npm - @tatchi-xyz/sdk - Versions diffs - 0.31.0 → 0.31.1 - Mend

@tatchi-xyz/sdk 0.31.0 → 0.31.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (173) hide show

package/dist/esm/sdk/{transactions-CrjP8yPD.js → transactions-CxsklyCK.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 import "./validation-hUZgySTx.js";
 import { ERROR_MESSAGES, SecureConfirmationType, computeUiIntentDigestFromNep413, getIntentDigest, getNearAccountId, getSignTransactionPayload, getTxCount, isUserCancelledSecureConfirm, toAccountId, toError } from "./collectAuthenticationCredentialForVrfChallenge-C9p90e5Z.js";
-import { PASSKEY_MANAGER_DEFAULT_CONFIGS, getLastLoggedInDeviceNumber } from "./getDeviceNumber-f8bfPB9U.js";
-import { createConfirmSession, createConfirmTxFlowAdapters } from "./createAdapters-Dv7ZJPf1.js";
+import { PASSKEY_MANAGER_DEFAULT_CONFIGS, getLastLoggedInDeviceNumber } from "./getDeviceNumber-WiNzKx1x.js";
+import { createConfirmSession, createConfirmTxFlowAdapters } from "./createAdapters-4c8mBiD5.js";
 import "./css-loader-DWW-_Vli.js";
 //#region src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.ts
@@ -21,91 +21,91 @@ async function handleTransactionSigningFlow(ctx, request, worker, opts) {
 		transactionSummary
 	});
 	const nearAccountId = getNearAccountId(request);
-	const signingAuthMode = getSigningAuthMode(request);
-	const usesNeeded = getTxCount(request);
-	const vrfIntentDigestB64u = request.type === SecureConfirmationType.SIGN_TRANSACTION ? getIntentDigest(request) : request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE ? await computeUiIntentDigestFromNep413({
-		nearAccountId,
-		recipient: request.payload.recipient,
-		message: request.payload.message
-	}) : void 0;
-	const sessionPolicyDigest32 = request.payload.sessionPolicyDigest32;
-	const nearRpc = await adapters.near.fetchNearContext({
-		nearAccountId,
-		txCount: usesNeeded,
-		reserveNonces: true
-	});
-	if (!nearRpc.transactionContext) {
-		console.error("[SigningFlow] fetchNearContext failed", {
-			error: nearRpc.error,
-			details: nearRpc.details
-		});
-		return session.confirmAndCloseModal({
-			requestId: request.requestId,
-			intentDigest: getIntentDigest(request),
-			confirmed: false,
-			error: nearRpc.details ? `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}` : ERROR_MESSAGES.nearRpcFailed
+	try {
+		const signingAuthMode = getSigningAuthMode(request);
+		const usesNeeded = getTxCount(request);
+		const vrfIntentDigestB64u = request.type === SecureConfirmationType.SIGN_TRANSACTION ? getIntentDigest(request) : request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE ? await computeUiIntentDigestFromNep413({
+			nearAccountId,
+			recipient: request.payload.recipient,
+			message: request.payload.message
+		}) : void 0;
+		const sessionPolicyDigest32 = request.payload.sessionPolicyDigest32;
+		const nearRpc = await adapters.near.fetchNearContext({
+			nearAccountId,
+			txCount: usesNeeded,
+			reserveNonces: true
 		});
-	}
-	session.setReservedNonces(nearRpc.reservedNonces);
-	let transactionContext = nearRpc.transactionContext;
-	const rpId = adapters.vrf.getRpId();
-	let uiVrfChallenge;
-	let uiVrfChallengeForUi = rpId ? {
-		userId: nearAccountId,
-		rpId,
-		blockHeight: transactionContext.txBlockHeight,
-		blockHash: transactionContext.txBlockHash
-	} : void 0;
-	if (signingAuthMode === "webauthn") {
-		uiVrfChallenge = await adapters.vrf.generateVrfChallengeForSession({
-			userId: nearAccountId,
-			rpId,
-			blockHeight: transactionContext.txBlockHeight,
-			blockHash: transactionContext.txBlockHash,
-			...vrfIntentDigestB64u ? { intentDigest: vrfIntentDigestB64u } : {},
-			...sessionPolicyDigest32 ? { sessionPolicyDigest32 } : {}
-		}, request.requestId);
-		uiVrfChallengeForUi = uiVrfChallenge;
-	}
-	const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallengeForUi });
-	if (!confirmed) return session.confirmAndCloseModal({
-		requestId: request.requestId,
-		intentDigest: getIntentDigest(request),
-		confirmed: false,
-		error: uiError
-	});
-	if (signingAuthMode === "warmSession") {
-		try {
-			await adapters.vrf.dispenseSessionKey({
-				sessionId: request.requestId,
-				uses: usesNeeded
+		if (!nearRpc.transactionContext) {
+			console.error("[SigningFlow] fetchNearContext failed", {
+				error: nearRpc.error,
+				details: nearRpc.details
 			});
-		} catch (err) {
-			const msg = String(toError(err)?.message || err || "");
 			return session.confirmAndCloseModal({
 				requestId: request.requestId,
 				intentDigest: getIntentDigest(request),
 				confirmed: false,
-				error: msg || "Failed to dispense warm session key"
+				error: nearRpc.details ? `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}` : ERROR_MESSAGES.nearRpcFailed
 			});
 		}
-		session.confirmAndCloseModal({
+		session.setReservedNonces(nearRpc.reservedNonces);
+		let transactionContext = nearRpc.transactionContext;
+		const rpId = adapters.vrf.getRpId();
+		let uiVrfChallenge;
+		let uiVrfChallengeForUi = rpId ? {
+			userId: nearAccountId,
+			rpId,
+			blockHeight: transactionContext.txBlockHeight,
+			blockHash: transactionContext.txBlockHash
+		} : void 0;
+		if (signingAuthMode === "webauthn") {
+			uiVrfChallenge = await adapters.vrf.generateVrfChallengeForSession({
+				userId: nearAccountId,
+				rpId,
+				blockHeight: transactionContext.txBlockHeight,
+				blockHash: transactionContext.txBlockHash,
+				...vrfIntentDigestB64u ? { intentDigest: vrfIntentDigestB64u } : {},
+				...sessionPolicyDigest32 ? { sessionPolicyDigest32 } : {}
+			}, request.requestId);
+			uiVrfChallengeForUi = uiVrfChallenge;
+		}
+		const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallengeForUi });
+		if (!confirmed) return session.confirmAndCloseModal({
 			requestId: request.requestId,
 			intentDigest: getIntentDigest(request),
-			confirmed: true,
-			transactionContext
+			confirmed: false,
+			error: uiError
 		});
-		return;
-	}
-	try {
-		const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);
-		uiVrfChallenge = refreshed.vrfChallenge;
-		transactionContext = refreshed.transactionContext;
-		session.updateUI({ vrfChallenge: uiVrfChallenge });
-	} catch (e) {
-		console.debug("[SigningFlow] VRF JIT refresh skipped", e);
-	}
-	try {
+		if (signingAuthMode === "warmSession") {
+			try {
+				await adapters.vrf.dispenseSessionKey({
+					sessionId: request.requestId,
+					uses: usesNeeded
+				});
+			} catch (err) {
+				const msg = String(toError(err)?.message || err || "");
+				return session.confirmAndCloseModal({
+					requestId: request.requestId,
+					intentDigest: getIntentDigest(request),
+					confirmed: false,
+					error: msg || "Failed to dispense warm session key"
+				});
+			}
+			session.confirmAndCloseModal({
+				requestId: request.requestId,
+				intentDigest: getIntentDigest(request),
+				confirmed: true,
+				transactionContext
+			});
+			return;
+		}
+		try {
+			const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);
+			uiVrfChallenge = refreshed.vrfChallenge;
+			transactionContext = refreshed.transactionContext;
+			session.updateUI({ vrfChallenge: uiVrfChallenge });
+		} catch (e) {
+			console.debug("[SigningFlow] VRF JIT refresh skipped", e);
+		}
 		if (!uiVrfChallenge) throw new Error("Missing vrfChallenge for WebAuthn signing flow");
 		const serializedCredential = await adapters.webauthn.collectAuthenticationCredentialWithPRF({
 			nearAccountId,
@@ -153,7 +153,6 @@ async function handleTransactionSigningFlow(ctx, request, worker, opts) {
 	} catch (err) {
 		const cancelled = isUserCancelledSecureConfirm(err);
 		const msg = String(toError(err)?.message || err || "");
-		if (/Missing PRF result/i.test(msg) || /Missing PRF results/i.test(msg)) return session.cleanupAndRethrow(err);
 		if (cancelled) window.parent?.postMessage({ type: "WALLET_UI_CLOSED" }, "*");
 		const isWrongPasskeyError = /multiple passkeys \(devicenumbers\) for account/i.test(msg);
 		return session.confirmAndCloseModal({
@@ -167,4 +166,4 @@ async function handleTransactionSigningFlow(ctx, request, worker, opts) {
 //#endregion
 export { handleTransactionSigningFlow };
-//# sourceMappingURL=transactions-CrjP8yPD.js.map
+//# sourceMappingURL=transactions-CxsklyCK.js.map

package/dist/esm/sdk/transactions-CxsklyCK.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"transactions-CxsklyCK.js","names":["transactionContext: TransactionContext","uiVrfChallenge: VRFChallenge | undefined","uiVrfChallengeForUi: Partial<VRFChallenge> | undefined","err: unknown","contractId: string | undefined","nearRpcUrl: string | undefined"],"sources":["../../../src/core/WebAuthnManager/VrfWorkerManager/confirmTxFlow/flows/transactions.ts"],"sourcesContent":["import type { VrfWorkerManagerContext } from '../../';\nimport type { ConfirmationConfig } from '../../../../types/signer-worker';\nimport {\n SecureConfirmationType,\n TransactionSummary,\n SigningSecureConfirmRequest,\n SigningAuthMode,\n} from '../types';\nimport { VRFChallenge, TransactionContext } from '../../../../types';\nimport {\n getNearAccountId,\n getIntentDigest,\n getTxCount,\n isUserCancelledSecureConfirm,\n ERROR_MESSAGES,\n getSignTransactionPayload,\n} from './index';\nimport { toAccountId } from '../../../../types/accountIds';\nimport { getLastLoggedInDeviceNumber } from '../../../SignerWorkerManager/getDeviceNumber';\nimport { toError } from '../../../../../utils/errors';\nimport { PASSKEY_MANAGER_DEFAULT_CONFIGS } from '../../../../defaultConfigs';\nimport { createConfirmSession } from '../adapters/session';\nimport { createConfirmTxFlowAdapters } from '../adapters/createAdapters';\nimport { computeUiIntentDigestFromNep413 } from '../../../../digests/intentDigest';\n\nfunction getSigningAuthMode(request: SigningSecureConfirmRequest): SigningAuthMode {\n if (request.type === SecureConfirmationType.SIGN_TRANSACTION) {\n return getSignTransactionPayload(request).signingAuthMode ?? 'webauthn';\n }\n if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {\n return request.payload.signingAuthMode ?? 'webauthn';\n }\n return 'webauthn';\n}\n\nexport async function handleTransactionSigningFlow(\n ctx: VrfWorkerManagerContext,\n request: SigningSecureConfirmRequest,\n worker: Worker,\n opts: { confirmationConfig: ConfirmationConfig; transactionSummary: TransactionSummary },\n): Promise<void> {\n const { confirmationConfig, transactionSummary } = opts;\n const adapters = createConfirmTxFlowAdapters(ctx);\n const session = createConfirmSession({\n adapters,\n worker,\n request,\n confirmationConfig,\n transactionSummary,\n });\n const nearAccountId = getNearAccountId(request);\n try {\n const signingAuthMode = getSigningAuthMode(request);\n const usesNeeded = getTxCount(request);\n const vrfIntentDigestB64u = request.type === SecureConfirmationType.SIGN_TRANSACTION\n ? getIntentDigest(request)\n : request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE\n ? await computeUiIntentDigestFromNep413({\n nearAccountId,\n recipient: request.payload.recipient,\n message: request.payload.message,\n })\n : undefined;\n const sessionPolicyDigest32 = request.payload.sessionPolicyDigest32;\n\n // 1) NEAR context + nonce reservation\n const nearRpc = await adapters.near.fetchNearContext({ nearAccountId, txCount: usesNeeded, reserveNonces: true });\n if (!nearRpc.transactionContext) {\n // eslint-disable-next-line no-console\n console.error('[SigningFlow] fetchNearContext failed', { error: nearRpc.error, details: nearRpc.details });\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: nearRpc.details ? `${ERROR_MESSAGES.nearRpcFailed}: ${nearRpc.details}` : ERROR_MESSAGES.nearRpcFailed,\n });\n }\n session.setReservedNonces(nearRpc.reservedNonces);\n let transactionContext: TransactionContext = nearRpc.transactionContext;\n\n // 2) Security context shown in the confirmer (rpId + block height).\n // For warmSession signing we still want to show this context even though\n // we won't collect a WebAuthn credential.\n const rpId = adapters.vrf.getRpId();\n let uiVrfChallenge: VRFChallenge | undefined;\n let uiVrfChallengeForUi: Partial<VRFChallenge> | undefined = rpId\n ? {\n userId: nearAccountId,\n rpId,\n blockHeight: transactionContext.txBlockHeight,\n blockHash: transactionContext.txBlockHash,\n }\n : undefined;\n\n // Initial VRF challenge (only needed for WebAuthn credential collection)\n if (signingAuthMode === 'webauthn') {\n uiVrfChallenge = await adapters.vrf.generateVrfChallengeForSession(\n {\n userId: nearAccountId,\n rpId,\n blockHeight: transactionContext.txBlockHeight,\n blockHash: transactionContext.txBlockHash,\n ...(vrfIntentDigestB64u ? { intentDigest: vrfIntentDigestB64u } : {}),\n ...(sessionPolicyDigest32 ? { sessionPolicyDigest32 } : {}),\n },\n request.requestId,\n );\n uiVrfChallengeForUi = uiVrfChallenge;\n }\n\n // 3) UI confirm\n const { confirmed, error: uiError } = await session.promptUser({ vrfChallenge: uiVrfChallengeForUi });\n if (!confirmed) {\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: uiError,\n });\n }\n\n // 4) Warm session: dispense WrapKeySeed and skip WebAuthn\n if (signingAuthMode === 'warmSession') {\n try {\n await adapters.vrf.dispenseSessionKey({ sessionId: request.requestId, uses: usesNeeded });\n } catch (err: unknown) {\n const msg = String((toError(err))?.message || err || '');\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: msg || 'Failed to dispense warm session key',\n });\n }\n\n session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: true,\n transactionContext,\n });\n return;\n }\n\n // 5) JIT refresh VRF + ctx (best-effort)\n try {\n const refreshed = await adapters.vrf.maybeRefreshVrfChallenge(request, nearAccountId);\n uiVrfChallenge = refreshed.vrfChallenge;\n transactionContext = refreshed.transactionContext;\n session.updateUI({ vrfChallenge: uiVrfChallenge });\n } catch (e) {\n console.debug('[SigningFlow] VRF JIT refresh skipped', e);\n }\n\n // 6) Collect authentication credential\n if (!uiVrfChallenge) {\n throw new Error('Missing vrfChallenge for WebAuthn signing flow');\n }\n const serializedCredential = await adapters.webauthn.collectAuthenticationCredentialWithPRF({\n nearAccountId,\n vrfChallenge: uiVrfChallenge,\n });\n\n // 5c) Derive WrapKeySeed inside the VRF worker and deliver it to the signer worker via\n // the reserved WrapKeySeed MessagePort. Main thread only sees wrapKeySalt metadata.\n let contractId: string | undefined;\n let nearRpcUrl: string | undefined;\n try {\n // Ensure VRF session is active and bound to the same account we are signing for.\n const vrfStatus = await adapters.vrf.checkVrfStatus();\n if (!vrfStatus.active) {\n throw new Error('VRF keypair not active in memory. VRF session may have expired or was not properly initialized. Please refresh and try again.');\n }\n if (!vrfStatus.nearAccountId || String(vrfStatus.nearAccountId) !== String(toAccountId(nearAccountId))) {\n throw new Error('VRF session is active but bound to a different account than the one being signed. Please log in again on this device.');\n }\n\n const deviceNumber = await getLastLoggedInDeviceNumber(toAccountId(nearAccountId), ctx.indexedDB.clientDB);\n const keyMaterial = await ctx.indexedDB.nearKeysDB.getLocalKeyMaterial(nearAccountId, deviceNumber);\n if (!keyMaterial) {\n throw new Error(`No key material found for account ${nearAccountId} device ${deviceNumber}`);\n }\n const wrapKeySalt = keyMaterial.wrapKeySalt;\n if (!wrapKeySalt) {\n throw new Error('Missing wrapKeySalt in vault; re-register to upgrade vault format.');\n }\n\n // Extract contract verification context when available.\n // - SIGN_TRANSACTION: use per-request rpcCall (already normalized by caller).\n // - SIGN_NEP413_MESSAGE: allow per-request override; fall back to PASSKEY_MANAGER_DEFAULT_CONFIGS.\n if (request.type === SecureConfirmationType.SIGN_TRANSACTION) {\n const payload = getSignTransactionPayload(request);\n contractId = payload?.rpcCall?.contractId;\n nearRpcUrl = payload?.rpcCall?.nearRpcUrl;\n } else if (request.type === SecureConfirmationType.SIGN_NEP413_MESSAGE) {\n const payload = request.payload;\n contractId = payload.contractId || PASSKEY_MANAGER_DEFAULT_CONFIGS.contractId;\n nearRpcUrl = payload.nearRpcUrl || PASSKEY_MANAGER_DEFAULT_CONFIGS.nearRpcUrl;\n }\n\n await adapters.vrf.mintSessionKeysAndSendToSigner({\n sessionId: request.requestId,\n wrapKeySalt,\n contractId,\n nearRpcUrl,\n credential: serializedCredential,\n });\n\t } catch (err) {\n\t console.error('[SigningFlow] WrapKeySeed derivation failed:', err);\n\t throw err; // Don't silently ignore - propagate the error\n\t }\n\n // 6) Respond; keep nonces reserved for worker to use\n session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: true,\n credential: serializedCredential,\n // prfOutput intentionally omitted to keep signer PRF-free\n // WrapKeySeed travels only over the dedicated VRF→Signer MessagePort; do not echo in the main-thread envelope\n vrfChallenge: uiVrfChallenge,\n transactionContext,\n });\n } catch (err: unknown) {\n // Treat TouchID/FaceID cancellation and related errors as a negative decision\n const cancelled = isUserCancelledSecureConfirm(err);\n const msg = String((toError(err))?.message || err || '');\n if (cancelled) {\n window.parent?.postMessage({ type: 'WALLET_UI_CLOSED' }, '*');\n }\n const isWrongPasskeyError = /multiple passkeys \$devicenumbers\$ for account/i.test(msg);\n return session.confirmAndCloseModal({\n requestId: request.requestId,\n intentDigest: getIntentDigest(request),\n confirmed: false,\n error: cancelled\n ? ERROR_MESSAGES.cancelled\n : (isWrongPasskeyError ? msg : (msg || ERROR_MESSAGES.collectCredentialsFailed)),\n });\n }\n}\n"],"mappings":";;;;;;;AAyBA,SAAS,mBAAmB,SAAuD;AACjF,KAAI,QAAQ,SAAS,uBAAuB,iBAC1C,QAAO,0BAA0B,SAAS,mBAAmB;AAE/D,KAAI,QAAQ,SAAS,uBAAuB,oBAC1C,QAAO,QAAQ,QAAQ,mBAAmB;AAE5C,QAAO;;AAGT,eAAsB,6BACpB,KACA,SACA,QACA,MACe;CACf,MAAM,EAAE,oBAAoB,uBAAuB;CACnD,MAAM,WAAW,4BAA4B;CAC7C,MAAM,UAAU,qBAAqB;EACnC;EACA;EACA;EACA;EACA;;CAEF,MAAM,gBAAgB,iBAAiB;AACvC,KAAI;EACF,MAAM,kBAAkB,mBAAmB;EAC3C,MAAM,aAAa,WAAW;EAC9B,MAAM,sBAAsB,QAAQ,SAAS,uBAAuB,mBAChE,gBAAgB,WAChB,QAAQ,SAAS,uBAAuB,sBACtC,MAAM,gCAAgC;GACtC;GACA,WAAW,QAAQ,QAAQ;GAC3B,SAAS,QAAQ,QAAQ;OAEzB;EACN,MAAM,wBAAwB,QAAQ,QAAQ;EAG9C,MAAM,UAAU,MAAM,SAAS,KAAK,iBAAiB;GAAE;GAAe,SAAS;GAAY,eAAe;;AAC1G,MAAI,CAAC,QAAQ,oBAAoB;AAE/B,WAAQ,MAAM,yCAAyC;IAAE,OAAO,QAAQ;IAAO,SAAS,QAAQ;;AAChG,UAAO,QAAQ,qBAAqB;IAClC,WAAW,QAAQ;IACnB,cAAc,gBAAgB;IAC9B,WAAW;IACX,OAAO,QAAQ,UAAU,GAAG,eAAe,cAAc,IAAI,QAAQ,YAAY,eAAe;;;AAGpG,UAAQ,kBAAkB,QAAQ;EAClC,IAAIA,qBAAyC,QAAQ;EAKrD,MAAM,OAAO,SAAS,IAAI;EAC1B,IAAIC;EACJ,IAAIC,sBAAyD,OACzD;GACE,QAAQ;GACR;GACA,aAAa,mBAAmB;GAChC,WAAW,mBAAmB;MAEhC;AAGJ,MAAI,oBAAoB,YAAY;AAClC,oBAAiB,MAAM,SAAS,IAAI,+BAClC;IACE,QAAQ;IACR;IACA,aAAa,mBAAmB;IAChC,WAAW,mBAAmB;IAC9B,GAAI,sBAAsB,EAAE,cAAc,wBAAwB;IAClE,GAAI,wBAAwB,EAAE,0BAA0B;MAE1D,QAAQ;AAEV,yBAAsB;;EAIxB,MAAM,EAAE,WAAW,OAAO,YAAY,MAAM,QAAQ,WAAW,EAAE,cAAc;AAC/E,MAAI,CAAC,UACH,QAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO;;AAKX,MAAI,oBAAoB,eAAe;AACrC,OAAI;AACF,UAAM,SAAS,IAAI,mBAAmB;KAAE,WAAW,QAAQ;KAAW,MAAM;;YACrEC,KAAc;IACrB,MAAM,MAAM,OAAQ,QAAQ,MAAO,WAAW,OAAO;AACrD,WAAO,QAAQ,qBAAqB;KAClC,WAAW,QAAQ;KACnB,cAAc,gBAAgB;KAC9B,WAAW;KACX,OAAO,OAAO;;;AAIlB,WAAQ,qBAAqB;IAC3B,WAAW,QAAQ;IACnB,cAAc,gBAAgB;IAC9B,WAAW;IACX;;AAEF;;AAIF,MAAI;GACF,MAAM,YAAY,MAAM,SAAS,IAAI,yBAAyB,SAAS;AACvE,oBAAiB,UAAU;AAC3B,wBAAqB,UAAU;AAC/B,WAAQ,SAAS,EAAE,cAAc;WAC1B,GAAG;AACV,WAAQ,MAAM,yCAAyC;;AAIzD,MAAI,CAAC,eACH,OAAM,IAAI,MAAM;EAElB,MAAM,uBAAuB,MAAM,SAAS,SAAS,uCAAuC;GAC1F;GACA,cAAc;;EAKhB,IAAIC;EACJ,IAAIC;AACJ,MAAI;GAEF,MAAM,YAAY,MAAM,SAAS,IAAI;AACrC,OAAI,CAAC,UAAU,OACb,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,UAAU,iBAAiB,OAAO,UAAU,mBAAmB,OAAO,YAAY,gBACrF,OAAM,IAAI,MAAM;GAGlB,MAAM,eAAe,MAAM,4BAA4B,YAAY,gBAAgB,IAAI,UAAU;GACjG,MAAM,cAAc,MAAM,IAAI,UAAU,WAAW,oBAAoB,eAAe;AACtF,OAAI,CAAC,YACH,OAAM,IAAI,MAAM,qCAAqC,cAAc,UAAU;GAE/E,MAAM,cAAc,YAAY;AAChC,OAAI,CAAC,YACH,OAAM,IAAI,MAAM;AAMlB,OAAI,QAAQ,SAAS,uBAAuB,kBAAkB;IAC5D,MAAM,UAAU,0BAA0B;AAC1C,iBAAa,SAAS,SAAS;AAC/B,iBAAa,SAAS,SAAS;cACtB,QAAQ,SAAS,uBAAuB,qBAAqB;IACtE,MAAM,UAAU,QAAQ;AACxB,iBAAa,QAAQ,cAAc,gCAAgC;AACnE,iBAAa,QAAQ,cAAc,gCAAgC;;AAGrE,SAAM,SAAS,IAAI,+BAA+B;IAChD,WAAW,QAAQ;IACnB;IACA;IACA;IACA,YAAY;;WAEN,KAAK;AACZ,WAAQ,MAAM,gDAAgD;AAC9D,SAAM;;AAIT,UAAQ,qBAAqB;GAC3B,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,YAAY;GAGZ,cAAc;GACd;;UAEKF,KAAc;EAErB,MAAM,YAAY,6BAA6B;EAC/C,MAAM,MAAM,OAAQ,QAAQ,MAAO,WAAW,OAAO;AACrD,MAAI,UACF,QAAO,QAAQ,YAAY,EAAE,MAAM,sBAAsB;EAE3D,MAAM,sBAAsB,mDAAmD,KAAK;AACpF,SAAO,QAAQ,qBAAqB;GAClC,WAAW,QAAQ;GACnB,cAAc,gBAAgB;GAC9B,WAAW;GACX,OAAO,YACH,eAAe,YACd,sBAAsB,MAAO,OAAO,eAAe"}