@sip-protocol/sdk 0.1.8 → 0.2.0

package/dist/index.js

@@ -30,9 +30,14 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
+  ATTESTATION_VERSION: () => ATTESTATION_VERSION,
   BaseWalletAdapter: () => BaseWalletAdapter,
+  BrowserNoirProvider: () => BrowserNoirProvider,
+  CHAIN_NUMERIC_IDS: () => CHAIN_NUMERIC_IDS,
   ComplianceManager: () => ComplianceManager,
   CryptoError: () => CryptoError,
+  DEFAULT_THRESHOLD: () => DEFAULT_THRESHOLD,
+  DEFAULT_TOTAL_ORACLES: () => DEFAULT_TOTAL_ORACLES,
   DerivationPath: () => DerivationPath,
   EncryptionNotImplementedError: () => EncryptionNotImplementedError,
   ErrorCode: () => ErrorCode,
@@ -42,7 +47,7 @@ __export(index_exports, {
   HardwareWalletError: () => HardwareWalletError,
   IntentBuilder: () => IntentBuilder,
   IntentError: () => IntentError,
-  IntentStatus: () => import_types31.IntentStatus,
+  IntentStatus: () => import_types33.IntentStatus,
   LedgerWalletAdapter: () => LedgerWalletAdapter,
   MockEthereumAdapter: () => MockEthereumAdapter,
   MockLedgerAdapter: () => MockLedgerAdapter,
@@ -51,26 +56,27 @@ __export(index_exports, {
   MockSolver: () => MockSolver,
   MockTrezorAdapter: () => MockTrezorAdapter,
   MockWalletAdapter: () => MockWalletAdapter,
-  NATIVE_TOKENS: () => import_types31.NATIVE_TOKENS,
+  NATIVE_TOKENS: () => import_types33.NATIVE_TOKENS,
   NEARIntentsAdapter: () => NEARIntentsAdapter,
   NetworkError: () => NetworkError,
   NoirProofProvider: () => NoirProofProvider,
+  ORACLE_DOMAIN: () => ORACLE_DOMAIN,
   OneClickClient: () => OneClickClient,
-  OneClickDepositMode: () => import_types35.OneClickDepositMode,
-  OneClickErrorCode: () => import_types35.OneClickErrorCode,
-  OneClickSwapStatus: () => import_types35.OneClickSwapStatus,
-  OneClickSwapType: () => import_types35.OneClickSwapType,
+  OneClickDepositMode: () => import_types37.OneClickDepositMode,
+  OneClickErrorCode: () => import_types37.OneClickErrorCode,
+  OneClickSwapStatus: () => import_types37.OneClickSwapStatus,
+  OneClickSwapType: () => import_types37.OneClickSwapType,
   PaymentBuilder: () => PaymentBuilder,
-  PaymentStatus: () => import_types32.PaymentStatus,
-  PrivacyLevel: () => import_types31.PrivacyLevel,
+  PaymentStatus: () => import_types34.PaymentStatus,
+  PrivacyLevel: () => import_types33.PrivacyLevel,
   ProofError: () => ProofError,
   ProofGenerationError: () => ProofGenerationError,
   ProofNotImplementedError: () => ProofNotImplementedError,
-  ProposalStatus: () => import_types33.ProposalStatus,
-  ReportStatus: () => import_types34.ReportStatus,
+  ProposalStatus: () => import_types35.ProposalStatus,
+  ReportStatus: () => import_types36.ReportStatus,
   SIP: () => SIP,
   SIPError: () => SIPError,
-  SIP_VERSION: () => import_types31.SIP_VERSION,
+  SIP_VERSION: () => import_types33.SIP_VERSION,
   STABLECOIN_ADDRESSES: () => STABLECOIN_ADDRESSES,
   STABLECOIN_DECIMALS: () => STABLECOIN_DECIMALS,
   STABLECOIN_INFO: () => STABLECOIN_INFO,
@@ -79,18 +85,23 @@ __export(index_exports, {
   TrezorWalletAdapter: () => TrezorWalletAdapter,
   ValidationError: () => ValidationError,
   WalletError: () => WalletError,
-  WalletErrorCode: () => import_types30.WalletErrorCode,
-  ZcashErrorCode: () => import_types36.ZcashErrorCode,
+  WalletErrorCode: () => import_types32.WalletErrorCode,
+  ZcashErrorCode: () => import_types38.ZcashErrorCode,
   ZcashRPCClient: () => ZcashRPCClient,
   ZcashRPCError: () => ZcashRPCError,
   ZcashShieldedService: () => ZcashShieldedService,
   addBlindings: () => addBlindings,
   addCommitments: () => addCommitments,
+  addOracle: () => addOracle,
   attachProofs: () => attachProofs,
   base58ToHex: () => base58ToHex,
+  browserBytesToHex: () => bytesToHex7,
+  browserHexToBytes: () => hexToBytes5,
+  checkEd25519StealthAddress: () => checkEd25519StealthAddress,
   checkStealthAddress: () => checkStealthAddress,
   commit: () => commit,
   commitZero: () => commitZero,
+  computeAttestationHash: () => computeAttestationHash,
   createCommitment: () => createCommitment,
   createEthereumAdapter: () => createEthereumAdapter,
   createLedgerAdapter: () => createLedgerAdapter,
@@ -103,6 +114,7 @@ __export(index_exports, {
   createMockSolver: () => createMockSolver,
   createMockTrezorAdapter: () => createMockTrezorAdapter,
   createNEARIntentsAdapter: () => createNEARIntentsAdapter,
+  createOracleRegistry: () => createOracleRegistry,
   createProductionSIP: () => createProductionSIP,
   createSIP: () => createSIP,
   createShieldedIntent: () => createShieldedIntent,
@@ -115,12 +127,17 @@ __export(index_exports, {
   decodeStealthMetaAddress: () => decodeStealthMetaAddress,
   decryptMemo: () => decryptMemo,
   decryptWithViewing: () => decryptWithViewing,
+  deriveEd25519StealthPrivateKey: () => deriveEd25519StealthPrivateKey,
+  deriveOracleId: () => deriveOracleId,
   deriveStealthPrivateKey: () => deriveStealthPrivateKey,
   deriveViewingKey: () => deriveViewingKey,
+  deserializeAttestationMessage: () => deserializeAttestationMessage,
   deserializeIntent: () => deserializeIntent,
   deserializePayment: () => deserializePayment,
   detectEthereumWallets: () => detectEthereumWallets,
   detectSolanaWallets: () => detectSolanaWallets,
+  ed25519PublicKeyToNearAddress: () => ed25519PublicKeyToNearAddress,
+  ed25519PublicKeyToSolanaAddress: () => ed25519PublicKeyToSolanaAddress,
   encodeStealthMetaAddress: () => encodeStealthMetaAddress,
   encryptForViewing: () => encryptForViewing,
   featureNotSupportedError: () => featureNotSupportedError,
@@ -128,13 +145,19 @@ __export(index_exports, {
   fromHex: () => fromHex,
   fromStablecoinUnits: () => fromStablecoinUnits,
   generateBlinding: () => generateBlinding,
+  generateEd25519StealthAddress: () => generateEd25519StealthAddress,
+  generateEd25519StealthMetaAddress: () => generateEd25519StealthMetaAddress,
   generateIntentId: () => generateIntentId,
   generateRandomBytes: () => generateRandomBytes,
   generateStealthAddress: () => generateStealthAddress,
   generateStealthMetaAddress: () => generateStealthMetaAddress,
   generateViewingKey: () => generateViewingKey,
+  getActiveOracles: () => getActiveOracles,
   getAvailableTransports: () => getAvailableTransports,
+  getBrowserInfo: () => getBrowserInfo,
+  getChainNumericId: () => getChainNumericId,
   getChainsForStablecoin: () => getChainsForStablecoin,
+  getCurveForChain: () => getCurveForChain,
   getDefaultRpcEndpoint: () => getDefaultRpcEndpoint,
   getDerivationPath: () => getDerivationPath,
   getErrorMessage: () => getErrorMessage,
@@ -151,14 +174,17 @@ __export(index_exports, {
   getStablecoinsForChain: () => getStablecoinsForChain,
   getSupportedStablecoins: () => getSupportedStablecoins,
   getTimeRemaining: () => getTimeRemaining,
+  hasEnoughOracles: () => hasEnoughOracles,
   hasErrorCode: () => hasErrorCode,
   hasRequiredProofs: () => hasRequiredProofs,
   hash: () => hash,
   hexToNumber: () => hexToNumber,
+  isBrowser: () => isBrowser,
+  isEd25519Chain: () => isEd25519Chain,
   isExpired: () => isExpired,
   isNonNegativeAmount: () => isNonNegativeAmount,
   isPaymentExpired: () => isPaymentExpired,
-  isPrivate: () => import_types31.isPrivate,
+  isPrivate: () => import_types33.isPrivate,
   isPrivateWalletAdapter: () => isPrivateWalletAdapter,
   isSIPError: () => isSIPError,
   isStablecoin: () => isStablecoin,
@@ -166,40 +192,54 @@ __export(index_exports, {
   isValidAmount: () => isValidAmount,
   isValidChainId: () => isValidChainId,
   isValidCompressedPublicKey: () => isValidCompressedPublicKey,
+  isValidEd25519PublicKey: () => isValidEd25519PublicKey,
   isValidHex: () => isValidHex,
   isValidHexLength: () => isValidHexLength,
+  isValidNearAccountId: () => isValidNearAccountId,
+  isValidNearImplicitAddress: () => isValidNearImplicitAddress,
   isValidPrivacyLevel: () => isValidPrivacyLevel,
   isValidPrivateKey: () => isValidPrivateKey,
   isValidScalar: () => isValidScalar,
   isValidSlippage: () => isValidSlippage,
+  isValidSolanaAddress: () => isValidSolanaAddress,
   isValidStealthMetaAddress: () => isValidStealthMetaAddress,
+  nearAddressToEd25519PublicKey: () => nearAddressToEd25519PublicKey,
   normalizeAddress: () => normalizeAddress,
   notConnectedError: () => notConnectedError,
   publicKeyToEthAddress: () => publicKeyToEthAddress,
   registerWallet: () => registerWallet,
+  removeOracle: () => removeOracle,
   secureWipe: () => secureWipe,
   secureWipeAll: () => secureWipeAll,
+  serializeAttestationMessage: () => serializeAttestationMessage,
   serializeIntent: () => serializeIntent,
   serializePayment: () => serializePayment,
+  signAttestationMessage: () => signAttestationMessage,
+  solanaAddressToEd25519PublicKey: () => solanaAddressToEd25519PublicKey,
   solanaPublicKeyToHex: () => solanaPublicKeyToHex,
   subtractBlindings: () => subtractBlindings,
   subtractCommitments: () => subtractCommitments,
-  supportsViewingKey: () => import_types31.supportsViewingKey,
+  supportsSharedArrayBuffer: () => supportsSharedArrayBuffer,
+  supportsViewingKey: () => import_types33.supportsViewingKey,
   supportsWebBluetooth: () => supportsWebBluetooth,
   supportsWebHID: () => supportsWebHID,
   supportsWebUSB: () => supportsWebUSB,
+  supportsWebWorkers: () => supportsWebWorkers,
   toHex: () => toHex,
   toStablecoinUnits: () => toStablecoinUnits,
   trackIntent: () => trackIntent,
   trackPayment: () => trackPayment,
+  updateOracleStatus: () => updateOracleStatus,
   validateAsset: () => validateAsset,
   validateCreateIntentParams: () => validateCreateIntentParams,
   validateIntentInput: () => validateIntentInput,
   validateIntentOutput: () => validateIntentOutput,
   validateScalar: () => validateScalar,
   validateViewingKey: () => validateViewingKey,
+  verifyAttestation: () => verifyAttestation,
   verifyCommitment: () => verifyCommitment,
   verifyOpening: () => verifyOpening,
+  verifyOracleSignature: () => verifyOracleSignature,
   walletRegistry: () => walletRegistry,
   withSecureBuffer: () => withSecureBuffer,
   withSecureBufferSync: () => withSecureBufferSync,
@@ -410,7 +450,9 @@ var import_types = require("@sip-protocol/types");
 
 // src/stealth.ts
 var import_secp256k1 = require("@noble/curves/secp256k1");
+var import_ed25519 = require("@noble/curves/ed25519");
 var import_sha256 = require("@noble/hashes/sha256");
+var import_sha512 = require("@noble/hashes/sha512");
 var import_sha3 = require("@noble/hashes/sha3");
 var import_utils2 = require("@noble/hashes/utils");
 
@@ -463,6 +505,9 @@ function isValidCompressedPublicKey(key) {
   const prefix = key.slice(2, 4);
   return prefix === "02" || prefix === "03";
 }
+function isValidEd25519PublicKey(key) {
+  return isValidHexLength(key, 32);
+}
 function isValidPrivateKey(key) {
   return isValidHexLength(key, 32);
 }
@@ -837,17 +882,33 @@ function decodeStealthMetaAddress(encoded) {
       "encoded.chain"
     );
   }
-  if (!isValidCompressedPublicKey(spendingKey)) {
-    throw new ValidationError(
-      "spendingKey must be a valid compressed secp256k1 public key",
-      "encoded.spendingKey"
-    );
-  }
-  if (!isValidCompressedPublicKey(viewingKey)) {
-    throw new ValidationError(
-      "viewingKey must be a valid compressed secp256k1 public key",
-      "encoded.viewingKey"
-    );
+  const chainId = chain;
+  if (isEd25519Chain(chainId)) {
+    if (!isValidEd25519PublicKey(spendingKey)) {
+      throw new ValidationError(
+        "spendingKey must be a valid 32-byte ed25519 public key",
+        "encoded.spendingKey"
+      );
+    }
+    if (!isValidEd25519PublicKey(viewingKey)) {
+      throw new ValidationError(
+        "viewingKey must be a valid 32-byte ed25519 public key",
+        "encoded.viewingKey"
+      );
+    }
+  } else {
+    if (!isValidCompressedPublicKey(spendingKey)) {
+      throw new ValidationError(
+        "spendingKey must be a valid compressed secp256k1 public key",
+        "encoded.spendingKey"
+      );
+    }
+    if (!isValidCompressedPublicKey(viewingKey)) {
+      throw new ValidationError(
+        "viewingKey must be a valid compressed secp256k1 public key",
+        "encoded.viewingKey"
+      );
+    }
   }
   return {
     chain,
@@ -903,6 +964,396 @@ function toChecksumAddress(address) {
   }
   return checksummed;
 }
+var ED25519_ORDER = 2n ** 252n + 27742317777372353535851937790883648493n;
+var ED25519_CHAINS = ["solana", "near"];
+function isEd25519Chain(chain) {
+  return ED25519_CHAINS.includes(chain);
+}
+function getCurveForChain(chain) {
+  return isEd25519Chain(chain) ? "ed25519" : "secp256k1";
+}
+function validateEd25519StealthMetaAddress(metaAddress, field = "recipientMetaAddress") {
+  if (!metaAddress || typeof metaAddress !== "object") {
+    throw new ValidationError("must be an object", field);
+  }
+  if (!isValidChainId(metaAddress.chain)) {
+    throw new ValidationError(
+      `invalid chain '${metaAddress.chain}'`,
+      `${field}.chain`
+    );
+  }
+  if (!isEd25519Chain(metaAddress.chain)) {
+    throw new ValidationError(
+      `chain '${metaAddress.chain}' does not use ed25519, use secp256k1 functions instead`,
+      `${field}.chain`
+    );
+  }
+  if (!isValidEd25519PublicKey(metaAddress.spendingKey)) {
+    throw new ValidationError(
+      "spendingKey must be a valid ed25519 public key (32 bytes)",
+      `${field}.spendingKey`
+    );
+  }
+  if (!isValidEd25519PublicKey(metaAddress.viewingKey)) {
+    throw new ValidationError(
+      "viewingKey must be a valid ed25519 public key (32 bytes)",
+      `${field}.viewingKey`
+    );
+  }
+}
+function validateEd25519StealthAddress(stealthAddress, field = "stealthAddress") {
+  if (!stealthAddress || typeof stealthAddress !== "object") {
+    throw new ValidationError("must be an object", field);
+  }
+  if (!isValidEd25519PublicKey(stealthAddress.address)) {
+    throw new ValidationError(
+      "address must be a valid ed25519 public key (32 bytes)",
+      `${field}.address`
+    );
+  }
+  if (!isValidEd25519PublicKey(stealthAddress.ephemeralPublicKey)) {
+    throw new ValidationError(
+      "ephemeralPublicKey must be a valid ed25519 public key (32 bytes)",
+      `${field}.ephemeralPublicKey`
+    );
+  }
+  if (typeof stealthAddress.viewTag !== "number" || !Number.isInteger(stealthAddress.viewTag) || stealthAddress.viewTag < 0 || stealthAddress.viewTag > 255) {
+    throw new ValidationError(
+      "viewTag must be an integer between 0 and 255",
+      `${field}.viewTag`
+    );
+  }
+}
+function getEd25519Scalar(privateKey) {
+  const hash2 = (0, import_sha512.sha512)(privateKey);
+  const scalar = hash2.slice(0, 32);
+  scalar[0] &= 248;
+  scalar[31] &= 127;
+  scalar[31] |= 64;
+  return bytesToBigIntLE(scalar);
+}
+function bytesToBigIntLE(bytes) {
+  let result = 0n;
+  for (let i = bytes.length - 1; i >= 0; i--) {
+    result = (result << 8n) + BigInt(bytes[i]);
+  }
+  return result;
+}
+function bigIntToBytesLE(value, length) {
+  const bytes = new Uint8Array(length);
+  for (let i = 0; i < length; i++) {
+    bytes[i] = Number(value & 0xffn);
+    value >>= 8n;
+  }
+  return bytes;
+}
+function generateEd25519StealthMetaAddress(chain, label) {
+  if (!isValidChainId(chain)) {
+    throw new ValidationError(
+      `invalid chain '${chain}', must be one of: solana, ethereum, near, zcash, polygon, arbitrum, optimism, base`,
+      "chain"
+    );
+  }
+  if (!isEd25519Chain(chain)) {
+    throw new ValidationError(
+      `chain '${chain}' does not use ed25519, use generateStealthMetaAddress() for secp256k1 chains`,
+      "chain"
+    );
+  }
+  const spendingPrivateKey = (0, import_utils2.randomBytes)(32);
+  const viewingPrivateKey = (0, import_utils2.randomBytes)(32);
+  try {
+    const spendingKey = import_ed25519.ed25519.getPublicKey(spendingPrivateKey);
+    const viewingKey = import_ed25519.ed25519.getPublicKey(viewingPrivateKey);
+    const result = {
+      metaAddress: {
+        spendingKey: `0x${(0, import_utils2.bytesToHex)(spendingKey)}`,
+        viewingKey: `0x${(0, import_utils2.bytesToHex)(viewingKey)}`,
+        chain,
+        label
+      },
+      spendingPrivateKey: `0x${(0, import_utils2.bytesToHex)(spendingPrivateKey)}`,
+      viewingPrivateKey: `0x${(0, import_utils2.bytesToHex)(viewingPrivateKey)}`
+    };
+    return result;
+  } finally {
+    secureWipeAll(spendingPrivateKey, viewingPrivateKey);
+  }
+}
+function generateEd25519StealthAddress(recipientMetaAddress) {
+  validateEd25519StealthMetaAddress(recipientMetaAddress);
+  const ephemeralPrivateKey = (0, import_utils2.randomBytes)(32);
+  try {
+    const ephemeralPublicKey = import_ed25519.ed25519.getPublicKey(ephemeralPrivateKey);
+    const spendingKeyBytes = (0, import_utils2.hexToBytes)(recipientMetaAddress.spendingKey.slice(2));
+    const viewingKeyBytes = (0, import_utils2.hexToBytes)(recipientMetaAddress.viewingKey.slice(2));
+    const rawEphemeralScalar = getEd25519Scalar(ephemeralPrivateKey);
+    const ephemeralScalar = rawEphemeralScalar % ED25519_ORDER;
+    if (ephemeralScalar === 0n) {
+      throw new Error("CRITICAL: Zero ephemeral scalar after reduction - investigate RNG");
+    }
+    const spendingPoint = import_ed25519.ed25519.ExtendedPoint.fromHex(spendingKeyBytes);
+    const sharedSecretPoint = spendingPoint.multiply(ephemeralScalar);
+    const sharedSecretHash = (0, import_sha256.sha256)(sharedSecretPoint.toRawBytes());
+    const hashScalar = bytesToBigInt(sharedSecretHash) % ED25519_ORDER;
+    if (hashScalar === 0n) {
+      throw new Error("CRITICAL: Zero hash scalar after reduction - investigate hash computation");
+    }
+    const hashTimesG = import_ed25519.ed25519.ExtendedPoint.BASE.multiply(hashScalar);
+    const viewingPoint = import_ed25519.ed25519.ExtendedPoint.fromHex(viewingKeyBytes);
+    const stealthPoint = viewingPoint.add(hashTimesG);
+    const stealthAddressBytes = stealthPoint.toRawBytes();
+    const viewTag = sharedSecretHash[0];
+    return {
+      stealthAddress: {
+        address: `0x${(0, import_utils2.bytesToHex)(stealthAddressBytes)}`,
+        ephemeralPublicKey: `0x${(0, import_utils2.bytesToHex)(ephemeralPublicKey)}`,
+        viewTag
+      },
+      sharedSecret: `0x${(0, import_utils2.bytesToHex)(sharedSecretHash)}`
+    };
+  } finally {
+    secureWipe(ephemeralPrivateKey);
+  }
+}
+function deriveEd25519StealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  validateEd25519StealthAddress(stealthAddress);
+  if (!isValidPrivateKey(spendingPrivateKey)) {
+    throw new ValidationError(
+      "must be a valid 32-byte hex string",
+      "spendingPrivateKey"
+    );
+  }
+  if (!isValidPrivateKey(viewingPrivateKey)) {
+    throw new ValidationError(
+      "must be a valid 32-byte hex string",
+      "viewingPrivateKey"
+    );
+  }
+  const spendingPrivBytes = (0, import_utils2.hexToBytes)(spendingPrivateKey.slice(2));
+  const viewingPrivBytes = (0, import_utils2.hexToBytes)(viewingPrivateKey.slice(2));
+  const ephemeralPubBytes = (0, import_utils2.hexToBytes)(stealthAddress.ephemeralPublicKey.slice(2));
+  try {
+    const rawSpendingScalar = getEd25519Scalar(spendingPrivBytes);
+    const spendingScalar = rawSpendingScalar % ED25519_ORDER;
+    if (spendingScalar === 0n) {
+      throw new Error("CRITICAL: Zero spending scalar after reduction - investigate key derivation");
+    }
+    const ephemeralPoint = import_ed25519.ed25519.ExtendedPoint.fromHex(ephemeralPubBytes);
+    const sharedSecretPoint = ephemeralPoint.multiply(spendingScalar);
+    const sharedSecretHash = (0, import_sha256.sha256)(sharedSecretPoint.toRawBytes());
+    const rawViewingScalar = getEd25519Scalar(viewingPrivBytes);
+    const viewingScalar = rawViewingScalar % ED25519_ORDER;
+    if (viewingScalar === 0n) {
+      throw new Error("CRITICAL: Zero viewing scalar after reduction - investigate key derivation");
+    }
+    const hashScalar = bytesToBigInt(sharedSecretHash) % ED25519_ORDER;
+    if (hashScalar === 0n) {
+      throw new Error("CRITICAL: Zero hash scalar after reduction - investigate hash computation");
+    }
+    const stealthPrivateScalar = (viewingScalar + hashScalar) % ED25519_ORDER;
+    if (stealthPrivateScalar === 0n) {
+      throw new Error("CRITICAL: Zero stealth scalar after reduction - investigate key derivation");
+    }
+    const stealthPrivateKey = bigIntToBytesLE(stealthPrivateScalar, 32);
+    const result = {
+      stealthAddress: stealthAddress.address,
+      ephemeralPublicKey: stealthAddress.ephemeralPublicKey,
+      privateKey: `0x${(0, import_utils2.bytesToHex)(stealthPrivateKey)}`
+    };
+    secureWipe(stealthPrivateKey);
+    return result;
+  } finally {
+    secureWipeAll(spendingPrivBytes, viewingPrivBytes);
+  }
+}
+function checkEd25519StealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  validateEd25519StealthAddress(stealthAddress);
+  if (!isValidPrivateKey(spendingPrivateKey)) {
+    throw new ValidationError(
+      "must be a valid 32-byte hex string",
+      "spendingPrivateKey"
+    );
+  }
+  if (!isValidPrivateKey(viewingPrivateKey)) {
+    throw new ValidationError(
+      "must be a valid 32-byte hex string",
+      "viewingPrivateKey"
+    );
+  }
+  const spendingPrivBytes = (0, import_utils2.hexToBytes)(spendingPrivateKey.slice(2));
+  const viewingPrivBytes = (0, import_utils2.hexToBytes)(viewingPrivateKey.slice(2));
+  const ephemeralPubBytes = (0, import_utils2.hexToBytes)(stealthAddress.ephemeralPublicKey.slice(2));
+  try {
+    const rawSpendingScalar = getEd25519Scalar(spendingPrivBytes);
+    const spendingScalar = rawSpendingScalar % ED25519_ORDER;
+    if (spendingScalar === 0n) {
+      throw new Error("CRITICAL: Zero spending scalar after reduction - investigate key derivation");
+    }
+    const ephemeralPoint = import_ed25519.ed25519.ExtendedPoint.fromHex(ephemeralPubBytes);
+    const sharedSecretPoint = ephemeralPoint.multiply(spendingScalar);
+    const sharedSecretHash = (0, import_sha256.sha256)(sharedSecretPoint.toRawBytes());
+    if (sharedSecretHash[0] !== stealthAddress.viewTag) {
+      return false;
+    }
+    const rawViewingScalar = getEd25519Scalar(viewingPrivBytes);
+    const viewingScalar = rawViewingScalar % ED25519_ORDER;
+    if (viewingScalar === 0n) {
+      throw new Error("CRITICAL: Zero viewing scalar after reduction - investigate key derivation");
+    }
+    const hashScalar = bytesToBigInt(sharedSecretHash) % ED25519_ORDER;
+    if (hashScalar === 0n) {
+      throw new Error("CRITICAL: Zero hash scalar after reduction - investigate hash computation");
+    }
+    const stealthPrivateScalar = (viewingScalar + hashScalar) % ED25519_ORDER;
+    if (stealthPrivateScalar === 0n) {
+      throw new Error("CRITICAL: Zero stealth scalar after reduction - investigate key derivation");
+    }
+    const expectedPubKey = import_ed25519.ed25519.ExtendedPoint.BASE.multiply(stealthPrivateScalar);
+    const expectedPubKeyBytes = expectedPubKey.toRawBytes();
+    const providedAddress = (0, import_utils2.hexToBytes)(stealthAddress.address.slice(2));
+    return (0, import_utils2.bytesToHex)(expectedPubKeyBytes) === (0, import_utils2.bytesToHex)(providedAddress);
+  } finally {
+    secureWipeAll(spendingPrivBytes, viewingPrivBytes);
+  }
+}
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function bytesToBase58(bytes) {
+  let leadingZeros = 0;
+  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
+    leadingZeros++;
+  }
+  let value = 0n;
+  for (const byte of bytes) {
+    value = value * 256n + BigInt(byte);
+  }
+  let result = "";
+  while (value > 0n) {
+    const remainder = value % 58n;
+    value = value / 58n;
+    result = BASE58_ALPHABET[Number(remainder)] + result;
+  }
+  return "1".repeat(leadingZeros) + result;
+}
+function base58ToBytes(str) {
+  let leadingOnes = 0;
+  for (let i = 0; i < str.length && str[i] === "1"; i++) {
+    leadingOnes++;
+  }
+  let value = 0n;
+  for (const char of str) {
+    const index = BASE58_ALPHABET.indexOf(char);
+    if (index === -1) {
+      throw new ValidationError(`Invalid base58 character: ${char}`, "address");
+    }
+    value = value * 58n + BigInt(index);
+  }
+  const bytes = [];
+  while (value > 0n) {
+    bytes.unshift(Number(value % 256n));
+    value = value / 256n;
+  }
+  const result = new Uint8Array(leadingOnes + bytes.length);
+  for (let i = 0; i < leadingOnes; i++) {
+    result[i] = 0;
+  }
+  for (let i = 0; i < bytes.length; i++) {
+    result[leadingOnes + i] = bytes[i];
+  }
+  return result;
+}
+function ed25519PublicKeyToSolanaAddress(publicKey) {
+  if (!isValidHex(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be a valid hex string with 0x prefix",
+      "publicKey"
+    );
+  }
+  if (!isValidEd25519PublicKey(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be 32 bytes (64 hex characters)",
+      "publicKey"
+    );
+  }
+  const publicKeyBytes = (0, import_utils2.hexToBytes)(publicKey.slice(2));
+  return bytesToBase58(publicKeyBytes);
+}
+function isValidSolanaAddress(address) {
+  if (typeof address !== "string" || address.length === 0) {
+    return false;
+  }
+  if (address.length < 32 || address.length > 44) {
+    return false;
+  }
+  try {
+    const decoded = base58ToBytes(address);
+    return decoded.length === 32;
+  } catch {
+    return false;
+  }
+}
+function solanaAddressToEd25519PublicKey(address) {
+  if (!isValidSolanaAddress(address)) {
+    throw new ValidationError(
+      "Invalid Solana address format",
+      "address"
+    );
+  }
+  const decoded = base58ToBytes(address);
+  return `0x${(0, import_utils2.bytesToHex)(decoded)}`;
+}
+function ed25519PublicKeyToNearAddress(publicKey) {
+  if (!isValidHex(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be a valid hex string with 0x prefix",
+      "publicKey"
+    );
+  }
+  if (!isValidEd25519PublicKey(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be 32 bytes (64 hex characters)",
+      "publicKey"
+    );
+  }
+  return publicKey.slice(2).toLowerCase();
+}
+function nearAddressToEd25519PublicKey(address) {
+  if (!isValidNearImplicitAddress(address)) {
+    throw new ValidationError(
+      "Invalid NEAR implicit address format",
+      "address"
+    );
+  }
+  return `0x${address.toLowerCase()}`;
+}
+function isValidNearImplicitAddress(address) {
+  if (typeof address !== "string" || address.length === 0) {
+    return false;
+  }
+  if (address.length !== 64) {
+    return false;
+  }
+  return /^[0-9a-f]{64}$/.test(address);
+}
+function isValidNearAccountId(accountId) {
+  if (typeof accountId !== "string" || accountId.length === 0) {
+    return false;
+  }
+  if (isValidNearImplicitAddress(accountId)) {
+    return true;
+  }
+  if (accountId.length < 2 || accountId.length > 64) {
+    return false;
+  }
+  const nearAccountPattern = /^[a-z0-9]([a-z0-9._-]*[a-z0-9])?$/;
+  if (!nearAccountPattern.test(accountId)) {
+    return false;
+  }
+  if (accountId.includes("..")) {
+    return false;
+  }
+  return true;
+}
 
 // src/crypto.ts
 var import_sha2563 = require("@noble/hashes/sha256");
@@ -957,9 +1408,9 @@ function commit(value, blinding) {
   if (r.length !== 32) {
     throw new ValidationError("must be 32 bytes", "blinding", { received: r.length });
   }
-  let rScalar = bytesToBigInt2(r) % CURVE_ORDER;
+  const rScalar = bytesToBigInt2(r) % CURVE_ORDER;
   if (rScalar === 0n) {
-    rScalar = 1n;
+    throw new Error("CRITICAL: Zero blinding scalar after reduction - investigate RNG");
   }
   let C;
   if (value === 0n && rScalar === 0n) {
@@ -985,9 +1436,9 @@ function verifyOpening(commitment, value, blinding) {
     }
     const C = import_secp256k12.secp256k1.ProjectivePoint.fromHex(commitment.slice(2));
     const blindingBytes = (0, import_utils3.hexToBytes)(blinding.slice(2));
-    let rScalar = bytesToBigInt2(blindingBytes) % CURVE_ORDER;
+    const rScalar = bytesToBigInt2(blindingBytes) % CURVE_ORDER;
     if (rScalar === 0n) {
-      rScalar = 1n;
+      throw new Error("CRITICAL: Zero blinding scalar after reduction - investigate RNG");
     }
     let expected;
     if (value === 0n) {
@@ -1151,7 +1602,7 @@ var import_sha2565 = require("@noble/hashes/sha256");
 
 // src/privacy.ts
 var import_sha2564 = require("@noble/hashes/sha256");
-var import_sha512 = require("@noble/hashes/sha512");
+var import_sha5122 = require("@noble/hashes/sha512");
 var import_hmac = require("@noble/hashes/hmac");
 var import_hkdf = require("@noble/hashes/hkdf");
 var import_utils5 = require("@noble/hashes/utils");
@@ -1213,7 +1664,7 @@ function deriveViewingKey(masterKey, childPath) {
   const masterKeyHex = masterKey.key.startsWith("0x") ? masterKey.key.slice(2) : masterKey.key;
   const masterKeyBytes = (0, import_utils5.hexToBytes)(masterKeyHex);
   const childPathBytes = (0, import_utils5.utf8ToBytes)(childPath);
-  const derivedFull = (0, import_hmac.hmac)(import_sha512.sha512, masterKeyBytes, childPathBytes);
+  const derivedFull = (0, import_hmac.hmac)(import_sha5122.sha512, masterKeyBytes, childPathBytes);
   try {
     const derivedBytes = derivedFull.slice(0, 32);
     const derived = `0x${(0, import_utils5.bytesToHex)(derivedBytes)}`;
@@ -1973,6 +2424,8 @@ var NEARIntentsAdapter = class {
     let refundAddress = senderAddress;
     let stealthData;
     let sharedSecret;
+    let curve;
+    let nativeRecipientAddress;
     if (request.privacyLevel !== import_types3.PrivacyLevel.TRANSPARENT) {
       if (!recipientMetaAddress) {
         throw new ValidationError(
@@ -1981,25 +2434,91 @@ var NEARIntentsAdapter = class {
         );
       }
       const metaAddr = typeof recipientMetaAddress === "string" ? decodeStealthMetaAddress(recipientMetaAddress) : recipientMetaAddress;
-      const { stealthAddress, sharedSecret: secret } = generateStealthAddress(metaAddr);
-      const outputChainType = CHAIN_BLOCKCHAIN_MAP[request.outputAsset.chain];
-      if (outputChainType === "evm") {
+      const outputChain = request.outputAsset.chain;
+      const outputChainType = CHAIN_BLOCKCHAIN_MAP[outputChain];
+      if (isEd25519Chain(outputChain)) {
+        curve = "ed25519";
+        const spendingKeyBytes = (metaAddr.spendingKey.length - 2) / 2;
+        if (spendingKeyBytes !== 32) {
+          throw new ValidationError(
+            `Meta-address has ${spendingKeyBytes}-byte keys but ${outputChain} requires ed25519 (32-byte) keys. Please generate an ed25519 meta-address using generateEd25519StealthMetaAddress('${outputChain}').`,
+            "recipientMetaAddress",
+            { outputChain, keySize: spendingKeyBytes, expectedSize: 32 }
+          );
+        }
+        const { stealthAddress, sharedSecret: secret } = generateEd25519StealthAddress(metaAddr);
+        stealthData = stealthAddress;
+        sharedSecret = secret;
+        if (outputChain === "solana") {
+          recipientAddress = ed25519PublicKeyToSolanaAddress(stealthAddress.address);
+        } else if (outputChain === "near") {
+          recipientAddress = ed25519PublicKeyToNearAddress(stealthAddress.address);
+        } else {
+          throw new ValidationError(
+            `ed25519 address derivation not implemented for ${outputChain}`,
+            "outputAsset",
+            { outputChain }
+          );
+        }
+        nativeRecipientAddress = recipientAddress;
+      } else if (outputChainType === "evm") {
+        curve = "secp256k1";
+        const spendingKeyBytes = (metaAddr.spendingKey.length - 2) / 2;
+        if (spendingKeyBytes !== 33) {
+          throw new ValidationError(
+            `Meta-address has ${spendingKeyBytes}-byte keys but ${outputChain} requires secp256k1 (33-byte compressed) keys. Please generate a secp256k1 meta-address using generateStealthMetaAddress('${outputChain}').`,
+            "recipientMetaAddress",
+            { outputChain, keySize: spendingKeyBytes, expectedSize: 33 }
+          );
+        }
+        const { stealthAddress, sharedSecret: secret } = generateStealthAddress(metaAddr);
+        stealthData = stealthAddress;
+        sharedSecret = secret;
         recipientAddress = publicKeyToEthAddress(stealthAddress.address);
+        nativeRecipientAddress = recipientAddress;
       } else {
-        recipientAddress = stealthAddress.address;
+        throw new ValidationError(
+          `Stealth addresses are not yet supported for ${outputChain} output. Supported chains: EVM (Ethereum, Polygon, etc.), Solana, NEAR. For ${outputChain}, please provide a direct wallet address.`,
+          "outputAsset",
+          { outputChain, outputChainType }
+        );
       }
-      stealthData = stealthAddress;
-      sharedSecret = secret;
       if (!senderAddress) {
-        const inputChainType = CHAIN_BLOCKCHAIN_MAP[request.inputAsset.chain];
-        if (inputChainType === "evm") {
-          const refundStealth = generateStealthAddress(metaAddr);
-          refundAddress = publicKeyToEthAddress(refundStealth.stealthAddress.address);
+        const inputChain = request.inputAsset.chain;
+        const inputChainType = CHAIN_BLOCKCHAIN_MAP[inputChain];
+        if (isEd25519Chain(inputChain)) {
+          const inputKeyBytes = (metaAddr.spendingKey.length - 2) / 2;
+          if (inputKeyBytes === 32) {
+            const refundStealth = generateEd25519StealthAddress(metaAddr);
+            if (inputChain === "solana") {
+              refundAddress = ed25519PublicKeyToSolanaAddress(refundStealth.stealthAddress.address);
+            } else if (inputChain === "near") {
+              refundAddress = ed25519PublicKeyToNearAddress(refundStealth.stealthAddress.address);
+            }
+          } else {
+            throw new ValidationError(
+              `Cross-curve refunds not supported: input chain ${inputChain} requires ed25519 but meta-address uses secp256k1. Please provide a senderAddress for refunds, or use matching curves for input/output chains.`,
+              "senderAddress",
+              { inputChain, inputChainType, metaAddressCurve: "secp256k1" }
+            );
+          }
+        } else if (inputChainType === "evm") {
+          const inputKeyBytes = (metaAddr.spendingKey.length - 2) / 2;
+          if (inputKeyBytes === 33) {
+            const refundStealth = generateStealthAddress(metaAddr);
+            refundAddress = publicKeyToEthAddress(refundStealth.stealthAddress.address);
+          } else {
+            throw new ValidationError(
+              `Cross-curve refunds not supported: input chain ${inputChain} requires secp256k1 but meta-address uses ed25519. Please provide a senderAddress for refunds, or use matching curves for input/output chains.`,
+              "senderAddress",
+              { inputChain, inputChainType, metaAddressCurve: "ed25519" }
+            );
+          }
         } else {
           throw new ValidationError(
-            `senderAddress is required for refunds on ${request.inputAsset.chain}. Stealth addresses are only supported for EVM-compatible chains. Please connect a wallet or provide a sender address.`,
+            `senderAddress is required for refunds on ${inputChain}. Automatic refund address generation is only supported for EVM, Solana, and NEAR chains.`,
             "senderAddress",
-            { inputChain: request.inputAsset.chain, inputChainType }
+            { inputChain, inputChainType }
           );
         }
       }
@@ -2017,7 +2536,9 @@ var NEARIntentsAdapter = class {
       request,
       quoteRequest,
       stealthAddress: stealthData,
-      sharedSecret
+      sharedSecret,
+      curve,
+      nativeRecipientAddress
     };
   }
   /**
@@ -4282,7 +4803,739 @@ var NoirProofProvider = class {
     }
     try {
       const proofHex = proof.proof.startsWith("0x") ? proof.proof.slice(2) : proof.proof;
-      const proofBytes = new Uint8Array(Buffer.from(proofHex, "hex"));
+      const proofBytes = new Uint8Array(Buffer.from(proofHex, "hex"));
+      const isValid = await backend.verifyProof({
+        proof: proofBytes,
+        publicInputs: proof.publicInputs.map(
+          (input) => input.startsWith("0x") ? input.slice(2) : input
+        )
+      });
+      return isValid;
+    } catch (error) {
+      if (this.config.verbose) {
+        console.error("[NoirProofProvider] Verification error:", error);
+      }
+      return false;
+    }
+  }
+  /**
+   * Destroy the provider and free resources
+   */
+  async destroy() {
+    if (this.fundingBackend) {
+      await this.fundingBackend.destroy();
+      this.fundingBackend = null;
+    }
+    if (this.validityBackend) {
+      await this.validityBackend.destroy();
+      this.validityBackend = null;
+    }
+    if (this.fulfillmentBackend) {
+      await this.fulfillmentBackend.destroy();
+      this.fulfillmentBackend = null;
+    }
+    this.fundingNoir = null;
+    this.validityNoir = null;
+    this.fulfillmentNoir = null;
+    this._isReady = false;
+  }
+  // ─── Private Methods ───────────────────────────────────────────────────────
+  ensureReady() {
+    if (!this._isReady) {
+      throw new ProofError(
+        "NoirProofProvider not initialized. Call initialize() first.",
+        "SIP_4004" /* PROOF_PROVIDER_NOT_READY */
+      );
+    }
+  }
+  /**
+   * Compute the commitment hash that the circuit expects
+   *
+   * The circuit computes:
+   * 1. commitment = pedersen_commitment([balance, blinding])
+   * 2. commitment_hash = pedersen_hash([commitment.x, commitment.y, asset_id])
+   *
+   * We need to compute this outside to pass as a public input.
+   *
+   * **IMPORTANT**: This SDK uses SHA256 as a deterministic stand-in for Pedersen hash.
+   * Both the SDK and circuit MUST use the same hash function. The bundled circuit
+   * artifacts are configured to use SHA256 for compatibility. If you use custom
+   * circuits with actual Pedersen hashing, you must update this implementation.
+   *
+   * @see docs/specs/HASH-COMPATIBILITY.md for hash function requirements
+   */
+  async computeCommitmentHash(balance, blindingFactor, assetId) {
+    const blindingField = this.bytesToField(blindingFactor);
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: bytesToHex15 } = await import("@noble/hashes/utils");
+    const preimage = new Uint8Array([
+      ...this.bigintToBytes(balance, 8),
+      ...blindingFactor.slice(0, 32),
+      ...this.hexToBytes(this.assetIdToField(assetId))
+    ]);
+    const hash2 = sha25611(preimage);
+    const commitmentHash = bytesToHex15(hash2);
+    return { commitmentHash, blindingField };
+  }
+  /**
+   * Convert asset ID to field element
+   */
+  assetIdToField(assetId) {
+    if (assetId.startsWith("0x")) {
+      return assetId.slice(2).padStart(64, "0");
+    }
+    const encoder = new TextEncoder();
+    const bytes = encoder.encode(assetId);
+    let result = 0n;
+    for (let i = 0; i < bytes.length && i < 31; i++) {
+      result = result * 256n + BigInt(bytes[i]);
+    }
+    return result.toString(16).padStart(64, "0");
+  }
+  /**
+   * Convert bytes to field element string
+   */
+  bytesToField(bytes) {
+    let result = 0n;
+    const len = Math.min(bytes.length, 31);
+    for (let i = 0; i < len; i++) {
+      result = result * 256n + BigInt(bytes[i]);
+    }
+    return result.toString();
+  }
+  /**
+   * Convert bigint to bytes
+   */
+  bigintToBytes(value, length) {
+    const bytes = new Uint8Array(length);
+    let v = value;
+    for (let i = length - 1; i >= 0; i--) {
+      bytes[i] = Number(v & 0xffn);
+      v = v >> 8n;
+    }
+    return bytes;
+  }
+  /**
+   * Convert hex string to bytes
+   */
+  hexToBytes(hex) {
+    const h = hex.startsWith("0x") ? hex.slice(2) : hex;
+    const bytes = new Uint8Array(h.length / 2);
+    for (let i = 0; i < bytes.length; i++) {
+      bytes[i] = parseInt(h.slice(i * 2, i * 2 + 2), 16);
+    }
+    return bytes;
+  }
+  /**
+   * Convert hex string to field element string
+   */
+  hexToField(hex) {
+    const h = hex.startsWith("0x") ? hex.slice(2) : hex;
+    return h.padStart(64, "0");
+  }
+  /**
+   * Convert field string to 32-byte array
+   */
+  fieldToBytes32(field) {
+    const hex = field.padStart(64, "0");
+    const bytes = [];
+    for (let i = 0; i < 32; i++) {
+      bytes.push(parseInt(hex.slice(i * 2, i * 2 + 2), 16));
+    }
+    return bytes;
+  }
+  /**
+   * Compute sender commitment for validity proof
+   *
+   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
+   * are compiled to use SHA256 for compatibility with this SDK.
+   *
+   * @see computeCommitmentHash for hash function compatibility notes
+   */
+  async computeSenderCommitment(senderAddressField, senderBlindingField) {
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: bytesToHex15 } = await import("@noble/hashes/utils");
+    const addressBytes = this.hexToBytes(senderAddressField);
+    const blindingBytes = this.hexToBytes(senderBlindingField.padStart(64, "0"));
+    const preimage = new Uint8Array([...addressBytes, ...blindingBytes]);
+    const hash2 = sha25611(preimage);
+    const commitmentX = bytesToHex15(hash2.slice(0, 16)).padStart(64, "0");
+    const commitmentY = bytesToHex15(hash2.slice(16, 32)).padStart(64, "0");
+    return { commitmentX, commitmentY };
+  }
+  /**
+   * Compute nullifier for validity proof
+   *
+   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
+   * are compiled to use SHA256 for compatibility with this SDK.
+   *
+   * @see computeCommitmentHash for hash function compatibility notes
+   */
+  async computeNullifier(senderSecretField, intentHashField, nonceField) {
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: bytesToHex15 } = await import("@noble/hashes/utils");
+    const secretBytes = this.hexToBytes(senderSecretField.padStart(64, "0"));
+    const intentBytes = this.hexToBytes(intentHashField);
+    const nonceBytes = this.hexToBytes(nonceField.padStart(64, "0"));
+    const preimage = new Uint8Array([...secretBytes, ...intentBytes, ...nonceBytes]);
+    const hash2 = sha25611(preimage);
+    return bytesToHex15(hash2);
+  }
+  /**
+   * Compute output commitment for fulfillment proof
+   *
+   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
+   * are compiled to use SHA256 for compatibility with this SDK.
+   *
+   * @see computeCommitmentHash for hash function compatibility notes
+   */
+  async computeOutputCommitment(outputAmount, outputBlinding) {
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: bytesToHex15 } = await import("@noble/hashes/utils");
+    const amountBytes = this.bigintToBytes(outputAmount, 8);
+    const blindingBytes = outputBlinding.slice(0, 32);
+    const preimage = new Uint8Array([...amountBytes, ...blindingBytes]);
+    const hash2 = sha25611(preimage);
+    const commitmentX = bytesToHex15(hash2.slice(0, 16)).padStart(64, "0");
+    const commitmentY = bytesToHex15(hash2.slice(16, 32)).padStart(64, "0");
+    return { commitmentX, commitmentY };
+  }
+  /**
+   * Compute solver ID from solver secret
+   *
+   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
+   * are compiled to use SHA256 for compatibility with this SDK.
+   *
+   * @see computeCommitmentHash for hash function compatibility notes
+   */
+  async computeSolverId(solverSecretField) {
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: bytesToHex15 } = await import("@noble/hashes/utils");
+    const secretBytes = this.hexToBytes(solverSecretField.padStart(64, "0"));
+    const hash2 = sha25611(secretBytes);
+    return bytesToHex15(hash2);
+  }
+  /**
+   * Compute oracle message hash for fulfillment proof
+   *
+   * Hash of attestation data that oracle signs
+   */
+  async computeOracleMessageHash(recipient, amount, txHash, blockNumber) {
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const recipientBytes = this.hexToBytes(this.hexToField(recipient));
+    const amountBytes = this.bigintToBytes(amount, 8);
+    const txHashBytes = this.hexToBytes(this.hexToField(txHash));
+    const blockBytes = this.bigintToBytes(blockNumber, 8);
+    const preimage = new Uint8Array([
+      ...recipientBytes,
+      ...amountBytes,
+      ...txHashBytes,
+      ...blockBytes
+    ]);
+    const hash2 = sha25611(preimage);
+    return Array.from(hash2);
+  }
+  /**
+   * Derive secp256k1 public key coordinates from a private key
+   *
+   * @param privateKey - 32-byte private key as Uint8Array
+   * @returns X and Y coordinates as 32-byte arrays
+   */
+  getPublicKeyCoordinates(privateKey) {
+    const uncompressedPubKey = import_secp256k13.secp256k1.getPublicKey(privateKey, false);
+    const x = Array.from(uncompressedPubKey.slice(1, 33));
+    const y = Array.from(uncompressedPubKey.slice(33, 65));
+    return { x, y };
+  }
+  /**
+   * Derive public key coordinates from a field string (private key)
+   *
+   * @param privateKeyField - Private key as hex field string
+   * @returns X and Y coordinates as 32-byte arrays
+   */
+  getPublicKeyFromField(privateKeyField) {
+    const privateKeyBytes = this.hexToBytes(privateKeyField.padStart(64, "0"));
+    return this.getPublicKeyCoordinates(privateKeyBytes);
+  }
+};
+
+// src/proofs/browser-utils.ts
+function hexToBytes5(hex) {
+  const h = hex.startsWith("0x") ? hex.slice(2) : hex;
+  if (h.length === 0) return new Uint8Array(0);
+  if (h.length % 2 !== 0) {
+    throw new Error("Hex string must have even length");
+  }
+  const bytes = new Uint8Array(h.length / 2);
+  for (let i = 0; i < bytes.length; i++) {
+    bytes[i] = parseInt(h.slice(i * 2, i * 2 + 2), 16);
+  }
+  return bytes;
+}
+function bytesToHex7(bytes) {
+  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function isBrowser() {
+  return typeof window !== "undefined" && typeof window.document !== "undefined";
+}
+function supportsWebWorkers() {
+  return typeof Worker !== "undefined";
+}
+function supportsSharedArrayBuffer() {
+  try {
+    return typeof SharedArrayBuffer !== "undefined";
+  } catch {
+    return false;
+  }
+}
+function getBrowserInfo() {
+  return {
+    isBrowser: isBrowser(),
+    supportsWorkers: supportsWebWorkers(),
+    supportsSharedArrayBuffer: supportsSharedArrayBuffer(),
+    userAgent: typeof navigator !== "undefined" ? navigator.userAgent : null
+  };
+}
+
+// src/proofs/browser.ts
+var import_noir_js2 = require("@noir-lang/noir_js");
+var import_bb2 = require("@aztec/bb.js");
+var import_secp256k14 = require("@noble/curves/secp256k1");
+var BrowserNoirProvider = class _BrowserNoirProvider {
+  framework = "noir";
+  _isReady = false;
+  config;
+  // Circuit instances
+  fundingNoir = null;
+  fundingBackend = null;
+  validityNoir = null;
+  validityBackend = null;
+  fulfillmentNoir = null;
+  fulfillmentBackend = null;
+  // Worker instance (optional)
+  worker = null;
+  workerPending = /* @__PURE__ */ new Map();
+  constructor(config = {}) {
+    this.config = {
+      useWorker: config.useWorker ?? true,
+      verbose: config.verbose ?? false,
+      oraclePublicKey: config.oraclePublicKey ?? void 0,
+      timeout: config.timeout ?? 6e4
+    };
+    if (!isBrowser()) {
+      console.warn(
+        "[BrowserNoirProvider] Not running in browser environment. Consider using NoirProofProvider for Node.js."
+      );
+    }
+  }
+  get isReady() {
+    return this._isReady;
+  }
+  /**
+   * Get browser environment info
+   */
+  static getBrowserInfo() {
+    return getBrowserInfo();
+  }
+  /**
+   * Check if browser supports all required features
+   */
+  static checkBrowserSupport() {
+    const missing = [];
+    if (!isBrowser()) {
+      missing.push("browser environment");
+    }
+    if (typeof WebAssembly === "undefined") {
+      missing.push("WebAssembly");
+    }
+    if (!supportsSharedArrayBuffer()) {
+      missing.push("SharedArrayBuffer (requires COOP/COEP headers)");
+    }
+    return {
+      supported: missing.length === 0,
+      missing
+    };
+  }
+  /**
+   * Derive secp256k1 public key coordinates from a private key
+   */
+  static derivePublicKey(privateKey) {
+    const uncompressedPubKey = import_secp256k14.secp256k1.getPublicKey(privateKey, false);
+    const x = Array.from(uncompressedPubKey.slice(1, 33));
+    const y = Array.from(uncompressedPubKey.slice(33, 65));
+    return { x, y };
+  }
+  /**
+   * Initialize the browser provider
+   *
+   * Loads WASM and circuit artifacts. This should be called before any
+   * proof generation. Consider showing a loading indicator during init.
+   *
+   * @param onProgress - Optional progress callback
+   */
+  async initialize(onProgress) {
+    if (this._isReady) {
+      return;
+    }
+    const { supported, missing } = _BrowserNoirProvider.checkBrowserSupport();
+    if (!supported) {
+      throw new ProofError(
+        `Browser missing required features: ${missing.join(", ")}`,
+        "SIP_4004" /* PROOF_PROVIDER_NOT_READY */
+      );
+    }
+    try {
+      onProgress?.({
+        stage: "initializing",
+        percent: 0,
+        message: "Loading WASM runtime..."
+      });
+      if (this.config.verbose) {
+        console.log("[BrowserNoirProvider] Initializing...");
+        console.log("[BrowserNoirProvider] Browser info:", getBrowserInfo());
+      }
+      const fundingCircuit = funding_proof_default;
+      const validityCircuit = validity_proof_default;
+      const fulfillmentCircuit = fulfillment_proof_default;
+      onProgress?.({
+        stage: "initializing",
+        percent: 20,
+        message: "Creating proof backends..."
+      });
+      this.fundingBackend = new import_bb2.UltraHonkBackend(fundingCircuit.bytecode);
+      this.validityBackend = new import_bb2.UltraHonkBackend(validityCircuit.bytecode);
+      this.fulfillmentBackend = new import_bb2.UltraHonkBackend(fulfillmentCircuit.bytecode);
+      onProgress?.({
+        stage: "initializing",
+        percent: 60,
+        message: "Initializing Noir circuits..."
+      });
+      this.fundingNoir = new import_noir_js2.Noir(fundingCircuit);
+      this.validityNoir = new import_noir_js2.Noir(validityCircuit);
+      this.fulfillmentNoir = new import_noir_js2.Noir(fulfillmentCircuit);
+      onProgress?.({
+        stage: "initializing",
+        percent: 90,
+        message: "Setting up worker..."
+      });
+      if (this.config.useWorker && supportsWebWorkers()) {
+        await this.initializeWorker();
+      }
+      this._isReady = true;
+      onProgress?.({
+        stage: "complete",
+        percent: 100,
+        message: "Ready for proof generation"
+      });
+      if (this.config.verbose) {
+        console.log("[BrowserNoirProvider] Initialization complete");
+      }
+    } catch (error) {
+      throw new ProofError(
+        `Failed to initialize BrowserNoirProvider: ${error instanceof Error ? error.message : String(error)}`,
+        "SIP_4003" /* PROOF_NOT_IMPLEMENTED */,
+        { context: { error } }
+      );
+    }
+  }
+  /**
+   * Initialize Web Worker for off-main-thread proof generation
+   */
+  async initializeWorker() {
+    if (this.config.verbose) {
+      console.log("[BrowserNoirProvider] Worker support: using async main-thread");
+    }
+  }
+  /**
+   * Generate a Funding Proof
+   *
+   * Proves: balance >= minimumRequired without revealing balance
+   *
+   * @param params - Funding proof parameters
+   * @param onProgress - Optional progress callback
+   */
+  async generateFundingProof(params, onProgress) {
+    this.ensureReady();
+    if (!this.fundingNoir || !this.fundingBackend) {
+      throw new ProofGenerationError("funding", "Funding circuit not initialized");
+    }
+    try {
+      onProgress?.({
+        stage: "witness",
+        percent: 10,
+        message: "Preparing witness inputs..."
+      });
+      const { commitmentHash, blindingField } = await this.computeCommitmentHash(
+        params.balance,
+        params.blindingFactor,
+        params.assetId
+      );
+      const witnessInputs = {
+        commitment_hash: commitmentHash,
+        minimum_required: params.minimumRequired.toString(),
+        asset_id: this.assetIdToField(params.assetId),
+        balance: params.balance.toString(),
+        blinding: blindingField
+      };
+      onProgress?.({
+        stage: "witness",
+        percent: 30,
+        message: "Generating witness..."
+      });
+      const { witness } = await this.fundingNoir.execute(witnessInputs);
+      onProgress?.({
+        stage: "proving",
+        percent: 50,
+        message: "Generating proof (this may take a moment)..."
+      });
+      const proofData = await this.fundingBackend.generateProof(witness);
+      onProgress?.({
+        stage: "complete",
+        percent: 100,
+        message: "Proof generated successfully"
+      });
+      const publicInputs = [
+        `0x${commitmentHash}`,
+        `0x${params.minimumRequired.toString(16).padStart(16, "0")}`,
+        `0x${this.assetIdToField(params.assetId)}`
+      ];
+      const proof = {
+        type: "funding",
+        proof: `0x${bytesToHex7(proofData.proof)}`,
+        publicInputs
+      };
+      return { proof, publicInputs };
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      throw new ProofGenerationError(
+        "funding",
+        `Failed to generate funding proof: ${message}`,
+        error instanceof Error ? error : void 0
+      );
+    }
+  }
+  /**
+   * Generate a Validity Proof
+   *
+   * Proves: Intent is authorized by sender without revealing identity
+   */
+  async generateValidityProof(params, onProgress) {
+    this.ensureReady();
+    if (!this.validityNoir || !this.validityBackend) {
+      throw new ProofGenerationError("validity", "Validity circuit not initialized");
+    }
+    try {
+      onProgress?.({
+        stage: "witness",
+        percent: 10,
+        message: "Preparing validity witness..."
+      });
+      const intentHashField = this.hexToField(params.intentHash);
+      const senderAddressField = this.hexToField(params.senderAddress);
+      const senderBlindingField = this.bytesToField(params.senderBlinding);
+      const senderSecretField = this.bytesToField(params.senderSecret);
+      const nonceField = this.bytesToField(params.nonce);
+      const { commitmentX, commitmentY } = await this.computeSenderCommitment(
+        senderAddressField,
+        senderBlindingField
+      );
+      const nullifier = await this.computeNullifier(senderSecretField, intentHashField, nonceField);
+      const signature = Array.from(params.authorizationSignature);
+      const messageHash = this.fieldToBytes32(intentHashField);
+      let pubKeyX;
+      let pubKeyY;
+      if (params.senderPublicKey) {
+        pubKeyX = Array.from(params.senderPublicKey.x);
+        pubKeyY = Array.from(params.senderPublicKey.y);
+      } else {
+        const coords = this.getPublicKeyCoordinates(params.senderSecret);
+        pubKeyX = coords.x;
+        pubKeyY = coords.y;
+      }
+      const witnessInputs = {
+        intent_hash: intentHashField,
+        sender_commitment_x: commitmentX,
+        sender_commitment_y: commitmentY,
+        nullifier,
+        timestamp: params.timestamp.toString(),
+        expiry: params.expiry.toString(),
+        sender_address: senderAddressField,
+        sender_blinding: senderBlindingField,
+        sender_secret: senderSecretField,
+        pub_key_x: pubKeyX,
+        pub_key_y: pubKeyY,
+        signature,
+        message_hash: messageHash,
+        nonce: nonceField
+      };
+      onProgress?.({
+        stage: "witness",
+        percent: 30,
+        message: "Generating witness..."
+      });
+      const { witness } = await this.validityNoir.execute(witnessInputs);
+      onProgress?.({
+        stage: "proving",
+        percent: 50,
+        message: "Generating validity proof..."
+      });
+      const proofData = await this.validityBackend.generateProof(witness);
+      onProgress?.({
+        stage: "complete",
+        percent: 100,
+        message: "Validity proof generated"
+      });
+      const publicInputs = [
+        `0x${intentHashField}`,
+        `0x${commitmentX}`,
+        `0x${commitmentY}`,
+        `0x${nullifier}`,
+        `0x${params.timestamp.toString(16).padStart(16, "0")}`,
+        `0x${params.expiry.toString(16).padStart(16, "0")}`
+      ];
+      const proof = {
+        type: "validity",
+        proof: `0x${bytesToHex7(proofData.proof)}`,
+        publicInputs
+      };
+      return { proof, publicInputs };
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      throw new ProofGenerationError(
+        "validity",
+        `Failed to generate validity proof: ${message}`,
+        error instanceof Error ? error : void 0
+      );
+    }
+  }
+  /**
+   * Generate a Fulfillment Proof
+   *
+   * Proves: Solver correctly executed the intent
+   */
+  async generateFulfillmentProof(params, onProgress) {
+    this.ensureReady();
+    if (!this.fulfillmentNoir || !this.fulfillmentBackend) {
+      throw new ProofGenerationError("fulfillment", "Fulfillment circuit not initialized");
+    }
+    try {
+      onProgress?.({
+        stage: "witness",
+        percent: 10,
+        message: "Preparing fulfillment witness..."
+      });
+      const intentHashField = this.hexToField(params.intentHash);
+      const recipientStealthField = this.hexToField(params.recipientStealth);
+      const { commitmentX, commitmentY } = await this.computeOutputCommitment(
+        params.outputAmount,
+        params.outputBlinding
+      );
+      const solverSecretField = this.bytesToField(params.solverSecret);
+      const solverId = await this.computeSolverId(solverSecretField);
+      const outputBlindingField = this.bytesToField(params.outputBlinding);
+      const attestation = params.oracleAttestation;
+      const attestationRecipientField = this.hexToField(attestation.recipient);
+      const attestationTxHashField = this.hexToField(attestation.txHash);
+      const oracleSignature = Array.from(attestation.signature);
+      const oracleMessageHash = await this.computeOracleMessageHash(
+        attestation.recipient,
+        attestation.amount,
+        attestation.txHash,
+        attestation.blockNumber
+      );
+      const oraclePubKeyX = this.config.oraclePublicKey?.x ?? new Array(32).fill(0);
+      const oraclePubKeyY = this.config.oraclePublicKey?.y ?? new Array(32).fill(0);
+      const witnessInputs = {
+        intent_hash: intentHashField,
+        output_commitment_x: commitmentX,
+        output_commitment_y: commitmentY,
+        recipient_stealth: recipientStealthField,
+        min_output_amount: params.minOutputAmount.toString(),
+        solver_id: solverId,
+        fulfillment_time: params.fulfillmentTime.toString(),
+        expiry: params.expiry.toString(),
+        output_amount: params.outputAmount.toString(),
+        output_blinding: outputBlindingField,
+        solver_secret: solverSecretField,
+        attestation_recipient: attestationRecipientField,
+        attestation_amount: attestation.amount.toString(),
+        attestation_tx_hash: attestationTxHashField,
+        attestation_block: attestation.blockNumber.toString(),
+        oracle_signature: oracleSignature,
+        oracle_message_hash: oracleMessageHash,
+        oracle_pub_key_x: oraclePubKeyX,
+        oracle_pub_key_y: oraclePubKeyY
+      };
+      onProgress?.({
+        stage: "witness",
+        percent: 30,
+        message: "Generating witness..."
+      });
+      const { witness } = await this.fulfillmentNoir.execute(witnessInputs);
+      onProgress?.({
+        stage: "proving",
+        percent: 50,
+        message: "Generating fulfillment proof..."
+      });
+      const proofData = await this.fulfillmentBackend.generateProof(witness);
+      onProgress?.({
+        stage: "complete",
+        percent: 100,
+        message: "Fulfillment proof generated"
+      });
+      const publicInputs = [
+        `0x${intentHashField}`,
+        `0x${commitmentX}`,
+        `0x${commitmentY}`,
+        `0x${recipientStealthField}`,
+        `0x${params.minOutputAmount.toString(16).padStart(16, "0")}`,
+        `0x${solverId}`,
+        `0x${params.fulfillmentTime.toString(16).padStart(16, "0")}`,
+        `0x${params.expiry.toString(16).padStart(16, "0")}`
+      ];
+      const proof = {
+        type: "fulfillment",
+        proof: `0x${bytesToHex7(proofData.proof)}`,
+        publicInputs
+      };
+      return { proof, publicInputs };
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      throw new ProofGenerationError(
+        "fulfillment",
+        `Failed to generate fulfillment proof: ${message}`,
+        error instanceof Error ? error : void 0
+      );
+    }
+  }
+  /**
+   * Verify a proof
+   */
+  async verifyProof(proof) {
+    this.ensureReady();
+    let backend = null;
+    switch (proof.type) {
+      case "funding":
+        backend = this.fundingBackend;
+        break;
+      case "validity":
+        backend = this.validityBackend;
+        break;
+      case "fulfillment":
+        backend = this.fulfillmentBackend;
+        break;
+      default:
+        throw new ProofError(`Unknown proof type: ${proof.type}`, "SIP_4003" /* PROOF_NOT_IMPLEMENTED */);
+    }
+    if (!backend) {
+      throw new ProofError(
+        `${proof.type} backend not initialized`,
+        "SIP_4004" /* PROOF_PROVIDER_NOT_READY */
+      );
+    }
+    try {
+      const proofHex = proof.proof.startsWith("0x") ? proof.proof.slice(2) : proof.proof;
+      const proofBytes = hexToBytes5(proofHex);
       const isValid = await backend.verifyProof({
         proof: proofBytes,
         publicInputs: proof.publicInputs.map(
@@ -4292,7 +5545,7 @@ var NoirProofProvider = class {
       return isValid;
     } catch (error) {
       if (this.config.verbose) {
-        console.error("[NoirProofProvider] Verification error:", error);
+        console.error("[BrowserNoirProvider] Verification error:", error);
       }
       return false;
     }
@@ -4313,52 +5566,37 @@ var NoirProofProvider = class {
       await this.fulfillmentBackend.destroy();
       this.fulfillmentBackend = null;
     }
+    if (this.worker) {
+      this.worker.terminate();
+      this.worker = null;
+    }
     this.fundingNoir = null;
     this.validityNoir = null;
     this.fulfillmentNoir = null;
     this._isReady = false;
   }
-  // ─── Private Methods ───────────────────────────────────────────────────────
+  // ─── Private Utility Methods ────────────────────────────────────────────────
   ensureReady() {
     if (!this._isReady) {
       throw new ProofError(
-        "NoirProofProvider not initialized. Call initialize() first.",
+        "BrowserNoirProvider not initialized. Call initialize() first.",
         "SIP_4004" /* PROOF_PROVIDER_NOT_READY */
       );
     }
   }
-  /**
-   * Compute the commitment hash that the circuit expects
-   *
-   * The circuit computes:
-   * 1. commitment = pedersen_commitment([balance, blinding])
-   * 2. commitment_hash = pedersen_hash([commitment.x, commitment.y, asset_id])
-   *
-   * We need to compute this outside to pass as a public input.
-   *
-   * **IMPORTANT**: This SDK uses SHA256 as a deterministic stand-in for Pedersen hash.
-   * Both the SDK and circuit MUST use the same hash function. The bundled circuit
-   * artifacts are configured to use SHA256 for compatibility. If you use custom
-   * circuits with actual Pedersen hashing, you must update this implementation.
-   *
-   * @see docs/specs/HASH-COMPATIBILITY.md for hash function requirements
-   */
   async computeCommitmentHash(balance, blindingFactor, assetId) {
     const blindingField = this.bytesToField(blindingFactor);
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const { bytesToHex: bytesToHex12 } = await import("@noble/hashes/utils");
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const preimage = new Uint8Array([
       ...this.bigintToBytes(balance, 8),
       ...blindingFactor.slice(0, 32),
-      ...this.hexToBytes(this.assetIdToField(assetId))
+      ...hexToBytes5(this.assetIdToField(assetId))
     ]);
-    const hash2 = sha2569(preimage);
-    const commitmentHash = bytesToHex12(hash2);
+    const hash2 = sha25611(preimage);
+    const commitmentHash = nobleToHex(hash2);
     return { commitmentHash, blindingField };
   }
-  /**
-   * Convert asset ID to field element
-   */
   assetIdToField(assetId) {
     if (assetId.startsWith("0x")) {
       return assetId.slice(2).padStart(64, "0");
@@ -4371,9 +5609,6 @@ var NoirProofProvider = class {
     }
     return result.toString(16).padStart(64, "0");
   }
-  /**
-   * Convert bytes to field element string
-   */
   bytesToField(bytes) {
     let result = 0n;
     const len = Math.min(bytes.length, 31);
@@ -4382,9 +5617,6 @@ var NoirProofProvider = class {
     }
     return result.toString();
   }
-  /**
-   * Convert bigint to bytes
-   */
   bigintToBytes(value, length) {
     const bytes = new Uint8Array(length);
     let v = value;
@@ -4394,27 +5626,10 @@ var NoirProofProvider = class {
     }
     return bytes;
   }
-  /**
-   * Convert hex string to bytes
-   */
-  hexToBytes(hex) {
-    const h = hex.startsWith("0x") ? hex.slice(2) : hex;
-    const bytes = new Uint8Array(h.length / 2);
-    for (let i = 0; i < bytes.length; i++) {
-      bytes[i] = parseInt(h.slice(i * 2, i * 2 + 2), 16);
-    }
-    return bytes;
-  }
-  /**
-   * Convert hex string to field element string
-   */
   hexToField(hex) {
     const h = hex.startsWith("0x") ? hex.slice(2) : hex;
     return h.padStart(64, "0");
   }
-  /**
-   * Convert field string to 32-byte array
-   */
   fieldToBytes32(field) {
     const hex = field.padStart(64, "0");
     const bytes = [];
@@ -4423,87 +5638,50 @@ var NoirProofProvider = class {
     }
     return bytes;
   }
-  /**
-   * Compute sender commitment for validity proof
-   *
-   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
-   * are compiled to use SHA256 for compatibility with this SDK.
-   *
-   * @see computeCommitmentHash for hash function compatibility notes
-   */
   async computeSenderCommitment(senderAddressField, senderBlindingField) {
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const { bytesToHex: bytesToHex12 } = await import("@noble/hashes/utils");
-    const addressBytes = this.hexToBytes(senderAddressField);
-    const blindingBytes = this.hexToBytes(senderBlindingField.padStart(64, "0"));
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
+    const addressBytes = hexToBytes5(senderAddressField);
+    const blindingBytes = hexToBytes5(senderBlindingField.padStart(64, "0"));
     const preimage = new Uint8Array([...addressBytes, ...blindingBytes]);
-    const hash2 = sha2569(preimage);
-    const commitmentX = bytesToHex12(hash2.slice(0, 16)).padStart(64, "0");
-    const commitmentY = bytesToHex12(hash2.slice(16, 32)).padStart(64, "0");
+    const hash2 = sha25611(preimage);
+    const commitmentX = nobleToHex(hash2.slice(0, 16)).padStart(64, "0");
+    const commitmentY = nobleToHex(hash2.slice(16, 32)).padStart(64, "0");
     return { commitmentX, commitmentY };
   }
-  /**
-   * Compute nullifier for validity proof
-   *
-   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
-   * are compiled to use SHA256 for compatibility with this SDK.
-   *
-   * @see computeCommitmentHash for hash function compatibility notes
-   */
   async computeNullifier(senderSecretField, intentHashField, nonceField) {
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const { bytesToHex: bytesToHex12 } = await import("@noble/hashes/utils");
-    const secretBytes = this.hexToBytes(senderSecretField.padStart(64, "0"));
-    const intentBytes = this.hexToBytes(intentHashField);
-    const nonceBytes = this.hexToBytes(nonceField.padStart(64, "0"));
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
+    const secretBytes = hexToBytes5(senderSecretField.padStart(64, "0"));
+    const intentBytes = hexToBytes5(intentHashField);
+    const nonceBytes = hexToBytes5(nonceField.padStart(64, "0"));
     const preimage = new Uint8Array([...secretBytes, ...intentBytes, ...nonceBytes]);
-    const hash2 = sha2569(preimage);
-    return bytesToHex12(hash2);
+    const hash2 = sha25611(preimage);
+    return nobleToHex(hash2);
   }
-  /**
-   * Compute output commitment for fulfillment proof
-   *
-   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
-   * are compiled to use SHA256 for compatibility with this SDK.
-   *
-   * @see computeCommitmentHash for hash function compatibility notes
-   */
   async computeOutputCommitment(outputAmount, outputBlinding) {
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const { bytesToHex: bytesToHex12 } = await import("@noble/hashes/utils");
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const amountBytes = this.bigintToBytes(outputAmount, 8);
     const blindingBytes = outputBlinding.slice(0, 32);
     const preimage = new Uint8Array([...amountBytes, ...blindingBytes]);
-    const hash2 = sha2569(preimage);
-    const commitmentX = bytesToHex12(hash2.slice(0, 16)).padStart(64, "0");
-    const commitmentY = bytesToHex12(hash2.slice(16, 32)).padStart(64, "0");
+    const hash2 = sha25611(preimage);
+    const commitmentX = nobleToHex(hash2.slice(0, 16)).padStart(64, "0");
+    const commitmentY = nobleToHex(hash2.slice(16, 32)).padStart(64, "0");
     return { commitmentX, commitmentY };
   }
-  /**
-   * Compute solver ID from solver secret
-   *
-   * Uses SHA256 for SDK-side computation. The bundled circuit artifacts
-   * are compiled to use SHA256 for compatibility with this SDK.
-   *
-   * @see computeCommitmentHash for hash function compatibility notes
-   */
   async computeSolverId(solverSecretField) {
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const { bytesToHex: bytesToHex12 } = await import("@noble/hashes/utils");
-    const secretBytes = this.hexToBytes(solverSecretField.padStart(64, "0"));
-    const hash2 = sha2569(secretBytes);
-    return bytesToHex12(hash2);
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
+    const secretBytes = hexToBytes5(solverSecretField.padStart(64, "0"));
+    const hash2 = sha25611(secretBytes);
+    return nobleToHex(hash2);
   }
-  /**
-   * Compute oracle message hash for fulfillment proof
-   *
-   * Hash of attestation data that oracle signs
-   */
   async computeOracleMessageHash(recipient, amount, txHash, blockNumber) {
-    const { sha256: sha2569 } = await import("@noble/hashes/sha256");
-    const recipientBytes = this.hexToBytes(this.hexToField(recipient));
+    const { sha256: sha25611 } = await import("@noble/hashes/sha256");
+    const recipientBytes = hexToBytes5(this.hexToField(recipient));
     const amountBytes = this.bigintToBytes(amount, 8);
-    const txHashBytes = this.hexToBytes(this.hexToField(txHash));
+    const txHashBytes = hexToBytes5(this.hexToField(txHash));
     const blockBytes = this.bigintToBytes(blockNumber, 8);
     const preimage = new Uint8Array([
       ...recipientBytes,
@@ -4511,42 +5689,303 @@ var NoirProofProvider = class {
       ...txHashBytes,
       ...blockBytes
     ]);
-    const hash2 = sha2569(preimage);
+    const hash2 = sha25611(preimage);
     return Array.from(hash2);
   }
-  /**
-   * Derive secp256k1 public key coordinates from a private key
-   *
-   * @param privateKey - 32-byte private key as Uint8Array
-   * @returns X and Y coordinates as 32-byte arrays
-   */
   getPublicKeyCoordinates(privateKey) {
-    const uncompressedPubKey = import_secp256k13.secp256k1.getPublicKey(privateKey, false);
+    const uncompressedPubKey = import_secp256k14.secp256k1.getPublicKey(privateKey, false);
     const x = Array.from(uncompressedPubKey.slice(1, 33));
     const y = Array.from(uncompressedPubKey.slice(33, 65));
     return { x, y };
   }
-  /**
-   * Derive public key coordinates from a field string (private key)
-   *
-   * @param privateKeyField - Private key as hex field string
-   * @returns X and Y coordinates as 32-byte arrays
-   */
-  getPublicKeyFromField(privateKeyField) {
-    const privateKeyBytes = this.hexToBytes(privateKeyField.padStart(64, "0"));
-    return this.getPublicKeyCoordinates(privateKeyBytes);
-  }
 };
 
+// src/oracle/types.ts
+var ORACLE_DOMAIN = "SIP-ORACLE-ATTESTATION-V1";
+var ATTESTATION_VERSION = 1;
+var DEFAULT_THRESHOLD = 3;
+var DEFAULT_TOTAL_ORACLES = 5;
+var CHAIN_NUMERIC_IDS = {
+  ethereum: 1,
+  polygon: 137,
+  arbitrum: 42161,
+  optimism: 10,
+  base: 8453,
+  bitcoin: 0,
+  // Non-standard, SIP-specific (Bitcoin mainnet)
+  solana: 501,
+  // Non-standard, SIP-specific
+  near: 502,
+  // Non-standard, SIP-specific
+  zcash: 503
+  // Non-standard, SIP-specific
+};
+
+// src/oracle/verification.ts
+var import_ed255192 = require("@noble/curves/ed25519");
+var import_sha2568 = require("@noble/hashes/sha256");
+var import_utils9 = require("@noble/hashes/utils");
+
+// src/oracle/serialization.ts
+var import_sha2567 = require("@noble/hashes/sha256");
+var import_utils8 = require("@noble/hashes/utils");
+function serializeAttestationMessage(message) {
+  const buffer = new Uint8Array(197);
+  const view = new DataView(buffer.buffer);
+  let offset = 0;
+  buffer[offset++] = message.version;
+  view.setUint32(offset, message.chainId, false);
+  offset += 4;
+  const intentHashBytes = normalizeToBytes(message.intentHash, 32, "intentHash");
+  buffer.set(intentHashBytes, offset);
+  offset += 32;
+  const recipientBytes = normalizeToBytes(message.recipient, 32, "recipient");
+  buffer.set(recipientBytes, offset);
+  offset += 32;
+  const amountBytes = bigintToBytes(message.amount, 16);
+  buffer.set(amountBytes, offset);
+  offset += 16;
+  const assetIdBytes = normalizeToBytes(message.assetId, 32, "assetId");
+  buffer.set(assetIdBytes, offset);
+  offset += 32;
+  const txHashBytes = normalizeToBytes(message.txHash, 32, "txHash");
+  buffer.set(txHashBytes, offset);
+  offset += 32;
+  view.setBigUint64(offset, message.blockNumber, false);
+  offset += 8;
+  const blockHashBytes = normalizeToBytes(message.blockHash, 32, "blockHash");
+  buffer.set(blockHashBytes, offset);
+  offset += 32;
+  view.setBigUint64(offset, BigInt(message.timestamp), false);
+  return buffer;
+}
+function deserializeAttestationMessage(bytes) {
+  if (bytes.length !== 197) {
+    throw new ValidationError(
+      `Invalid attestation message length: ${bytes.length}, expected 197`,
+      "bytes"
+    );
+  }
+  const view = new DataView(bytes.buffer, bytes.byteOffset);
+  let offset = 0;
+  const version = bytes[offset++];
+  const chainId = view.getUint32(offset, false);
+  offset += 4;
+  const intentHash = `0x${(0, import_utils8.bytesToHex)(bytes.slice(offset, offset + 32))}`;
+  offset += 32;
+  const recipient = `0x${(0, import_utils8.bytesToHex)(bytes.slice(offset, offset + 32))}`;
+  offset += 32;
+  const amount = bytesToBigint(bytes.slice(offset, offset + 16));
+  offset += 16;
+  const assetId = `0x${(0, import_utils8.bytesToHex)(bytes.slice(offset, offset + 32))}`;
+  offset += 32;
+  const txHash = `0x${(0, import_utils8.bytesToHex)(bytes.slice(offset, offset + 32))}`;
+  offset += 32;
+  const blockNumber = view.getBigUint64(offset, false);
+  offset += 8;
+  const blockHash = `0x${(0, import_utils8.bytesToHex)(bytes.slice(offset, offset + 32))}`;
+  offset += 32;
+  const timestamp = Number(view.getBigUint64(offset, false));
+  return {
+    version,
+    chainId,
+    intentHash,
+    recipient,
+    amount,
+    assetId,
+    txHash,
+    blockNumber,
+    blockHash,
+    timestamp
+  };
+}
+function computeAttestationHash(message) {
+  const domain = (0, import_utils8.utf8ToBytes)(ORACLE_DOMAIN);
+  const messageBytes = serializeAttestationMessage(message);
+  const toHash = new Uint8Array(domain.length + messageBytes.length);
+  toHash.set(domain, 0);
+  toHash.set(messageBytes, domain.length);
+  return (0, import_sha2567.sha256)(toHash);
+}
+function getChainNumericId(chain) {
+  const id = CHAIN_NUMERIC_IDS[chain];
+  if (id === void 0) {
+    throw new ValidationError(`Unknown chain: ${chain}`, "chain");
+  }
+  return id;
+}
+function normalizeToBytes(hex, length, field) {
+  const stripped = hex.startsWith("0x") ? hex.slice(2) : hex;
+  const bytes = (0, import_utils8.hexToBytes)(stripped);
+  if (bytes.length === length) {
+    return bytes;
+  }
+  if (bytes.length > length) {
+    throw new ValidationError(
+      `${field} is too long: ${bytes.length} bytes, max ${length}`,
+      field
+    );
+  }
+  const padded = new Uint8Array(length);
+  padded.set(bytes, length - bytes.length);
+  return padded;
+}
+function bigintToBytes(value, length) {
+  const bytes = new Uint8Array(length);
+  let v = value;
+  for (let i = length - 1; i >= 0; i--) {
+    bytes[i] = Number(v & 0xffn);
+    v >>= 8n;
+  }
+  return bytes;
+}
+function bytesToBigint(bytes) {
+  let result = 0n;
+  for (const byte of bytes) {
+    result = (result << 8n) + BigInt(byte);
+  }
+  return result;
+}
+
+// src/oracle/verification.ts
+function deriveOracleId(publicKey) {
+  const keyBytes = typeof publicKey === "string" ? (0, import_utils9.hexToBytes)(publicKey.startsWith("0x") ? publicKey.slice(2) : publicKey) : publicKey;
+  const hash2 = (0, import_sha2568.sha256)(keyBytes);
+  return `0x${(0, import_utils9.bytesToHex)(hash2)}`;
+}
+function verifyAttestation(attestation, registry) {
+  const { message, signatures } = attestation;
+  const errors = [];
+  const validOracles = [];
+  if (signatures.length < registry.threshold) {
+    errors.push(
+      `Insufficient signatures: ${signatures.length} < ${registry.threshold} required`
+    );
+  }
+  const messageHash = computeAttestationHash(message);
+  const seenOracles = /* @__PURE__ */ new Set();
+  let validCount = 0;
+  for (const sig of signatures) {
+    if (seenOracles.has(sig.oracleId)) {
+      errors.push(`Duplicate signature from oracle: ${sig.oracleId}`);
+      continue;
+    }
+    seenOracles.add(sig.oracleId);
+    const oracle = registry.oracles.get(sig.oracleId);
+    if (!oracle) {
+      errors.push(`Unknown oracle: ${sig.oracleId}`);
+      continue;
+    }
+    if (oracle.status !== "active") {
+      errors.push(`Oracle not active: ${sig.oracleId} (status: ${oracle.status})`);
+      continue;
+    }
+    try {
+      const publicKeyBytes = (0, import_utils9.hexToBytes)(
+        oracle.publicKey.startsWith("0x") ? oracle.publicKey.slice(2) : oracle.publicKey
+      );
+      const signatureBytes = (0, import_utils9.hexToBytes)(
+        sig.signature.startsWith("0x") ? sig.signature.slice(2) : sig.signature
+      );
+      const isValid = import_ed255192.ed25519.verify(signatureBytes, messageHash, publicKeyBytes);
+      if (isValid) {
+        validCount++;
+        validOracles.push(sig.oracleId);
+      } else {
+        errors.push(`Invalid signature from oracle: ${sig.oracleId}`);
+      }
+    } catch (e) {
+      errors.push(`Signature verification error for ${sig.oracleId}: ${e}`);
+    }
+  }
+  const valid = validCount >= registry.threshold && errors.length === 0;
+  return {
+    valid,
+    validSignatures: validCount,
+    threshold: registry.threshold,
+    validOracles,
+    errors: errors.length > 0 ? errors : void 0
+  };
+}
+function verifyOracleSignature(signature, messageHash, oracle) {
+  try {
+    const publicKeyBytes = (0, import_utils9.hexToBytes)(
+      oracle.publicKey.startsWith("0x") ? oracle.publicKey.slice(2) : oracle.publicKey
+    );
+    const signatureBytes = (0, import_utils9.hexToBytes)(
+      signature.signature.startsWith("0x") ? signature.signature.slice(2) : signature.signature
+    );
+    return import_ed255192.ed25519.verify(signatureBytes, messageHash, publicKeyBytes);
+  } catch {
+    return false;
+  }
+}
+function signAttestationMessage(messageHash, privateKey) {
+  const signature = import_ed255192.ed25519.sign(messageHash, privateKey);
+  const publicKey = import_ed255192.ed25519.getPublicKey(privateKey);
+  const oracleId = deriveOracleId(publicKey);
+  return {
+    oracleId,
+    signature: `0x${(0, import_utils9.bytesToHex)(signature)}`
+  };
+}
+function createOracleRegistry(config = {}) {
+  const registry = {
+    oracles: /* @__PURE__ */ new Map(),
+    threshold: config.threshold ?? DEFAULT_THRESHOLD,
+    totalOracles: 0,
+    version: 1,
+    lastUpdated: Date.now()
+  };
+  if (config.customOracles) {
+    for (const oracle of config.customOracles) {
+      registry.oracles.set(oracle.id, oracle);
+    }
+    registry.totalOracles = config.customOracles.length;
+  }
+  return registry;
+}
+function addOracle(registry, oracle) {
+  registry.oracles.set(oracle.id, oracle);
+  registry.totalOracles = registry.oracles.size;
+  registry.lastUpdated = Date.now();
+}
+function removeOracle(registry, oracleId) {
+  const removed = registry.oracles.delete(oracleId);
+  if (removed) {
+    registry.totalOracles = registry.oracles.size;
+    registry.lastUpdated = Date.now();
+  }
+  return removed;
+}
+function updateOracleStatus(registry, oracleId, status) {
+  const oracle = registry.oracles.get(oracleId);
+  if (!oracle) {
+    return false;
+  }
+  oracle.status = status;
+  registry.lastUpdated = Date.now();
+  return true;
+}
+function getActiveOracles(registry) {
+  return Array.from(registry.oracles.values()).filter(
+    (oracle) => oracle.status === "active"
+  );
+}
+function hasEnoughOracles(registry) {
+  const activeCount = getActiveOracles(registry).length;
+  return activeCount >= registry.threshold;
+}
+
 // src/index.ts
-var import_types31 = require("@sip-protocol/types");
-var import_types32 = require("@sip-protocol/types");
 var import_types33 = require("@sip-protocol/types");
 var import_types34 = require("@sip-protocol/types");
+var import_types35 = require("@sip-protocol/types");
+var import_types36 = require("@sip-protocol/types");
 
 // src/solver/mock-solver.ts
-var import_types5 = require("@sip-protocol/types");
-var import_utils8 = require("@noble/hashes/utils");
+var import_types7 = require("@sip-protocol/types");
+var import_utils10 = require("@noble/hashes/utils");
 var MockSolver = class {
   info;
   capabilities;
@@ -4628,7 +6067,7 @@ var MockSolver = class {
     const spreadAmount = baseOutput * BigInt(Math.floor(this.spreadPercent * 1e4)) / 10000n;
     const outputAmount = baseOutput + spreadAmount;
     const feeAmount = outputAmount * BigInt(Math.floor(this.feePercent * 1e4)) / 10000n;
-    const quoteId = `quote-${(0, import_utils8.bytesToHex)((0, import_utils8.randomBytes)(8))}`;
+    const quoteId = `quote-${(0, import_utils10.bytesToHex)((0, import_utils10.randomBytes)(8))}`;
     const now = Math.floor(Date.now() / 1e3);
     const quote = {
       quoteId,
@@ -4639,7 +6078,7 @@ var MockSolver = class {
       expiry: now + 60,
       // Quote valid for 1 minute
       fee: feeAmount,
-      signature: `0x${(0, import_utils8.bytesToHex)((0, import_utils8.randomBytes)(64))}`,
+      signature: `0x${(0, import_utils10.bytesToHex)((0, import_utils10.randomBytes)(64))}`,
       // Mock signature
       validUntil: now + 60,
       estimatedGas: 200000n
@@ -4671,25 +6110,25 @@ var MockSolver = class {
       status.error = "Simulated failure for testing";
       return {
         intentId: intent.intentId,
-        status: import_types5.IntentStatus.FAILED,
+        status: import_types7.IntentStatus.FAILED,
         fulfilledAt: Math.floor(Date.now() / 1e3),
         error: status.error
       };
     }
-    const txHash = `0x${(0, import_utils8.bytesToHex)((0, import_utils8.randomBytes)(32))}`;
+    const txHash = `0x${(0, import_utils10.bytesToHex)((0, import_utils10.randomBytes)(32))}`;
     status.status = "completed";
     status.txHash = txHash;
     return {
       intentId: intent.intentId,
-      status: import_types5.IntentStatus.FULFILLED,
+      status: import_types7.IntentStatus.FULFILLED,
       outputAmount: quote.outputAmount,
       txHash: intent.privacyLevel === "transparent" ? txHash : void 0,
       fulfillmentProof: {
         type: "fulfillment",
-        proof: `0x${(0, import_utils8.bytesToHex)((0, import_utils8.randomBytes)(128))}`,
+        proof: `0x${(0, import_utils10.bytesToHex)((0, import_utils10.randomBytes)(128))}`,
         publicInputs: [
-          `0x${(0, import_utils8.bytesToHex)(new TextEncoder().encode(intent.intentId))}`,
-          `0x${(0, import_utils8.bytesToHex)(new TextEncoder().encode(quote.quoteId))}`
+          `0x${(0, import_utils10.bytesToHex)(new TextEncoder().encode(intent.intentId))}`,
+          `0x${(0, import_utils10.bytesToHex)(new TextEncoder().encode(quote.quoteId))}`
         ]
       },
       fulfilledAt: Math.floor(Date.now() / 1e3)
@@ -4727,10 +6166,10 @@ function createMockSolver(config) {
 }
 
 // src/index.ts
-var import_types35 = require("@sip-protocol/types");
+var import_types37 = require("@sip-protocol/types");
 
 // src/zcash/rpc-client.ts
-var import_types6 = require("@sip-protocol/types");
+var import_types8 = require("@sip-protocol/types");
 var DEFAULT_CONFIG = {
   host: "127.0.0.1",
   port: 8232,
@@ -4750,19 +6189,19 @@ var ZcashRPCError = class extends Error {
    * Check if error is due to insufficient funds
    */
   isInsufficientFunds() {
-    return this.code === import_types6.ZcashErrorCode.WALLET_INSUFFICIENT_FUNDS;
+    return this.code === import_types8.ZcashErrorCode.WALLET_INSUFFICIENT_FUNDS;
   }
   /**
    * Check if error is due to invalid address
    */
   isInvalidAddress() {
-    return this.code === import_types6.ZcashErrorCode.INVALID_ADDRESS_OR_KEY;
+    return this.code === import_types8.ZcashErrorCode.INVALID_ADDRESS_OR_KEY;
   }
   /**
    * Check if error is due to wallet being locked
    */
   isWalletLocked() {
-    return this.code === import_types6.ZcashErrorCode.WALLET_UNLOCK_NEEDED;
+    return this.code === import_types8.ZcashErrorCode.WALLET_UNLOCK_NEEDED;
   }
 };
 var ZcashRPCClient = class {
@@ -5149,7 +6588,7 @@ function createZcashClient(config) {
 }
 
 // src/zcash/shielded-service.ts
-var import_types7 = require("@sip-protocol/types");
+var import_types9 = require("@sip-protocol/types");
 var ZcashShieldedService = class _ZcashShieldedService {
   client;
   config;
@@ -5335,7 +6774,7 @@ var ZcashShieldedService = class _ZcashShieldedService {
    * Higher-level method that handles privacy level mapping.
    */
   async sendWithPrivacy(to, amount, privacyLevel, memo) {
-    if (privacyLevel === import_types7.PrivacyLevel.TRANSPARENT) {
+    if (privacyLevel === import_types9.PrivacyLevel.TRANSPARENT) {
       throw new ValidationError(
         "Transparent mode not supported for Zcash shielded service. Use standard RPC client.",
         "privacyLevel",
@@ -5429,7 +6868,7 @@ var ZcashShieldedService = class _ZcashShieldedService {
     const viewingKey = await this.exportViewingKey();
     return {
       viewingKey,
-      privacyLevel: import_types7.PrivacyLevel.COMPLIANT,
+      privacyLevel: import_types9.PrivacyLevel.COMPLIANT,
       disclaimer: "This viewing key provides read-only access to transaction history. It cannot be used to spend funds. Share only with authorized auditors."
     };
   }
@@ -5515,11 +6954,11 @@ var ZcashShieldedService = class _ZcashShieldedService {
    */
   mapPrivacyLevelToPolicy(level) {
     switch (level) {
-      case import_types7.PrivacyLevel.TRANSPARENT:
+      case import_types9.PrivacyLevel.TRANSPARENT:
         return "NoPrivacy";
-      case import_types7.PrivacyLevel.SHIELDED:
+      case import_types9.PrivacyLevel.SHIELDED:
         return "FullPrivacy";
-      case import_types7.PrivacyLevel.COMPLIANT:
+      case import_types9.PrivacyLevel.COMPLIANT:
         return "FullPrivacy";
       default:
         return "FullPrivacy";
@@ -5572,15 +7011,15 @@ function createZcashShieldedService(config) {
 }
 
 // src/zcash/index.ts
-var import_types8 = require("@sip-protocol/types");
+var import_types10 = require("@sip-protocol/types");
 
 // src/index.ts
-var import_types36 = require("@sip-protocol/types");
+var import_types38 = require("@sip-protocol/types");
 
 // src/payment/payment.ts
-var import_types9 = require("@sip-protocol/types");
-var import_sha2567 = require("@noble/hashes/sha256");
-var import_utils9 = require("@noble/hashes/utils");
+var import_types11 = require("@sip-protocol/types");
+var import_sha2569 = require("@noble/hashes/sha256");
+var import_utils11 = require("@noble/hashes/utils");
 var import_chacha2 = require("@noble/ciphers/chacha.js");
 var import_hkdf2 = require("@noble/hashes/hkdf");
 
@@ -5765,7 +7204,7 @@ var PaymentBuilder = class {
   _amount;
   _recipientMetaAddress;
   _recipientAddress;
-  _privacy = import_types9.PrivacyLevel.SHIELDED;
+  _privacy = import_types11.PrivacyLevel.SHIELDED;
   _viewingKey;
   _sourceChain;
   _destinationChain;
@@ -6048,7 +7487,7 @@ async function createShieldedPayment(params, options) {
   } else {
     resolvedToken = token;
   }
-  if (privacy !== import_types9.PrivacyLevel.TRANSPARENT && !recipientMetaAddress) {
+  if (privacy !== import_types11.PrivacyLevel.TRANSPARENT && !recipientMetaAddress) {
     throw new ValidationError(
       "recipientMetaAddress is required for shielded/compliant privacy modes",
       "recipientMetaAddress",
@@ -6056,7 +7495,7 @@ async function createShieldedPayment(params, options) {
       "SIP_2008" /* MISSING_REQUIRED */
     );
   }
-  if (privacy === import_types9.PrivacyLevel.TRANSPARENT && !recipientAddress) {
+  if (privacy === import_types11.PrivacyLevel.TRANSPARENT && !recipientAddress) {
     throw new ValidationError(
       "recipientAddress is required for transparent mode",
       "recipientAddress",
@@ -6064,7 +7503,7 @@ async function createShieldedPayment(params, options) {
       "SIP_2008" /* MISSING_REQUIRED */
     );
   }
-  if (privacy === import_types9.PrivacyLevel.COMPLIANT && !viewingKey) {
+  if (privacy === import_types11.PrivacyLevel.COMPLIANT && !viewingKey) {
     throw new ValidationError(
       "viewingKey is required for compliant mode",
       "viewingKey",
@@ -6076,8 +7515,8 @@ async function createShieldedPayment(params, options) {
   let viewingKeyHash;
   if (viewingKey) {
     const keyHex = viewingKey.startsWith("0x") ? viewingKey.slice(2) : viewingKey;
-    const keyBytes = (0, import_utils9.hexToBytes)(keyHex);
-    viewingKeyHash = `0x${(0, import_utils9.bytesToHex)((0, import_sha2567.sha256)(keyBytes))}`;
+    const keyBytes = (0, import_utils11.hexToBytes)(keyHex);
+    viewingKeyHash = `0x${(0, import_utils11.bytesToHex)((0, import_sha2569.sha256)(keyBytes))}`;
   }
   const privacyConfig = getPrivacyConfig(
     privacy,
@@ -6086,7 +7525,7 @@ async function createShieldedPayment(params, options) {
   const now = Math.floor(Date.now() / 1e3);
   const payment = {
     paymentId,
-    version: import_types9.SIP_VERSION,
+    version: import_types11.SIP_VERSION,
     privacyLevel: privacy,
     createdAt: now,
     expiry: now + ttl,
@@ -6097,7 +7536,7 @@ async function createShieldedPayment(params, options) {
     purpose,
     viewingKeyHash
   };
-  if (privacy !== import_types9.PrivacyLevel.TRANSPARENT && recipientMetaAddress) {
+  if (privacy !== import_types11.PrivacyLevel.TRANSPARENT && recipientMetaAddress) {
     const metaAddress = decodeStealthMetaAddress(recipientMetaAddress);
     const { stealthAddress } = generateStealthAddress(metaAddress);
     payment.recipientStealth = stealthAddress;
@@ -6114,10 +7553,10 @@ async function createShieldedPayment(params, options) {
     payment.recipientAddress = recipientAddress;
     payment.memo = memo;
   }
-  if (privacy !== import_types9.PrivacyLevel.TRANSPARENT && proofProvider?.isReady) {
+  if (privacy !== import_types11.PrivacyLevel.TRANSPARENT && proofProvider?.isReady) {
     const hexToUint8 = (hex) => {
       const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
-      return (0, import_utils9.hexToBytes)(cleanHex);
+      return (0, import_utils11.hexToBytes)(cleanHex);
     };
     const fundingResult = await proofProvider.generateFundingProof({
       balance: amount,
@@ -6144,17 +7583,17 @@ async function createShieldedPayment(params, options) {
 }
 function encryptMemo(memo, viewingKey) {
   const keyHex = viewingKey.startsWith("0x") ? viewingKey.slice(2) : viewingKey;
-  const keyBytes = (0, import_utils9.hexToBytes)(keyHex);
-  const encKey = (0, import_hkdf2.hkdf)(import_sha2567.sha256, keyBytes, new Uint8Array(0), new Uint8Array(0), 32);
+  const keyBytes = (0, import_utils11.hexToBytes)(keyHex);
+  const encKey = (0, import_hkdf2.hkdf)(import_sha2569.sha256, keyBytes, new Uint8Array(0), new Uint8Array(0), 32);
   try {
-    const nonce = (0, import_utils9.randomBytes)(24);
+    const nonce = (0, import_utils11.randomBytes)(24);
     const cipher = (0, import_chacha2.xchacha20poly1305)(encKey, nonce);
     const plaintext = new TextEncoder().encode(memo);
     const ciphertext = cipher.encrypt(plaintext);
     const result = new Uint8Array(nonce.length + ciphertext.length);
     result.set(nonce);
     result.set(ciphertext, nonce.length);
-    return `0x${(0, import_utils9.bytesToHex)(result)}`;
+    return `0x${(0, import_utils11.bytesToHex)(result)}`;
   } finally {
     secureWipe(keyBytes);
     secureWipe(encKey);
@@ -6162,11 +7601,11 @@ function encryptMemo(memo, viewingKey) {
 }
 function decryptMemo(encryptedMemo, viewingKey) {
   const keyHex = viewingKey.startsWith("0x") ? viewingKey.slice(2) : viewingKey;
-  const keyBytes = (0, import_utils9.hexToBytes)(keyHex);
-  const encKey = (0, import_hkdf2.hkdf)(import_sha2567.sha256, keyBytes, new Uint8Array(0), new Uint8Array(0), 32);
+  const keyBytes = (0, import_utils11.hexToBytes)(keyHex);
+  const encKey = (0, import_hkdf2.hkdf)(import_sha2569.sha256, keyBytes, new Uint8Array(0), new Uint8Array(0), 32);
   try {
     const dataHex = encryptedMemo.startsWith("0x") ? encryptedMemo.slice(2) : encryptedMemo;
-    const data = (0, import_utils9.hexToBytes)(dataHex);
+    const data = (0, import_utils11.hexToBytes)(dataHex);
     const nonce = data.slice(0, 24);
     const ciphertext = data.slice(24);
     const cipher = (0, import_chacha2.xchacha20poly1305)(encKey, nonce);
@@ -6180,7 +7619,7 @@ function decryptMemo(encryptedMemo, viewingKey) {
 function trackPayment(payment) {
   return {
     ...payment,
-    status: import_types9.PaymentStatus.DRAFT
+    status: import_types11.PaymentStatus.DRAFT
   };
 }
 function isPaymentExpired(payment) {
@@ -6213,10 +7652,10 @@ function getPaymentSummary(payment) {
 }
 
 // src/treasury/treasury.ts
-var import_types10 = require("@sip-protocol/types");
-var import_secp256k14 = require("@noble/curves/secp256k1");
-var import_sha2568 = require("@noble/hashes/sha256");
-var import_utils10 = require("@noble/hashes/utils");
+var import_types12 = require("@sip-protocol/types");
+var import_secp256k15 = require("@noble/curves/secp256k1");
+var import_sha25610 = require("@noble/hashes/sha256");
+var import_utils12 = require("@noble/hashes/utils");
 var DEFAULT_PROPOSAL_TTL = 7 * 24 * 60 * 60;
 var Treasury = class _Treasury {
   config;
@@ -6246,7 +7685,7 @@ var Treasury = class _Treasury {
         ...m,
         addedAt: now
       })),
-      defaultPrivacy: params.defaultPrivacy ?? import_types10.PrivacyLevel.SHIELDED,
+      defaultPrivacy: params.defaultPrivacy ?? import_types12.PrivacyLevel.SHIELDED,
       masterViewingKey,
       dailyLimit: params.dailyLimit,
       transactionLimit: params.transactionLimit,
@@ -6325,7 +7764,7 @@ var Treasury = class _Treasury {
       proposalId,
       treasuryId: this.config.treasuryId,
       type: "payment",
-      status: import_types10.ProposalStatus.PENDING,
+      status: import_types12.ProposalStatus.PENDING,
       proposer: "",
       // Should be set by caller
       title: params.title,
@@ -6358,7 +7797,7 @@ var Treasury = class _Treasury {
       proposalId,
       treasuryId: this.config.treasuryId,
       type: "batch_payment",
-      status: import_types10.ProposalStatus.PENDING,
+      status: import_types12.ProposalStatus.PENDING,
       proposer: "",
       title: params.title,
       description: params.description,
@@ -6392,7 +7831,7 @@ var Treasury = class _Treasury {
    * Get pending proposals
    */
   getPendingProposals() {
-    return this.getAllProposals().filter((p) => p.status === import_types10.ProposalStatus.PENDING);
+    return this.getAllProposals().filter((p) => p.status === import_types12.ProposalStatus.PENDING);
   }
   /**
    * Sign a proposal
@@ -6423,7 +7862,7 @@ var Treasury = class _Treasury {
         "SIP_2001" /* INVALID_INPUT */
       );
     }
-    if (proposal.status !== import_types10.ProposalStatus.PENDING) {
+    if (proposal.status !== import_types12.ProposalStatus.PENDING) {
       throw new ValidationError(
         `proposal is not pending: ${proposal.status}`,
         "proposalId",
@@ -6433,7 +7872,7 @@ var Treasury = class _Treasury {
     }
     const now = Math.floor(Date.now() / 1e3);
     if (now > proposal.expiresAt) {
-      proposal.status = import_types10.ProposalStatus.EXPIRED;
+      proposal.status = import_types12.ProposalStatus.EXPIRED;
       throw new ValidationError(
         "proposal has expired",
         "proposalId",
@@ -6465,9 +7904,9 @@ var Treasury = class _Treasury {
     const approvals = proposal.signatures.filter((s) => s.approved).length;
     const rejections = proposal.signatures.filter((s) => !s.approved).length;
     if (approvals >= proposal.requiredSignatures) {
-      proposal.status = import_types10.ProposalStatus.APPROVED;
+      proposal.status = import_types12.ProposalStatus.APPROVED;
     } else if (rejections > this.config.totalSigners - proposal.requiredSignatures) {
-      proposal.status = import_types10.ProposalStatus.REJECTED;
+      proposal.status = import_types12.ProposalStatus.REJECTED;
     }
     return proposal;
   }
@@ -6484,7 +7923,7 @@ var Treasury = class _Treasury {
         "SIP_2001" /* INVALID_INPUT */
       );
     }
-    if (proposal.status !== import_types10.ProposalStatus.APPROVED) {
+    if (proposal.status !== import_types12.ProposalStatus.APPROVED) {
       throw new ValidationError(
         `proposal is not approved: ${proposal.status}`,
         "proposalId",
@@ -6497,8 +7936,8 @@ var Treasury = class _Treasury {
       const payment = await createShieldedPayment({
         token: proposal.payment.token,
         amount: proposal.payment.amount,
-        recipientMetaAddress: proposal.payment.privacy !== import_types10.PrivacyLevel.TRANSPARENT ? proposal.payment.recipient : void 0,
-        recipientAddress: proposal.payment.privacy === import_types10.PrivacyLevel.TRANSPARENT ? proposal.payment.recipient : void 0,
+        recipientMetaAddress: proposal.payment.privacy !== import_types12.PrivacyLevel.TRANSPARENT ? proposal.payment.recipient : void 0,
+        recipientAddress: proposal.payment.privacy === import_types12.PrivacyLevel.TRANSPARENT ? proposal.payment.recipient : void 0,
         privacy: proposal.payment.privacy,
         viewingKey: this.config.masterViewingKey?.key,
         sourceChain: this.config.chain,
@@ -6511,8 +7950,8 @@ var Treasury = class _Treasury {
         const payment = await createShieldedPayment({
           token: proposal.batchPayment.token,
           amount: recipient.amount,
-          recipientMetaAddress: proposal.batchPayment.privacy !== import_types10.PrivacyLevel.TRANSPARENT ? recipient.address : void 0,
-          recipientAddress: proposal.batchPayment.privacy === import_types10.PrivacyLevel.TRANSPARENT ? recipient.address : void 0,
+          recipientMetaAddress: proposal.batchPayment.privacy !== import_types12.PrivacyLevel.TRANSPARENT ? recipient.address : void 0,
+          recipientAddress: proposal.batchPayment.privacy === import_types12.PrivacyLevel.TRANSPARENT ? recipient.address : void 0,
           privacy: proposal.batchPayment.privacy,
           viewingKey: this.config.masterViewingKey?.key,
           sourceChain: this.config.chain,
@@ -6522,7 +7961,7 @@ var Treasury = class _Treasury {
         payments.push(payment);
       }
     }
-    proposal.status = import_types10.ProposalStatus.EXECUTED;
+    proposal.status = import_types12.ProposalStatus.EXECUTED;
     proposal.executedAt = Math.floor(Date.now() / 1e3);
     proposal.resultPayments = payments;
     return payments;
@@ -6551,7 +7990,7 @@ var Treasury = class _Treasury {
         "SIP_2001" /* INVALID_INPUT */
       );
     }
-    if (proposal.status !== import_types10.ProposalStatus.PENDING) {
+    if (proposal.status !== import_types12.ProposalStatus.PENDING) {
       throw new ValidationError(
         `proposal is not pending: ${proposal.status}`,
         "proposalId",
@@ -6559,7 +7998,7 @@ var Treasury = class _Treasury {
         "SIP_2001" /* INVALID_INPUT */
       );
     }
-    proposal.status = import_types10.ProposalStatus.CANCELLED;
+    proposal.status = import_types12.ProposalStatus.CANCELLED;
     return proposal;
   }
   // ─── Auditor Access ──────────────────────────────────────────────────────────
@@ -6656,7 +8095,7 @@ var Treasury = class _Treasury {
   getCommittedAmount(token) {
     let committed = 0n;
     for (const proposal of this.proposals.values()) {
-      if (proposal.status !== import_types10.ProposalStatus.PENDING) continue;
+      if (proposal.status !== import_types12.ProposalStatus.PENDING) continue;
       if (proposal.type === "payment" && proposal.payment) {
         if (proposal.payment.token.symbol === token.symbol && proposal.payment.token.chain === token.chain) {
           committed += proposal.payment.amount;
@@ -6707,12 +8146,12 @@ var Treasury = class _Treasury {
   }
 };
 function generateTreasuryId() {
-  const bytes = (0, import_utils10.randomBytes)(16);
-  return `treasury_${(0, import_utils10.bytesToHex)(bytes)}`;
+  const bytes = (0, import_utils12.randomBytes)(16);
+  return `treasury_${(0, import_utils12.bytesToHex)(bytes)}`;
 }
 function generateProposalId() {
-  const bytes = (0, import_utils10.randomBytes)(16);
-  return `prop_${(0, import_utils10.bytesToHex)(bytes)}`;
+  const bytes = (0, import_utils12.randomBytes)(16);
+  return `prop_${(0, import_utils12.bytesToHex)(bytes)}`;
 }
 function computeProposalHash(proposal) {
   const data = JSON.stringify({
@@ -6724,13 +8163,13 @@ function computeProposalHash(proposal) {
     createdAt: proposal.createdAt,
     expiresAt: proposal.expiresAt
   }, (_, value) => typeof value === "bigint" ? value.toString() : value);
-  return (0, import_sha2568.sha256)(new TextEncoder().encode(data));
+  return (0, import_sha25610.sha256)(new TextEncoder().encode(data));
 }
 function signMessage(messageHash, privateKey) {
   const keyHex = privateKey.startsWith("0x") ? privateKey.slice(2) : privateKey;
-  const keyBytes = (0, import_utils10.hexToBytes)(keyHex);
+  const keyBytes = (0, import_utils12.hexToBytes)(keyHex);
   try {
-    const signature = import_secp256k14.secp256k1.sign(messageHash, keyBytes);
+    const signature = import_secp256k15.secp256k1.sign(messageHash, keyBytes);
     return `0x${signature.toCompactHex()}`;
   } finally {
     secureWipe(keyBytes);
@@ -6740,9 +8179,9 @@ function verifySignature(messageHash, signature, publicKey) {
   const sigHex = signature.startsWith("0x") ? signature.slice(2) : signature;
   const pubKeyHex = publicKey.startsWith("0x") ? publicKey.slice(2) : publicKey;
   try {
-    const sigBytes = (0, import_utils10.hexToBytes)(sigHex);
-    const pubKeyBytes = (0, import_utils10.hexToBytes)(pubKeyHex);
-    return import_secp256k14.secp256k1.verify(sigBytes, messageHash, pubKeyBytes);
+    const sigBytes = (0, import_utils12.hexToBytes)(sigHex);
+    const pubKeyBytes = (0, import_utils12.hexToBytes)(pubKeyHex);
+    return import_secp256k15.secp256k1.verify(sigBytes, messageHash, pubKeyBytes);
   } catch {
     return false;
   }
@@ -6899,8 +8338,8 @@ function validateBatchProposalParams(params, config) {
 }
 
 // src/compliance/compliance-manager.ts
-var import_types11 = require("@sip-protocol/types");
-var import_utils11 = require("@noble/hashes/utils");
+var import_types13 = require("@sip-protocol/types");
+var import_utils13 = require("@noble/hashes/utils");
 var DEFAULTS2 = {
   riskThreshold: 70,
   highValueThreshold: 10000000000n,
@@ -7267,7 +8706,7 @@ var ComplianceManager = class _ComplianceManager {
       title: params.title,
       description: params.description,
       format: params.format,
-      status: import_types11.ReportStatus.GENERATING,
+      status: import_types13.ReportStatus.GENERATING,
       requestedBy,
       requestedAt: now,
       startDate: params.startDate,
@@ -7296,10 +8735,10 @@ var ComplianceManager = class _ComplianceManager {
       } else if (params.format === "csv") {
         report.content = this.generateCSV(transactions);
       }
-      report.status = import_types11.ReportStatus.COMPLETED;
+      report.status = import_types13.ReportStatus.COMPLETED;
       report.generatedAt = Math.floor(Date.now() / 1e3);
     } catch (error) {
-      report.status = import_types11.ReportStatus.FAILED;
+      report.status = import_types13.ReportStatus.FAILED;
       report.error = error instanceof Error ? error.message : "Unknown error";
     }
     this.addAuditLog(requestedBy, "report_generated", {
@@ -7574,7 +9013,7 @@ var ComplianceManager = class _ComplianceManager {
   }
 };
 function generateId(prefix) {
-  return `${prefix}_${(0, import_utils11.bytesToHex)((0, import_utils11.randomBytes)(12))}`;
+  return `${prefix}_${(0, import_utils13.bytesToHex)((0, import_utils13.randomBytes)(12))}`;
 }
 function validateRegisterAuditorParams(params) {
   if (!params.organization?.trim()) {
@@ -7662,10 +9101,10 @@ function validateReportParams(params) {
 }
 
 // src/wallet/errors.ts
-var import_types12 = require("@sip-protocol/types");
+var import_types14 = require("@sip-protocol/types");
 var WalletError = class extends SIPError {
   walletCode;
-  constructor(message, walletCode = import_types12.WalletErrorCode.UNKNOWN, options) {
+  constructor(message, walletCode = import_types14.WalletErrorCode.UNKNOWN, options) {
     super(message, "SIP_7000" /* WALLET_ERROR */, options);
     this.walletCode = walletCode;
     this.name = "WalletError";
@@ -7675,10 +9114,10 @@ var WalletError = class extends SIPError {
    */
   isConnectionError() {
     const codes = [
-      import_types12.WalletErrorCode.NOT_INSTALLED,
-      import_types12.WalletErrorCode.CONNECTION_REJECTED,
-      import_types12.WalletErrorCode.CONNECTION_FAILED,
-      import_types12.WalletErrorCode.NOT_CONNECTED
+      import_types14.WalletErrorCode.NOT_INSTALLED,
+      import_types14.WalletErrorCode.CONNECTION_REJECTED,
+      import_types14.WalletErrorCode.CONNECTION_FAILED,
+      import_types14.WalletErrorCode.NOT_CONNECTED
     ];
     return codes.includes(this.walletCode);
   }
@@ -7687,9 +9126,9 @@ var WalletError = class extends SIPError {
    */
   isSigningError() {
     const codes = [
-      import_types12.WalletErrorCode.SIGNING_REJECTED,
-      import_types12.WalletErrorCode.SIGNING_FAILED,
-      import_types12.WalletErrorCode.INVALID_MESSAGE
+      import_types14.WalletErrorCode.SIGNING_REJECTED,
+      import_types14.WalletErrorCode.SIGNING_FAILED,
+      import_types14.WalletErrorCode.INVALID_MESSAGE
     ];
     return codes.includes(this.walletCode);
   }
@@ -7698,10 +9137,10 @@ var WalletError = class extends SIPError {
    */
   isTransactionError() {
     const codes = [
-      import_types12.WalletErrorCode.INSUFFICIENT_FUNDS,
-      import_types12.WalletErrorCode.TRANSACTION_REJECTED,
-      import_types12.WalletErrorCode.TRANSACTION_FAILED,
-      import_types12.WalletErrorCode.INVALID_TRANSACTION
+      import_types14.WalletErrorCode.INSUFFICIENT_FUNDS,
+      import_types14.WalletErrorCode.TRANSACTION_REJECTED,
+      import_types14.WalletErrorCode.TRANSACTION_FAILED,
+      import_types14.WalletErrorCode.INVALID_TRANSACTION
     ];
     return codes.includes(this.walletCode);
   }
@@ -7710,9 +9149,9 @@ var WalletError = class extends SIPError {
    */
   isPrivacyError() {
     const codes = [
-      import_types12.WalletErrorCode.STEALTH_NOT_SUPPORTED,
-      import_types12.WalletErrorCode.VIEWING_KEY_NOT_SUPPORTED,
-      import_types12.WalletErrorCode.SHIELDED_NOT_SUPPORTED
+      import_types14.WalletErrorCode.STEALTH_NOT_SUPPORTED,
+      import_types14.WalletErrorCode.VIEWING_KEY_NOT_SUPPORTED,
+      import_types14.WalletErrorCode.SHIELDED_NOT_SUPPORTED
     ];
     return codes.includes(this.walletCode);
   }
@@ -7721,10 +9160,10 @@ var WalletError = class extends SIPError {
    */
   isUserRejection() {
     const codes = [
-      import_types12.WalletErrorCode.CONNECTION_REJECTED,
-      import_types12.WalletErrorCode.SIGNING_REJECTED,
-      import_types12.WalletErrorCode.TRANSACTION_REJECTED,
-      import_types12.WalletErrorCode.CHAIN_SWITCH_REJECTED
+      import_types14.WalletErrorCode.CONNECTION_REJECTED,
+      import_types14.WalletErrorCode.SIGNING_REJECTED,
+      import_types14.WalletErrorCode.TRANSACTION_REJECTED,
+      import_types14.WalletErrorCode.CHAIN_SWITCH_REJECTED
     ];
     return codes.includes(this.walletCode);
   }
@@ -7732,15 +9171,15 @@ var WalletError = class extends SIPError {
 function notConnectedError() {
   return new WalletError(
     "Wallet not connected. Call connect() first.",
-    import_types12.WalletErrorCode.NOT_CONNECTED
+    import_types14.WalletErrorCode.NOT_CONNECTED
   );
 }
-function featureNotSupportedError(feature, code = import_types12.WalletErrorCode.UNKNOWN) {
+function featureNotSupportedError(feature, code = import_types14.WalletErrorCode.UNKNOWN) {
   return new WalletError(`${feature} is not supported by this wallet`, code);
 }
 
 // src/wallet/base-adapter.ts
-var import_types13 = require("@sip-protocol/types");
+var import_types15 = require("@sip-protocol/types");
 var BaseWalletAdapter = class {
   _address = "";
   _publicKey = "";
@@ -7903,12 +9342,12 @@ var MockWalletAdapter = class extends BaseWalletAdapter {
     this._connectionState = "connecting";
     if (this.shouldFailConnect) {
       this.setError(
-        import_types13.WalletErrorCode.CONNECTION_FAILED,
+        import_types15.WalletErrorCode.CONNECTION_FAILED,
         "Mock connection failure"
       );
       throw new WalletError(
         "Mock connection failure",
-        import_types13.WalletErrorCode.CONNECTION_FAILED
+        import_types15.WalletErrorCode.CONNECTION_FAILED
       );
     }
     await new Promise((resolve) => setTimeout(resolve, 10));
@@ -7920,7 +9359,7 @@ var MockWalletAdapter = class extends BaseWalletAdapter {
   async signMessage(message) {
     this.requireConnected();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types13.WalletErrorCode.SIGNING_FAILED);
+      throw new WalletError("Mock signing failure", import_types15.WalletErrorCode.SIGNING_FAILED);
     }
     const mockSig = new Uint8Array(64);
     for (let i = 0; i < 64; i++) {
@@ -7935,7 +9374,7 @@ var MockWalletAdapter = class extends BaseWalletAdapter {
   async signTransaction(tx) {
     this.requireConnected();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types13.WalletErrorCode.SIGNING_FAILED);
+      throw new WalletError("Mock signing failure", import_types15.WalletErrorCode.SIGNING_FAILED);
     }
     const signature = await this.signMessage(
       new TextEncoder().encode(JSON.stringify(tx.data))
@@ -8117,7 +9556,7 @@ function isPrivateWalletAdapter(adapter) {
 }
 
 // src/wallet/solana/adapter.ts
-var import_types14 = require("@sip-protocol/types");
+var import_types16 = require("@sip-protocol/types");
 
 // src/wallet/solana/types.ts
 function getSolanaProvider(wallet = "phantom") {
@@ -8238,19 +9677,19 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
       }
       if (!this.provider) {
         this.setError(
-          import_types14.WalletErrorCode.NOT_INSTALLED,
+          import_types16.WalletErrorCode.NOT_INSTALLED,
           `${this.walletName} wallet is not installed`
         );
         throw new WalletError(
           `${this.walletName} wallet is not installed`,
-          import_types14.WalletErrorCode.NOT_INSTALLED
+          import_types16.WalletErrorCode.NOT_INSTALLED
         );
       }
       const { publicKey } = await this.provider.connect();
       if (!publicKey) {
         throw new WalletError(
           "No public key returned from wallet",
-          import_types14.WalletErrorCode.CONNECTION_FAILED
+          import_types16.WalletErrorCode.CONNECTION_FAILED
         );
       }
       this.setupEventHandlers();
@@ -8260,11 +9699,11 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       const message = error instanceof Error ? error.message : "Connection failed";
       if (message.includes("User rejected") || message.includes("rejected")) {
-        this.setError(import_types14.WalletErrorCode.CONNECTION_REJECTED, message);
-        throw new WalletError(message, import_types14.WalletErrorCode.CONNECTION_REJECTED);
+        this.setError(import_types16.WalletErrorCode.CONNECTION_REJECTED, message);
+        throw new WalletError(message, import_types16.WalletErrorCode.CONNECTION_REJECTED);
       }
-      this.setError(import_types14.WalletErrorCode.CONNECTION_FAILED, message);
-      throw error instanceof WalletError ? error : new WalletError(message, import_types14.WalletErrorCode.CONNECTION_FAILED, { cause: error });
+      this.setError(import_types16.WalletErrorCode.CONNECTION_FAILED, message);
+      throw error instanceof WalletError ? error : new WalletError(message, import_types16.WalletErrorCode.CONNECTION_FAILED, { cause: error });
     }
   }
   /**
@@ -8287,7 +9726,7 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
   async signMessage(message) {
     this.requireConnected();
     if (!this.provider) {
-      throw new WalletError("Provider not available", import_types14.WalletErrorCode.NOT_CONNECTED);
+      throw new WalletError("Provider not available", import_types16.WalletErrorCode.NOT_CONNECTED);
     }
     try {
       const { signature } = await this.provider.signMessage(message);
@@ -8298,9 +9737,9 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       const message2 = error instanceof Error ? error.message : "Signing failed";
       if (message2.includes("User rejected") || message2.includes("rejected")) {
-        throw new WalletError(message2, import_types14.WalletErrorCode.SIGNING_REJECTED);
+        throw new WalletError(message2, import_types16.WalletErrorCode.SIGNING_REJECTED);
       }
-      throw new WalletError(message2, import_types14.WalletErrorCode.SIGNING_FAILED, {
+      throw new WalletError(message2, import_types16.WalletErrorCode.SIGNING_FAILED, {
         cause: error
       });
     }
@@ -8313,7 +9752,7 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
   async signTransaction(tx) {
     this.requireConnected();
     if (!this.provider) {
-      throw new WalletError("Provider not available", import_types14.WalletErrorCode.NOT_CONNECTED);
+      throw new WalletError("Provider not available", import_types16.WalletErrorCode.NOT_CONNECTED);
     }
     try {
       const solTx = tx.data;
@@ -8332,9 +9771,9 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       const message = error instanceof Error ? error.message : "Signing failed";
       if (message.includes("User rejected") || message.includes("rejected")) {
-        throw new WalletError(message, import_types14.WalletErrorCode.SIGNING_REJECTED);
+        throw new WalletError(message, import_types16.WalletErrorCode.SIGNING_REJECTED);
       }
-      throw new WalletError(message, import_types14.WalletErrorCode.SIGNING_FAILED, {
+      throw new WalletError(message, import_types16.WalletErrorCode.SIGNING_FAILED, {
         cause: error
       });
     }
@@ -8345,7 +9784,7 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
   async signAndSendTransaction(tx) {
     this.requireConnected();
     if (!this.provider) {
-      throw new WalletError("Provider not available", import_types14.WalletErrorCode.NOT_CONNECTED);
+      throw new WalletError("Provider not available", import_types16.WalletErrorCode.NOT_CONNECTED);
     }
     try {
       const solTx = tx.data;
@@ -8360,12 +9799,12 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       const message = error instanceof Error ? error.message : "Transaction failed";
       if (message.includes("User rejected") || message.includes("rejected")) {
-        throw new WalletError(message, import_types14.WalletErrorCode.TRANSACTION_REJECTED);
+        throw new WalletError(message, import_types16.WalletErrorCode.TRANSACTION_REJECTED);
       }
       if (message.includes("insufficient") || message.includes("Insufficient")) {
-        throw new WalletError(message, import_types14.WalletErrorCode.INSUFFICIENT_FUNDS);
+        throw new WalletError(message, import_types16.WalletErrorCode.INSUFFICIENT_FUNDS);
       }
-      throw new WalletError(message, import_types14.WalletErrorCode.TRANSACTION_FAILED, {
+      throw new WalletError(message, import_types16.WalletErrorCode.TRANSACTION_FAILED, {
         cause: error
       });
     }
@@ -8378,16 +9817,16 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
   async signAllTransactions(transactions) {
     this.requireConnected();
     if (!this.provider) {
-      throw new WalletError("Provider not available", import_types14.WalletErrorCode.NOT_CONNECTED);
+      throw new WalletError("Provider not available", import_types16.WalletErrorCode.NOT_CONNECTED);
     }
     try {
       return await this.provider.signAllTransactions(transactions);
     } catch (error) {
       const message = error instanceof Error ? error.message : "Signing failed";
       if (message.includes("User rejected") || message.includes("rejected")) {
-        throw new WalletError(message, import_types14.WalletErrorCode.SIGNING_REJECTED);
+        throw new WalletError(message, import_types16.WalletErrorCode.SIGNING_REJECTED);
       }
-      throw new WalletError(message, import_types14.WalletErrorCode.SIGNING_FAILED, {
+      throw new WalletError(message, import_types16.WalletErrorCode.SIGNING_FAILED, {
         cause: error
       });
     }
@@ -8408,7 +9847,7 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       throw new WalletError(
         "Failed to get balance",
-        import_types14.WalletErrorCode.UNKNOWN,
+        import_types16.WalletErrorCode.UNKNOWN,
         { cause: error }
       );
     }
@@ -8421,7 +9860,7 @@ var SolanaWalletAdapter = class extends BaseWalletAdapter {
     if (asset.chain !== "solana") {
       throw new WalletError(
         `Asset chain ${asset.chain} not supported by Solana adapter`,
-        import_types14.WalletErrorCode.UNSUPPORTED_CHAIN
+        import_types16.WalletErrorCode.UNSUPPORTED_CHAIN
       );
     }
     if (!asset.address) {
@@ -8539,7 +9978,7 @@ function createSolanaAdapter(config = {}) {
 }
 
 // src/wallet/solana/mock.ts
-var import_types16 = require("@sip-protocol/types");
+var import_types18 = require("@sip-protocol/types");
 var MockPublicKey = class {
   base58;
   bytes;
@@ -8605,8 +10044,8 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     this._connectionState = "connecting";
     await this.simulateLatency();
     if (this.shouldFailConnect) {
-      this.setError(import_types16.WalletErrorCode.CONNECTION_FAILED, "Mock connection failure");
-      throw new WalletError("Mock connection failure", import_types16.WalletErrorCode.CONNECTION_FAILED);
+      this.setError(import_types18.WalletErrorCode.CONNECTION_FAILED, "Mock connection failure");
+      throw new WalletError("Mock connection failure", import_types18.WalletErrorCode.CONNECTION_FAILED);
     }
     const hexPubKey = "0x" + Buffer.from(this.mockPublicKey.toBytes()).toString("hex");
     this.setConnected(this.mockAddress, hexPubKey);
@@ -8625,7 +10064,7 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     this.requireConnected();
     await this.simulateLatency();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types16.WalletErrorCode.SIGNING_REJECTED);
+      throw new WalletError("Mock signing failure", import_types18.WalletErrorCode.SIGNING_REJECTED);
     }
     const mockSig = new Uint8Array(64);
     for (let i = 0; i < 64; i++) {
@@ -8643,7 +10082,7 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     this.requireConnected();
     await this.simulateLatency();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types16.WalletErrorCode.SIGNING_REJECTED);
+      throw new WalletError("Mock signing failure", import_types18.WalletErrorCode.SIGNING_REJECTED);
     }
     const solTx = tx.data;
     this.signedTransactions.push(solTx);
@@ -8663,10 +10102,10 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     this.requireConnected();
     await this.simulateLatency();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types16.WalletErrorCode.SIGNING_REJECTED);
+      throw new WalletError("Mock signing failure", import_types18.WalletErrorCode.SIGNING_REJECTED);
     }
     if (this.shouldFailTransaction) {
-      throw new WalletError("Mock transaction failure", import_types16.WalletErrorCode.TRANSACTION_FAILED);
+      throw new WalletError("Mock transaction failure", import_types18.WalletErrorCode.TRANSACTION_FAILED);
     }
     const txSig = `mock_tx_${Date.now()}_${Math.random().toString(36).slice(2)}`;
     this.sentTransactions.push(txSig);
@@ -8686,7 +10125,7 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     this.requireConnected();
     await this.simulateLatency();
     if (this.shouldFailSign) {
-      throw new WalletError("Mock signing failure", import_types16.WalletErrorCode.SIGNING_REJECTED);
+      throw new WalletError("Mock signing failure", import_types18.WalletErrorCode.SIGNING_REJECTED);
     }
     this.signedTransactions.push(...transactions);
     return transactions.map((tx) => {
@@ -8713,7 +10152,7 @@ var MockSolanaAdapter = class extends BaseWalletAdapter {
     if (asset.chain !== "solana") {
       throw new WalletError(
         `Asset chain ${asset.chain} not supported by Solana adapter`,
-        import_types16.WalletErrorCode.UNSUPPORTED_CHAIN
+        import_types18.WalletErrorCode.UNSUPPORTED_CHAIN
       );
     }
     if (!asset.address) {
@@ -8882,7 +10321,7 @@ function createMockSolanaAdapter(config = {}) {
 }
 
 // src/wallet/ethereum/adapter.ts
-var import_types18 = require("@sip-protocol/types");
+var import_types20 = require("@sip-protocol/types");
 
 // src/wallet/ethereum/types.ts
 var EthereumChainId = {
@@ -9024,7 +10463,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
         this._connectionState = "error";
         throw new WalletError(
           `${this.walletType} wallet not found. Please install the extension.`,
-          import_types18.WalletErrorCode.NOT_INSTALLED
+          import_types20.WalletErrorCode.NOT_INSTALLED
         );
       }
       const accounts = await this.provider.request({
@@ -9034,7 +10473,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
         this._connectionState = "error";
         throw new WalletError(
           "No accounts returned from wallet",
-          import_types18.WalletErrorCode.CONNECTION_REJECTED
+          import_types20.WalletErrorCode.CONNECTION_REJECTED
         );
       }
       const address = normalizeAddress(accounts[0]);
@@ -9054,12 +10493,12 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected connection request",
-          import_types18.WalletErrorCode.CONNECTION_REJECTED
+          import_types20.WalletErrorCode.CONNECTION_REJECTED
         );
       }
       throw new WalletError(
         `Failed to connect: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.CONNECTION_FAILED
+        import_types20.WalletErrorCode.CONNECTION_FAILED
       );
     }
   }
@@ -9079,7 +10518,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (!this.provider) {
       throw new WalletError(
         "Provider not available",
-        import_types18.WalletErrorCode.NOT_CONNECTED
+        import_types20.WalletErrorCode.NOT_CONNECTED
       );
     }
     try {
@@ -9097,12 +10536,12 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected signing request",
-          import_types18.WalletErrorCode.SIGNING_REJECTED
+          import_types20.WalletErrorCode.SIGNING_REJECTED
         );
       }
       throw new WalletError(
         `Failed to sign message: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.SIGNING_FAILED
+        import_types20.WalletErrorCode.SIGNING_FAILED
       );
     }
   }
@@ -9114,7 +10553,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (!this.provider) {
       throw new WalletError(
         "Provider not available",
-        import_types18.WalletErrorCode.NOT_CONNECTED
+        import_types20.WalletErrorCode.NOT_CONNECTED
       );
     }
     try {
@@ -9131,12 +10570,12 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected signing request",
-          import_types18.WalletErrorCode.SIGNING_REJECTED
+          import_types20.WalletErrorCode.SIGNING_REJECTED
         );
       }
       throw new WalletError(
         `Failed to sign typed data: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.SIGNING_FAILED
+        import_types20.WalletErrorCode.SIGNING_FAILED
       );
     }
   }
@@ -9148,7 +10587,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (!this.provider) {
       throw new WalletError(
         "Provider not available",
-        import_types18.WalletErrorCode.NOT_CONNECTED
+        import_types20.WalletErrorCode.NOT_CONNECTED
       );
     }
     try {
@@ -9176,7 +10615,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected transaction signing",
-          import_types18.WalletErrorCode.SIGNING_REJECTED
+          import_types20.WalletErrorCode.SIGNING_REJECTED
         );
       }
       if (rpcError.code === -32601 || rpcError.message?.includes("not supported")) {
@@ -9194,7 +10633,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       }
       throw new WalletError(
         `Failed to sign transaction: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.TRANSACTION_FAILED
+        import_types20.WalletErrorCode.TRANSACTION_FAILED
       );
     }
   }
@@ -9206,7 +10645,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (!this.provider) {
       throw new WalletError(
         "Provider not available",
-        import_types18.WalletErrorCode.NOT_CONNECTED
+        import_types20.WalletErrorCode.NOT_CONNECTED
       );
     }
     try {
@@ -9228,12 +10667,12 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected transaction",
-          import_types18.WalletErrorCode.TRANSACTION_REJECTED
+          import_types20.WalletErrorCode.TRANSACTION_REJECTED
         );
       }
       throw new WalletError(
         `Failed to send transaction: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.TRANSACTION_FAILED
+        import_types20.WalletErrorCode.TRANSACTION_FAILED
       );
     }
   }
@@ -9268,7 +10707,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       throw new WalletError(
         `Failed to fetch balance: ${String(error)}`,
-        import_types18.WalletErrorCode.UNKNOWN
+        import_types20.WalletErrorCode.UNKNOWN
       );
     }
   }
@@ -9280,7 +10719,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (asset.chain !== "ethereum") {
       throw new WalletError(
         `Asset chain ${asset.chain} not supported by Ethereum adapter`,
-        import_types18.WalletErrorCode.UNSUPPORTED_CHAIN
+        import_types20.WalletErrorCode.UNSUPPORTED_CHAIN
       );
     }
     if (!asset.address) {
@@ -9305,7 +10744,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     } catch (error) {
       throw new WalletError(
         `Failed to fetch token balance: ${String(error)}`,
-        import_types18.WalletErrorCode.UNKNOWN
+        import_types20.WalletErrorCode.UNKNOWN
       );
     }
   }
@@ -9317,7 +10756,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     if (!this.provider) {
       throw new WalletError(
         "Provider not available",
-        import_types18.WalletErrorCode.NOT_CONNECTED
+        import_types20.WalletErrorCode.NOT_CONNECTED
       );
     }
     try {
@@ -9332,18 +10771,18 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
       if (rpcError.code === 4001) {
         throw new WalletError(
           "User rejected chain switch",
-          import_types18.WalletErrorCode.CHAIN_SWITCH_REJECTED
+          import_types20.WalletErrorCode.CHAIN_SWITCH_REJECTED
         );
       }
       if (rpcError.code === 4902) {
         throw new WalletError(
           `Chain ${chainId} not added to wallet`,
-          import_types18.WalletErrorCode.UNSUPPORTED_CHAIN
+          import_types20.WalletErrorCode.UNSUPPORTED_CHAIN
         );
       }
       throw new WalletError(
         `Failed to switch chain: ${rpcError.message || String(error)}`,
-        import_types18.WalletErrorCode.CHAIN_SWITCH_FAILED
+        import_types20.WalletErrorCode.CHAIN_SWITCH_FAILED
       );
     }
   }
@@ -9379,7 +10818,7 @@ var EthereumWalletAdapter = class extends BaseWalletAdapter {
     }
     throw new WalletError(
       `Transaction ${txHash} not confirmed after ${maxAttempts * 5} seconds`,
-      import_types18.WalletErrorCode.TRANSACTION_FAILED
+      import_types20.WalletErrorCode.TRANSACTION_FAILED
     );
   }
   /**
@@ -9453,7 +10892,7 @@ function createEthereumAdapter(config) {
 }
 
 // src/wallet/ethereum/mock.ts
-var import_types20 = require("@sip-protocol/types");
+var import_types22 = require("@sip-protocol/types");
 var MockEthereumAdapter = class extends BaseWalletAdapter {
   chain = "ethereum";
   name = "mock-ethereum";
@@ -9494,7 +10933,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
         this._connectionState = "error";
         throw new WalletError(
           "Mock connection rejected",
-          import_types20.WalletErrorCode.CONNECTION_REJECTED
+          import_types22.WalletErrorCode.CONNECTION_REJECTED
         );
       }
       await new Promise((resolve) => setTimeout(resolve, 10));
@@ -9506,7 +10945,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
       this._connectionState = "error";
       throw new WalletError(
         `Mock connection failed: ${String(error)}`,
-        import_types20.WalletErrorCode.CONNECTION_FAILED
+        import_types22.WalletErrorCode.CONNECTION_FAILED
       );
     }
   }
@@ -9524,7 +10963,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
     if (this._shouldFailSign) {
       throw new WalletError(
         "Mock signing rejected",
-        import_types20.WalletErrorCode.SIGNING_REJECTED
+        import_types22.WalletErrorCode.SIGNING_REJECTED
       );
     }
     const msgHex = Buffer.from(message).toString("hex");
@@ -9542,7 +10981,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
     if (this._shouldFailSign) {
       throw new WalletError(
         "Mock signing rejected",
-        import_types20.WalletErrorCode.SIGNING_REJECTED
+        import_types22.WalletErrorCode.SIGNING_REJECTED
       );
     }
     const mockSig = `0x${"1".repeat(130)}`;
@@ -9559,7 +10998,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
     if (this._shouldFailSign) {
       throw new WalletError(
         "Mock signing rejected",
-        import_types20.WalletErrorCode.SIGNING_REJECTED
+        import_types22.WalletErrorCode.SIGNING_REJECTED
       );
     }
     this._signedTransactions.push(tx);
@@ -9584,7 +11023,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
     if (this._shouldFailTransaction) {
       throw new WalletError(
         "Mock transaction failed",
-        import_types20.WalletErrorCode.TRANSACTION_FAILED
+        import_types22.WalletErrorCode.TRANSACTION_FAILED
       );
     }
     this._signedTransactions.push(tx);
@@ -9614,7 +11053,7 @@ var MockEthereumAdapter = class extends BaseWalletAdapter {
     if (asset.chain !== "ethereum") {
       throw new WalletError(
         `Asset chain ${asset.chain} not supported by Ethereum adapter`,
-        import_types20.WalletErrorCode.UNSUPPORTED_CHAIN
+        import_types22.WalletErrorCode.UNSUPPORTED_CHAIN
       );
     }
     if (!asset.address) {
@@ -9893,7 +11332,7 @@ function getAvailableTransports() {
 }
 
 // src/wallet/hardware/ledger.ts
-var import_types23 = require("@sip-protocol/types");
+var import_types25 = require("@sip-protocol/types");
 var LedgerWalletAdapter = class extends BaseWalletAdapter {
   chain;
   name = "ledger";
@@ -10046,7 +11485,7 @@ var LedgerWalletAdapter = class extends BaseWalletAdapter {
   async getBalance() {
     throw new WalletError(
       "Hardware wallets do not track balances. Use an RPC provider.",
-      import_types23.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types25.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   /**
@@ -10057,7 +11496,7 @@ var LedgerWalletAdapter = class extends BaseWalletAdapter {
   async getTokenBalance(_asset) {
     throw new WalletError(
       "Hardware wallets do not track balances. Use an RPC provider.",
-      import_types23.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types25.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   // ─── Account Management ─────────────────────────────────────────────────────
@@ -10345,7 +11784,7 @@ function createLedgerAdapter(config) {
 }
 
 // src/wallet/hardware/trezor.ts
-var import_types25 = require("@sip-protocol/types");
+var import_types27 = require("@sip-protocol/types");
 var TrezorWalletAdapter = class extends BaseWalletAdapter {
   chain;
   name = "trezor";
@@ -10491,7 +11930,7 @@ var TrezorWalletAdapter = class extends BaseWalletAdapter {
   async getBalance() {
     throw new WalletError(
       "Hardware wallets do not track balances. Use an RPC provider.",
-      import_types25.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   /**
@@ -10502,7 +11941,7 @@ var TrezorWalletAdapter = class extends BaseWalletAdapter {
   async getTokenBalance(_asset) {
     throw new WalletError(
       "Hardware wallets do not track balances. Use an RPC provider.",
-      import_types25.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   // ─── Account Management ─────────────────────────────────────────────────────
@@ -10783,8 +12222,8 @@ function createTrezorAdapter(config) {
 }
 
 // src/wallet/hardware/mock.ts
-var import_types27 = require("@sip-protocol/types");
-var import_utils12 = require("@noble/hashes/utils");
+var import_types29 = require("@sip-protocol/types");
+var import_utils14 = require("@noble/hashes/utils");
 var MockLedgerAdapter = class extends BaseWalletAdapter {
   chain;
   name = "mock-ledger";
@@ -10931,7 +12370,7 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
   async getBalance() {
     throw new WalletError(
       "Hardware wallets do not track balances",
-      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types29.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   /**
@@ -10940,7 +12379,7 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
   async getTokenBalance(_asset) {
     throw new WalletError(
       "Hardware wallets do not track balances",
-      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types29.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   /**
@@ -11029,15 +12468,15 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils12.randomBytes)(20);
+    const bytes = (0, import_utils14.randomBytes)(20);
     bytes[0] = index;
-    return `0x${(0, import_utils12.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils14.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils12.randomBytes)(33);
+    const bytes = (0, import_utils14.randomBytes)(33);
     bytes[0] = 2;
     bytes[1] = index;
-    return `0x${(0, import_utils12.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils14.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -11046,7 +12485,7 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 11;
     }
     sig[64] = 27;
-    return `0x${(0, import_utils12.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils14.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -11170,13 +12609,13 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
   async getBalance() {
     throw new WalletError(
       "Hardware wallets do not track balances",
-      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types29.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   async getTokenBalance(_asset) {
     throw new WalletError(
       "Hardware wallets do not track balances",
-      import_types27.WalletErrorCode.UNSUPPORTED_OPERATION
+      import_types29.WalletErrorCode.UNSUPPORTED_OPERATION
     );
   }
   async getAccounts(startIndex = 0, count = 5) {
@@ -11235,15 +12674,15 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils12.randomBytes)(20);
+    const bytes = (0, import_utils14.randomBytes)(20);
     bytes[0] = index + 100;
-    return `0x${(0, import_utils12.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils14.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils12.randomBytes)(33);
+    const bytes = (0, import_utils14.randomBytes)(33);
     bytes[0] = 3;
     bytes[1] = index + 100;
-    return `0x${(0, import_utils12.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils14.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -11252,7 +12691,7 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 17;
     }
     sig[64] = 28;
-    return `0x${(0, import_utils12.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils14.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -11266,12 +12705,17 @@ function createMockTrezorAdapter(config) {
 }
 
 // src/wallet/index.ts
-var import_types30 = require("@sip-protocol/types");
+var import_types32 = require("@sip-protocol/types");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  ATTESTATION_VERSION,
   BaseWalletAdapter,
+  BrowserNoirProvider,
+  CHAIN_NUMERIC_IDS,
   ComplianceManager,
   CryptoError,
+  DEFAULT_THRESHOLD,
+  DEFAULT_TOTAL_ORACLES,
   DerivationPath,
   EncryptionNotImplementedError,
   ErrorCode,
@@ -11294,6 +12738,7 @@ var import_types30 = require("@sip-protocol/types");
   NEARIntentsAdapter,
   NetworkError,
   NoirProofProvider,
+  ORACLE_DOMAIN,
   OneClickClient,
   OneClickDepositMode,
   OneClickErrorCode,
@@ -11325,11 +12770,16 @@ var import_types30 = require("@sip-protocol/types");
   ZcashShieldedService,
   addBlindings,
   addCommitments,
+  addOracle,
   attachProofs,
   base58ToHex,
+  browserBytesToHex,
+  browserHexToBytes,
+  checkEd25519StealthAddress,
   checkStealthAddress,
   commit,
   commitZero,
+  computeAttestationHash,
   createCommitment,
   createEthereumAdapter,
   createLedgerAdapter,
@@ -11342,6 +12792,7 @@ var import_types30 = require("@sip-protocol/types");
   createMockSolver,
   createMockTrezorAdapter,
   createNEARIntentsAdapter,
+  createOracleRegistry,
   createProductionSIP,
   createSIP,
   createShieldedIntent,
@@ -11354,12 +12805,17 @@ var import_types30 = require("@sip-protocol/types");
   decodeStealthMetaAddress,
   decryptMemo,
   decryptWithViewing,
+  deriveEd25519StealthPrivateKey,
+  deriveOracleId,
   deriveStealthPrivateKey,
   deriveViewingKey,
+  deserializeAttestationMessage,
   deserializeIntent,
   deserializePayment,
   detectEthereumWallets,
   detectSolanaWallets,
+  ed25519PublicKeyToNearAddress,
+  ed25519PublicKeyToSolanaAddress,
   encodeStealthMetaAddress,
   encryptForViewing,
   featureNotSupportedError,
@@ -11367,13 +12823,19 @@ var import_types30 = require("@sip-protocol/types");
   fromHex,
   fromStablecoinUnits,
   generateBlinding,
+  generateEd25519StealthAddress,
+  generateEd25519StealthMetaAddress,
   generateIntentId,
   generateRandomBytes,
   generateStealthAddress,
   generateStealthMetaAddress,
   generateViewingKey,
+  getActiveOracles,
   getAvailableTransports,
+  getBrowserInfo,
+  getChainNumericId,
   getChainsForStablecoin,
+  getCurveForChain,
   getDefaultRpcEndpoint,
   getDerivationPath,
   getErrorMessage,
@@ -11390,10 +12852,13 @@ var import_types30 = require("@sip-protocol/types");
   getStablecoinsForChain,
   getSupportedStablecoins,
   getTimeRemaining,
+  hasEnoughOracles,
   hasErrorCode,
   hasRequiredProofs,
   hash,
   hexToNumber,
+  isBrowser,
+  isEd25519Chain,
   isExpired,
   isNonNegativeAmount,
   isPaymentExpired,
@@ -11405,40 +12870,54 @@ var import_types30 = require("@sip-protocol/types");
   isValidAmount,
   isValidChainId,
   isValidCompressedPublicKey,
+  isValidEd25519PublicKey,
   isValidHex,
   isValidHexLength,
+  isValidNearAccountId,
+  isValidNearImplicitAddress,
   isValidPrivacyLevel,
   isValidPrivateKey,
   isValidScalar,
   isValidSlippage,
+  isValidSolanaAddress,
   isValidStealthMetaAddress,
+  nearAddressToEd25519PublicKey,
   normalizeAddress,
   notConnectedError,
   publicKeyToEthAddress,
   registerWallet,
+  removeOracle,
   secureWipe,
   secureWipeAll,
+  serializeAttestationMessage,
   serializeIntent,
   serializePayment,
+  signAttestationMessage,
+  solanaAddressToEd25519PublicKey,
   solanaPublicKeyToHex,
   subtractBlindings,
   subtractCommitments,
+  supportsSharedArrayBuffer,
   supportsViewingKey,
   supportsWebBluetooth,
   supportsWebHID,
   supportsWebUSB,
+  supportsWebWorkers,
   toHex,
   toStablecoinUnits,
   trackIntent,
   trackPayment,
+  updateOracleStatus,
   validateAsset,
   validateCreateIntentParams,
   validateIntentInput,
   validateIntentOutput,
   validateScalar,
   validateViewingKey,
+  verifyAttestation,
   verifyCommitment,
   verifyOpening,
+  verifyOracleSignature,
   walletRegistry,
   withSecureBuffer,
   withSecureBufferSync,