@provablehq/sdk 0.9.16 → 0.9.18

package/dist/mainnet/browser.js

@@ -4,6 +4,109 @@ export { Address, Authorization, BHP1024, BHP256, BHP512, BHP768, Boolean, Ciphe
 import sodium from 'libsodium-wrappers';
 import { bech32m } from '@scure/base';
 
+await sodium.ready;
+/**
+ * Encrypt an authorization with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Authorization} authorization the authorization to encrypt.
+ *
+ * @returns {string} the encrypted authorization in RFC 4648 standard Base64.
+ */
+function encryptAuthorization(publicKey, authorization) {
+    // Ready the cryptobox lib.
+    return encryptMessage(publicKey, authorization.toBytesLe());
+}
+/**
+ * Encrypt a ProvingRequest with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Authorization} provingRequest the ProvingRequest to encrypt.
+ *
+ * @returns {string} the encrypted ProvingRequest in RFC 4648 standard Base64.
+ */
+function encryptProvingRequest(publicKey, provingRequest) {
+    return encryptMessage(publicKey, provingRequest.toBytesLe());
+}
+/**
+ * Encrypt a view key with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {ViewKey} viewKey the view key to encrypt.
+ *
+ * @returns {string} the encrypted view key in RFC 4648 standard Base64.
+ */
+function encryptViewKey(publicKey, viewKey) {
+    return encryptMessage(publicKey, viewKey.toBytesLe());
+}
+/**
+ * Encrypt a record scanner registration request.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {ViewKey} viewKey the view key to encrypt.
+ * @param {number} start the start height of the registration request.
+ *
+ * @returns {string} the encrypted view key in RFC 4648 standard Base64.
+ */
+function encryptRegistrationRequest(publicKey, viewKey, start) {
+    // Turn the view key into a Uint8Array.
+    const vk_bytes = viewKey.toBytesLe();
+    // Create a new array to hold the original bytes and the 4-byte start height.
+    const bytes = new Uint8Array(vk_bytes.length + 4);
+    // Copy existing bytes.
+    bytes.set(vk_bytes, 0);
+    // Write the 4-byte number in LE format at the end of the array.
+    const view = new DataView(bytes.buffer);
+    view.setUint32(vk_bytes.length, start, true);
+    // Encrypt the encoded bytes, ensuring sensitive intermediate
+    // byte arrays are zeroized regardless of success or failure.
+    try {
+        return encryptMessage(publicKey, bytes);
+    }
+    finally {
+        zeroizeBytes(vk_bytes);
+        zeroizeBytes(bytes);
+    }
+}
+/**
+ * Best-effort zeroization of a byte array by overwriting all bytes with zeros.
+ * Use this to clear sensitive data (e.g., key bytes) from memory when working
+ * with Uint8Array representations of keys or other secrets.
+ *
+ * This is best-effort in JavaScript — the JIT compiler could theoretically
+ * elide the fill if the array is never read again (though current engines
+ * do not). For deterministic zeroization of key material, use
+ * `Account.destroy()` or call `.free()` on key objects (PrivateKey, ViewKey,
+ * ComputeKey, GraphKey) whose Rust Drop implementations zeroize memory
+ * before deallocation.
+ *
+ * Note: This cannot zeroize JavaScript strings, which are immutable and managed
+ * by the garbage collector. Prefer using byte array representations of sensitive
+ * data over strings whenever possible.
+ *
+ * @param {Uint8Array} bytes The byte array to zeroize
+ *
+ * @example
+ * const keyBytes = privateKey.toBytesLe();
+ * // ... use keyBytes ...
+ * zeroizeBytes(keyBytes); // Overwrite with zeros when done
+ */
+function zeroizeBytes(bytes) {
+    bytes.fill(0);
+}
+/**
+ * Encrypt arbitrary bytes with a libsodium cryptobox public key.
+ *
+ * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
+ * @param {Uint8Array} message the bytes to encrypt.
+ *
+ * @returns {string} the encrypted bytes in RFC 4648 standard Base64.
+ */
+function encryptMessage(publicKey, message) {
+    const publicKeyBytes = sodium.from_base64(publicKey, sodium.base64_variants.ORIGINAL);
+    return sodium.to_base64(sodium.crypto_box_seal(message, publicKeyBytes), sodium.base64_variants.ORIGINAL);
+}
+
 /**
  * Key Management class. Enables the creation of a new Aleo Account, importation of an existing account from
  * an existing private key or seed, and message signing and verification functionality. An Aleo Account is generated
@@ -14,6 +117,9 @@ import { bech32m } from '@scure/base';
  * credits and other records to. This class should only be used in environments where the safety of the underlying key
  * material can be assured.
  *
+ * When an Account is no longer needed, call {@link destroy} to securely zeroize and free all sensitive key material
+ * from WASM memory. Alternatively, use `[Symbol.dispose]()` with the `using` declaration in ES2024+ environments.
+ *
  * @example
  * import { Account } from "@provablehq/sdk/testnet.js";
  *
@@ -33,12 +139,16 @@ import { bech32m } from '@scure/base';
  *
  * // Verify a signature
  * assert(myRandomAccount.verify(hello_world, signature));
+ *
+ * // Securely destroy the account when done
+ * myRandomAccount.destroy();
  */
 class Account {
     _privateKey;
     _viewKey;
     _computeKey;
     _address;
+    _destroyed = false;
     constructor(params = {}) {
         try {
             this._privateKey = this.privateKeyFromParams(params);
@@ -67,7 +177,12 @@ class Account {
         try {
             ciphertext = (typeof ciphertext === "string") ? PrivateKeyCiphertext.fromString(ciphertext) : ciphertext;
             const _privateKey = PrivateKey.fromPrivateKeyCiphertext(ciphertext, password);
-            return new Account({ privateKey: _privateKey.to_string() });
+            try {
+                return new Account({ privateKey: _privateKey });
+            }
+            finally {
+                _privateKey.free(); // Zeroize + free the temporary; Account owns its own clone
+            }
         }
         catch (e) {
             throw new Error("Wrong password or invalid ciphertext");
@@ -92,7 +207,7 @@ class Account {
     }
     /**
      * Creates a PrivateKey from the provided parameters.
-     * @param {AccountParam} params The parameters containing either a private key string or a seed
+     * @param {AccountParam} params The parameters containing either a private key string, PrivateKey object, or a seed
      * @returns {PrivateKey} A PrivateKey instance derived from the provided parameters
      */
     privateKeyFromParams(params) {
@@ -100,10 +215,29 @@ class Account {
             return PrivateKey.from_seed_unchecked(params.seed);
         }
         if (params.privateKey) {
-            return PrivateKey.from_string(params.privateKey);
+            if (typeof params.privateKey === 'string') {
+                return PrivateKey.from_string(params.privateKey);
+            }
+            // Clone the PrivateKey WASM object via byte serialization to avoid
+            // creating an immutable JS string of the private key.
+            const bytes = params.privateKey.toBytesLe();
+            try {
+                return PrivateKey.fromBytesLe(bytes);
+            }
+            finally {
+                zeroizeBytes(bytes);
+            }
         }
         return new PrivateKey();
     }
+    /**
+     * Throws an error if this account has been destroyed.
+     */
+    assertNotDestroyed() {
+        if (this._destroyed) {
+            throw new Error("Account has been destroyed. Create a new Account instance.");
+        }
+    }
     /**
      * Returns the PrivateKey associated with the account.
      * @returns {PrivateKey} The private key of the account
@@ -115,6 +249,7 @@ class Account {
      * const privateKey = account.privateKey();
      */
     privateKey() {
+        this.assertNotDestroyed();
         return this._privateKey;
     }
     /**
@@ -128,6 +263,7 @@ class Account {
      * const viewKey = account.viewKey();
      */
     viewKey() {
+        this.assertNotDestroyed();
         return this._viewKey;
     }
     /**
@@ -141,6 +277,7 @@ class Account {
      * const computeKey = account.computeKey();
      */
     computeKey() {
+        this.assertNotDestroyed();
         return this._computeKey;
     }
     /**
@@ -154,10 +291,12 @@ class Account {
      * const address = account.address();
      */
     address() {
+        this.assertNotDestroyed();
         return this._address;
     }
     /**
-     * Deep clones the Account.
+     * Deep clones the Account via byte serialization of the private key,
+     * avoiding creation of immutable JS string representations of the private key.
      * @returns {Account} A new Account instance with the same private key
      *
      * @example
@@ -167,7 +306,8 @@ class Account {
      * const clonedAccount = account.clone();
      */
     clone() {
-        return new Account({ privateKey: this._privateKey.to_string() });
+        this.assertNotDestroyed();
+        return new Account({ privateKey: this._privateKey });
     }
     /**
      * Returns the address of the account in a string representation.
@@ -175,6 +315,7 @@ class Account {
      * @returns {string} The string representation of the account address
      */
     toString() {
+        this.assertNotDestroyed();
         return this.address().to_string();
     }
     /**
@@ -191,6 +332,7 @@ class Account {
      * process.env.ciphertext = ciphertext.toString();
      */
     encryptAccount(password) {
+        this.assertNotDestroyed();
         return this._privateKey.toCiphertext(password);
     }
     /**
@@ -220,6 +362,7 @@ class Account {
      * }
      */
     decryptRecord(ciphertext) {
+        this.assertNotDestroyed();
         return this._viewKey.decrypt(ciphertext);
     }
     /**
@@ -244,6 +387,7 @@ class Account {
      * const decryptedRecords = account.decryptRecords(records);
      */
     decryptRecords(ciphertexts) {
+        this.assertNotDestroyed();
         return ciphertexts.map((ciphertext) => this._viewKey.decrypt(ciphertext));
     }
     /**
@@ -264,6 +408,7 @@ class Account {
      * const recordViewKey = account.generateRecordViewKey(recordCiphertext);
      */
     generateRecordViewKey(recordCiphertext) {
+        this.assertNotDestroyed();
         if (typeof recordCiphertext === 'string') {
             recordCiphertext = RecordCiphertext.fromString(recordCiphertext);
         }
@@ -289,6 +434,7 @@ class Account {
      * const transitionViewKey = account.generateTransitionViewKey(tpk);
      */
     generateTransitionViewKey(tpk) {
+        this.assertNotDestroyed();
         if (typeof tpk === 'string') {
             tpk = Group.fromString(tpk);
         }
@@ -320,6 +466,7 @@ class Account {
      * }
      */
     ownsRecordCiphertext(ciphertext) {
+        this.assertNotDestroyed();
         if (typeof ciphertext === 'string') {
             try {
                 const ciphertextObject = RecordCiphertext.fromString(ciphertext);
@@ -356,6 +503,7 @@ class Account {
      * assert(account.verify(message, signature));
      */
     sign(message) {
+        this.assertNotDestroyed();
         return this._privateKey.sign(message);
     }
     /**
@@ -380,8 +528,62 @@ class Account {
      * assert(account.verify(message, signature));
      */
     verify(message, signature) {
+        this.assertNotDestroyed();
         return this._address.verify(message, signature);
     }
+    /**
+     * Securely destroys the account by zeroizing and freeing all sensitive key material
+     * from WASM memory. After calling this method, the account object should not be used.
+     *
+     * This triggers the Rust-level zeroizing Drop implementation which overwrites private key,
+     * view key, and compute key bytes with zeros in WASM linear memory before deallocation.
+     *
+     * Note: If destroy() is never called, the FinalizationRegistry (set up by wasm-bindgen)
+     * will eventually trigger cleanup via GC, but the timing is non-deterministic. For security-
+     * sensitive applications, always call destroy() explicitly when the account is no longer needed.
+     *
+     * @example
+     * const account = new Account();
+     * // ... use account ...
+     * account.destroy(); // Securely cleans up key material
+     */
+    destroy() {
+        if (this._destroyed)
+            return;
+        this._destroyed = true;
+        // Free sensitive WASM objects (triggers Rust Drop -> zeroization).
+        // try/catch guards against double-free if FinalizationRegistry already ran.
+        try {
+            this._privateKey.free();
+        }
+        catch (_) { /* already freed */ }
+        try {
+            this._viewKey.free();
+        }
+        catch (_) { /* already freed */ }
+        try {
+            this._computeKey.free();
+        }
+        catch (_) { /* already freed */ }
+        // Address is public data but free it for completeness.
+        try {
+            this._address.free();
+        }
+        catch (_) { /* already freed */ }
+    }
+    /**
+     * Implements the Disposable interface for use with `using` declarations (ES2024+).
+     * Calls {@link destroy} to securely clean up key material.
+     *
+     * @example
+     * {
+     *   using account = new Account();
+     *   // ... use account ...
+     * } // account is automatically destroyed here
+     */
+    [Symbol.dispose]() {
+        this.destroy();
+    }
 }
 
 function detectBrowser() {
@@ -504,76 +706,6 @@ function isProveApiErrorBody(value) {
         "message" in value);
 }
 
-await sodium.ready;
-/**
- * Encrypt an authorization with a libsodium cryptobox public key.
- *
- * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
- * @param {Authorization} authorization the authorization to encrypt.
- *
- * @returns {string} the encrypted authorization in RFC 4648 standard Base64.
- */
-function encryptAuthorization(publicKey, authorization) {
-    // Ready the cryptobox lib.
-    return encryptMessage(publicKey, authorization.toBytesLe());
-}
-/**
- * Encrypt a ProvingRequest with a libsodium cryptobox public key.
- *
- * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
- * @param {Authorization} provingRequest the ProvingRequest to encrypt.
- *
- * @returns {string} the encrypted ProvingRequest in RFC 4648 standard Base64.
- */
-function encryptProvingRequest(publicKey, provingRequest) {
-    return encryptMessage(publicKey, provingRequest.toBytesLe());
-}
-/**
- * Encrypt a view key with a libsodium cryptobox public key.
- *
- * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
- * @param {ViewKey} viewKey the view key to encrypt.
- *
- * @returns {string} the encrypted view key in RFC 4648 standard Base64.
- */
-function encryptViewKey(publicKey, viewKey) {
-    return encryptMessage(publicKey, viewKey.toBytesLe());
-}
-/**
- * Encrypt a record scanner registration request.
- *
- * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
- * @param {ViewKey} viewKey the view key to encrypt.
- * @param {number} start the start height of the registration request.
- *
- * @returns {string} the encrypted view key in RFC 4648 standard Base64.
- */
-function encryptRegistrationRequest(publicKey, viewKey, start) {
-    // Turn the view key into a Uint8Array.
-    const vk_bytes = viewKey.toBytesLe();
-    // Create a new array to hold the original bytes and the 4-byte start height.
-    const bytes = new Uint8Array(vk_bytes.length + 4);
-    // Copy existing bytes.
-    bytes.set(vk_bytes, 0);
-    // Write the 4-byte number in LE format at the end of the array.
-    const view = new DataView(bytes.buffer);
-    view.setUint32(vk_bytes.length, start, true);
-    // Encrypt the encoded bytes.
-    return encryptMessage(publicKey, bytes);
-}
-/**
- * Encrypt arbitrary bytes with a libsodium cryptobox public key.
- *
- * @param {string} publicKey The cryptobox X25519 public key to encrypt with (encoded in RFC 4648 standard Base64).
- * @param {Uint8Array} message the bytes to encrypt.
- *
- * @returns {string} the encrypted bytes in RFC 4648 standard Base64.
- */
-function encryptMessage(publicKey, message) {
-    const publicKeyBytes = sodium.from_base64(publicKey, sodium.base64_variants.ORIGINAL);
-    return sodium.to_base64(sodium.crypto_box_seal(message, publicKeyBytes), sodium.base64_variants.ORIGINAL);
-}
-
 const KEY_STORE = Metadata.baseUrl();
 function convert(metadata) {
     // This looks up the method name in VerifyingKey
@@ -713,7 +845,7 @@ class AleoNetworkClient {
             else {
                 this.headers = {
                     // This is replaced by the actual version by a Rollup plugin
-                    "X-Aleo-SDK-Version": "0.9.16",
+                    "X-Aleo-SDK-Version": "0.9.18",
                     "X-Aleo-environment": environment(),
                 };
             }
@@ -729,7 +861,7 @@ class AleoNetworkClient {
         else {
             this.headers = {
                 // This is replaced by the actual version by a Rollup plugin
-                "X-Aleo-SDK-Version": "0.9.16",
+                "X-Aleo-SDK-Version": "0.9.18",
                 "X-Aleo-environment": environment(),
             };
         }
@@ -2420,13 +2552,13 @@ class RecordNotFoundError extends Error {
         Object.setPrototypeOf(this, RecordNotFoundError.prototype);
     }
 }
-/** Error thrown when a record scanner request fails due to an invalid response. */
+/** Error thrown when no UUID is configured, the UUID is invalid, or a record scanner request fails due to an invalid UUID/response. */
 class UUIDError extends Error {
     uuid;
     filter;
     constructor(message, uuid, filter) {
         super(message);
-        this.name = "InvalidResponseError";
+        this.name = "UUIDError";
         this.uuid = uuid;
         this.filter = filter;
         Object.setPrototypeOf(this, UUIDError.prototype);
@@ -2458,8 +2590,8 @@ class AleoKeyProviderParams {
     }
 }
 /**
- * AleoKeyProvider class. Implements the KeyProvider interface. Enables the retrieval of Aleo program proving and
- * verifying keys for the credits.aleo program over http from official Aleo sources and storing and retrieving function
+ * AleoKeyProvider class. Implements the FunctionKeyProvider interface. Enables the retrieval of Aleo program proving and
+ * verifying keys for the credits.aleo program over HTTP from official Aleo sources and storing and retrieving function
  * keys from a local memory cache.
  */
 class AleoKeyProvider {
@@ -2481,6 +2613,9 @@ class AleoKeyProvider {
         this.cache = new Map();
         this.cacheOption = false;
     }
+    async keyStore() {
+        return undefined;
+    }
     /**
      * Use local memory to store keys
      *
@@ -2533,8 +2668,11 @@ class AleoKeyProvider {
     getKeys(keyId) {
         console.debug(`Checking if key exists in cache. KeyId: ${keyId}`);
         if (this.cache.has(keyId)) {
-            const [provingKeyBytes, verifyingKeyBytes] = this.cache.get(keyId);
-            return [ProvingKey.fromBytes(provingKeyBytes), VerifyingKey.fromBytes(verifyingKeyBytes)];
+            const [provingKeyBytes, verifyingKeyBytes] = (this.cache.get(keyId));
+            return [
+                ProvingKey.fromBytes(provingKeyBytes),
+                VerifyingKey.fromBytes(verifyingKeyBytes),
+            ];
         }
         else {
             throw new Error("Key not found in cache.");
@@ -2566,13 +2704,15 @@ class AleoKeyProvider {
             let verifierUrl;
             let cacheKey;
             if ("name" in params && typeof params["name"] == "string") {
-                let key = CREDITS_PROGRAM_KEYS.getKey(params["name"]);
+                const key = CREDITS_PROGRAM_KEYS.getKey(params["name"]);
                 return this.fetchCreditsKeys(key);
             }
-            if ("proverUri" in params && typeof params["proverUri"] == "string") {
+            if ("proverUri" in params &&
+                typeof params["proverUri"] == "string") {
                 proverUrl = params["proverUri"];
             }
-            if ("verifierUri" in params && typeof params["verifierUri"] == "string") {
+            if ("verifierUri" in params &&
+                typeof params["verifierUri"] == "string") {
                 verifierUrl = params["verifierUri"];
             }
             if ("cacheKey" in params && typeof params["cacheKey"] == "string") {
@@ -2621,20 +2761,26 @@ class AleoKeyProvider {
                 }
                 const value = this.cache.get(cacheKey);
                 if (typeof value !== "undefined") {
-                    return [ProvingKey.fromBytes(value[0]), VerifyingKey.fromBytes(value[1])];
+                    return [
+                        ProvingKey.fromBytes(value[0]),
+                        VerifyingKey.fromBytes(value[1]),
+                    ];
                 }
                 else {
                     console.debug("Fetching proving keys from url " + proverUrl);
-                    const provingKey = ProvingKey.fromBytes(await this.fetchBytes(proverUrl));
+                    const provingKey = (ProvingKey.fromBytes(await this.fetchBytes(proverUrl)));
                     console.debug("Fetching verifying keys " + verifierUrl);
                     const verifyingKey = (await this.getVerifyingKey(verifierUrl));
-                    this.cache.set(cacheKey, [provingKey.toBytes(), verifyingKey.toBytes()]);
+                    this.cache.set(cacheKey, [
+                        provingKey.toBytes(),
+                        verifyingKey.toBytes(),
+                    ]);
                     return [provingKey, verifyingKey];
                 }
             }
             else {
                 // If cache is disabled, fetch the keys and return them
-                const provingKey = ProvingKey.fromBytes(await this.fetchBytes(proverUrl));
+                const provingKey = (ProvingKey.fromBytes(await this.fetchBytes(proverUrl)));
                 const verifyingKey = (await this.getVerifyingKey(verifierUrl));
                 return [provingKey, verifyingKey];
             }
@@ -2664,12 +2810,12 @@ class AleoKeyProvider {
                 }
                 else {
                     console.debug("Fetching proving keys from url " + proverUrl);
-                    const provingKey = ProvingKey.fromBytes(await this.fetchBytes(proverUrl));
+                    const provingKey = (ProvingKey.fromBytes(await this.fetchBytes(proverUrl)));
                     return provingKey;
                 }
             }
             else {
-                const provingKey = ProvingKey.fromBytes(await this.fetchBytes(proverUrl));
+                const provingKey = (ProvingKey.fromBytes(await this.fetchBytes(proverUrl)));
                 return provingKey;
             }
         }
@@ -2681,7 +2827,7 @@ class AleoKeyProvider {
         try {
             if (!this.cache.has(key.locator) || !this.cacheOption) {
                 const verifying_key = key.verifyingKey();
-                const proving_key = await this.fetchProvingKey(key.prover, key.locator);
+                const proving_key = (await this.fetchProvingKey(key.prover, key.locator));
                 if (this.cacheOption) {
                     this.cache.set(CREDITS_PROGRAM_KEYS.getKey(key.name).locator, [proving_key.toBytes(), verifying_key.toBytes()]);
                 }
@@ -2689,7 +2835,10 @@ class AleoKeyProvider {
             }
             else {
                 const keyPair = this.cache.get(key.locator);
-                return [ProvingKey.fromBytes(keyPair[0]), VerifyingKey.fromBytes(keyPair[1])];
+                return [
+                    ProvingKey.fromBytes(keyPair[0]),
+                    VerifyingKey.fromBytes(keyPair[1]),
+                ];
             }
         }
         catch (error) {
@@ -2839,7 +2988,7 @@ class AleoKeyProvider {
                 catch (e) {
                     /// If that fails, try to fetch the verifying key from the network as bytes
                     try {
-                        return VerifyingKey.fromBytes(await this.fetchBytes(verifierUri));
+                        return (VerifyingKey.fromBytes(await this.fetchBytes(verifierUri)));
                     }
                     catch (inner) {
                         throw new Error("Invalid verifying key. Error: " + inner.message);
@@ -2852,6 +3001,156 @@ class AleoKeyProvider {
     }
 }
 
+/**
+ * Error thrown when there is a mismatch between expected and actual key metadata.
+ * This can occur during verification of either the checksum or size of a key.
+ *
+ * @extends Error
+ */
+class KeyVerificationError extends Error {
+    locator;
+    field;
+    expected;
+    actual;
+    /**
+     * Creates a new KeyVerificationError instance (error.name is "ChecksumMismatchError").
+     *
+     * @param {string} locator - The key locator where the mismatch occurred.
+     * @param {"checksum" | "size"} field - The field that failed verification (either "checksum" or "size").
+     * @param {string} expected - The expected value of the field.
+     * @param {string} actual - The actual value encountered.
+     */
+    constructor(locator, field, expected, actual) {
+        super(`Key verification ${locator} ${field} mismatch: expected ${expected}, got ${actual}`);
+        this.locator = locator;
+        this.field = field;
+        this.expected = expected;
+        this.actual = actual;
+        this.name = "ChecksumMismatchError";
+        Object.setPrototypeOf(this, KeyVerificationError.prototype);
+    }
+}
+/**
+ * Computes the SHA-256 checksum of a given set of bytes.
+ *
+ * @param {Uint8Array} bytes - The bytes to compute the checksum of.
+ */
+async function sha256Hex(bytes) {
+    const hash = await crypto.subtle.digest("SHA-256", bytes);
+    return Array.from(new Uint8Array(hash))
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+}
+
+/**
+ * In-memory implementation of KeyVerifier that stores and verifies key fingerprints.
+ * Provides functionality to compute and verify cryptographic checksums of keys, storing them
+ * in memory for subsequent verification. This implementation is primarily used for testing
+ * and development purposes where persistence is not required.
+ *
+ * Key features:
+ * - Computes SHA-256 checksums and sizes for key bytes.
+ * - Stores key fingerprints in memory using string locators.
+ * - Verifies key bytes against stored or provided fingerprints.
+ *
+ * @implements {KeyVerifier}
+ */
+class MemKeyVerifier {
+    keyStore = {};
+    /**
+     * Computes and optionally stores key metadata. If a keyFingerprint is provided, this function will verify the computed checksum against it before storing it.
+     *
+     * @param {KeyMetadata} keyMetadata - Object containing key bytes and optional verification data.
+     * @throws {KeyVerificationError} When provided keyFingerprint doesn't match computed values.
+     * @returns {Promise<KeyFingerprint>} Computed key metadata.
+     */
+    async computeKeyMetadata(keyMetadata) {
+        // Compute the metadata from the key bytes
+        const computedFingerprint = {
+            checksum: await sha256Hex(keyMetadata.keyBytes),
+            size: keyMetadata.keyBytes.length
+        };
+        // If a KeyFingerprint is provided, verify it matches computed values.
+        if (keyMetadata.fingerprint) {
+            if (keyMetadata.fingerprint.size !== computedFingerprint.size) {
+                throw new KeyVerificationError(keyMetadata.locator ? keyMetadata.locator : "", "size", String(keyMetadata.fingerprint.size), String(computedFingerprint.size));
+            }
+            if (keyMetadata.fingerprint.checksum !== computedFingerprint.checksum) {
+                throw new KeyVerificationError(keyMetadata.locator ? keyMetadata.locator : "", "checksum", keyMetadata.fingerprint.checksum, computedFingerprint.checksum);
+            }
+        }
+        // If locator is provided, store only the fingerprint
+        if (keyMetadata.locator) {
+            this.keyStore[keyMetadata.locator] = computedFingerprint;
+        }
+        return computedFingerprint;
+    }
+    /**
+     * Verifies key bytes against stored or provided metadata. Follows a priority verification scheme:
+     * 1. If KeyFingerprint is provided in the metadata, this method verifies against that first.
+     * 2. If a locator is provided, attempts to verify against stored fingerprint.
+     * 3. If neither is available, throws an error.
+     *
+     * @param {KeyMetadata} keyMetadata - Object containing the key bytes and optional verification metadata.
+     * @throws {Error} When neither fingerprint nor valid locator is provided for verification.
+     * @throws {KeyVerificationError} When size or checksum verification fails.
+     * @returns {Promise<void>} Promise that resolves when verification succeeds.
+     */
+    async verifyKeyBytes(keyMetadata) {
+        if (!keyMetadata.keyBytes) {
+            throw new Error("Key bytes must be provided for verification.");
+        }
+        // Compute the fingerprint for the provided bytes.
+        const computedFingerprint = await this.computeKeyMetadata({
+            keyBytes: keyMetadata.keyBytes
+        });
+        // Determine which fingerprint to verify against.
+        let fingerprintToVerify;
+        if (keyMetadata.fingerprint) {
+            // If a key fingerprint is provided, use it.
+            fingerprintToVerify = keyMetadata.fingerprint;
+        }
+        else if (keyMetadata.locator) {
+            // Otherwise try to get stored fingerprint by locator.
+            fingerprintToVerify = this.keyStore[keyMetadata.locator];
+        }
+        if (!fingerprintToVerify) {
+            throw new Error("Either fingerprint or a valid locator must be provided for verification.");
+        }
+        // Verify the key size.
+        if (fingerprintToVerify.size !== computedFingerprint.size) {
+            throw new KeyVerificationError(keyMetadata.locator || "", "size", String(fingerprintToVerify.size), String(computedFingerprint.size));
+        }
+        // Verify the key checksum.
+        if (fingerprintToVerify.checksum !== computedFingerprint.checksum) {
+            throw new KeyVerificationError(keyMetadata.locator || "", "checksum", fingerprintToVerify.checksum, computedFingerprint.checksum);
+        }
+    }
+}
+
+/**
+ * Error thrown when a key locator is invalid for filesystem use.
+ * Used to prevent path traversal and other filesystem injection when deriving paths from locators.
+ *
+ * @extends Error
+ */
+class InvalidLocatorError extends Error {
+    locator;
+    reason;
+    /**
+     * @param message - Human-readable description of the validation failure.
+     * @param locator - The invalid locator string that failed validation.
+     * @param reason - Machine-readable reason code for the failure.
+     */
+    constructor(message, locator, reason) {
+        super(message);
+        this.locator = locator;
+        this.reason = reason;
+        this.name = "InvalidLocatorError";
+        Object.setPrototypeOf(this, InvalidLocatorError.prototype);
+    }
+}
+
 /**
  * Search parameters for the offline key provider. This class implements the KeySearchParams interface and includes
  * a convenience method for creating a new instance of this class for each function of the credits.aleo program.
@@ -2891,7 +3190,7 @@ class OfflineSearchParams {
         return new OfflineSearchParams(CREDITS_PROGRAM_KEYS.bond_validator.locator, true);
     }
     /**
-     * Create a new OfflineSearchParams instance for the claim_unbond_public function of the
+     * Create a new OfflineSearchParams instance for the claim_unbond_public function of the credits.aleo program.
      */
     static claimUnbondPublicKeyParams() {
         return new OfflineSearchParams(CREDITS_PROGRAM_KEYS.claim_unbond_public.locator, true);
@@ -3025,6 +3324,9 @@ class OfflineKeyProvider {
     constructor() {
         this.cache = new Map();
     }
+    keyStore() {
+        return Promise.resolve(undefined);
+    }
     /**
      * Get bond_public function keys from the credits.aleo program. The keys must be cached prior to calling this
      * method for it to work.
@@ -4005,6 +4307,56 @@ class RecordScanner {
             return this.handleRequestError(err);
         }
     }
+    /**
+     * Remove all local scanner state associated with the given UUID (stored uuid, viewKeys entry, account if it matches).
+     * Called after a successful revoke so the scanner does not retain view keys or account for a revoked registration.
+     */
+    clearLocalStateForUuid(uuidStr) {
+        if (this.uuid != null && this.uuid.toString() === uuidStr) {
+            this.uuid = undefined;
+        }
+        if (this.viewKeys != null) {
+            delete this.viewKeys[uuidStr];
+            if (Object.keys(this.viewKeys).length === 0) {
+                this.viewKeys = undefined;
+            }
+        }
+        if (this.account != null && this.computeUUID(this.account.viewKey()).toString() === uuidStr) {
+            this.account = undefined;
+        }
+    }
+    /**
+     * Revoke the account registration with the record scanning service (POST /revoke). On success, also removes
+     * all local state for that UUID: the stored UUID (if it matches), the view key for that UUID, and the
+     * account (if its view key corresponds to that UUID).
+     *
+     * @param {string | Field | undefined} uuid The UUID to revoke. If omitted, uses the UUID configured on the scanner.
+     * @returns {Promise<RevokeResult>} `{ ok: true, data: { status } }` on success, or `{ ok: false, status, error }` on failure.
+     * @throws {UUIDError} When no UUID is configured and none provided, or when the UUID string is invalid.
+     */
+    async revoke(uuid) {
+        const resolvedUuid = uuid ?? this.uuid;
+        if (!resolvedUuid) {
+            throw new UUIDError("No UUID configured for the record scanner and no UUID provided.");
+        }
+        const uuidStr = typeof resolvedUuid === "string" ? resolvedUuid : resolvedUuid.toString();
+        if (!this.uuidIsValid(uuidStr)) {
+            throw new UUIDError(`UUID provided ${uuidStr} is invalid`, uuidStr);
+        }
+        try {
+            const response = await this.request(new Request(`${this.url}/revoke`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify(uuidStr),
+            }));
+            const data = await response.json();
+            this.clearLocalStateForUuid(uuidStr);
+            return { ok: true, data };
+        }
+        catch (err) {
+            return this.handleRequestError(err);
+        }
+    }
     /**
      * Get encrypted records from the record scanning service. This is a safe variant of /records/encrypted that returns
      * a result instead of throwing on HTTP error.
@@ -4164,8 +4516,7 @@ class RecordScanner {
         // Throw an error if none could be found, otherwise set the UUID on the filter with either the UUID configured
         // within the filter or the UUID configured within the scanner.
         if (!uuid) {
-            throw new Error("Error while using the record scanner. UUID is not set on the scanner and the UUID " +
-                "provided in the record filter was invalid.");
+            throw new UUIDError("Error while using the record scanner. UUID is not set on the scanner and the UUID provided in the record filter was invalid.", undefined, filter);
         }
         filter.uuid = uuid;
         // Inner request used to retry once after 422 re-register without duplicating logic.
@@ -5240,8 +5591,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Get the private key from the account if it is not provided in the parameters
@@ -5524,8 +5875,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Resolve the program imports if they exist.
@@ -5617,8 +5968,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Build and return an `Authorization` for the desired function.
@@ -5687,8 +6038,8 @@ class ProgramManager {
                 edition = await this.networkClient.getLatestProgramEdition(programName);
             }
             catch (e) {
-                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 1.`);
-                edition = 1;
+                console.warn(`Error finding edition for ${programName}. Network response: '${e.message}'. Assuming edition 0.`);
+                edition = 0;
             }
         }
         // Get the private key from the account if it is not provided in the parameters.
@@ -7073,7 +7424,7 @@ class ProgramManager {
      * import { AleoKeyProvider, getOrInitConsensusVersionTestHeights, ProgramManager, NetworkRecordProvider } from "@provablehq/sdk/mainnet.js";
      *
      * // Initialize the development consensus heights in order to work with devnode.
-     * getOrInitConsensusVersionTestHeights("0,1,2,3,4,5,6,7,8,9,10,11");
+     * getOrInitConsensusVersionTestHeights("0,1,2,3,4,5,6,7,8,9,10,11,12");
      *
      * // Create a new NetworkClient and RecordProvider.
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
@@ -7205,7 +7556,7 @@ class ProgramManager {
      * import { ProgramManager, NetworkRecordProvider, getOrInitConsensusVersionTestHeights } from "@provablehq/sdk/mainnet.js";
      *
      * // Initialize the development consensus heights in order to work with a local devnode.
-     * getOrInitConsensusVersionTestHeights("0,1,2,3,4,5,6,7,8,9,10,11");
+     * getOrInitConsensusVersionTestHeights("0,1,2,3,4,5,6,7,8,9,10,11,12");
      *
      * // Create a new NetworkClient, and RecordProvider
      * const recordProvider = new NetworkRecordProvider(account, networkClient);
@@ -7418,5 +7769,5 @@ async function initializeWasm() {
     console.warn("initializeWasm is deprecated, you no longer need to use it");
 }
 
-export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoNetworkClient, BlockHeightSearch, CREDITS_PROGRAM_KEYS, DecryptionNotEnabledError, KEY_STORE, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TO_PRIVATE_TRANSFER, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, ProgramManager, RECORD_DOMAIN, RecordNotFoundError, RecordScanner, RecordScannerRequestError, SealanceMerkleTree, UUIDError, VALID_TRANSFER_TYPES, ViewKeyNotStoredError, encryptAuthorization, encryptProvingRequest, encryptRegistrationRequest, encryptViewKey, initializeWasm, isProveApiErrorBody, isProvingResponse, logAndThrow };
+export { Account, AleoKeyProvider, AleoKeyProviderParams, AleoNetworkClient, BlockHeightSearch, CREDITS_PROGRAM_KEYS, KeyVerificationError as ChecksumMismatchError, DecryptionNotEnabledError, InvalidLocatorError, KEY_STORE, KeyVerificationError, MemKeyVerifier, NetworkRecordProvider, OfflineKeyProvider, OfflineSearchParams, PRIVATE_TO_PUBLIC_TRANSFER, PRIVATE_TRANSFER, PRIVATE_TRANSFER_TYPES, PUBLIC_TO_PRIVATE_TRANSFER, PUBLIC_TRANSFER, PUBLIC_TRANSFER_AS_SIGNER, ProgramManager, RECORD_DOMAIN, RecordNotFoundError, RecordScanner, RecordScannerRequestError, SealanceMerkleTree, UUIDError, VALID_TRANSFER_TYPES, ViewKeyNotStoredError, encryptAuthorization, encryptProvingRequest, encryptRegistrationRequest, encryptViewKey, initializeWasm, isProveApiErrorBody, isProvingResponse, logAndThrow, sha256Hex, zeroizeBytes };
 //# sourceMappingURL=browser.js.map