@umbra-privacy/sdk 1.0.0

package/dist/errors/index.d.cts

@@ -0,0 +1,1415 @@
+/**
+ * Error Classes
+ *
+ * Centralized error hierarchy for the Umbra SDK.
+ * Contains the base `UmbraError` and all domain-specific assertion error classes.
+ *
+ * @remarks
+ * The SDK uses a two-level error hierarchy:
+ *
+ * 1. `UmbraError` — top-level base class for all SDK errors. Consumers can use
+ *    `instanceof UmbraError` (or the `isUmbraError` type guard) to distinguish SDK errors
+ *    from third-party or built-in errors in a catch block.
+ *
+ * 2. Domain assertion errors — thrown by type-assertion functions when a value fails
+ *    validation. Each domain has its own class to make it easy to catch errors from a
+ *    specific subsystem:
+ *    - `MathematicsAssertionError` — thrown by `assertU8`, `assertU256`, etc.
+ *    - `CryptographyAssertionError` — thrown by `assertBn254FieldElement`, `assertAesKey`, etc.
+ *    - `SolanaAssertionError` — thrown by Solana-type assertion functions.
+ *    - `TemporalAssertionError` — thrown by `assertYear`, `assertMonth`, etc.
+ *
+ * All four assertion error classes share the same three properties:
+ * - `value` — the actual value that failed
+ * - `expectedType` — the name of the expected branded type
+ * - `constraint` — optional human-readable constraint description
+ *
+ * @packageDocumentation
+ * @module common/errors
+ */
+/**
+ * Base error class for all Umbra SDK errors.
+ *
+ * All errors thrown by the SDK extend this class, allowing consumers
+ * to distinguish SDK errors from other errors using `instanceof`.
+ *
+ * @remarks
+ * Prefer using the `isUmbraError` type guard over `instanceof UmbraError` when writing
+ * defensive catch handlers — the type guard also works across module boundaries and
+ * iframe/realm boundaries where `instanceof` may fail due to different class references.
+ *
+ * Sub-classes (domain assertion errors) extend this class so callers can catch either
+ * all SDK errors at once (`instanceof UmbraError`) or only a specific domain's failures
+ * (e.g., `instanceof MathematicsAssertionError`).
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await umbraClient.register();
+ * } catch (error) {
+ *   if (error instanceof UmbraError) {
+ *     console.log('SDK error:', error.message);
+ *     console.log('Error code:', error.code);
+ *   } else {
+ *     throw error; // Re-throw non-SDK errors
+ *   }
+ * }
+ * ```
+ *
+ * @see {@link isUmbraError}
+ * @public
+ */
+declare class UmbraError extends Error {
+    /**
+     * A machine-readable error code for programmatic error handling.
+     *
+     * @remarks
+     * Defaults to `"UMBRA_ERROR"` when no code is supplied in the constructor options.
+     * Sub-classes or specific throw sites should supply a more specific code to allow
+     * callers to branch on error identity without string-matching `message`.
+     *
+     * @readonly
+     */
+    readonly code: string;
+    /**
+     * Additional context about the error.
+     *
+     * @remarks
+     * A free-form key-value map of diagnostic data attached to the error at the throw site.
+     * Useful for logging and debugging — consumers should not rely on specific keys for
+     * control flow; use `code` for programmatic branching instead.
+     *
+     * Will be `undefined` when no context was provided to the constructor.
+     *
+     * @readonly
+     */
+    readonly context?: Record<string, unknown>;
+    /**
+     * The original error that caused this error, if any.
+     *
+     * @remarks
+     * When an SDK function wraps a lower-level error (e.g., a failed RPC call or a
+     * cryptographic library error), it sets `cause` to the original thrown value so
+     * callers can inspect the full error chain.
+     *
+     * Will be `undefined` when there is no underlying cause.
+     *
+     * @readonly
+     */
+    readonly cause?: unknown;
+    /**
+     * Creates a new UmbraError.
+     *
+     * @param message - Human-readable description of what went wrong. Should be
+     *   actionable and specific enough for a developer to understand the failure
+     *   without reading source code.
+     * @param options - Optional structured metadata attached to the error.
+     * @param options.code - Machine-readable error code for programmatic branching.
+     *   Defaults to `"UMBRA_ERROR"` if omitted.
+     * @param options.context - Free-form diagnostic key-value pairs. Omit or set to
+     *   `undefined` to leave the `context` property unset.
+     * @param options.cause - The original error that triggered this one. Enables
+     *   full error-chain inspection. Omit or set to `undefined` when there is no
+     *   underlying cause.
+     *
+     * @defaultValue `options` — `undefined` (all options optional)
+     * @defaultValue `options.code` — `"UMBRA_ERROR"`
+     */
+    constructor(message: string, options?: {
+        code?: string;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Type guard to check if an error is an UmbraError.
+ *
+ * @remarks
+ * Prefer this guard over `error instanceof UmbraError` in generic catch handlers because
+ * it is safe to call with any value (including `null`, primitives, and non-Error objects)
+ * and narrows the type to `UmbraError` for TypeScript's type system in the true branch.
+ *
+ * @param error - The value to test. Typically the caught value in a `catch (error)` block,
+ *   typed as `unknown`.
+ * @returns `true` and narrows `error` to `UmbraError` when the value is an instance of
+ *   `UmbraError` (or any sub-class such as `MathematicsAssertionError`). Returns `false`
+ *   for all other values.
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await operation();
+ * } catch (error) {
+ *   if (isUmbraError(error)) {
+ *     // error is narrowed to UmbraError here
+ *     console.log('SDK error code:', error.code);
+ *     console.log('SDK error context:', error.context);
+ *   }
+ * }
+ * ```
+ *
+ * @see {@link UmbraError}
+ * @public
+ */
+declare function isUmbraError(error: unknown): error is UmbraError;
+/**
+ * Error thrown when a value fails a mathematical type assertion.
+ *
+ * This error provides detailed information about why an assertion failed,
+ * including the actual value, the expected type, and the constraint that
+ * was violated.
+ *
+ * @remarks
+ * All assertion functions in the mathematics module (e.g., `assertU8`, `assertU256`,
+ * `assertU32LeBytes`) throw this error type on failure. Catch it specifically to handle
+ * mathematical type validation failures differently from cryptographic or Solana errors.
+ *
+ * The three diagnostic properties together allow automated logging pipelines to produce
+ * structured records without parsing the `message` string:
+ * - `value` — the actual value that was supplied
+ * - `expectedType` — the branded type name (e.g., `"U8"`, `"U256LeBytes"`)
+ * - `constraint` — the violated range or length rule, or `undefined` for type mismatches
+ *
+ * Note that this class does NOT extend `UmbraError`. It extends `Error` directly to keep
+ * the assertion error classes lightweight and independent of the UmbraError hierarchy.
+ * Use `isUmbraError` only to detect top-level SDK operational errors; use
+ * `instanceof MathematicsAssertionError` for assertion failures.
+ *
+ * @example
+ * ```typescript
+ * import { assertU8, MathematicsAssertionError } from "./mathematics";
+ *
+ * try {
+ *     const value = assertU8(256n); // Will throw
+ * } catch (error) {
+ *     if (error instanceof MathematicsAssertionError) {
+ *         console.error(`Assertion failed for ${error.expectedType}`);
+ *         console.error(`Value: ${error.value}`);
+ *         console.error(`Constraint: ${error.constraint}`);
+ *         // Output:
+ *         // Assertion failed for U8
+ *         // Value: 256
+ *         // Constraint: 0 <= value <= 255
+ *     }
+ * }
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Safe parse pattern — returns null instead of throwing
+ * function safeParseU8(value: bigint): U8 | null {
+ *     try {
+ *         return assertU8(value);
+ *     } catch (error) {
+ *         if (error instanceof MathematicsAssertionError) {
+ *             console.warn(`Invalid U8 value: ${value}`);
+ *             return null;
+ *         }
+ *         throw error; // Re-throw unexpected errors
+ *     }
+ * }
+ * ```
+ *
+ * @sealed
+ * @public
+ */
+declare class MathematicsAssertionError extends Error {
+    /**
+     * The actual value that failed the assertion.
+     *
+     * @remarks
+     * The runtime type reflects what was actually passed to the assertion function:
+     * - `bigint` for integer assertions (`assertU8`, `assertU256`, etc.)
+     * - `Uint8Array` for byte-array assertions (`assertU256LeBytes`, `assertU32LeBytes`, etc.)
+     * - Any other type when a non-numeric value was passed unexpectedly
+     *
+     * @readonly
+     */
+    readonly value: unknown;
+    /**
+     * The type that was expected.
+     *
+     * @remarks
+     * Contains the branded type name exactly as it appears in the SDK type system,
+     * e.g., `"U8"`, `"U256"`, `"U32LeBytes"`. Use this for structured logging or
+     * to build user-facing error messages without parsing the `message` string.
+     *
+     * @readonly
+     */
+    readonly expectedType: string;
+    /**
+     * Description of the constraint that was violated.
+     *
+     * @remarks
+     * Is `undefined` when only a type check failed (e.g., a `string` was passed where a
+     * `bigint` was expected). Contains a human-readable inequality or length rule when a
+     * value of the correct type was out of the allowed range.
+     *
+     * @example
+     * - `"0 <= value <= 255"` — U8 range violation
+     * - `"length === 32"` — U256LeBytes length violation
+     * - `"value >= 0"` — negative value passed to an unsigned integer assertion
+     *
+     * @readonly
+     */
+    readonly constraint: string | undefined;
+    /**
+     * Creates a new MathematicsAssertionError.
+     *
+     * @param message - Human-readable description of the assertion failure. Should name
+     *   the assertion function, the expected type, and the constraint that was violated.
+     * @param options - Structured diagnostic details attached to the error.
+     * @param options.value - The actual value that was supplied and failed the assertion.
+     * @param options.expectedType - The name of the branded type that was expected
+     *   (e.g., `"U8"`, `"U256LeBytes"`).
+     * @param options.constraint - Optional human-readable constraint description
+     *   (e.g., `"0 <= value <= 255"`). Omit when the failure is a type mismatch rather
+     *   than a range violation.
+     */
+    constructor(message: string, options: {
+        value: unknown;
+        expectedType: string;
+        constraint?: string;
+    });
+}
+/**
+ * Error thrown when a value fails a cryptographic type assertion.
+ *
+ * This error provides detailed information about why an assertion failed,
+ * including the actual value, the expected type, and the constraint that
+ * was violated.
+ *
+ * @remarks
+ * Thrown by assertion functions in the cryptography module, such as
+ * `assertBn254FieldElement`, `assertAesKey`, `assertX25519PrivateKey`, and similar.
+ * Each function validates that a value conforms to a branded cryptographic type,
+ * throwing this error with a precise `expectedType` and `constraint` when it does not.
+ *
+ * Common reasons for failure:
+ * - A `bigint` field element exceeds the BN254 or Curve25519 field prime
+ * - A byte array has the wrong length (e.g., a 31-byte array passed as an AES-256 key)
+ * - A wrong JavaScript type was supplied (e.g., a `number` instead of a `bigint`)
+ *
+ * @example
+ * ```typescript
+ * import { assertBn254FieldElement, CryptographyAssertionError } from "./cryptography";
+ *
+ * try {
+ *     assertBn254FieldElement(invalidValue); // Will throw
+ * } catch (error) {
+ *     if (error instanceof CryptographyAssertionError) {
+ *         console.error(`Assertion failed for ${error.expectedType}`);
+ *         console.error(`Value: ${error.value}`);
+ *         console.error(`Constraint: ${error.constraint}`);
+ *     }
+ * }
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Distinguish cryptographic assertion failures from mathematical ones
+ * try {
+ *     const key = assertAesKey(rawBytes);
+ * } catch (error) {
+ *     if (error instanceof CryptographyAssertionError) {
+ *         console.warn("Crypto assertion failed:", error.expectedType, error.constraint);
+ *     } else if (error instanceof MathematicsAssertionError) {
+ *         console.warn("Math assertion failed:", error.expectedType, error.constraint);
+ *     }
+ * }
+ * ```
+ *
+ * @see {@link MathematicsAssertionError}
+ * @see {@link SolanaAssertionError}
+ * @see {@link TemporalAssertionError}
+ * @sealed
+ * @public
+ */
+declare class CryptographyAssertionError extends Error {
+    /**
+     * The actual value that failed the assertion.
+     *
+     * @remarks
+     * The runtime type reflects what was actually passed to the assertion function:
+     * - `bigint` for field element assertions (`assertBn254FieldElement`, etc.)
+     * - `Uint8Array` for byte-array assertions (`assertAesKey`, `assertX25519PrivateKey`, etc.)
+     * - Any other type when an entirely wrong value type was supplied
+     *
+     * @readonly
+     */
+    readonly value: unknown;
+    /**
+     * The type that was expected (e.g., `"Bn254FieldElement"`, `"PoseidonKey"`, `"AesKey"`).
+     *
+     * @remarks
+     * Contains the branded type name exactly as it appears in the SDK type system.
+     * Use this property for structured logging without parsing the `message` string.
+     *
+     * @readonly
+     */
+    readonly expectedType: string;
+    /**
+     * Description of the constraint that was violated.
+     *
+     * @remarks
+     * Is `undefined` for pure type-mismatch failures (e.g., `string` instead of `bigint`).
+     * Contains a human-readable constraint description for range and length violations
+     * (e.g., `"value < BN254_FIELD_PRIME"`, `"length === 32"`).
+     *
+     * @readonly
+     */
+    readonly constraint: string | undefined;
+    /**
+     * Creates a new CryptographyAssertionError.
+     *
+     * @param message - Human-readable description of the assertion failure. Should name
+     *   the assertion function, the expected type, and the constraint that was violated.
+     * @param options - Structured diagnostic details attached to the error.
+     * @param options.value - The actual value that was supplied and failed the assertion.
+     * @param options.expectedType - The name of the branded cryptographic type that was
+     *   expected (e.g., `"Bn254FieldElement"`, `"AesKey"`).
+     * @param options.constraint - Optional human-readable constraint description.
+     *   Omit when the failure is a type mismatch rather than a range or length violation.
+     */
+    constructor(message: string, options: {
+        value: unknown;
+        expectedType: string;
+        constraint?: string;
+    });
+}
+/**
+ * Error thrown when a Solana type assertion fails.
+ *
+ * This error provides detailed information about why the assertion failed,
+ * including the actual value, expected type, and constraint that was violated.
+ *
+ * @remarks
+ * Thrown by assertion functions for Solana-specific branded types, such as
+ * `assertTransactionSignature`, `assertSignatureBytes`, and similar validators.
+ * These assertions verify that string or byte-array values conform to Solana's
+ * encoding and length conventions (e.g., Base58-encoded 64-byte Ed25519 signatures).
+ *
+ * Common reasons for failure:
+ * - A string that fails Base58 decoding or has the wrong decoded length
+ * - A `Uint8Array` with the wrong byte length for a signature or public key
+ * - A wrong JavaScript type (e.g., `number` instead of `string`)
+ *
+ * @example
+ * ```typescript
+ * import { assertTransactionSignature, SolanaAssertionError } from "./solana";
+ *
+ * try {
+ *     assertTransactionSignature("invalid!signature"); // Will throw
+ * } catch (error) {
+ *     if (error instanceof SolanaAssertionError) {
+ *         console.error(`Assertion failed for ${error.expectedType}`);
+ *         console.error(`Value: ${error.value}`);
+ *         console.error(`Constraint: ${error.constraint}`);
+ *     }
+ * }
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Safe parse pattern — returns null on failure
+ * function tryParseSignature(raw: unknown): TransactionSignature | null {
+ *     try {
+ *         return assertTransactionSignature(raw);
+ *     } catch (error) {
+ *         if (error instanceof SolanaAssertionError) return null;
+ *         throw error;
+ *     }
+ * }
+ * ```
+ *
+ * @see {@link MathematicsAssertionError}
+ * @see {@link CryptographyAssertionError}
+ * @see {@link TemporalAssertionError}
+ * @sealed
+ * @public
+ */
+declare class SolanaAssertionError extends Error {
+    /**
+     * The actual value that failed the assertion.
+     *
+     * @remarks
+     * The runtime type reflects what was actually passed to the assertion function:
+     * - `string` for Base58-encoded assertions (`assertTransactionSignature`, etc.)
+     * - `Uint8Array` for byte-array assertions (`assertSignatureBytes`, etc.)
+     * - Any other type when a completely wrong value type was supplied
+     *
+     * @readonly
+     */
+    readonly value: unknown;
+    /**
+     * The type that was expected (e.g., `"TransactionSignature"`, `"SignatureBytes"`).
+     *
+     * @remarks
+     * Contains the branded type name exactly as it appears in the SDK type system.
+     * Use this for structured logging without parsing the `message` string.
+     *
+     * @readonly
+     */
+    readonly expectedType: string;
+    /**
+     * Description of the constraint that was violated.
+     *
+     * @remarks
+     * Is `undefined` for pure type-mismatch failures. Contains a human-readable rule
+     * for encoding or length violations (e.g., `"valid Base58"`, `"length === 64"`).
+     *
+     * @readonly
+     */
+    readonly constraint: string | undefined;
+    /**
+     * Creates a new SolanaAssertionError.
+     *
+     * @param message - Human-readable description of the assertion failure. Should name
+     *   the assertion function, the expected type, and the constraint that was violated.
+     * @param options - Structured diagnostic details attached to the error.
+     * @param options.value - The actual value that was supplied and failed the assertion.
+     * @param options.expectedType - The name of the branded Solana type that was expected
+     *   (e.g., `"TransactionSignature"`, `"SignatureBytes"`).
+     * @param options.constraint - Optional human-readable constraint description.
+     *   Omit when the failure is a type mismatch rather than an encoding or length violation.
+     */
+    constructor(message: string, options: {
+        value: unknown;
+        expectedType: string;
+        constraint?: string;
+    });
+}
+/**
+ * Error thrown when a temporal type assertion fails.
+ *
+ * This error provides detailed information about why an assertion failed,
+ * including the actual value, the expected type, and the constraint that
+ * was violated.
+ *
+ * @remarks
+ * Thrown by assertion functions for branded temporal types: `assertYear`, `assertMonth`,
+ * `assertDay`, `assertHour`, `assertMinute`, and `assertSecond`. These functions validate
+ * that a `bigint` value falls within the calendar range appropriate for each component
+ * (e.g., months must be in `[1, 12]`, hours in `[0, 23]`).
+ *
+ * Temporal assertions are used to validate the output of UTC timestamp extraction before
+ * the components are used in time-scoped viewing key derivation. In normal operation they
+ * should never throw (JavaScript's `Date` always produces in-range values), but callers
+ * that construct components manually can encounter these errors.
+ *
+ * @example
+ * ```typescript
+ * import { assertMonth, TemporalAssertionError } from "./temporal";
+ *
+ * try {
+ *     assertMonth(13n); // Will throw — month must be 1–12
+ * } catch (error) {
+ *     if (error instanceof TemporalAssertionError) {
+ *         console.error(`Assertion failed for ${error.expectedType}`);
+ *         console.error(`Value: ${error.value}`);
+ *         console.error(`Constraint: ${error.constraint}`);
+ *         // Output:
+ *         // Assertion failed for Month
+ *         // Value: 13
+ *         // Constraint: 1 <= value <= 12
+ *     }
+ * }
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Safe parse of a user-supplied year value
+ * function tryParseYear(raw: bigint): Year | null {
+ *     try {
+ *         return assertYear(raw);
+ *     } catch (error) {
+ *         if (error instanceof TemporalAssertionError) return null;
+ *         throw error;
+ *     }
+ * }
+ * ```
+ *
+ * @see {@link MathematicsAssertionError}
+ * @see {@link CryptographyAssertionError}
+ * @see {@link SolanaAssertionError}
+ * @sealed
+ * @public
+ */
+declare class TemporalAssertionError extends Error {
+    /**
+     * The actual value that failed the assertion.
+     *
+     * @remarks
+     * Will be a `bigint` for all temporal assertions since the temporal types are
+     * BigInt-backed branded types (e.g., `Year`, `Month`, `Day`). May also be any
+     * other type when a non-bigint value was supplied unexpectedly.
+     *
+     * @readonly
+     */
+    readonly value: unknown;
+    /**
+     * The type that was expected (e.g., `"Year"`, `"Month"`, `"Hour"`).
+     *
+     * @remarks
+     * Contains the branded temporal type name exactly as it appears in the SDK type system.
+     * Use this for structured logging without parsing the `message` string.
+     *
+     * @readonly
+     */
+    readonly expectedType: string;
+    /**
+     * Description of the constraint that was violated.
+     *
+     * @remarks
+     * Contains a human-readable range rule for out-of-range values
+     * (e.g., `"1 <= value <= 12"` for a month violation). Is `undefined` only for
+     * pure type-mismatch failures (e.g., a `string` passed where a `bigint` was expected),
+     * which should not occur in normal usage.
+     *
+     * @readonly
+     */
+    readonly constraint: string | undefined;
+    /**
+     * Creates a new TemporalAssertionError.
+     *
+     * @param message - Human-readable description of the assertion failure. Should name
+     *   the assertion function, the expected type, and the violated range constraint.
+     * @param details - Structured diagnostic details attached to the error.
+     * @param details.value - The actual `bigint` value (or other type) that was supplied
+     *   and failed the temporal assertion.
+     * @param details.expectedType - The name of the branded temporal type that was expected
+     *   (e.g., `"Year"`, `"Month"`, `"Hour"`).
+     * @param details.constraint - Optional human-readable range description
+     *   (e.g., `"1 <= value <= 12"`). Omit when the failure is a type mismatch.
+     */
+    constructor(message: string, details: {
+        value: unknown;
+        expectedType: string;
+        constraint?: string;
+    });
+}
+
+/**
+ * Cryptography Error Classes
+ *
+ * This module provides error classes for cryptographic operation failures
+ * in the Umbra SDK.
+ *
+ * @module crypto/errors
+ */
+
+/**
+ * Error thrown when a cryptographic operation fails.
+ *
+ * This includes key derivation failures, encryption/decryption errors,
+ * hash computation failures, and ZK proof generation errors.
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   const commitment = await generateUserCommitment(mvk, index, seed);
+ * } catch (error) {
+ *   if (error instanceof CryptographyError) {
+ *     console.log('Crypto operation failed:', error.operation);
+ *   }
+ * }
+ * ```
+ */
+declare class CryptographyError extends UmbraError {
+    /**
+     * The cryptographic operation that failed.
+     */
+    readonly operation?: string;
+    constructor(message: string, options?: {
+        code?: string;
+        operation?: string;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Type guard to check if an error is a CryptographyError.
+ */
+declare function isCryptographyError(error: unknown): error is CryptographyError;
+
+/**
+ * Solana-Specific Error Classes.
+ *
+ * This module defines the structured error hierarchy for Solana-related failures
+ * in the Umbra SDK. All classes extend `UmbraError` from `../common/errors` and
+ * carry structured context that makes programmatic error handling and logging
+ * straightforward.
+ *
+ * @remarks
+ * The error hierarchy is:
+ * ```
+ * UmbraError (base)
+ * ├── InstructionError        — instruction build/validation failures
+ * ├── RpcError                — JSON-RPC request failures
+ * └── TransactionError        — transaction lifecycle failures
+ *     ├── TransactionSigningError        — signing-phase failures
+ *     │   └── MasterSeedSigningRejectedError  — master seed derivation rejection
+ * ```
+ *
+ * **Type guards** — Each concrete error class has a matching `is*` type guard
+ * function ({@link isInstructionError}, {@link isRpcError},
+ * {@link isTransactionError}, {@link isTransactionSigningError}). Prefer these
+ * over `instanceof` checks in code that may cross module or bundle boundaries,
+ * where `instanceof` can fail due to different class references.
+ *
+ * **Recovery strategies by error type:**
+ *
+ * - `InstructionError` — inspect `instructionName` and `context` to determine
+ *   which account is missing or which parameter is invalid; fix the call site.
+ *
+ * - `RpcError` — check `statusCode` (HTTP) and `rpcErrorCode` (JSON-RPC) to
+ *   distinguish rate limiting (429), node overload (503), or invalid request
+ *   (400). Transient errors are typically retryable.
+ *
+ * - `TransactionError` — check `simulationLogs` for program error messages that
+ *   identify the on-chain failure. If `signature` is set, the transaction landed
+ *   on-chain but was reverted.
+ *
+ * - `TransactionSigningError` — check `wasRejected` to distinguish a deliberate
+ *   user rejection from a hardware wallet communication failure.
+ *
+ * - `MasterSeedSigningRejectedError` — the user declined the master seed
+ *   derivation message; prompt the user and retry with `getUmbraClientFromSigner`.
+ *
+ * @packageDocumentation
+ */
+
+/**
+ * Error thrown when building or validating a Solana instruction fails.
+ *
+ * This error is raised during the instruction-construction phase — before any
+ * RPC or network interaction occurs. Common causes include missing required
+ * accounts, invalid parameter values, PDA derivation failures, and instruction
+ * serialization errors.
+ *
+ * @remarks
+ * The `instructionName` field identifies which instruction failed, which is
+ * particularly useful when a single SDK operation constructs multiple
+ * instructions. The `context` field (inherited from `UmbraError`) carries
+ * arbitrary key-value pairs for additional diagnostic information, such as
+ * the list of missing accounts or the conflicting parameter values.
+ *
+ * **Default error code** — `"INSTRUCTION_ERROR"`. Sub-classes or callers may
+ * override this via the `code` option.
+ *
+ * @example
+ * Catching and inspecting an instruction build failure:
+ * ```typescript
+ * import { isInstructionError } from "@umbra-privacy/sdk";
+ *
+ * try {
+ *   const instruction = buildRegisterInstruction(params);
+ * } catch (error) {
+ *   if (isInstructionError(error)) {
+ *     console.error(`Instruction "${error.instructionName}" failed: ${error.message}`);
+ *     console.error("Context:", error.context);
+ *   }
+ * }
+ * ```
+ *
+ * @example
+ * Throwing an `InstructionError` from a builder:
+ * ```typescript
+ * import { InstructionError } from "@umbra-privacy/sdk";
+ *
+ * throw new InstructionError("Required account 'poolConfig' not found", {
+ *   instructionName: "encryptedDeposit",
+ *   context: { missingAccounts: ["poolConfig"], providedMint: mint.toString() },
+ * });
+ * ```
+ *
+ * @see {@link isInstructionError} for the corresponding type guard
+ * @public
+ */
+declare class InstructionError extends UmbraError {
+    /**
+     * The name of the instruction that failed during construction or validation.
+     *
+     * @remarks
+     * Matches the Anchor instruction name (camelCase), e.g. `"encryptedDeposit"`,
+     * `"initUserAccount"`. May be `undefined` if the failing instruction could
+     * not be identified at the throw site.
+     */
+    readonly instructionName?: string;
+    /**
+     * Creates a new `InstructionError`.
+     *
+     * @param message - Human-readable description of the instruction failure.
+     * @param options - Optional structured metadata.
+     * @param options.code - Error code string. Defaults to `"INSTRUCTION_ERROR"`.
+     * @param options.instructionName - The name of the failing instruction.
+     * @param options.context - Arbitrary key-value pairs for diagnostic context.
+     * @param options.cause - The underlying error that caused this failure, if any.
+     */
+    constructor(message: string, options?: {
+        code?: string;
+        instructionName?: string;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Error thrown when a Solana JSON-RPC request fails.
+ *
+ * This error covers all network-level and protocol-level failures that occur
+ * while communicating with a Solana RPC node: unreachable endpoints, HTTP
+ * errors, rate limiting, malformed responses, and JSON-RPC error objects
+ * returned by the node.
+ *
+ * @remarks
+ * **HTTP errors** — Use `statusCode` to check for common HTTP failure modes:
+ * - `429` — rate limited; back off and retry with exponential delay
+ * - `503` — node overloaded or temporarily unavailable; retry after a pause
+ * - `400` — malformed request; usually a client bug, not retryable
+ *
+ * **JSON-RPC errors** — Use `rpcErrorCode` to distinguish Solana-specific
+ * error codes returned in the `error.code` field of an RPC response body.
+ * Common codes: `-32002` (transaction not found), `-32005` (node behind),
+ * `-32007` (slot skipped).
+ *
+ * **Retryability** — `statusCode >= 500` or `statusCode === 429` generally
+ * indicates a transient error. Client-side errors (`statusCode === 400`) are
+ * not retryable without fixing the request.
+ *
+ * **Default error code** — `"RPC_ERROR"`.
+ *
+ * @example
+ * Distinguishing rate-limit errors from other RPC failures:
+ * ```typescript
+ * import { isRpcError } from "@umbra-privacy/sdk";
+ *
+ * try {
+ *   const account = await rpc.getAccountInfo(address);
+ * } catch (error) {
+ *   if (isRpcError(error)) {
+ *     if (error.statusCode === 429) {
+ *       console.warn("Rate limited — retry after delay");
+ *     } else {
+ *       console.error(`RPC failure at ${error.endpoint}: ${error.message}`);
+ *     }
+ *   }
+ * }
+ * ```
+ *
+ * @example
+ * Constructing an `RpcError`:
+ * ```typescript
+ * import { RpcError } from "@umbra-privacy/sdk";
+ *
+ * throw new RpcError("Failed to fetch account", {
+ *   endpoint: "https://api.mainnet-beta.solana.com",
+ *   statusCode: 503,
+ *   cause: originalError,
+ * });
+ * ```
+ *
+ * @see {@link isRpcError} for the corresponding type guard
+ * @public
+ */
+declare class RpcError extends UmbraError {
+    /**
+     * The RPC endpoint URL that was called when the error occurred.
+     *
+     * @remarks
+     * May be `undefined` if the endpoint was not known at the throw site (e.g.,
+     * when the error originates deep within `@solana/kit` internals).
+     */
+    readonly endpoint?: string;
+    /**
+     * The HTTP status code returned by the RPC node, if applicable.
+     *
+     * @remarks
+     * `undefined` for network-level failures (e.g., DNS resolution failure,
+     * connection refused) where no HTTP response was received.
+     */
+    readonly statusCode?: number;
+    /**
+     * The JSON-RPC error code from the response body, if any.
+     *
+     * @remarks
+     * Set when the RPC node returns a well-formed JSON-RPC error object with a
+     * numeric `code` field. `undefined` for HTTP-level failures or when the node
+     * returns a malformed response body.
+     */
+    readonly rpcErrorCode?: number;
+    /**
+     * Creates a new `RpcError`.
+     *
+     * @param message - Human-readable description of the RPC failure.
+     * @param options - Optional structured metadata.
+     * @param options.code - Error code string. Defaults to `"RPC_ERROR"`.
+     * @param options.endpoint - The RPC endpoint URL that was called.
+     * @param options.statusCode - HTTP status code from the response, if any.
+     * @param options.rpcErrorCode - JSON-RPC error code from the response, if any.
+     * @param options.context - Arbitrary key-value pairs for diagnostic context.
+     * @param options.cause - The underlying error that caused this failure, if any.
+     */
+    constructor(message: string, options?: {
+        code?: string;
+        endpoint?: string;
+        statusCode?: number;
+        rpcErrorCode?: number;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Error thrown when a transaction operation fails.
+ *
+ * This error covers failures across the full transaction lifecycle: building the
+ * transaction message, running preflight simulation, submitting to the network,
+ * and waiting for confirmation. It is the base class for more specific
+ * transaction-related errors.
+ *
+ * @remarks
+ * **Simulation logs** — When available, `simulationLogs` contain the program
+ * log output from a failed preflight simulation. These logs often include the
+ * Anchor error code and a human-readable message describing why the on-chain
+ * program rejected the transaction.
+ *
+ * **Signature** — When `signature` is present, the transaction was accepted by
+ * the network and executed but the execution itself failed (on-chain error).
+ * When `signature` is absent, the transaction was rejected before reaching the
+ * network (e.g., preflight failure, malformed transaction).
+ *
+ * **Default error code** — `"TRANSACTION_ERROR"`.
+ *
+ * @example
+ * Inspecting simulation logs on failure:
+ * ```typescript
+ * import { isTransactionError } from "@umbra-privacy/sdk";
+ *
+ * try {
+ *   const signatures = await forwarder.forwardSequentially([signedTx]);
+ * } catch (error) {
+ *   if (isTransactionError(error)) {
+ *     console.error("Transaction failed:", error.message);
+ *     if (error.simulationLogs) {
+ *       console.error("Simulation logs:");
+ *       for (const log of error.simulationLogs) {
+ *         console.error(" ", log);
+ *       }
+ *     }
+ *     if (error.signature) {
+ *       console.error("Failed signature:", error.signature);
+ *     }
+ *   }
+ * }
+ * ```
+ *
+ * @example
+ * Constructing a `TransactionError`:
+ * ```typescript
+ * import { TransactionError } from "@umbra-privacy/sdk";
+ *
+ * throw new TransactionError("Transaction simulation failed", {
+ *   simulationLogs: ["Program log: AnchorError: Error Code: 6001"],
+ *   cause: originalError,
+ * });
+ * ```
+ *
+ * @see {@link isTransactionError} for the corresponding type guard
+ * @see {@link TransactionSigningError} for signing-phase failures
+ * @public
+ */
+declare class TransactionError extends UmbraError {
+    /**
+     * The transaction signature, if available.
+     *
+     * @remarks
+     * Base58-encoded signature string. Present when the transaction was submitted
+     * to the network but failed during execution. Use this to look up the failed
+     * transaction in a block explorer.
+     */
+    readonly signature?: string;
+    /**
+     * Simulation log output from the transaction preflight, if available.
+     *
+     * @remarks
+     * Each entry in the array is one line of program log output (e.g.,
+     * `"Program log: ..."` or `"Program <address> failed: ..."`). Anchor programs
+     * emit error codes and names here when constraints are violated.
+     */
+    readonly simulationLogs?: string[];
+    /**
+     * Creates a new `TransactionError`.
+     *
+     * @param message - Human-readable description of the transaction failure.
+     * @param options - Optional structured metadata.
+     * @param options.code - Error code string. Defaults to `"TRANSACTION_ERROR"`.
+     * @param options.signature - Base58-encoded transaction signature, if available.
+     * @param options.simulationLogs - Program log output from preflight simulation.
+     * @param options.context - Arbitrary key-value pairs for diagnostic context.
+     * @param options.cause - The underlying error that caused this failure, if any.
+     */
+    constructor(message: string, options?: {
+        code?: string;
+        signature?: string;
+        simulationLogs?: string[];
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Error thrown when transaction signing fails.
+ *
+ * This is a specific sub-class of {@link TransactionError} that occurs during
+ * the signing phase — after the transaction is built but before it is submitted
+ * to the network. Common causes include explicit user rejection in a wallet UI,
+ * hardware wallet disconnection or timeout, and missing key material.
+ *
+ * @remarks
+ * **User rejection** — When `wasRejected` is `true`, the user deliberately
+ * declined to sign in the wallet prompt. This is not an error condition in the
+ * traditional sense — the user made an intentional choice. UIs should catch this
+ * and show a user-friendly cancellation message rather than an error dialog.
+ *
+ * **Hardware wallet issues** — When `wasRejected` is `false`, the failure was
+ * not deliberate. It may indicate a disconnected Ledger, a timeout waiting for
+ * the user to confirm on-device, or an incompatible app version on the device.
+ *
+ * **Signer address** — `signerAddress` identifies which signer's key was needed
+ * at the time of failure. In multi-signer flows this helps identify which party
+ * must re-sign.
+ *
+ * **Default error code** — `"TRANSACTION_SIGNING_ERROR"`.
+ *
+ * @example
+ * Handling user rejection gracefully:
+ * ```typescript
+ * import { isTransactionSigningError } from "@umbra-privacy/sdk";
+ *
+ * try {
+ *   const signedTx = await walletSigner.signTransaction(tx);
+ * } catch (error) {
+ *   if (isTransactionSigningError(error)) {
+ *     if (error.wasRejected) {
+ *       showToast("Transaction cancelled by user");
+ *     } else {
+ *       showToast(`Signing failed: ${error.message}`);
+ *     }
+ *   }
+ * }
+ * ```
+ *
+ * @example
+ * Constructing a `TransactionSigningError`:
+ * ```typescript
+ * import { TransactionSigningError } from "@umbra-privacy/sdk";
+ *
+ * throw new TransactionSigningError("User rejected the transaction", {
+ *   wasRejected: true,
+ *   signerAddress: wallet.publicKey.toString(),
+ * });
+ * ```
+ *
+ * @see {@link isTransactionSigningError} for the corresponding type guard
+ * @see {@link MasterSeedSigningRejectedError} for the master seed rejection sub-class
+ * @public
+ */
+declare class TransactionSigningError extends TransactionError {
+    /**
+     * Whether the signing was explicitly rejected by the user.
+     *
+     * @remarks
+     * `true` when the wallet UI presented a sign request and the user actively
+     * clicked "Reject" or equivalent. `false` when the failure was due to a
+     * technical issue (disconnected device, timeout, missing key).
+     *
+     * @defaultValue `false`
+     */
+    readonly wasRejected: boolean;
+    /**
+     * The address of the signer that failed to produce a signature.
+     *
+     * @remarks
+     * Base58-encoded public key string. May be `undefined` if the failing signer
+     * could not be identified at the throw site.
+     */
+    readonly signerAddress?: string;
+    /**
+     * Creates a new `TransactionSigningError`.
+     *
+     * @param message - Human-readable description of the signing failure.
+     * @param options - Optional structured metadata.
+     * @param options.code - Error code string. Defaults to `"TRANSACTION_SIGNING_ERROR"`.
+     * @param options.wasRejected - Whether the user deliberately rejected. Defaults to `false`.
+     * @param options.signerAddress - Base58 address of the signer that failed.
+     * @param options.signature - Transaction signature, if the transaction was partially signed.
+     * @param options.context - Arbitrary key-value pairs for diagnostic context.
+     * @param options.cause - The underlying error that caused this failure, if any.
+     */
+    constructor(message: string, options?: {
+        code?: string;
+        wasRejected?: boolean;
+        signerAddress?: string;
+        signature?: string;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Error thrown when master seed signing is rejected by the user.
+ *
+ * The Umbra privacy protocol derives a deterministic master seed by asking the
+ * user's wallet to sign a fixed message. This seed is the root of the key
+ * hierarchy used for encrypting and decrypting confidential balances. If the
+ * user declines to sign this message, no Umbra operations that require private
+ * key material can proceed.
+ *
+ * @remarks
+ * This error always has `wasRejected: true` because it is only thrown when the
+ * user deliberately declines — hardware wallet failures or timeouts during the
+ * seed derivation flow produce a generic {@link TransactionSigningError} instead.
+ *
+ * **Recovery** — Prompt the user to explain that the Umbra seed derivation
+ * signature is used only to derive encryption keys locally and is never
+ * broadcast to the network. Then call `getUmbraClientFromSigner` again.
+ *
+ * **Default error code** — `"MASTER_SEED_SIGNING_REJECTED"`.
+ *
+ * @example
+ * Distinguishing master seed rejection from other signing errors:
+ * ```typescript
+ * import {
+ *   MasterSeedSigningRejectedError,
+ *   isTransactionSigningError,
+ * } from "@umbra-privacy/sdk";
+ *
+ * try {
+ *   const client = await getUmbraClientFromSigner({ signer });
+ * } catch (error) {
+ *   if (error instanceof MasterSeedSigningRejectedError) {
+ *     showModal(
+ *       "Umbra needs a signature to derive your private keys locally. " +
+ *       "This signature is never sent to the network.",
+ *     );
+ *   } else if (isTransactionSigningError(error)) {
+ *     showToast(`Signing error: ${error.message}`);
+ *   }
+ * }
+ * ```
+ *
+ * @see {@link TransactionSigningError} for the parent class
+ * @public
+ */
+declare class MasterSeedSigningRejectedError extends TransactionSigningError {
+    /**
+     * Creates a new `MasterSeedSigningRejectedError`.
+     *
+     * @param message - Human-readable description. Defaults to a standard rejection
+     *   message explaining that the user declined the required derivation signature.
+     * @param options - Optional structured metadata.
+     * @param options.signerAddress - Base58 address of the wallet that rejected.
+     * @param options.context - Arbitrary key-value pairs for diagnostic context.
+     * @param options.cause - The underlying error that caused this failure, if any.
+     */
+    constructor(message?: string, options?: {
+        signerAddress?: string;
+        context?: Record<string, unknown>;
+        cause?: unknown;
+    });
+}
+/**
+ * Type guard to check whether an unknown value is an {@link InstructionError}.
+ *
+ * @remarks
+ * Prefer this function over `instanceof InstructionError` in code that may
+ * cross module or bundle boundaries where the class reference might differ.
+ *
+ * @param error - The value to test.
+ * @returns `true` if `error` is an instance of `InstructionError`, narrowing
+ *   the type accordingly.
+ *
+ * @example
+ * ```typescript
+ * if (isInstructionError(error)) {
+ *   console.error("Instruction:", error.instructionName);
+ * }
+ * ```
+ *
+ * @see {@link InstructionError}
+ * @public
+ */
+declare function isInstructionError(error: unknown): error is InstructionError;
+/**
+ * Type guard to check whether an unknown value is an {@link RpcError}.
+ *
+ * @remarks
+ * Prefer this function over `instanceof RpcError` in code that may cross
+ * module or bundle boundaries where the class reference might differ.
+ *
+ * @param error - The value to test.
+ * @returns `true` if `error` is an instance of `RpcError`, narrowing the type
+ *   accordingly.
+ *
+ * @example
+ * ```typescript
+ * if (isRpcError(error) && error.statusCode === 429) {
+ *   await sleep(backoffMs);
+ *   return retry();
+ * }
+ * ```
+ *
+ * @see {@link RpcError}
+ * @public
+ */
+declare function isRpcError(error: unknown): error is RpcError;
+/**
+ * Type guard to check whether an unknown value is a {@link TransactionError}.
+ *
+ * @remarks
+ * Because {@link TransactionSigningError} and {@link MasterSeedSigningRejectedError}
+ * extend `TransactionError`, this guard returns `true` for those sub-classes as
+ * well. Use the more specific guards ({@link isTransactionSigningError}) when the
+ * sub-type matters.
+ *
+ * @param error - The value to test.
+ * @returns `true` if `error` is an instance of `TransactionError` or any of its
+ *   sub-classes, narrowing the type accordingly.
+ *
+ * @example
+ * ```typescript
+ * if (isTransactionError(error) && error.simulationLogs) {
+ *   console.error("Simulation logs:", error.simulationLogs.join("\n"));
+ * }
+ * ```
+ *
+ * @see {@link TransactionError}
+ * @see {@link isTransactionSigningError}
+ * @public
+ */
+declare function isTransactionError(error: unknown): error is TransactionError;
+/**
+ * Type guard to check whether an unknown value is a {@link TransactionSigningError}.
+ *
+ * @remarks
+ * Because {@link MasterSeedSigningRejectedError} extends `TransactionSigningError`,
+ * this guard returns `true` for that sub-class as well.
+ *
+ * @param error - The value to test.
+ * @returns `true` if `error` is an instance of `TransactionSigningError` or any
+ *   of its sub-classes, narrowing the type accordingly.
+ *
+ * @example
+ * ```typescript
+ * if (isTransactionSigningError(error) && error.wasRejected) {
+ *   showCancellationMessage();
+ * }
+ * ```
+ *
+ * @see {@link TransactionSigningError}
+ * @see {@link MasterSeedSigningRejectedError}
+ * @public
+ */
+declare function isTransactionSigningError(error: unknown): error is TransactionSigningError;
+
+/**
+ * Umbra Error Classes
+ *
+ * This module provides error classes for all Umbra SDK operation failures,
+ * each carrying a `stage` field that identifies exactly where in the pipeline
+ * the failure occurred.
+ *
+ * @module umbra/errors
+ */
+
+/**
+ * Stage of the encrypted deposit operation where an error occurred.
+ *
+ * Each stage represents a distinct phase in the deposit flow:
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `validation` | Input parameter validation failed |
+ * | `mint-fetch` | Failed to fetch mint account data |
+ * | `fee-calculation` | Failed to calculate transfer fee |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `account-fetch` | Failed to fetch account data from RPC |
+ * | `instruction-build` | Failed to build the deposit instruction |
+ * | `transaction-build` | Failed to build transaction message |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Failed to sign the transaction |
+ * | `transaction-validate` | Transaction validation failed |
+ * | `transaction-send` | Failed to send or confirm the transaction |
+ */
+type EncryptedDepositStage = "initialization" | "validation" | "mint-fetch" | "fee-calculation" | "pda-derivation" | "account-fetch" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send";
+/** Error thrown when an encrypted deposit operation fails. */
+declare class EncryptedDepositError extends UmbraError {
+    readonly stage: EncryptedDepositStage;
+    constructor(stage: EncryptedDepositStage, message: string, cause?: Error);
+}
+/** Type guard to check if an error is an EncryptedDepositError. */
+declare function isEncryptedDepositError(error: unknown): error is EncryptedDepositError;
+/**
+ * Stage of the encrypted withdrawal operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `validation` | Input parameter validation failed |
+ * | `mint-fetch` | Failed to fetch mint account data |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `instruction-build` | Failed to build the withdrawal instruction |
+ * | `transaction-build` | Failed to build transaction message |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Failed to sign the transaction |
+ * | `transaction-send` | Failed to send or confirm the transaction |
+ */
+type EncryptedWithdrawalStage = "initialization" | "validation" | "mint-fetch" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-send";
+/** Error thrown when an encrypted withdrawal operation fails. */
+declare class EncryptedWithdrawalError extends UmbraError {
+    readonly stage: EncryptedWithdrawalStage;
+    constructor(stage: EncryptedWithdrawalStage, message: string, cause?: Error);
+}
+/** Type guard to check if an error is an EncryptedWithdrawalError. */
+declare function isEncryptedWithdrawalError(error: unknown): error is EncryptedWithdrawalError;
+/**
+ * Stage of the user registration operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `master-seed-derivation` | Master seed signing was rejected or failed |
+ * | `account-fetch` | RPC call to read existing registration state failed |
+ * | `key-derivation` | Cryptographic key derivation from master seed failed |
+ * | `zk-proof-generation` | Groth16 proof generation failed (anonymous step) |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `instruction-build` | Failed to build an instruction |
+ * | `transaction-build` | Blockhash fetch or transaction assembly failed |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Wallet rejected signing |
+ * | `transaction-validate` | Pre-flight simulation failed |
+ * | `transaction-send` | Transaction sent but confirmation timed out |
+ */
+type RegistrationStage = "initialization" | "master-seed-derivation" | "account-fetch" | "key-derivation" | "zk-proof-generation" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send";
+/** Error thrown when a user registration operation fails. */
+declare class RegistrationError extends UmbraError {
+    readonly stage: RegistrationStage;
+    constructor(stage: RegistrationStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a RegistrationError. */
+declare function isRegistrationError(error: unknown): error is RegistrationError;
+/**
+ * Stage of the MXE-to-Shared conversion operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `account-fetch` | Batch RPC fetch of token account PDAs failed |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `instruction-build` | Failed to build a conversion instruction |
+ * | `transaction-build` | Blockhash fetch or transaction assembly failed |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Wallet rejected signing for a per-mint transaction |
+ * | `transaction-validate` | Pre-flight simulation failed |
+ * | `transaction-send` | Transaction sent but confirmation timed out |
+ */
+type ConversionStage = "initialization" | "account-fetch" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send";
+/** Error thrown when an MXE-to-Shared conversion operation fails. */
+declare class ConversionError extends UmbraError {
+    readonly stage: ConversionStage;
+    constructor(stage: ConversionStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a ConversionError. */
+declare function isConversionError(error: unknown): error is ConversionError;
+/**
+ * Stage of a UTXO creation operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `validation` | Input parameter validation failed |
+ * | `account-fetch` | Failed to fetch recipient or token account data |
+ * | `mint-fetch` | Failed to fetch mint account data |
+ * | `fee-calculation` | Token-2022 transfer fee calculation failed |
+ * | `key-derivation` | Key derivation from master seed failed |
+ * | `zk-proof-generation` | Groth16 proof generation failed |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `instruction-build` | Failed to build an instruction |
+ * | `transaction-build` | Blockhash fetch or transaction assembly failed |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Wallet rejected signing |
+ * | `transaction-validate` | Pre-flight simulation failed |
+ * | `transaction-send` | Transaction sent but confirmation timed out |
+ */
+type CreateUtxoStage = "initialization" | "validation" | "account-fetch" | "mint-fetch" | "fee-calculation" | "key-derivation" | "zk-proof-generation" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send";
+/** Error thrown when a UTXO creation operation fails. */
+declare class CreateUtxoError extends UmbraError {
+    readonly stage: CreateUtxoStage;
+    constructor(stage: CreateUtxoStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a CreateUtxoError. */
+declare function isCreateUtxoError(error: unknown): error is CreateUtxoError;
+/**
+ * Stage of a UTXO fetch operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory construction failed — missing indexerApiEndpoint |
+ * | `validation` | Invalid tree index or insertion index parameters |
+ * | `key-derivation` | X25519 private key derivation from master seed failed |
+ * | `indexer-fetch` | Indexer HTTP call failed |
+ * | `proof-fetch` | Merkle proof HTTP call failed |
+ */
+type FetchUtxosStage = "initialization" | "validation" | "key-derivation" | "indexer-fetch" | "proof-fetch";
+/** Error thrown when a UTXO fetch operation fails. */
+declare class FetchUtxosError extends UmbraError {
+    readonly stage: FetchUtxosStage;
+    constructor(stage: FetchUtxosStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a FetchUtxosError. */
+declare function isFetchUtxosError(error: unknown): error is FetchUtxosError;
+/**
+ * Stage of a UTXO claim operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `validation` | Invalid UTXO data or Merkle proof parameters |
+ * | `key-derivation` | Key derivation from master seed failed |
+ * | `zk-proof-generation` | Groth16 proof generation failed |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `instruction-build` | Failed to build an instruction |
+ * | `transaction-build` | Blockhash fetch or transaction assembly failed |
+ * | `transaction-compile` | Failed to compile the transaction |
+ * | `transaction-sign` | Wallet rejected signing |
+ * | `transaction-validate` | Pre-flight simulation failed — also surfaces stale Merkle proof |
+ * | `transaction-send` | Transaction sent but confirmation timed out |
+ */
+type ClaimUtxoStage = "initialization" | "validation" | "key-derivation" | "zk-proof-generation" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send";
+/** Error thrown when a UTXO claim operation fails. */
+declare class ClaimUtxoError extends UmbraError {
+    readonly stage: ClaimUtxoStage;
+    constructor(stage: ClaimUtxoStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a ClaimUtxoError. */
+declare function isClaimUtxoError(error: unknown): error is ClaimUtxoError;
+/**
+ * Stage of a query operation where an error occurred.
+ *
+ * | Stage | Description |
+ * |-------|-------------|
+ * | `initialization` | Factory-level validation failed |
+ * | `pda-derivation` | PDA address generation failed |
+ * | `account-fetch` | RPC fetch failed |
+ * | `account-decode` | On-chain account data could not be decoded |
+ * | `key-derivation` | X25519 key derivation failed (encrypted balance query) |
+ * | `decryption` | Rescue cipher decryption failed (encrypted balance query) |
+ */
+type QueryStage = "initialization" | "pda-derivation" | "account-fetch" | "account-decode" | "key-derivation" | "decryption";
+/** Error thrown when a query operation fails. */
+declare class QueryError extends UmbraError {
+    readonly stage: QueryStage;
+    constructor(stage: QueryStage, message: string, cause?: unknown);
+}
+/** Type guard to check if an error is a QueryError. */
+declare function isQueryError(error: unknown): error is QueryError;
+
+export { ClaimUtxoError, type ClaimUtxoStage, ConversionError, type ConversionStage, CreateUtxoError, type CreateUtxoStage, CryptographyAssertionError, CryptographyError, EncryptedDepositError, type EncryptedDepositStage, EncryptedWithdrawalError, type EncryptedWithdrawalStage, FetchUtxosError, type FetchUtxosStage, InstructionError, MasterSeedSigningRejectedError, MathematicsAssertionError, QueryError, type QueryStage, RegistrationError, type RegistrationStage, RpcError, SolanaAssertionError, TemporalAssertionError, TransactionError, TransactionSigningError, UmbraError, isClaimUtxoError, isConversionError, isCreateUtxoError, isCryptographyError, isEncryptedDepositError, isEncryptedWithdrawalError, isFetchUtxosError, isInstructionError, isQueryError, isRegistrationError, isRpcError, isTransactionError, isTransactionSigningError, isUmbraError };