",n),r=N("publicKey",r);const{lowS:c,prehash:d,format:u}=f;if(Bt(f),"strict"in f)throw Error("options.strict was renamed to lowS");if(void 0!==u&&"compact"!==u&&"der"!==u)throw Error("format must be compact or der");const l="string"==typeof i||m(i),h=!l&&!u&&"object"==typeof i&&null!==i&&"bigint"==typeof i.r&&"bigint"==typeof i.s;if(!l&&!h)throw Error("invalid signature, expected Uint8Array, hex string or Signature instance");let g,y;try{if(h&&(g=new b(i.r,i.s)),l){try{"compact"!==u&&(g=b.fromDER(i))}catch(t){if(!(t instanceof It.Err))throw t}g||"der"===u||(g=b.fromCompact(i))}y=a.fromHex(r)}catch(t){return!1}if(!g)return!1;if(c&&g.hasHighS())return!1;d&&(n=e.hash(n));const{r:p,s:w}=g,B=E(n),x=s(w),I=o(B*x),v=o(p*x),S=a.BASE.multiplyAndAddUnsafe(y,I,v)?.toAffine();return!!S&&o(S.x)===p},ProjectivePoint:a,Signature:b,utils:y}}
8
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function zt(t){return{hash:t,hmac:(e,...n)=>g(t,e,a(...n)),randomBytes:c}}function qt(t,e){const n=e=>Rt({...t,...zt(e)});return Object.freeze({...n(e),create:n})}
9
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */BigInt(4);const Pt=ot(BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff")),Nt=qt({a:Pt.create(BigInt("-3")),b:BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b"),Fp:Pt,n:BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),Gx:BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),Gy:BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"),h:BigInt(1),lowS:!1},t),Ht=ot(BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff")),Lt=qt({a:Ht.create(BigInt("-3")),b:BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef"),Fp:Ht,n:BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),Gx:BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),Gy:BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"),h:BigInt(1),lowS:!1},e),Tt=ot(BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")),Ft={a:Tt.create(BigInt("-3")),b:BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00"),Fp:Tt,n:BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),Gx:BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),Gy:BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"),h:BigInt(1)},Ut=qt({a:Ft.a,b:Ft.b,Fp:Tt,n:Ft.n,Gx:Ft.Gx,Gy:Ft.Gy,h:Ft.h,lowS:!1,allowedPrivateKeyLengths:[130,131,132]},n),Zt=BigInt(0),kt=BigInt(1),Gt=BigInt(2),Ct=BigInt(8),jt={zip215:!0};function Vt(t){const e=function(t){const e=wt(t);return V(t,{hash:"function",a:"bigint",d:"bigint",randomBytes:"function"},{adjustScalarBytes:"function",domain:"function",uvRatio:"function",mapToCurve:"function"}),Object.freeze({...e})}(t),{Fp:n,n:r,prehash:f,hash:i,randomBytes:o,nByteLength:s,h:a}=e,c=Gt<<BigInt(8*s)-kt,d=n.create,u=ot(e.n,e.nBitLength),l=e.uvRatio||((t,e)=>{try{return{isValid:!0,value:n.sqrt(t*n.inv(e))}}catch(t){return{isValid:!1,value:Zt}}}),h=e.adjustScalarBytes||(t=>t),g=e.domain||((t,e,n)=>{if(B("phflag",n),e.length||n)throw Error("Contexts/pre-hash are not supported");return t});function b(t,e){F("coordinate "+t,e,Zt,c)}function y(t){if(!(t instanceof w))throw Error("ExtendedPoint expected")}const p=_(((t,e)=>{const{ex:r,ey:f,ez:i}=t,o=t.is0();null==e&&(e=o?Ct:n.inv(i));const s=d(r*e),a=d(f*e),c=d(i*e);if(o)return{x:Zt,y:kt};if(c!==kt)throw Error("invZ was invalid");return{x:s,y:a}})),m=_((t=>{const{a:n,d:r}=e;if(t.is0())throw Error("bad point: ZERO");const{ex:f,ey:i,ez:o,et:s}=t,a=d(f*f),c=d(i*i),u=d(o*o),l=d(u*u),h=d(a*n);if(d(u*d(h+c))!==d(l+d(r*d(a*c))))throw Error("bad point: equation left != right (1)");if(d(f*i)!==d(o*s))throw Error("bad point: equation left != right (2)");return!0}));class w{constructor(t,e,n,r){this.ex=t,this.ey=e,this.ez=n,this.et=r,b("x",t),b("y",e),b("z",n),b("t",r),Object.freeze(this)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}static fromAffine(t){if(t instanceof w)throw Error("extended point not allowed");const{x:e,y:n}=t||{};return b("x",e),b("y",n),new w(e,n,kt,d(e*n))}static normalizeZ(t){const e=n.invertBatch(t.map((t=>t.ez)));return t.map(((t,n)=>t.toAffine(e[n]))).map(w.fromAffine)}static msm(t,e){return mt(w,u,t,e)}_setWindowSize(t){v.setWindowSize(this,t)}assertValidity(){m(this)}equals(t){y(t);const{ex:e,ey:n,ez:r}=this,{ex:f,ey:i,ez:o}=t,s=d(e*o),a=d(f*r),c=d(n*o),u=d(i*r);return s===a&&c===u}is0(){return this.equals(w.ZERO)}negate(){return new w(d(-this.ex),this.ey,this.ez,d(-this.et))}double(){const{a:t}=e,{ex:n,ey:r,ez:f}=this,i=d(n*n),o=d(r*r),s=d(Gt*d(f*f)),a=d(t*i),c=n+r,u=d(d(c*c)-i-o),l=a+o,h=l-s,g=a-o,b=d(u*h),y=d(l*g),p=d(u*g),m=d(h*l);return new w(b,y,m,p)}add(t){y(t);const{a:n,d:r}=e,{ex:f,ey:i,ez:o,et:s}=this,{ex:a,ey:c,ez:u,et:l}=t;if(n===BigInt(-1)){const t=d((i-f)*(c+a)),e=d((i+f)*(c-a)),n=d(e-t);if(n===Zt)return this.double();const r=d(o*Gt*l),h=d(s*Gt*u),g=h+r,b=e+t,y=h-r,p=d(g*n),m=d(b*y),B=d(g*y),E=d(n*b);return new w(p,m,E,B)}const h=d(f*a),g=d(i*c),b=d(s*r*l),p=d(o*u),m=d((f+i)*(a+c)-h-g),B=p-b,E=p+b,x=d(g-n*h),I=d(m*B),v=d(E*x),S=d(m*x),A=d(B*E);return new w(I,v,A,S)}subtract(t){return this.add(t.negate())}wNAF(t){return v.wNAFCached(this,t,w.normalizeZ)}multiply(t){const e=t;F("scalar",e,kt,r);const{p:n,f}=this.wNAF(e);return w.normalizeZ([n,f])[0]}multiplyUnsafe(t,e=w.ZERO){const n=t;return F("scalar",n,Zt,r),n===Zt?I:this.is0()||n===kt?this:v.wNAFCachedUnsafe(this,n,w.normalizeZ,e)}isSmallOrder(){return this.multiplyUnsafe(a).is0()}isTorsionFree(){return v.unsafeLadder(this,r).is0()}toAffine(t){return p(this,t)}clearCofactor(){const{h:t}=e;return t===kt?this:this.multiplyUnsafe(t)}static fromHex(t,r=!1){const{d:f,a:i}=e,o=n.BYTES;t=N("pointHex",t,o),B("zip215",r);const s=t.slice(),a=t[o-1];s[o-1]=-129&a;const u=z(s),h=r?c:n.ORDER;F("pointHex.y",u,Zt,h);const g=d(u*u),b=d(g-kt),y=d(f*g-i);let{isValid:p,value:m}=l(b,y);if(!p)throw Error("Point.fromHex: invalid y coordinate");const E=(m&kt)===kt,x=!!(128&a);if(!r&&m===Zt&&x)throw Error("Point.fromHex: x=0 and x_0=1");return x!==E&&(m=d(-m)),w.fromAffine({x:m,y:u})}static fromPrivateKey(t){return O(t).point}toRawBytes(){const{x:t,y:e}=this.toAffine(),r=P(e,n.BYTES);return r[r.length-1]|=t&kt?128:0,r}toHex(){return x(this.toRawBytes())}}w.BASE=new w(e.Gx,e.Gy,kt,d(e.Gx*e.Gy)),w.ZERO=new w(Zt,kt,kt,Zt);const{BASE:E,ZERO:I}=w,v=pt(w,8*s);function S(t){return $(t,r)}function A(t){return S(z(t))}function O(t){const e=n.BYTES;t=N("private key",t,e);const r=N("hashed private key",i(t),2*e),f=h(r.slice(0,e)),o=r.slice(e,2*e),s=A(f),a=E.multiply(s),c=a.toRawBytes();return{head:f,prefix:o,scalar:s,point:a,pointBytes:c}}function R(t=new Uint8Array,...e){const n=H(...e);return A(i(g(n,N("context",t),!!f)))}const q=jt;E._setWindowSize(8);return{CURVE:e,getPublicKey:function(t){return O(t).pointBytes},sign:function(t,e,i={}){t=N("message",t),f&&(t=f(t));const{prefix:o,scalar:s,pointBytes:a}=O(e),c=R(i.context,o,t),d=E.multiply(c).toRawBytes(),u=S(c+R(i.context,d,a,t)*s);return F("signature.s",u,Zt,r),N("result",H(d,P(u,n.BYTES)),2*n.BYTES)},verify:function(t,e,r,i=q){const{context:o,zip215:s}=i,a=n.BYTES;t=N("signature",t,2*a),e=N("message",e),r=N("publicKey",r,a),void 0!==s&&B("zip215",s),f&&(e=f(e));const c=z(t.slice(a,2*a));let d,u,l;try{d=w.fromHex(r,s),u=w.fromHex(t.slice(0,a),s),l=E.multiplyUnsafe(c)}catch(t){return!1}if(!s&&d.isSmallOrder())return!1;const h=R(o,u.toRawBytes(),d.toRawBytes(),e);return u.add(d.multiplyUnsafe(h)).subtract(l).clearCofactor().equals(w.ZERO)},ExtendedPoint:w,utils:{getExtendedPublicKey:O,randomPrivateKey:()=>o(n.BYTES),precompute:(t=8,e=w.BASE)=>(e._setWindowSize(t),e.multiply(BigInt(3)),e)}}}
10
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const _t=BigInt(0),Kt=BigInt(1);function Yt(t){const e=(V(n=t,{a:"bigint"},{montgomeryBits:"isSafeInteger",nByteLength:"isSafeInteger",adjustScalarBytes:"function",domain:"function",powPminus2:"function",Gu:"bigint"}),Object.freeze({...n}));var n;const{P:r}=e,f=t=>$(t,r),i=e.montgomeryBits,o=Math.ceil(i/8),s=e.nByteLength,a=e.adjustScalarBytes||(t=>t),c=e.powPminus2||(t=>tt(t,r-BigInt(2),r));function d(t,e,n){const r=f(t*(e-n));return[e=f(e-r),n=f(n+r)]}const u=(e.a-BigInt(2))/BigInt(4);function l(t){return P(f(t),o)}function h(t,e){const n=function(t){const e=N("u coordinate",t,o);return 32===s&&(e[31]&=127),z(e)}(e),h=function(t,e){F("u",t,_t,r),F("scalar",e,_t,r);const n=e,o=t;let s,a=Kt,l=_t,h=t,g=Kt,b=_t;for(let t=BigInt(i-1);t>=_t;t--){const e=n>>t&Kt;b^=e,s=d(b,a,h),a=s[0],h=s[1],s=d(b,l,g),l=s[0],g=s[1],b=e;const r=a+l,i=f(r*r),c=a-l,y=f(c*c),p=i-y,m=h+g,w=f((h-g)*r),B=f(m*c),E=w+B,x=w-B;h=f(E*E),g=f(o*f(x*x)),a=f(i*y),l=f(p*(i+f(u*p)))}s=d(b,a,h),a=s[0],h=s[1],s=d(b,l,g),l=s[0],g=s[1];const y=c(l);return f(a*y)}(n,function(t){const e=N("scalar",t),n=e.length;if(n!==o&&n!==s)throw Error("invalid scalar, expected "+o+" or "+s+" bytes, got "+n);return z(a(e))}(t));if(h===_t)throw Error("invalid private or public key received");return l(h)}const g=l(e.Gu);function b(t){return h(t,g)}return{scalarMult:h,scalarMultBase:b,getSharedSecret:(t,e)=>h(t,e),getPublicKey:t=>b(t),utils:{randomPrivateKey:()=>e.randomBytes(e.nByteLength)},GuBytes:g}}
11
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Mt=d((()=>l.create({dkLen:114}))),Dt=(d((()=>l.create({dkLen:64}))),BigInt("726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018365439")),Wt=BigInt(1),Jt=BigInt(2),Qt=BigInt(3);BigInt(4);const Xt=BigInt(11),$t=BigInt(22),te=BigInt(44),ee=BigInt(88),ne=BigInt(223);function re(t){const e=Dt,n=t*t*t%e,r=n*n*t%e,f=et(r,Qt,e)*r%e,i=et(f,Qt,e)*r%e,o=et(i,Jt,e)*n%e,s=et(o,Xt,e)*o%e,a=et(s,$t,e)*s%e,c=et(a,te,e)*a%e,d=et(c,ee,e)*c%e,u=et(d,te,e)*a%e,l=et(u,Jt,e)*n%e,h=et(l,Wt,e)*t%e;return et(h,ne,e)*l%e}function fe(t){return t[0]&=252,t[55]|=128,t[56]=0,t}const ie=ot(Dt,456,!0),oe={a:BigInt(1),d:BigInt("726838724295606890549323807888004534353641360687318060281490199180612328166730772686396383698676545930088884461843637361053498018326358"),Fp:ie,n:BigInt("181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779"),nBitLength:456,h:BigInt(4),Gx:BigInt("224580040295924300187604334099896036246789641632564134246125461686950415467406032909029192869357953282578032075146446173674602635247710"),Gy:BigInt("298819210078481492676017930443930673437544040154080242095928241372331506189835876003536878655418784733982303233503462500531545062832660"),hash:Mt,randomBytes:c,adjustScalarBytes:fe,domain:(t,e,n)=>{if(e.length>255)throw Error("context must be smaller than 255, got: "+e.length);return a(u("SigEd448"),new Uint8Array([n?1:0,e.length]),e,t)},uvRatio:function(t,e){const n=Dt,r=$(t*t*e,n),f=$(r*t,n),i=$(f*r*e,n),o=$(f*re(i),n),s=$(o*o,n);return{isValid:$(s*e,n)===t,value:o}}},se=/* @__PURE__ */Vt(oe),ae=/* @__PURE__ */(()=>Yt({a:BigInt(156326),montgomeryBits:448,nByteLength:56,P:Dt,Gu:BigInt(5),powPminus2:t=>{const e=Dt;return $(et(re(t),BigInt(2),e)*t,e)},adjustScalarBytes:fe,randomBytes:c}))();ie.ORDER,BigInt(3),BigInt(4),BigInt(156326),BigInt("39082"),BigInt("78163"),BigInt("98944233647732219769177004876929019128417576295529901074099889598043702116001257856802131563896515373927712232092845883226922417596214"),BigInt("315019913931389607337177038330951043522456072897266928557328499619017160722351061360252776265186336876723201881398623946864393857820716"),BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
12
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
13
- const ce=BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),de=BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),ue=BigInt(1),le=BigInt(2),he=(t,e)=>(t+e/le)/e;const ge=ot(ce,void 0,void 0,{sqrt:function(t){const e=ce,n=BigInt(3),r=BigInt(6),f=BigInt(11),i=BigInt(22),o=BigInt(23),s=BigInt(44),a=BigInt(88),c=t*t*t%e,d=c*c*t%e,u=et(d,n,e)*d%e,l=et(u,n,e)*d%e,h=et(l,le,e)*c%e,g=et(h,f,e)*h%e,b=et(g,i,e)*g%e,y=et(b,s,e)*b%e,p=et(y,a,e)*y%e,m=et(p,s,e)*b%e,w=et(m,n,e)*d%e,B=et(w,o,e)*g%e,E=et(B,r,e)*c%e,x=et(E,le,e);if(!ge.eql(ge.sqr(x),t))throw Error("Cannot find square root");return x}}),be=qt({a:BigInt(0),b:BigInt(7),Fp:ge,n:de,Gx:BigInt("55066263022277343669578718895168534326250603453777594175500187360389116729240"),Gy:BigInt("32670510020758816978083085130507043184471273380659243275938904335757337482424"),h:BigInt(1),lowS:!0,endo:{beta:BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),splitScalar:t=>{const e=de,n=BigInt("0x3086d221a7d46bcde86c90e49284eb15"),r=-ue*BigInt("0xe4437ed6010e88286f547fa90abfe4c3"),f=BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"),i=n,o=BigInt("0x100000000000000000000000000000000"),s=he(i*t,e),a=he(-r*t,e);let c=$(t-s*n-a*f,e),d=$(-s*r-a*i,e);const u=c>o,l=d>o;if(u&&(c=e-c),l&&(d=e-d),c>o||d>o)throw Error("splitScalar: Endomorphism failed, k="+t);return{k1neg:u,k1:c,k2neg:l,k2:d}}}},t);BigInt(0),be.ProjectivePoint;const ye=ot(BigInt("0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377")),pe=qt({a:ye.create(BigInt("0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9")),b:BigInt("0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6"),Fp:ye,n:BigInt("0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7"),Gx:BigInt("0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262"),Gy:BigInt("0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997"),h:BigInt(1),lowS:!1},t),me=ot(BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53")),we=qt({a:me.create(BigInt("0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826")),b:BigInt("0x04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11"),Fp:me,n:BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565"),Gx:BigInt("0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e"),Gy:BigInt("0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315"),h:BigInt(1),lowS:!1},e),Be=ot(BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3")),Ee=qt({a:Be.create(BigInt("0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca")),b:BigInt("0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723"),Fp:Be,n:BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069"),Gx:BigInt("0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822"),Gy:BigInt("0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892"),h:BigInt(1),lowS:!1},n),xe=new Map(Object.entries({nistP256:Nt,nistP384:Lt,nistP521:Ut,brainpoolP256r1:pe,brainpoolP384r1:we,brainpoolP512r1:Ee,secp256k1:be,x448:ae,ed448:se}));export{xe as nobleCurves};
10
+ const oe=BigInt(0),ie=BigInt(1),se=BigInt(2);function ce(t){const f=(V(r=t,{adjustScalarBytes:"function",powPminus2:"function"}),Object.freeze({...r}));var r;const{P:n,type:o,adjustScalarBytes:i,powPminus2:s,randomBytes:c}=f,a="x25519"===o;if(!a&&"x448"!==o)throw Error("invalid type");const d=c||u,l=a?255:448,h=a?32:56,b=a?BigInt(9):BigInt(5),g=a?BigInt(121665):BigInt(39081),p=a?se**BigInt(254):se**BigInt(447),y=a?BigInt(8)*se**BigInt(251)-ie:BigInt(4)*se**BigInt(445)-ie,m=p+y+ie,B=t=>X(t,n),w=E(b);function E(t){return A(B(t),h)}function x(t,e){const f=function(t,e){K("u",t,oe,n),K("scalar",e,p,m);const f=e,r=t;let o=ie,i=oe,c=t,a=ie,d=oe;for(let t=BigInt(l-1);t>=oe;t--){const e=f>>t&ie;d^=e,({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a)),d=e;const n=o+i,s=B(n*n),u=o-i,l=B(u*u),h=s-l,b=c+a,p=B((c-a)*n),y=B(b*u),m=p+y,w=p-y;c=B(m*m),a=B(r*B(w*w)),o=B(s*l),i=B(h*(s+B(g*h)))}({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a));const u=s(i);return B(o*u)}(function(t){const e=q("u coordinate",t,h);return a&&(e[31]&=127),B(R(e))}(e),function(t){return R(i(q("scalar",t,h)))}(t));if(f===oe)throw Error("invalid private or public key received");return E(f)}function v(t){return x(t,w)}function I(t,e,f){const r=B(t*(e-f));return{x_2:e=B(e-r),x_3:f=B(f+r)}}const S={secretKey:h,publicKey:h,seed:h},O=(t=d(h))=>(e(t,S.seed),t);return{keygen:function(t){const e=O(t);return{secretKey:e,publicKey:v(e)}},getSharedSecret:(t,e)=>x(t,e),getPublicKey:t=>v(t),scalarMult:x,scalarMultBase:v,utils:{randomSecretKey:O,randomPrivateKey:O},GuBytes:w.slice(),lengths:S}}
11
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const ae={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff"),n:BigInt("0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3"),h:BigInt(4),a:BigInt(1),d:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff6756"),Gx:BigInt("0x4f1970c66bed0ded221d15a622bf36da9e146570470f1767ea6de324a3d3a46412ae1af72ab66511433b80e18b00938e2626a82bc70cc05e"),Gy:BigInt("0x693f46716eb6bc248876203756c9c7624bea73736ca3984087789c1e05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14")},de=Object.assign({},ae,{d:BigInt("0xd78b4bdc7f0daf19f24f38c29373a2ccad46157242a50f37809b1da3412a12e79ccc9c81264cfe9ad080997058fb61c4243cc32dbaa156b9"),Gx:BigInt("0x79a70b2b70400553ae7c9df416c792c61128751ac92969240c25a07d728bdc93e21f7787ed6972249de732f38496cd11698713093e9c04fc"),Gy:BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000000000000000000000000000000000000000000000000001")}),ue=/* @__PURE__ */g((()=>p.create({dkLen:114}))),le=BigInt(1),he=BigInt(2),be=BigInt(3);BigInt(4);const ge=BigInt(11),pe=BigInt(22),ye=BigInt(44),me=BigInt(88),Be=BigInt(223);function we(t){const e=ae.p,f=t*t*t%e,r=f*f*t%e,n=M(r,be,e)*r%e,o=M(n,be,e)*r%e,i=M(o,he,e)*f%e,s=M(i,ge,e)*i%e,c=M(s,pe,e)*s%e,a=M(c,ye,e)*c%e,d=M(a,me,e)*a%e,u=M(d,ye,e)*c%e,l=M(u,he,e)*f%e,h=M(l,le,e)*t%e;return M(h,Be,e)*l%e}function Ee(t){return t[0]&=252,t[55]|=128,t[56]=0,t}function xe(t,e){const f=ae.p,r=X(t*t*e,f),n=X(r*t,f),o=X(n*r*e,f),i=X(n*we(o),f),s=X(i*i,f);return{isValid:X(s*e,f)===t,value:i}}const ve=/* @__PURE__ */(()=>it(ae.p,{BITS:456,isLE:!0}))(),Ie=/* @__PURE__ */(()=>it(ae.n,{BITS:456,isLE:!0}))();function Se(t,e,f){if(e.length>255)throw Error("context must be smaller than 255, got: "+e.length);return n((r="SigEd448",Uint8Array.from(r,((t,e)=>{const f=t.charCodeAt(0);if(1!==t.length||f>127)throw Error(`string contains non-ASCII character "${r[e]}" with code ${f} at position ${e}`);return f}))),new Uint8Array([f?1:0,e.length]),e,t);var r}const Oe=function(t){const{CURVE:e,curveOpts:f,hash:r,eddsaOpts:n}=function(t){const e={a:t.a,d:t.d,p:t.Fp.ORDER,n:t.n,h:t.h,Gx:t.Gx,Gy:t.Gy},f={Fp:t.Fp,Fn:it(e.n,t.nBitLength,!0),uvRatio:t.uvRatio},r={randomBytes:t.randomBytes,adjustScalarBytes:t.adjustScalarBytes,domain:t.domain,prehash:t.prehash,mapToCurve:t.mapToCurve};return{CURVE:e,curveOpts:f,hash:t.hash,eddsaOpts:r}}(t);return function(t,e){const f=e.Point;return Object.assign({},e,{ExtendedPoint:f,CURVE:t,nBitLength:f.Fn.BITS,nByteLength:f.Fn.BYTES})}(t,ne(re(e,f),r,n))}(/* @__PURE__ */(()=>({...ae,Fp:ve,Fn:Ie,nBitLength:Ie.BITS,hash:ue,adjustScalarBytes:Ee,domain:Se,uvRatio:xe}))());re(de);const Re=/* @__PURE__ */(()=>{const t=ae.p;return ce({P:t,type:"x448",powPminus2:e=>X(M(we(e),he,t)*e,t),adjustScalarBytes:Ee})})(),Fe={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),n:BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),h:BigInt(1),a:BigInt(0),b:BigInt(7),Gx:BigInt("0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"),Gy:BigInt("0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8")},Ae={beta:BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),basises:[[BigInt("0x3086d221a7d46bcde86c90e49284eb15"),-BigInt("0xe4437ed6010e88286f547fa90abfe4c3")],[BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"),BigInt("0x3086d221a7d46bcde86c90e49284eb15")]]},qe=/* @__PURE__ */BigInt(2);
12
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ze=it(Fe.p,{sqrt:function(t){const e=Fe.p,f=BigInt(3),r=BigInt(6),n=BigInt(11),o=BigInt(22),i=BigInt(23),s=BigInt(44),c=BigInt(88),a=t*t*t%e,d=a*a*t%e,u=M(d,f,e)*d%e,l=M(u,f,e)*d%e,h=M(l,qe,e)*a%e,b=M(h,n,e)*h%e,g=M(b,o,e)*b%e,p=M(g,s,e)*g%e,y=M(p,c,e)*p%e,m=M(y,s,e)*g%e,B=M(m,f,e)*d%e,w=M(B,i,e)*b%e,E=M(w,r,e)*a%e,x=M(E,qe,e);if(!Ze.eql(Ze.sqr(x),t))throw Error("Cannot find square root");return x}}),Pe=Ht({...Fe,Fp:Ze,lowS:!0,endo:Ae},l),Ke=it(BigInt("0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377")),Ne=Ht({a:Ke.create(BigInt("0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9")),b:BigInt("0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6"),Fp:Ke,n:BigInt("0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7"),Gx:BigInt("0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262"),Gy:BigInt("0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997"),h:BigInt(1),lowS:!1},y),Ue=it(BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53")),Ve=Ht({a:Ue.create(BigInt("0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826")),b:BigInt("0x04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11"),Fp:Ue,n:BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565"),Gx:BigInt("0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e"),Gy:BigInt("0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315"),h:BigInt(1),lowS:!1},m),Te=it(BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3")),Ce=Ht({a:Te.create(BigInt("0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca")),b:BigInt("0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723"),Fp:Te,n:BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069"),Gx:BigInt("0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822"),Gy:BigInt("0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892"),h:BigInt(1),lowS:!1},B),ke=new Map(Object.entries({nistP256:$t,nistP384:Wt,nistP521:Jt,brainpoolP256r1:Ne,brainpoolP384r1:Ve,brainpoolP512r1:Ce,secp256k1:Pe,x448:Re,ed448:Oe}));export{ke as nobleCurves};
14
13
  //# sourceMappingURL=noble_curves.min.mjs.map