@smonn/ids 0.10.0 → 0.12.0

package/dist/typeorm.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"typeorm.d.mts","names":[],"sources":["../src/adapters/typeorm.ts"],"mappings":";;;;;;;;;;;;;;;;;;AA0CkF;;;;;;;;;;;;;;;;;;;iBAAlE,aAAA,uBAAoC,KAAA,EAAO,aAAA,CAAc,KAAA,IAAS,gBAAA"}

package/dist/typeorm.mjs

@@ -0,0 +1,49 @@
+import { n as isIdsError, t as IdsError } from "./error-Cp5qYZcv.mjs";
+import { t as readIdColumn } from "./adapter-types-7wWdELSh.mjs";
+//#region src/adapters/typeorm.ts
+/**
+* TypeORM column transformer for `Id<Brand>`.
+*
+* Returns a `ValueTransformer` object suitable for use in a TypeORM `@Column`
+* decorator's `transformer` option.
+*
+* **Write path (`to`):** passes the `Id<Brand>` directly to the database — it is
+* already the canonical string form.
+*
+* **Read path (`from`):** normalises the raw database value via `codec.safeParse()`.
+* Throws `IdsError` with code `"invalid_id"` if the value does not parse as a valid
+* `Id<Brand>`.
+*
+* **TypeORM branding caveat:** TypeORM cannot brand a generated entity field type at
+* the schema level. Annotate the entity field explicitly: `id!: Id<"usr">`.
+*
+* @example
+* ```ts
+* import { idTransformer } from "@smonn/ids/typeorm";
+* import { createTimestampId } from "@smonn/ids";
+* import type { Id } from "@smonn/ids";
+* import { Column, Entity } from "typeorm";
+*
+* const usr = createTimestampId("usr");
+*
+* @Entity()
+* class User {
+*   @Column({ type: "text", transformer: idTransformer(usr) })
+*   id!: Id<"usr">;
+* }
+* ```
+*/
+function idTransformer(codec) {
+	return {
+		to(value) {
+			return value;
+		},
+		from(value) {
+			return readIdColumn(codec, value);
+		}
+	};
+}
+//#endregion
+export { IdsError, idTransformer, isIdsError };
+
+//# sourceMappingURL=typeorm.mjs.map

package/dist/typeorm.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"typeorm.mjs","names":[],"sources":["../src/adapters/typeorm.ts"],"sourcesContent":["import type { ValueTransformer } from \"typeorm\";\nimport { IdsError, isIdsError, type IdsErrorCode } from \"../error.js\";\nimport { readIdColumn, type IdColumnCodec } from \"./adapter-types.js\";\nimport type { Id } from \"../types.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported from `\"@smonn/ids\"` for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode };\n\nexport type { IdColumnCodec };\n\n/**\n * TypeORM column transformer for `Id<Brand>`.\n *\n * Returns a `ValueTransformer` object suitable for use in a TypeORM `@Column`\n * decorator's `transformer` option.\n *\n * **Write path (`to`):** passes the `Id<Brand>` directly to the database — it is\n * already the canonical string form.\n *\n * **Read path (`from`):** normalises the raw database value via `codec.safeParse()`.\n * Throws `IdsError` with code `\"invalid_id\"` if the value does not parse as a valid\n * `Id<Brand>`.\n *\n * **TypeORM branding caveat:** TypeORM cannot brand a generated entity field type at\n * the schema level. Annotate the entity field explicitly: `id!: Id<\"usr\">`.\n *\n * @example\n * ```ts\n * import { idTransformer } from \"@smonn/ids/typeorm\";\n * import { createTimestampId } from \"@smonn/ids\";\n * import type { Id } from \"@smonn/ids\";\n * import { Column, Entity } from \"typeorm\";\n *\n * const usr = createTimestampId(\"usr\");\n *\n * @Entity()\n * class User {\n *   @Column({ type: \"text\", transformer: idTransformer(usr) })\n *   id!: Id<\"usr\">;\n * }\n * ```\n */\nexport function idTransformer<Brand extends string>(codec: IdColumnCodec<Brand>): ValueTransformer {\n  return {\n    to(value: Id<Brand>): string {\n      return value;\n    },\n    from(value: unknown): Id<Brand> {\n      return readIdColumn(codec, value);\n    },\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0CA,SAAgB,cAAoC,OAA+C;CACjG,OAAO;EACL,GAAG,OAA0B;GAC3B,OAAO;EACT;EACA,KAAK,OAA2B;GAC9B,OAAO,aAAa,OAAO,KAAK;EAClC;CACF;AACF"}

package/dist/{wrapped-BI9UXnAm.mjs → wrapped-CDTiPwNM.mjs}

@@ -1,7 +1,7 @@
 import { t as IdsError } from "./error-Cp5qYZcv.mjs";
-import { a as toWireId, i as payloadBytesFromId, n as registerBrand, r as payloadBase32Length, s as validateBrand, t as wireMethods } from "./codec-shell-CW2sD6BU.mjs";
-import { i as encodeKeyMaterial, n as assertValidKeyring, r as decodeKeyMaterial, t as assertValidKeyMaterialByteLength } from "./key-material-gOnqTNoV.mjs";
-//#region src/layouts/wrapped.ts
+import { a as toWireId, i as payloadBytesFromId, n as registerBrand, r as payloadBase32Length, s as validateBrand, t as wireMethods } from "./codec-shell-DvrTDa65.mjs";
+import { i as encodeKeyMaterial, n as assertValidKeyring, r as decodeKeyMaterial, t as assertValidKeyMaterialByteLength } from "./key-material-f29JIyrz.mjs";
+//#region src/codecs/wrapped/layout.ts
 const zeroIv = /* @__PURE__ */ new Uint8Array(16);
 const pkcsPad = 16;
 const laneByteLength = 8;
@@ -61,11 +61,28 @@ function readLane(kind, lane) {
 	if (kind === "i64") return readI64Lane(lane);
 	return kind === "i32" ? readI32Lane(lane) : readU32Lane(lane);
 }
+function writeLen32(value, target, offset) {
+	target[offset] = value >>> 24 & 255;
+	target[offset + 1] = value >>> 16 & 255;
+	target[offset + 2] = value >>> 8 & 255;
+	target[offset + 3] = value & 255;
+}
 function hmacMessage(brand, kind, lane) {
-	const prefix = new TextEncoder().encode(`${brand}:${kind}:`);
-	const message = new Uint8Array(prefix.length + lane.length);
-	message.set(prefix, 0);
-	message.set(lane, prefix.length);
+	const encoder = new TextEncoder();
+	const brandBytes = encoder.encode(brand);
+	const kindBytes = encoder.encode(kind);
+	const msgLen = 4 + brandBytes.length + 4 + kindBytes.length + lane.length;
+	const message = new Uint8Array(msgLen);
+	let offset = 0;
+	writeLen32(brandBytes.length, message, offset);
+	offset += 4;
+	message.set(brandBytes, offset);
+	offset += brandBytes.length;
+	writeLen32(kindBytes.length, message, offset);
+	offset += 4;
+	message.set(kindBytes, offset);
+	offset += kindBytes.length;
+	message.set(lane, offset);
 	return message;
 }
 async function computeTag(key, brand, kind, lane) {
@@ -134,9 +151,9 @@ function createWrappedLayoutOps(prefix, brand, kind, keys) {
 	};
 }
 //#endregion
-//#region src/wrapping-key.ts
-const aesInfo = new TextEncoder().encode("@smonn/ids/wrapped/aes/v1");
-const hmacInfo = new TextEncoder().encode("@smonn/ids/wrapped/hmac/v1");
+//#region src/codecs/wrapped/key.ts
+const aesInfo = new TextEncoder().encode("@smonn/ids/wrapped/aes");
+const hmacInfo = new TextEncoder().encode("@smonn/ids/wrapped/hmac");
 const SHA256_DIGEST_BYTES = 32;
 const internals = /* @__PURE__ */ new WeakMap();
 /**
@@ -232,7 +249,7 @@ async function deriveHmacKey(bytes) {
 	}, false, ["sign", "verify"]);
 }
 //#endregion
-//#region src/wrapped.ts
+//#region src/codecs/wrapped/index.ts
 const u32Max = 4294967295;
 const i32Min = -2147483648;
 const i32Max = 2147483647;
@@ -329,4 +346,4 @@ function createWrappedKeyId(brand, opts) {
 //#endregion
 export { importWrappingKey as i, decodeWrappingKey as n, encodeWrappingKey as r, createWrappedKeyId as t };
 
-//# sourceMappingURL=wrapped-BI9UXnAm.mjs.map
+//# sourceMappingURL=wrapped-CDTiPwNM.mjs.map

package/dist/wrapped-CDTiPwNM.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"wrapped-CDTiPwNM.mjs","names":[],"sources":["../src/codecs/wrapped/layout.ts","../src/codecs/wrapped/key.ts","../src/codecs/wrapped/index.ts"],"sourcesContent":["import type { webcrypto } from \"node:crypto\";\nimport type { Id, Prefix } from \"../../types.js\";\nimport { payloadBytesFromId, toWireId } from \"../../wire/envelope.js\";\nimport { payloadBase32Length, payloadByteLength } from \"../../wire/invariants.js\";\n\nconst zeroIv = new Uint8Array(payloadByteLength);\nconst pkcsPad = 0x10;\nconst laneByteLength = 8;\nconst tagByteLength = 8;\n\ntype LayoutWrappingKey = {\n  aesKey: webcrypto.CryptoKey;\n  hmacKey: webcrypto.CryptoKey;\n};\n\ntype LayoutWrappedKind = \"u32\" | \"i32\" | \"u64\" | \"i64\";\ntype LayoutLookupKey<K extends LayoutWrappedKind> = K extends \"u32\" | \"i32\" ? number : bigint;\n\nfunction writeU32Lane(value: number, lane: Uint8Array): void {\n  lane[0] = 0;\n  lane[1] = 0;\n  lane[2] = 0;\n  lane[3] = 0;\n  lane[4] = (value >>> 24) & 0xff;\n  lane[5] = (value >>> 16) & 0xff;\n  lane[6] = (value >>> 8) & 0xff;\n  lane[7] = value & 0xff;\n}\n\nfunction readU32Lane(lane: Uint8Array): number | null {\n  for (let i = 0; i < 4; i++) {\n    if (lane[i] !== 0) return null;\n  }\n  return ((lane[4]! << 24) | (lane[5]! << 16) | (lane[6]! << 8) | lane[7]!) >>> 0;\n}\n\nfunction writeI32Lane(value: number, lane: Uint8Array): void {\n  lane.fill(value < 0 ? 0xff : 0x00, 0, 4);\n  new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setInt32(4, value, false);\n}\n\nfunction readI32Lane(lane: Uint8Array): number | null {\n  const signExtension = (lane[4]! & 0x80) === 0 ? 0x00 : 0xff;\n  for (let i = 0; i < 4; i++) {\n    if (lane[i] !== signExtension) return null;\n  }\n  return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getInt32(4, false);\n}\n\nfunction writeU64Lane(value: bigint, lane: Uint8Array): void {\n  new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigUint64(0, value, false);\n}\n\nfunction readU64Lane(lane: Uint8Array): bigint {\n  return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigUint64(0, false);\n}\n\nfunction writeI64Lane(value: bigint, lane: Uint8Array): void {\n  new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigInt64(0, value, false);\n}\n\nfunction readI64Lane(lane: Uint8Array): bigint {\n  return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigInt64(0, false);\n}\n\nfunction writeLane<K extends LayoutWrappedKind>(\n  kind: K,\n  value: LayoutLookupKey<K>,\n  lane: Uint8Array,\n): void {\n  if (kind === \"i32\") {\n    writeI32Lane(value as number, lane);\n    return;\n  }\n  if (kind === \"u64\") {\n    writeU64Lane(value as bigint, lane);\n    return;\n  }\n  if (kind === \"i64\") {\n    writeI64Lane(value as bigint, lane);\n    return;\n  }\n  writeU32Lane(value as number, lane);\n}\n\nfunction readLane<K extends LayoutWrappedKind>(\n  kind: K,\n  lane: Uint8Array,\n): LayoutLookupKey<K> | null {\n  if (kind === \"u64\") return readU64Lane(lane) as LayoutLookupKey<K>;\n  if (kind === \"i64\") return readI64Lane(lane) as LayoutLookupKey<K>;\n  const value = kind === \"i32\" ? readI32Lane(lane) : readU32Lane(lane);\n  return value as LayoutLookupKey<K> | null;\n}\n\nfunction writeLen32(value: number, target: Uint8Array, offset: number): void {\n  target[offset] = (value >>> 24) & 0xff;\n  target[offset + 1] = (value >>> 16) & 0xff;\n  target[offset + 2] = (value >>> 8) & 0xff;\n  target[offset + 3] = value & 0xff;\n}\n\nfunction hmacMessage(brand: string, kind: LayoutWrappedKind, lane: Uint8Array): Uint8Array {\n  const encoder = new TextEncoder();\n  const brandBytes = encoder.encode(brand);\n  const kindBytes = encoder.encode(kind);\n  const msgLen = 4 + brandBytes.length + 4 + kindBytes.length + lane.length;\n  const message = new Uint8Array(msgLen);\n  let offset = 0;\n  writeLen32(brandBytes.length, message, offset);\n  offset += 4;\n  message.set(brandBytes, offset);\n  offset += brandBytes.length;\n  writeLen32(kindBytes.length, message, offset);\n  offset += 4;\n  message.set(kindBytes, offset);\n  offset += kindBytes.length;\n  message.set(lane, offset);\n  return message;\n}\n\nasync function computeTag(\n  key: LayoutWrappingKey,\n  brand: string,\n  kind: LayoutWrappedKind,\n  lane: Uint8Array,\n): Promise<Uint8Array> {\n  const signature = new Uint8Array(\n    await crypto.subtle.sign(\n      \"HMAC\",\n      key.hmacKey,\n      hmacMessage(brand, kind, lane) as Uint8Array<ArrayBuffer>,\n    ),\n  );\n  return signature.subarray(0, tagByteLength);\n}\n\nfunction tagsEqual(a: Uint8Array, b: Uint8Array): boolean {\n  /* v8 ignore next -- defensive guard; both call sites always pass tagByteLength-byte arrays */\n  if (a.length !== b.length) return false;\n  let diff = 0;\n  for (let i = 0; i < a.length; i++) diff |= a[i]! ^ b[i]!;\n  return diff === 0;\n}\n\nasync function encryptPayload(key: LayoutWrappingKey, plaintext: Uint8Array): Promise<Uint8Array> {\n  const encrypted = new Uint8Array(\n    await crypto.subtle.encrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key.aesKey,\n      plaintext as Uint8Array<ArrayBuffer>,\n    ),\n  );\n  return encrypted.subarray(0, payloadByteLength);\n}\n\nasync function decryptPayload(key: LayoutWrappingKey, c1: Uint8Array): Promise<Uint8Array> {\n  const c2Input = new Uint8Array(payloadByteLength);\n  for (let i = 0; i < payloadByteLength; i++) c2Input[i] = pkcsPad ^ c1[i]!;\n  const c2Encrypted = new Uint8Array(\n    await crypto.subtle.encrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key.aesKey,\n      c2Input as Uint8Array<ArrayBuffer>,\n    ),\n  );\n  const ciphertext = new Uint8Array(payloadByteLength * 2);\n  ciphertext.set(c1, 0);\n  ciphertext.set(c2Encrypted.subarray(0, payloadByteLength), payloadByteLength);\n  return new Uint8Array(\n    await crypto.subtle.decrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key.aesKey,\n      ciphertext as Uint8Array<ArrayBuffer>,\n    ),\n  );\n}\n\nfunction buildPlaintext(lane: Uint8Array, tag: Uint8Array): Uint8Array {\n  const plaintext = new Uint8Array(payloadByteLength);\n  plaintext.set(lane, 0);\n  plaintext.set(tag, laneByteLength);\n  return plaintext;\n}\n\nasync function wrapLookupKey<Brand extends string, Kind extends LayoutWrappedKind>(\n  prefix: Prefix<Brand>,\n  brand: string,\n  key: LayoutWrappingKey,\n  kind: Kind,\n  lookupKey: LayoutLookupKey<Kind>,\n): Promise<Id<Brand>> {\n  const lane = new Uint8Array(laneByteLength);\n  writeLane(kind, lookupKey, lane);\n  const tag = await computeTag(key, brand, kind, lane);\n  const encrypted = await encryptPayload(key, buildPlaintext(lane, tag));\n  return toWireId(prefix, encrypted);\n}\n\nasync function tryUnwrapLookupKey<Brand extends string, Kind extends LayoutWrappedKind>(\n  prefix: Prefix<Brand>,\n  brand: string,\n  key: LayoutWrappingKey,\n  kind: Kind,\n  id: Id<Brand>,\n): Promise<LayoutLookupKey<Kind> | null> {\n  const plaintext = await decryptPayload(key, payloadBytesFromId(prefix, id));\n  const lane = plaintext.subarray(0, laneByteLength);\n  const tag = plaintext.subarray(laneByteLength, payloadByteLength);\n  const expected = await computeTag(key, brand, kind, lane);\n  if (!tagsEqual(tag, expected)) return null;\n  return readLane(kind, lane);\n}\n\nfunction schemaExample<Brand extends string>(prefix: Prefix<Brand>): string {\n  return prefix + \"0\".repeat(payloadBase32Length);\n}\n\nexport function createWrappedLayoutOps<Brand extends string, Kind extends LayoutWrappedKind>(\n  prefix: Prefix<Brand>,\n  brand: Brand,\n  kind: Kind,\n  keys: readonly LayoutWrappingKey[],\n) {\n  const wrapKey = keys[0]!;\n  return {\n    wrap: (lookupKey: LayoutLookupKey<Kind>): Promise<Id<Brand>> =>\n      wrapLookupKey(prefix, brand, wrapKey, kind, lookupKey),\n    tryUnwrap: async (id: Id<Brand>): Promise<LayoutLookupKey<Kind> | null> => {\n      for (const key of keys) {\n        const lookupKey = await tryUnwrapLookupKey(prefix, brand, key, kind, id);\n        if (lookupKey !== null) return lookupKey;\n      }\n      return null;\n    },\n    exampleWireId: (): Id<Brand> => schemaExample(prefix) as Id<Brand>,\n  };\n}\n","import type { webcrypto } from \"node:crypto\";\nimport {\n  assertValidKeyMaterialByteLength,\n  assertValidKeyring,\n  decodeKeyMaterial,\n  encodeKeyMaterial,\n} from \"../_kernel/key-material.js\";\n\nexport { assertValidKeyring };\n\n/** Wire encoding for wrapping operator secret bytes (not Crockford base32). */\nexport type WrappingKeyFormat = \"hex\" | \"base64url\";\n\nconst aesInfo = new TextEncoder().encode(\"@smonn/ids/wrapped/aes\");\nconst hmacInfo = new TextEncoder().encode(\"@smonn/ids/wrapped/hmac\");\n\nconst SHA256_DIGEST_BYTES = 32;\n\ndeclare const wrappingKeyBrand: unique symbol;\n\n/**\n * Opaque imported handle for one operator wrapping secret.\n *\n * Holds derived AES and HMAC subkeys internally; callers never access subkeys\n * or raw `webcrypto.CryptoKey` values directly. Obtain handles via {@link importWrappingKey}\n * and pass them to `createWrappedKeyId` as the `keys` wrapping keyring.\n *\n * Distinct from the **Opaque key** used by `@smonn/ids/opaque` — one raw\n * secret must not silently serve both codecs without an explicit import.\n */\nexport type WrappingKey = {\n  readonly [wrappingKeyBrand]: \"WrappingKey\";\n};\n\ntype WrappingKeyInternals = {\n  keyDigest: Uint8Array;\n  aesKey: webcrypto.CryptoKey;\n  hmacKey: webcrypto.CryptoKey;\n};\n\nexport type WrappingKeyMaterial = {\n  aesKey: webcrypto.CryptoKey;\n  hmacKey: webcrypto.CryptoKey;\n};\n\nconst internals = new WeakMap<WrappingKey, WrappingKeyInternals>();\n\n/**\n * Import raw operator secret bytes into a {@link WrappingKey} handle.\n *\n * One raw secret derives into AES and HMAC subkeys held inside the returned\n * handle. Accepts 16, 24, or 32 bytes (AES-128 / AES-192 / AES-256 strength).\n * To store or transport key material, use {@link encodeWrappingKey} /\n * {@link decodeWrappingKey} (`\"hex\"` or `\"base64url\"` — not Crockford base32).\n *\n * @param bytes - 16, 24, or 32 raw key bytes.\n */\nexport async function importWrappingKey(bytes: Uint8Array): Promise<WrappingKey> {\n  assertValidKeyMaterialByteLength(bytes.length, \"wrapping\");\n  const [aesKey, hmacKey, digestBuffer] = await Promise.all([\n    deriveAesKey(bytes),\n    deriveHmacKey(bytes),\n    crypto.subtle.digest(\"SHA-256\", bytes as Uint8Array<ArrayBuffer>),\n  ]);\n  const key = Object.freeze({}) as WrappingKey;\n  internals.set(key, {\n    keyDigest: new Uint8Array(digestBuffer),\n    aesKey,\n    hmacKey,\n  });\n  return key;\n}\n\n/**\n * Encode raw wrapping operator secret bytes for storage in env vars or secret managers.\n *\n * Supports `\"hex\"` (lowercase) and `\"base64url\"`. Output round-trips through\n * {@link decodeWrappingKey} back to the original bytes.\n */\nexport function encodeWrappingKey(bytes: Uint8Array, format: WrappingKeyFormat): string {\n  return encodeKeyMaterial(bytes, format, \"wrapping\", \"wrapping\");\n}\n\n/**\n * Decode key material emitted by {@link encodeWrappingKey} back to raw bytes.\n *\n * The result can be passed directly to {@link importWrappingKey}.\n */\nexport function decodeWrappingKey(encoded: string, format: WrappingKeyFormat): Uint8Array {\n  return decodeKeyMaterial(encoded, format, \"wrapping\", \"wrapping\");\n}\n\n/**\n * Returns true when two handles were imported from the same raw operator secret.\n *\n * Uses a constant-time comparison so duplicate detection over key material does\n * not leak the position of the first differing byte through a timing side channel.\n */\nexport function wrappingKeysEqual(a: WrappingKey, b: WrappingKey): boolean {\n  const aDigest = getWrappingKeyInternals(a).keyDigest;\n  const bDigest = getWrappingKeyInternals(b).keyDigest;\n  let diff = 0;\n  for (let i = 0; i < SHA256_DIGEST_BYTES; i++) {\n    diff |= aDigest[i]! ^ bDigest[i]!;\n  }\n  return diff === 0;\n}\n\nexport function getWrappingKeyMaterial(key: WrappingKey): WrappingKeyMaterial {\n  const keyInternals = getWrappingKeyInternals(key);\n  return {\n    aesKey: keyInternals.aesKey,\n    hmacKey: keyInternals.hmacKey,\n  };\n}\n\nfunction getWrappingKeyInternals(key: WrappingKey): WrappingKeyInternals {\n  const keyInternals = internals.get(key);\n  if (keyInternals === undefined) {\n    throw new Error(\"invalid wrapping key\");\n  }\n  return keyInternals;\n}\n\nasync function deriveAesKey(bytes: Uint8Array): Promise<webcrypto.CryptoKey> {\n  const base = await crypto.subtle.importKey(\n    \"raw\",\n    bytes as Uint8Array<ArrayBuffer>,\n    \"HKDF\",\n    false,\n    [\"deriveKey\"],\n  );\n  return crypto.subtle.deriveKey(\n    { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: aesInfo },\n    base,\n    { name: \"AES-CBC\", length: 256 },\n    false,\n    [\"encrypt\", \"decrypt\"],\n  );\n}\n\nasync function deriveHmacKey(bytes: Uint8Array): Promise<webcrypto.CryptoKey> {\n  const base = await crypto.subtle.importKey(\n    \"raw\",\n    bytes as Uint8Array<ArrayBuffer>,\n    \"HKDF\",\n    false,\n    [\"deriveKey\"],\n  );\n  return crypto.subtle.deriveKey(\n    { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: hmacInfo },\n    base,\n    { name: \"HMAC\", hash: \"SHA-256\", length: 256 },\n    false,\n    [\"sign\", \"verify\"],\n  );\n}\n","import { validateBrand } from \"../_kernel/brand.js\";\nimport { IdsError, isIdsError, type IdsErrorCode } from \"../../error.js\";\nimport { createWrappedLayoutOps } from \"./layout.js\";\nimport { registerBrand } from \"../_kernel/registry.js\";\nimport type {\n  Id,\n  JsonSchema,\n  ParseError,\n  ParseResult,\n  Prefix,\n  StandardSchemaProps,\n} from \"../../types.js\";\nimport { wireMethods } from \"../../wire/codec-shell.js\";\nimport {\n  assertValidKeyring,\n  decodeWrappingKey,\n  encodeWrappingKey,\n  getWrappingKeyMaterial,\n  importWrappingKey,\n  type WrappingKey,\n  type WrappingKeyFormat,\n  wrappingKeysEqual,\n} from \"./key.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported from `\"@smonn/ids\"` for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode };\nexport {\n  decodeWrappingKey,\n  encodeWrappingKey,\n  importWrappingKey,\n  type WrappingKey,\n  type WrappingKeyFormat,\n};\n\nexport type WrappedKind = \"u32\" | \"i32\" | \"u64\" | \"i64\";\n\ntype LookupKeyForKind<K extends WrappedKind> = K extends \"u32\" | \"i32\" ? number : bigint;\n\n/**\n * Result returned by {@link WrappedKeyCodec.safeUnwrap}.\n *\n * On success, `id` is the canonical {@link Id} and `lookupKey` is the recovered\n * integer (`number` for 32-bit kinds, `bigint` for 64-bit kinds).\n * On failure, `error` is a {@link ParseError} for structural problems or\n * `\"verification_failed\"` when the payload is structurally valid but the\n * verification tag does not match any entry in the wrapping keyring.\n */\nexport type UnwrapResult<Brand extends string, Kind extends WrappedKind> =\n  | { ok: true; id: Id<Brand>; lookupKey: LookupKeyForKind<Kind> }\n  | { ok: false; error: ParseError | \"verification_failed\" };\n\n/**\n * Codec returned by {@link createWrappedKeyId}.\n *\n * Wraps a caller-owned integer **lookup key** into a public {@link Id} and\n * recovers it on unwrap. The codec is deterministic under fixed key material:\n * the same lookup key always yields the same public ID (**equality leakage**).\n *\n * - `wrap` / `unwrap` / `safeUnwrap` are async (WebCrypto).\n * - `is`, `parse`, `safeParse`, and `toJsonSchema` are synchronous and require\n *   no key material — they validate prefix and base32 shape only.\n * - The `Kind` type parameter drives value types at the TypeScript boundary:\n *   `u32` / `i32` → `number`; `u64` / `i64` → `bigint`.\n */\nexport type WrappedKeyCodec<Brand extends string, Kind extends WrappedKind> = {\n  /**\n   * Wrap `lookupKey` into a public ID using the current (first) wrapping key.\n   *\n   * Throws if `lookupKey` is out of range or the wrong JS type for `Kind`.\n   */\n  wrap(lookupKey: LookupKeyForKind<Kind>): Promise<Id<Brand>>;\n  /**\n   * Verify the payload of a trusted `Id<Brand>` and return the lookup key.\n   *\n   * Throws `IdsError` with `code: \"verification_failed\"` if no entry in the\n   * wrapping keyring matches the payload tag. Use {@link safeUnwrap} for\n   * untrusted input.\n   */\n  unwrap(id: Id<Brand>): Promise<LookupKeyForKind<Kind>>;\n  /**\n   * Non-throwing path for untrusted input.\n   *\n   * Structurally parses `input` first (same rules as {@link safeParse}), then\n   * verifies the payload. Returns `{ ok: false, error }` on any failure —\n   * `ParseError` for structural problems or `\"verification_failed\"` for tag\n   * mismatch — without throwing. Tamper, wrong keyring, and revoked-key cases\n   * all surface as `\"verification_failed\"`.\n   */\n  safeUnwrap(input: unknown): Promise<UnwrapResult<Brand, Kind>>;\n  /** Strict type guard: `true` only for already-canonical `Id<Brand>` strings. */\n  is(value: unknown): value is Id<Brand>;\n  /** Normalise to canonical form, or throw on parse failure. */\n  parse(value: unknown): Id<Brand>;\n  /** Normalise to canonical form, or return `{ ok: false, error }`. */\n  safeParse(value: unknown): ParseResult<Brand>;\n  toJsonSchema(): JsonSchema;\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\nexport type WrappedKeyOptions<K extends WrappedKind> = {\n  kind: K;\n  keys: [WrappingKey, ...WrappingKey[]];\n  allowDuplicateBrand?: boolean;\n};\n\nconst u32Max = 0xffff_ffff;\nconst i32Min = -0x8000_0000;\nconst i32Max = 0x7fff_ffff;\nconst u64Max = 0xffff_ffff_ffff_ffffn;\nconst i64Min = -(1n << 63n);\nconst i64Max = (1n << 63n) - 1n;\n\nfunction assertSupportedKind(kind: WrappedKind): asserts kind is WrappedKind {\n  if (kind !== \"u32\" && kind !== \"i32\" && kind !== \"u64\" && kind !== \"i64\") {\n    throw new IdsError(\"invalid_kind\", \"invalid wrapped key kind: expected u32, i32, u64, or i64\");\n  }\n}\n\nfunction assertU32LookupKey(lookupKey: unknown): asserts lookupKey is number {\n  if (\n    typeof lookupKey !== \"number\" ||\n    !Number.isInteger(lookupKey) ||\n    Object.is(lookupKey, -0) ||\n    lookupKey < 0 ||\n    lookupKey > u32Max\n  ) {\n    throw new IdsError(\n      \"invalid_lookup_key\",\n      `invalid u32 lookup key: expected integer in [0, ${u32Max}], got ${lookupKey}`,\n    );\n  }\n}\n\nfunction assertI32LookupKey(lookupKey: unknown): asserts lookupKey is number {\n  if (\n    typeof lookupKey !== \"number\" ||\n    !Number.isInteger(lookupKey) ||\n    Object.is(lookupKey, -0) ||\n    lookupKey < i32Min ||\n    lookupKey > i32Max\n  ) {\n    throw new IdsError(\n      \"invalid_lookup_key\",\n      `invalid i32 lookup key: expected integer in [${i32Min}, ${i32Max}], got ${lookupKey}`,\n    );\n  }\n}\n\nfunction assertU64LookupKey(lookupKey: unknown): asserts lookupKey is bigint {\n  if (typeof lookupKey !== \"bigint\" || lookupKey < 0n || lookupKey > u64Max) {\n    throw new IdsError(\n      \"invalid_lookup_key\",\n      `invalid u64 lookup key: expected bigint in [0, ${u64Max}], got ${lookupKey}`,\n    );\n  }\n}\n\nfunction assertI64LookupKey(lookupKey: unknown): asserts lookupKey is bigint {\n  if (typeof lookupKey !== \"bigint\" || lookupKey < i64Min || lookupKey > i64Max) {\n    throw new IdsError(\n      \"invalid_lookup_key\",\n      `invalid i64 lookup key: expected bigint in [${i64Min}, ${i64Max}], got ${lookupKey}`,\n    );\n  }\n}\n\nfunction assertLookupKey<Kind extends WrappedKind>(\n  kind: Kind,\n  lookupKey: unknown,\n): asserts lookupKey is LookupKeyForKind<Kind> {\n  if (kind === \"i32\") {\n    assertI32LookupKey(lookupKey);\n    return;\n  }\n  if (kind === \"u64\") {\n    assertU64LookupKey(lookupKey);\n    return;\n  }\n  if (kind === \"i64\") {\n    assertI64LookupKey(lookupKey);\n    return;\n  }\n  assertU32LookupKey(lookupKey);\n}\n\n/**\n * Construct a {@link WrappedKeyCodec} for `brand` and the given `kind`.\n *\n * `opts.kind` fixes the integer type at construction time — one brand, one\n * kind. `opts.keys` is a non-empty ordered wrapping keyring: the first entry\n * is current (used by `wrap`); all entries are tried on `unwrap`; duplicate\n * operator secrets are rejected at construction.\n *\n * @example\n * ```ts\n * const key = await importWrappingKey(new Uint8Array(32));\n * const invoices = createWrappedKeyId(\"inv\", { kind: \"u32\", keys: [key] });\n *\n * const id = await invoices.wrap(42);      // Id<\"inv\">\n * await invoices.unwrap(id);               // 42\n * ```\n */\nexport function createWrappedKeyId<Brand extends string, Kind extends WrappedKind>(\n  brand: Brand,\n  opts: WrappedKeyOptions<Kind>,\n): WrappedKeyCodec<Brand, Kind> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n  assertSupportedKind(opts.kind);\n  assertValidKeyring(opts.keys, wrappingKeysEqual, \"wrapping\");\n  const layoutKeys = opts.keys.map(getWrappingKeyMaterial);\n\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createWrappedLayoutOps(prefix, brand, opts.kind, layoutKeys);\n\n  return {\n    wrap: async (lookupKey) => {\n      assertLookupKey(opts.kind, lookupKey);\n      return layout.wrap(lookupKey);\n    },\n    unwrap: async (id) => {\n      const lookupKey = await layout.tryUnwrap(id);\n      if (lookupKey === null) {\n        throw new IdsError(\"verification_failed\", \"verification failed\");\n      }\n      return lookupKey;\n    },\n    safeUnwrap: async (input) => {\n      const parsed = wire.safeParse(input);\n      if (!parsed.ok) return parsed;\n      const lookupKey = await layout.tryUnwrap(parsed.id);\n      if (lookupKey === null) return { ok: false, error: \"verification_failed\" };\n      return { ok: true, id: parsed.id, lookupKey };\n    },\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;;AAKA,MAAM,yBAAS,IAAI,WAAA,EAA4B;AAC/C,MAAM,UAAU;AAChB,MAAM,iBAAiB;AACvB,MAAM,gBAAgB;AAUtB,SAAS,aAAa,OAAe,MAAwB;CAC3D,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAM,UAAU,KAAM;CAC3B,KAAK,KAAM,UAAU,KAAM;CAC3B,KAAK,KAAM,UAAU,IAAK;CAC1B,KAAK,KAAK,QAAQ;AACpB;AAEA,SAAS,YAAY,MAAiC;CACpD,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KACrB,IAAI,KAAK,OAAO,GAAG,OAAO;CAE5B,QAAS,KAAK,MAAO,KAAO,KAAK,MAAO,KAAO,KAAK,MAAO,IAAK,KAAK,QAAS;AAChF;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,KAAK,KAAK,QAAQ,IAAI,MAAO,GAAM,GAAG,CAAC;CACvC,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,SAAS,GAAG,OAAO,KAAK;AACtF;AAEA,SAAS,YAAY,MAAiC;CACpD,MAAM,iBAAiB,KAAK,KAAM,SAAU,IAAI,IAAO;CACvD,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KACrB,IAAI,KAAK,OAAO,eAAe,OAAO;CAExC,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,SAAS,GAAG,KAAK;AACtF;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,aAAa,GAAG,OAAO,KAAK;AAC1F;AAEA,SAAS,YAAY,MAA0B;CAC7C,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,aAAa,GAAG,KAAK;AAC1F;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,YAAY,GAAG,OAAO,KAAK;AACzF;AAEA,SAAS,YAAY,MAA0B;CAC7C,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,YAAY,GAAG,KAAK;AACzF;AAEA,SAAS,UACP,MACA,OACA,MACM;CACN,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,aAAa,OAAiB,IAAI;AACpC;AAEA,SAAS,SACP,MACA,MAC2B;CAC3B,IAAI,SAAS,OAAO,OAAO,YAAY,IAAI;CAC3C,IAAI,SAAS,OAAO,OAAO,YAAY,IAAI;CAE3C,OADc,SAAS,QAAQ,YAAY,IAAI,IAAI,YAAY,IAAI;AAErE;AAEA,SAAS,WAAW,OAAe,QAAoB,QAAsB;CAC3E,OAAO,UAAW,UAAU,KAAM;CAClC,OAAO,SAAS,KAAM,UAAU,KAAM;CACtC,OAAO,SAAS,KAAM,UAAU,IAAK;CACrC,OAAO,SAAS,KAAK,QAAQ;AAC/B;AAEA,SAAS,YAAY,OAAe,MAAyB,MAA8B;CACzF,MAAM,UAAU,IAAI,YAAY;CAChC,MAAM,aAAa,QAAQ,OAAO,KAAK;CACvC,MAAM,YAAY,QAAQ,OAAO,IAAI;CACrC,MAAM,SAAS,IAAI,WAAW,SAAS,IAAI,UAAU,SAAS,KAAK;CACnE,MAAM,UAAU,IAAI,WAAW,MAAM;CACrC,IAAI,SAAS;CACb,WAAW,WAAW,QAAQ,SAAS,MAAM;CAC7C,UAAU;CACV,QAAQ,IAAI,YAAY,MAAM;CAC9B,UAAU,WAAW;CACrB,WAAW,UAAU,QAAQ,SAAS,MAAM;CAC5C,UAAU;CACV,QAAQ,IAAI,WAAW,MAAM;CAC7B,UAAU,UAAU;CACpB,QAAQ,IAAI,MAAM,MAAM;CACxB,OAAO;AACT;AAEA,eAAe,WACb,KACA,OACA,MACA,MACqB;CAQrB,OAAO,IAPe,WACpB,MAAM,OAAO,OAAO,KAClB,QACA,IAAI,SACJ,YAAY,OAAO,MAAM,IAAI,CAC/B,CAEa,CAAC,CAAC,SAAS,GAAG,aAAa;AAC5C;AAEA,SAAS,UAAU,GAAe,GAAwB;;CAExD,IAAI,EAAE,WAAW,EAAE,QAAQ,OAAO;CAClC,IAAI,OAAO;CACX,KAAK,IAAI,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK,QAAQ,EAAE,KAAM,EAAE;CACrD,OAAO,SAAS;AAClB;AAEA,eAAe,eAAe,KAAwB,WAA4C;CAQhG,OAAO,IAPe,WACpB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,SACF,CAEa,CAAC,CAAC,SAAS,GAAA,EAAoB;AAChD;AAEA,eAAe,eAAe,KAAwB,IAAqC;CACzF,MAAM,0BAAU,IAAI,WAAA,EAA4B;CAChD,KAAK,IAAI,IAAI,GAAG,IAAA,IAAuB,KAAK,QAAQ,KAAK,UAAU,GAAG;CACtE,MAAM,cAAc,IAAI,WACtB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,OACF,CACF;CACA,MAAM,6BAAa,IAAI,WAAA,EAAgC;CACvD,WAAW,IAAI,IAAI,CAAC;CACpB,WAAW,IAAI,YAAY,SAAS,GAAA,EAAoB,GAAA,EAAoB;CAC5E,OAAO,IAAI,WACT,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,UACF,CACF;AACF;AAEA,SAAS,eAAe,MAAkB,KAA6B;CACrE,MAAM,4BAAY,IAAI,WAAA,EAA4B;CAClD,UAAU,IAAI,MAAM,CAAC;CACrB,UAAU,IAAI,KAAK,cAAc;CACjC,OAAO;AACT;AAEA,eAAe,cACb,QACA,OACA,KACA,MACA,WACoB;CACpB,MAAM,OAAO,IAAI,WAAW,cAAc;CAC1C,UAAU,MAAM,WAAW,IAAI;CAG/B,OAAO,SAAS,QAAQ,MADA,eAAe,KAAK,eAAe,MAAM,MAD/C,WAAW,KAAK,OAAO,MAAM,IAAI,CACiB,CAAC,CACpC;AACnC;AAEA,eAAe,mBACb,QACA,OACA,KACA,MACA,IACuC;CACvC,MAAM,YAAY,MAAM,eAAe,KAAK,mBAAmB,QAAQ,EAAE,CAAC;CAC1E,MAAM,OAAO,UAAU,SAAS,GAAG,cAAc;CAGjD,IAAI,CAAC,UAFO,UAAU,SAAS,gBAAA,EAEd,GAAG,MADG,WAAW,KAAK,OAAO,MAAM,IAAI,CAC5B,GAAG,OAAO;CACtC,OAAO,SAAS,MAAM,IAAI;AAC5B;AAEA,SAAS,cAAoC,QAA+B;CAC1E,OAAO,SAAS,IAAI,OAAO,mBAAmB;AAChD;AAEA,SAAgB,uBACd,QACA,OACA,MACA,MACA;CACA,MAAM,UAAU,KAAK;CACrB,OAAO;EACL,OAAO,cACL,cAAc,QAAQ,OAAO,SAAS,MAAM,SAAS;EACvD,WAAW,OAAO,OAAyD;GACzE,KAAK,MAAM,OAAO,MAAM;IACtB,MAAM,YAAY,MAAM,mBAAmB,QAAQ,OAAO,KAAK,MAAM,EAAE;IACvE,IAAI,cAAc,MAAM,OAAO;GACjC;GACA,OAAO;EACT;EACA,qBAAgC,cAAc,MAAM;CACtD;AACF;;;AChOA,MAAM,UAAU,IAAI,YAAY,CAAC,CAAC,OAAO,wBAAwB;AACjE,MAAM,WAAW,IAAI,YAAY,CAAC,CAAC,OAAO,yBAAyB;AAEnE,MAAM,sBAAsB;AA6B5B,MAAM,4BAAY,IAAI,QAA2C;;;;;;;;;;;AAYjE,eAAsB,kBAAkB,OAAyC;CAC/E,iCAAiC,MAAM,QAAQ,UAAU;CACzD,MAAM,CAAC,QAAQ,SAAS,gBAAgB,MAAM,QAAQ,IAAI;EACxD,aAAa,KAAK;EAClB,cAAc,KAAK;EACnB,OAAO,OAAO,OAAO,WAAW,KAAgC;CAClE,CAAC;CACD,MAAM,MAAM,OAAO,OAAO,CAAC,CAAC;CAC5B,UAAU,IAAI,KAAK;EACjB,WAAW,IAAI,WAAW,YAAY;EACtC;EACA;CACF,CAAC;CACD,OAAO;AACT;;;;;;;AAQA,SAAgB,kBAAkB,OAAmB,QAAmC;CACtF,OAAO,kBAAkB,OAAO,QAAQ,YAAY,UAAU;AAChE;;;;;;AAOA,SAAgB,kBAAkB,SAAiB,QAAuC;CACxF,OAAO,kBAAkB,SAAS,QAAQ,YAAY,UAAU;AAClE;;;;;;;AAQA,SAAgB,kBAAkB,GAAgB,GAAyB;CACzE,MAAM,UAAU,wBAAwB,CAAC,CAAC,CAAC;CAC3C,MAAM,UAAU,wBAAwB,CAAC,CAAC,CAAC;CAC3C,IAAI,OAAO;CACX,KAAK,IAAI,IAAI,GAAG,IAAI,qBAAqB,KACvC,QAAQ,QAAQ,KAAM,QAAQ;CAEhC,OAAO,SAAS;AAClB;AAEA,SAAgB,uBAAuB,KAAuC;CAC5E,MAAM,eAAe,wBAAwB,GAAG;CAChD,OAAO;EACL,QAAQ,aAAa;EACrB,SAAS,aAAa;CACxB;AACF;AAEA,SAAS,wBAAwB,KAAwC;CACvE,MAAM,eAAe,UAAU,IAAI,GAAG;CACtC,IAAI,iBAAiB,KAAA,GACnB,MAAM,IAAI,MAAM,sBAAsB;CAExC,OAAO;AACT;AAEA,eAAe,aAAa,OAAiD;CAC3E,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,sBAAM,IAAI,WAAW;EAAG,MAAM;CAAQ,GACvE,MACA;EAAE,MAAM;EAAW,QAAQ;CAAI,GAC/B,OACA,CAAC,WAAW,SAAS,CACvB;AACF;AAEA,eAAe,cAAc,OAAiD;CAC5E,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,sBAAM,IAAI,WAAW;EAAG,MAAM;CAAS,GACxE,MACA;EAAE,MAAM;EAAQ,MAAM;EAAW,QAAQ;CAAI,GAC7C,OACA,CAAC,QAAQ,QAAQ,CACnB;AACF;;;ACnDA,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS,EAAE,MAAM;AACvB,MAAM,UAAU,MAAM,OAAO;AAE7B,SAAS,oBAAoB,MAAgD;CAC3E,IAAI,SAAS,SAAS,SAAS,SAAS,SAAS,SAAS,SAAS,OACjE,MAAM,IAAI,SAAS,gBAAgB,0DAA0D;AAEjG;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IACE,OAAO,cAAc,YACrB,CAAC,OAAO,UAAU,SAAS,KAC3B,OAAO,GAAG,WAAW,EAAE,KACvB,YAAY,KACZ,YAAY,QAEZ,MAAM,IAAI,SACR,sBACA,mDAAmD,OAAO,SAAS,WACrE;AAEJ;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IACE,OAAO,cAAc,YACrB,CAAC,OAAO,UAAU,SAAS,KAC3B,OAAO,GAAG,WAAW,EAAE,KACvB,YAAY,UACZ,YAAY,QAEZ,MAAM,IAAI,SACR,sBACA,gDAAgD,OAAO,IAAI,OAAO,SAAS,WAC7E;AAEJ;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IAAI,OAAO,cAAc,YAAY,YAAY,MAAM,YAAY,QACjE,MAAM,IAAI,SACR,sBACA,kDAAkD,OAAO,SAAS,WACpE;AAEJ;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IAAI,OAAO,cAAc,YAAY,YAAY,UAAU,YAAY,QACrE,MAAM,IAAI,SACR,sBACA,+CAA+C,OAAO,IAAI,OAAO,SAAS,WAC5E;AAEJ;AAEA,SAAS,gBACP,MACA,WAC6C;CAC7C,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,mBAAmB,SAAS;AAC9B;;;;;;;;;;;;;;;;;;AAmBA,SAAgB,mBACd,OACA,MAC8B;CAC9B,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAC7C,oBAAoB,KAAK,IAAI;CAC7B,mBAAmB,KAAK,MAAM,mBAAmB,UAAU;CAC3D,MAAM,aAAa,KAAK,KAAK,IAAI,sBAAsB;CAEvD,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,uBAAuB,QAAQ,OAAO,KAAK,MAAM,UAAU;CAE1E,OAAO;EACL,MAAM,OAAO,cAAc;GACzB,gBAAgB,KAAK,MAAM,SAAS;GACpC,OAAO,OAAO,KAAK,SAAS;EAC9B;EACA,QAAQ,OAAO,OAAO;GACpB,MAAM,YAAY,MAAM,OAAO,UAAU,EAAE;GAC3C,IAAI,cAAc,MAChB,MAAM,IAAI,SAAS,uBAAuB,qBAAqB;GAEjE,OAAO;EACT;EACA,YAAY,OAAO,UAAU;GAC3B,MAAM,SAAS,KAAK,UAAU,KAAK;GACnC,IAAI,CAAC,OAAO,IAAI,OAAO;GACvB,MAAM,YAAY,MAAM,OAAO,UAAU,OAAO,EAAE;GAClD,IAAI,cAAc,MAAM,OAAO;IAAE,IAAI;IAAO,OAAO;GAAsB;GACzE,OAAO;IAAE,IAAI;IAAM,IAAI,OAAO;IAAI;GAAU;EAC9C;EACA,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,CAAC;EACnE,aAAa,KAAK;CACpB;AACF"}

package/dist/wrapped.d.mts

@@ -1,7 +1,7 @@
 import { n as IdsErrorCode, r as isIdsError, t as IdsError } from "./error-JIPylU_E.mjs";
 import { a as StandardSchemaProps, i as ParseResult, n as JsonSchema, r as ParseError, t as Id } from "./types-g7CiQDyE.mjs";
 
-//#region src/wrapping-key.d.ts
+//#region src/codecs/wrapped/key.d.ts
 /** Wire encoding for wrapping operator secret bytes (not Crockford base32). */
 type WrappingKeyFormat = "hex" | "base64url";
 declare const wrappingKeyBrand: unique symbol;
@@ -9,7 +9,7 @@ declare const wrappingKeyBrand: unique symbol;
 * Opaque imported handle for one operator wrapping secret.
 *
 * Holds derived AES and HMAC subkeys internally; callers never access subkeys
-* or raw `CryptoKey` values directly. Obtain handles via {@link importWrappingKey}
+* or raw `webcrypto.CryptoKey` values directly. Obtain handles via {@link importWrappingKey}
 * and pass them to `createWrappedKeyId` as the `keys` wrapping keyring.
 *
 * Distinct from the **Opaque key** used by `@smonn/ids/opaque` — one raw
@@ -43,7 +43,7 @@ declare function encodeWrappingKey(bytes: Uint8Array, format: WrappingKeyFormat)
 */
 declare function decodeWrappingKey(encoded: string, format: WrappingKeyFormat): Uint8Array;
 //#endregion
-//#region src/wrapped.d.ts
+//#region src/codecs/wrapped/index.d.ts
 type WrappedKind = "u32" | "i32" | "u64" | "i64";
 type LookupKeyForKind<K extends WrappedKind> = K extends "u32" | "i32" ? number : bigint;
 /**

package/dist/wrapped.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"wrapped.d.mts","names":[],"sources":["../src/wrapping-key.ts","../src/wrapped.ts"],"mappings":";;;;;KAUY,iBAAA;AAAA,cAOE,gBAAA;;;;AAPF;AAA4B;;;;AAO1B;AAYd;KAAY,WAAA;EAAA,UACA,gBAAA;AAAA;;;;;;;;;;;iBA0BU,iBAAA,CAAkB,KAAA,EAAO,UAAA,GAAa,OAAA,CAAQ,WAAA;AAsBpE;;;;;;AAAA,iBAAgB,iBAAA,CAAkB,KAAA,EAAO,UAAA,EAAY,MAAA,EAAQ,iBAAA;;;AAAA;AAS7D;;iBAAgB,iBAAA,CAAkB,OAAA,UAAiB,MAAA,EAAQ,iBAAA,GAAoB,UAAA;;;KCrDnE,WAAA;AAAA,KAEP,gBAAA,WAA2B,WAAA,IAAe,CAAA;AD1BnC;AAA4B;;;;AAO1B;AAYd;;;AAnBY,KCqCA,YAAA,oCAAgD,WAAA;EACtD,EAAA;EAAU,EAAA,EAAI,EAAA,CAAG,KAAA;EAAQ,SAAA,EAAW,gBAAA,CAAiB,IAAA;AAAA;EACrD,EAAA;EAAW,KAAA,EAAO,UAAA;AAAA;;;;;ADO4C;AAsBpE;;;;;;;;KCdY,eAAA,oCAAmD,WAAA;;;;;;EAM7D,IAAA,CAAK,SAAA,EAAW,gBAAA,CAAiB,IAAA,IAAQ,OAAA,CAAQ,EAAA,CAAG,KAAA;EDiByB;AAAA;;;;ACrD/E;;EA4CE,MAAA,CAAO,EAAA,EAAI,EAAA,CAAG,KAAA,IAAS,OAAA,CAAQ,gBAAA,CAAiB,IAAA;EA5CtC;AAAA;AAAsC;;;;;;;EAsDhD,UAAA,CAAW,KAAA,YAAiB,OAAA,CAAQ,YAAA,CAAa,KAAA,EAAO,IAAA,IApDX;EAsD7C,EAAA,CAAG,KAAA,YAAiB,KAAA,IAAS,EAAA,CAAG,KAAA,GA3CtB;EA6CV,KAAA,CAAM,KAAA,YAAiB,EAAA,CAAG,KAAA;EAE1B,SAAA,CAAU,KAAA,YAAiB,WAAA,CAAY,KAAA;EACvC,YAAA,IAAgB,UAAA;EAAA,SACP,WAAA,EAAa,mBAAA,CAAoB,KAAA;AAAA;AAAA,KAGhC,iBAAA,WAA4B,WAAA;EACtC,IAAA,EAAM,CAAA;EACN,IAAA,GAAO,WAAA,KAAgB,WAAA;EACvB,mBAAA;AAAA;;;;;;;;;;;;;AArDsB;AAexB;;;;iBA0IgB,kBAAA,oCAAsD,WAAA,EACpE,KAAA,EAAO,KAAA,EACP,IAAA,EAAM,iBAAA,CAAkB,IAAA,IACvB,eAAA,CAAgB,KAAA,EAAO,IAAA"}
+{"version":3,"file":"wrapped.d.mts","names":[],"sources":["../src/codecs/wrapped/key.ts","../src/codecs/wrapped/index.ts"],"mappings":";;;;;KAWY,iBAAA;AAAA,cAOE,gBAAA;;;AAPF;AAA4B;;;;AAO1B;AAYd;;KAAY,WAAA;EAAA,UACA,gBAAA;AAAA;;;;;;;;;;AA0BwD;iBAA9C,iBAAA,CAAkB,KAAA,EAAO,UAAA,GAAa,OAAA,CAAQ,WAAA;;;;;;;iBAsBpD,iBAAA,CAAkB,KAAA,EAAO,UAAA,EAAY,MAAA,EAAQ,iBAAA;;AAAA;AAS7D;;;iBAAgB,iBAAA,CAAkB,OAAA,UAAiB,MAAA,EAAQ,iBAAA,GAAoB,UAAA;;;KCtDnE,WAAA;AAAA,KAEP,gBAAA,WAA2B,WAAA,IAAe,CAAA;ADzBnC;AAA4B;;;;AAO1B;AAYd;;;AAnBY,KCoCA,YAAA,oCAAgD,WAAA;EACtD,EAAA;EAAU,EAAA,EAAI,EAAA,CAAG,KAAA;EAAQ,SAAA,EAAW,gBAAA,CAAiB,IAAA;AAAA;EACrD,EAAA;EAAW,KAAA,EAAO,UAAA;AAAA;;;;;ADQ4C;AAsBpE;;;;;;;;KCfY,eAAA,oCAAmD,WAAA;;;;;;EAM7D,IAAA,CAAK,SAAA,EAAW,gBAAA,CAAiB,IAAA,IAAQ,OAAA,CAAQ,EAAA,CAAG,KAAA;EDkByB;AAAA;;;;ACtD/E;;EA4CE,MAAA,CAAO,EAAA,EAAI,EAAA,CAAG,KAAA,IAAS,OAAA,CAAQ,gBAAA,CAAiB,IAAA;EA5CtC;AAAA;AAAsC;;;;;;;EAsDhD,UAAA,CAAW,KAAA,YAAiB,OAAA,CAAQ,YAAA,CAAa,KAAA,EAAO,IAAA,IApDX;EAsD7C,EAAA,CAAG,KAAA,YAAiB,KAAA,IAAS,EAAA,CAAG,KAAA,GA3CtB;EA6CV,KAAA,CAAM,KAAA,YAAiB,EAAA,CAAG,KAAA;EAE1B,SAAA,CAAU,KAAA,YAAiB,WAAA,CAAY,KAAA;EACvC,YAAA,IAAgB,UAAA;EAAA,SACP,WAAA,EAAa,mBAAA,CAAoB,KAAA;AAAA;AAAA,KAGhC,iBAAA,WAA4B,WAAA;EACtC,IAAA,EAAM,CAAA;EACN,IAAA,GAAO,WAAA,KAAgB,WAAA;EACvB,mBAAA;AAAA;;;;;;;;;;;;;AArDsB;AAexB;;;;iBA0IgB,kBAAA,oCAAsD,WAAA,EACpE,KAAA,EAAO,KAAA,EACP,IAAA,EAAM,iBAAA,CAAkB,IAAA,IACvB,eAAA,CAAgB,KAAA,EAAO,IAAA"}

package/dist/wrapped.mjs

@@ -1,3 +1,3 @@
 import { n as isIdsError, t as IdsError } from "./error-Cp5qYZcv.mjs";
-import { i as importWrappingKey, n as decodeWrappingKey, r as encodeWrappingKey, t as createWrappedKeyId } from "./wrapped-BI9UXnAm.mjs";
+import { i as importWrappingKey, n as decodeWrappingKey, r as encodeWrappingKey, t as createWrappedKeyId } from "./wrapped-CDTiPwNM.mjs";
 export { IdsError, createWrappedKeyId, decodeWrappingKey, encodeWrappingKey, importWrappingKey, isIdsError };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smonn/ids",
-  "version": "0.10.0",
+  "version": "0.12.0",
   "license": "MIT",
   "author": "Simon Ingeson (https://github.com/smonn)",
   "repository": {
@@ -24,39 +24,57 @@
     "./drizzle": "./dist/drizzle.mjs",
     "./hono": "./dist/hono.mjs",
     "./kysely": "./dist/kysely.mjs",
+    "./mikro-orm": "./dist/mikro-orm.mjs",
     "./prisma": "./dist/prisma.mjs",
     "./express": "./dist/express.mjs",
     "./fastify": "./dist/fastify.mjs",
+    "./typeorm": "./dist/typeorm.mjs",
+    "./graphql": "./dist/graphql.mjs",
+    "./nestjs": "./dist/nestjs.mjs",
     "./package.json": "./package.json"
   },
   "devDependencies": {
     "@changesets/cli": "2.31.0",
+    "@mikro-orm/core": "^7.1.4",
+    "@nestjs/common": "^11.1.27",
+    "@prisma/client": ">=5.0.0",
     "@types/express": "^5.0.6",
-    "@types/node": "26.0.0",
+    "@types/node": "24.13.2",
     "@vitest/coverage-v8": "4.1.8",
     "dependency-cruiser": "17.4.3",
     "drizzle-orm": "^0.45.2",
     "express": "^5.2.1",
     "fastify": "^5.8.5",
+    "graphql": "^17.0.1",
     "hono": "^4.12.26",
     "knip": "6.18.0",
     "kysely": "^0.29.2",
     "mitata": "1.0.34",
     "oxfmt": "0.55.0",
     "oxlint": "1.70.0",
+    "reflect-metadata": "^0.2.2",
     "tsdown": "0.22.3",
+    "tslib": "^2.8.1",
+    "typeorm": "^1.0.0",
     "typescript": "6.0.3",
     "vitest": "4.1.9"
   },
   "peerDependencies": {
+    "@mikro-orm/core": ">=6.0.0",
+    "@nestjs/common": ">=10.0.0",
     "@prisma/client": ">=5.0.0",
     "drizzle-orm": ">=0.30.0",
     "express": ">=4.0.0",
     "fastify": ">=4.0.0",
+    "graphql": ">=16.0.0",
     "hono": ">=4.0.0",
-    "kysely": ">=0.27.0"
+    "kysely": ">=0.27.0",
+    "typeorm": ">=0.3.0"
   },
   "peerDependenciesMeta": {
+    "@mikro-orm/core": {
+      "optional": true
+    },
     "drizzle-orm": {
       "optional": true
     },
@@ -66,6 +84,9 @@
     "fastify": {
       "optional": true
     },
+    "graphql": {
+      "optional": true
+    },
     "hono": {
       "optional": true
     },
@@ -74,6 +95,12 @@
     },
     "@prisma/client": {
       "optional": true
+    },
+    "typeorm": {
+      "optional": true
+    },
+    "@nestjs/common": {
+      "optional": true
     }
   },
   "engines": {

package/dist/adapter-types-BY-wrYYB.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"adapter-types-BY-wrYYB.mjs","names":[],"sources":["../src/adapter-types.ts"],"sourcesContent":["import { IdsError } from \"./error.js\";\nimport type { Id, ParseError, ParseResult } from \"./types.js\";\n\n/** Discriminated failure value passed to `onError` and emitted to the framework's error handler. */\nexport type IdParamFailure =\n  | { readonly reason: \"brand_mismatch\"; readonly status: number }\n  | { readonly reason: \"malformed\"; readonly status: number };\n\n/** Minimum structural type required by web and ORM adapters. Any codec variant satisfies this — all expose `safeParse`. Adapters only ever call `safeParse` — never key-dependent methods like `extractTimestamp`, `wrap`, or `unwrap`. */\nexport type IdCodec<Brand extends string> = {\n  safeParse(value: unknown): ParseResult<Brand>;\n};\n\n/** Re-exported from ORM adapter subpaths (`@smonn/ids/drizzle`, `@smonn/ids/prisma`, `@smonn/ids/kysely`) under the public name; structurally identical to {@link IdCodec}. */\nexport type IdColumnCodec<Brand extends string> = IdCodec<Brand>;\n\n/** Parses `value` as `Id<Brand>` via `codec.safeParse`; throws `IdsError(\"invalid_id\")` on failure. Shared read helper for ORM adapters. */\nexport function readIdColumn<Brand extends string>(\n  codec: IdCodec<Brand>,\n  value: unknown,\n): Id<Brand> {\n  const result = codec.safeParse(value);\n  if (!result.ok) {\n    throw new IdsError(\"invalid_id\", `invalid ID from database: ${result.error}`, {\n      cause: result.error,\n    });\n  }\n  return result.id;\n}\n\n/**\n * Maps a `ParseError` to `{ reason, status }` for web adapter failure handling.\n *\n * - `invalid_prefix` → `brand_mismatch` / default 404\n * - anything else → `malformed` / default 400\n * - `options.status[reason]` overrides the default for that reason\n */\nexport function resolveIdParamFailure(\n  error: ParseError,\n  options?: { status?: { brand_mismatch?: number; malformed?: number } },\n): IdParamFailure {\n  const reason = error === \"invalid_prefix\" ? (\"brand_mismatch\" as const) : (\"malformed\" as const);\n  const defaultStatus = reason === \"brand_mismatch\" ? 404 : 400;\n  const status = options?.status?.[reason] ?? defaultStatus;\n  return { reason, status };\n}\n"],"mappings":";;;AAiBA,SAAgB,aACd,OACA,OACW;CACX,MAAM,SAAS,MAAM,UAAU,KAAK;CACpC,IAAI,CAAC,OAAO,IACV,MAAM,IAAI,SAAS,cAAc,6BAA6B,OAAO,SAAS,EAC5E,OAAO,OAAO,MAChB,CAAC;CAEH,OAAO,OAAO;AAChB;;;;;;;;AASA,SAAgB,sBACd,OACA,SACgB;CAChB,MAAM,SAAS,UAAU,mBAAoB,mBAA8B;CAC3E,MAAM,gBAAgB,WAAW,mBAAmB,MAAM;CAE1D,OAAO;EAAE;EAAQ,QADF,SAAS,SAAS,WAAW;CACpB;AAC1B"}

package/dist/adapter-types-unUcmMXC.d.mts.map

@@ -1 +0,0 @@
-{"version":3,"file":"adapter-types-unUcmMXC.d.mts","names":[],"sources":["../src/adapter-types.ts"],"mappings":";;;;KAIY,cAAA;EAAA,SACG,MAAA;EAAA,SAAmC,MAAA;AAAA;EAAA,SACnC,MAAA;EAAA,SAA8B,MAAA;AAAA;;KAGjC,OAAA;EACV,SAAA,CAAU,KAAA,YAAiB,WAAA,CAAY,KAAA;AAAA;AADzC;AAAA,KAKY,aAAA,yBAAsC,OAAA,CAAQ,KAAA"}

package/dist/codec-shell-CW2sD6BU.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"codec-shell-CW2sD6BU.mjs","names":[],"sources":["../src/brand.ts","../src/base32.ts","../src/wire/envelope.ts","../src/wire/invariants.ts","../src/registry.ts","../src/wire/parse.ts","../src/wire/codec-shell.ts"],"sourcesContent":["import { IdsError } from \"./error.js\";\n\nconst brandPattern = /^[a-z]{3}$/;\n\n/** Validates a three-character lowercase brand. Throws on invalid input. */\nexport function validateBrand(brand: string): void {\n  if (!brandPattern.test(brand)) {\n    throw new IdsError(\"invalid_brand\", \"invalid brand: expected three lowercase a-z characters\");\n  }\n}\n","/*\n  This is based on Crockford's Base32 spec: https://www.crockford.com/base32.html\n  One difference is that it uses lowercase instead of uppercase when encoding.\n\n  These functions are internal: codec constructors guarantee that input is a\n  16-byte buffer for encode, or a string of characters drawn from the alphabet\n  for decode. Invalid input produces silent garbage rather than a thrown error,\n  consistent with the trust-the-type rule in ADR-0003.\n*/\n\nexport const alphabet = \"0123456789abcdefghjkmnpqrstvwxyz\";\n\n// 0–31 → ASCII char code, for write-into-codes-then-fromCharCode encoding.\nconst valueToCharCode = new Uint8Array(32);\nfor (let i = 0; i < 32; i++) valueToCharCode[i] = alphabet.charCodeAt(i);\n\n// charCode → 0–31 value. Canonical lowercase only; upstream resolves case and\n// o/i/l aliases before any string reaches decodeBase32.\nconst INVALID = 0xff;\nconst charCodeToValue = new Uint8Array(256).fill(INVALID);\nfor (let i = 0; i < alphabet.length; i++) charCodeToValue[alphabet.charCodeAt(i)] = i;\n\nexport function encodeBase32(bytes: Uint8Array): string {\n  // Build an Array<number> of char codes and pass it to fromCharCode.apply.\n  // Faster than `result += char` (avoids cons-string overhead) and than\n  // Uint8Array variants (apply has a fast path for plain Arrays).\n  // oxlint-disable-next-line no-new-array\n  const codes = new Array<number>(Math.floor((bytes.length * 8) / 5) + 1);\n  let chi = 0;\n  let bits = 0;\n  let value = 0;\n\n  for (let i = 0; i < bytes.length; i++) {\n    value = (value << 8) | bytes[i]!;\n    bits += 8;\n    while (bits >= 5) {\n      bits -= 5;\n      codes[chi++] = valueToCharCode[(value >>> bits) & 0x1f]!;\n    }\n  }\n  codes[chi] = valueToCharCode[(value << (5 - bits)) & 0x1f]!;\n  return String.fromCharCode.apply(null, codes);\n}\n\nexport function decodeBase32(str: string): Uint8Array {\n  const result = new Uint8Array(Math.floor((str.length * 5) / 8));\n  let bits = 0;\n  let value = 0;\n  let index = 0;\n\n  for (let i = 0; i < str.length; i++) {\n    const v = charCodeToValue[str.charCodeAt(i)]!;\n    value = (value << 5) | v;\n    bits += 5;\n    if (bits >= 8) {\n      bits -= 8;\n      result[index++] = (value >>> bits) & 0xff;\n    }\n  }\n  return result;\n}\n","import { decodeBase32, encodeBase32 } from \"../base32.js\";\nimport type { Id, Prefix } from \"../types.js\";\n\n/** Encodes a 16-byte payload as lowercase Crockford base32 (26 chars). */\nfunction encodePayload(bytes: Uint8Array): string {\n  return encodeBase32(bytes);\n}\n\n/** Decodes a 26-char base32 payload suffix to 16 bytes. Trust-the-type. */\nfunction decodePayload(base32: string): Uint8Array {\n  return decodeBase32(base32);\n}\n\n/** Composes a canonical wire ID from a prefix and 16-byte payload. */\nexport function toWireId<Brand extends string>(\n  prefix: Prefix<Brand>,\n  payload: Uint8Array,\n): Id<Brand> {\n  return (prefix + encodePayload(payload)) as Id<Brand>;\n}\n\n/** Decodes the full 16-byte payload from a trusted wire ID. */\nexport function payloadBytesFromId<Brand extends string>(\n  prefix: Prefix<Brand>,\n  id: Id<Brand>,\n): Uint8Array {\n  return decodePayload(id.slice(prefix.length));\n}\n","// Payload is always 16 bytes on the wire (every codec). 16 bytes → 26 Crockford\n// base32 chars. ADR-0002 codifies this as the shared wire-format invariant.\nexport const payloadByteLength: number = 16;\nexport const payloadBase32Length: number = Math.ceil((payloadByteLength * 8) / 5);\n\n// Compact regex character class for the canonical lowercase Crockford alphabet\n// (`0123456789abcdefghjkmnpqrstvwxyz` — excludes i, l, o, u). Used in the JSON\n// Schema `pattern`, which describes the canonical wire form only (ADR-0003).\nexport const base32CharClass: string = \"[0-9a-hjkmnp-tv-z]\";\n\n// The 8 alphabet values at indices divisible by 4 (low 2 bits = 00) that satisfy the\n// canonical padding-bit constraint for a 130-bit encoding of 16 bytes. ADR-0003.\nexport const base32FinalCharClass: string = \"[048cgmrw]\";\n","const registeredBrands = new Set<string>();\nconst warnedBrands = new Set<string>();\n\nexport function registerBrand(brand: string, allowDuplicateBrand: boolean | undefined): void {\n  if (\n    typeof process === \"undefined\" ||\n    process.env.NODE_ENV === \"production\" ||\n    allowDuplicateBrand\n  ) {\n    return;\n  }\n\n  if (registeredBrands.has(brand)) {\n    if (!warnedBrands.has(brand)) {\n      console.warn(\n        `[@smonn/ids] brand \"${brand}\" was registered more than once — this usually indicates a bundling or import bug, or that more than one codec variant is using the same brand. Pass { allowDuplicateBrand: true } to silence.`,\n      );\n      warnedBrands.add(brand);\n    }\n  } else {\n    registeredBrands.add(brand);\n  }\n}\n","import { alphabet } from \"../base32.js\";\nimport type { Id, ParseError, ParseResult, Prefix } from \"../types.js\";\nimport { base32FinalCharClass, payloadBase32Length } from \"./invariants.js\";\n\nconst replacePattern = /[ilo]/g;\nconst aliasTestPattern = /[ilo]/;\nconst replacer = (match: string): string => (match === \"o\" ? \"0\" : \"1\");\nconst base32Pattern = new RegExp(\n  `^[${alphabet}]{${payloadBase32Length - 1}}${base32FinalCharClass}$`,\n);\n\nexport function safeParse<Brand extends string>(\n  prefix: Prefix<Brand>,\n  value: unknown,\n): ParseResult<Brand> {\n  if (typeof value !== \"string\") return { ok: false, error: \"not_string\" };\n  const lowercase = value.toLowerCase();\n  if (!lowercase.startsWith(prefix)) return { ok: false, error: \"invalid_prefix\" };\n\n  const sliced = lowercase.slice(prefix.length);\n  const base32 = aliasTestPattern.test(sliced)\n    ? sliced.replaceAll(replacePattern, replacer)\n    : sliced;\n\n  if (!base32Pattern.test(base32)) return { ok: false, error: \"invalid_base32\" };\n\n  const id = (prefix + base32) as Id<Brand>;\n  return { ok: true, id };\n}\n\nexport function is<Brand extends string>(\n  prefix: Prefix<Brand>,\n  value: unknown,\n): value is Id<Brand> {\n  if (typeof value !== \"string\") return false;\n  if (!value.startsWith(prefix)) return false;\n  return base32Pattern.test(value.slice(prefix.length));\n}\n\nfunction errorMessage<Brand extends string>(prefix: Prefix<Brand>, error: ParseError): string {\n  switch (error) {\n    case \"not_string\":\n      return \"expected string\";\n    case \"invalid_prefix\":\n      return `expected prefix '${prefix}'`;\n    case \"invalid_base32\":\n      return \"invalid base32 payload\";\n  }\n}\n\nexport function standardValidate<Brand extends string>(\n  prefix: Prefix<Brand>,\n  value: unknown,\n):\n  | { readonly value: Id<Brand>; readonly issues?: undefined }\n  | { readonly issues: ReadonlyArray<{ readonly message: string }> } {\n  const result = safeParse(prefix, value);\n  if (result.ok) return { value: result.id };\n  return { issues: [{ message: errorMessage(prefix, result.error) }] };\n}\n","import { IdsError } from \"../error.js\";\nimport type { Id, JsonSchema, ParseResult, Prefix, StandardSchemaProps } from \"../types.js\";\nimport { base32CharClass, base32FinalCharClass, payloadBase32Length } from \"./invariants.js\";\nimport { is, safeParse, standardValidate } from \"./parse.js\";\n\ntype WireMethods<Brand extends string> = {\n  is: (value: unknown) => value is Id<Brand>;\n  parse: (value: unknown) => Id<Brand>;\n  safeParse: (value: unknown) => ParseResult<Brand>;\n  toJsonSchema: (brand: Brand, example: string) => JsonSchema;\n  \"~standard\": StandardSchemaProps<Brand>;\n};\n\n/** Wire-only methods shared by every codec variant for a fixed prefix. */\nexport function wireMethods<Brand extends string>(prefix: Prefix<Brand>): WireMethods<Brand> {\n  const standard: StandardSchemaProps<Brand> = {\n    version: 1,\n    vendor: \"@smonn/ids\",\n    validate: (value: unknown) => standardValidate(prefix, value),\n  };\n  return {\n    is: (value: unknown): value is Id<Brand> => is(prefix, value),\n    parse: (value: unknown): Id<Brand> => {\n      const result = safeParse(prefix, value);\n      if (result.ok) return result.id;\n      throw new IdsError(\"invalid_id\", `invalid ID: ${result.error}`, { cause: result.error });\n    },\n    safeParse: (value: unknown): ParseResult<Brand> => safeParse(prefix, value),\n    toJsonSchema: (brand: Brand, example: string): JsonSchema => ({\n      type: \"string\",\n      pattern: `^${prefix}${base32CharClass}{${payloadBase32Length - 1}}${base32FinalCharClass}$`,\n      description: `Branded ID for '${brand}'`,\n      example,\n    }),\n    \"~standard\": standard,\n  };\n}\n"],"mappings":";;AAEA,MAAM,eAAe;;AAGrB,SAAgB,cAAc,OAAqB;CACjD,IAAI,CAAC,aAAa,KAAK,KAAK,GAC1B,MAAM,IAAI,SAAS,iBAAiB,wDAAwD;AAEhG;;;ACCA,MAAa,WAAW;AAGxB,MAAM,kCAAkB,IAAI,WAAW,EAAE;AACzC,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,KAAK,gBAAgB,KAAK,SAAS,WAAW,CAAC;AAKvE,MAAM,mCAAkB,IAAI,WAAW,GAAG,EAAA,CAAE,KAAK,GAAO;AACxD,KAAK,IAAI,IAAI,GAAG,IAAI,IAAiB,KAAK,gBAAgB,SAAS,WAAW,CAAC,KAAK;AAEpF,SAAgB,aAAa,OAA2B;CAKtD,MAAM,QAAQ,IAAI,MAAc,KAAK,MAAO,MAAM,SAAS,IAAK,CAAC,IAAI,CAAC;CACtE,IAAI,MAAM;CACV,IAAI,OAAO;CACX,IAAI,QAAQ;CAEZ,KAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;EACrC,QAAS,SAAS,IAAK,MAAM;EAC7B,QAAQ;EACR,OAAO,QAAQ,GAAG;GAChB,QAAQ;GACR,MAAM,SAAS,gBAAiB,UAAU,OAAQ;EACpD;CACF;CACA,MAAM,OAAO,gBAAiB,SAAU,IAAI,OAAS;CACrD,OAAO,OAAO,aAAa,MAAM,MAAM,KAAK;AAC9C;AAEA,SAAgB,aAAa,KAAyB;CACpD,MAAM,SAAS,IAAI,WAAW,KAAK,MAAO,IAAI,SAAS,IAAK,CAAC,CAAC;CAC9D,IAAI,OAAO;CACX,IAAI,QAAQ;CACZ,IAAI,QAAQ;CAEZ,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;EACnC,MAAM,IAAI,gBAAgB,IAAI,WAAW,CAAC;EAC1C,QAAS,SAAS,IAAK;EACvB,QAAQ;EACR,IAAI,QAAQ,GAAG;GACb,QAAQ;GACR,OAAO,WAAY,UAAU,OAAQ;EACvC;CACF;CACA,OAAO;AACT;;;;ACxDA,SAAS,cAAc,OAA2B;CAChD,OAAO,aAAa,KAAK;AAC3B;;AAGA,SAAS,cAAc,QAA4B;CACjD,OAAO,aAAa,MAAM;AAC5B;;AAGA,SAAgB,SACd,QACA,SACW;CACX,OAAQ,SAAS,cAAc,OAAO;AACxC;;AAGA,SAAgB,mBACd,QACA,IACY;CACZ,OAAO,cAAc,GAAG,MAAM,OAAO,MAAM,CAAC;AAC9C;ACxBA,MAAa,sBAA8B,KAAK,KAAA,MAA+B,CAAC;AAKhF,MAAa,kBAA0B;AAIvC,MAAa,uBAA+B;;;ACZ5C,MAAM,mCAAmB,IAAI,IAAY;AACzC,MAAM,+BAAe,IAAI,IAAY;AAErC,SAAgB,cAAc,OAAe,qBAAgD;CAC3F,IACE,OAAO,YAAY,eACnB,QAAQ,IAAI,aAAa,gBACzB,qBAEA;CAGF,IAAI,iBAAiB,IAAI,KAAK;MACxB,CAAC,aAAa,IAAI,KAAK,GAAG;GAC5B,QAAQ,KACN,uBAAuB,MAAM,+LAC/B;GACA,aAAa,IAAI,KAAK;EACxB;QAEA,iBAAiB,IAAI,KAAK;AAE9B;;;AClBA,MAAM,iBAAiB;AACvB,MAAM,mBAAmB;AACzB,MAAM,YAAY,UAA2B,UAAU,MAAM,MAAM;AACnE,MAAM,gBAAgB,IAAI,OACxB,KAAK,SAAS,IAAI,sBAAsB,EAAE,GAAG,qBAAqB,EACpE;AAEA,SAAgB,UACd,QACA,OACoB;CACpB,IAAI,OAAO,UAAU,UAAU,OAAO;EAAE,IAAI;EAAO,OAAO;CAAa;CACvE,MAAM,YAAY,MAAM,YAAY;CACpC,IAAI,CAAC,UAAU,WAAW,MAAM,GAAG,OAAO;EAAE,IAAI;EAAO,OAAO;CAAiB;CAE/E,MAAM,SAAS,UAAU,MAAM,OAAO,MAAM;CAC5C,MAAM,SAAS,iBAAiB,KAAK,MAAM,IACvC,OAAO,WAAW,gBAAgB,QAAQ,IAC1C;CAEJ,IAAI,CAAC,cAAc,KAAK,MAAM,GAAG,OAAO;EAAE,IAAI;EAAO,OAAO;CAAiB;CAG7E,OAAO;EAAE,IAAI;EAAM,IADP,SAAS;CACC;AACxB;AAEA,SAAgB,GACd,QACA,OACoB;CACpB,IAAI,OAAO,UAAU,UAAU,OAAO;CACtC,IAAI,CAAC,MAAM,WAAW,MAAM,GAAG,OAAO;CACtC,OAAO,cAAc,KAAK,MAAM,MAAM,OAAO,MAAM,CAAC;AACtD;AAEA,SAAS,aAAmC,QAAuB,OAA2B;CAC5F,QAAQ,OAAR;EACE,KAAK,cACH,OAAO;EACT,KAAK,kBACH,OAAO,oBAAoB,OAAO;EACpC,KAAK,kBACH,OAAO;CACX;AACF;AAEA,SAAgB,iBACd,QACA,OAGmE;CACnE,MAAM,SAAS,UAAU,QAAQ,KAAK;CACtC,IAAI,OAAO,IAAI,OAAO,EAAE,OAAO,OAAO,GAAG;CACzC,OAAO,EAAE,QAAQ,CAAC,EAAE,SAAS,aAAa,QAAQ,OAAO,KAAK,EAAE,CAAC,EAAE;AACrE;;;;AC7CA,SAAgB,YAAkC,QAA2C;CAM3F,OAAO;EACL,KAAK,UAAuC,GAAG,QAAQ,KAAK;EAC5D,QAAQ,UAA8B;GACpC,MAAM,SAAS,UAAU,QAAQ,KAAK;GACtC,IAAI,OAAO,IAAI,OAAO,OAAO;GAC7B,MAAM,IAAI,SAAS,cAAc,eAAe,OAAO,SAAS,EAAE,OAAO,OAAO,MAAM,CAAC;EACzF;EACA,YAAY,UAAuC,UAAU,QAAQ,KAAK;EAC1E,eAAe,OAAc,aAAiC;GAC5D,MAAM;GACN,SAAS,IAAI,SAAS,gBAAgB,GAAG,sBAAsB,EAAE,GAAG,qBAAqB;GACzF,aAAa,mBAAmB,MAAM;GACtC;EACF;EACA,aAAa;GAlBb,SAAS;GACT,QAAQ;GACR,WAAW,UAAmB,iBAAiB,QAAQ,KAAK;EAgBxC;CACtB;AACF"}

package/dist/digest-D-H1Tswt.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"digest-D-H1Tswt.mjs","names":[],"sources":["../src/layouts/digest.ts","../src/digest-key.ts","../src/digest.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { toWireId } from \"../wire/envelope.js\";\nimport { payloadBase32Length, payloadByteLength } from \"../wire/invariants.js\";\n\nconst encoder = new TextEncoder();\n\nfunction writeLen32(value: number, target: Uint8Array, offset: number): void {\n  target[offset] = (value >>> 24) & 0xff;\n  target[offset + 1] = (value >>> 16) & 0xff;\n  target[offset + 2] = (value >>> 8) & 0xff;\n  target[offset + 3] = value & 0xff;\n}\n\nfunction buildMessage(\n  brandBytes: Uint8Array,\n  nsBytes: Uint8Array,\n  material: Uint8Array,\n): Uint8Array {\n  const msgLen = 4 + brandBytes.length + 4 + nsBytes.length + material.length;\n  const message = new Uint8Array(msgLen);\n  let offset = 0;\n  writeLen32(brandBytes.length, message, offset);\n  offset += 4;\n  message.set(brandBytes, offset);\n  offset += brandBytes.length;\n  writeLen32(nsBytes.length, message, offset);\n  offset += 4;\n  message.set(nsBytes, offset);\n  offset += nsBytes.length;\n  message.set(material, offset);\n  return message;\n}\n\nexport function createDigestLayoutOps<Brand extends string>(\n  prefix: Prefix<Brand>,\n  brand: Brand,\n  ns: string,\n  hmacKey: CryptoKey,\n) {\n  const brandBytes = encoder.encode(brand);\n  const nsBytes = encoder.encode(ns);\n\n  return {\n    digest: async (material: string | Uint8Array): Promise<Id<Brand>> => {\n      const materialBytes = typeof material === \"string\" ? encoder.encode(material) : material;\n      const message = buildMessage(brandBytes, nsBytes, materialBytes);\n      const hmacOutput = new Uint8Array(\n        await crypto.subtle.sign(\"HMAC\", hmacKey, message as Uint8Array<ArrayBuffer>),\n      );\n      const payload = hmacOutput.subarray(0, payloadByteLength);\n      return toWireId(prefix, payload);\n    },\n    exampleWireId: (): Id<Brand> => (prefix + \"0\".repeat(payloadBase32Length)) as Id<Brand>,\n  };\n}\n","import {\n  assertValidKeyMaterialByteLength,\n  decodeKeyMaterial,\n  encodeKeyMaterial,\n} from \"./key-material.js\";\n\n/** Wire encoding for digest operator key material (not Crockford base32). */\nexport type DigestKeyFormat = \"hex\" | \"base64url\";\n\nconst hmacInfo = new TextEncoder().encode(\"ids/digest/hmac\");\n\ndeclare const digestKeyBrand: unique symbol;\n\n/**\n * Opaque imported handle for one operator Digest key.\n *\n * Holds a single HMAC-SHA-256 key derived via HKDF under the domain-separation\n * label `ids/digest/hmac`. The underlying `CryptoKey` is held internally and\n * never exposed to callers. Obtain handles via {@link importDigestKey} and pass\n * them to `createDigestId` as the `key` option.\n *\n * Unlike the other keyed codecs, the Digest codec holds exactly one key — there\n * is no keyring. Re-keying is a deliberate, breaking operator action (every ID\n * changes), never an in-band rotation.\n *\n * Distinct from the **Opaque key**, **Wrapping key**, and **Signing key** — the\n * same raw bytes imported as a `DigestKey` are cryptographically independent of\n * any other codec's key.\n */\nexport type DigestKey = {\n  readonly [digestKeyBrand]: \"DigestKey\";\n};\n\ntype DigestKeyInternals = {\n  hmacKey: CryptoKey;\n};\n\nconst internals = new WeakMap<DigestKey, DigestKeyInternals>();\n\n/**\n * Import raw operator key material into a {@link DigestKey} handle.\n *\n * Derives a single HMAC-SHA-256 key via HKDF under the domain-separation label\n * `ids/digest/hmac`. Accepts 16, 24, or 32 bytes. To store or transport key\n * material, use {@link encodeDigestKey} / {@link decodeDigestKey}\n * (`\"hex\"` or `\"base64url\"` — not Crockford base32).\n *\n * @param bytes - 16, 24, or 32 raw key bytes.\n * @throws {IdsError} `invalid_key_length` if `bytes.length` is not 16, 24, or 32.\n */\nexport async function importDigestKey(bytes: Uint8Array): Promise<DigestKey> {\n  assertValidKeyMaterialByteLength(bytes.length, \"digest\");\n  const hmacKey = await deriveHmacKey(bytes);\n  const key = Object.freeze({}) as DigestKey;\n  internals.set(key, { hmacKey });\n  return key;\n}\n\n/**\n * Encode raw digest operator key material for storage in env vars or secret managers.\n *\n * Supports `\"hex\"` (lowercase) and `\"base64url\"`. Output round-trips through\n * {@link decodeDigestKey} back to the original bytes.\n *\n * @throws {IdsError} `invalid_key_format` if `format` is not `\"hex\"` or `\"base64url\"`.\n * @throws {IdsError} `invalid_key_length` if `bytes.length` is not 16, 24, or 32.\n */\nexport function encodeDigestKey(bytes: Uint8Array, format: DigestKeyFormat): string {\n  return encodeKeyMaterial(bytes, format, \"digest\", \"digest\");\n}\n\n/**\n * Decode key material emitted by {@link encodeDigestKey} back to raw bytes.\n *\n * The result can be passed directly to {@link importDigestKey}.\n *\n * @throws {IdsError} `invalid_key_format` if `format` is not `\"hex\"` or `\"base64url\"`.\n * @throws {IdsError} `invalid_key_encoding` if the string is malformed for its format.\n * @throws {IdsError} `invalid_key_length` if the decoded bytes are not 16, 24, or 32 bytes.\n */\nexport function decodeDigestKey(encoded: string, format: DigestKeyFormat): Uint8Array {\n  return decodeKeyMaterial(encoded, format, \"digest\", \"digest\");\n}\n\n/**\n * Returns the derived HMAC CryptoKey held inside the handle.\n *\n * Intentional module-internal escape hatch for codec implementations.\n * Not re-exported from `@smonn/ids/digest`; external callers cannot reach this.\n */\nexport function getDigestKeyHmacKey(key: DigestKey): CryptoKey {\n  const keyInternals = internals.get(key);\n  /* v8 ignore next -- defensive guard; only reachable with a forged DigestKey handle */\n  if (keyInternals === undefined) throw new Error(\"invalid digest key\");\n  return keyInternals.hmacKey;\n}\n\nasync function deriveHmacKey(bytes: Uint8Array): Promise<CryptoKey> {\n  const base = await crypto.subtle.importKey(\n    \"raw\",\n    bytes as Uint8Array<ArrayBuffer>,\n    \"HKDF\",\n    false,\n    [\"deriveKey\"],\n  );\n  return crypto.subtle.deriveKey(\n    { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: hmacInfo },\n    base,\n    { name: \"HMAC\", hash: \"SHA-256\", length: 256 },\n    false,\n    [\"sign\"],\n  );\n}\n","import { validateBrand } from \"./brand.js\";\nimport { IdsError, isIdsError, type IdsErrorCode } from \"./error.js\";\nimport { createDigestLayoutOps } from \"./layouts/digest.js\";\nimport { registerBrand } from \"./registry.js\";\nimport type { Id, JsonSchema, ParseResult, Prefix, StandardSchemaProps } from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\nimport {\n  decodeDigestKey,\n  encodeDigestKey,\n  getDigestKeyHmacKey,\n  importDigestKey,\n  type DigestKey,\n  type DigestKeyFormat,\n} from \"./digest-key.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported from `\"@smonn/ids\"` for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode };\nexport { decodeDigestKey, encodeDigestKey, importDigestKey, type DigestKey, type DigestKeyFormat };\n\n/**\n * Configuration options for a Digest codec instance.\n */\nexport type DigestOptions = {\n  /**\n   * Non-secret, required namespace. The same material under a different\n   * `ns` yields a different ID, so one key can serve multiple unlinkable namespaces.\n   * Must be non-empty and not whitespace-only.\n   */\n  ns: string;\n  /**\n   * Single operator digest key. The Digest codec holds exactly one key — there\n   * is no keyring. Re-keying is a deliberate, breaking operator action.\n   */\n  key: DigestKey;\n  /** If true, silences the duplicate-brand warning in non-production environments. */\n  allowDuplicateBrand?: boolean;\n};\n\n/**\n * Codec returned by {@link createDigestId}.\n *\n * Maps caller **material** to a stable public ID under one **Digest key**:\n * the same material always yields the same ID, and the material cannot be\n * recovered from the ID (**equality leakage** is the intended property).\n *\n * - `digest` is async (WebCrypto HMAC).\n * - `is`, `parse`, `safeParse`, `toJsonSchema`, and `~standard` are synchronous\n *   and require no key material — they validate prefix and base32 shape only.\n * - There is no reverse method (`unwrap`, `verify`, `extractTimestamp`) — the\n *   codec is one-way by definition.\n */\nexport type DigestCodec<Brand extends string> = {\n  /**\n   * Digest `material` into a stable canonical {@link Id}.\n   *\n   * The same `(brand, ns, key, material)` tuple always returns the same ID.\n   * Strings are UTF-8 encoded; byte arrays are used as-is.\n   */\n  digest(material: string | Uint8Array): Promise<Id<Brand>>;\n  /** Strict type guard: `true` only for already-canonical `Id<Brand>` strings. */\n  is(value: unknown): value is Id<Brand>;\n  /** Normalise to canonical form, or throw on parse failure. */\n  parse(value: unknown): Id<Brand>;\n  /** Normalise to canonical form, or return `{ ok: false, error }`. */\n  safeParse(value: unknown): ParseResult<Brand>;\n  /** JSON Schema for the canonical wire form (`pattern` is canonical-only). */\n  toJsonSchema(): JsonSchema;\n  /** Standard Schema validate entry point. */\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\n/**\n * Construct a {@link DigestCodec} for `brand`.\n *\n * `opts.ns` is the required namespace — the same material under a\n * different `ns` yields a different ID. `opts.key` is the single operator\n * Digest key; there is no keyring.\n *\n * @example\n * ```ts\n * const key = await importDigestKey(new Uint8Array(32));\n * const idk = createDigestId(\"idk\", { ns: \"checkout\", key });\n *\n * const id = await idk.digest(\"order-123\"); // Id<\"idk\">\n * idk.is(id);                               // true\n * ```\n */\nexport function createDigestId<Brand extends string>(\n  brand: Brand,\n  opts: DigestOptions,\n): DigestCodec<Brand> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n\n  if (typeof opts.ns !== \"string\" || opts.ns.trim() === \"\") {\n    throw new IdsError(\n      \"invalid_namespace\",\n      \"invalid namespace: ns must be a non-empty, non-whitespace string\",\n    );\n  }\n\n  const hmacKey = getDigestKeyHmacKey(opts.key);\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createDigestLayoutOps(prefix, brand, opts.ns, hmacKey);\n\n  return {\n    digest: layout.digest,\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;;AAIA,MAAM,UAAU,IAAI,YAAY;AAEhC,SAAS,WAAW,OAAe,QAAoB,QAAsB;CAC3E,OAAO,UAAW,UAAU,KAAM;CAClC,OAAO,SAAS,KAAM,UAAU,KAAM;CACtC,OAAO,SAAS,KAAM,UAAU,IAAK;CACrC,OAAO,SAAS,KAAK,QAAQ;AAC/B;AAEA,SAAS,aACP,YACA,SACA,UACY;CACZ,MAAM,SAAS,IAAI,WAAW,SAAS,IAAI,QAAQ,SAAS,SAAS;CACrE,MAAM,UAAU,IAAI,WAAW,MAAM;CACrC,IAAI,SAAS;CACb,WAAW,WAAW,QAAQ,SAAS,MAAM;CAC7C,UAAU;CACV,QAAQ,IAAI,YAAY,MAAM;CAC9B,UAAU,WAAW;CACrB,WAAW,QAAQ,QAAQ,SAAS,MAAM;CAC1C,UAAU;CACV,QAAQ,IAAI,SAAS,MAAM;CAC3B,UAAU,QAAQ;CAClB,QAAQ,IAAI,UAAU,MAAM;CAC5B,OAAO;AACT;AAEA,SAAgB,sBACd,QACA,OACA,IACA,SACA;CACA,MAAM,aAAa,QAAQ,OAAO,KAAK;CACvC,MAAM,UAAU,QAAQ,OAAO,EAAE;CAEjC,OAAO;EACL,QAAQ,OAAO,aAAsD;GAEnE,MAAM,UAAU,aAAa,YAAY,SADnB,OAAO,aAAa,WAAW,QAAQ,OAAO,QAAQ,IAAI,QACjB;GAK/D,OAAO,SAAS,QADA,IAHO,WACrB,MAAM,OAAO,OAAO,KAAK,QAAQ,SAAS,OAAkC,CAErD,CAAC,CAAC,SAAS,GAAA,EACN,CAAC;EACjC;EACA,qBAAiC,SAAS,IAAI,OAAO,mBAAmB;CAC1E;AACF;;;AC7CA,MAAM,WAAW,IAAI,YAAY,CAAC,CAAC,OAAO,iBAAiB;AA4B3D,MAAM,4BAAY,IAAI,QAAuC;;;;;;;;;;;;AAa7D,eAAsB,gBAAgB,OAAuC;CAC3E,iCAAiC,MAAM,QAAQ,QAAQ;CACvD,MAAM,UAAU,MAAM,cAAc,KAAK;CACzC,MAAM,MAAM,OAAO,OAAO,CAAC,CAAC;CAC5B,UAAU,IAAI,KAAK,EAAE,QAAQ,CAAC;CAC9B,OAAO;AACT;;;;;;;;;;AAWA,SAAgB,gBAAgB,OAAmB,QAAiC;CAClF,OAAO,kBAAkB,OAAO,QAAQ,UAAU,QAAQ;AAC5D;;;;;;;;;;AAWA,SAAgB,gBAAgB,SAAiB,QAAqC;CACpF,OAAO,kBAAkB,SAAS,QAAQ,UAAU,QAAQ;AAC9D;;;;;;;AAQA,SAAgB,oBAAoB,KAA2B;CAC7D,MAAM,eAAe,UAAU,IAAI,GAAG;;CAEtC,IAAI,iBAAiB,KAAA,GAAW,MAAM,IAAI,MAAM,oBAAoB;CACpE,OAAO,aAAa;AACtB;AAEA,eAAe,cAAc,OAAuC;CAClE,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,sBAAM,IAAI,WAAW;EAAG,MAAM;CAAS,GACxE,MACA;EAAE,MAAM;EAAQ,MAAM;EAAW,QAAQ;CAAI,GAC7C,OACA,CAAC,MAAM,CACT;AACF;;;;;;;;;;;;;;;;;;;ACzBA,SAAgB,eACd,OACA,MACoB;CACpB,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAE7C,IAAI,OAAO,KAAK,OAAO,YAAY,KAAK,GAAG,KAAK,MAAM,IACpD,MAAM,IAAI,SACR,qBACA,kEACF;CAGF,MAAM,UAAU,oBAAoB,KAAK,GAAG;CAC5C,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,sBAAsB,QAAQ,OAAO,KAAK,IAAI,OAAO;CAEpE,OAAO;EACL,QAAQ,OAAO;EACf,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,CAAC;EACnE,aAAa,KAAK;CACpB;AACF"}

package/dist/key-material-gOnqTNoV.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"key-material-gOnqTNoV.mjs","names":[],"sources":["../src/bytes.ts","../src/key-material.ts"],"sourcesContent":["const hexDigits = \"0123456789abcdef\";\n\nconst invalidNibble = 0xff;\nconst hexCharCodeToNibble = new Uint8Array(128).fill(invalidNibble);\nfor (let i = 0; i < 10; i++) hexCharCodeToNibble[48 + i] = i;\nfor (let i = 0; i < 6; i++) {\n  hexCharCodeToNibble[97 + i] = 10 + i;\n  hexCharCodeToNibble[65 + i] = 10 + i;\n}\n\n/** Lowercase hex encoding of raw bytes. */\nexport function encodeHex(bytes: Uint8Array): string {\n  // oxlint-disable-next-line no-new-array\n  const codes = new Array<number>(bytes.length * 2);\n  for (let i = 0; i < bytes.length; i++) {\n    const b = bytes[i]!;\n    codes[i * 2] = hexDigits.charCodeAt(b >>> 4);\n    codes[i * 2 + 1] = hexDigits.charCodeAt(b & 0x0f);\n  }\n  return String.fromCharCode(...codes);\n}\n\n/** Decodes a hex string to raw bytes. Throws on non-hex input. */\nexport function decodeHex(encoded: string): Uint8Array {\n  if (encoded.length % 2 !== 0) throw new Error(\"invalid hex\");\n  const out = new Uint8Array(encoded.length / 2);\n  for (let i = 0; i < out.length; i++) {\n    const hiCode = encoded.charCodeAt(i * 2);\n    const loCode = encoded.charCodeAt(i * 2 + 1);\n    if (hiCode >= hexCharCodeToNibble.length || loCode >= hexCharCodeToNibble.length) {\n      throw new Error(\"invalid hex\");\n    }\n    const hi = hexCharCodeToNibble[hiCode]!;\n    const lo = hexCharCodeToNibble[loCode]!;\n    if (hi === invalidNibble || lo === invalidNibble) {\n      throw new Error(\"invalid hex\");\n    }\n    out[i] = (hi << 4) | lo;\n  }\n  return out;\n}\n\n/** Base64url encoding without padding. */\nexport function encodeBase64Url(bytes: Uint8Array): string {\n  let binary = \"\";\n  for (let i = 0; i < bytes.length; i++) binary += String.fromCharCode(bytes[i]!);\n  return btoa(binary).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\n/** Decodes a base64url string to raw bytes. Throws on invalid input. */\nexport function decodeBase64Url(encoded: string): Uint8Array {\n  const base64 = encoded.replace(/-/g, \"+\").replace(/_/g, \"/\");\n  const pad = (4 - (base64.length % 4)) % 4;\n  const binary = atob(base64 + \"=\".repeat(pad));\n  const out = new Uint8Array(binary.length);\n  for (let i = 0; i < binary.length; i++) out[i] = binary.charCodeAt(i);\n  return out;\n}\n","import { decodeBase64Url, decodeHex, encodeBase64Url, encodeHex } from \"./bytes.js\";\nimport { IdsError } from \"./error.js\";\n\ntype KeyMaterialFormat = \"hex\" | \"base64url\";\n\nconst validByteLengths = new Set([16, 24, 32]);\n\nfunction formatForError(value: unknown): string {\n  try {\n    return String(value);\n  } catch {\n    return \"[unprintable]\";\n  }\n}\n\nfunction assertKeyMaterialFormat(\n  format: unknown,\n  noun: string,\n): asserts format is KeyMaterialFormat {\n  if (format !== \"hex\" && format !== \"base64url\") {\n    throw new IdsError(\n      \"invalid_key_format\",\n      `invalid ${noun} key format: expected hex or base64url, got '${formatForError(format)}'`,\n    );\n  }\n}\n\n/**\n * Throws `empty_keyring` when `keys` is empty.\n * `noun` appears in the message (e.g. `\"signing\"` → \"signing keyring must contain at least one key\").\n */\nfunction assertNonEmptyKeyring<K = unknown>(keys: readonly K[], noun: string): void {\n  if (keys.length === 0) {\n    throw new IdsError(\"empty_keyring\", `${noun} keyring must contain at least one key`);\n  }\n}\n\n/**\n * Throws `duplicate_keyring_entry` when any two entries in `keys` compare equal.\n * Uses the caller-supplied constant-time `keysEqual` comparator.\n */\nfunction assertNoDuplicateKeyringEntries<K>(\n  keys: readonly K[],\n  keysEqual: (a: K, b: K) => boolean,\n  noun: string,\n): void {\n  for (let i = 0; i < keys.length; i++) {\n    for (let j = i + 1; j < keys.length; j++) {\n      if (keysEqual(keys[i]!, keys[j]!)) {\n        throw new IdsError(\"duplicate_keyring_entry\", `duplicate ${noun} key in keyring`);\n      }\n    }\n  }\n}\n\n/**\n * Asserts that `keys` is non-empty and contains no pairwise duplicates.\n *\n * Combines {@link assertNonEmptyKeyring} and {@link assertNoDuplicateKeyringEntries}\n * into a single call for codec constructors that validate a keyring at construction.\n *\n * @param keys - The keyring to validate.\n * @param keysEqual - Constant-time comparator (e.g. `wrappingKeysEqual`, `signingKeysEqual`).\n * @param noun - Noun used in error messages (e.g. `\"wrapping\"`, `\"signing\"`).\n */\nexport function assertValidKeyring<K>(\n  keys: readonly K[],\n  keysEqual: (a: K, b: K) => boolean,\n  noun: string,\n): void {\n  assertNonEmptyKeyring(keys, noun);\n  assertNoDuplicateKeyringEntries(keys, keysEqual, noun);\n}\n\n/** Throws `invalid_key_length` when `byteLength` is not 16, 24, or 32. */\nexport function assertValidKeyMaterialByteLength(byteLength: number, noun: string): void {\n  if (!validByteLengths.has(byteLength)) {\n    throw new IdsError(\n      \"invalid_key_length\",\n      `invalid ${noun} key length: expected 16, 24, or 32 bytes, got ${byteLength}`,\n    );\n  }\n}\n\n/**\n * Encodes raw key bytes as hex or base64url.\n *\n * `formatNoun` appears in format error messages; `lengthNoun` in length error messages.\n * For most key types both are the same (e.g. `\"wrapping\"`, `\"signing\"`). For the\n * Opaque key, they differ (`\"opaque\"` and `\"AES\"` respectively) to preserve the\n * original human-readable messages.\n */\nexport function encodeKeyMaterial(\n  bytes: Uint8Array,\n  format: KeyMaterialFormat,\n  formatNoun: string,\n  lengthNoun: string,\n): string {\n  assertKeyMaterialFormat(format, formatNoun);\n  assertValidKeyMaterialByteLength(bytes.length, lengthNoun);\n  if (format === \"hex\") return encodeHex(bytes);\n  return encodeBase64Url(bytes);\n}\n\n/**\n * Decodes a hex or base64url-encoded key string back to raw bytes.\n *\n * `formatNoun` appears in format error messages; `lengthNoun` in length error messages.\n */\nexport function decodeKeyMaterial(\n  encoded: string,\n  format: KeyMaterialFormat,\n  formatNoun: string,\n  lengthNoun: string,\n): Uint8Array {\n  assertKeyMaterialFormat(format, formatNoun);\n  let bytes: Uint8Array;\n  if (format === \"hex\") {\n    if (encoded.length === 0 || encoded.length % 2 !== 0) {\n      throw new IdsError(\n        \"invalid_key_encoding\",\n        \"invalid hex key: length must be a positive even number of characters\",\n      );\n    }\n    if (!/^[0-9a-fA-F]+$/.test(encoded)) {\n      throw new IdsError(\"invalid_key_encoding\", \"invalid hex key: expected [0-9a-fA-F] only\");\n    }\n    bytes = decodeHex(encoded);\n  } else {\n    try {\n      bytes = decodeBase64Url(encoded);\n    } catch {\n      throw new IdsError(\"invalid_key_encoding\", \"invalid base64url key\");\n    }\n  }\n  assertValidKeyMaterialByteLength(bytes.length, lengthNoun);\n  return bytes;\n}\n"],"mappings":";;AAAA,MAAM,YAAY;AAElB,MAAM,gBAAgB;AACtB,MAAM,uCAAsB,IAAI,WAAW,GAAG,EAAA,CAAE,KAAK,aAAa;AAClE,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,KAAK,oBAAoB,KAAK,KAAK;AAC3D,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KAAK;CAC1B,oBAAoB,KAAK,KAAK,KAAK;CACnC,oBAAoB,KAAK,KAAK,KAAK;AACrC;;AAGA,SAAgB,UAAU,OAA2B;CAEnD,MAAM,QAAQ,IAAI,MAAc,MAAM,SAAS,CAAC;CAChD,KAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;EACrC,MAAM,IAAI,MAAM;EAChB,MAAM,IAAI,KAAK,UAAU,WAAW,MAAM,CAAC;EAC3C,MAAM,IAAI,IAAI,KAAK,UAAU,WAAW,IAAI,EAAI;CAClD;CACA,OAAO,OAAO,aAAa,GAAG,KAAK;AACrC;;AAGA,SAAgB,UAAU,SAA6B;CACrD,IAAI,QAAQ,SAAS,MAAM,GAAG,MAAM,IAAI,MAAM,aAAa;CAC3D,MAAM,MAAM,IAAI,WAAW,QAAQ,SAAS,CAAC;CAC7C,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;EACnC,MAAM,SAAS,QAAQ,WAAW,IAAI,CAAC;EACvC,MAAM,SAAS,QAAQ,WAAW,IAAI,IAAI,CAAC;EAC3C,IAAI,UAAU,oBAAoB,UAAU,UAAU,oBAAoB,QACxE,MAAM,IAAI,MAAM,aAAa;EAE/B,MAAM,KAAK,oBAAoB;EAC/B,MAAM,KAAK,oBAAoB;EAC/B,IAAI,OAAO,iBAAiB,OAAO,eACjC,MAAM,IAAI,MAAM,aAAa;EAE/B,IAAI,KAAM,MAAM,IAAK;CACvB;CACA,OAAO;AACT;;AAGA,SAAgB,gBAAgB,OAA2B;CACzD,IAAI,SAAS;CACb,KAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK,UAAU,OAAO,aAAa,MAAM,EAAG;CAC9E,OAAO,KAAK,MAAM,CAAC,CAAC,QAAQ,OAAO,GAAG,CAAC,CAAC,QAAQ,OAAO,GAAG,CAAC,CAAC,QAAQ,OAAO,EAAE;AAC/E;;AAGA,SAAgB,gBAAgB,SAA6B;CAC3D,MAAM,SAAS,QAAQ,QAAQ,MAAM,GAAG,CAAC,CAAC,QAAQ,MAAM,GAAG;CAC3D,MAAM,OAAO,IAAK,OAAO,SAAS,KAAM;CACxC,MAAM,SAAS,KAAK,SAAS,IAAI,OAAO,GAAG,CAAC;CAC5C,MAAM,MAAM,IAAI,WAAW,OAAO,MAAM;CACxC,KAAK,IAAI,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK,IAAI,KAAK,OAAO,WAAW,CAAC;CACpE,OAAO;AACT;;;ACpDA,MAAM,mCAAmB,IAAI,IAAI;CAAC;CAAI;CAAI;AAAE,CAAC;AAE7C,SAAS,eAAe,OAAwB;CAC9C,IAAI;EACF,OAAO,OAAO,KAAK;CACrB,QAAQ;EACN,OAAO;CACT;AACF;AAEA,SAAS,wBACP,QACA,MACqC;CACrC,IAAI,WAAW,SAAS,WAAW,aACjC,MAAM,IAAI,SACR,sBACA,WAAW,KAAK,+CAA+C,eAAe,MAAM,EAAE,EACxF;AAEJ;;;;;AAMA,SAAS,sBAAmC,MAAoB,MAAoB;CAClF,IAAI,KAAK,WAAW,GAClB,MAAM,IAAI,SAAS,iBAAiB,GAAG,KAAK,uCAAuC;AAEvF;;;;;AAMA,SAAS,gCACP,MACA,WACA,MACM;CACN,KAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAC/B,KAAK,IAAI,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KACnC,IAAI,UAAU,KAAK,IAAK,KAAK,EAAG,GAC9B,MAAM,IAAI,SAAS,2BAA2B,aAAa,KAAK,gBAAgB;AAIxF;;;;;;;;;;;AAYA,SAAgB,mBACd,MACA,WACA,MACM;CACN,sBAAsB,MAAM,IAAI;CAChC,gCAAgC,MAAM,WAAW,IAAI;AACvD;;AAGA,SAAgB,iCAAiC,YAAoB,MAAoB;CACvF,IAAI,CAAC,iBAAiB,IAAI,UAAU,GAClC,MAAM,IAAI,SACR,sBACA,WAAW,KAAK,iDAAiD,YACnE;AAEJ;;;;;;;;;AAUA,SAAgB,kBACd,OACA,QACA,YACA,YACQ;CACR,wBAAwB,QAAQ,UAAU;CAC1C,iCAAiC,MAAM,QAAQ,UAAU;CACzD,IAAI,WAAW,OAAO,OAAO,UAAU,KAAK;CAC5C,OAAO,gBAAgB,KAAK;AAC9B;;;;;;AAOA,SAAgB,kBACd,SACA,QACA,YACA,YACY;CACZ,wBAAwB,QAAQ,UAAU;CAC1C,IAAI;CACJ,IAAI,WAAW,OAAO;EACpB,IAAI,QAAQ,WAAW,KAAK,QAAQ,SAAS,MAAM,GACjD,MAAM,IAAI,SACR,wBACA,sEACF;EAEF,IAAI,CAAC,iBAAiB,KAAK,OAAO,GAChC,MAAM,IAAI,SAAS,wBAAwB,4CAA4C;EAEzF,QAAQ,UAAU,OAAO;CAC3B,OACE,IAAI;EACF,QAAQ,gBAAgB,OAAO;CACjC,QAAQ;EACN,MAAM,IAAI,SAAS,wBAAwB,uBAAuB;CACpE;CAEF,iCAAiC,MAAM,QAAQ,UAAU;CACzD,OAAO;AACT"}

package/dist/opaque-BpqxV8oB.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"opaque-BpqxV8oB.mjs","names":[],"sources":["../src/layouts/opaque.ts","../src/opaque-key.ts","../src/opaque.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { payloadBytesFromId, toWireId } from \"../wire/envelope.js\";\nimport { payloadBase32Length, payloadByteLength } from \"../wire/invariants.js\";\nimport { readTimestampMs, timestampByteLength, writeTimestamp } from \"../wire/timestamp-bytes.js\";\n\nconst zeroIv = new Uint8Array(payloadByteLength);\nconst pkcsPad = 0x10;\n\nfunction buildPlaintext(ms: number, rng: (target: Uint8Array) => void): Uint8Array {\n  const plaintext = new Uint8Array(payloadByteLength);\n  writeTimestamp(ms, plaintext);\n  rng(plaintext.subarray(timestampByteLength, payloadByteLength));\n  return plaintext;\n}\n\nasync function encryptPayload(key: CryptoKey, plaintext: Uint8Array): Promise<Uint8Array> {\n  const encrypted = new Uint8Array(\n    await crypto.subtle.encrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key,\n      plaintext as Uint8Array<ArrayBuffer>,\n    ),\n  );\n  return encrypted.subarray(0, payloadByteLength);\n}\n\n// AES-CBC strip-and-reconstruct decrypt (ADR-0004). The wire carries only C1\n// (16 bytes); C2 = AES_K(P2 XOR C1) where P2 is the PKCS#7 pad block (0x10×16).\n// Recompute C2 via CBC encrypt of (P2 XOR C1) with IV=0, then decrypt C1‖C2.\nasync function decryptPayload(key: CryptoKey, c1: Uint8Array): Promise<Uint8Array> {\n  const c2Input = new Uint8Array(payloadByteLength);\n  for (let i = 0; i < payloadByteLength; i++) c2Input[i] = pkcsPad ^ c1[i]!;\n  const c2Encrypted = new Uint8Array(\n    await crypto.subtle.encrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key,\n      c2Input as Uint8Array<ArrayBuffer>,\n    ),\n  );\n  const ciphertext = new Uint8Array(payloadByteLength * 2);\n  ciphertext.set(c1, 0);\n  ciphertext.set(c2Encrypted.subarray(0, payloadByteLength), payloadByteLength);\n  return new Uint8Array(\n    await crypto.subtle.decrypt(\n      { name: \"AES-CBC\", iv: zeroIv },\n      key,\n      ciphertext as Uint8Array<ArrayBuffer>,\n    ),\n  );\n}\n\nasync function extractTimestampFromId<Brand extends string>(\n  prefix: Prefix<Brand>,\n  key: CryptoKey,\n  id: Id<Brand>,\n): Promise<Date> {\n  const plaintext = await decryptPayload(key, payloadBytesFromId(prefix, id));\n  return new Date(readTimestampMs(plaintext));\n}\n\n/** Produces a canonical encrypted wire ID. Per-call plaintext/ciphertext buffers —\n * subtle dominates this path; reuse would be safe but not worth pinning to spec detail. */\nasync function generateWireId<Brand extends string>(\n  prefix: Prefix<Brand>,\n  key: CryptoKey,\n  rng: (target: Uint8Array) => void,\n  ms: number,\n): Promise<Id<Brand>> {\n  const plaintext = buildPlaintext(ms, rng);\n  const encrypted = await encryptPayload(key, plaintext);\n  return toWireId(prefix, encrypted);\n}\n\n/** Structural placeholder for JSON Schema (encrypt is async). */\nfunction schemaExample<Brand extends string>(prefix: Prefix<Brand>): string {\n  return prefix + \"0\".repeat(payloadBase32Length);\n}\n\n/** Layout ops binder for the Opaque Timestamp variant. `extractTimestampFromId` is module-private; the binder exposes `extractTimestamp` for the codec constructor. */\nexport function createOpaqueLayoutOps<Brand extends string>(\n  prefix: Prefix<Brand>,\n  key: CryptoKey,\n  rng: (target: Uint8Array) => void,\n) {\n  return {\n    generateAt: (ms: number): Promise<Id<Brand>> => generateWireId(prefix, key, rng, ms),\n    extractTimestamp: (id: Id<Brand>): Promise<Date> => extractTimestampFromId(prefix, key, id),\n    exampleWireId: (): Id<Brand> => schemaExample(prefix) as Id<Brand>,\n  };\n}\n","import {\n  assertValidKeyMaterialByteLength,\n  decodeKeyMaterial,\n  encodeKeyMaterial,\n} from \"./key-material.js\";\n\n/** Wire encoding for opaque AES key material (not Crockford base32). */\nexport type OpaqueKeyFormat = \"hex\" | \"base64url\";\n\ndeclare const opaqueKeyBrand: unique symbol;\n\n/**\n * Opaque imported handle for one AES key used by the Opaque Timestamp codec.\n *\n * Holds the underlying `CryptoKey` internally; callers never access it directly.\n * Obtain handles via {@link importOpaqueKey} and pass them to\n * `createOpaqueTimestampId` as the `key` option.\n *\n * Distinct from the `WrappingKey` used by `@smonn/ids/wrapped` — one raw\n * secret must not silently serve both codecs without an explicit import.\n */\nexport type OpaqueKey = {\n  readonly [opaqueKeyBrand]: \"OpaqueKey\";\n};\n\nconst opaqueKeyInternals = new WeakMap<OpaqueKey, CryptoKey>();\n\n/**\n * Imports raw AES key bytes into an {@link OpaqueKey} handle for the Opaque\n * Timestamp codec.\n *\n * Accepts 16, 24, or 32 bytes (AES-128 / AES-192 / AES-256 strength).\n * To store or transport key material, use {@link encodeOpaqueKey} /\n * {@link decodeOpaqueKey} (`\"hex\"` or `\"base64url\"` — not Crockford base32).\n *\n * @param bytes - 16, 24, or 32 raw key bytes.\n */\nexport async function importOpaqueKey(bytes: Uint8Array): Promise<OpaqueKey> {\n  assertValidKeyMaterialByteLength(bytes.length, \"AES\");\n  const cryptoKey = await crypto.subtle.importKey(\n    \"raw\",\n    bytes as Uint8Array<ArrayBuffer>,\n    \"AES-CBC\",\n    false,\n    [\"encrypt\", \"decrypt\"],\n  );\n  const key = Object.freeze({}) as OpaqueKey;\n  opaqueKeyInternals.set(key, cryptoKey);\n  return key;\n}\n\nexport function getOpaqueKeyCryptoKey(key: OpaqueKey): CryptoKey {\n  const cryptoKey = opaqueKeyInternals.get(key);\n  if (cryptoKey === undefined) {\n    throw new Error(\"invalid opaque key\");\n  }\n  return cryptoKey;\n}\n\n/**\n * Encodes raw AES key bytes for storage in env vars or secret managers.\n *\n * @param bytes - 16, 24, or 32 raw key bytes (AES-128/192/256).\n * @param format - `hex` (lowercase) or `base64url`.\n */\nexport function encodeOpaqueKey(bytes: Uint8Array, format: OpaqueKeyFormat): string {\n  return encodeKeyMaterial(bytes, format, \"opaque\", \"AES\");\n}\n\n/**\n * Decodes key material emitted by `encodeOpaqueKey` (or `ids keygen`) back to raw bytes.\n *\n * @param encoded - Hex or base64url string.\n * @param format - Must match how the string was encoded.\n */\nexport function decodeOpaqueKey(encoded: string, format: OpaqueKeyFormat): Uint8Array {\n  return decodeKeyMaterial(encoded, format, \"opaque\", \"AES\");\n}\n","import { validateBrand } from \"./brand.js\";\nimport { createOpaqueLayoutOps } from \"./layouts/opaque.js\";\nimport { getOpaqueKeyCryptoKey, type OpaqueKey } from \"./opaque-key.js\";\nimport { registerBrand } from \"./registry.js\";\nimport { defaultRng } from \"./rng.js\";\nimport type { Id, JsonSchema, ParseResult, Prefix, StandardSchemaProps } from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported from `\"@smonn/ids\"` for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode } from \"./error.js\";\nexport {\n  decodeOpaqueKey,\n  encodeOpaqueKey,\n  importOpaqueKey,\n  type OpaqueKey,\n  type OpaqueKeyFormat,\n} from \"./opaque-key.js\";\n\n/**\n * Configuration options for an Opaque Timestamp codec instance.\n */\nexport type OpaqueTimestampOptions = {\n  /**\n   * {@link OpaqueKey} handle for AES-CBC encryption and decryption.\n   * Obtain via {@link importOpaqueKey}.\n   *\n   * A single key, not a ring: rotation is forward-only and caller-tracked —\n   * hold one codec per key epoch and select it from your own records. The\n   * library cannot trial keys (the payload is unauthenticated). See ADR-0013.\n   */\n  key: OpaqueKey;\n  /** Returns the current timestamp in milliseconds. Defaults to `Date.now`. */\n  now?: () => number;\n  /** Writes random bytes into `target` for ID generation. Defaults to `crypto.getRandomValues`. */\n  rng?: (target: Uint8Array) => void;\n  /** If true, silences the duplicate-brand warning in non-production environments. */\n  allowDuplicateBrand?: boolean;\n};\n\n/**\n * A brand-scoped codec for generating and validating Opaque Timestamp IDs.\n *\n * Same wire shape as the Timestamp codec (`{brand}_` + 26 base32 chars) but the\n * payload is AES-CBC encrypted. `generate`, `generateAt`, and `extractTimestamp`\n * are async; parsing methods are sync. No `minIdForTime` / `maxIdForTime` —\n * encrypted payloads do not sort by creation time.\n */\nexport type OpaqueTimestampCodec<Brand extends string> = {\n  /** Produces a new canonical encrypted ID using the codec's `now` and `rng`. */\n  generate(): Promise<Id<Brand>>;\n  /** Produces a new canonical encrypted ID with timestamp bytes from `date`. Throws on invalid dates. */\n  generateAt(date: Date): Promise<Id<Brand>>;\n  /**\n   * Strict type guard: `true` only for already-canonical strings for this brand.\n   * For untrusted input, use `safeParse()` or `parse()` instead. See ADR-0003.\n   */\n  is(value: unknown): value is Id<Brand>;\n  /**\n   * Lenient parse: normalises case and Crockford aliases, returns canonical `Id<Brand>`, or throws.\n   */\n  parse(value: unknown): Id<Brand>;\n  /**\n   * Lenient parse without throwing: normalises to canonical form, or returns `{ ok: false, error }`.\n   */\n  safeParse(value: unknown): ParseResult<Brand>;\n  /**\n   * Decrypts and decodes the creation `Date` from an `Id<Brand>`. Trusts the type — use `safeParse()` at boundaries first. See ADR-0002.\n   *\n   * Requires the same key used at generation; a wrong key returns a plausible\n   * but wrong `Date`, never an error. With rotation, select the codec for the\n   * ID's key epoch from your own records — the library cannot. See ADR-0013.\n   */\n  extractTimestamp(id: Id<Brand>): Promise<Date>;\n  /** JSON Schema for the canonical wire form (`example` is a structural placeholder). */\n  toJsonSchema(): JsonSchema;\n  /** Standard Schema validate entry point. */\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\n/**\n * Creates an Opaque Timestamp codec for `brand` (three lowercase a–z characters).\n *\n * @param brand - Entity type brand validated once at construction.\n * @param opts - Required `key` (an {@link OpaqueKey} from {@link importOpaqueKey}) plus\n *   optional `now`, `rng`, and `allowDuplicateBrand` overrides.\n */\nexport function createOpaqueTimestampId<Brand extends string>(\n  brand: Brand,\n  opts: OpaqueTimestampOptions,\n): OpaqueTimestampCodec<Brand> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n\n  const cryptoKey = getOpaqueKeyCryptoKey(opts.key);\n  const now = opts.now ?? Date.now;\n  const rng = opts.rng ?? defaultRng;\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createOpaqueLayoutOps(prefix, cryptoKey, rng);\n\n  return {\n    generate: () => layout.generateAt(now()),\n    generateAt: (date: Date) => layout.generateAt(date.getTime()),\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    extractTimestamp: layout.extractTimestamp,\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;;;AAKA,MAAM,yBAAS,IAAI,WAAA,EAA4B;AAC/C,MAAM,UAAU;AAEhB,SAAS,eAAe,IAAY,KAA+C;CACjF,MAAM,4BAAY,IAAI,WAAA,EAA4B;CAClD,eAAe,IAAI,SAAS;CAC5B,IAAI,UAAU,SAAA,GAAA,EAA+C,CAAC;CAC9D,OAAO;AACT;AAEA,eAAe,eAAe,KAAgB,WAA4C;CAQxF,OAAO,IAPe,WACpB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,KACA,SACF,CAEa,CAAC,CAAC,SAAS,GAAA,EAAoB;AAChD;AAKA,eAAe,eAAe,KAAgB,IAAqC;CACjF,MAAM,0BAAU,IAAI,WAAA,EAA4B;CAChD,KAAK,IAAI,IAAI,GAAG,IAAA,IAAuB,KAAK,QAAQ,KAAK,UAAU,GAAG;CACtE,MAAM,cAAc,IAAI,WACtB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,KACA,OACF,CACF;CACA,MAAM,6BAAa,IAAI,WAAA,EAAgC;CACvD,WAAW,IAAI,IAAI,CAAC;CACpB,WAAW,IAAI,YAAY,SAAS,GAAA,EAAoB,GAAA,EAAoB;CAC5E,OAAO,IAAI,WACT,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,KACA,UACF,CACF;AACF;AAEA,eAAe,uBACb,QACA,KACA,IACe;CACf,MAAM,YAAY,MAAM,eAAe,KAAK,mBAAmB,QAAQ,EAAE,CAAC;CAC1E,OAAO,IAAI,KAAK,gBAAgB,SAAS,CAAC;AAC5C;;;AAIA,eAAe,eACb,QACA,KACA,KACA,IACoB;CAGpB,OAAO,SAAS,QAAQ,MADA,eAAe,KADrB,eAAe,IAAI,GACe,CAAC,CACpB;AACnC;;AAGA,SAAS,cAAoC,QAA+B;CAC1E,OAAO,SAAS,IAAI,OAAO,mBAAmB;AAChD;;AAGA,SAAgB,sBACd,QACA,KACA,KACA;CACA,OAAO;EACL,aAAa,OAAmC,eAAe,QAAQ,KAAK,KAAK,EAAE;EACnF,mBAAmB,OAAiC,uBAAuB,QAAQ,KAAK,EAAE;EAC1F,qBAAgC,cAAc,MAAM;CACtD;AACF;;;AChEA,MAAM,qCAAqB,IAAI,QAA8B;;;;;;;;;;;AAY7D,eAAsB,gBAAgB,OAAuC;CAC3E,iCAAiC,MAAM,QAAQ,KAAK;CACpD,MAAM,YAAY,MAAM,OAAO,OAAO,UACpC,OACA,OACA,WACA,OACA,CAAC,WAAW,SAAS,CACvB;CACA,MAAM,MAAM,OAAO,OAAO,CAAC,CAAC;CAC5B,mBAAmB,IAAI,KAAK,SAAS;CACrC,OAAO;AACT;AAEA,SAAgB,sBAAsB,KAA2B;CAC/D,MAAM,YAAY,mBAAmB,IAAI,GAAG;CAC5C,IAAI,cAAc,KAAA,GAChB,MAAM,IAAI,MAAM,oBAAoB;CAEtC,OAAO;AACT;;;;;;;AAQA,SAAgB,gBAAgB,OAAmB,QAAiC;CAClF,OAAO,kBAAkB,OAAO,QAAQ,UAAU,KAAK;AACzD;;;;;;;AAQA,SAAgB,gBAAgB,SAAiB,QAAqC;CACpF,OAAO,kBAAkB,SAAS,QAAQ,UAAU,KAAK;AAC3D;;;;;;;;;;ACSA,SAAgB,wBACd,OACA,MAC6B;CAC7B,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAE7C,MAAM,YAAY,sBAAsB,KAAK,GAAG;CAChD,MAAM,MAAM,KAAK,OAAO,KAAK;CAC7B,MAAM,MAAM,KAAK,OAAO;CACxB,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,sBAAsB,QAAQ,WAAW,GAAG;CAE3D,OAAO;EACL,gBAAgB,OAAO,WAAW,IAAI,CAAC;EACvC,aAAa,SAAe,OAAO,WAAW,KAAK,QAAQ,CAAC;EAC5D,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,kBAAkB,OAAO;EACzB,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,CAAC;EACnE,aAAa,KAAK;CACpB;AACF"}

package/dist/reverse-d5uEoIET.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"reverse-d5uEoIET.mjs","names":[],"sources":["../src/layouts/reverse-timestamp.ts","../src/reverse.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { payloadBytesFromId, toWireId } from \"../wire/envelope.js\";\nimport { payloadByteLength } from \"../wire/invariants.js\";\nimport { timestampByteLength, writeTimestamp } from \"../wire/timestamp-bytes.js\";\n\nconst randomByteLength: number = payloadByteLength - timestampByteLength;\n\n/** Writes inverted timestamp bytes, then fills random portion. */\nfunction buildReversePayload(\n  ms: number,\n  rng: (target: Uint8Array) => void,\n  buffer: Uint8Array,\n  randomView: Uint8Array,\n): void {\n  writeTimestamp(ms, buffer);\n  for (let i = 0; i < timestampByteLength; i++) {\n    buffer[i] = ~buffer[i]! & 0xff;\n  }\n  rng(randomView);\n}\n\n/** Writes inverted timestamp bytes, then fills random portion with a sentinel. */\nfunction buildReverseSentinelPayload(\n  ms: number,\n  fill: number,\n  buffer: Uint8Array,\n  randomView: Uint8Array,\n): void {\n  writeTimestamp(ms, buffer);\n  for (let i = 0; i < timestampByteLength; i++) {\n    buffer[i] = ~buffer[i]! & 0xff;\n  }\n  randomView.fill(fill);\n}\n\n/** Decodes the original timestamp by inverting the first 6 payload bytes. */\nfunction extractReverseTimestampFromId<Brand extends string>(\n  prefix: Prefix<Brand>,\n  id: Id<Brand>,\n): Date {\n  const bytes = payloadBytesFromId(prefix, id);\n  let ms = 0;\n  for (let i = 0; i < timestampByteLength; i++) {\n    ms = ms * 256 + (~bytes[i]! & 0xff);\n  }\n  return new Date(ms);\n}\n\n/** Layout ops binder for the Reverse Timestamp variant. */\nexport function createReverseTimestampLayoutOps<Brand extends string>(\n  prefix: Prefix<Brand>,\n  rng: (target: Uint8Array) => void,\n) {\n  const buffer = new Uint8Array(payloadByteLength);\n  const randomView = new Uint8Array(buffer.buffer, timestampByteLength, randomByteLength);\n\n  return {\n    generateAt: (ms: number): Id<Brand> => {\n      buildReversePayload(ms, rng, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    extractTimestamp: (id: Id<Brand>): Date => extractReverseTimestampFromId(prefix, id),\n    minIdForTime: (ms: number): Id<Brand> => {\n      buildReverseSentinelPayload(ms, 0x00, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    maxIdForTime: (ms: number): Id<Brand> => {\n      buildReverseSentinelPayload(ms, 0xff, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    exampleWireId: (ms: number): Id<Brand> => {\n      buildReversePayload(ms, rng, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n  };\n}\n","import { validateBrand } from \"./brand.js\";\nimport { IdsError, isIdsError, type IdsErrorCode } from \"./error.js\";\nimport { createReverseTimestampLayoutOps } from \"./layouts/reverse-timestamp.js\";\nimport { registerBrand } from \"./registry.js\";\nimport { defaultRng } from \"./rng.js\";\nimport type { Id, JsonSchema, ParseResult, Prefix, StandardSchemaProps } from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported from `\"@smonn/ids\"` for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode };\n\n/**\n * Configuration options for a Reverse Timestamp codec instance.\n */\nexport type ReverseTimestampOptions = {\n  /** Returns the current timestamp in milliseconds. Defaults to `Date.now`. */\n  now?: () => number;\n  /** Writes random bytes into `target` for ID generation. Defaults to `crypto.getRandomValues`. */\n  rng?: (target: Uint8Array) => void;\n  /** If true, silences the duplicate-brand warning in non-production environments. */\n  allowDuplicateBrand?: boolean;\n};\n\n/**\n * A brand-scoped codec for generating and validating Reverse Timestamp IDs.\n *\n * Wire format: `{brand}_` plus 26 lowercase Crockford base32 characters encoding a\n * 16-byte payload (6-byte bitwise-inverted ms timestamp + 10 random bytes). IDs sort\n * by creation time in **descending** (newest-first) order.\n *\n * Range queries across a time interval [t_old, t_new] should scan from\n * `minIdForTime(t_new)` to `maxIdForTime(t_old)` — the reversed sort order means\n * newer timestamps produce lexicographically smaller IDs.\n *\n * Constructed via `createReverseTimestampId(brand)` from `@smonn/ids/reverse`.\n */\nexport type ReverseTimestampCodec<Brand extends string> = {\n  /** Produces a new canonical ID using the codec's `now` and `rng`. */\n  generate(): Id<Brand>;\n  /** Produces a new canonical ID with timestamp bytes from `date` and a fresh random tail. Throws on invalid dates. */\n  generateAt(date: Date): Id<Brand>;\n  /**\n   * Strict type guard: `true` only for already-canonical strings for this brand.\n   * For untrusted input, use `safeParse()` or `parse()` instead. See ADR-0003.\n   */\n  is(value: unknown): value is Id<Brand>;\n  /**\n   * Lenient parse: normalises case and Crockford aliases, returns canonical `Id<Brand>`, or throws.\n   */\n  parse(value: unknown): Id<Brand>;\n  /**\n   * Lenient parse without throwing: normalises to canonical form, or returns `{ ok: false, error }`.\n   */\n  safeParse(value: unknown): ParseResult<Brand>;\n  /**\n   * Decodes the creation `Date` from an `Id<Brand>` by inverting the timestamp bytes.\n   * Trusts the type — use `safeParse()` at boundaries first.\n   */\n  extractTimestamp(id: Id<Brand>): Date;\n  /**\n   * Lexicographically smallest ID for any ID generated at `date` (random portion `0x00`).\n   * Because timestamps are inverted, a newer `date` yields a lexicographically smaller result —\n   * use `minIdForTime(t_new)` as the lower bound when scanning [t_old, t_new].\n   * Throws on invalid dates.\n   */\n  minIdForTime(date: Date): Id<Brand>;\n  /**\n   * Lexicographically largest ID for any ID generated at `date` (random portion `0xff`).\n   * Because timestamps are inverted, an older `date` yields a lexicographically larger result —\n   * use `maxIdForTime(t_old)` as the upper bound when scanning [t_old, t_new].\n   * Throws on invalid dates.\n   */\n  maxIdForTime(date: Date): Id<Brand>;\n  /** JSON Schema for the canonical wire form (`pattern` is canonical-only). */\n  toJsonSchema(): JsonSchema;\n  /** Standard Schema validate entry point. */\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\n/**\n * Creates a Reverse Timestamp codec for `brand` (three lowercase a–z characters).\n *\n * IDs sort newest-first: the 48-bit timestamp field is bitwise-inverted before encoding,\n * so lexicographic ID order equals descending creation-time order. `extractTimestamp`\n * inverts back to recover the original millisecond.\n *\n * @param brand - Entity type brand validated once at construction.\n * @param opts - Optional `now`, `rng`, and `allowDuplicateBrand` overrides.\n */\nexport function createReverseTimestampId<Brand extends string>(\n  brand: Brand,\n  opts: ReverseTimestampOptions = {},\n): ReverseTimestampCodec<Brand> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n\n  const now = opts.now ?? Date.now;\n  const rng = opts.rng ?? defaultRng;\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createReverseTimestampLayoutOps(prefix, rng);\n\n  return {\n    generate: () => layout.generateAt(now()),\n    generateAt: (date: Date) => layout.generateAt(date.getTime()),\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    extractTimestamp: layout.extractTimestamp,\n    minIdForTime: (date: Date) => layout.minIdForTime(date.getTime()),\n    maxIdForTime: (date: Date) => layout.maxIdForTime(date.getTime()),\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId(now())),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;;AAKA,MAAM,mBAAA;;AAGN,SAAS,oBACP,IACA,KACA,QACA,YACM;CACN,eAAe,IAAI,MAAM;CACzB,KAAK,IAAI,IAAI,GAAG,IAAA,GAAyB,KACvC,OAAO,KAAK,CAAC,OAAO,KAAM;CAE5B,IAAI,UAAU;AAChB;;AAGA,SAAS,4BACP,IACA,MACA,QACA,YACM;CACN,eAAe,IAAI,MAAM;CACzB,KAAK,IAAI,IAAI,GAAG,IAAA,GAAyB,KACvC,OAAO,KAAK,CAAC,OAAO,KAAM;CAE5B,WAAW,KAAK,IAAI;AACtB;;AAGA,SAAS,8BACP,QACA,IACM;CACN,MAAM,QAAQ,mBAAmB,QAAQ,EAAE;CAC3C,IAAI,KAAK;CACT,KAAK,IAAI,IAAI,GAAG,IAAA,GAAyB,KACvC,KAAK,KAAK,OAAO,CAAC,MAAM,KAAM;CAEhC,OAAO,IAAI,KAAK,EAAE;AACpB;;AAGA,SAAgB,gCACd,QACA,KACA;CACA,MAAM,yBAAS,IAAI,WAAA,EAA4B;CAC/C,MAAM,aAAa,IAAI,WAAW,OAAO,QAAA,GAA6B,gBAAgB;CAEtF,OAAO;EACL,aAAa,OAA0B;GACrC,oBAAoB,IAAI,KAAK,QAAQ,UAAU;GAC/C,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,mBAAmB,OAAwB,8BAA8B,QAAQ,EAAE;EACnF,eAAe,OAA0B;GACvC,4BAA4B,IAAI,GAAM,QAAQ,UAAU;GACxD,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,eAAe,OAA0B;GACvC,4BAA4B,IAAI,KAAM,QAAQ,UAAU;GACxD,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,gBAAgB,OAA0B;GACxC,oBAAoB,IAAI,KAAK,QAAQ,UAAU;GAC/C,OAAO,SAAS,QAAQ,MAAM;EAChC;CACF;AACF;;;;;;;;;;;;;ACcA,SAAgB,yBACd,OACA,OAAgC,CAAC,GACH;CAC9B,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAE7C,MAAM,MAAM,KAAK,OAAO,KAAK;CAC7B,MAAM,MAAM,KAAK,OAAO;CACxB,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,gCAAgC,QAAQ,GAAG;CAE1D,OAAO;EACL,gBAAgB,OAAO,WAAW,IAAI,CAAC;EACvC,aAAa,SAAe,OAAO,WAAW,KAAK,QAAQ,CAAC;EAC5D,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,kBAAkB,OAAO;EACzB,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,IAAI,CAAC,CAAC;EACxE,aAAa,KAAK;CACpB;AACF"}

package/dist/rng-CPJOx_nE.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"rng-CPJOx_nE.mjs","names":[],"sources":["../src/rng.ts"],"sourcesContent":["/** Default RNG: writes cryptographically random bytes via `crypto.getRandomValues`. */\nexport function defaultRng(target: Uint8Array): void {\n  crypto.getRandomValues(target as Uint8Array<ArrayBuffer>);\n}\n"],"mappings":";;AACA,SAAgB,WAAW,QAA0B;CACnD,OAAO,gBAAgB,MAAiC;AAC1D"}

package/dist/signed-BnRSC03a.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"signed-BnRSC03a.mjs","names":[],"sources":["../src/layouts/signed-timestamp.ts","../src/signing-key.ts","../src/signed.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { payloadBytesFromId, toWireId } from \"../wire/envelope.js\";\nimport { payloadBase32Length, payloadByteLength } from \"../wire/invariants.js\";\nimport {\n  readTimestampMsFromBase32Suffix,\n  timestampByteLength,\n  writeTimestamp,\n} from \"../wire/timestamp-bytes.js\";\n\nconst randomByteLength = 5;\nconst tagByteLength = 5;\nconst randomOffset = timestampByteLength; // 6\nconst tagOffset = randomOffset + randomByteLength; // 11\nconst signedContentByteLength = randomOffset + randomByteLength; // 11 (ts6 ‖ rand5)\n\nasync function computeTag(\n  hmacKey: CryptoKey,\n  brandBytes: Uint8Array,\n  signedContent: Uint8Array,\n): Promise<Uint8Array> {\n  const message = new Uint8Array(brandBytes.length + signedContent.length);\n  message.set(brandBytes, 0);\n  message.set(signedContent, brandBytes.length);\n  const signature = new Uint8Array(\n    await crypto.subtle.sign(\"HMAC\", hmacKey, message as Uint8Array<ArrayBuffer>),\n  );\n  return signature.subarray(0, tagByteLength);\n}\n\nfunction tagsEqual(a: Uint8Array, b: Uint8Array): boolean {\n  /* v8 ignore next -- defensive guard; both call sites always pass tagByteLength-byte arrays */\n  if (a.length !== b.length) return false;\n  let diff = 0;\n  for (let i = 0; i < a.length; i++) diff |= a[i]! ^ b[i]!;\n  return diff === 0;\n}\n\nexport function createSignedTimestampLayoutOps<Brand extends string>(\n  prefix: Prefix<Brand>,\n  brand: Brand,\n  rng: (target: Uint8Array) => void,\n  hmacKeys: readonly CryptoKey[],\n) {\n  const signKey = hmacKeys[0]!;\n  const brandBytes = new TextEncoder().encode(brand);\n  const syncBuffer = new Uint8Array(payloadByteLength);\n\n  return {\n    generateAt: async (ms: number): Promise<Id<Brand>> => {\n      const buffer = new Uint8Array(payloadByteLength);\n      writeTimestamp(ms, buffer);\n      rng(buffer.subarray(randomOffset, tagOffset));\n      const tag = await computeTag(\n        signKey,\n        brandBytes,\n        buffer.subarray(0, signedContentByteLength),\n      );\n      buffer.set(tag, tagOffset);\n      return toWireId(prefix, buffer);\n    },\n    tryVerify: async (id: Id<Brand>): Promise<boolean> => {\n      const payload = payloadBytesFromId(prefix, id);\n      const storedTag = payload.subarray(tagOffset, payloadByteLength);\n      const signedContent = payload.subarray(0, signedContentByteLength);\n      for (const hmacKey of hmacKeys) {\n        const expected = await computeTag(hmacKey, brandBytes, signedContent);\n        if (tagsEqual(storedTag, expected)) return true;\n      }\n      return false;\n    },\n    extractTimestamp: (id: Id<Brand>): Date =>\n      new Date(readTimestampMsFromBase32Suffix(id.slice(prefix.length))),\n    minIdForTime: (ms: number): Id<Brand> => {\n      writeTimestamp(ms, syncBuffer);\n      syncBuffer.fill(0x00, randomOffset, payloadByteLength);\n      return toWireId(prefix, syncBuffer);\n    },\n    maxIdForTime: (ms: number): Id<Brand> => {\n      writeTimestamp(ms, syncBuffer);\n      syncBuffer.fill(0xff, randomOffset, payloadByteLength);\n      return toWireId(prefix, syncBuffer);\n    },\n    exampleWireId: (): Id<Brand> => (prefix + \"0\".repeat(payloadBase32Length)) as Id<Brand>,\n  };\n}\n","import {\n  assertValidKeyMaterialByteLength,\n  assertValidKeyring,\n  decodeKeyMaterial,\n  encodeKeyMaterial,\n} from \"./key-material.js\";\n\nexport { assertValidKeyring };\n\n/** Wire encoding for signing key raw key bytes (not Crockford base32). */\nexport type SigningKeyFormat = \"hex\" | \"base64url\";\n\nconst hmacInfo = new TextEncoder().encode(\"ids/signed-timestamp/hmac\");\n\nconst SHA256_DIGEST_BYTES = 32;\n\ndeclare const signingKeyBrand: unique symbol;\n\n/**\n * Opaque imported handle for one operator signing key.\n *\n * Holds a single HMAC-SHA-256 key derived via HKDF under the domain-separation\n * label `ids/signed-timestamp/hmac`. The underlying `CryptoKey` is held\n * internally and never exposed to callers. Obtain handles via\n * {@link importSigningKey} and pass them to `createSignedTimestampId` as the\n * `keys` signing keyring.\n *\n * Distinct from both the **Opaque key** and the **Wrapping key** — the same\n * raw key material must not silently serve multiple codecs without an explicit import.\n */\nexport type SigningKey = {\n  readonly [signingKeyBrand]: \"SigningKey\";\n};\n\ntype SigningKeyInternals = {\n  keyDigest: Uint8Array;\n  hmacKey: CryptoKey;\n};\n\nconst internals = new WeakMap<SigningKey, SigningKeyInternals>();\n\n/**\n * Import raw operator key material into a {@link SigningKey} handle.\n *\n * Derives a single HMAC-SHA-256 key via HKDF under the domain-separation label\n * `ids/signed-timestamp/hmac`. Accepts 16, 24, or 32 bytes. To store or\n * transport key material, use {@link encodeSigningKey} / {@link decodeSigningKey}\n * (`\"hex\"` or `\"base64url\"` — not Crockford base32).\n *\n * @param bytes - 16, 24, or 32 raw key bytes.\n * @throws {IdsError} `invalid_key_length` if `bytes.length` is not 16, 24, or 32.\n */\nexport async function importSigningKey(bytes: Uint8Array): Promise<SigningKey> {\n  assertValidKeyMaterialByteLength(bytes.length, \"signing\");\n  const [hmacKey, digestBuffer] = await Promise.all([\n    deriveHmacKey(bytes),\n    crypto.subtle.digest(\"SHA-256\", bytes as Uint8Array<ArrayBuffer>),\n  ]);\n  const key = Object.freeze({}) as SigningKey;\n  internals.set(key, { keyDigest: new Uint8Array(digestBuffer), hmacKey });\n  return key;\n}\n\n/**\n * Encode raw signing operator key material for storage in env vars or secret managers.\n *\n * Supports `\"hex\"` (lowercase) and `\"base64url\"`. Output round-trips through\n * {@link decodeSigningKey} back to the original bytes.\n *\n * @throws {IdsError} `invalid_key_format` if `format` is not `\"hex\"` or `\"base64url\"`.\n * @throws {IdsError} `invalid_key_length` if `bytes.length` is not 16, 24, or 32.\n */\nexport function encodeSigningKey(bytes: Uint8Array, format: SigningKeyFormat): string {\n  return encodeKeyMaterial(bytes, format, \"signing\", \"signing\");\n}\n\n/**\n * Decode key material emitted by {@link encodeSigningKey} back to raw bytes.\n *\n * The result can be passed directly to {@link importSigningKey}.\n *\n * @throws {IdsError} `invalid_key_format` if `format` is not `\"hex\"` or `\"base64url\"`.\n * @throws {IdsError} `invalid_key_encoding` if the string is malformed for its format.\n * @throws {IdsError} `invalid_key_length` if the decoded bytes are not 16, 24, or 32 bytes.\n */\nexport function decodeSigningKey(encoded: string, format: SigningKeyFormat): Uint8Array {\n  return decodeKeyMaterial(encoded, format, \"signing\", \"signing\");\n}\n\n/**\n * Returns true when two handles were imported from the same raw key material.\n *\n * Uses a constant-time comparison so duplicate detection over key material does\n * not leak the position of the first differing byte through a timing side channel.\n */\nexport function signingKeysEqual(a: SigningKey, b: SigningKey): boolean {\n  const aDigest = getSigningKeyInternals(a).keyDigest;\n  const bDigest = getSigningKeyInternals(b).keyDigest;\n  let diff = 0;\n  for (let i = 0; i < SHA256_DIGEST_BYTES; i++) {\n    diff |= aDigest[i]! ^ bDigest[i]!;\n  }\n  return diff === 0;\n}\n\n/**\n * Returns the derived HMAC CryptoKey held inside the handle.\n *\n * Intentional module-internal escape hatch for codec implementations (e.g. `createSignedTimestampId`).\n * Not re-exported from `@smonn/ids/signed`; external callers cannot reach this.\n */\nexport function getSigningKeyHmacKey(key: SigningKey): CryptoKey {\n  return getSigningKeyInternals(key).hmacKey;\n}\n\nfunction getSigningKeyInternals(key: SigningKey): SigningKeyInternals {\n  const keyInternals = internals.get(key);\n  if (keyInternals === undefined) {\n    throw new Error(\"invalid signing key\");\n  }\n  return keyInternals;\n}\n\nasync function deriveHmacKey(bytes: Uint8Array): Promise<CryptoKey> {\n  const base = await crypto.subtle.importKey(\n    \"raw\",\n    bytes as Uint8Array<ArrayBuffer>,\n    \"HKDF\",\n    false,\n    [\"deriveKey\"],\n  );\n  return crypto.subtle.deriveKey(\n    { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: hmacInfo },\n    base,\n    { name: \"HMAC\", hash: \"SHA-256\", length: 256 },\n    false,\n    [\"sign\", \"verify\"],\n  );\n}\n","import { validateBrand } from \"./brand.js\";\nimport { IdsError, isIdsError, type IdsErrorCode } from \"./error.js\";\nimport { createSignedTimestampLayoutOps } from \"./layouts/signed-timestamp.js\";\nimport { registerBrand } from \"./registry.js\";\nimport { defaultRng } from \"./rng.js\";\nimport type {\n  Id,\n  JsonSchema,\n  ParseError,\n  ParseResult,\n  Prefix,\n  StandardSchemaProps,\n} from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\nimport {\n  assertValidKeyring,\n  decodeSigningKey,\n  encodeSigningKey,\n  getSigningKeyHmacKey,\n  importSigningKey,\n  signingKeysEqual,\n  type SigningKey,\n  type SigningKeyFormat,\n} from \"./signing-key.js\";\n\n/** {@link IdsError} class, {@link isIdsError} type guard, and {@link IdsErrorCode} union — re-exported for convenience. */\nexport { IdsError, isIdsError, type IdsErrorCode };\nexport {\n  decodeSigningKey,\n  encodeSigningKey,\n  importSigningKey,\n  type SigningKey,\n  type SigningKeyFormat,\n};\n\n/**\n * Configuration options for a Signed Timestamp codec instance.\n */\nexport type SignedTimestampOptions = {\n  /**\n   * Non-empty ordered signing keyring. The first entry is current — the only one\n   * `generate` / `generateAt` sign with. `verify` / `safeVerify` trial every entry\n   * until the tag matches. Duplicate raw secrets are rejected at construction.\n   */\n  keys: [SigningKey, ...SigningKey[]];\n  /** Returns the current timestamp in milliseconds. Defaults to `Date.now`. */\n  now?: () => number;\n  /** Writes 5 random bytes into `target` for the random tail. Defaults to `crypto.getRandomValues`. */\n  rng?: (target: Uint8Array) => void;\n  /** If true, silences the duplicate-brand warning in non-production environments. */\n  allowDuplicateBrand?: boolean;\n};\n\n/**\n * Result returned by {@link SignedTimestampCodec.safeVerify}.\n *\n * On success, `id` is the canonical {@link Id}.\n * On failure, `error` is a {@link ParseError} for structural problems or\n * `\"verification_failed\"` when the HMAC tag does not match any entry in the\n * signing keyring.\n */\nexport type SafeVerifyResult<Brand extends string> =\n  | { ok: true; id: Id<Brand> }\n  | { ok: false; error: ParseError | \"verification_failed\" };\n\n/**\n * Codec returned by {@link createSignedTimestampId}.\n *\n * Keeps the 6-byte millisecond timestamp **readable and sortable** like the\n * Timestamp codec, but replaces half of the 10-byte random tail with a truncated\n * HMAC tag, making IDs **tamper-evident and verifiable without a database lookup**.\n *\n * Byte layout: `ts6 ‖ rand5 ‖ tag5` where the 40-bit tag =\n * `trunc(HMAC-SHA256(hmacKey, brand ‖ ts6 ‖ rand5), 40)`.\n *\n * - Async (HMAC): `generate`, `generateAt`, `verify`, `safeVerify`.\n * - Sync (no key / plaintext timestamp): all other methods.\n */\nexport type SignedTimestampCodec<Brand extends string> = {\n  /** Produces a canonical ID signed with the current (first) key. */\n  generate(): Promise<Id<Brand>>;\n  /**\n   * Produces a canonical ID with timestamp from `date`, signed with the current key.\n   * Throws on invalid dates.\n   */\n  generateAt(date: Date): Promise<Id<Brand>>;\n  /**\n   * Recomputes the HMAC tag across every keyring entry.\n   *\n   * Throws `IdsError` with `code: \"verification_failed\"` if no entry matches.\n   * Tamper of the brand, timestamp bytes, or random bytes all fail here.\n   */\n  verify(id: Id<Brand>): Promise<void>;\n  /**\n   * Non-throwing path for untrusted input.\n   *\n   * Structurally parses `input` first (same rules as {@link safeParse}), then\n   * verifies the HMAC tag. Returns `{ ok: false, error }` on any failure —\n   * {@link ParseError} for structural problems or `\"verification_failed\"` for tag\n   * mismatch — without throwing.\n   */\n  safeVerify(input: unknown): Promise<SafeVerifyResult<Brand>>;\n  /**\n   * Decodes the creation `Date` from an `Id<Brand>`.\n   * Sync — the 6-byte timestamp is plaintext. Trusts the type; use `safeParse()` at boundaries first.\n   */\n  extractTimestamp(id: Id<Brand>): Date;\n  /**\n   * Tight lower bound sentinel for range scans (`ts(t) ‖ 0x00×10`).\n   * **Not verifiable** — carries no valid tag.\n   */\n  minIdForTime(date: Date): Id<Brand>;\n  /**\n   * Tight upper bound sentinel for range scans (`ts(t) ‖ 0xff×10`).\n   * **Not verifiable** — carries no valid tag.\n   */\n  maxIdForTime(date: Date): Id<Brand>;\n  /**\n   * Strict type guard: `true` only for already-canonical `Id<Brand>` strings.\n   * For untrusted input, use `safeParse()` or `safeVerify()` instead.\n   */\n  is(value: unknown): value is Id<Brand>;\n  /** Normalise to canonical form, or throw on parse failure. */\n  parse(value: unknown): Id<Brand>;\n  /** Normalise to canonical form, or return `{ ok: false, error }`. */\n  safeParse(value: unknown): ParseResult<Brand>;\n  /** JSON Schema for the canonical wire form (`pattern` is canonical-only). */\n  toJsonSchema(): JsonSchema;\n  /** Standard Schema validate entry point. */\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\n/**\n * Construct a {@link SignedTimestampCodec} for `brand`.\n *\n * `opts.keys` is a non-empty ordered signing keyring — the first entry is current\n * (used by `generate` / `generateAt`); all entries are tried on `verify` /\n * `safeVerify`; duplicate operator secrets are rejected at construction.\n *\n * @example\n * ```ts\n * const key = await importSigningKey(new Uint8Array(32));\n * const usr = createSignedTimestampId(\"usr\", { keys: [key] });\n *\n * const id = await usr.generate();        // Id<\"usr\">\n * await usr.verify(id);                   // passes\n * usr.extractTimestamp(id);               // Date — sync, timestamp is plaintext\n * ```\n */\nexport function createSignedTimestampId<Brand extends string>(\n  brand: Brand,\n  opts: SignedTimestampOptions,\n): SignedTimestampCodec<Brand> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n  assertValidKeyring(opts.keys, signingKeysEqual, \"signing\");\n\n  const hmacKeys = opts.keys.map(getSigningKeyHmacKey);\n  const now = opts.now ?? Date.now;\n  const rng = opts.rng ?? defaultRng;\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createSignedTimestampLayoutOps(prefix, brand, rng, hmacKeys);\n\n  return {\n    generate: () => layout.generateAt(now()),\n    generateAt: (date: Date) => layout.generateAt(date.getTime()),\n    verify: async (id) => {\n      const ok = await layout.tryVerify(id);\n      if (!ok) throw new IdsError(\"verification_failed\", \"verification failed\");\n    },\n    safeVerify: async (input) => {\n      const parsed = wire.safeParse(input);\n      if (!parsed.ok) return parsed;\n      const ok = await layout.tryVerify(parsed.id);\n      if (!ok) return { ok: false, error: \"verification_failed\" };\n      return { ok: true, id: parsed.id };\n    },\n    extractTimestamp: layout.extractTimestamp,\n    minIdForTime: (date: Date) => layout.minIdForTime(date.getTime()),\n    maxIdForTime: (date: Date) => layout.maxIdForTime(date.getTime()),\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;;;AAUA,MAAM,gBAAgB;AACtB,MAAM,eAAA;AACN,MAAM,YAAY;AAClB,MAAM,0BAA0B;AAEhC,eAAe,WACb,SACA,YACA,eACqB;CACrB,MAAM,UAAU,IAAI,WAAW,WAAW,SAAS,cAAc,MAAM;CACvE,QAAQ,IAAI,YAAY,CAAC;CACzB,QAAQ,IAAI,eAAe,WAAW,MAAM;CAI5C,OAAO,IAHe,WACpB,MAAM,OAAO,OAAO,KAAK,QAAQ,SAAS,OAAkC,CAE/D,CAAC,CAAC,SAAS,GAAG,aAAa;AAC5C;AAEA,SAAS,UAAU,GAAe,GAAwB;;CAExD,IAAI,EAAE,WAAW,EAAE,QAAQ,OAAO;CAClC,IAAI,OAAO;CACX,KAAK,IAAI,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK,QAAQ,EAAE,KAAM,EAAE;CACrD,OAAO,SAAS;AAClB;AAEA,SAAgB,+BACd,QACA,OACA,KACA,UACA;CACA,MAAM,UAAU,SAAS;CACzB,MAAM,aAAa,IAAI,YAAY,CAAC,CAAC,OAAO,KAAK;CACjD,MAAM,6BAAa,IAAI,WAAA,EAA4B;CAEnD,OAAO;EACL,YAAY,OAAO,OAAmC;GACpD,MAAM,yBAAS,IAAI,WAAA,EAA4B;GAC/C,eAAe,IAAI,MAAM;GACzB,IAAI,OAAO,SAAS,cAAc,SAAS,CAAC;GAC5C,MAAM,MAAM,MAAM,WAChB,SACA,YACA,OAAO,SAAS,GAAG,uBAAuB,CAC5C;GACA,OAAO,IAAI,KAAK,SAAS;GACzB,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,WAAW,OAAO,OAAoC;GACpD,MAAM,UAAU,mBAAmB,QAAQ,EAAE;GAC7C,MAAM,YAAY,QAAQ,SAAS,WAAA,EAA4B;GAC/D,MAAM,gBAAgB,QAAQ,SAAS,GAAG,uBAAuB;GACjE,KAAK,MAAM,WAAW,UAEpB,IAAI,UAAU,WAAW,MADF,WAAW,SAAS,YAAY,aAAa,CACnC,GAAG,OAAO;GAE7C,OAAO;EACT;EACA,mBAAmB,OACjB,IAAI,KAAK,gCAAgC,GAAG,MAAM,OAAO,MAAM,CAAC,CAAC;EACnE,eAAe,OAA0B;GACvC,eAAe,IAAI,UAAU;GAC7B,WAAW,KAAK,GAAM,cAAA,EAA+B;GACrD,OAAO,SAAS,QAAQ,UAAU;EACpC;EACA,eAAe,OAA0B;GACvC,eAAe,IAAI,UAAU;GAC7B,WAAW,KAAK,KAAM,cAAA,EAA+B;GACrD,OAAO,SAAS,QAAQ,UAAU;EACpC;EACA,qBAAiC,SAAS,IAAI,OAAO,mBAAmB;CAC1E;AACF;;;ACxEA,MAAM,WAAW,IAAI,YAAY,CAAC,CAAC,OAAO,2BAA2B;AAErE,MAAM,sBAAsB;AAyB5B,MAAM,4BAAY,IAAI,QAAyC;;;;;;;;;;;;AAa/D,eAAsB,iBAAiB,OAAwC;CAC7E,iCAAiC,MAAM,QAAQ,SAAS;CACxD,MAAM,CAAC,SAAS,gBAAgB,MAAM,QAAQ,IAAI,CAChD,cAAc,KAAK,GACnB,OAAO,OAAO,OAAO,WAAW,KAAgC,CAClE,CAAC;CACD,MAAM,MAAM,OAAO,OAAO,CAAC,CAAC;CAC5B,UAAU,IAAI,KAAK;EAAE,WAAW,IAAI,WAAW,YAAY;EAAG;CAAQ,CAAC;CACvE,OAAO;AACT;;;;;;;;;;AAWA,SAAgB,iBAAiB,OAAmB,QAAkC;CACpF,OAAO,kBAAkB,OAAO,QAAQ,WAAW,SAAS;AAC9D;;;;;;;;;;AAWA,SAAgB,iBAAiB,SAAiB,QAAsC;CACtF,OAAO,kBAAkB,SAAS,QAAQ,WAAW,SAAS;AAChE;;;;;;;AAQA,SAAgB,iBAAiB,GAAe,GAAwB;CACtE,MAAM,UAAU,uBAAuB,CAAC,CAAC,CAAC;CAC1C,MAAM,UAAU,uBAAuB,CAAC,CAAC,CAAC;CAC1C,IAAI,OAAO;CACX,KAAK,IAAI,IAAI,GAAG,IAAI,qBAAqB,KACvC,QAAQ,QAAQ,KAAM,QAAQ;CAEhC,OAAO,SAAS;AAClB;;;;;;;AAQA,SAAgB,qBAAqB,KAA4B;CAC/D,OAAO,uBAAuB,GAAG,CAAC,CAAC;AACrC;AAEA,SAAS,uBAAuB,KAAsC;CACpE,MAAM,eAAe,UAAU,IAAI,GAAG;CACtC,IAAI,iBAAiB,KAAA,GACnB,MAAM,IAAI,MAAM,qBAAqB;CAEvC,OAAO;AACT;AAEA,eAAe,cAAc,OAAuC;CAClE,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,sBAAM,IAAI,WAAW;EAAG,MAAM;CAAS,GACxE,MACA;EAAE,MAAM;EAAQ,MAAM;EAAW,QAAQ;CAAI,GAC7C,OACA,CAAC,QAAQ,QAAQ,CACnB;AACF;;;;;;;;;;;;;;;;;;;;ACWA,SAAgB,wBACd,OACA,MAC6B;CAC7B,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAC7C,mBAAmB,KAAK,MAAM,kBAAkB,SAAS;CAEzD,MAAM,WAAW,KAAK,KAAK,IAAI,oBAAoB;CACnD,MAAM,MAAM,KAAK,OAAO,KAAK;CAC7B,MAAM,MAAM,KAAK,OAAO;CACxB,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,+BAA+B,QAAQ,OAAO,KAAK,QAAQ;CAE1E,OAAO;EACL,gBAAgB,OAAO,WAAW,IAAI,CAAC;EACvC,aAAa,SAAe,OAAO,WAAW,KAAK,QAAQ,CAAC;EAC5D,QAAQ,OAAO,OAAO;GAEpB,IAAI,CAAC,MADY,OAAO,UAAU,EAAE,GAC3B,MAAM,IAAI,SAAS,uBAAuB,qBAAqB;EAC1E;EACA,YAAY,OAAO,UAAU;GAC3B,MAAM,SAAS,KAAK,UAAU,KAAK;GACnC,IAAI,CAAC,OAAO,IAAI,OAAO;GAEvB,IAAI,CAAC,MADY,OAAO,UAAU,OAAO,EAAE,GAClC,OAAO;IAAE,IAAI;IAAO,OAAO;GAAsB;GAC1D,OAAO;IAAE,IAAI;IAAM,IAAI,OAAO;GAAG;EACnC;EACA,kBAAkB,OAAO;EACzB,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,CAAC;EACnE,aAAa,KAAK;CACpB;AACF"}

package/dist/timestamp-BbZL8hwg.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"timestamp-BbZL8hwg.mjs","names":[],"sources":["../src/layouts/timestamp.ts","../src/timestamp.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { toWireId } from \"../wire/envelope.js\";\nimport { payloadByteLength } from \"../wire/invariants.js\";\nimport {\n  readTimestampMsFromBase32Suffix,\n  timestampByteLength,\n  writeTimestamp,\n} from \"../wire/timestamp-bytes.js\";\n\nconst randomByteLength: number = payloadByteLength - timestampByteLength;\n\n/** Writes a 16-byte timestamp-layout payload into codec-owned scratch. */\nfunction buildPayload(\n  ms: number,\n  rng: (target: Uint8Array) => void,\n  buffer: Uint8Array,\n  randomView: Uint8Array,\n): void {\n  writeTimestamp(ms, buffer);\n  rng(randomView);\n}\n\n/** Writes sentinel min/max random bytes into codec-owned scratch. */\nfunction buildSentinelPayload(\n  ms: number,\n  fill: number,\n  buffer: Uint8Array,\n  randomView: Uint8Array,\n): void {\n  writeTimestamp(ms, buffer);\n  randomView.fill(fill);\n}\n\n/** Decodes the creation timestamp from a trusted wire ID. */\nfunction extractTimestampFromId<Brand extends string>(prefix: Prefix<Brand>, id: Id<Brand>): Date {\n  return new Date(readTimestampMsFromBase32Suffix(id.slice(prefix.length)));\n}\n\n/** Layout ops binder for the Timestamp variant. `extractTimestampFromId` is module-private; the binder exposes `extractTimestamp` for the codec constructor. */\nexport function createTimestampLayoutOps<Brand extends string>(\n  prefix: Prefix<Brand>,\n  rng: (target: Uint8Array) => void,\n) {\n  // Per-codec scratch buffer. Shared across generateAt(), minIdForTime(),\n  // maxIdForTime(), and exampleWireId() — all are synchronous and overwrite both\n  // the timestamp and random slices before encoding, so successive callers see\n  // their own freshly-written bytes. toWireId reads the buffer and returns an\n  // independent string, so the caller never sees the buffer itself.\n  const buffer = new Uint8Array(payloadByteLength);\n  const randomView = new Uint8Array(buffer.buffer, timestampByteLength, randomByteLength);\n\n  return {\n    generateAt: (ms: number): Id<Brand> => {\n      buildPayload(ms, rng, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    extractTimestamp: (id: Id<Brand>): Date => extractTimestampFromId(prefix, id),\n    minIdForTime: (ms: number): Id<Brand> => {\n      buildSentinelPayload(ms, 0x00, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    maxIdForTime: (ms: number): Id<Brand> => {\n      buildSentinelPayload(ms, 0xff, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n    exampleWireId: (ms: number): Id<Brand> => {\n      buildPayload(ms, rng, buffer, randomView);\n      return toWireId(prefix, buffer);\n    },\n  };\n}\n","import { validateBrand } from \"./brand.js\";\nimport { createTimestampLayoutOps } from \"./layouts/timestamp.js\";\nimport { registerBrand } from \"./registry.js\";\nimport type { Id, JsonSchema, ParseResult, Prefix, StandardSchemaProps } from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\n\n/**\n * Configuration options for a codec instance.\n */\nexport type TimestampOptions = {\n  /** Returns the current timestamp in milliseconds. Defaults to `Date.now`. */\n  now?: () => number;\n  /** Writes random bytes into `target` for ID generation. Defaults to a `crypto.randomUUID` fast path. */\n  rng?: (target: Uint8Array) => void;\n  /** If true, silences the duplicate-brand warning in non-production environments. */\n  allowDuplicateBrand?: boolean;\n};\n\ntype ResolvedTimestampOptions = Required<Pick<TimestampOptions, \"now\" | \"rng\">> &\n  Pick<TimestampOptions, \"allowDuplicateBrand\">;\n\n/**\n * A brand-scoped codec for generating and validating public-facing IDs.\n *\n * Wire format: `{brand}_` plus 26 lowercase Crockford base32 characters encoding a\n * 16-byte payload (6-byte ms timestamp + 10 random bytes). IDs sort by creation\n * time in ascending order.\n *\n * For encrypted IDs, use `createOpaqueTimestampId` from `@smonn/ids/opaque`.\n */\nexport type TimestampCodec<Brand extends string> = {\n  /** Produces a new canonical ID using the codec's `now` and `rng`. */\n  generate(): Id<Brand>;\n  /** Produces a new canonical ID with timestamp bytes from `date` and a fresh random tail. Throws on invalid dates. */\n  generateAt(date: Date): Id<Brand>;\n  /**\n   * Strict type guard: `true` only for already-canonical strings for this brand.\n   * For untrusted input, use `safeParse()` or `parse()` instead. See ADR-0003.\n   */\n  is(value: unknown): value is Id<Brand>;\n  /**\n   * Lenient parse: normalises case and Crockford aliases, returns canonical `Id<Brand>`, or throws.\n   */\n  parse(value: unknown): Id<Brand>;\n  /**\n   * Lenient parse without throwing: normalises to canonical form, or returns `{ ok: false, error }`.\n   */\n  safeParse(value: unknown): ParseResult<Brand>;\n  /**\n   * Decodes the creation `Date` from an `Id<Brand>`. Trusts the type — use `safeParse()` at boundaries first. See ADR-0002.\n   */\n  extractTimestamp(id: Id<Brand>): Date;\n  /** Tight lower bound for any ID generated at `date` (random portion `0x00`). Throws on invalid dates. */\n  minIdForTime(date: Date): Id<Brand>;\n  /** Tight upper bound for any ID generated at `date` (random portion `0xff`). Throws on invalid dates. */\n  maxIdForTime(date: Date): Id<Brand>;\n  /** JSON Schema for the canonical wire form (`pattern` is canonical-only). */\n  toJsonSchema(): JsonSchema;\n  /** Standard Schema validate entry point. */\n  readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\n// hex charCode → 0–15 nibble, for decoding UUIDv4 strings into bytes.\n// Covers ['0'-'9' = 48–57] and ['a'-'f' = 97–102]; UUIDs are lowercase per spec.\nconst hexCharCodeToNibble = new Uint8Array(128);\nfor (let i = 0; i < 10; i++) hexCharCodeToNibble[48 + i] = i;\nfor (let i = 0; i < 6; i++) hexCharCodeToNibble[97 + i] = 10 + i;\n\nconst defaultTimestampOptions: ResolvedTimestampOptions = {\n  now: Date.now,\n  // crypto.randomUUID is ~7× faster than crypto.getRandomValues in Node 24\n  // (~84 ns vs ~610 ns for a 16-byte fill — likely because the UUID path has\n  // a tight fixed-format fast path). We use the 122 random bits of a UUIDv4\n  // string as our entropy source, harvesting 10 fully-random bytes from\n  // positions where no version (hex 12) or variant (hex 16) bits sit.\n  // String layout: \"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx\" — bytes 0–5 are\n  // string[0..7]+string[9..12], bytes 6–9 are string[24..31].\n  rng: (target) => {\n    const s = crypto.randomUUID();\n    target[0] =\n      (hexCharCodeToNibble[s.charCodeAt(0)]! << 4) | hexCharCodeToNibble[s.charCodeAt(1)]!;\n    target[1] =\n      (hexCharCodeToNibble[s.charCodeAt(2)]! << 4) | hexCharCodeToNibble[s.charCodeAt(3)]!;\n    target[2] =\n      (hexCharCodeToNibble[s.charCodeAt(4)]! << 4) | hexCharCodeToNibble[s.charCodeAt(5)]!;\n    target[3] =\n      (hexCharCodeToNibble[s.charCodeAt(6)]! << 4) | hexCharCodeToNibble[s.charCodeAt(7)]!;\n    target[4] =\n      (hexCharCodeToNibble[s.charCodeAt(9)]! << 4) | hexCharCodeToNibble[s.charCodeAt(10)]!;\n    target[5] =\n      (hexCharCodeToNibble[s.charCodeAt(11)]! << 4) | hexCharCodeToNibble[s.charCodeAt(12)]!;\n    target[6] =\n      (hexCharCodeToNibble[s.charCodeAt(24)]! << 4) | hexCharCodeToNibble[s.charCodeAt(25)]!;\n    target[7] =\n      (hexCharCodeToNibble[s.charCodeAt(26)]! << 4) | hexCharCodeToNibble[s.charCodeAt(27)]!;\n    target[8] =\n      (hexCharCodeToNibble[s.charCodeAt(28)]! << 4) | hexCharCodeToNibble[s.charCodeAt(29)]!;\n    target[9] =\n      (hexCharCodeToNibble[s.charCodeAt(30)]! << 4) | hexCharCodeToNibble[s.charCodeAt(31)]!;\n  },\n};\n\n/**\n * Creates a codec for `brand` (three lowercase a–z characters).\n *\n * @param brand - Entity type brand validated once at construction.\n * @param opts - Optional `now`, `rng`, and `allowDuplicateBrand` overrides.\n */\nexport function createTimestampId<Brand extends string>(\n  brand: Brand,\n  opts: TimestampOptions = {},\n): TimestampCodec<Brand> {\n  validateBrand(brand);\n  registerBrand(brand, opts.allowDuplicateBrand);\n\n  const options = {\n    now: opts.now ?? defaultTimestampOptions.now,\n    rng: opts.rng ?? defaultTimestampOptions.rng,\n  } satisfies ResolvedTimestampOptions;\n\n  const prefix: Prefix<Brand> = `${brand}_`;\n  const wire = wireMethods(prefix);\n  const layout = createTimestampLayoutOps(prefix, options.rng);\n\n  return {\n    generate: () => layout.generateAt(options.now()),\n    generateAt: (date: Date) => layout.generateAt(date.getTime()),\n    is: wire.is,\n    parse: wire.parse,\n    safeParse: wire.safeParse,\n    extractTimestamp: layout.extractTimestamp,\n    minIdForTime: (date: Date) => layout.minIdForTime(date.getTime()),\n    maxIdForTime: (date: Date) => layout.maxIdForTime(date.getTime()),\n    toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId(options.now())),\n    \"~standard\": wire[\"~standard\"],\n  };\n}\n"],"mappings":";;;AASA,MAAM,mBAAA;;AAGN,SAAS,aACP,IACA,KACA,QACA,YACM;CACN,eAAe,IAAI,MAAM;CACzB,IAAI,UAAU;AAChB;;AAGA,SAAS,qBACP,IACA,MACA,QACA,YACM;CACN,eAAe,IAAI,MAAM;CACzB,WAAW,KAAK,IAAI;AACtB;;AAGA,SAAS,uBAA6C,QAAuB,IAAqB;CAChG,OAAO,IAAI,KAAK,gCAAgC,GAAG,MAAM,OAAO,MAAM,CAAC,CAAC;AAC1E;;AAGA,SAAgB,yBACd,QACA,KACA;CAMA,MAAM,yBAAS,IAAI,WAAA,EAA4B;CAC/C,MAAM,aAAa,IAAI,WAAW,OAAO,QAAA,GAA6B,gBAAgB;CAEtF,OAAO;EACL,aAAa,OAA0B;GACrC,aAAa,IAAI,KAAK,QAAQ,UAAU;GACxC,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,mBAAmB,OAAwB,uBAAuB,QAAQ,EAAE;EAC5E,eAAe,OAA0B;GACvC,qBAAqB,IAAI,GAAM,QAAQ,UAAU;GACjD,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,eAAe,OAA0B;GACvC,qBAAqB,IAAI,KAAM,QAAQ,UAAU;GACjD,OAAO,SAAS,QAAQ,MAAM;EAChC;EACA,gBAAgB,OAA0B;GACxC,aAAa,IAAI,KAAK,QAAQ,UAAU;GACxC,OAAO,SAAS,QAAQ,MAAM;EAChC;CACF;AACF;;;ACNA,MAAM,sCAAsB,IAAI,WAAW,GAAG;AAC9C,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,KAAK,oBAAoB,KAAK,KAAK;AAC3D,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KAAK,oBAAoB,KAAK,KAAK,KAAK;AAE/D,MAAM,0BAAoD;CACxD,KAAK,KAAK;CAQV,MAAM,WAAW;EACf,MAAM,IAAI,OAAO,WAAW;EAC5B,OAAO,KACJ,oBAAoB,EAAE,WAAW,CAAC,MAAO,IAAK,oBAAoB,EAAE,WAAW,CAAC;EACnF,OAAO,KACJ,oBAAoB,EAAE,WAAW,CAAC,MAAO,IAAK,oBAAoB,EAAE,WAAW,CAAC;EACnF,OAAO,KACJ,oBAAoB,EAAE,WAAW,CAAC,MAAO,IAAK,oBAAoB,EAAE,WAAW,CAAC;EACnF,OAAO,KACJ,oBAAoB,EAAE,WAAW,CAAC,MAAO,IAAK,oBAAoB,EAAE,WAAW,CAAC;EACnF,OAAO,KACJ,oBAAoB,EAAE,WAAW,CAAC,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;EACpF,OAAO,KACJ,oBAAoB,EAAE,WAAW,EAAE,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;EACrF,OAAO,KACJ,oBAAoB,EAAE,WAAW,EAAE,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;EACrF,OAAO,KACJ,oBAAoB,EAAE,WAAW,EAAE,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;EACrF,OAAO,KACJ,oBAAoB,EAAE,WAAW,EAAE,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;EACrF,OAAO,KACJ,oBAAoB,EAAE,WAAW,EAAE,MAAO,IAAK,oBAAoB,EAAE,WAAW,EAAE;CACvF;AACF;;;;;;;AAQA,SAAgB,kBACd,OACA,OAAyB,CAAC,GACH;CACvB,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAE7C,MAAM,UAAU;EACd,KAAK,KAAK,OAAO,wBAAwB;EACzC,KAAK,KAAK,OAAO,wBAAwB;CAC3C;CAEA,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,yBAAyB,QAAQ,QAAQ,GAAG;CAE3D,OAAO;EACL,gBAAgB,OAAO,WAAW,QAAQ,IAAI,CAAC;EAC/C,aAAa,SAAe,OAAO,WAAW,KAAK,QAAQ,CAAC;EAC5D,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,kBAAkB,OAAO;EACzB,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,eAAe,SAAe,OAAO,aAAa,KAAK,QAAQ,CAAC;EAChE,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,QAAQ,IAAI,CAAC,CAAC;EAChF,aAAa,KAAK;CACpB;AACF"}

package/dist/timestamp-bytes-DoFjLjDp.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"timestamp-bytes-DoFjLjDp.mjs","names":[],"sources":["../src/wire/timestamp-bytes.ts"],"sourcesContent":["import { decodeBase32 } from \"../base32.js\";\n\n// Timestamp byte layout: first N bytes of the plaintext payload encode a\n// big-endian Unix-ms timestamp. Shared by timestamp-family layouts.\nexport const timestampByteLength: number = 6;\n\nconst timestampBase32Length: number = Math.ceil((timestampByteLength * 8) / 5);\n\n/** Write the timestamp in big-endian; encoded via mod-256 to avoid 32-bit bitwise coercion. */\nexport function writeTimestamp(ms: number, buffer: Uint8Array): void {\n  if (Number.isNaN(ms)) throw new Error(\"timestamp is not a number\");\n  if (!Number.isInteger(ms)) throw new Error(\"timestamp is not an integer\");\n  if (ms < 0) throw new Error(\"timestamp is negative\");\n  if (ms >= 2 ** (timestampByteLength * 8)) {\n    throw new Error(\"timestamp exceeds 48-bit range\");\n  }\n  for (let i = timestampByteLength - 1; i >= 0; i--) {\n    buffer[i] = ms % 256;\n    ms = Math.floor(ms / 256);\n  }\n}\n\n/** Decode the first `timestampByteLength` bytes of a buffer as a big-endian unsigned millisecond timestamp. */\nexport function readTimestampMs(buffer: Uint8Array): number {\n  let ms = 0;\n  for (let i = 0; i < timestampByteLength; i++) ms = ms * 256 + buffer[i]!;\n  return ms;\n}\n\n/** Decodes ms from the first 10 base32 chars of a payload suffix (partial decode). */\nexport function readTimestampMsFromBase32Suffix(base32Suffix: string): number {\n  return readTimestampMs(decodeBase32(base32Suffix.slice(0, timestampBase32Length)));\n}\n"],"mappings":";AAMA,MAAM,wBAAgC,KAAK,KAAA,KAAiC,CAAC;;AAG7E,SAAgB,eAAe,IAAY,QAA0B;CACnE,IAAI,OAAO,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,2BAA2B;CACjE,IAAI,CAAC,OAAO,UAAU,EAAE,GAAG,MAAM,IAAI,MAAM,6BAA6B;CACxE,IAAI,KAAK,GAAG,MAAM,IAAI,MAAM,uBAAuB;CACnD,IAAI,MAAM,KAAA,IACR,MAAM,IAAI,MAAM,gCAAgC;CAElD,KAAK,IAAI,IAAA,GAA6B,KAAK,GAAG,KAAK;EACjD,OAAO,KAAK,KAAK;EACjB,KAAK,KAAK,MAAM,KAAK,GAAG;CAC1B;AACF;;AAGA,SAAgB,gBAAgB,QAA4B;CAC1D,IAAI,KAAK;CACT,KAAK,IAAI,IAAI,GAAG,IAAA,GAAyB,KAAK,KAAK,KAAK,MAAM,OAAO;CACrE,OAAO;AACT;;AAGA,SAAgB,gCAAgC,cAA8B;CAC5E,OAAO,gBAAgB,aAAa,aAAa,MAAM,GAAG,qBAAqB,CAAC,CAAC;AACnF"}