@rialo/ts-cdk 0.2.0 → 0.3.0-alpha.1

package/dist/index.js

@@ -1,34 +1,585 @@
 'use strict';
 
+var chacha20poly1305 = require('@hpke/chacha20poly1305');
+var core = require('@hpke/core');
+
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
 var __commonJS = (cb, mod) => function __require() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
   if (from && typeof from === "object" || typeof from === "function") {
     for (let key of __getOwnPropNames(from))
       if (!__hasOwnProp.call(to, key) && key !== except)
         __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
   }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  __defProp(target, "default", { value: mod, enumerable: true }) ,
-  mod
-));
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  __defProp(target, "default", { value: mod, enumerable: true }) ,
+  mod
+));
+
+// node_modules/@scure/base/index.js
+var base_exports = {};
+__export(base_exports, {
+  base16: () => base16,
+  base32: () => base32,
+  base32crockford: () => base32crockford,
+  base32hex: () => base32hex,
+  base32hexnopad: () => base32hexnopad,
+  base32nopad: () => base32nopad,
+  base58: () => base58,
+  base58check: () => base58check,
+  base58flickr: () => base58flickr,
+  base58xmr: () => base58xmr,
+  base58xrp: () => base58xrp,
+  base64: () => base64,
+  base64nopad: () => base64nopad,
+  base64url: () => base64url,
+  base64urlnopad: () => base64urlnopad,
+  bech32: () => bech32,
+  bech32m: () => bech32m,
+  bytes: () => bytes,
+  bytesToString: () => bytesToString,
+  createBase58check: () => createBase58check,
+  hex: () => hex,
+  str: () => str,
+  stringToBytes: () => stringToBytes,
+  utf8: () => utf8,
+  utils: () => utils
+});
+function isBytes3(a) {
+  return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
+}
+function abytes3(b) {
+  if (!isBytes3(b))
+    throw new Error("Uint8Array expected");
+}
+function isArrayOf(isString, arr) {
+  if (!Array.isArray(arr))
+    return false;
+  if (arr.length === 0)
+    return true;
+  if (isString) {
+    return arr.every((item) => typeof item === "string");
+  } else {
+    return arr.every((item) => Number.isSafeInteger(item));
+  }
+}
+function afn(input) {
+  if (typeof input !== "function")
+    throw new Error("function expected");
+  return true;
+}
+function astr(label, input) {
+  if (typeof input !== "string")
+    throw new Error(`${label}: string expected`);
+  return true;
+}
+function anumber2(n) {
+  if (!Number.isSafeInteger(n))
+    throw new Error(`invalid integer: ${n}`);
+}
+function aArr(input) {
+  if (!Array.isArray(input))
+    throw new Error("array expected");
+}
+function astrArr(label, input) {
+  if (!isArrayOf(true, input))
+    throw new Error(`${label}: array of strings expected`);
+}
+function anumArr(label, input) {
+  if (!isArrayOf(false, input))
+    throw new Error(`${label}: array of numbers expected`);
+}
+// @__NO_SIDE_EFFECTS__
+function chain(...args) {
+  const id = (a) => a;
+  const wrap = (a, b) => (c) => a(b(c));
+  const encode = args.map((x) => x.encode).reduceRight(wrap, id);
+  const decode = args.map((x) => x.decode).reduce(wrap, id);
+  return { encode, decode };
+}
+// @__NO_SIDE_EFFECTS__
+function alphabet(letters) {
+  const lettersA = typeof letters === "string" ? letters.split("") : letters;
+  const len = lettersA.length;
+  astrArr("alphabet", lettersA);
+  const indexes = new Map(lettersA.map((l, i) => [l, i]));
+  return {
+    encode: (digits) => {
+      aArr(digits);
+      return digits.map((i) => {
+        if (!Number.isSafeInteger(i) || i < 0 || i >= len)
+          throw new Error(`alphabet.encode: digit index outside alphabet "${i}". Allowed: ${letters}`);
+        return lettersA[i];
+      });
+    },
+    decode: (input) => {
+      aArr(input);
+      return input.map((letter) => {
+        astr("alphabet.decode", letter);
+        const i = indexes.get(letter);
+        if (i === void 0)
+          throw new Error(`Unknown letter: "${letter}". Allowed: ${letters}`);
+        return i;
+      });
+    }
+  };
+}
+// @__NO_SIDE_EFFECTS__
+function join(separator = "") {
+  astr("join", separator);
+  return {
+    encode: (from) => {
+      astrArr("join.decode", from);
+      return from.join(separator);
+    },
+    decode: (to) => {
+      astr("join.decode", to);
+      return to.split(separator);
+    }
+  };
+}
+// @__NO_SIDE_EFFECTS__
+function padding(bits, chr = "=") {
+  anumber2(bits);
+  astr("padding", chr);
+  return {
+    encode(data) {
+      astrArr("padding.encode", data);
+      while (data.length * bits % 8)
+        data.push(chr);
+      return data;
+    },
+    decode(input) {
+      astrArr("padding.decode", input);
+      let end = input.length;
+      if (end * bits % 8)
+        throw new Error("padding: invalid, string should have whole number of bytes");
+      for (; end > 0 && input[end - 1] === chr; end--) {
+        const last = end - 1;
+        const byte = last * bits;
+        if (byte % 8 === 0)
+          throw new Error("padding: invalid, string has too much padding");
+      }
+      return input.slice(0, end);
+    }
+  };
+}
+// @__NO_SIDE_EFFECTS__
+function normalize(fn) {
+  afn(fn);
+  return { encode: (from) => from, decode: (to) => fn(to) };
+}
+function convertRadix(data, from, to) {
+  if (from < 2)
+    throw new Error(`convertRadix: invalid from=${from}, base cannot be less than 2`);
+  if (to < 2)
+    throw new Error(`convertRadix: invalid to=${to}, base cannot be less than 2`);
+  aArr(data);
+  if (!data.length)
+    return [];
+  let pos = 0;
+  const res = [];
+  const digits = Array.from(data, (d) => {
+    anumber2(d);
+    if (d < 0 || d >= from)
+      throw new Error(`invalid integer: ${d}`);
+    return d;
+  });
+  const dlen = digits.length;
+  while (true) {
+    let carry = 0;
+    let done = true;
+    for (let i = pos; i < dlen; i++) {
+      const digit = digits[i];
+      const fromCarry = from * carry;
+      const digitBase = fromCarry + digit;
+      if (!Number.isSafeInteger(digitBase) || fromCarry / from !== carry || digitBase - digit !== fromCarry) {
+        throw new Error("convertRadix: carry overflow");
+      }
+      const div = digitBase / to;
+      carry = digitBase % to;
+      const rounded = Math.floor(div);
+      digits[i] = rounded;
+      if (!Number.isSafeInteger(rounded) || rounded * to + carry !== digitBase)
+        throw new Error("convertRadix: carry overflow");
+      if (!done)
+        continue;
+      else if (!rounded)
+        pos = i;
+      else
+        done = false;
+    }
+    res.push(carry);
+    if (done)
+      break;
+  }
+  for (let i = 0; i < data.length - 1 && data[i] === 0; i++)
+    res.push(0);
+  return res.reverse();
+}
+function convertRadix2(data, from, to, padding2) {
+  aArr(data);
+  if (from <= 0 || from > 32)
+    throw new Error(`convertRadix2: wrong from=${from}`);
+  if (to <= 0 || to > 32)
+    throw new Error(`convertRadix2: wrong to=${to}`);
+  if (/* @__PURE__ */ radix2carry(from, to) > 32) {
+    throw new Error(`convertRadix2: carry overflow from=${from} to=${to} carryBits=${/* @__PURE__ */ radix2carry(from, to)}`);
+  }
+  let carry = 0;
+  let pos = 0;
+  const max = powers[from];
+  const mask = powers[to] - 1;
+  const res = [];
+  for (const n of data) {
+    anumber2(n);
+    if (n >= max)
+      throw new Error(`convertRadix2: invalid data word=${n} from=${from}`);
+    carry = carry << from | n;
+    if (pos + from > 32)
+      throw new Error(`convertRadix2: carry overflow pos=${pos} from=${from}`);
+    pos += from;
+    for (; pos >= to; pos -= to)
+      res.push((carry >> pos - to & mask) >>> 0);
+    const pow = powers[pos];
+    if (pow === void 0)
+      throw new Error("invalid carry");
+    carry &= pow - 1;
+  }
+  carry = carry << to - pos & mask;
+  if (!padding2 && pos >= from)
+    throw new Error("Excess padding");
+  if (!padding2 && carry > 0)
+    throw new Error(`Non-zero padding: ${carry}`);
+  if (padding2 && pos > 0)
+    res.push(carry >>> 0);
+  return res;
+}
+// @__NO_SIDE_EFFECTS__
+function radix(num) {
+  anumber2(num);
+  const _256 = 2 ** 8;
+  return {
+    encode: (bytes2) => {
+      if (!isBytes3(bytes2))
+        throw new Error("radix.encode input should be Uint8Array");
+      return convertRadix(Array.from(bytes2), _256, num);
+    },
+    decode: (digits) => {
+      anumArr("radix.decode", digits);
+      return Uint8Array.from(convertRadix(digits, num, _256));
+    }
+  };
+}
+// @__NO_SIDE_EFFECTS__
+function radix2(bits, revPadding = false) {
+  anumber2(bits);
+  if (bits <= 0 || bits > 32)
+    throw new Error("radix2: bits should be in (0..32]");
+  if (/* @__PURE__ */ radix2carry(8, bits) > 32 || /* @__PURE__ */ radix2carry(bits, 8) > 32)
+    throw new Error("radix2: carry overflow");
+  return {
+    encode: (bytes2) => {
+      if (!isBytes3(bytes2))
+        throw new Error("radix2.encode input should be Uint8Array");
+      return convertRadix2(Array.from(bytes2), 8, bits, !revPadding);
+    },
+    decode: (digits) => {
+      anumArr("radix2.decode", digits);
+      return Uint8Array.from(convertRadix2(digits, bits, 8, revPadding));
+    }
+  };
+}
+function unsafeWrapper(fn) {
+  afn(fn);
+  return function(...args) {
+    try {
+      return fn.apply(null, args);
+    } catch (e) {
+    }
+  };
+}
+function checksum(len, fn) {
+  anumber2(len);
+  afn(fn);
+  return {
+    encode(data) {
+      if (!isBytes3(data))
+        throw new Error("checksum.encode: input should be Uint8Array");
+      const sum = fn(data).slice(0, len);
+      const res = new Uint8Array(data.length + len);
+      res.set(data);
+      res.set(sum, data.length);
+      return res;
+    },
+    decode(data) {
+      if (!isBytes3(data))
+        throw new Error("checksum.decode: input should be Uint8Array");
+      const payload = data.slice(0, -len);
+      const oldChecksum = data.slice(-len);
+      const newChecksum = fn(payload).slice(0, len);
+      for (let i = 0; i < len; i++)
+        if (newChecksum[i] !== oldChecksum[i])
+          throw new Error("Invalid checksum");
+      return payload;
+    }
+  };
+}
+function bech32Polymod(pre) {
+  const b = pre >> 25;
+  let chk = (pre & 33554431) << 5;
+  for (let i = 0; i < POLYMOD_GENERATORS.length; i++) {
+    if ((b >> i & 1) === 1)
+      chk ^= POLYMOD_GENERATORS[i];
+  }
+  return chk;
+}
+function bechChecksum(prefix, words, encodingConst = 1) {
+  const len = prefix.length;
+  let chk = 1;
+  for (let i = 0; i < len; i++) {
+    const c = prefix.charCodeAt(i);
+    if (c < 33 || c > 126)
+      throw new Error(`Invalid prefix (${prefix})`);
+    chk = bech32Polymod(chk) ^ c >> 5;
+  }
+  chk = bech32Polymod(chk);
+  for (let i = 0; i < len; i++)
+    chk = bech32Polymod(chk) ^ prefix.charCodeAt(i) & 31;
+  for (let v of words)
+    chk = bech32Polymod(chk) ^ v;
+  for (let i = 0; i < 6; i++)
+    chk = bech32Polymod(chk);
+  chk ^= encodingConst;
+  return BECH_ALPHABET.encode(convertRadix2([chk % powers[30]], 30, 5, false));
+}
+// @__NO_SIDE_EFFECTS__
+function genBech32(encoding) {
+  const ENCODING_CONST = encoding === "bech32" ? 1 : 734539939;
+  const _words = /* @__PURE__ */ radix2(5);
+  const fromWords = _words.decode;
+  const toWords = _words.encode;
+  const fromWordsUnsafe = unsafeWrapper(fromWords);
+  function encode(prefix, words, limit = 90) {
+    astr("bech32.encode prefix", prefix);
+    if (isBytes3(words))
+      words = Array.from(words);
+    anumArr("bech32.encode", words);
+    const plen = prefix.length;
+    if (plen === 0)
+      throw new TypeError(`Invalid prefix length ${plen}`);
+    const actualLength = plen + 7 + words.length;
+    if (limit !== false && actualLength > limit)
+      throw new TypeError(`Length ${actualLength} exceeds limit ${limit}`);
+    const lowered = prefix.toLowerCase();
+    const sum = bechChecksum(lowered, words, ENCODING_CONST);
+    return `${lowered}1${BECH_ALPHABET.encode(words)}${sum}`;
+  }
+  function decode(str2, limit = 90) {
+    astr("bech32.decode input", str2);
+    const slen = str2.length;
+    if (slen < 8 || limit !== false && slen > limit)
+      throw new TypeError(`invalid string length: ${slen} (${str2}). Expected (8..${limit})`);
+    const lowered = str2.toLowerCase();
+    if (str2 !== lowered && str2 !== str2.toUpperCase())
+      throw new Error(`String must be lowercase or uppercase`);
+    const sepIndex = lowered.lastIndexOf("1");
+    if (sepIndex === 0 || sepIndex === -1)
+      throw new Error(`Letter "1" must be present between prefix and data only`);
+    const prefix = lowered.slice(0, sepIndex);
+    const data = lowered.slice(sepIndex + 1);
+    if (data.length < 6)
+      throw new Error("Data must be at least 6 characters long");
+    const words = BECH_ALPHABET.decode(data).slice(0, -6);
+    const sum = bechChecksum(prefix, words, ENCODING_CONST);
+    if (!data.endsWith(sum))
+      throw new Error(`Invalid checksum in ${str2}: expected "${sum}"`);
+    return { prefix, words };
+  }
+  const decodeUnsafe = unsafeWrapper(decode);
+  function decodeToBytes(str2) {
+    const { prefix, words } = decode(str2, false);
+    return { prefix, words, bytes: fromWords(words) };
+  }
+  function encodeFromBytes(prefix, bytes2) {
+    return encode(prefix, toWords(bytes2));
+  }
+  return {
+    encode,
+    decode,
+    encodeFromBytes,
+    decodeToBytes,
+    decodeUnsafe,
+    fromWords,
+    fromWordsUnsafe,
+    toWords
+  };
+}
+var gcd, radix2carry, powers, utils, base16, base32, base32nopad, base32hex, base32hexnopad, base32crockford, hasBase64Builtin, decodeBase64Builtin, base64, base64nopad, base64url, base64urlnopad, genBase58, base58, base58flickr, base58xrp, XMR_BLOCK_LEN, base58xmr, createBase58check, base58check, BECH_ALPHABET, POLYMOD_GENERATORS, bech32, bech32m, utf8, hasHexBuiltin, hexBuiltin, hex, CODERS, coderTypeError, bytesToString, str, stringToBytes, bytes;
+var init_base = __esm({
+  "node_modules/@scure/base/index.js"() {
+    gcd = (a, b) => b === 0 ? a : gcd(b, a % b);
+    radix2carry = /* @__NO_SIDE_EFFECTS__ */ (from, to) => from + (to - gcd(from, to));
+    powers = /* @__PURE__ */ (() => {
+      let res = [];
+      for (let i = 0; i < 40; i++)
+        res.push(2 ** i);
+      return res;
+    })();
+    utils = {
+      alphabet,
+      chain,
+      checksum,
+      convertRadix,
+      convertRadix2,
+      radix,
+      radix2,
+      join,
+      padding
+    };
+    base16 = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(4), /* @__PURE__ */ alphabet("0123456789ABCDEF"), /* @__PURE__ */ join(""));
+    base32 = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(5), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"), /* @__PURE__ */ padding(5), /* @__PURE__ */ join(""));
+    base32nopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(5), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"), /* @__PURE__ */ join(""));
+    base32hex = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(5), /* @__PURE__ */ alphabet("0123456789ABCDEFGHIJKLMNOPQRSTUV"), /* @__PURE__ */ padding(5), /* @__PURE__ */ join(""));
+    base32hexnopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(5), /* @__PURE__ */ alphabet("0123456789ABCDEFGHIJKLMNOPQRSTUV"), /* @__PURE__ */ join(""));
+    base32crockford = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(5), /* @__PURE__ */ alphabet("0123456789ABCDEFGHJKMNPQRSTVWXYZ"), /* @__PURE__ */ join(""), /* @__PURE__ */ normalize((s) => s.toUpperCase().replace(/O/g, "0").replace(/[IL]/g, "1")));
+    hasBase64Builtin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toBase64 === "function" && typeof Uint8Array.fromBase64 === "function")();
+    decodeBase64Builtin = (s, isUrl) => {
+      astr("base64", s);
+      const re = isUrl ? /^[A-Za-z0-9=_-]+$/ : /^[A-Za-z0-9=+/]+$/;
+      const alphabet2 = isUrl ? "base64url" : "base64";
+      if (s.length > 0 && !re.test(s))
+        throw new Error("invalid base64");
+      return Uint8Array.fromBase64(s, { alphabet: alphabet2, lastChunkHandling: "strict" });
+    };
+    base64 = hasBase64Builtin ? {
+      encode(b) {
+        abytes3(b);
+        return b.toBase64();
+      },
+      decode(s) {
+        return decodeBase64Builtin(s, false);
+      }
+    } : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join(""));
+    base64nopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ join(""));
+    base64url = hasBase64Builtin ? {
+      encode(b) {
+        abytes3(b);
+        return b.toBase64({ alphabet: "base64url" });
+      },
+      decode(s) {
+        return decodeBase64Builtin(s, true);
+      }
+    } : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join(""));
+    base64urlnopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"), /* @__PURE__ */ join(""));
+    genBase58 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain(/* @__PURE__ */ radix(58), /* @__PURE__ */ alphabet(abc), /* @__PURE__ */ join(""));
+    base58 = /* @__PURE__ */ genBase58("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
+    base58flickr = /* @__PURE__ */ genBase58("123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ");
+    base58xrp = /* @__PURE__ */ genBase58("rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz");
+    XMR_BLOCK_LEN = [0, 2, 3, 5, 6, 7, 9, 10, 11];
+    base58xmr = {
+      encode(data) {
+        let res = "";
+        for (let i = 0; i < data.length; i += 8) {
+          const block = data.subarray(i, i + 8);
+          res += base58.encode(block).padStart(XMR_BLOCK_LEN[block.length], "1");
+        }
+        return res;
+      },
+      decode(str2) {
+        let res = [];
+        for (let i = 0; i < str2.length; i += 11) {
+          const slice = str2.slice(i, i + 11);
+          const blockLen = XMR_BLOCK_LEN.indexOf(slice.length);
+          const block = base58.decode(slice);
+          for (let j = 0; j < block.length - blockLen; j++) {
+            if (block[j] !== 0)
+              throw new Error("base58xmr: wrong padding");
+          }
+          res = res.concat(Array.from(block.slice(block.length - blockLen)));
+        }
+        return Uint8Array.from(res);
+      }
+    };
+    createBase58check = (sha2563) => /* @__PURE__ */ chain(checksum(4, (data) => sha2563(sha2563(data))), base58);
+    base58check = createBase58check;
+    BECH_ALPHABET = /* @__PURE__ */ chain(/* @__PURE__ */ alphabet("qpzry9x8gf2tvdw0s3jn54khce6mua7l"), /* @__PURE__ */ join(""));
+    POLYMOD_GENERATORS = [996825010, 642813549, 513874426, 1027748829, 705979059];
+    bech32 = /* @__PURE__ */ genBech32("bech32");
+    bech32m = /* @__PURE__ */ genBech32("bech32m");
+    utf8 = {
+      encode: (data) => new TextDecoder().decode(data),
+      decode: (str2) => new TextEncoder().encode(str2)
+    };
+    hasHexBuiltin = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toHex === "function" && typeof Uint8Array.fromHex === "function")();
+    hexBuiltin = {
+      encode(data) {
+        abytes3(data);
+        return data.toHex();
+      },
+      decode(s) {
+        astr("hex", s);
+        return Uint8Array.fromHex(s);
+      }
+    };
+    hex = hasHexBuiltin ? hexBuiltin : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(4), /* @__PURE__ */ alphabet("0123456789abcdef"), /* @__PURE__ */ join(""), /* @__PURE__ */ normalize((s) => {
+      if (typeof s !== "string" || s.length % 2 !== 0)
+        throw new TypeError(`hex.decode: expected string, got ${typeof s} with length ${s.length}`);
+      return s.toLowerCase();
+    }));
+    CODERS = {
+      utf8,
+      hex,
+      base16,
+      base32,
+      base64,
+      base64url,
+      base58,
+      base58xmr
+    };
+    coderTypeError = "Invalid encoding type. Available types: utf8, hex, base16, base32, base64, base64url, base58, base58xmr";
+    bytesToString = (type, bytes2) => {
+      if (typeof type !== "string" || !CODERS.hasOwnProperty(type))
+        throw new TypeError(coderTypeError);
+      if (!isBytes3(bytes2))
+        throw new TypeError("bytesToString() expects Uint8Array");
+      return CODERS[type].encode(bytes2);
+    };
+    str = bytesToString;
+    stringToBytes = (type, str2) => {
+      if (!CODERS.hasOwnProperty(type))
+        throw new TypeError(coderTypeError);
+      if (typeof str2 !== "string")
+        throw new TypeError("stringToBytes() expects string");
+      return CODERS[type].decode(str2);
+    };
+    bytes = stringToBytes;
+  }
+});
 
 // node_modules/@protobufjs/float/index.js
 var require_float = __commonJS({
-  "node_modules/@protobufjs/float/index.js"(exports, module) {
+  "node_modules/@protobufjs/float/index.js"(exports$1, module) {
     module.exports = factory(factory);
     function factory(exports2) {
       if (typeof Float32Array !== "undefined") (function() {
@@ -221,9 +772,9 @@ var require_float = __commonJS({
 
 // node_modules/@protobufjs/utf8/index.js
 var require_utf8 = __commonJS({
-  "node_modules/@protobufjs/utf8/index.js"(exports) {
-    var utf82 = exports;
-    utf82.length = function utf8_length(string) {
+  "node_modules/@protobufjs/utf8/index.js"(exports$1) {
+    var utf83 = exports$1;
+    utf83.length = function utf8_length(string) {
       var len = 0, c = 0;
       for (var i = 0; i < string.length; ++i) {
         c = string.charCodeAt(i);
@@ -239,7 +790,7 @@ var require_utf8 = __commonJS({
       }
       return len;
     };
-    utf82.read = function utf8_read(buffer, start, end) {
+    utf83.read = function utf8_read(buffer, start, end) {
       var len = end - start;
       if (len < 1)
         return "";
@@ -268,7 +819,7 @@ var require_utf8 = __commonJS({
       }
       return String.fromCharCode.apply(String, chunk.slice(0, i));
     };
-    utf82.write = function utf8_write(string, buffer, offset) {
+    utf83.write = function utf8_write(string, buffer, offset) {
       var start = offset, c1, c2;
       for (var i = 0; i < string.length; ++i) {
         c1 = string.charCodeAt(i);
@@ -301,7 +852,6 @@ var URL_MAINNET = "https://mainnet.rialo.io:4101";
 var URL_TESTNET = "https://testnet.rialo.io:4101";
 var URL_DEVNET = "https://devnet.rialo.io:4101";
 var URL_LOCALNET = "http://localhost:4104";
-var URL_SHITNET = "http://shitnet.rialo.io:4100";
 var RIALO_MAINNET_CHAIN = {
   id: "rialo:mainnet",
   name: "Mainnet",
@@ -322,11 +872,6 @@ var RIALO_LOCALNET_CHAIN = {
   name: "Localhost",
   rpcUrl: URL_LOCALNET
 };
-var RIALO_SHITNET_CHAIN = {
-  id: "rialo:shitnet",
-  name: "Shitnet",
-  rpcUrl: URL_SHITNET
-};
 var SYSTEM_PROGRAM_ID = "11111111111111111111111111111111";
 var BASE_DERIVATION_PATH = "m/44'/756'/";
 var KELVIN_PER_RLO = 1e9;
@@ -412,13 +957,13 @@ var isBig = (n) => typeof n === "bigint";
 var isStr = (s) => typeof s === "string";
 var isBytes = (a) => a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
 var abytes = (value, length, title = "") => {
-  const bytes = isBytes(value);
+  const bytes2 = isBytes(value);
   const len = value?.length;
   const needsLen = length !== void 0;
-  if (!bytes || needsLen && len !== length) {
+  if (!bytes2 || needsLen && len !== length) {
     const prefix = title && `"${title}" `;
     const ofLen = needsLen ? ` of length ${length}` : "";
-    const got = bytes ? `length=${len}` : `type=${typeof value}`;
+    const got = bytes2 ? `length=${len}` : `type=${typeof value}`;
     err(prefix + "expected Uint8Array" + ofLen + ", got " + got);
   }
   return value;
@@ -437,18 +982,18 @@ var _ch = (ch) => {
     return ch - (C.a - 10);
   return;
 };
-var hexToBytes = (hex) => {
+var hexToBytes = (hex2) => {
   const e = "hex invalid";
-  if (!isStr(hex))
+  if (!isStr(hex2))
     return err(e);
-  const hl = hex.length;
+  const hl = hex2.length;
   const al = hl / 2;
   if (hl % 2)
     return err(e);
   const array = u8n(al);
   for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) {
-    const n1 = _ch(hex.charCodeAt(hi));
-    const n2 = _ch(hex.charCodeAt(hi + 1));
+    const n1 = _ch(hex2.charCodeAt(hi));
+    const n2 = _ch(hex2.charCodeAt(hi + 1));
     if (n1 === void 0 || n2 === void 0)
       return err(e);
     array[ai] = n1 * 16 + n2;
@@ -514,10 +1059,10 @@ var Point = class _Point {
     return new _Point(p.x, p.y, 1n, M(p.x * p.y));
   }
   /** RFC8032 5.1.3: Uint8Array to Point. */
-  static fromBytes(hex, zip215 = false) {
+  static fromBytes(hex2, zip215 = false) {
     const d = _d;
-    const normed = u8fr(abytes(hex, L));
-    const lastByte = hex[31];
+    const normed = u8fr(abytes(hex2, L));
+    const lastByte = hex2[31];
     normed[31] = lastByte & -129;
     const y = bytesToNumLE(normed);
     const max = zip215 ? B256 : P;
@@ -536,8 +1081,8 @@ var Point = class _Point {
       x = M(-x);
     return new _Point(x, y, 1n, M(x * y));
   }
-  static fromHex(hex, zip215) {
-    return _Point.fromBytes(hexToBytes(hex), zip215);
+  static fromHex(hex2, zip215) {
+    return _Point.fromBytes(hexToBytes(hex2), zip215);
   }
   get x() {
     return this.toAffine().x;
@@ -876,13 +1421,13 @@ function anumber(n, title = "") {
   }
 }
 function abytes2(value, length, title = "") {
-  const bytes = isBytes2(value);
+  const bytes2 = isBytes2(value);
   const len = value?.length;
   const needsLen = length !== void 0;
-  if (!bytes || needsLen && len !== length) {
+  if (!bytes2 || needsLen && len !== length) {
     const prefix = title && `"${title}" `;
     const ofLen = needsLen ? ` of length ${length}` : "";
-    const got = bytes ? `length=${len}` : `type=${typeof value}`;
+    const got = bytes2 ? `length=${len}` : `type=${typeof value}`;
     throw new Error(prefix + "expected Uint8Array" + ofLen + ", got " + got);
   }
   return value;
@@ -1399,354 +1944,72 @@ var SHA2_64B = class extends HashMD {
       Gl = Fl | 0;
       Fh = Eh | 0;
       Fl = El | 0;
-      ({ h: Eh, l: El } = add(Dh | 0, Dl | 0, T1h | 0, T1l | 0));
-      Dh = Ch | 0;
-      Dl = Cl | 0;
-      Ch = Bh | 0;
-      Cl = Bl | 0;
-      Bh = Ah | 0;
-      Bl = Al | 0;
-      const All = add3L(T1l, sigma0l, MAJl);
-      Ah = add3H(All, T1h, sigma0h, MAJh);
-      Al = All | 0;
-    }
-    ({ h: Ah, l: Al } = add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0));
-    ({ h: Bh, l: Bl } = add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0));
-    ({ h: Ch, l: Cl } = add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0));
-    ({ h: Dh, l: Dl } = add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0));
-    ({ h: Eh, l: El } = add(this.Eh | 0, this.El | 0, Eh | 0, El | 0));
-    ({ h: Fh, l: Fl } = add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0));
-    ({ h: Gh, l: Gl } = add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0));
-    ({ h: Hh, l: Hl } = add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0));
-    this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
-  }
-  roundClean() {
-    clean(SHA512_W_H, SHA512_W_L);
-  }
-  destroy() {
-    clean(this.buffer);
-    this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-  }
-};
-var _SHA512 = class extends SHA2_64B {
-  Ah = SHA512_IV[0] | 0;
-  Al = SHA512_IV[1] | 0;
-  Bh = SHA512_IV[2] | 0;
-  Bl = SHA512_IV[3] | 0;
-  Ch = SHA512_IV[4] | 0;
-  Cl = SHA512_IV[5] | 0;
-  Dh = SHA512_IV[6] | 0;
-  Dl = SHA512_IV[7] | 0;
-  Eh = SHA512_IV[8] | 0;
-  El = SHA512_IV[9] | 0;
-  Fh = SHA512_IV[10] | 0;
-  Fl = SHA512_IV[11] | 0;
-  Gh = SHA512_IV[12] | 0;
-  Gl = SHA512_IV[13] | 0;
-  Hh = SHA512_IV[14] | 0;
-  Hl = SHA512_IV[15] | 0;
-  constructor() {
-    super(64);
-  }
-};
-var sha256 = /* @__PURE__ */ createHasher(
-  () => new _SHA256(),
-  /* @__PURE__ */ oidNist(1)
-);
-var sha512 = /* @__PURE__ */ createHasher(
-  () => new _SHA512(),
-  /* @__PURE__ */ oidNist(3)
-);
-
-// node_modules/@scure/base/index.js
-function isBytes3(a) {
-  return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
-}
-function isArrayOf(isString, arr) {
-  if (!Array.isArray(arr))
-    return false;
-  if (arr.length === 0)
-    return true;
-  if (isString) {
-    return arr.every((item) => typeof item === "string");
-  } else {
-    return arr.every((item) => Number.isSafeInteger(item));
-  }
-}
-function afn(input) {
-  if (typeof input !== "function")
-    throw new Error("function expected");
-  return true;
-}
-function astr(label, input) {
-  if (typeof input !== "string")
-    throw new Error(`${label}: string expected`);
-  return true;
-}
-function anumber2(n) {
-  if (!Number.isSafeInteger(n))
-    throw new Error(`invalid integer: ${n}`);
-}
-function aArr(input) {
-  if (!Array.isArray(input))
-    throw new Error("array expected");
-}
-function astrArr(label, input) {
-  if (!isArrayOf(true, input))
-    throw new Error(`${label}: array of strings expected`);
-}
-function anumArr(label, input) {
-  if (!isArrayOf(false, input))
-    throw new Error(`${label}: array of numbers expected`);
-}
-// @__NO_SIDE_EFFECTS__
-function chain(...args) {
-  const id = (a) => a;
-  const wrap = (a, b) => (c) => a(b(c));
-  const encode = args.map((x) => x.encode).reduceRight(wrap, id);
-  const decode = args.map((x) => x.decode).reduce(wrap, id);
-  return { encode, decode };
-}
-// @__NO_SIDE_EFFECTS__
-function alphabet(letters) {
-  const lettersA = typeof letters === "string" ? letters.split("") : letters;
-  const len = lettersA.length;
-  astrArr("alphabet", lettersA);
-  const indexes = new Map(lettersA.map((l, i) => [l, i]));
-  return {
-    encode: (digits) => {
-      aArr(digits);
-      return digits.map((i) => {
-        if (!Number.isSafeInteger(i) || i < 0 || i >= len)
-          throw new Error(`alphabet.encode: digit index outside alphabet "${i}". Allowed: ${letters}`);
-        return lettersA[i];
-      });
-    },
-    decode: (input) => {
-      aArr(input);
-      return input.map((letter) => {
-        astr("alphabet.decode", letter);
-        const i = indexes.get(letter);
-        if (i === void 0)
-          throw new Error(`Unknown letter: "${letter}". Allowed: ${letters}`);
-        return i;
-      });
-    }
-  };
-}
-// @__NO_SIDE_EFFECTS__
-function join(separator = "") {
-  astr("join", separator);
-  return {
-    encode: (from) => {
-      astrArr("join.decode", from);
-      return from.join(separator);
-    },
-    decode: (to) => {
-      astr("join.decode", to);
-      return to.split(separator);
-    }
-  };
-}
-// @__NO_SIDE_EFFECTS__
-function padding(bits, chr = "=") {
-  anumber2(bits);
-  astr("padding", chr);
-  return {
-    encode(data) {
-      astrArr("padding.encode", data);
-      while (data.length * bits % 8)
-        data.push(chr);
-      return data;
-    },
-    decode(input) {
-      astrArr("padding.decode", input);
-      let end = input.length;
-      if (end * bits % 8)
-        throw new Error("padding: invalid, string should have whole number of bytes");
-      for (; end > 0 && input[end - 1] === chr; end--) {
-        const last = end - 1;
-        const byte = last * bits;
-        if (byte % 8 === 0)
-          throw new Error("padding: invalid, string has too much padding");
-      }
-      return input.slice(0, end);
-    }
-  };
-}
-function convertRadix(data, from, to) {
-  if (from < 2)
-    throw new Error(`convertRadix: invalid from=${from}, base cannot be less than 2`);
-  if (to < 2)
-    throw new Error(`convertRadix: invalid to=${to}, base cannot be less than 2`);
-  aArr(data);
-  if (!data.length)
-    return [];
-  let pos = 0;
-  const res = [];
-  const digits = Array.from(data, (d) => {
-    anumber2(d);
-    if (d < 0 || d >= from)
-      throw new Error(`invalid integer: ${d}`);
-    return d;
-  });
-  const dlen = digits.length;
-  while (true) {
-    let carry = 0;
-    let done = true;
-    for (let i = pos; i < dlen; i++) {
-      const digit = digits[i];
-      const fromCarry = from * carry;
-      const digitBase = fromCarry + digit;
-      if (!Number.isSafeInteger(digitBase) || fromCarry / from !== carry || digitBase - digit !== fromCarry) {
-        throw new Error("convertRadix: carry overflow");
-      }
-      const div = digitBase / to;
-      carry = digitBase % to;
-      const rounded = Math.floor(div);
-      digits[i] = rounded;
-      if (!Number.isSafeInteger(rounded) || rounded * to + carry !== digitBase)
-        throw new Error("convertRadix: carry overflow");
-      if (!done)
-        continue;
-      else if (!rounded)
-        pos = i;
-      else
-        done = false;
+      ({ h: Eh, l: El } = add(Dh | 0, Dl | 0, T1h | 0, T1l | 0));
+      Dh = Ch | 0;
+      Dl = Cl | 0;
+      Ch = Bh | 0;
+      Cl = Bl | 0;
+      Bh = Ah | 0;
+      Bl = Al | 0;
+      const All = add3L(T1l, sigma0l, MAJl);
+      Ah = add3H(All, T1h, sigma0h, MAJh);
+      Al = All | 0;
     }
-    res.push(carry);
-    if (done)
-      break;
+    ({ h: Ah, l: Al } = add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0));
+    ({ h: Bh, l: Bl } = add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0));
+    ({ h: Ch, l: Cl } = add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0));
+    ({ h: Dh, l: Dl } = add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0));
+    ({ h: Eh, l: El } = add(this.Eh | 0, this.El | 0, Eh | 0, El | 0));
+    ({ h: Fh, l: Fl } = add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0));
+    ({ h: Gh, l: Gl } = add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0));
+    ({ h: Hh, l: Hl } = add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0));
+    this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
   }
-  for (let i = 0; i < data.length - 1 && data[i] === 0; i++)
-    res.push(0);
-  return res.reverse();
-}
-var gcd = (a, b) => b === 0 ? a : gcd(b, a % b);
-var radix2carry = /* @__NO_SIDE_EFFECTS__ */ (from, to) => from + (to - gcd(from, to));
-var powers = /* @__PURE__ */ (() => {
-  let res = [];
-  for (let i = 0; i < 40; i++)
-    res.push(2 ** i);
-  return res;
-})();
-function convertRadix2(data, from, to, padding2) {
-  aArr(data);
-  if (from <= 0 || from > 32)
-    throw new Error(`convertRadix2: wrong from=${from}`);
-  if (to <= 0 || to > 32)
-    throw new Error(`convertRadix2: wrong to=${to}`);
-  if (/* @__PURE__ */ radix2carry(from, to) > 32) {
-    throw new Error(`convertRadix2: carry overflow from=${from} to=${to} carryBits=${/* @__PURE__ */ radix2carry(from, to)}`);
+  roundClean() {
+    clean(SHA512_W_H, SHA512_W_L);
   }
-  let carry = 0;
-  let pos = 0;
-  const max = powers[from];
-  const mask = powers[to] - 1;
-  const res = [];
-  for (const n of data) {
-    anumber2(n);
-    if (n >= max)
-      throw new Error(`convertRadix2: invalid data word=${n} from=${from}`);
-    carry = carry << from | n;
-    if (pos + from > 32)
-      throw new Error(`convertRadix2: carry overflow pos=${pos} from=${from}`);
-    pos += from;
-    for (; pos >= to; pos -= to)
-      res.push((carry >> pos - to & mask) >>> 0);
-    const pow = powers[pos];
-    if (pow === void 0)
-      throw new Error("invalid carry");
-    carry &= pow - 1;
+  destroy() {
+    clean(this.buffer);
+    this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+  }
+};
+var _SHA512 = class extends SHA2_64B {
+  Ah = SHA512_IV[0] | 0;
+  Al = SHA512_IV[1] | 0;
+  Bh = SHA512_IV[2] | 0;
+  Bl = SHA512_IV[3] | 0;
+  Ch = SHA512_IV[4] | 0;
+  Cl = SHA512_IV[5] | 0;
+  Dh = SHA512_IV[6] | 0;
+  Dl = SHA512_IV[7] | 0;
+  Eh = SHA512_IV[8] | 0;
+  El = SHA512_IV[9] | 0;
+  Fh = SHA512_IV[10] | 0;
+  Fl = SHA512_IV[11] | 0;
+  Gh = SHA512_IV[12] | 0;
+  Gl = SHA512_IV[13] | 0;
+  Hh = SHA512_IV[14] | 0;
+  Hl = SHA512_IV[15] | 0;
+  constructor() {
+    super(64);
   }
-  carry = carry << to - pos & mask;
-  if (!padding2 && pos >= from)
-    throw new Error("Excess padding");
-  if (!padding2 && carry > 0)
-    throw new Error(`Non-zero padding: ${carry}`);
-  if (padding2 && pos > 0)
-    res.push(carry >>> 0);
-  return res;
-}
-// @__NO_SIDE_EFFECTS__
-function radix(num) {
-  anumber2(num);
-  const _256 = 2 ** 8;
-  return {
-    encode: (bytes) => {
-      if (!isBytes3(bytes))
-        throw new Error("radix.encode input should be Uint8Array");
-      return convertRadix(Array.from(bytes), _256, num);
-    },
-    decode: (digits) => {
-      anumArr("radix.decode", digits);
-      return Uint8Array.from(convertRadix(digits, num, _256));
-    }
-  };
-}
-// @__NO_SIDE_EFFECTS__
-function radix2(bits, revPadding = false) {
-  anumber2(bits);
-  if (bits <= 0 || bits > 32)
-    throw new Error("radix2: bits should be in (0..32]");
-  if (/* @__PURE__ */ radix2carry(8, bits) > 32 || /* @__PURE__ */ radix2carry(bits, 8) > 32)
-    throw new Error("radix2: carry overflow");
-  return {
-    encode: (bytes) => {
-      if (!isBytes3(bytes))
-        throw new Error("radix2.encode input should be Uint8Array");
-      return convertRadix2(Array.from(bytes), 8, bits, !revPadding);
-    },
-    decode: (digits) => {
-      anumArr("radix2.decode", digits);
-      return Uint8Array.from(convertRadix2(digits, bits, 8, revPadding));
-    }
-  };
-}
-function checksum(len, fn) {
-  anumber2(len);
-  afn(fn);
-  return {
-    encode(data) {
-      if (!isBytes3(data))
-        throw new Error("checksum.encode: input should be Uint8Array");
-      const sum = fn(data).slice(0, len);
-      const res = new Uint8Array(data.length + len);
-      res.set(data);
-      res.set(sum, data.length);
-      return res;
-    },
-    decode(data) {
-      if (!isBytes3(data))
-        throw new Error("checksum.decode: input should be Uint8Array");
-      const payload = data.slice(0, -len);
-      const oldChecksum = data.slice(-len);
-      const newChecksum = fn(payload).slice(0, len);
-      for (let i = 0; i < len; i++)
-        if (newChecksum[i] !== oldChecksum[i])
-          throw new Error("Invalid checksum");
-      return payload;
-    }
-  };
-}
-var utils = {
-  alphabet,
-  chain,
-  checksum,
-  convertRadix,
-  convertRadix2,
-  radix,
-  radix2,
-  join,
-  padding
 };
-var genBase58 = /* @__NO_SIDE_EFFECTS__ */ (abc) => /* @__PURE__ */ chain(/* @__PURE__ */ radix(58), /* @__PURE__ */ alphabet(abc), /* @__PURE__ */ join(""));
-var base58 = /* @__PURE__ */ genBase58("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
+var sha256 = /* @__PURE__ */ createHasher(
+  () => new _SHA256(),
+  /* @__PURE__ */ oidNist(1)
+);
+var sha512 = /* @__PURE__ */ createHasher(
+  () => new _SHA512(),
+  /* @__PURE__ */ oidNist(3)
+);
+
+// src/crypto/public-key.ts
+init_base();
 
 // src/crypto/utils.ts
-function isOnCurve(bytes) {
+function isOnCurve(bytes2) {
   try {
-    Point.fromBytes(bytes);
+    Point.fromBytes(bytes2);
     return true;
   } catch {
     return false;
@@ -1773,11 +2036,11 @@ var PDA_MARKER = new TextEncoder().encode("ProgramDerivedAddress");
 var MAX_BUMP_SEED = 255;
 var PublicKey = class _PublicKey {
   bytes;
-  constructor(bytes) {
-    if (bytes.length !== PUBLIC_KEY_LENGTH) {
-      throw CryptoError.invalidKeyLength(PUBLIC_KEY_LENGTH, bytes.length);
+  constructor(bytes2) {
+    if (bytes2.length !== PUBLIC_KEY_LENGTH) {
+      throw CryptoError.invalidKeyLength(PUBLIC_KEY_LENGTH, bytes2.length);
     }
-    this.bytes = new Uint8Array(bytes);
+    this.bytes = new Uint8Array(bytes2);
   }
   /**
    * Creates a PublicKey from raw bytes.
@@ -1785,8 +2048,8 @@ var PublicKey = class _PublicKey {
    * @param bytes - 32-byte Ed25519 public key
    * @throws {CryptoError} If bytes length is not 32
    */
-  static fromBytes(bytes) {
-    return new _PublicKey(bytes);
+  static fromBytes(bytes2) {
+    return new _PublicKey(bytes2);
   }
   /**
    * Creates a PublicKey from a base58-encoded string.
@@ -1794,15 +2057,15 @@ var PublicKey = class _PublicKey {
    * @param str - Base58-encoded public key
    * @throws {CryptoError} If string is invalid or decodes to wrong length
    */
-  static fromString(str) {
+  static fromString(str2) {
     try {
-      const bytes = base58.decode(str);
-      return new _PublicKey(bytes);
+      const bytes2 = base58.decode(str2);
+      return new _PublicKey(bytes2);
     } catch (error) {
       throw new CryptoError(
         "INVALID_PUBLIC_KEY" /* INVALID_PUBLIC_KEY */,
         `Invalid base58 public key: ${error instanceof Error ? error.message : "unknown error"}`,
-        { input: str }
+        { input: str2 }
       );
     }
   }
@@ -1840,14 +2103,14 @@ var PublicKey = class _PublicKey {
     }
     const seedBytes = [];
     for (let i = 0; i < seeds.length; i++) {
-      const bytes = seedToBytes(seeds[i]);
-      if (bytes.length > MAX_SEED_LENGTH) {
+      const bytes2 = seedToBytes(seeds[i]);
+      if (bytes2.length > MAX_SEED_LENGTH) {
         throw new CryptoError(
           "MAX_SEED_LENGTH_EXCEEDED" /* MAX_SEED_LENGTH_EXCEEDED */,
           `Seed[${i}] exceeds ${MAX_SEED_LENGTH} bytes`
         );
       }
-      seedBytes.push(bytes);
+      seedBytes.push(bytes2);
     }
     const hash = sha256(concatBytes2(...seedBytes, programId.bytes, PDA_MARKER));
     if (isOnCurve(hash)) {
@@ -2006,13 +2269,14 @@ var PublicKey = class _PublicKey {
 };
 
 // src/crypto/signature.ts
+init_base();
 var Signature = class _Signature {
   bytes;
-  constructor(bytes) {
-    if (bytes.length !== SIGNATURE_LENGTH) {
-      throw CryptoError.invalidKeyLength(SIGNATURE_LENGTH, bytes.length);
+  constructor(bytes2) {
+    if (bytes2.length !== SIGNATURE_LENGTH) {
+      throw CryptoError.invalidKeyLength(SIGNATURE_LENGTH, bytes2.length);
     }
-    this.bytes = new Uint8Array(bytes);
+    this.bytes = new Uint8Array(bytes2);
   }
   /**
    * Creates a Signature from raw bytes.
@@ -2020,8 +2284,8 @@ var Signature = class _Signature {
    * @param bytes - 64-byte Ed25519 signature
    * @throws {CryptoError} If bytes length is not 64
    */
-  static fromBytes(bytes) {
-    return new _Signature(bytes);
+  static fromBytes(bytes2) {
+    return new _Signature(bytes2);
   }
   /**
    * Creates a Signature from a base58-encoded string.
@@ -2029,15 +2293,15 @@ var Signature = class _Signature {
    * @param str - Base58-encoded signature
    * @throws {CryptoError} If string is invalid or decodes to wrong length
    */
-  static fromString(str) {
+  static fromString(str2) {
     try {
-      const bytes = base58.decode(str);
-      return new _Signature(bytes);
+      const bytes2 = base58.decode(str2);
+      return new _Signature(bytes2);
     } catch (error) {
       throw new CryptoError(
         "INVALID_SIGNATURE" /* INVALID_SIGNATURE */,
         `Invalid base58 signature: ${error instanceof Error ? error.message : "unknown error"}`,
-        { input: str }
+        { input: str2 }
       );
     }
   }
@@ -2259,14 +2523,14 @@ function anumber3(n, title = "") {
     throw new Error(`${prefix}expected integer >= 0, got ${n}`);
   }
 }
-function abytes3(value, length, title = "") {
-  const bytes = isBytes4(value);
+function abytes4(value, length, title = "") {
+  const bytes2 = isBytes4(value);
   const len = value?.length;
   const needsLen = length !== void 0;
-  if (!bytes || needsLen && len !== length) {
+  if (!bytes2 || needsLen && len !== length) {
     const prefix = title && `"${title}" `;
     const ofLen = needsLen ? ` of length ${length}` : "";
-    const got = bytes ? `length=${len}` : `type=${typeof value}`;
+    const got = bytes2 ? `length=${len}` : `type=${typeof value}`;
     throw new Error(prefix + "expected Uint8Array" + ofLen + ", got " + got);
   }
   return value;
@@ -2284,7 +2548,7 @@ function aexists2(instance, checkFinished = true) {
     throw new Error("Hash#digest() has already been called");
 }
 function aoutput2(out, instance) {
-  abytes3(out, void 0, "digestInto() output");
+  abytes4(out, void 0, "digestInto() output");
   const min = instance.outputLen;
   if (out.length < min) {
     throw new Error('"digestInto() output" expected to be of length >=' + min);
@@ -2314,15 +2578,15 @@ async function asyncLoop(iters, tick, cb) {
     ts += diff;
   }
 }
-function utf8ToBytes(str) {
-  if (typeof str !== "string")
+function utf8ToBytes(str2) {
+  if (typeof str2 !== "string")
     throw new Error("string expected");
-  return new Uint8Array(new TextEncoder().encode(str));
+  return new Uint8Array(new TextEncoder().encode(str2));
 }
 function kdfInputToBytes(data, errorTitle = "") {
   if (typeof data === "string")
     return utf8ToBytes(data);
-  return abytes3(data, void 0, errorTitle);
+  return abytes4(data, void 0, errorTitle);
 }
 function checkOpts(defaults, opts) {
   if (opts !== void 0 && {}.toString.call(opts) !== "[object Object]")
@@ -2359,7 +2623,7 @@ var _HMAC2 = class {
   destroyed = false;
   constructor(hash, key) {
     ahash2(hash);
-    abytes3(key, void 0, "key");
+    abytes4(key, void 0, "key");
     this.iHash = hash.create();
     if (typeof this.iHash.update !== "function")
       throw new Error("Expected instance of class which extends utils.Hash");
@@ -2384,7 +2648,7 @@ var _HMAC2 = class {
   }
   digestInto(out) {
     aexists2(this);
-    abytes3(out, this.outputLen, "output");
+    abytes4(out, this.outputLen, "output");
     this.finished = true;
     this.iHash.digestInto(out);
     this.oHash.update(out);
@@ -2494,7 +2758,7 @@ var HashMD2 = class {
   }
   update(data) {
     aexists2(this);
-    abytes3(data);
+    abytes4(data);
     const { view, buffer, blockLen } = this;
     const len = data.length;
     for (let pos = 0; pos < len; ) {
@@ -2988,21 +3252,22 @@ var sha5122 = /* @__PURE__ */ createHasher2(
 );
 
 // node_modules/@scure/bip39/index.js
+init_base();
 var isJapanese = (wordlist2) => wordlist2[0] === "\u3042\u3044\u3053\u304F\u3057\u3093";
-function nfkd(str) {
-  if (typeof str !== "string")
-    throw new TypeError("invalid mnemonic type: " + typeof str);
-  return str.normalize("NFKD");
+function nfkd(str2) {
+  if (typeof str2 !== "string")
+    throw new TypeError("invalid mnemonic type: " + typeof str2);
+  return str2.normalize("NFKD");
 }
-function normalize(str) {
-  const norm = nfkd(str);
+function normalize2(str2) {
+  const norm = nfkd(str2);
   const words = norm.split(" ");
   if (![12, 15, 18, 21, 24].includes(words.length))
     throw new Error("Invalid mnemonic");
   return { nfkd: norm, words };
 }
 function aentropy(ent) {
-  abytes3(ent);
+  abytes4(ent);
   if (![16, 20, 24, 28, 32].includes(ent.length))
     throw new Error("invalid entropy length");
 }
@@ -3026,7 +3291,7 @@ function getCoder(wordlist2) {
   return utils.chain(utils.checksum(1, calcChecksum), utils.radix2(11, true), utils.alphabet(wordlist2));
 }
 function mnemonicToEntropy(mnemonic, wordlist2) {
-  const { words } = normalize(mnemonic);
+  const { words } = normalize2(mnemonic);
   const entropy = getCoder(wordlist2).decode(words);
   aentropy(entropy);
   return entropy;
@@ -3046,7 +3311,7 @@ function validateMnemonic(mnemonic, wordlist2) {
 }
 var psalt = (passphrase) => nfkd("mnemonic" + passphrase);
 function mnemonicToSeed(mnemonic, passphrase = "") {
-  return pbkdf2Async(sha5122, normalize(mnemonic).nfkd, psalt(passphrase), { c: 2048, dkLen: 64 });
+  return pbkdf2Async(sha5122, normalize2(mnemonic).nfkd, psalt(passphrase), { c: 2048, dkLen: 64 });
 }
 
 // node_modules/@scure/bip39/wordlists/english.js
@@ -5431,54 +5696,350 @@ var RialoError = class _RialoError extends Error {
     );
   }
   /**
-   * Creates a password error.
+   * Creates a password error.
+   */
+  static password(message) {
+    return new _RialoError(
+      "PASSWORD" /* PASSWORD */,
+      `Password error: ${message}`
+    );
+  }
+  /**
+   * Creates an encryption error.
+   */
+  static encryption(message) {
+    return new _RialoError(
+      "ENCRYPTION" /* ENCRYPTION */,
+      `Encryption error: ${message}`
+    );
+  }
+  /**
+   * Creates a JSON error.
+   */
+  static json(message, cause) {
+    return new _RialoError("JSON" /* JSON */, `JSON error: ${message}`, cause);
+  }
+  /**
+   * Creates a BIP32 error.
+   */
+  static bip32(message) {
+    return new _RialoError("BIP32" /* BIP32 */, `BIP32 error: ${message}`);
+  }
+  /**
+   * Creates an invalid input error.
+   */
+  static invalidInput(message) {
+    return new _RialoError(
+      "INVALID_INPUT" /* INVALID_INPUT */,
+      `Invalid input: ${message}`
+    );
+  }
+  /**
+   * Creates a serialization error.
+   */
+  static serialization(message) {
+    return new _RialoError(
+      "SERIALIZATION" /* SERIALIZATION */,
+      `Serialization error: ${message}`
+    );
+  }
+};
+
+// src/rex/errors.ts
+var HpkeErrorCode = /* @__PURE__ */ ((HpkeErrorCode2) => {
+  HpkeErrorCode2["INVALID_KEY_LENGTH"] = "INVALID_KEY_LENGTH";
+  HpkeErrorCode2["CIPHERTEXT_TOO_SHORT"] = "CIPHERTEXT_TOO_SHORT";
+  HpkeErrorCode2["ENCRYPTION_FAILED"] = "ENCRYPTION_FAILED";
+  HpkeErrorCode2["BORSH_DESERIALIZE_FAILED"] = "BORSH_DESERIALIZE_FAILED";
+  HpkeErrorCode2["INVALID_REX_VALUE"] = "INVALID_REX_VALUE";
+  return HpkeErrorCode2;
+})(HpkeErrorCode || {});
+var HpkeError = class _HpkeError extends Error {
+  code;
+  cause;
+  constructor(code, message, cause) {
+    super(message);
+    this.name = "HpkeError";
+    this.code = code;
+    this.cause = cause;
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, _HpkeError);
+    }
+  }
+  /**
+   * Create an error for invalid key length.
+   *
+   * @param expected - Expected key length in bytes
+   * @param actual - Actual key length in bytes
+   * @param keyType - Description of the key type (e.g., "REX public key")
+   */
+  static invalidKeyLength(expected, actual, keyType) {
+    return new _HpkeError(
+      "INVALID_KEY_LENGTH" /* INVALID_KEY_LENGTH */,
+      `Invalid ${keyType} length: expected ${expected} bytes, got ${actual}`
+    );
+  }
+  /**
+   * Create an error for ciphertext that is too short.
+   *
+   * @param minLength - Minimum required length
+   * @param actual - Actual length
+   */
+  static ciphertextTooShort(minLength, actual) {
+    return new _HpkeError(
+      "CIPHERTEXT_TOO_SHORT" /* CIPHERTEXT_TOO_SHORT */,
+      `Ciphertext too short: minimum ${minLength} bytes required, got ${actual}`
+    );
+  }
+  /**
+   * Create an error for encryption failure.
+   *
+   * @param cause - The underlying error
+   */
+  static encryptionFailed(cause) {
+    return new _HpkeError(
+      "ENCRYPTION_FAILED" /* ENCRYPTION_FAILED */,
+      `HPKE encryption failed: ${cause.message}`,
+      cause
+    );
+  }
+  /**
+   * Create an error for Borsh deserialization failure.
+   *
+   * @param cause - The underlying error
+   */
+  static borshDeserializeFailed(cause) {
+    return new _HpkeError(
+      "BORSH_DESERIALIZE_FAILED" /* BORSH_DESERIALIZE_FAILED */,
+      `Borsh deserialization failed: ${cause.message}`,
+      cause
+    );
+  }
+  /**
+   * Create an error for invalid RexValue variant.
+   *
+   * @param variant - The invalid variant byte
+   */
+  static invalidRexValue(variant) {
+    return new _HpkeError(
+      "INVALID_REX_VALUE" /* INVALID_REX_VALUE */,
+      `Invalid RexValue variant: ${variant}`
+    );
+  }
+};
+
+// src/rex/constants.ts
+var USER_SECRET_AAD = new TextEncoder().encode("rex-secret-v1");
+var SECRET_SHARING_HPKE_INFO = new TextEncoder().encode(
+  "rialo/tee/secret-sharing-hpke/v1"
+);
+var X25519_PUBLIC_KEY_LENGTH = 32;
+var ED25519_PUBLIC_KEY_LENGTH = 32;
+var HPKE_ENC_LENGTH = 32;
+var CHACHA20_POLY1305_TAG_LENGTH = 16;
+var HPKE_OVERHEAD_LENGTH = HPKE_ENC_LENGTH + CHACHA20_POLY1305_TAG_LENGTH;
+
+// src/rex/rex-value.ts
+var RexValueVariant = /* @__PURE__ */ ((RexValueVariant2) => {
+  RexValueVariant2[RexValueVariant2["Plain"] = 0] = "Plain";
+  RexValueVariant2[RexValueVariant2["Encrypted"] = 1] = "Encrypted";
+  return RexValueVariant2;
+})(RexValueVariant || {});
+var RexValue = class _RexValue {
+  variant;
+  data;
+  constructor(variant, data) {
+    this.variant = variant;
+    this.data = data;
+  }
+  /**
+   * Create a plain (unencrypted) RexValue from raw bytes.
+   *
+   * @param data - The raw byte data
+   * @returns A new RexValue with Plain variant
+   */
+  static plain(data) {
+    return new _RexValue(0 /* Plain */, data);
+  }
+  /**
+   * Create a plain (unencrypted) RexValue from a UTF-8 string.
+   *
+   * @param s - The string to encode
+   * @returns A new RexValue with Plain variant
+   */
+  static plainString(s) {
+    return new _RexValue(
+      0 /* Plain */,
+      new TextEncoder().encode(s)
+    );
+  }
+  /**
+   * Create an encrypted RexValue from HPKE ciphertext.
+   *
+   * @param ciphertext - The HPKE-encrypted ciphertext (enc || ct || tag)
+   * @returns A new RexValue with Encrypted variant
+   */
+  static encrypted(ciphertext) {
+    return new _RexValue(1 /* Encrypted */, ciphertext);
+  }
+  /**
+   * Check if this is a plain (unencrypted) value.
    */
-  static password(message) {
-    return new _RialoError(
-      "PASSWORD" /* PASSWORD */,
-      `Password error: ${message}`
-    );
+  isPlain() {
+    return this.variant === 0 /* Plain */;
   }
   /**
-   * Creates an encryption error.
+   * Check if this is an encrypted value.
    */
-  static encryption(message) {
-    return new _RialoError(
-      "ENCRYPTION" /* ENCRYPTION */,
-      `Encryption error: ${message}`
-    );
+  isEncrypted() {
+    return this.variant === 1 /* Encrypted */;
   }
   /**
-   * Creates a JSON error.
+   * Get the variant type.
    */
-  static json(message, cause) {
-    return new _RialoError("JSON" /* JSON */, `JSON error: ${message}`, cause);
+  getVariant() {
+    return this.variant;
   }
   /**
-   * Creates a BIP32 error.
+   * Get the raw bytes (plaintext or ciphertext).
+   *
+   * For Plain values, returns the plaintext.
+   * For Encrypted values, returns the ciphertext.
    */
-  static bip32(message) {
-    return new _RialoError("BIP32" /* BIP32 */, `BIP32 error: ${message}`);
+  asBytes() {
+    return this.data;
   }
   /**
-   * Creates an invalid input error.
+   * Try to decode the plain value as a UTF-8 string.
+   *
+   * @returns The decoded string, or null if encrypted or not valid UTF-8
    */
-  static invalidInput(message) {
-    return new _RialoError(
-      "INVALID_INPUT" /* INVALID_INPUT */,
-      `Invalid input: ${message}`
-    );
+  asString() {
+    if (!this.isPlain()) {
+      return null;
+    }
+    try {
+      return new TextDecoder("utf-8", { fatal: true }).decode(this.data);
+    } catch {
+      return null;
+    }
   }
   /**
-   * Creates a serialization error.
+   * Serialize to Borsh format.
+   *
+   * Format: `[variant: u8] [length: u32 LE] [data bytes]`
+   *
+   * @returns The Borsh-serialized bytes
    */
-  static serialization(message) {
-    return new _RialoError(
-      "SERIALIZATION" /* SERIALIZATION */,
-      `Serialization error: ${message}`
-    );
+  toBorsh() {
+    const result = new Uint8Array(1 + 4 + this.data.length);
+    result[0] = this.variant;
+    const dataView = new DataView(result.buffer);
+    dataView.setUint32(1, this.data.length, true);
+    result.set(this.data, 5);
+    return result;
+  }
+  /**
+   * Deserialize from Borsh format.
+   *
+   * @param data - The Borsh-serialized bytes
+   * @returns A new RexValue
+   * @throws {HpkeError} If deserialization fails
+   */
+  static fromBorsh(data) {
+    if (data.length < 5) {
+      throw HpkeError.borshDeserializeFailed(
+        new Error(`Buffer too short: expected at least 5 bytes, got ${data.length}`)
+      );
+    }
+    const variant = data[0];
+    if (variant !== 0 /* Plain */ && variant !== 1 /* Encrypted */) {
+      throw HpkeError.invalidRexValue(variant);
+    }
+    const dataView = new DataView(data.buffer, data.byteOffset, data.byteLength);
+    const length = dataView.getUint32(1, true);
+    if (data.length < 5 + length) {
+      throw HpkeError.borshDeserializeFailed(
+        new Error(`Buffer too short: expected ${5 + length} bytes, got ${data.length}`)
+      );
+    }
+    const payload = data.slice(5, 5 + length);
+    return new _RexValue(variant, payload);
   }
 };
+var hpkeSuite = new core.CipherSuite({
+  kem: new core.DhkemX25519HkdfSha256(),
+  kdf: new core.HkdfSha256(),
+  aead: new chacha20poly1305.Chacha20Poly1305()
+});
+function buildAad(senderPubkey) {
+  const aad = new Uint8Array(USER_SECRET_AAD.length + senderPubkey.length);
+  aad.set(USER_SECRET_AAD, 0);
+  aad.set(senderPubkey, USER_SECRET_AAD.length);
+  return aad;
+}
+async function hpkeEncrypt(rexPubkey, data, senderPubkey) {
+  if (rexPubkey.length !== X25519_PUBLIC_KEY_LENGTH) {
+    throw HpkeError.invalidKeyLength(
+      X25519_PUBLIC_KEY_LENGTH,
+      rexPubkey.length,
+      "REX public key"
+    );
+  }
+  if (senderPubkey.length !== ED25519_PUBLIC_KEY_LENGTH) {
+    throw HpkeError.invalidKeyLength(
+      ED25519_PUBLIC_KEY_LENGTH,
+      senderPubkey.length,
+      "sender public key"
+    );
+  }
+  try {
+    const recipientKey = await hpkeSuite.kem.importKey(
+      "raw",
+      rexPubkey.buffer.slice(
+        rexPubkey.byteOffset,
+        rexPubkey.byteOffset + rexPubkey.byteLength
+      )
+    );
+    const sender = await hpkeSuite.createSenderContext({
+      recipientPublicKey: recipientKey,
+      info: SECRET_SHARING_HPKE_INFO.buffer.slice(
+        SECRET_SHARING_HPKE_INFO.byteOffset,
+        SECRET_SHARING_HPKE_INFO.byteOffset + SECRET_SHARING_HPKE_INFO.byteLength
+      )
+    });
+    const aad = buildAad(senderPubkey);
+    const ciphertext = await sender.seal(
+      data.buffer.slice(
+        data.byteOffset,
+        data.byteOffset + data.byteLength
+      ),
+      aad.buffer.slice(
+        aad.byteOffset,
+        aad.byteOffset + aad.byteLength
+      )
+    );
+    const enc = new Uint8Array(sender.enc);
+    const result = new Uint8Array(enc.length + ciphertext.byteLength);
+    result.set(enc, 0);
+    result.set(new Uint8Array(ciphertext), enc.length);
+    return result;
+  } catch (error) {
+    throw HpkeError.encryptionFailed(
+      error instanceof Error ? error : new Error(String(error))
+    );
+  }
+}
+async function encryptForRex(rexPubkey, data, senderPubkey) {
+  const ciphertext = await hpkeEncrypt(rexPubkey, data, senderPubkey);
+  return RexValue.encrypted(ciphertext);
+}
+function getCiphertextLength(plaintextLength) {
+  return HPKE_OVERHEAD_LENGTH + plaintextLength;
+}
+function isValidCiphertextLength(ciphertext) {
+  return ciphertext.length >= HPKE_OVERHEAD_LENGTH;
+}
 
 // src/rpc/errors.ts
 var RpcErrorCode = /* @__PURE__ */ ((RpcErrorCode2) => {
@@ -5645,60 +6206,28 @@ var BaseRpcClient = class {
   getUrl() {
     return this.transport.getUrl();
   }
+  /**
+   * Call an arbitrary RPC method with a JSON string body.
+   *
+   * Escape hatch for methods not yet in the typed interface.
+   *
+   * @param method - The RPC method name
+   * @param params - JSON string of parameters
+   * @returns JSON string of the result
+   */
+  async callWithJson(method, params) {
+    const parsedParams = JSON.parse(params);
+    const result = await this.call(method, parsedParams);
+    return JSON.stringify(result);
+  }
 };
 
-// src/utils.ts
-function toBase64(bytes) {
-  if (typeof btoa !== "undefined") {
-    const chunkSize = 8192;
-    let result = "";
-    for (let i = 0; i < bytes.length; i += chunkSize) {
-      const chunk = bytes.slice(i, i + chunkSize);
-      result += String.fromCharCode(...chunk);
-    }
-    return btoa(result);
-  }
-  if (typeof Buffer !== "undefined") {
-    return Buffer.from(bytes).toString("base64");
-  }
-  throw new Error("No base64 encoding available in this environment");
-}
-function fromBase64(base64) {
-  if (typeof atob !== "undefined") {
-    const binary = atob(base64);
-    const bytes = new Uint8Array(binary.length);
-    for (let i = 0; i < binary.length; i++) {
-      bytes[i] = binary.charCodeAt(i);
-    }
-    return bytes;
-  }
-  if (typeof Buffer !== "undefined") {
-    return new Uint8Array(Buffer.from(base64, "base64"));
-  }
-  throw new Error("No base64 decoding available in this environment");
-}
-function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}
-function calculateBackoff(attempt, baseMs = 1e3, maxMs = 3e4) {
-  const exponentialDelay = baseMs * 2 ** attempt;
-  const jitter = Math.random() * 0.3 * exponentialDelay;
-  return Math.min(exponentialDelay + jitter, maxMs);
-}
-function getDevnetUrl() {
-  return URL_DEVNET;
-}
-function getTestnetUrl() {
-  return URL_TESTNET;
-}
-function getMainnetUrl() {
-  return URL_MAINNET;
-}
-function getLocalnetUrl() {
-  return URL_LOCALNET;
-}
+// src/generated/rpc-client.ts
+var RpcClient = class {
+};
 
 // src/rpc/clients/query-client.ts
+init_base();
 var QueryRpcClient = class extends BaseRpcClient {
   /**
    * Retrieve the balance of an account in kelvins (smallest unit).
@@ -5743,11 +6272,12 @@ var QueryRpcClient = class extends BaseRpcClient {
       return null;
     }
     return {
-      balance: BigInt(result.value.kelvin),
+      kelvin: BigInt(result.value.kelvin),
       owner: PublicKey.fromString(result.value.owner),
-      data: fromBase64(result.value.data[0]),
+      data: result.value.data,
       executable: result.value.executable,
-      rentEpoch: BigInt(result.value.rentEpoch)
+      rentEpoch: BigInt(result.value.rentEpoch),
+      space: BigInt(result.value.space ?? 0)
     };
   }
   /**
@@ -5798,37 +6328,6 @@ var QueryRpcClient = class extends BaseRpcClient {
       err: signature.err
     }));
   }
-  /**
-   * Retrieve detailed information about a confirmed transaction.
-   *
-   * Returns transaction metadata including the block height it was
-   * confirmed in and any execution errors.
-   *
-   * @param signature - The transaction signature to query
-   * @returns Transaction information, or null if the transaction is not found
-   *
-   * @example
-   * ```typescript
-   * const tx = await client.getTransaction(signature);
-   * if (tx) {
-   *   console.log(`Confirmed in block: ${tx.blockHeight}`);
-   *   if (tx.err) {
-   *     console.log(`Transaction failed: ${tx.err}`);
-   *   }
-   * }
-   * ```
-   */
-  async getTransaction(signature) {
-    const result = await this.call("getTransaction", [{ signature }]);
-    if (!result) {
-      return null;
-    }
-    return {
-      signature,
-      blockHeight: result.block_height ? BigInt(result.block_height) : void 0,
-      err: result.err ?? result.meta?.err ?? void 0
-    };
-  }
   /**
    * Retrieve the total number of transactions processed since genesis.
    *
@@ -5993,11 +6492,12 @@ var QueryRpcClient = class extends BaseRpcClient {
         return null;
       }
       return {
-        balance: BigInt(account.kelvin),
+        kelvin: BigInt(account.kelvin),
         owner: PublicKey.fromString(account.owner),
-        data: fromBase64(account.data[0]),
+        data: account.data,
         executable: account.executable,
-        rentEpoch: BigInt(account.rentEpoch)
+        rentEpoch: BigInt(account.rentEpoch),
+        space: BigInt(account.space ?? 0)
       };
     });
   }
@@ -6031,22 +6531,24 @@ var QueryRpcClient = class extends BaseRpcClient {
         } : void 0
       }
     ]);
-    return {
-      value: result.value.map(({ pubkey, account }) => ({
+    const accounts = result.value.map(
+      ({ pubkey, account }) => ({
         pubkey: PublicKey.fromString(pubkey),
         account: {
-          balance: BigInt(account.kelvin),
+          kelvin: BigInt(account.kelvin),
           owner: PublicKey.fromString(account.owner),
-          data: fromBase64(account.data[0]),
+          data: account.data,
           executable: account.executable,
-          rentEpoch: BigInt(account.rentEpoch)
+          rentEpoch: BigInt(account.rentEpoch),
+          space: BigInt(account.space ?? 0)
         }
-      })),
-      pagination: result.pagination ? {
-        hasMore: result.pagination.has_more,
-        nextCursor: result.pagination.next_cursor
-      } : void 0
-    };
+      })
+    );
+    const pagination = result.pagination ? {
+      hasMore: result.pagination.has_more,
+      nextCursor: result.pagination.next_cursor
+    } : void 0;
+    return [accounts, pagination];
   }
   /**
    * Get workflow lineage information for tracking execution history.
@@ -6088,11 +6590,11 @@ var QueryRpcClient = class extends BaseRpcClient {
           },
           subscriptions: node.subscriptions,
           triggeredBy: node.triggeredBy ? {
-            event: node.triggeredBy.event,
+            event: { topic: node.triggeredBy.event.topic },
             subscriptionPubkey: node.triggeredBy.subscriptionPubkey,
             timestampRange: node.triggeredBy.timestampRange ? {
-              from: BigInt(node.triggeredBy.timestampRange.from),
-              to: BigInt(node.triggeredBy.timestampRange.to)
+              start: BigInt(node.triggeredBy.timestampRange.from),
+              end: BigInt(node.triggeredBy.timestampRange.to)
             } : void 0,
             eventAccount: node.triggeredBy.eventAccount
           } : void 0,
@@ -6107,68 +6609,494 @@ var QueryRpcClient = class extends BaseRpcClient {
     };
   }
   /**
-   * Get subscriptions for a given subscriber address.
+   * Get subscriptions for a given subscriber address.
+   *
+   * Returns subscriptions that will trigger transactions when matching events occur.
+   *
+   * @param subscriber - The subscriber's public key
+   * @param nonce - The nonce identifying the subscription
+   * @returns The subscription for the subscriber and nonce
+   *
+   * @example
+   * ```typescript
+   * const subscription = await client.getSubscription(subscriberPubkey, "my-nonce");
+   * console.log(`Topic: ${subscription.topic}, Kind: ${subscription.kind}`);
+   * ```
+   */
+  async getSubscription(subscriber, nonce) {
+    const result = await this.call("getSubscription", [
+      {
+        subscriber: subscriber.toString(),
+        nonce
+      }
+    ]);
+    const sub = result.subscription;
+    return {
+      kind: sub.kind,
+      topic: sub.topic,
+      instructions: sub.instructions,
+      subscriber: sub.subscriber,
+      eventAccount: sub.eventAccount,
+      timestampRange: sub.timestampRange ? [BigInt(sub.timestampRange[0]), BigInt(sub.timestampRange[1])] : void 0
+    };
+  }
+  /**
+   * Get transactions triggered by a subscription account.
+   *
+   * Returns the history of transactions that were automatically executed
+   * in response to subscription matches.
+   *
+   * @param subscriptionAccount - The subscription account public key
+   * @param limit - Optional limit on transactions returned
+   * @returns Triggered transactions for the subscription
+   *
+   * @example
+   * ```typescript
+   * const result = await client.getTriggeredTransactions(subscriptionPubkey, 10);
+   * result.transactions.forEach(tx => {
+   *   console.log(`Signature: ${tx.signature}, Block: ${tx.blockNumber}`);
+   * });
+   * ```
+   */
+  async getTriggeredTransactions(subscriptionAccount, limit) {
+    const params = [subscriptionAccount.toString()];
+    if (limit !== void 0) {
+      params.push(limit.toString());
+    }
+    const result = await this.call("getTriggeredTransactions", params);
+    return result.transactions.map((tx) => ({
+      signature: tx.signature,
+      blockNumber: BigInt(tx.block_number)
+    }));
+  }
+  /**
+   * Retrieve the REX X25519 public key for secret sharing encryption.
+   *
+   * This key is used for HPKE encryption when sending encrypted data
+   * that should only be decryptable within the REX execution environment.
+   *
+   * @returns The REX X25519 public key as a 32-byte Uint8Array
+   *
+   * @example
+   * ```typescript
+   * import { encryptForREX } from "@rialo/ts-cdk";
+   *
+   * // Get the REX public key
+   * const rexPubkey = await client.getSecretSharingPubkey();
+   *
+   * // Use it for HPKE encryption
+   * const encrypted = await encryptForRex(
+   *   rexPubkey,
+   *   new TextEncoder().encode("secret data"),
+   *   keypair.publicKey.toBytes()
+   * );
+   * ```
+   */
+  async getSecretSharingPubkey() {
+    const result = await this.call(
+      "getSecretSharingPubkey",
+      []
+    );
+    const hexString = result.public_key;
+    const bytes2 = new Uint8Array(hexString.length / 2);
+    for (let i = 0; i < bytes2.length; i++) {
+      bytes2[i] = Number.parseInt(hexString.slice(i * 2, i * 2 + 2), 16);
+    }
+    return bytes2;
+  }
+  /**
+   * Get the config hash prefix for replay protection.
+   *
+   * Returns the first 64 bits of the config hash, which is used
+   * for transaction replay protection across chains.
+   *
+   * @returns The config hash prefix as a bigint
+   *
+   * @example
+   * ```typescript
+   * const configHashPrefix = await client.getConfigHashPrefix();
+   * const tx = TransactionBuilder.create()
+   *   .setPayer(payer)
+   *   .setValidFrom(validFrom)
+   *   .setConfigHashPrefix(configHashPrefix)
+   *   .addInstruction(instruction)
+   *   .build();
+   * ```
+   */
+  async getConfigHashPrefix() {
+    const body = JSON.stringify({
+      jsonrpc: "2.0",
+      id: 1,
+      method: "getRecentValidatorConfigHash",
+      params: [{}]
+    });
+    const response = await fetch(this.transport.getUrl(), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body
+    });
+    const text = await response.text();
+    const match = text.match(/"configHashPrefix"\s*:\s*(\d+)/);
+    if (!match) {
+      throw new Error(
+        `Failed to parse configHashPrefix from RPC response: ${text}`
+      );
+    }
+    return BigInt(match[1]);
+  }
+  /**
+   * Retrieve the current block height with an optional minimum context slot.
+   *
+   * When minContextSlot is provided, the RPC will only return a result
+   * if the node has processed at least that slot.
+   *
+   * @param minContextSlot - Minimum slot the node must have processed
+   * @returns The current block height
+   */
+  async getBlockHeightWithConfig(minContextSlot) {
+    if (minContextSlot !== void 0) {
+      const result = await this.call("getBlockHeight", [
+        { min_context_slot: Number(minContextSlot) }
+      ]);
+      return BigInt(result);
+    }
+    return await this.getBlockHeight();
+  }
+  /**
+   * Retrieve full transaction details by signature.
+   *
+   * Returns the complete transaction including metadata (fee, errors, logs),
+   * the transaction body (signatures, message, instructions), and block context.
+   *
+   * @param sig - Transaction signature (Uint8Array)
+   * @returns Full transaction response with block height, metadata, and body
+   */
+  async getTransactionDetails(sig) {
+    const sigStr = base58.encode(sig);
+    const result = await this.call("getTransaction", [{ signature: sigStr }]);
+    return {
+      blockHeight: BigInt(result.block_height ?? 0),
+      blockTime: result.block_time != null ? BigInt(result.block_time) : void 0,
+      meta: {
+        fee: BigInt(result.meta.fee),
+        err: result.meta.err ?? void 0,
+        logMessages: result.meta.log_messages ?? void 0
+      },
+      transaction: {
+        signatures: result.transaction.signatures.map(
+          (s) => base58.decode(s)
+        ),
+        message: {
+          header: {
+            numRequiredSignatures: result.transaction.message.header.num_required_signatures,
+            numReadonlySignedAccounts: result.transaction.message.header.num_readonly_signed_accounts,
+            numReadonlyUnsignedAccounts: result.transaction.message.header.num_readonly_unsigned_accounts
+          },
+          accountKeys: result.transaction.message.account_keys.map(
+            (k) => PublicKey.fromString(k)
+          ),
+          instructions: result.transaction.message.instructions.map((ix) => ({
+            programIdIndex: ix.program_id_index,
+            accounts: new Uint8Array(ix.accounts),
+            data: ix.data
+          }))
+        },
+        validFrom: BigInt(result.transaction.valid_from)
+      }
+    };
+  }
+  /**
+   * Retrieve a paginated list of recent transactions.
+   *
+   * @param config - Optional pagination config (limit, before cursor)
+   * @returns Array of transaction summaries with signature, slot, time, and error status
+   */
+  async getTransactions(config) {
+    const params = {};
+    if (config) {
+      if (config.limit !== void 0) params.limit = config.limit;
+      if (config.before !== void 0) params.before = config.before;
+    }
+    const result = await this.call("getTransactions", [
+      { config: Object.keys(params).length > 0 ? params : void 0 }
+    ]);
+    return result.value.map((t) => ({
+      signature: t.signature,
+      slot: BigInt(t.slot),
+      blockTime: t.blockTime !== void 0 ? BigInt(t.blockTime) : void 0,
+      err: t.err
+    }));
+  }
+  /**
+   * Check whether a blockhash is still valid for transaction submission.
+   *
+   * @param blockhash - The blockhash to check (Uint8Array)
+   * @returns Slot context and validity boolean
+   */
+  async isBlockhashValid(blockhash) {
+    const { base58: base582 } = await Promise.resolve().then(() => (init_base(), base_exports));
+    const hashStr = base582.encode(blockhash);
+    const result = await this.call("isBlockhashValid", [{ blockhash: hashStr }]);
+    return {
+      slot: BigInt(result.context.slot),
+      isValid: result.value
+    };
+  }
+  /**
+   * Get the health status of the validator node.
    *
-   * Returns subscriptions that will trigger transactions when matching events occur.
+   * @returns Validator health details
+   */
+  async getValidatorHealth() {
+    return await this.call("getValidatorHealth", [{}]);
+  }
+  /**
+   * Get the list of full nodes connected to the validator or full node.
    *
-   * @param subscriber - The subscriber's public key
-   * @param nonce - The nonce identifying the subscription
-   * @returns The subscription for the subscriber and nonce
+   * @returns Array of connected nodes with their public key and connection duration
+   */
+  async getConnectedFullNodes() {
+    const result = await this.call(
+      "getConnectedFullNodes",
+      [{}]
+    );
+    return result.map(([publicKey, connectedMs]) => ({
+      publicKey,
+      connectedMs: BigInt(connectedMs)
+    }));
+  }
+  /**
+   * Get all accounts in the system.
    *
-   * @example
-   * ```typescript
-   * const subscription = await client.getSubscription(subscriberPubkey, "my-nonce");
-   * console.log(`Topic: ${subscription.topic}, Kind: ${subscription.kind}`);
-   * ```
+   * @param config - Optional filtering/pagination config
+   * @returns Array of all account entries with pubkey and account data
    */
-  async getSubscription(subscriber, nonce) {
-    const result = await this.call("getSubscription", [
+  async getAllAccounts(config) {
+    const result = await this.call("getAllAccounts", [{ config: config ?? void 0 }]);
+    return result.value.map((entry) => ({
+      pubkey: entry.pubkey,
+      account: {
+        kelvin: BigInt(entry.account.kelvin),
+        owner: PublicKey.fromString(entry.account.owner),
+        data: entry.account.data,
+        executable: entry.account.executable,
+        rentEpoch: BigInt(entry.account.rentEpoch),
+        space: BigInt(entry.account.space ?? 0)
+      }
+    }));
+  }
+  /**
+   * Get a block by its height.
+   *
+   * @param blockHeight - The height of the block to retrieve
+   * @param config - Optional config to control transaction detail level
+   * @returns Block info including hash, height, time, and optional signatures
+   */
+  async getBlock(blockHeight, config) {
+    const params = {
+      block_height: Number(blockHeight)
+    };
+    if (config?.transactionDetails) {
+      params.config = { transaction_details: config.transactionDetails };
+    }
+    const result = await this.call("getBlock", [params]);
+    const block = result.value ?? result;
+    return {
+      blockhash: block.blockhash ?? "",
+      blockHeight: BigInt(block.blockHeight ?? 0),
+      blockTime: BigInt(block.blockTime ?? 0),
+      signatures: block.signatures
+    };
+  }
+  /**
+   * Get a list of confirmed block heights in a range.
+   *
+   * @param startHeight - Start of the range (inclusive)
+   * @param endHeight - End of the range (inclusive), or undefined for open-ended
+   * @returns Array of confirmed block heights
+   */
+  async getBlocks(startHeight, endHeight) {
+    const result = await this.call("getBlocks", [
       {
-        subscriber: subscriber.toString(),
-        nonce
+        start_slot: Number(startHeight),
+        end_slot: endHeight !== void 0 ? Number(endHeight) : void 0
       }
     ]);
-    const sub = result.subscription;
+    return result.map((n) => BigInt(n));
+  }
+  /**
+   * Get detailed information about a stake account.
+   *
+   * @param pubkey - The public key of the stake account
+   * @returns Stake account info, or undefined if the account doesn't exist
+   */
+  async getStakeAccount(pubkey) {
+    const result = await this.call("getStakeAccount", [{ pubkey: pubkey.toString() }]);
+    if (!result.value) return void 0;
+    const s = result.value;
     return {
-      kind: sub.kind,
-      topic: sub.topic,
-      instructions: sub.instructions,
-      subscriber: sub.subscriber,
-      eventAccount: sub.eventAccount,
-      timestampRange: sub.timestampRange ? [BigInt(sub.timestampRange[0]), BigInt(sub.timestampRange[1])] : void 0
+      state: s.state,
+      kelvins: BigInt(s.kelvins),
+      delegatedBalance: BigInt(s.delegated_balance),
+      undelegatedBalance: BigInt(s.undelegated_balance),
+      activationRequested: s.activation_requested !== void 0 ? BigInt(s.activation_requested) : void 0,
+      deactivationRequested: s.deactivation_requested !== void 0 ? BigInt(s.deactivation_requested) : void 0,
+      validator: s.validator,
+      adminAuthority: s.admin_authority,
+      withdrawAuthority: s.withdraw_authority
     };
   }
   /**
-   * Get transactions triggered by a subscription account.
+   * Get all registered validator accounts.
    *
-   * Returns the history of transactions that were automatically executed
-   * in response to subscription matches.
+   * @param request - Request config (e.g. whether to use frozen state)
+   * @returns Array of validator account info
+   */
+  async getValidatorAccounts(request) {
+    const result = await this.call("getValidatorAccounts", [{ use_frozen: request.useFrozen }]);
+    return result.value.map((v) => ({
+      commission: BigInt(v.commission),
+      pubkey: v.pubkey,
+      nodeIdentity: v.node_identity,
+      authorizedWithdrawer: v.authorized_withdrawer,
+      stakeNext: BigInt(v.stake_next),
+      stakeCurrent: v.stake_current !== void 0 ? BigInt(v.stake_current) : void 0,
+      address: v.address
+    }));
+  }
+  /**
+   * Get the token balance of an SPL Token account.
    *
-   * @param subscriptionAccount - The subscription account public key
-   * @param limit - Optional limit on transactions returned
-   * @returns Triggered transactions for the subscription
+   * @param pubkey - The public key of the token account
+   * @returns Token balance with amount, decimals, and UI-formatted string
+   */
+  async getTokenAccountBalance(pubkey) {
+    const result = await this.call("getTokenAccountBalance", [{ address: pubkey.toString() }]);
+    return {
+      amount: result.value.amount,
+      decimals: result.value.decimals,
+      uiAmountString: result.value.uiAmountString
+    };
+  }
+  /**
+   * Get registered REX requests for a creator.
+   *
+   * REX (Remote EXecution) requests are scheduled jobs that validators
+   * execute on behalf of a creator.
+   *
+   * @param creator - The creator's public key
+   * @param nonce - Optional nonce to filter a specific request
+   * @returns Array of REX request info with their assigned duties
+   */
+  async getRexRequests(creator, nonce) {
+    const result = await this.call("getRexRequests", [{ creator: creator.toString(), nonce }]);
+    return result.rex_requests.map((r) => ({
+      creator: r.creator,
+      nonce: r.nonce,
+      isActive: r.is_active,
+      description: r.description,
+      updateFrequency: r.update_frequency,
+      startingTimestamp: r.starting_timestamp,
+      createdAt: r.created_at,
+      validatorsPerDuty: r.validators_per_duty,
+      rexRequestDelayMs: BigInt(r.rex_request_delay_ms),
+      computeUnitsLimit: r.compute_units_limit,
+      heapSizeLimit: r.heap_size_limit,
+      duties: r.duties.map((d) => ({
+        targetTimestamp: d.target_timestamp,
+        assignedValidators: d.assigned_validators
+      }))
+    }));
+  }
+  /**
+   * Get missed REX duty proposal rounds for a specific REX request.
    *
-   * @example
-   * ```typescript
-   * const result = await client.getTriggeredTransactions(subscriptionPubkey, 10);
-   * result.transactions.forEach(tx => {
-   *   console.log(`Signature: ${tx.signature}, Block: ${tx.blockNumber}`);
-   * });
-   * ```
+   * @param creator - The creator's public key
+   * @param nonce - The nonce identifying the REX request
+   * @returns Array of proposal round numbers where duties were missed
    */
-  async getTriggeredTransactions(subscriptionAccount, limit) {
-    const params = [subscriptionAccount.toString()];
-    if (limit !== void 0) {
-      params.push(limit.toString());
-    }
-    const result = await this.call("getTriggeredTransactions", params);
-    return result.transactions.map((tx) => ({
-      signature: tx.signature,
-      blockNumber: BigInt(tx.block_number)
+  async getRexMissedDuties(creator, nonce) {
+    const result = await this.call("getRexMissedDuties", [{ creator: creator.toString(), nonce }]);
+    return result.missed_duties_at_proposal_rounds.map((n) => BigInt(n));
+  }
+  /**
+   * Get information about all known cluster nodes.
+   *
+   * @returns Array of cluster node info with stake, addresses, and keys
+   */
+  async getClusterNodes() {
+    const result = await this.call("getClusterNodes", [null]);
+    return result.nodes.map((n) => ({
+      stake: BigInt(n.stake),
+      address: n.address,
+      hostname: n.hostname,
+      authorityPubkey: n.authority_pubkey,
+      protocolPubkey: n.protocol_pubkey,
+      networkPubkey: n.network_pubkey,
+      lastCommittedRound: n.last_committed_round
     }));
   }
+  /**
+   * Get the list of validator indices this node is connected to.
+   *
+   * @returns Array of validator indices
+   */
+  async getConnectedValidators() {
+    return await this.call("getConnectedValidators", [{}]);
+  }
 };
 
+// src/utils.ts
+function toBase64(bytes2) {
+  if (typeof btoa !== "undefined") {
+    const chunkSize = 8192;
+    let result = "";
+    for (let i = 0; i < bytes2.length; i += chunkSize) {
+      const chunk = bytes2.slice(i, i + chunkSize);
+      result += String.fromCharCode(...chunk);
+    }
+    return btoa(result);
+  }
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(bytes2).toString("base64");
+  }
+  throw new Error("No base64 encoding available in this environment");
+}
+function fromBase64(base642) {
+  if (typeof atob !== "undefined") {
+    const binary = atob(base642);
+    const bytes2 = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+      bytes2[i] = binary.charCodeAt(i);
+    }
+    return bytes2;
+  }
+  if (typeof Buffer !== "undefined") {
+    return new Uint8Array(Buffer.from(base642, "base64"));
+  }
+  throw new Error("No base64 decoding available in this environment");
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function calculateBackoff(attempt, baseMs = 1e3, maxMs = 3e4) {
+  const exponentialDelay = baseMs * 2 ** attempt;
+  const jitter = Math.random() * 0.3 * exponentialDelay;
+  return Math.min(exponentialDelay + jitter, maxMs);
+}
+function getDevnetUrl() {
+  return URL_DEVNET;
+}
+function getTestnetUrl() {
+  return URL_TESTNET;
+}
+function getMainnetUrl() {
+  return URL_MAINNET;
+}
+function getLocalnetUrl() {
+  return URL_LOCALNET;
+}
+
 // src/rpc/clients/transaction-client.ts
 var DEFAULT_MAX_RETRIES = 10;
 var DEFAULT_RETRY_DELAY_MS = 200;
@@ -6224,10 +7152,10 @@ var TransactionRpcClient = class extends BaseRpcClient {
    */
   async confirmTransaction(signature, options) {
     const maxRetries = options?.maxRetries ?? DEFAULT_MAX_RETRIES;
-    const retryDelay = options?.retryDelay ?? DEFAULT_RETRY_DELAY_MS;
+    const retryDelayMs = options?.retryDelayMs ?? DEFAULT_RETRY_DELAY_MS;
     for (let attempt = 0; attempt < maxRetries; attempt++) {
       if (attempt > 0) {
-        await this.sleep(retryDelay);
+        await this.sleep(retryDelayMs);
       }
       try {
         const txInfo = await this.getTransaction(signature);
@@ -6283,13 +7211,20 @@ var TransactionRpcClient = class extends BaseRpcClient {
    * // With custom retry settings
    * const result = await client.sendAndConfirmTransaction(signedTx, {
    *   maxRetries: 3,
-   *   retryDelay: 500,
+   *   confirmMaxRetries: 10,
+   *   confirmRetryDelayMs: 500,
    * });
    * ```
    */
   async sendAndConfirmTransaction(transaction, options) {
-    const signature = await this.sendTransaction(transaction, options);
-    return await this.confirmTransaction(signature, options);
+    const signature = await this.sendTransaction(transaction, {
+      skipPreflight: options?.skipPreflight,
+      maxRetries: options?.maxRetries
+    });
+    return await this.confirmTransaction(signature, {
+      maxRetries: options?.confirmMaxRetries,
+      retryDelayMs: options?.confirmRetryDelayMs
+    });
   }
   /**
    * Request an airdrop of tokens to an account.
@@ -6316,10 +7251,12 @@ var TransactionRpcClient = class extends BaseRpcClient {
         `Airdrop amount ${amount} exceeds maximum safe value`
       );
     }
-    const signature = await this.call("requestAirdrop", [{
-      pubkey: pubkey.toString(),
-      kelvins: Number(amount)
-    }]);
+    const signature = await this.call("requestAirdrop", [
+      {
+        pubkey: pubkey.toString(),
+        kelvins: Number(amount)
+      }
+    ]);
     return signature;
   }
   /**
@@ -6348,13 +7285,23 @@ var TransactionRpcClient = class extends BaseRpcClient {
     const signature = await this.requestAirdrop(pubkey, amount);
     return await this.confirmTransaction(signature, options);
   }
+  /**
+   * Submit an epoch change transaction (admin-only).
+   *
+   * @param request - The epoch change request payload
+   * @returns Response from the epoch change submission
+   */
+  async sendAdminTransaction(request) {
+    return await this.call("submitEpochChange", [
+      request
+    ]);
+  }
   async getTransaction(signature) {
     const result = await this.call("getTransaction", [{ signature }]);
     if (!result) {
       return null;
     }
     return {
-      signature,
       blockHeight: BigInt(result.block_height ?? 0),
       err: result.err ?? result.meta?.err ?? void 0
     };
@@ -6370,12 +7317,13 @@ var TransactionRpcClient = class extends BaseRpcClient {
 };
 
 // src/rpc/clients/client.ts
-var RialoClient = class {
+var RialoClient = class extends RpcClient {
   queryClient;
   transactionClient;
   transport;
   chain;
   constructor(transport, chain2) {
+    super();
     this.chain = chain2;
     this.transport = transport;
     this.queryClient = new QueryRpcClient(transport);
@@ -6411,7 +7359,11 @@ var RialoClient = class {
    * @returns Account info or null if account doesn't exist
    */
   async getAccountInfo(pubkey) {
-    return await this.queryClient.getAccountInfo(pubkey);
+    const result = await this.queryClient.getAccountInfo(pubkey);
+    if (!result) {
+      throw new Error(`Account does not exist: ${pubkey}`);
+    }
+    return result;
   }
   /**
    * Retrieves the current block height.
@@ -6419,6 +7371,12 @@ var RialoClient = class {
   async getBlockHeight() {
     return await this.queryClient.getBlockHeight();
   }
+  /**
+   * Retrieves the current block height with advanced configuration.
+   */
+  async getBlockHeightWithConfig(minContextSlot) {
+    return await this.queryClient.getBlockHeightWithConfig(minContextSlot);
+  }
   /**
    * Retrieves the signatures for an address.
    */
@@ -6428,10 +7386,10 @@ var RialoClient = class {
   /**
    * Retrieves detailed information about a transaction.
    *
-   * @returns Transaction info or null if transaction not found
+   * @returns Full transaction response
    */
-  async getTransaction(signature) {
-    return await this.queryClient.getTransaction(signature);
+  async getTransaction(sig) {
+    return await this.queryClient.getTransactionDetails(sig);
   }
   /**
    * Retrieves the total number of transactions processed since genesis.
@@ -6443,7 +7401,10 @@ var RialoClient = class {
    * Retrieves the status of multiple transaction signatures.
    */
   async getSignatureStatuses(signatures) {
-    return await this.queryClient.getSignatureStatuses(signatures);
+    const { base58: base582 } = await Promise.resolve().then(() => (init_base(), base_exports));
+    const sigStrings = signatures.map((s) => base582.encode(s));
+    const results = await this.queryClient.getSignatureStatuses(sigStrings);
+    return results.filter((s) => s !== null);
   }
   /**
    * Retrieves current epoch information.
@@ -6467,7 +7428,12 @@ var RialoClient = class {
    * @returns Transaction signature
    */
   async sendTransaction(transaction, options) {
-    return await this.transactionClient.sendTransaction(transaction, options);
+    const sigStr = await this.transactionClient.sendTransaction(
+      transaction,
+      options
+    );
+    const { base58: base582 } = await Promise.resolve().then(() => (init_base(), base_exports));
+    return base582.decode(sigStr);
   }
   /**
    * Requests an airdrop of tokens to an account.
@@ -6479,7 +7445,9 @@ var RialoClient = class {
    * @returns Transaction signature
    */
   async requestAirdrop(pubkey, amount) {
-    return await this.transactionClient.requestAirdrop(pubkey, amount);
+    const sigStr = await this.transactionClient.requestAirdrop(pubkey, amount);
+    const { base58: base582 } = await Promise.resolve().then(() => (init_base(), base_exports));
+    return base582.decode(sigStr);
   }
   /**
    * Submits a signed transaction and waits for confirmation.
@@ -6509,19 +7477,18 @@ var RialoClient = class {
    * @param options - Confirmation options
    * @returns Confirmed transaction details
    */
-  async confirmTransaction(signature, options) {
-    return await this.transactionClient.confirmTransaction(signature, options);
+  async confirmTransaction(sig, options) {
+    return await this.transactionClient.confirmTransaction(sig, options);
   }
   /**
    * Requests an airdrop and waits for confirmation.
    *
    * **Note**: Only available on devnet and testnet.
    */
-  async requestAirdropAndConfirm(pubkey, amount, options) {
+  async requestAirdropAndConfirm(pubkey, amount) {
     return await this.transactionClient.requestAirdropAndConfirm(
       pubkey,
-      amount,
-      options
+      amount
     );
   }
   /**
@@ -6530,19 +7497,20 @@ var RialoClient = class {
    * @param accountDataSize - The size of the account data in bytes
    * @returns The minimum balance in kelvins required for rent exemption
    */
-  async getMinimumBalanceForRentExemption(accountDataSize) {
+  async getMinimumBalanceForRentExemption(dataSize) {
     return await this.queryClient.getMinimumBalanceForRentExemption(
-      accountDataSize
+      Number(dataSize)
     );
   }
   /**
    * Get the fee required to process a specific message.
    *
    * @param message - Base64-encoded serialized versioned message
-   * @returns Fee in kelvins, or null if message is invalid
+   * @returns Fee response with value in kelvins
    */
   async getFeeForMessage(message) {
-    return await this.queryClient.getFeeForMessage(message);
+    const value = await this.queryClient.getFeeForMessage(message);
+    return { value: value ?? void 0 };
   }
   /**
    * Get information for multiple accounts in a single request.
@@ -6551,18 +7519,26 @@ var RialoClient = class {
    * @returns Account information for each address
    */
   async getMultipleAccounts(pubkeys) {
-    return await this.queryClient.getMultipleAccounts(pubkeys);
+    const results = await this.queryClient.getMultipleAccounts(pubkeys);
+    return results.map(
+      (r) => r === null ? void 0 : r
+    );
   }
   /**
    * Get all accounts owned by a specific program or address.
    *
    * @param owner - Program ID or owner public key
-   * @param filter - Filter type (ProgramAccounts or TokenAccounts)
+   * @param filter - Filter type (programAccounts or tokenAccounts)
    * @param config - Optional configuration for pagination and encoding
-   * @returns Accounts owned by the specified owner
+   * @returns Tuple of accounts and optional pagination info
    */
   async getAccountsByOwner(owner, filter, config) {
-    return await this.queryClient.getAccountsByOwner(owner, filter, config);
+    const filterParam = filter === "tokenAccounts" ? { type: "tokenAccounts" } : { type: "programAccounts" };
+    return await this.queryClient.getAccountsByOwner(
+      owner,
+      filterParam,
+      config
+    );
   }
   /**
    * Get workflow lineage information for tracking execution history.
@@ -6596,6 +7572,117 @@ var RialoClient = class {
       limit
     );
   }
+  /**
+   * Gets paginated transactions from the blockchain.
+   */
+  async getTransactions(config) {
+    return await this.queryClient.getTransactions(config);
+  }
+  /**
+   * Checks if a blockhash is still valid for transaction submission.
+   */
+  async isBlockhashValid(blockhash) {
+    return await this.queryClient.isBlockhashValid(blockhash);
+  }
+  /**
+   * Gets the health status of the validator.
+   */
+  async getValidatorHealth() {
+    return await this.queryClient.getValidatorHealth();
+  }
+  /**
+   * Gets the list of full nodes connected to the validator or full node.
+   */
+  async getConnectedFullNodes() {
+    return await this.queryClient.getConnectedFullNodes();
+  }
+  /**
+   * Gets the TEE's secret sharing public key for HPKE encryption.
+   */
+  async getSecretSharingPubkey() {
+    const rawBytes = await this.queryClient.getSecretSharingPubkey();
+    const hex2 = Array.from(rawBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+    return { publicKey: hex2 };
+  }
+  /**
+   * Gets the config hash prefix for protecting against replay attacks.
+   */
+  async getConfigHashPrefix() {
+    return await this.queryClient.getConfigHashPrefix();
+  }
+  /**
+   * Submits an epoch change transaction (admin-only).
+   */
+  async sendAdminTransaction(request) {
+    return await this.transactionClient.sendAdminTransaction(request);
+  }
+  /**
+   * Gets all accounts in the system.
+   */
+  async getAllAccounts(config) {
+    return await this.queryClient.getAllAccounts(config);
+  }
+  /**
+   * Gets a block by its height.
+   */
+  async getBlock(blockHeight, config) {
+    return await this.queryClient.getBlock(blockHeight, config);
+  }
+  /**
+   * Gets a list of confirmed block heights in a range.
+   */
+  async getBlocks(startHeight, endHeight) {
+    return await this.queryClient.getBlocks(startHeight, endHeight);
+  }
+  /**
+   * Gets detailed information about a stake account.
+   */
+  async getStakeAccount(pubkey) {
+    return await this.queryClient.getStakeAccount(pubkey);
+  }
+  /**
+   * Gets all registered validator accounts.
+   */
+  async getValidatorAccounts(request) {
+    return await this.queryClient.getValidatorAccounts(request);
+  }
+  /**
+   * Gets the token balance of an SPL Token account.
+   */
+  async getTokenAccountBalance(pubkey) {
+    return await this.queryClient.getTokenAccountBalance(pubkey);
+  }
+  /**
+   * Gets registered REX requests for a creator.
+   */
+  async getRexRequests(creator, nonce) {
+    return await this.queryClient.getRexRequests(creator, nonce);
+  }
+  /**
+   * Gets missed REX duty proposal rounds for a specific REX request.
+   */
+  async getRexMissedDuties(creator, nonce) {
+    return await this.queryClient.getRexMissedDuties(creator, nonce);
+  }
+  /**
+   * Gets information about all known cluster nodes.
+   */
+  async getClusterNodes() {
+    return await this.queryClient.getClusterNodes();
+  }
+  /**
+   * Gets the list of validator indices this node is connected to.
+   */
+  async getConnectedValidators() {
+    return await this.queryClient.getConnectedValidators();
+  }
+  /**
+   * Calls an arbitrary RPC method with a JSON string body.
+   * Utility method for methods not yet in the generated interface.
+   */
+  async callWithJson(method, params) {
+    return await this.queryClient.callWithJson(method, params);
+  }
 };
 
 // src/rpc/http-transport.ts
@@ -6815,9 +7902,9 @@ var BincodeReader = class {
   isExhausted() {
     return this.offset >= this.bytes.length;
   }
-  skip(bytes) {
-    this.ensureAvailable(bytes);
-    this.offset += bytes;
+  skip(bytes2) {
+    this.ensureAvailable(bytes2);
+    this.offset += bytes2;
     return this;
   }
   /**
@@ -6933,9 +8020,9 @@ var BincodeReader = class {
   // ========== Compound Types ==========
   readBytes(length) {
     this.ensureAvailable(length);
-    const bytes = this.bytes.slice(this.offset, this.offset + length);
+    const bytes2 = this.bytes.slice(this.offset, this.offset + length);
     this.offset += length;
-    return bytes;
+    return bytes2;
   }
   readFixedArray(length) {
     return this.readBytes(length);
@@ -6945,8 +8032,8 @@ var BincodeReader = class {
     return this.readBytes(length);
   }
   readString() {
-    const bytes = this.readVecBytes();
-    return new TextDecoder().decode(bytes);
+    const bytes2 = this.readVecBytes();
+    return new TextDecoder().decode(bytes2);
   }
   readVariant() {
     return this.readU32();
@@ -7002,10 +8089,10 @@ var BincodeReader = class {
     }
     return numLength;
   }
-  ensureAvailable(bytes) {
-    if (this.offset + bytes > this.bytes.length) {
+  ensureAvailable(bytes2) {
+    if (this.offset + bytes2 > this.bytes.length) {
       throw new Error(
-        `Unexpected end of data: need ${bytes} bytes at offset ${this.offset}, but only ${this.bytes.length - this.offset} available`
+        `Unexpected end of data: need ${bytes2} bytes at offset ${this.offset}, but only ${this.bytes.length - this.offset} available`
       );
     }
   }
@@ -7144,27 +8231,27 @@ var BincodeWriter = class {
     return this;
   }
   // ========== Compound Types ==========
-  writeBytes(bytes) {
-    this.ensureCapacity(bytes.length);
-    this.buffer.set(bytes, this.offset);
-    this.offset += bytes.length;
+  writeBytes(bytes2) {
+    this.ensureCapacity(bytes2.length);
+    this.buffer.set(bytes2, this.offset);
+    this.offset += bytes2.length;
     return this;
   }
-  writeFixedArray(bytes, expectedLength) {
-    if (expectedLength !== void 0 && bytes.length !== expectedLength) {
+  writeFixedArray(bytes2, expectedLength) {
+    if (expectedLength !== void 0 && bytes2.length !== expectedLength) {
       throw new Error(
-        `Fixed array length mismatch: expected ${expectedLength}, got ${bytes.length}`
+        `Fixed array length mismatch: expected ${expectedLength}, got ${bytes2.length}`
       );
     }
-    return this.writeBytes(bytes);
+    return this.writeBytes(bytes2);
   }
-  writeVecBytes(bytes) {
-    this.writeU64(BigInt(bytes.length));
-    return this.writeBytes(bytes);
+  writeVecBytes(bytes2) {
+    this.writeU64(BigInt(bytes2.length));
+    return this.writeBytes(bytes2);
   }
-  writeString(str) {
-    const bytes = new TextEncoder().encode(str);
-    return this.writeVecBytes(bytes);
+  writeString(str2) {
+    const bytes2 = new TextEncoder().encode(str2);
+    return this.writeVecBytes(bytes2);
   }
   writeVariant(index) {
     return this.writeU32(index);
@@ -7608,15 +8695,15 @@ function arrayToHex(arr, reverse = false) {
   return [...reverse ? new Uint8Array(arr).reverse() : new Uint8Array(arr)].map((b) => b.toString(16).padStart(2, "0")).join("");
 }
 function toBigIntLE(buf) {
-  const hex = arrayToHex(buf, true);
-  if (hex.length === 0) {
+  const hex2 = arrayToHex(buf, true);
+  if (hex2.length === 0) {
     return BigInt(0);
   }
-  return BigInt(`0x${hex}`);
+  return BigInt(`0x${hex2}`);
 }
 function writeBufferLEBigInt(num, width, buffer, offset) {
-  const hex = num.toString(16);
-  const padded = hex.padStart(width * 2, "0").slice(0, width * 2);
+  const hex2 = num.toString(16);
+  const padded = hex2.padStart(width * 2, "0").slice(0, width * 2);
   for (const [ix, value] of padded.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)).entries()) {
     buffer[offset + width - 1 - ix] = value;
   }
@@ -7679,11 +8766,11 @@ var readBigUInt64LE = (buf, offset) => {
   return BigInt(lo);
 };
 function readUIntLE(buf, offset, width) {
-  const hex = arrayToHex(buf.subarray(offset, offset + width), true);
-  if (hex.length === 0) {
+  const hex2 = arrayToHex(buf.subarray(offset, offset + width), true);
+  if (hex2.length === 0) {
     return BigInt(0);
   }
-  return BigInt(`0x${hex}`);
+  return BigInt(`0x${hex2}`);
 }
 var readUInt32LE = (buffer, offset) => {
   const first = buffer[offset];
@@ -7845,24 +8932,24 @@ var BinaryWriter = class _BinaryWriter {
     writer._writes = writer._writes.next = () => (0, import_float.writeDoubleLE)(value, writer._buf, offset);
     writer.totalSize += 8;
   }
-  string(str) {
-    return _BinaryWriter.string(str, this);
+  string(str2) {
+    return _BinaryWriter.string(str2, this);
   }
-  static string(str, writer) {
-    const len = stringLengthFn()(str);
+  static string(str2, writer) {
+    const len = stringLengthFn()(str2);
     let offset = writer.totalSize;
     writer._writes = writer._writes.next = () => {
       writeUInt32LE(len, writer._buf, offset);
-      writeStringBufferFn(len)(str, writer._buf, offset + 4);
+      writeStringBufferFn(len)(str2, writer._buf, offset + 4);
     };
     writer.totalSize += 4 + len;
   }
-  static stringCustom(str, writer, lengthWriter = writeUInt32LE, lengthSize = 4) {
-    const len = import_utf8.default.length(str);
+  static stringCustom(str2, writer, lengthWriter = writeUInt32LE, lengthSize = 4) {
+    const len = import_utf8.default.length(str2);
     let offset = writer.totalSize;
     writer._writes = writer._writes.next = () => {
       lengthWriter(len, writer._buf, offset);
-      writeStringBufferFn(len)(str, writer._buf, offset + lengthSize);
+      writeStringBufferFn(len)(str2, writer._buf, offset + lengthSize);
     };
     writer.totalSize += lengthSize + len;
   }
@@ -9002,14 +10089,20 @@ var Message = class _Message {
   accountKeys;
   /** Transaction valid from (milliseconds since Unix epoch) */
   validFrom;
+  /** Config hash prefix for replay protection across chains */
+  configHashPrefix;
+  /** Whether the transaction should use OCC (optimistic concurrency control) scheduling */
+  occ;
   /** Compiled instructions with account indices */
   instructions;
   /** Cached serialized bytes */
   serializedCache;
-  constructor(header, accountKeys, validFrom, instructions) {
+  constructor(header, accountKeys, validFrom, configHashPrefix, occ, instructions) {
     this.header = Object.freeze({ ...header });
     this.accountKeys = Object.freeze([...accountKeys]);
     this.validFrom = validFrom;
+    this.configHashPrefix = configHashPrefix;
+    this.occ = occ;
     this.instructions = Object.freeze(
       instructions.map((ix) => Object.freeze({ ...ix }))
     );
@@ -9069,6 +10162,25 @@ var Message = class _Message {
       new DataView(validFromBytes.buffer).getBigUint64(0, true)
     );
     cursor += 8;
+    if (data.length < cursor + 8) {
+      throw new TransactionError(
+        "INSUFFICIENT_DATA" /* INSUFFICIENT_DATA */,
+        "Insufficient data for configHashPrefix"
+      );
+    }
+    const configHashPrefixBytes = data.slice(cursor, cursor + 8);
+    const configHashPrefix = BigInt.asUintN(
+      64,
+      new DataView(configHashPrefixBytes.buffer).getBigUint64(0, true)
+    );
+    cursor += 8;
+    if (data.length < cursor + 1) {
+      throw new TransactionError(
+        "INSUFFICIENT_DATA" /* INSUFFICIENT_DATA */,
+        "Insufficient data for occ flag"
+      );
+    }
+    const occ = data[cursor++] !== 0;
     const [instructionsLength, newCursor2] = deserializeCompactU16(
       data,
       cursor
@@ -9114,7 +10226,7 @@ var Message = class _Message {
         data: instructionData
       });
     }
-    return new _Message(header, accountKeys, validFrom, instructions);
+    return new _Message(header, accountKeys, validFrom, configHashPrefix, occ, instructions);
   }
   serializeInternal() {
     const buffer = [];
@@ -9131,6 +10243,14 @@ var Message = class _Message {
       true
     );
     buffer.push(...new Uint8Array(validFromBuffer));
+    const configHashPrefixBuffer = new ArrayBuffer(8);
+    new DataView(configHashPrefixBuffer).setBigUint64(
+      0,
+      this.configHashPrefix,
+      true
+    );
+    buffer.push(...new Uint8Array(configHashPrefixBuffer));
+    buffer.push(this.occ ? 1 : 0);
     this.serializeCompactArray(buffer, this.instructions, (buf, ix) => {
       buf.push(ix.programIdIndex);
       this.serializeCompactArray(buf, ix.accountKeyIndexes, (b, idx) => {
@@ -9515,6 +10635,8 @@ var Transaction = class _Transaction {
 var TransactionBuilder = class _TransactionBuilder {
   payer;
   validFrom;
+  configHashPrefix;
+  occ = false;
   instructions = [];
   constructor() {
   }
@@ -9548,6 +10670,27 @@ var TransactionBuilder = class _TransactionBuilder {
     this.validFrom = validFrom;
     return this;
   }
+  /**
+   * Set the config hash prefix for replay protection.
+   *
+   * This is the first 64 bits of the config hash, used to ensure
+   * transactions cannot be replayed on different chains.
+   *
+   * @param configHashPrefix - config hash prefix as a u64
+   */
+  setConfigHashPrefix(configHashPrefix) {
+    this.configHashPrefix = configHashPrefix;
+    return this;
+  }
+  /**
+   * Enable OCC (optimistic concurrency control) scheduling for this transaction.
+   *
+   * @param occ - Whether to use OCC scheduling (default: false)
+   */
+  setOcc(occ) {
+    this.occ = occ;
+    return this;
+  }
   /**
    * Add an instruction to the transaction.
    *
@@ -9593,6 +10736,12 @@ var TransactionBuilder = class _TransactionBuilder {
         "Transaction must have a valid from. Use setValidFrom() to set the valid from."
       );
     }
+    if (this.configHashPrefix === void 0) {
+      throw new TransactionError(
+        "INVALID_MESSAGE_FORMAT" /* INVALID_MESSAGE_FORMAT */,
+        "Transaction must have a config hash prefix. Use setConfigHashPrefix() to set the config hash prefix."
+      );
+    }
     if (this.instructions.length === 0) {
       throw TransactionError.noInstructions();
     }
@@ -9637,6 +10786,8 @@ var TransactionBuilder = class _TransactionBuilder {
       header,
       accountKeys,
       this.validFrom,
+      this.configHashPrefix,
+      this.occ,
       compiledInstructions
     );
     return Transaction.fromMessage(message);
@@ -9726,6 +10877,9 @@ var KeypairSigner = class {
 };
 /*! Bundled license information:
 
+@scure/base/index.js:
+  (*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
+
 @noble/ed25519/index.js:
   (*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) *)
 
@@ -9733,9 +10887,6 @@ var KeypairSigner = class {
 @noble/hashes/utils.js:
   (*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
 
-@scure/base/index.js:
-  (*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
-
 @scure/bip39/index.js:
   (*! scure-bip39 - MIT License (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) *)
 */
@@ -9745,9 +10896,15 @@ exports.BASE_DERIVATION_PATH = BASE_DERIVATION_PATH;
 exports.BaseRpcClient = BaseRpcClient;
 exports.BincodeReader = BincodeReader;
 exports.BincodeWriter = BincodeWriter;
+exports.CHACHA20_POLY1305_TAG_LENGTH = CHACHA20_POLY1305_TAG_LENGTH;
 exports.CryptoError = CryptoError;
 exports.CryptoErrorCode = CryptoErrorCode;
 exports.DEFAULT_NUM_ACCOUNTS = DEFAULT_NUM_ACCOUNTS;
+exports.ED25519_PUBLIC_KEY_LENGTH = ED25519_PUBLIC_KEY_LENGTH;
+exports.HPKE_ENC_LENGTH = HPKE_ENC_LENGTH;
+exports.HPKE_OVERHEAD_LENGTH = HPKE_OVERHEAD_LENGTH;
+exports.HpkeError = HpkeError;
+exports.HpkeErrorCode = HpkeErrorCode;
 exports.HttpTransport = HttpTransport;
 exports.KELVIN_PER_RLO = KELVIN_PER_RLO;
 exports.Keypair = Keypair;
@@ -9760,14 +10917,16 @@ exports.QueryRpcClient = QueryRpcClient;
 exports.RIALO_DEVNET_CHAIN = RIALO_DEVNET_CHAIN;
 exports.RIALO_LOCALNET_CHAIN = RIALO_LOCALNET_CHAIN;
 exports.RIALO_MAINNET_CHAIN = RIALO_MAINNET_CHAIN;
-exports.RIALO_SHITNET_CHAIN = RIALO_SHITNET_CHAIN;
 exports.RIALO_TESTNET_CHAIN = RIALO_TESTNET_CHAIN;
+exports.RexValue = RexValue;
+exports.RexValueVariant = RexValueVariant;
 exports.RialoClient = RialoClient;
 exports.RialoError = RialoError;
 exports.RialoErrorType = RialoErrorType;
 exports.RpcError = RpcError;
 exports.RpcErrorCode = RpcErrorCode;
 exports.SECRET_KEY_LENGTH = SECRET_KEY_LENGTH;
+exports.SECRET_SHARING_HPKE_INFO = SECRET_SHARING_HPKE_INFO;
 exports.SIGNATURE_LENGTH = SIGNATURE_LENGTH;
 exports.SYSTEM_PROGRAM_ID = SYSTEM_PROGRAM_ID;
 exports.Schema = Schema;
@@ -9781,8 +10940,9 @@ exports.TransactionRpcClient = TransactionRpcClient;
 exports.URL_DEVNET = URL_DEVNET;
 exports.URL_LOCALNET = URL_LOCALNET;
 exports.URL_MAINNET = URL_MAINNET;
-exports.URL_SHITNET = URL_SHITNET;
 exports.URL_TESTNET = URL_TESTNET;
+exports.USER_SECRET_AAD = USER_SECRET_AAD;
+exports.X25519_PUBLIC_KEY_LENGTH = X25519_PUBLIC_KEY_LENGTH;
 exports.allocateInstruction = allocateInstruction;
 exports.assignInstruction = assignInstruction;
 exports.calculateBackoff = calculateBackoff;
@@ -9795,15 +10955,19 @@ exports.deserializeBorsh = deserializeBorsh;
 exports.deserializeCompactU16 = deserializeCompactU162;
 exports.deserializeStrict = deserializeStrict;
 exports.encodeBorshData = encodeBorshData;
+exports.encryptForRex = encryptForRex;
 exports.field = field;
 exports.fixedArray = fixedArray;
 exports.fromBase64 = fromBase64;
+exports.getCiphertextLength = getCiphertextLength;
 exports.getDefaultRialoClientConfig = getDefaultRialoClientConfig;
 exports.getDevnetUrl = getDevnetUrl;
 exports.getLocalnetUrl = getLocalnetUrl;
 exports.getMainnetUrl = getMainnetUrl;
 exports.getTestnetUrl = getTestnetUrl;
+exports.hpkeEncrypt = hpkeEncrypt;
 exports.isOnCurve = isOnCurve;
+exports.isValidCiphertextLength = isValidCiphertextLength;
 exports.option = option;
 exports.seedToBytes = seedToBytes;
 exports.serialize = serialize;