@silvana-one/mina-curves 0.3.0

package/dist/node/index.cjs

@@ -0,0 +1,711 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod2) => __copyProps(__defProp({}, "__esModule", { value: true }), mod2);
+
+// dist/node/index.js
+var index_exports = {};
+__export(index_exports, {
+  poseidon: () => poseidon,
+  verifySignature: () => verifySignature
+});
+module.exports = __toCommonJS(index_exports);
+
+// dist/node/curve/constants.js
+var PallasConstants = {
+  name: "Pallas",
+  modulus: 28948022309329048855892746252171976963363056481941560715954676764349967630337n,
+  order: 28948022309329048855892746252171976963363056481941647379679742748393362948097n,
+  cofactor: 1n,
+  zero: { x: 1n, y: 1n, z: 0n },
+  one: {
+    x: 1n,
+    y: 12418654782883325593414442427049395787963493412651469444558597405572177144507n,
+    z: 1n
+  },
+  hasEndomorphism: true,
+  a: 0n,
+  b: 5n,
+  hasCofactor: false,
+  p: 28948022309329048855892746252171976963363056481941560715954676764349967630337n,
+  twoadicRoot: 19814229590243028906643993866117402072516588566294623396325693409366934201135n,
+  twoadicity: 32n,
+  oddFactor: 6739986666787659948666753771754907668419893943225396963757154709741n
+};
+var PoseidonConstants = {
+  stateSize: 3,
+  rate: 2,
+  fullRounds: 55,
+  power: 7n,
+  hasInitialRoundConstant: false,
+  mds: [
+    [
+      12035446894107573964500871153637039653510326950134440362813193268448863222019n,
+      25461374787957152039031444204194007219326765802730624564074257060397341542093n,
+      27667907157110496066452777015908813333407980290333709698851344970789663080149n
+    ],
+    [
+      4491931056866994439025447213644536587424785196363427220456343191847333476930n,
+      14743631939509747387607291926699970421064627808101543132147270746750887019919n,
+      9448400033389617131295304336481030167723486090288313334230651810071857784477n
+    ],
+    [
+      10525578725509990281643336361904863911009900817790387635342941550657754064843n,
+      27437632000253211280915908546961303399777448677029255413769125486614773776695n,
+      27566319851776897085443681456689352477426926500749993803132851225169606086988n
+    ]
+  ],
+  roundConstants: [
+    [
+      21155079691556475130150866428468322463125560312786319980770950159250751855431n,
+      16883442198399350202652499677723930673110172289234921799701652810789093522349n,
+      17030687036425314703519085065002231920937594822150793091243263847382891822670n
+    ],
+    [
+      25216718237129482752721276445368692059997901880654047883630276346421457427360n,
+      9054264347380455706540423067244764093107767235485930776517975315876127782582n,
+      26439087121446593160953570192891907825526260324480347638727375735543609856888n
+    ],
+    [
+      15251000790817261169639394496851831733819930596125214313084182526610855787494n,
+      10861916012597714684433535077722887124099023163589869801449218212493070551767n,
+      18597653523270601187312528478986388028263730767495975370566527202946430104139n
+    ],
+    [
+      15831416454198644276563319006805490049460322229057756462580029181847589006611n,
+      15171856919255965617705854914448645702014039524159471542852132430360867202292n,
+      15488495958879593647482715143904752785889816789652405888927117106448507625751n
+    ],
+    [
+      19039802679983063488134304670998725949842655199289961967801223969839823940152n,
+      4720101937153217036737330058775388037616286510783561045464678919473230044408n,
+      10226318327254973427513859412126640040910264416718766418164893837597674300190n
+    ],
+    [
+      20878756131129218406920515859235137275859844638301967889441262030146031838819n,
+      7178475685651744631172532830973371642652029385893667810726019303466125436953n,
+      1996970955918516145107673266490486752153434673064635795711751450164177339618n
+    ],
+    [
+      15205545916434157464929420145756897321482314798910153575340430817222504672630n,
+      25660296961552699573824264215804279051322332899472350724416657386062327210698n,
+      13842611741937412200312851417353455040950878279339067816479233688850376089318n
+    ],
+    [
+      1383799642177300432144836486981606294838630135265094078921115713566691160459n,
+      1135532281155277588005319334542025976079676424839948500020664227027300010929n,
+      4384117336930380014868572224801371377488688194169758696438185377724744869360n
+    ],
+    [
+      21725577575710270071808882335900370909424604447083353471892004026180492193649n,
+      676128913284806802699862508051022306366147359505124346651466289788974059668n,
+      25186611339598418732666781049829183886812651492845008333418424746493100589207n
+    ],
+    [
+      10402240124664763733060094237696964473609580414190944671778761753887884341073n,
+      11918307118590866200687906627767559273324023585642003803337447146531313172441n,
+      16895677254395661024186292503536662354181715337630376909778003268311296637301n
+    ],
+    [
+      23818602699032741669874498456696325705498383130221297580399035778119213224810n,
+      4285193711150023248690088154344086684336247475445482883105661485741762600154n,
+      19133204443389422404056150665863951250222934590192266371578950735825153238612n
+    ],
+    [
+      5515589673266504033533906836494002702866463791762187140099560583198974233395n,
+      11830435563729472715615302060564876527985621376031612798386367965451821182352n,
+      7510711479224915247011074129666445216001563200717943545636462819681638560128n
+    ],
+    [
+      24694843201907722940091503626731830056550128225297370217610328578733387733444n,
+      27361655066973784653563425664091383058914302579694897188019422193564924110528n,
+      21606788186194534241166833954371013788633495786419718955480491478044413102713n
+    ],
+    [
+      19934060063390905409309407607814787335159021816537006003398035237707924006757n,
+      8495813630060004961768092461554180468161254914257386012937942498774724649553n,
+      27524960680529762202005330464726908693944660961000958842417927307941561848461n
+    ],
+    [
+      15178481650950399259757805400615635703086255035073919114667254549690862896985n,
+      16164780354695672259791105197274509251141405713012804937107314962551600380870n,
+      10529167793600778056702353412758954281652843049850979705476598375597148191979n
+    ],
+    [
+      721141070179074082553302896292167103755384741083338957818644728290501449040n,
+      22044408985956234023934090378372374883099115753118261312473550998188148912041n,
+      27068254103241989852888872162525066148367014691482601147536314217249046186315n
+    ],
+    [
+      3880429241956357176819112098792744584376727450211873998699580893624868748961n,
+      17387097125522937623262508065966749501583017524609697127088211568136333655623n,
+      6256814421247770895467770393029354017922744712896100913895513234184920631289n
+    ],
+    [
+      2942627347777337187690939671601251987500285937340386328746818861972711408579n,
+      24031654937764287280548628128490074801809101323243546313826173430897408945397n,
+      14401457902976567713827506689641442844921449636054278900045849050301331732143n
+    ],
+    [
+      20170632877385406450742199836933900257692624353889848352407590794211839130727n,
+      24056496193857444725324410428861722338174099794084586764867109123681727290181n,
+      11257913009612703357266904349759250619633397075667824800196659858304604714965n
+    ],
+    [
+      22228158921984425749199071461510152694025757871561406897041788037116931009246n,
+      9152163378317846541430311327336774331416267016980485920222768197583559318682n,
+      13906695403538884432896105059360907560653506400343268230130536740148070289175n
+    ],
+    [
+      7220714562509721437034241786731185291972496952091254931195414855962344025067n,
+      27608867305903811397208862801981345878179337369367554478205559689592889691927n,
+      13288465747219756218882697408422850918209170830515545272152965967042670763153n
+    ],
+    [
+      8251343892709140154567051772980662609566359215743613773155065627504813327653n,
+      22035238365102171608166944627493632660244312563934708756134297161332908879090n,
+      13560937766273321037807329177749403409731524715067067740487246745322577571823n
+    ],
+    [
+      21652518608959234550262559135285358020552897349934571164032339186996805408040n,
+      22479086963324173427634460342145551255011746993910136574926173581069603086891n,
+      13676501958531751140966255121288182631772843001727158043704693838707387130095n
+    ],
+    [
+      5680310394102577950568930199056707827608275306479994663197187031893244826674n,
+      25125360450906166639190392763071557410047335755341060350879819485506243289998n,
+      22659254028501616785029594492374243581602744364859762239504348429834224676676n
+    ],
+    [
+      23101411405087512171421838856759448177512679869882987631073569441496722536782n,
+      24149774013240355952057123660656464942409328637280437515964899830988178868108n,
+      5782097512368226173095183217893826020351125522160843964147125728530147423065n
+    ],
+    [
+      13540762114500083869920564649399977644344247485313990448129838910231204868111n,
+      20421637734328811337527547703833013277831804985438407401987624070721139913982n,
+      7742664118615900772129122541139124149525273579639574972380600206383923500701n
+    ],
+    [
+      1109643801053963021778418773196543643970146666329661268825691230294798976318n,
+      16580663920817053843121063692728699890952505074386761779275436996241901223840n,
+      14638514680222429058240285918830106208025229459346033470787111294847121792366n
+    ],
+    [
+      17080385857812672649489217965285727739557573467014392822992021264701563205891n,
+      26176268111736737558502775993925696791974738793095023824029827577569530708665n,
+      4382756253392449071896813428140986330161215829425086284611219278674857536001n
+    ],
+    [
+      13934033814940585315406666445960471293638427404971553891617533231178815348902n,
+      27054912732979753314774418228399230433963143177662848084045249524271046173121n,
+      28916070403698593376490976676534962592542013020010643734621202484860041243391n
+    ],
+    [
+      24820015636966360150164458094894587765384135259446295278101998130934963922381n,
+      7969535238488580655870884015145760954416088335296905520306227531221721881868n,
+      7690547696740080985104189563436871930607055124031711216224219523236060212249n
+    ],
+    [
+      9712576468091272384496248353414290908377825697488757134833205246106605867289n,
+      12148698031438398980683630141370402088785182722473169207262735228500190477924n,
+      14359657643133476969781351728574842164124292705609900285041476162075031948227n
+    ],
+    [
+      23563839965372067275137992801035780013422228997724286060975035719045352435470n,
+      4184634822776323233231956802962638484057536837393405750680645555481330909086n,
+      16249511905185772125762038789038193114431085603985079639889795722501216492487n
+    ],
+    [
+      11001863048692031559800673473526311616702863826063550559568315794438941516621n,
+      4702354107983530219070178410740869035350641284373933887080161024348425080464n,
+      23751680507533064238793742311430343910720206725883441625894258483004979501613n
+    ],
+    [
+      28670526516158451470169873496541739545860177757793329093045522432279094518766n,
+      3568312993091537758218792253361873752799472566055209125947589819564395417072n,
+      1819755756343439646550062754332039103654718693246396323207323333948654200950n
+    ],
+    [
+      5372129954699791301953948907349887257752247843844511069896766784624930478273n,
+      17512156688034945920605615850550150476471921176481039715733979181538491476080n,
+      25777105342317622165159064911913148785971147228777677435200128966844208883059n
+    ],
+    [
+      25350392006158741749134238306326265756085455157012701586003300872637887157982n,
+      20096724945283767296886159120145376967480397366990493578897615204296873954844n,
+      8063283381910110762785892100479219642751540456251198202214433355775540036851n
+    ],
+    [
+      4393613870462297385565277757207010824900723217720226130342463666351557475823n,
+      9874972555132910032057499689351411450892722671352476280351715757363137891038n,
+      23590926474329902351439438151596866311245682682435235170001347511997242904868n
+    ],
+    [
+      17723373371137275859467518615551278584842947963894791032296774955869958211070n,
+      2350345015303336966039836492267992193191479606566494799781846958620636621159n,
+      27755207882790211140683010581856487965587066971982625511152297537534623405016n
+    ],
+    [
+      6584607987789185408123601849106260907671314994378225066806060862710814193906n,
+      609759108847171587253578490536519506369136135254150754300671591987320319770n,
+      28435187585965602110074342250910608316032945187476441868666714022529803033083n
+    ],
+    [
+      16016664911651770663938916450245705908287192964254704641717751103464322455303n,
+      17551273293154696089066968171579395800922204266630874071186322718903959339163n,
+      20414195497994754529479032467015716938594722029047207834858832838081413050198n
+    ],
+    [
+      19773307918850685463180290966774465805537520595602496529624568184993487593855n,
+      24598603838812162820757838364185126333280131847747737533989799467867231166980n,
+      11040972566103463398651864390163813377135738019556270484707889323659789290225n
+    ],
+    [
+      5189242080957784038860188184443287562488963023922086723850863987437818393811n,
+      1435203288979376557721239239445613396009633263160237764653161500252258220144n,
+      13066591163578079667911016543985168493088721636164837520689376346534152547210n
+    ],
+    [
+      17345901407013599418148210465150865782628422047458024807490502489711252831342n,
+      22139633362249671900128029132387275539363684188353969065288495002671733200348n,
+      1061056418502836172283188490483332922126033656372467737207927075184389487061n
+    ],
+    [
+      10241738906190857416046229928455551829189196941239601756375665129874835232299n,
+      27808033332417845112292408673209999320983657696373938259351951416571545364415n,
+      18820154989873674261497645724903918046694142479240549687085662625471577737140n
+    ],
+    [
+      7983688435214640842673294735439196010654951226956101271763849527529940619307n,
+      17067928657801807648925755556866676899145460770352731818062909643149568271566n,
+      24472070825156236829515738091791182856425635433388202153358580534810244942762n
+    ],
+    [
+      25752201169361795911258625731016717414310986450004737514595241038036936283227n,
+      26041505376284666160132119888949817249574689146924196064963008712979256107535n,
+      23977050489096115210391718599021827780049209314283111721864956071820102846008n
+    ],
+    [
+      26678257097278788410676026718736087312816016749016738933942134600725962413805n,
+      10480026985951498884090911619636977502506079971893083605102044931823547311729n,
+      21126631300593007055117122830961273871167754554670317425822083333557535463396n
+    ],
+    [
+      1564862894215434177641156287699106659379648851457681469848362532131406827573n,
+      13247162472821152334486419054854847522301612781818744556576865965657773174584n,
+      8673615954922496961704442777870253767001276027366984739283715623634850885984n
+    ],
+    [
+      2794525076937490807476666942602262298677291735723129868457629508555429470085n,
+      4656175953888995612264371467596648522808911819700660048695373348629527757049n,
+      23221574237857660318443567292601561932489621919104226163978909845174616477329n
+    ],
+    [
+      1878392460078272317716114458784636517603142716091316893054365153068227117145n,
+      2370412714505757731457251173604396662292063533194555369091306667486647634097n,
+      17409784861870189930766639925394191888667317762328427589153989811980152373276n
+    ],
+    [
+      25869136641898166514111941708608048269584233242773814014385564101168774293194n,
+      11361209360311194794795494027949518465383235799633128250259863567683341091323n,
+      14913258820718821235077379851098720071902170702113538811112331615559409988569n
+    ],
+    [
+      12957012022018304419868287033513141736995211906682903915897515954290678373899n,
+      17128889547450684566010972445328859295804027707361763477802050112063630550300n,
+      23329219085372232771288306767242735245018143857623151155581182779769305489903n
+    ],
+    [
+      1607741027962933685476527275858938699728586794398382348454736018784568853937n,
+      2611953825405141009309433982109911976923326848135736099261873796908057448476n,
+      7372230383134982628913227482618052530364724821976589156840317933676130378411n
+    ],
+    [
+      20203606758501212620842735123770014952499754751430660463060696990317556818571n,
+      4678361398979174017885631008335559529633853759463947250620930343087749944307n,
+      27176462634198471376002287271754121925750749676999036165457559387195124025594n
+    ],
+    [
+      6361981813552614697928697527332318530502852015189048838072565811230204474643n,
+      13815234633287489023151647353581705241145927054858922281829444557905946323248n,
+      10888828634279127981352133512429657747610298502219125571406085952954136470354n
+    ]
+  ]
+};
+
+// dist/node/curve/curve.js
+var projectiveZero = { x: 1n, y: 1n, z: 0n };
+var Group = {
+  toProjective({ x, y }) {
+    return projectiveFromAffine({ x, y, infinity: false });
+  },
+  /**
+   * Convert a projective point to a non-zero affine point.
+   * Throws an error if the point is zero / infinity, i.e. if z === 0
+   */
+  fromProjective(point) {
+    let { x, y, infinity } = projectiveToAffine(point);
+    if (infinity)
+      throw Error("Group.fromProjective: point is infinity");
+    return { x, y };
+  }
+};
+var { p, a, b, twoadicRoot, twoadicity, oddFactor } = PallasConstants;
+function mod(x, p2) {
+  x = x % p2;
+  if (x < 0)
+    return x + p2;
+  return x;
+}
+function projectiveDoubleA0(g, p2) {
+  if (g.z === 0n)
+    return g;
+  let X1 = g.x, Y1 = g.y, Z1 = g.z;
+  if (Y1 === 0n)
+    throw Error("projectiveDouble: unhandled case");
+  let A = mod(X1 * X1, p2);
+  let B = mod(Y1 * Y1, p2);
+  let C = mod(B * B, p2);
+  let D = mod(2n * ((X1 + B) * (X1 + B) - A - C), p2);
+  let E = 3n * A;
+  let F = mod(E * E, p2);
+  let X3 = mod(F - 2n * D, p2);
+  let Y3 = mod(E * (D - X3) - 8n * C, p2);
+  let Z3 = mod(2n * Y1 * Z1, p2);
+  return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveDoubleAminus3(g, p2) {
+  if (g.z === 0n)
+    return g;
+  let X1 = g.x, Y1 = g.y, Z1 = g.z;
+  if (Y1 === 0n)
+    throw Error("projectiveDouble: unhandled case");
+  let delta = mod(Z1 * Z1, p2);
+  let gamma = mod(Y1 * Y1, p2);
+  let beta = mod(X1 * gamma, p2);
+  let alpha = mod((X1 - delta) * (X1 + delta), p2);
+  alpha = alpha + alpha + alpha;
+  let X3 = mod(alpha * alpha - 8n * beta, p2);
+  let Z3 = mod((Y1 + Z1) * (Y1 + Z1) - gamma - delta, p2);
+  let Y3 = mod(alpha * (4n * beta - X3) - 8n * gamma * gamma, p2);
+  return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveDouble(g, p2, a2) {
+  if (a2 === 0n)
+    return projectiveDoubleA0(g, p2);
+  if (a2 + 3n === p2)
+    return projectiveDoubleAminus3(g, p2);
+  throw Error("Projective doubling is not implemented for general curve parameter a, only a = 0 and a = -3");
+}
+function projectiveNeg({ x, y, z }, p2) {
+  return { x, y: y === 0n ? 0n : p2 - y, z };
+}
+function projectiveAdd(g, h, p2, a2) {
+  if (g.z === 0n)
+    return h;
+  if (h.z === 0n)
+    return g;
+  let X1 = g.x, Y1 = g.y, Z1 = g.z, X2 = h.x, Y2 = h.y, Z2 = h.z;
+  let Z1Z1 = mod(Z1 * Z1, p2);
+  let Z2Z2 = mod(Z2 * Z2, p2);
+  let U1 = mod(X1 * Z2Z2, p2);
+  let U2 = mod(X2 * Z1Z1, p2);
+  let S1 = mod(Y1 * Z2 * Z2Z2, p2);
+  let S2 = mod(Y2 * Z1 * Z1Z1, p2);
+  let H = mod(U2 - U1, p2);
+  if (H === 0n) {
+    if (S1 === S2)
+      return projectiveDouble(g, p2, a2);
+    if (mod(S1 + S2, p2) === 0n)
+      return projectiveZero;
+    throw Error("projectiveAdd: invalid point");
+  }
+  let I = mod(H * H << 2n, p2);
+  let J = mod(H * I, p2);
+  let r = 2n * (S2 - S1);
+  let V = mod(U1 * I, p2);
+  let X3 = mod(r * r - J - 2n * V, p2);
+  let Y3 = mod(r * (V - X3) - 2n * S1 * J, p2);
+  let Z3 = mod(((Z1 + Z2) * (Z1 + Z2) - Z1Z1 - Z2Z2) * H, p2);
+  return { x: X3, y: Y3, z: Z3 };
+}
+function projectiveSub(g, h, p2, a2) {
+  return projectiveAdd(g, projectiveNeg(h, p2), p2, a2);
+}
+function getProjectiveDouble(p2, a2) {
+  if (a2 === 0n)
+    return projectiveDoubleA0;
+  if (a2 + 3n === p2)
+    return projectiveDoubleAminus3;
+  throw Error("Projective doubling is not implemented for general curve parameter a, only a = 0 and a = -3");
+}
+function bigIntToBits(x) {
+  if (x < 0n) {
+    throw Error(`bigIntToBits: negative numbers are not supported, got ${x}`);
+  }
+  let bits = [];
+  for (; x > 0n; x >>= 1n) {
+    let bit = !!(x & 1n);
+    bits.push(bit);
+  }
+  return bits;
+}
+function projectiveScale(g, x, p2, a2) {
+  let double = getProjectiveDouble(p2, a2);
+  let bits = typeof x === "bigint" ? bigIntToBits(x) : x;
+  let h = projectiveZero;
+  for (let bit of bits) {
+    if (bit)
+      h = projectiveAdd(h, g, p2, a2);
+    g = double(g, p2);
+  }
+  return h;
+}
+function sub(g, h) {
+  return projectiveSub(g, h, p, PallasConstants.a);
+}
+function scale(g, s) {
+  return projectiveScale(g, s, p, PallasConstants.a);
+}
+function projectiveFromAffine({ x, y, infinity }) {
+  if (infinity)
+    return projectiveZero;
+  return { x, y, z: 1n };
+}
+function projectiveToAffine(g) {
+  let z = g.z;
+  if (z === 0n) {
+    return { x: 0n, y: 0n, infinity: true };
+  } else if (z === 1n) {
+    return { x: g.x, y: g.y, infinity: false };
+  } else {
+    let zinv = inverse(z, p);
+    let zinv_squared = mod(zinv * zinv, p);
+    let x = mod(g.x * zinv_squared, p);
+    let y = mod(g.y * zinv * zinv_squared, p);
+    return { x, y, infinity: false };
+  }
+}
+function inverse(a2, p2) {
+  a2 = mod(a2, p2);
+  if (a2 === 0n)
+    return void 0;
+  let b2 = p2;
+  let x = 0n;
+  let y = 1n;
+  let u = 1n;
+  let v = 0n;
+  while (a2 !== 0n) {
+    let q = b2 / a2;
+    let r = mod(b2, a2);
+    let m = x - u * q;
+    let n = y - v * q;
+    b2 = a2;
+    a2 = r;
+    x = u;
+    y = v;
+    u = m;
+    v = n;
+  }
+  if (b2 !== 1n)
+    return void 0;
+  return mod(x, p2);
+}
+function isEven(x) {
+  return !(mod(x, p) & 1n);
+}
+function equal(x, y) {
+  let x_ = x >= 0n && x < p ? x : mod(x, p);
+  let y_ = y >= 0n && y < p ? y : mod(y, p);
+  return x_ === y_;
+}
+function power(a2, n) {
+  a2 = mod(a2, p);
+  let x = 1n;
+  for (; n > 0n; n >>= 1n) {
+    if (n & 1n)
+      x = mod(x * a2, p);
+    a2 = mod(a2 * a2, p);
+  }
+  return x;
+}
+function add(x, y) {
+  return mod(x + y, p);
+}
+function mul(x, y) {
+  return mod(x * y, p);
+}
+function dot(x, y) {
+  let z = 0n;
+  let n = x.length;
+  for (let i = 0; i < n; i++) {
+    z += x[i] * y[i];
+  }
+  return mod(z, p);
+}
+function sqrt(n_, p2, Q, c, M) {
+  const n = mod(n_, p2);
+  if (n === 0n)
+    return 0n;
+  let t = power(n, Q - 1n >> 1n);
+  let R = mod(t * n, p2);
+  t = mod(t * R, p2);
+  while (true) {
+    if (t === 1n)
+      return R;
+    let i = 0n;
+    let s = t;
+    while (s !== 1n) {
+      s = mod(s * s, p2);
+      i = i + 1n;
+    }
+    if (i === M)
+      return void 0;
+    let b2 = power(c, 1n << M - i - 1n);
+    M = i;
+    c = mod(b2 * b2, p2);
+    t = mod(t * c, p2);
+    R = mod(R * b2, p2);
+  }
+}
+function sqrt_internal(x) {
+  return sqrt(x, p, oddFactor, twoadicRoot, twoadicity);
+}
+function negate(x) {
+  return x === 0n ? 0n : mod(-x, p);
+}
+function publicKeyToGroup({ x, isOdd }) {
+  const ySquared = add(mul(x, mul(x, x)), b);
+  let y = sqrt_internal(ySquared);
+  if (y === void 0) {
+    throw Error("PublicKey.toGroup: not a valid group element");
+  }
+  if (isOdd !== !!(y & 1n))
+    y = negate(y);
+  return { x, y };
+}
+
+// dist/node/curve/hash.js
+function poseidonInitialState() {
+  return Array(PoseidonConstants.stateSize).fill(0n);
+}
+function poseidonUpdate([...state], input) {
+  const { rate } = PoseidonConstants;
+  if (input.length === 0) {
+    permutation(state);
+    return state;
+  }
+  const n = Math.ceil(input.length / rate) * rate;
+  input = input.concat(Array(n - input.length).fill(0n));
+  for (let blockIndex = 0; blockIndex < n; blockIndex += rate) {
+    for (let i = 0; i < rate; i++) {
+      state[i] = add(state[i], input[blockIndex + i]);
+    }
+    permutation(state);
+  }
+  return state;
+}
+function hashMessage(message, publicKey, r) {
+  let { x, y } = publicKey;
+  let input = append(message, { fields: [x, y, r] });
+  return hashWithPrefix(packToFields(input));
+}
+function append(input1, input2) {
+  return {
+    fields: (input1.fields ?? []).concat(input2.fields ?? []),
+    packed: (input1.packed ?? []).concat(input2.packed ?? [])
+  };
+}
+function packToFields({ fields = [], packed = [] }) {
+  if (packed.length === 0)
+    return fields;
+  const packedBits = [];
+  let currentPackedField = 0n;
+  let currentSize = 0;
+  for (let [field, size] of packed) {
+    currentSize += size;
+    if (currentSize < 255) {
+      currentPackedField = currentPackedField * (1n << BigInt(size)) + field;
+    } else {
+      packedBits.push(currentPackedField);
+      currentSize = size;
+      currentPackedField = field;
+    }
+  }
+  packedBits.push(currentPackedField);
+  return fields.concat(packedBits);
+}
+var prefix = 240717916736854602989207148466022993262069182275n;
+function salt() {
+  return poseidonUpdate(poseidonInitialState(), [prefix]);
+}
+function hashWithPrefix(input) {
+  let init = salt();
+  return poseidonUpdate(init, input)[0];
+}
+function permutation(state) {
+  const { hasInitialRoundConstant, stateSize, roundConstants, fullRounds, power: power_, mds } = PoseidonConstants;
+  let offset = 0;
+  if (hasInitialRoundConstant) {
+    for (let i = 0; i < stateSize; i++) {
+      state[i] = add(state[i], roundConstants[0][i]);
+    }
+    offset = 1;
+  }
+  for (let round = 0; round < fullRounds; round++) {
+    for (let i = 0; i < stateSize; i++) {
+      state[i] = power(state[i], power_);
+    }
+    let oldState = [...state];
+    for (let i = 0; i < stateSize; i++) {
+      state[i] = dot(mds[i], oldState);
+      state[i] = add(state[i], roundConstants[round + offset][i]);
+    }
+  }
+}
+
+// dist/node/curve/verify.js
+function verify(signature, message, publicKey) {
+  const { r, s } = signature;
+  const pk = publicKeyToGroup(publicKey);
+  const e = hashMessage(message, pk, r);
+  const { one } = PallasConstants;
+  const R = sub(scale(one, s), scale(Group.toProjective(pk), e));
+  try {
+    const { x: rx, y: ry } = Group.fromProjective(R);
+    return isEven(ry) && equal(rx, r);
+  } catch {
+    return false;
+  }
+}
+
+// dist/node/poseidon.js
+function poseidon(message) {
+  return poseidonUpdate(poseidonInitialState(), message)[0];
+}
+
+// dist/node/signature.js
+function verifySignature(params) {
+  const { data, signature, publicKey } = params;
+  return verify(signature, { fields: data }, publicKey);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  poseidon,
+  verifySignature
+});