@taquito/sapling 14.0.0-beta-RC.0

package/dist/taquito-sapling.es6.js

@@ -0,0 +1,1456 @@
+import BigNumber from 'bignumber.js';
+import { MichelCodecPacker } from '@taquito/taquito';
+import { b58cencode, prefix, Prefix, bytes2Char, toHexBuf, char2Bytes, hex2buf, mergebuf, hex2Bytes, num2PaddedHex, b58cdecode, ValidationResult, format, validateKeyHash, InvalidAddressError, InvalidKeyError } from '@taquito/utils';
+import * as sapling from '@airgap/sapling-wasm';
+import { merkleHash } from '@airgap/sapling-wasm';
+import blake from 'blakejs';
+import { openSecretBox, secretBox } from '@stablelib/nacl';
+import { randomBytes } from '@stablelib/random';
+import * as bip39 from 'bip39';
+import toBuffer from 'typedarray-to-buffer';
+import pbkdf2 from 'pbkdf2';
+
+/******************************************************************************
+Copyright (c) Microsoft Corporation.
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
+***************************************************************************** */
+
+function __rest(s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+}
+
+function __awaiter(thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+}
+
+function __classPrivateFieldGet(receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+}
+
+function __classPrivateFieldSet(receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+}
+
+/**
+ *  @category Error
+ *  @description Error indicating that the spending key is invalid
+ */
+class InvalidSpendingKey extends Error {
+    constructor(sk, reason = 'The spending key is invalid') {
+        super(`${reason}: ${sk}`);
+        this.name = 'InvalidSpendingKey';
+    }
+}
+/**
+ *  @category Error
+ *  @description Error that indicates an invalid Merkle root being passed
+ */
+class InvalidMerkleRootError extends Error {
+    constructor(root) {
+        super(`The following Merkle tree is invalid: ${JSON.stringify(root)}`);
+        this.root = root;
+        this.name = 'InvalidMerkleRootError';
+    }
+}
+/**
+ *  @category Error
+ *  @description Error that indicates a failure when trying to construct the Merkle tree
+ */
+class TreeConstructionFailure extends Error {
+    constructor(message) {
+        super(message);
+        this.message = message;
+        this.name = 'TreeConstructionFailure';
+    }
+}
+/**
+ *  @category Error
+ *  @description Error indicating that the memo is invalid
+ */
+class InvalidMemo extends Error {
+    constructor(memo, errorDetail) {
+        super(`The memo '${memo}' is invalid. ${errorDetail}`);
+        this.name = 'InvalidMemo';
+    }
+}
+/**
+ *  @category Error
+ *  @description Error indicating that there is not enough balance to prepare the sapling transaction
+ */
+class InsufficientBalance extends Error {
+    constructor(realBalance, amountToSpend) {
+        super(`Unable to spend ${amountToSpend} mutez while the balance is only ${realBalance} mutez.`);
+        this.name = 'InsufficientBalance';
+    }
+}
+/**
+ *  @category Error
+ *  @description Error indicating that a parameter is invalid
+ */
+class InvalidParameter extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'InvalidParameter';
+    }
+}
+
+function memoHexToUtf8(memo) {
+    const memoNoPadding = removeZeroPaddedBytesRight(memo);
+    return memoNoPadding === '' ? memoNoPadding : bytes2Char(memoNoPadding);
+}
+function removeZeroPaddedBytesRight(memo) {
+    const matchZeroRight = memo.match(/^(.*?)(00)+$/);
+    return matchZeroRight ? matchZeroRight[1] : memo;
+}
+function readableFormat(saplingTransactionProperties) {
+    return {
+        value: convertValueToBigNumber(saplingTransactionProperties.value),
+        memo: memoHexToUtf8(Buffer.from(saplingTransactionProperties.memo).toString('hex')),
+        paymentAddress: b58cencode(saplingTransactionProperties.paymentAddress, prefix[Prefix.ZET1]),
+    };
+}
+function convertValueToBigNumber(value) {
+    return new BigNumber(Buffer.from(value).toString('hex'), 16);
+}
+function bufToUint8Array(buffer) {
+    return new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength / Uint8Array.BYTES_PER_ELEMENT);
+}
+
+class SaplingForger {
+    /**
+     * @description Forge sapling transactions
+     * @param spendDescriptions the list of spend descriptions
+     * @param outputDescriptions the list of output descriptions
+     * @param signature signature hash
+     * @param balance balance of the Sapling contract (input/output difference)
+     * @param root root of the merkle tree
+     * @returns Forged sapling transaction of type Buffer
+     */
+    forgeSaplingTransaction(tx) {
+        const spendBuf = this.forgeSpendDescriptions(tx.inputs);
+        const spend = Buffer.concat([toHexBuf(spendBuf.length, 32), spendBuf]);
+        const outputBuf = this.forgeOutputDescriptions(tx.outputs);
+        const output = Buffer.concat([toHexBuf(outputBuf.length, 32), outputBuf]);
+        const root = Buffer.from(tx.root, 'hex');
+        return Buffer.concat([
+            spend,
+            output,
+            tx.signature,
+            toHexBuf(tx.balance, 64),
+            root,
+            toHexBuf(tx.boundData.length, 32),
+            tx.boundData,
+        ]);
+    }
+    /**
+     * @description Forge list of spend descriptions
+     * @param spendDescriptions list of spend descriptions
+     * @returns concatenated forged bytes of type Buffer
+     */
+    forgeSpendDescriptions(spendDescriptions) {
+        const descriptions = [];
+        for (const i of spendDescriptions) {
+            const buff = this.forgeSpendDescription(i);
+            descriptions.push(buff);
+        }
+        return Buffer.concat(descriptions);
+    }
+    forgeSpendDescription(desc) {
+        return Buffer.concat([
+            desc.commitmentValue,
+            desc.nullifier,
+            desc.publicKeyReRandomization,
+            desc.proof,
+            desc.signature,
+        ]);
+    }
+    /**
+     * @description Forge list of output descriptions
+     * @param outputDescriptions list of output descriptions
+     * @returns concatenated forged bytes of type Buffer
+     */
+    forgeOutputDescriptions(outputDescriptions) {
+        const descriptions = [];
+        for (const i of outputDescriptions) {
+            const buff = this.forgeOutputDescription(i);
+            descriptions.push(buff);
+        }
+        return Buffer.concat(descriptions);
+    }
+    forgeOutputDescription(desc) {
+        const ct = desc.ciphertext;
+        return Buffer.concat([
+            desc.commitment,
+            desc.proof,
+            ct.commitmentValue,
+            ct.ephemeralPublicKey,
+            toHexBuf(ct.payloadEnc.length, 32),
+            ct.payloadEnc,
+            ct.nonceEnc,
+            ct.payloadOut,
+            ct.nonceOut,
+        ]);
+    }
+    forgeUnsignedTxInput(unsignedSpendDescription) {
+        return Buffer.concat([
+            unsignedSpendDescription.commitmentValue,
+            unsignedSpendDescription.nullifier,
+            unsignedSpendDescription.publicKeyReRandomization,
+            unsignedSpendDescription.proof,
+        ]);
+    }
+    forgeTransactionPlaintext(txPlainText) {
+        const encodedMemo = Buffer.from(char2Bytes(txPlainText.memo).padEnd(txPlainText.memoSize, '0'), 'hex');
+        return Buffer.concat([
+            txPlainText.diversifier,
+            toHexBuf(new BigNumber(txPlainText.amount), 64),
+            txPlainText.randomCommitmentTrapdoor,
+            toHexBuf(txPlainText.memoSize, 32),
+            encodedMemo,
+        ]);
+    }
+}
+
+const KDF_KEY = 'KDFSaplingForTezosV1';
+const OCK_KEY = 'OCK_keystringderivation_TEZOS';
+const DEFAULT_MEMO = '';
+const DEFAULT_BOUND_DATA = Buffer.from('', 'hex');
+
+var _viewingKeyProvider, _readProvider$2, _saplingContractId;
+/**
+ * @description Allows to retrieve and decrypt sapling transactions using on a viewing key
+ *
+ * @param inMemoryViewingKey Holds the sapling viewing key
+ * @param saplingContractId Address of the sapling contract or sapling id if the smart contract contains multiple sapling states
+ * @param readProvider Allows to read data from the blockchain
+ */
+class SaplingTransactionViewer {
+    constructor(inMemoryViewingKey, saplingContractId, readProvider) {
+        _viewingKeyProvider.set(this, void 0);
+        _readProvider$2.set(this, void 0);
+        _saplingContractId.set(this, void 0);
+        __classPrivateFieldSet(this, _viewingKeyProvider, inMemoryViewingKey);
+        __classPrivateFieldSet(this, _saplingContractId, saplingContractId);
+        __classPrivateFieldSet(this, _readProvider$2, readProvider);
+    }
+    /**
+     * @description Retrieve the unspent balance associated with the configured viewing key and sapling state
+     *
+     * @returns the balance in mutez represented as a BigNumber
+     *
+     */
+    getBalance() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let balance = new BigNumber(0);
+            const { commitments_and_ciphertexts, nullifiers } = yield this.getSaplingDiff();
+            for (let i = 0; i < commitments_and_ciphertexts.length; i++) {
+                const decrypted = yield this.decryptCiphertextAsReceiver(commitments_and_ciphertexts[i]);
+                if (decrypted) {
+                    const valueBigNumber = convertValueToBigNumber(decrypted.value);
+                    const isSpent = yield this.isSpent(decrypted.paymentAddress, valueBigNumber.toString(), decrypted.randomCommitmentTrapdoor, i, nullifiers);
+                    if (!isSpent) {
+                        balance = balance.plus(valueBigNumber);
+                    }
+                }
+            }
+            return balance;
+        });
+    }
+    /**
+     * @description Retrieve all the incoming and outgoing transactions associated with the configured viewing key.
+     * The response properties are in Uint8Array format; use the getIncomingAndOutgoingTransactions method for readable properties
+     *
+     */
+    getIncomingAndOutgoingTransactionsRaw() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const incoming = [];
+            const outgoing = [];
+            const { commitments_and_ciphertexts, nullifiers } = yield this.getSaplingDiff();
+            for (let i = 0; i < commitments_and_ciphertexts.length; i++) {
+                const decryptedAsReceiver = yield this.decryptCiphertextAsReceiver(commitments_and_ciphertexts[i]);
+                const decryptedAsSender = yield this.decryptCiphertextAsSender(commitments_and_ciphertexts[i]);
+                if (decryptedAsReceiver) {
+                    const balance = convertValueToBigNumber(decryptedAsReceiver.value);
+                    const isSpent = yield this.isSpent(decryptedAsReceiver.paymentAddress, balance.toString(), decryptedAsReceiver.randomCommitmentTrapdoor, i, nullifiers);
+                    incoming.push(Object.assign(Object.assign({}, decryptedAsReceiver), { isSpent, position: i }));
+                }
+                if (decryptedAsSender) {
+                    outgoing.push(decryptedAsSender);
+                }
+            }
+            return {
+                incoming,
+                outgoing,
+            };
+        });
+    }
+    /**
+     * @description Retrieve all the incoming and outgoing decoded transactions associated with the configured viewing key
+     *
+     */
+    getIncomingAndOutgoingTransactions() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const tx = yield this.getIncomingAndOutgoingTransactionsRaw();
+            const incoming = tx.incoming.map((_a) => {
+                var { isSpent } = _a, rest = __rest(_a, ["isSpent"]);
+                return Object.assign(Object.assign({}, readableFormat(rest)), { isSpent });
+            });
+            const outgoing = tx.outgoing.map((outgoingTx) => {
+                return readableFormat(outgoingTx);
+            });
+            return { incoming, outgoing };
+        });
+    }
+    getSaplingDiff() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let saplingDiffResponse;
+            if (__classPrivateFieldGet(this, _saplingContractId).saplingId) {
+                saplingDiffResponse = yield __classPrivateFieldGet(this, _readProvider$2).getSaplingDiffById({ id: __classPrivateFieldGet(this, _saplingContractId).saplingId }, 'head');
+            }
+            else if (__classPrivateFieldGet(this, _saplingContractId).contractAddress) {
+                saplingDiffResponse = yield __classPrivateFieldGet(this, _readProvider$2).getSaplingDiffByContract(__classPrivateFieldGet(this, _saplingContractId).contractAddress, 'head');
+            }
+            else {
+                throw new InvalidParameter('A contract address or a sapling id was expected in the SaplingTransactionViewer constructor.');
+            }
+            return saplingDiffResponse;
+        });
+    }
+    decryptCiphertextAsReceiver(commitmentsAndCiphertexts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const commitment = commitmentsAndCiphertexts[0];
+            const { epk, payload_enc, nonce_enc } = commitmentsAndCiphertexts[1];
+            const incomingViewingKey = yield __classPrivateFieldGet(this, _viewingKeyProvider).getIncomingViewingKey();
+            const keyAgreement = yield sapling.keyAgreement(epk, incomingViewingKey);
+            const keyAgreementHash = blake.blake2b(keyAgreement, Buffer.from(KDF_KEY), 32);
+            const decrypted = yield this.decryptCiphertext(keyAgreementHash, hex2buf(nonce_enc), hex2buf(payload_enc));
+            if (decrypted) {
+                const { diversifier, value, randomCommitmentTrapdoor: rcm, memo, } = this.extractTransactionProperties(decrypted);
+                const paymentAddress = bufToUint8Array(yield sapling.getRawPaymentAddressFromIncomingViewingKey(incomingViewingKey, diversifier));
+                try {
+                    const valid = yield sapling.verifyCommitment(commitment, paymentAddress, convertValueToBigNumber(value).toString(), rcm);
+                    if (valid) {
+                        return { value, memo, paymentAddress, randomCommitmentTrapdoor: rcm };
+                    }
+                }
+                catch (ex) {
+                    if (!/invalid value/.test(ex)) {
+                        throw ex;
+                    }
+                }
+            }
+        });
+    }
+    decryptCiphertextAsSender(commitmentsAndCiphertexts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const commitment = commitmentsAndCiphertexts[0];
+            const { epk, payload_enc, nonce_enc, payload_out, nonce_out, cv } = commitmentsAndCiphertexts[1];
+            const outgoingViewingKey = yield __classPrivateFieldGet(this, _viewingKeyProvider).getOutgoingViewingKey();
+            const concat = cv.concat(commitment, epk, outgoingViewingKey.toString('hex'));
+            const outgoingCipherKey = blake.blake2b(Buffer.from(concat, 'hex'), Buffer.from(OCK_KEY), 32);
+            const decryptedOut = yield this.decryptCiphertext(outgoingCipherKey, hex2buf(nonce_out), hex2buf(payload_out));
+            if (decryptedOut) {
+                const { recipientDiversifiedTransmissionKey: pkd, ephemeralPrivateKey: esk } = this.extractPkdAndEsk(decryptedOut);
+                const keyAgreement = yield sapling.keyAgreement(pkd, esk);
+                const keyAgreementHash = blake.blake2b(keyAgreement, Buffer.from(KDF_KEY), 32);
+                const decryptedEnc = yield this.decryptCiphertext(keyAgreementHash, hex2buf(nonce_enc), hex2buf(payload_enc));
+                if (decryptedEnc) {
+                    const { diversifier, value, randomCommitmentTrapdoor: rcm, memo, } = this.extractTransactionProperties(decryptedEnc);
+                    const paymentAddress = mergebuf(diversifier, pkd);
+                    try {
+                        const isValid = yield sapling.verifyCommitment(commitment, paymentAddress, convertValueToBigNumber(value).toString(), rcm);
+                        if (isValid) {
+                            return { value, memo, paymentAddress, randomCommitmentTrapdoor: rcm };
+                        }
+                    }
+                    catch (ex) {
+                        if (!/invalid value/.test(ex)) {
+                            throw ex;
+                        }
+                    }
+                }
+            }
+        });
+    }
+    decryptCiphertext(keyAgreementHash, nonce, payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return openSecretBox(keyAgreementHash, nonce, payload);
+        });
+    }
+    extractTransactionProperties(decrypted) {
+        return {
+            diversifier: decrypted.slice(0, 11),
+            value: decrypted.slice(11, 19),
+            randomCommitmentTrapdoor: decrypted.slice(19, 51),
+            memoSize: decrypted.slice(51, 55),
+            memo: decrypted.slice(55),
+        };
+    }
+    extractPkdAndEsk(decrypted) {
+        return {
+            recipientDiversifiedTransmissionKey: decrypted.slice(0, 32),
+            ephemeralPrivateKey: decrypted.slice(32),
+        };
+    }
+    isSpent(address, value, randomCommitmentTrapdoor, position, nullifiers) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const computedNullifier = yield sapling.computeNullifier(__classPrivateFieldGet(this, _viewingKeyProvider).getFullViewingKey(), address, value, randomCommitmentTrapdoor, position);
+            return nullifiers.includes(computedNullifier.toString('hex'));
+        });
+    }
+}
+_viewingKeyProvider = new WeakMap(), _readProvider$2 = new WeakMap(), _saplingContractId = new WeakMap();
+
+/**
+ *
+ * @param leaves nodes in the tree that we would like to make pairs from
+ * @returns a paired/chunked array: [a, b, c, d] => [[a, b], [c, d]]
+ */
+function pairNodes(leaves) {
+    const pairs = new Array(Math.ceil(leaves.length / 2));
+    for (let i = 0; i < leaves.length / 2; i++) {
+        pairs[i] = leaves.slice(i * 2, i * 2 + 2);
+    }
+    return pairs;
+}
+/**
+ * @description helper function to assist in Lazy initializing an object
+ */
+class Lazy {
+    constructor(init) {
+        this.init = init;
+        this.isInitialized = false;
+        this.value = undefined;
+    }
+    // initializes the lazily initiated object
+    get() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!this.isInitialized) {
+                this.value = yield this.init();
+                this.isInitialized = true;
+            }
+            return this.value;
+        });
+    }
+}
+/**
+ *
+ * @param hex hexadecimal string we would like to swap
+ * @returns a hexadecimal string with swapped endians
+ */
+const changeEndianness = (hex) => {
+    if (hex.length % 2 != 0) {
+        hex = '0' + hex;
+    }
+    const bytes = hex.match(/.{2}/g) || [];
+    return bytes.reverse().join('');
+};
+
+/**
+ * Some code in this file was originally written or inspired by Airgap-it
+ * https://github.com/airgap-it/airgap-coin-lib/blob/master/LICENSE.md
+ *
+ */
+/**
+ * @description The SaplingState class's main purpose is to provide a Merkle path for the forger and the transaction builder, so that it may verify that the Sapling transaction is valid
+ *
+ */
+class SaplingState {
+    constructor(height) {
+        this.height = height;
+        this.uncommittedMerkleHash = '0100000000000000000000000000000000000000000000000000000000000000';
+        this.uncommittedMerkleHashes = new Lazy(() => this.createUncommittedMerkleHashes());
+    }
+    getStateTree(stateDiff, constructTree = true) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.stateTree !== undefined && this.stateTree.root === stateDiff.root) {
+                return this.stateTree;
+            }
+            const commitments = stateDiff.commitments_and_ciphertexts.map(([commitment, _]) => commitment);
+            let merkleTree;
+            if (constructTree) {
+                merkleTree = yield this.constructMerkleTree(commitments, 0);
+                yield this.validateMerkleTree(merkleTree, stateDiff.root);
+            }
+            this.stateTree = {
+                height: this.height,
+                size: commitments.length,
+                root: stateDiff.root,
+                tree: merkleTree,
+            };
+            return this.stateTree;
+        });
+    }
+    /**
+     *
+     * @param stateTree stateTree parameter that holds information details on our Merkle tree
+     * @param position position of the hash in the Merkle tree
+     * @returns a promise of a string that serves as the Merkle path that can be passed on to the Sapling forger or the transaction builder
+     */
+    getWitness(stateTree, position) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const heightBuffer = hex2Bytes(changeEndianness(num2PaddedHex(stateTree.height)));
+            const posBuffer = hex2Bytes(changeEndianness(num2PaddedHex(position, 64)));
+            const neighbouringHashes = yield this.getNeighbouringHashes([], stateTree.height, position, stateTree.tree);
+            const witness = neighbouringHashes
+                .map((hash) => Buffer.concat([hex2Bytes(changeEndianness(num2PaddedHex(hash.length))), hash]))
+                .reverse()
+                .reduce((acc, next) => Buffer.concat([acc, next]));
+            return Buffer.concat([heightBuffer, witness, posBuffer]).toString('hex');
+        });
+    }
+    /**
+     *
+     * @param leaves array of leaves or nodes that we want to construct the Merkle tree from
+     * @param height height of the desired Merkle tree
+     * @returns a promise of MerkleTree type object
+     */
+    constructMerkleTree(leaves, height) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (height === this.height && leaves.length === 1) {
+                return leaves[0];
+            }
+            if (height === this.height || leaves.length > Math.pow(2, this.height - 1 - height)) {
+                throw new TreeConstructionFailure('Children length exceeds maximum number of nodes in a merkle tree');
+            }
+            const pairedLeaves = pairNodes(leaves);
+            const updatedLeaves = yield Promise.all(pairedLeaves.map((chunk) => __awaiter(this, void 0, void 0, function* () {
+                const left = yield this.getMerkleHash(chunk[0], height);
+                const right = yield this.getMerkleHash(chunk[1], height);
+                const parentHash = yield merkleHash(height, left, right);
+                return [parentHash.toString('hex'), chunk[0], chunk[1]];
+            })));
+            return this.constructMerkleTree(updatedLeaves, height + 1);
+        });
+    }
+    getMerkleHash(tree, height) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (tree === undefined) {
+                return (yield this.uncommittedMerkleHashes.get())[height];
+            }
+            else if (typeof tree === 'string') {
+                return Buffer.from(tree, 'hex');
+            }
+            else {
+                return Buffer.from(tree[0], 'hex');
+            }
+        });
+    }
+    /**
+     *
+     * @returns hashes of empty or null values to fill in the Merkle tree
+     */
+    createUncommittedMerkleHashes() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = new Array(this.height);
+            res[0] = Buffer.from(this.uncommittedMerkleHash, 'hex');
+            for (let i = 0; i < this.height; i++) {
+                const hash = res[i];
+                res[i + 1] = yield merkleHash(i, hash, hash);
+            }
+            return res;
+        });
+    }
+    /**
+     *
+     * @param tree Merkle tree to validate
+     * @param expectedRoot the expected merkle root to validate against
+     */
+    validateMerkleTree(tree, expectedRoot) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const root = yield this.getMerkleHash(tree, this.height - 1);
+            if (root.toString('hex') !== expectedRoot) {
+                throw new InvalidMerkleRootError(root.toString('hex'));
+            }
+        });
+    }
+    /**
+     *
+     * @param acc accumulator variable for the recursive function
+     * @param height height of the tree
+     * @param position position of the hash we would like find the neighbours of
+     * @param tree the Merkle tree that we want to traverse
+     * @returns the accumulated Buffer array of neighbouring hashes
+     */
+    getNeighbouringHashes(acc, height, position, tree) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (typeof tree === 'undefined') {
+                throw new Error();
+            }
+            else if (typeof tree === 'string') {
+                return acc;
+            }
+            else {
+                let nextPos, nextTree, otherTree;
+                const fullTree = new BigNumber(2).pow(height - 1);
+                if (position.lt(fullTree)) {
+                    nextPos = position;
+                    nextTree = tree[1];
+                    otherTree = tree[2];
+                }
+                else {
+                    nextPos = position.minus(fullTree);
+                    nextTree = tree[2];
+                    otherTree = tree[1];
+                }
+                return this.getNeighbouringHashes([yield this.getMerkleHash(otherTree, height - 1), ...acc], height - 1, nextPos, nextTree);
+            }
+        });
+    }
+}
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const saplingOutputParams = require('../saplingOutputParams');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const saplingSpendParams = require('../saplingSpendParams');
+class SaplingWrapper {
+    withProvingContext(action) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.initSaplingParameters();
+            return sapling.withProvingContext(action);
+        });
+    }
+    getRandomBytes(length) {
+        return randomBytes(length);
+    }
+    randR() {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.randR();
+        });
+    }
+    getOutgoingViewingKey(vk) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.getOutgoingViewingKey(vk);
+        });
+    }
+    preparePartialOutputDescription(parametersOutputProof) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const partialOutputDesc = yield sapling.preparePartialOutputDescription(parametersOutputProof.saplingContext, parametersOutputProof.address, parametersOutputProof.randomCommitmentTrapdoor, parametersOutputProof.ephemeralPrivateKey, parametersOutputProof.amount);
+            return {
+                commitmentValue: partialOutputDesc.cv,
+                commitment: partialOutputDesc.cm,
+                proof: partialOutputDesc.proof,
+            };
+        });
+    }
+    getDiversifiedFromRawPaymentAddress(decodedDestination) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.getDiversifiedFromRawPaymentAddress(decodedDestination);
+        });
+    }
+    deriveEphemeralPublicKey(diversifier, esk) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.deriveEphemeralPublicKey(diversifier, esk);
+        });
+    }
+    getPkdFromRawPaymentAddress(destination) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.getPkdFromRawPaymentAddress(destination);
+        });
+    }
+    keyAgreement(p, sk) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.keyAgreement(p, sk);
+        });
+    }
+    createBindingSignature(saplingContext, balance, transactionSigHash) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.createBindingSignature(saplingContext, balance, transactionSigHash);
+        });
+    }
+    initSaplingParameters() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const spendParams = Buffer.from(saplingSpendParams.saplingSpendParams, 'base64');
+            const outputParams = Buffer.from(saplingOutputParams.saplingOutputParams, 'base64');
+            return sapling.initParameters(spendParams, outputParams);
+        });
+    }
+}
+
+var _inMemorySpendingKey$1, _inMemoryProvingKey, _saplingForger$1, _contractAddress$1, _saplingId$1, _memoSize$1, _readProvider$1, _saplingWrapper, _chainId, _saplingState;
+class SaplingTransactionBuilder {
+    constructor(keys, saplingForger, saplingContractDetails, readProvider, saplingWrapper = new SaplingWrapper()) {
+        _inMemorySpendingKey$1.set(this, void 0);
+        _inMemoryProvingKey.set(this, void 0);
+        _saplingForger$1.set(this, void 0);
+        _contractAddress$1.set(this, void 0);
+        _saplingId$1.set(this, void 0);
+        _memoSize$1.set(this, void 0);
+        _readProvider$1.set(this, void 0);
+        _saplingWrapper.set(this, void 0);
+        _chainId.set(this, void 0);
+        _saplingState.set(this, void 0);
+        __classPrivateFieldSet(this, _saplingForger$1, saplingForger);
+        __classPrivateFieldSet(this, _contractAddress$1, saplingContractDetails.contractAddress);
+        __classPrivateFieldSet(this, _memoSize$1, saplingContractDetails.memoSize);
+        __classPrivateFieldSet(this, _inMemorySpendingKey$1, keys.saplingSigner);
+        __classPrivateFieldSet(this, _inMemoryProvingKey, keys.saplingProver);
+        __classPrivateFieldSet(this, _saplingState, new SaplingState(32));
+        __classPrivateFieldSet(this, _saplingId$1, saplingContractDetails.saplingId);
+        __classPrivateFieldSet(this, _saplingWrapper, saplingWrapper);
+        __classPrivateFieldSet(this, _readProvider$1, readProvider);
+    }
+    createShieldedTx(saplingTransactionParams, txTotalAmount, boundData) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const rcm = yield __classPrivateFieldGet(this, _saplingWrapper).randR();
+            const balance = this.calculateTransactionBalance('0', txTotalAmount.toString());
+            const { signature, inputs, outputs } = yield __classPrivateFieldGet(this, _saplingWrapper).withProvingContext((saplingContext) => __awaiter(this, void 0, void 0, function* () {
+                const outputs = [];
+                const inputs = [];
+                for (const i in saplingTransactionParams) {
+                    outputs.push(yield this.prepareSaplingOutputDescription({
+                        saplingContext,
+                        address: b58cdecode(saplingTransactionParams[i].to, prefix[Prefix.ZET1]),
+                        amount: saplingTransactionParams[i].amount,
+                        memo: saplingTransactionParams[i].memo,
+                        randomCommitmentTrapdoor: rcm,
+                    }));
+                }
+                const signature = yield this.createBindingSignature({
+                    saplingContext,
+                    inputs,
+                    outputs,
+                    balance,
+                    boundData,
+                });
+                return { signature, inputs, outputs };
+            }));
+            return {
+                inputs,
+                outputs,
+                signature,
+                balance,
+            };
+        });
+    }
+    createSaplingTx(saplingTransactionParams, txTotalAmount, boundData, chosenInputs) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const randomCommitmentTrapdoor = yield __classPrivateFieldGet(this, _saplingWrapper).randR();
+            const saplingViewer = yield __classPrivateFieldGet(this, _inMemorySpendingKey$1).getSaplingViewingKeyProvider();
+            const outgoingViewingKey = yield saplingViewer.getOutgoingViewingKey();
+            const { signature, balance, inputs, outputs } = yield __classPrivateFieldGet(this, _saplingWrapper).withProvingContext((saplingContext) => __awaiter(this, void 0, void 0, function* () {
+                const outputs = [];
+                const inputs = [];
+                inputs.push(...(yield this.prepareSaplingSpendDescription(saplingContext, chosenInputs.inputsToSpend)));
+                let sumAmountOutput = new BigNumber(0);
+                for (const i in saplingTransactionParams) {
+                    sumAmountOutput = sumAmountOutput.plus(new BigNumber(saplingTransactionParams[i].amount));
+                    outputs.push(yield this.prepareSaplingOutputDescription({
+                        saplingContext,
+                        address: b58cdecode(saplingTransactionParams[i].to, prefix[Prefix.ZET1]),
+                        amount: saplingTransactionParams[i].amount,
+                        memo: saplingTransactionParams[i].memo,
+                        randomCommitmentTrapdoor,
+                        outgoingViewingKey,
+                    }));
+                }
+                if (chosenInputs.sumSelectedInputs.isGreaterThan(sumAmountOutput)) {
+                    const payBackAddress = (yield saplingViewer.getAddress()).address;
+                    const { payBackOutput, payBackAmount } = yield this.createPaybackOutput({
+                        saplingContext,
+                        address: b58cdecode(payBackAddress, prefix[Prefix.ZET1]),
+                        amount: txTotalAmount.toString(),
+                        memo: DEFAULT_MEMO,
+                        randomCommitmentTrapdoor: randomCommitmentTrapdoor,
+                        outgoingViewingKey: outgoingViewingKey,
+                    }, chosenInputs.sumSelectedInputs);
+                    sumAmountOutput = sumAmountOutput.plus(new BigNumber(payBackAmount));
+                    outputs.push(payBackOutput);
+                }
+                const balance = this.calculateTransactionBalance(chosenInputs.sumSelectedInputs.toString(), sumAmountOutput.toString());
+                const signature = yield this.createBindingSignature({
+                    saplingContext,
+                    inputs,
+                    outputs,
+                    balance,
+                    boundData,
+                });
+                return { signature, balance, inputs, outputs };
+            }));
+            return {
+                inputs,
+                outputs,
+                signature,
+                balance,
+            };
+        });
+    }
+    // sum of values of inputs minus sums of values of output equals balance
+    calculateTransactionBalance(inputTotal, outputTotal) {
+        return new BigNumber(inputTotal).minus(new BigNumber(outputTotal));
+    }
+    prepareSaplingOutputDescription(parametersOutputDescription) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const ephemeralPrivateKey = yield __classPrivateFieldGet(this, _saplingWrapper).randR();
+            const { commitmentValue, commitment, proof } = yield __classPrivateFieldGet(this, _saplingWrapper).preparePartialOutputDescription({
+                saplingContext: parametersOutputDescription.saplingContext,
+                address: parametersOutputDescription.address,
+                randomCommitmentTrapdoor: parametersOutputDescription.randomCommitmentTrapdoor,
+                ephemeralPrivateKey,
+                amount: parametersOutputDescription.amount,
+            });
+            const diversifier = yield __classPrivateFieldGet(this, _saplingWrapper).getDiversifiedFromRawPaymentAddress(parametersOutputDescription.address);
+            const ephemeralPublicKey = yield __classPrivateFieldGet(this, _saplingWrapper).deriveEphemeralPublicKey(diversifier, ephemeralPrivateKey);
+            const outgoingCipherKey = parametersOutputDescription.outgoingViewingKey
+                ? blake.blake2b(Buffer.concat([
+                    commitmentValue,
+                    commitment,
+                    ephemeralPublicKey,
+                    parametersOutputDescription.outgoingViewingKey,
+                ]), Buffer.from(OCK_KEY), 32)
+                : __classPrivateFieldGet(this, _saplingWrapper).getRandomBytes(32);
+            const ciphertext = yield this.encryptCiphertext({
+                address: parametersOutputDescription.address,
+                ephemeralPrivateKey,
+                diversifier,
+                outgoingCipherKey,
+                amount: parametersOutputDescription.amount,
+                randomCommitmentTrapdoor: parametersOutputDescription.randomCommitmentTrapdoor,
+                memo: parametersOutputDescription.memo,
+            });
+            return {
+                commitment,
+                proof,
+                ciphertext: Object.assign(Object.assign({}, ciphertext), { commitmentValue,
+                    ephemeralPublicKey }),
+            };
+        });
+    }
+    prepareSaplingSpendDescription(saplingContext, inputsToSpend) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const publicKeyReRandomization = yield __classPrivateFieldGet(this, _saplingWrapper).randR();
+            let stateDiff;
+            if (__classPrivateFieldGet(this, _saplingId$1)) {
+                stateDiff = yield __classPrivateFieldGet(this, _readProvider$1).getSaplingDiffById({ id: __classPrivateFieldGet(this, _saplingId$1) }, 'head');
+            }
+            else {
+                stateDiff = yield __classPrivateFieldGet(this, _readProvider$1).getSaplingDiffByContract(__classPrivateFieldGet(this, _contractAddress$1), 'head');
+            }
+            const stateTree = yield __classPrivateFieldGet(this, _saplingState).getStateTree(stateDiff, true);
+            const saplingSpendDescriptions = [];
+            for (let i = 0; i < inputsToSpend.length; i++) {
+                const amount = convertValueToBigNumber(inputsToSpend[i].value).toString();
+                const witness = yield __classPrivateFieldGet(this, _saplingState).getWitness(stateTree, new BigNumber(inputsToSpend[i].position));
+                const unsignedSpendDescription = __classPrivateFieldGet(this, _inMemoryProvingKey) ? yield __classPrivateFieldGet(this, _inMemoryProvingKey).prepareSpendDescription({
+                    saplingContext,
+                    address: inputsToSpend[i].paymentAddress,
+                    randomCommitmentTrapdoor: inputsToSpend[i].randomCommitmentTrapdoor,
+                    publicKeyReRandomization,
+                    amount,
+                    root: stateDiff.root,
+                    witness,
+                })
+                    : yield __classPrivateFieldGet(this, _inMemorySpendingKey$1).prepareSpendDescription({
+                        saplingContext,
+                        address: inputsToSpend[i].paymentAddress,
+                        randomCommitmentTrapdoor: inputsToSpend[i].randomCommitmentTrapdoor,
+                        publicKeyReRandomization,
+                        amount,
+                        root: stateDiff.root,
+                        witness,
+                    });
+                const unsignedSpendDescriptionBytes = __classPrivateFieldGet(this, _saplingForger$1).forgeUnsignedTxInput(unsignedSpendDescription);
+                const hash = blake.blake2b(unsignedSpendDescriptionBytes, yield this.getAntiReplay(), 32);
+                const spendDescription = yield __classPrivateFieldGet(this, _inMemorySpendingKey$1).signSpendDescription({
+                    publicKeyReRandomization,
+                    unsignedSpendDescription,
+                    hash,
+                });
+                if (spendDescription.signature === undefined) {
+                    throw new Error('Spend signing failed');
+                }
+                saplingSpendDescriptions.push(spendDescription);
+            }
+            return saplingSpendDescriptions;
+        });
+    }
+    encryptCiphertext(parametersCiphertext) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const recipientDiversifiedTransmissionKey = yield __classPrivateFieldGet(this, _saplingWrapper).getPkdFromRawPaymentAddress(parametersCiphertext.address);
+            const keyAgreement = yield __classPrivateFieldGet(this, _saplingWrapper).keyAgreement(recipientDiversifiedTransmissionKey, parametersCiphertext.ephemeralPrivateKey);
+            const keyAgreementHash = blake.blake2b(keyAgreement, Buffer.from(KDF_KEY), 32);
+            const nonceEnc = Buffer.from(__classPrivateFieldGet(this, _saplingWrapper).getRandomBytes(24));
+            const transactionPlaintext = __classPrivateFieldGet(this, _saplingForger$1).forgeTransactionPlaintext({
+                diversifier: parametersCiphertext.diversifier,
+                amount: parametersCiphertext.amount,
+                randomCommitmentTrapdoor: parametersCiphertext.randomCommitmentTrapdoor,
+                memoSize: __classPrivateFieldGet(this, _memoSize$1) * 2,
+                memo: parametersCiphertext.memo,
+            });
+            const nonceOut = Buffer.from(__classPrivateFieldGet(this, _saplingWrapper).getRandomBytes(24));
+            const payloadEnc = Buffer.from(secretBox(keyAgreementHash, nonceEnc, transactionPlaintext));
+            const payloadOut = Buffer.from(secretBox(parametersCiphertext.outgoingCipherKey, nonceOut, Buffer.concat([
+                recipientDiversifiedTransmissionKey,
+                parametersCiphertext.ephemeralPrivateKey,
+            ])));
+            return { payloadEnc, nonceEnc, payloadOut, nonceOut };
+        });
+    }
+    createPaybackOutput(params, sumSelectedInputs) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const payBackAmount = sumSelectedInputs.minus(params.amount).toString();
+            const payBackOutput = yield this.prepareSaplingOutputDescription({
+                saplingContext: params.saplingContext,
+                address: params.address,
+                amount: payBackAmount,
+                memo: params.memo,
+                randomCommitmentTrapdoor: params.randomCommitmentTrapdoor,
+                outgoingViewingKey: params.outgoingViewingKey,
+            });
+            return { payBackOutput, payBackAmount };
+        });
+    }
+    createBindingSignature(parametersBindingSig) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const outputs = __classPrivateFieldGet(this, _saplingForger$1).forgeOutputDescriptions(parametersBindingSig.outputs);
+            const inputs = __classPrivateFieldGet(this, _saplingForger$1).forgeSpendDescriptions(parametersBindingSig.inputs);
+            const transactionSigHash = blake.blake2b(Buffer.concat([inputs, outputs, parametersBindingSig.boundData]), yield this.getAntiReplay(), 32);
+            return __classPrivateFieldGet(this, _saplingWrapper).createBindingSignature(parametersBindingSig.saplingContext, parametersBindingSig.balance.toFixed(), transactionSigHash);
+        });
+    }
+    getAntiReplay() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let chainId = __classPrivateFieldGet(this, _chainId);
+            if (!chainId) {
+                chainId = yield __classPrivateFieldGet(this, _readProvider$1).getChainId();
+                __classPrivateFieldSet(this, _chainId, chainId);
+            }
+            return Buffer.from(`${__classPrivateFieldGet(this, _contractAddress$1)}${chainId}`);
+        });
+    }
+}
+_inMemorySpendingKey$1 = new WeakMap(), _inMemoryProvingKey = new WeakMap(), _saplingForger$1 = new WeakMap(), _contractAddress$1 = new WeakMap(), _saplingId$1 = new WeakMap(), _memoSize$1 = new WeakMap(), _readProvider$1 = new WeakMap(), _saplingWrapper = new WeakMap(), _chainId = new WeakMap(), _saplingState = new WeakMap();
+
+function decryptKey(spendingKey, password) {
+    const keyArr = b58cdecode(spendingKey, prefix[Prefix.SASK]);
+    // exit first if no password and key is encrypted
+    if (!password && spendingKey.slice(0, 4) !== 'sask') {
+        throw new InvalidSpendingKey(spendingKey, 'no password Provided to decrypt');
+    }
+    if (password && spendingKey.slice(0, 4) !== 'sask') {
+        const salt = toBuffer(keyArr.slice(0, 8));
+        const encryptedSk = toBuffer(keyArr.slice(8));
+        const encryptionKey = pbkdf2.pbkdf2Sync(password, salt, 32768, 32, 'sha512');
+        const decrypted = openSecretBox(new Uint8Array(encryptionKey), new Uint8Array(24), new Uint8Array(encryptedSk));
+        if (!decrypted) {
+            throw new InvalidSpendingKey(spendingKey, 'Encrypted Spending Key or Password Incorrect');
+        }
+        return toBuffer(decrypted);
+    }
+    else {
+        return toBuffer(keyArr);
+    }
+}
+
+var _spendingKeyBuf, _saplingViewingKey;
+/**
+ * @description holds the spending key, create proof and signature for spend descriptions
+ * can instantiate from mnemonic word list or decrypt a encrypted spending key
+ * with access to instantiate a InMemoryViewingKey
+ */
+class InMemorySpendingKey {
+    /**
+     *
+     * @param spendingKey unencrypted sask... or encrypted MMXj...
+     * @param password required for MMXj encrypted keys
+     */
+    constructor(spendingKey, password) {
+        _spendingKeyBuf.set(this, void 0);
+        _saplingViewingKey.set(this, void 0);
+        __classPrivateFieldSet(this, _spendingKeyBuf, decryptKey(spendingKey, password));
+    }
+    /**
+     *
+     * @param mnemonic string of words
+     * @param derivationPath tezos current standard 'm/'
+     * @returns InMemorySpendingKey class instantiated
+     */
+    static fromMnemonic(mnemonic, derivationPath = 'm/') {
+        return __awaiter(this, void 0, void 0, function* () {
+            // no password passed here. password provided only changes from sask -> MMXj
+            const fullSeed = yield bip39.mnemonicToSeed(mnemonic);
+            const first32 = fullSeed.slice(0, 32);
+            const second32 = fullSeed.slice(32);
+            // reduce seed bytes must be 32 bytes reflecting both halves
+            const seed = Buffer.from(first32.map((byte, index) => byte ^ second32[index]));
+            const spendingKeyArr = new Uint8Array(yield sapling.getExtendedSpendingKey(seed, derivationPath));
+            const spendingKey = b58cencode(spendingKeyArr, prefix[Prefix.SASK]);
+            if (ValidationResult.VALID !== 3) {
+                throw new InvalidSpendingKey(spendingKey);
+            }
+            return new InMemorySpendingKey(spendingKey);
+        });
+    }
+    /**
+     *
+     * @returns InMemoryViewingKey instantiated class
+     */
+    getSaplingViewingKeyProvider() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let viewingKey;
+            if (!__classPrivateFieldGet(this, _saplingViewingKey)) {
+                viewingKey = yield sapling.getExtendedFullViewingKeyFromSpendingKey(__classPrivateFieldGet(this, _spendingKeyBuf));
+                __classPrivateFieldSet(this, _saplingViewingKey, new InMemoryViewingKey(viewingKey.toString('hex')));
+            }
+            return __classPrivateFieldGet(this, _saplingViewingKey);
+        });
+    }
+    /**
+     * @description Prepare an unsigned sapling spend description using the spending key
+     * @param parametersSpendProof.saplingContext The sapling proving context
+     * @param parametersSpendProof.address The address of the input
+     * @param parametersSpendProof.randomCommitmentTrapdoor The randomness of the commitment
+     * @param parametersSpendProof.publicKeyReRandomization The re-randomization of the public key
+     * @param parametersSpendProof.amount The value of the input
+     * @param parametersSpendProof.root The root of the merkle tree
+     * @param parametersSpendProof.witness The path of the commitment in the tree
+     * @param derivationPath tezos current standard 'm/'
+     * @returns The unsigned spend description
+     */
+    prepareSpendDescription(parametersSpendProof) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const spendDescription = yield sapling.prepareSpendDescriptionWithSpendingKey(parametersSpendProof.saplingContext, __classPrivateFieldGet(this, _spendingKeyBuf), parametersSpendProof.address, parametersSpendProof.randomCommitmentTrapdoor, parametersSpendProof.publicKeyReRandomization, parametersSpendProof.amount, parametersSpendProof.root, parametersSpendProof.witness);
+            return {
+                commitmentValue: spendDescription.cv,
+                nullifier: spendDescription.nf,
+                publicKeyReRandomization: spendDescription.rk,
+                rtAnchor: spendDescription.rt,
+                proof: spendDescription.proof,
+            };
+        });
+    }
+    /**
+     * @description Sign a sapling spend description
+     * @param parametersSpendSig.publicKeyReRandomization The re-randomization of the public key
+     * @param parametersSpendSig.unsignedSpendDescription The unsigned Spend description
+     * @param parametersSpendSig.hash The data to be signed
+     * @returns The signed spend description
+     */
+    signSpendDescription(parametersSpendSig) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const signedSpendDescription = yield sapling.signSpendDescription({
+                cv: parametersSpendSig.unsignedSpendDescription.commitmentValue,
+                rt: parametersSpendSig.unsignedSpendDescription.rtAnchor,
+                nf: parametersSpendSig.unsignedSpendDescription.nullifier,
+                rk: parametersSpendSig.unsignedSpendDescription.publicKeyReRandomization,
+                proof: parametersSpendSig.unsignedSpendDescription.proof,
+            }, __classPrivateFieldGet(this, _spendingKeyBuf), parametersSpendSig.publicKeyReRandomization, parametersSpendSig.hash);
+            return {
+                commitmentValue: signedSpendDescription.cv,
+                nullifier: signedSpendDescription.nf,
+                publicKeyReRandomization: signedSpendDescription.rk,
+                proof: signedSpendDescription.proof,
+                signature: signedSpendDescription.spendAuthSig,
+            };
+        });
+    }
+    /**
+     * @description Return a proof authorizing key from the configured spending key
+     */
+    getProvingKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const provingKey = yield sapling.getProofAuthorizingKey(__classPrivateFieldGet(this, _spendingKeyBuf));
+            return provingKey.toString('hex');
+        });
+    }
+}
+_spendingKeyBuf = new WeakMap(), _saplingViewingKey = new WeakMap();
+
+var _fullViewingKey;
+/**
+ * @description Holds the viewing key
+ */
+class InMemoryViewingKey {
+    constructor(fullViewingKey) {
+        _fullViewingKey.set(this, void 0);
+        __classPrivateFieldSet(this, _fullViewingKey, Buffer.from(fullViewingKey, 'hex'));
+    }
+    /**
+     * @description Allows to instantiate the InMemoryViewingKey from an encrypted/unencrypted spending key
+     *
+     * @param spendingKey Base58Check-encoded spending key
+     * @param password Optional password to decrypt the spending key
+     * @example
+     * ```
+     * await InMemoryViewingKey.fromSpendingKey('sask27SLmU9herddHz4qFJBLMjWYMbJF8RtS579w9ej9mfCYK7VUdyCJPHK8AzW9zMsopGZEkYeNjAY7Zz1bkM7CGu8eKLzrjBLTMC5wWJDhxiK91ahA29rhDRsHdJDV2u2jFwb2MNUix8JW7sAkAqYVaJpCehTBPgRQ1KqKwqqUaNmuD8kazd4Q8MCWmgbWs21Yuomdqyi9FLigjRp7oY4m5adaVU19Nj1AHvsMY2tePeU2L')
+     * ```
+     *
+     */
+    static fromSpendingKey(spendingKey, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const inMemorySpendingkey = new InMemorySpendingKey(spendingKey, password);
+            return inMemorySpendingkey.getSaplingViewingKeyProvider();
+        });
+    }
+    /**
+     * @description Retrieve the full viewing key
+     * @returns Buffer representing the full viewing key
+     *
+     */
+    getFullViewingKey() {
+        return __classPrivateFieldGet(this, _fullViewingKey);
+    }
+    /**
+     * @description Retrieve the outgoing viewing key
+     * @returns Buffer representing the outgoing viewing key
+     *
+     */
+    getOutgoingViewingKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.getOutgoingViewingKey(__classPrivateFieldGet(this, _fullViewingKey));
+        });
+    }
+    /**
+     * @description Retrieve the incoming viewing key
+     * @returns Buffer representing the incoming viewing key
+     *
+     */
+    getIncomingViewingKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            return sapling.getIncomingViewingKey(__classPrivateFieldGet(this, _fullViewingKey));
+        });
+    }
+    /**
+     * @description Retrieve a payment address
+     * @param addressIndex used to determine which diversifier should be used to derive the address, default is 0
+     * @returns Base58Check-encoded address and its index
+     *
+     */
+    getAddress(addressIndex) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { index, raw } = yield sapling.getPaymentAddressFromViewingKey(__classPrivateFieldGet(this, _fullViewingKey), addressIndex);
+            return {
+                address: b58cencode(raw, prefix[Prefix.ZET1]),
+                addressIndex: index.readInt32LE(),
+            };
+        });
+    }
+}
+_fullViewingKey = new WeakMap();
+
+var _provingKey;
+/**
+ * @description holds the proving key, create proof for spend descriptions
+ * The class can be instantiated from a proving key or a spending key
+ */
+class InMemoryProvingKey {
+    constructor(provingKey) {
+        _provingKey.set(this, void 0);
+        __classPrivateFieldSet(this, _provingKey, Buffer.from(provingKey, 'hex'));
+    }
+    /**
+     * @description Allows to instantiate the InMemoryProvingKey from an encrypted/unencrypted spending key
+     *
+     * @param spendingKey Base58Check-encoded spending key
+     * @param password Optional password to decrypt the spending key
+     * @example
+     * ```
+     * await InMemoryProvingKey.fromSpendingKey('sask27SLmU9herddHz4qFJBLMjWYMbJF8RtS579w9ej9mfCYK7VUdyCJPHK8AzW9zMsopGZEkYeNjAY7Zz1bkM7CGu8eKLzrjBLTMC5wWJDhxiK91ahA29rhDRsHdJDV2u2jFwb2MNUix8JW7sAkAqYVaJpCehTBPgRQ1KqKwqqUaNmuD8kazd4Q8MCWmgbWs21Yuomdqyi9FLigjRp7oY4m5adaVU19Nj1AHvsMY2tePeU2L')
+     * ```
+     *
+     */
+    static fromSpendingKey(spendingKey, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const decodedSpendingKey = decryptKey(spendingKey, password);
+            const provingKey = yield sapling.getProofAuthorizingKey(decodedSpendingKey);
+            return new InMemoryProvingKey(provingKey.toString('hex'));
+        });
+    }
+    /**
+     * @description Prepare an unsigned sapling spend description using the proving key
+     *
+     * @param parametersSpendProof.saplingContext The sapling proving context
+     * @param parametersSpendProof.address The address of the input
+     * @param parametersSpendProof.randomCommitmentTrapdoor The randomness of the commitment
+     * @param parametersSpendProof.publicKeyReRandomization The re-randomization of the public key
+     * @param parametersSpendProof.amount The value of the input
+     * @param parametersSpendProof.root The root of the merkle tree
+     * @param parametersSpendProof.witness The path of the commitment in the tree
+     * @param derivationPath tezos current standard 'm/'
+     * @returns The unsinged spend description
+     */
+    prepareSpendDescription(parametersSpendProof) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const spendDescription = yield sapling.prepareSpendDescriptionWithAuthorizingKey(parametersSpendProof.saplingContext, __classPrivateFieldGet(this, _provingKey), parametersSpendProof.address, parametersSpendProof.randomCommitmentTrapdoor, parametersSpendProof.publicKeyReRandomization, parametersSpendProof.amount, parametersSpendProof.root, parametersSpendProof.witness);
+            return {
+                commitmentValue: spendDescription.cv,
+                nullifier: spendDescription.nf,
+                publicKeyReRandomization: spendDescription.rk,
+                rtAnchor: spendDescription.rt,
+                proof: spendDescription.proof,
+            };
+        });
+    }
+}
+_provingKey = new WeakMap();
+
+/**
+ * @packageDocumentation
+ * @module @taquito/sapling
+ */
+var _inMemorySpendingKey, _saplingId, _contractAddress, _memoSize, _readProvider, _packer, _saplingForger, _saplingTxBuilder, _saplingTransactionViewer;
+/**
+ * @description Class that surfaces all of the sapling capability allowing to read from a sapling state and prepare transactions
+ *
+ * @param keys.saplingSigner Holds the sapling spending key
+ * @param keys.saplingProver (Optional) Allows to generate the proofs with the proving key rather than the spending key
+ * @param saplingContractDetails Contains the address of the sapling contract, the memo size, and an optional sapling id that must be defined if the sapling contract contains more than one sapling state
+ * @param readProvider Allows to read data from the blockchain
+ * @param packer (Optional) Allows packing data. Use the `MichelCodecPacker` by default.
+ * @param saplingForger (Optional) Allows serializing the sapling transactions. Use the `SaplingForger` by default.
+ * @param saplingTxBuilder (Optional) Allows to prepare the sapling transactions. Use the `SaplingTransactionBuilder` by default.
+ * @example
+ * ```
+ * const inMemorySpendingKey = await InMemorySpendingKey.fromMnemonic('YOUR_MNEMONIC');
+ * const readProvider = new RpcReadAdapter(new RpcClient('https://YOUR_PREFERRED_RPC_URL'))
+ *
+ * const saplingToolkit = new SaplingToolkit(
+ *    { saplingSigner: inMemorySpendingKey },
+ *    { contractAddress: SAPLING_CONTRACT_ADDRESS, memoSize: 8 },
+ *    readProvider
+ * )
+ * ```
+ */
+class SaplingToolkit {
+    constructor(keys, saplingContractDetails, readProvider, packer = new MichelCodecPacker(), saplingForger = new SaplingForger(), saplingTxBuilder = new SaplingTransactionBuilder(keys, saplingForger, saplingContractDetails, readProvider)) {
+        _inMemorySpendingKey.set(this, void 0);
+        _saplingId.set(this, void 0);
+        _contractAddress.set(this, void 0);
+        _memoSize.set(this, void 0);
+        _readProvider.set(this, void 0);
+        _packer.set(this, void 0);
+        _saplingForger.set(this, void 0);
+        _saplingTxBuilder.set(this, void 0);
+        _saplingTransactionViewer.set(this, void 0);
+        __classPrivateFieldSet(this, _inMemorySpendingKey, keys.saplingSigner);
+        __classPrivateFieldSet(this, _saplingId, saplingContractDetails.saplingId);
+        __classPrivateFieldSet(this, _contractAddress, saplingContractDetails.contractAddress);
+        __classPrivateFieldSet(this, _memoSize, saplingContractDetails.memoSize);
+        __classPrivateFieldSet(this, _readProvider, readProvider);
+        __classPrivateFieldSet(this, _packer, packer);
+        __classPrivateFieldSet(this, _saplingForger, saplingForger);
+        __classPrivateFieldSet(this, _saplingTxBuilder, saplingTxBuilder);
+    }
+    /**
+     * @description Get an instance of `SaplingTransactionViewer` which allows to retrieve and decrypt sapling transactions and calculate the unspent balance.
+     */
+    getSaplingTransactionViewer() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let saplingTransactionViewer;
+            if (!__classPrivateFieldGet(this, _saplingTransactionViewer)) {
+                const saplingViewingKey = yield __classPrivateFieldGet(this, _inMemorySpendingKey).getSaplingViewingKeyProvider();
+                saplingTransactionViewer = new SaplingTransactionViewer(saplingViewingKey, this.getSaplingContractId(), __classPrivateFieldGet(this, _readProvider));
+                __classPrivateFieldSet(this, _saplingTransactionViewer, saplingTransactionViewer);
+            }
+            return __classPrivateFieldGet(this, _saplingTransactionViewer);
+        });
+    }
+    /**
+     * @description Prepare a shielded transaction
+     * @param shieldedTxParams `to` is the payment address that will receive the shielded tokens (zet).
+     * `amount` is the amount of shielded tokens in tez by default.
+     * `mutez` needs to be set to true if the amount of shielded tokens is in mutez.
+     * `memo` is an empty string by default.
+     * @returns a string representing the sapling transaction
+     */
+    prepareShieldedTransaction(shieldedTxParams) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { formatedParams, totalAmount } = this.formatTransactionParams(shieldedTxParams, this.validateDestinationSaplingAddress);
+            const root = yield this.getRoot();
+            const { inputs, outputs, signature, balance } = yield __classPrivateFieldGet(this, _saplingTxBuilder).createShieldedTx(formatedParams, totalAmount, DEFAULT_BOUND_DATA);
+            const forgedSaplingTx = __classPrivateFieldGet(this, _saplingForger).forgeSaplingTransaction({
+                inputs,
+                outputs,
+                balance,
+                root,
+                boundData: DEFAULT_BOUND_DATA,
+                signature,
+            });
+            return forgedSaplingTx.toString('hex');
+        });
+    }
+    /**
+     * @description Prepare an unshielded transaction
+     * @param unshieldedTxParams `to` is the Tezos address that will receive the unshielded tokens (tz1, tz2 or tz3).
+     * `amount` is the amount of unshielded tokens in tez by default.
+     * `mutez` needs to be set to true if the amount of unshielded tokens is in mutez.
+     * @returns a string representing the sapling transaction.
+     */
+    prepareUnshieldedTransaction(unshieldedTxParams) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { formatedParams, totalAmount } = this.formatTransactionParams([unshieldedTxParams], this.validateDestinationImplicitAddress);
+            const boundData = yield this.createBoundData(formatedParams[0].to);
+            const root = yield this.getRoot();
+            const chosenInputs = yield this.selectInputsToSpend(new BigNumber(formatedParams[0].amount));
+            const { inputs, outputs, signature, balance } = yield __classPrivateFieldGet(this, _saplingTxBuilder).createSaplingTx([], totalAmount, boundData, chosenInputs);
+            const forgedSaplingTx = __classPrivateFieldGet(this, _saplingForger).forgeSaplingTransaction({
+                inputs,
+                outputs,
+                balance,
+                root,
+                boundData,
+                signature,
+            });
+            return forgedSaplingTx.toString('hex');
+        });
+    }
+    /**
+     * @description Prepare a sapling transaction (zet to zet)
+     * @param saplingTxParams `to` is the payment address that will receive the shielded tokens (zet).
+     * `amount` is the amount of unshielded tokens in tez by default.
+     * `mutez` needs to be set to true if the amount of unshielded tokens is in mutez.
+     * `memo` is an empty string by default.
+     * @returns a string representing the sapling transaction.
+     */
+    prepareSaplingTransaction(saplingTxParams) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { formatedParams, totalAmount } = this.formatTransactionParams(saplingTxParams, this.validateDestinationSaplingAddress);
+            const root = yield this.getRoot();
+            const chosenInputs = yield this.selectInputsToSpend(totalAmount);
+            const { inputs, outputs, signature, balance } = yield __classPrivateFieldGet(this, _saplingTxBuilder).createSaplingTx(formatedParams, totalAmount, DEFAULT_BOUND_DATA, chosenInputs);
+            const forgedSaplingTx = __classPrivateFieldGet(this, _saplingForger).forgeSaplingTransaction({
+                inputs,
+                outputs,
+                balance,
+                root,
+                boundData: DEFAULT_BOUND_DATA,
+                signature,
+            });
+            return forgedSaplingTx.toString('hex');
+        });
+    }
+    formatTransactionParams(txParams, validateDestination) {
+        const formatedParams = [];
+        let totalAmount = new BigNumber(0);
+        txParams.forEach((param) => {
+            var _a;
+            validateDestination(param.to);
+            const amountMutez = param.mutez
+                ? param.amount.toString()
+                : format('tz', 'mutez', param.amount).toString();
+            totalAmount = totalAmount.plus(new BigNumber(amountMutez));
+            const memo = (_a = param.memo) !== null && _a !== void 0 ? _a : DEFAULT_MEMO;
+            if (memo.length > __classPrivateFieldGet(this, _memoSize)) {
+                throw new InvalidMemo(memo, 'The memo is too long.');
+            }
+            formatedParams.push({ to: param.to, amount: amountMutez, memo });
+        });
+        return { formatedParams, totalAmount };
+    }
+    getRoot() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (__classPrivateFieldGet(this, _saplingId)) {
+                const { root } = yield __classPrivateFieldGet(this, _readProvider).getSaplingDiffById({ id: __classPrivateFieldGet(this, _saplingId) }, 'head');
+                return root;
+            }
+            else {
+                const { root } = yield __classPrivateFieldGet(this, _readProvider).getSaplingDiffByContract(__classPrivateFieldGet(this, _contractAddress), 'head');
+                return root;
+            }
+        });
+    }
+    createBoundData(destination) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const pref = destination.substr(0, 3);
+            let pad;
+            switch (pref) {
+                case 'tz1': {
+                    pad = Buffer.from('00', 'hex');
+                    break;
+                }
+                case 'tz2': {
+                    pad = Buffer.from('01', 'hex');
+                    break;
+                }
+                case 'tz3': {
+                    pad = Buffer.from('02', 'hex');
+                    break;
+                }
+                default: {
+                    throw new InvalidKeyError(destination, "The 'to' parameter contains an invalid prefix.");
+                }
+            }
+            const decodedDestination = b58cdecode(destination, prefix[pref]);
+            const padDestination = Buffer.concat([pad, Buffer.from(decodedDestination)]);
+            const packedDestination = yield __classPrivateFieldGet(this, _packer).packData({
+                data: { bytes: padDestination.toString('hex') },
+                type: { prim: 'bytes' },
+            });
+            return Buffer.from(packedDestination.packed, 'hex');
+        });
+    }
+    validateDestinationImplicitAddress(to) {
+        if (validateKeyHash(to) !== ValidationResult.VALID) {
+            throw new InvalidAddressError(to, "The 'to' parameter must be a Tezos public key hash (tz1, tz2, tz3).");
+        }
+    }
+    validateDestinationSaplingAddress(to) {
+        if (!to.startsWith(Prefix.ZET1)) {
+            throw new InvalidAddressError(to, "The 'to' parameter must be a sapling address (zet1).");
+        }
+    }
+    getSaplingContractId() {
+        let saplingContractId;
+        if (__classPrivateFieldGet(this, _saplingId)) {
+            saplingContractId = { saplingId: __classPrivateFieldGet(this, _saplingId) };
+        }
+        else {
+            saplingContractId = { contractAddress: __classPrivateFieldGet(this, _contractAddress) };
+        }
+        return saplingContractId;
+    }
+    selectInputsToSpend(amountMutez) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const saplingTxViewer = yield this.getSaplingTransactionViewer();
+            const { incoming } = yield saplingTxViewer.getIncomingAndOutgoingTransactionsRaw();
+            const inputsToSpend = [];
+            let sumSelectedInputs = new BigNumber(0);
+            incoming.forEach((input) => {
+                if (!input.isSpent && sumSelectedInputs.isLessThan(amountMutez)) {
+                    const txAmount = convertValueToBigNumber(input.value);
+                    sumSelectedInputs = sumSelectedInputs.plus(txAmount);
+                    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+                    const rest = __rest(input, ["isSpent"]);
+                    inputsToSpend.push(rest);
+                }
+            });
+            if (sumSelectedInputs.isLessThan(new BigNumber(amountMutez))) {
+                throw new InsufficientBalance(sumSelectedInputs.toString(), amountMutez.toString());
+            }
+            return { inputsToSpend, sumSelectedInputs };
+        });
+    }
+}
+_inMemorySpendingKey = new WeakMap(), _saplingId = new WeakMap(), _contractAddress = new WeakMap(), _memoSize = new WeakMap(), _readProvider = new WeakMap(), _packer = new WeakMap(), _saplingForger = new WeakMap(), _saplingTxBuilder = new WeakMap(), _saplingTransactionViewer = new WeakMap();
+
+export { InMemoryProvingKey, InMemorySpendingKey, InMemoryViewingKey, SaplingToolkit, SaplingTransactionViewer };
+//# sourceMappingURL=taquito-sapling.es6.js.map