@provablehq/sdk 0.9.16-rc → 0.9.17

package/dist/mainnet/browser.js

@@ -1,6 +1,7 @@
 import 'core-js/proposals/json-parse-with-source.js';
 import { ViewKey, ComputeKey, Address, PrivateKeyCiphertext, PrivateKey, RecordCiphertext, EncryptionToolkit, Group, Metadata, VerifyingKey, Program, Plaintext, Transaction, ProvingRequest, ProvingKey, RecordPlaintext, Field, Poseidon4, ProgramManager as ProgramManager$1, verifyFunctionExecution } from '@provablehq/wasm/mainnet.js';
 export { Address, Authorization, BHP1024, BHP256, BHP512, BHP768, Boolean, Ciphertext, ComputeKey, EncryptionToolkit, ExecutionRequest, ExecutionResponse, Field, Execution as FunctionExecution, GraphKey, Group, I128, I16, I32, I64, I8, OfflineQuery, Pedersen128, Pedersen64, Plaintext, Poseidon2, Poseidon4, Poseidon8, PrivateKey, PrivateKeyCiphertext, Program, ProgramManager as ProgramManagerBase, ProvingKey, ProvingRequest, RecordCiphertext, RecordPlaintext, Scalar, Signature, Transaction, Transition, U128, U16, U32, U64, U8, VerifyingKey, ViewKey, getOrInitConsensusVersionTestHeights, initThreadPool, verifyFunctionExecution } from '@provablehq/wasm/mainnet.js';
+import sodium from 'libsodium-wrappers';
 import { bech32m } from '@scure/base';
 
 /**
@@ -72,6 +73,23 @@ class Account {
             throw new Error("Wrong password or invalid ciphertext");
         }
     }
+    /**
+     * Validates whether the given input is a valid Aleo address.
+     * @param {string | Uint8Array} address The address to validate, either as a string or bytes
+     * @returns {boolean} True if the address is valid, false otherwise
+     *
+     * @example
+     * import { Account } from "@provablehq/sdk/testnet.js";
+     *
+     * const isValid = Account.isValidAddress("aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px");
+     * console.log(isValid); // true
+     *
+     * const isInvalid = Account.isValidAddress("invalid_address");
+     * console.log(isInvalid); // false
+     */
+    static isValidAddress(address) {
+        return Address.isValid(address);
+    }
     /**
      * Creates a PrivateKey from the provided parameters.
      * @param {AccountParam} params The parameters containing either a private key string or a seed
@@ -186,7 +204,7 @@ class Account {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/testnet.js";
      *
      * // Create a connection to the Aleo network and an account
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const account = Account.fromCiphertext(process.env.ciphertext!, process.env.password!);
      *
      * // Get the record ciphertexts from a transaction.
@@ -215,7 +233,7 @@ class Account {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/testnet.js";
      *
      * // Create a connection to the Aleo network and an account
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const account = Account.fromCiphertext(process.env.ciphertext!, process.env.password!);
      *
      * // Get the record ciphertexts from a transaction.
@@ -286,7 +304,7 @@ class Account {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/testnet.js";
      *
      * // Create a connection to the Aleo network and an account
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const account = Account.fromCiphertext(process.env.ciphertext!, process.env.password!);
      *
      * // Get the record ciphertexts from a transaction and check ownership of them.
@@ -387,6 +405,11 @@ function detectBrowser() {
         return "browser";
     }
 }
+function isNode() {
+    return typeof process !== "undefined" &&
+        process.versions != null &&
+        process.versions.node != null;
+}
 function environment() {
     if ((typeof process !== 'undefined') &&
         (process.release?.name === 'node')) {
@@ -466,6 +489,91 @@ async function retryWithBackoff(fn, { maxAttempts = 5, baseDelay = 100, jitter,
     throw new Error("retryWithBackoff: unreachable");
 }
 
+/** Type guard: value is a ProvingResponse. */
+function isProvingResponse(value) {
+    return (typeof value === "object" &&
+        value !== null &&
+        "transaction" in value &&
+        "broadcast_result" in value &&
+        typeof value.broadcast_result === "object");
+}
+/** Type guard: value is a ProveApiErrorBody. */
+function isProveApiErrorBody(value) {
+    return (typeof value === "object" &&
+        value !== null &&
+        "message" in value);
+}
+
+await sodium.ready;
+/**
+ * Encrypt an authorization with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Authorization} authorization the authorization to encrypt.
+ *
+ * @returns {string} the encrypted authorization in RFC 4648 standard Base64.
+ */
+function encryptAuthorization(publicKey, authorization) {
+    // Ready the cryptobox lib.
+    return encryptMessage(publicKey, authorization.toBytesLe());
+}
+/**
+ * Encrypt a ProvingRequest with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Authorization} provingRequest the ProvingRequest to encrypt.
+ *
+ * @returns {string} the encrypted ProvingRequest in RFC 4648 standard Base64.
+ */
+function encryptProvingRequest(publicKey, provingRequest) {
+    return encryptMessage(publicKey, provingRequest.toBytesLe());
+}
+/**
+ * Encrypt a view key with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {ViewKey} viewKey the view key to encrypt.
+ *
+ * @returns {string} the encrypted view key in RFC 4648 standard Base64.
+ */
+function encryptViewKey(publicKey, viewKey) {
+    return encryptMessage(publicKey, viewKey.toBytesLe());
+}
+/**
+ * Encrypt a record scanner registration request.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {ViewKey} viewKey the view key to encrypt.
+ * @param {number} start the start height of the registration request.
+ *
+ * @returns {string} the encrypted view key in RFC 4648 standard Base64.
+ */
+function encryptRegistrationRequest(publicKey, viewKey, start) {
+    // Turn the view key into a Uint8Array.
+    const vk_bytes = viewKey.toBytesLe();
+    // Create a new array to hold the original bytes and the 4-byte start height.
+    const bytes = new Uint8Array(vk_bytes.length + 4);
+    // Copy existing bytes.
+    bytes.set(vk_bytes, 0);
+    // Write the 4-byte number in LE format at the end of the array.
+    const view = new DataView(bytes.buffer);
+    view.setUint32(vk_bytes.length, start, true);
+    // Encrypt the encoded bytes.
+    return encryptMessage(publicKey, bytes);
+}
+/**
+ * Encrypt arbitrary bytes with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Uint8Array} message the bytes to encrypt.
+ *
+ * @returns {string} the encrypted bytes in RFC 4648 standard Base64.
+ */
+function encryptMessage(publicKey, message) {
+    const publicKeyBytes = sodium.from_base64(publicKey, sodium.base64_variants.ORIGINAL);
+    return sodium.to_base64(sodium.crypto_box_seal(message, publicKeyBytes), sodium.base64_variants.ORIGINAL);
+}
+
 const KEY_STORE = Metadata.baseUrl();
 function convert(metadata) {
     // This looks up the method name in VerifyingKey
@@ -579,7 +687,7 @@ const FIVE_MINUTES = 5 * 60 * 1000; // 5 minutes in milliseconds
  * const account = Account.fromCiphertext(process.env.ciphertext, process.env.password);
  * const apiKey = process.env.apiKey;
  * const consumerId = process.env.consumerId;
- * const publicNetworkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined, account);
+ * const publicNetworkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined, account);
  */
 class AleoNetworkClient {
     host;
@@ -591,18 +699,37 @@ class AleoNetworkClient {
     apiKey;
     consumerId;
     jwtData;
+    proverUri;
+    recordScannerUri;
     constructor(host, options) {
         this.host = host + "/mainnet";
         this.network = "mainnet";
         this.ctx = {};
         this.verboseErrors = true;
-        if (options && options.headers) {
-            this.headers = options.headers;
+        if (options) {
+            if (options.headers) {
+                this.headers = options.headers;
+            }
+            else {
+                this.headers = {
+                    // This is replaced by the actual version by a Rollup plugin
+                    "X-Aleo-SDK-Version": "0.9.17",
+                    "X-Aleo-environment": environment(),
+                };
+            }
+            // If a prover uri was specified, set the prover uri.
+            if (options.proverUri) {
+                this.proverUri = options.proverUri + "/mainnet";
+            }
+            // If a record scanner uri was specified, set the record scanner uri.
+            if (options.recordScannerUri) {
+                this.recordScannerUri = options.recordScannerUri + "/mainnet";
+            }
         }
         else {
             this.headers = {
                 // This is replaced by the actual version by a Rollup plugin
-                "X-Aleo-SDK-Version": "0.9.16-rc",
+                "X-Aleo-SDK-Version": "0.9.17",
                 "X-Aleo-environment": environment(),
             };
         }
@@ -614,7 +741,7 @@ class AleoNetworkClient {
      * @example
      * import { Account, AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const account = new Account();
      * networkClient.setAccount(account);
      */
@@ -642,11 +769,45 @@ class AleoNetworkClient {
      * const networkClient = new AleoNetworkClient("http://0.0.0.0:3030", undefined);
      *
      * // Set the host to a public node.
-     * networkClient.setHost("http://api.explorer.provable.com/v1");
+     * networkClient.setHost("https://api.provable.com/v2");
      */
     setHost(host) {
         this.host = host + "/mainnet";
     }
+    /**
+     * Set a new uri for a remote prover.
+     *
+     * @param {string} proverUri The uri of the remote prover.
+     *
+     * @example
+     * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
+     *
+     * // Create a networkClient that connects to the provable explorer api.
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
+     *
+     * // Set the prover uri.
+     * networkClient.setProverUri("https://prover.provable.prove");
+     */
+    setProverUri(proverUri) {
+        this.proverUri = proverUri + "/mainnet";
+    }
+    /**
+     * Set a new uri for a remote record scanner.
+     *
+     * @param {string} recordScannerUri The uri of the remote record scanner.
+     *
+     * @example
+     * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
+     *
+     * // Create a networkClient that connects to the provable explorer api.
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
+     *
+     * // Set the record scanner uri.
+     * networkClient.setRecordScannerUri("https://scanner.provable.scan");
+     */
+    setRecordScannerUri(recordScannerUri) {
+        this.recordScannerUri = recordScannerUri + "/mainnet";
+    }
     /**
      * Set verbose errors to true or false for the `AleoNetworkClient`. When set to true, if `submitTransaction` fails, the failure responses will report descriptive information as to why the transaction failed.
      *
@@ -753,7 +914,7 @@ class AleoNetworkClient {
      * const account = Account.fromCiphertext(process.env.ciphertext, process.env.password);
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * networkClient.setAccount(account);
      *
      * // Find specific amounts
@@ -976,7 +1137,7 @@ class AleoNetworkClient {
      * const account = Account.fromCiphertext(process.env.ciphertext, process.env.password);
      *
      * // Create a network client and set an account to search for records with.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * networkClient.setAccount(account);
      *
      * // Find specific amounts
@@ -1032,7 +1193,7 @@ class AleoNetworkClient {
      * @example
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const block = networkClient.getBlockByHash("ab19dklwl9vp63zu3hwg57wyhvmqf92fx5g8x0t6dr72py8r87pxupqfne5t9");
      */
     async getBlockByHash(blockHash) {
@@ -1090,7 +1251,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/testnet.js";
      *
      * // Get the transaction ID of the deployment transaction for a program.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const transactionId = networkClient.getDeploymentTransactionIDForProgram("hello_hello.aleo");
      *
      * // Get the transaction data for the deployment transaction.
@@ -1125,7 +1286,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, DeploymentJSON } from "@provablehq/sdk/testnet.js";
      *
      * // Get the transaction ID of the deployment transaction for a program.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const transaction = networkClient.getDeploymentTransactionForProgram("hello_hello.aleo");
      *
      * // Get the verifying keys for each function in the deployment.
@@ -1158,7 +1319,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/testnet.js";
      *
      * // Get the transaction ID of the deployment transaction for a program.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const transactionId = networkClient.getDeploymentTransactionIDForProgram("hello_hello.aleo");
      *
      * // Get the transaction data for the deployment transaction.
@@ -1189,7 +1350,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/testnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const latestHeight = networkClient.getLatestBlock();
      */
@@ -1214,10 +1375,10 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Create a network client and get the latest committee.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const latestCommittee = await networkClient.getLatestCommittee();
      */
     async getLatestCommittee() {
@@ -1242,10 +1403,10 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Create a network client and get the committee for a specific block.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const committee = await networkClient.getCommitteeByBlockHeight(1234);
      */
     async getCommitteeByBlockHeight(blockHeight) {
@@ -1269,7 +1430,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const latestHeight = networkClient.getLatestHeight();
      */
@@ -1294,7 +1455,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the latest block hash.
      * const latestHash = networkClient.getLatestBlockHash();
@@ -1322,7 +1483,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the source code of a program.)
      * @returns {Promise<string>} Source code of the program
@@ -1331,7 +1492,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const program = networkClient.getProgram("hello_hello.aleo");
      * const expectedSource = "program hello_hello.aleo;\n\nfunction hello:\n    input r0 as u32.public;\n    input r1 as u32.private;\n    add r0 r1 into r2;\n    output r2 as u32.private;\n"
@@ -1364,7 +1525,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const programVersion = networkClient.getLatestProgramEdition("hello_hello.aleo");
      * assert.equal(programVersion, 1);
@@ -1393,7 +1554,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const programID = "hello_hello.aleo";
      * const programSource = "program hello_hello.aleo;\n\nfunction hello:\n    input r0 as u32.public;\n    input r1 as u32.private;\n    add r0 r1 into r2;\n    output r2 as u32.private;\n"
@@ -1433,7 +1594,7 @@ class AleoNetworkClient {
      * }
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Imports can be fetched using the program ID, source code, or program object
      * let programImports = await networkClient.getProgramImports("double_test.aleo");
@@ -1503,7 +1664,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const programImportsNames = networkClient.getProgramImports("wrapped_credits.aleo");
      * const expectedImportsNames = ["credits.aleo"];
@@ -1534,7 +1695,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const mappings = networkClient.getProgramMappingNames("credits.aleo");
      * const expectedMappings = [
@@ -1572,7 +1733,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get public balance of an account
      * const mappingValue = networkClient.getMappingValue("credits.aleo", "account", "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px");
@@ -1604,7 +1765,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the bond state as an account.
      * const unbondedState = networkClient.getMappingPlaintext("credits.aleo", "bonded", "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px");
@@ -1650,7 +1811,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the balance of an account from either an address object or address string.
      * const account = Account.fromCiphertext(process.env.ciphertext, process.env.password);
@@ -1681,7 +1842,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the latest state root.
      * const stateRoot = networkClient.getStateRoot();
@@ -1708,7 +1869,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const transaction = networkClient.getTransaction("at1handz9xjrqeynjrr0xay4pcsgtnczdksz3e584vfsgaz0dh0lyxq43a4wj");
      */
@@ -1734,7 +1895,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const transaction = networkClient.getConfirmedTransaction("at1handz9xjrqeynjrr0xay4pcsgtnczdksz3e584vfsgaz0dh0lyxq43a4wj");
      * assert.equal(transaction.status, "confirmed");
@@ -1799,7 +1960,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const transactions = networkClient.getTransactions(654);
      */
@@ -1825,7 +1986,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * const transactions = networkClient.getTransactionsByBlockHash("ab19dklwl9vp63zu3hwg57wyhvmqf92fx5g8x0t6dr72py8r87pxupqfne5t9");
      */
@@ -1852,7 +2013,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      *
      * // Get the current transactions in the mempool.
      * const transactions = networkClient.getTransactionsInMempool();
@@ -1972,33 +2133,87 @@ class AleoNetworkClient {
         };
     }
     /**
-     * Submit a `ProvingRequest` to a remote proving service for delegated proving. If the broadcast flag of the `ProvingRequest` is set to `true` the remote service will attempt to broadcast the result `Transaction` on behalf of the requestor.
+     * Parses a /prove or /prove/encrypted response. Returns a result object (never throws for 200/400/500/503).
+     */
+    async handleProvingResponse(response) {
+        // Get the proving response text.
+        const text = await response.text();
+        let body;
+        // Parse the body.
+        try {
+            body = parseJSON(text);
+        }
+        catch {
+            body = {};
+        }
+        // If the status is 200, attempt to parse the Proving Request along its expected structure.
+        if (response.status === 200) {
+            if (isProvingResponse(body)) {
+                return { ok: true, data: body };
+            }
+            return {
+                ok: false,
+                status: response.status,
+                error: { message: "Invalid response from proving service" },
+            };
+        }
+        // If the response is non 200, return the information back to the caller so it can be handled.
+        if (response.status === 400 || response.status === 500 || response.status === 503) {
+            const error = isProveApiErrorBody(body)
+                ? body
+                : { message: text || `${response.status} error` };
+            return { ok: false, status: response.status, error };
+        }
+        return {
+            ok: false,
+            status: response.status,
+            error: { message: text || `${response.status} error` },
+        };
+    }
+    /**
+     * Submit a `ProvingRequest` to a remote proving service for delegated proving. If the broadcast flag of the `ProvingRequest` is set to `true` the remote service will attempt to broadcast the result `Transaction` on behalf of the requestor. Throws on HTTP 400, 500, 503 (and retries on 500/503). Callers should {@link submitProvingRequestSafe} to handle proving request failures without throwing.
      *
      * @param {DelegatedProvingParams} options - The optional parameters required to submit a proving request.
      * @returns {Promise<ProvingResponse>} The ProvingResponse containing the transaction result and the result of the broadcast if the `broadcast` flag was set to `true`.
      */
     async submitProvingRequest(options) {
-        const proverUri = options.url ?? this.host;
+        const result = await this.submitProvingRequestSafe(options);
+        if (result.ok) {
+            return result.data;
+        }
+        const err = new Error(result.error.message);
+        err.status = result.status;
+        throw err;
+    }
+    /**
+     * Submit a proving request and return a result object instead of throwing. This method is usable when callers want to handle HTTP status (400, 500, 503) yourself. Retries on 500/503 and returns on 200 or 400.
+     *
+     * @param {DelegatedProvingParams} options - The optional parameters required to submit a proving request.
+     * @returns {Promise<ProvingResult>} `{ ok: true, data }` on success (200), or `{ ok: false, status, error }` on 400/500/503. Check `result.ok` and then either `result.data` or `result.status` / `result.error.message`.
+     */
+    async submitProvingRequestSafe(options) {
+        // Attempt to get the Prover URI first from the options, then from any configured globally, or third try the main configured host.
+        const proverUri = (options.url ?? this.proverUri) ?? this.host;
         const provingRequestString = options.provingRequest instanceof ProvingRequest
             ? options.provingRequest.toString()
             : options.provingRequest;
+        // Try to get JWT data to access the Provable API.
         const apiKey = options.apiKey ?? this.apiKey;
         const consumerId = options.consumerId ?? this.consumerId;
         let jwtData = options.jwtData ?? this.jwtData;
-        // Check if JWT is expired or missing
-        const bufferTime = FIVE_MINUTES; // 5 minutes buffer
-        const isExpired = jwtData && Date.now() >= jwtData.expiration - bufferTime;
+        // Check to see if the JWT needs refreshing.
+        const isExpired = jwtData && Date.now() >= jwtData.expiration - FIVE_MINUTES;
         if (!jwtData || isExpired) {
             if (options.apiKey && options.consumerId) {
                 jwtData = await this.refreshJwt(apiKey, consumerId);
-                // Update both the class and the options with the new JWT
                 this.jwtData = jwtData;
                 options.jwtData = jwtData;
             }
             else {
-                throw new Error('JWT or both apiKey and consumerId are required');
+                console.warn('JWT or both apiKey and consumerId are required when using the Provable API');
             }
         }
+        // Create the necessary headers to hit the provable api.
         const headers = {
             ...this.headers,
             "X-ALEO-METHOD": "submitProvingRequest",
@@ -2007,17 +2222,75 @@ class AleoNetworkClient {
         if (jwtData?.jwt) {
             headers["Authorization"] = jwtData.jwt;
         }
-        try {
-            const response = await retryWithBackoff(() => post(`${proverUri}`, {
+        // Encapsulate the requests in a locally scoped function that can be run with a retry closure.
+        const runRequest = async () => {
+            // If DPS privacy is set, call invoke the encrypted flow.
+            if (options.dpsPrivacy) {
+                // Get an ephemeral public key from a DPS service.
+                const pubKeyResponse = await get(proverUri + "/pubkey", {
+                    headers,
+                    credentials: "include",
+                });
+                // Encrypt the provingRequest.
+                const pubkey = parseJSON(await pubKeyResponse.text());
+                const ciphertext = encryptProvingRequest(pubkey.public_key, ProvingRequest.fromString(provingRequestString));
+                // Form the expected query a DPS service expects (including the key_id).
+                const payload = {
+                    key_id: pubkey.key_id,
+                    ciphertext: ciphertext,
+                };
+                // We're in node, attempt to set the cookie manually.
+                const cookie = isNode() ? pubKeyResponse.headers.get("set-cookie") : undefined;
+                // Send the encrypted proving request to the DPS service.
+                const res = await fetch(`${proverUri}/prove/encrypted`, {
+                    method: "POST",
+                    body: JSON.stringify(payload),
+                    headers: {
+                        ...headers,
+                        ...(cookie ? { Cookie: cookie } : {})
+                    },
+                    credentials: "include",
+                });
+                // Properly handle the proving response.
+                return this.handleProvingResponse(res);
+            }
+            // If encrypted usage is not specified use the unencrypted endpoint.
+            const proveEndpoint = proverUri.endsWith("/prove")
+                ? proverUri
+                : proverUri + "/prove";
+            const res = await fetch(proveEndpoint, {
+                method: "POST",
                 body: provingRequestString,
-                headers
-            }));
-            const responseText = await response.text();
-            return parseJSON(responseText);
+                headers,
+            });
+            // Properly handle the proving response.
+            return this.handleProvingResponse(res);
+        };
+        try {
+            // Run the request with retries.
+            return await retryWithBackoff(async () => {
+                // Run the encrypted or non-encrypted flow as specified by the flags.
+                const result = await runRequest();
+                if (result.ok) {
+                    return result;
+                }
+                // If 500s are hit responses are returned, attempt retries.
+                if (result.status === 500 || result.status === 503) {
+                    const err = new Error(result.error.message);
+                    err.status = result.status;
+                    throw err;
+                }
+                return result;
+            });
         }
-        catch (error) {
-            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
-            throw new Error(`Failed to submit proving request: ${errorMessage}`);
+        catch (err) {
+            // If an error is returned, provide usable information to the caller.
+            const e = err;
+            return {
+                ok: false,
+                status: e.status ?? 500,
+                error: { message: e.message },
+            };
         }
     }
     /**
@@ -2032,7 +2305,7 @@ class AleoNetworkClient {
      * import { AleoNetworkClient, Account, ProgramManager } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a network client and program manager.
-     * const networkClient = new AleoNetworkClient("http://api.explorer.provable.com/v1", undefined);
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2", undefined);
      * const programManager = new ProgramManager(networkClient);
      *
      * // Set the account for the program manager.
@@ -2103,45 +2376,61 @@ class AleoNetworkClient {
 }
 
 /**
- * @param {Map<string, CachedKeyPair>} map Any interface which returns a string as cached keypair bytes.
- *
- * @returns {KeyStore} The map decorated as a keystore.
+ * Error thrown when a record scanner request fails (e.g. /register, /register/encrypted).
+ * Includes HTTP status so callers can handle 422 vs 500 etc.
  */
-function promoteMapToKeyStore(map) {
-    const ks = map;
-    ks.getKeys = async (locator) => {
-        const raw = map.get(locator);
-        if (!raw)
-            return null;
-        const [p, v] = raw;
-        return [
-            ProvingKey.fromBytes(p),
-            VerifyingKey.fromBytes(v),
-        ];
-    };
-    ks.getKeyBytes = async (locator) => map.get(locator) ?? null;
-    ks.getProvingKey = async (locator) => {
-        const raw = map.get(locator);
-        return raw ? ProvingKey.fromBytes(raw[0]) : null;
-    };
-    ks.getProvingKeyBytes = async (locator) => map.get(locator)?.[0] ?? null;
-    ks.getVerifyingKey = async (locator) => {
-        const raw = map.get(locator);
-        return raw ? VerifyingKey.fromBytes(raw[1]) : null;
-    };
-    ks.getVerifyingKeyBytes = async (locator) => map.get(locator)?.[1] ?? null;
-    ks.setKeys = async (locator, [pk, vk]) => {
-        map.set(locator, [pk.toBytes(), vk.toBytes()]);
-    };
-    ks.setKeyBytes = async (locator, raw) => {
-        map.set(locator, raw);
-    };
-    ks.has = async (locator) => Map.prototype.has.call(map, locator);
-    ks.delete = async (locator) => {
-        Map.prototype.delete.call(map, locator);
-    };
-    ks.clear = async () => Map.prototype.clear.call(map);
-    return ks;
+class RecordScannerRequestError extends Error {
+    status;
+    constructor(message, status) {
+        super(message);
+        this.name = "RecordScannerRequestError";
+        this.status = status;
+        Object.setPrototypeOf(this, RecordScannerRequestError.prototype);
+    }
+}
+/** Error thrown when findCreditsRecord or findCreditsRecords is called but decryption is not enabled on the record scanner. */
+class DecryptionNotEnabledError extends Error {
+    filter;
+    constructor(message, filter) {
+        super(message);
+        this.name = "DecryptionNotEnabledError";
+        this.filter = filter;
+        Object.setPrototypeOf(this, DecryptionNotEnabledError.prototype);
+    }
+}
+/** Error thrown when findCreditsRecord or findCreditsRecords is called but no view key for the UUID is stored in viewKeys or the account. */
+class ViewKeyNotStoredError extends Error {
+    uuid;
+    filter;
+    constructor(message, uuid, filter) {
+        super(message);
+        this.name = "ViewKeyNotStoredError";
+        this.uuid = uuid;
+        this.filter = filter;
+        Object.setPrototypeOf(this, ViewKeyNotStoredError.prototype);
+    }
+}
+/** Error thrown when no record matches the supplied search filter (e.g. findCreditsRecord / findCreditsRecords). */
+class RecordNotFoundError extends Error {
+    filter;
+    constructor(message, filter) {
+        super(message);
+        this.name = "RecordNotFoundError";
+        this.filter = filter;
+        Object.setPrototypeOf(this, RecordNotFoundError.prototype);
+    }
+}
+/** Error thrown when no UUID is configured, the UUID is invalid, or a record scanner request fails due to an invalid UUID/response. */
+class UUIDError extends Error {
+    uuid;
+    filter;
+    constructor(message, uuid, filter) {
+        super(message);
+        this.name = "UUIDError";
+        this.uuid = uuid;
+        this.filter = filter;
+        Object.setPrototypeOf(this, UUIDError.prototype);
+    }
 }
 
 /**
@@ -2169,8 +2458,8 @@ class AleoKeyProviderParams {
     }
 }
 /**
- * AleoKeyProvider class. Implements the KeyProvider interface. Enables the retrieval of Aleo program proving and
- * verifying keys for the credits.aleo program over http from official Aleo sources and storing and retrieving function
+ * AleoKeyProvider class. Implements the FunctionKeyProvider interface. Enables the retrieval of Aleo program proving and
+ * verifying keys for the credits.aleo program over HTTP from official Aleo sources and storing and retrieving function
  * keys from a local memory cache.
  */
 class AleoKeyProvider {
@@ -2192,10 +2481,8 @@ class AleoKeyProvider {
         this.cache = new Map();
         this.cacheOption = false;
     }
-    keyStore() {
-        if (!this.cacheOption)
-            return Promise.resolve(undefined);
-        return Promise.resolve(promoteMapToKeyStore(this.cache));
+    async keyStore() {
+        return undefined;
     }
     /**
      * Use local memory to store keys
@@ -2267,12 +2554,12 @@ class AleoKeyProvider {
      *
      * @example
      * // Create a new object which implements the KeyProvider interface
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const keyProvider = new AleoKeyProvider();
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for value transfers
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.transfer(1, "aleo166q6ww6688cug7qxwe7nhctjpymydwzy2h7rscfmatqmfwnjvggqcad0at", "public", 0.5);
      *
      * // Keys can also be fetched manually using the key provider
@@ -2285,7 +2572,7 @@ class AleoKeyProvider {
             let verifierUrl;
             let cacheKey;
             if ("name" in params && typeof params["name"] == "string") {
-                let key = CREDITS_PROGRAM_KEYS.getKey(params["name"]);
+                const key = CREDITS_PROGRAM_KEYS.getKey(params["name"]);
                 return this.fetchCreditsKeys(key);
             }
             if ("proverUri" in params &&
@@ -2319,12 +2606,12 @@ class AleoKeyProvider {
      *
      * @example
      * // Create a new AleoKeyProvider object
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const keyProvider = new AleoKeyProvider();
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for value transfers
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.transfer(1, "aleo166q6ww6688cug7qxwe7nhctjpymydwzy2h7rscfmatqmfwnjvggqcad0at", "public", 0.5);
      *
      * // Keys can also be fetched manually
@@ -2442,12 +2729,12 @@ class AleoKeyProvider {
      *
      * @example
      * // Create a new AleoKeyProvider
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const keyProvider = new AleoKeyProvider();
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for value transfers
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.transfer(1, "aleo166q6ww6688cug7qxwe7nhctjpymydwzy2h7rscfmatqmfwnjvggqcad0at", "public", 0.5);
      *
      * // Keys can also be fetched manually
@@ -2582,6 +2869,156 @@ class AleoKeyProvider {
     }
 }
 
+/**
+ * Error thrown when there is a mismatch between expected and actual key metadata.
+ * This can occur during verification of either the checksum or size of a key.
+ *
+ * @extends Error
+ */
+class KeyVerificationError extends Error {
+    locator;
+    field;
+    expected;
+    actual;
+    /**
+     * Creates a new KeyVerificationError instance (error.name is "ChecksumMismatchError").
+     *
+     * @param {string} locator - The key locator where the mismatch occurred.
+     * @param {"checksum" | "size"} field - The field that failed verification (either "checksum" or "size").
+     * @param {string} expected - The expected value of the field.
+     * @param {string} actual - The actual value encountered.
+     */
+    constructor(locator, field, expected, actual) {
+        super(`Key verification ${locator} ${field} mismatch: expected ${expected}, got ${actual}`);
+        this.locator = locator;
+        this.field = field;
+        this.expected = expected;
+        this.actual = actual;
+        this.name = "ChecksumMismatchError";
+        Object.setPrototypeOf(this, KeyVerificationError.prototype);
+    }
+}
+/**
+ * Computes the SHA-256 checksum of a given set of bytes.
+ *
+ * @param {Uint8Array} bytes - The bytes to compute the checksum of.
+ */
+async function sha256Hex(bytes) {
+    const hash = await crypto.subtle.digest("SHA-256", bytes);
+    return Array.from(new Uint8Array(hash))
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+}
+
+/**
+ * In-memory implementation of KeyVerifier that stores and verifies key fingerprints.
+ * Provides functionality to compute and verify cryptographic checksums of keys, storing them
+ * in memory for subsequent verification. This implementation is primarily used for testing
+ * and development purposes where persistence is not required.
+ *
+ * Key features:
+ * - Computes SHA-256 checksums and sizes for key bytes.
+ * - Stores key fingerprints in memory using string locators.
+ * - Verifies key bytes against stored or provided fingerprints.
+ *
+ * @implements {KeyVerifier}
+ */
+class MemKeyVerifier {
+    keyStore = {};
+    /**
+     * Computes and optionally stores key metadata. If a keyFingerprint is provided, this function will verify the computed checksum against it before storing it.
+     *
+     * @param {KeyMetadata} keyMetadata - Object containing key bytes and optional verification data.
+     * @throws {KeyVerificationError} When provided keyFingerprint doesn't match computed values.
+     * @returns {Promise<KeyFingerprint>} Computed key metadata.
+     */
+    async computeKeyMetadata(keyMetadata) {
+        // Compute the metadata from the key bytes
+        const computedFingerprint = {
+            checksum: await sha256Hex(keyMetadata.keyBytes),
+            size: keyMetadata.keyBytes.length
+        };
+        // If a KeyFingerprint is provided, verify it matches computed values.
+        if (keyMetadata.fingerprint) {
+            if (keyMetadata.fingerprint.size !== computedFingerprint.size) {
+                throw new KeyVerificationError(keyMetadata.locator ? keyMetadata.locator : "", "size", String(keyMetadata.fingerprint.size), String(computedFingerprint.size));
+            }
+            if (keyMetadata.fingerprint.checksum !== computedFingerprint.checksum) {
+                throw new KeyVerificationError(keyMetadata.locator ? keyMetadata.locator : "", "checksum", keyMetadata.fingerprint.checksum, computedFingerprint.checksum);
+            }
+        }
+        // If locator is provided, store only the fingerprint
+        if (keyMetadata.locator) {
+            this.keyStore[keyMetadata.locator] = computedFingerprint;
+        }
+        return computedFingerprint;
+    }
+    /**
+     * Verifies key bytes against stored or provided metadata. Follows a priority verification scheme:
+     * 1. If KeyFingerprint is provided in the metadata, this method verifies against that first.
+     * 2. If a locator is provided, attempts to verify against stored fingerprint.
+     * 3. If neither is available, throws an error.
+     *
+     * @param {KeyMetadata} keyMetadata - Object containing the key bytes and optional verification metadata.
+     * @throws {Error} When neither fingerprint nor valid locator is provided for verification.
+     * @throws {KeyVerificationError} When size or checksum verification fails.
+     * @returns {Promise<void>} Promise that resolves when verification succeeds.
+     */
+    async verifyKeyBytes(keyMetadata) {
+        if (!keyMetadata.keyBytes) {
+            throw new Error("Key bytes must be provided for verification.");
+        }
+        // Compute the fingerprint for the provided bytes.
+        const computedFingerprint = await this.computeKeyMetadata({
+            keyBytes: keyMetadata.keyBytes
+        });
+        // Determine which fingerprint to verify against.
+        let fingerprintToVerify;
+        if (keyMetadata.fingerprint) {
+            // If a key fingerprint is provided, use it.
+            fingerprintToVerify = keyMetadata.fingerprint;
+        }
+        else if (keyMetadata.locator) {
+            // Otherwise try to get stored fingerprint by locator.
+            fingerprintToVerify = this.keyStore[keyMetadata.locator];
+        }
+        if (!fingerprintToVerify) {
+            throw new Error("Either fingerprint or a valid locator must be provided for verification.");
+        }
+        // Verify the key size.
+        if (fingerprintToVerify.size !== computedFingerprint.size) {
+            throw new KeyVerificationError(keyMetadata.locator || "", "size", String(fingerprintToVerify.size), String(computedFingerprint.size));
+        }
+        // Verify the key checksum.
+        if (fingerprintToVerify.checksum !== computedFingerprint.checksum) {
+            throw new KeyVerificationError(keyMetadata.locator || "", "checksum", fingerprintToVerify.checksum, computedFingerprint.checksum);
+        }
+    }
+}
+
+/**
+ * Error thrown when a key locator is invalid for filesystem use.
+ * Used to prevent path traversal and other filesystem injection when deriving paths from locators.
+ *
+ * @extends Error
+ */
+class InvalidLocatorError extends Error {
+    locator;
+    reason;
+    /**
+     * @param message - Human-readable description of the validation failure.
+     * @param locator - The invalid locator string that failed validation.
+     * @param reason - Machine-readable reason code for the failure.
+     */
+    constructor(message, locator, reason) {
+        super(message);
+        this.locator = locator;
+        this.reason = reason;
+        this.name = "InvalidLocatorError";
+        Object.setPrototypeOf(this, InvalidLocatorError.prototype);
+    }
+}
+
 /**
  * Search parameters for the offline key provider. This class implements the KeySearchParams interface and includes
  * a convenience method for creating a new instance of this class for each function of the credits.aleo program.
@@ -2621,7 +3058,7 @@ class OfflineSearchParams {
         return new OfflineSearchParams(CREDITS_PROGRAM_KEYS.bond_validator.locator, true);
     }
     /**
-     * Create a new OfflineSearchParams instance for the claim_unbond_public function of the
+     * Create a new OfflineSearchParams instance for the claim_unbond_public function of the credits.aleo program.
      */
     static claimUnbondPublicKeyParams() {
         return new OfflineSearchParams(CREDITS_PROGRAM_KEYS.claim_unbond_public.locator, true);
@@ -2747,7 +3184,7 @@ class OfflineSearchParams {
  * const offlineExecuteTx = <Transaction>await this.buildExecutionTransaction("hello_hello.aleo", "hello", 1, false, ["5u32", "5u32"], undefined, offlineSearchParams, undefined, undefined, undefined, undefined, offlineQuery, program);
  *
  * // Broadcast the transaction later on a machine with internet access
- * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+ * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
  * const txId = await networkClient.broadcastTransaction(offlineExecuteTx);
  */
 class OfflineKeyProvider {
@@ -2756,7 +3193,7 @@ class OfflineKeyProvider {
         this.cache = new Map();
     }
     keyStore() {
-        return Promise.resolve(promoteMapToKeyStore(this.cache));
+        return Promise.resolve(undefined);
     }
     /**
      * Get bond_public function keys from the credits.aleo program. The keys must be cached prior to calling this
@@ -3207,7 +3644,7 @@ class NetworkRecordProvider {
      *
      * @example
      * // Create a new NetworkRecordProvider
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const keyProvider = new AleoKeyProvider();
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
      *
@@ -3220,7 +3657,7 @@ class NetworkRecordProvider {
      *
      * // When the program manager is initialized with the record provider it will be used to find automatically find
      * // fee records and amount records for value transfers so that they do not need to be specified manually
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.transfer(1, "aleo166q6ww6688cug7qxwe7nhctjpymydwzy2h7rscfmatqmfwnjvggqcad0at", "public", 0.5);
      *
      * */
@@ -3254,9 +3691,9 @@ class NetworkRecordProvider {
         const recordsPts = await this.networkClient.findRecords(startHeight, endHeight, searchParameters.unspent, ["credits.aleo"], microcredits, maxAmount, searchParameters.nonces, this.account.privateKey());
         return recordsPts.map((record) => ({
             owner: record.owner().toString(),
-            programName: 'credits.aleo',
-            recordName: 'credits',
-            recordPlaintext: record.toString(),
+            program_name: 'credits.aleo',
+            record_name: 'credits',
+            record_plaintext: record.toString(),
         }));
     }
     /**
@@ -3268,7 +3705,7 @@ class NetworkRecordProvider {
      *
      * @example
      * // Create a new NetworkRecordProvider
-     * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+     * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
      * const keyProvider = new AleoKeyProvider();
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
      *
@@ -3281,7 +3718,7 @@ class NetworkRecordProvider {
      *
      * // When the program manager is initialized with the record provider it will be used to find automatically find
      * // fee records and amount records for value transfers so that they do not need to be specified manually
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.transfer(1, "aleo166q6ww6688cug7qxwe7nhctjpymydwzy2h7rscfmatqmfwnjvggqcad0at", "public", 0.5);
      */
     async findCreditsRecord(microcredits, searchParameters) {
@@ -3377,7 +3814,7 @@ class NetworkRecordProvider {
  * const params = new BlockHeightSearch(89995, 99995);
  *
  * // Create a new NetworkRecordProvider
- * const networkClient = new AleoNetworkClient("https://api.explorer.provable.com/v1");
+ * const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
  * const keyProvider = new AleoKeyProvider();
  * const recordProvider = new NetworkRecordProvider(account, networkClient);
  *
@@ -3398,15 +3835,17 @@ class BlockHeightSearch {
 }
 
 /**
- * RecordScanner is a RecordProvider implementation that uses the record scanner service to find records.
+ * RecordScanner is a RecordProvider implementation that uses Provable's confidential record scanning service to find
+ * records.
  *
  * @example
  * const account = new Account({ privateKey: 'APrivateKey1...' });
  *
  * const recordScanner = new RecordScanner({ url: "https://record-scanner.aleo.org" });
  * recordScanner.setAccount(account);
- * recordScanner.setApiKey("your-api-key");
- * const uuid = await recordScanner.register(0);
+ * recordScanner.setApiKey("example-api-key");
+ * const result = await recordScanner.register(viewKey, 0);
+ * if (result.ok) { const uuid = result.data.uuid; }
  *
  * const filter = {
  *     uuid,
@@ -3439,38 +3878,231 @@ class BlockHeightSearch {
  * const records = await recordScanner.findRecords(filter);
  */
 class RecordScanner {
+    cacheViewKeysOnRegister;
     url;
     apiKey;
+    consumerId;
+    jwtData;
     uuid;
+    viewKeys;
+    autoReRegister;
+    decryptEnabled;
+    account;
+    /**
+     * @param {RecordScannerOptions} options Configuration for the record scanner.
+     */
     constructor(options) {
-        this.url = options.url;
-        this.apiKey = typeof options.apiKey === "string" ? { header: "X-Provable-API-Key", value: options.apiKey } : options.apiKey;
+        // Set the network by detecting which version of the SDK is being used.
+        const network = "/mainnet";
+        // If the user has configured a network in their uri, throw.
+        if (options.url.endsWith("/mainnet") || options.url.endsWith("/testnet")) {
+            throw new Error("The record scanning url should not include the specific network, this is automatically configured by the Provable SDK.");
+        }
+        // Configure the url to use the network the SDK is using.
+        this.url = options.url + network;
+        // Get any view keys passed in the options.
+        this.viewKeys = options.viewKeys ?
+            Object.fromEntries(options.viewKeys.map(viewKey => [this.computeUUID(viewKey), viewKey]))
+            : undefined;
+        // Set the view key caching flag if provided (default: true).
+        this.cacheViewKeysOnRegister = options.cacheViewKeysOnRegister ??= true;
+        // Set the account if provided.
+        this.account = options.account;
+        if (this.account) {
+            // Compute the UUID from the view key and set it on the scanner.
+            this.setUuid(this.account.viewKey());
+            // Add the view key to the scanner's view keys.
+            this.addViewKey(this.account.viewKey());
+        }
+        // Configure authentication options.
+        this.apiKey = typeof options.apiKey === "string" ? {
+            header: "X-Provable-API-Key",
+            value: options.apiKey
+        } : options.apiKey;
+        this.consumerId = options.consumerId;
+        this.jwtData = options.jwtData;
+        this.autoReRegister = options.autoReRegister;
+        this.decryptEnabled = options.decryptEnabled;
     }
     /**
      * Set the API key to use for the record scanner.
      *
-     * @param {string} apiKey The API key to use for the record scanner.
+     * @param {string | { header: string, value: string }} apiKey The API key to use for the record scanner.
      */
-    async setApiKey(apiKey) {
+    setApiKey(apiKey) {
         this.apiKey = typeof apiKey === "string" ? { header: "X-Provable-API-Key", value: apiKey } : apiKey;
     }
     /**
-     * Set the UUID to use for the record scanner.
+     * Set the consumer ID used for JWT refresh when using authenticated record scanner (e.g. Provable API).
+     *
+     * @param {string} consumerId The consumer ID to use for JWT refresh.
+     */
+    setConsumerId(consumerId) {
+        this.consumerId = consumerId;
+    }
+    /**
+     * Set JWT data for authentication. Optional; when not set, JWT can be refreshed from apiKey + consumerId if provided.
+     *
+     * @param {RecordScannerJWTData | undefined} jwtData The JWT data to use, or undefined to clear.
+     */
+    setJwtData(jwtData) {
+        this.jwtData = jwtData;
+    }
+    /**
+     * Set whether /owned should automatically re-register on 422 (when a view key for the UUID is in viewKeys or account) and retry once.
+     *
+     * @param {boolean} enabled Whether to enable auto re-register on 422.
+     */
+    setAutoReRegister(enabled) {
+        this.autoReRegister = enabled;
+    }
+    /**
+     * Set whether decryption of owned records is enabled (e.g. for use with the decrypt method).
+     *
+     * @param {boolean} enabled Whether to enable decryption of owned records received from the scanner using the `owned` or any `findRecords` methods.
+     */
+    setDecryptEnabled(enabled) {
+        this.decryptEnabled = enabled;
+    }
+    /**
+     * Add a view key to the record scanner for usage in local decryption. This is REQUIRED for findCreditsRecord/findCreditsRecords to work properly.
+     *
+     * @param {ViewKey} viewKey The view key to add.
+     */
+    addViewKey(viewKey) {
+        const uuid = this.computeUUID(viewKey).toString();
+        this.viewKeys = this.viewKeys ? { ...this.viewKeys, [uuid]: viewKey } : { [uuid]: viewKey };
+    }
+    /**
+     * Remove a view key from the record scanner.
+     *
+     * @param {string} uuid The uuid of the view key to remove.
+     */
+    removeViewKey(uuid) {
+        if (this.viewKeys) {
+            delete this.viewKeys[uuid];
+        }
+    }
+    /**
+     * Return the view key for the given record-scanner UUID if one is configured
+     * (in viewKeys or as the account's view key). Used to decide if re-registration on 422 is possible.
+     *
+     * @param {string} uuid The record-scanner UUID to look up.
+     * @returns {ViewKey | undefined} The view key for that UUID, or undefined.
+     */
+    getViewKeyForUuid(uuid) {
+        // Prefer view key from the cached map (keyed by UUID string).
+        const cachedVk = this.viewKeys?.[uuid];
+        if (cachedVk)
+            return cachedVk;
+        // Otherwise use the account's view key if it matches this UUID.
+        const accountVk = this.account?.viewKey();
+        if (accountVk && this.computeUUID(accountVk).toString() === uuid)
+            return accountVk;
+        return undefined;
+    }
+    /**
+     * Set the primary account for the record scanner.
+     *
+     * @param {Account} account The account to set as the primary account.
+     */
+    setAccount(account) {
+        const existingVk = this.account?.viewKey();
+        // Set the account on the scanner.
+        this.account = account;
+        // Set the uuid on the scanner using the view key from the account.
+        this.setUuid(account.viewKey());
+        // Add the view key to the scanner's view keys.
+        this.addViewKey(account.viewKey());
+        // Remove the existing view key from the scanner's view keys if it exists.
+        if (existingVk) {
+            this.removeViewKey(this.computeUUID(existingVk).toString());
+        }
+    }
+    /**
+     * Refreshes the JWT by making a POST request to /jwts/{consumer_id}. Used when authentication is required.
+     *
+     * @param {string} apiKey The API key to use for the refresh request.
+     * @param {string} consumerId The consumer ID for the JWT endpoint.
+     * @returns {Promise<RecordScannerJWTData>} The new JWT data.
+     */
+    async refreshJwt(apiKey, consumerId) {
+        const response = await post(`${this.url}/jwts/${consumerId}`, {
+            headers: {
+                "X-Provable-API-Key": apiKey,
+            },
+        });
+        const authHeader = response.headers.get("authorization");
+        if (!authHeader) {
+            throw new Error("No authorization header in JWT refresh response");
+        }
+        const body = await response.json();
+        return {
+            jwt: authHeader,
+            expiration: body.exp * 1000, // Convert to milliseconds
+        };
+    }
+    /**
+     * Returns auth headers (e.g. Authorization with JWT). Refreshes JWT if expired and apiKey + consumerId are set. Empty when auth is not configured.
+     *
+     * @returns {Promise<Record<string, string>>} Auth headers to add to requests, or empty object when not configured.
+     */
+    async getAuthHeaders() {
+        let jwtData = this.jwtData;
+        // Consider JWT expired a few minutes early to avoid race at boundary.
+        const isExpired = jwtData && Date.now() >= jwtData.expiration - FIVE_MINUTES;
+        if (!jwtData || isExpired) {
+            const apiKey = this.apiKey?.value;
+            if (apiKey && this.consumerId) {
+                jwtData = await this.refreshJwt(apiKey, this.consumerId);
+                this.jwtData = jwtData;
+            }
+            else if (jwtData?.jwt) {
+                // Use existing JWT even if expired when refresh is not possible.
+                return { Authorization: jwtData.jwt };
+            }
+            else {
+                return {};
+            }
+        }
+        return jwtData?.jwt ? { Authorization: jwtData.jwt } : {};
+    }
+    /**
+     * Set the UUID for the record scanner.
+     *
+     * @param {Field | ViewKey} keyMaterial The UUID to use for the record scanner. If a ViewKey is provided, the UUID will be computed from the key.
+     */
+    setUuid(keyMaterial) {
+        this.uuid = keyMaterial instanceof ViewKey ? this.computeUUID(keyMaterial) : keyMaterial;
+    }
+    /**
+     * If the error is a RecordScannerRequestError (from request()), return a RecordScannerFailure result;
+     * otherwise re-throw the error.
      *
-     * @param {Field} uuid The UUID to use for the record scanner.
+     * @param {unknown} err The error from a failed request (e.g. from request() or from a catch after calling it).
+     * @returns {RecordScannerFailure} When err is RecordScannerRequestError.
+     * @throws Re-throws err when it is not a RecordScannerRequestError.
      */
-    async setUuid(uuidOrViewKey) {
-        this.uuid = uuidOrViewKey instanceof ViewKey ? this.computeUUID(uuidOrViewKey) : uuidOrViewKey;
+    handleRequestError(err) {
+        if (err instanceof RecordScannerRequestError) {
+            return {
+                ok: false,
+                status: err.status,
+                error: { message: err.message, status: err.status },
+            };
+        }
+        throw err;
     }
     /**
-     * Register the account with the record scanner service.
+     * Register the account with the record scanning service (unencrypted POST /register). Does not throw if a valid error response from the record scanner is received; returns a result object instead.
      *
+     * @param {ViewKey} viewKey The view key to register.
      * @param {number} startBlock The block height to start scanning from.
-     * @returns {Promise<RegistrationResponse>} The response from the record scanner service.
+     * @returns {Promise<RegisterResult>} `{ ok: true, data }` on success, or `{ ok: false, status, error }` on failure.
      */
     async register(viewKey, startBlock) {
         try {
-            let request = {
+            const request = {
                 view_key: viewKey.to_string(),
                 start: startBlock,
             };
@@ -3480,96 +4112,249 @@ class RecordScanner {
                 body: JSON.stringify(request),
             }));
             const data = await response.json();
-            this.uuid = data.uuid;
-            return data;
+            // If the uuid is not set, set it on the scanner.
+            if (!this.uuid) {
+                this.uuid = data.uuid;
+            }
+            // Add the view key to the local scanner's view keys if configured to do so.
+            if (this.cacheViewKeysOnRegister) {
+                this.addViewKey(viewKey);
+            }
+            return { ok: true, data };
         }
-        catch (error) {
-            console.error(`Failed to register view key: ${error}`);
-            throw error;
+        catch (err) {
+            console.error(`Failed to register view key: ${err}`);
+            return this.handleRequestError(err);
         }
     }
     /**
-     * Get encrypted records from the record scanner service.
+     * Fetches an ephemeral public key from the record scanning service for use with registerEncrypted.
+     * Follows the same pattern as the delegated proving service /pubkey endpoint.
+     *
+     * @returns {Promise<CryptoBoxPubKey>} The service's ephemeral public key and key_id.
+     */
+    async getPubkey() {
+        const response = await this.request(new Request(`${this.url}/pubkey`, { method: "GET" }));
+        return parseJSON(await response.text());
+    }
+    /**
+     * Registers the account with the record scanning service using the encrypted flow: 1. fetches an ephemeral public key from /pubkey - 2. encrypts the registration request (view key + start block) - 3. POSTs to /register/encrypted. Does not HTTP error on a proper error response from the record scanner; returns a result object instead.
+     *
+     * @param {ViewKey} viewKey The view key to register.
+     * @param {number} startBlock The block height to start scanning from.
+     * @returns {Promise<RegisterResult>} `{ ok: true, data }` on success, or `{ ok: false, status, error }` on failure.
+     */
+    async registerEncrypted(viewKey, startBlock) {
+        try {
+            // Get the ephemeral public key from the record scanner.
+            const pubkey = await this.getPubkey();
+            // Encrypt the registration request using the ephemeral public key.
+            const ciphertext = encryptRegistrationRequest(pubkey.public_key, viewKey, startBlock);
+            const payload = {
+                key_id: pubkey.key_id,
+                ciphertext,
+            };
+            // Send the encrypted registration request to the record scanner.
+            const response = await this.request(new Request(`${this.url}/register/encrypted`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify(payload),
+            }));
+            const data = await response.json();
+            // If the uuid is not set, set it on the scanner.
+            if (!this.uuid) {
+                this.uuid = data.uuid;
+            }
+            // Add the view key to the local scanner's view keys if configured to do so.
+            if (this.cacheViewKeysOnRegister) {
+                this.addViewKey(viewKey);
+            }
+            return { ok: true, data };
+        }
+        catch (err) {
+            return this.handleRequestError(err);
+        }
+    }
+    /**
+     * Remove all local scanner state associated with the given UUID (stored uuid, viewKeys entry, account if it matches).
+     * Called after a successful revoke so the scanner does not retain view keys or account for a revoked registration.
+     */
+    clearLocalStateForUuid(uuidStr) {
+        if (this.uuid != null && this.uuid.toString() === uuidStr) {
+            this.uuid = undefined;
+        }
+        if (this.viewKeys != null) {
+            delete this.viewKeys[uuidStr];
+            if (Object.keys(this.viewKeys).length === 0) {
+                this.viewKeys = undefined;
+            }
+        }
+        if (this.account != null && this.computeUUID(this.account.viewKey()).toString() === uuidStr) {
+            this.account = undefined;
+        }
+    }
+    /**
+     * Revoke the account registration with the record scanning service (POST /revoke). On success, also removes
+     * all local state for that UUID: the stored UUID (if it matches), the view key for that UUID, and the
+     * account (if its view key corresponds to that UUID).
+     *
+     * @param {string | Field | undefined} uuid The UUID to revoke. If omitted, uses the UUID configured on the scanner.
+     * @returns {Promise<RevokeResult>} `{ ok: true, data: { status } }` on success, or `{ ok: false, status, error }` on failure.
+     * @throws {UUIDError} When no UUID is configured and none provided, or when the UUID string is invalid.
+     */
+    async revoke(uuid) {
+        const resolvedUuid = uuid ?? this.uuid;
+        if (!resolvedUuid) {
+            throw new UUIDError("No UUID configured for the record scanner and no UUID provided.");
+        }
+        const uuidStr = typeof resolvedUuid === "string" ? resolvedUuid : resolvedUuid.toString();
+        if (!this.uuidIsValid(uuidStr)) {
+            throw new UUIDError(`UUID provided ${uuidStr} is invalid`, uuidStr);
+        }
+        try {
+            const response = await this.request(new Request(`${this.url}/revoke`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify(uuidStr),
+            }));
+            const data = await response.json();
+            this.clearLocalStateForUuid(uuidStr);
+            return { ok: true, data };
+        }
+        catch (err) {
+            return this.handleRequestError(err);
+        }
+    }
+    /**
+     * Get encrypted records from the record scanning service. This is a safe variant of /records/encrypted that returns
+     * a result instead of throwing on HTTP error.
      *
      * @param {RecordsFilter} recordsFilter The filter to use to find the records and filter the response.
-     * @returns {Promise<EncryptedRecord[]>} The encrypted records.
+     * @returns {Promise<EncryptedRecordsResult>} The encrypted records or an error if the request failed.
      */
-    async encryptedRecords(recordsFilter) {
+    async encrypted(recordsFilter) {
         try {
             const response = await this.request(new Request(`${this.url}/records/encrypted`, {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
                 body: JSON.stringify(recordsFilter),
             }));
-            return await response.json();
+            const data = await response.json();
+            return { ok: true, data };
         }
-        catch (error) {
-            console.error(`Failed to get encrypted records: ${error}`);
-            throw error;
+        catch (err) {
+            return this.handleRequestError(err);
         }
     }
     /**
-     * Check if a list of serial numbers exist in the record scanner service.
+     * Get encrypted records from the record scanning service.
+     *
+     * @param {RecordsFilter} recordsFilter The filter to use to find the records and filter the response.
+     * @returns {Promise<EncryptedRecord[]>} The encrypted records.
+     */
+    async encryptedRecords(recordsFilter) {
+        const result = await this.encrypted(recordsFilter);
+        if (result.ok)
+            return result.data;
+        throw new RecordScannerRequestError(result.error.message, result.status);
+    }
+    /**
+     * Check if serial numbers appear in any record inputs on-chain, indicating that the records they belong to have been spent. This is a safe variant of /records/sns that returns a result instead of throwing on HTTP error.
      *
      * @param {string[]} serialNumbers The serial numbers to check.
-     * @returns {Promise<Record<string, boolean>>} Map of Aleo Record serial numbers and whether they appeared in any inputs on chain. If boolean corresponding to the Serial Number has a true value, that Record is considered spent by the Aleo Network.
+     * @returns {Promise<SerialNumbersResult>} Map of Aleo Record serial numbers and whether they appeared in any inputs on chain. If a boolean corresponding to the Serial Number has a true value, that Record is considered spent by the Aleo Network.
      */
-    async checkSerialNumbers(serialNumbers) {
+    async serialNumbers(serialNumbers) {
         try {
             const response = await this.request(new Request(`${this.url}/records/sns`, {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
                 body: JSON.stringify(serialNumbers),
             }));
-            return await response.json();
+            const data = await response.json();
+            return { ok: true, data };
         }
-        catch (error) {
-            console.error(`Failed to check if serial numbers exist: ${error}`);
-            throw error;
+        catch (err) {
+            return this.handleRequestError(err);
         }
     }
     /**
-     * Check if a list of tags exist in the record scanner service.
+     * Check if serial numbers appear in any record inputs on-chain, indicating that the records they belong to have been spent.
+     *
+     * @param {string[]} serialNumbers The serial numbers to check.
+     * @returns {Promise<Record<string, boolean>>} Map of Aleo Record serial numbers and whether they appeared in any inputs on chain. If boolean corresponding to the Serial Number has a true value, that Record is considered spent by the Aleo Network.
+     */
+    async checkSerialNumbers(serialNumbers) {
+        const result = await this.serialNumbers(serialNumbers);
+        if (result.ok)
+            return result.data;
+        throw new RecordScannerRequestError(result.error.message, result.status);
+    }
+    /**
+     * Check if tags appear in any record inputs on-chain, indicating that the records they belong to have been spent. This is a safe variant of /records/tags that returns a result instead of throwing on HTTP error.
      *
+     * *
      * @param {string[]} tags The tags to check.
-     * @returns {Promise<Record<string, boolean>>} Map of Aleo Record tags and whether they appeared in any inputs on chain. If boolean corresponding to the tag has a true value, that Record is considered spent by the Aleo Network.
+     * @returns {Promise<TagsResult>} Map of Aleo Record tags and whether they appeared in any inputs on chain. If a boolean corresponding to the tag has a true value, that Record is considered spent by the Aleo Network.
      */
-    async checkTags(tags) {
+    async tags(tags) {
         try {
             const response = await this.request(new Request(`${this.url}/records/tags`, {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
                 body: JSON.stringify(tags),
             }));
-            return await response.json();
+            const data = await response.json();
+            return { ok: true, data };
         }
-        catch (error) {
-            console.error(`Failed to check if tags exist: ${error}`);
-            throw error;
+        catch (err) {
+            return this.handleRequestError(err);
         }
     }
     /**
-     * Check the status of a record scanner indexing job.
+     * Check if tags appear in any record inputs on-chain, indicating that the records they belong to have been spent.
      *
-     * @param {string} jobId The job id to check.
-     * @returns {Promise<StatusResponse>} The status of the job.
+     * @param {string[]} tags The tags to check.
+     * @returns {Promise<Record<string, boolean>>} Map of Aleo Record tags and whether they appeared in any inputs on chain. If boolean corresponding to the tag has a true value, that Record is considered spent by the Aleo Network.
      */
-    async checkStatus() {
+    async checkTags(tags) {
+        const result = await this.tags(tags);
+        if (result.ok)
+            return result.data;
+        throw new RecordScannerRequestError(result.error.message, result.status);
+    }
+    /**
+     * Check the scan completion job status for a specific UUID.
+     *
+     * @param {string | Field | undefined} uuid The UUID of the job to check. If no UUID is provided as input, the UUID configured for the scanner will be used.
+     * @returns {Promise<StatusResult>} The status of the job or an error if the job could not be found.
+     */
+    async status(uuid) {
+        // Attempt to get the UUID from the parameter or use the configured UUID within the scanner.
+        uuid = uuid ?? this.uuid;
+        if (!uuid) {
+            throw new UUIDError("No UUID configured for the record scanner.");
+        }
+        // If the UUID is a string, verify that it is valid.
+        if (typeof uuid === "string" && !this.uuidIsValid(uuid)) {
+            throw new UUIDError(`UUID ${uuid} is invalid`, uuid);
+        }
+        // Check the status of the job for the specified UUID.
         try {
             const response = await this.request(new Request(`${this.url}/status`, {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
-                body: JSON.stringify(this.uuid?.toString()),
+                body: JSON.stringify(uuid.toString()),
             }));
-            return await response.json();
+            const data = await response.json();
+            return { ok: true, data };
         }
-        catch (error) {
-            console.error(`Failed to check status of job: ${error}`);
-            throw error;
+        catch (err) {
+            return this.handleRequestError(err);
         }
     }
     /**
-     * Find a record in the record scanner service.
+     * Find a record in the record scanning service.
      *
      * @param {OwnedFilter} searchParameters The filter to use to find the record.
      * @returns {Promise<OwnedRecord>} The record.
@@ -3588,56 +4373,158 @@ class RecordScanner {
         }
     }
     /**
-     * Find records in the record scanner service.
+     * Get owned records. Throws if the UUID passed in the OwnedFilter is invalid or is not configured in the record scanner otherwise returns the RESTFUL response from the record scanner.
      *
-     * @param {OwnedFilter} filter The filter to use to find the records.
-     * @returns {Promise<OwnedRecord[]>} The records.
+     * @param {OwnedFilter} filter The OwnedFilter used to specify the subset of owned records to select.
+     * @returns {Promise<OwnedRecordsResult>} Record belonging to the uuid passed in the filter or set on the Record Scanner.
      */
-    async findRecords(filter) {
-        if (!this.uuid) {
-            throw new Error("You are using the RecordScanner implementation of the RecordProvider. No account has been registered with the RecordScanner which is required to use the findRecords method. Please set an with the setAccount method before calling the findRecords method again.");
+    async owned(filter) {
+        // Extract and verify the correctness of the UUID from the filter or get the configured UUID within the scanner.
+        const uuid = this.getUUID(filter);
+        // Throw an error if none could be found, otherwise set the UUID on the filter with either the UUID configured
+        // within the filter or the UUID configured within the scanner.
+        if (!uuid) {
+            throw new UUIDError("Error while using the record scanner. UUID is not set on the scanner and the UUID provided in the record filter was invalid.", undefined, filter);
         }
-        filter.uuid = this.uuid?.toString();
-        try {
+        filter.uuid = uuid;
+        // Inner request used to retry once after 422 re-register without duplicating logic.
+        const ownedRequest = async () => {
             const response = await this.request(new Request(`${this.url}/records/owned`, {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
                 body: JSON.stringify(filter),
             }));
-            return await response.json();
+            const data = await response.json();
+            return { ok: true, data };
+        };
+        // When decryption is enabled and a view key exists for this UUID, decrypt records in place before returning.
+        const attemptDecrypt = (result) => {
+            if (result.ok && this.decryptEnabled) {
+                const viewKey = this.getViewKeyForUuid(uuid);
+                if (viewKey)
+                    this.decrypt(viewKey, result.data);
+            }
+            return result;
+        };
+        try {
+            return attemptDecrypt(await ownedRequest());
         }
-        catch (error) {
-            console.error(`Failed to get owned records: ${error}`);
-            throw error;
+        catch (err) {
+            const failure = this.handleRequestError(err);
+            // On 422 (e.g. not registered), optionally re-register with registerEncrypted and retry once.
+            if (failure.status === 422 && this.autoReRegister) {
+                const viewKey = this.getViewKeyForUuid(uuid);
+                if (viewKey) {
+                    const regResult = await this.registerEncrypted(viewKey, 0);
+                    if (regResult.ok) {
+                        try {
+                            return attemptDecrypt(await ownedRequest());
+                        }
+                        catch (retryErr) {
+                            return this.handleRequestError(retryErr);
+                        }
+                    }
+                }
+            }
+            return failure;
+        }
+    }
+    /**
+     * Find records using the record scanning service.
+     *
+     * @param {OwnedFilter} searchParameters The filter to use to find the records.
+     * @returns {Promise<OwnedRecord[]>} The records.
+     */
+    async findRecords(searchParameters) {
+        // Get the records from the record scanner.
+        const result = await this.owned(searchParameters);
+        // If the request was successful, return the records otherwise throw an error.
+        if (result.ok)
+            return result.data;
+        throw new RecordScannerRequestError(result.error.message, result.status);
+    }
+    /**
+     * Get RecordPlaintext from an OwnedRecord by parsing record_plaintext (trimmed). Returns null if missing or parse fails. Does not decrypt; decryption is handled only in owned().
+     */
+    getPlaintext(record) {
+        // Only read record_plaintext (decrypted by the owned() callwhen decryptEnabled is true).
+        const plaintextStr = record.record_plaintext?.trim();
+        if (!plaintextStr)
+            return null;
+        try {
+            return RecordPlaintext.fromString(plaintextStr);
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * For each owned record provided, attempt to decrypt with the given view key. On success, sets record_plaintext on that record to the decrypted plaintext string. Records that fail to decrypt (e.g. wrong view key) or have no record_ciphertext are left unchanged.
+     *
+     * @param {ViewKey} viewKey The view key to use for decryption.
+     * @param {OwnedRecord[]} records The owned records to decrypt (mutated in place).
+     */
+    decrypt(viewKey, records) {
+        for (const record of records) {
+            const ciphertextStr = record.record_ciphertext?.trim();
+            if (!ciphertextStr)
+                continue;
+            try {
+                const ciphertext = RecordCiphertext.fromString(ciphertextStr);
+                const plaintext = ciphertext.decrypt(viewKey);
+                record.record_plaintext = plaintext.toString();
+            }
+            catch {
+                // Wrong view key or invalid ciphertext; leave this record unchanged.
+            }
         }
     }
     /**
-     * Find a credits record in the record scanner service.
+     * Find a credits.aleo record in the record scanning service.
      *
      * @param {number} microcredits The amount of microcredits to find.
      * @param {OwnedFilter} searchParameters The filter to use to find the record.
      * @returns {Promise<OwnedRecord>} The record.
      */
     async findCreditsRecord(microcredits, searchParameters) {
+        const uuid = this.getUUID(searchParameters);
+        if (!uuid) {
+            throw new UUIDError(`No uuid found in the record scanner filter`, uuid, searchParameters);
+        }
+        if (!this.decryptEnabled) {
+            throw new DecryptionNotEnabledError("Decryption of owned records must be enabled (set decryptEnabled in options or call setDecryptEnabled(true)) to use findCreditsRecord.", searchParameters);
+        }
+        if (!this.getViewKeyForUuid(uuid)) {
+            throw new ViewKeyNotStoredError(`No view key for UUID ${uuid} is stored in the record scanner. Add the view key via viewKeys in options, addViewKey(), or setAccount().`, uuid, searchParameters);
+        }
         try {
+            // Fetch credits records (owned() will decrypt when decryptEnabled and view key are set).
             const records = await this.findRecords({
-                decrypt: true,
-                unspent: searchParameters.unspent,
+                unspent: searchParameters.unspent ?? true,
                 filter: {
-                    start: searchParameters.filter?.start ?? 0,
                     program: "credits.aleo",
                     record: "credits",
+                    ...(searchParameters.filter ? searchParameters.filter : {}),
                 },
-                uuid: this.uuid?.toString(),
+                responseFilter: searchParameters.responseFilter,
+                uuid,
             });
-            const record = records.find(record => {
-                const plaintext = RecordPlaintext.fromString(record.record_plaintext ?? '');
-                const amountStr = plaintext.getMember("microcredits").toString();
-                const amount = parseInt(amountStr.replace("u64", ""));
-                return amount >= microcredits;
+            // First record whose plaintext microcredits >= requested amount.
+            const record = records.find(r => {
+                const plaintext = this.getPlaintext(r);
+                if (!plaintext)
+                    return false;
+                try {
+                    const amountStr = plaintext.getMember("microcredits").toString();
+                    const amount = parseInt(amountStr.replace("u64", ""));
+                    return amount >= microcredits;
+                }
+                catch {
+                    return false;
+                }
             });
             if (!record) {
-                throw new Error(`No records found matching the supplied search filter:\n${JSON.stringify(searchParameters, null, 2)}`);
+                throw new RecordNotFoundError(`No records found matching the supplied search filter:\n${JSON.stringify(searchParameters, null, 2)}. Decryption of owned records MUST be enabled and the ViewKey matching the UUID must be stored in the RecordScanner object to perform decryption.`, searchParameters);
             }
             return record;
         }
@@ -3647,28 +4534,47 @@ class RecordScanner {
         }
     }
     /**
-     * Find credits records using a record scanning service.
+     * Find credits records greater than or equal to the specified amounts using the record scanning service.
      *
      * @param {number[]} microcreditAmounts The amounts of microcredits to find.
      * @param {OwnedFilter} searchParameters The filter to use to find the records.
      * @returns {Promise<OwnedRecord[]>} The records
      */
     async findCreditsRecords(microcreditAmounts, searchParameters) {
+        const uuid = this.getUUID(searchParameters);
+        if (!uuid) {
+            throw new UUIDError(`No uuid found in the record scanner filter, and none configured within the record scanner`, uuid, searchParameters);
+        }
+        if (!this.decryptEnabled) {
+            throw new DecryptionNotEnabledError("Decryption of owned records must be enabled (set decryptEnabled in options or call setDecryptEnabled(true)) to use findCreditsRecords.", searchParameters);
+        }
+        if (!this.getViewKeyForUuid(uuid)) {
+            throw new ViewKeyNotStoredError(`No view key for UUID ${uuid} is stored in the record scanner. Add the view key via viewKeys in options, addViewKey(), or setAccount().`, uuid, searchParameters);
+        }
         try {
+            // Fetch credits records (owned() decrypts when decryptEnabled and a view key matching the UUID are set).
             const records = await this.findRecords({
-                decrypt: true,
-                unspent: searchParameters.unspent,
+                unspent: searchParameters.unspent ?? true,
                 filter: {
-                    start: searchParameters.filter?.start ?? 0,
                     program: "credits.aleo",
                     record: "credits",
+                    ...(searchParameters.filter ? searchParameters.filter : {}),
                 },
-                uuid: this.uuid?.toString(),
+                responseFilter: searchParameters.responseFilter,
+                uuid,
             });
-            return records.filter(record => {
-                const plaintext = RecordPlaintext.fromString(record.record_plaintext ?? '');
-                const amount = plaintext.getMember("microcredits").toString();
-                return microcreditAmounts.includes(parseInt(amount.replace("u64", "")));
+            // Keep only records whose plaintext microcredits match one of the requested amounts.
+            return records.filter(r => {
+                const plaintext = this.getPlaintext(r);
+                if (!plaintext)
+                    return false;
+                try {
+                    const amount = plaintext.getMember("microcredits").toString();
+                    return microcreditAmounts.includes(parseInt(amount.replace("u64", "")));
+                }
+                catch {
+                    return false;
+                }
             });
         }
         catch (error) {
@@ -3677,19 +4583,28 @@ class RecordScanner {
         }
     }
     /**
-     * Wrapper function to make a request to the record scanner service and handle any errors.
+     * Wrapper function to make a request to the record scanning service and handle any errors. Optionally adds JWT Authorization header when consumerId/jwtData (or apiKey+consumerId) are configured.
      *
      * @param {Request} req The request to make.
-     * @returns {Promise<Response>} The response.
+     * @returns {Promise<Response>} The response when the request succeeds.
+     * @throws {RecordScannerRequestError} When the server returns a non-2xx status (e.g. 4xx, 5xx).
+     * @throws Re-throws any error from fetch (e.g. network failure) or from getAuthHeaders().
      */
     async request(req) {
         try {
+            // Attach JWT (if configured) and API key before sending.
+            const authHeaders = await this.getAuthHeaders();
+            for (const [key, value] of Object.entries(authHeaders)) {
+                req.headers.set(key, value);
+            }
             if (this.apiKey) {
                 req.headers.set(this.apiKey.header, this.apiKey.value);
             }
             const response = await fetch(req);
+            // Non-2xx: throw so callers can handleRequestError or re-register on 422 if autoReRegister is enabled.
             if (!response.ok) {
-                throw new Error(await response.text() ?? `Request to ${req.url} failed with status ${response.status}`);
+                const text = await response.text();
+                throw new RecordScannerRequestError(text || `Request to ${req.url} failed with status ${response.status}`, response.status);
             }
             return response;
         }
@@ -3698,13 +4613,47 @@ class RecordScanner {
             throw error;
         }
     }
-    computeUUID(vk) {
+    /**
+     * Compute the record scanner UUID for a view key.
+     *
+     * @param {ViewKey} viewKey The view key to compute the UUID for.
+     * @returns {Field} The computed UUID corresponding to the view key.
+     */
+    computeUUID(viewKey) {
         // Construct the material needed for the Poseidon oracle.
-        const inputs = [Field.newDomainSeparator(RECORD_DOMAIN), vk.toField(), Field.one()];
+        const inputs = [Field.newDomainSeparator(RECORD_DOMAIN), viewKey.toField(), Field.one()];
         // Calculate the uuid.
         const hasher = new Poseidon4();
         return hasher.hash(inputs);
     }
+    /**
+     * Validate a UUID string to ensure it represents a valid Aleo Record Scanner UUID.
+     *
+     * @param {string} uuid The UUID to validate.
+     * @returns {boolean} Whether the UUID is valid.
+     */
+    uuidIsValid(uuid) {
+        try {
+            Field.fromString(uuid);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Get the uuid for the filter, first by extracting the UUID from the filter, then falling back to the uuid configured within the record scanner.
+     *
+     * @param {OwnedFilter} filter The filter to extract the UUID from.
+     * @returns {string | undefined} The UUID for the filter, or undefined if the filter does not contain a UUID.
+     */
+    getUUID(filter) {
+        // Filter may specify a UUID; otherwise use the scanner's configured UUID.
+        if (filter.uuid && this.uuidIsValid(filter.uuid)) {
+            return filter.uuid;
+        }
+        return this.uuid?.toString();
+    }
 }
 
 /**
@@ -4024,7 +4973,7 @@ class ProgramManager {
      * @param { RecordProvider | undefined } recordProvider A record provider that implements {@link RecordProvider} interface
      */
     constructor(host, keyProvider, recordProvider, networkClientOptions) {
-        this.host = host ? host : "https://api.explorer.provable.com/v1";
+        this.host = host ? host : "https://api.provable.com/v2";
         this.networkClient = new AleoNetworkClient(this.host, networkClientOptions);
         this.keyProvider = keyProvider ? keyProvider : new AleoKeyProvider();
         this.recordProvider = recordProvider;
@@ -4081,7 +5030,7 @@ class ProgramManager {
      * import { ProgramManager } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a ProgramManager
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1");
+     * const programManager = new ProgramManager("https://api.provable.com/v2");
      *
      * // Set the value of the `Accept-Language` header to `en-US`
      * programManager.setHeader('Accept-Language', 'en-US');
@@ -4102,7 +5051,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a ProgramManager
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider);
      *
      * // Set the inclusion keys.
      * programManager.setInclusionProver();
@@ -4136,7 +5085,7 @@ class ProgramManager {
      * import { ProgramManager } from "@provablehq/sdk/mainnet.js";
      *
      * // Create a ProgramManager
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1");
+     * const programManager = new ProgramManager("https://api.provable.com/v2");
      *
      * // Remove the default `X-Aleo-SDK-Version` header
      * programManager.removeHeader('X-Aleo-SDK-Version');
@@ -4166,7 +5115,7 @@ class ProgramManager {
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for deployments
      * const program = "program hello_hello.aleo;\n\nfunction hello:\n    input r0 as u32.public;\n    input r1 as u32.private;\n    add r0 r1 into r2;\n    output r2 as u32.private;\n";
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.setAccount(Account);
      *
      * // Define a fee in credits
@@ -4278,7 +5227,7 @@ class ProgramManager {
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for deployments
      * const program = "program hello_hello.aleo;\n\nfunction hello:\n    input r0 as u32.public;\n    input r1 as u32.private;\n    add r0 r1 into r2;\n    output r2 as u32.private;\n";
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * programManager.setAccount(Account);
      *
      * // Define a fee in credits
@@ -4396,7 +5345,7 @@ class ProgramManager {
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for deployments
      * const program = "program hello_hello.aleo;\n\nfunction hello:\n    input r0 as u32.public;\n    input r1 as u32.private;\n    add r0 r1 into r2;\n    output r2 as u32.private;\n";
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Define a fee in credits
      * const priorityFee = 0.0;
@@ -4444,7 +5393,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build and execute the transaction
      * const tx = await programManager.buildExecutionTransaction({
@@ -4510,8 +5459,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Get the private key from the account if it is not provided in the parameters
@@ -4605,7 +5554,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider);
      *
      * // Build the `Authorization`.
      * const privateKey = new PrivateKey(); // Change this to a private key that has an aleo credit balance.
@@ -4744,7 +5693,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a ProgramManager with the key and record providers.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build the `Authorization`.
      * const authorization = await programManager.buildAuthorization({
@@ -4794,8 +5743,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Resolve the program imports if they exist.
@@ -4827,7 +5776,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a ProgramManager with the key and record providers.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build the unchecked `Authorization`.
      * const authorization = await programManager.buildAuthorizationUnchecked({
@@ -4887,8 +5836,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Build and return an `Authorization` for the desired function.
@@ -4910,7 +5859,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a ProgramManager with the key and record providers.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build the proving request.
      * const provingRequest = await programManager.provingRequest({
@@ -4928,8 +5877,9 @@ class ProgramManager {
     async provingRequest(options) {
         // Destructure the options object to access the parameters.
         const { functionName, priorityFee, privateFee, inputs, recordSearchParams, broadcast = false, unchecked = false, } = options;
-        const privateKey = options.privateKey;
         const baseFee = options.baseFee ? options.baseFee : 0;
+        const privateKey = options.privateKey;
+        const useFeeMaster = options.useFeeMaster ? options.useFeeMaster : false;
         let program = options.programSource;
         let programName = options.programName;
         let feeRecord = options.feeRecord;
@@ -4956,8 +5906,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Get the private key from the account if it is not provided in the parameters.
@@ -4981,7 +5931,7 @@ class ProgramManager {
         }
         // Get the fee record from the account if it is not provided in the parameters
         try {
-            if (privateFee) {
+            if (privateFee && !useFeeMaster) {
                 let fee = priorityFee;
                 // If a fee record wasn't provided, estimate the fee that needs to be paid.
                 if (!feeRecord) {
@@ -5000,7 +5950,7 @@ class ProgramManager {
             logAndThrow(`Error finding fee record. Record finder response: '${e.message}'. Please ensure you're connected to a valid Aleo network and a record with enough balance exists.`);
         }
         // Build and return the `ProvingRequest`.
-        return await ProgramManager$1.buildProvingRequest(executionPrivateKey, program, functionName, inputs, baseFee, priorityFee, feeRecord, imports, broadcast, unchecked, edition);
+        return await ProgramManager$1.buildProvingRequest(executionPrivateKey, program, functionName, inputs, baseFee, priorityFee, feeRecord, imports, broadcast, unchecked, edition, useFeeMaster);
     }
     /**
      * Builds a SnarkVM fee `Authorization` for `credits.aleo/fee_private` or `credits.aleo/fee_public`. If a record is provided `fee_private` will be executed, otherwise `fee_public` will be executed.
@@ -5018,7 +5968,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a ProgramManager with the key and record providers.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build a credits.aleo/fee_public `Authorization`.
      * const feePublicAuthorization = await programManager.buildFeeAuthorization({
@@ -5065,7 +6015,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      *
      * // Build and execute the transaction
      * const tx_id = await programManager.execute({
@@ -5181,7 +6131,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const record_1 = "{  owner: aleo184vuwr5u7u0ha5f5k44067dd2uaqewxx6pe5ltha5pv99wvhfqxqv339h4.private,  microcredits: 45000000u64.private,  _nonce: 4106205762862305308495708971985748592380064201230396559307556388725936304984group.public}"
      * const record_2 = "{  owner: aleo184vuwr5u7u0ha5f5k44067dd2uaqewxx6pe5ltha5pv99wvhfqxqv339h4.private,  microcredits: 45000000u64.private,  _nonce: 1540945439182663264862696551825005342995406165131907382295858612069623286213group.public}"
      * const tx_id = await programManager.join(record_1, record_2, 0.05, false);
@@ -5294,7 +6244,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const record = "{  owner: aleo184vuwr5u7u0ha5f5k44067dd2uaqewxx6pe5ltha5pv99wvhfqxqv339h4.private,  microcredits: 45000000u64.private,  _nonce: 4106205762862305308495708971985748592380064201230396559307556388725936304984group.public}"
      * const tx_id = await programManager.split(25000000, record);
      *
@@ -5409,7 +6359,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const tx = await programManager.buildTransferTransaction(1, "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px", "public", 0.2, false);
      * await programManager.networkClient.submitTransaction(tx.toString());
      *
@@ -5506,7 +6456,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const tx = await programManager.buildTransferPublicTransaction(1, "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px", 0.2);
      * await programManager.networkClient.submitTransaction(tx.toString());
      *
@@ -5539,7 +6489,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const tx = await programManager.buildTransferPublicAsSignerTransaction(1, "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px", 0.2);
      * await programManager.networkClient.submitTransaction(tx.toString());
      *
@@ -5577,7 +6527,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, recordProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, recordProvider);
      * const tx_id = await programManager.transfer(1, "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px", "public", 0.2, false);
      *
      * // Verify the transaction was successful
@@ -5622,7 +6572,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * programManager.setAccount(new Account("YourPrivateKey"));
      *
      * // Create the bonding transaction object for later submission
@@ -5678,7 +6628,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      *
      * // Create the bonding transaction
      * tx_id = await programManager.bondPublic("aleo1jx8s4dvjepculny4wfrzwyhs3tlyv65r58ns3g6q2gm2esh7ps8sqy9s5j", "aleo1rhgdu77hgyqd3xjj8ucu3jj9r2krwz6mnzyd80gncr5fxcwlh5rsvzp9px", "aleo1feya8sjy9k2zflvl2dx39pdsq5tju28elnp2ektnn588uu9ghv8s84msv9", 2000000);
@@ -5726,7 +6676,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * programManager.setAccount(new Account("YourPrivateKey"));
      *
      * // Create the bond validator transaction object for later use.
@@ -5785,7 +6735,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * programManager.setAccount(new Account("YourPrivateKey"));
      *
      * // Create the bonding transaction
@@ -5832,7 +6782,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to unbond credits.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * const tx = await programManager.buildUnbondPublicTransaction("aleo1jx8s4dvjepculny4wfrzwyhs3tlyv65r58ns3g6q2gm2esh7ps8sqy9s5j", 2000000);
      *
      * // The transaction can be submitted later to the network using the network client.
@@ -5885,7 +6835,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * programManager.setAccount(new Account("YourPrivateKey"));
      *
      * // Create the unbond_public transaction and send it to the network
@@ -5931,7 +6881,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to claim unbonded credits.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      *
      * // Create the claim_unbond_public transaction object for later use.
      * const tx = await programManager.buildClaimUnbondPublicTransaction("aleo1jx8s4dvjepculny4wfrzwyhs3tlyv65r58ns3g6q2gm2esh7ps8sqy9s5j");
@@ -5981,7 +6931,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      * programManager.setAccount(new Account("YourPrivateKey"));
      *
      * // Create the claim_unbond_public transaction
@@ -6035,7 +6985,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      *
      * // Create the set_validator_state transaction
      * const tx = await programManager.buildSetValidatorStateTransaction(true);
@@ -6091,7 +7041,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Create a new ProgramManager with the key that will be used to bond credits
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider, undefined);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider, undefined);
      *
      * // Create the set_validator_state transaction
      * const tx_id = await programManager.setValidatorState(true);
@@ -6213,7 +7163,7 @@ class ProgramManager {
      * keyProvider.useCache(true);
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider);
      *
      * // Build the `Authorization`.
      * const privateKey = new PrivateKey(); // Change this to a private key that has an aleo credit balance.
@@ -6274,7 +7224,7 @@ class ProgramManager {
      * import { AleoKeyProvider, PrivateKey, initThreadPool, ProgramManager } from "@provablehq/sdk";
      *
      * // Initialize a program manager with the key provider to automatically fetch keys for executions.
-     * const programManager = new ProgramManager("https://api.explorer.provable.com/v1", keyProvider);
+     * const programManager = new ProgramManager("https://api.provable.com/v2", keyProvider);
      *
      * // Get the base fee in microcredits.
      * const baseFeeMicrocredits = await programManager.estimateExecutionFee({programName: "credits.aleo"});
@@ -6687,5 +7637,5 @@ async function initializeWasm() {
     console.warn("initializeWasm is deprecated, you no longer need to use it");
 }
 
-export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoNetworkClient, BlockHeightSearch, CREDITS_PROGRAM_KEYS, KEY_STORE, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TO_PRIVATE_TRANSFER, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, ProgramManager, RECORD_DOMAIN, RecordScanner, SealanceMerkleTree, VALID_TRANSFER_TYPES, initializeWasm, logAndThrow, promoteMapToKeyStore };
+export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoNetworkClient, BlockHeightSearch, CREDITS_PROGRAM_KEYS, KeyVerificationError as ChecksumMismatchError, DecryptionNotEnabledError, InvalidLocatorError, KEY_STORE, KeyVerificationError, MemKeyVerifier, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TO_PRIVATE_TRANSFER, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, ProgramManager, RECORD_DOMAIN, RecordNotFoundError, RecordScanner, RecordScannerRequestError, SealanceMerkleTree, UUIDError, VALID_TRANSFER_TYPES, ViewKeyNotStoredError, encryptAuthorization, encryptProvingRequest, encryptRegistrationRequest, encryptViewKey, initializeWasm, isProveApiErrorBody, isProvingResponse, logAndThrow, sha256Hex };
 //# sourceMappingURL=browser.js.map