npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/extensions/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Extensions layer per EXTENSIONS.md.
+ *
+ * @module
+ */
+export { KeyError, MaxKeyLength, NamespacePrefixCore, Registry, SizeError, UnsupportedError, maxBytesFor, validate, validateKey, validateSize, } from "./limits.js";
+//# sourceMappingURL=index.js.map

package/dist/extensions/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/extensions/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKL,QAAQ,EACR,YAAY,EACZ,mBAAmB,EACnB,QAAQ,EACR,SAAS,EACT,gBAAgB,EAChB,WAAW,EACX,QAAQ,EACR,WAAW,EACX,YAAY,GACb,MAAM,aAAa,CAAC"}

package/dist/extensions/limits.d.ts ADDED Viewed

@@ -0,0 +1,101 @@
+/**
+ * Extension validation per EXTENSIONS.md §2-§4.
+ *
+ * Each extension entry on the wire conforms to:
+ *
+ * ```json
+ * { "required": false, "data": { ... } }
+ * ```
+ *
+ * Per-layer byte-size ceilings (§4) are enforced before signature
+ * verification — an over-large `extensions` map MUST be rejected
+ * outright, regardless of any signature it might carry.
+ *
+ * Required extensions a recipient does not understand MUST be
+ * rejected per §3, regardless of namespace. The semp.dev/ namespace
+ * is reserved for spec-defined keys; vendor.* and x-* keys are at
+ * the operator's own risk but are subject to the same
+ * required-must-be-understood rule.
+ *
+ * @module
+ */
+/** Layers an `extensions` object can attach to. */
+export type Layer = "postmark" | "seal" | "brief" | "enclosure";
+/** A single extension entry on the wire. */
+export interface Entry {
+    required: boolean;
+    data: unknown;
+}
+/** Wire-level container: keys are namespaced extension identifiers. */
+export type Map = Record<string, Entry>;
+/** Per-layer byte-size ceiling per §4.1. */
+export declare function maxBytesFor(layer: Layer): number;
+/** Reserved namespace prefix for spec-defined extension keys. */
+export declare const NamespacePrefixCore = "semp.dev/";
+/** A registered extension. */
+export interface RegistryEntry {
+    identifier: string;
+    layers: Layer[];
+}
+/**
+ * Registry of known extensions an implementation supports. Used by
+ * {@link validate} to decide whether a required extension is
+ * understood (registered) or unknown (rejected).
+ */
+export declare class Registry {
+    private readonly entries;
+    register(entry: RegistryEntry): void;
+    lookup(identifier: string): RegistryEntry | undefined;
+}
+/** Error thrown when a required extension is not registered. */
+export declare class UnsupportedError extends Error {
+    readonly key: string;
+    readonly layer: Layer;
+    readonly reasonCode: "extension_unsupported";
+    constructor(key: string, layer: Layer);
+}
+/** Error thrown when the serialized map exceeds the layer's ceiling. */
+export declare class SizeError extends Error {
+    readonly layer: Layer;
+    readonly size: number;
+    readonly limit: number;
+    readonly reasonCode: "extension_size_exceeded";
+    constructor(layer: Layer, size: number, limit: number);
+}
+/** Error thrown when an extension key fails {@link validateKey}. */
+export declare class KeyError extends Error {
+    readonly key: string;
+    readonly layer: Layer;
+    constructor(key: string, layer: Layer, reason: string);
+}
+/** Maximum byte length of an extension key (the namespaced identifier). */
+export declare const MaxKeyLength = 128;
+/**
+ * Validate an extension key per EXTENSIONS.md §2.2: ASCII only,
+ * non-empty, MaxKeyLength cap, must contain a `/` after a vendor
+ * namespace OR start with `x-` for experimental.
+ */
+export declare function validateKey(key: string): Error | null;
+/**
+ * Validate an extensions map at a specific layer. Returns null on
+ * accept; an Error on first reject.
+ *
+ * Rejects:
+ *   - Malformed key shape ({@link KeyError})
+ *   - Required extension not in registry, regardless of namespace
+ *     ({@link UnsupportedError})
+ *   - Required extension registered but for a different layer
+ *     ({@link UnsupportedError})
+ *   - Total serialized size over the layer's ceiling
+ *     ({@link SizeError})
+ *
+ * Non-required (`required: false`) extensions are passed through
+ * unconditionally — the receiver is free to ignore them.
+ */
+export declare function validate(registry: Registry | null, layer: Layer, m: Map | null | undefined): Error | null;
+/**
+ * Validate the serialized byte length of an extensions map against
+ * the layer ceiling. Empty / missing maps pass through.
+ */
+export declare function validateSize(layer: Layer, m: Map | null | undefined): Error | null;
+//# sourceMappingURL=limits.d.ts.map

package/dist/extensions/limits.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"limits.d.ts","sourceRoot":"","sources":["../../src/extensions/limits.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,mDAAmD;AACnD,MAAM,MAAM,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,OAAO,GAAG,WAAW,CAAC;AAEhE,4CAA4C;AAC5C,MAAM,WAAW,KAAK;IACpB,QAAQ,EAAE,OAAO,CAAC;IAClB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,uEAAuE;AACvE,MAAM,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAExC,4CAA4C;AAC5C,wBAAgB,WAAW,CAAC,KAAK,EAAE,KAAK,GAAG,MAAM,CAWhD;AAED,iEAAiE;AACjE,eAAO,MAAM,mBAAmB,cAAc,CAAC;AAE/C,8BAA8B;AAC9B,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,KAAK,EAAE,CAAC;CACjB;AAED;;;;GAIG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA+C;IAEvE,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI;IAIpC,MAAM,CAAC,UAAU,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;CAGtD;AAED,gEAAgE;AAChE,qBAAa,gBAAiB,SAAQ,KAAK;IACzC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,UAAU,EAAG,uBAAuB,CAAU;gBAC3C,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK;CAOtC;AAED,wEAAwE;AACxE,qBAAa,SAAU,SAAQ,KAAK;IAClC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,UAAU,EAAG,yBAAyB,CAAU;gBAC7C,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;CAQtD;AAED,oEAAoE;AACpE,qBAAa,QAAS,SAAQ,KAAK;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;gBACV,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM;CAKtD;AAED,2EAA2E;AAC3E,eAAO,MAAM,YAAY,MAAM,CAAC;AAEhC;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,GAAG,IAAI,CAiBrD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,QAAQ,GAAG,IAAI,EACzB,KAAK,EAAE,KAAK,EACZ,CAAC,EAAE,GAAG,GAAG,IAAI,GAAG,SAAS,GACxB,KAAK,GAAG,IAAI,CA4Bd;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,GAAG,IAAI,CAelF"}

package/dist/extensions/limits.js ADDED Viewed

@@ -0,0 +1,175 @@
+/**
+ * Extension validation per EXTENSIONS.md §2-§4.
+ *
+ * Each extension entry on the wire conforms to:
+ *
+ * ```json
+ * { "required": false, "data": { ... } }
+ * ```
+ *
+ * Per-layer byte-size ceilings (§4) are enforced before signature
+ * verification — an over-large `extensions` map MUST be rejected
+ * outright, regardless of any signature it might carry.
+ *
+ * Required extensions a recipient does not understand MUST be
+ * rejected per §3, regardless of namespace. The semp.dev/ namespace
+ * is reserved for spec-defined keys; vendor.* and x-* keys are at
+ * the operator's own risk but are subject to the same
+ * required-must-be-understood rule.
+ *
+ * @module
+ */
+/** Per-layer byte-size ceiling per §4.1. */
+export function maxBytesFor(layer) {
+    switch (layer) {
+        case "postmark":
+            return 4096;
+        case "seal":
+            return 4096;
+        case "brief":
+            return 16_384;
+        case "enclosure":
+            return 65_536;
+    }
+}
+/** Reserved namespace prefix for spec-defined extension keys. */
+export const NamespacePrefixCore = "semp.dev/";
+/**
+ * Registry of known extensions an implementation supports. Used by
+ * {@link validate} to decide whether a required extension is
+ * understood (registered) or unknown (rejected).
+ */
+export class Registry {
+    entries = new globalThis.Map();
+    register(entry) {
+        this.entries.set(entry.identifier, entry);
+    }
+    lookup(identifier) {
+        return this.entries.get(identifier);
+    }
+}
+/** Error thrown when a required extension is not registered. */
+export class UnsupportedError extends Error {
+    key;
+    layer;
+    reasonCode = "extension_unsupported";
+    constructor(key, layer) {
+        super(`extensions: ${layer} layer required extension "${key}" is not supported`);
+        this.key = key;
+        this.layer = layer;
+    }
+}
+/** Error thrown when the serialized map exceeds the layer's ceiling. */
+export class SizeError extends Error {
+    layer;
+    size;
+    limit;
+    reasonCode = "extension_size_exceeded";
+    constructor(layer, size, limit) {
+        super(`extensions: ${layer} layer extensions object ${size} bytes exceeds limit ${limit}`);
+        this.layer = layer;
+        this.size = size;
+        this.limit = limit;
+    }
+}
+/** Error thrown when an extension key fails {@link validateKey}. */
+export class KeyError extends Error {
+    key;
+    layer;
+    constructor(key, layer, reason) {
+        super(`extensions: ${layer} layer key "${key}": ${reason}`);
+        this.key = key;
+        this.layer = layer;
+    }
+}
+/** Maximum byte length of an extension key (the namespaced identifier). */
+export const MaxKeyLength = 128;
+/**
+ * Validate an extension key per EXTENSIONS.md §2.2: ASCII only,
+ * non-empty, MaxKeyLength cap, must contain a `/` after a vendor
+ * namespace OR start with `x-` for experimental.
+ */
+export function validateKey(key) {
+    if (key.length === 0) {
+        return new Error("empty key");
+    }
+    if (key.length > MaxKeyLength) {
+        return new Error(`key length ${key.length} exceeds ${MaxKeyLength}`);
+    }
+    for (let i = 0; i < key.length; i++) {
+        const code = key.charCodeAt(i);
+        if (code < 0x21 || code > 0x7e) {
+            return new Error(`non-printable-ASCII byte at offset ${i}`);
+        }
+    }
+    if (!key.startsWith("x-") && !key.includes("/")) {
+        return new Error("expected `<vendor>/<name>` or `x-<name>`");
+    }
+    return null;
+}
+/**
+ * Validate an extensions map at a specific layer. Returns null on
+ * accept; an Error on first reject.
+ *
+ * Rejects:
+ *   - Malformed key shape ({@link KeyError})
+ *   - Required extension not in registry, regardless of namespace
+ *     ({@link UnsupportedError})
+ *   - Required extension registered but for a different layer
+ *     ({@link UnsupportedError})
+ *   - Total serialized size over the layer's ceiling
+ *     ({@link SizeError})
+ *
+ * Non-required (`required: false`) extensions are passed through
+ * unconditionally — the receiver is free to ignore them.
+ */
+export function validate(registry, layer, m) {
+    if (m === null || m === undefined || Object.keys(m).length === 0) {
+        return null;
+    }
+    const keys = Object.keys(m).sort();
+    for (const k of keys) {
+        const keyErr = validateKey(k);
+        if (keyErr !== null) {
+            return new KeyError(k, layer, keyErr.message);
+        }
+        const entry = m[k];
+        if (entry === undefined || !entry.required) {
+            continue;
+        }
+        if (registry === null) {
+            // No registry == no extension knowledge. A required extension
+            // is definitionally unsupported.
+            return new UnsupportedError(k, layer);
+        }
+        const reg = registry.lookup(k);
+        if (reg === undefined) {
+            return new UnsupportedError(k, layer);
+        }
+        if (!reg.layers.includes(layer)) {
+            return new UnsupportedError(k, layer);
+        }
+    }
+    return validateSize(layer, m);
+}
+/**
+ * Validate the serialized byte length of an extensions map against
+ * the layer ceiling. Empty / missing maps pass through.
+ */
+export function validateSize(layer, m) {
+    if (m === null || m === undefined || Object.keys(m).length === 0) {
+        return null;
+    }
+    const limit = maxBytesFor(layer);
+    // Count UTF-8 byte length of the JSON serialization. The exact
+    // canonical bytes are determined later by the seal computation;
+    // for size-limit purposes plain JSON.stringify is within the same
+    // order of magnitude (whitespace differences only).
+    const serialized = JSON.stringify(m) ?? "";
+    const bytes = new TextEncoder().encode(serialized).byteLength;
+    if (bytes > limit) {
+        return new SizeError(layer, bytes, limit);
+    }
+    return null;
+}
+//# sourceMappingURL=limits.js.map

package/dist/extensions/limits.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"limits.js","sourceRoot":"","sources":["../../src/extensions/limits.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAcH,4CAA4C;AAC5C,MAAM,UAAU,WAAW,CAAC,KAAY;IACtC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU;YACb,OAAO,IAAI,CAAC;QACd,KAAK,MAAM;YACT,OAAO,IAAI,CAAC;QACd,KAAK,OAAO;YACV,OAAO,MAAM,CAAC;QAChB,KAAK,WAAW;YACd,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED,iEAAiE;AACjE,MAAM,CAAC,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAQ/C;;;;GAIG;AACH,MAAM,OAAO,QAAQ;IACF,OAAO,GAAG,IAAI,UAAU,CAAC,GAAG,EAAyB,CAAC;IAEvE,QAAQ,CAAC,KAAoB;QAC3B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,UAAkB;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACtC,CAAC;CACF;AAED,gEAAgE;AAChE,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IAChC,GAAG,CAAS;IACZ,KAAK,CAAQ;IACb,UAAU,GAAG,uBAAgC,CAAC;IACvD,YAAY,GAAW,EAAE,KAAY;QACnC,KAAK,CACH,eAAe,KAAK,8BAA8B,GAAG,oBAAoB,CAC1E,CAAC;QACF,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,wEAAwE;AACxE,MAAM,OAAO,SAAU,SAAQ,KAAK;IACzB,KAAK,CAAQ;IACb,IAAI,CAAS;IACb,KAAK,CAAS;IACd,UAAU,GAAG,yBAAkC,CAAC;IACzD,YAAY,KAAY,EAAE,IAAY,EAAE,KAAa;QACnD,KAAK,CACH,eAAe,KAAK,4BAA4B,IAAI,wBAAwB,KAAK,EAAE,CACpF,CAAC;QACF,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,oEAAoE;AACpE,MAAM,OAAO,QAAS,SAAQ,KAAK;IACxB,GAAG,CAAS;IACZ,KAAK,CAAQ;IACtB,YAAY,GAAW,EAAE,KAAY,EAAE,MAAc;QACnD,KAAK,CAAC,eAAe,KAAK,eAAe,GAAG,MAAM,MAAM,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,2EAA2E;AAC3E,MAAM,CAAC,MAAM,YAAY,GAAG,GAAG,CAAC;AAEhC;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;IAChC,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,GAAG,YAAY,EAAE,CAAC;QAC9B,OAAO,IAAI,KAAK,CAAC,cAAc,GAAG,CAAC,MAAM,YAAY,YAAY,EAAE,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,IAAI,GAAG,IAAI,IAAI,IAAI,GAAG,IAAI,EAAE,CAAC;YAC/B,OAAO,IAAI,KAAK,CAAC,sCAAsC,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,OAAO,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,QAAQ,CACtB,QAAyB,EACzB,KAAY,EACZ,CAAyB;IAEzB,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,OAAO,IAAI,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3C,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,8DAA8D;YAC9D,iCAAiC;YACjC,OAAO,IAAI,gBAAgB,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,OAAO,IAAI,gBAAgB,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,gBAAgB,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;AAChC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,KAAY,EAAE,CAAyB;IAClE,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACjC,+DAA+D;IAC/D,gEAAgE;IAChE,kEAAkE;IAClE,oDAAoD;IACpD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC;IAC9D,IAAI,KAAK,GAAG,KAAK,EAAE,CAAC;QAClB,OAAO,IAAI,SAAS,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/handshake/abort.d.ts ADDED Viewed

@@ -0,0 +1,49 @@
+/**
+ * Handshake abort + rejection helpers per HANDSHAKE.md §2.2a.6 + §4.
+ *
+ * - {@link ChallengeInvalidError}: error type a client raises when a
+ *   received challenge violates §2.2a.3 binding rules. Drivers catch
+ *   it and emit a `challenge_invalid` rejection.
+ * - {@link buildClientRejection}: produce an unsigned client-side
+ *   rejection message (party=client). The client has not authenticated
+ *   to the server at this point, so the wire form has no
+ *   `server_signature` and uses canonical bytes directly.
+ * - {@link isResumptionFailed}: classifies a `HandshakeRejectedError`
+ *   as a recoverable resumption failure that callers should fall back
+ *   from to a full handshake.
+ *
+ * @module
+ */
+/**
+ * Error a client raises when a received challenge violates §2.2a.3
+ * binding rules. The handshake driver catches this, sends a
+ * `challenge_invalid` rejection, then re-raises to the caller.
+ */
+export declare class ChallengeInvalidError extends Error {
+    readonly name = "ChallengeInvalidError";
+    /** Detail emitted verbatim in the abort message's `reason` field. */
+    readonly detail: string;
+    constructor(detail: string);
+}
+/** Type guard for {@link ChallengeInvalidError}. */
+export declare function isChallengeInvalid(err: unknown): err is ChallengeInvalidError;
+/**
+ * Build an unsigned client-initiator abort message per §2.2a.6.
+ *
+ * The wire shape is `party: "client"` with no `server_signature` —
+ * the initiator has not authenticated to the server at this point
+ * and MUST NOT do so as part of an abort.
+ *
+ * Returns canonical UTF-8 JSON bytes ready to send on the handshake
+ * stream. The caller closes the transport after sending.
+ */
+export declare function buildClientRejection(reasonCode: string, reason?: string): Uint8Array;
+/**
+ * Report whether `err` is a {@link HandshakeRejectedError} whose
+ * reason code indicates the resume attempt failed in a way the
+ * client should retry as a full handshake. Per HANDSHAKE.md §2.8:
+ * if the server has lost session state or the ticket has expired,
+ * the client falls back to a fresh handshake.
+ */
+export declare function isResumptionFailed(err: unknown): boolean;
+//# sourceMappingURL=abort.d.ts.map

package/dist/handshake/abort.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"abort.d.ts","sourceRoot":"","sources":["../../src/handshake/abort.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAOH;;;;GAIG;AACH,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,SAAkB,IAAI,2BAA2B;IACjD,qEAAqE;IACrE,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBAEZ,MAAM,EAAE,MAAM;CAI3B;AAED,oDAAoD;AACpD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,qBAAqB,CAE7E;AAED;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAClC,UAAU,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,MAAM,GACd,UAAU,CAcZ;AASD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAKxD"}

package/dist/handshake/abort.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * Handshake abort + rejection helpers per HANDSHAKE.md §2.2a.6 + §4.
+ *
+ * - {@link ChallengeInvalidError}: error type a client raises when a
+ *   received challenge violates §2.2a.3 binding rules. Drivers catch
+ *   it and emit a `challenge_invalid` rejection.
+ * - {@link buildClientRejection}: produce an unsigned client-side
+ *   rejection message (party=client). The client has not authenticated
+ *   to the server at this point, so the wire form has no
+ *   `server_signature` and uses canonical bytes directly.
+ * - {@link isResumptionFailed}: classifies a `HandshakeRejectedError`
+ *   as a recoverable resumption failure that callers should fall back
+ *   from to a full handshake.
+ *
+ * @module
+ */
+import { marshal as canonicalMarshal } from "../canonical/index.js";
+import { HandshakeRejectedError } from "./driver.js";
+import { HandshakeVersion } from "./messages.js";
+/**
+ * Error a client raises when a received challenge violates §2.2a.3
+ * binding rules. The handshake driver catches this, sends a
+ * `challenge_invalid` rejection, then re-raises to the caller.
+ */
+export class ChallengeInvalidError extends Error {
+    name = "ChallengeInvalidError";
+    /** Detail emitted verbatim in the abort message's `reason` field. */
+    detail;
+    constructor(detail) {
+        super(`handshake: challenge_invalid: ${detail}`);
+        this.detail = detail;
+    }
+}
+/** Type guard for {@link ChallengeInvalidError}. */
+export function isChallengeInvalid(err) {
+    return err instanceof ChallengeInvalidError;
+}
+/**
+ * Build an unsigned client-initiator abort message per §2.2a.6.
+ *
+ * The wire shape is `party: "client"` with no `server_signature` —
+ * the initiator has not authenticated to the server at this point
+ * and MUST NOT do so as part of an abort.
+ *
+ * Returns canonical UTF-8 JSON bytes ready to send on the handshake
+ * stream. The caller closes the transport after sending.
+ */
+export function buildClientRejection(reasonCode, reason) {
+    if (reasonCode === "") {
+        throw new Error("handshake: empty reason_code in client rejection");
+    }
+    const msg = {
+        type: "SEMP_HANDSHAKE",
+        step: "rejected",
+        party: "client",
+        version: HandshakeVersion,
+        reason_code: reasonCode,
+        reason: reason ?? "",
+        extensions: {},
+    };
+    return canonicalMarshal(msg);
+}
+/** Reason codes per HANDSHAKE.md §2.8 that the spec treats as recoverable resumption failures. */
+const RECOVERABLE_RESUMPTION_REASONS = new Set([
+    "resumption_failed",
+    "session_expired",
+    "no_session",
+]);
+/**
+ * Report whether `err` is a {@link HandshakeRejectedError} whose
+ * reason code indicates the resume attempt failed in a way the
+ * client should retry as a full handshake. Per HANDSHAKE.md §2.8:
+ * if the server has lost session state or the ticket has expired,
+ * the client falls back to a fresh handshake.
+ */
+export function isResumptionFailed(err) {
+    if (!(err instanceof HandshakeRejectedError)) {
+        return false;
+    }
+    return RECOVERABLE_RESUMPTION_REASONS.has(err.reasonCode);
+}
+//# sourceMappingURL=abort.js.map

package/dist/handshake/abort.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"abort.js","sourceRoot":"","sources":["../../src/handshake/abort.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEjD;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAC5B,IAAI,GAAG,uBAAuB,CAAC;IACjD,qEAAqE;IAC5D,MAAM,CAAS;IAExB,YAAY,MAAc;QACxB,KAAK,CAAC,iCAAiC,MAAM,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED,oDAAoD;AACpD,MAAM,UAAU,kBAAkB,CAAC,GAAY;IAC7C,OAAO,GAAG,YAAY,qBAAqB,CAAC;AAC9C,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,oBAAoB,CAClC,UAAkB,EAClB,MAAe;IAEf,IAAI,UAAU,KAAK,EAAE,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACtE,CAAC;IACD,MAAM,GAAG,GAA4B;QACnC,IAAI,EAAE,gBAAgB;QACtB,IAAI,EAAE,UAAU;QAChB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,UAAU;QACvB,MAAM,EAAE,MAAM,IAAI,EAAE;QACpB,UAAU,EAAE,EAAE;KACf,CAAC;IACF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED,kGAAkG;AAClG,MAAM,8BAA8B,GAAwB,IAAI,GAAG,CAAC;IAClE,mBAAmB;IACnB,iBAAiB;IACjB,YAAY;CACb,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAAY;IAC7C,IAAI,CAAC,CAAC,GAAG,YAAY,sBAAsB,CAAC,EAAE,CAAC;QAC7C,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,8BAA8B,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;AAC5D,CAAC"}

package/dist/handshake/capabilities.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+/**
+ * Capability negotiation helpers per HANDSHAKE.md §6.4 + SESSION.md §4.3.
+ *
+ * `negotiateCapabilities` returns the agreed session parameters from
+ * the client's offered capabilities and the server's accepted set,
+ * preferring the post-quantum hybrid suite when both peers support
+ * it.
+ *
+ * Selection rules:
+ *
+ *  - Encryption algorithm: walk the spec preference order (PQ hybrid
+ *    first, then baseline). The strongest mutually supported and
+ *    library-implemented suite wins.
+ *  - Extensions: the intersection of `offered.extensions` and
+ *    `accepted.extensions`, in the order they appear in `offered`.
+ *  - max_envelope_size / max_batch_size: the smaller of the two
+ *    when both sides advertise; the side that advertises when only
+ *    one does; absent when neither does.
+ *
+ * @module
+ */
+import type { Capabilities, Negotiated } from "./messages.js";
+/**
+ * Suite preference order from strongest to weakest. Library MUST
+ * walk this list and return the first suite that appears in both
+ * `offered` AND `accepted` AND is implemented locally.
+ *
+ * The `pq-kyber768-x25519` hybrid is RECOMMENDED for new
+ * deployments per SESSION.md §4; the baseline
+ * `x25519-chacha20-poly1305` is mandatory for interoperability
+ * per ENVELOPE.md §7.3.2.
+ */
+export declare const SuitePreferenceOrder: readonly string[];
+/** Library-implemented suite identifiers. */
+export declare const ImplementedSuites: readonly string[];
+/** Default capabilities a baseline conformant client advertises. */
+export declare function defaultClientCapabilities(): Capabilities;
+/** Default capabilities a baseline conformant server accepts. */
+export declare function defaultServerCapabilities(): Capabilities;
+/**
+ * Compute the negotiated session parameters per §6.4. Throws when
+ * no encryption suite is mutually supported (caller surfaces this
+ * as a `policy_forbidden` rejection).
+ */
+export declare function negotiateCapabilities(offered: Capabilities, accepted: Capabilities): Negotiated;
+//# sourceMappingURL=capabilities.d.ts.map

package/dist/handshake/capabilities.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"capabilities.d.ts","sourceRoot":"","sources":["../../src/handshake/capabilities.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE9D;;;;;;;;;GASG;AACH,eAAO,MAAM,oBAAoB,EAAE,SAAS,MAAM,EAGjD,CAAC;AAEF,6CAA6C;AAC7C,eAAO,MAAM,iBAAiB,EAAE,SAAS,MAAM,EAG9C,CAAC;AAEF,oEAAoE;AACpE,wBAAgB,yBAAyB,IAAI,YAAY,CAQxD;AAED,iEAAiE;AACjE,wBAAgB,yBAAyB,IAAI,YAAY,CAQxD;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,YAAY,EACrB,QAAQ,EAAE,YAAY,GACrB,UAAU,CA0CZ"}

package/dist/handshake/capabilities.js ADDED Viewed

@@ -0,0 +1,114 @@
+/**
+ * Capability negotiation helpers per HANDSHAKE.md §6.4 + SESSION.md §4.3.
+ *
+ * `negotiateCapabilities` returns the agreed session parameters from
+ * the client's offered capabilities and the server's accepted set,
+ * preferring the post-quantum hybrid suite when both peers support
+ * it.
+ *
+ * Selection rules:
+ *
+ *  - Encryption algorithm: walk the spec preference order (PQ hybrid
+ *    first, then baseline). The strongest mutually supported and
+ *    library-implemented suite wins.
+ *  - Extensions: the intersection of `offered.extensions` and
+ *    `accepted.extensions`, in the order they appear in `offered`.
+ *  - max_envelope_size / max_batch_size: the smaller of the two
+ *    when both sides advertise; the side that advertises when only
+ *    one does; absent when neither does.
+ *
+ * @module
+ */
+/**
+ * Suite preference order from strongest to weakest. Library MUST
+ * walk this list and return the first suite that appears in both
+ * `offered` AND `accepted` AND is implemented locally.
+ *
+ * The `pq-kyber768-x25519` hybrid is RECOMMENDED for new
+ * deployments per SESSION.md §4; the baseline
+ * `x25519-chacha20-poly1305` is mandatory for interoperability
+ * per ENVELOPE.md §7.3.2.
+ */
+export const SuitePreferenceOrder = [
+    "pq-kyber768-x25519",
+    "x25519-chacha20-poly1305",
+];
+/** Library-implemented suite identifiers. */
+export const ImplementedSuites = [
+    "pq-kyber768-x25519",
+    "x25519-chacha20-poly1305",
+];
+/** Default capabilities a baseline conformant client advertises. */
+export function defaultClientCapabilities() {
+    return {
+        encryption_algorithms: [
+            "pq-kyber768-x25519",
+            "x25519-chacha20-poly1305",
+        ],
+        extensions: [],
+    };
+}
+/** Default capabilities a baseline conformant server accepts. */
+export function defaultServerCapabilities() {
+    return {
+        encryption_algorithms: [
+            "pq-kyber768-x25519",
+            "x25519-chacha20-poly1305",
+        ],
+        extensions: [],
+    };
+}
+/**
+ * Compute the negotiated session parameters per §6.4. Throws when
+ * no encryption suite is mutually supported (caller surfaces this
+ * as a `policy_forbidden` rejection).
+ */
+export function negotiateCapabilities(offered, accepted) {
+    const offeredSet = new Set(offered.encryption_algorithms);
+    const acceptedSet = new Set(accepted.encryption_algorithms);
+    const implementedSet = new Set(ImplementedSuites);
+    let chosen = null;
+    for (const id of SuitePreferenceOrder) {
+        if (offeredSet.has(id) && acceptedSet.has(id) && implementedSet.has(id)) {
+            chosen = id;
+            break;
+        }
+    }
+    if (chosen === null) {
+        throw new Error("handshake: no mutually supported encryption suite");
+    }
+    const negotiatedExtensions = intersectStrings(offered.extensions, accepted.extensions);
+    // max_envelope_size: the smaller of the two when both sides advertise.
+    let maxEnvelope;
+    const oMax = offered.max_envelope_size;
+    const aMax = accepted.max_envelope_size;
+    if (typeof oMax === "number" && oMax > 0) {
+        maxEnvelope = oMax;
+    }
+    if (typeof aMax === "number" && aMax > 0) {
+        maxEnvelope = maxEnvelope === undefined ? aMax : Math.min(maxEnvelope, aMax);
+    }
+    const out = {
+        encryption_algorithm: chosen,
+        extensions: negotiatedExtensions,
+    };
+    if (maxEnvelope !== undefined) {
+        out.max_envelope_size = maxEnvelope;
+    }
+    return out;
+}
+/** Intersection of `a` and `b`, ordered by `a`. */
+function intersectStrings(a, b) {
+    if (a.length === 0 || b.length === 0) {
+        return [];
+    }
+    const set = new Set(b);
+    const out = [];
+    for (const v of a) {
+        if (set.has(v)) {
+            out.push(v);
+        }
+    }
+    return out;
+}
+//# sourceMappingURL=capabilities.js.map

package/dist/handshake/capabilities.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"capabilities.js","sourceRoot":"","sources":["../../src/handshake/capabilities.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAIH;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAsB;IACrD,oBAAoB;IACpB,0BAA0B;CAC3B,CAAC;AAEF,6CAA6C;AAC7C,MAAM,CAAC,MAAM,iBAAiB,GAAsB;IAClD,oBAAoB;IACpB,0BAA0B;CAC3B,CAAC;AAEF,oEAAoE;AACpE,MAAM,UAAU,yBAAyB;IACvC,OAAO;QACL,qBAAqB,EAAE;YACrB,oBAAoB;YACpB,0BAA0B;SAC3B;QACD,UAAU,EAAE,EAAE;KACf,CAAC;AACJ,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,yBAAyB;IACvC,OAAO;QACL,qBAAqB,EAAE;YACrB,oBAAoB;YACpB,0BAA0B;SAC3B;QACD,UAAU,EAAE,EAAE;KACf,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAAqB,EACrB,QAAsB;IAEtB,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5D,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC;IAElD,IAAI,MAAM,GAAkB,IAAI,CAAC;IACjC,KAAK,MAAM,EAAE,IAAI,oBAAoB,EAAE,CAAC;QACtC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,EAAE,CAAC;YACZ,MAAM;QACR,CAAC;IACH,CAAC;IACD,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CACb,mDAAmD,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,oBAAoB,GAAG,gBAAgB,CAC3C,OAAO,CAAC,UAAU,EAClB,QAAQ,CAAC,UAAU,CACpB,CAAC;IAEF,uEAAuE;IACvE,IAAI,WAA+B,CAAC;IACpC,MAAM,IAAI,GAAI,OAA0C,CAAC,iBAAiB,CAAC;IAC3E,MAAM,IAAI,GAAI,QAA2C,CAAC,iBAAiB,CAAC;IAC5E,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACzC,WAAW,GAAG,IAAI,CAAC;IACrB,CAAC;IACD,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACzC,WAAW,GAAG,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAC/E,CAAC;IAED,MAAM,GAAG,GAAe;QACtB,oBAAoB,EAAE,MAAM;QAC5B,UAAU,EAAE,oBAAoB;KACjC,CAAC;IACF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,GAAG,CAAC,iBAAiB,GAAG,WAAW,CAAC;IACtC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,mDAAmD;AACnD,SAAS,gBAAgB,CAAC,CAAW,EAAE,CAAW;IAChD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAClB,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACf,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}