npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/handshake/server_state.js ADDED Viewed

@@ -0,0 +1,278 @@
+/**
+ * Stateful handshake server per HANDSHAKE.md §2.
+ *
+ * Mirror of `semp-go/handshake.Server`: a state machine the caller
+ * drives over a transport. The class never performs network I/O
+ * directly — the caller moves bytes between this object and the
+ * underlying transport.
+ *
+ * Lifecycle:
+ *
+ * ```ts
+ * const s = new HandshakeServer({ ... });
+ * const initBytes = await transport.receive();
+ * const respBytes = s.onInit(initBytes);
+ * await transport.send(respBytes);
+ *
+ * const confirmBytes = await transport.receive();
+ * const acceptedBytes = s.onConfirm(confirmBytes);
+ * await transport.send(acceptedBytes);
+ *
+ * // s.session() now usable
+ * ```
+ *
+ * The high-level {@link "./server".runServer} wraps this state
+ * machine with the transport plumbing for callers who don't want
+ * to manage step ordering manually.
+ *
+ * @module
+ */
+import { marshal as canonicalMarshal } from "../canonical/index.js";
+import { deriveSessionKeysWithResumption, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
+import { fingerprint, publicKeyFromSeed } from "../keys/index.js";
+import { confirmationHash } from "./confirm.js";
+import { buildAccepted, buildRejected, buildResponse, } from "./messages.js";
+/**
+ * Error thrown when a built-in policy check rejects the peer
+ * (suite mismatch, confirmation-hash mismatch, identity-proof
+ * verdict). The associated `step="rejected"` bytes have already
+ * been written to {@link HandshakeServer.lastRejectedBytes} so the
+ * caller can transmit them before closing the transport.
+ */
+export class HandshakeServerRejectionError extends Error {
+    reasonCode;
+    reason;
+    rejectedBytes;
+    name = "HandshakeServerRejectionError";
+    constructor(reasonCode, reason, rejectedBytes) {
+        super(`handshake server rejected: ${reasonCode}${reason !== undefined ? ` (${reason})` : ""}`);
+        this.reasonCode = reasonCode;
+        this.reason = reason;
+        this.rejectedBytes = rejectedBytes;
+    }
+}
+/**
+ * Stateful handshake server. One instance handles exactly one
+ * handshake — discard after success or error. Re-using an instance
+ * is a programming error (the state machine is single-shot).
+ */
+export class HandshakeServer {
+    cfg;
+    sessionId = "";
+    serverEphPriv = null;
+    serverNonce = null;
+    initCanonical = null;
+    respCanonical = null;
+    sessionKeys = null;
+    serverIdProof = null;
+    finalSession = null;
+    constructor(cfg) {
+        if (cfg.supportedSuites.length === 0) {
+            throw new Error("handshake: server has no supported suites");
+        }
+        if (cfg.serverDomainSigningSeed.length === 0) {
+            throw new Error("handshake: empty server domain signing seed");
+        }
+        if (cfg.domain === "") {
+            throw new Error("handshake: empty server domain");
+        }
+        this.cfg = cfg;
+    }
+    /**
+     * Process the client's INIT and produce signed RESPONSE bytes per
+     * §2.2 / §2.3. Throws {@link HandshakeServerRejectionError} on
+     * suite mismatch — the rejection bytes are accessible on the
+     * thrown error for the caller to transmit before closing the
+     * transport.
+     */
+    onInit(data) {
+        if (this.initCanonical !== null) {
+            throw new Error("handshake: onInit called twice");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m.type !== "SEMP_HANDSHAKE" || m.step !== "init") {
+            throw new Error("handshake: init type/step mismatch");
+        }
+        const init = m;
+        this.initCanonical = data;
+        this.sessionId = this.cfg.generateSessionId();
+        const negotiated = pickSuite(init.capabilities.encryption_algorithms, this.cfg.supportedSuites);
+        if (negotiated === undefined) {
+            const rej = buildRejectedSigned(this.sessionId, "version_unsupported", undefined, this.cfg.serverDomainSigningSeed);
+            throw new HandshakeServerRejectionError("version_unsupported", undefined, rej);
+        }
+        this.serverEphPriv = this.cfg.serverEphemeralPriv ?? randomBytes(32);
+        const serverEphPub = x25519PublicKey(this.serverEphPriv);
+        const serverEphKeyId = fingerprint(serverEphPub);
+        this.serverNonce = this.cfg.serverNonce ?? randomBytes(32);
+        const clientEphPub = base64Decode(init.client_ephemeral_key.key);
+        const clientNonce = base64Decode(init.nonce);
+        const shared = x25519Agree(this.serverEphPriv, clientEphPub);
+        const kdf = newHKDFSHA512();
+        this.sessionKeys = deriveSessionKeysWithResumption(kdf, shared, clientNonce, this.serverNonce);
+        this.serverIdProof = {
+            domain: this.cfg.domain,
+            key_id: fingerprint(publicKeyFromSeed(this.cfg.serverDomainSigningSeed)),
+            signature: this.cfg.identityProofSignature({
+                serverEphemeralKey: {
+                    algorithm: negotiated,
+                    key: base64Encode(serverEphPub),
+                    key_id: serverEphKeyId,
+                },
+                clientNonce: init.nonce,
+                serverNonce: base64Encode(this.serverNonce),
+            }),
+        };
+        const resp = buildResponse({
+            sessionId: this.sessionId,
+            clientNonce: init.nonce,
+            serverNonce: base64Encode(this.serverNonce),
+            serverEphemeralKey: {
+                algorithm: negotiated,
+                key: base64Encode(serverEphPub),
+                key_id: serverEphKeyId,
+            },
+            serverIdentityProof: this.serverIdProof,
+            negotiated: {
+                encryption_algorithm: negotiated,
+                extensions: [],
+            },
+            serverDomainSigningSeed: this.cfg.serverDomainSigningSeed,
+        });
+        this.respCanonical = canonicalMarshal(resp);
+        return this.respCanonical;
+    }
+    /**
+     * Process the client's CONFIRM and produce signed ACCEPTED bytes
+     * per §2.4 / §2.5. Throws {@link HandshakeServerRejectionError}
+     * on confirmation-hash mismatch or identity-proof verdict
+     * failure.
+     */
+    onConfirm(data) {
+        if (this.initCanonical === null ||
+            this.respCanonical === null ||
+            this.sessionKeys === null ||
+            this.serverIdProof === null) {
+            throw new Error("handshake: onConfirm before onInit");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m.type !== "SEMP_HANDSHAKE" || m.step !== "confirm") {
+            throw new Error("handshake: confirm type/step mismatch");
+        }
+        const confirm = m;
+        const wantHash = confirmationHash(this.initCanonical, this.respCanonical);
+        const gotHash = base64Decode(confirm.confirmation_hash);
+        if (!constantTimeEqual(gotHash, wantHash)) {
+            const rej = buildRejectedSigned(this.sessionId, "handshake_invalid", undefined, this.cfg.serverDomainSigningSeed);
+            throw new HandshakeServerRejectionError("handshake_invalid", "confirmation hash mismatch", rej);
+        }
+        if (this.cfg.verifyIdentityProof !== undefined) {
+            const verdict = this.cfg.verifyIdentityProof({
+                identityProofB64: confirm.identity_proof,
+                sessionKeys: this.sessionKeys,
+            });
+            if (!verdict.ok) {
+                const code = verdict.reasonCode ?? "auth_failed";
+                const rej = buildRejectedSigned(this.sessionId, code, verdict.reason, this.cfg.serverDomainSigningSeed);
+                throw new HandshakeServerRejectionError(code, verdict.reason, rej);
+            }
+        }
+        const ticket = this.cfg.resumptionTicket?.(this.sessionKeys);
+        const accepted = buildAccepted({
+            sessionId: this.sessionId,
+            sessionTTL: this.cfg.sessionTTL,
+            permissions: [...this.cfg.permissions],
+            serverDomainSigningSeed: this.cfg.serverDomainSigningSeed,
+            ...(ticket !== undefined ? { resumptionTicket: ticket } : {}),
+            ...(this.cfg.acceptedExtensions !== undefined
+                ? { extensions: this.cfg.acceptedExtensions }
+                : {}),
+        });
+        this.finalSession = {
+            sessionId: this.sessionId,
+            sessionTTL: this.cfg.sessionTTL,
+            permissions: [...this.cfg.permissions],
+            keys: this.sessionKeys,
+            serverIdentityProofKeyId: this.serverIdProof.key_id,
+            serverIdentityProofSignature: this.serverIdProof.signature,
+            extensions: this.cfg.acceptedExtensions ?? {},
+            ...(ticket !== undefined ? { resumptionTicket: ticket } : {}),
+        };
+        if (this.serverEphPriv !== null) {
+            this.serverEphPriv.fill(0);
+            this.serverEphPriv = null;
+        }
+        return canonicalMarshal(accepted);
+    }
+    /** Final session, populated by {@link onConfirm}. */
+    session() {
+        if (this.finalSession === null) {
+            throw new Error("handshake: server session not yet established (call onConfirm first)");
+        }
+        return this.finalSession;
+    }
+    /** Wipe in-memory secret state. Idempotent. */
+    erase() {
+        if (this.serverEphPriv !== null) {
+            this.serverEphPriv.fill(0);
+            this.serverEphPriv = null;
+        }
+        this.sessionKeys = null;
+    }
+}
+function pickSuite(offered, supported) {
+    for (const s of supported) {
+        if (offered.includes(s)) {
+            return s;
+        }
+    }
+    return undefined;
+}
+function buildRejectedSigned(sessionId, reasonCode, reason, serverDomainSigningSeed) {
+    const rej = buildRejected({
+        sessionId,
+        reasonCode,
+        reason,
+        serverDomainSigningSeed,
+    });
+    return canonicalMarshal(rej);
+}
+function constantTimeEqual(a, b) {
+    if (a.length !== b.length) {
+        return false;
+    }
+    let diff = 0;
+    for (let i = 0; i < a.length; i++) {
+        diff |= (a[i] ?? 0) ^ (b[i] ?? 0);
+    }
+    return diff === 0;
+}
+function randomBytes(n) {
+    const out = new Uint8Array(n);
+    globalThis.crypto.getRandomValues(out);
+    return out;
+}
+function base64Encode(b) {
+    if (typeof Buffer !== "undefined") {
+        return Buffer.from(b).toString("base64");
+    }
+    let bin = "";
+    for (let i = 0; i < b.length; i++) {
+        bin += String.fromCharCode(b[i] ?? 0);
+    }
+    return btoa(bin);
+}
+function base64Decode(s) {
+    if (typeof Buffer !== "undefined") {
+        return new Uint8Array(Buffer.from(s, "base64"));
+    }
+    const bin = atob(s);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++) {
+        out[i] = bin.charCodeAt(i);
+    }
+    return out;
+}
+//# sourceMappingURL=server_state.js.map

package/dist/handshake/server_state.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server_state.js","sourceRoot":"","sources":["../../src/handshake/server_state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAEL,+BAA+B,EAC/B,aAAa,EACb,WAAW,EACX,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAElE,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAOL,aAAa,EACb,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC;AAuBvB;;;;;;GAMG;AACH,MAAM,OAAO,6BAA8B,SAAQ,KAAK;IAGpC;IACA;IACA;IAJA,IAAI,GAAG,+BAA+B,CAAC;IACzD,YACkB,UAAkB,EAClB,MAA0B,EAC1B,aAAyB;QAEzC,KAAK,CACH,8BAA8B,UAAU,GAAG,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACxF,CAAC;QANc,eAAU,GAAV,UAAU,CAAQ;QAClB,WAAM,GAAN,MAAM,CAAoB;QAC1B,kBAAa,GAAb,aAAa,CAAY;IAK3C,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,eAAe;IACT,GAAG,CAAwB;IAEpC,SAAS,GAAG,EAAE,CAAC;IACf,aAAa,GAAsB,IAAI,CAAC;IACxC,WAAW,GAAsB,IAAI,CAAC;IACtC,aAAa,GAAsB,IAAI,CAAC;IACxC,aAAa,GAAsB,IAAI,CAAC;IACxC,WAAW,GAAuB,IAAI,CAAC;IACvC,aAAa,GAA+B,IAAI,CAAC;IACjD,YAAY,GAAkC,IAAI,CAAC;IAE3D,YAAY,GAA0B;QACpC,IAAI,GAAG,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,GAAG,CAAC,uBAAuB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,IAAgB;QACrB,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAGxB,CAAC;QACF,IAAI,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,MAAM,IAAI,GAAG,CAAgB,CAAC;QAC9B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAE1B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC9C,MAAM,UAAU,GAAG,SAAS,CAC1B,IAAI,CAAC,YAAY,CAAC,qBAAqB,EACvC,IAAI,CAAC,GAAG,CAAC,eAAe,CACzB,CAAC;QACF,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,mBAAmB,CAC7B,IAAI,CAAC,SAAS,EACd,qBAAqB,EACrB,SAAS,EACT,IAAI,CAAC,GAAG,CAAC,uBAAuB,CACjC,CAAC;YACF,MAAM,IAAI,6BAA6B,CACrC,qBAAqB,EACrB,SAAS,EACT,GAAG,CACJ,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACrE,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzD,MAAM,cAAc,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QAE3D,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;QAC5B,IAAI,CAAC,WAAW,GAAG,+BAA+B,CAChD,GAAG,EACH,MAAM,EACN,WAAW,EACX,IAAI,CAAC,WAAW,CACjB,CAAC;QAEF,IAAI,CAAC,aAAa,GAAG;YACnB,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM;YACvB,MAAM,EAAE,WAAW,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACxE,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,sBAAsB,CAAC;gBACzC,kBAAkB,EAAE;oBAClB,SAAS,EAAE,UAAU;oBACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;oBAC/B,MAAM,EAAE,cAAc;iBACvB;gBACD,WAAW,EAAE,IAAI,CAAC,KAAK;gBACvB,WAAW,EAAE,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC;aAC5C,CAAC;SACH,CAAC;QACF,MAAM,IAAI,GAAoB,aAAa,CAAC;YAC1C,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC;YAC3C,kBAAkB,EAAE;gBAClB,SAAS,EAAE,UAAU;gBACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;gBAC/B,MAAM,EAAE,cAAc;aACvB;YACD,mBAAmB,EAAE,IAAI,CAAC,aAAa;YACvC,UAAU,EAAE;gBACV,oBAAoB,EAAE,UAAU;gBAChC,UAAU,EAAE,EAAE;aACf;YACD,uBAAuB,EAAE,IAAI,CAAC,GAAG,CAAC,uBAAuB;SAC1D,CAAC,CAAC;QACH,IAAI,CAAC,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,IAAgB;QACxB,IACE,IAAI,CAAC,aAAa,KAAK,IAAI;YAC3B,IAAI,CAAC,aAAa,KAAK,IAAI;YAC3B,IAAI,CAAC,WAAW,KAAK,IAAI;YACzB,IAAI,CAAC,aAAa,KAAK,IAAI,EAC3B,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAGxB,CAAC;QACF,IAAI,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,MAAM,OAAO,GAAG,CAAmB,CAAC;QACpC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1E,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACxD,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YAC1C,MAAM,GAAG,GAAG,mBAAmB,CAC7B,IAAI,CAAC,SAAS,EACd,mBAAmB,EACnB,SAAS,EACT,IAAI,CAAC,GAAG,CAAC,uBAAuB,CACjC,CAAC;YACF,MAAM,IAAI,6BAA6B,CACrC,mBAAmB,EACnB,4BAA4B,EAC5B,GAAG,CACJ,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,CAAC,mBAAmB,KAAK,SAAS,EAAE,CAAC;YAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC;gBAC3C,gBAAgB,EAAE,OAAO,CAAC,cAAc;gBACxC,WAAW,EAAE,IAAI,CAAC,WAAW;aAC9B,CAAC,CAAC;YACH,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;gBAChB,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,IAAI,aAAa,CAAC;gBACjD,MAAM,GAAG,GAAG,mBAAmB,CAC7B,IAAI,CAAC,SAAS,EACd,IAAI,EACJ,OAAO,CAAC,MAAM,EACd,IAAI,CAAC,GAAG,CAAC,uBAAuB,CACjC,CAAC;gBACF,MAAM,IAAI,6BAA6B,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC7D,MAAM,QAAQ,GAAoB,aAAa,CAAC;YAC9C,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU;YAC/B,WAAW,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;YACtC,uBAAuB,EAAE,IAAI,CAAC,GAAG,CAAC,uBAAuB;YACzD,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,kBAAkB,KAAK,SAAS;gBAC3C,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,kBAAkB,EAAE;gBAC7C,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CAAC;QACH,IAAI,CAAC,YAAY,GAAG;YAClB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU;YAC/B,WAAW,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;YACtC,IAAI,EAAE,IAAI,CAAC,WAAW;YACtB,wBAAwB,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;YACnD,4BAA4B,EAAE,IAAI,CAAC,aAAa,CAAC,SAAS;YAC1D,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE;YAC7C,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9D,CAAC;QACF,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,OAAO,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,qDAAqD;IACrD,OAAO;QACL,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CACb,sEAAsE,CACvE,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,+CAA+C;IAC/C,KAAK;QACH,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;CACF;AAED,SAAS,SAAS,CAChB,OAA8B,EAC9B,SAAoD;IAEpD,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,mBAAmB,CAC1B,SAAiB,EACjB,UAAkB,EAClB,MAA0B,EAC1B,uBAAmC;IAEnC,MAAM,GAAG,GAAG,aAAa,CAAC;QACxB,SAAS;QACT,UAAU;QACV,MAAM;QACN,uBAAuB;KACxB,CAAC,CAAC;IACH,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * SEMP: Sealed Envelope Messaging Protocol — TypeScript implementation.
+ *
+ * @see {@link https://github.com/semp-dev/semp-spec}
+ *
+ * This entry point re-exports the most commonly used names from each
+ * layer. Callers who want a smaller import surface can target a
+ * specific sub-module: `import { newHKDFSHA512 } from "semp/crypto"`.
+ *
+ * @module
+ */
+export * as brief from "./brief/index.js";
+export * as canonical from "./canonical/index.js";
+export * as clockskew from "./clockskew/index.js";
+export * as closure from "./closure/index.js";
+export * as crypto from "./crypto/index.js";
+export * as delivery from "./delivery/index.js";
+export * as discovery from "./discovery/index.js";
+export * as enclosure from "./enclosure/index.js";
+export * as envelope from "./envelope/index.js";
+export * as extensions from "./extensions/index.js";
+export * as handshake from "./handshake/index.js";
+export * as keys from "./keys/index.js";
+export * as largeattachment from "./largeattachment/index.js";
+export * as migration from "./migration/index.js";
+export * as recovery from "./recovery/index.js";
+export * as reputation from "./reputation/index.js";
+export * as seal from "./seal/index.js";
+export * as session from "./session/index.js";
+export * as transparency from "./transparency/index.js";
+export * as transport from "./transport/index.js";
+export { type ReasonCode, KnownReasonCodes, isKnownReasonCode, isRecoverable, } from "./reasoncodes.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,uBAAuB,CAAC;AACpD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,eAAe,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,uBAAuB,CAAC;AACpD,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,YAAY,MAAM,yBAAyB,CAAC;AACxD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAElD,OAAO,EACL,KAAK,UAAU,EACf,gBAAgB,EAChB,iBAAiB,EACjB,aAAa,GACd,MAAM,kBAAkB,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * SEMP: Sealed Envelope Messaging Protocol — TypeScript implementation.
+ *
+ * @see {@link https://github.com/semp-dev/semp-spec}
+ *
+ * This entry point re-exports the most commonly used names from each
+ * layer. Callers who want a smaller import surface can target a
+ * specific sub-module: `import { newHKDFSHA512 } from "semp/crypto"`.
+ *
+ * @module
+ */
+export * as brief from "./brief/index.js";
+export * as canonical from "./canonical/index.js";
+export * as clockskew from "./clockskew/index.js";
+export * as closure from "./closure/index.js";
+export * as crypto from "./crypto/index.js";
+export * as delivery from "./delivery/index.js";
+export * as discovery from "./discovery/index.js";
+export * as enclosure from "./enclosure/index.js";
+export * as envelope from "./envelope/index.js";
+export * as extensions from "./extensions/index.js";
+export * as handshake from "./handshake/index.js";
+export * as keys from "./keys/index.js";
+export * as largeattachment from "./largeattachment/index.js";
+export * as migration from "./migration/index.js";
+export * as recovery from "./recovery/index.js";
+export * as reputation from "./reputation/index.js";
+export * as seal from "./seal/index.js";
+export * as session from "./session/index.js";
+export * as transparency from "./transparency/index.js";
+export * as transport from "./transport/index.js";
+export { KnownReasonCodes, isKnownReasonCode, isRecoverable, } from "./reasoncodes.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,uBAAuB,CAAC;AACpD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,eAAe,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,uBAAuB,CAAC;AACpD,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,YAAY,MAAM,yBAAyB,CAAC;AACxD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAElD,OAAO,EAEL,gBAAgB,EAChB,iBAAiB,EACjB,aAAa,GACd,MAAM,kBAAkB,CAAC"}

package/dist/keys/compromise.d.ts ADDED Viewed

@@ -0,0 +1,118 @@
+/**
+ * KEY.md §10.5.5 atomic identity-key rotation cascade.
+ *
+ * Revoking a device with reason `key_compromise` MUST be done in
+ * the same transaction as rotating to a new identity key plus a new
+ * encryption key — the compromised device held the shared identity
+ * private key, so the adversary holds it too. A partial cascade
+ * (device revoked but identity key not rotated) leaves the account
+ * vulnerable and is a specification violation.
+ *
+ * The bundle a revoking device produces:
+ *
+ *   1. {@link DeviceRevocation} for the compromised device, reason
+ *      `key_compromise`, signed by the prior identity key.
+ *   2. {@link SuccessorRecord} linking the prior identity key to the
+ *      new one, with `recovery_signature` and `new_key_signature`
+ *      populated. The home server fills in `domain_signature` on
+ *      receipt per RECOVERY.md §7.3.
+ *   3. New identity + new encryption public keys, fresh and ready to
+ *      publish via the account's key endpoint.
+ *   4. {@link RevocationPublication} for the prior identity key,
+ *      reason `key_compromise`, `replacement_key_id` pointing at the
+ *      new identity key, signed by the prior identity key (which the
+ *      revoking device still holds).
+ *
+ * The home server runs {@link verifyCompromiseRotation} on receipt,
+ * then commits all four artifacts atomically.
+ *
+ * @module
+ */
+import { type SuccessorRecord } from "../recovery/index.js";
+import { type DeviceRevocation } from "./device_records.js";
+import { type RevocationPublication } from "./key_revocation.js";
+/**
+ * The four-artifact bundle a revoking device produces for the
+ * KEY.md §10.5.5 atomic identity-key rotation cascade.
+ *
+ * The home server MUST treat the bundle atomically: either every
+ * artifact lands or none of them do.
+ */
+export interface CompromiseRotation {
+    device_revocation: DeviceRevocation;
+    successor: SuccessorRecord;
+    /** Raw bytes of the new identity public key. */
+    new_identity_public_key: Uint8Array;
+    new_identity_key_id: string;
+    /** Raw bytes of the new encryption public key. */
+    new_encryption_public_key: Uint8Array;
+    new_encryption_key_id: string;
+    prior_identity_revocation: RevocationPublication;
+}
+/**
+ * Inputs to {@link buildCompromiseRotation}. The caller is
+ * responsible for generating the new keys (typically with a
+ * fresh Ed25519 / X25519 / Kyber768 key pair) and for deriving
+ * the recovery signing key from the user's recovery secret per
+ * RECOVERY.md §3.3.
+ */
+export interface CompromiseRotationInput {
+    /** Account's full SEMP address. */
+    userId: string;
+    /** Device being revoked. */
+    compromisedDeviceId: string;
+    /** Device producing the cascade — recorded as `revoked_by_device_id`. */
+    revokingDeviceId: string;
+    /** 32-byte Ed25519 seed for the prior identity key. */
+    priorIdentitySeed: Uint8Array;
+    priorIdentityKeyId: string;
+    /** 32-byte Ed25519 seed for the new identity key. */
+    newIdentitySeed: Uint8Array;
+    /** Raw public bytes of the new identity key. */
+    newIdentityPublicKey: Uint8Array;
+    newIdentityKeyId: string;
+    /**
+     * Raw public bytes of the new encryption key. Only the public half
+     * is needed in the cascade; the private half is sync'd to remaining
+     * full-access devices via the device-sync channel per §10.5.5
+     * step 5.
+     */
+    newEncryptionPublicKey: Uint8Array;
+    newEncryptionKeyId: string;
+    /**
+     * 32-byte Ed25519 seed of the recovery signing key derived from the
+     * user's recovery secret per RECOVERY.md §3.3. Signs the successor
+     * record's `recovery_signature`.
+     */
+    recoverySeed: Uint8Array;
+    recoveryKeyId: string;
+    /** Wall-clock used to stamp `revoked_at` and `recovered_at`. Defaults to `new Date()`. */
+    now?: Date;
+}
+/**
+ * Produce the four-artifact bundle a revoking device submits to the
+ * home server atomically.
+ *
+ * The successor record's `domain_signature` is left empty; the home
+ * server adds it on receipt per RECOVERY.md §7.3.
+ *
+ * Throws on missing input or signing failure.
+ */
+export declare function buildCompromiseRotation(input: CompromiseRotationInput): CompromiseRotation;
+/**
+ * Verify every device-side signature in the cascade. The home server
+ * runs this on receipt before committing the bundle, then adds its
+ * own `domain_signature` to the successor record per RECOVERY.md §7.3.
+ *
+ * Throws on the first violation.
+ *
+ * @param c - the bundle
+ * @param priorIdentityPub - published public half of the prior
+ *   identity key (the home server resolves it from the account's
+ *   now-revoked-but-historical key set)
+ * @param recoveryVerifyPub - the `recovery_verify_pk` that the prior
+ *   identity key signed at bundle upload time per RECOVERY.md §7.5
+ *   (the home server resolves it from the prior key record)
+ */
+export declare function verifyCompromiseRotation(c: CompromiseRotation, priorIdentityPub: Uint8Array, recoveryVerifyPub: Uint8Array): void;
+//# sourceMappingURL=compromise.d.ts.map

package/dist/keys/compromise.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"compromise.d.ts","sourceRoot":"","sources":["../../src/keys/compromise.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EACL,KAAK,eAAe,EAOrB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,KAAK,gBAAgB,EAKtB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,KAAK,qBAAqB,EAM3B,MAAM,qBAAqB,CAAC;AAE7B;;;;;;GAMG;AACH,MAAM,WAAW,kBAAkB;IACjC,iBAAiB,EAAE,gBAAgB,CAAC;IACpC,SAAS,EAAE,eAAe,CAAC;IAC3B,gDAAgD;IAChD,uBAAuB,EAAE,UAAU,CAAC;IACpC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,kDAAkD;IAClD,yBAAyB,EAAE,UAAU,CAAC;IACtC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,yBAAyB,EAAE,qBAAqB,CAAC;CAClD;AAED;;;;;;GAMG;AACH,MAAM,WAAW,uBAAuB;IACtC,mCAAmC;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,yEAAyE;IACzE,gBAAgB,EAAE,MAAM,CAAC;IAEzB,uDAAuD;IACvD,iBAAiB,EAAE,UAAU,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;IAE3B,qDAAqD;IACrD,eAAe,EAAE,UAAU,CAAC;IAC5B,gDAAgD;IAChD,oBAAoB,EAAE,UAAU,CAAC;IACjC,gBAAgB,EAAE,MAAM,CAAC;IAEzB;;;;;OAKG;IACH,sBAAsB,EAAE,UAAU,CAAC;IACnC,kBAAkB,EAAE,MAAM,CAAC;IAE3B;;;;OAIG;IACH,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;IAEtB,0FAA0F;IAC1F,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AAED;;;;;;;;GAQG;AACH,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,uBAAuB,GAC7B,kBAAkB,CA0GpB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,wBAAwB,CACtC,CAAC,EAAE,kBAAkB,EACrB,gBAAgB,EAAE,UAAU,EAC5B,iBAAiB,EAAE,UAAU,GAC5B,IAAI,CAiEN"}