@provablehq/sdk 0.10.6-rc.1 → 0.11.0

package/dist/testnet/browser.d.cts

@@ -64,7 +64,7 @@ export { ProgramManager, ProvingRequestOptions, ExecuteOptions, FeeAuthorization
 export { logAndThrow, TransportFunction } from "./utils/utils.js";
 export { setLogLevel, getLogLevel } from "./utils/logger.js";
 export type { LogLevel } from "./utils/logger.js";
-export { Address, Authorization, Boolean, BHP256, BHP512, BHP768, BHP1024, Ciphertext, ComputeKey, DynamicRecord, Execution as FunctionExecution, ExecutionRequest, ExecutionResponse, EncryptionToolkit, Field, GraphKey, Group, I8, I16, I32, I64, I128, OfflineQuery, QueryOption, Pedersen64, Pedersen128, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, RecordCiphertext, RecordPlaintext, Signature, Scalar, stringToField, Transaction, Transition, U8, U16, U32, U64, U128, Value, VerifyingKey, ViewKey, initThreadPool, getOrInitConsensusVersionTestHeights, snarkVerify, snarkVerifyBatch, verifyFunctionExecution, } from "./wasm.js";
+export { Address, Authorization, Boolean, BHP256, BHP512, BHP768, BHP1024, Ciphertext, ComputeKey, DynamicRecord, Execution as FunctionExecution, ExecutionRequest, ExecutionResponse, EncryptionToolkit, Field, GraphKey, Group, I8, I16, I32, I64, I128, OfflineQuery, QueryOption, Pedersen64, Pedersen128, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, RecordCiphertext, RecordPlaintext, Signature, Scalar, stringToField, Transaction, Transition, U8, U16, U32, U64, U128, Value, VerifyingKey, ViewKey, initThreadPool, getOrInitConsensusVersionTestHeights, setWasmLogLevel, snarkVerify, snarkVerifyBatch, verifyFunctionExecution, } from "./wasm.js";
 export { initializeWasm };
 export { Key, CREDITS_PROGRAM_KEYS, KEY_STORE, PRIVATE_TRANSFER, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, PUBLIC_TO_PRIVATE_TRANSFER, RECORD_DOMAIN, VALID_TRANSFER_TYPES, } from "./constants.js";
 export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoKeyProviderInitParams, AleoNetworkClient, BlockJSON, BlockHeightSearch, BroadcastResponse, BroadcastResult, CachedKeyPair, ConfirmedTransactionJSON, CryptoBoxPubKey, DecryptionNotEnabledError, DeploymentJSON, DeploymentObject, EncryptedProvingRequest, EncryptedRecord, EncryptedRegistrationRequest, EncryptedRecordsResult, EncryptedRecordsSuccess, ExecutionJSON, ExecutionObject, FeeExecutionJSON, FeeExecutionObject, FinalizeJSON, FunctionInput, FunctionObject, FunctionKeyPair, FunctionKeyProvider, Header, isProvingResponse, isProveApiErrorBody, ImportedPrograms, ImportedVerifyingKeys, IndexedDBKeyStore, InputJSON, InputObject, InvalidLocatorError, InvalidLocatorReason, BaseFunctionKeyLocator, KeyFingerprint, KeyLocator, KeyMetadata, KeySearchParams, KeyStore, KeyType, KeyVerificationError, ProvingKeyLocator, provingKeyLocator, TranslationKeyLocator, translationKeyLocator, VerifyingKeyLocator, verifyingKeyLocator, KeyVerifier, MemKeyVerifier, Metadata, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, OutputJSON, OutputObject, OwnedFilter, OwnedRecord, OwnedRecordsResult, OwnedRecordsResponseFilter, OwnedRecordsSuccess, OwnerJSON, PartialSolutionJSON, PlaintextArray, PlaintextLiteral, PlaintextObject, PlaintextStruct, ProgramImports, ProveApiErrorBody, ProvingFailure, ProvingRequestError, ProvingRequestJSON, ProvingResult, ProvingSuccess, ProvingResponse, RatificationJSON, RecordsFilter, RecordsResponseFilter, RecordProvider, RecordScanner, RecordScannerErrorBody, RecordScannerFailure, RecordScannerJWTData, RecordScannerOptions, RecordNotFoundError, RecordScannerRequestError, ViewKeyNotStoredError, RecordSearchParams, RegisterResult, RegisterSuccess, RegistrationResponse, RevokeResult, RevokeSuccess, RevokeResponse, SealanceMerkleTree, SerialNumbersResult, SerialNumbersSuccess, sha256Hex, SolutionJSON, SolutionsJSON, StatusResponse, StatusResult, StatusSuccess, TagsResult, TagsSuccess, TransactionJSON, TransactionObject, TransitionJSON, TransitionObject, UUIDError, VerifyingKeys, };

package/dist/testnet/browser.d.ts

@@ -64,7 +64,7 @@ export { ProgramManager, ProvingRequestOptions, ExecuteOptions, FeeAuthorization
 export { logAndThrow, TransportFunction } from "./utils/utils.js";
 export { setLogLevel, getLogLevel } from "./utils/logger.js";
 export type { LogLevel } from "./utils/logger.js";
-export { Address, Authorization, Boolean, BHP256, BHP512, BHP768, BHP1024, Ciphertext, ComputeKey, DynamicRecord, Execution as FunctionExecution, ExecutionRequest, ExecutionResponse, EncryptionToolkit, Field, GraphKey, Group, I8, I16, I32, I64, I128, OfflineQuery, QueryOption, Pedersen64, Pedersen128, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, RecordCiphertext, RecordPlaintext, Signature, Scalar, stringToField, Transaction, Transition, U8, U16, U32, U64, U128, Value, VerifyingKey, ViewKey, initThreadPool, getOrInitConsensusVersionTestHeights, snarkVerify, snarkVerifyBatch, verifyFunctionExecution, } from "./wasm.js";
+export { Address, Authorization, Boolean, BHP256, BHP512, BHP768, BHP1024, Ciphertext, ComputeKey, DynamicRecord, Execution as FunctionExecution, ExecutionRequest, ExecutionResponse, EncryptionToolkit, Field, GraphKey, Group, I8, I16, I32, I64, I128, OfflineQuery, QueryOption, Pedersen64, Pedersen128, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, RecordCiphertext, RecordPlaintext, Signature, Scalar, stringToField, Transaction, Transition, U8, U16, U32, U64, U128, Value, VerifyingKey, ViewKey, initThreadPool, getOrInitConsensusVersionTestHeights, setWasmLogLevel, snarkVerify, snarkVerifyBatch, verifyFunctionExecution, } from "./wasm.js";
 export { initializeWasm };
 export { Key, CREDITS_PROGRAM_KEYS, KEY_STORE, PRIVATE_TRANSFER, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, PUBLIC_TO_PRIVATE_TRANSFER, RECORD_DOMAIN, VALID_TRANSFER_TYPES, } from "./constants.js";
 export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoKeyProviderInitParams, AleoNetworkClient, BlockJSON, BlockHeightSearch, BroadcastResponse, BroadcastResult, CachedKeyPair, ConfirmedTransactionJSON, CryptoBoxPubKey, DecryptionNotEnabledError, DeploymentJSON, DeploymentObject, EncryptedProvingRequest, EncryptedRecord, EncryptedRegistrationRequest, EncryptedRecordsResult, EncryptedRecordsSuccess, ExecutionJSON, ExecutionObject, FeeExecutionJSON, FeeExecutionObject, FinalizeJSON, FunctionInput, FunctionObject, FunctionKeyPair, FunctionKeyProvider, Header, isProvingResponse, isProveApiErrorBody, ImportedPrograms, ImportedVerifyingKeys, IndexedDBKeyStore, InputJSON, InputObject, InvalidLocatorError, InvalidLocatorReason, BaseFunctionKeyLocator, KeyFingerprint, KeyLocator, KeyMetadata, KeySearchParams, KeyStore, KeyType, KeyVerificationError, ProvingKeyLocator, provingKeyLocator, TranslationKeyLocator, translationKeyLocator, VerifyingKeyLocator, verifyingKeyLocator, KeyVerifier, MemKeyVerifier, Metadata, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, OutputJSON, OutputObject, OwnedFilter, OwnedRecord, OwnedRecordsResult, OwnedRecordsResponseFilter, OwnedRecordsSuccess, OwnerJSON, PartialSolutionJSON, PlaintextArray, PlaintextLiteral, PlaintextObject, PlaintextStruct, ProgramImports, ProveApiErrorBody, ProvingFailure, ProvingRequestError, ProvingRequestJSON, ProvingResult, ProvingSuccess, ProvingResponse, RatificationJSON, RecordsFilter, RecordsResponseFilter, RecordProvider, RecordScanner, RecordScannerErrorBody, RecordScannerFailure, RecordScannerJWTData, RecordScannerOptions, RecordNotFoundError, RecordScannerRequestError, ViewKeyNotStoredError, RecordSearchParams, RegisterResult, RegisterSuccess, RegistrationResponse, RevokeResult, RevokeSuccess, RevokeResponse, SealanceMerkleTree, SerialNumbersResult, SerialNumbersSuccess, sha256Hex, SolutionJSON, SolutionsJSON, StatusResponse, StatusResult, StatusSuccess, TagsResult, TagsSuccess, TransactionJSON, TransactionObject, TransitionJSON, TransitionObject, UUIDError, VerifyingKeys, };

package/dist/testnet/browser.js

@@ -1,6 +1,6 @@
 import 'core-js/proposals/json-parse-with-source.js';
 import { ProvingKey, VerifyingKey, ViewKey, ComputeKey, Address, PrivateKeyCiphertext, PrivateKey, RecordCiphertext, EncryptionToolkit, Group, Metadata, Program, Plaintext, Transaction, ProvingRequest, RecordPlaintext, Field, Poseidon4, ProgramManager as ProgramManager$1, CallbackQuery, ProgramImports, QueryOption, ExecutionRequest, stringToField, verifyFunctionExecution, Value, Proof, Signature } from '@provablehq/wasm/testnet.js';
-export { Address, Authorization, BHP1024, BHP256, BHP512, BHP768, Boolean, Ciphertext, ComputeKey, DynamicRecord, EncryptionToolkit, ExecutionRequest, ExecutionResponse, Field, Execution as FunctionExecution, GraphKey, Group, I128, I16, I32, I64, I8, OfflineQuery, Pedersen128, Pedersen64, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImports as ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, QueryOption, RecordCiphertext, RecordPlaintext, Scalar, Signature, Transaction, Transition, U128, U16, U32, U64, U8, Value, VerifyingKey, ViewKey, getOrInitConsensusVersionTestHeights, initThreadPool, snarkVerify, snarkVerifyBatch, stringToField, verifyFunctionExecution } from '@provablehq/wasm/testnet.js';
+export { Address, Authorization, BHP1024, BHP256, BHP512, BHP768, Boolean, Ciphertext, ComputeKey, DynamicRecord, EncryptionToolkit, ExecutionRequest, ExecutionResponse, Field, Execution as FunctionExecution, GraphKey, Group, I128, I16, I32, I64, I8, OfflineQuery, Pedersen128, Pedersen64, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramImports as ProgramImportsBuilder, ProgramManager as ProgramManagerBase, Proof, ProvingKey, ProvingRequest, QueryOption, RecordCiphertext, RecordPlaintext, Scalar, Signature, Transaction, Transition, U128, U16, U32, U64, U8, Value, VerifyingKey, ViewKey, getOrInitConsensusVersionTestHeights, initThreadPool, setWasmLogLevel, snarkVerify, snarkVerifyBatch, stringToField, verifyFunctionExecution } from '@provablehq/wasm/testnet.js';
 import { cryptoBoxSeal } from '@serenity-kit/noble-sodium';
 import { base64, bech32m } from '@scure/base';
 
@@ -19,9 +19,16 @@ let currentLevel = "info";
  * - "warn"   — errors + warnings
  * - "info"   — errors + warnings + info (default)
  * - "debug"  — everything including debug traces
+ *
+ * This controls both TS-side and WASM-side logging. WASM log calls
+ * (e.g., "Loading program", "Executing program") are silenced when
+ * the level is below "info".
  */
 function setLogLevel(level) {
     currentLevel = level;
+    import('./wasm-BCrMb35a.js')
+        .then(({ setWasmLogLevel }) => setWasmLogLevel(LEVEL_PRIORITY[level]))
+        .catch(() => { }); // WASM not loaded yet — will use default level (info)
 }
 /** Returns the current SDK log level. */
 function getLogLevel() {
@@ -210,6 +217,17 @@ class MemKeyVerifier {
  * It persists proving and verifying keys across page reloads and browser sessions using the
  * IndexedDB API available in all modern browsers and Web Workers.
  *
+ * **Environment**: Browser / Web Worker only. Instantiating this class is safe in any
+ * environment, but the first IndexedDB operation will reject with a clear error when
+ * `globalThis.indexedDB` is not available (e.g., Node.js, SSR contexts). Guard your
+ * imports accordingly if you bundle for server-side rendering.
+ *
+ * **Security**: Keys are stored as plaintext `Uint8Array` in IndexedDB. Any script
+ * running on the same origin — including scripts injected via XSS — can read the stored
+ * proving and verifying keys. Do **not** use this keystore for data that must remain
+ * confidential under an XSS-capable adversary; encrypt sensitive material at the
+ * application layer before persisting, or use an in-memory store.
+ *
  * @example
  * ```ts
  * import { IndexedDBKeyStore, ProgramManager } from "@provablehq/sdk";
@@ -239,6 +257,13 @@ class IndexedDBKeyStore {
     openDB() {
         if (this.dbPromise)
             return this.dbPromise;
+        // Env check sits outside the Promise constructor so a failure doesn't
+        // poison the cache; a later call (e.g. after a polyfill loads) can retry.
+        if (typeof indexedDB === "undefined") {
+            return Promise.reject(new Error("IndexedDBKeyStore requires a browser or Web Worker environment: " +
+                "`indexedDB` is not defined. If you are in Node.js or an SSR " +
+                "context, use LocalFileKeyStore or an in-memory key provider instead."));
+        }
         this.dbPromise = new Promise((resolve, reject) => {
             const request = indexedDB.open(this.dbName, 1);
             request.onupgradeneeded = () => {
@@ -1264,7 +1289,7 @@ class AleoNetworkClient {
             else {
                 this.headers = {
                     // This is replaced by the actual version by a Rollup plugin
-                    "X-Aleo-SDK-Version": "0.10.6-rc.1",
+                    "X-Aleo-SDK-Version": "0.11.0",
                     "X-Aleo-environment": environment(),
                 };
             }
@@ -1280,7 +1305,7 @@ class AleoNetworkClient {
         else {
             this.headers = {
                 // This is replaced by the actual version by a Rollup plugin
-                "X-Aleo-SDK-Version": "0.10.6-rc.1",
+                "X-Aleo-SDK-Version": "0.11.0",
                 "X-Aleo-environment": environment(),
             };
         }
@@ -2727,7 +2752,7 @@ class AleoNetworkClient {
         };
     }
     /**
-     * Parses a /prove or /prove/encrypted response. Returns a result object (never throws for 200/400/500/503).
+     * Parses a /prove/authorization or /prove/request response. Returns a result object (never throws for 200/400/500/503).
      */
     async handleProvingResponse(response) {
         // Get the proving response text.
@@ -2788,14 +2813,12 @@ class AleoNetworkClient {
     async submitProvingRequestSafe(options) {
         // Attempt to get the Prover URI first from the options, then from any configured globally, or third try the main configured host.
         const proverUri = (options.url ?? this.proverUri) ?? this.host;
-        const provingRequestString = options.provingRequest instanceof ProvingRequest
-            ? options.provingRequest.toString()
-            : options.provingRequest;
         // Try to get JWT data to access the Provable API.
         const apiKey = options.apiKey ?? this.apiKey;
         const consumerId = options.consumerId ?? this.consumerId;
         let jwtData = options.jwtData ?? this.jwtData;
-        // Check to see if the JWT needs refreshing.
+        // Check to see if the JWT needs refreshing. Runs before parsing the
+        // proving request so JWT refresh errors propagate as they always have.
         const isExpired = jwtData && Date.now() >= jwtData.expiration - FIVE_MINUTES;
         if (!jwtData || isExpired) {
             if (apiKey && consumerId) {
@@ -2816,59 +2839,58 @@ class AleoNetworkClient {
         if (jwtData?.jwt) {
             headers["Authorization"] = jwtData.jwt;
         }
-        // Encapsulate the requests in a locally scoped function that can be run with a retry closure.
-        const runRequest = async () => {
-            // If DPS privacy is set, call invoke the encrypted flow.
-            if (options.dpsPrivacy) {
-                // Get an ephemeral public key from a DPS service.
-                const pubKeyResponse = await get(proverUri + "/pubkey", {
-                    headers,
-                    credentials: "include",
-                }, this.transport);
-                // Encrypt the provingRequest.
-                const pubkey = parseJSON(await pubKeyResponse.text());
-                const ciphertext = encryptProvingRequest(pubkey.public_key, ProvingRequest.fromString(provingRequestString));
-                // Form the expected query a DPS service expects (including the key_id).
-                const payload = {
-                    key_id: pubkey.key_id,
-                    ciphertext: ciphertext,
-                };
-                // We're in node, attempt to set the cookie manually.
-                const cookie = isNode() ? pubKeyResponse.headers.get("set-cookie") : undefined;
-                // Send the encrypted proving request to the DPS service.
-                const res = await this.transport(`${proverUri}/prove/encrypted`, {
-                    method: "POST",
-                    body: JSON.stringify(payload),
-                    headers: {
-                        ...headers,
-                        ...(cookie ? { Cookie: cookie } : {})
-                    },
-                    credentials: "include",
-                });
-                // Properly handle the proving response.
-                return this.handleProvingResponse(res);
-            }
-            // If encrypted usage is not specified use the unencrypted endpoint.
-            const proveEndpoint = proverUri.endsWith("/prove")
-                ? proverUri
-                : proverUri + "/prove";
-            const res = await this.transport(proveEndpoint, {
-                method: "POST",
-                body: provingRequestString,
+        // Send the proving request encrypted (libsodium-compatible sealed box).
+        // Used by both `/prove/authorization` (Authorization variant) and
+        // `/prove/request` (Request variant). The legacy plaintext `/prove`
+        // route is no longer used.
+        const sendEncrypted = async (endpoint, provingRequestObj) => {
+            // Get an ephemeral public key from the DPS.
+            const pubKeyResponse = await get(proverUri + "/pubkey", {
                 headers,
+                credentials: "include",
+            }, this.transport);
+            // Encrypt the provingRequest using the ephemeral pubkey.
+            const pubkey = parseJSON(await pubKeyResponse.text());
+            const ciphertext = encryptProvingRequest(pubkey.public_key, provingRequestObj);
+            const payload = {
+                key_id: pubkey.key_id,
+                ciphertext: ciphertext,
+            };
+            // We're in node, attempt to set the cookie manually.
+            const cookie = isNode() ? pubKeyResponse.headers.get("set-cookie") : undefined;
+            const res = await this.transport(`${proverUri}${endpoint}`, {
+                method: "POST",
+                body: JSON.stringify(payload),
+                headers: {
+                    ...headers,
+                    ...(cookie ? { Cookie: cookie } : {})
+                },
+                credentials: "include",
             });
-            // Properly handle the proving response.
             return this.handleProvingResponse(res);
         };
+        // Parse the proving request once, up front, so the variant the SDK
+        // routes on matches the bytes it will eventually send (a Request-
+        // variant string must hit /prove/request, not /prove/authorization).
+        // A malformed input string throws synchronously — the safe-API
+        // contract only promises to return `{ ok: false, ... }` for HTTP
+        // failures (400/500/503); a parse error is a caller-side bug and
+        // surfacing it as a fake 500 would mislead callers debugging it.
+        // `options.dpsPrivacy` is ignored; the legacy plaintext `/prove`
+        // route is deprecated.
+        const provingRequestObj = options.provingRequest instanceof ProvingRequest
+            ? options.provingRequest
+            : ProvingRequest.fromString(options.provingRequest);
+        const endpoint = provingRequestObj.kind() === "request"
+            ? "/prove/request"
+            : "/prove/authorization";
         try {
-            // Run the request with retries.
             return await retryWithBackoff(async () => {
-                // Run the encrypted or non-encrypted flow as specified by the flags.
-                const result = await runRequest();
+                const result = await sendEncrypted(endpoint, provingRequestObj);
                 if (result.ok) {
                     return result;
                 }
-                // If 500s are hit responses are returned, attempt retries.
+                // Retry on 500/503; surface 400 verbatim.
                 if (result.status === 500 || result.status === 503) {
                     const err = new Error(result.error.message);
                     err.status = result.status;
@@ -2878,7 +2900,7 @@ class AleoNetworkClient {
             });
         }
         catch (err) {
-            // If an error is returned, provide usable information to the caller.
+            // HTTP failure inside the retry loop — convert to a result object.
             const e = err;
             return {
                 ok: false,
@@ -4600,6 +4622,19 @@ class RecordScanner {
         const response = await this.request(new Request(`${this.url}/pubkey`, { method: "GET" }));
         return parseJSON(await response.text());
     }
+    /**
+     * Registers the account with the record scanning service using the encrypted flow.
+     * Alias of {@link registerEncrypted} — preserved so existing callers using the
+     * previous unencrypted `register(viewKey, startBlock)` API continue to work
+     * unchanged while transparently using the encrypted endpoint.
+     *
+     * @param {ViewKey} viewKey The view key to register.
+     * @param {number} startBlock The block height to start scanning from.
+     * @returns {Promise<RegisterResult>} `{ ok: true, data }` on success, or `{ ok: false, status, error }` on failure.
+     */
+    async register(viewKey, startBlock) {
+        return this.registerEncrypted(viewKey, startBlock);
+    }
     /**
      * Registers the account with the record scanning service using the encrypted flow: 1. fetches an ephemeral public key from /pubkey - 2. encrypts the registration request (view key + start block) - 3. POSTs to /register/encrypted. Does not HTTP error on a proper error response from the record scanner; returns a result object instead.
      *
@@ -5560,7 +5595,7 @@ class ProgramManager {
                 resolvedImports = await this.networkClient.getProgramImports(programSource);
             }
             catch (e) {
-                console.warn(`Failed to resolve program imports from network: ${e}.`);
+                logger.warn(`Failed to resolve program imports from network: ${e}.`);
             }
         }
         // Build a map of which functions each import actually calls,
@@ -5608,7 +5643,7 @@ class ProgramManager {
                 }
             }
             catch (e) {
-                console.warn(`Failed to resolve transitive imports for ${name}: ${e}`);
+                logger.warn(`Failed to resolve transitive imports for ${name}: ${e}`);
             }
         }
         // Phase 2: Add programs in topological order (leaves first).
@@ -5656,7 +5691,7 @@ class ProgramManager {
                     }
                 }
                 catch (e) {
-                    console.warn(`Failed to trace call graph for ${name}: ${e}`);
+                    logger.warn(`Failed to trace call graph for ${name}: ${e}`);
                 }
             }
         }
@@ -5674,7 +5709,7 @@ class ProgramManager {
                 builder.addProgram(name, source, importEdition);
             }
             catch (e) {
-                console.warn(`Failed to add import ${name} to builder: ${e}`);
+                logger.warn(`Failed to add import ${name} to builder: ${e}`);
                 continue;
             }
             if (loadKeys) {
@@ -5732,7 +5767,7 @@ class ProgramManager {
             return { edition: info.edition, amendment: info.amendment_count };
         }
         catch (e) {
-            console.warn(`Error finding edition/amendment for ${programName}. Network response: '${e.message}'. Defaulting to edition ${fallbackEdition ?? 1}, amendment 0.`);
+            logger.warn(`Error finding edition/amendment for ${programName}. Network response: '${e.message}'. Defaulting to edition ${fallbackEdition ?? 1}, amendment 0.`);
             return { edition: fallbackEdition ?? 1, amendment: 0 };
         }
     }
@@ -5767,7 +5802,7 @@ class ProgramManager {
                     builder.addVerifyingKey(programName, fnName, vk);
             }
             catch (e) {
-                console.debug(`Failed to load keys for ${programName}/${fnName}: ${e}`);
+                logger.debug(`Failed to load keys for ${programName}/${fnName}: ${e}`);
             }
         }
     }
@@ -5799,7 +5834,7 @@ class ProgramManager {
                 fns = Array.from(builder.functionKeysAvailable(programName));
             }
             catch (e) {
-                console.debug(`Failed to query keys for ${programName}: ${e}`);
+                logger.debug(`Failed to query keys for ${programName}: ${e}`);
                 continue;
             }
             for (const fnName of fns) {
@@ -5817,7 +5852,7 @@ class ProgramManager {
                     }
                 }
                 catch (e) {
-                    console.debug(`Failed to persist key for ${programName}/${fnName}: ${e}`);
+                    logger.debug(`Failed to persist key for ${programName}/${fnName}: ${e}`);
                 }
             }
         }
@@ -6319,7 +6354,7 @@ class ProgramManager {
                 [provingKey, verifyingKey] = keys;
             }
             else {
-                console.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
+                logger.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
             }
         }
         // Get the fee record from the account if it is not provided in the parameters
@@ -6358,7 +6393,7 @@ class ProgramManager {
             await this.persistExtractedKeys(programImportsBuilder, importEditions);
         }
         catch (e) {
-            console.debug(`Failed to persist extracted keys: ${e}`);
+            logger.debug(`Failed to persist extracted keys: ${e}`);
         }
         return result;
     }
@@ -6480,7 +6515,7 @@ class ProgramManager {
                 [provingKey, verifyingKey] = keys;
             }
             else {
-                console.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
+                logger.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
             }
         }
         const query = offlineQuery
@@ -6498,7 +6533,7 @@ class ProgramManager {
             await this.persistExtractedKeys(programImportsBuilder, importEditions);
         }
         catch (e) {
-            console.debug(`Failed to persist extracted keys: ${e}`);
+            logger.debug(`Failed to persist extracted keys: ${e}`);
         }
         return result;
     }
@@ -6981,7 +7016,7 @@ class ProgramManager {
                 [provingKey, verifyingKey] = keys;
             }
             else {
-                console.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
+                logger.log("Function keys not found in KeyStore or KeyProvider. The function keys will be synthesized");
             }
         }
         // Auto-convert bare string inputs to field elements where the function expects field type.
@@ -7000,7 +7035,7 @@ class ProgramManager {
             await this.persistExtractedKeys(builder, importEditions);
         }
         catch (e) {
-            console.debug(`Failed to persist extracted keys: ${e}`);
+            logger.debug(`Failed to persist extracted keys: ${e}`);
         }
         return result;
     }