@sip-protocol/sdk 0.4.0 → 0.5.1

package/dist/browser.js

@@ -32,11 +32,15 @@ var browser_exports = {};
 __export(browser_exports, {
   ATTESTATION_VERSION: () => ATTESTATION_VERSION,
   AptosStealthService: () => AptosStealthService,
+  AuditorKeyDerivation: () => AuditorKeyDerivation,
+  AuditorType: () => AuditorType,
   BaseWalletAdapter: () => BaseWalletAdapter,
   BrowserNoirProvider: () => BrowserNoirProvider,
   CHAIN_NUMERIC_IDS: () => CHAIN_NUMERIC_IDS,
   COSMOS_CHAIN_PREFIXES: () => CHAIN_PREFIXES,
   ComplianceManager: () => ComplianceManager,
+  ComplianceReporter: () => ComplianceReporter,
+  ConditionalDisclosure: () => ConditionalDisclosure,
   CosmosStealthService: () => CosmosStealthService,
   CryptoError: () => CryptoError,
   DEFAULT_THRESHOLD: () => DEFAULT_THRESHOLD,
@@ -89,6 +93,7 @@ __export(browser_exports, {
   SmartRouter: () => SmartRouter,
   SolanaWalletAdapter: () => SolanaWalletAdapter,
   SwapStatus: () => SwapStatus,
+  ThresholdViewingKey: () => ThresholdViewingKey,
   Treasury: () => Treasury,
   TrezorWalletAdapter: () => TrezorWalletAdapter,
   ValidationError: () => ValidationError,
@@ -177,6 +182,7 @@ __export(browser_exports, {
   generateEd25519StealthAddress: () => generateEd25519StealthAddress,
   generateEd25519StealthMetaAddress: () => generateEd25519StealthMetaAddress,
   generateIntentId: () => generateIntentId,
+  generatePdfReport: () => generatePdfReport,
   generateRandomBytes: () => generateRandomBytes,
   generateStealthAddress: () => generateStealthAddress,
   generateStealthMetaAddress: () => generateStealthMetaAddress,
@@ -316,6 +322,14 @@ var ErrorCode = /* @__PURE__ */ ((ErrorCode2) => {
   ErrorCode2["SIGNATURE_FAILED"] = "SIP_3005";
   ErrorCode2["INVALID_CURVE_POINT"] = "SIP_3006";
   ErrorCode2["INVALID_SCALAR"] = "SIP_3007";
+  ErrorCode2["INVALID_KEY_SIZE"] = "SIP_3008";
+  ErrorCode2["INVALID_ENCRYPTED_DATA"] = "SIP_3009";
+  ErrorCode2["INVALID_COMMITMENT"] = "SIP_3010";
+  ErrorCode2["INVALID_TIME_LOCK"] = "SIP_3011";
+  ErrorCode2["INVALID_SHARE"] = "SIP_3012";
+  ErrorCode2["INVALID_THRESHOLD"] = "SIP_3013";
+  ErrorCode2["CRYPTO_OPERATION_FAILED"] = "SIP_3014";
+  ErrorCode2["INVALID_FORMAT"] = "SIP_3015";
   ErrorCode2["PROOF_FAILED"] = "SIP_4000";
   ErrorCode2["PROOF_GENERATION_FAILED"] = "SIP_4001";
   ErrorCode2["PROOF_VERIFICATION_FAILED"] = "SIP_4002";
@@ -9239,6 +9253,79 @@ var ComplianceManager = class _ComplianceManager {
   getAllReports() {
     return Array.from(this.reports.values());
   }
+  // ─── Dashboard Data API ──────────────────────────────────────────────────────
+  /**
+   * Get list of auditors for dashboard UI
+   *
+   * Returns a simplified view of auditors with essential info.
+   * Alias for getAllAuditors() but returns AuditorRegistration directly.
+   *
+   * @returns Array of auditor registrations
+   */
+  getAuditorList() {
+    return this.getAllAuditors();
+  }
+  /**
+   * Get pending disclosure requests for dashboard
+   *
+   * Returns disclosure requests waiting for approval/denial.
+   * This is for disclosure REQUESTS, not disclosed transactions.
+   *
+   * @returns Array of pending disclosure requests
+   */
+  getPendingDisclosures() {
+    return this.getPendingRequests();
+  }
+  /**
+   * Get disclosure history for a specific auditor
+   *
+   * Returns all disclosed transactions that were shared with this auditor,
+   * sorted by disclosure date (most recent first).
+   *
+   * @param auditorId - Auditor ID to get history for
+   * @returns Array of disclosed transactions for this auditor
+   */
+  getDisclosureHistory(auditorId) {
+    return this.getDisclosedTransactions(auditorId).sort((a, b) => b.disclosedAt - a.disclosedAt);
+  }
+  /**
+   * Get compliance metrics for dashboard
+   *
+   * Calculates key compliance metrics including:
+   * - Total auditors (active + inactive)
+   * - Total disclosures made
+   * - Pending disclosure requests
+   * - Approval rate (approved / total resolved requests)
+   * - Average processing time for disclosure requests
+   *
+   * @returns Compliance metrics object
+   */
+  getComplianceMetrics() {
+    const allAuditors = this.getAllAuditors();
+    const allDisclosures = this.getDisclosedTransactions();
+    const pendingRequests = this.getPendingRequests();
+    const allRequests = Array.from(this.disclosureRequests.values());
+    const resolvedRequests = allRequests.filter((r) => r.status !== "pending");
+    const approvedRequests = resolvedRequests.filter((r) => r.status === "approved");
+    const approvalRate = resolvedRequests.length > 0 ? approvedRequests.length / resolvedRequests.length : 0;
+    let averageProcessingTime;
+    if (resolvedRequests.length > 0) {
+      const totalProcessingTime = resolvedRequests.reduce((sum, req) => {
+        if (req.resolvedAt) {
+          return sum + (req.resolvedAt - req.requestedAt);
+        }
+        return sum;
+      }, 0);
+      averageProcessingTime = totalProcessingTime / resolvedRequests.length;
+    }
+    return {
+      totalAuditors: allAuditors.length,
+      totalDisclosures: allDisclosures.length,
+      pendingDisclosures: pendingRequests.length,
+      approvalRate,
+      averageProcessingTime
+    };
+  }
   // ─── Audit Log ───────────────────────────────────────────────────────────────
   /**
    * Get audit log entries
@@ -9437,147 +9524,1767 @@ var ComplianceManager = class _ComplianceManager {
         highRisk,
         flaggedTransactions: flagged
       }
-    };
-    if (includeTransactions) {
-      data.transactions = transactions;
+    };
+    if (includeTransactions) {
+      data.transactions = transactions;
+    }
+    return data;
+  }
+  generateCSV(transactions) {
+    const headers = [
+      "Transaction ID",
+      "Disclosure ID",
+      "Type",
+      "Direction",
+      "Token",
+      "Amount",
+      "Sender",
+      "Recipient",
+      "Chain",
+      "Privacy Level",
+      "Timestamp",
+      "TX Hash",
+      "Block",
+      "Risk Score",
+      "Purpose",
+      "Memo"
+    ];
+    const rows = transactions.map((tx) => [
+      tx.transactionId,
+      tx.disclosureId,
+      tx.type,
+      tx.direction,
+      tx.token.symbol,
+      tx.amount.toString(),
+      tx.sender,
+      tx.recipient,
+      tx.chain,
+      tx.privacyLevel,
+      new Date(tx.timestamp * 1e3).toISOString(),
+      tx.txHash,
+      tx.blockNumber.toString(),
+      tx.riskScore?.toString() ?? "",
+      tx.purpose ?? "",
+      tx.memo ?? ""
+    ]);
+    const escapeForCSV = (val) => {
+      let escaped = val;
+      if (/^[=+\-@|\t]/.test(escaped)) {
+        escaped = `'${escaped}`;
+      }
+      return `"${escaped.replace(/"/g, '""')}"`;
+    };
+    const csvRows = [headers, ...rows].map((row) => row.map(escapeForCSV).join(","));
+    return csvRows.join("\n");
+  }
+};
+function generateId(prefix) {
+  return `${prefix}_${(0, import_utils20.bytesToHex)((0, import_utils20.randomBytes)(12))}`;
+}
+function validateRegisterAuditorParams(params) {
+  if (!params.organization?.trim()) {
+    throw new ValidationError(
+      "organization is required",
+      "organization",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.contactName?.trim()) {
+    throw new ValidationError(
+      "contact name is required",
+      "contactName",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.contactEmail?.trim()) {
+    throw new ValidationError(
+      "contact email is required",
+      "contactEmail",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.publicKey?.trim()) {
+    throw new ValidationError(
+      "public key is required",
+      "publicKey",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.scope) {
+    throw new ValidationError(
+      "audit scope is required",
+      "scope",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+}
+function validateReportParams(params) {
+  if (!params.title?.trim()) {
+    throw new ValidationError(
+      "report title is required",
+      "title",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.type) {
+    throw new ValidationError(
+      "report type is required",
+      "type",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (!params.format) {
+    throw new ValidationError(
+      "report format is required",
+      "format",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (params.startDate === void 0 || params.startDate === null || params.endDate === void 0 || params.endDate === null) {
+    throw new ValidationError(
+      "date range is required",
+      "dateRange",
+      void 0,
+      "SIP_2008" /* MISSING_REQUIRED */
+    );
+  }
+  if (params.startDate >= params.endDate) {
+    throw new ValidationError(
+      "start date must be before end date",
+      "dateRange",
+      void 0,
+      "SIP_2001" /* INVALID_INPUT */
+    );
+  }
+}
+
+// src/compliance/reports.ts
+var import_sha25615 = require("@noble/hashes/sha256");
+var import_utils21 = require("@noble/hashes/utils");
+
+// src/compliance/pdf.ts
+function generatePdfReport(report, options = {}) {
+  const {
+    title = "SIP Protocol Audit Report",
+    organization = "",
+    includeTransactions = true,
+    maxTransactions = 100
+  } = options;
+  const content = buildPdfContent(report, {
+    title,
+    organization,
+    includeTransactions,
+    maxTransactions
+  });
+  return generatePdfBinary(content, title);
+}
+function buildPdfContent(report, options) {
+  const lines = [];
+  lines.push(options.title);
+  if (options.organization && options.organization.trim() !== "") {
+    lines.push(`Organization: ${options.organization}`);
+  }
+  lines.push(`Report ID: ${report.reportId}`);
+  lines.push(
+    `Generated: ${report.generatedAt.toISOString().replace("T", " ").slice(0, 19)} UTC`
+  );
+  lines.push("");
+  lines.push("Report Period");
+  lines.push(`  Start: ${formatDate(report.period.start)}`);
+  lines.push(`  End:   ${formatDate(report.period.end)}`);
+  lines.push("");
+  lines.push("Summary Statistics");
+  lines.push(`  Total Transactions: ${report.summary.transactionCount}`);
+  lines.push(
+    `  Total Volume: ${formatBigInt(report.summary.totalVolume)}`
+  );
+  lines.push(
+    `  Unique Counterparties: ${report.summary.uniqueCounterparties}`
+  );
+  lines.push("");
+  if (options.includeTransactions && report.transactions.length > 0) {
+    lines.push("Transaction Details");
+    lines.push("");
+    const txToShow = Math.min(
+      report.transactions.length,
+      options.maxTransactions
+    );
+    for (let i = 0; i < txToShow; i++) {
+      const tx = report.transactions[i];
+      lines.push(`Transaction ${i + 1}/${report.transactions.length}`);
+      lines.push(`  ID: ${tx.id}`);
+      lines.push(`  Sender: ${truncateAddress(tx.sender)}`);
+      lines.push(`  Recipient: ${truncateAddress(tx.recipient)}`);
+      lines.push(`  Amount: ${formatAmount(tx.amount)}`);
+      lines.push(
+        `  Timestamp: ${formatTimestamp(tx.timestamp)}`
+      );
+      if (tx.txHash) {
+        lines.push(`  Tx Hash: ${truncateHash(tx.txHash)}`);
+      }
+      if (tx.metadata && Object.keys(tx.metadata).length > 0) {
+        lines.push(`  Metadata: ${JSON.stringify(tx.metadata)}`);
+      }
+      lines.push("");
+    }
+    if (report.transactions.length > options.maxTransactions) {
+      lines.push(
+        `... and ${report.transactions.length - options.maxTransactions} more transactions`
+      );
+      lines.push("");
+    }
+  }
+  lines.push("---");
+  lines.push(
+    "This report was generated by SIP Protocol compliance tools."
+  );
+  lines.push("For verification, please contact your compliance officer.");
+  return lines.join("\n");
+}
+function generatePdfBinary(content, title) {
+  const objects = [];
+  objects.push(
+    "1 0 obj\n<< /Type /Catalog /Pages 2 0 R >>\nendobj"
+  );
+  objects.push(
+    "2 0 obj\n<< /Type /Pages /Kids [3 0 R] /Count 1 >>\nendobj"
+  );
+  objects.push(
+    "3 0 obj\n<< /Type /Page /Parent 2 0 R /Resources 4 0 R /MediaBox [0 0 612 792] /Contents 5 0 R >>\nendobj"
+  );
+  objects.push(
+    "4 0 obj\n<< /Font << /F1 << /Type /Font /Subtype /Type1 /BaseFont /Courier >> >> >>\nendobj"
+  );
+  const contentStream = buildContentStream(content);
+  objects.push(
+    `5 0 obj
+<< /Length ${contentStream.length} >>
+stream
+${contentStream}
+endstream
+endobj`
+  );
+  const now = /* @__PURE__ */ new Date();
+  const pdfDate = formatPdfDate(now);
+  objects.push(
+    `6 0 obj
+<< /Title (${title}) /Author (SIP Protocol) /Creator (SIP SDK) /CreationDate (${pdfDate}) >>
+endobj`
+  );
+  const pdfParts = [];
+  pdfParts.push("%PDF-1.4\n%\xE2\xE3\xCF\xD3\n");
+  const xrefOffsets = [0];
+  let currentOffset = pdfParts.join("").length;
+  for (const obj of objects) {
+    xrefOffsets.push(currentOffset);
+    pdfParts.push(obj + "\n");
+    currentOffset = pdfParts.join("").length;
+  }
+  const xrefStart = currentOffset;
+  pdfParts.push("xref\n");
+  pdfParts.push(`0 ${xrefOffsets.length}
+`);
+  for (let i = 0; i < xrefOffsets.length; i++) {
+    if (i === 0) {
+      pdfParts.push("0000000000 65535 f \n");
+    } else {
+      const offset = String(xrefOffsets[i]).padStart(10, "0");
+      pdfParts.push(`${offset} 00000 n 
+`);
+    }
+  }
+  pdfParts.push("trailer\n");
+  pdfParts.push(
+    `<< /Size ${xrefOffsets.length} /Root 1 0 R /Info 6 0 R >>
+`
+  );
+  pdfParts.push("startxref\n");
+  pdfParts.push(`${xrefStart}
+`);
+  pdfParts.push("%%EOF");
+  const pdfString = pdfParts.join("");
+  const encoder = new TextEncoder();
+  return encoder.encode(pdfString);
+}
+function buildContentStream(text) {
+  const lines = text.split("\n");
+  const commands = [];
+  commands.push("BT");
+  commands.push("/F1 10 Tf");
+  commands.push("12 TL");
+  let y = 742;
+  for (const line of lines) {
+    commands.push(`50 ${y} Td`);
+    const escaped = escapePdfString(line);
+    commands.push(`(${escaped}) Tj`);
+    y -= 12;
+    if (y < 50) {
+      break;
+    }
+  }
+  commands.push("ET");
+  return commands.join("\n");
+}
+function escapePdfString(str) {
+  return str.replace(/\\/g, "\\\\").replace(/\(/g, "\\(").replace(/\)/g, "\\)").replace(/\r/g, "\\r").replace(/\n/g, "\\n");
+}
+function formatPdfDate(date) {
+  const year = date.getUTCFullYear();
+  const month = String(date.getUTCMonth() + 1).padStart(2, "0");
+  const day = String(date.getUTCDate()).padStart(2, "0");
+  const hour = String(date.getUTCHours()).padStart(2, "0");
+  const minute = String(date.getUTCMinutes()).padStart(2, "0");
+  const second = String(date.getUTCSeconds()).padStart(2, "0");
+  return `D:${year}${month}${day}${hour}${minute}${second}Z`;
+}
+function formatDate(date) {
+  return date.toISOString().split("T")[0];
+}
+function formatBigInt(value) {
+  return value.toString().replace(/\B(?=(\d{3})+(?!\d))/g, ",");
+}
+function formatAmount(amount) {
+  try {
+    const num = BigInt(amount);
+    return formatBigInt(num);
+  } catch {
+    return amount;
+  }
+}
+function formatTimestamp(timestamp) {
+  const date = new Date(timestamp * 1e3);
+  return date.toISOString().replace("T", " ").slice(0, 19) + " UTC";
+}
+function truncateAddress(address) {
+  if (address.length <= 12) {
+    return address;
+  }
+  return `${address.slice(0, 6)}...${address.slice(-4)}`;
+}
+function truncateHash(hash2) {
+  if (hash2.length <= 16) {
+    return hash2;
+  }
+  return `${hash2.slice(0, 8)}...${hash2.slice(-8)}`;
+}
+
+// src/compliance/reports.ts
+var ComplianceReporter = class {
+  /**
+   * Generate an audit report from encrypted transactions
+   *
+   * Decrypts transactions using the provided viewing key, filters by date range,
+   * and generates a comprehensive report with summary statistics.
+   *
+   * @param params - Report generation parameters
+   * @returns Audit report with decrypted transactions and statistics
+   * @throws {ValidationError} If parameters are invalid
+   * @throws {CryptoError} If decryption fails
+   */
+  async generateAuditReport(params) {
+    this.validateParams(params);
+    const viewingKey = this.normalizeViewingKey(params.viewingKey);
+    const decryptedTransactions = this.decryptTransactions(
+      params.transactions,
+      viewingKey,
+      params.startDate,
+      params.endDate
+    );
+    const summary = this.calculateSummary(decryptedTransactions);
+    const period = this.determinePeriod(
+      decryptedTransactions,
+      params.startDate,
+      params.endDate
+    );
+    const reportId = `audit_${generateRandomBytes(16).slice(2)}`;
+    return {
+      reportId,
+      generatedAt: /* @__PURE__ */ new Date(),
+      period,
+      transactions: decryptedTransactions,
+      summary
+    };
+  }
+  /**
+   * Validate report generation parameters
+   */
+  validateParams(params) {
+    if (!params.viewingKey) {
+      throw new ValidationError(
+        "viewingKey is required",
+        "viewingKey",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (!params.transactions) {
+      throw new ValidationError(
+        "transactions array is required",
+        "transactions",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (!Array.isArray(params.transactions)) {
+      throw new ValidationError(
+        "transactions must be an array",
+        "transactions",
+        { received: typeof params.transactions },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (params.format !== "json" && params.format !== "pdf") {
+      throw new ValidationError(
+        "only JSON and PDF formats are supported",
+        "format",
+        { received: params.format },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (params.startDate && params.endDate) {
+      if (params.startDate > params.endDate) {
+        throw new ValidationError(
+          "startDate must be before endDate",
+          "startDate",
+          {
+            startDate: params.startDate.toISOString(),
+            endDate: params.endDate.toISOString()
+          },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+    }
+  }
+  /**
+   * Normalize viewing key to ViewingKey object
+   */
+  normalizeViewingKey(viewingKey) {
+    if (typeof viewingKey === "string") {
+      const keyHex = viewingKey.startsWith("0x") ? viewingKey.slice(2) : viewingKey;
+      const keyBytes = (0, import_utils21.hexToBytes)(keyHex);
+      const hashBytes = (0, import_sha25615.sha256)(keyBytes);
+      return {
+        key: `0x${keyHex}`,
+        path: "m/0",
+        hash: `0x${(0, import_utils21.bytesToHex)(hashBytes)}`
+      };
+    }
+    return viewingKey;
+  }
+  /**
+   * Decrypt transactions and filter by date range
+   */
+  decryptTransactions(encrypted, viewingKey, startDate, endDate) {
+    const decrypted = [];
+    const errors = [];
+    for (let i = 0; i < encrypted.length; i++) {
+      try {
+        const txData = decryptWithViewing(encrypted[i], viewingKey);
+        if (startDate || endDate) {
+          const txDate = new Date(txData.timestamp * 1e3);
+          if (startDate && txDate < startDate) {
+            continue;
+          }
+          if (endDate && txDate > endDate) {
+            continue;
+          }
+        }
+        decrypted.push({
+          id: `tx_${i}`,
+          sender: txData.sender,
+          recipient: txData.recipient,
+          amount: txData.amount,
+          timestamp: txData.timestamp
+        });
+      } catch (error) {
+        errors.push({ index: i, error });
+      }
+    }
+    if (decrypted.length === 0 && encrypted.length > 0) {
+      throw new CryptoError(
+        `Failed to decrypt any transactions. First error: ${errors[0]?.error.message}`,
+        "SIP_3002" /* DECRYPTION_FAILED */,
+        {
+          context: {
+            totalTransactions: encrypted.length,
+            failedCount: errors.length
+          }
+        }
+      );
+    }
+    return decrypted;
+  }
+  /**
+   * Calculate summary statistics
+   */
+  calculateSummary(transactions) {
+    let totalVolume = 0n;
+    const counterparties = /* @__PURE__ */ new Set();
+    for (const tx of transactions) {
+      try {
+        const amount = BigInt(tx.amount);
+        totalVolume += amount;
+      } catch (error) {
+        console.warn(`Skipping invalid amount in transaction ${tx.id}: ${tx.amount}`);
+      }
+      counterparties.add(tx.sender);
+      counterparties.add(tx.recipient);
+    }
+    return {
+      totalVolume,
+      transactionCount: transactions.length,
+      uniqueCounterparties: counterparties.size
+    };
+  }
+  /**
+   * Determine report period from transactions and params
+   */
+  determinePeriod(transactions, startDate, endDate) {
+    if (startDate && endDate) {
+      return { start: startDate, end: endDate };
+    }
+    if (transactions.length === 0) {
+      const now = /* @__PURE__ */ new Date();
+      return { start: now, end: now };
+    }
+    let minTimestamp = transactions[0].timestamp;
+    let maxTimestamp = transactions[0].timestamp;
+    for (const tx of transactions) {
+      if (tx.timestamp < minTimestamp) {
+        minTimestamp = tx.timestamp;
+      }
+      if (tx.timestamp > maxTimestamp) {
+        maxTimestamp = tx.timestamp;
+      }
+    }
+    return {
+      start: startDate || new Date(minTimestamp * 1e3),
+      end: endDate || new Date(maxTimestamp * 1e3)
+    };
+  }
+  /**
+   * Export audit report to PDF format
+   *
+   * Generates a professionally formatted PDF document from an audit report.
+   * Works in both Node.js and browser environments.
+   *
+   * @param report - The audit report to export
+   * @param options - PDF export options
+   * @returns PDF document as Uint8Array
+   *
+   * @example
+   * ```typescript
+   * const reporter = new ComplianceReporter()
+   * const report = await reporter.generateAuditReport({...})
+   *
+   * const pdfBytes = reporter.exportToPdf(report, {
+   *   title: 'Q1 2025 Audit Report',
+   *   organization: 'ACME Corp',
+   * })
+   *
+   * // Save to file (Node.js)
+   * fs.writeFileSync('report.pdf', pdfBytes)
+   * ```
+   */
+  exportToPdf(report, options) {
+    return generatePdfReport(report, options);
+  }
+  /**
+   * Export transactions to regulatory compliance formats
+   *
+   * Decrypts and exports transactions in formats required by regulators:
+   * - FATF: Financial Action Task Force Travel Rule format
+   * - FINCEN: FinCEN Suspicious Activity Report (SAR) format
+   * - CSV: Generic comma-separated values format
+   *
+   * @param params - Export parameters
+   * @returns Regulatory export in the specified format
+   * @throws {ValidationError} If parameters are invalid
+   * @throws {CryptoError} If decryption fails
+   *
+   * @example
+   * ```typescript
+   * const reporter = new ComplianceReporter()
+   *
+   * // FATF Travel Rule export
+   * const fatfExport = await reporter.exportForRegulator({
+   *   viewingKey: myViewingKey,
+   *   transactions: encryptedTxs,
+   *   jurisdiction: 'EU',
+   *   format: 'FATF',
+   *   currency: 'EUR',
+   * })
+   *
+   * // FINCEN SAR export (US only)
+   * const fincenExport = await reporter.exportForRegulator({
+   *   viewingKey: myViewingKey,
+   *   transactions: suspiciousTxs,
+   *   jurisdiction: 'US',
+   *   format: 'FINCEN',
+   * })
+   *
+   * // CSV export
+   * const csvExport = await reporter.exportForRegulator({
+   *   viewingKey: myViewingKey,
+   *   transactions: encryptedTxs,
+   *   jurisdiction: 'SG',
+   *   format: 'CSV',
+   * })
+   * ```
+   */
+  async exportForRegulator(params) {
+    this.validateRegulatoryParams(params);
+    const viewingKey = this.normalizeViewingKey(params.viewingKey);
+    const decryptedTransactions = this.decryptTransactions(
+      params.transactions,
+      viewingKey,
+      params.startDate,
+      params.endDate
+    );
+    const reportId = `reg_${generateRandomBytes(16).slice(2)}`;
+    switch (params.format) {
+      case "FATF":
+        return this.exportToFATF(
+          reportId,
+          decryptedTransactions,
+          params.jurisdiction,
+          params.currency || "USD"
+        );
+      case "FINCEN":
+        return this.exportToFINCEN(
+          reportId,
+          decryptedTransactions,
+          params.startDate,
+          params.endDate,
+          params.currency || "USD"
+        );
+      case "CSV":
+        return this.exportToCSV(
+          reportId,
+          decryptedTransactions,
+          params.jurisdiction,
+          params.currency || "USD"
+        );
+      default:
+        throw new ValidationError(
+          `unsupported format: ${params.format}`,
+          "format",
+          { received: params.format },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+    }
+  }
+  /**
+   * Validate regulatory export parameters
+   */
+  validateRegulatoryParams(params) {
+    if (!params.viewingKey) {
+      throw new ValidationError(
+        "viewingKey is required",
+        "viewingKey",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (!params.transactions) {
+      throw new ValidationError(
+        "transactions array is required",
+        "transactions",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (!Array.isArray(params.transactions)) {
+      throw new ValidationError(
+        "transactions must be an array",
+        "transactions",
+        { received: typeof params.transactions },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (!params.jurisdiction) {
+      throw new ValidationError(
+        "jurisdiction is required",
+        "jurisdiction",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    const validJurisdictions = ["US", "EU", "UK", "SG"];
+    if (!validJurisdictions.includes(params.jurisdiction)) {
+      throw new ValidationError(
+        `invalid jurisdiction. Must be one of: ${validJurisdictions.join(", ")}`,
+        "jurisdiction",
+        { received: params.jurisdiction },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (!params.format) {
+      throw new ValidationError(
+        "format is required",
+        "format",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    const validFormats = ["FATF", "FINCEN", "CSV"];
+    if (!validFormats.includes(params.format)) {
+      throw new ValidationError(
+        `invalid format. Must be one of: ${validFormats.join(", ")}`,
+        "format",
+        { received: params.format },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (params.format === "FINCEN" && params.jurisdiction !== "US") {
+      throw new ValidationError(
+        "FINCEN format is only available for US jurisdiction",
+        "format",
+        { jurisdiction: params.jurisdiction, format: params.format },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (params.startDate && params.endDate) {
+      if (params.startDate > params.endDate) {
+        throw new ValidationError(
+          "startDate must be before endDate",
+          "startDate",
+          {
+            startDate: params.startDate.toISOString(),
+            endDate: params.endDate.toISOString()
+          },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+    }
+  }
+  /**
+   * Export to FATF Travel Rule format
+   */
+  exportToFATF(reportId, transactions, jurisdiction, currency) {
+    const fatfTransactions = transactions.map((tx) => ({
+      originatorAccount: tx.sender,
+      beneficiaryAccount: tx.recipient,
+      amount: tx.amount,
+      currency,
+      transactionRef: tx.id,
+      timestamp: new Date(tx.timestamp * 1e3).toISOString()
+    }));
+    return {
+      reportId,
+      generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      jurisdiction,
+      transactions: fatfTransactions
+    };
+  }
+  /**
+   * Export to FINCEN SAR format
+   */
+  exportToFINCEN(reportId, transactions, startDate, endDate, currency = "USD") {
+    let totalAmount = 0n;
+    for (const tx of transactions) {
+      try {
+        totalAmount += BigInt(tx.amount);
+      } catch (error) {
+      }
+    }
+    const period = this.determinePeriod(transactions, startDate, endDate);
+    const fincenTransactions = transactions.map((tx) => ({
+      transactionDate: new Date(tx.timestamp * 1e3).toISOString(),
+      amount: tx.amount,
+      currency,
+      narrativeSummary: `Transfer from ${tx.sender} to ${tx.recipient}`,
+      transactionRef: tx.id,
+      parties: {
+        sender: tx.sender,
+        recipient: tx.recipient
+      }
+    }));
+    return {
+      reportId,
+      filingType: "SAR",
+      reportDate: (/* @__PURE__ */ new Date()).toISOString(),
+      jurisdiction: "US",
+      summary: {
+        transactionCount: transactions.length,
+        totalAmount: totalAmount.toString(),
+        period: {
+          start: period.start.toISOString(),
+          end: period.end.toISOString()
+        }
+      },
+      transactions: fincenTransactions
+    };
+  }
+  /**
+   * Export to CSV format
+   */
+  exportToCSV(reportId, transactions, jurisdiction, currency) {
+    const headers = [
+      "Transaction ID",
+      "Timestamp",
+      "Sender",
+      "Recipient",
+      "Amount",
+      "Currency"
+    ];
+    const rows = transactions.map((tx) => [
+      tx.id,
+      new Date(tx.timestamp * 1e3).toISOString(),
+      tx.sender,
+      tx.recipient,
+      tx.amount,
+      currency
+    ]);
+    return {
+      reportId,
+      generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      jurisdiction,
+      headers,
+      rows
+    };
+  }
+};
+
+// src/compliance/conditional.ts
+var import_sha25616 = require("@noble/hashes/sha256");
+var import_utils22 = require("@noble/hashes/utils");
+var import_chacha3 = require("@noble/ciphers/chacha.js");
+var ConditionalDisclosure = class {
+  /**
+   * Create a time-locked disclosure
+   *
+   * Encrypts the viewing key with a deterministic key derived from
+   * the commitment and reveal time. The key can only be reconstructed
+   * after the specified time/block height.
+   *
+   * @param params - Time-lock parameters
+   * @returns Time-lock result with encrypted key
+   * @throws {ValidationError} If parameters are invalid
+   * @throws {CryptoError} If encryption fails
+   */
+  createTimeLocked(params) {
+    if (!params.viewingKey || !params.viewingKey.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid viewing key format",
+        "viewingKey",
+        { viewingKey: params.viewingKey },
+        "SIP_2006" /* INVALID_KEY */
+      );
+    }
+    if (!params.commitment || !params.commitment.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid commitment format",
+        "commitment",
+        { commitment: params.commitment },
+        "SIP_3010" /* INVALID_COMMITMENT */
+      );
+    }
+    let revealAfterSeconds;
+    let type;
+    if (params.revealAfter instanceof Date) {
+      revealAfterSeconds = Math.floor(params.revealAfter.getTime() / 1e3);
+      type = "timestamp";
+    } else if (typeof params.revealAfter === "number") {
+      if (params.revealAfter > 1e10) {
+        revealAfterSeconds = Math.floor(params.revealAfter / 1e3);
+        type = "timestamp";
+      } else {
+        revealAfterSeconds = params.revealAfter;
+        type = "blockheight";
+      }
+      if (revealAfterSeconds <= 0) {
+        throw new ValidationError(
+          "Reveal time/block height must be positive",
+          "revealAfter",
+          { revealAfter: revealAfterSeconds },
+          "SIP_3011" /* INVALID_TIME_LOCK */
+        );
+      }
+    } else {
+      throw new ValidationError(
+        "Invalid revealAfter type (must be Date or number)",
+        "revealAfter",
+        { revealAfter: params.revealAfter },
+        "SIP_3011" /* INVALID_TIME_LOCK */
+      );
+    }
+    try {
+      const encryptionKey = this._deriveEncryptionKey(
+        params.commitment,
+        revealAfterSeconds
+      );
+      const nonce = (0, import_utils22.randomBytes)(24);
+      const viewingKeyBytes = (0, import_utils22.hexToBytes)(params.viewingKey.slice(2));
+      const cipher = (0, import_chacha3.xchacha20poly1305)(encryptionKey, nonce);
+      const encryptedKey = cipher.encrypt(viewingKeyBytes);
+      const commitmentData = new Uint8Array([
+        ...viewingKeyBytes,
+        ...this._numberToBytes(revealAfterSeconds)
+      ]);
+      const commitmentHash = (0, import_sha25616.sha256)(commitmentData);
+      return {
+        encryptedKey: "0x" + (0, import_utils22.bytesToHex)(encryptedKey),
+        nonce: "0x" + (0, import_utils22.bytesToHex)(nonce),
+        revealAfter: revealAfterSeconds,
+        verificationCommitment: "0x" + (0, import_utils22.bytesToHex)(commitmentHash),
+        encryptionCommitment: params.commitment,
+        type
+      };
+    } catch (error) {
+      if (error instanceof ValidationError) {
+        throw error;
+      }
+      throw new CryptoError(
+        "Failed to create time-locked disclosure",
+        "SIP_3001" /* ENCRYPTION_FAILED */,
+        {
+          cause: error instanceof Error ? error : void 0,
+          operation: "createTimeLocked"
+        }
+      );
+    }
+  }
+  /**
+   * Check if a time-lock is unlocked and retrieve the viewing key
+   *
+   * @param timeLock - Time-lock result to check
+   * @param currentTimeOrBlock - Current time (Date/number) or block height (number)
+   * @returns Unlock result with viewing key if unlocked
+   * @throws {ValidationError} If time-lock format is invalid
+   * @throws {CryptoError} If decryption fails
+   */
+  checkUnlocked(timeLock, currentTimeOrBlock) {
+    if (!timeLock.encryptedKey || !timeLock.encryptedKey.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid encrypted key format",
+        "encryptedKey",
+        { encryptedKey: timeLock.encryptedKey },
+        "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+      );
+    }
+    if (!timeLock.nonce || !timeLock.nonce.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid nonce format",
+        "nonce",
+        { nonce: timeLock.nonce },
+        "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+      );
+    }
+    if (!timeLock.verificationCommitment || !timeLock.verificationCommitment.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid verification commitment format",
+        "verificationCommitment",
+        { commitment: timeLock.verificationCommitment },
+        "SIP_3010" /* INVALID_COMMITMENT */
+      );
+    }
+    if (!timeLock.encryptionCommitment || !timeLock.encryptionCommitment.startsWith("0x")) {
+      throw new ValidationError(
+        "Invalid encryption commitment format",
+        "encryptionCommitment",
+        { commitment: timeLock.encryptionCommitment },
+        "SIP_3010" /* INVALID_COMMITMENT */
+      );
+    }
+    let currentValue;
+    if (currentTimeOrBlock instanceof Date) {
+      currentValue = Math.floor(currentTimeOrBlock.getTime() / 1e3);
+    } else if (typeof currentTimeOrBlock === "number") {
+      currentValue = currentTimeOrBlock;
+    } else {
+      currentValue = Math.floor(Date.now() / 1e3);
+    }
+    const unlocked = currentValue >= timeLock.revealAfter;
+    if (!unlocked) {
+      return { unlocked: false };
+    }
+    try {
+      const encryptionKey = this._deriveEncryptionKey(
+        timeLock.encryptionCommitment,
+        timeLock.revealAfter
+      );
+      const nonce = (0, import_utils22.hexToBytes)(timeLock.nonce.slice(2));
+      const encryptedData = (0, import_utils22.hexToBytes)(timeLock.encryptedKey.slice(2));
+      const cipher = (0, import_chacha3.xchacha20poly1305)(encryptionKey, nonce);
+      const decryptedBytes = cipher.decrypt(encryptedData);
+      const viewingKey = "0x" + (0, import_utils22.bytesToHex)(decryptedBytes);
+      return {
+        unlocked: true,
+        viewingKey
+      };
+    } catch (error) {
+      if (error instanceof ValidationError || error instanceof CryptoError) {
+        throw error;
+      }
+      throw new CryptoError(
+        "Failed to decrypt time-locked viewing key",
+        "SIP_3002" /* DECRYPTION_FAILED */,
+        {
+          cause: error instanceof Error ? error : void 0,
+          operation: "checkUnlocked"
+        }
+      );
+    }
+  }
+  /**
+   * Verify a time-lock commitment
+   *
+   * Verifies that the verification commitment in the time-lock matches the hash
+   * of the provided viewing key and reveal time.
+   *
+   * @param timeLock - Time-lock to verify
+   * @param viewingKey - Viewing key to verify against
+   * @returns True if commitment is valid
+   */
+  verifyCommitment(timeLock, viewingKey) {
+    try {
+      const viewingKeyBytes = (0, import_utils22.hexToBytes)(viewingKey.slice(2));
+      const commitmentData = new Uint8Array([
+        ...viewingKeyBytes,
+        ...this._numberToBytes(timeLock.revealAfter)
+      ]);
+      const expectedCommitment = (0, import_sha25616.sha256)(commitmentData);
+      const actualCommitment = (0, import_utils22.hexToBytes)(timeLock.verificationCommitment.slice(2));
+      if (expectedCommitment.length !== actualCommitment.length) {
+        return false;
+      }
+      let diff = 0;
+      for (let i = 0; i < expectedCommitment.length; i++) {
+        diff |= expectedCommitment[i] ^ actualCommitment[i];
+      }
+      return diff === 0;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Derive deterministic encryption key from commitment and reveal time
+   *
+   * @private
+   */
+  _deriveEncryptionKey(commitment, revealAfter) {
+    const commitmentBytes = (0, import_utils22.hexToBytes)(commitment.slice(2));
+    const timeBytes = this._numberToBytes(revealAfter);
+    const combined = new Uint8Array([...commitmentBytes, ...timeBytes]);
+    const key = (0, import_sha25616.sha256)(combined);
+    if (key.length !== 32) {
+      throw new CryptoError(
+        "Derived key must be 32 bytes",
+        "SIP_3008" /* INVALID_KEY_SIZE */,
+        {
+          context: { actualSize: key.length, expectedSize: 32 },
+          operation: "_deriveEncryptionKey"
+        }
+      );
+    }
+    return key;
+  }
+  /**
+   * Convert number to 8-byte big-endian representation
+   *
+   * @private
+   */
+  _numberToBytes(num) {
+    const bytes = new Uint8Array(8);
+    const view = new DataView(bytes.buffer);
+    view.setBigUint64(0, BigInt(Math.floor(num)), false);
+    return bytes;
+  }
+};
+
+// src/compliance/conditional-threshold.ts
+var import_secp256k17 = require("@noble/curves/secp256k1");
+var import_sha25617 = require("@noble/hashes/sha256");
+var import_utils23 = require("@noble/hashes/utils");
+var CURVE_ORDER2 = import_secp256k17.secp256k1.CURVE.n;
+
+// src/compliance/threshold.ts
+var import_sha25618 = require("@noble/hashes/sha256");
+var import_utils24 = require("@noble/hashes/utils");
+var FIELD_PRIME = 2n ** 256n - 189n;
+var ThresholdViewingKey = class {
+  /**
+   * Create threshold shares from a viewing key
+   *
+   * @param params - Configuration parameters
+   * @returns Threshold shares with commitment
+   * @throws ValidationError if parameters are invalid
+   *
+   * @example
+   * ```typescript
+   * const threshold = ThresholdViewingKey.create({
+   *   threshold: 3,
+   *   totalShares: 5,
+   *   viewingKey: '0xabc123...',
+   * })
+   * ```
+   */
+  static create(params) {
+    this.validateParams(params.threshold, params.totalShares);
+    this.validateViewingKey(params.viewingKey);
+    const secret = this.viewingKeyToSecret(params.viewingKey);
+    const keyLength = params.viewingKey.slice(2).length;
+    const coefficients = this.generateCoefficients(params.threshold, secret);
+    const commitment = this.createCommitment(secret, coefficients);
+    const shares = [];
+    for (let i = 1; i <= params.totalShares; i++) {
+      const x = BigInt(i);
+      const y = this.evaluatePolynomial(coefficients, x);
+      shares.push(this.encodeShare(x, y, keyLength, commitment));
+    }
+    return {
+      shares,
+      commitment,
+      threshold: params.threshold,
+      totalShares: params.totalShares
+    };
+  }
+  /**
+   * Reconstruct viewing key from threshold shares
+   *
+   * @param shares - Array of encoded shares (must be >= threshold)
+   * @returns Reconstructed viewing key
+   * @throws ValidationError if insufficient or invalid shares
+   *
+   * @example
+   * ```typescript
+   * const viewingKey = ThresholdViewingKey.reconstruct([
+   *   'share1',
+   *   'share2',
+   *   'share3',
+   * ])
+   * ```
+   */
+  static reconstruct(shares) {
+    if (!shares || shares.length === 0) {
+      throw new ValidationError(
+        "at least one share is required",
+        "shares",
+        { received: shares },
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    const decodedShares = shares.map((s) => this.decodeShare(s));
+    const commitment = decodedShares[0].commitment;
+    const keyLength = decodedShares[0].keyLength;
+    for (const share of decodedShares) {
+      if (share.commitment !== commitment) {
+        throw new ValidationError(
+          "shares must all have the same commitment",
+          "shares",
+          { commitment },
+          "SIP_3012" /* INVALID_SHARE */
+        );
+      }
+      if (share.keyLength !== keyLength) {
+        throw new ValidationError(
+          "shares must all have the same key length",
+          "shares",
+          { keyLength },
+          "SIP_3012" /* INVALID_SHARE */
+        );
+      }
+    }
+    const xCoords = new Set(decodedShares.map((s) => s.x.toString()));
+    if (xCoords.size !== decodedShares.length) {
+      throw new ValidationError(
+        "shares must have unique x-coordinates",
+        "shares",
+        void 0,
+        "SIP_3012" /* INVALID_SHARE */
+      );
+    }
+    const secret = this.lagrangeInterpolate(decodedShares);
+    return this.secretToViewingKey(secret, keyLength);
+  }
+  /**
+   * Verify a share without revealing the viewing key
+   *
+   * @param share - Encoded share to verify
+   * @param expectedCommitment - Expected commitment hash
+   * @returns True if share is valid
+   *
+   * @example
+   * ```typescript
+   * const isValid = ThresholdViewingKey.verifyShare(
+   *   'share1',
+   *   'commitment_hash'
+   * )
+   * ```
+   */
+  static verifyShare(share, expectedCommitment) {
+    try {
+      const decoded = this.decodeShare(share);
+      return decoded.commitment === expectedCommitment;
+    } catch {
+      return false;
+    }
+  }
+  // ─── Private Helper Methods ─────────────────────────────────────────────────
+  /**
+   * Validate threshold and total shares parameters
+   */
+  static validateParams(threshold, totalShares) {
+    if (!Number.isInteger(threshold) || threshold < 2) {
+      throw new ValidationError(
+        "threshold must be an integer >= 2",
+        "threshold",
+        { received: threshold },
+        "SIP_3013" /* INVALID_THRESHOLD */
+      );
+    }
+    if (!Number.isInteger(totalShares) || totalShares < threshold) {
+      throw new ValidationError(
+        "totalShares must be an integer >= threshold",
+        "totalShares",
+        { received: totalShares, threshold },
+        "SIP_3013" /* INVALID_THRESHOLD */
+      );
+    }
+    if (totalShares > 255) {
+      throw new ValidationError(
+        "totalShares must be <= 255",
+        "totalShares",
+        { received: totalShares },
+        "SIP_3013" /* INVALID_THRESHOLD */
+      );
+    }
+  }
+  /**
+   * Validate viewing key format
+   */
+  static validateViewingKey(viewingKey) {
+    if (!viewingKey || typeof viewingKey !== "string") {
+      throw new ValidationError(
+        "viewingKey is required",
+        "viewingKey",
+        { received: viewingKey },
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (!viewingKey.startsWith("0x")) {
+      throw new ValidationError(
+        "viewingKey must be hex-encoded (start with 0x)",
+        "viewingKey",
+        { received: viewingKey },
+        "SIP_3015" /* INVALID_FORMAT */
+      );
+    }
+    if (viewingKey.length < 66) {
+      throw new ValidationError(
+        "viewingKey must be at least 32 bytes",
+        "viewingKey",
+        { received: viewingKey.length },
+        "SIP_3015" /* INVALID_FORMAT */
+      );
+    }
+  }
+  /**
+   * Convert viewing key to secret (bigint)
+   */
+  static viewingKeyToSecret(viewingKey) {
+    const bytes = (0, import_utils24.hexToBytes)(viewingKey.slice(2));
+    let secret = 0n;
+    for (let i = 0; i < bytes.length; i++) {
+      secret = secret << 8n | BigInt(bytes[i]);
+    }
+    return this.mod(secret, FIELD_PRIME);
+  }
+  /**
+   * Convert secret (bigint) back to viewing key
+   * @param secret - The secret as bigint
+   * @param hexLength - Length of the hex string (without 0x prefix)
+   */
+  static secretToViewingKey(secret, hexLength) {
+    let hex = secret.toString(16);
+    hex = hex.padStart(hexLength, "0");
+    return `0x${hex}`;
+  }
+  /**
+   * Generate random polynomial coefficients
+   * Polynomial: f(x) = a₀ + a₁x + a₂x² + ... + aₙ₋₁xⁿ⁻¹
+   * where a₀ = secret
+   */
+  static generateCoefficients(threshold, secret) {
+    const coefficients = [secret];
+    for (let i = 1; i < threshold; i++) {
+      const randomCoeff = this.randomFieldElement();
+      coefficients.push(randomCoeff);
+    }
+    return coefficients;
+  }
+  /**
+   * Generate a random field element
+   */
+  static randomFieldElement() {
+    const bytes = (0, import_utils24.randomBytes)(32);
+    let value = 0n;
+    for (let i = 0; i < bytes.length; i++) {
+      value = value << 8n | BigInt(bytes[i]);
+    }
+    return this.mod(value, FIELD_PRIME);
+  }
+  /**
+   * Evaluate polynomial at point x
+   * f(x) = a₀ + a₁x + a₂x² + ... + aₙ₋₁xⁿ⁻¹
+   */
+  static evaluatePolynomial(coefficients, x) {
+    let result = 0n;
+    let xPower = 1n;
+    for (const coeff of coefficients) {
+      result = this.mod(result + this.mod(coeff * xPower, FIELD_PRIME), FIELD_PRIME);
+      xPower = this.mod(xPower * x, FIELD_PRIME);
+    }
+    return result;
+  }
+  /**
+   * Create commitment hash from secret and coefficients
+   */
+  static createCommitment(secret, coefficients) {
+    const data = [secret, ...coefficients].map((c) => c.toString(16).padStart(64, "0")).join("");
+    const hash2 = (0, import_sha25618.sha256)((0, import_utils24.hexToBytes)(data));
+    return (0, import_utils24.bytesToHex)(hash2);
+  }
+  /**
+   * Encode share as string: "x:y:len:commitment"
+   */
+  static encodeShare(x, y, keyLength, commitment) {
+    const xHex = x.toString(16).padStart(2, "0");
+    const yHex = y.toString(16).padStart(64, "0");
+    const lenHex = keyLength.toString(16).padStart(4, "0");
+    return `${xHex}:${yHex}:${lenHex}:${commitment}`;
+  }
+  /**
+   * Decode share from string
+   */
+  static decodeShare(share) {
+    if (!share || typeof share !== "string") {
+      throw new ValidationError(
+        "share must be a non-empty string",
+        "share",
+        { received: share },
+        "SIP_3012" /* INVALID_SHARE */
+      );
+    }
+    const parts = share.split(":");
+    if (parts.length !== 4) {
+      throw new ValidationError(
+        'share must have format "x:y:len:commitment"',
+        "share",
+        { received: share },
+        "SIP_3012" /* INVALID_SHARE */
+      );
+    }
+    const [xHex, yHex, lenHex, commitment] = parts;
+    try {
+      const x = BigInt(`0x${xHex}`);
+      const y = BigInt(`0x${yHex}`);
+      const keyLength = parseInt(lenHex, 16);
+      if (x <= 0n) {
+        throw new ValidationError(
+          "share x-coordinate must be positive",
+          "share",
+          { x },
+          "SIP_3012" /* INVALID_SHARE */
+        );
+      }
+      if (keyLength < 64) {
+        throw new ValidationError(
+          "key length must be at least 64 (32 bytes)",
+          "share",
+          { keyLength },
+          "SIP_3012" /* INVALID_SHARE */
+        );
+      }
+      return { x, y, keyLength, commitment };
+    } catch (error) {
+      throw new ValidationError(
+        "failed to decode share",
+        "share",
+        { error: error.message },
+        "SIP_3012" /* INVALID_SHARE */
+      );
     }
-    return data;
   }
-  generateCSV(transactions) {
-    const headers = [
-      "Transaction ID",
-      "Disclosure ID",
-      "Type",
-      "Direction",
-      "Token",
-      "Amount",
-      "Sender",
-      "Recipient",
-      "Chain",
-      "Privacy Level",
-      "Timestamp",
-      "TX Hash",
-      "Block",
-      "Risk Score",
-      "Purpose",
-      "Memo"
-    ];
-    const rows = transactions.map((tx) => [
-      tx.transactionId,
-      tx.disclosureId,
-      tx.type,
-      tx.direction,
-      tx.token.symbol,
-      tx.amount.toString(),
-      tx.sender,
-      tx.recipient,
-      tx.chain,
-      tx.privacyLevel,
-      new Date(tx.timestamp * 1e3).toISOString(),
-      tx.txHash,
-      tx.blockNumber.toString(),
-      tx.riskScore?.toString() ?? "",
-      tx.purpose ?? "",
-      tx.memo ?? ""
-    ]);
-    const escapeForCSV = (val) => {
-      let escaped = val;
-      if (/^[=+\-@|\t]/.test(escaped)) {
-        escaped = `'${escaped}`;
+  /**
+   * Lagrange interpolation to reconstruct secret
+   * Evaluates polynomial at x=0 to get f(0) = secret
+   */
+  static lagrangeInterpolate(shares) {
+    let secret = 0n;
+    for (let i = 0; i < shares.length; i++) {
+      const xi = shares[i].x;
+      const yi = shares[i].y;
+      let numerator = 1n;
+      let denominator = 1n;
+      for (let j = 0; j < shares.length; j++) {
+        if (i === j) continue;
+        const xj = shares[j].x;
+        numerator = this.mod(numerator * this.mod(-xj, FIELD_PRIME), FIELD_PRIME);
+        denominator = this.mod(denominator * this.mod(xi - xj, FIELD_PRIME), FIELD_PRIME);
       }
-      return `"${escaped.replace(/"/g, '""')}"`;
-    };
-    const csvRows = [headers, ...rows].map((row) => row.map(escapeForCSV).join(","));
-    return csvRows.join("\n");
+      const coeff = this.mod(numerator * this.modInverse(denominator, FIELD_PRIME), FIELD_PRIME);
+      secret = this.mod(secret + this.mod(yi * coeff, FIELD_PRIME), FIELD_PRIME);
+    }
+    return secret;
   }
-};
-function generateId(prefix) {
-  return `${prefix}_${(0, import_utils20.bytesToHex)((0, import_utils20.randomBytes)(12))}`;
-}
-function validateRegisterAuditorParams(params) {
-  if (!params.organization?.trim()) {
-    throw new ValidationError(
-      "organization is required",
-      "organization",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Modular arithmetic: a mod m
+   */
+  static mod(a, m) {
+    return (a % m + m) % m;
   }
-  if (!params.contactName?.trim()) {
-    throw new ValidationError(
-      "contact name is required",
-      "contactName",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Modular multiplicative inverse using Extended Euclidean Algorithm
+   * Returns x such that (a * x) mod m = 1
+   */
+  static modInverse(a, m) {
+    const a0 = this.mod(a, m);
+    if (a0 === 0n) {
+      throw new CryptoError(
+        "modular inverse does not exist (a = 0)",
+        "SIP_3014" /* CRYPTO_OPERATION_FAILED */,
+        { operation: "modInverse" }
+      );
+    }
+    let [old_r, r] = [a0, m];
+    let [old_s, s] = [1n, 0n];
+    while (r !== 0n) {
+      const quotient = old_r / r;
+      [old_r, r] = [r, old_r - quotient * r];
+      [old_s, s] = [s, old_s - quotient * s];
+    }
+    if (old_r !== 1n) {
+      throw new CryptoError(
+        "modular inverse does not exist (gcd != 1)",
+        "SIP_3014" /* CRYPTO_OPERATION_FAILED */,
+        { operation: "modInverse" }
+      );
+    }
+    return this.mod(old_s, m);
   }
-  if (!params.contactEmail?.trim()) {
-    throw new ValidationError(
-      "contact email is required",
-      "contactEmail",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+};
+
+// src/compliance/derivation.ts
+var import_sha25619 = require("@noble/hashes/sha256");
+var import_sha5123 = require("@noble/hashes/sha512");
+var import_hmac2 = require("@noble/hashes/hmac");
+var import_utils25 = require("@noble/hashes/utils");
+var AuditorType = /* @__PURE__ */ ((AuditorType2) => {
+  AuditorType2[AuditorType2["PRIMARY"] = 0] = "PRIMARY";
+  AuditorType2[AuditorType2["REGULATORY"] = 1] = "REGULATORY";
+  AuditorType2[AuditorType2["INTERNAL"] = 2] = "INTERNAL";
+  AuditorType2[AuditorType2["TAX"] = 3] = "TAX";
+  return AuditorType2;
+})(AuditorType || {});
+var AuditorKeyDerivation = class {
+  /**
+   * SIP Protocol coin type (BIP-44 registered)
+   *
+   * Note: This is a placeholder. In production, register with SLIP-44:
+   * https://github.com/satoshilabs/slips/blob/master/slip-0044.md
+   */
+  static COIN_TYPE = 1234;
+  /**
+   * BIP-44 purpose field
+   */
+  static PURPOSE = 44;
+  /**
+   * Hardened derivation flag (2^31)
+   */
+  static HARDENED = 2147483648;
+  /**
+   * Generate BIP-44 derivation path
+   *
+   * @param auditorType - Type of auditor key
+   * @param account - Account index (default: 0)
+   * @returns BIP-44 style path string
+   *
+   * @example
+   * ```typescript
+   * AuditorKeyDerivation.derivePath(AuditorType.REGULATORY)
+   * // Returns: "m/44'/1234'/0'/1"
+   *
+   * AuditorKeyDerivation.derivePath(AuditorType.TAX, 5)
+   * // Returns: "m/44'/1234'/5'/3"
+   * ```
+   */
+  static derivePath(auditorType, account = 0) {
+    this.validateAuditorType(auditorType);
+    this.validateAccount(account);
+    return `m/${this.PURPOSE}'/${this.COIN_TYPE}'/${account}'/${auditorType}`;
   }
-  if (!params.publicKey?.trim()) {
-    throw new ValidationError(
-      "public key is required",
-      "publicKey",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Derive a viewing key for an auditor
+   *
+   * Uses BIP-32 style hierarchical deterministic key derivation:
+   * 1. Derive master key from seed
+   * 2. Harden purpose (44')
+   * 3. Harden coin type (1234')
+   * 4. Harden account index
+   * 5. Derive auditor type (non-hardened)
+   *
+   * @param params - Derivation parameters
+   * @returns Derived viewing key with metadata
+   *
+   * @throws {ValidationError} If parameters are invalid
+   *
+   * @example
+   * ```typescript
+   * const regulatoryKey = AuditorKeyDerivation.deriveViewingKey({
+   *   masterSeed: randomBytes(32),
+   *   auditorType: AuditorType.REGULATORY,
+   * })
+   *
+   * console.log(regulatoryKey.path) // "m/44'/1234'/0'/1"
+   * console.log(regulatoryKey.viewingKey.key) // "0x..."
+   * ```
+   */
+  static deriveViewingKey(params) {
+    const { masterSeed, auditorType, account = 0 } = params;
+    this.validateMasterSeed(masterSeed);
+    this.validateAuditorType(auditorType);
+    this.validateAccount(account);
+    const path = this.derivePath(auditorType, account);
+    const indices = [
+      this.PURPOSE | this.HARDENED,
+      // 44' (hardened)
+      this.COIN_TYPE | this.HARDENED,
+      // 1234' (hardened)
+      account | this.HARDENED,
+      // account' (hardened)
+      auditorType
+      // auditorType (non-hardened)
+    ];
+    const masterData = (0, import_hmac2.hmac)(import_sha5123.sha512, (0, import_utils25.utf8ToBytes)("SIP-MASTER-SEED"), masterSeed);
+    let currentKey = new Uint8Array(masterData.slice(0, 32));
+    let chainCode = new Uint8Array(masterData.slice(32, 64));
+    try {
+      for (let i = 0; i < indices.length; i++) {
+        const index = indices[i];
+        const derived = this.deriveChildKey(currentKey, chainCode, index);
+        if (i > 0) {
+          secureWipe(currentKey);
+        }
+        currentKey = new Uint8Array(derived.key);
+        chainCode = new Uint8Array(derived.chainCode);
+      }
+      const keyHex = `0x${(0, import_utils25.bytesToHex)(currentKey)}`;
+      const hashBytes = (0, import_sha25619.sha256)(currentKey);
+      const hash2 = `0x${(0, import_utils25.bytesToHex)(hashBytes)}`;
+      const viewingKey = {
+        key: keyHex,
+        path,
+        hash: hash2
+      };
+      return {
+        path,
+        viewingKey,
+        auditorType,
+        account
+      };
+    } finally {
+      secureWipe(currentKey);
+      secureWipe(chainCode);
+    }
   }
-  if (!params.scope) {
-    throw new ValidationError(
-      "audit scope is required",
-      "scope",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Derive multiple viewing keys at once
+   *
+   * Efficiently derives keys for multiple auditor types from the same
+   * master seed. This is more efficient than calling deriveViewingKey
+   * multiple times as it reuses intermediate derivations.
+   *
+   * @param params - Derivation parameters
+   * @returns Array of derived viewing keys
+   *
+   * @example
+   * ```typescript
+   * const keys = AuditorKeyDerivation.deriveMultiple({
+   *   masterSeed: randomBytes(32),
+   *   auditorTypes: [
+   *     AuditorType.PRIMARY,
+   *     AuditorType.REGULATORY,
+   *     AuditorType.INTERNAL,
+   *   ],
+   * })
+   *
+   * // keys[0] -> PRIMARY key (m/44'/1234'/0'/0)
+   * // keys[1] -> REGULATORY key (m/44'/1234'/0'/1)
+   * // keys[2] -> INTERNAL key (m/44'/1234'/0'/2)
+   * ```
+   */
+  static deriveMultiple(params) {
+    const { masterSeed, auditorTypes, account = 0 } = params;
+    this.validateMasterSeed(masterSeed);
+    this.validateAccount(account);
+    if (!auditorTypes || auditorTypes.length === 0) {
+      throw new ValidationError(
+        "at least one auditor type is required",
+        "auditorTypes",
+        { received: auditorTypes },
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    for (const type of auditorTypes) {
+      this.validateAuditorType(type);
+    }
+    const uniqueTypes = Array.from(new Set(auditorTypes));
+    const commonIndices = [
+      this.PURPOSE | this.HARDENED,
+      // 44' (hardened)
+      this.COIN_TYPE | this.HARDENED,
+      // 1234' (hardened)
+      account | this.HARDENED
+      // account' (hardened)
+    ];
+    const masterData = (0, import_hmac2.hmac)(import_sha5123.sha512, (0, import_utils25.utf8ToBytes)("SIP-MASTER-SEED"), masterSeed);
+    let commonKey = new Uint8Array(masterData.slice(0, 32));
+    let commonChainCode = new Uint8Array(masterData.slice(32, 64));
+    try {
+      for (let i = 0; i < commonIndices.length; i++) {
+        const index = commonIndices[i];
+        const derived = this.deriveChildKey(commonKey, commonChainCode, index);
+        if (i > 0) {
+          secureWipe(commonKey);
+        }
+        commonKey = new Uint8Array(derived.key);
+        commonChainCode = new Uint8Array(derived.chainCode);
+      }
+      const results = [];
+      for (const auditorType of uniqueTypes) {
+        const derived = this.deriveChildKey(commonKey, commonChainCode, auditorType);
+        try {
+          const keyHex = `0x${(0, import_utils25.bytesToHex)(derived.key)}`;
+          const hashBytes = (0, import_sha25619.sha256)(derived.key);
+          const hash2 = `0x${(0, import_utils25.bytesToHex)(hashBytes)}`;
+          const path = this.derivePath(auditorType, account);
+          const viewingKey = {
+            key: keyHex,
+            path,
+            hash: hash2
+          };
+          results.push({
+            path,
+            viewingKey,
+            auditorType,
+            account
+          });
+        } finally {
+          secureWipe(derived.key);
+          secureWipe(derived.chainCode);
+        }
+      }
+      return results;
+    } finally {
+      secureWipe(commonKey);
+      secureWipe(commonChainCode);
+    }
   }
-}
-function validateReportParams(params) {
-  if (!params.title?.trim()) {
-    throw new ValidationError(
-      "report title is required",
-      "title",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Get human-readable name for auditor type
+   *
+   * @param auditorType - Auditor type enum value
+   * @returns Friendly name string
+   */
+  static getAuditorTypeName(auditorType) {
+    switch (auditorType) {
+      case 0 /* PRIMARY */:
+        return "Primary";
+      case 1 /* REGULATORY */:
+        return "Regulatory";
+      case 2 /* INTERNAL */:
+        return "Internal";
+      case 3 /* TAX */:
+        return "Tax Authority";
+      default:
+        return `Unknown (${auditorType})`;
+    }
   }
-  if (!params.type) {
-    throw new ValidationError(
-      "report type is required",
-      "type",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  // ─── Private Helpers ─────────────────────────────────────────────────────────
+  /**
+   * Derive a child key using BIP-32 HMAC-SHA512 derivation
+   *
+   * @param parentKey - Parent key bytes (32 bytes)
+   * @param chainCode - Parent chain code (32 bytes)
+   * @param index - Child index (use | HARDENED for hardened derivation)
+   * @returns Derived key and chain code
+   */
+  static deriveChildKey(parentKey, chainCode, index) {
+    const isHardened = (index & this.HARDENED) !== 0;
+    const data = new Uint8Array(37);
+    if (isHardened) {
+      data[0] = 0;
+      data.set(parentKey, 1);
+    } else {
+      data[0] = 1;
+      data.set(parentKey, 1);
+    }
+    const indexView = new DataView(data.buffer, 33, 4);
+    indexView.setUint32(0, index, false);
+    const hmacResult = (0, import_hmac2.hmac)(import_sha5123.sha512, chainCode, data);
+    const childKey = new Uint8Array(hmacResult.slice(0, 32));
+    const childChainCode = new Uint8Array(hmacResult.slice(32, 64));
+    return {
+      key: childKey,
+      chainCode: childChainCode
+    };
   }
-  if (!params.format) {
-    throw new ValidationError(
-      "report format is required",
-      "format",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Validate master seed
+   */
+  static validateMasterSeed(seed) {
+    if (!seed || seed.length < 32) {
+      throw new ValidationError(
+        "master seed must be at least 32 bytes",
+        "masterSeed",
+        { received: seed?.length ?? 0 },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
   }
-  if (params.startDate === void 0 || params.startDate === null || params.endDate === void 0 || params.endDate === null) {
-    throw new ValidationError(
-      "date range is required",
-      "dateRange",
-      void 0,
-      "SIP_2008" /* MISSING_REQUIRED */
-    );
+  /**
+   * Validate auditor type
+   */
+  static validateAuditorType(type) {
+    const validTypes = [
+      0 /* PRIMARY */,
+      1 /* REGULATORY */,
+      2 /* INTERNAL */,
+      3 /* TAX */
+    ];
+    if (!validTypes.includes(type)) {
+      throw new ValidationError(
+        `invalid auditor type: ${type}`,
+        "auditorType",
+        { received: type, valid: validTypes },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
   }
-  if (params.startDate >= params.endDate) {
-    throw new ValidationError(
-      "start date must be before end date",
-      "dateRange",
-      void 0,
-      "SIP_2001" /* INVALID_INPUT */
-    );
+  /**
+   * Validate account index
+   */
+  static validateAccount(account) {
+    if (!Number.isInteger(account) || account < 0 || account >= this.HARDENED) {
+      throw new ValidationError(
+        `account must be a non-negative integer less than ${this.HARDENED}`,
+        "account",
+        { received: account },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
   }
-}
+};
 
 // src/wallet/errors.ts
 var import_types18 = require("@sip-protocol/types");
@@ -12726,7 +14433,7 @@ function createTrezorAdapter(config) {
 
 // src/wallet/hardware/mock.ts
 var import_types51 = require("@sip-protocol/types");
-var import_utils21 = require("@noble/hashes/utils");
+var import_utils26 = require("@noble/hashes/utils");
 var MockLedgerAdapter = class extends BaseWalletAdapter {
   chain;
   name = "mock-ledger";
@@ -12971,15 +14678,15 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils21.randomBytes)(20);
+    const bytes = (0, import_utils26.randomBytes)(20);
     bytes[0] = index;
-    return `0x${(0, import_utils21.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils21.randomBytes)(33);
+    const bytes = (0, import_utils26.randomBytes)(33);
     bytes[0] = 2;
     bytes[1] = index;
-    return `0x${(0, import_utils21.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -12988,7 +14695,7 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 11;
     }
     sig[64] = 27;
-    return `0x${(0, import_utils21.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils26.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -13177,15 +14884,15 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils21.randomBytes)(20);
+    const bytes = (0, import_utils26.randomBytes)(20);
     bytes[0] = index + 100;
-    return `0x${(0, import_utils21.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils21.randomBytes)(33);
+    const bytes = (0, import_utils26.randomBytes)(33);
     bytes[0] = 3;
     bytes[1] = index + 100;
-    return `0x${(0, import_utils21.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -13194,7 +14901,7 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 17;
     }
     sig[64] = 28;
-    return `0x${(0, import_utils21.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils26.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -13213,7 +14920,7 @@ var import_types54 = require("@sip-protocol/types");
 // src/proofs/browser.ts
 var import_noir_js = require("@noir-lang/noir_js");
 var import_bb = require("@aztec/bb.js");
-var import_secp256k17 = require("@noble/curves/secp256k1");
+var import_secp256k18 = require("@noble/curves/secp256k1");
 
 // src/proofs/circuits/funding_proof.json
 var funding_proof_default = { noir_version: "1.0.0-beta.15+83245db91dcf63420ef4bcbbd85b98f397fee663", hash: "3859649086066977477", abi: { parameters: [{ name: "minimum_required", type: { kind: "integer", sign: "unsigned", width: 64 }, visibility: "public" }, { name: "asset_id", type: { kind: "field" }, visibility: "public" }, { name: "balance", type: { kind: "integer", sign: "unsigned", width: 64 }, visibility: "private" }, { name: "blinding", type: { kind: "field" }, visibility: "private" }], return_type: { abi_type: { kind: "array", length: 32, type: { kind: "integer", sign: "unsigned", width: 8 } }, visibility: "public" }, error_types: { "2900908756532713827": { error_kind: "string", string: "Insufficient balance" }, "15764276373176857197": { error_kind: "string", string: "Stack too deep" }, "15835548349546956319": { error_kind: "string", string: "Field failed to decompose into specified 32 limbs" } } }, bytecode: "H4sIAAAAAAAA/8VdB7wVxfU+cwEFRRGsGJU1KkWl997hAQqKDRVFQFQUePSq8pAO0hS72MAIdkAUImKLXRA0EdAY8R9LooklamL3v+Ob5e7dN/v2fLM7u/P7TYY398w938w335mPp0kElbaKahw5ePioN3NED1Yo/Vm4vYIaZesUmMupuYq+n4PNm3PU2OjivmM/aHxXvY2ndX98xowBF9Rt+o+iKZtGL+v6wbfXfxmIjWgiFx0ryvvQId5a/76OV+MJXoR3GHKiU+AbKgYS2dp8yPcuVd8rjgcwnEBmhyrAvfoxRe21YjmJg3mjvotxafY2P/G11VgnGFQhBoCoQ6odHjswECvq8DFQkgdagcwOtK4a6wWD0AP1A4g60LrEP9B6fAy/HVplt1fxzTlqrNxhSvVdzatMrPflPhMa/3Toqz9PWX3b56+1Xtpx+DknDy3ufZ4/9sjpF/7w0PTGA09Yc8TXVV/e2bTj6w9M3flKtUP+NmPzC3W/v/4CfyynebGVeq++fNxrC5r1v/D8LW9/2PbumovnVBvU+rTaS8a8333ZUx/m/LHOijeePvnHc77/b8XibjuPfPGH78ae+chLna6s+NmQI4fMffXZ2v5YBEP97zZ1+mj+gX0PnrTnjHE/fHzr0RP6DW/+8X0lj1+yfHzj/2zd6o9tsHXejnMv3XzGxtnLGhxw2JzBZz74+P3PvfXdhXVevfqLdc8unemPjWr7qFFyVFuNddRYV431AlgjWg6IRb5XnOj+x0luP5lKRSoTVdAFGnwvM1bbnBhhDnGa2Lsn4VtT3+0N3N7Q7Y3c3tjtTdze1O3N3N7c7S3c3tLtrdze2u1t3N7W7e3c3t7tHdzekUpf585u7+L2rm7v5vbubu/h9p5uL3J7L7f3dnsft5/igfGeeAmmcmCugWauoWaukWausWauiWauqWaumWauuWauhWaupWaulWautWaujWaurWaunWauvWaug2auo2auk2aus2aui2auq2aum2auu2auh2aup2auSDPXSzPXWzPXRzN3iprzt2PV6BCrFYg+6mGsz4z94tdfRQN2LImG3FgXbyNe7HXycW7Miv3mt4e8CSd2T+mj35QR20UZhGbRsXstePPI2OK9xqNFVOzGvElpGRE72WdoWpUf29NvflqXG/tJgVFqU15sk0JT1bac2DoBA9aO+GatfWjsOcG7LjqExZaU0YXoGBJbUlZDopM+doNGb6KzNrabTpuiiy62n1bHoqsm9gm95kW3srF1Q+qD6F4m9s6wWiJ6BGMbhdYd0TMQuye8Romiwtgx5dQz0asg9tTyap/o7Y8dWm6dFH18sQ3Lr6niFOKbLmn2/L9r8TfU7J1C7Fq+w5/v1DgJ5WLklz0y+alAjr7M7/0yxh76EvZ7DLmHvoSRLL9f94uyOCRHtO26SYdYaQqw9lPjaaUf5W9sPzX652RQ0MGgf7UHbrLoR/wLchphh4eSIy9FP8Iu05dqjcPLkWjF6EPsc17hz3d6nIRyMVgxVpwO5OhP/IM33UN/givGiv6EkZxUxejDj71dN+kQK00B1jPUeGbpR/kbewaVrRgyKG7FAG6yOIP4F+RMMjs89J9/IJjOIv657P0P4PtlFeuv2UNULuSpPpv/vfmNAFjOUjnQvSO4kqzEvYl9f9f7850TJ6FcDFbi9ecAOQYQ/+BN9zCA4Eq8fgDFu3wcAcmLZFNA5xK2B6+hhQnh8Dzi7zXJF643P3adbtIhVpoCrOercWDpR/lKcD6VfeFkUNwXDqgQ4nzikzaQzA4PvUgIpgso3gsXtUaK5zzChX0hP0ceHIDrApXDNi6voRxeCMQOIrschhVZTnHmxl5EWEFLyg30IrbWl/jzDY6TUC4G3cCSwUCOIcQ/eNM9DCHYDSwZws+hxcURwkVkV2xDCROb11BMCIcXUzZuoBc/drFu0iFWmgKsw9R4SelH+UowjMq6ARkU1w0AFUIMIz5pl5DZ4aEXCcF0Kdl9SaR4LiZc2Jfxc+TBAbguVTls4/IayuFlQOxwssthWJGNWocU2cv535vo7waKiK11x5/vijgJ5WLQDThXADlGEP/gTfcwgmA34Izg59Di4ghBXiSbYhtJ6bgBhMNRlI0bKOLH1tJNOsRKU4C1WI2jSz/KV4JiKusGZFBcNwBUCFFMfNJGk9nhoRcJwTSG7L4kUjyjCBf2WH6OPDgA1xiVwzYur6EcjgVix5FdDsOKbNQ6pMiO539vom6gJ7G1vt2fb0KchHIx6Aa2TwByTCT+wZvuYSLBbmD7RH4OLS6OEORFsim2SZSOG0A4nEzZuIGe/Ng3dJMOsdIUYJ2ixqmlH+UrwRQq6wZkUFw3AFQIMYX4pE0ls8NDLxKCaRrZfUmkeCYTLuwr+Tny4ABc01QO27i8hnJ4JRB7FdnlMKzIRq1DiuzV/O9N1A30ILbWB/vzTY+TUC4G3cDg6UCOEuIfvOkeSgh2A4NL+Dm0uDhCkBfJpthmUDpuoASIvYaycQM9+LEX6SYdYqUpwDpTjbNKP8pXgplU1g3IoLhuAKgQYibxSZtFZoeHXiQE02yy+5JI8VxDuLDn8HPkwQG4ZqsctnF5DeVwDhA7l+xyGFZko9YhRXYe/3sTdQPdia31Xf588+MklItBN7BrPpBjAfEP3nQPCwh2A7sW8HNocXGEIC+STbEtpHTcAMLhtZSNG+jOj92pm3SIlaYA6yI1Li79KF8JFlFZNyCD4roBoEKIRcQnbTGZHR56kRBMS8juSyLFcy3hwl7Kz5EHB+BaonLYxuU1lMOlQOwyssthWJGNWocU2ev435uoG+hGbK338ue7Pk5CuRh0A72uB3IsJ/7Bm+5hOcFuoNdyfg4tLo4Q5EWyKbYbKB03gHB4I2XjBrrxY4t0kw6x0hRgvUmNN5d+lK8EN1FZNyCD4roBoEKIm4hP2s1kdnjoRUIw3UJ2XxIpnhsJF/at/Bx5cACuW1QO27i8hnJ4KxB7G9nlMKzIRq1Diuzt/O9N1A10JbbW1/rzrYiTUC4G3cDaFUCOO4h/8KZ7uINgN7D2Dn4OLS6OEORFsim2OykdN4BweBdl4wa68mMf1U06xEpTgPVuNd5T+lG+EtxNZd2ADIrrBoAKIe4mPmn3kNnhoRcJwbSS7L4kUjx3ES7sVWTXDaxUOWzj8hrK4Sog9l6yy2FYkY1ahxTZP/C/N1E30IXYWt/sz3dfnIRyMegGNt8H5FhN/IM33cNqgt3A5tX8HFpcHCHIi2RTbGsoHTeAcHg/ZeMGuvBjn9RNOsRKU4D1ATU+WPpRvhI8QGXdgAyK6waACiEeID5pD5LZ4aEXCcH0ENl9SaR47idc2A/zc+TBAbgeUjls4/IayuHDQOwjZJfDsCIbtQ4pso/yvzdRN9CZ2Frv48+3Nk5CuRh0A33WAjnWEf/gTfewjmA30GcdP4cWF0cI8iLZFNt6SscNIBw+Rtm4gc782N66SYdYaQqwblDj46Uf5SvBBirrBmRQXDcAVAixgfikPU5mh4deJATTE2T3JZHieYxwYW/k58iDA3A9oXLYxuU1lMONQOwmssthWJGNWocU2T/yvzdRN9CJ2Fov8ed7Mk5CuRh0AyVPAjk2E//gTfewmWA3ULKZn0OLiyMEeZFsiu0pSscNIBxuoWzcQCd+7HTdpEOsNAVYn1bjM6Uf5SvB01TWDciguG6gE/HdwNPEJ+0ZMjs89CIhmJ4luy+JFM8WwoX9HD9HHhyA61mVwzYur6EcPgfEPk92OQwrslHrkCL7J/73JuoGOhJb6wVu4IU4CeVi1A28AOR4kfgHb7qHFwl3Ay/yc2hxcYQgL5JNsb1E6bgBhMOXKRs30JEfm5gbeEWNr5Z+lK8Er1BZNyCD4roBoEKIV4hP2qtkdnjoRUIwvUZ2XxIpnpcJF/br/Bx5cACu11QO27i8hnL4OhC7lexyGFZko9YhRXYb/3sTdQMdiK31Nf58b8RJKBeDbmDNG0CO7cQ/eNM9bCfYDazZzs+hxcURgrxINsW2g9JxAwiHb1I2bqADP3a1btIhVpoCrG+p8c+lH+UrwVtU1g3IoLhuAKgQ4i3ik/ZnMjs89CIhmP5Cdl8SKZ43CRf22/wceXAArr+oHLZxeQ3l8G0gdifZ5TCsyEatQ4rsLv73JuoG2hNb66v8+XbHSSgXg25g1W4gxzvEP3jTPbxDsBtY9Q4/hxYXRwjyItkU27uUjhtAOPwrZeMG2vNjV+omHWKlKcD6nhr/VvpRvhK8R2XdgAyK6waACiHeIz5pfyOzw0MvEoLpfbL7kkjx/JVwYe8hu27gfZXDNi6voRzuAWI/ILschhXZqHVIkf0//vcm6gbaEVvru/35/h4noVwMuoHdfwdyfEj8gzfdw4cEu4HdH/JzaHFxhCAvkk2xfUTpuAGEw48pGzfQjh+7SzfpECtNAdZP1PiP0o/yleATKusGZFBcNwBUCPEJ8Un7B5kdHnqREEz/JLsviRTPx4QL+1N+jjw4ANc/VQ7buLyGcvgpEPsZ2eUwrMhGrdtD/D38i/+9ibqBtsTW+jZ/vn/HSSgXg25g27+BHJ8T/+BN9/A5wW5g2+f8HFpcHCHIi2RTbF9QOm4A4fBLysYNtOXHbtVNOsRKU4D1KzX+p/SjfCX4isq6ARkU1w0AFUJ8RXzS/kNmh4deJATT12T3JZHi+ZJwYX/Dz5EHB+D6WuWwjctrKIffALHfkl0Ow4ps1DqkyP6X/72JuoE2xNZ6TX++/8VJKBeDbqDm/4Ac3xH/4E338B3BbqDmd/wcWlwcIciLZFNs31M6bgDh8AfKxg204cceoZt0iJWmAOuPavyp9KN8JfiRyroBGRTXDQAVQvxIfNJ+IrPDQy8SgulnsvuSSPH8QLiwf+HnyIMDcP2sctjG5TWUw1+A2F/JLodhRTZqHVJkJSjm9ybqBloTW+ub/PmEiJFQLgbdwCbBPyCRE3bdgNyDzAG6gU05gGQdLo4QSNgVWwWAB/8PKCaEw4oApiTdQGt+7EbdpEOsNAVYKymQ+wRf/kqirBuQQXHdAFAhRCWAtH2E2eGhFwnBtC94udELI8VTUeDCrhyzcESFy31XTgGX11AOKwMcVrHMYViRjVqHFNn9MnIDrYit9Xn+fPubuoFWajHoBubtD5BcFbg8pnuoiruBeVUtuwEphP2EXbEdAIrNaygmhMMDM3IDrfixc3WTDrHSFGCtpkAeFHz5q2ncwEEJuAGgQohqAGkHCbPDQy8Sgqm65ZdEiudAgQu7RszCERUu910jBVxeQzmsAXB4sGUOw4ps1DqkyB6SkRtoSWytF/nzHWrqBlqqxaAbKDoUIPkw4OBN93AY7gaKDrPsBqQQDhF2xXY4KDavoZgQDo/IyA205Mf21E06xEpTgNX753VHBl/+mho3cGQCbgCoEKImQNqRwuzw0IuEYPqd5ZdEiucIgQv7qJiFIypc7vuoFHB5DeXwKIDDoy1zGFZko9YhRfaYjNxAC2JrfZk/Xy1TN9BCLQbdwLJaAMkOcPCme3BwN7DMsewGpBCOEXbFdiwoNq+hmBAOf5+RG2jBj12qm3SIlaYA63EK5PHBl/84jRs4PgE3AFQIcRxA2vHC7PDQi4RgOsHySyLF83uBC7t2zMIRFS73XTsFXF5DOawNcFjHModhRTZqHVJk62bkBpoTW+uj/fnqmbqB5mox6AZG1wNIPhE4eNM9nIi7gdEnWnYDUgh1hV2xnQSKzWsoJoTDkzNyA835scW6SYdYaQqw1lcgGwRf/voaN9AgATcAVAhRHyCtgTA7PPQiIZgaWn5JpHhOFriwG8UsHFHhct+NUsDlNZTDRgCHjS1zGFZko9YhRbZJRm6gGbG1vsWfr6mpG2imFoNuYEtTgORmwMGb7qEZ7ga2NLPsBqQQmgi7YmsOis1rKCaEwxYZuYFm/NindJMOsdIUYG2pQLYKvvwtNW6gVQJuAKgQoiVAWithdnjoRUIwtbb8kkjxtBC4sNvELBxR4XLfbVLA5TWUwzYAh20tcxhWZKPWIUW2XUZuoCmxte7487U3dQNN1WLQDTjtAZI7AAdvuocOuBtwOlh2A1II7YRdsXUExeY1FBPCYaeM3EBTfmwt3aRDrDQFWDsrkF2CL39njRvokoAbACqE6AyQ1kWYHR56kRBMXS2/JFI8nQQu7G4xC0dUuNx3txRweQ3lsBvAYXfLHIYV2ah1SJHtkZEbaEJsrVf15+tp6gaaqMWgG6jaEyC5CDh40z0U4W6gapFlNyCF0EPYFVsvUGxeQzEhHPbOyA004cfur5t0iJWmAKv3/yt+SvDl76NxA6ck4AaACiH6AKSdIswOD71ICKZTLb8kUjy9BS7svjELR1S43HffFHB5DeWwL8BhP8schhXZqHVIkT0tIzfQmNhaH+XPd7qpG2isFoNuYNTpAMn9gYM33UN/3A2M6m/ZDUghnCbsiu0MUGxeQzEhHJ6ZkRtozI8dqZt0iJWmAOtZCuTZwZf/LI0bODsBNwBUCHEWQNrZwuzw0IuEYDrH8ksixXOmwIU9IGbhiAqX+x6QAi6voRwOADg81zKHYUU2ah1SZM/LyA00IrbWq/vznW/qBhqpxaAbqH4+QPJA4OBN9zAQdwPVB1p2A1II5wm7YrsAFJvXUEwIhxdm5AYa8WMP0k06xEpTgHWQAnlR8OUfpHEDFyXgBoAKIQYBpF0kzA4PvUgIpsGWXxIpngsFLuwhMQtHVLjc95AUcHkN5XAIwOFQyxyGFdmodUiRvTgjN9CQH1uQb5ipG2ioFqPrLgEO0xTXJb4dOsRvqIjkhb1Y2BXFpaAovIZiQni5LKZQOXu+zIDDJAXVgMwENdxUUA3UYnTd5ZYFJXFdnpCgosIl8ZcLswvj8HIkeknqAxj9+a4wvST11WJU3VcAih1h+ULJPYwwIHmEiHf5OJdohMDtwaXAeY2MuYeo8PoqB2HrChp6t0YC+x8V8+WIWhP2IketQ17kYsscyjMqNngIEB5kEZRnVEH3RWBeQWb3jLA8DnuyTBPkr7feGvnfrR3j9rFuH+f28W6f4PaJbp/k9slun+L2qW6f5vYr3X6V2692+3S3l7h9htuvcftMt89y+2y3z3H7XLfL/5XP+W5f4PaFbr/W7YvcvtjtSwQV/n1fgqkcmBujmRurmRunmRuvmZugmZuomZukmZusmZuimZuqmZummbtSM3eVZu5qzdx0zVyJZm6GZu4azdxMzdwszdxszdwczdxczdw8zdx8zdwCzdxCzdy1mrlFmrnFmrklouzvlo5Vo0OsViD6qGIj7zYnVv4eagw7lsRYbqyLdxwv9joXrxjPiv1G7k1M4MTu+e0cxERGbJfSMxOTomOXqvMVkyNjiz0uxJSo2I17eRNTI2In5zkW08qP7em7D+LKcmM/8d8dcVV5sU0K7pm4upzYOoV3UkwPjx0YuL+iJDT2nOBdFzPCYkvK6EJcExJbUlZDYqY+doNGb2KWNrabTptiti62n1bHYo4m9gm95sXcsrF1Q+qDmFcm9s6wWiLmB2MbhdYdsSAQuye8RomFhbFjyqln4tqC2FPLq31ikT92aLl1Uiz2xTYsv6aKJYJvupL8G+8Sfi3f4c+3VMRIKBeD/9Rxx1L+AYllzE2Z/o1X7kHmEOAeloEky+9P4p+OAZdru27SIVaaAqzXKZDXCyp0K9epg/PPXS/i/9Mx4CaL64ALcj14eCg58lJcB14mieu6jCrGYv45r/DnW25aMWTC5XjFWLEcqBg3WK4Ycg834BVjxQ0ZVYzF/Ly36yYdYqUpwHqjAnlTsDrcqKkYNyVQMYCbLG4ELshNhoeH/qIOwXQzIIa9/wFgWaYuOPqLOuSpvgUQg24PUeHyjG4xqMQIriQr8SL+/V3vz3eraSWWCW/FK/H6W4HLd5vlSiz3cBteidffFvPycQR0i2UB3Q7uwWtoYUI4XAHcjSRfuEX8vOt0kw6x0hRgvUOBvDP4mt2heeHuTOCFAyqEuAMg7U7Dw0MvEoLprpgvXNQaKZ4VBq/D3TELR1S43PfdKeDyGsrh3QCH91jmMKzIcoozN3YlWNCScgPX8rW+xJ9vlakbkAlX4W5gySrggO4FDt50D/fibmDJvZbdgBTCSmFXbH8AxeY1FBPC4X0ZuYFr+XkX6yYdYqUpwLpagVwTfPlXa9zAmgTcAFAhxGqAtDWGh4deJATT/ZZfEime+wQu7AdiFo6ocLnvB1LA5TWUwwcADh+0zGFYkY1ahxTZh4BzTdINLORr3fHne9jUDciED+NuwHkYIPkR4OBN9/AI7gacR2KKmiOEh4RdsT0Kis1rKCaEw7UZuYGF/LyJ/e/OrVMg1wdf/nUaN7A+ATcAVAixDiBtveHhoRcJwfSY5ZdEimetwIW9IWbhiAqX+96QAi6voRxuADh83DKHYUU2ah1SZJ/IyA0s4Gt9uz/fRlM3IBNuxN3A9o0AyZuAgzfdwybcDWzfFFPUHCE8IeyK7Y+g2LyGYkI4fDIjN7CAn/cN3aRDrDQFWDcrkE8FX/7NGjfwVAJuAKgQYjNA2lOGh4deJATTFssviRTPkwIX9tMxC0dUuNz30yng8hrK4dMAh89Y5jCsyEatQ4rssxm5gfl8rQ/253vO1A3IhM/hbmDwcwDJzwMHb7qH53E3MPj5mKLmCOFZYVdsfwLF5jUUE8LhCxm5gfn8vBfpJh1ipSnA+qIC+VLw5X9R4wZeSsANABVCvAiQ9pLh4aEXCcH0suWXRIrnBYEL+5WYhSMqXO77lRRweQ3l8BWAw1ctcxhWZKPWIUX2tYzcwDy+1nf5871u6gZkwtdxN7DrdYDkrcDBm+5hK+4Gdm2NKWqOEF4TdsW2DRSb11BMCIdvZOQG5vHz7tRNOsRKU4DV+w3djuDLv13jBnYk4AaACiG2A6TtMDw89CIhmN60/JJI8bwhcGG/FbNwRIXLfb+VAi6voRy+BXD4Z8schhXZqHVIkf1LRm5gLl/rvfz53jZ1AzLh27gb6PU2QPJO4OBN97ATdwO9dsYUNUcIfxF2xbYLFJvXUEwIh7szcgNz+XmLdJMOsdIUYH1HgXw3+PK/o3ED7ybgBoAKId4BSHvX8PDQi4Rg+qvll0SKZ7fAhf1ezMIRFS73/V4KuLyGcvgewOHfLHMYVmSj1iFF9v2M3MAcvtbX+vPtMXUDMuEe3A2s3QOQ/AFw8KZ7+AB3A2s/iClqjhDeF3bF9n+g2LyGYkI4/HtGbmAOP++jukmHWGkKsH6oQH4UfPk/1LiBjxJwA0CFEB8CpH1keHjoRUIwfWz5JZHi+bvAhf1JzMIRFS73/UkKuLyGcvgJwOE/LHMYVmSj1iFF9p8ZuYHZfK1v9uf71NQNyISf4m5g86cAyZ8BB2+6h89wN7D5s5ii5gjhn8Ku2P4Fis1rKCaEw39n5AZm8/M+qZt0iJWmAOvnCuQXwZf/c40b+CIBNwBUCPE5QNoXhoeHXiQE05eWXxIpnn8LXNhfxSwcUeFy31+lgMtrKIdfARz+xzKHYUU2ah1SZL/OyA3M4mu9jz/fN6ZuQCb8BncDfb4BSP4WOHjTPXyLu4E+38YUNUcIXwu7YvsvKDavoZgQDv+XkRuYxc/bWzfpECtNAdbvFMjvgy//dxo38H0CbgCoEOI7gLTvDQ8PvUgIph8svyRSPP8TuLB/jFk4osLlvn9MAZfXUA5/BDj8yTKHYUU2ah1SZH/OyA3M5Gu9xJ/vF1M3IBP+gruBkl8Akn8FDt50D7/ibqDk15ii5gjhZ2FXbPLLHYLgk1oGYUI4FACmJN3ATD6f03WTDrHSFGDNqR8q5Kjw5ZcfBN2ADIrrBoAKIXI5PmkVcmaHh14kBFNF8HKjF0aCFzlc2JX4uFSiwu+PCpf7rpQCLq+hHFYCONzHModhRTZqHVJk9wXONUk3cI2hG6ici5FQLkbdQGWA5CrA5THdQxVQPHIPVWKKmiOEfXN2xbZfSm4A4XD/jNyAXzwRLTE3UFX9cEDQDVTVuIEDEnADQIUQVQHSDkjJDSCYDrT8kkjx7G/w6laz7AbkvqulgMtrKIfVAA4PssxhWJGNWocU2eoZuYEZfK2v8eerYeoGZMIauBtYUwMg+WDLbkDu4WDcDaw52LIbkEKonrMrtkNScgMIh4dm5Ab84oloq3WTDrHSFGA9TP1weNANHKZxA4cn4AaACiEOA0g7PGd2eOhFQjAdYfklkeI51ODVrWnZDch910wBl9dQDmsCHB5pmcOwIhu1Dimyv8vIDZTwtb7Kn+8oUzcgEx6Fu4FVRwEkH23ZDcg9HI27gVVHW3YDUgi/y9kV2zEpuQGEw1oZuQG/eCLaSt2kQ6w0BVgd9cOxQTfgaNzAsQm4AaBCCAcg7dic2eGhFwnB9HvLL4kUTy2DV/c4y25A7vu4FHB5DeXwOIDD4y1zGFZko9YhRfaEjNzAdL7Wd/vz1TZ1AzJhbdwN7K4NkFzHshuQe6iDu4HddSy7ASmEE3J2xVY3JTeAcFgvIzfgF09E26WbdIiVpgDrieqHk4Ju4ESNGzgpATcAVAhxIkDaSTmzw0MvEoLpZMsviRRPPYNXt75lNyD3XT8FXF5DOawPcNjAModhRTZqHVJkG2bkBq7ma32bP18jUzcgEzbC3cC2RgDJjS27AbmHxrgb2NbYshuQQmiYsyu2Jim5AYTDphm5Ab94ItpW3aRDrDQFWJupH5oH3UAzjRtonoAbACqEaAaQ1jxndnjoRUIwtbD8kkjxNDV4dVtadgNy3y1TwOU1lMOWAIetLHMYVmSj1iFFtnVGbuAqvtZr+vO1MXUDMmEb3A3UbAOQ3NayG5B7aIu7gZptLbsBKYTWObtia5eSG0A4bJ+RG/CLJ6IdoZt0iJWmAGsH9UPHoBvooHEDHRNwA0CFEB0A0jrmzA4PvUgIpk6WXxIpnvYGr25ny25A7rtzCri8hnLYGeCwi2UOw4ps1DqkyHbNyA1cydf6Jn++bqZuQCbshruBTd0AkrtbdgNyD91xN7Cpu2U3IIXQNWdXbD1ScgMIhz0zcgN+8US0jbpJh1hpCrAWqR96Bd1AkcYN9ErADQAVQhQBpPXKmR0eepEQTL0tvyRSPD0NXt0+lt2A3HefFHB5DeWwD8DhKZY5DCuyUeuQIntqRm5gGl/r8/z5+pq6AZmwL+4G5vUFSO5n2Q3IPfTD3cC8fpbdgBTCqTm7YjstJTeAcHh6Rm7AL56INlc36RArTQHW/uqHM4JuoL/GDZyRgBsAKoToD5B2Rs7s8NCLhGA60/JLIsVzusGre5ZlNyD3fVYKuLyGcngWwOHZljkMK7JR65Aie05GbmAqX+tF/nwDTN2ATDgAdwNFAwCSz7XsBuQezsXdQNG5lt2AFMI5ObtiOy8lN4BweH5GbsAvnojWUzfpECtNAdaB6ocLgm5goMYNXJCAGwAqhBgIkHZBzuzw0IuEYLrQ8ksixXO+was7yLIbkPselAIur6EcDgI4vMgyh2FFNmodUmQHZ+QGpvC1vsyfb4ipG5AJh+BuYNkQgOShlt2A3MNQ3A0sG2rZDUghDM7ZFdvFKbkBhMNhGbkBv3gi2lLdpEOsNAVYL1E/XBp0A5do3MClCbgBoEKISwDSLs2ZHR56kRBMl1l+SaR4hhm8usMtuwG57+Ep4PIayuFwgMPLLXMYVmSj1iFF9oqM3MBkvtZH+/ONMHUDMuEI3A2MHgGQPNKyG5B7GIm7gdEjLbsBKYQrcnbFNiolN4BwWJyRG/CLJ6IV6yYdYqUpwDpa/TAm6AZGa9zAmATcAFAhxGiAtDE5s8NDLxKCaazll0SKp9jg1R1n2Q3IfY9LAZfXUA7HARyOt8xhWJGNWocU2QkZuYFJfK1v8eebaOoGZMKJuBvYMhEgeZJlNyD3MAl3A1smWXYDUggTcnbFNjklN4BwOCUjN+AXT0R7SjfpECtNAdap6odpQTcwVeMGpiXgBoAKIaYCpE3LmR0eepEQTFdafkmkeKYYvLpXWXYDct9XpYDLayiHVwEcXm2Zw7AiG7UOKbLTM3IDE/lad/z5SkzdgExYgrsBpwQgeYZlNyD3MAN3A84My25ACmF6zq7YrknJDSAczszIDfjFE9Fq6SYdYqUpwDpL/TA76AZmadzA7ATcAFAhxCyAtNk5s8NDLxKCaY7ll0SKZ6bBqzvXshuQ+56bAi6voRzOBTicZ5nDsCIbtQ4psvMzcgMT+Fqv6s+3wNQNyIQLcDdQdQFA8kLLbkDuYSHuBqoutOwGpBDm5+yK7dqU3ADC4aKM3IBfPBFtf92kQ6w0BVgXqx+WBN3AYo0bWJKAGwAqhFgMkLYkZ3Z46EVCMC21/JJI8SwyeHWXWXYDct/LUsDlNZTDZQCH11nmMKzIRq1Diuz1GbmB8Xytj/LnW27qBmTC5bgbGLUcIPkGy25A7uEG3A2MusGyG5BCuD5nV2w3puQGEA5vysgN+MUT0UbqJh1ipSnAerP64ZagG7hZ4wZuScANABVC3AyQdkvO7PDQi4RgutXySyLFc5PBq3ubZTcg931bCri8hnJ4G8Dh7ZY5DCuyUeuQIrsiIzcwjq/16v58d5i6AZnwDtwNVL8DIPlOy25A7uFO3A1Uv9OyG5BCWJGzK7a7UnIDCId3Z+QG/OKJaAfpJh1ipSnAeo/6YWXQDdyjcQMrE3ADQIUQ9wCkrcyZHR56kRBMqyy/JFI8dxu8uvdadgNy3/emgMtrKIf3Ahz+wTKHYUU2ah1SZO/LyA2M5Re0gnyrTd2ATLg6h69bY/mFl7jW+MquQ/yGikhe2PtydkVxf0qvNsLLAzGFytnzAwYcJimoMYaCetBUUDLhgwaCesiyoCSuhxISVFS4JP6hnNmFcXg5Er0kowUfoz/fw6aXRCZ82KDiPAwo9hHLF0ru4REDkh+x/HcweYkeMbAH9wPn9ahlOyjP9lFDsXoNvVuPAvtfa9nihb3IUeuQF3mdZQ7lGa0zeAgQHuR3V3J7Jx/GU9TYR4291dhLjUVq7KnGHmrsrsZuauyqxi5q7KzGTmrsqMYOamyvxnZqbKvGNmpsrcZWamypxhZqbK7GZmpsqsYmamysxkZqbKjGBmqsr8YlonRcrMZFarxWjQvVuECN89U4T41z1ThHjbPVOEuNM9V4jRpnqLFEjdPVeLUar1LjlWqcpsapapyixslqnKTGiWqcoMbxahynxrFqHKNGWTPWu3fnMbdvcPvjbn/C7Rvdvsntf3T7k27f7Pan3L7F7U+7/Rm3P+v259z+vNv/5PYX3P6i219y+8tuf8Xtr7r9Nbe/7vatbt/m9jfcvt3tO9z+Zo4KGqrdisS/9+sT+mtvFKZKAKbHUsK0D4BpQ0qY9gUwPZ4SpsoApidSwlQFwLQxJUz7AZg2pYRpfwDTH1PCVBXA9GRKmA4AMG1OCdOBAKanUsJUDcC0JSVMBwGYnk4JU3UA0zMpYaoBYHo2JUwHA5ieSwnTIQCm51PCdCiA6U8pYToMwPRCSpgOBzC9mBKmIwBML6WEqSaA6eWUMB0JYHolJUy/AzC9mhKmowBMr6WE6WgA0+spYToGwLQ1JUy1AEzbUsLkAJjeSAnTsQCm7Slh+j2AaUdKmI4DML0JYMr5xgpU+O8YCV9O+bsm+bsd+bsU+bsL+bsC+Xdz+Xdh+XdP+Xc9+Xcr+XcZ+XcH6dWlN5ZeVHo/6bWkt5FeQr7d8q2Ub5N8C2TtlbVO1hapZU878m5ILo6j/L8CRAqHbEN3f/3f42t2qev7iE5WY619ur/d/6Tn3/V/9i+h/6yiGg9U48XDhhaPHF08btigy4aPGn+Mmq3sOynvdCoQ9tsVbx2+vqRn8F+KAvP/tl6uiYPfW2Ow/rebI1s33/ogFtmqqp+Fb623Rt68A31/ruZbI1t33/eJwGc9NHlj7qm7t76i2fpcDSqb3/suqSy5R+//1baCJtZ/lyr5YnTnSpo5ofme4Nn4eXDUeHBj2lnr/eZTTjqsRXG/ibPeP/Ohqw9ZWe+Takd8PqHdxO//WhzcS64c7FXLwVBVsx//+XiaMDv/yT29nB6uSlT2vPzfXzEQf7Qaq/jy+3E6VH5754Vv336sd5OR1QPrZfP2LPd5pPrzxcPHDhs6fvjEYYPcwjTs0mFjB42ZUDx++LBR472TqOxb5X0jciO99fubrd+rcn/bz/fn4H/h1NtlRc06EfJzLjCWFxuc989V1XzmfWcNNfrx7hf4LM/G+OJBYwdfPHyyx6N3ipV8GZFT9NbvY7Z+71uzr9n6CjoW9/X92duXX88U+LOX08NSxQzLfkKTv0LgO4MY/DG6m5UL/FwxMF+BEau7Wd5n1TT4guuqaLD65zwOdLc0eO7++6b7rn0DGIL3Iy5HNTQ5PWzevwntr10Th40dXyWQ+1Cz3Hvv+iFm67UV61Dfn73vDfo/AnJ4zf/OBFuwElYI5A36RyC/CMOhu8Mel4f45rzz+H++87/IGRgCAA==", debug_symbols: "pdrNbhNZEEDhd/E6i66fW1U3rzIaoQAGRYoCCgnSCPHu0x3XMcnCVnA26WLAZ64r/uIO4dfu8/7j09cPt/dfvv3YXf/za/fx4fbu7vbrh7tvn24eb7/dr//1127ZPkjsrvVqJ3m41O7a1svcXfvVTtc/4b9/X+142IfHh/1+e9SLzlr/fvOwv3/cXd8/3d1d7X7e3D09/6Ef32/un6+PNw/r7y5Xu/395/W6Br/c3u236ffVn0cvpx9ai/aDS+P4cMlXj5fTjw/3fnwMu+TxJTy+6qLH8+RzOfn/P/P8RdQ6IDL+LHC8eYOiWRR0+iUFk6RgI08V8nRBtTiD2svP43xVqDOFUj6RWkNOFebpgq/764LLqEsKauzBNcdlBXlv4fh6OFc4t8m5TDY514f9fcFk4UVtInZRweVYmPnOgi7LqcK5V/VQCjIiTr2q5cwhpJKXlNQ8CUPOfD6HHr9ADJ0vZNSrhJ55IpHK18hIr1OJs6cI5ZU9wsa7E26XJY5fqUbMyxIj+TKxjpc9kVqOiVpOfkbOvi7m5JOqi5z8oq35/tdFvft1cfYUb3tdvDlx+nVxPvGm18XZxNteF2cT739d6PoFg9eFvrgd+IsvOarjTyJPJizOvZ3H8Quf5es343/XX918un14fbuoa/9qZ88f/fnjeP643kDK+irNLXS1q8Ov5uFXst5BynoKke15r1ftq/XV+zr6Gn3NvlZf5+G63ZE+X7un3dPuafe0e9o97Z52T7tn3bPuWfese9Y96551z7pn3bPuefe8e9497553z7feuh+PvmZft976AvN5uI6lr9JX7asd/vzwvnZvRP9+9rV7o3vRvehedC+6F92L7kWfL/p80b3oXnYvu5fdS+ur93X0tc+X3cvq6zxca+mr9LV71b3qXnWvulf9fKvPV32+2eeb3Zva136+s5/v7Oc7uze7N7s3u7fe8zAIgzIYgzN0VZZgSIZi6GcuQlkoC2WhLJRlMARDMhQDZV0YhEEZjIGyUlbKSlkpK9swzmyc2TizUTZnYBvGNoxtGGWj7JSdslN2tuGc2Tmzc2Y8ibNnZxuDbQy2ASoZlAflQRlYgiyBlmBLwCVBOdgzvgRggjAJykEZZIIygZngTIAmSBOoSVJO9ow2gZvgTYpyUYacYE5AJ6gT2AnuBHhSlCd7xp6AT9Ank/KkDEBBoEBQMKgYVAwqBnXpsi7OMBiCIRmKR1HGoGJQMagYVAwqBhWDKpSlGHobikHFoCplpYxBxaBiUDGoGFQMKgbVKJsysA0MKgbVKBtlDCoGFYOKQcWgYlAxqLyjKW9pikHFoGJQeVtT3tcUg4pBxaBiUDGoGFQM6qAc7BmDikHFoAbloIxBxaBiUDGoGFQMKgY1KSd7xqBiUDGoSTkpY1AxqBhUDCoGFYOKQS3KxZ4xqBhUDOqkPCljUDGoGFQMKgYVg4ZBW7psizIYgzMMhuBRyVAMlDFoGDQMGgYNgyaUJRiSoRh6G6aUlTIGDYOGQcOgYdAwaBg0pWwLA9vAoGHQjLJRxqBh0DBoGDQMGgYNg+aUnT1j0DBoGDRuLI07S8OgYdAwaBg0DBoGDYM2KA/2jEHDoGHQuM20oIxBw6Bh0DBoGDQMGgYtKSd7xqBh0DBo3HRaUsagYdAwaBg0DBoGDYNWlIs9Y9AwaBg0bkFtUsagYdAwaBg0DBoGDYM2u+zLwiAMymAMXfZlMARDMvBNBwYdg45Bx6ALZXEGvpfBoGPQuRd1oYxBx6Bj0DHoGHQMOgZdKWsxsA0MOgade1E3yhh0DDoGHYOOQcegY9CdsrNnDDoG/fidHfeifvzejvdB533QMejci/qgzHd4jkHHoGPQeR/0Z4OxDVt5bt9XLgzCoAzG4AyDIRiSoRgoJ+WknJSTclJOykk5KSflpFyUi3JRLspFuSgX5aJclIvypDwpT8qbwe2v430zeBgGQ2x/rbwNyVAM8zCMzeBhkMOjxmbwMBiD82cGQzAkQzFQFspCWSgLZXGGwUBZKAtloayUN4OHQRmMgTMr5c3gYUiGYpg9GGWjbJSNslE2tmGc2TizcWajvBk8DGzD2YazDafslJ2yU3bKzjYGZx6ceXDmQXmw58E2BtsYbGNQHpSDclAOysE2gjMHZw7OHJSDPQfbSLaRbCMpJ+WknJSTcrKN5MzJmYszF+Viz8U2im0U2yjKRbkoF+VJebKNyZknZ56cGYNjsufJNibbmL2NwGAswqAMxuAMgyEYkqEYKMvCIAzKYAyUhTIGA4OBwcBgYDAwGBgMpazOMBiCIRkoK2UMBgYDg4HBwGBgMDAYRtmKgW1gMDAYTtkpYzAwGBgMDAYGA4OBwRiUB3vGYGAwMBiD8qCMwcBgYDAwGBgMDAYGIygHe8ZgYDAwGEk5KWMwMBgYDAwGBgODgcFIysWeMRgYDAxGUS7KGAwMBgYDg4HBwGBgMHgfDN4HA4OBwcBg8D4YvA8mBhODicHEYGIwMZgYzKXLuRRDbyMxmBhMoSyUMZgYTAwmBhODicHEYCplVQZjcIbBQFkpYzAxmBhMDCYGE4OJwTTKFgxsA4OJwXTKThmDicHEYGIwMZgYTAymUx7sGYOJwcRgDsqDMgYTg4nBxGBiMDGYGMygHOwZg4nBxGAG5aCMwcRgYjAxmBhMDCYGMykne8ZgYjAxmEW5KGMwMZgYTAwmBhODicGclCd7xmBiMDGY3Ism96KJwcRgYbAwWBgsDBYGa+lyLcGQDMXQ2yjuRUsoY7AwWBgsDBYGC4OFwRLKujAIgzIYA2WljMHCYGGwMFgYLAwWBssomzOwDQwWBot70TLKGCwMFgYLg4XBwmBhsJyys2cMFgYLg8W9aA3KGCwMFgYLg4XBwmBhsIJysGcMFgYLg8W9aAVlDBYGC4OFwcJgYbAwWEk52TMGC4OFweJetIoyBguDhcHCYGGwMFgYrKI82TMGC4OFweJetDBYvA8W74OFweJedC4LgzD0mScGJwYn74Pz2aBvw1be/gnRz5uH25uPd/sf60/et5/NP91/4gfx6y8f//vO7/AvO78/fPu0//z0sN9+aP/in3euH/9Z/45A57+/tx/s/w8=", file_map: { "17": { source: `use crate::field::field_less_than;
@@ -14226,7 +15933,7 @@ var BrowserNoirProvider = class _BrowserNoirProvider {
    * Derive secp256k1 public key coordinates from a private key
    */
   static derivePublicKey(privateKey) {
-    const uncompressedPubKey = import_secp256k17.secp256k1.getPublicKey(privateKey, false);
+    const uncompressedPubKey = import_secp256k18.secp256k1.getPublicKey(privateKey, false);
     const x = Array.from(uncompressedPubKey.slice(1, 33));
     const y = Array.from(uncompressedPubKey.slice(33, 65));
     return { x, y };
@@ -14732,14 +16439,14 @@ var BrowserNoirProvider = class _BrowserNoirProvider {
   }
   async computeCommitmentHash(balance, blindingFactor, assetId) {
     const blindingField = this.bytesToField(blindingFactor);
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const preimage = new Uint8Array([
       ...this.bigintToBytes(balance, 8),
       ...blindingFactor.slice(0, 32),
       ...hexToBytes9(this.assetIdToField(assetId))
     ]);
-    const hash2 = sha25615(preimage);
+    const hash2 = sha25620(preimage);
     const commitmentHash = nobleToHex(hash2);
     return { commitmentHash, blindingField };
   }
@@ -14785,46 +16492,46 @@ var BrowserNoirProvider = class _BrowserNoirProvider {
     return bytes;
   }
   async computeSenderCommitment(senderAddressField, senderBlindingField) {
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const addressBytes = hexToBytes9(senderAddressField);
     const blindingBytes = hexToBytes9(senderBlindingField.padStart(64, "0"));
     const preimage = new Uint8Array([...addressBytes, ...blindingBytes]);
-    const hash2 = sha25615(preimage);
+    const hash2 = sha25620(preimage);
     const commitmentX = nobleToHex(hash2.slice(0, 16)).padStart(64, "0");
     const commitmentY = nobleToHex(hash2.slice(16, 32)).padStart(64, "0");
     return { commitmentX, commitmentY };
   }
   async computeNullifier(senderSecretField, intentHashField, nonceField) {
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const secretBytes = hexToBytes9(senderSecretField.padStart(64, "0"));
     const intentBytes = hexToBytes9(intentHashField);
     const nonceBytes = hexToBytes9(nonceField.padStart(64, "0"));
     const preimage = new Uint8Array([...secretBytes, ...intentBytes, ...nonceBytes]);
-    const hash2 = sha25615(preimage);
+    const hash2 = sha25620(preimage);
     return nobleToHex(hash2);
   }
   async computeOutputCommitment(outputAmount, outputBlinding) {
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const amountBytes = this.bigintToBytes(outputAmount, 8);
     const blindingBytes = outputBlinding.slice(0, 32);
     const preimage = new Uint8Array([...amountBytes, ...blindingBytes]);
-    const hash2 = sha25615(preimage);
+    const hash2 = sha25620(preimage);
     const commitmentX = nobleToHex(hash2.slice(0, 16)).padStart(64, "0");
     const commitmentY = nobleToHex(hash2.slice(16, 32)).padStart(64, "0");
     return { commitmentX, commitmentY };
   }
   async computeSolverId(solverSecretField) {
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const { bytesToHex: nobleToHex } = await import("@noble/hashes/utils");
     const secretBytes = hexToBytes9(solverSecretField.padStart(64, "0"));
-    const hash2 = sha25615(secretBytes);
+    const hash2 = sha25620(secretBytes);
     return nobleToHex(hash2);
   }
   async computeOracleMessageHash(recipient, amount, txHash, blockNumber) {
-    const { sha256: sha25615 } = await import("@noble/hashes/sha256");
+    const { sha256: sha25620 } = await import("@noble/hashes/sha256");
     const recipientBytes = hexToBytes9(this.hexToField(recipient));
     const amountBytes = this.bigintToBytes(amount, 8);
     const txHashBytes = hexToBytes9(this.hexToField(txHash));
@@ -14835,11 +16542,11 @@ var BrowserNoirProvider = class _BrowserNoirProvider {
       ...txHashBytes,
       ...blockBytes
     ]);
-    const hash2 = sha25615(preimage);
+    const hash2 = sha25620(preimage);
     return Array.from(hash2);
   }
   getPublicKeyCoordinates(privateKey) {
-    const uncompressedPubKey = import_secp256k17.secp256k1.getPublicKey(privateKey, false);
+    const uncompressedPubKey = import_secp256k18.secp256k1.getPublicKey(privateKey, false);
     const x = Array.from(uncompressedPubKey.slice(1, 33));
     const y = Array.from(uncompressedPubKey.slice(33, 65));
     return { x, y };
@@ -15393,11 +17100,15 @@ var ProofWorker = class _ProofWorker {
 0 && (module.exports = {
   ATTESTATION_VERSION,
   AptosStealthService,
+  AuditorKeyDerivation,
+  AuditorType,
   BaseWalletAdapter,
   BrowserNoirProvider,
   CHAIN_NUMERIC_IDS,
   COSMOS_CHAIN_PREFIXES,
   ComplianceManager,
+  ComplianceReporter,
+  ConditionalDisclosure,
   CosmosStealthService,
   CryptoError,
   DEFAULT_THRESHOLD,
@@ -15450,6 +17161,7 @@ var ProofWorker = class _ProofWorker {
   SmartRouter,
   SolanaWalletAdapter,
   SwapStatus,
+  ThresholdViewingKey,
   Treasury,
   TrezorWalletAdapter,
   ValidationError,
@@ -15538,6 +17250,7 @@ var ProofWorker = class _ProofWorker {
   generateEd25519StealthAddress,
   generateEd25519StealthMetaAddress,
   generateIntentId,
+  generatePdfReport,
   generateRandomBytes,
   generateStealthAddress,
   generateStealthMetaAddress,