@txnlab/use-wallet 4.3.1 → 4.4.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +2905 -12
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +308 -1
  4. package/dist/index.d.ts +308 -1
  5. package/dist/index.js +2916 -9
  6. package/dist/index.js.map +1 -1
  7. package/package.json +24 -2
package/dist/index.cjs CHANGED
@@ -8,6 +8,9 @@ var __hasOwnProp = Object.prototype.hasOwnProperty;
8
8
  var __esm = (fn, res) => function __init() {
9
9
  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
10
10
  };
11
+ var __commonJS = (cb, mod) => function __require() {
12
+ return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
13
+ };
11
14
  var __export = (target, all) => {
12
15
  for (var name in all)
13
16
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -3228,6 +3231,2231 @@ var init_es5 = __esm({
3228
3231
  }
3229
3232
  });
3230
3233
 
3234
+ // ../../node_modules/.pnpm/tweetnacl@1.0.3/node_modules/tweetnacl/nacl-fast.js
3235
+ var require_nacl_fast = __commonJS({
3236
+ "../../node_modules/.pnpm/tweetnacl@1.0.3/node_modules/tweetnacl/nacl-fast.js"(exports2, module2) {
3237
+ "use strict";
3238
+ (function(nacl) {
3239
+ "use strict";
3240
+ var gf = function(init) {
3241
+ var i, r10 = new Float64Array(16);
3242
+ if (init) for (i = 0; i < init.length; i++) r10[i] = init[i];
3243
+ return r10;
3244
+ };
3245
+ var randombytes = function() {
3246
+ throw new Error("no PRNG");
3247
+ };
3248
+ var _0 = new Uint8Array(16);
3249
+ var _9 = new Uint8Array(32);
3250
+ _9[0] = 9;
3251
+ var gf0 = gf(), gf1 = gf([1]), _121665 = gf([56129, 1]), D2 = gf([30883, 4953, 19914, 30187, 55467, 16705, 2637, 112, 59544, 30585, 16505, 36039, 65139, 11119, 27886, 20995]), D22 = gf([61785, 9906, 39828, 60374, 45398, 33411, 5274, 224, 53552, 61171, 33010, 6542, 64743, 22239, 55772, 9222]), X3 = gf([54554, 36645, 11616, 51542, 42930, 38181, 51040, 26924, 56412, 64982, 57905, 49316, 21502, 52590, 14035, 8553]), Y3 = gf([26200, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214, 26214]), I2 = gf([41136, 18958, 6951, 50414, 58488, 44335, 6150, 12099, 55207, 15867, 153, 11085, 57099, 20417, 9344, 11139]);
3252
+ function ts64(x2, i, h3, l) {
3253
+ x2[i] = h3 >> 24 & 255;
3254
+ x2[i + 1] = h3 >> 16 & 255;
3255
+ x2[i + 2] = h3 >> 8 & 255;
3256
+ x2[i + 3] = h3 & 255;
3257
+ x2[i + 4] = l >> 24 & 255;
3258
+ x2[i + 5] = l >> 16 & 255;
3259
+ x2[i + 6] = l >> 8 & 255;
3260
+ x2[i + 7] = l & 255;
3261
+ }
3262
+ function vn2(x2, xi, y3, yi, n) {
3263
+ var i, d = 0;
3264
+ for (i = 0; i < n; i++) d |= x2[xi + i] ^ y3[yi + i];
3265
+ return (1 & d - 1 >>> 8) - 1;
3266
+ }
3267
+ function crypto_verify_16(x2, xi, y3, yi) {
3268
+ return vn2(x2, xi, y3, yi, 16);
3269
+ }
3270
+ function crypto_verify_32(x2, xi, y3, yi) {
3271
+ return vn2(x2, xi, y3, yi, 32);
3272
+ }
3273
+ function core_salsa20(o, p2, k2, c) {
3274
+ var j0 = c[0] & 255 | (c[1] & 255) << 8 | (c[2] & 255) << 16 | (c[3] & 255) << 24, j1 = k2[0] & 255 | (k2[1] & 255) << 8 | (k2[2] & 255) << 16 | (k2[3] & 255) << 24, j2 = k2[4] & 255 | (k2[5] & 255) << 8 | (k2[6] & 255) << 16 | (k2[7] & 255) << 24, j3 = k2[8] & 255 | (k2[9] & 255) << 8 | (k2[10] & 255) << 16 | (k2[11] & 255) << 24, j4 = k2[12] & 255 | (k2[13] & 255) << 8 | (k2[14] & 255) << 16 | (k2[15] & 255) << 24, j5 = c[4] & 255 | (c[5] & 255) << 8 | (c[6] & 255) << 16 | (c[7] & 255) << 24, j6 = p2[0] & 255 | (p2[1] & 255) << 8 | (p2[2] & 255) << 16 | (p2[3] & 255) << 24, j7 = p2[4] & 255 | (p2[5] & 255) << 8 | (p2[6] & 255) << 16 | (p2[7] & 255) << 24, j8 = p2[8] & 255 | (p2[9] & 255) << 8 | (p2[10] & 255) << 16 | (p2[11] & 255) << 24, j9 = p2[12] & 255 | (p2[13] & 255) << 8 | (p2[14] & 255) << 16 | (p2[15] & 255) << 24, j10 = c[8] & 255 | (c[9] & 255) << 8 | (c[10] & 255) << 16 | (c[11] & 255) << 24, j11 = k2[16] & 255 | (k2[17] & 255) << 8 | (k2[18] & 255) << 16 | (k2[19] & 255) << 24, j12 = k2[20] & 255 | (k2[21] & 255) << 8 | (k2[22] & 255) << 16 | (k2[23] & 255) << 24, j13 = k2[24] & 255 | (k2[25] & 255) << 8 | (k2[26] & 255) << 16 | (k2[27] & 255) << 24, j14 = k2[28] & 255 | (k2[29] & 255) << 8 | (k2[30] & 255) << 16 | (k2[31] & 255) << 24, j15 = c[12] & 255 | (c[13] & 255) << 8 | (c[14] & 255) << 16 | (c[15] & 255) << 24;
3275
+ var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7, x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14, x15 = j15, u2;
3276
+ for (var i = 0; i < 20; i += 2) {
3277
+ u2 = x0 + x12 | 0;
3278
+ x4 ^= u2 << 7 | u2 >>> 32 - 7;
3279
+ u2 = x4 + x0 | 0;
3280
+ x8 ^= u2 << 9 | u2 >>> 32 - 9;
3281
+ u2 = x8 + x4 | 0;
3282
+ x12 ^= u2 << 13 | u2 >>> 32 - 13;
3283
+ u2 = x12 + x8 | 0;
3284
+ x0 ^= u2 << 18 | u2 >>> 32 - 18;
3285
+ u2 = x5 + x1 | 0;
3286
+ x9 ^= u2 << 7 | u2 >>> 32 - 7;
3287
+ u2 = x9 + x5 | 0;
3288
+ x13 ^= u2 << 9 | u2 >>> 32 - 9;
3289
+ u2 = x13 + x9 | 0;
3290
+ x1 ^= u2 << 13 | u2 >>> 32 - 13;
3291
+ u2 = x1 + x13 | 0;
3292
+ x5 ^= u2 << 18 | u2 >>> 32 - 18;
3293
+ u2 = x10 + x6 | 0;
3294
+ x14 ^= u2 << 7 | u2 >>> 32 - 7;
3295
+ u2 = x14 + x10 | 0;
3296
+ x2 ^= u2 << 9 | u2 >>> 32 - 9;
3297
+ u2 = x2 + x14 | 0;
3298
+ x6 ^= u2 << 13 | u2 >>> 32 - 13;
3299
+ u2 = x6 + x2 | 0;
3300
+ x10 ^= u2 << 18 | u2 >>> 32 - 18;
3301
+ u2 = x15 + x11 | 0;
3302
+ x3 ^= u2 << 7 | u2 >>> 32 - 7;
3303
+ u2 = x3 + x15 | 0;
3304
+ x7 ^= u2 << 9 | u2 >>> 32 - 9;
3305
+ u2 = x7 + x3 | 0;
3306
+ x11 ^= u2 << 13 | u2 >>> 32 - 13;
3307
+ u2 = x11 + x7 | 0;
3308
+ x15 ^= u2 << 18 | u2 >>> 32 - 18;
3309
+ u2 = x0 + x3 | 0;
3310
+ x1 ^= u2 << 7 | u2 >>> 32 - 7;
3311
+ u2 = x1 + x0 | 0;
3312
+ x2 ^= u2 << 9 | u2 >>> 32 - 9;
3313
+ u2 = x2 + x1 | 0;
3314
+ x3 ^= u2 << 13 | u2 >>> 32 - 13;
3315
+ u2 = x3 + x2 | 0;
3316
+ x0 ^= u2 << 18 | u2 >>> 32 - 18;
3317
+ u2 = x5 + x4 | 0;
3318
+ x6 ^= u2 << 7 | u2 >>> 32 - 7;
3319
+ u2 = x6 + x5 | 0;
3320
+ x7 ^= u2 << 9 | u2 >>> 32 - 9;
3321
+ u2 = x7 + x6 | 0;
3322
+ x4 ^= u2 << 13 | u2 >>> 32 - 13;
3323
+ u2 = x4 + x7 | 0;
3324
+ x5 ^= u2 << 18 | u2 >>> 32 - 18;
3325
+ u2 = x10 + x9 | 0;
3326
+ x11 ^= u2 << 7 | u2 >>> 32 - 7;
3327
+ u2 = x11 + x10 | 0;
3328
+ x8 ^= u2 << 9 | u2 >>> 32 - 9;
3329
+ u2 = x8 + x11 | 0;
3330
+ x9 ^= u2 << 13 | u2 >>> 32 - 13;
3331
+ u2 = x9 + x8 | 0;
3332
+ x10 ^= u2 << 18 | u2 >>> 32 - 18;
3333
+ u2 = x15 + x14 | 0;
3334
+ x12 ^= u2 << 7 | u2 >>> 32 - 7;
3335
+ u2 = x12 + x15 | 0;
3336
+ x13 ^= u2 << 9 | u2 >>> 32 - 9;
3337
+ u2 = x13 + x12 | 0;
3338
+ x14 ^= u2 << 13 | u2 >>> 32 - 13;
3339
+ u2 = x14 + x13 | 0;
3340
+ x15 ^= u2 << 18 | u2 >>> 32 - 18;
3341
+ }
3342
+ x0 = x0 + j0 | 0;
3343
+ x1 = x1 + j1 | 0;
3344
+ x2 = x2 + j2 | 0;
3345
+ x3 = x3 + j3 | 0;
3346
+ x4 = x4 + j4 | 0;
3347
+ x5 = x5 + j5 | 0;
3348
+ x6 = x6 + j6 | 0;
3349
+ x7 = x7 + j7 | 0;
3350
+ x8 = x8 + j8 | 0;
3351
+ x9 = x9 + j9 | 0;
3352
+ x10 = x10 + j10 | 0;
3353
+ x11 = x11 + j11 | 0;
3354
+ x12 = x12 + j12 | 0;
3355
+ x13 = x13 + j13 | 0;
3356
+ x14 = x14 + j14 | 0;
3357
+ x15 = x15 + j15 | 0;
3358
+ o[0] = x0 >>> 0 & 255;
3359
+ o[1] = x0 >>> 8 & 255;
3360
+ o[2] = x0 >>> 16 & 255;
3361
+ o[3] = x0 >>> 24 & 255;
3362
+ o[4] = x1 >>> 0 & 255;
3363
+ o[5] = x1 >>> 8 & 255;
3364
+ o[6] = x1 >>> 16 & 255;
3365
+ o[7] = x1 >>> 24 & 255;
3366
+ o[8] = x2 >>> 0 & 255;
3367
+ o[9] = x2 >>> 8 & 255;
3368
+ o[10] = x2 >>> 16 & 255;
3369
+ o[11] = x2 >>> 24 & 255;
3370
+ o[12] = x3 >>> 0 & 255;
3371
+ o[13] = x3 >>> 8 & 255;
3372
+ o[14] = x3 >>> 16 & 255;
3373
+ o[15] = x3 >>> 24 & 255;
3374
+ o[16] = x4 >>> 0 & 255;
3375
+ o[17] = x4 >>> 8 & 255;
3376
+ o[18] = x4 >>> 16 & 255;
3377
+ o[19] = x4 >>> 24 & 255;
3378
+ o[20] = x5 >>> 0 & 255;
3379
+ o[21] = x5 >>> 8 & 255;
3380
+ o[22] = x5 >>> 16 & 255;
3381
+ o[23] = x5 >>> 24 & 255;
3382
+ o[24] = x6 >>> 0 & 255;
3383
+ o[25] = x6 >>> 8 & 255;
3384
+ o[26] = x6 >>> 16 & 255;
3385
+ o[27] = x6 >>> 24 & 255;
3386
+ o[28] = x7 >>> 0 & 255;
3387
+ o[29] = x7 >>> 8 & 255;
3388
+ o[30] = x7 >>> 16 & 255;
3389
+ o[31] = x7 >>> 24 & 255;
3390
+ o[32] = x8 >>> 0 & 255;
3391
+ o[33] = x8 >>> 8 & 255;
3392
+ o[34] = x8 >>> 16 & 255;
3393
+ o[35] = x8 >>> 24 & 255;
3394
+ o[36] = x9 >>> 0 & 255;
3395
+ o[37] = x9 >>> 8 & 255;
3396
+ o[38] = x9 >>> 16 & 255;
3397
+ o[39] = x9 >>> 24 & 255;
3398
+ o[40] = x10 >>> 0 & 255;
3399
+ o[41] = x10 >>> 8 & 255;
3400
+ o[42] = x10 >>> 16 & 255;
3401
+ o[43] = x10 >>> 24 & 255;
3402
+ o[44] = x11 >>> 0 & 255;
3403
+ o[45] = x11 >>> 8 & 255;
3404
+ o[46] = x11 >>> 16 & 255;
3405
+ o[47] = x11 >>> 24 & 255;
3406
+ o[48] = x12 >>> 0 & 255;
3407
+ o[49] = x12 >>> 8 & 255;
3408
+ o[50] = x12 >>> 16 & 255;
3409
+ o[51] = x12 >>> 24 & 255;
3410
+ o[52] = x13 >>> 0 & 255;
3411
+ o[53] = x13 >>> 8 & 255;
3412
+ o[54] = x13 >>> 16 & 255;
3413
+ o[55] = x13 >>> 24 & 255;
3414
+ o[56] = x14 >>> 0 & 255;
3415
+ o[57] = x14 >>> 8 & 255;
3416
+ o[58] = x14 >>> 16 & 255;
3417
+ o[59] = x14 >>> 24 & 255;
3418
+ o[60] = x15 >>> 0 & 255;
3419
+ o[61] = x15 >>> 8 & 255;
3420
+ o[62] = x15 >>> 16 & 255;
3421
+ o[63] = x15 >>> 24 & 255;
3422
+ }
3423
+ function core_hsalsa20(o, p2, k2, c) {
3424
+ var j0 = c[0] & 255 | (c[1] & 255) << 8 | (c[2] & 255) << 16 | (c[3] & 255) << 24, j1 = k2[0] & 255 | (k2[1] & 255) << 8 | (k2[2] & 255) << 16 | (k2[3] & 255) << 24, j2 = k2[4] & 255 | (k2[5] & 255) << 8 | (k2[6] & 255) << 16 | (k2[7] & 255) << 24, j3 = k2[8] & 255 | (k2[9] & 255) << 8 | (k2[10] & 255) << 16 | (k2[11] & 255) << 24, j4 = k2[12] & 255 | (k2[13] & 255) << 8 | (k2[14] & 255) << 16 | (k2[15] & 255) << 24, j5 = c[4] & 255 | (c[5] & 255) << 8 | (c[6] & 255) << 16 | (c[7] & 255) << 24, j6 = p2[0] & 255 | (p2[1] & 255) << 8 | (p2[2] & 255) << 16 | (p2[3] & 255) << 24, j7 = p2[4] & 255 | (p2[5] & 255) << 8 | (p2[6] & 255) << 16 | (p2[7] & 255) << 24, j8 = p2[8] & 255 | (p2[9] & 255) << 8 | (p2[10] & 255) << 16 | (p2[11] & 255) << 24, j9 = p2[12] & 255 | (p2[13] & 255) << 8 | (p2[14] & 255) << 16 | (p2[15] & 255) << 24, j10 = c[8] & 255 | (c[9] & 255) << 8 | (c[10] & 255) << 16 | (c[11] & 255) << 24, j11 = k2[16] & 255 | (k2[17] & 255) << 8 | (k2[18] & 255) << 16 | (k2[19] & 255) << 24, j12 = k2[20] & 255 | (k2[21] & 255) << 8 | (k2[22] & 255) << 16 | (k2[23] & 255) << 24, j13 = k2[24] & 255 | (k2[25] & 255) << 8 | (k2[26] & 255) << 16 | (k2[27] & 255) << 24, j14 = k2[28] & 255 | (k2[29] & 255) << 8 | (k2[30] & 255) << 16 | (k2[31] & 255) << 24, j15 = c[12] & 255 | (c[13] & 255) << 8 | (c[14] & 255) << 16 | (c[15] & 255) << 24;
3425
+ var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7, x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14, x15 = j15, u2;
3426
+ for (var i = 0; i < 20; i += 2) {
3427
+ u2 = x0 + x12 | 0;
3428
+ x4 ^= u2 << 7 | u2 >>> 32 - 7;
3429
+ u2 = x4 + x0 | 0;
3430
+ x8 ^= u2 << 9 | u2 >>> 32 - 9;
3431
+ u2 = x8 + x4 | 0;
3432
+ x12 ^= u2 << 13 | u2 >>> 32 - 13;
3433
+ u2 = x12 + x8 | 0;
3434
+ x0 ^= u2 << 18 | u2 >>> 32 - 18;
3435
+ u2 = x5 + x1 | 0;
3436
+ x9 ^= u2 << 7 | u2 >>> 32 - 7;
3437
+ u2 = x9 + x5 | 0;
3438
+ x13 ^= u2 << 9 | u2 >>> 32 - 9;
3439
+ u2 = x13 + x9 | 0;
3440
+ x1 ^= u2 << 13 | u2 >>> 32 - 13;
3441
+ u2 = x1 + x13 | 0;
3442
+ x5 ^= u2 << 18 | u2 >>> 32 - 18;
3443
+ u2 = x10 + x6 | 0;
3444
+ x14 ^= u2 << 7 | u2 >>> 32 - 7;
3445
+ u2 = x14 + x10 | 0;
3446
+ x2 ^= u2 << 9 | u2 >>> 32 - 9;
3447
+ u2 = x2 + x14 | 0;
3448
+ x6 ^= u2 << 13 | u2 >>> 32 - 13;
3449
+ u2 = x6 + x2 | 0;
3450
+ x10 ^= u2 << 18 | u2 >>> 32 - 18;
3451
+ u2 = x15 + x11 | 0;
3452
+ x3 ^= u2 << 7 | u2 >>> 32 - 7;
3453
+ u2 = x3 + x15 | 0;
3454
+ x7 ^= u2 << 9 | u2 >>> 32 - 9;
3455
+ u2 = x7 + x3 | 0;
3456
+ x11 ^= u2 << 13 | u2 >>> 32 - 13;
3457
+ u2 = x11 + x7 | 0;
3458
+ x15 ^= u2 << 18 | u2 >>> 32 - 18;
3459
+ u2 = x0 + x3 | 0;
3460
+ x1 ^= u2 << 7 | u2 >>> 32 - 7;
3461
+ u2 = x1 + x0 | 0;
3462
+ x2 ^= u2 << 9 | u2 >>> 32 - 9;
3463
+ u2 = x2 + x1 | 0;
3464
+ x3 ^= u2 << 13 | u2 >>> 32 - 13;
3465
+ u2 = x3 + x2 | 0;
3466
+ x0 ^= u2 << 18 | u2 >>> 32 - 18;
3467
+ u2 = x5 + x4 | 0;
3468
+ x6 ^= u2 << 7 | u2 >>> 32 - 7;
3469
+ u2 = x6 + x5 | 0;
3470
+ x7 ^= u2 << 9 | u2 >>> 32 - 9;
3471
+ u2 = x7 + x6 | 0;
3472
+ x4 ^= u2 << 13 | u2 >>> 32 - 13;
3473
+ u2 = x4 + x7 | 0;
3474
+ x5 ^= u2 << 18 | u2 >>> 32 - 18;
3475
+ u2 = x10 + x9 | 0;
3476
+ x11 ^= u2 << 7 | u2 >>> 32 - 7;
3477
+ u2 = x11 + x10 | 0;
3478
+ x8 ^= u2 << 9 | u2 >>> 32 - 9;
3479
+ u2 = x8 + x11 | 0;
3480
+ x9 ^= u2 << 13 | u2 >>> 32 - 13;
3481
+ u2 = x9 + x8 | 0;
3482
+ x10 ^= u2 << 18 | u2 >>> 32 - 18;
3483
+ u2 = x15 + x14 | 0;
3484
+ x12 ^= u2 << 7 | u2 >>> 32 - 7;
3485
+ u2 = x12 + x15 | 0;
3486
+ x13 ^= u2 << 9 | u2 >>> 32 - 9;
3487
+ u2 = x13 + x12 | 0;
3488
+ x14 ^= u2 << 13 | u2 >>> 32 - 13;
3489
+ u2 = x14 + x13 | 0;
3490
+ x15 ^= u2 << 18 | u2 >>> 32 - 18;
3491
+ }
3492
+ o[0] = x0 >>> 0 & 255;
3493
+ o[1] = x0 >>> 8 & 255;
3494
+ o[2] = x0 >>> 16 & 255;
3495
+ o[3] = x0 >>> 24 & 255;
3496
+ o[4] = x5 >>> 0 & 255;
3497
+ o[5] = x5 >>> 8 & 255;
3498
+ o[6] = x5 >>> 16 & 255;
3499
+ o[7] = x5 >>> 24 & 255;
3500
+ o[8] = x10 >>> 0 & 255;
3501
+ o[9] = x10 >>> 8 & 255;
3502
+ o[10] = x10 >>> 16 & 255;
3503
+ o[11] = x10 >>> 24 & 255;
3504
+ o[12] = x15 >>> 0 & 255;
3505
+ o[13] = x15 >>> 8 & 255;
3506
+ o[14] = x15 >>> 16 & 255;
3507
+ o[15] = x15 >>> 24 & 255;
3508
+ o[16] = x6 >>> 0 & 255;
3509
+ o[17] = x6 >>> 8 & 255;
3510
+ o[18] = x6 >>> 16 & 255;
3511
+ o[19] = x6 >>> 24 & 255;
3512
+ o[20] = x7 >>> 0 & 255;
3513
+ o[21] = x7 >>> 8 & 255;
3514
+ o[22] = x7 >>> 16 & 255;
3515
+ o[23] = x7 >>> 24 & 255;
3516
+ o[24] = x8 >>> 0 & 255;
3517
+ o[25] = x8 >>> 8 & 255;
3518
+ o[26] = x8 >>> 16 & 255;
3519
+ o[27] = x8 >>> 24 & 255;
3520
+ o[28] = x9 >>> 0 & 255;
3521
+ o[29] = x9 >>> 8 & 255;
3522
+ o[30] = x9 >>> 16 & 255;
3523
+ o[31] = x9 >>> 24 & 255;
3524
+ }
3525
+ function crypto_core_salsa20(out, inp, k2, c) {
3526
+ core_salsa20(out, inp, k2, c);
3527
+ }
3528
+ function crypto_core_hsalsa20(out, inp, k2, c) {
3529
+ core_hsalsa20(out, inp, k2, c);
3530
+ }
3531
+ var sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);
3532
+ function crypto_stream_salsa20_xor(c, cpos, m3, mpos, b3, n, k2) {
3533
+ var z3 = new Uint8Array(16), x2 = new Uint8Array(64);
3534
+ var u2, i;
3535
+ for (i = 0; i < 16; i++) z3[i] = 0;
3536
+ for (i = 0; i < 8; i++) z3[i] = n[i];
3537
+ while (b3 >= 64) {
3538
+ crypto_core_salsa20(x2, z3, k2, sigma);
3539
+ for (i = 0; i < 64; i++) c[cpos + i] = m3[mpos + i] ^ x2[i];
3540
+ u2 = 1;
3541
+ for (i = 8; i < 16; i++) {
3542
+ u2 = u2 + (z3[i] & 255) | 0;
3543
+ z3[i] = u2 & 255;
3544
+ u2 >>>= 8;
3545
+ }
3546
+ b3 -= 64;
3547
+ cpos += 64;
3548
+ mpos += 64;
3549
+ }
3550
+ if (b3 > 0) {
3551
+ crypto_core_salsa20(x2, z3, k2, sigma);
3552
+ for (i = 0; i < b3; i++) c[cpos + i] = m3[mpos + i] ^ x2[i];
3553
+ }
3554
+ return 0;
3555
+ }
3556
+ function crypto_stream_salsa20(c, cpos, b3, n, k2) {
3557
+ var z3 = new Uint8Array(16), x2 = new Uint8Array(64);
3558
+ var u2, i;
3559
+ for (i = 0; i < 16; i++) z3[i] = 0;
3560
+ for (i = 0; i < 8; i++) z3[i] = n[i];
3561
+ while (b3 >= 64) {
3562
+ crypto_core_salsa20(x2, z3, k2, sigma);
3563
+ for (i = 0; i < 64; i++) c[cpos + i] = x2[i];
3564
+ u2 = 1;
3565
+ for (i = 8; i < 16; i++) {
3566
+ u2 = u2 + (z3[i] & 255) | 0;
3567
+ z3[i] = u2 & 255;
3568
+ u2 >>>= 8;
3569
+ }
3570
+ b3 -= 64;
3571
+ cpos += 64;
3572
+ }
3573
+ if (b3 > 0) {
3574
+ crypto_core_salsa20(x2, z3, k2, sigma);
3575
+ for (i = 0; i < b3; i++) c[cpos + i] = x2[i];
3576
+ }
3577
+ return 0;
3578
+ }
3579
+ function crypto_stream(c, cpos, d, n, k2) {
3580
+ var s = new Uint8Array(32);
3581
+ crypto_core_hsalsa20(s, n, k2, sigma);
3582
+ var sn2 = new Uint8Array(8);
3583
+ for (var i = 0; i < 8; i++) sn2[i] = n[i + 16];
3584
+ return crypto_stream_salsa20(c, cpos, d, sn2, s);
3585
+ }
3586
+ function crypto_stream_xor(c, cpos, m3, mpos, d, n, k2) {
3587
+ var s = new Uint8Array(32);
3588
+ crypto_core_hsalsa20(s, n, k2, sigma);
3589
+ var sn2 = new Uint8Array(8);
3590
+ for (var i = 0; i < 8; i++) sn2[i] = n[i + 16];
3591
+ return crypto_stream_salsa20_xor(c, cpos, m3, mpos, d, sn2, s);
3592
+ }
3593
+ var poly1305 = function(key) {
3594
+ this.buffer = new Uint8Array(16);
3595
+ this.r = new Uint16Array(10);
3596
+ this.h = new Uint16Array(10);
3597
+ this.pad = new Uint16Array(8);
3598
+ this.leftover = 0;
3599
+ this.fin = 0;
3600
+ var t0, t1, t2, t3, t4, t5, t6, t7;
3601
+ t0 = key[0] & 255 | (key[1] & 255) << 8;
3602
+ this.r[0] = t0 & 8191;
3603
+ t1 = key[2] & 255 | (key[3] & 255) << 8;
3604
+ this.r[1] = (t0 >>> 13 | t1 << 3) & 8191;
3605
+ t2 = key[4] & 255 | (key[5] & 255) << 8;
3606
+ this.r[2] = (t1 >>> 10 | t2 << 6) & 7939;
3607
+ t3 = key[6] & 255 | (key[7] & 255) << 8;
3608
+ this.r[3] = (t2 >>> 7 | t3 << 9) & 8191;
3609
+ t4 = key[8] & 255 | (key[9] & 255) << 8;
3610
+ this.r[4] = (t3 >>> 4 | t4 << 12) & 255;
3611
+ this.r[5] = t4 >>> 1 & 8190;
3612
+ t5 = key[10] & 255 | (key[11] & 255) << 8;
3613
+ this.r[6] = (t4 >>> 14 | t5 << 2) & 8191;
3614
+ t6 = key[12] & 255 | (key[13] & 255) << 8;
3615
+ this.r[7] = (t5 >>> 11 | t6 << 5) & 8065;
3616
+ t7 = key[14] & 255 | (key[15] & 255) << 8;
3617
+ this.r[8] = (t6 >>> 8 | t7 << 8) & 8191;
3618
+ this.r[9] = t7 >>> 5 & 127;
3619
+ this.pad[0] = key[16] & 255 | (key[17] & 255) << 8;
3620
+ this.pad[1] = key[18] & 255 | (key[19] & 255) << 8;
3621
+ this.pad[2] = key[20] & 255 | (key[21] & 255) << 8;
3622
+ this.pad[3] = key[22] & 255 | (key[23] & 255) << 8;
3623
+ this.pad[4] = key[24] & 255 | (key[25] & 255) << 8;
3624
+ this.pad[5] = key[26] & 255 | (key[27] & 255) << 8;
3625
+ this.pad[6] = key[28] & 255 | (key[29] & 255) << 8;
3626
+ this.pad[7] = key[30] & 255 | (key[31] & 255) << 8;
3627
+ };
3628
+ poly1305.prototype.blocks = function(m3, mpos, bytes) {
3629
+ var hibit = this.fin ? 0 : 1 << 11;
3630
+ var t0, t1, t2, t3, t4, t5, t6, t7, c;
3631
+ var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;
3632
+ var h0 = this.h[0], h1 = this.h[1], h22 = this.h[2], h3 = this.h[3], h4 = this.h[4], h5 = this.h[5], h6 = this.h[6], h7 = this.h[7], h8 = this.h[8], h9 = this.h[9];
3633
+ var r0 = this.r[0], r1 = this.r[1], r22 = this.r[2], r32 = this.r[3], r42 = this.r[4], r52 = this.r[5], r62 = this.r[6], r72 = this.r[7], r82 = this.r[8], r92 = this.r[9];
3634
+ while (bytes >= 16) {
3635
+ t0 = m3[mpos + 0] & 255 | (m3[mpos + 1] & 255) << 8;
3636
+ h0 += t0 & 8191;
3637
+ t1 = m3[mpos + 2] & 255 | (m3[mpos + 3] & 255) << 8;
3638
+ h1 += (t0 >>> 13 | t1 << 3) & 8191;
3639
+ t2 = m3[mpos + 4] & 255 | (m3[mpos + 5] & 255) << 8;
3640
+ h22 += (t1 >>> 10 | t2 << 6) & 8191;
3641
+ t3 = m3[mpos + 6] & 255 | (m3[mpos + 7] & 255) << 8;
3642
+ h3 += (t2 >>> 7 | t3 << 9) & 8191;
3643
+ t4 = m3[mpos + 8] & 255 | (m3[mpos + 9] & 255) << 8;
3644
+ h4 += (t3 >>> 4 | t4 << 12) & 8191;
3645
+ h5 += t4 >>> 1 & 8191;
3646
+ t5 = m3[mpos + 10] & 255 | (m3[mpos + 11] & 255) << 8;
3647
+ h6 += (t4 >>> 14 | t5 << 2) & 8191;
3648
+ t6 = m3[mpos + 12] & 255 | (m3[mpos + 13] & 255) << 8;
3649
+ h7 += (t5 >>> 11 | t6 << 5) & 8191;
3650
+ t7 = m3[mpos + 14] & 255 | (m3[mpos + 15] & 255) << 8;
3651
+ h8 += (t6 >>> 8 | t7 << 8) & 8191;
3652
+ h9 += t7 >>> 5 | hibit;
3653
+ c = 0;
3654
+ d0 = c;
3655
+ d0 += h0 * r0;
3656
+ d0 += h1 * (5 * r92);
3657
+ d0 += h22 * (5 * r82);
3658
+ d0 += h3 * (5 * r72);
3659
+ d0 += h4 * (5 * r62);
3660
+ c = d0 >>> 13;
3661
+ d0 &= 8191;
3662
+ d0 += h5 * (5 * r52);
3663
+ d0 += h6 * (5 * r42);
3664
+ d0 += h7 * (5 * r32);
3665
+ d0 += h8 * (5 * r22);
3666
+ d0 += h9 * (5 * r1);
3667
+ c += d0 >>> 13;
3668
+ d0 &= 8191;
3669
+ d1 = c;
3670
+ d1 += h0 * r1;
3671
+ d1 += h1 * r0;
3672
+ d1 += h22 * (5 * r92);
3673
+ d1 += h3 * (5 * r82);
3674
+ d1 += h4 * (5 * r72);
3675
+ c = d1 >>> 13;
3676
+ d1 &= 8191;
3677
+ d1 += h5 * (5 * r62);
3678
+ d1 += h6 * (5 * r52);
3679
+ d1 += h7 * (5 * r42);
3680
+ d1 += h8 * (5 * r32);
3681
+ d1 += h9 * (5 * r22);
3682
+ c += d1 >>> 13;
3683
+ d1 &= 8191;
3684
+ d2 = c;
3685
+ d2 += h0 * r22;
3686
+ d2 += h1 * r1;
3687
+ d2 += h22 * r0;
3688
+ d2 += h3 * (5 * r92);
3689
+ d2 += h4 * (5 * r82);
3690
+ c = d2 >>> 13;
3691
+ d2 &= 8191;
3692
+ d2 += h5 * (5 * r72);
3693
+ d2 += h6 * (5 * r62);
3694
+ d2 += h7 * (5 * r52);
3695
+ d2 += h8 * (5 * r42);
3696
+ d2 += h9 * (5 * r32);
3697
+ c += d2 >>> 13;
3698
+ d2 &= 8191;
3699
+ d3 = c;
3700
+ d3 += h0 * r32;
3701
+ d3 += h1 * r22;
3702
+ d3 += h22 * r1;
3703
+ d3 += h3 * r0;
3704
+ d3 += h4 * (5 * r92);
3705
+ c = d3 >>> 13;
3706
+ d3 &= 8191;
3707
+ d3 += h5 * (5 * r82);
3708
+ d3 += h6 * (5 * r72);
3709
+ d3 += h7 * (5 * r62);
3710
+ d3 += h8 * (5 * r52);
3711
+ d3 += h9 * (5 * r42);
3712
+ c += d3 >>> 13;
3713
+ d3 &= 8191;
3714
+ d4 = c;
3715
+ d4 += h0 * r42;
3716
+ d4 += h1 * r32;
3717
+ d4 += h22 * r22;
3718
+ d4 += h3 * r1;
3719
+ d4 += h4 * r0;
3720
+ c = d4 >>> 13;
3721
+ d4 &= 8191;
3722
+ d4 += h5 * (5 * r92);
3723
+ d4 += h6 * (5 * r82);
3724
+ d4 += h7 * (5 * r72);
3725
+ d4 += h8 * (5 * r62);
3726
+ d4 += h9 * (5 * r52);
3727
+ c += d4 >>> 13;
3728
+ d4 &= 8191;
3729
+ d5 = c;
3730
+ d5 += h0 * r52;
3731
+ d5 += h1 * r42;
3732
+ d5 += h22 * r32;
3733
+ d5 += h3 * r22;
3734
+ d5 += h4 * r1;
3735
+ c = d5 >>> 13;
3736
+ d5 &= 8191;
3737
+ d5 += h5 * r0;
3738
+ d5 += h6 * (5 * r92);
3739
+ d5 += h7 * (5 * r82);
3740
+ d5 += h8 * (5 * r72);
3741
+ d5 += h9 * (5 * r62);
3742
+ c += d5 >>> 13;
3743
+ d5 &= 8191;
3744
+ d6 = c;
3745
+ d6 += h0 * r62;
3746
+ d6 += h1 * r52;
3747
+ d6 += h22 * r42;
3748
+ d6 += h3 * r32;
3749
+ d6 += h4 * r22;
3750
+ c = d6 >>> 13;
3751
+ d6 &= 8191;
3752
+ d6 += h5 * r1;
3753
+ d6 += h6 * r0;
3754
+ d6 += h7 * (5 * r92);
3755
+ d6 += h8 * (5 * r82);
3756
+ d6 += h9 * (5 * r72);
3757
+ c += d6 >>> 13;
3758
+ d6 &= 8191;
3759
+ d7 = c;
3760
+ d7 += h0 * r72;
3761
+ d7 += h1 * r62;
3762
+ d7 += h22 * r52;
3763
+ d7 += h3 * r42;
3764
+ d7 += h4 * r32;
3765
+ c = d7 >>> 13;
3766
+ d7 &= 8191;
3767
+ d7 += h5 * r22;
3768
+ d7 += h6 * r1;
3769
+ d7 += h7 * r0;
3770
+ d7 += h8 * (5 * r92);
3771
+ d7 += h9 * (5 * r82);
3772
+ c += d7 >>> 13;
3773
+ d7 &= 8191;
3774
+ d8 = c;
3775
+ d8 += h0 * r82;
3776
+ d8 += h1 * r72;
3777
+ d8 += h22 * r62;
3778
+ d8 += h3 * r52;
3779
+ d8 += h4 * r42;
3780
+ c = d8 >>> 13;
3781
+ d8 &= 8191;
3782
+ d8 += h5 * r32;
3783
+ d8 += h6 * r22;
3784
+ d8 += h7 * r1;
3785
+ d8 += h8 * r0;
3786
+ d8 += h9 * (5 * r92);
3787
+ c += d8 >>> 13;
3788
+ d8 &= 8191;
3789
+ d9 = c;
3790
+ d9 += h0 * r92;
3791
+ d9 += h1 * r82;
3792
+ d9 += h22 * r72;
3793
+ d9 += h3 * r62;
3794
+ d9 += h4 * r52;
3795
+ c = d9 >>> 13;
3796
+ d9 &= 8191;
3797
+ d9 += h5 * r42;
3798
+ d9 += h6 * r32;
3799
+ d9 += h7 * r22;
3800
+ d9 += h8 * r1;
3801
+ d9 += h9 * r0;
3802
+ c += d9 >>> 13;
3803
+ d9 &= 8191;
3804
+ c = (c << 2) + c | 0;
3805
+ c = c + d0 | 0;
3806
+ d0 = c & 8191;
3807
+ c = c >>> 13;
3808
+ d1 += c;
3809
+ h0 = d0;
3810
+ h1 = d1;
3811
+ h22 = d2;
3812
+ h3 = d3;
3813
+ h4 = d4;
3814
+ h5 = d5;
3815
+ h6 = d6;
3816
+ h7 = d7;
3817
+ h8 = d8;
3818
+ h9 = d9;
3819
+ mpos += 16;
3820
+ bytes -= 16;
3821
+ }
3822
+ this.h[0] = h0;
3823
+ this.h[1] = h1;
3824
+ this.h[2] = h22;
3825
+ this.h[3] = h3;
3826
+ this.h[4] = h4;
3827
+ this.h[5] = h5;
3828
+ this.h[6] = h6;
3829
+ this.h[7] = h7;
3830
+ this.h[8] = h8;
3831
+ this.h[9] = h9;
3832
+ };
3833
+ poly1305.prototype.finish = function(mac, macpos) {
3834
+ var g2 = new Uint16Array(10);
3835
+ var c, mask, f3, i;
3836
+ if (this.leftover) {
3837
+ i = this.leftover;
3838
+ this.buffer[i++] = 1;
3839
+ for (; i < 16; i++) this.buffer[i] = 0;
3840
+ this.fin = 1;
3841
+ this.blocks(this.buffer, 0, 16);
3842
+ }
3843
+ c = this.h[1] >>> 13;
3844
+ this.h[1] &= 8191;
3845
+ for (i = 2; i < 10; i++) {
3846
+ this.h[i] += c;
3847
+ c = this.h[i] >>> 13;
3848
+ this.h[i] &= 8191;
3849
+ }
3850
+ this.h[0] += c * 5;
3851
+ c = this.h[0] >>> 13;
3852
+ this.h[0] &= 8191;
3853
+ this.h[1] += c;
3854
+ c = this.h[1] >>> 13;
3855
+ this.h[1] &= 8191;
3856
+ this.h[2] += c;
3857
+ g2[0] = this.h[0] + 5;
3858
+ c = g2[0] >>> 13;
3859
+ g2[0] &= 8191;
3860
+ for (i = 1; i < 10; i++) {
3861
+ g2[i] = this.h[i] + c;
3862
+ c = g2[i] >>> 13;
3863
+ g2[i] &= 8191;
3864
+ }
3865
+ g2[9] -= 1 << 13;
3866
+ mask = (c ^ 1) - 1;
3867
+ for (i = 0; i < 10; i++) g2[i] &= mask;
3868
+ mask = ~mask;
3869
+ for (i = 0; i < 10; i++) this.h[i] = this.h[i] & mask | g2[i];
3870
+ this.h[0] = (this.h[0] | this.h[1] << 13) & 65535;
3871
+ this.h[1] = (this.h[1] >>> 3 | this.h[2] << 10) & 65535;
3872
+ this.h[2] = (this.h[2] >>> 6 | this.h[3] << 7) & 65535;
3873
+ this.h[3] = (this.h[3] >>> 9 | this.h[4] << 4) & 65535;
3874
+ this.h[4] = (this.h[4] >>> 12 | this.h[5] << 1 | this.h[6] << 14) & 65535;
3875
+ this.h[5] = (this.h[6] >>> 2 | this.h[7] << 11) & 65535;
3876
+ this.h[6] = (this.h[7] >>> 5 | this.h[8] << 8) & 65535;
3877
+ this.h[7] = (this.h[8] >>> 8 | this.h[9] << 5) & 65535;
3878
+ f3 = this.h[0] + this.pad[0];
3879
+ this.h[0] = f3 & 65535;
3880
+ for (i = 1; i < 8; i++) {
3881
+ f3 = (this.h[i] + this.pad[i] | 0) + (f3 >>> 16) | 0;
3882
+ this.h[i] = f3 & 65535;
3883
+ }
3884
+ mac[macpos + 0] = this.h[0] >>> 0 & 255;
3885
+ mac[macpos + 1] = this.h[0] >>> 8 & 255;
3886
+ mac[macpos + 2] = this.h[1] >>> 0 & 255;
3887
+ mac[macpos + 3] = this.h[1] >>> 8 & 255;
3888
+ mac[macpos + 4] = this.h[2] >>> 0 & 255;
3889
+ mac[macpos + 5] = this.h[2] >>> 8 & 255;
3890
+ mac[macpos + 6] = this.h[3] >>> 0 & 255;
3891
+ mac[macpos + 7] = this.h[3] >>> 8 & 255;
3892
+ mac[macpos + 8] = this.h[4] >>> 0 & 255;
3893
+ mac[macpos + 9] = this.h[4] >>> 8 & 255;
3894
+ mac[macpos + 10] = this.h[5] >>> 0 & 255;
3895
+ mac[macpos + 11] = this.h[5] >>> 8 & 255;
3896
+ mac[macpos + 12] = this.h[6] >>> 0 & 255;
3897
+ mac[macpos + 13] = this.h[6] >>> 8 & 255;
3898
+ mac[macpos + 14] = this.h[7] >>> 0 & 255;
3899
+ mac[macpos + 15] = this.h[7] >>> 8 & 255;
3900
+ };
3901
+ poly1305.prototype.update = function(m3, mpos, bytes) {
3902
+ var i, want;
3903
+ if (this.leftover) {
3904
+ want = 16 - this.leftover;
3905
+ if (want > bytes)
3906
+ want = bytes;
3907
+ for (i = 0; i < want; i++)
3908
+ this.buffer[this.leftover + i] = m3[mpos + i];
3909
+ bytes -= want;
3910
+ mpos += want;
3911
+ this.leftover += want;
3912
+ if (this.leftover < 16)
3913
+ return;
3914
+ this.blocks(this.buffer, 0, 16);
3915
+ this.leftover = 0;
3916
+ }
3917
+ if (bytes >= 16) {
3918
+ want = bytes - bytes % 16;
3919
+ this.blocks(m3, mpos, want);
3920
+ mpos += want;
3921
+ bytes -= want;
3922
+ }
3923
+ if (bytes) {
3924
+ for (i = 0; i < bytes; i++)
3925
+ this.buffer[this.leftover + i] = m3[mpos + i];
3926
+ this.leftover += bytes;
3927
+ }
3928
+ };
3929
+ function crypto_onetimeauth(out, outpos, m3, mpos, n, k2) {
3930
+ var s = new poly1305(k2);
3931
+ s.update(m3, mpos, n);
3932
+ s.finish(out, outpos);
3933
+ return 0;
3934
+ }
3935
+ function crypto_onetimeauth_verify(h3, hpos, m3, mpos, n, k2) {
3936
+ var x2 = new Uint8Array(16);
3937
+ crypto_onetimeauth(x2, 0, m3, mpos, n, k2);
3938
+ return crypto_verify_16(h3, hpos, x2, 0);
3939
+ }
3940
+ function crypto_secretbox(c, m3, d, n, k2) {
3941
+ var i;
3942
+ if (d < 32) return -1;
3943
+ crypto_stream_xor(c, 0, m3, 0, d, n, k2);
3944
+ crypto_onetimeauth(c, 16, c, 32, d - 32, c);
3945
+ for (i = 0; i < 16; i++) c[i] = 0;
3946
+ return 0;
3947
+ }
3948
+ function crypto_secretbox_open(m3, c, d, n, k2) {
3949
+ var i;
3950
+ var x2 = new Uint8Array(32);
3951
+ if (d < 32) return -1;
3952
+ crypto_stream(x2, 0, 32, n, k2);
3953
+ if (crypto_onetimeauth_verify(c, 16, c, 32, d - 32, x2) !== 0) return -1;
3954
+ crypto_stream_xor(m3, 0, c, 0, d, n, k2);
3955
+ for (i = 0; i < 32; i++) m3[i] = 0;
3956
+ return 0;
3957
+ }
3958
+ function set25519(r10, a) {
3959
+ var i;
3960
+ for (i = 0; i < 16; i++) r10[i] = a[i] | 0;
3961
+ }
3962
+ function car25519(o) {
3963
+ var i, v2, c = 1;
3964
+ for (i = 0; i < 16; i++) {
3965
+ v2 = o[i] + c + 65535;
3966
+ c = Math.floor(v2 / 65536);
3967
+ o[i] = v2 - c * 65536;
3968
+ }
3969
+ o[0] += c - 1 + 37 * (c - 1);
3970
+ }
3971
+ function sel25519(p2, q2, b3) {
3972
+ var t, c = ~(b3 - 1);
3973
+ for (var i = 0; i < 16; i++) {
3974
+ t = c & (p2[i] ^ q2[i]);
3975
+ p2[i] ^= t;
3976
+ q2[i] ^= t;
3977
+ }
3978
+ }
3979
+ function pack25519(o, n) {
3980
+ var i, j2, b3;
3981
+ var m3 = gf(), t = gf();
3982
+ for (i = 0; i < 16; i++) t[i] = n[i];
3983
+ car25519(t);
3984
+ car25519(t);
3985
+ car25519(t);
3986
+ for (j2 = 0; j2 < 2; j2++) {
3987
+ m3[0] = t[0] - 65517;
3988
+ for (i = 1; i < 15; i++) {
3989
+ m3[i] = t[i] - 65535 - (m3[i - 1] >> 16 & 1);
3990
+ m3[i - 1] &= 65535;
3991
+ }
3992
+ m3[15] = t[15] - 32767 - (m3[14] >> 16 & 1);
3993
+ b3 = m3[15] >> 16 & 1;
3994
+ m3[14] &= 65535;
3995
+ sel25519(t, m3, 1 - b3);
3996
+ }
3997
+ for (i = 0; i < 16; i++) {
3998
+ o[2 * i] = t[i] & 255;
3999
+ o[2 * i + 1] = t[i] >> 8;
4000
+ }
4001
+ }
4002
+ function neq25519(a, b3) {
4003
+ var c = new Uint8Array(32), d = new Uint8Array(32);
4004
+ pack25519(c, a);
4005
+ pack25519(d, b3);
4006
+ return crypto_verify_32(c, 0, d, 0);
4007
+ }
4008
+ function par25519(a) {
4009
+ var d = new Uint8Array(32);
4010
+ pack25519(d, a);
4011
+ return d[0] & 1;
4012
+ }
4013
+ function unpack25519(o, n) {
4014
+ var i;
4015
+ for (i = 0; i < 16; i++) o[i] = n[2 * i] + (n[2 * i + 1] << 8);
4016
+ o[15] &= 32767;
4017
+ }
4018
+ function A3(o, a, b3) {
4019
+ for (var i = 0; i < 16; i++) o[i] = a[i] + b3[i];
4020
+ }
4021
+ function Z3(o, a, b3) {
4022
+ for (var i = 0; i < 16; i++) o[i] = a[i] - b3[i];
4023
+ }
4024
+ function M2(o, a, b3) {
4025
+ var v2, c, t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0, t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0, t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0, t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0, b0 = b3[0], b1 = b3[1], b22 = b3[2], b32 = b3[3], b4 = b3[4], b5 = b3[5], b6 = b3[6], b7 = b3[7], b8 = b3[8], b9 = b3[9], b10 = b3[10], b11 = b3[11], b12 = b3[12], b13 = b3[13], b14 = b3[14], b15 = b3[15];
4026
+ v2 = a[0];
4027
+ t0 += v2 * b0;
4028
+ t1 += v2 * b1;
4029
+ t2 += v2 * b22;
4030
+ t3 += v2 * b32;
4031
+ t4 += v2 * b4;
4032
+ t5 += v2 * b5;
4033
+ t6 += v2 * b6;
4034
+ t7 += v2 * b7;
4035
+ t8 += v2 * b8;
4036
+ t9 += v2 * b9;
4037
+ t10 += v2 * b10;
4038
+ t11 += v2 * b11;
4039
+ t12 += v2 * b12;
4040
+ t13 += v2 * b13;
4041
+ t14 += v2 * b14;
4042
+ t15 += v2 * b15;
4043
+ v2 = a[1];
4044
+ t1 += v2 * b0;
4045
+ t2 += v2 * b1;
4046
+ t3 += v2 * b22;
4047
+ t4 += v2 * b32;
4048
+ t5 += v2 * b4;
4049
+ t6 += v2 * b5;
4050
+ t7 += v2 * b6;
4051
+ t8 += v2 * b7;
4052
+ t9 += v2 * b8;
4053
+ t10 += v2 * b9;
4054
+ t11 += v2 * b10;
4055
+ t12 += v2 * b11;
4056
+ t13 += v2 * b12;
4057
+ t14 += v2 * b13;
4058
+ t15 += v2 * b14;
4059
+ t16 += v2 * b15;
4060
+ v2 = a[2];
4061
+ t2 += v2 * b0;
4062
+ t3 += v2 * b1;
4063
+ t4 += v2 * b22;
4064
+ t5 += v2 * b32;
4065
+ t6 += v2 * b4;
4066
+ t7 += v2 * b5;
4067
+ t8 += v2 * b6;
4068
+ t9 += v2 * b7;
4069
+ t10 += v2 * b8;
4070
+ t11 += v2 * b9;
4071
+ t12 += v2 * b10;
4072
+ t13 += v2 * b11;
4073
+ t14 += v2 * b12;
4074
+ t15 += v2 * b13;
4075
+ t16 += v2 * b14;
4076
+ t17 += v2 * b15;
4077
+ v2 = a[3];
4078
+ t3 += v2 * b0;
4079
+ t4 += v2 * b1;
4080
+ t5 += v2 * b22;
4081
+ t6 += v2 * b32;
4082
+ t7 += v2 * b4;
4083
+ t8 += v2 * b5;
4084
+ t9 += v2 * b6;
4085
+ t10 += v2 * b7;
4086
+ t11 += v2 * b8;
4087
+ t12 += v2 * b9;
4088
+ t13 += v2 * b10;
4089
+ t14 += v2 * b11;
4090
+ t15 += v2 * b12;
4091
+ t16 += v2 * b13;
4092
+ t17 += v2 * b14;
4093
+ t18 += v2 * b15;
4094
+ v2 = a[4];
4095
+ t4 += v2 * b0;
4096
+ t5 += v2 * b1;
4097
+ t6 += v2 * b22;
4098
+ t7 += v2 * b32;
4099
+ t8 += v2 * b4;
4100
+ t9 += v2 * b5;
4101
+ t10 += v2 * b6;
4102
+ t11 += v2 * b7;
4103
+ t12 += v2 * b8;
4104
+ t13 += v2 * b9;
4105
+ t14 += v2 * b10;
4106
+ t15 += v2 * b11;
4107
+ t16 += v2 * b12;
4108
+ t17 += v2 * b13;
4109
+ t18 += v2 * b14;
4110
+ t19 += v2 * b15;
4111
+ v2 = a[5];
4112
+ t5 += v2 * b0;
4113
+ t6 += v2 * b1;
4114
+ t7 += v2 * b22;
4115
+ t8 += v2 * b32;
4116
+ t9 += v2 * b4;
4117
+ t10 += v2 * b5;
4118
+ t11 += v2 * b6;
4119
+ t12 += v2 * b7;
4120
+ t13 += v2 * b8;
4121
+ t14 += v2 * b9;
4122
+ t15 += v2 * b10;
4123
+ t16 += v2 * b11;
4124
+ t17 += v2 * b12;
4125
+ t18 += v2 * b13;
4126
+ t19 += v2 * b14;
4127
+ t20 += v2 * b15;
4128
+ v2 = a[6];
4129
+ t6 += v2 * b0;
4130
+ t7 += v2 * b1;
4131
+ t8 += v2 * b22;
4132
+ t9 += v2 * b32;
4133
+ t10 += v2 * b4;
4134
+ t11 += v2 * b5;
4135
+ t12 += v2 * b6;
4136
+ t13 += v2 * b7;
4137
+ t14 += v2 * b8;
4138
+ t15 += v2 * b9;
4139
+ t16 += v2 * b10;
4140
+ t17 += v2 * b11;
4141
+ t18 += v2 * b12;
4142
+ t19 += v2 * b13;
4143
+ t20 += v2 * b14;
4144
+ t21 += v2 * b15;
4145
+ v2 = a[7];
4146
+ t7 += v2 * b0;
4147
+ t8 += v2 * b1;
4148
+ t9 += v2 * b22;
4149
+ t10 += v2 * b32;
4150
+ t11 += v2 * b4;
4151
+ t12 += v2 * b5;
4152
+ t13 += v2 * b6;
4153
+ t14 += v2 * b7;
4154
+ t15 += v2 * b8;
4155
+ t16 += v2 * b9;
4156
+ t17 += v2 * b10;
4157
+ t18 += v2 * b11;
4158
+ t19 += v2 * b12;
4159
+ t20 += v2 * b13;
4160
+ t21 += v2 * b14;
4161
+ t22 += v2 * b15;
4162
+ v2 = a[8];
4163
+ t8 += v2 * b0;
4164
+ t9 += v2 * b1;
4165
+ t10 += v2 * b22;
4166
+ t11 += v2 * b32;
4167
+ t12 += v2 * b4;
4168
+ t13 += v2 * b5;
4169
+ t14 += v2 * b6;
4170
+ t15 += v2 * b7;
4171
+ t16 += v2 * b8;
4172
+ t17 += v2 * b9;
4173
+ t18 += v2 * b10;
4174
+ t19 += v2 * b11;
4175
+ t20 += v2 * b12;
4176
+ t21 += v2 * b13;
4177
+ t22 += v2 * b14;
4178
+ t23 += v2 * b15;
4179
+ v2 = a[9];
4180
+ t9 += v2 * b0;
4181
+ t10 += v2 * b1;
4182
+ t11 += v2 * b22;
4183
+ t12 += v2 * b32;
4184
+ t13 += v2 * b4;
4185
+ t14 += v2 * b5;
4186
+ t15 += v2 * b6;
4187
+ t16 += v2 * b7;
4188
+ t17 += v2 * b8;
4189
+ t18 += v2 * b9;
4190
+ t19 += v2 * b10;
4191
+ t20 += v2 * b11;
4192
+ t21 += v2 * b12;
4193
+ t22 += v2 * b13;
4194
+ t23 += v2 * b14;
4195
+ t24 += v2 * b15;
4196
+ v2 = a[10];
4197
+ t10 += v2 * b0;
4198
+ t11 += v2 * b1;
4199
+ t12 += v2 * b22;
4200
+ t13 += v2 * b32;
4201
+ t14 += v2 * b4;
4202
+ t15 += v2 * b5;
4203
+ t16 += v2 * b6;
4204
+ t17 += v2 * b7;
4205
+ t18 += v2 * b8;
4206
+ t19 += v2 * b9;
4207
+ t20 += v2 * b10;
4208
+ t21 += v2 * b11;
4209
+ t22 += v2 * b12;
4210
+ t23 += v2 * b13;
4211
+ t24 += v2 * b14;
4212
+ t25 += v2 * b15;
4213
+ v2 = a[11];
4214
+ t11 += v2 * b0;
4215
+ t12 += v2 * b1;
4216
+ t13 += v2 * b22;
4217
+ t14 += v2 * b32;
4218
+ t15 += v2 * b4;
4219
+ t16 += v2 * b5;
4220
+ t17 += v2 * b6;
4221
+ t18 += v2 * b7;
4222
+ t19 += v2 * b8;
4223
+ t20 += v2 * b9;
4224
+ t21 += v2 * b10;
4225
+ t22 += v2 * b11;
4226
+ t23 += v2 * b12;
4227
+ t24 += v2 * b13;
4228
+ t25 += v2 * b14;
4229
+ t26 += v2 * b15;
4230
+ v2 = a[12];
4231
+ t12 += v2 * b0;
4232
+ t13 += v2 * b1;
4233
+ t14 += v2 * b22;
4234
+ t15 += v2 * b32;
4235
+ t16 += v2 * b4;
4236
+ t17 += v2 * b5;
4237
+ t18 += v2 * b6;
4238
+ t19 += v2 * b7;
4239
+ t20 += v2 * b8;
4240
+ t21 += v2 * b9;
4241
+ t22 += v2 * b10;
4242
+ t23 += v2 * b11;
4243
+ t24 += v2 * b12;
4244
+ t25 += v2 * b13;
4245
+ t26 += v2 * b14;
4246
+ t27 += v2 * b15;
4247
+ v2 = a[13];
4248
+ t13 += v2 * b0;
4249
+ t14 += v2 * b1;
4250
+ t15 += v2 * b22;
4251
+ t16 += v2 * b32;
4252
+ t17 += v2 * b4;
4253
+ t18 += v2 * b5;
4254
+ t19 += v2 * b6;
4255
+ t20 += v2 * b7;
4256
+ t21 += v2 * b8;
4257
+ t22 += v2 * b9;
4258
+ t23 += v2 * b10;
4259
+ t24 += v2 * b11;
4260
+ t25 += v2 * b12;
4261
+ t26 += v2 * b13;
4262
+ t27 += v2 * b14;
4263
+ t28 += v2 * b15;
4264
+ v2 = a[14];
4265
+ t14 += v2 * b0;
4266
+ t15 += v2 * b1;
4267
+ t16 += v2 * b22;
4268
+ t17 += v2 * b32;
4269
+ t18 += v2 * b4;
4270
+ t19 += v2 * b5;
4271
+ t20 += v2 * b6;
4272
+ t21 += v2 * b7;
4273
+ t22 += v2 * b8;
4274
+ t23 += v2 * b9;
4275
+ t24 += v2 * b10;
4276
+ t25 += v2 * b11;
4277
+ t26 += v2 * b12;
4278
+ t27 += v2 * b13;
4279
+ t28 += v2 * b14;
4280
+ t29 += v2 * b15;
4281
+ v2 = a[15];
4282
+ t15 += v2 * b0;
4283
+ t16 += v2 * b1;
4284
+ t17 += v2 * b22;
4285
+ t18 += v2 * b32;
4286
+ t19 += v2 * b4;
4287
+ t20 += v2 * b5;
4288
+ t21 += v2 * b6;
4289
+ t22 += v2 * b7;
4290
+ t23 += v2 * b8;
4291
+ t24 += v2 * b9;
4292
+ t25 += v2 * b10;
4293
+ t26 += v2 * b11;
4294
+ t27 += v2 * b12;
4295
+ t28 += v2 * b13;
4296
+ t29 += v2 * b14;
4297
+ t30 += v2 * b15;
4298
+ t0 += 38 * t16;
4299
+ t1 += 38 * t17;
4300
+ t2 += 38 * t18;
4301
+ t3 += 38 * t19;
4302
+ t4 += 38 * t20;
4303
+ t5 += 38 * t21;
4304
+ t6 += 38 * t22;
4305
+ t7 += 38 * t23;
4306
+ t8 += 38 * t24;
4307
+ t9 += 38 * t25;
4308
+ t10 += 38 * t26;
4309
+ t11 += 38 * t27;
4310
+ t12 += 38 * t28;
4311
+ t13 += 38 * t29;
4312
+ t14 += 38 * t30;
4313
+ c = 1;
4314
+ v2 = t0 + c + 65535;
4315
+ c = Math.floor(v2 / 65536);
4316
+ t0 = v2 - c * 65536;
4317
+ v2 = t1 + c + 65535;
4318
+ c = Math.floor(v2 / 65536);
4319
+ t1 = v2 - c * 65536;
4320
+ v2 = t2 + c + 65535;
4321
+ c = Math.floor(v2 / 65536);
4322
+ t2 = v2 - c * 65536;
4323
+ v2 = t3 + c + 65535;
4324
+ c = Math.floor(v2 / 65536);
4325
+ t3 = v2 - c * 65536;
4326
+ v2 = t4 + c + 65535;
4327
+ c = Math.floor(v2 / 65536);
4328
+ t4 = v2 - c * 65536;
4329
+ v2 = t5 + c + 65535;
4330
+ c = Math.floor(v2 / 65536);
4331
+ t5 = v2 - c * 65536;
4332
+ v2 = t6 + c + 65535;
4333
+ c = Math.floor(v2 / 65536);
4334
+ t6 = v2 - c * 65536;
4335
+ v2 = t7 + c + 65535;
4336
+ c = Math.floor(v2 / 65536);
4337
+ t7 = v2 - c * 65536;
4338
+ v2 = t8 + c + 65535;
4339
+ c = Math.floor(v2 / 65536);
4340
+ t8 = v2 - c * 65536;
4341
+ v2 = t9 + c + 65535;
4342
+ c = Math.floor(v2 / 65536);
4343
+ t9 = v2 - c * 65536;
4344
+ v2 = t10 + c + 65535;
4345
+ c = Math.floor(v2 / 65536);
4346
+ t10 = v2 - c * 65536;
4347
+ v2 = t11 + c + 65535;
4348
+ c = Math.floor(v2 / 65536);
4349
+ t11 = v2 - c * 65536;
4350
+ v2 = t12 + c + 65535;
4351
+ c = Math.floor(v2 / 65536);
4352
+ t12 = v2 - c * 65536;
4353
+ v2 = t13 + c + 65535;
4354
+ c = Math.floor(v2 / 65536);
4355
+ t13 = v2 - c * 65536;
4356
+ v2 = t14 + c + 65535;
4357
+ c = Math.floor(v2 / 65536);
4358
+ t14 = v2 - c * 65536;
4359
+ v2 = t15 + c + 65535;
4360
+ c = Math.floor(v2 / 65536);
4361
+ t15 = v2 - c * 65536;
4362
+ t0 += c - 1 + 37 * (c - 1);
4363
+ c = 1;
4364
+ v2 = t0 + c + 65535;
4365
+ c = Math.floor(v2 / 65536);
4366
+ t0 = v2 - c * 65536;
4367
+ v2 = t1 + c + 65535;
4368
+ c = Math.floor(v2 / 65536);
4369
+ t1 = v2 - c * 65536;
4370
+ v2 = t2 + c + 65535;
4371
+ c = Math.floor(v2 / 65536);
4372
+ t2 = v2 - c * 65536;
4373
+ v2 = t3 + c + 65535;
4374
+ c = Math.floor(v2 / 65536);
4375
+ t3 = v2 - c * 65536;
4376
+ v2 = t4 + c + 65535;
4377
+ c = Math.floor(v2 / 65536);
4378
+ t4 = v2 - c * 65536;
4379
+ v2 = t5 + c + 65535;
4380
+ c = Math.floor(v2 / 65536);
4381
+ t5 = v2 - c * 65536;
4382
+ v2 = t6 + c + 65535;
4383
+ c = Math.floor(v2 / 65536);
4384
+ t6 = v2 - c * 65536;
4385
+ v2 = t7 + c + 65535;
4386
+ c = Math.floor(v2 / 65536);
4387
+ t7 = v2 - c * 65536;
4388
+ v2 = t8 + c + 65535;
4389
+ c = Math.floor(v2 / 65536);
4390
+ t8 = v2 - c * 65536;
4391
+ v2 = t9 + c + 65535;
4392
+ c = Math.floor(v2 / 65536);
4393
+ t9 = v2 - c * 65536;
4394
+ v2 = t10 + c + 65535;
4395
+ c = Math.floor(v2 / 65536);
4396
+ t10 = v2 - c * 65536;
4397
+ v2 = t11 + c + 65535;
4398
+ c = Math.floor(v2 / 65536);
4399
+ t11 = v2 - c * 65536;
4400
+ v2 = t12 + c + 65535;
4401
+ c = Math.floor(v2 / 65536);
4402
+ t12 = v2 - c * 65536;
4403
+ v2 = t13 + c + 65535;
4404
+ c = Math.floor(v2 / 65536);
4405
+ t13 = v2 - c * 65536;
4406
+ v2 = t14 + c + 65535;
4407
+ c = Math.floor(v2 / 65536);
4408
+ t14 = v2 - c * 65536;
4409
+ v2 = t15 + c + 65535;
4410
+ c = Math.floor(v2 / 65536);
4411
+ t15 = v2 - c * 65536;
4412
+ t0 += c - 1 + 37 * (c - 1);
4413
+ o[0] = t0;
4414
+ o[1] = t1;
4415
+ o[2] = t2;
4416
+ o[3] = t3;
4417
+ o[4] = t4;
4418
+ o[5] = t5;
4419
+ o[6] = t6;
4420
+ o[7] = t7;
4421
+ o[8] = t8;
4422
+ o[9] = t9;
4423
+ o[10] = t10;
4424
+ o[11] = t11;
4425
+ o[12] = t12;
4426
+ o[13] = t13;
4427
+ o[14] = t14;
4428
+ o[15] = t15;
4429
+ }
4430
+ function S3(o, a) {
4431
+ M2(o, a, a);
4432
+ }
4433
+ function inv25519(o, i) {
4434
+ var c = gf();
4435
+ var a;
4436
+ for (a = 0; a < 16; a++) c[a] = i[a];
4437
+ for (a = 253; a >= 0; a--) {
4438
+ S3(c, c);
4439
+ if (a !== 2 && a !== 4) M2(c, c, i);
4440
+ }
4441
+ for (a = 0; a < 16; a++) o[a] = c[a];
4442
+ }
4443
+ function pow2523(o, i) {
4444
+ var c = gf();
4445
+ var a;
4446
+ for (a = 0; a < 16; a++) c[a] = i[a];
4447
+ for (a = 250; a >= 0; a--) {
4448
+ S3(c, c);
4449
+ if (a !== 1) M2(c, c, i);
4450
+ }
4451
+ for (a = 0; a < 16; a++) o[a] = c[a];
4452
+ }
4453
+ function crypto_scalarmult(q2, n, p2) {
4454
+ var z3 = new Uint8Array(32);
4455
+ var x2 = new Float64Array(80), r10, i;
4456
+ var a = gf(), b3 = gf(), c = gf(), d = gf(), e = gf(), f3 = gf();
4457
+ for (i = 0; i < 31; i++) z3[i] = n[i];
4458
+ z3[31] = n[31] & 127 | 64;
4459
+ z3[0] &= 248;
4460
+ unpack25519(x2, p2);
4461
+ for (i = 0; i < 16; i++) {
4462
+ b3[i] = x2[i];
4463
+ d[i] = a[i] = c[i] = 0;
4464
+ }
4465
+ a[0] = d[0] = 1;
4466
+ for (i = 254; i >= 0; --i) {
4467
+ r10 = z3[i >>> 3] >>> (i & 7) & 1;
4468
+ sel25519(a, b3, r10);
4469
+ sel25519(c, d, r10);
4470
+ A3(e, a, c);
4471
+ Z3(a, a, c);
4472
+ A3(c, b3, d);
4473
+ Z3(b3, b3, d);
4474
+ S3(d, e);
4475
+ S3(f3, a);
4476
+ M2(a, c, a);
4477
+ M2(c, b3, e);
4478
+ A3(e, a, c);
4479
+ Z3(a, a, c);
4480
+ S3(b3, a);
4481
+ Z3(c, d, f3);
4482
+ M2(a, c, _121665);
4483
+ A3(a, a, d);
4484
+ M2(c, c, a);
4485
+ M2(a, d, f3);
4486
+ M2(d, b3, x2);
4487
+ S3(b3, e);
4488
+ sel25519(a, b3, r10);
4489
+ sel25519(c, d, r10);
4490
+ }
4491
+ for (i = 0; i < 16; i++) {
4492
+ x2[i + 16] = a[i];
4493
+ x2[i + 32] = c[i];
4494
+ x2[i + 48] = b3[i];
4495
+ x2[i + 64] = d[i];
4496
+ }
4497
+ var x32 = x2.subarray(32);
4498
+ var x16 = x2.subarray(16);
4499
+ inv25519(x32, x32);
4500
+ M2(x16, x16, x32);
4501
+ pack25519(q2, x16);
4502
+ return 0;
4503
+ }
4504
+ function crypto_scalarmult_base(q2, n) {
4505
+ return crypto_scalarmult(q2, n, _9);
4506
+ }
4507
+ function crypto_box_keypair(y3, x2) {
4508
+ randombytes(x2, 32);
4509
+ return crypto_scalarmult_base(y3, x2);
4510
+ }
4511
+ function crypto_box_beforenm(k2, y3, x2) {
4512
+ var s = new Uint8Array(32);
4513
+ crypto_scalarmult(s, x2, y3);
4514
+ return crypto_core_hsalsa20(k2, _0, s, sigma);
4515
+ }
4516
+ var crypto_box_afternm = crypto_secretbox;
4517
+ var crypto_box_open_afternm = crypto_secretbox_open;
4518
+ function crypto_box(c, m3, d, n, y3, x2) {
4519
+ var k2 = new Uint8Array(32);
4520
+ crypto_box_beforenm(k2, y3, x2);
4521
+ return crypto_box_afternm(c, m3, d, n, k2);
4522
+ }
4523
+ function crypto_box_open(m3, c, d, n, y3, x2) {
4524
+ var k2 = new Uint8Array(32);
4525
+ crypto_box_beforenm(k2, y3, x2);
4526
+ return crypto_box_open_afternm(m3, c, d, n, k2);
4527
+ }
4528
+ var K2 = [
4529
+ 1116352408,
4530
+ 3609767458,
4531
+ 1899447441,
4532
+ 602891725,
4533
+ 3049323471,
4534
+ 3964484399,
4535
+ 3921009573,
4536
+ 2173295548,
4537
+ 961987163,
4538
+ 4081628472,
4539
+ 1508970993,
4540
+ 3053834265,
4541
+ 2453635748,
4542
+ 2937671579,
4543
+ 2870763221,
4544
+ 3664609560,
4545
+ 3624381080,
4546
+ 2734883394,
4547
+ 310598401,
4548
+ 1164996542,
4549
+ 607225278,
4550
+ 1323610764,
4551
+ 1426881987,
4552
+ 3590304994,
4553
+ 1925078388,
4554
+ 4068182383,
4555
+ 2162078206,
4556
+ 991336113,
4557
+ 2614888103,
4558
+ 633803317,
4559
+ 3248222580,
4560
+ 3479774868,
4561
+ 3835390401,
4562
+ 2666613458,
4563
+ 4022224774,
4564
+ 944711139,
4565
+ 264347078,
4566
+ 2341262773,
4567
+ 604807628,
4568
+ 2007800933,
4569
+ 770255983,
4570
+ 1495990901,
4571
+ 1249150122,
4572
+ 1856431235,
4573
+ 1555081692,
4574
+ 3175218132,
4575
+ 1996064986,
4576
+ 2198950837,
4577
+ 2554220882,
4578
+ 3999719339,
4579
+ 2821834349,
4580
+ 766784016,
4581
+ 2952996808,
4582
+ 2566594879,
4583
+ 3210313671,
4584
+ 3203337956,
4585
+ 3336571891,
4586
+ 1034457026,
4587
+ 3584528711,
4588
+ 2466948901,
4589
+ 113926993,
4590
+ 3758326383,
4591
+ 338241895,
4592
+ 168717936,
4593
+ 666307205,
4594
+ 1188179964,
4595
+ 773529912,
4596
+ 1546045734,
4597
+ 1294757372,
4598
+ 1522805485,
4599
+ 1396182291,
4600
+ 2643833823,
4601
+ 1695183700,
4602
+ 2343527390,
4603
+ 1986661051,
4604
+ 1014477480,
4605
+ 2177026350,
4606
+ 1206759142,
4607
+ 2456956037,
4608
+ 344077627,
4609
+ 2730485921,
4610
+ 1290863460,
4611
+ 2820302411,
4612
+ 3158454273,
4613
+ 3259730800,
4614
+ 3505952657,
4615
+ 3345764771,
4616
+ 106217008,
4617
+ 3516065817,
4618
+ 3606008344,
4619
+ 3600352804,
4620
+ 1432725776,
4621
+ 4094571909,
4622
+ 1467031594,
4623
+ 275423344,
4624
+ 851169720,
4625
+ 430227734,
4626
+ 3100823752,
4627
+ 506948616,
4628
+ 1363258195,
4629
+ 659060556,
4630
+ 3750685593,
4631
+ 883997877,
4632
+ 3785050280,
4633
+ 958139571,
4634
+ 3318307427,
4635
+ 1322822218,
4636
+ 3812723403,
4637
+ 1537002063,
4638
+ 2003034995,
4639
+ 1747873779,
4640
+ 3602036899,
4641
+ 1955562222,
4642
+ 1575990012,
4643
+ 2024104815,
4644
+ 1125592928,
4645
+ 2227730452,
4646
+ 2716904306,
4647
+ 2361852424,
4648
+ 442776044,
4649
+ 2428436474,
4650
+ 593698344,
4651
+ 2756734187,
4652
+ 3733110249,
4653
+ 3204031479,
4654
+ 2999351573,
4655
+ 3329325298,
4656
+ 3815920427,
4657
+ 3391569614,
4658
+ 3928383900,
4659
+ 3515267271,
4660
+ 566280711,
4661
+ 3940187606,
4662
+ 3454069534,
4663
+ 4118630271,
4664
+ 4000239992,
4665
+ 116418474,
4666
+ 1914138554,
4667
+ 174292421,
4668
+ 2731055270,
4669
+ 289380356,
4670
+ 3203993006,
4671
+ 460393269,
4672
+ 320620315,
4673
+ 685471733,
4674
+ 587496836,
4675
+ 852142971,
4676
+ 1086792851,
4677
+ 1017036298,
4678
+ 365543100,
4679
+ 1126000580,
4680
+ 2618297676,
4681
+ 1288033470,
4682
+ 3409855158,
4683
+ 1501505948,
4684
+ 4234509866,
4685
+ 1607167915,
4686
+ 987167468,
4687
+ 1816402316,
4688
+ 1246189591
4689
+ ];
4690
+ function crypto_hashblocks_hl(hh, hl, m3, n) {
4691
+ var wh = new Int32Array(16), wl = new Int32Array(16), bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7, bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7, th, tl, i, j2, h3, l, a, b3, c, d;
4692
+ var ah0 = hh[0], ah1 = hh[1], ah2 = hh[2], ah3 = hh[3], ah4 = hh[4], ah5 = hh[5], ah6 = hh[6], ah7 = hh[7], al0 = hl[0], al1 = hl[1], al2 = hl[2], al3 = hl[3], al4 = hl[4], al5 = hl[5], al6 = hl[6], al7 = hl[7];
4693
+ var pos = 0;
4694
+ while (n >= 128) {
4695
+ for (i = 0; i < 16; i++) {
4696
+ j2 = 8 * i + pos;
4697
+ wh[i] = m3[j2 + 0] << 24 | m3[j2 + 1] << 16 | m3[j2 + 2] << 8 | m3[j2 + 3];
4698
+ wl[i] = m3[j2 + 4] << 24 | m3[j2 + 5] << 16 | m3[j2 + 6] << 8 | m3[j2 + 7];
4699
+ }
4700
+ for (i = 0; i < 80; i++) {
4701
+ bh0 = ah0;
4702
+ bh1 = ah1;
4703
+ bh2 = ah2;
4704
+ bh3 = ah3;
4705
+ bh4 = ah4;
4706
+ bh5 = ah5;
4707
+ bh6 = ah6;
4708
+ bh7 = ah7;
4709
+ bl0 = al0;
4710
+ bl1 = al1;
4711
+ bl2 = al2;
4712
+ bl3 = al3;
4713
+ bl4 = al4;
4714
+ bl5 = al5;
4715
+ bl6 = al6;
4716
+ bl7 = al7;
4717
+ h3 = ah7;
4718
+ l = al7;
4719
+ a = l & 65535;
4720
+ b3 = l >>> 16;
4721
+ c = h3 & 65535;
4722
+ d = h3 >>> 16;
4723
+ h3 = (ah4 >>> 14 | al4 << 32 - 14) ^ (ah4 >>> 18 | al4 << 32 - 18) ^ (al4 >>> 41 - 32 | ah4 << 32 - (41 - 32));
4724
+ l = (al4 >>> 14 | ah4 << 32 - 14) ^ (al4 >>> 18 | ah4 << 32 - 18) ^ (ah4 >>> 41 - 32 | al4 << 32 - (41 - 32));
4725
+ a += l & 65535;
4726
+ b3 += l >>> 16;
4727
+ c += h3 & 65535;
4728
+ d += h3 >>> 16;
4729
+ h3 = ah4 & ah5 ^ ~ah4 & ah6;
4730
+ l = al4 & al5 ^ ~al4 & al6;
4731
+ a += l & 65535;
4732
+ b3 += l >>> 16;
4733
+ c += h3 & 65535;
4734
+ d += h3 >>> 16;
4735
+ h3 = K2[i * 2];
4736
+ l = K2[i * 2 + 1];
4737
+ a += l & 65535;
4738
+ b3 += l >>> 16;
4739
+ c += h3 & 65535;
4740
+ d += h3 >>> 16;
4741
+ h3 = wh[i % 16];
4742
+ l = wl[i % 16];
4743
+ a += l & 65535;
4744
+ b3 += l >>> 16;
4745
+ c += h3 & 65535;
4746
+ d += h3 >>> 16;
4747
+ b3 += a >>> 16;
4748
+ c += b3 >>> 16;
4749
+ d += c >>> 16;
4750
+ th = c & 65535 | d << 16;
4751
+ tl = a & 65535 | b3 << 16;
4752
+ h3 = th;
4753
+ l = tl;
4754
+ a = l & 65535;
4755
+ b3 = l >>> 16;
4756
+ c = h3 & 65535;
4757
+ d = h3 >>> 16;
4758
+ h3 = (ah0 >>> 28 | al0 << 32 - 28) ^ (al0 >>> 34 - 32 | ah0 << 32 - (34 - 32)) ^ (al0 >>> 39 - 32 | ah0 << 32 - (39 - 32));
4759
+ l = (al0 >>> 28 | ah0 << 32 - 28) ^ (ah0 >>> 34 - 32 | al0 << 32 - (34 - 32)) ^ (ah0 >>> 39 - 32 | al0 << 32 - (39 - 32));
4760
+ a += l & 65535;
4761
+ b3 += l >>> 16;
4762
+ c += h3 & 65535;
4763
+ d += h3 >>> 16;
4764
+ h3 = ah0 & ah1 ^ ah0 & ah2 ^ ah1 & ah2;
4765
+ l = al0 & al1 ^ al0 & al2 ^ al1 & al2;
4766
+ a += l & 65535;
4767
+ b3 += l >>> 16;
4768
+ c += h3 & 65535;
4769
+ d += h3 >>> 16;
4770
+ b3 += a >>> 16;
4771
+ c += b3 >>> 16;
4772
+ d += c >>> 16;
4773
+ bh7 = c & 65535 | d << 16;
4774
+ bl7 = a & 65535 | b3 << 16;
4775
+ h3 = bh3;
4776
+ l = bl3;
4777
+ a = l & 65535;
4778
+ b3 = l >>> 16;
4779
+ c = h3 & 65535;
4780
+ d = h3 >>> 16;
4781
+ h3 = th;
4782
+ l = tl;
4783
+ a += l & 65535;
4784
+ b3 += l >>> 16;
4785
+ c += h3 & 65535;
4786
+ d += h3 >>> 16;
4787
+ b3 += a >>> 16;
4788
+ c += b3 >>> 16;
4789
+ d += c >>> 16;
4790
+ bh3 = c & 65535 | d << 16;
4791
+ bl3 = a & 65535 | b3 << 16;
4792
+ ah1 = bh0;
4793
+ ah2 = bh1;
4794
+ ah3 = bh2;
4795
+ ah4 = bh3;
4796
+ ah5 = bh4;
4797
+ ah6 = bh5;
4798
+ ah7 = bh6;
4799
+ ah0 = bh7;
4800
+ al1 = bl0;
4801
+ al2 = bl1;
4802
+ al3 = bl2;
4803
+ al4 = bl3;
4804
+ al5 = bl4;
4805
+ al6 = bl5;
4806
+ al7 = bl6;
4807
+ al0 = bl7;
4808
+ if (i % 16 === 15) {
4809
+ for (j2 = 0; j2 < 16; j2++) {
4810
+ h3 = wh[j2];
4811
+ l = wl[j2];
4812
+ a = l & 65535;
4813
+ b3 = l >>> 16;
4814
+ c = h3 & 65535;
4815
+ d = h3 >>> 16;
4816
+ h3 = wh[(j2 + 9) % 16];
4817
+ l = wl[(j2 + 9) % 16];
4818
+ a += l & 65535;
4819
+ b3 += l >>> 16;
4820
+ c += h3 & 65535;
4821
+ d += h3 >>> 16;
4822
+ th = wh[(j2 + 1) % 16];
4823
+ tl = wl[(j2 + 1) % 16];
4824
+ h3 = (th >>> 1 | tl << 32 - 1) ^ (th >>> 8 | tl << 32 - 8) ^ th >>> 7;
4825
+ l = (tl >>> 1 | th << 32 - 1) ^ (tl >>> 8 | th << 32 - 8) ^ (tl >>> 7 | th << 32 - 7);
4826
+ a += l & 65535;
4827
+ b3 += l >>> 16;
4828
+ c += h3 & 65535;
4829
+ d += h3 >>> 16;
4830
+ th = wh[(j2 + 14) % 16];
4831
+ tl = wl[(j2 + 14) % 16];
4832
+ h3 = (th >>> 19 | tl << 32 - 19) ^ (tl >>> 61 - 32 | th << 32 - (61 - 32)) ^ th >>> 6;
4833
+ l = (tl >>> 19 | th << 32 - 19) ^ (th >>> 61 - 32 | tl << 32 - (61 - 32)) ^ (tl >>> 6 | th << 32 - 6);
4834
+ a += l & 65535;
4835
+ b3 += l >>> 16;
4836
+ c += h3 & 65535;
4837
+ d += h3 >>> 16;
4838
+ b3 += a >>> 16;
4839
+ c += b3 >>> 16;
4840
+ d += c >>> 16;
4841
+ wh[j2] = c & 65535 | d << 16;
4842
+ wl[j2] = a & 65535 | b3 << 16;
4843
+ }
4844
+ }
4845
+ }
4846
+ h3 = ah0;
4847
+ l = al0;
4848
+ a = l & 65535;
4849
+ b3 = l >>> 16;
4850
+ c = h3 & 65535;
4851
+ d = h3 >>> 16;
4852
+ h3 = hh[0];
4853
+ l = hl[0];
4854
+ a += l & 65535;
4855
+ b3 += l >>> 16;
4856
+ c += h3 & 65535;
4857
+ d += h3 >>> 16;
4858
+ b3 += a >>> 16;
4859
+ c += b3 >>> 16;
4860
+ d += c >>> 16;
4861
+ hh[0] = ah0 = c & 65535 | d << 16;
4862
+ hl[0] = al0 = a & 65535 | b3 << 16;
4863
+ h3 = ah1;
4864
+ l = al1;
4865
+ a = l & 65535;
4866
+ b3 = l >>> 16;
4867
+ c = h3 & 65535;
4868
+ d = h3 >>> 16;
4869
+ h3 = hh[1];
4870
+ l = hl[1];
4871
+ a += l & 65535;
4872
+ b3 += l >>> 16;
4873
+ c += h3 & 65535;
4874
+ d += h3 >>> 16;
4875
+ b3 += a >>> 16;
4876
+ c += b3 >>> 16;
4877
+ d += c >>> 16;
4878
+ hh[1] = ah1 = c & 65535 | d << 16;
4879
+ hl[1] = al1 = a & 65535 | b3 << 16;
4880
+ h3 = ah2;
4881
+ l = al2;
4882
+ a = l & 65535;
4883
+ b3 = l >>> 16;
4884
+ c = h3 & 65535;
4885
+ d = h3 >>> 16;
4886
+ h3 = hh[2];
4887
+ l = hl[2];
4888
+ a += l & 65535;
4889
+ b3 += l >>> 16;
4890
+ c += h3 & 65535;
4891
+ d += h3 >>> 16;
4892
+ b3 += a >>> 16;
4893
+ c += b3 >>> 16;
4894
+ d += c >>> 16;
4895
+ hh[2] = ah2 = c & 65535 | d << 16;
4896
+ hl[2] = al2 = a & 65535 | b3 << 16;
4897
+ h3 = ah3;
4898
+ l = al3;
4899
+ a = l & 65535;
4900
+ b3 = l >>> 16;
4901
+ c = h3 & 65535;
4902
+ d = h3 >>> 16;
4903
+ h3 = hh[3];
4904
+ l = hl[3];
4905
+ a += l & 65535;
4906
+ b3 += l >>> 16;
4907
+ c += h3 & 65535;
4908
+ d += h3 >>> 16;
4909
+ b3 += a >>> 16;
4910
+ c += b3 >>> 16;
4911
+ d += c >>> 16;
4912
+ hh[3] = ah3 = c & 65535 | d << 16;
4913
+ hl[3] = al3 = a & 65535 | b3 << 16;
4914
+ h3 = ah4;
4915
+ l = al4;
4916
+ a = l & 65535;
4917
+ b3 = l >>> 16;
4918
+ c = h3 & 65535;
4919
+ d = h3 >>> 16;
4920
+ h3 = hh[4];
4921
+ l = hl[4];
4922
+ a += l & 65535;
4923
+ b3 += l >>> 16;
4924
+ c += h3 & 65535;
4925
+ d += h3 >>> 16;
4926
+ b3 += a >>> 16;
4927
+ c += b3 >>> 16;
4928
+ d += c >>> 16;
4929
+ hh[4] = ah4 = c & 65535 | d << 16;
4930
+ hl[4] = al4 = a & 65535 | b3 << 16;
4931
+ h3 = ah5;
4932
+ l = al5;
4933
+ a = l & 65535;
4934
+ b3 = l >>> 16;
4935
+ c = h3 & 65535;
4936
+ d = h3 >>> 16;
4937
+ h3 = hh[5];
4938
+ l = hl[5];
4939
+ a += l & 65535;
4940
+ b3 += l >>> 16;
4941
+ c += h3 & 65535;
4942
+ d += h3 >>> 16;
4943
+ b3 += a >>> 16;
4944
+ c += b3 >>> 16;
4945
+ d += c >>> 16;
4946
+ hh[5] = ah5 = c & 65535 | d << 16;
4947
+ hl[5] = al5 = a & 65535 | b3 << 16;
4948
+ h3 = ah6;
4949
+ l = al6;
4950
+ a = l & 65535;
4951
+ b3 = l >>> 16;
4952
+ c = h3 & 65535;
4953
+ d = h3 >>> 16;
4954
+ h3 = hh[6];
4955
+ l = hl[6];
4956
+ a += l & 65535;
4957
+ b3 += l >>> 16;
4958
+ c += h3 & 65535;
4959
+ d += h3 >>> 16;
4960
+ b3 += a >>> 16;
4961
+ c += b3 >>> 16;
4962
+ d += c >>> 16;
4963
+ hh[6] = ah6 = c & 65535 | d << 16;
4964
+ hl[6] = al6 = a & 65535 | b3 << 16;
4965
+ h3 = ah7;
4966
+ l = al7;
4967
+ a = l & 65535;
4968
+ b3 = l >>> 16;
4969
+ c = h3 & 65535;
4970
+ d = h3 >>> 16;
4971
+ h3 = hh[7];
4972
+ l = hl[7];
4973
+ a += l & 65535;
4974
+ b3 += l >>> 16;
4975
+ c += h3 & 65535;
4976
+ d += h3 >>> 16;
4977
+ b3 += a >>> 16;
4978
+ c += b3 >>> 16;
4979
+ d += c >>> 16;
4980
+ hh[7] = ah7 = c & 65535 | d << 16;
4981
+ hl[7] = al7 = a & 65535 | b3 << 16;
4982
+ pos += 128;
4983
+ n -= 128;
4984
+ }
4985
+ return n;
4986
+ }
4987
+ function crypto_hash(out, m3, n) {
4988
+ var hh = new Int32Array(8), hl = new Int32Array(8), x2 = new Uint8Array(256), i, b3 = n;
4989
+ hh[0] = 1779033703;
4990
+ hh[1] = 3144134277;
4991
+ hh[2] = 1013904242;
4992
+ hh[3] = 2773480762;
4993
+ hh[4] = 1359893119;
4994
+ hh[5] = 2600822924;
4995
+ hh[6] = 528734635;
4996
+ hh[7] = 1541459225;
4997
+ hl[0] = 4089235720;
4998
+ hl[1] = 2227873595;
4999
+ hl[2] = 4271175723;
5000
+ hl[3] = 1595750129;
5001
+ hl[4] = 2917565137;
5002
+ hl[5] = 725511199;
5003
+ hl[6] = 4215389547;
5004
+ hl[7] = 327033209;
5005
+ crypto_hashblocks_hl(hh, hl, m3, n);
5006
+ n %= 128;
5007
+ for (i = 0; i < n; i++) x2[i] = m3[b3 - n + i];
5008
+ x2[n] = 128;
5009
+ n = 256 - 128 * (n < 112 ? 1 : 0);
5010
+ x2[n - 9] = 0;
5011
+ ts64(x2, n - 8, b3 / 536870912 | 0, b3 << 3);
5012
+ crypto_hashblocks_hl(hh, hl, x2, n);
5013
+ for (i = 0; i < 8; i++) ts64(out, 8 * i, hh[i], hl[i]);
5014
+ return 0;
5015
+ }
5016
+ function add(p2, q2) {
5017
+ var a = gf(), b3 = gf(), c = gf(), d = gf(), e = gf(), f3 = gf(), g2 = gf(), h3 = gf(), t = gf();
5018
+ Z3(a, p2[1], p2[0]);
5019
+ Z3(t, q2[1], q2[0]);
5020
+ M2(a, a, t);
5021
+ A3(b3, p2[0], p2[1]);
5022
+ A3(t, q2[0], q2[1]);
5023
+ M2(b3, b3, t);
5024
+ M2(c, p2[3], q2[3]);
5025
+ M2(c, c, D22);
5026
+ M2(d, p2[2], q2[2]);
5027
+ A3(d, d, d);
5028
+ Z3(e, b3, a);
5029
+ Z3(f3, d, c);
5030
+ A3(g2, d, c);
5031
+ A3(h3, b3, a);
5032
+ M2(p2[0], e, f3);
5033
+ M2(p2[1], h3, g2);
5034
+ M2(p2[2], g2, f3);
5035
+ M2(p2[3], e, h3);
5036
+ }
5037
+ function cswap(p2, q2, b3) {
5038
+ var i;
5039
+ for (i = 0; i < 4; i++) {
5040
+ sel25519(p2[i], q2[i], b3);
5041
+ }
5042
+ }
5043
+ function pack(r10, p2) {
5044
+ var tx = gf(), ty = gf(), zi = gf();
5045
+ inv25519(zi, p2[2]);
5046
+ M2(tx, p2[0], zi);
5047
+ M2(ty, p2[1], zi);
5048
+ pack25519(r10, ty);
5049
+ r10[31] ^= par25519(tx) << 7;
5050
+ }
5051
+ function scalarmult(p2, q2, s) {
5052
+ var b3, i;
5053
+ set25519(p2[0], gf0);
5054
+ set25519(p2[1], gf1);
5055
+ set25519(p2[2], gf1);
5056
+ set25519(p2[3], gf0);
5057
+ for (i = 255; i >= 0; --i) {
5058
+ b3 = s[i / 8 | 0] >> (i & 7) & 1;
5059
+ cswap(p2, q2, b3);
5060
+ add(q2, p2);
5061
+ add(p2, p2);
5062
+ cswap(p2, q2, b3);
5063
+ }
5064
+ }
5065
+ function scalarbase(p2, s) {
5066
+ var q2 = [gf(), gf(), gf(), gf()];
5067
+ set25519(q2[0], X3);
5068
+ set25519(q2[1], Y3);
5069
+ set25519(q2[2], gf1);
5070
+ M2(q2[3], X3, Y3);
5071
+ scalarmult(p2, q2, s);
5072
+ }
5073
+ function crypto_sign_keypair(pk, sk, seeded) {
5074
+ var d = new Uint8Array(64);
5075
+ var p2 = [gf(), gf(), gf(), gf()];
5076
+ var i;
5077
+ if (!seeded) randombytes(sk, 32);
5078
+ crypto_hash(d, sk, 32);
5079
+ d[0] &= 248;
5080
+ d[31] &= 127;
5081
+ d[31] |= 64;
5082
+ scalarbase(p2, d);
5083
+ pack(pk, p2);
5084
+ for (i = 0; i < 32; i++) sk[i + 32] = pk[i];
5085
+ return 0;
5086
+ }
5087
+ var L3 = new Float64Array([237, 211, 245, 92, 26, 99, 18, 88, 214, 156, 247, 162, 222, 249, 222, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16]);
5088
+ function modL(r10, x2) {
5089
+ var carry, i, j2, k2;
5090
+ for (i = 63; i >= 32; --i) {
5091
+ carry = 0;
5092
+ for (j2 = i - 32, k2 = i - 12; j2 < k2; ++j2) {
5093
+ x2[j2] += carry - 16 * x2[i] * L3[j2 - (i - 32)];
5094
+ carry = Math.floor((x2[j2] + 128) / 256);
5095
+ x2[j2] -= carry * 256;
5096
+ }
5097
+ x2[j2] += carry;
5098
+ x2[i] = 0;
5099
+ }
5100
+ carry = 0;
5101
+ for (j2 = 0; j2 < 32; j2++) {
5102
+ x2[j2] += carry - (x2[31] >> 4) * L3[j2];
5103
+ carry = x2[j2] >> 8;
5104
+ x2[j2] &= 255;
5105
+ }
5106
+ for (j2 = 0; j2 < 32; j2++) x2[j2] -= carry * L3[j2];
5107
+ for (i = 0; i < 32; i++) {
5108
+ x2[i + 1] += x2[i] >> 8;
5109
+ r10[i] = x2[i] & 255;
5110
+ }
5111
+ }
5112
+ function reduce(r10) {
5113
+ var x2 = new Float64Array(64), i;
5114
+ for (i = 0; i < 64; i++) x2[i] = r10[i];
5115
+ for (i = 0; i < 64; i++) r10[i] = 0;
5116
+ modL(r10, x2);
5117
+ }
5118
+ function crypto_sign(sm, m3, n, sk) {
5119
+ var d = new Uint8Array(64), h3 = new Uint8Array(64), r10 = new Uint8Array(64);
5120
+ var i, j2, x2 = new Float64Array(64);
5121
+ var p2 = [gf(), gf(), gf(), gf()];
5122
+ crypto_hash(d, sk, 32);
5123
+ d[0] &= 248;
5124
+ d[31] &= 127;
5125
+ d[31] |= 64;
5126
+ var smlen = n + 64;
5127
+ for (i = 0; i < n; i++) sm[64 + i] = m3[i];
5128
+ for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];
5129
+ crypto_hash(r10, sm.subarray(32), n + 32);
5130
+ reduce(r10);
5131
+ scalarbase(p2, r10);
5132
+ pack(sm, p2);
5133
+ for (i = 32; i < 64; i++) sm[i] = sk[i];
5134
+ crypto_hash(h3, sm, n + 64);
5135
+ reduce(h3);
5136
+ for (i = 0; i < 64; i++) x2[i] = 0;
5137
+ for (i = 0; i < 32; i++) x2[i] = r10[i];
5138
+ for (i = 0; i < 32; i++) {
5139
+ for (j2 = 0; j2 < 32; j2++) {
5140
+ x2[i + j2] += h3[i] * d[j2];
5141
+ }
5142
+ }
5143
+ modL(sm.subarray(32), x2);
5144
+ return smlen;
5145
+ }
5146
+ function unpackneg(r10, p2) {
5147
+ var t = gf(), chk = gf(), num = gf(), den = gf(), den2 = gf(), den4 = gf(), den6 = gf();
5148
+ set25519(r10[2], gf1);
5149
+ unpack25519(r10[1], p2);
5150
+ S3(num, r10[1]);
5151
+ M2(den, num, D2);
5152
+ Z3(num, num, r10[2]);
5153
+ A3(den, r10[2], den);
5154
+ S3(den2, den);
5155
+ S3(den4, den2);
5156
+ M2(den6, den4, den2);
5157
+ M2(t, den6, num);
5158
+ M2(t, t, den);
5159
+ pow2523(t, t);
5160
+ M2(t, t, num);
5161
+ M2(t, t, den);
5162
+ M2(t, t, den);
5163
+ M2(r10[0], t, den);
5164
+ S3(chk, r10[0]);
5165
+ M2(chk, chk, den);
5166
+ if (neq25519(chk, num)) M2(r10[0], r10[0], I2);
5167
+ S3(chk, r10[0]);
5168
+ M2(chk, chk, den);
5169
+ if (neq25519(chk, num)) return -1;
5170
+ if (par25519(r10[0]) === p2[31] >> 7) Z3(r10[0], gf0, r10[0]);
5171
+ M2(r10[3], r10[0], r10[1]);
5172
+ return 0;
5173
+ }
5174
+ function crypto_sign_open(m3, sm, n, pk) {
5175
+ var i;
5176
+ var t = new Uint8Array(32), h3 = new Uint8Array(64);
5177
+ var p2 = [gf(), gf(), gf(), gf()], q2 = [gf(), gf(), gf(), gf()];
5178
+ if (n < 64) return -1;
5179
+ if (unpackneg(q2, pk)) return -1;
5180
+ for (i = 0; i < n; i++) m3[i] = sm[i];
5181
+ for (i = 0; i < 32; i++) m3[i + 32] = pk[i];
5182
+ crypto_hash(h3, m3, n);
5183
+ reduce(h3);
5184
+ scalarmult(p2, q2, h3);
5185
+ scalarbase(q2, sm.subarray(32));
5186
+ add(p2, q2);
5187
+ pack(t, p2);
5188
+ n -= 64;
5189
+ if (crypto_verify_32(sm, 0, t, 0)) {
5190
+ for (i = 0; i < n; i++) m3[i] = 0;
5191
+ return -1;
5192
+ }
5193
+ for (i = 0; i < n; i++) m3[i] = sm[i + 64];
5194
+ return n;
5195
+ }
5196
+ var crypto_secretbox_KEYBYTES = 32, crypto_secretbox_NONCEBYTES = 24, crypto_secretbox_ZEROBYTES = 32, crypto_secretbox_BOXZEROBYTES = 16, crypto_scalarmult_BYTES = 32, crypto_scalarmult_SCALARBYTES = 32, crypto_box_PUBLICKEYBYTES = 32, crypto_box_SECRETKEYBYTES = 32, crypto_box_BEFORENMBYTES = 32, crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES, crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES, crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES, crypto_sign_BYTES = 64, crypto_sign_PUBLICKEYBYTES = 32, crypto_sign_SECRETKEYBYTES = 64, crypto_sign_SEEDBYTES = 32, crypto_hash_BYTES = 64;
5197
+ nacl.lowlevel = {
5198
+ crypto_core_hsalsa20,
5199
+ crypto_stream_xor,
5200
+ crypto_stream,
5201
+ crypto_stream_salsa20_xor,
5202
+ crypto_stream_salsa20,
5203
+ crypto_onetimeauth,
5204
+ crypto_onetimeauth_verify,
5205
+ crypto_verify_16,
5206
+ crypto_verify_32,
5207
+ crypto_secretbox,
5208
+ crypto_secretbox_open,
5209
+ crypto_scalarmult,
5210
+ crypto_scalarmult_base,
5211
+ crypto_box_beforenm,
5212
+ crypto_box_afternm,
5213
+ crypto_box,
5214
+ crypto_box_open,
5215
+ crypto_box_keypair,
5216
+ crypto_hash,
5217
+ crypto_sign,
5218
+ crypto_sign_keypair,
5219
+ crypto_sign_open,
5220
+ crypto_secretbox_KEYBYTES,
5221
+ crypto_secretbox_NONCEBYTES,
5222
+ crypto_secretbox_ZEROBYTES,
5223
+ crypto_secretbox_BOXZEROBYTES,
5224
+ crypto_scalarmult_BYTES,
5225
+ crypto_scalarmult_SCALARBYTES,
5226
+ crypto_box_PUBLICKEYBYTES,
5227
+ crypto_box_SECRETKEYBYTES,
5228
+ crypto_box_BEFORENMBYTES,
5229
+ crypto_box_NONCEBYTES,
5230
+ crypto_box_ZEROBYTES,
5231
+ crypto_box_BOXZEROBYTES,
5232
+ crypto_sign_BYTES,
5233
+ crypto_sign_PUBLICKEYBYTES,
5234
+ crypto_sign_SECRETKEYBYTES,
5235
+ crypto_sign_SEEDBYTES,
5236
+ crypto_hash_BYTES,
5237
+ gf,
5238
+ D: D2,
5239
+ L: L3,
5240
+ pack25519,
5241
+ unpack25519,
5242
+ M: M2,
5243
+ A: A3,
5244
+ S: S3,
5245
+ Z: Z3,
5246
+ pow2523,
5247
+ add,
5248
+ set25519,
5249
+ modL,
5250
+ scalarmult,
5251
+ scalarbase
5252
+ };
5253
+ function checkLengths(k2, n) {
5254
+ if (k2.length !== crypto_secretbox_KEYBYTES) throw new Error("bad key size");
5255
+ if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error("bad nonce size");
5256
+ }
5257
+ function checkBoxLengths(pk, sk) {
5258
+ if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error("bad public key size");
5259
+ if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error("bad secret key size");
5260
+ }
5261
+ function checkArrayTypes() {
5262
+ for (var i = 0; i < arguments.length; i++) {
5263
+ if (!(arguments[i] instanceof Uint8Array))
5264
+ throw new TypeError("unexpected type, use Uint8Array");
5265
+ }
5266
+ }
5267
+ function cleanup(arr) {
5268
+ for (var i = 0; i < arr.length; i++) arr[i] = 0;
5269
+ }
5270
+ nacl.randomBytes = function(n) {
5271
+ var b3 = new Uint8Array(n);
5272
+ randombytes(b3, n);
5273
+ return b3;
5274
+ };
5275
+ nacl.secretbox = function(msg, nonce, key) {
5276
+ checkArrayTypes(msg, nonce, key);
5277
+ checkLengths(key, nonce);
5278
+ var m3 = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);
5279
+ var c = new Uint8Array(m3.length);
5280
+ for (var i = 0; i < msg.length; i++) m3[i + crypto_secretbox_ZEROBYTES] = msg[i];
5281
+ crypto_secretbox(c, m3, m3.length, nonce, key);
5282
+ return c.subarray(crypto_secretbox_BOXZEROBYTES);
5283
+ };
5284
+ nacl.secretbox.open = function(box, nonce, key) {
5285
+ checkArrayTypes(box, nonce, key);
5286
+ checkLengths(key, nonce);
5287
+ var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);
5288
+ var m3 = new Uint8Array(c.length);
5289
+ for (var i = 0; i < box.length; i++) c[i + crypto_secretbox_BOXZEROBYTES] = box[i];
5290
+ if (c.length < 32) return null;
5291
+ if (crypto_secretbox_open(m3, c, c.length, nonce, key) !== 0) return null;
5292
+ return m3.subarray(crypto_secretbox_ZEROBYTES);
5293
+ };
5294
+ nacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;
5295
+ nacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;
5296
+ nacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;
5297
+ nacl.scalarMult = function(n, p2) {
5298
+ checkArrayTypes(n, p2);
5299
+ if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error("bad n size");
5300
+ if (p2.length !== crypto_scalarmult_BYTES) throw new Error("bad p size");
5301
+ var q2 = new Uint8Array(crypto_scalarmult_BYTES);
5302
+ crypto_scalarmult(q2, n, p2);
5303
+ return q2;
5304
+ };
5305
+ nacl.scalarMult.base = function(n) {
5306
+ checkArrayTypes(n);
5307
+ if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error("bad n size");
5308
+ var q2 = new Uint8Array(crypto_scalarmult_BYTES);
5309
+ crypto_scalarmult_base(q2, n);
5310
+ return q2;
5311
+ };
5312
+ nacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;
5313
+ nacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;
5314
+ nacl.box = function(msg, nonce, publicKey, secretKey) {
5315
+ var k2 = nacl.box.before(publicKey, secretKey);
5316
+ return nacl.secretbox(msg, nonce, k2);
5317
+ };
5318
+ nacl.box.before = function(publicKey, secretKey) {
5319
+ checkArrayTypes(publicKey, secretKey);
5320
+ checkBoxLengths(publicKey, secretKey);
5321
+ var k2 = new Uint8Array(crypto_box_BEFORENMBYTES);
5322
+ crypto_box_beforenm(k2, publicKey, secretKey);
5323
+ return k2;
5324
+ };
5325
+ nacl.box.after = nacl.secretbox;
5326
+ nacl.box.open = function(msg, nonce, publicKey, secretKey) {
5327
+ var k2 = nacl.box.before(publicKey, secretKey);
5328
+ return nacl.secretbox.open(msg, nonce, k2);
5329
+ };
5330
+ nacl.box.open.after = nacl.secretbox.open;
5331
+ nacl.box.keyPair = function() {
5332
+ var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
5333
+ var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);
5334
+ crypto_box_keypair(pk, sk);
5335
+ return { publicKey: pk, secretKey: sk };
5336
+ };
5337
+ nacl.box.keyPair.fromSecretKey = function(secretKey) {
5338
+ checkArrayTypes(secretKey);
5339
+ if (secretKey.length !== crypto_box_SECRETKEYBYTES)
5340
+ throw new Error("bad secret key size");
5341
+ var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
5342
+ crypto_scalarmult_base(pk, secretKey);
5343
+ return { publicKey: pk, secretKey: new Uint8Array(secretKey) };
5344
+ };
5345
+ nacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;
5346
+ nacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;
5347
+ nacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;
5348
+ nacl.box.nonceLength = crypto_box_NONCEBYTES;
5349
+ nacl.box.overheadLength = nacl.secretbox.overheadLength;
5350
+ nacl.sign = function(msg, secretKey) {
5351
+ checkArrayTypes(msg, secretKey);
5352
+ if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
5353
+ throw new Error("bad secret key size");
5354
+ var signedMsg = new Uint8Array(crypto_sign_BYTES + msg.length);
5355
+ crypto_sign(signedMsg, msg, msg.length, secretKey);
5356
+ return signedMsg;
5357
+ };
5358
+ nacl.sign.open = function(signedMsg, publicKey) {
5359
+ checkArrayTypes(signedMsg, publicKey);
5360
+ if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)
5361
+ throw new Error("bad public key size");
5362
+ var tmp = new Uint8Array(signedMsg.length);
5363
+ var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);
5364
+ if (mlen < 0) return null;
5365
+ var m3 = new Uint8Array(mlen);
5366
+ for (var i = 0; i < m3.length; i++) m3[i] = tmp[i];
5367
+ return m3;
5368
+ };
5369
+ nacl.sign.detached = function(msg, secretKey) {
5370
+ var signedMsg = nacl.sign(msg, secretKey);
5371
+ var sig = new Uint8Array(crypto_sign_BYTES);
5372
+ for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];
5373
+ return sig;
5374
+ };
5375
+ nacl.sign.detached.verify = function(msg, sig, publicKey) {
5376
+ checkArrayTypes(msg, sig, publicKey);
5377
+ if (sig.length !== crypto_sign_BYTES)
5378
+ throw new Error("bad signature size");
5379
+ if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)
5380
+ throw new Error("bad public key size");
5381
+ var sm = new Uint8Array(crypto_sign_BYTES + msg.length);
5382
+ var m3 = new Uint8Array(crypto_sign_BYTES + msg.length);
5383
+ var i;
5384
+ for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];
5385
+ for (i = 0; i < msg.length; i++) sm[i + crypto_sign_BYTES] = msg[i];
5386
+ return crypto_sign_open(m3, sm, sm.length, publicKey) >= 0;
5387
+ };
5388
+ nacl.sign.keyPair = function() {
5389
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
5390
+ var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
5391
+ crypto_sign_keypair(pk, sk);
5392
+ return { publicKey: pk, secretKey: sk };
5393
+ };
5394
+ nacl.sign.keyPair.fromSecretKey = function(secretKey) {
5395
+ checkArrayTypes(secretKey);
5396
+ if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
5397
+ throw new Error("bad secret key size");
5398
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
5399
+ for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32 + i];
5400
+ return { publicKey: pk, secretKey: new Uint8Array(secretKey) };
5401
+ };
5402
+ nacl.sign.keyPair.fromSeed = function(seed) {
5403
+ checkArrayTypes(seed);
5404
+ if (seed.length !== crypto_sign_SEEDBYTES)
5405
+ throw new Error("bad seed size");
5406
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
5407
+ var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
5408
+ for (var i = 0; i < 32; i++) sk[i] = seed[i];
5409
+ crypto_sign_keypair(pk, sk, true);
5410
+ return { publicKey: pk, secretKey: sk };
5411
+ };
5412
+ nacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;
5413
+ nacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;
5414
+ nacl.sign.seedLength = crypto_sign_SEEDBYTES;
5415
+ nacl.sign.signatureLength = crypto_sign_BYTES;
5416
+ nacl.hash = function(msg) {
5417
+ checkArrayTypes(msg);
5418
+ var h3 = new Uint8Array(crypto_hash_BYTES);
5419
+ crypto_hash(h3, msg, msg.length);
5420
+ return h3;
5421
+ };
5422
+ nacl.hash.hashLength = crypto_hash_BYTES;
5423
+ nacl.verify = function(x2, y3) {
5424
+ checkArrayTypes(x2, y3);
5425
+ if (x2.length === 0 || y3.length === 0) return false;
5426
+ if (x2.length !== y3.length) return false;
5427
+ return vn2(x2, 0, y3, 0, x2.length) === 0 ? true : false;
5428
+ };
5429
+ nacl.setPRNG = function(fn) {
5430
+ randombytes = fn;
5431
+ };
5432
+ (function() {
5433
+ var crypto2 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
5434
+ if (crypto2 && crypto2.getRandomValues) {
5435
+ var QUOTA = 65536;
5436
+ nacl.setPRNG(function(x2, n) {
5437
+ var i, v2 = new Uint8Array(n);
5438
+ for (i = 0; i < n; i += QUOTA) {
5439
+ crypto2.getRandomValues(v2.subarray(i, i + Math.min(n - i, QUOTA)));
5440
+ }
5441
+ for (i = 0; i < n; i++) x2[i] = v2[i];
5442
+ cleanup(v2);
5443
+ });
5444
+ } else if (typeof require !== "undefined") {
5445
+ crypto2 = require("crypto");
5446
+ if (crypto2 && crypto2.randomBytes) {
5447
+ nacl.setPRNG(function(x2, n) {
5448
+ var i, v2 = crypto2.randomBytes(n);
5449
+ for (i = 0; i < n; i++) x2[i] = v2[i];
5450
+ cleanup(v2);
5451
+ });
5452
+ }
5453
+ }
5454
+ })();
5455
+ })(typeof module2 !== "undefined" && module2.exports ? module2.exports : self.nacl = self.nacl || {});
5456
+ }
5457
+ });
5458
+
3231
5459
  // src/index.ts
3232
5460
  var index_exports = {};
3233
5461
  __export(index_exports, {
@@ -3253,6 +5481,7 @@ __export(index_exports, {
3253
5481
  NetworkId: () => NetworkId,
3254
5482
  PeraWallet: () => PeraWallet,
3255
5483
  ScopeType: () => ScopeType,
5484
+ SecureKeyContainer: () => SecureKeyContainer,
3256
5485
  SessionError: () => SessionError,
3257
5486
  SignDataError: () => SignDataError,
3258
5487
  SignTxnsError: () => SignTxnsError,
@@ -3261,7 +5490,12 @@ __export(index_exports, {
3261
5490
  WalletConnect: () => WalletConnect,
3262
5491
  WalletId: () => WalletId,
3263
5492
  WalletManager: () => WalletManager,
3264
- webpackFallback: () => webpackFallback
5493
+ Web3AuthWallet: () => Web3AuthWallet,
5494
+ webpackFallback: () => webpackFallback,
5495
+ withSecureKey: () => withSecureKey,
5496
+ withSecureKeySync: () => withSecureKeySync,
5497
+ zeroMemory: () => zeroMemory,
5498
+ zeroString: () => zeroString
3265
5499
  });
3266
5500
  module.exports = __toCommonJS(index_exports);
3267
5501
 
@@ -3335,8 +5569,8 @@ var Logger = class _Logger {
3335
5569
  var logger = Logger.getInstance();
3336
5570
 
3337
5571
  // src/manager.ts
3338
- var import_store13 = require("@tanstack/store");
3339
- var import_algosdk13 = __toESM(require("algosdk"), 1);
5572
+ var import_store14 = require("@tanstack/store");
5573
+ var import_algosdk14 = __toESM(require("algosdk"), 1);
3340
5574
 
3341
5575
  // src/network.ts
3342
5576
  var DEFAULT_NETWORK_CONFIG = {
@@ -3543,6 +5777,7 @@ var WalletId = /* @__PURE__ */ ((WalletId2) => {
3543
5777
  WalletId2["MNEMONIC"] = "mnemonic";
3544
5778
  WalletId2["PERA"] = "pera";
3545
5779
  WalletId2["WALLETCONNECT"] = "walletconnect";
5780
+ WalletId2["WEB3AUTH"] = "web3auth";
3546
5781
  WalletId2["W3_WALLET"] = "w3-wallet";
3547
5782
  return WalletId2;
3548
5783
  })(WalletId || {});
@@ -3682,7 +5917,7 @@ function isValidPersistedState(state) {
3682
5917
  }
3683
5918
 
3684
5919
  // src/utils.ts
3685
- var import_algosdk12 = __toESM(require("algosdk"), 1);
5920
+ var import_algosdk13 = __toESM(require("algosdk"), 1);
3686
5921
 
3687
5922
  // src/wallets/walletconnect.ts
3688
5923
  var import_algosdk2 = __toESM(require("algosdk"), 1);
@@ -6299,9 +8534,660 @@ var PeraWallet = class extends BaseWallet {
6299
8534
  };
6300
8535
  };
6301
8536
 
6302
- // src/wallets/w3wallet.ts
8537
+ // src/wallets/web3auth.ts
6303
8538
  var import_algosdk11 = __toESM(require("algosdk"), 1);
8539
+
8540
+ // src/secure-key.ts
8541
+ var secureLogger = logger.createScopedLogger("SecureKey");
8542
+ function zeroMemory(buffer) {
8543
+ if (!buffer || buffer.length === 0) return;
8544
+ try {
8545
+ if (typeof crypto !== "undefined" && crypto.getRandomValues) {
8546
+ crypto.getRandomValues(buffer);
8547
+ }
8548
+ buffer.fill(0);
8549
+ } catch {
8550
+ for (let i = 0; i < buffer.length; i++) {
8551
+ buffer[i] = 0;
8552
+ }
8553
+ }
8554
+ }
8555
+ function zeroString(str) {
8556
+ if (!str) return "";
8557
+ const arr = new Uint8Array(str.length);
8558
+ for (let i = 0; i < str.length; i++) {
8559
+ arr[i] = str.charCodeAt(i);
8560
+ }
8561
+ zeroMemory(arr);
8562
+ return "";
8563
+ }
8564
+ var SecureKeyContainer = class {
8565
+ _secretKey = null;
8566
+ _isCleared = false;
8567
+ constructor(secretKey) {
8568
+ this._secretKey = new Uint8Array(secretKey);
8569
+ }
8570
+ /**
8571
+ * Check if the key has been cleared
8572
+ */
8573
+ get isCleared() {
8574
+ return this._isCleared;
8575
+ }
8576
+ /**
8577
+ * Execute a callback with access to the secret key.
8578
+ * The key is automatically cleared if an error occurs.
8579
+ */
8580
+ async useKey(callback) {
8581
+ if (this._isCleared || !this._secretKey) {
8582
+ throw new Error("SecureKeyContainer: Key has been cleared");
8583
+ }
8584
+ try {
8585
+ return await callback(this._secretKey);
8586
+ } catch (error) {
8587
+ this.clear();
8588
+ throw error;
8589
+ }
8590
+ }
8591
+ /**
8592
+ * Execute a synchronous callback with access to the secret key.
8593
+ */
8594
+ useKeySync(callback) {
8595
+ if (this._isCleared || !this._secretKey) {
8596
+ throw new Error("SecureKeyContainer: Key has been cleared");
8597
+ }
8598
+ try {
8599
+ return callback(this._secretKey);
8600
+ } catch (error) {
8601
+ this.clear();
8602
+ throw error;
8603
+ }
8604
+ }
8605
+ /**
8606
+ * Securely clear the key from memory.
8607
+ * This should be called when the key is no longer needed.
8608
+ */
8609
+ clear() {
8610
+ if (this._secretKey && !this._isCleared) {
8611
+ zeroMemory(this._secretKey);
8612
+ this._secretKey = null;
8613
+ this._isCleared = true;
8614
+ secureLogger.debug("Key material cleared from memory");
8615
+ }
8616
+ }
8617
+ };
8618
+ async function withSecureKey(secretKey, callback) {
8619
+ const container = new SecureKeyContainer(secretKey);
8620
+ try {
8621
+ return await callback(container);
8622
+ } finally {
8623
+ container.clear();
8624
+ }
8625
+ }
8626
+ function withSecureKeySync(secretKey, callback) {
8627
+ const container = new SecureKeyContainer(secretKey);
8628
+ try {
8629
+ return callback(container);
8630
+ } finally {
8631
+ container.clear();
8632
+ }
8633
+ }
8634
+ async function deriveAlgorandAccountFromEd25519(ed25519Seed) {
8635
+ if (ed25519Seed.length !== 32) {
8636
+ throw new Error(`Invalid ed25519 seed length: expected 32 bytes, got ${ed25519Seed.length}`);
8637
+ }
8638
+ const nacl = await Promise.resolve().then(() => __toESM(require_nacl_fast(), 1));
8639
+ const algosdk15 = await import("algosdk");
8640
+ const keyPair = nacl.sign.keyPair.fromSeed(ed25519Seed);
8641
+ const address = algosdk15.encodeAddress(keyPair.publicKey);
8642
+ return {
8643
+ addr: address,
8644
+ sk: keyPair.secretKey
8645
+ };
8646
+ }
8647
+
8648
+ // src/wallets/web3auth.ts
6304
8649
  var ICON13 = `data:image/svg+xml;base64,${btoa(`
8650
+ <svg viewBox="0 0 40 40" xmlns="http://www.w3.org/2000/svg">
8651
+ <rect fill="#0364FF" width="40" height="40" rx="8"/>
8652
+ <path fill="#FFFFFF" d="M20 8c-6.627 0-12 5.373-12 12s5.373 12 12 12 12-5.373 12-12S26.627 8 20 8zm0 21.6c-5.302 0-9.6-4.298-9.6-9.6S14.698 10.4 20 10.4s9.6 4.298 9.6 9.6-4.298 9.6-9.6 9.6zm0-16.8c-3.976 0-7.2 3.224-7.2 7.2s3.224 7.2 7.2 7.2 7.2-3.224 7.2-7.2-3.224-7.2-7.2-7.2zm0 12c-2.651 0-4.8-2.149-4.8-4.8s2.149-4.8 4.8-4.8 4.8 2.149 4.8 4.8-2.149 4.8-4.8 4.8z"/>
8653
+ </svg>
8654
+ `)}`;
8655
+ var Web3AuthWallet = class extends BaseWallet {
8656
+ web3auth = null;
8657
+ web3authSFA = null;
8658
+ options;
8659
+ userInfo = null;
8660
+ /**
8661
+ * SECURITY: We store only the address, NEVER the private key.
8662
+ * Keys are fetched fresh from Web3Auth and immediately cleared after use.
8663
+ */
8664
+ _address = null;
8665
+ /** Track which SDK is currently in use */
8666
+ usingSFA = false;
8667
+ store;
8668
+ constructor({
8669
+ id,
8670
+ store,
8671
+ subscribe,
8672
+ getAlgodClient,
8673
+ options,
8674
+ metadata = {}
8675
+ }) {
8676
+ super({ id, metadata, getAlgodClient, store, subscribe });
8677
+ if (!options?.clientId) {
8678
+ this.logger.error("Missing required option: clientId");
8679
+ throw new Error("Missing required option: clientId");
8680
+ }
8681
+ this.options = {
8682
+ web3AuthNetwork: "sapphire_mainnet",
8683
+ usePopup: true,
8684
+ ...options
8685
+ };
8686
+ this.store = store;
8687
+ }
8688
+ static defaultMetadata = {
8689
+ name: "Web3Auth",
8690
+ icon: ICON13
8691
+ };
8692
+ /**
8693
+ * Initialize the Web3Auth client
8694
+ */
8695
+ async initializeClient() {
8696
+ this.logger.info("Initializing Web3Auth client...");
8697
+ let Web3Auth;
8698
+ let CHAIN_NAMESPACES;
8699
+ let WEB3AUTH_NETWORK;
8700
+ let CommonPrivateKeyProvider;
8701
+ try {
8702
+ const modal = await import("@web3auth/modal");
8703
+ Web3Auth = modal.Web3Auth;
8704
+ const base = await import("@web3auth/base");
8705
+ CHAIN_NAMESPACES = base.CHAIN_NAMESPACES;
8706
+ WEB3AUTH_NETWORK = base.WEB3AUTH_NETWORK;
8707
+ const baseProvider = await import("@web3auth/base-provider");
8708
+ CommonPrivateKeyProvider = baseProvider.CommonPrivateKeyProvider;
8709
+ } catch {
8710
+ this.logger.error(
8711
+ "Failed to load Web3Auth. Make sure @web3auth/modal, @web3auth/base, and @web3auth/base-provider are installed."
8712
+ );
8713
+ throw new Error(
8714
+ "Web3Auth packages not found. Please install @web3auth/modal, @web3auth/base, and @web3auth/base-provider"
8715
+ );
8716
+ }
8717
+ const chainConfig = {
8718
+ chainNamespace: CHAIN_NAMESPACES.OTHER,
8719
+ chainId: "algorand",
8720
+ rpcTarget: "https://mainnet-api.algonode.cloud",
8721
+ // Required by Web3Auth, not actually used for signing
8722
+ displayName: "Algorand",
8723
+ blockExplorerUrl: "https://lora.algokit.io/mainnet",
8724
+ ticker: "ALGO",
8725
+ tickerName: "Algorand"
8726
+ };
8727
+ const networkMap = {
8728
+ mainnet: WEB3AUTH_NETWORK.MAINNET,
8729
+ testnet: WEB3AUTH_NETWORK.TESTNET,
8730
+ sapphire_mainnet: WEB3AUTH_NETWORK.SAPPHIRE_MAINNET,
8731
+ sapphire_devnet: WEB3AUTH_NETWORK.SAPPHIRE_DEVNET,
8732
+ cyan: WEB3AUTH_NETWORK.CYAN,
8733
+ aqua: WEB3AUTH_NETWORK.AQUA
8734
+ };
8735
+ const privateKeyProvider = new CommonPrivateKeyProvider({
8736
+ config: { chainConfig }
8737
+ });
8738
+ const web3auth = new Web3Auth({
8739
+ clientId: this.options.clientId,
8740
+ web3AuthNetwork: networkMap[this.options.web3AuthNetwork || "sapphire_mainnet"],
8741
+ privateKeyProvider,
8742
+ uiConfig: this.options.uiConfig
8743
+ });
8744
+ await web3auth.initModal();
8745
+ this.web3auth = web3auth;
8746
+ this.logger.info("Web3Auth client initialized");
8747
+ return web3auth;
8748
+ }
8749
+ /**
8750
+ * Initialize the Web3Auth Single Factor Auth client for custom JWT authentication
8751
+ */
8752
+ async initializeSFAClient() {
8753
+ this.logger.info("Initializing Web3Auth Single Factor Auth client...");
8754
+ let Web3Auth;
8755
+ let WEB3AUTH_NETWORK;
8756
+ let CommonPrivateKeyProvider;
8757
+ let CHAIN_NAMESPACES;
8758
+ try {
8759
+ const sfa = await import("@web3auth/single-factor-auth");
8760
+ Web3Auth = sfa.Web3Auth;
8761
+ const base = await import("@web3auth/base");
8762
+ WEB3AUTH_NETWORK = base.WEB3AUTH_NETWORK;
8763
+ CHAIN_NAMESPACES = base.CHAIN_NAMESPACES;
8764
+ const baseProvider = await import("@web3auth/base-provider");
8765
+ CommonPrivateKeyProvider = baseProvider.CommonPrivateKeyProvider;
8766
+ } catch {
8767
+ this.logger.error(
8768
+ "Failed to load Web3Auth SFA. Make sure @web3auth/single-factor-auth, @web3auth/base, and @web3auth/base-provider are installed."
8769
+ );
8770
+ throw new Error(
8771
+ "Web3Auth SFA packages not found. Please install @web3auth/single-factor-auth, @web3auth/base, and @web3auth/base-provider"
8772
+ );
8773
+ }
8774
+ const chainConfig = {
8775
+ chainNamespace: CHAIN_NAMESPACES.OTHER,
8776
+ chainId: "algorand",
8777
+ rpcTarget: "https://mainnet-api.algonode.cloud",
8778
+ // Required by Web3Auth, not actually used for signing
8779
+ displayName: "Algorand",
8780
+ blockExplorerUrl: "https://lora.algokit.io/mainnet",
8781
+ ticker: "ALGO",
8782
+ tickerName: "Algorand"
8783
+ };
8784
+ const networkMap = {
8785
+ mainnet: WEB3AUTH_NETWORK.MAINNET,
8786
+ testnet: WEB3AUTH_NETWORK.TESTNET,
8787
+ sapphire_mainnet: WEB3AUTH_NETWORK.SAPPHIRE_MAINNET,
8788
+ sapphire_devnet: WEB3AUTH_NETWORK.SAPPHIRE_DEVNET,
8789
+ cyan: WEB3AUTH_NETWORK.CYAN,
8790
+ aqua: WEB3AUTH_NETWORK.AQUA
8791
+ };
8792
+ const privateKeyProvider = new CommonPrivateKeyProvider({
8793
+ config: { chainConfig }
8794
+ });
8795
+ const web3authSFA = new Web3Auth({
8796
+ clientId: this.options.clientId,
8797
+ web3AuthNetwork: networkMap[this.options.web3AuthNetwork || "sapphire_mainnet"],
8798
+ privateKeyProvider
8799
+ });
8800
+ await web3authSFA.init();
8801
+ this.web3authSFA = web3authSFA;
8802
+ this.logger.info("Web3Auth SFA client initialized");
8803
+ return web3authSFA;
8804
+ }
8805
+ /**
8806
+ * SECURITY: Fetch the private key from Web3Auth and return it in a SecureKeyContainer.
8807
+ * The caller MUST call container.clear() when done.
8808
+ *
8809
+ * @returns SecureKeyContainer holding the private key
8810
+ */
8811
+ async getSecureKey() {
8812
+ const provider = this.usingSFA ? this.web3authSFA?.provider : this.web3auth?.provider;
8813
+ if (!provider) {
8814
+ throw new Error("Web3Auth not connected");
8815
+ }
8816
+ this.logger.debug("Fetching private key from Web3Auth...");
8817
+ const privateKeyHex = await provider.request({
8818
+ method: "private_key"
8819
+ });
8820
+ if (!privateKeyHex || typeof privateKeyHex !== "string") {
8821
+ throw new Error("Failed to retrieve private key from Web3Auth");
8822
+ }
8823
+ const privateKeyBytes = this.hexToBytes(privateKeyHex);
8824
+ const container = new SecureKeyContainer(privateKeyBytes);
8825
+ zeroMemory(privateKeyBytes);
8826
+ this.logger.debug("Private key retrieved and secured");
8827
+ return container;
8828
+ }
8829
+ /**
8830
+ * Convert a hex string to Uint8Array
8831
+ */
8832
+ hexToBytes(hex) {
8833
+ const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
8834
+ const bytes = new Uint8Array(cleanHex.length / 2);
8835
+ for (let i = 0; i < cleanHex.length; i += 2) {
8836
+ bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);
8837
+ }
8838
+ return bytes;
8839
+ }
8840
+ /**
8841
+ * Connect to Web3Auth
8842
+ *
8843
+ * @param args - Optional connection arguments
8844
+ * @param args.idToken - JWT token for custom authentication (e.g., Firebase ID token)
8845
+ * @param args.verifierId - User identifier for custom authentication (e.g., email, uid)
8846
+ * @param args.verifier - Custom verifier name (uses options.verifier if not provided)
8847
+ *
8848
+ * @example
8849
+ * // Standard modal connection
8850
+ * await wallet.connect()
8851
+ *
8852
+ * @example
8853
+ * // Custom authentication with Firebase
8854
+ * await wallet.connect({
8855
+ * idToken: firebaseIdToken,
8856
+ * verifierId: user.email,
8857
+ * verifier: 'my-firebase-verifier'
8858
+ * })
8859
+ */
8860
+ connect = async (args) => {
8861
+ this.logger.info("Connecting to Web3Auth...");
8862
+ try {
8863
+ let provider;
8864
+ const idToken = args?.idToken;
8865
+ const verifierId = args?.verifierId;
8866
+ const verifier = args?.verifier || this.options.verifier;
8867
+ if (idToken && verifierId) {
8868
+ if (!verifier) {
8869
+ throw new Error(
8870
+ "Custom authentication requires a verifier. Provide it in connect() args or options.verifier"
8871
+ );
8872
+ }
8873
+ this.logger.info("Connecting with custom authentication (SFA)...", { verifier, verifierId });
8874
+ const web3authSFA = this.web3authSFA || await this.initializeSFAClient();
8875
+ if (web3authSFA.connected) {
8876
+ this.logger.debug("SFA already connected, logging out first...");
8877
+ try {
8878
+ await web3authSFA.logout();
8879
+ } catch {
8880
+ }
8881
+ }
8882
+ provider = await web3authSFA.connect({
8883
+ verifier,
8884
+ verifierId,
8885
+ idToken
8886
+ });
8887
+ this.usingSFA = true;
8888
+ this.userInfo = { email: verifierId };
8889
+ } else {
8890
+ const web3auth = this.web3auth || await this.initializeClient();
8891
+ provider = await web3auth.connect();
8892
+ this.usingSFA = false;
8893
+ this.userInfo = await web3auth.getUserInfo();
8894
+ this.logger.debug("User info retrieved", { email: this.userInfo.email });
8895
+ }
8896
+ if (!provider) {
8897
+ throw new Error("Failed to connect to Web3Auth");
8898
+ }
8899
+ const keyContainer = await this.getSecureKey();
8900
+ try {
8901
+ const address = await keyContainer.useKey(async (secretKey) => {
8902
+ const account = await deriveAlgorandAccountFromEd25519(secretKey);
8903
+ const addr = account.addr;
8904
+ zeroMemory(account.sk);
8905
+ return addr;
8906
+ });
8907
+ this._address = address;
8908
+ } finally {
8909
+ keyContainer.clear();
8910
+ }
8911
+ const walletAccount = {
8912
+ name: this.userInfo.name || this.userInfo.email || `${this.metadata.name} Account`,
8913
+ address: this._address
8914
+ };
8915
+ const walletState = {
8916
+ accounts: [walletAccount],
8917
+ activeAccount: walletAccount
8918
+ };
8919
+ addWallet(this.store, {
8920
+ walletId: this.id,
8921
+ wallet: walletState
8922
+ });
8923
+ this.logger.info("Connected successfully", { address: this._address });
8924
+ return [walletAccount];
8925
+ } catch (error) {
8926
+ this.logger.error("Error connecting to Web3Auth:", error.message);
8927
+ throw error;
8928
+ }
8929
+ };
8930
+ /**
8931
+ * Disconnect from Web3Auth
8932
+ */
8933
+ disconnect = async () => {
8934
+ this.logger.info("Disconnecting from Web3Auth...");
8935
+ try {
8936
+ if (this.usingSFA && this.web3authSFA?.connected) {
8937
+ await this.web3authSFA.logout();
8938
+ } else if (this.web3auth?.connected) {
8939
+ await this.web3auth.logout();
8940
+ }
8941
+ } catch (error) {
8942
+ this.logger.warn("Error during Web3Auth logout:", error.message);
8943
+ }
8944
+ this._address = null;
8945
+ this.userInfo = null;
8946
+ this.usingSFA = false;
8947
+ this.onDisconnect();
8948
+ this.logger.info("Disconnected");
8949
+ };
8950
+ /**
8951
+ * Resume session from cached state
8952
+ *
8953
+ * LAZY AUTHENTICATION: We do NOT connect to Web3Auth here.
8954
+ * We simply restore the cached address from localStorage.
8955
+ * Web3Auth connection is deferred until signTransactions() is called.
8956
+ */
8957
+ resumeSession = async () => {
8958
+ try {
8959
+ const state = this.store.state;
8960
+ const walletState = state.wallets[this.id];
8961
+ if (!walletState) {
8962
+ this.logger.info("No session to resume");
8963
+ return;
8964
+ }
8965
+ const storedAccount = walletState.accounts[0];
8966
+ if (!storedAccount?.address) {
8967
+ this.logger.warn("No address found in cached session");
8968
+ this.onDisconnect();
8969
+ return;
8970
+ }
8971
+ this._address = storedAccount.address;
8972
+ this.userInfo = { name: storedAccount.name };
8973
+ this.logger.info("Session restored from cache (lazy mode)", { address: this._address });
8974
+ } catch (error) {
8975
+ this.logger.error("Error resuming session:", error.message);
8976
+ this.onDisconnect();
8977
+ throw error;
8978
+ }
8979
+ };
8980
+ /**
8981
+ * Check if Web3Auth is currently connected with a valid session
8982
+ */
8983
+ isWeb3AuthConnected() {
8984
+ if (this.usingSFA) {
8985
+ return Boolean(this.web3authSFA?.connected && this.web3authSFA?.provider);
8986
+ }
8987
+ return Boolean(this.web3auth?.connected && this.web3auth?.provider);
8988
+ }
8989
+ /**
8990
+ * Ensure Web3Auth is connected and ready for signing.
8991
+ * Re-authenticates if the session has expired.
8992
+ *
8993
+ * This is called lazily when signTransactions() is invoked,
8994
+ */
8995
+ async ensureConnected() {
8996
+ if (this.isWeb3AuthConnected()) {
8997
+ this.logger.debug("Web3Auth session still valid");
8998
+ return;
8999
+ }
9000
+ this.logger.info("Web3Auth session expired or not initialized, re-authenticating...");
9001
+ if (this.usingSFA) {
9002
+ await this.reconnectSFA();
9003
+ } else {
9004
+ await this.reconnectModal();
9005
+ }
9006
+ }
9007
+ /**
9008
+ * Re-authenticate using Single Factor Auth (Firebase, custom JWT)
9009
+ *
9010
+ * Requires getAuthCredentials callback to be configured in options.
9011
+ * If the callback returns credentials for a different user, this will
9012
+ * disconnect the current wallet (the user logged out and back in as someone else).
9013
+ */
9014
+ async reconnectSFA() {
9015
+ if (!this.options.getAuthCredentials) {
9016
+ this.logger.error("Cannot re-authenticate: getAuthCredentials callback not configured");
9017
+ throw new Error(
9018
+ "Web3Auth session expired. Configure getAuthCredentials option for automatic re-auth, or call disconnect() and connect() with fresh credentials."
9019
+ );
9020
+ }
9021
+ this.logger.info("Getting fresh credentials for SFA re-authentication...");
9022
+ let credentials;
9023
+ try {
9024
+ credentials = await this.options.getAuthCredentials();
9025
+ } catch (error) {
9026
+ this.logger.warn("Failed to get auth credentials, user may have logged out:", error.message);
9027
+ this.onDisconnect();
9028
+ throw new Error("Authentication provider session expired. Please log in again.");
9029
+ }
9030
+ const web3authSFA = this.web3authSFA || await this.initializeSFAClient();
9031
+ if (web3authSFA.connected) {
9032
+ try {
9033
+ await web3authSFA.logout();
9034
+ } catch {
9035
+ }
9036
+ }
9037
+ const verifier = credentials.verifier || this.options.verifier;
9038
+ if (!verifier) {
9039
+ throw new Error("No verifier configured for SFA authentication");
9040
+ }
9041
+ const provider = await web3authSFA.connect({
9042
+ verifier,
9043
+ verifierId: credentials.verifierId,
9044
+ idToken: credentials.idToken
9045
+ });
9046
+ if (!provider) {
9047
+ throw new Error("Failed to re-authenticate with Web3Auth SFA");
9048
+ }
9049
+ this.usingSFA = true;
9050
+ await this.verifyAddressMatch();
9051
+ }
9052
+ /**
9053
+ * Re-authenticate using the Web3Auth modal
9054
+ *
9055
+ * Shows the Web3Auth login modal for the user to authenticate again.
9056
+ * If they log in as a different user, this will disconnect the current wallet.
9057
+ */
9058
+ async reconnectModal() {
9059
+ this.logger.info("Showing Web3Auth modal for re-authentication...");
9060
+ const web3auth = this.web3auth || await this.initializeClient();
9061
+ if (web3auth.connected) {
9062
+ try {
9063
+ await web3auth.logout();
9064
+ } catch {
9065
+ }
9066
+ }
9067
+ const provider = await web3auth.connect();
9068
+ if (!provider) {
9069
+ throw new Error("Re-authentication cancelled or failed");
9070
+ }
9071
+ this.usingSFA = false;
9072
+ this.userInfo = await web3auth.getUserInfo();
9073
+ await this.verifyAddressMatch();
9074
+ }
9075
+ /**
9076
+ * Verify that the current Web3Auth session matches the cached address.
9077
+ *
9078
+ * If the address doesn't match (user logged in as someone else),
9079
+ * this disconnects the wallet entirely - it's a different identity.
9080
+ */
9081
+ async verifyAddressMatch() {
9082
+ const keyContainer = await this.getSecureKey();
9083
+ try {
9084
+ const currentAddress = await keyContainer.useKey(async (secretKey) => {
9085
+ const account = await deriveAlgorandAccountFromEd25519(secretKey);
9086
+ const addr = account.addr;
9087
+ zeroMemory(account.sk);
9088
+ return addr;
9089
+ });
9090
+ if (currentAddress !== this._address) {
9091
+ this.logger.warn("Re-authenticated as different user, disconnecting wallet", {
9092
+ expected: this._address,
9093
+ actual: currentAddress
9094
+ });
9095
+ this.onDisconnect();
9096
+ throw new Error(
9097
+ `Re-authenticated as a different account. Expected ${this._address}, got ${currentAddress}. Please connect again with the correct account.`
9098
+ );
9099
+ }
9100
+ this.logger.info("Address verified, session restored");
9101
+ } finally {
9102
+ keyContainer.clear();
9103
+ }
9104
+ }
9105
+ /**
9106
+ * Process transactions for signing
9107
+ */
9108
+ processTxns(txnGroup, indexesToSign) {
9109
+ const txnsToSign = [];
9110
+ txnGroup.forEach((txn, index) => {
9111
+ const isIndexMatch = !indexesToSign || indexesToSign.includes(index);
9112
+ const signer = txn.sender.toString();
9113
+ const canSignTxn = signer === this._address;
9114
+ if (isIndexMatch && canSignTxn) {
9115
+ txnsToSign.push(txn);
9116
+ }
9117
+ });
9118
+ return txnsToSign;
9119
+ }
9120
+ /**
9121
+ * Process encoded transactions for signing
9122
+ */
9123
+ processEncodedTxns(txnGroup, indexesToSign) {
9124
+ const txnsToSign = [];
9125
+ txnGroup.forEach((txnBuffer, index) => {
9126
+ const decodedObj = import_algosdk11.default.msgpackRawDecode(txnBuffer);
9127
+ const isSigned = isSignedTxn(decodedObj);
9128
+ const txn = isSigned ? import_algosdk11.default.decodeSignedTransaction(txnBuffer).txn : import_algosdk11.default.decodeUnsignedTransaction(txnBuffer);
9129
+ const isIndexMatch = !indexesToSign || indexesToSign.includes(index);
9130
+ const signer = txn.sender.toString();
9131
+ const canSignTxn = !isSigned && signer === this._address;
9132
+ if (isIndexMatch && canSignTxn) {
9133
+ txnsToSign.push(txn);
9134
+ }
9135
+ });
9136
+ return txnsToSign;
9137
+ }
9138
+ /**
9139
+ * Sign transactions
9140
+ *
9141
+ * LAZY AUTHENTICATION: If the Web3Auth session has expired, this will
9142
+ * automatically re-authenticate before signing.
9143
+ *
9144
+ * SECURITY: The private key is fetched fresh, used for signing,
9145
+ * and immediately cleared from memory. The key is never stored
9146
+ * between signing operations.
9147
+ */
9148
+ signTransactions = async (txnGroup, indexesToSign) => {
9149
+ try {
9150
+ this.logger.debug("Signing transactions...", { txnGroup, indexesToSign });
9151
+ await this.ensureConnected();
9152
+ let txnsToSign = [];
9153
+ if (isTransactionArray(txnGroup)) {
9154
+ const flatTxns = flattenTxnGroup(txnGroup);
9155
+ txnsToSign = this.processTxns(flatTxns, indexesToSign);
9156
+ } else {
9157
+ const flatTxns = flattenTxnGroup(txnGroup);
9158
+ txnsToSign = this.processEncodedTxns(flatTxns, indexesToSign);
9159
+ }
9160
+ if (txnsToSign.length === 0) {
9161
+ this.logger.debug("No transactions to sign");
9162
+ return [];
9163
+ }
9164
+ const keyContainer = await this.getSecureKey();
9165
+ let signedTxns = [];
9166
+ try {
9167
+ signedTxns = await keyContainer.useKey(async (secretKey) => {
9168
+ const account = await deriveAlgorandAccountFromEd25519(secretKey);
9169
+ try {
9170
+ const signed = txnsToSign.map((txn) => txn.signTxn(account.sk));
9171
+ return signed;
9172
+ } finally {
9173
+ zeroMemory(account.sk);
9174
+ }
9175
+ });
9176
+ } finally {
9177
+ keyContainer.clear();
9178
+ }
9179
+ this.logger.debug("Transactions signed successfully", { count: signedTxns.length });
9180
+ return signedTxns;
9181
+ } catch (error) {
9182
+ this.logger.error("Error signing transactions:", error.message);
9183
+ throw error;
9184
+ }
9185
+ };
9186
+ };
9187
+
9188
+ // src/wallets/w3wallet.ts
9189
+ var import_algosdk12 = __toESM(require("algosdk"), 1);
9190
+ var ICON14 = `data:image/svg+xml;base64,${btoa(`
6305
9191
  <svg width="860" height="860" viewBox="0 0 860 860" fill="none" xmlns="http://www.w3.org/2000/svg">
6306
9192
  <rect width="860" height="860" rx="30" fill="#151923"/>
6307
9193
  <path d="M766 207L496.627 623.406C463.521 675.336 382.014 652.248 382.014 590.941V432.568L260.638 623.28C227.559 675.255 146 652.186 146 590.854V274.844H234.646V499.761L356.022 309.049C389.101 257.074 470.66 280.143 470.66 341.475V499.978L660.146 207L766 207Z" fill="#4BB7D1"/>
@@ -6322,7 +9208,7 @@ var W3Wallet = class extends BaseWallet {
6322
9208
  }
6323
9209
  static defaultMetadata = {
6324
9210
  name: "W3 Wallet",
6325
- icon: ICON13
9211
+ icon: ICON14
6326
9212
  };
6327
9213
  async initializeClient() {
6328
9214
  this.logger.info("Initializing client...");
@@ -6395,9 +9281,9 @@ var W3Wallet = class extends BaseWallet {
6395
9281
  processEncodedTxns(txnGroup, indexesToSign) {
6396
9282
  const txnsToSign = [];
6397
9283
  txnGroup.forEach((txnBuffer, index) => {
6398
- const decodedObj = import_algosdk11.default.msgpackRawDecode(txnBuffer);
9284
+ const decodedObj = import_algosdk12.default.msgpackRawDecode(txnBuffer);
6399
9285
  const isSigned = isSignedTxn(decodedObj);
6400
- const txn = isSigned ? import_algosdk11.default.decodeSignedTransaction(txnBuffer).txn : import_algosdk11.default.decodeUnsignedTransaction(txnBuffer);
9286
+ const txn = isSigned ? import_algosdk12.default.decodeSignedTransaction(txnBuffer).txn : import_algosdk12.default.decodeUnsignedTransaction(txnBuffer);
6401
9287
  const isIndexMatch = !indexesToSign || indexesToSign.includes(index);
6402
9288
  const signer = txn.sender.toString();
6403
9289
  const canSignTxn = !isSigned && this.addresses.includes(signer);
@@ -6455,6 +9341,7 @@ function createWalletMap() {
6455
9341
  ["mnemonic" /* MNEMONIC */]: MnemonicWallet,
6456
9342
  ["pera" /* PERA */]: PeraWallet,
6457
9343
  ["walletconnect" /* WALLETCONNECT */]: WalletConnect,
9344
+ ["web3auth" /* WEB3AUTH */]: Web3AuthWallet,
6458
9345
  ["w3-wallet" /* W3_WALLET */]: W3Wallet
6459
9346
  };
6460
9347
  }
@@ -6501,7 +9388,7 @@ function isSignedTxn(txnObj) {
6501
9388
  return hasRequiredProps;
6502
9389
  }
6503
9390
  function isTransaction(item) {
6504
- return item && typeof item === "object" && "sender" in item && (item.sender instanceof import_algosdk12.default.Address || typeof item.sender === "string");
9391
+ return item && typeof item === "object" && "sender" in item && (item.sender instanceof import_algosdk13.default.Address || typeof item.sender === "string");
6505
9392
  }
6506
9393
  function isTransactionArray(txnGroup) {
6507
9394
  if (!Array.isArray(txnGroup) || txnGroup.length === 0) {
@@ -6572,7 +9459,7 @@ var WalletManager = class {
6572
9459
  activeNetwork,
6573
9460
  algodClient
6574
9461
  };
6575
- this.store = new import_store13.Store(initialState, {
9462
+ this.store = new import_store14.Store(initialState, {
6576
9463
  onUpdate: () => this.savePersistedState()
6577
9464
  });
6578
9465
  this.savePersistedState();
@@ -6755,7 +9642,7 @@ var WalletManager = class {
6755
9642
  createAlgodClient(config) {
6756
9643
  this.logger.info(`Creating new Algodv2 client...`);
6757
9644
  const { token = "", baseServer, port = "", headers = {} } = config;
6758
- return new import_algosdk13.default.Algodv2(token, baseServer, port, headers);
9645
+ return new import_algosdk14.default.Algodv2(token, baseServer, port, headers);
6759
9646
  }
6760
9647
  getAlgodClient = () => {
6761
9648
  return this.algodClient;
@@ -6914,6 +9801,7 @@ var webpackFallback = {
6914
9801
  NetworkId,
6915
9802
  PeraWallet,
6916
9803
  ScopeType,
9804
+ SecureKeyContainer,
6917
9805
  SessionError,
6918
9806
  SignDataError,
6919
9807
  SignTxnsError,
@@ -6922,6 +9810,11 @@ var webpackFallback = {
6922
9810
  WalletConnect,
6923
9811
  WalletId,
6924
9812
  WalletManager,
6925
- webpackFallback
9813
+ Web3AuthWallet,
9814
+ webpackFallback,
9815
+ withSecureKey,
9816
+ withSecureKeySync,
9817
+ zeroMemory,
9818
+ zeroString
6926
9819
  });
6927
9820
  //# sourceMappingURL=index.cjs.map