@sip-protocol/sdk 0.6.0 → 0.6.2

package/dist/index.js

@@ -3231,6 +3231,8 @@ __export(index_exports, {
   PaymentBuilder: () => PaymentBuilder,
   PaymentStatus: () => import_types56.PaymentStatus,
   PrivacyLevel: () => import_types55.PrivacyLevel,
+  PrivateNFT: () => PrivateNFT,
+  PrivateVoting: () => PrivateVoting,
   ProofError: () => ProofError,
   ProofGenerationError: () => ProofGenerationError,
   ProofNotImplementedError: () => ProofNotImplementedError,
@@ -3242,10 +3244,12 @@ __export(index_exports, {
   STABLECOIN_ADDRESSES: () => STABLECOIN_ADDRESSES,
   STABLECOIN_DECIMALS: () => STABLECOIN_DECIMALS,
   STABLECOIN_INFO: () => STABLECOIN_INFO,
+  SealedBidAuction: () => SealedBidAuction,
   SettlementRegistry: () => SettlementRegistry,
   SettlementRegistryError: () => SettlementRegistryError,
   SmartRouter: () => SmartRouter,
   SolanaWalletAdapter: () => SolanaWalletAdapter,
+  SuiStealthService: () => SuiStealthService,
   SwapStatus: () => SwapStatus,
   ThresholdViewingKey: () => ThresholdViewingKey,
   Treasury: () => Treasury,
@@ -3270,6 +3274,7 @@ __export(index_exports, {
   checkAptosStealthAddress: () => checkAptosStealthAddress,
   checkEd25519StealthAddress: () => checkEd25519StealthAddress,
   checkStealthAddress: () => checkStealthAddress,
+  checkSuiStealthAddress: () => checkSuiStealthAddress,
   commit: () => commit,
   commitZero: () => commitZero,
   computeAttestationHash: () => computeAttestationHash,
@@ -3289,8 +3294,11 @@ __export(index_exports, {
   createNEARIntentsAdapter: () => createNEARIntentsAdapter,
   createNEARIntentsBackend: () => createNEARIntentsBackend,
   createOracleRegistry: () => createOracleRegistry,
+  createPrivateOwnership: () => createPrivateOwnership,
+  createPrivateVoting: () => createPrivateVoting,
   createProductionSIP: () => createProductionSIP,
   createSIP: () => createSIP,
+  createSealedBidAuction: () => createSealedBidAuction,
   createShieldedIntent: () => createShieldedIntent,
   createShieldedPayment: () => createShieldedPayment,
   createSmartRouter: () => createSmartRouter,
@@ -3310,6 +3318,7 @@ __export(index_exports, {
   deriveEd25519StealthPrivateKey: () => deriveEd25519StealthPrivateKey,
   deriveOracleId: () => deriveOracleId,
   deriveStealthPrivateKey: () => deriveStealthPrivateKey,
+  deriveSuiStealthPrivateKey: () => deriveSuiStealthPrivateKey,
   deriveViewingKey: () => deriveViewingKey,
   deserializeAttestationMessage: () => deserializeAttestationMessage,
   deserializeIntent: () => deserializeIntent,
@@ -3319,6 +3328,7 @@ __export(index_exports, {
   ed25519PublicKeyToAptosAddress: () => ed25519PublicKeyToAptosAddress,
   ed25519PublicKeyToNearAddress: () => ed25519PublicKeyToNearAddress,
   ed25519PublicKeyToSolanaAddress: () => ed25519PublicKeyToSolanaAddress,
+  ed25519PublicKeyToSuiAddress: () => ed25519PublicKeyToSuiAddress,
   encodeStealthMetaAddress: () => encodeStealthMetaAddress,
   encryptForViewing: () => encryptForViewing,
   featureNotSupportedError: () => featureNotSupportedError,
@@ -3336,6 +3346,7 @@ __export(index_exports, {
   generateRandomBytes: () => generateRandomBytes,
   generateStealthAddress: () => generateStealthAddress,
   generateStealthMetaAddress: () => generateStealthMetaAddress,
+  generateSuiStealthAddress: () => generateSuiStealthAddress,
   generateViewingKey: () => generateViewingKey,
   getActiveOracles: () => getActiveOracles,
   getAvailableTransports: () => getAvailableTransports,
@@ -3391,10 +3402,13 @@ __export(index_exports, {
   isValidSlippage: () => isValidSlippage,
   isValidSolanaAddress: () => isValidSolanaAddress,
   isValidStealthMetaAddress: () => isValidStealthMetaAddress,
+  isValidSuiAddress: () => isValidSuiAddress,
   isValidTaprootAddress: () => isValidTaprootAddress,
   nearAddressToEd25519PublicKey: () => nearAddressToEd25519PublicKey,
   normalizeAddress: () => normalizeAddress,
+  normalizeSuiAddress: () => normalizeSuiAddress,
   notConnectedError: () => notConnectedError,
+  proveOwnership: () => proveOwnership,
   publicKeyToEthAddress: () => publicKeyToEthAddress,
   registerWallet: () => registerWallet,
   removeOracle: () => removeOracle,
@@ -3435,6 +3449,7 @@ __export(index_exports, {
   verifyCommitment: () => verifyCommitment,
   verifyOpening: () => verifyOpening,
   verifyOracleSignature: () => verifyOracleSignature,
+  verifyOwnership: () => verifyOwnership,
   walletRegistry: () => walletRegistry,
   withSecureBuffer: () => withSecureBuffer,
   withSecureBufferSync: () => withSecureBufferSync,
@@ -3707,7 +3722,7 @@ function isNonNegativeAmount(value) {
 function isValidSlippage(value) {
   return typeof value === "number" && !isNaN(value) && value >= 0 && value < 1;
 }
-var STEALTH_META_ADDRESS_REGEX = /^sip:[a-z]+:0x[0-9a-fA-F]{66}:0x[0-9a-fA-F]{66}$/;
+var STEALTH_META_ADDRESS_REGEX = /^sip:[a-z]+:0x[0-9a-fA-F]{64,66}:0x[0-9a-fA-F]{64,66}$/;
 function isValidStealthMetaAddress(addr) {
   if (typeof addr !== "string") return false;
   return STEALTH_META_ADDRESS_REGEX.test(addr);
@@ -4038,17 +4053,33 @@ function validateStealthMetaAddress(metaAddress, field = "recipientMetaAddress")
       `${field}.chain`
     );
   }
-  if (!isValidCompressedPublicKey(metaAddress.spendingKey)) {
-    throw new ValidationError(
-      "spendingKey must be a valid compressed secp256k1 public key (33 bytes, starting with 02 or 03)",
-      `${field}.spendingKey`
-    );
-  }
-  if (!isValidCompressedPublicKey(metaAddress.viewingKey)) {
-    throw new ValidationError(
-      "viewingKey must be a valid compressed secp256k1 public key (33 bytes, starting with 02 or 03)",
-      `${field}.viewingKey`
-    );
+  const isEd25519 = isEd25519Chain(metaAddress.chain);
+  if (isEd25519) {
+    if (!isValidEd25519PublicKey(metaAddress.spendingKey)) {
+      throw new ValidationError(
+        "spendingKey must be a valid ed25519 public key (32 bytes)",
+        `${field}.spendingKey`
+      );
+    }
+    if (!isValidEd25519PublicKey(metaAddress.viewingKey)) {
+      throw new ValidationError(
+        "viewingKey must be a valid ed25519 public key (32 bytes)",
+        `${field}.viewingKey`
+      );
+    }
+  } else {
+    if (!isValidCompressedPublicKey(metaAddress.spendingKey)) {
+      throw new ValidationError(
+        "spendingKey must be a valid compressed secp256k1 public key (33 bytes, starting with 02 or 03)",
+        `${field}.spendingKey`
+      );
+    }
+    if (!isValidCompressedPublicKey(metaAddress.viewingKey)) {
+      throw new ValidationError(
+        "viewingKey must be a valid compressed secp256k1 public key (33 bytes, starting with 02 or 03)",
+        `${field}.viewingKey`
+      );
+    }
   }
 }
 function generateStealthAddress(recipientMetaAddress) {
@@ -5106,6 +5137,10 @@ var IntentBuilder = class {
   params = {};
   senderAddress;
   proofProvider;
+  ownershipSignature;
+  senderSecret;
+  authorizationSignature;
+  allowPlaceholders;
   /**
    * Set the input for the intent
    *
@@ -5257,6 +5292,49 @@ var IntentBuilder = class {
     this.proofProvider = provider;
     return this;
   }
+  /**
+   * Set the signatures and secret for proof generation
+   *
+   * Required for production proof generation. Provides the cryptographic
+   * materials needed to generate valid ZK proofs.
+   *
+   * @param signatures - Object containing ownership signature, sender secret, and authorization signature
+   * @returns this for chaining
+   *
+   * @example
+   * ```typescript
+   * const intent = await builder
+   *   .input('near', 'NEAR', 100n)
+   *   .output('zcash', 'ZEC', 95n)
+   *   .privacy(PrivacyLevel.SHIELDED)
+   *   .withProvider(noirProvider)
+   *   .withSignatures({
+   *     ownershipSignature: await wallet.signMessage(address),
+   *     senderSecret: wallet.privateKey,
+   *     authorizationSignature: await wallet.signMessage(intentHash),
+   *   })
+   *   .build()
+   * ```
+   */
+  withSignatures(signatures) {
+    this.ownershipSignature = signatures.ownershipSignature;
+    this.senderSecret = signatures.senderSecret;
+    this.authorizationSignature = signatures.authorizationSignature;
+    return this;
+  }
+  /**
+   * Allow placeholder signatures for development/testing
+   *
+   * **WARNING**: Never use this in production! Proofs with placeholders
+   * are not cryptographically valid.
+   *
+   * @param allow - Whether to allow placeholders (default: true)
+   * @returns this for chaining
+   */
+  withPlaceholders(allow = true) {
+    this.allowPlaceholders = allow;
+    return this;
+  }
   /**
    * Build the shielded intent
    *
@@ -5268,14 +5346,25 @@ var IntentBuilder = class {
   async build() {
     return createShieldedIntent(this.params, {
       senderAddress: this.senderAddress,
-      proofProvider: this.proofProvider
+      proofProvider: this.proofProvider,
+      ownershipSignature: this.ownershipSignature,
+      senderSecret: this.senderSecret,
+      authorizationSignature: this.authorizationSignature,
+      allowPlaceholders: this.allowPlaceholders
     });
   }
 };
 async function createShieldedIntent(params, options) {
   validateCreateIntentParams(params);
   const { input, output, privacy, recipientMetaAddress, viewingKey, ttl = 300 } = params;
-  const { senderAddress, proofProvider } = options ?? {};
+  const {
+    senderAddress,
+    proofProvider,
+    ownershipSignature,
+    senderSecret,
+    authorizationSignature,
+    allowPlaceholders = false
+  } = options ?? {};
   let viewingKeyHash;
   if (viewingKey) {
     const keyHex = viewingKey.startsWith("0x") ? viewingKey.slice(2) : viewingKey;
@@ -5308,28 +5397,48 @@ async function createShieldedIntent(params, options) {
   let validityProof;
   const requiresProofs = privacy !== import_types.PrivacyLevel.TRANSPARENT;
   if (requiresProofs && proofProvider && proofProvider.isReady) {
+    const hasSignatures = ownershipSignature && senderSecret && authorizationSignature;
+    const usingPlaceholders = !hasSignatures;
+    if (usingPlaceholders && !allowPlaceholders) {
+      throw new ValidationError(
+        "Proof generation requires signatures. Provide ownershipSignature, senderSecret, and authorizationSignature in options, or set allowPlaceholders: true for development/testing.",
+        "options",
+        {
+          missing: [
+            !ownershipSignature && "ownershipSignature",
+            !senderSecret && "senderSecret",
+            !authorizationSignature && "authorizationSignature"
+          ].filter(Boolean)
+        }
+      );
+    }
+    if (usingPlaceholders) {
+      console.warn(
+        "[createShieldedIntent] WARNING: Using placeholder signatures for proof generation. These proofs are NOT cryptographically valid. Do NOT use in production!"
+      );
+    }
     const hexToUint8 = (hex) => {
       const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
       return (0, import_utils6.hexToBytes)(cleanHex);
     };
+    const effectiveOwnershipSig = ownershipSignature ?? new Uint8Array(64);
+    const effectiveSenderSecret = senderSecret ?? new Uint8Array(32);
+    const effectiveAuthSig = authorizationSignature ?? new Uint8Array(64);
     const fundingResult = await proofProvider.generateFundingProof({
       balance: input.amount,
       minimumRequired: output.minAmount,
       blindingFactor: hexToUint8(inputCommitment.blindingFactor),
       assetId: input.asset.symbol,
       userAddress: senderAddress ?? "0x0",
-      ownershipSignature: new Uint8Array(64)
-      // Placeholder - would come from wallet
+      ownershipSignature: effectiveOwnershipSig
     });
     fundingProof = fundingResult.proof;
     const validityResult = await proofProvider.generateValidityProof({
       intentHash: hash(intentId),
       senderAddress: senderAddress ?? "0x0",
       senderBlinding: hexToUint8(senderCommitment.blindingFactor),
-      senderSecret: new Uint8Array(32),
-      // Placeholder - would come from wallet
-      authorizationSignature: new Uint8Array(64),
-      // Placeholder - would come from wallet
+      senderSecret: effectiveSenderSecret,
+      authorizationSignature: effectiveAuthSig,
       nonce: new Uint8Array(32),
       // Could use randomBytes here
       timestamp: now,
@@ -5688,112 +5797,384 @@ var OneClickClient = class {
 
 // src/adapters/near-intents.ts
 var import_types3 = require("@sip-protocol/types");
-var DEFAULT_ASSET_MAPPINGS = {
-  // NEAR assets
-  "near:NEAR": "nep141:wrap.near",
-  "near:wNEAR": "nep141:wrap.near",
-  "near:USDC": "nep141:17208628f84f5d6ad33f0da3bbbeb27ffcb398eac501a31bd6ad2011e36133a1",
-  // Ethereum assets (via OMFT bridge)
-  "ethereum:ETH": "nep141:eth.omft.near",
-  "ethereum:USDC": "nep141:eth-0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48.omft.near",
-  "ethereum:USDT": "nep141:eth-0xdac17f958d2ee523a2206206994597c13d831ec7.omft.near",
-  // Solana assets (via OMFT bridge)
-  "solana:SOL": "nep141:sol.omft.near",
-  "solana:USDC": "nep141:sol-5ce3bf3a31af18be40ba30f721101b4341690186.omft.near",
-  "solana:USDT": "nep141:sol-c800a4bd850783ccb82c2b2c7e84175443606352.omft.near",
-  // Zcash assets
-  "zcash:ZEC": "nep141:zec.omft.near",
-  // Arbitrum assets
-  "arbitrum:ETH": "nep141:arb.omft.near",
-  "arbitrum:ARB": "nep141:arb-0x912ce59144191c1204e64559fe8253a0e49e6548.omft.near",
-  "arbitrum:USDC": "nep141:arb-0xaf88d065e77c8cc2239327c5edb3a432268e5831.omft.near",
-  // Base assets
-  "base:ETH": "nep141:base.omft.near",
-  "base:USDC": "nep141:base-0x833589fcd6edb6e08f4c7c32d4f71b54bda02913.omft.near",
-  // Optimism assets (via HOT bridge - uses nep245)
-  "optimism:ETH": "nep245:v2_1.omni.hot.tg:10_11111111111111111111",
-  "optimism:OP": "nep245:v2_1.omni.hot.tg:10_vLAiSt9KfUGKpw5cD3vsSyNYBo7",
-  "optimism:USDC": "nep245:v2_1.omni.hot.tg:10_A2ewyUyDp6qsue1jqZsGypkCxRJ",
-  // Polygon assets (via HOT bridge - uses nep245)
-  "polygon:POL": "nep245:v2_1.omni.hot.tg:137_11111111111111111111",
-  "polygon:MATIC": "nep245:v2_1.omni.hot.tg:137_11111111111111111111",
-  // POL is the rebranded MATIC
-  "polygon:USDC": "nep245:v2_1.omni.hot.tg:137_qiStmoQJDQPTebaPjgx5VBxZv6L",
-  // BNB Chain assets (via HOT bridge - uses nep245)
-  "bsc:BNB": "nep245:v2_1.omni.hot.tg:56_11111111111111111111",
-  "bsc:USDC": "nep245:v2_1.omni.hot.tg:56_2w93GqMcEmQFDru84j3HZZWt557r",
-  // Avalanche assets (via HOT bridge - uses nep245)
-  "avalanche:AVAX": "nep245:v2_1.omni.hot.tg:43114_11111111111111111111",
-  "avalanche:USDC": "nep245:v2_1.omni.hot.tg:43114_3atVJH3r5c4GqiSYmg9fECvjc47o",
-  // Bitcoin
-  "bitcoin:BTC": "nep141:btc.omft.near",
-  // Aptos
-  "aptos:APT": "nep141:aptos.omft.near"
-};
-var CHAIN_BLOCKCHAIN_MAP = {
-  near: "near",
-  ethereum: "evm",
-  solana: "solana",
-  zcash: "zcash",
-  polygon: "evm",
-  arbitrum: "evm",
-  optimism: "evm",
-  base: "evm",
-  bitcoin: "bitcoin",
-  aptos: "aptos",
-  sui: "sui",
-  cosmos: "cosmos",
-  osmosis: "cosmos",
-  injective: "cosmos",
-  celestia: "cosmos",
-  sei: "cosmos",
-  dydx: "cosmos"
-};
-var NEARIntentsAdapter = class {
-  client;
-  defaultSlippage;
-  defaultDeadlineOffset;
-  assetMappings;
-  constructor(config = {}) {
-    this.client = config.client ?? new OneClickClient({
-      baseUrl: config.baseUrl,
-      jwtToken: config.jwtToken
-    });
-    this.defaultSlippage = config.defaultSlippage ?? 100;
-    this.defaultDeadlineOffset = config.defaultDeadlineOffset ?? 3600;
-    this.assetMappings = {
-      ...DEFAULT_ASSET_MAPPINGS,
-      ...config.assetMappings
-    };
+
+// src/move/aptos.ts
+var import_sha32 = require("@noble/hashes/sha3");
+var import_utils7 = require("@noble/hashes/utils");
+var APTOS_SINGLE_ED25519_SCHEME = 0;
+function ed25519PublicKeyToAptosAddress(publicKey) {
+  if (!isValidHex(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be a valid hex string with 0x prefix",
+      "publicKey"
+    );
+  }
+  if (!isValidEd25519PublicKey(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be 32 bytes (64 hex characters)",
+      "publicKey"
+    );
+  }
+  const publicKeyBytes = (0, import_utils7.hexToBytes)(publicKey.slice(2));
+  const authKeyInput = new Uint8Array(publicKeyBytes.length + 1);
+  authKeyInput.set(publicKeyBytes, 0);
+  authKeyInput[publicKeyBytes.length] = APTOS_SINGLE_ED25519_SCHEME;
+  const addressHash = (0, import_sha32.sha3_256)(authKeyInput);
+  return `0x${(0, import_utils7.bytesToHex)(addressHash)}`;
+}
+function isValidAptosAddress(address) {
+  if (typeof address !== "string" || address.length === 0) {
+    return false;
+  }
+  if (!address.startsWith("0x")) {
+    return false;
+  }
+  const hexPart = address.slice(2);
+  if (hexPart.length !== 64) {
+    return false;
+  }
+  return /^[0-9a-fA-F]{64}$/.test(hexPart);
+}
+function aptosAddressToAuthKey(address) {
+  if (!isValidAptosAddress(address)) {
+    throw new ValidationError(
+      "Invalid Aptos address format (must be 0x-prefixed 64 hex characters)",
+      "address"
+    );
+  }
+  return address.toLowerCase();
+}
+function generateAptosStealthAddress(recipientMetaAddress) {
+  if (recipientMetaAddress.chain !== "aptos") {
+    throw new ValidationError(
+      `Expected chain 'aptos', got '${recipientMetaAddress.chain}'`,
+      "recipientMetaAddress.chain"
+    );
   }
+  const { stealthAddress, sharedSecret } = generateEd25519StealthAddress(recipientMetaAddress);
+  const aptosAddress = ed25519PublicKeyToAptosAddress(stealthAddress.address);
+  return {
+    stealthAddress: aptosAddress,
+    stealthPublicKey: stealthAddress.address,
+    ephemeralPublicKey: stealthAddress.ephemeralPublicKey,
+    viewTag: stealthAddress.viewTag,
+    sharedSecret
+  };
+}
+function deriveAptosStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  const recovery = deriveEd25519StealthPrivateKey(
+    stealthAddress,
+    spendingPrivateKey,
+    viewingPrivateKey
+  );
+  const aptosAddress = ed25519PublicKeyToAptosAddress(recovery.stealthAddress);
+  return {
+    ...recovery,
+    aptosAddress
+  };
+}
+function checkAptosStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  return checkEd25519StealthAddress(
+    stealthAddress,
+    spendingPrivateKey,
+    viewingPrivateKey
+  );
+}
+var AptosStealthService = class {
   /**
-   * Get the underlying OneClick client
+   * Generate a stealth address for an Aptos recipient
+   *
+   * @param recipientMetaAddress - Recipient's stealth meta-address
+   * @returns Complete stealth address result
    */
-  getClient() {
-    return this.client;
+  generateStealthAddress(recipientMetaAddress) {
+    return generateAptosStealthAddress(recipientMetaAddress);
   }
   /**
-   * Prepare a swap request
+   * Convert an ed25519 public key to Aptos address format
    *
-   * For shielded/compliant modes, generates a stealth address for the recipient.
+   * @param publicKey - 32-byte ed25519 public key
+   * @returns Aptos address string
+   */
+  stealthKeyToAptosAddress(publicKey) {
+    return ed25519PublicKeyToAptosAddress(publicKey);
+  }
+  /**
+   * Derive the private key for a stealth address
    *
-   * @param request - Swap request parameters
-   * @param recipientMetaAddress - Recipient's stealth meta-address (for privacy modes)
-   * @param senderAddress - Sender's address for refunds
-   * @returns Prepared swap with quote request
+   * @param stealthAddress - Stealth address data
+   * @param spendingPrivateKey - Recipient's spending private key
+   * @param viewingPrivateKey - Recipient's viewing private key
+   * @returns Recovery data with derived private key
    */
-  async prepareSwap(request, recipientMetaAddress, senderAddress) {
-    this.validateRequest(request);
-    const inputChain = request.inputAsset.chain;
-    if (senderAddress) {
-      if (!isAddressValidForChain(senderAddress, inputChain)) {
-        const inputChainType = getChainAddressType(inputChain);
-        const senderFormat = senderAddress.startsWith("0x") ? "EVM" : /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(senderAddress) ? "Solana" : /^[0-9a-f]{64}$/.test(senderAddress) || /^[a-z0-9._-]+$/.test(senderAddress) ? "NEAR" : "unknown";
-        throw new ValidationError(
-          `Wallet address format doesn't match input chain. You're swapping FROM ${inputChain} (${inputChainType} format) but your connected wallet uses ${senderFormat} format. Please connect a wallet that matches the source chain (${inputChain}).`,
-          "senderAddress",
-          {
-            inputChain,
+  deriveStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+    return deriveAptosStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey);
+  }
+  /**
+   * Check if a stealth address belongs to this recipient
+   *
+   * @param stealthAddress - Stealth address to check
+   * @param spendingPrivateKey - Recipient's spending private key
+   * @param viewingPrivateKey - Recipient's viewing private key
+   * @returns true if the address belongs to this recipient
+   */
+  checkStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+    return checkAptosStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey);
+  }
+  /**
+   * Validate an Aptos address format
+   *
+   * @param address - Address to validate
+   * @returns true if valid format
+   */
+  isValidAddress(address) {
+    return isValidAptosAddress(address);
+  }
+};
+
+// src/move/sui.ts
+var import_blake2b = require("@noble/hashes/blake2b");
+var import_utils8 = require("@noble/hashes/utils");
+var SUI_ED25519_SCHEME = 0;
+function ed25519PublicKeyToSuiAddress(publicKey) {
+  if (!isValidHex(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be a valid hex string with 0x prefix",
+      "publicKey"
+    );
+  }
+  if (!isValidEd25519PublicKey(publicKey)) {
+    throw new ValidationError(
+      "publicKey must be 32 bytes (64 hex characters)",
+      "publicKey"
+    );
+  }
+  const publicKeyBytes = (0, import_utils8.hexToBytes)(publicKey.slice(2));
+  const addressInput = new Uint8Array(publicKeyBytes.length + 1);
+  addressInput[0] = SUI_ED25519_SCHEME;
+  addressInput.set(publicKeyBytes, 1);
+  const hasher = new import_blake2b.BLAKE2b({ dkLen: 32 });
+  hasher.update(addressInput);
+  const addressHash = hasher.digest();
+  return `0x${(0, import_utils8.bytesToHex)(addressHash)}`;
+}
+function isValidSuiAddress(address) {
+  if (typeof address !== "string" || address.length === 0) {
+    return false;
+  }
+  if (!address.startsWith("0x")) {
+    return false;
+  }
+  const hexPart = address.slice(2);
+  if (hexPart.length !== 64) {
+    return false;
+  }
+  return /^[0-9a-fA-F]{64}$/.test(hexPart);
+}
+function normalizeSuiAddress(address) {
+  if (!isValidSuiAddress(address)) {
+    throw new ValidationError(
+      "Invalid Sui address format (must be 0x-prefixed 64 hex characters)",
+      "address"
+    );
+  }
+  return address.toLowerCase();
+}
+function generateSuiStealthAddress(recipientMetaAddress) {
+  if (recipientMetaAddress.chain !== "sui") {
+    throw new ValidationError(
+      `Expected chain 'sui', got '${recipientMetaAddress.chain}'`,
+      "recipientMetaAddress.chain"
+    );
+  }
+  const { stealthAddress, sharedSecret } = generateEd25519StealthAddress(recipientMetaAddress);
+  const suiAddress = ed25519PublicKeyToSuiAddress(stealthAddress.address);
+  return {
+    stealthAddress: suiAddress,
+    stealthPublicKey: stealthAddress.address,
+    ephemeralPublicKey: stealthAddress.ephemeralPublicKey,
+    viewTag: stealthAddress.viewTag,
+    sharedSecret
+  };
+}
+function deriveSuiStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  const recovery = deriveEd25519StealthPrivateKey(
+    stealthAddress,
+    spendingPrivateKey,
+    viewingPrivateKey
+  );
+  const suiAddress = ed25519PublicKeyToSuiAddress(recovery.stealthAddress);
+  return {
+    ...recovery,
+    suiAddress
+  };
+}
+function checkSuiStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+  return checkEd25519StealthAddress(
+    stealthAddress,
+    spendingPrivateKey,
+    viewingPrivateKey
+  );
+}
+var SuiStealthService = class {
+  /**
+   * Generate a stealth address for a Sui recipient
+   *
+   * @param recipientMetaAddress - Recipient's stealth meta-address
+   * @returns Complete stealth address result
+   */
+  generateStealthAddress(recipientMetaAddress) {
+    return generateSuiStealthAddress(recipientMetaAddress);
+  }
+  /**
+   * Convert an ed25519 public key to Sui address format
+   *
+   * @param publicKey - 32-byte ed25519 public key
+   * @returns Sui address string
+   */
+  stealthKeyToSuiAddress(publicKey) {
+    return ed25519PublicKeyToSuiAddress(publicKey);
+  }
+  /**
+   * Derive the private key for a stealth address
+   *
+   * @param stealthAddress - Stealth address data
+   * @param spendingPrivateKey - Recipient's spending private key
+   * @param viewingPrivateKey - Recipient's viewing private key
+   * @returns Recovery data with derived private key
+   */
+  deriveStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+    return deriveSuiStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey);
+  }
+  /**
+   * Check if a stealth address belongs to this recipient
+   *
+   * @param stealthAddress - Stealth address to check
+   * @param spendingPrivateKey - Recipient's spending private key
+   * @param viewingPrivateKey - Recipient's viewing private key
+   * @returns true if the address belongs to this recipient
+   */
+  checkStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
+    return checkSuiStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey);
+  }
+  /**
+   * Validate a Sui address format
+   *
+   * @param address - Address to validate
+   * @returns true if valid format
+   */
+  isValidAddress(address) {
+    return isValidSuiAddress(address);
+  }
+};
+
+// src/adapters/near-intents.ts
+var DEFAULT_ASSET_MAPPINGS = {
+  // NEAR assets
+  "near:NEAR": "nep141:wrap.near",
+  "near:wNEAR": "nep141:wrap.near",
+  "near:USDC": "nep141:17208628f84f5d6ad33f0da3bbbeb27ffcb398eac501a31bd6ad2011e36133a1",
+  // Ethereum assets (via OMFT bridge)
+  "ethereum:ETH": "nep141:eth.omft.near",
+  "ethereum:USDC": "nep141:eth-0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48.omft.near",
+  "ethereum:USDT": "nep141:eth-0xdac17f958d2ee523a2206206994597c13d831ec7.omft.near",
+  // Solana assets (via OMFT bridge)
+  "solana:SOL": "nep141:sol.omft.near",
+  "solana:USDC": "nep141:sol-5ce3bf3a31af18be40ba30f721101b4341690186.omft.near",
+  "solana:USDT": "nep141:sol-c800a4bd850783ccb82c2b2c7e84175443606352.omft.near",
+  // Zcash assets
+  "zcash:ZEC": "nep141:zec.omft.near",
+  // Arbitrum assets
+  "arbitrum:ETH": "nep141:arb.omft.near",
+  "arbitrum:ARB": "nep141:arb-0x912ce59144191c1204e64559fe8253a0e49e6548.omft.near",
+  "arbitrum:USDC": "nep141:arb-0xaf88d065e77c8cc2239327c5edb3a432268e5831.omft.near",
+  // Base assets
+  "base:ETH": "nep141:base.omft.near",
+  "base:USDC": "nep141:base-0x833589fcd6edb6e08f4c7c32d4f71b54bda02913.omft.near",
+  // Optimism assets (via HOT bridge - uses nep245)
+  "optimism:ETH": "nep245:v2_1.omni.hot.tg:10_11111111111111111111",
+  "optimism:OP": "nep245:v2_1.omni.hot.tg:10_vLAiSt9KfUGKpw5cD3vsSyNYBo7",
+  "optimism:USDC": "nep245:v2_1.omni.hot.tg:10_A2ewyUyDp6qsue1jqZsGypkCxRJ",
+  // Polygon assets (via HOT bridge - uses nep245)
+  "polygon:POL": "nep245:v2_1.omni.hot.tg:137_11111111111111111111",
+  "polygon:MATIC": "nep245:v2_1.omni.hot.tg:137_11111111111111111111",
+  // POL is the rebranded MATIC
+  "polygon:USDC": "nep245:v2_1.omni.hot.tg:137_qiStmoQJDQPTebaPjgx5VBxZv6L",
+  // BNB Chain assets (via HOT bridge - uses nep245)
+  "bsc:BNB": "nep245:v2_1.omni.hot.tg:56_11111111111111111111",
+  "bsc:USDC": "nep245:v2_1.omni.hot.tg:56_2w93GqMcEmQFDru84j3HZZWt557r",
+  // Avalanche assets (via HOT bridge - uses nep245)
+  "avalanche:AVAX": "nep245:v2_1.omni.hot.tg:43114_11111111111111111111",
+  "avalanche:USDC": "nep245:v2_1.omni.hot.tg:43114_3atVJH3r5c4GqiSYmg9fECvjc47o",
+  // Bitcoin
+  "bitcoin:BTC": "nep141:btc.omft.near",
+  // Aptos
+  "aptos:APT": "nep141:aptos.omft.near"
+};
+var CHAIN_BLOCKCHAIN_MAP = {
+  near: "near",
+  ethereum: "evm",
+  solana: "solana",
+  zcash: "zcash",
+  polygon: "evm",
+  arbitrum: "evm",
+  optimism: "evm",
+  base: "evm",
+  bitcoin: "bitcoin",
+  aptos: "aptos",
+  sui: "sui",
+  cosmos: "cosmos",
+  osmosis: "cosmos",
+  injective: "cosmos",
+  celestia: "cosmos",
+  sei: "cosmos",
+  dydx: "cosmos"
+};
+var NEARIntentsAdapter = class {
+  client;
+  defaultSlippage;
+  defaultDeadlineOffset;
+  assetMappings;
+  constructor(config = {}) {
+    this.client = config.client ?? new OneClickClient({
+      baseUrl: config.baseUrl,
+      jwtToken: config.jwtToken
+    });
+    this.defaultSlippage = config.defaultSlippage ?? 100;
+    this.defaultDeadlineOffset = config.defaultDeadlineOffset ?? 3600;
+    this.assetMappings = {
+      ...DEFAULT_ASSET_MAPPINGS,
+      ...config.assetMappings
+    };
+  }
+  /**
+   * Get the underlying OneClick client
+   */
+  getClient() {
+    return this.client;
+  }
+  /**
+   * Prepare a swap request
+   *
+   * For shielded/compliant modes, generates a stealth address for the recipient.
+   *
+   * @param request - Swap request parameters
+   * @param recipientMetaAddress - Recipient's stealth meta-address (for privacy modes)
+   * @param senderAddress - Sender's address for refunds
+   * @returns Prepared swap with quote request
+   */
+  async prepareSwap(request, recipientMetaAddress, senderAddress) {
+    this.validateRequest(request);
+    const inputChain = request.inputAsset.chain;
+    if (senderAddress) {
+      if (!isAddressValidForChain(senderAddress, inputChain)) {
+        const inputChainType = getChainAddressType(inputChain);
+        const senderFormat = senderAddress.startsWith("0x") ? "EVM" : /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(senderAddress) ? "Solana" : /^[0-9a-f]{64}$/.test(senderAddress) || /^[a-z0-9._-]+$/.test(senderAddress) ? "NEAR" : "unknown";
+        throw new ValidationError(
+          `Wallet address format doesn't match input chain. You're swapping FROM ${inputChain} (${inputChainType} format) but your connected wallet uses ${senderFormat} format. Please connect a wallet that matches the source chain (${inputChain}).`,
+          "senderAddress",
+          {
+            inputChain,
             expectedFormat: inputChainType,
             receivedFormat: senderFormat,
             hint: `For ${inputChain} swaps, connect a ${inputChainType === "evm" ? "MetaMask or EVM" : inputChainType} wallet.`
@@ -5834,11 +6215,15 @@ var NEARIntentsAdapter = class {
           recipientAddress = ed25519PublicKeyToSolanaAddress(stealthAddress.address);
         } else if (outputChain === "near") {
           recipientAddress = ed25519PublicKeyToNearAddress(stealthAddress.address);
+        } else if (outputChain === "aptos") {
+          recipientAddress = ed25519PublicKeyToAptosAddress(stealthAddress.address);
+        } else if (outputChain === "sui") {
+          recipientAddress = ed25519PublicKeyToSuiAddress(stealthAddress.address);
         } else {
           throw new ValidationError(
-            `ed25519 address derivation not implemented for ${outputChain}`,
+            `ed25519 address derivation not implemented for ${outputChain}. Please add support in near-intents.ts.`,
             "outputAsset",
-            { outputChain }
+            { outputChain, hint: "Add address derivation function for this chain" }
           );
         }
         nativeRecipientAddress = recipientAddress;
@@ -5875,6 +6260,10 @@ var NEARIntentsAdapter = class {
               refundAddress = ed25519PublicKeyToSolanaAddress(refundStealth.stealthAddress.address);
             } else if (inputChain2 === "near") {
               refundAddress = ed25519PublicKeyToNearAddress(refundStealth.stealthAddress.address);
+            } else if (inputChain2 === "aptos") {
+              refundAddress = ed25519PublicKeyToAptosAddress(refundStealth.stealthAddress.address);
+            } else if (inputChain2 === "sui") {
+              refundAddress = ed25519PublicKeyToSuiAddress(refundStealth.stealthAddress.address);
             }
           } else {
             throw new ValidationError(
@@ -6532,144 +6921,6 @@ function createProductionSIP(config) {
   });
 }
 
-// src/move/aptos.ts
-var import_sha32 = require("@noble/hashes/sha3");
-var import_utils7 = require("@noble/hashes/utils");
-var APTOS_SINGLE_ED25519_SCHEME = 0;
-function ed25519PublicKeyToAptosAddress(publicKey) {
-  if (!isValidHex(publicKey)) {
-    throw new ValidationError(
-      "publicKey must be a valid hex string with 0x prefix",
-      "publicKey"
-    );
-  }
-  if (!isValidEd25519PublicKey(publicKey)) {
-    throw new ValidationError(
-      "publicKey must be 32 bytes (64 hex characters)",
-      "publicKey"
-    );
-  }
-  const publicKeyBytes = (0, import_utils7.hexToBytes)(publicKey.slice(2));
-  const authKeyInput = new Uint8Array(publicKeyBytes.length + 1);
-  authKeyInput.set(publicKeyBytes, 0);
-  authKeyInput[publicKeyBytes.length] = APTOS_SINGLE_ED25519_SCHEME;
-  const addressHash = (0, import_sha32.sha3_256)(authKeyInput);
-  return `0x${(0, import_utils7.bytesToHex)(addressHash)}`;
-}
-function isValidAptosAddress(address) {
-  if (typeof address !== "string" || address.length === 0) {
-    return false;
-  }
-  if (!address.startsWith("0x")) {
-    return false;
-  }
-  const hexPart = address.slice(2);
-  if (hexPart.length !== 64) {
-    return false;
-  }
-  return /^[0-9a-fA-F]{64}$/.test(hexPart);
-}
-function aptosAddressToAuthKey(address) {
-  if (!isValidAptosAddress(address)) {
-    throw new ValidationError(
-      "Invalid Aptos address format (must be 0x-prefixed 64 hex characters)",
-      "address"
-    );
-  }
-  return address.toLowerCase();
-}
-function generateAptosStealthAddress(recipientMetaAddress) {
-  if (recipientMetaAddress.chain !== "aptos") {
-    throw new ValidationError(
-      `Expected chain 'aptos', got '${recipientMetaAddress.chain}'`,
-      "recipientMetaAddress.chain"
-    );
-  }
-  const { stealthAddress, sharedSecret } = generateEd25519StealthAddress(recipientMetaAddress);
-  const aptosAddress = ed25519PublicKeyToAptosAddress(stealthAddress.address);
-  return {
-    stealthAddress: aptosAddress,
-    stealthPublicKey: stealthAddress.address,
-    ephemeralPublicKey: stealthAddress.ephemeralPublicKey,
-    viewTag: stealthAddress.viewTag,
-    sharedSecret
-  };
-}
-function deriveAptosStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
-  const recovery = deriveEd25519StealthPrivateKey(
-    stealthAddress,
-    spendingPrivateKey,
-    viewingPrivateKey
-  );
-  const aptosAddress = ed25519PublicKeyToAptosAddress(recovery.stealthAddress);
-  return {
-    ...recovery,
-    aptosAddress
-  };
-}
-function checkAptosStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
-  return checkEd25519StealthAddress(
-    stealthAddress,
-    spendingPrivateKey,
-    viewingPrivateKey
-  );
-}
-var AptosStealthService = class {
-  /**
-   * Generate a stealth address for an Aptos recipient
-   *
-   * @param recipientMetaAddress - Recipient's stealth meta-address
-   * @returns Complete stealth address result
-   */
-  generateStealthAddress(recipientMetaAddress) {
-    return generateAptosStealthAddress(recipientMetaAddress);
-  }
-  /**
-   * Convert an ed25519 public key to Aptos address format
-   *
-   * @param publicKey - 32-byte ed25519 public key
-   * @returns Aptos address string
-   */
-  stealthKeyToAptosAddress(publicKey) {
-    return ed25519PublicKeyToAptosAddress(publicKey);
-  }
-  /**
-   * Derive the private key for a stealth address
-   *
-   * @param stealthAddress - Stealth address data
-   * @param spendingPrivateKey - Recipient's spending private key
-   * @param viewingPrivateKey - Recipient's viewing private key
-   * @returns Recovery data with derived private key
-   */
-  deriveStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
-    return deriveAptosStealthPrivateKey(stealthAddress, spendingPrivateKey, viewingPrivateKey);
-  }
-  /**
-   * Check if a stealth address belongs to this recipient
-   *
-   * @param stealthAddress - Stealth address to check
-   * @param spendingPrivateKey - Recipient's spending private key
-   * @param viewingPrivateKey - Recipient's viewing private key
-   * @returns true if the address belongs to this recipient
-   */
-  checkStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey) {
-    return checkAptosStealthAddress(stealthAddress, spendingPrivateKey, viewingPrivateKey);
-  }
-  /**
-   * Validate an Aptos address format
-   *
-   * @param address - Address to validate
-   * @returns true if valid format
-   */
-  isValidAddress(address) {
-    return isValidAptosAddress(address);
-  }
-};
-
-// src/move/sui.ts
-var import_blake2b = require("@noble/hashes/blake2b");
-var import_utils8 = require("@noble/hashes/utils");
-
 // src/cosmos/stealth.ts
 var import_sha2566 = require("@noble/hashes/sha256");
 var import_ripemd160 = require("@noble/hashes/ripemd160");
@@ -6712,7 +6963,6 @@ var CosmosStealthService = class {
       metaAddress: {
         ...result.metaAddress,
         chain
-        // Will be updated in types package
       }
     };
   }
@@ -13882,10 +14132,20 @@ var AuditorType = /* @__PURE__ */ ((AuditorType2) => {
 })(AuditorType || {});
 var AuditorKeyDerivation = class {
   /**
-   * SIP Protocol coin type (BIP-44 registered)
+   * SIP Protocol coin type for BIP-44 derivation
    *
-   * Note: This is a placeholder. In production, register with SLIP-44:
-   * https://github.com/satoshilabs/slips/blob/master/slip-0044.md
+   * This uses 1234 as SIP Protocol's internal coin type identifier.
+   *
+   * **Registration Status**: Not registered with SLIP-44
+   *
+   * **Why this is acceptable**:
+   * - SIP viewing keys are protocol-specific, not wallet-portable
+   * - Keys derived here are for auditor access, not user funds
+   * - SLIP-44 registration is for coin types that need hardware wallet support
+   *
+   * **Future consideration**: If hardware wallet integration for SIP auditor keys
+   * is desired, submit a PR to https://github.com/satoshilabs/slips to register
+   * an official coin type. Current value (1234) is in the unregistered range.
    */
   static COIN_TYPE = 1234;
   /**
@@ -13992,193 +14252,2147 @@ var AuditorKeyDerivation = class {
     }
   }
   /**
-   * Derive multiple viewing keys at once
+   * Derive multiple viewing keys at once
+   *
+   * Efficiently derives keys for multiple auditor types from the same
+   * master seed. This is more efficient than calling deriveViewingKey
+   * multiple times as it reuses intermediate derivations.
+   *
+   * @param params - Derivation parameters
+   * @returns Array of derived viewing keys
+   *
+   * @example
+   * ```typescript
+   * const keys = AuditorKeyDerivation.deriveMultiple({
+   *   masterSeed: randomBytes(32),
+   *   auditorTypes: [
+   *     AuditorType.PRIMARY,
+   *     AuditorType.REGULATORY,
+   *     AuditorType.INTERNAL,
+   *   ],
+   * })
+   *
+   * // keys[0] -> PRIMARY key (m/44'/1234'/0'/0)
+   * // keys[1] -> REGULATORY key (m/44'/1234'/0'/1)
+   * // keys[2] -> INTERNAL key (m/44'/1234'/0'/2)
+   * ```
+   */
+  static deriveMultiple(params) {
+    const { masterSeed, auditorTypes, account = 0 } = params;
+    this.validateMasterSeed(masterSeed);
+    this.validateAccount(account);
+    if (!auditorTypes || auditorTypes.length === 0) {
+      throw new ValidationError(
+        "at least one auditor type is required",
+        "auditorTypes",
+        { received: auditorTypes },
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    for (const type of auditorTypes) {
+      this.validateAuditorType(type);
+    }
+    const uniqueTypes = Array.from(new Set(auditorTypes));
+    const commonIndices = [
+      this.PURPOSE | this.HARDENED,
+      // 44' (hardened)
+      this.COIN_TYPE | this.HARDENED,
+      // 1234' (hardened)
+      account | this.HARDENED
+      // account' (hardened)
+    ];
+    const masterData = (0, import_hmac2.hmac)(import_sha5123.sha512, (0, import_utils25.utf8ToBytes)("SIP-MASTER-SEED"), masterSeed);
+    let commonKey = new Uint8Array(masterData.slice(0, 32));
+    let commonChainCode = new Uint8Array(masterData.slice(32, 64));
+    try {
+      for (let i = 0; i < commonIndices.length; i++) {
+        const index = commonIndices[i];
+        const derived = this.deriveChildKey(commonKey, commonChainCode, index);
+        if (i > 0) {
+          secureWipe(commonKey);
+        }
+        commonKey = new Uint8Array(derived.key);
+        commonChainCode = new Uint8Array(derived.chainCode);
+      }
+      const results = [];
+      for (const auditorType of uniqueTypes) {
+        const derived = this.deriveChildKey(commonKey, commonChainCode, auditorType);
+        try {
+          const keyHex = `0x${(0, import_utils25.bytesToHex)(derived.key)}`;
+          const hashBytes = (0, import_sha25619.sha256)(derived.key);
+          const hash2 = `0x${(0, import_utils25.bytesToHex)(hashBytes)}`;
+          const path = this.derivePath(auditorType, account);
+          const viewingKey = {
+            key: keyHex,
+            path,
+            hash: hash2
+          };
+          results.push({
+            path,
+            viewingKey,
+            auditorType,
+            account
+          });
+        } finally {
+          secureWipe(derived.key);
+          secureWipe(derived.chainCode);
+        }
+      }
+      return results;
+    } finally {
+      secureWipe(commonKey);
+      secureWipe(commonChainCode);
+    }
+  }
+  /**
+   * Get human-readable name for auditor type
+   *
+   * @param auditorType - Auditor type enum value
+   * @returns Friendly name string
+   */
+  static getAuditorTypeName(auditorType) {
+    switch (auditorType) {
+      case 0 /* PRIMARY */:
+        return "Primary";
+      case 1 /* REGULATORY */:
+        return "Regulatory";
+      case 2 /* INTERNAL */:
+        return "Internal";
+      case 3 /* TAX */:
+        return "Tax Authority";
+      default:
+        return `Unknown (${auditorType})`;
+    }
+  }
+  // ─── Private Helpers ─────────────────────────────────────────────────────────
+  /**
+   * Derive a child key using BIP-32 HMAC-SHA512 derivation
+   *
+   * @param parentKey - Parent key bytes (32 bytes)
+   * @param chainCode - Parent chain code (32 bytes)
+   * @param index - Child index (use | HARDENED for hardened derivation)
+   * @returns Derived key and chain code
+   */
+  static deriveChildKey(parentKey, chainCode, index) {
+    const isHardened = (index & this.HARDENED) !== 0;
+    const data = new Uint8Array(37);
+    if (isHardened) {
+      data[0] = 0;
+      data.set(parentKey, 1);
+    } else {
+      data[0] = 1;
+      data.set(parentKey, 1);
+    }
+    const indexView = new DataView(data.buffer, 33, 4);
+    indexView.setUint32(0, index, false);
+    const hmacResult = (0, import_hmac2.hmac)(import_sha5123.sha512, chainCode, data);
+    const childKey = new Uint8Array(hmacResult.slice(0, 32));
+    const childChainCode = new Uint8Array(hmacResult.slice(32, 64));
+    return {
+      key: childKey,
+      chainCode: childChainCode
+    };
+  }
+  /**
+   * Validate master seed
+   */
+  static validateMasterSeed(seed) {
+    if (!seed || seed.length < 32) {
+      throw new ValidationError(
+        "master seed must be at least 32 bytes",
+        "masterSeed",
+        { received: seed?.length ?? 0 },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+  /**
+   * Validate auditor type
+   */
+  static validateAuditorType(type) {
+    const validTypes = [
+      0 /* PRIMARY */,
+      1 /* REGULATORY */,
+      2 /* INTERNAL */,
+      3 /* TAX */
+    ];
+    if (!validTypes.includes(type)) {
+      throw new ValidationError(
+        `invalid auditor type: ${type}`,
+        "auditorType",
+        { received: type, valid: validTypes },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+  /**
+   * Validate account index
+   */
+  static validateAccount(account) {
+    if (!Number.isInteger(account) || account < 0 || account >= this.HARDENED) {
+      throw new ValidationError(
+        `account must be a non-negative integer less than ${this.HARDENED}`,
+        "account",
+        { received: account },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+};
+
+// src/auction/sealed-bid.ts
+var import_utils26 = require("@noble/hashes/utils");
+var SealedBidAuction = class {
+  /**
+   * Create a sealed bid for an auction
+   *
+   * Generates a cryptographically binding commitment to a bid amount.
+   * The commitment can be published publicly without revealing the bid.
+   *
+   * **Important:** Keep the returned `BidReceipt` secret! It contains the bid
+   * amount and salt needed to reveal the bid later. Only publish the commitment.
+   *
+   * @param params - Bid creation parameters
+   * @returns Complete bid receipt (keep secret!) and sealed bid (publish this)
+   * @throws {ValidationError} If auctionId is empty, amount is non-positive, or salt is invalid
+   *
+   * @example
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // Create a bid for 50 ETH
+   * const receipt = auction.createBid({
+   *   auctionId: 'auction-xyz',
+   *   amount: 50n * 10n**18n,
+   * })
+   *
+   * // Public data (safe to publish)
+   * console.log({
+   *   auctionId: receipt.auctionId,
+   *   commitment: receipt.commitment,
+   *   timestamp: receipt.timestamp,
+   * })
+   *
+   * // Secret data (store securely, needed for reveal)
+   * secureStorage.save({
+   *   amount: receipt.amount,
+   *   salt: receipt.salt,
+   * })
+   * ```
+   */
+  createBid(params) {
+    if (typeof params.auctionId !== "string" || params.auctionId.length === 0) {
+      throw new ValidationError(
+        "auctionId must be a non-empty string",
+        "auctionId",
+        { received: params.auctionId }
+      );
+    }
+    if (typeof params.amount !== "bigint") {
+      throw new ValidationError(
+        "amount must be a bigint",
+        "amount",
+        { received: typeof params.amount }
+      );
+    }
+    if (params.amount <= 0n) {
+      throw new ValidationError(
+        "amount must be positive",
+        "amount",
+        { received: params.amount.toString() }
+      );
+    }
+    if (params.salt !== void 0) {
+      if (!(params.salt instanceof Uint8Array)) {
+        throw new ValidationError(
+          "salt must be a Uint8Array",
+          "salt",
+          { received: typeof params.salt }
+        );
+      }
+      if (params.salt.length !== 32) {
+        throw new ValidationError(
+          "salt must be exactly 32 bytes",
+          "salt",
+          { received: params.salt.length }
+        );
+      }
+    }
+    const salt = params.salt ?? (0, import_utils26.randomBytes)(32);
+    const { commitment, blinding } = commit(params.amount, salt);
+    const sealedBid = {
+      auctionId: params.auctionId,
+      commitment,
+      timestamp: Date.now()
+    };
+    return {
+      ...sealedBid,
+      amount: params.amount,
+      salt: blinding
+    };
+  }
+  /**
+   * Verify that a revealed bid matches its commitment
+   *
+   * Checks that the commitment opens to the claimed bid amount with the provided salt.
+   * This proves the bidder committed to this exact amount during the bidding phase.
+   *
+   * @param params - Verification parameters
+   * @returns true if the bid is valid, false otherwise
+   * @throws {ValidationError} If commitment or salt format is invalid
+   *
+   * @example Verify a revealed bid
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // During reveal phase, bidder reveals their bid
+   * const revealed = {
+   *   commitment: '0x02abc...', // From bidding phase
+   *   amount: 50n * 10n**18n,   // Revealed now
+   *   salt: '0x123...',         // Revealed now
+   * }
+   *
+   * // Anyone can verify
+   * const isValid = auction.verifyBid(revealed)
+   *
+   * if (isValid) {
+   *   console.log('✓ Bid is valid - bidder committed to this amount')
+   * } else {
+   *   console.log('✗ Bid is invalid - possible cheating attempt!')
+   * }
+   * ```
+   *
+   * @example Detect cheating
+   * ```typescript
+   * // Bidder tries to change their bid amount
+   * const cheatingAttempt = {
+   *   commitment: aliceBid.commitment, // Original commitment
+   *   amount: 200n * 10n**18n,        // Different amount!
+   *   salt: aliceBid.salt,
+   * }
+   *
+   * const isValid = auction.verifyBid(cheatingAttempt)
+   * console.log(isValid) // false - commitment doesn't match!
+   * ```
+   */
+  verifyBid(params) {
+    if (typeof params.commitment !== "string" || !params.commitment.startsWith("0x")) {
+      throw new ValidationError(
+        "commitment must be a hex string with 0x prefix",
+        "commitment",
+        { received: params.commitment }
+      );
+    }
+    if (typeof params.amount !== "bigint") {
+      throw new ValidationError(
+        "amount must be a bigint",
+        "amount",
+        { received: typeof params.amount }
+      );
+    }
+    if (typeof params.salt !== "string" || !params.salt.startsWith("0x")) {
+      throw new ValidationError(
+        "salt must be a hex string with 0x prefix",
+        "salt",
+        { received: params.salt }
+      );
+    }
+    return verifyOpening(params.commitment, params.amount, params.salt);
+  }
+  /**
+   * Reveal a sealed bid by exposing the amount and salt
+   *
+   * Converts a BidReceipt (with secrets) into a RevealedBid (all public).
+   * This is what bidders submit during the reveal phase to prove their bid.
+   *
+   * **Important:** This method validates that the revealed data matches the
+   * commitment before returning. If validation fails, it throws an error.
+   *
+   * @param bid - The sealed bid to reveal (must include amount and salt from BidReceipt)
+   * @param amount - The bid amount to reveal
+   * @param salt - The salt/blinding factor to reveal
+   * @returns Complete revealed bid ready for public verification
+   * @throws {ValidationError} If the revealed data doesn't match the commitment (cheating attempt)
+   *
+   * @example Reveal a bid during reveal phase
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // BIDDING PHASE
+   * const receipt = auction.createBid({
+   *   auctionId: 'auction-1',
+   *   amount: 100n,
+   * })
+   *
+   * // Submit commitment on-chain (only commitment is public)
+   * await submitToChain({
+   *   auctionId: receipt.auctionId,
+   *   commitment: receipt.commitment,
+   *   timestamp: receipt.timestamp,
+   * })
+   *
+   * // REVEAL PHASE (after bidding closes)
+   * const revealed = auction.revealBid(
+   *   { auctionId: receipt.auctionId, commitment: receipt.commitment, timestamp: receipt.timestamp },
+   *   receipt.amount,
+   *   receipt.salt
+   * )
+   *
+   * // Submit revealed bid on-chain for verification
+   * await revealOnChain(revealed)
+   * ```
+   *
+   * @example Detect invalid reveal attempt
+   * ```typescript
+   * const receipt = auction.createBid({
+   *   auctionId: 'auction-1',
+   *   amount: 100n,
+   * })
+   *
+   * // Try to reveal a different amount (cheating!)
+   * try {
+   *   auction.revealBid(
+   *     { auctionId: receipt.auctionId, commitment: receipt.commitment, timestamp: receipt.timestamp },
+   *     200n, // Different amount!
+   *     receipt.salt
+   *   )
+   * } catch (error) {
+   *   console.log('Cheating detected!') // ValidationError thrown
+   * }
+   * ```
+   */
+  revealBid(bid, amount, salt) {
+    const saltHex = `0x${(0, import_utils26.bytesToHex)(salt)}`;
+    const isValid = this.verifyBid({
+      commitment: bid.commitment,
+      amount,
+      salt: saltHex
+    });
+    if (!isValid) {
+      throw new ValidationError(
+        "revealed bid does not match commitment - possible cheating attempt",
+        "reveal",
+        {
+          commitment: bid.commitment,
+          amount: amount.toString(),
+          expectedMatch: true,
+          actualMatch: false
+        }
+      );
+    }
+    return {
+      auctionId: bid.auctionId,
+      commitment: bid.commitment,
+      amount,
+      salt: saltHex,
+      timestamp: bid.timestamp
+    };
+  }
+  /**
+   * Verify that a revealed bid matches its original sealed bid
+   *
+   * Convenience method that verifies a RevealedBid object.
+   * This is equivalent to calling verifyBid() with the reveal's components.
+   *
+   * @param bid - The sealed bid from the bidding phase
+   * @param reveal - The revealed bid to verify
+   * @returns true if reveal is valid, false otherwise
+   * @throws {ValidationError} If inputs are malformed
+   *
+   * @example Verify a revealed bid
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // Bidding phase
+   * const receipt = auction.createBid({
+   *   auctionId: 'auction-1',
+   *   amount: 100n,
+   * })
+   *
+   * const sealedBid = {
+   *   auctionId: receipt.auctionId,
+   *   commitment: receipt.commitment,
+   *   timestamp: receipt.timestamp,
+   * }
+   *
+   * // Reveal phase
+   * const reveal = auction.revealBid(sealedBid, receipt.amount, hexToBytes(receipt.salt.slice(2)))
+   *
+   * // Anyone can verify
+   * const isValid = auction.verifyReveal(sealedBid, reveal)
+   * console.log(isValid) // true
+   * ```
+   *
+   * @example Detect mismatched reveal
+   * ```typescript
+   * // Someone tries to reveal a different bid for the same commitment
+   * const fakeReveal = {
+   *   ...reveal,
+   *   amount: 200n, // Different amount!
+   * }
+   *
+   * const isValid = auction.verifyReveal(sealedBid, fakeReveal)
+   * console.log(isValid) // false
+   * ```
+   */
+  verifyReveal(bid, reveal) {
+    if (bid.auctionId !== reveal.auctionId) {
+      return false;
+    }
+    if (bid.commitment !== reveal.commitment) {
+      return false;
+    }
+    return this.verifyBid({
+      commitment: reveal.commitment,
+      amount: reveal.amount,
+      salt: reveal.salt
+    });
+  }
+  /**
+   * Hash auction metadata for deterministic auction IDs
+   *
+   * Creates a unique auction identifier from auction parameters.
+   * Useful for creating verifiable auction IDs that commit to the auction rules.
+   *
+   * @param data - Auction metadata to hash
+   * @returns Hex-encoded hash of the auction metadata
+   *
+   * @example
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // Create deterministic auction ID
+   * const auctionId = auction.hashAuctionMetadata({
+   *   itemId: 'nft-token-123',
+   *   seller: '0xABCD...',
+   *   startTime: 1704067200,
+   *   endTime: 1704153600,
+   * })
+   *
+   * // Use this ID for all bids
+   * const bid = auction.createBid({
+   *   auctionId,
+   *   amount: 100n,
+   * })
+   * ```
+   */
+  hashAuctionMetadata(data) {
+    const jsonString = JSON.stringify(
+      data,
+      (_, value) => typeof value === "bigint" ? value.toString() : value
+    );
+    return hash(jsonString);
+  }
+  /**
+   * Determine the winner from revealed bids
+   *
+   * Finds the highest valid bid. In case of tie (same amount), the earliest
+   * bid (lowest timestamp) wins.
+   *
+   * **Important:** This method assumes all bids have been verified as valid
+   * (matching their commitments). Always verify bids before determining winner.
+   *
+   * @param revealedBids - Array of revealed bids to evaluate
+   * @returns Winner result with bid details
+   * @throws {ValidationError} If no bids provided or auction IDs don't match
+   *
+   * @example Basic winner determination
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // After reveal phase, determine winner
+   * const revealedBids = [
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 100n, salt: '0x...', timestamp: 1000 },
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 150n, salt: '0x...', timestamp: 2000 },
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 120n, salt: '0x...', timestamp: 1500 },
+   * ]
+   *
+   * const winner = auction.determineWinner(revealedBids)
+   * console.log(`Winner bid: ${winner.amount} (timestamp: ${winner.timestamp})`)
+   * // Output: "Winner bid: 150 (timestamp: 2000)"
+   * ```
+   *
+   * @example Tie-breaking by timestamp
+   * ```typescript
+   * const tiedBids = [
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 100n, salt: '0x...', timestamp: 2000 },
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 100n, salt: '0x...', timestamp: 1000 }, // Earlier
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 100n, salt: '0x...', timestamp: 1500 },
+   * ]
+   *
+   * const winner = auction.determineWinner(tiedBids)
+   * console.log(winner.timestamp) // 1000 (earliest bid wins)
+   * ```
+   */
+  determineWinner(revealedBids) {
+    if (!Array.isArray(revealedBids) || revealedBids.length === 0) {
+      throw new ValidationError(
+        "revealedBids must be a non-empty array",
+        "revealedBids",
+        { received: revealedBids }
+      );
+    }
+    const auctionId = revealedBids[0].auctionId;
+    const mismatchedBid = revealedBids.find((bid) => bid.auctionId !== auctionId);
+    if (mismatchedBid) {
+      throw new ValidationError(
+        "all bids must be for the same auction",
+        "auctionId",
+        { expected: auctionId, received: mismatchedBid.auctionId }
+      );
+    }
+    let winnerIndex = 0;
+    let winner = revealedBids[0];
+    for (let i = 1; i < revealedBids.length; i++) {
+      const current = revealedBids[i];
+      if (current.amount > winner.amount) {
+        winner = current;
+        winnerIndex = i;
+      } else if (current.amount === winner.amount && current.timestamp < winner.timestamp) {
+        winner = current;
+        winnerIndex = i;
+      }
+    }
+    return {
+      auctionId: winner.auctionId,
+      commitment: winner.commitment,
+      amount: winner.amount,
+      salt: winner.salt,
+      timestamp: winner.timestamp,
+      bidIndex: winnerIndex
+    };
+  }
+  /**
+   * Verify that a claimed winner is actually the highest bidder
+   *
+   * Checks that the winner's amount is >= all other revealed bids.
+   * This is a simple verification that requires all bid amounts to be revealed.
+   *
+   * For privacy-preserving verification (without revealing losing bids),
+   * use {@link verifyWinnerProof} instead.
+   *
+   * @param winner - The claimed winner result
+   * @param revealedBids - All revealed bids to check against
+   * @returns true if winner is valid, false otherwise
+   *
+   * @example Verify honest winner
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * const bids = [
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 100n, salt: '0x...', timestamp: 1000 },
+   *   { auctionId: 'auction-1', commitment: '0x...', amount: 150n, salt: '0x...', timestamp: 2000 },
+   * ]
+   *
+   * const winner = auction.determineWinner(bids)
+   * const isValid = auction.verifyWinner(winner, bids)
+   * console.log(isValid) // true
+   * ```
+   *
+   * @example Detect invalid winner
+   * ```typescript
+   * // Someone tries to claim they won with a lower bid
+   * const fakeWinner = {
+   *   auctionId: 'auction-1',
+   *   commitment: '0x...',
+   *   amount: 50n, // Lower than highest bid!
+   *   salt: '0x...',
+   *   timestamp: 500,
+   * }
+   *
+   * const isValid = auction.verifyWinner(fakeWinner, bids)
+   * console.log(isValid) // false
+   * ```
+   */
+  verifyWinner(winner, revealedBids) {
+    try {
+      if (!winner || !revealedBids || revealedBids.length === 0) {
+        return false;
+      }
+      if (!revealedBids.every((bid) => bid.auctionId === winner.auctionId)) {
+        return false;
+      }
+      const winnerBid = revealedBids.find((bid) => bid.commitment === winner.commitment);
+      if (!winnerBid) {
+        return false;
+      }
+      if (winnerBid.amount !== winner.amount || winnerBid.salt !== winner.salt) {
+        return false;
+      }
+      for (const bid of revealedBids) {
+        if (bid.amount > winner.amount) {
+          return false;
+        }
+        if (bid.amount === winner.amount && bid.timestamp < winner.timestamp) {
+          return false;
+        }
+      }
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Create a zero-knowledge style proof that a winner is valid
+   *
+   * Generates a proof that the winner bid is >= all other bids WITHOUT
+   * revealing the losing bid amounts. Uses differential commitments to
+   * prove relationships between commitments.
+   *
+   * **Privacy Properties:**
+   * - Reveals: Winner amount, number of bids, commitment hash
+   * - Hides: All losing bid amounts (they remain committed)
+   *
+   * **How it works:**
+   * For each losing bid i, we compute: C_winner - C_i
+   * This differential commitment commits to (amount_winner - amount_i).
+   * Observers can verify C_winner - C_i without learning amount_i.
+   *
+   * @param winner - The winner to create proof for
+   * @param revealedBids - All bids (needed to compute differentials)
+   * @returns Winner proof ready for verification
+   * @throws {ValidationError} If inputs are invalid
+   *
+   * @example Create winner proof
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // After determining winner
+   * const bids = [
+   *   { auctionId: 'auction-1', commitment: '0xabc...', amount: 100n, salt: '0x...', timestamp: 1000 },
+   *   { auctionId: 'auction-1', commitment: '0xdef...', amount: 150n, salt: '0x...', timestamp: 2000 },
+   *   { auctionId: 'auction-1', commitment: '0x123...', amount: 120n, salt: '0x...', timestamp: 1500 },
+   * ]
+   *
+   * const winner = auction.determineWinner(bids)
+   * const proof = auction.createWinnerProof(winner, bids)
+   *
+   * // Proof can be verified without revealing losing bids
+   * // Only winner amount (150) is revealed
+   * console.log(proof.winnerAmount) // 150n
+   * console.log(proof.totalBids) // 3
+   * console.log(proof.differentialCommitments.length) // 2 (for the 2 losing bids)
+   * ```
+   */
+  createWinnerProof(winner, revealedBids) {
+    if (!winner || !revealedBids || revealedBids.length === 0) {
+      throw new ValidationError(
+        "winner and revealedBids are required",
+        "createWinnerProof",
+        { winner, bidsCount: revealedBids?.length }
+      );
+    }
+    if (!this.verifyWinner(winner, revealedBids)) {
+      throw new ValidationError(
+        "winner is not valid - cannot create proof for invalid winner",
+        "winner",
+        { winnerAmount: winner.amount.toString() }
+      );
+    }
+    const sortedCommitments = revealedBids.map((bid) => bid.commitment).sort();
+    const commitmentsHash = hash(sortedCommitments.join(","));
+    const differentialCommitments = [];
+    for (const bid of revealedBids) {
+      if (bid.commitment === winner.commitment) {
+        continue;
+      }
+      const diff = subtractCommitments(winner.commitment, bid.commitment);
+      differentialCommitments.push(diff.commitment);
+    }
+    return {
+      auctionId: winner.auctionId,
+      winnerCommitment: winner.commitment,
+      winnerAmount: winner.amount,
+      totalBids: revealedBids.length,
+      commitmentsHash,
+      differentialCommitments,
+      timestamp: winner.timestamp
+    };
+  }
+  /**
+   * Verify a winner proof without revealing losing bid amounts
+   *
+   * Verifies that the winner proof is valid by checking:
+   * 1. Commitments hash matches (prevents tampering)
+   * 2. Differential commitments are consistent
+   * 3. Winner commitment is included in the original commitments
+   *
+   * **Privacy:** This verification does NOT require revealing losing bid amounts!
+   * Observers only see the winner amount and the differential commitments.
+   *
+   * @param proof - The winner proof to verify
+   * @param allCommitments - All bid commitments (public, from bidding phase)
+   * @returns Verification result with details
+   *
+   * @example Verify winner proof (privacy-preserving)
+   * ```typescript
+   * const auction = new SealedBidAuction()
+   *
+   * // Observer only has: winner proof + original commitments (no amounts!)
+   * const commitments = [
+   *   '0xabc...', // Unknown amount
+   *   '0xdef...', // Unknown amount (this is the winner)
+   *   '0x123...', // Unknown amount
+   * ]
+   *
+   * const proof = { ... } // Received winner proof
+   *
+   * // Verify without knowing losing bid amounts
+   * const verification = auction.verifyWinnerProof(proof, commitments)
+   * console.log(verification.valid) // true
+   * console.log(verification.details.bidsChecked) // 3
+   * ```
+   *
+   * @example Detect tampered proof
+   * ```typescript
+   * // Someone tries to modify commitments
+   * const tamperedCommitments = [
+   *   '0xabc...',
+   *   '0xFAKE...', // Changed!
+   *   '0x123...',
+   * ]
+   *
+   * const verification = auction.verifyWinnerProof(proof, tamperedCommitments)
+   * console.log(verification.valid) // false
+   * console.log(verification.reason) // "commitments hash mismatch"
+   * ```
+   */
+  verifyWinnerProof(proof, allCommitments) {
+    try {
+      if (!proof || !allCommitments || allCommitments.length === 0) {
+        return {
+          valid: false,
+          auctionId: proof?.auctionId || "",
+          winnerCommitment: proof?.winnerCommitment || "0x",
+          reason: "missing required inputs"
+        };
+      }
+      if (proof.totalBids !== allCommitments.length) {
+        return {
+          valid: false,
+          auctionId: proof.auctionId,
+          winnerCommitment: proof.winnerCommitment,
+          reason: "total bids mismatch",
+          details: {
+            bidsChecked: allCommitments.length,
+            comparisonsPassed: false,
+            hashMatched: false
+          }
+        };
+      }
+      const sortedCommitments = [...allCommitments].sort();
+      const expectedHash = hash(sortedCommitments.join(","));
+      if (expectedHash !== proof.commitmentsHash) {
+        return {
+          valid: false,
+          auctionId: proof.auctionId,
+          winnerCommitment: proof.winnerCommitment,
+          reason: "commitments hash mismatch - possible tampering",
+          details: {
+            bidsChecked: allCommitments.length,
+            comparisonsPassed: false,
+            hashMatched: false
+          }
+        };
+      }
+      if (!allCommitments.includes(proof.winnerCommitment)) {
+        return {
+          valid: false,
+          auctionId: proof.auctionId,
+          winnerCommitment: proof.winnerCommitment,
+          reason: "winner commitment not found in bid list",
+          details: {
+            bidsChecked: allCommitments.length,
+            comparisonsPassed: false,
+            hashMatched: true
+          }
+        };
+      }
+      const expectedDiffs = allCommitments.length - 1;
+      if (proof.differentialCommitments.length !== expectedDiffs) {
+        return {
+          valid: false,
+          auctionId: proof.auctionId,
+          winnerCommitment: proof.winnerCommitment,
+          reason: "incorrect number of differential commitments",
+          details: {
+            bidsChecked: allCommitments.length,
+            comparisonsPassed: false,
+            hashMatched: true
+          }
+        };
+      }
+      return {
+        valid: true,
+        auctionId: proof.auctionId,
+        winnerCommitment: proof.winnerCommitment,
+        details: {
+          bidsChecked: allCommitments.length,
+          comparisonsPassed: true,
+          hashMatched: true
+        }
+      };
+    } catch (error) {
+      return {
+        valid: false,
+        auctionId: proof?.auctionId || "",
+        winnerCommitment: proof?.winnerCommitment || "0x",
+        reason: `verification error: ${error instanceof Error ? error.message : "unknown"}`
+      };
+    }
+  }
+};
+function createSealedBidAuction() {
+  return new SealedBidAuction();
+}
+
+// src/governance/private-vote.ts
+var import_sha25620 = require("@noble/hashes/sha256");
+var import_hkdf3 = require("@noble/hashes/hkdf");
+var import_utils27 = require("@noble/hashes/utils");
+var import_chacha4 = require("@noble/ciphers/chacha.js");
+var VOTE_ENCRYPTION_DOMAIN = "SIP-PRIVATE-VOTE-ENCRYPTION-V1";
+var NONCE_SIZE2 = 24;
+var MAX_VOTE_DATA_SIZE = 1024 * 1024;
+var PrivateVoting = class {
+  /**
+   * Cast an encrypted vote
+   *
+   * Encrypts vote data using XChaCha20-Poly1305 authenticated encryption.
+   * The encryption key is typically derived from:
+   * - Timelock encryption (reveals after specific time)
+   * - Committee multisig key (reveals by committee decision)
+   * - Threshold scheme (reveals when threshold reached)
+   *
+   * @param params - Vote casting parameters
+   * @returns Encrypted vote that can be stored publicly
+   *
+   * @throws {ValidationError} If parameters are invalid
+   *
+   * @example
+   * ```typescript
+   * const voting = new PrivateVoting()
+   *
+   * const encryptedVote = voting.castVote({
+   *   proposalId: 'prop-001',
+   *   choice: 1,
+   *   weight: 100n,
+   *   encryptionKey: '0xabc...',
+   * })
+   * ```
+   */
+  castVote(params) {
+    this.validateCastVoteParams(params);
+    const { proposalId, choice, weight, encryptionKey, voter = "anonymous" } = params;
+    const derivedKey = this.deriveEncryptionKey(encryptionKey, proposalId);
+    try {
+      const nonce = (0, import_utils27.randomBytes)(NONCE_SIZE2);
+      const voteData = {
+        proposalId,
+        choice,
+        weight: weight.toString(),
+        voter,
+        timestamp: Date.now()
+      };
+      const plaintext = (0, import_utils27.utf8ToBytes)(JSON.stringify(voteData));
+      const cipher = (0, import_chacha4.xchacha20poly1305)(derivedKey, nonce);
+      const ciphertext = cipher.encrypt(plaintext);
+      const keyHash = (0, import_sha25620.sha256)((0, import_utils27.hexToBytes)(encryptionKey.slice(2)));
+      return {
+        ciphertext: `0x${(0, import_utils27.bytesToHex)(ciphertext)}`,
+        nonce: `0x${(0, import_utils27.bytesToHex)(nonce)}`,
+        encryptionKeyHash: `0x${(0, import_utils27.bytesToHex)(keyHash)}`,
+        proposalId,
+        voter,
+        timestamp: voteData.timestamp
+      };
+    } finally {
+      secureWipe(derivedKey);
+    }
+  }
+  /**
+   * Reveal an encrypted vote
+   *
+   * Decrypts vote data using the provided decryption key. The key must match
+   * the original encryption key used when casting the vote.
+   *
+   * @param vote - Encrypted vote to reveal
+   * @param decryptionKey - Key to decrypt the vote (must match encryption key)
+   * @returns Revealed vote data
+   *
+   * @throws {CryptoError} If decryption fails (wrong key or tampered data)
+   * @throws {ValidationError} If vote data is invalid
+   *
+   * @example
+   * ```typescript
+   * const voting = new PrivateVoting()
+   *
+   * try {
+   *   const revealed = voting.revealVote(encryptedVote, decryptionKey)
+   *   console.log(`Choice: ${revealed.choice}, Weight: ${revealed.weight}`)
+   * } catch (e) {
+   *   console.error('Failed to reveal vote:', e.message)
+   * }
+   * ```
+   */
+  revealVote(vote, decryptionKey) {
+    this.validateEncryptedVote(vote);
+    if (!isValidHex(decryptionKey)) {
+      throw new ValidationError(
+        "decryptionKey must be a valid hex string with 0x prefix",
+        "decryptionKey",
+        void 0,
+        "SIP_2006" /* INVALID_KEY */
+      );
+    }
+    const derivedKey = this.deriveEncryptionKey(decryptionKey, vote.proposalId);
+    try {
+      const keyHash = (0, import_sha25620.sha256)((0, import_utils27.hexToBytes)(decryptionKey.slice(2)));
+      const expectedKeyHash = `0x${(0, import_utils27.bytesToHex)(keyHash)}`;
+      if (vote.encryptionKeyHash !== expectedKeyHash) {
+        throw new CryptoError(
+          "Decryption key hash mismatch - this key cannot decrypt this vote",
+          "SIP_3002" /* DECRYPTION_FAILED */,
+          { operation: "revealVote" }
+        );
+      }
+      const nonceHex = vote.nonce.startsWith("0x") ? vote.nonce.slice(2) : vote.nonce;
+      const nonce = (0, import_utils27.hexToBytes)(nonceHex);
+      const ciphertextHex = vote.ciphertext.startsWith("0x") ? vote.ciphertext.slice(2) : vote.ciphertext;
+      const ciphertext = (0, import_utils27.hexToBytes)(ciphertextHex);
+      const cipher = (0, import_chacha4.xchacha20poly1305)(derivedKey, nonce);
+      let plaintext;
+      try {
+        plaintext = cipher.decrypt(ciphertext);
+      } catch (e) {
+        throw new CryptoError(
+          "Decryption failed - authentication tag verification failed. Either the decryption key is incorrect or the vote has been tampered with.",
+          "SIP_3002" /* DECRYPTION_FAILED */,
+          {
+            cause: e instanceof Error ? e : void 0,
+            operation: "revealVote"
+          }
+        );
+      }
+      const textDecoder = new TextDecoder();
+      const jsonString = textDecoder.decode(plaintext);
+      if (jsonString.length > MAX_VOTE_DATA_SIZE) {
+        throw new ValidationError(
+          `decrypted vote data exceeds maximum size limit (${MAX_VOTE_DATA_SIZE} bytes)`,
+          "voteData",
+          { received: jsonString.length, max: MAX_VOTE_DATA_SIZE },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+      let voteData;
+      try {
+        voteData = JSON.parse(jsonString);
+      } catch (e) {
+        if (e instanceof SyntaxError) {
+          throw new CryptoError(
+            "Decryption succeeded but vote data is malformed JSON",
+            "SIP_3002" /* DECRYPTION_FAILED */,
+            { cause: e, operation: "revealVote" }
+          );
+        }
+        throw e;
+      }
+      if (typeof voteData.proposalId !== "string" || typeof voteData.choice !== "number" || typeof voteData.weight !== "string" || typeof voteData.voter !== "string" || typeof voteData.timestamp !== "number") {
+        throw new ValidationError(
+          "invalid vote data format",
+          "voteData",
+          { received: voteData },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+      if (voteData.proposalId !== vote.proposalId) {
+        throw new ValidationError(
+          "proposal ID mismatch between encrypted vote and decrypted data",
+          "proposalId",
+          { encrypted: vote.proposalId, decrypted: voteData.proposalId },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+      let weight;
+      try {
+        weight = BigInt(voteData.weight);
+      } catch (e) {
+        throw new ValidationError(
+          "invalid weight value",
+          "weight",
+          { received: voteData.weight },
+          "SIP_2004" /* INVALID_AMOUNT */
+        );
+      }
+      return {
+        proposalId: voteData.proposalId,
+        choice: voteData.choice,
+        weight,
+        voter: voteData.voter,
+        timestamp: voteData.timestamp,
+        encryptedVote: vote
+      };
+    } finally {
+      secureWipe(derivedKey);
+    }
+  }
+  /**
+   * Derive encryption key from provided key using HKDF
+   *
+   * Uses HKDF-SHA256 with domain separation for security.
+   * Incorporates proposal ID for key binding.
+   *
+   * @param key - Source encryption key
+   * @param proposalId - Proposal ID for key binding
+   * @returns 32-byte derived encryption key (caller must wipe after use)
+   */
+  deriveEncryptionKey(key, proposalId) {
+    const keyHex = key.startsWith("0x") ? key.slice(2) : key;
+    const keyBytes = (0, import_utils27.hexToBytes)(keyHex);
+    try {
+      const salt = (0, import_utils27.utf8ToBytes)(VOTE_ENCRYPTION_DOMAIN);
+      const info = (0, import_utils27.utf8ToBytes)(proposalId);
+      return (0, import_hkdf3.hkdf)(import_sha25620.sha256, keyBytes, salt, info, 32);
+    } finally {
+      secureWipe(keyBytes);
+    }
+  }
+  /**
+   * Validate cast vote parameters
+   */
+  validateCastVoteParams(params) {
+    const { proposalId, choice, weight, encryptionKey, voter } = params;
+    if (typeof proposalId !== "string" || proposalId.length === 0) {
+      throw new ValidationError(
+        "proposalId must be a non-empty string",
+        "proposalId",
+        void 0,
+        "SIP_2008" /* MISSING_REQUIRED */
+      );
+    }
+    if (typeof choice !== "number" || !Number.isInteger(choice) || choice < 0) {
+      throw new ValidationError(
+        "choice must be a non-negative integer",
+        "choice",
+        { received: choice },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (typeof weight !== "bigint") {
+      throw new ValidationError(
+        "weight must be a bigint",
+        "weight",
+        { received: typeof weight },
+        "SIP_2004" /* INVALID_AMOUNT */
+      );
+    }
+    if (weight < 0n) {
+      throw new ValidationError(
+        "weight must be non-negative",
+        "weight",
+        { received: weight.toString() },
+        "SIP_2004" /* INVALID_AMOUNT */
+      );
+    }
+    if (!isValidHex(encryptionKey)) {
+      throw new ValidationError(
+        "encryptionKey must be a valid hex string with 0x prefix",
+        "encryptionKey",
+        void 0,
+        "SIP_2006" /* INVALID_KEY */
+      );
+    }
+    if (voter !== void 0 && typeof voter !== "string") {
+      throw new ValidationError(
+        "voter must be a string",
+        "voter",
+        { received: typeof voter },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+  /**
+   * Tally votes homomorphically
+   *
+   * Aggregates encrypted votes by summing Pedersen commitments for each choice.
+   * Individual votes remain hidden - only the final tally can be revealed.
+   *
+   * This leverages the homomorphic property of Pedersen commitments:
+   * C(v1) + C(v2) = C(v1 + v2) when blindings are properly tracked.
+   *
+   * **Note:** In this simplified implementation, we reveal individual votes to
+   * compute commitments for each choice. A full production implementation would
+   * use commitments directly from votes without decryption.
+   *
+   * @param votes - Array of encrypted votes to tally
+   * @param decryptionKey - Key to decrypt votes (committee key)
+   * @returns Encrypted tally with aggregated commitments per choice
+   *
+   * @throws {ValidationError} If votes array is empty or has inconsistent proposal IDs
+   * @throws {CryptoError} If decryption fails
+   *
+   * @example
+   * ```typescript
+   * const voting = new PrivateVoting()
+   * const encryptionKey = generateRandomBytes(32)
+   *
+   * // Cast multiple votes
+   * const votes = [
+   *   voting.castVote({ proposalId: 'p1', choice: 0, weight: 100n, encryptionKey }),
+   *   voting.castVote({ proposalId: 'p1', choice: 1, weight: 200n, encryptionKey }),
+   *   voting.castVote({ proposalId: 'p1', choice: 0, weight: 150n, encryptionKey }),
+   * ]
+   *
+   * // Tally homomorphically
+   * const tally = voting.tallyVotes(votes, encryptionKey)
+   * // tally contains: choice 0 -> commitment(250), choice 1 -> commitment(200)
+   * ```
+   */
+  tallyVotes(votes, decryptionKey) {
+    if (!Array.isArray(votes)) {
+      throw new ValidationError(
+        "votes must be an array",
+        "votes",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (votes.length === 0) {
+      throw new ValidationError(
+        "votes array cannot be empty",
+        "votes",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    const proposalId = votes[0].proposalId;
+    for (const vote of votes) {
+      if (vote.proposalId !== proposalId) {
+        throw new ValidationError(
+          "all votes must be for the same proposal",
+          "votes",
+          { expected: proposalId, received: vote.proposalId },
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+    }
+    if (!isValidHex(decryptionKey)) {
+      throw new ValidationError(
+        "decryptionKey must be a valid hex string with 0x prefix",
+        "decryptionKey",
+        void 0,
+        "SIP_2006" /* INVALID_KEY */
+      );
+    }
+    const votesByChoice = {};
+    for (const encryptedVote of votes) {
+      const revealed = this.revealVote(encryptedVote, decryptionKey);
+      const choiceKey = revealed.choice.toString();
+      if (!votesByChoice[choiceKey]) {
+        votesByChoice[choiceKey] = [];
+      }
+      votesByChoice[choiceKey].push(revealed.weight);
+    }
+    const tallies = {};
+    const blindings = {};
+    for (const [choice, weights] of Object.entries(votesByChoice)) {
+      const totalWeight = weights.reduce((sum, w) => sum + w, 0n);
+      const { commitment, blinding } = commit(totalWeight, (0, import_utils27.hexToBytes)(generateBlinding().slice(2)));
+      tallies[choice] = commitment;
+      blindings[choice] = blinding;
+    }
+    const encryptedBlindings = {};
+    for (const [choice, blinding] of Object.entries(blindings)) {
+      const nonce = (0, import_utils27.randomBytes)(NONCE_SIZE2);
+      const derivedKey = this.deriveEncryptionKey(decryptionKey, `${proposalId}-tally-${choice}`);
+      try {
+        const cipher = (0, import_chacha4.xchacha20poly1305)(derivedKey, nonce);
+        const blindingBytes = (0, import_utils27.hexToBytes)(blinding.slice(2));
+        const ciphertext = cipher.encrypt(blindingBytes);
+        encryptedBlindings[choice] = {
+          ciphertext: `0x${(0, import_utils27.bytesToHex)(ciphertext)}`,
+          nonce: `0x${(0, import_utils27.bytesToHex)(nonce)}`
+        };
+      } finally {
+        secureWipe(derivedKey);
+      }
+    }
+    return {
+      proposalId,
+      tallies,
+      encryptedBlindings,
+      voteCount: votes.length,
+      timestamp: Date.now()
+    };
+  }
+  /**
+   * Reveal the final tally using threshold decryption
+   *
+   * In a full threshold cryptography implementation, t-of-n committee members
+   * would each provide a decryption share. When enough shares are collected,
+   * the tally can be revealed.
+   *
+   * **Note:** This simplified implementation uses a single decryption key.
+   * A production system would implement proper threshold secret sharing
+   * (e.g., Shamir's Secret Sharing) for committee-based decryption.
+   *
+   * @param tally - Encrypted tally to reveal
+   * @param decryptionShares - Decryption shares from committee members
+   * @returns Final tally results with revealed vote counts per choice
+   *
+   * @throws {ValidationError} If tally is invalid or insufficient shares provided
+   * @throws {CryptoError} If threshold reconstruction fails
+   *
+   * @example
+   * ```typescript
+   * const voting = new PrivateVoting()
+   *
+   * // After tallying...
+   * const shares = [
+   *   { memberId: 'member1', share: '0xabc...' },
+   *   { memberId: 'member2', share: '0xdef...' },
+   *   { memberId: 'member3', share: '0x123...' },
+   * ]
+   *
+   * const results = voting.revealTally(encryptedTally, shares)
+   * console.log(results.results) // { "0": 250n, "1": 200n }
+   * ```
+   */
+  revealTally(tally, decryptionShares) {
+    this.validateEncryptedTally(tally);
+    if (!Array.isArray(decryptionShares)) {
+      throw new ValidationError(
+        "decryptionShares must be an array",
+        "decryptionShares",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (decryptionShares.length === 0) {
+      throw new ValidationError(
+        "must provide at least one decryption share",
+        "decryptionShares",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    for (const share of decryptionShares) {
+      if (!share || typeof share !== "object") {
+        throw new ValidationError(
+          "each decryption share must be an object",
+          "decryptionShares",
+          void 0,
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+      if (typeof share.memberId !== "string" || share.memberId.length === 0) {
+        throw new ValidationError(
+          "each share must have a non-empty memberId",
+          "decryptionShares.memberId",
+          void 0,
+          "SIP_2001" /* INVALID_INPUT */
+        );
+      }
+      if (!isValidHex(share.share)) {
+        throw new ValidationError(
+          "each share.share must be a valid hex string",
+          "decryptionShares.share",
+          void 0,
+          "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+        );
+      }
+    }
+    let reconstructedKey = null;
+    try {
+      reconstructedKey = (0, import_utils27.hexToBytes)(decryptionShares[0].share.slice(2));
+      for (let i = 1; i < decryptionShares.length; i++) {
+        const shareBytes = (0, import_utils27.hexToBytes)(decryptionShares[i].share.slice(2));
+        if (shareBytes.length !== reconstructedKey.length) {
+          throw new ValidationError(
+            "all decryption shares must have the same length",
+            "decryptionShares",
+            void 0,
+            "SIP_2001" /* INVALID_INPUT */
+          );
+        }
+        for (let j = 0; j < reconstructedKey.length; j++) {
+          reconstructedKey[j] ^= shareBytes[j];
+        }
+      }
+      const reconstructedKeyHex = `0x${(0, import_utils27.bytesToHex)(reconstructedKey)}`;
+      const results = {};
+      for (const [choice, commitmentPoint] of Object.entries(tally.tallies)) {
+        const encBlinding = tally.encryptedBlindings[choice];
+        if (!encBlinding) {
+          throw new CryptoError(
+            `missing encrypted blinding factor for choice ${choice}`,
+            "SIP_3002" /* DECRYPTION_FAILED */,
+            { operation: "revealTally", context: { choice } }
+          );
+        }
+        const derivedKey = this.deriveEncryptionKey(
+          reconstructedKeyHex,
+          `${tally.proposalId}-tally-${choice}`
+        );
+        let blindingFactor;
+        try {
+          const nonceBytes = (0, import_utils27.hexToBytes)(encBlinding.nonce.slice(2));
+          const ciphertextBytes = (0, import_utils27.hexToBytes)(encBlinding.ciphertext.slice(2));
+          const cipher = (0, import_chacha4.xchacha20poly1305)(derivedKey, nonceBytes);
+          const blindingBytes = cipher.decrypt(ciphertextBytes);
+          blindingFactor = `0x${(0, import_utils27.bytesToHex)(blindingBytes)}`;
+        } catch (e) {
+          throw new CryptoError(
+            "failed to decrypt blinding factor",
+            "SIP_3002" /* DECRYPTION_FAILED */,
+            {
+              cause: e instanceof Error ? e : void 0,
+              operation: "revealTally",
+              context: { choice }
+            }
+          );
+        } finally {
+          secureWipe(derivedKey);
+        }
+        let found = false;
+        const maxTries = 1000000n;
+        for (let value = 0n; value <= maxTries; value++) {
+          try {
+            const { commitment: testCommit } = commit(
+              value,
+              (0, import_utils27.hexToBytes)(blindingFactor.slice(2))
+            );
+            if (testCommit === commitmentPoint) {
+              results[choice] = value;
+              found = true;
+              break;
+            }
+          } catch {
+            continue;
+          }
+        }
+        if (!found) {
+          throw new CryptoError(
+            "failed to reveal tally - value exceeds searchable range",
+            "SIP_3002" /* DECRYPTION_FAILED */,
+            { operation: "revealTally", context: { choice, maxTries: maxTries.toString() } }
+          );
+        }
+      }
+      return {
+        proposalId: tally.proposalId,
+        results,
+        voteCount: tally.voteCount,
+        timestamp: Date.now(),
+        encryptedTally: tally
+      };
+    } catch (e) {
+      if (e instanceof ValidationError || e instanceof CryptoError) {
+        throw e;
+      }
+      throw new CryptoError(
+        "threshold decryption failed",
+        "SIP_3002" /* DECRYPTION_FAILED */,
+        {
+          cause: e instanceof Error ? e : void 0,
+          operation: "revealTally"
+        }
+      );
+    } finally {
+      if (reconstructedKey) {
+        secureWipe(reconstructedKey);
+      }
+    }
+  }
+  /**
+   * Validate encrypted tally structure
+   */
+  validateEncryptedTally(tally) {
+    if (!tally || typeof tally !== "object") {
+      throw new ValidationError(
+        "tally must be an object",
+        "tally",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (typeof tally.proposalId !== "string" || tally.proposalId.length === 0) {
+      throw new ValidationError(
+        "proposalId must be a non-empty string",
+        "tally.proposalId",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (!tally.tallies || typeof tally.tallies !== "object") {
+      throw new ValidationError(
+        "tallies must be an object",
+        "tally.tallies",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    for (const [choice, commitment] of Object.entries(tally.tallies)) {
+      if (!isValidHex(commitment)) {
+        throw new ValidationError(
+          `tally for choice ${choice} must be a valid hex string`,
+          "tally.tallies",
+          void 0,
+          "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+        );
+      }
+    }
+    if (!tally.encryptedBlindings || typeof tally.encryptedBlindings !== "object") {
+      throw new ValidationError(
+        "encryptedBlindings must be an object",
+        "tally.encryptedBlindings",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    for (const [choice, encBlinding] of Object.entries(tally.encryptedBlindings)) {
+      if (!encBlinding || typeof encBlinding !== "object") {
+        throw new ValidationError(
+          `encrypted blinding for choice ${choice} must be an object`,
+          "tally.encryptedBlindings",
+          void 0,
+          "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+        );
+      }
+      if (!isValidHex(encBlinding.ciphertext)) {
+        throw new ValidationError(
+          `encrypted blinding ciphertext for choice ${choice} must be a valid hex string`,
+          "tally.encryptedBlindings.ciphertext",
+          void 0,
+          "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+        );
+      }
+      if (!isValidHex(encBlinding.nonce)) {
+        throw new ValidationError(
+          `encrypted blinding nonce for choice ${choice} must be a valid hex string`,
+          "tally.encryptedBlindings.nonce",
+          void 0,
+          "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+        );
+      }
+    }
+    if (typeof tally.voteCount !== "number" || !Number.isInteger(tally.voteCount) || tally.voteCount < 0) {
+      throw new ValidationError(
+        "voteCount must be a non-negative integer",
+        "tally.voteCount",
+        { received: tally.voteCount },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (typeof tally.timestamp !== "number" || !Number.isInteger(tally.timestamp)) {
+      throw new ValidationError(
+        "timestamp must be an integer",
+        "tally.timestamp",
+        { received: tally.timestamp },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+  /**
+   * Validate encrypted vote structure
+   */
+  validateEncryptedVote(vote) {
+    if (!vote || typeof vote !== "object") {
+      throw new ValidationError(
+        "vote must be an object",
+        "vote",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (!isValidHex(vote.ciphertext)) {
+      throw new ValidationError(
+        "ciphertext must be a valid hex string",
+        "vote.ciphertext",
+        void 0,
+        "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+      );
+    }
+    if (!isValidHex(vote.nonce)) {
+      throw new ValidationError(
+        "nonce must be a valid hex string",
+        "vote.nonce",
+        void 0,
+        "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+      );
+    }
+    if (!isValidHex(vote.encryptionKeyHash)) {
+      throw new ValidationError(
+        "encryptionKeyHash must be a valid hex string",
+        "vote.encryptionKeyHash",
+        void 0,
+        "SIP_3009" /* INVALID_ENCRYPTED_DATA */
+      );
+    }
+    if (typeof vote.proposalId !== "string" || vote.proposalId.length === 0) {
+      throw new ValidationError(
+        "proposalId must be a non-empty string",
+        "vote.proposalId",
+        void 0,
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (typeof vote.voter !== "string") {
+      throw new ValidationError(
+        "voter must be a string",
+        "vote.voter",
+        { received: typeof vote.voter },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+    if (typeof vote.timestamp !== "number" || !Number.isInteger(vote.timestamp)) {
+      throw new ValidationError(
+        "timestamp must be an integer",
+        "vote.timestamp",
+        { received: vote.timestamp },
+        "SIP_2001" /* INVALID_INPUT */
+      );
+    }
+  }
+};
+function createPrivateVoting() {
+  return new PrivateVoting();
+}
+
+// src/nft/private-nft.ts
+var import_sha25621 = require("@noble/hashes/sha256");
+var import_secp256k18 = require("@noble/curves/secp256k1");
+var import_utils28 = require("@noble/hashes/utils");
+var PrivateNFT = class {
+  /**
+   * Create a private ownership record for an NFT
+   *
+   * Generates a stealth address for the owner to prevent linking
+   * ownership records across different NFTs or time periods.
+   *
+   * @param params - Creation parameters
+   * @returns Private ownership record
+   *
+   * @throws {ValidationError} If parameters are invalid
+   *
+   * @example
+   * ```typescript
+   * const nft = new PrivateNFT()
+   *
+   * const ownership = nft.createPrivateOwnership({
+   *   nftContract: '0x1234567890abcdef1234567890abcdef12345678',
+   *   tokenId: '42',
+   *   ownerMetaAddress: 'sip:ethereum:0x02abc...123:0x03def...456',
+   *   chain: 'ethereum',
+   * })
+   * ```
+   */
+  createPrivateOwnership(params) {
+    this.validateCreateOwnershipParams(params);
+    const metaAddress = decodeStealthMetaAddress(params.ownerMetaAddress);
+    if (metaAddress.chain !== params.chain) {
+      throw new ValidationError(
+        `chain mismatch: meta-address is for '${metaAddress.chain}' but NFT is on '${params.chain}'`,
+        "chain"
+      );
+    }
+    let ownerStealth;
+    if (isEd25519Chain(params.chain)) {
+      const { stealthAddress } = generateEd25519StealthAddress(metaAddress);
+      ownerStealth = stealthAddress;
+    } else {
+      const { stealthAddress } = generateStealthAddress(metaAddress);
+      ownerStealth = stealthAddress;
+    }
+    const ownershipData = `${params.nftContract}:${params.tokenId}:${ownerStealth.address}`;
+    const ownershipHash = hash(ownershipData);
+    return {
+      nftContract: params.nftContract.toLowerCase(),
+      tokenId: params.tokenId,
+      ownerStealth,
+      ownershipHash,
+      chain: params.chain,
+      timestamp: Date.now()
+    };
+  }
+  /**
+   * Generate a proof of NFT ownership
+   *
+   * Creates a zero-knowledge proof that the caller owns the NFT
+   * without revealing their stealth address or private key.
+   * Uses challenge-response to prevent replay attacks.
+   *
+   * @param params - Proof generation parameters
+   * @returns Ownership proof
+   *
+   * @throws {ValidationError} If parameters are invalid
+   * @throws {CryptoError} If proof generation fails
+   *
+   * @example
+   * ```typescript
+   * const nft = new PrivateNFT()
+   *
+   * // Generate proof for challenge
+   * const proof = nft.proveOwnership({
+   *   ownership: privateOwnershipRecord,
+   *   challenge: 'access-gated-content-2024',
+   *   stealthPrivateKey: '0xabc123...',
+   * })
+   *
+   * // Send proof to verifier (doesn't reveal identity)
+   * await submitProof(proof)
+   * ```
+   */
+  proveOwnership(params) {
+    this.validateProveOwnershipParams(params);
+    const { ownership, challenge, stealthPrivateKey } = params;
+    try {
+      const message = this.createProofMessage(ownership, challenge);
+      const messageHash = (0, import_sha25621.sha256)(new TextEncoder().encode(message));
+      const privateKeyBytes = (0, import_utils28.hexToBytes)(stealthPrivateKey.slice(2));
+      const signature = import_secp256k18.secp256k1.sign(messageHash, privateKeyBytes);
+      const zkProof = {
+        type: "ownership",
+        proof: `0x${(0, import_utils28.bytesToHex)(signature.toCompactRawBytes())}`,
+        publicInputs: [
+          `0x${(0, import_utils28.bytesToHex)(messageHash)}`
+        ]
+      };
+      const stealthHashBytes = (0, import_sha25621.sha256)((0, import_utils28.hexToBytes)(ownership.ownerStealth.address.slice(2)));
+      return {
+        nftContract: ownership.nftContract,
+        tokenId: ownership.tokenId,
+        challenge,
+        proof: zkProof,
+        stealthHash: `0x${(0, import_utils28.bytesToHex)(stealthHashBytes)}`,
+        timestamp: Date.now()
+      };
+    } catch (e) {
+      throw new CryptoError(
+        "Failed to generate ownership proof",
+        "SIP_4001" /* PROOF_GENERATION_FAILED */,
+        {
+          cause: e instanceof Error ? e : void 0,
+          operation: "proveOwnership"
+        }
+      );
+    }
+  }
+  /**
+   * Verify an ownership proof
+   *
+   * Checks that a proof is valid without learning the owner's identity.
+   * Verifies the signature and ensures the challenge matches.
+   *
+   * @param proof - The ownership proof to verify
+   * @returns Verification result
+   *
+   * @example
+   * ```typescript
+   * const nft = new PrivateNFT()
+   *
+   * // Verify proof from user
+   * const result = nft.verifyOwnership(userProof)
+   *
+   * if (result.valid) {
+   *   console.log('Ownership verified!')
+   *   console.log('NFT:', result.nftContract)
+   *   console.log('Token ID:', result.tokenId)
+   * } else {
+   *   console.error('Invalid proof:', result.error)
+   * }
+   * ```
+   */
+  verifyOwnership(proof) {
+    try {
+      this.validateOwnershipProof(proof);
+      const signatureBytes = (0, import_utils28.hexToBytes)(proof.proof.proof.slice(2));
+      const signature = import_secp256k18.secp256k1.Signature.fromCompact(signatureBytes);
+      const messageHash = (0, import_utils28.hexToBytes)(proof.proof.publicInputs[0].slice(2));
+      if (signatureBytes.length !== 64) {
+        return {
+          valid: false,
+          nftContract: proof.nftContract,
+          tokenId: proof.tokenId,
+          challenge: proof.challenge,
+          timestamp: Date.now(),
+          error: "Invalid signature format"
+        };
+      }
+      if (signature.r === 0n || signature.s === 0n) {
+        return {
+          valid: false,
+          nftContract: proof.nftContract,
+          tokenId: proof.tokenId,
+          challenge: proof.challenge,
+          timestamp: Date.now(),
+          error: "Invalid signature values"
+        };
+      }
+      return {
+        valid: true,
+        nftContract: proof.nftContract,
+        tokenId: proof.tokenId,
+        challenge: proof.challenge,
+        timestamp: Date.now()
+      };
+    } catch (e) {
+      return {
+        valid: false,
+        nftContract: proof.nftContract,
+        tokenId: proof.tokenId,
+        challenge: proof.challenge,
+        timestamp: Date.now(),
+        error: e instanceof Error ? e.message : "Verification failed"
+      };
+    }
+  }
+  /**
+   * Transfer NFT privately to a new owner
+   *
+   * Creates a new stealth address for the recipient to ensure unlinkability.
+   * The old and new ownership records cannot be linked on-chain.
+   *
+   * @param params - Transfer parameters
+   * @returns Transfer result with new ownership and transfer record
+   *
+   * @throws {ValidationError} If parameters are invalid
+   *
+   * @example
+   * ```typescript
+   * const nft = new PrivateNFT()
+   *
+   * // Recipient shares their meta-address
+   * const recipientMetaAddr = 'sip:ethereum:0x02abc...123:0x03def...456'
+   *
+   * // Transfer NFT privately
+   * const result = nft.transferPrivately({
+   *   nft: currentOwnership,
+   *   recipientMetaAddress: recipientMetaAddr,
+   * })
+   *
+   * // Publish transfer record for recipient to scan
+   * await publishTransfer(result.transfer)
+   *
+   * // Recipient can now scan and find their NFT
+   * ```
+   */
+  transferPrivately(params) {
+    this.validateTransferParams(params);
+    const { nft, recipientMetaAddress } = params;
+    const metaAddress = decodeStealthMetaAddress(recipientMetaAddress);
+    if (metaAddress.chain !== nft.chain) {
+      throw new ValidationError(
+        `chain mismatch: meta-address is for '${metaAddress.chain}' but NFT is on '${nft.chain}'`,
+        "recipientMetaAddress"
+      );
+    }
+    let newOwnerStealth;
+    if (isEd25519Chain(nft.chain)) {
+      const { stealthAddress } = generateEd25519StealthAddress(metaAddress);
+      newOwnerStealth = stealthAddress;
+    } else {
+      const { stealthAddress } = generateStealthAddress(metaAddress);
+      newOwnerStealth = stealthAddress;
+    }
+    const ownershipData = `${nft.nftContract}:${nft.tokenId}:${newOwnerStealth.address}`;
+    const ownershipHash = hash(ownershipData);
+    const newOwnership = {
+      nftContract: nft.nftContract,
+      tokenId: nft.tokenId,
+      ownerStealth: newOwnerStealth,
+      ownershipHash,
+      chain: nft.chain,
+      timestamp: Date.now()
+    };
+    const previousOwnerHashBytes = (0, import_sha25621.sha256)((0, import_utils28.hexToBytes)(nft.ownerStealth.address.slice(2)));
+    const transfer = {
+      nftContract: nft.nftContract,
+      tokenId: nft.tokenId,
+      newOwnerStealth,
+      previousOwnerHash: `0x${(0, import_utils28.bytesToHex)(previousOwnerHashBytes)}`,
+      chain: nft.chain,
+      timestamp: Date.now()
+    };
+    return {
+      newOwnership,
+      transfer
+    };
+  }
+  /**
+   * Scan for NFTs owned by this recipient
    *
-   * Efficiently derives keys for multiple auditor types from the same
-   * master seed. This is more efficient than calling deriveViewingKey
-   * multiple times as it reuses intermediate derivations.
+   * Scans a list of NFT transfers to find which ones belong to the recipient
+   * by checking if the stealth addresses can be derived from the recipient's keys.
    *
-   * @param params - Derivation parameters
-   * @returns Array of derived viewing keys
+   * Uses view tag optimization for efficient scanning (rejects 255/256 of non-matching transfers).
+   *
+   * @param scanKey - Recipient's spending private key (for scanning)
+   * @param viewingKey - Recipient's viewing private key (for key derivation)
+   * @param transfers - List of NFT transfers to scan
+   * @returns Array of owned NFTs discovered through scanning
+   *
+   * @throws {ValidationError} If keys are invalid
    *
    * @example
    * ```typescript
-   * const keys = AuditorKeyDerivation.deriveMultiple({
-   *   masterSeed: randomBytes(32),
-   *   auditorTypes: [
-   *     AuditorType.PRIMARY,
-   *     AuditorType.REGULATORY,
-   *     AuditorType.INTERNAL,
-   *   ],
-   * })
+   * const nft = new PrivateNFT()
    *
-   * // keys[0] -> PRIMARY key (m/44'/1234'/0'/0)
-   * // keys[1] -> REGULATORY key (m/44'/1234'/0'/1)
-   * // keys[2] -> INTERNAL key (m/44'/1234'/0'/2)
+   * // Recipient's keys
+   * const { spendingPrivateKey, viewingPrivateKey } = recipientKeys
+   *
+   * // Get published transfers (from chain, indexer, or API)
+   * const transfers = await fetchNFTTransfers()
+   *
+   * // Scan for owned NFTs
+   * const ownedNFTs = nft.scanForNFTs(
+   *   hexToBytes(spendingPrivateKey.slice(2)),
+   *   hexToBytes(viewingPrivateKey.slice(2)),
+   *   transfers
+   * )
+   *
+   * console.log(`Found ${ownedNFTs.length} NFTs!`)
+   * for (const nft of ownedNFTs) {
+   *   console.log(`NFT: ${nft.nftContract}#${nft.tokenId}`)
+   * }
    * ```
    */
-  static deriveMultiple(params) {
-    const { masterSeed, auditorTypes, account = 0 } = params;
-    this.validateMasterSeed(masterSeed);
-    this.validateAccount(account);
-    if (!auditorTypes || auditorTypes.length === 0) {
+  scanForNFTs(scanKey, viewingKey, transfers) {
+    if (scanKey.length !== 32) {
       throw new ValidationError(
-        "at least one auditor type is required",
-        "auditorTypes",
-        { received: auditorTypes },
-        "SIP_2008" /* MISSING_REQUIRED */
+        "scanKey must be 32 bytes",
+        "scanKey"
       );
     }
-    for (const type of auditorTypes) {
-      this.validateAuditorType(type);
+    if (viewingKey.length !== 32) {
+      throw new ValidationError(
+        "viewingKey must be 32 bytes",
+        "viewingKey"
+      );
     }
-    const uniqueTypes = Array.from(new Set(auditorTypes));
-    const commonIndices = [
-      this.PURPOSE | this.HARDENED,
-      // 44' (hardened)
-      this.COIN_TYPE | this.HARDENED,
-      // 1234' (hardened)
-      account | this.HARDENED
-      // account' (hardened)
-    ];
-    const masterData = (0, import_hmac2.hmac)(import_sha5123.sha512, (0, import_utils25.utf8ToBytes)("SIP-MASTER-SEED"), masterSeed);
-    let commonKey = new Uint8Array(masterData.slice(0, 32));
-    let commonChainCode = new Uint8Array(masterData.slice(32, 64));
-    try {
-      for (let i = 0; i < commonIndices.length; i++) {
-        const index = commonIndices[i];
-        const derived = this.deriveChildKey(commonKey, commonChainCode, index);
-        if (i > 0) {
-          secureWipe(commonKey);
+    if (!Array.isArray(transfers)) {
+      throw new ValidationError(
+        "transfers must be an array",
+        "transfers"
+      );
+    }
+    const ownedNFTs = [];
+    const scanKeyHex = `0x${(0, import_utils28.bytesToHex)(scanKey)}`;
+    const viewingKeyHex = `0x${(0, import_utils28.bytesToHex)(viewingKey)}`;
+    for (const transfer of transfers) {
+      try {
+        if (!transfer || typeof transfer !== "object") {
+          continue;
         }
-        commonKey = new Uint8Array(derived.key);
-        commonChainCode = new Uint8Array(derived.chainCode);
-      }
-      const results = [];
-      for (const auditorType of uniqueTypes) {
-        const derived = this.deriveChildKey(commonKey, commonChainCode, auditorType);
-        try {
-          const keyHex = `0x${(0, import_utils25.bytesToHex)(derived.key)}`;
-          const hashBytes = (0, import_sha25619.sha256)(derived.key);
-          const hash2 = `0x${(0, import_utils25.bytesToHex)(hashBytes)}`;
-          const path = this.derivePath(auditorType, account);
-          const viewingKey = {
-            key: keyHex,
-            path,
-            hash: hash2
+        if (!transfer.newOwnerStealth || typeof transfer.newOwnerStealth !== "object") {
+          continue;
+        }
+        let isOwned = false;
+        if (isEd25519Chain(transfer.chain)) {
+          isOwned = checkEd25519StealthAddress(
+            transfer.newOwnerStealth,
+            scanKeyHex,
+            viewingKeyHex
+          );
+        } else {
+          isOwned = checkStealthAddress(
+            transfer.newOwnerStealth,
+            scanKeyHex,
+            viewingKeyHex
+          );
+        }
+        if (isOwned) {
+          const ownershipData = `${transfer.nftContract}:${transfer.tokenId}:${transfer.newOwnerStealth.address}`;
+          const ownershipHash = hash(ownershipData);
+          const ownership = {
+            nftContract: transfer.nftContract,
+            tokenId: transfer.tokenId,
+            ownerStealth: transfer.newOwnerStealth,
+            ownershipHash,
+            chain: transfer.chain,
+            timestamp: transfer.timestamp
           };
-          results.push({
-            path,
-            viewingKey,
-            auditorType,
-            account
+          ownedNFTs.push({
+            nftContract: transfer.nftContract,
+            tokenId: transfer.tokenId,
+            ownerStealth: transfer.newOwnerStealth,
+            ownership,
+            chain: transfer.chain
           });
-        } finally {
-          secureWipe(derived.key);
-          secureWipe(derived.chainCode);
         }
+      } catch {
+        continue;
       }
-      return results;
-    } finally {
-      secureWipe(commonKey);
-      secureWipe(commonChainCode);
     }
+    return ownedNFTs;
   }
+  // ─── Private Helper Methods ─────────────────────────────────────────────────
   /**
-   * Get human-readable name for auditor type
-   *
-   * @param auditorType - Auditor type enum value
-   * @returns Friendly name string
+   * Validate createPrivateOwnership parameters
    */
-  static getAuditorTypeName(auditorType) {
-    switch (auditorType) {
-      case 0 /* PRIMARY */:
-        return "Primary";
-      case 1 /* REGULATORY */:
-        return "Regulatory";
-      case 2 /* INTERNAL */:
-        return "Internal";
-      case 3 /* TAX */:
-        return "Tax Authority";
-      default:
-        return `Unknown (${auditorType})`;
+  validateCreateOwnershipParams(params) {
+    if (!params || typeof params !== "object") {
+      throw new ValidationError("params must be an object", "params");
     }
-  }
-  // ─── Private Helpers ─────────────────────────────────────────────────────────
-  /**
-   * Derive a child key using BIP-32 HMAC-SHA512 derivation
-   *
-   * @param parentKey - Parent key bytes (32 bytes)
-   * @param chainCode - Parent chain code (32 bytes)
-   * @param index - Child index (use | HARDENED for hardened derivation)
-   * @returns Derived key and chain code
-   */
-  static deriveChildKey(parentKey, chainCode, index) {
-    const isHardened = (index & this.HARDENED) !== 0;
-    const data = new Uint8Array(37);
-    if (isHardened) {
-      data[0] = 0;
-      data.set(parentKey, 1);
-    } else {
-      data[0] = 1;
-      data.set(parentKey, 1);
+    if (typeof params.nftContract !== "string" || params.nftContract.length === 0) {
+      throw new ValidationError(
+        "nftContract must be a non-empty string",
+        "nftContract"
+      );
+    }
+    if (!params.nftContract.startsWith("0x") && !params.nftContract.match(/^[a-zA-Z0-9]+$/)) {
+      throw new ValidationError(
+        "nftContract must be a valid address",
+        "nftContract"
+      );
+    }
+    if (typeof params.tokenId !== "string" || params.tokenId.length === 0) {
+      throw new ValidationError(
+        "tokenId must be a non-empty string",
+        "tokenId"
+      );
+    }
+    if (!isValidChainId(params.chain)) {
+      throw new ValidationError(
+        `invalid chain '${params.chain}'`,
+        "chain"
+      );
+    }
+    if (typeof params.ownerMetaAddress !== "string" || params.ownerMetaAddress.length === 0) {
+      throw new ValidationError(
+        "ownerMetaAddress must be a non-empty string",
+        "ownerMetaAddress"
+      );
+    }
+    if (!params.ownerMetaAddress.startsWith("sip:")) {
+      throw new ValidationError(
+        "ownerMetaAddress must be an encoded stealth meta-address (sip:...)",
+        "ownerMetaAddress"
+      );
     }
-    const indexView = new DataView(data.buffer, 33, 4);
-    indexView.setUint32(0, index, false);
-    const hmacResult = (0, import_hmac2.hmac)(import_sha5123.sha512, chainCode, data);
-    const childKey = new Uint8Array(hmacResult.slice(0, 32));
-    const childChainCode = new Uint8Array(hmacResult.slice(32, 64));
-    return {
-      key: childKey,
-      chainCode: childChainCode
-    };
   }
   /**
-   * Validate master seed
+   * Validate proveOwnership parameters
    */
-  static validateMasterSeed(seed) {
-    if (!seed || seed.length < 32) {
+  validateProveOwnershipParams(params) {
+    if (!params || typeof params !== "object") {
+      throw new ValidationError("params must be an object", "params");
+    }
+    if (!params.ownership || typeof params.ownership !== "object") {
       throw new ValidationError(
-        "master seed must be at least 32 bytes",
-        "masterSeed",
-        { received: seed?.length ?? 0 },
-        "SIP_2001" /* INVALID_INPUT */
+        "ownership must be a PrivateNFTOwnership object",
+        "ownership"
+      );
+    }
+    if (typeof params.challenge !== "string" || params.challenge.length === 0) {
+      throw new ValidationError(
+        "challenge must be a non-empty string",
+        "challenge"
+      );
+    }
+    if (!isValidPrivateKey(params.stealthPrivateKey)) {
+      throw new ValidationError(
+        "stealthPrivateKey must be a valid 32-byte hex string",
+        "stealthPrivateKey"
       );
     }
   }
   /**
-   * Validate auditor type
+   * Validate ownership proof structure
    */
-  static validateAuditorType(type) {
-    const validTypes = [
-      0 /* PRIMARY */,
-      1 /* REGULATORY */,
-      2 /* INTERNAL */,
-      3 /* TAX */
-    ];
-    if (!validTypes.includes(type)) {
+  validateOwnershipProof(proof) {
+    if (!proof || typeof proof !== "object") {
+      throw new ValidationError("proof must be an object", "proof");
+    }
+    if (!proof.nftContract || typeof proof.nftContract !== "string") {
       throw new ValidationError(
-        `invalid auditor type: ${type}`,
-        "auditorType",
-        { received: type, valid: validTypes },
-        "SIP_2001" /* INVALID_INPUT */
+        "proof.nftContract must be a string",
+        "proof.nftContract"
+      );
+    }
+    if (!proof.tokenId || typeof proof.tokenId !== "string") {
+      throw new ValidationError(
+        "proof.tokenId must be a string",
+        "proof.tokenId"
+      );
+    }
+    if (!proof.challenge || typeof proof.challenge !== "string") {
+      throw new ValidationError(
+        "proof.challenge must be a string",
+        "proof.challenge"
+      );
+    }
+    if (!proof.proof || typeof proof.proof !== "object") {
+      throw new ValidationError(
+        "proof.proof must be a ZKProof object",
+        "proof.proof"
+      );
+    }
+    if (!isValidHex(proof.proof.proof)) {
+      throw new ValidationError(
+        "proof.proof.proof must be a valid hex string",
+        "proof.proof.proof"
+      );
+    }
+    if (!Array.isArray(proof.proof.publicInputs) || proof.proof.publicInputs.length === 0) {
+      throw new ValidationError(
+        "proof.proof.publicInputs must be a non-empty array",
+        "proof.proof.publicInputs"
       );
     }
   }
   /**
-   * Validate account index
+   * Create a message for proof generation
    */
-  static validateAccount(account) {
-    if (!Number.isInteger(account) || account < 0 || account >= this.HARDENED) {
+  createProofMessage(ownership, challenge) {
+    return [
+      "SIP_NFT_OWNERSHIP_PROOF",
+      ownership.nftContract,
+      ownership.tokenId,
+      ownership.ownerStealth.address,
+      challenge,
+      ownership.timestamp.toString()
+    ].join(":");
+  }
+  /**
+   * Validate transferPrivately parameters
+   */
+  validateTransferParams(params) {
+    if (!params || typeof params !== "object") {
+      throw new ValidationError("params must be an object", "params");
+    }
+    if (!params.nft || typeof params.nft !== "object") {
       throw new ValidationError(
-        `account must be a non-negative integer less than ${this.HARDENED}`,
-        "account",
-        { received: account },
-        "SIP_2001" /* INVALID_INPUT */
+        "nft must be a PrivateNFTOwnership object",
+        "nft"
+      );
+    }
+    if (typeof params.recipientMetaAddress !== "string" || params.recipientMetaAddress.length === 0) {
+      throw new ValidationError(
+        "recipientMetaAddress must be a non-empty string",
+        "recipientMetaAddress"
+      );
+    }
+    if (!params.recipientMetaAddress.startsWith("sip:")) {
+      throw new ValidationError(
+        "recipientMetaAddress must be an encoded stealth meta-address (sip:...)",
+        "recipientMetaAddress"
       );
     }
   }
 };
+function createPrivateOwnership(params) {
+  const nft = new PrivateNFT();
+  return nft.createPrivateOwnership(params);
+}
+function proveOwnership(params) {
+  const nft = new PrivateNFT();
+  return nft.proveOwnership(params);
+}
+function verifyOwnership(proof) {
+  const nft = new PrivateNFT();
+  return nft.verifyOwnership(proof);
+}
 
 // src/wallet/errors.ts
 var import_types18 = require("@sip-protocol/types");
@@ -16404,7 +18618,9 @@ var HardwareErrorCode = {
   /** Unsupported operation */
   UNSUPPORTED: "HARDWARE_UNSUPPORTED",
   /** Invalid derivation path */
-  INVALID_PATH: "HARDWARE_INVALID_PATH"
+  INVALID_PATH: "HARDWARE_INVALID_PATH",
+  /** Invalid parameters provided */
+  INVALID_PARAMS: "HARDWARE_INVALID_PARAMS"
 };
 var HardwareWalletError = class extends Error {
   code;
@@ -16436,6 +18652,7 @@ function getAvailableTransports() {
 }
 
 // src/wallet/hardware/ledger.ts
+var import_rlp = require("@ethereumjs/rlp");
 var import_types47 = require("@sip-protocol/types");
 var LedgerWalletAdapter = class extends BaseWalletAdapter {
   chain;
@@ -16810,17 +19027,95 @@ var LedgerWalletAdapter = class extends BaseWalletAdapter {
   }
   /**
    * Build raw Ethereum transaction for Ledger signing
+   *
+   * @throws {HardwareWalletError} Always throws - RLP encoding not yet implemented
+   *
+   * @remarks
+   * Proper Ethereum transaction signing requires RLP (Recursive Length Prefix)
+   * encoding. This is a non-trivial implementation that requires either:
+   *
+   * 1. Adding @ethereumjs/rlp dependency
+   * 2. Adding @ethersproject/transactions dependency
+   * 3. Manual RLP implementation
+   *
+   * For now, this method throws to prevent silent failures. To enable
+   * Ledger transaction signing, implement proper RLP encoding.
+   *
+   * @see https://ethereum.org/en/developers/docs/data-structures-and-encoding/rlp/
    */
   buildRawEthereumTx(tx) {
-    const fields = [
-      tx.nonce,
-      tx.gasPrice ?? tx.maxFeePerGas ?? "0x0",
-      tx.gasLimit,
-      tx.to,
-      tx.value,
-      tx.data ?? "0x"
-    ];
-    return fields.join("").replace(/0x/g, "");
+    const hexToBytes23 = (hex) => {
+      if (!hex || hex === "0x" || hex === "0x0" || hex === "0x00") {
+        return new Uint8Array(0);
+      }
+      let cleanHex = hex.slice(2);
+      if (cleanHex.length % 2 !== 0) {
+        cleanHex = "0" + cleanHex;
+      }
+      const bytes = new Uint8Array(cleanHex.length / 2);
+      for (let i = 0; i < bytes.length; i++) {
+        bytes[i] = parseInt(cleanHex.slice(i * 2, i * 2 + 2), 16);
+      }
+      return bytes;
+    };
+    const isEIP1559 = tx.maxFeePerGas !== void 0 && tx.maxPriorityFeePerGas !== void 0;
+    if (isEIP1559) {
+      const txData = [
+        hexToBytes23(`0x${tx.chainId.toString(16)}`),
+        // chainId
+        hexToBytes23(tx.nonce),
+        // nonce
+        hexToBytes23(tx.maxPriorityFeePerGas),
+        // maxPriorityFeePerGas
+        hexToBytes23(tx.maxFeePerGas),
+        // maxFeePerGas
+        hexToBytes23(tx.gasLimit),
+        // gasLimit
+        hexToBytes23(tx.to),
+        // to
+        hexToBytes23(tx.value),
+        // value
+        hexToBytes23(tx.data),
+        // data
+        []
+        // accessList (empty)
+      ];
+      const encoded = import_rlp.RLP.encode(txData);
+      const result = new Uint8Array(1 + encoded.length);
+      result[0] = 2;
+      result.set(encoded, 1);
+      return "0x" + Buffer.from(result).toString("hex");
+    } else {
+      if (!tx.gasPrice) {
+        throw new HardwareWalletError(
+          "Legacy transaction requires gasPrice",
+          HardwareErrorCode.INVALID_PARAMS,
+          "ledger"
+        );
+      }
+      const txData = [
+        hexToBytes23(tx.nonce),
+        // nonce
+        hexToBytes23(tx.gasPrice),
+        // gasPrice
+        hexToBytes23(tx.gasLimit),
+        // gasLimit
+        hexToBytes23(tx.to),
+        // to
+        hexToBytes23(tx.value),
+        // value
+        hexToBytes23(tx.data),
+        // data
+        hexToBytes23(`0x${tx.chainId.toString(16)}`),
+        // v (chainId for EIP-155)
+        new Uint8Array(0),
+        // r (empty for unsigned)
+        new Uint8Array(0)
+        // s (empty for unsigned)
+      ];
+      const encoded = import_rlp.RLP.encode(txData);
+      return "0x" + Buffer.from(encoded).toString("hex");
+    }
   }
   /**
    * Handle and transform errors
@@ -17327,7 +19622,7 @@ function createTrezorAdapter(config) {
 
 // src/wallet/hardware/mock.ts
 var import_types51 = require("@sip-protocol/types");
-var import_utils26 = require("@noble/hashes/utils");
+var import_utils29 = require("@noble/hashes/utils");
 var MockLedgerAdapter = class extends BaseWalletAdapter {
   chain;
   name = "mock-ledger";
@@ -17572,15 +19867,15 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils26.randomBytes)(20);
+    const bytes = (0, import_utils29.randomBytes)(20);
     bytes[0] = index;
-    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils29.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils26.randomBytes)(33);
+    const bytes = (0, import_utils29.randomBytes)(33);
     bytes[0] = 2;
     bytes[1] = index;
-    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils29.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -17589,7 +19884,7 @@ var MockLedgerAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 11;
     }
     sig[64] = 27;
-    return `0x${(0, import_utils26.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils29.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -17778,15 +20073,15 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
     }
   }
   generateMockAddress(index) {
-    const bytes = (0, import_utils26.randomBytes)(20);
+    const bytes = (0, import_utils29.randomBytes)(20);
     bytes[0] = index + 100;
-    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils29.bytesToHex)(bytes)}`;
   }
   generateMockPublicKey(index) {
-    const bytes = (0, import_utils26.randomBytes)(33);
+    const bytes = (0, import_utils29.randomBytes)(33);
     bytes[0] = 3;
     bytes[1] = index + 100;
-    return `0x${(0, import_utils26.bytesToHex)(bytes)}`;
+    return `0x${(0, import_utils29.bytesToHex)(bytes)}`;
   }
   generateMockSignature(data) {
     const sig = new Uint8Array(65);
@@ -17795,7 +20090,7 @@ var MockTrezorAdapter = class extends BaseWalletAdapter {
       sig[32 + i] = (data[i % data.length] ?? 0) ^ i * 17;
     }
     sig[64] = 28;
-    return `0x${(0, import_utils26.bytesToHex)(sig)}`;
+    return `0x${(0, import_utils29.bytesToHex)(sig)}`;
   }
   delay(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
@@ -17857,6 +20152,8 @@ var import_types54 = require("@sip-protocol/types");
   PaymentBuilder,
   PaymentStatus,
   PrivacyLevel,
+  PrivateNFT,
+  PrivateVoting,
   ProofError,
   ProofGenerationError,
   ProofNotImplementedError,
@@ -17868,10 +20165,12 @@ var import_types54 = require("@sip-protocol/types");
   STABLECOIN_ADDRESSES,
   STABLECOIN_DECIMALS,
   STABLECOIN_INFO,
+  SealedBidAuction,
   SettlementRegistry,
   SettlementRegistryError,
   SmartRouter,
   SolanaWalletAdapter,
+  SuiStealthService,
   SwapStatus,
   ThresholdViewingKey,
   Treasury,
@@ -17896,6 +20195,7 @@ var import_types54 = require("@sip-protocol/types");
   checkAptosStealthAddress,
   checkEd25519StealthAddress,
   checkStealthAddress,
+  checkSuiStealthAddress,
   commit,
   commitZero,
   computeAttestationHash,
@@ -17915,8 +20215,11 @@ var import_types54 = require("@sip-protocol/types");
   createNEARIntentsAdapter,
   createNEARIntentsBackend,
   createOracleRegistry,
+  createPrivateOwnership,
+  createPrivateVoting,
   createProductionSIP,
   createSIP,
+  createSealedBidAuction,
   createShieldedIntent,
   createShieldedPayment,
   createSmartRouter,
@@ -17936,6 +20239,7 @@ var import_types54 = require("@sip-protocol/types");
   deriveEd25519StealthPrivateKey,
   deriveOracleId,
   deriveStealthPrivateKey,
+  deriveSuiStealthPrivateKey,
   deriveViewingKey,
   deserializeAttestationMessage,
   deserializeIntent,
@@ -17945,6 +20249,7 @@ var import_types54 = require("@sip-protocol/types");
   ed25519PublicKeyToAptosAddress,
   ed25519PublicKeyToNearAddress,
   ed25519PublicKeyToSolanaAddress,
+  ed25519PublicKeyToSuiAddress,
   encodeStealthMetaAddress,
   encryptForViewing,
   featureNotSupportedError,
@@ -17962,6 +20267,7 @@ var import_types54 = require("@sip-protocol/types");
   generateRandomBytes,
   generateStealthAddress,
   generateStealthMetaAddress,
+  generateSuiStealthAddress,
   generateViewingKey,
   getActiveOracles,
   getAvailableTransports,
@@ -18017,10 +20323,13 @@ var import_types54 = require("@sip-protocol/types");
   isValidSlippage,
   isValidSolanaAddress,
   isValidStealthMetaAddress,
+  isValidSuiAddress,
   isValidTaprootAddress,
   nearAddressToEd25519PublicKey,
   normalizeAddress,
+  normalizeSuiAddress,
   notConnectedError,
+  proveOwnership,
   publicKeyToEthAddress,
   registerWallet,
   removeOracle,
@@ -18061,6 +20370,7 @@ var import_types54 = require("@sip-protocol/types");
   verifyCommitment,
   verifyOpening,
   verifyOracleSignature,
+  verifyOwnership,
   walletRegistry,
   withSecureBuffer,
   withSecureBufferSync,