@silencelaboratories/walletprovider-sdk 1.3.0 → 1.4.0

package/dist/builder/userAuth.d.ts

@@ -0,0 +1,28 @@
+import { AuthModule, UserAuthentication } from '../auth/authentication';
+import { ApiVersion, RequestPayloadV1, RequestPayloadV2, Slug } from '../client/walletProviderServiceClientInterface';
+import { KeygenSetupOpts, SignSetupOpts } from '../setupMessage';
+import { AddEphKeyRequest, KeyRefreshRequest, QuorumChangeRequest, RegisterPasskeyRequest, RevokeEphKeyRequest } from '../client/networkRequest';
+/**
+ * Builder class for constructing user signatures in all kind of client requests to the network.
+ * It uses the API of `AuthModule` concrete types together with the `challenge` to generate the user signatures.
+ * Contains a map of `UserAuthentication` instances for different authentication payloads.
+ *
+ * @public
+ */
+export declare class UserSignatures {
+    private userAuthentications;
+    private authModule;
+    private apiVersion;
+    constructor(authModule: AuthModule, apiVersion: ApiVersion);
+    private setDefaultAuth;
+    setKeygenUserSigs(payload: KeygenSetupOpts[], challenges?: {
+        [key: string]: string;
+    }): Promise<void>;
+    setSigngenUserSigs(payload: SignSetupOpts, challenge?: string): Promise<void>;
+    setAddEphKeyUserSigs(payload: AddEphKeyRequest, challenge?: string): Promise<void>;
+    setRevokeEphKeyUserSigs(payload: RevokeEphKeyRequest, challenge?: string): Promise<void>;
+    setRegisterPasskeyUserSigs(payload: RegisterPasskeyRequest, challenge?: string): Promise<void>;
+    setKeyRefreshUserSigs(payload: KeyRefreshRequest, challenge?: string): Promise<void>;
+    setQcUserSigs(payload: QuorumChangeRequest, challenge?: string): Promise<void>;
+    build(slug: Slug, payload: RequestPayloadV1 | RequestPayloadV2, challenge?: string): Promise<Record<string, UserAuthentication>>;
+}

package/dist/client/ethUtil.d.ts

@@ -0,0 +1,8 @@
+import { SignResponse } from './networkResponse';
+/**
+ *
+ * @param signgenResponse - response from the network for sign request
+ * @returns - flattened signature in a form: 0x{signature}{recover_id}
+ * @public
+ */
+export declare const flattenSignature: (signgenResponse: SignResponse) => `0x${string}`;

package/dist/client/httpClient.d.ts

@@ -0,0 +1,23 @@
+interface RequestOptions extends RequestInit {
+    headers?: Record<string, string>;
+}
+/**
+ * A simple HTTP client to make requests to backend.
+ * @internal
+ */
+export declare class HttpClient {
+    private readonly baseURL;
+    private defaultHeaders;
+    constructor(baseURL?: string, headers?: Record<string, string>);
+    private validateHeaders;
+    setDefaultHeaders(headers: Record<string, string>): void;
+    private buildUrl;
+    private handleResponse;
+    private request;
+    get<T>(endpoint: string, options?: RequestOptions): Promise<T>;
+    post<T, D = unknown>(endpoint: string, data: D, options?: RequestOptions): Promise<T>;
+    put<T, D = unknown>(endpoint: string, data: D, options?: RequestOptions): Promise<T>;
+    patch<T, D = unknown>(endpoint: string, data: D, options?: RequestOptions): Promise<T>;
+    delete<T>(endpoint: string, options?: RequestOptions): Promise<T>;
+}
+export {};

package/dist/client/networkRequest.d.ts

@@ -0,0 +1,82 @@
+import { EoaAuthPayload } from '../auth/EOAauthentication';
+export declare class RevokeEphKeyRequest implements EoaAuthPayload {
+    readonly key_id: string;
+    constructor(keyId: string);
+    get eoaRequestSchema(): {
+        Request: {
+            name: string;
+            type: string;
+        }[];
+        RevokeEphKeyRequest: {
+            name: string;
+            type: string;
+        }[];
+    };
+}
+export declare class AddEphKeyRequest implements EoaAuthPayload {
+    readonly key_id_list: string[];
+    constructor(keyIdList: string[]);
+    get eoaRequestSchema(): {
+        Request: {
+            name: string;
+            type: string;
+        }[];
+        AddEphKeyRequest: {
+            name: string;
+            type: string;
+        }[];
+    };
+}
+export declare class RegisterPasskeyRequest {
+    readonly options: string;
+    constructor(options: string);
+}
+export declare class QuorumChangeRequest implements EoaAuthPayload {
+    /** Threshold that will be changed */
+    readonly new_t: number;
+    /** Number of nodes that will be changed */
+    readonly new_n: number;
+    /** QC key ID */
+    readonly key_id: string;
+    /** QC key signature algorithm */
+    readonly sign_alg: string;
+    constructor({ newT, newN, keyId, signAlg }: {
+        newT: number;
+        newN: number;
+        keyId: string;
+        signAlg: string;
+    });
+    get eoaRequestSchema(): {
+        Request: {
+            name: string;
+            type: string;
+        }[];
+        QuorumChangeRequest: {
+            name: string;
+            type: string;
+        }[];
+    };
+}
+export declare class KeyRefreshRequest implements EoaAuthPayload {
+    /** Threshold of refresh key */
+    readonly t: number;
+    /** Refresh key ID */
+    readonly key_id: string;
+    /** Refresh key signature algorithm */
+    readonly sign_alg: string;
+    constructor({ t, keyId, signAlg }: {
+        t: number;
+        keyId: string;
+        signAlg: string;
+    });
+    get eoaRequestSchema(): {
+        Request: {
+            name: string;
+            type: string;
+        }[];
+        KeyRefreshRequest: {
+            name: string;
+            type: string;
+        }[];
+    };
+}

package/dist/client/networkResponse.d.ts

@@ -0,0 +1,118 @@
+/**
+ * Response from the SDK for keygen. Receive plaintext response from network.
+ * @public
+ */
+export interface KeygenResponse {
+    /**
+     * Unique ID of produced key used in subsequent API calls.
+     */
+    keyId: string;
+    /**
+     * Public key encoded with SEC1 format.
+     *
+     * If point is uncompressed it's in a form of 0x04 || X || Y
+     *
+     * If point is compressed it's in a form Y || X,
+     *
+     * where Y is set to 0x02 if Y-coord is even, or 0x03 if Y-coord is odd
+     */
+    publicKey: string;
+    /**
+     * Signature algorithm that uses this key for signing
+     */
+    signAlg: string;
+}
+/**
+ * Response from the SDK for key refresh. Receive plaintext response from network.
+ * @public
+ */
+export type KeyRefreshResponse = KeygenResponse;
+/**
+ * Response from the SDK for sign request. Receive plaintext response from network.
+ * @public
+ */
+export interface SignResponse {
+    transactionId: string;
+    /**
+     * Hexstring of length 128 bytes, in a form: r || s
+     */
+    sign: string;
+    /**
+     * Recovery id, either 0, or 1
+     */
+    recid: number;
+}
+/**
+ * Response from the SDK for adding ephemeral key request. Receive plaintext response from network.
+ * @public
+ */
+export interface AddEphKeyResponse {
+    /**
+     * Unique ID of produced key used in subsequent API calls.
+     */
+    keyId: string;
+    /**
+     * Status of the request.
+     */
+    status: string;
+}
+/**
+ * Response from the network for revoking ephemeral key request.
+ * @public
+ */
+export interface RevokeEphKeyResponse {
+    /**
+     * Status of the request.
+     */
+    status: string;
+}
+/**
+ * Response from the network for registering passkey request.
+ * @public
+ */
+export interface RegisterPasskeyResponse {
+    /**
+     * The registered passkey credential id. This helps both the user and the network to identify the passkey.
+     * @public
+     */
+    passkeyCredentialId: string;
+}
+/**
+ * Response from the network for quorum change request.
+ * @public
+ */
+export interface QuorumChangeResponse extends KeygenResponse {
+    /**
+     * Number of nodes of the previous version of the refreshed key.
+     */
+    oldN: number;
+}
+/**
+ *
+ * @param keysharePlaintext Public data of keyshare in plaintext format
+ * @returns Keygen responses {@link KeygenResponse}
+ */
+export declare const parseKeysharePublicData: (keysharePlaintext: string) => KeygenResponse;
+/**
+ *
+ * @param keygenResult MPC keygen result in plaintext format
+ * @param totalKey Amount of keys to generate
+ * @returns List of keygen responses {@link KeygenResponse}
+ * @public
+ */
+export declare const parseKeygenResult: (keygenResult: string, totalKey: number) => KeygenResponse[];
+/**
+ *
+ * @param signResult MPC sign result in plaintext format
+ * @param signAlg MPC sign algorithm
+ * @returns List of signgen responses {@link SignResponse}
+ * @public
+ */
+export declare const parseSigngenResult: (signResult: string, signAlg: string) => SignResponse[];
+/**
+ *
+ * @param keygenResult MPC keygen result in plaintext format
+ * @returns List of keygen responses {@link KeygenResponse}
+ * @public
+ */
+export declare const parseEphKeyOperationResult: (operationsResult: string) => AddEphKeyResponse[];

package/dist/{networkSigner.d.ts → client/networkSigner.d.ts}

@@ -1,117 +1,80 @@
-import { AuthModule } from './authentication';
+import { AuthModule } from '../auth/authentication';
 import { type IWalletProviderServiceClient } from './walletProviderServiceClientInterface';
+import { KeygenResponse, AddEphKeyResponse, RegisterPasskeyResponse, SignResponse, RevokeEphKeyResponse, KeyRefreshResponse } from './networkResponse';
 /**
- * Response from the network for keygen requests
- * @alpha
+ * Supported signature algorithms for MPC signing.
+ * @public
  */
-export interface KeygenResponse {
-    /**
-     * Unique ID of produced key used in subsequent API calls.
-     */
-    keyId: string;
-    /**
-     * Public key encoded with SEC1 format.
-     *
-     * If point is uncompressed it's in a form of 0x04 || X || Y
-     *
-     * If point is compressed it's in a form Y || X,
-     *
-     * where Y is set to 0x02 if Y-coord is even, or 0x03 if Y-coord is odd
-     */
-    publicKey: string;
-}
-/**
- * Response from the network for sign request
- * @alpha
- */
-export interface SignResponse {
-    /**
-     * Hexstring of length 128 bytes, in a form: r || s
-     */
-    sign: string;
-    /**
-     * Recovery id, either 0, or 1
-     */
-    recid: number;
-}
-/**
- * Response from the network for adding ephemeral key request
- * @alpha
- */
-export interface OperationStatusResponse {
-    /**
-     * Status of the request.
-     */
-    status: string;
-}
-/**
- * Response from the network for registering passkey request
- * @alpha
- */
-export interface RegisterPasskeyResponse {
-    /**
-     * The registered passkey credential id. This helps both the user and the network to identify the passkey.
-     * @alpha
-     */
-    passkeyCredentialId: string;
-}
+export type MPCSignAlgorithm = 'ed25519' | 'secp256k1';
 /** The networkSigner contains an API to communicate with the Silent MPC Network. Call to sign and keygen require
  * the Auth module, that is used to prompt the User before executing the request.
- * @alpha
+ * @public
  */
 export declare class NetworkSigner {
     /** Authentication module, used to get confirmation from the User before request execution */
     authModule: AuthModule;
-    /** Number of nodes that needs to participate in protocol in order to generate valid signature. Also known as `t`. */
-    threshold: number;
-    /** Number of nodes that participate in keygen operation. Also known as `n`. */
-    totalNodes: number;
     /** Wallet Provider backend client */
     wpClient: IWalletProviderServiceClient;
     /**
      * Facade class used to execute operations on Silent Network.
      * @param wpClient - Wallet Provider backend client
-     * @param threshold - Number of nodes that needs to participate in protocol in order to generate valid signature. Also known as `t`.
-     * @param totalNodes - Number of nodes that participate in keygen operation. Also known as `n`.
      * @param authModule - Authentication module, used to get confirmation from the User before request execution
      */
-    constructor(wpClient: IWalletProviderServiceClient, threshold: number, totalNodes: number, authModule: AuthModule);
+    constructor(wpClient: IWalletProviderServiceClient, authModule: AuthModule);
+    validateQuorumSetup({ threshold, totalNodes }: {
+        threshold?: number;
+        totalNodes?: number;
+    }): void;
     /** Generate a distributed key that's generated by Silent Network.
      * Uses `authModule` to authenticate the User with the Silent Network.
+     * @param threshold - Number of nodes that needs to participate in protocol in order to generate valid signature. Also known as `t`.
+     * @param totalNodes - Number of nodes that participate in keygen operation. Also known as `n`.
+     * @param signAlgs - signature algorithms for which MPC keys will be generated.
      * @param permissions - optional permissions that will be stored in the key metadata.
      * The permissions are validated during sign requests.
      * @returns {@link KeygenResponse} containing `keyId` and the `pubKey` public part of the key
      * @public
      */
-    generateKey(permissions?: string): Promise<KeygenResponse>;
+    generateKey(threshold: number, totalNodes: number, signAlgs: string[], permissions?: string): Promise<KeygenResponse[]>;
     /** Generate a signature by the distributed key of Silent Network.
      * Uses `authModule` to authenticate the sign request by the User.
      * The network chooses `t` nodes to execute the protocol.
+     * @param threshold - Number of nodes that needs to participate in protocol in order to generate valid signature. Also known as `t`.
      * @param keyId - the key id returned from `keygen`
-     * @param message - the message to sign by the MPC network
+     * @param signAlg - the signature algorithm to use for MPC signing, different form signAlg inside EphKeyClaim
+     * @param signRequest - the sign request containing the transaction id, request type and message to sign
      * @returns {@link SignResponse}
      * @public
      */
-    signMessage(keyId: string, message: string): Promise<SignResponse>;
+    signMessage(threshold: number, keyId: string, signAlg: MPCSignAlgorithm, signRequest: string): Promise<SignResponse[]>;
+    /** Refreshes the secret key shares without changing the common public key of the distributed key that's generated by Silent Network.
+     * Uses `authModule` to authenticate the User with the Silent Network.
+     * @param threshold - Number of nodes that needs to participate in protocol in order to generate valid signature. Also known as `t`.
+     * @param keyId - the key id returned from `keygen`
+     * @param signAlg - signature algorithm of the refresh key.
+     * @returns {@link KeyRefreshResponse} containing `keyId`, `pubKey`, `signAlg`
+     * @public
+     */
+    refreshKey(threshold: number, keyId: string, signAlg: MPCSignAlgorithm): Promise<KeyRefreshResponse>;
     /** Add new ephemeral key to an exist distributed key on the network.
      * Uses `authModule` to authenticate the request by the User.
-     * @param keyId - the key id returned from `keygen`
-     * @returns {@link OperationStatusResponse}
+     * @param keyIdList - the list of key id returned from `keygen`
+     * @returns {@link AddEphKeyResponse}
      * @public
      */
-    addEphemeralKey(keyId: string): Promise<OperationStatusResponse>;
+    addEphemeralKey(keyIdList: string[]): Promise<AddEphKeyResponse[]>;
     /** Revoke ephemeral key of an exist distributed key on the network.
      * Uses `authModule` to authenticate the request by the User.
      * @param keyId - the key id returned from `keygen`
-     * @returns {@link OperationStatusResponse}
+     * @returns {@link RevokeEphKeyResponse}
      * @public
      */
-    revokeEphemeralKey(keyId: string): Promise<OperationStatusResponse>;
+    revokeEphemeralKey(keyId: string): Promise<RevokeEphKeyResponse>;
     /** Register new user's passkey on the network. This will try to register to all the available nodes on the network.
      * Uses `authModule` to authenticate the request by the User.
+     * @param options - the options to customize the passkey authentication
      * @returns {@link RegisterPasskeyResponse}
      * @public
      */
-    registerPasskey(): Promise<RegisterPasskeyResponse>;
-    private setEphClaimOf;
+    registerPasskey(options?: string): Promise<RegisterPasskeyResponse>;
 }

package/dist/client/walletProviderServiceClient.d.ts

@@ -0,0 +1,46 @@
+import { AuthModule } from '../auth/authentication';
+import { type KeygenResponse, type SignResponse, type AddEphKeyResponse, type RegisterPasskeyResponse, RevokeEphKeyResponse, KeyRefreshResponse } from './networkResponse';
+import { KeygenSetupOpts, SignSetupOpts } from '../setupMessage';
+import { ApiVersion, type ClientConfig, IWalletProviderServiceClient, Slug, RequestPayloadV1, RequestPayloadV2 } from './walletProviderServiceClientInterface';
+import { AddEphKeyRequest, KeyRefreshRequest, RegisterPasskeyRequest, RevokeEphKeyRequest } from './networkRequest';
+/**
+ * The Websocket client to the Wallet Provider backend service.
+ * All requests are relayed by this entity to the MPC network.
+ * @public
+ */
+export declare class WalletProviderServiceClient implements IWalletProviderServiceClient {
+    walletProviderUrl: string;
+    apiVersion: ApiVersion;
+    /**
+     * Create new client that connects to the backend service
+     * @param config - config containing information about backend service
+     */
+    constructor(config: ClientConfig);
+    getVersion(): ApiVersion;
+    startKeygen({ setups, authModule, }: {
+        setups: KeygenSetupOpts[];
+        authModule: AuthModule;
+    }): Promise<KeygenResponse[]>;
+    startKeyRefresh({ payload, authModule, }: {
+        payload: KeyRefreshRequest;
+        authModule: AuthModule;
+    }): Promise<KeyRefreshResponse>;
+    startSigngen({ setup, authModule }: {
+        setup: SignSetupOpts;
+        authModule: AuthModule;
+    }): Promise<SignResponse[]>;
+    addEphemeralKey({ payload, authModule, }: {
+        payload: AddEphKeyRequest;
+        authModule: AuthModule;
+    }): Promise<AddEphKeyResponse[]>;
+    revokeEphemeralKey({ payload, authModule, }: {
+        payload: RevokeEphKeyRequest;
+        authModule: AuthModule;
+    }): Promise<RevokeEphKeyResponse>;
+    registerPasskey({ payload, authModule, }: {
+        payload: RegisterPasskeyRequest;
+        authModule: AuthModule;
+    }): Promise<RegisterPasskeyResponse>;
+    connect(slug: Slug, payload: RequestPayloadV1, authModule: AuthModule): Promise<string>;
+    connectV2(slug: Slug, payload: RequestPayloadV2, authModule: AuthModule): Promise<string>;
+}

package/dist/client/walletProviderServiceClientInterface.d.ts

@@ -0,0 +1,64 @@
+import { AuthModule, UserAuthentication } from '../auth/authentication';
+import { KeygenResponse, SignResponse, AddEphKeyResponse, RegisterPasskeyResponse, RevokeEphKeyResponse, KeyRefreshResponse } from './networkResponse';
+import { KeygenSetupOpts, SignSetupOpts } from '../setupMessage';
+import { AddEphKeyRequest, KeyRefreshRequest, QuorumChangeRequest, RegisterPasskeyRequest, RevokeEphKeyRequest } from './networkRequest';
+/**
+ * The config used to create Wallet Provider Service backend client.
+ * Please refer to {@link https://shipyard.rs/silencelaboratories/crates/wallet-provider-service | example backend service}
+ * implementation for requirements that the backend service must fulfill.
+ * @public
+ */
+export type ClientConfig = {
+    /**
+     * The version of the API used to connect to the service
+     */
+    apiVersion: ApiVersion;
+    /**
+     * The URL used to connect to the service
+     * @public
+     */
+    walletProviderUrl: string;
+};
+/**
+ * The API version of the Wallet Provider Service
+ * @public
+ */
+export type ApiVersion = 'v1' | 'v2';
+export type Signer = (challenge: string) => Promise<UserAuthentication>;
+/** Interface for client of  Wallet Provider Service
+ * @public
+ */
+export interface IWalletProviderServiceClient {
+    getVersion(): ApiVersion;
+    startKeygen({ setups, authModule }: {
+        setups: KeygenSetupOpts[];
+        authModule: AuthModule;
+    }): Promise<KeygenResponse[]>;
+    startKeyRefresh({ payload, authModule, }: {
+        payload: KeyRefreshRequest;
+        authModule: AuthModule;
+    }): Promise<KeyRefreshResponse>;
+    startSigngen({ setup, authModule }: {
+        setup: SignSetupOpts;
+        authModule: AuthModule;
+    }): Promise<SignResponse[]>;
+    addEphemeralKey({ payload, authModule, }: {
+        payload: AddEphKeyRequest;
+        authModule: AuthModule;
+    }): Promise<AddEphKeyResponse[]>;
+    revokeEphemeralKey({ payload, authModule, }: {
+        payload: RevokeEphKeyRequest;
+        authModule: AuthModule;
+    }): Promise<RevokeEphKeyResponse>;
+    registerPasskey({ payload, authModule, }: {
+        payload: RegisterPasskeyRequest;
+        authModule: AuthModule;
+    }): Promise<RegisterPasskeyResponse>;
+}
+export type Slug = 'signgen' | 'keygen' | 'keyRefresh' | 'quorumChange' | 'addEphemeralKey' | 'revokeEphemeralKey' | 'registerPasskey';
+export type RequestPayloadV1 = KeygenSetupOpts[] | KeyRefreshRequest | QuorumChangeRequest | SignSetupOpts | AddEphKeyRequest | RevokeEphKeyRequest | RegisterPasskeyRequest;
+export type RequestPayloadV2 = KeygenSetupOpts[] | SignSetupOpts | AddEphKeyRequest | RevokeEphKeyRequest;
+export interface WpRequest {
+    payload: RequestPayloadV1 | RequestPayloadV2;
+    userSigs: Record<string, UserAuthentication> | undefined;
+}

package/dist/index.cjs.js

@@ -1,4 +1,4 @@
-"use strict";var R=Object.defineProperty;var St=Object.getOwnPropertyDescriptor;var xt=Object.getOwnPropertyNames;var wt=Object.prototype.hasOwnProperty;var bt=(n,t,e)=>t in n?R(n,t,{enumerable:!0,configurable:!0,writable:!0,value:e}):n[t]=e;var At=(n,t)=>{for(var e in t)R(n,e,{get:t[e],enumerable:!0})},Pt=(n,t,e,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of xt(t))!wt.call(n,r)&&r!==e&&R(n,r,{get:()=>t[r],enumerable:!(i=St(t,r))||i.enumerable});return n};var Ct=n=>Pt(R({},"__esModule",{value:!0}),n);var p=(n,t,e)=>bt(n,typeof t!="symbol"?t+"":t,e);var Bt={};At(Bt,{EOAAuth:()=>b,EphAuth:()=>I,EphKeyClaim:()=>w,NetworkSigner:()=>U,PasskeyAuth:()=>A,PasskeyRegister:()=>E,WalletProviderServiceClient:()=>M,computeAddress:()=>_,default:()=>Tt,generateEphPrivateKey:()=>J,getEphPublicKey:()=>v});module.exports=Ct(Bt);var Ot=1,et=2,F=3,nt=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],m=class{constructor({t,n:e,key_label:i,permissions:r}){p(this,"t");p(this,"n");p(this,"key_label");p(this,"metadata");this.t=t,this.n=e,i&&(this.key_label=i),this.metadata=[],r&&this.metadata.push({tag:Ot,value:r})}set ephClaim(t){this.metadata.push({tag:et,value:t.toJSON()})}get requestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:nt}}},k=class{constructor({t,key_id:e,message:i}){p(this,"t");p(this,"key_id");p(this,"message");this.t=t,this.key_id=e,this.message=i}},d=class{constructor(){p(this,"metadata");this.metadata=[]}set ephClaim(t){this.metadata.push({tag:et,value:t.toJSON()})}set keyId(t){this.metadata.push({tag:F,value:t})}extractMetadataByTag(t){let e=this.metadata.find(i=>i.tag===t);if(e)return e.value;throw new Error(`Tag ${t} not found in metadata`)}get requestSchema(){return{Request:[{name:"setup",type:"MetadataSetupOpts"},{name:"challenge",type:"string"}],MetadataSetupOpts:[{name:"metadata",type:"TaggedValue[]"}],TaggedValue:nt}}};var kt={name:"SilentShard authentication",version:"0.1.0"},vt=[{name:"name",type:"string"},{name:"version",type:"string"}];function It(n,t,e){let i;return n instanceof m?i=new m({t:n.t,n:n.n,key_label:n.key_label,permissions:void 0}):(i=new d,i.keyId=n.extractMetadataByTag(F)),i.ephClaim=e,{types:{EIP712Domain:vt,...n.requestSchema},domain:kt,primaryType:"Request",message:{setup:i,challenge:t}}}async function it({setup:n,eoa:t,challenge:e,browserWallet:i,ephClaim:r}){let o=It(n,e,r),s=await i.signTypedData(t,o);return{credentials:{credentials:r.toJSON(),method:"eoa",id:t},signature:s}}var ct=require("js-base64");function Et(n){return n instanceof Uint8Array||ArrayBuffer.isView(n)&&n.constructor.name==="Uint8Array"}function q(n,...t){if(!Et(n))throw new Error("Uint8Array expected");if(t.length>0&&!t.includes(n.length))throw new Error("Uint8Array expected of length "+t+", got length="+n.length)}function H(n,t=!0){if(n.destroyed)throw new Error("Hash instance has been destroyed");if(t&&n.finished)throw new Error("Hash#digest() has already been called")}function st(n,t){q(n);let e=t.outputLen;if(n.length<e)throw new Error("digestInto() expects output buffer of length at least "+e)}var B=n=>new DataView(n.buffer,n.byteOffset,n.byteLength),f=(n,t)=>n<<32-t|n>>>t;function Ut(n){if(typeof n!="string")throw new Error("utf8ToBytes expected string, got "+typeof n);return new Uint8Array(new TextEncoder().encode(n))}function G(n){return typeof n=="string"&&(n=Ut(n)),q(n),n}var T=class{clone(){return this._cloneInto()}};function rt(n){let t=i=>n().update(G(i)).digest(),e=n();return t.outputLen=e.outputLen,t.blockLen=e.blockLen,t.create=()=>n(),t}function Mt(n,t,e,i){if(typeof n.setBigUint64=="function")return n.setBigUint64(t,e,i);let r=BigInt(32),o=BigInt(4294967295),s=Number(e>>r&o),a=Number(e&o),c=i?4:0,u=i?0:4;n.setUint32(t+c,s,i),n.setUint32(t+u,a,i)}var ot=(n,t,e)=>n&t^~n&e,at=(n,t,e)=>n&t^n&e^t&e,N=class extends T{constructor(t,e,i,r){super(),this.blockLen=t,this.outputLen=e,this.padOffset=i,this.isLE=r,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(t),this.view=B(this.buffer)}update(t){H(this);let{view:e,buffer:i,blockLen:r}=this;t=G(t);let o=t.length;for(let s=0;s<o;){let a=Math.min(r-this.pos,o-s);if(a===r){let c=B(t);for(;r<=o-s;s+=r)this.process(c,s);continue}i.set(t.subarray(s,s+a),this.pos),this.pos+=a,s+=a,this.pos===r&&(this.process(e,0),this.pos=0)}return this.length+=t.length,this.roundClean(),this}digestInto(t){H(this),st(t,this),this.finished=!0;let{buffer:e,view:i,blockLen:r,isLE:o}=this,{pos:s}=this;e[s++]=128,this.buffer.subarray(s).fill(0),this.padOffset>r-s&&(this.process(i,0),s=0);for(let l=s;l<r;l++)e[l]=0;Mt(i,r-8,BigInt(this.length*8),o),this.process(i,0);let a=B(t),c=this.outputLen;if(c%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let u=c/4,g=this.get();if(u>g.length)throw new Error("_sha2: outputLen bigger than state");for(let l=0;l<u;l++)a.setUint32(4*l,g[l],o)}digest(){let{buffer:t,outputLen:e}=this;this.digestInto(t);let i=t.slice(0,e);return this.destroy(),i}_cloneInto(t){t||(t=new this.constructor),t.set(...this.get());let{blockLen:e,buffer:i,length:r,finished:o,destroyed:s,pos:a}=this;return t.length=r,t.pos=a,t.finished=o,t.destroyed=s,r%e&&t.buffer.set(i),t}};var Kt=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),S=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),x=new Uint32Array(64),z=class extends N{constructor(){super(64,32,8,!1),this.A=S[0]|0,this.B=S[1]|0,this.C=S[2]|0,this.D=S[3]|0,this.E=S[4]|0,this.F=S[5]|0,this.G=S[6]|0,this.H=S[7]|0}get(){let{A:t,B:e,C:i,D:r,E:o,F:s,G:a,H:c}=this;return[t,e,i,r,o,s,a,c]}set(t,e,i,r,o,s,a,c){this.A=t|0,this.B=e|0,this.C=i|0,this.D=r|0,this.E=o|0,this.F=s|0,this.G=a|0,this.H=c|0}process(t,e){for(let l=0;l<16;l++,e+=4)x[l]=t.getUint32(e,!1);for(let l=16;l<64;l++){let P=x[l-15],O=x[l-2],tt=f(P,7)^f(P,18)^P>>>3,W=f(O,17)^f(O,19)^O>>>10;x[l]=W+x[l-7]+tt+x[l-16]|0}let{A:i,B:r,C:o,D:s,E:a,F:c,G:u,H:g}=this;for(let l=0;l<64;l++){let P=f(a,6)^f(a,11)^f(a,25),O=g+P+ot(a,c,u)+Kt[l]+x[l]|0,W=(f(i,2)^f(i,13)^f(i,22))+at(i,r,o)|0;g=u,u=c,c=a,a=s+O|0,s=o,o=r,r=i,i=O+W|0}i=i+this.A|0,r=r+this.B|0,o=o+this.C|0,s=s+this.D|0,a=a+this.E|0,c=c+this.F|0,u=u+this.G|0,g=g+this.H|0,this.set(i,r,o,s,a,c,u,g)}roundClean(){x.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var Q=rt(()=>new z);var D=require("viem");var Y=n=>btoa(String.fromCodePoint.apply(null,Array.from(n))),y=n=>ct.Base64.fromUint8Array(new Uint8Array(n),!0),pt=n=>{let t=(0,D.stringToBytes)(n),e=Q(Q(t));return(0,D.toHex)(e,{size:32}).slice(2)};var j=require("js-base64"),X=require("viem");async function ut({user:n,challenge:t,rpConfig:e}){let i=(0,X.hexToBytes)(`0x${t}`,{size:32}),r={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:i,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:e.rpName,id:e.rpId},user:{...n,id:j.Base64.toUint8Array(n.id)}}},o=await navigator.credentials.create(r);if(o===null)throw new Error("No credential returned");let s=y(o.response.attestationObject),c={rawCredential:JSON.stringify({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:y(o.rawId),response:{attestationObject:s,clientDataJSON:y(o.response.clientDataJSON)},type:o.type}),origin:e.rpName,rpId:e.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:JSON.stringify(c)}}async function lt({challenge:n,allowCredentialId:t,rpConfig:e,ephClaim:i}){let r=(0,X.hexToBytes)(`0x${n}`,{size:32}),o=t?[{type:"public-key",id:j.Base64.toUint8Array(t)}]:[],s={publicKey:{userVerification:"required",challenge:r,allowCredentials:o}},a=await navigator.credentials.get(s);if(a===null)throw new Error("Failed to get navigator credentials");let c=a.response,u=c.userHandle;if(u===null)throw new Error("User handle cannot be null");let g=y(c.signature),P={rawCredential:JSON.stringify({authenticatorAttachment:a.authenticatorAttachment,id:a.id,rawId:y(a.rawId),response:{authenticatorData:y(c.authenticatorData),clientDataJSON:y(c.clientDataJSON),signature:g,userHandle:y(u)},type:a.type}),origin:e.rpName,rpId:e.rpId};return{credentials:{credentials:i.toJSON(),method:"passkey",id:a.id},signature:JSON.stringify(P)}}var V=require("viem"),L=require("@noble/curves/ed25519"),Z=require("@noble/curves/secp256k1");var C=(n,t)=>{h(typeof t!="string",`${n} must be string`),h((t==null?void 0:t.trim().length)===0,`${n} cannot be empty`)},ht=(n,t)=>{h(!(n instanceof Uint8Array),"key must be an Uint8Array"),t==="secp256k1"&&h(n.length!==65,"secp256k1: key length must be 65 bytes, got "+n.length),t==="ed25519"&&h(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length)},dt=(n,t)=>{h(!(n instanceof Uint8Array),"key must be an Uint8Array"),t==="secp256k1"&&h(n.length!==32,"secp256k1: key length must be 32 bytes, got "+n.length),t==="ed25519"&&h(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length)};var h=(n,t)=>{if(n)throw new Error(t)};var gt=require("viem/accounts");var w=class{constructor(t,e,i,r=3600){p(this,"ephId");p(this,"ephPK");p(this,"signAlg");p(this,"expiry");this.validateInputs(t,e,i,r),this.ephId=t,this.ephPK=(0,V.toHex)(e),this.signAlg=i,this.expiry=Math.floor(Date.now()/1e3)+r}validateInputs(t,e,i,r){C("ephId",t),ht(e,i),h(Number.isInteger(r)===!1,"lifetime must be an integer");let o=r>0&&r<=365*24*60*60;h(!o,"lifetime must be greater than 0 and less than or equal to 365 days")}toJSON(){return JSON.stringify({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}};async function ft({setup:n,challenge:t,ephSK:e,ephClaim:i}){let r={setup:n,challenge:t},s=new TextEncoder().encode(JSON.stringify(r)),a=await Rt(s,e,i.signAlg);return{credentials:{credentials:i.toJSON(),method:"ephemeral",id:i.ephId},signature:a}}async function Rt(n,t,e){switch(e){case"ed25519":return(0,V.toHex)(L.ed25519.sign(n,t));case"secp256k1":return await(0,gt.signMessage)({message:{raw:n},privateKey:(0,V.toHex)(t)});default:throw new Error("Invalid signature algorithm")}}function J(n){switch(n){case"ed25519":return L.ed25519.utils.randomPrivateKey();case"secp256k1":return Z.secp256k1.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function v(n,t){switch(t){case"ed25519":return L.ed25519.getPublicKey(n);case"secp256k1":return Z.secp256k1.getPublicKey(n,!1);default:throw new Error("Invalid signature algorithm")}}var mt=require("viem");var b=class{constructor(t,e,i){p(this,"browserWallet");p(this,"eoa");p(this,"ephClaim");this.validateInputs(t,e),this.ephClaim=i,this.browserWallet=e,this.eoa=t}validateInputs(t,e){h(!(0,mt.isAddress)(t),"invalid Ethereum address format"),h(!((e==null?void 0:e.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({setup:t,challenge:e}){return h(!(t instanceof m||t instanceof d),`invalid setup for EOA authenticate. Requires KeygenSetupOpts or MetadataSetupOpts but found ${JSON.stringify(t)}`),await it({setup:t,eoa:this.eoa,challenge:e,browserWallet:this.browserWallet,ephClaim:this.ephClaim})}},I=class{constructor(t,e,i){p(this,"ephSK");p(this,"ephClaim");dt(e,i),this.ephSK=e;let r=v(this.ephSK,i);this.ephClaim=new w(t,r,i)}async authenticate({setup:t,challenge:e}){return h(!(t instanceof k||t instanceof d),`invalid setup for Eph authenticate. Requires SignSetupOpts or MetadataSetupOpts but found ${JSON.stringify(t)}`),await ft({setup:t,challenge:e,ephSK:this.ephSK,ephClaim:this.ephClaim})}},A=class{constructor(t,e,i){p(this,"rpConfig");p(this,"allowCredentialId");p(this,"ephClaim");this.ephClaim=i,this.rpConfig=t,this.allowCredentialId=e}async authenticate({setup:t,challenge:e}){return h(!(t instanceof m||t instanceof d),`invalid setup for Passkey authenticate. Requires KeygenSetupOpts or MetadataSetupOpts but found ${JSON.stringify(t)}`),await lt({allowCredentialId:this.allowCredentialId,challenge:e,rpConfig:this.rpConfig,ephClaim:this.ephClaim})}},E=class{constructor(t,e){p(this,"rpConfig");p(this,"user");this.rpConfig=t,this.user=e}async authenticate({setup:t,challenge:e}){return h(!(t instanceof d),`invalid setup for Passkey register. Requires MetadataSetupOpts but found ${JSON.stringify(t)}`),await ut({user:this.user,challenge:e,rpConfig:this.rpConfig})}};var U=class{constructor(t,e,i,r){p(this,"authModule");p(this,"threshold");p(this,"totalNodes");p(this,"wpClient");h(e<2,`Threshold = ${e} must be at least 2`),h(i<e,`Total nodes = ${i} must be greater or equal to threshold = ${e}`),this.threshold=e,this.totalNodes=i,this.authModule=r,this.wpClient=t}async generateKey(t){let e=new m({t:this.threshold,n:this.totalNodes,permissions:t,key_label:void 0});return this.setEphClaimOf(e),await this.wpClient.startKeygen({setup:e,authModule:this.authModule})}async signMessage(t,e){C("keyId",t),C("message",e);let i=new k({t:this.threshold,key_id:t,message:e});return await this.wpClient.startSigngen({setup:i,authModule:this.authModule})}async addEphemeralKey(t){C("keyId",t);let e=new d;return e.keyId=t,this.setEphClaimOf(e),await this.wpClient.addEphemeralKey({setup:e,authModule:this.authModule})}async revokeEphemeralKey(t){C("keyId",t);let e=new d;return e.keyId=t,this.setEphClaimOf(e),await this.wpClient.revokeEphemeralKey({setup:e,authModule:this.authModule})}async registerPasskey(){let t=new d;return await this.wpClient.registerPasskey({setup:t,authModule:this.authModule})}setEphClaimOf(t){(this.authModule instanceof b||this.authModule instanceof A)&&(t.ephClaim=this.authModule.ephClaim)}};var M=class{constructor(t){p(this,"walletProviderId");p(this,"walletProviderUrl");p(this,"apiVersion","v1");this.walletProviderId=t.walletProviderId,this.walletProviderUrl=`${t.walletProviderUrl}/${t.apiVersion}`,this.apiVersion=t.apiVersion}getVersion(){return this.apiVersion}getWalletId(){return this.walletProviderId}async startKeygen({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",t,e).then(r=>{var c,u;let o=r.split(":");h(o.length!==2,"Invalid keygen response from network");let s=(c=o[0])==null?void 0:c.split("=")[1];return{publicKey:(u=o[1])==null?void 0:u.split("=")[1],keyId:s}})}async startSigngen({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",t,e).then(r=>{var c,u;let o=r.split(":");h(o.length!==2,"Invalid signgen response from network");let s=(c=o[0])==null?void 0:c.split("=")[1],a=(u=o[1])==null?void 0:u.split("=")[1];if(s===void 0||a===void 0)throw new Error("Invalid signgen response from network");return{sign:s,recid:parseInt(a)}})}async addEphemeralKey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",t,e).then(r=>({status:r}))}async revokeEphemeralKey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",t,e).then(r=>({status:r}))}async registerPasskey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("registerPasskey",t,e).then(r=>({passkeyCredentialId:r}))}connect(t,e,i){return new Promise((r,o)=>{let s=0;t==="signgen"&&(e.message=Y(new TextEncoder().encode(e.message)));let a=new WebSocket(`${this.walletProviderUrl}/${t}`);a.addEventListener("open",c=>{switch(console.debug(`Connection opened in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s){case 0:s=1,a.send(JSON.stringify(e));break;case 1:case 2:s=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async c=>{switch(console.debug(`Connection message in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s){case 0:s=3,o("Incorrect protocol state");break;case 1:{s=2;try{let u=await i.authenticate({setup:e,challenge:c.data});a.send(JSON.stringify(u))}catch(u){o(u)}break}case 2:s=3,a.close(),r(c.data);break;case 3:break}}),a.addEventListener("error",c=>{console.debug(`Connection error in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s!=3&&(s=3,o("Incorrect protocol state"))}),a.addEventListener("close",c=>{console.debug(`Connection closed in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s!=3&&(s=3,o("Incorrect protocol state"))})})}connectV2(t,e,i){return new Promise((r,o)=>{let s=0;t==="signgen"&&(e.message=Y(new TextEncoder().encode(e.message)));let a=new WebSocket(`${this.walletProviderUrl}/${t}`);a.addEventListener("open",async c=>{switch(console.debug(`Connection opened in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s){case 0:s=2;try{let u=JSON.stringify(e),g=await i.authenticate({setup:e,challenge:pt(u)});a.send(JSON.stringify({setupOpts:u,userAuth:JSON.stringify(g)}))}catch(u){o(u)}break;case 2:s=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async c=>{switch(console.debug(`Connection message in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s){case 0:s=3,o("Incorrect protocol state");break;case 2:s=3,a.close(),r(c.data);break;case 3:break}}),a.addEventListener("error",c=>{console.debug(`Connection error in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s!=3&&(s=3,o("Incorrect protocol state"))}),a.addEventListener("close",c=>{console.debug(`Connection closed in state ${s} with event ${JSON.stringify(c,void 0,"	")}`),s!=3&&(s=3,o("Incorrect protocol state"))})})}};var $=require("viem/accounts"),yt=require("@noble/curves/secp256k1");var K=require("viem");function _(n){if(n.startsWith("0x")&&(n=n.slice(2)),n.startsWith("04"))return(0,$.publicKeyToAddress)(`0x${n} `);if(n.startsWith("02")||n.startsWith("03")){let t=yt.secp256k1.ProjectivePoint.fromHex(n).toHex(!1);return(0,$.publicKeyToAddress)(`0x${t}`)}else throw new Error("Invalid public key")}var Tt={NetworkSigner:U,WalletProviderServiceClient:M,EOAAuth:b,EphAuth:I,PasskeyAuth:A,PasskeyRegister:E,generateEphPrivateKey:J,getEphPublicKey:v,EphKeyClaim:w,computeAddress:_};0&&(module.exports={EOAAuth,EphAuth,EphKeyClaim,NetworkSigner,PasskeyAuth,PasskeyRegister,WalletProviderServiceClient,computeAddress,generateEphPrivateKey,getEphPublicKey});
+"use strict";var J=Object.defineProperty;var Me=Object.getOwnPropertyDescriptor;var De=Object.getOwnPropertyNames;var Ve=Object.prototype.hasOwnProperty;var _e=(s,e,t)=>e in s?J(s,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[e]=t;var Be=(s,e)=>{for(var t in e)J(s,t,{get:e[t],enumerable:!0})},Le=(s,e,t,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of De(e))!Ve.call(s,r)&&r!==t&&J(s,r,{get:()=>e[r],enumerable:!(n=Me(e,r))||n.enumerable});return s};var $e=s=>Le(J({},"__esModule",{value:!0}),s);var p=(s,e,t)=>_e(s,typeof e!="symbol"?e+"":e,t);var Ze={};Be(Ze,{EOAAuth:()=>V,EphAuth:()=>_,EphKeyClaim:()=>S,HttpClient:()=>D,KeygenSetupOpts:()=>f,NetworkSigner:()=>C,PasskeyAuth:()=>B,PasskeyRegister:()=>L,SignRequestBuilder:()=>P,UserSignatures:()=>R,WalletProviderServiceClient:()=>M,computeAddress:()=>se,default:()=>Ye,flattenSignature:()=>X,generateEphPrivateKey:()=>W,getEphPublicKey:()=>k,parseEphKeyOperationResult:()=>O,parseKeygenResult:()=>U,parseSigngenResult:()=>T});module.exports=$e(Ze);var be=require("json-canonicalize");var g=(s,e)=>{l(typeof e!="string",`${s} must be string`),l((e==null?void 0:e.trim().length)===0,`${s} cannot be empty`)},we=(s,e)=>{if(l(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")l(s.length!==65,"secp256k1: key length must be 65 bytes, got "+s.length);else if(e==="ed25519")l(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},Re=(s,e)=>{if(l(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")l(s.length!==32,"secp256k1: key length must be 32 bytes, got "+s.length);else if(e==="ed25519")l(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},xe=s=>{l(s!=="ed25519"&&s!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},l=(s,e)=>{if(s)throw new Error(e)};var P=class{constructor(){p(this,"signRequest",new Map)}setRequest(e,t,n){if(g("transactionId",e),g("message",t),g("requestType",n),this.signRequest.has(e))throw new Error(`Transaction ID ${e} is already set.`);return this.signRequest.set(e,{signingMessage:t,requestType:n}),this}build(){let e={};if(this.signRequest.forEach((t,n)=>{e[n]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return(0,be.canonicalize)(e)}};var ce=require("json-canonicalize");var ke=require("js-base64");function Ne(s){return s instanceof Uint8Array||ArrayBuffer.isView(s)&&s.constructor.name==="Uint8Array"}function re(s,...e){if(!Ne(s))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(s.length))throw new Error("Uint8Array expected of length "+e+", got length="+s.length)}function ie(s,e=!0){if(s.destroyed)throw new Error("Hash instance has been destroyed");if(e&&s.finished)throw new Error("Hash#digest() has already been called")}function Ae(s,e){re(s);let t=e.outputLen;if(s.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var G=s=>new DataView(s.buffer,s.byteOffset,s.byteLength),y=(s,e)=>s<<32-e|s>>>e;function He(s){if(typeof s!="string")throw new Error("utf8ToBytes expected string, got "+typeof s);return new Uint8Array(new TextEncoder().encode(s))}function oe(s){return typeof s=="string"&&(s=He(s)),re(s),s}var z=class{clone(){return this._cloneInto()}};function Se(s){let e=n=>s().update(oe(n)).digest(),t=s();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>s(),e}function We(s,e,t,n){if(typeof s.setBigUint64=="function")return s.setBigUint64(e,t,n);let r=BigInt(32),o=BigInt(4294967295),i=Number(t>>r&o),a=Number(t&o),u=n?4:0,h=n?0:4;s.setUint32(e+u,i,n),s.setUint32(e+h,a,n)}var Pe=(s,e,t)=>s&e^~s&t,Ee=(s,e,t)=>s&e^s&t^e&t,Q=class extends z{constructor(e,t,n,r){super(),this.blockLen=e,this.outputLen=t,this.padOffset=n,this.isLE=r,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=G(this.buffer)}update(e){ie(this);let{view:t,buffer:n,blockLen:r}=this;e=oe(e);let o=e.length;for(let i=0;i<o;){let a=Math.min(r-this.pos,o-i);if(a===r){let u=G(e);for(;r<=o-i;i+=r)this.process(u,i);continue}n.set(e.subarray(i,i+a),this.pos),this.pos+=a,i+=a,this.pos===r&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){ie(this),Ae(e,this),this.finished=!0;let{buffer:t,view:n,blockLen:r,isLE:o}=this,{pos:i}=this;t[i++]=128,this.buffer.subarray(i).fill(0),this.padOffset>r-i&&(this.process(n,0),i=0);for(let c=i;c<r;c++)t[c]=0;We(n,r-8,BigInt(this.length*8),o),this.process(n,0);let a=G(e),u=this.outputLen;if(u%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let h=u/4,d=this.get();if(h>d.length)throw new Error("_sha2: outputLen bigger than state");for(let c=0;c<h;c++)a.setUint32(4*c,d[c],o)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let n=e.slice(0,t);return this.destroy(),n}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:n,length:r,finished:o,destroyed:i,pos:a}=this;return e.length=r,e.pos=a,e.finished=o,e.destroyed=i,r%t&&e.buffer.set(n),e}};var Fe=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),x=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),b=new Uint32Array(64),ae=class extends Q{constructor(){super(64,32,8,!1),this.A=x[0]|0,this.B=x[1]|0,this.C=x[2]|0,this.D=x[3]|0,this.E=x[4]|0,this.F=x[5]|0,this.G=x[6]|0,this.H=x[7]|0}get(){let{A:e,B:t,C:n,D:r,E:o,F:i,G:a,H:u}=this;return[e,t,n,r,o,i,a,u]}set(e,t,n,r,o,i,a,u){this.A=e|0,this.B=t|0,this.C=n|0,this.D=r|0,this.E=o|0,this.F=i|0,this.G=a|0,this.H=u|0}process(e,t){for(let c=0;c<16;c++,t+=4)b[c]=e.getUint32(t,!1);for(let c=16;c<64;c++){let m=b[c-15],v=b[c-2],me=y(m,7)^y(m,18)^m>>>3,ne=y(v,17)^y(v,19)^v>>>10;b[c]=ne+b[c-7]+me+b[c-16]|0}let{A:n,B:r,C:o,D:i,E:a,F:u,G:h,H:d}=this;for(let c=0;c<64;c++){let m=y(a,6)^y(a,11)^y(a,25),v=d+m+Pe(a,u,h)+Fe[c]+b[c]|0,ne=(y(n,2)^y(n,13)^y(n,22))+Ee(n,r,o)|0;d=h,h=u,u=a,a=i+v|0,i=o,o=r,r=n,n=v+ne|0}n=n+this.A|0,r=r+this.B|0,o=o+this.C|0,i=i+this.D|0,a=a+this.E|0,u=u+this.F|0,h=h+this.G|0,d=d+this.H|0,this.set(n,r,o,i,a,u,h,d)}roundClean(){b.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var pe=Se(()=>new ae);var j=require("viem"),w=s=>ke.Base64.fromUint8Array(new Uint8Array(s),!0),ue=s=>{let e=(0,j.stringToBytes)(s),t=pe(pe(e));return(0,j.toHex)(t,{size:32}).slice(2)};var R=class{constructor(e,t){p(this,"userAuthentications");p(this,"authModule");p(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e,t){let n=await this.authModule.authenticate({payload:e,challenge:t!=null?t:ue((0,ce.canonicalize)(e))});this.userAuthentications.set("default",n)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let n of e){let r=n.signAlg,o=t?t[r]:ue((0,ce.canonicalize)(n));if(o){let i=await this.authModule.authenticate({payload:n,challenge:o});this.userAuthentications.set(r,i)}else throw new Error(`no final challenge found in response for ${r}`)}}async setSigngenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for signgen v1");await this.setDefaultAuth(e,t)}async setAddEphKeyUserSigs(e,t){await this.setDefaultAuth(e,t)}async setRevokeEphKeyUserSigs(e,t){await this.setDefaultAuth(e,t)}async setRegisterPasskeyUserSigs(e,t){if(!t)throw new Error("missing challenge response for registerPasskey");await this.setDefaultAuth(e,t)}async setKeyRefreshUserSigs(e,t){if(!t)throw new Error("missing challenge response for keyRefresh");await this.setDefaultAuth(e,t)}async setQcUserSigs(e,t){if(!t)throw new Error("missing challenge response for quorumChange");await this.setDefaultAuth(e,t)}async build(e,t,n){if(e==="keygen"){let r=n?JSON.parse(n):void 0;await this.setKeygenUserSigs(t,r)}else e==="signgen"?await this.setSigngenUserSigs(t,n):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs(t,n):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs(t,n):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs(t,n):e==="keyRefresh"?await this.setKeyRefreshUserSigs(t,n):e==="quorumChange"&&await this.setQcUserSigs(t,n);return Object.fromEntries(this.userAuthentications)}};var X=s=>{let{sign:e,recid:t}=s,n=(27+t).toString(16);return`0x${e}${n}`};var Je=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],f=class{constructor({t:e,n:t,permissions:n,signAlg:r}){p(this,"t");p(this,"n");p(this,"metadata");p(this,"signAlg");g("signAlg",r),this.t=e,this.n=t,this.signAlg=r,this.metadata=[],n&&this.metadata.push({tag:1,value:n})}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],KeygenSetupOpts:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:Je}}},K=class{constructor({t:e,key_id:t,signAlg:n,message:r}){p(this,"t");p(this,"key_id");p(this,"message");p(this,"signAlg");g("keyId",t),g("signAlg",n),g("signRequest",r),this.t=e,this.key_id=t,this.message=r,this.signAlg=n}};var A=class{constructor(e){p(this,"key_id");g("keyId",e),this.key_id=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"}]}}},E=class{constructor(e){p(this,"key_id_list");for(let t of e)g("keyId",t);this.key_id_list=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"}]}}},I=class{constructor(e){p(this,"options");g("options",e),this.options=e}},Y=class{constructor({newT:e,newN:t,keyId:n,signAlg:r}){p(this,"new_t");p(this,"new_n");p(this,"key_id");p(this,"sign_alg");g("keyId",n),g("signAlg",r),this.new_t=e,this.new_n=t,this.key_id=n,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"QuorumChangeRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],QuorumChangeRequest:[{name:"new_t",type:"uint32"},{name:"new_n",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}},q=class{constructor({t:e,keyId:t,signAlg:n}){p(this,"t");p(this,"key_id");p(this,"sign_alg");g("keyId",t),g("signAlg",n),this.t=e,this.key_id=t,this.sign_alg=n}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}};var C=class{constructor(e,t){p(this,"authModule");p(this,"wpClient");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&l(e<2,`Threshold = ${e} must be at least 2`),e&&t&&l(t<e,`Total nodes = ${t} must be greater or equal to threshold = ${e}`)}async generateKey(e,t,n,r){this.validateQuorumSetup({threshold:e,totalNodes:t});let o=n.map(a=>new f({t:e,n:t,permissions:r,signAlg:a}));return await this.wpClient.startKeygen({setups:o,authModule:this.authModule})}async signMessage(e,t,n,r){this.validateQuorumSetup({threshold:e}),xe(n);let o=new K({t:e,key_id:t,signAlg:n,message:r});return await this.wpClient.startSigngen({setup:o,authModule:this.authModule})}async refreshKey(e,t,n){let r=new q({t:e,keyId:t,signAlg:n});return await this.wpClient.startKeyRefresh({payload:r,authModule:this.authModule})}async addEphemeralKey(e){let t=new E(e);return await this.wpClient.addEphemeralKey({payload:t,authModule:this.authModule})}async revokeEphemeralKey(e){g("keyId",e);let t=new A(e);return await this.wpClient.revokeEphemeralKey({payload:t,authModule:this.authModule})}async registerPasskey(e){let t=new I(e!=null?e:"passkey options");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}};var he=s=>{var o,i,a;let e=s.split(":");l(e.length!==3,"Invalid keygen response from network");let t=(o=e[0])==null?void 0:o.split("=")[1],n=(i=e[1])==null?void 0:i.split("=")[1],r=(a=e[2])==null?void 0:a.split("=")[1];return{publicKey:n,keyId:t,signAlg:r}},U=(s,e)=>{let t=s.split(";");return l(t.length!==e,"Invalid keygen response from network, not all keys were generated"),t.map(n=>he(n))},T=(s,e)=>s.split(";").map(n=>{var r,o,i,a,u;if(e==="secp256k1"){let h=n.split(":");l(h.length!==3,"Invalid signgen response from network");let d=(r=h[0])==null?void 0:r.split("=")[1],c=(o=h[1])==null?void 0:o.split("=")[1],m=(i=h[2])==null?void 0:i.split("=")[1];if(d===void 0||c===void 0||m===void 0)throw new Error("Invalid signgen response from network");return{transactionId:m,sign:d,recid:parseInt(c)}}else{let h=n.split(":");l(h.length!==2,"Invalid signgen response from network");let d=(a=h[0])==null?void 0:a.split("=")[1],c=(u=h[1])==null?void 0:u.split("=")[1];if(d===void 0||c===void 0)throw new Error("Invalid signgen response from network");return{transactionId:c,sign:d,recid:0}}}),O=s=>{let e=s.split(";"),t=[];return e.forEach(n=>{let r=n.split(":");l(r.length!==2,"Invalid eph key operation response from network");let o=r[0],i=r[1];t.push({keyId:o,status:i})}),t};var Z=require("json-canonicalize");var M=class{constructor(e){p(this,"walletProviderUrl");p(this,"apiVersion","v1");this.walletProviderUrl=`${e.walletProviderUrl}/${e.apiVersion}`,this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(r=>U(r,e.length))}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(r=>he(r))}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(r=>T(r,e.signAlg))}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(r=>O(r))}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(r=>({status:r}))}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(r=>({passkeyCredentialId:r}))}connect(e,t,n){return new Promise((r,o)=>{let i=0,a=new WebSocket(`${this.walletProviderUrl}/${e}`);a.addEventListener("open",u=>{switch(console.debug(`Connection opened in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i){case 0:i=1,a.send((0,Z.canonicalize)({payload:t}));break;case 1:case 2:i=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async u=>{switch(console.debug(`Connection message in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i){case 0:i=3,o("Incorrect protocol state");break;case 1:{i=2;try{let h=u.data,d=await new R(n,this.apiVersion).build(e,t,h);a.send((0,Z.canonicalize)(d))}catch(h){o(h)}break}case 2:{i=3,a.close(),r(u.data);break}case 3:break}}),a.addEventListener("error",u=>{console.debug(`Connection error in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i!=3&&(i=3,o("Incorrect protocol state"))}),a.addEventListener("close",u=>{console.debug(`Connection closed in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i!=3&&(i=3,o("Incorrect protocol state"))})})}connectV2(e,t,n){return new Promise((r,o)=>{let i=0,a=new WebSocket(`${this.walletProviderUrl}/${e}`);a.addEventListener("open",async u=>{switch(console.debug(`Connection opened in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i){case 0:i=2;try{let h=await new R(n,this.apiVersion).build(e,t);a.send((0,Z.canonicalize)({payload:t,userSigs:h}))}catch(h){o(h)}break;case 2:i=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async u=>{switch(console.debug(`Connection message in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i){case 0:i=3,o("Incorrect protocol state");break;case 2:{i=3,a.close(),r(u.data);break}case 3:break}}),a.addEventListener("error",u=>{console.debug(`Connection error in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i!=3&&(i=3,o("Incorrect protocol state"))}),a.addEventListener("close",u=>{console.debug(`Connection closed in state ${i} with event ${JSON.stringify(u,void 0,"	")}`),i!=3&&(i=3,o("Incorrect protocol state"))})})}};var ve=require("json-canonicalize");var le=class extends Error{constructor(t,n,r){super(r||n);this.status=t;this.statusText=n;this.name="HttpError"}},D=class{constructor(e="",t={}){p(this,"baseURL");p(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders={"Content-Type":"application/json",...t}}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,n]of Object.entries(e))if(typeof t!="string"||typeof n!="string")throw new Error(`Invalid header: ${t}. Header names and values must be strings.`)}setDefaultHeaders(e){this.defaultHeaders={...this.defaultHeaders,...e}}buildUrl(e){return`${this.baseURL}${e}`}async handleResponse(e){if(!e.ok){let n;try{n=(await e.json()).message||e.statusText}catch{n=e.statusText}throw new le(e.status,e.statusText,n)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,n,r={}){let o=this.buildUrl(t),i={...this.defaultHeaders,...r.headers},a={method:e,headers:i,...r,body:n?(0,ve.canonicalize)(n):null},u=await fetch(o,a);return this.handleResponse(u)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,n){return this.request("POST",e,t,n)}async put(e,t,n){return this.request("PUT",e,t,n)}async patch(e,t,n){return this.request("PATCH",e,t,n)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};var ze={name:"SilentShard authentication",version:"0.1.0"},Ge=[{name:"name",type:"string"},{name:"version",type:"string"}];function Qe(s,e,t){return{types:{EIP712Domain:Ge,...s.eoaRequestSchema},domain:ze,primaryType:"Request",message:{setup:s,challenge:e,eph_claim:t}}}async function Ke({setup:s,eoa:e,challenge:t,browserWallet:n,ephClaim:r}){let o=Qe(s,t,r?r.toJSON():""),i=await n.signTypedData(e,o);return{credentials:{credentials:r?r.toJSON():"",method:"eoa",id:e},signature:i}}var ge=require("js-base64"),de=require("viem"),N=require("json-canonicalize");async function Ie({user:s,challenge:e,rpConfig:t}){let n=(0,de.hexToBytes)(`0x${e}`,{size:32}),r={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:n,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:{...s,id:ge.Base64.toUint8Array(s.id)}}},o=await navigator.credentials.create(r);if(o===null)throw new Error("No credential returned");let i=w(o.response.attestationObject),u={rawCredential:(0,N.canonicalize)({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:w(o.rawId),response:{attestationObject:i,clientDataJSON:w(o.response.clientDataJSON)},type:o.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:(0,N.canonicalize)(u)}}async function qe({challenge:s,allowCredentialId:e,rpConfig:t,ephClaim:n}){let r=(0,de.hexToBytes)(`0x${s}`,{size:32}),o=e?[{type:"public-key",id:ge.Base64.toUint8Array(e)}]:[],i={publicKey:{userVerification:"required",challenge:r,allowCredentials:o}},a=await navigator.credentials.get(i);if(a===null)throw new Error("Failed to get navigator credentials");let u=a.response,h=u.userHandle;if(h===null)throw new Error("User handle cannot be null");let d=w(u.signature),m={rawCredential:(0,N.canonicalize)({authenticatorAttachment:a.authenticatorAttachment,id:a.id,rawId:w(a.rawId),response:{authenticatorData:w(u.authenticatorData),clientDataJSON:w(u.clientDataJSON),signature:d,userHandle:w(h)},type:a.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:n.toJSON(),method:"passkey",id:a.id},signature:(0,N.canonicalize)(m)}}var H=require("viem"),ee=require("@noble/curves/ed25519"),ye=require("@noble/curves/secp256k1");var Ce=require("viem/accounts"),fe=require("json-canonicalize");var S=class s{constructor(e,t,n,r=Math.floor(Date.now()/1e3)+3600){p(this,"ephId");p(this,"ephPK");p(this,"signAlg");p(this,"expiry");this.validateInputs(e,t,n,r),this.ephId=e,this.ephPK=(0,H.toHex)(t),this.signAlg=n,this.expiry=r}validateInputs(e,t,n,r){g("ephId",e),we(t,n),l(Number.isInteger(r)===!1,"expiry must be an integer");let o=Math.floor(Date.now()/1e3),i=r-o,a=i>0&&i<=365*24*60*60;l(!a,`lifetime must be greater than 0 and less than or equal to 365 days expiry - now ${i}, expiry ${r} now secs ${o}`)}toJSON(){return(0,fe.canonicalize)({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}static generateKeys(e,t){let n=W(e),r=k(n,e),o=new s((0,H.toHex)(r),r,e,t);return{privKey:n,pubKey:r,ephClaim:o}}};async function Ue({setup:s,challenge:e,ephSK:t,ephClaim:n}){let r={setup:s,challenge:e},o=new TextEncoder().encode((0,fe.canonicalize)(r)),i=await je(o,t,n.signAlg);return{credentials:{credentials:n.toJSON(),method:"ephemeral",id:n.ephId},signature:i}}async function je(s,e,t){switch(t){case"ed25519":return(0,H.toHex)(ee.ed25519.sign(s,e));case"secp256k1":return await(0,Ce.signMessage)({message:{raw:s},privateKey:(0,H.toHex)(e)});default:throw new Error("Invalid signature algorithm")}}function W(s){switch(s){case"ed25519":return ee.ed25519.utils.randomPrivateKey();case"secp256k1":return ye.secp256k1.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function k(s,e){switch(e){case"ed25519":return ee.ed25519.getPublicKey(s);case"secp256k1":return ye.secp256k1.getPublicKey(s,!1);default:throw new Error("Invalid signature algorithm")}}var Te=require("viem");var F=require("json-canonicalize");var V=class{constructor(e,t,n){p(this,"browserWallet");p(this,"eoa");p(this,"ephClaim");this.validateInputs(e,t),this.ephClaim=n,this.browserWallet=t,this.eoa=e}validateInputs(e,t){l(!(0,Te.isAddress)(e),"invalid Ethereum address format"),l(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return l(!(e instanceof f||e instanceof q||e instanceof Y||e instanceof E||e instanceof A),`invalid payload for EOA auth. Requires KeygenSetupOpts or KeyRefreshRequest or QuorumChangeRequest or AddEphKeyRequest or RevokeEphKeyRequest but found ${(0,F.canonicalize)(e)}`),await Ke({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet,ephClaim:this.ephClaim})}},_=class{constructor(e,t,n){p(this,"ephSK");p(this,"ephClaim");Re(t,n),this.ephSK=t;let r=k(this.ephSK,n);this.ephClaim=new S(e,r,n)}async authenticate({payload:e,challenge:t}){return l(!(e instanceof K||e instanceof A),`invalid payload for Ephemeral auth. Requires SignSetupOpts or RevokeEphKeyRequest but found ${(0,F.canonicalize)(e)}`),await Ue({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},B=class{constructor(e,t,n){p(this,"rpConfig");p(this,"allowCredentialId");p(this,"ephClaim");this.ephClaim=n,this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return l(!(e instanceof f||e instanceof E||e instanceof A),`invalid payload for Passkey login. Requires KeygenSetupOpts or AddEphKeyRequest or RevokeEphKeyRequest but found ${(0,F.canonicalize)(e)}`),await qe({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig,ephClaim:this.ephClaim})}},L=class{constructor(e,t){p(this,"rpConfig");p(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return l(!(e instanceof I),`invalid payload for Passkey register. Requires PasskeyRegisterRequest but found ${(0,F.canonicalize)(e)}`),await Ie({user:this.user,challenge:t,rpConfig:this.rpConfig})}};var te=require("viem/accounts"),Oe=require("@noble/curves/secp256k1"),$=require("viem"),Xe=require("js-base64");function se(s){if(s.startsWith("0x")&&(s=s.slice(2)),s.startsWith("04"))return(0,te.publicKeyToAddress)(`0x${s} `);if(s.startsWith("02")||s.startsWith("03")){let e=Oe.secp256k1.ProjectivePoint.fromHex(s).toHex(!1);return(0,te.publicKeyToAddress)(`0x${e}`)}else throw new Error("Invalid public key")}var Ye={KeygenSetupOpts:f,UserSignatures:R,NetworkSigner:C,SignRequestBuilder:P,WalletProviderServiceClient:M,HttpClient:D,EOAAuth:V,EphAuth:_,PasskeyAuth:B,PasskeyRegister:L,generateEphPrivateKey:W,getEphPublicKey:k,EphKeyClaim:S,computeAddress:se,flattenSignature:X,parseSigngenResult:T,parseKeygenResult:U,parseEphKeyOperationResult:O};0&&(module.exports={EOAAuth,EphAuth,EphKeyClaim,HttpClient,KeygenSetupOpts,NetworkSigner,PasskeyAuth,PasskeyRegister,SignRequestBuilder,UserSignatures,WalletProviderServiceClient,computeAddress,flattenSignature,generateEphPrivateKey,getEphPublicKey,parseEphKeyOperationResult,parseKeygenResult,parseSigngenResult});
 /*! Bundled license information:
 
 @noble/hashes/esm/utils.js: