@ursalock/zustand 0.3.0 → 0.3.1

package/dist/sync.js

@@ -1,389 +0,0 @@
-/**
- * Sync engine for vault middleware
- * Handles bidirectional sync with server + offline queue
- *
- * Refactored to follow SOLID principles:
- * - IHttpClient interface (Dependency Inversion)
- * - Separated offline queue logic (Single Responsibility)
- * - Injectable HTTP client for testing
- */
-import { FetchHttpClient } from "./providers/fetch-http.js";
-import { computeHmac, verifyHmac } from "@ursalock/crypto";
-const QUEUE_KEY = "ursalock:offline-queue";
-/**
- * Create a sync engine instance
- * Uses dependency injection for HTTP client (Dependency Inversion Principle)
- */
-export function createSyncEngine(options) {
-    const { serverUrl, name, getToken, onServerData, getLocalData, onStatusChange, httpClient = new FetchHttpClient(), storageProvider, hmacKey, } = options;
-    const textEncoder = new TextEncoder();
-    // Use provided storage or fall back to localStorage
-    const queueStorage = storageProvider ?? (typeof localStorage !== "undefined" ? localStorage : null);
-    let status = "idle";
-    let lastSyncAt = null;
-    let error = null;
-    /** Last known server version for optimistic locking */
-    let knownServerVersion = null;
-    const setStatus = (newStatus, newError) => {
-        status = newStatus;
-        error = newError ?? null;
-        onStatusChange?.(newStatus);
-    };
-    /**
-     * Load offline queue from localStorage
-     */
-    const loadQueue = () => {
-        if (!queueStorage)
-            return { pending: [] };
-        try {
-            const stored = queueStorage.getItem(`${QUEUE_KEY}:${name}`);
-            return stored ? JSON.parse(stored) : { pending: [] };
-        }
-        catch {
-            return { pending: [] };
-        }
-    };
-    /**
-     * Save offline queue to storage
-     */
-    const saveQueue = (queue) => {
-        if (!queueStorage)
-            return;
-        try {
-            queueStorage.setItem(`${QUEUE_KEY}:${name}`, JSON.stringify(queue));
-        }
-        catch {
-            // Storage full or unavailable
-        }
-    };
-    /**
-     * Add to offline queue
-     */
-    const enqueue = (data, salt) => {
-        const queue = loadQueue();
-        queue.pending.push({ data, salt, timestamp: Date.now() });
-        // Keep only last 10 pending changes
-        if (queue.pending.length > 10) {
-            queue.pending = queue.pending.slice(-10);
-        }
-        saveQueue(queue);
-    };
-    /**
-     * Clear offline queue
-     */
-    const clearQueue = () => {
-        saveQueue({ pending: [] });
-    };
-    /**
-     * Check if online
-     */
-    const isOnline = () => {
-        return typeof navigator === "undefined" || navigator.onLine;
-    };
-    /**
-     * Fetch vault from server
-     * Uses injected HTTP client (Dependency Inversion)
-     */
-    const fetchServer = async () => {
-        const token = getToken();
-        if (!token) {
-            console.warn("[ursalock] fetchServer: no auth token available, skipping");
-            return null;
-        }
-        const res = await httpClient.request({
-            url: `${serverUrl}/vault/by-name/${encodeURIComponent(name)}`,
-            method: "GET",
-            headers: {
-                "Authorization": `Bearer ${token}`,
-                "Content-Type": "application/json",
-            },
-        });
-        if (res.status === 404)
-            return null;
-        if (!res.ok)
-            throw new Error(`Server error: ${res.status}`);
-        const vault = await res.json();
-        // Track server version for optimistic locking
-        knownServerVersion = vault.version;
-        return vault;
-    };
-    /**
-     * Compute HMAC tag for outgoing data (if hmacKey is configured).
-     */
-    const computeTag = async (data) => {
-        if (!hmacKey)
-            return undefined;
-        return computeHmac(textEncoder.encode(data), hmacKey);
-    };
-    /**
-     * Verify HMAC integrity of incoming server data.
-     * - Missing HMAC on server data: warn and allow (backward compat with older vaults)
-     * - Invalid HMAC: reject with a clear error
-     */
-    const verifyTag = async (vault) => {
-        if (!hmacKey)
-            return;
-        if (!vault.hmac) {
-            console.warn("[ursalock] Server vault has no HMAC tag. " +
-                "This is expected for vaults created before integrity verification was enabled. " +
-                "The vault will be re-signed on next push.");
-            return;
-        }
-        const valid = await verifyHmac(textEncoder.encode(vault.data), hmacKey, vault.hmac);
-        if (!valid) {
-            throw new Error("[ursalock] HMAC verification failed: server data has been tampered with or the integrity key is wrong");
-        }
-    };
-    /**
-     * Push vault to server (handles race conditions with retry on 409)
-     *
-     * Sends the last known server version for optimistic locking. If the server
-     * detects a version mismatch it returns 409 and we force a pull + re-merge
-     * before retrying the push once.
-     */
-    const pushServer = async (data, salt) => {
-        const token = getToken();
-        if (!token)
-            throw new Error("Not authenticated");
-        // Compute HMAC tag over ciphertext before sending (Encrypt-then-MAC)
-        const hmac = await computeTag(data);
-        // Try to get existing vault first
-        let existing = null;
-        try {
-            existing = await fetchServer();
-        }
-        catch {
-            // Ignore fetch errors, try to create
-        }
-        if (existing) {
-            // Build body with version for optimistic locking
-            const body = { data, salt, ...(hmac != null && { hmac }) };
-            if (knownServerVersion != null) {
-                body.version = knownServerVersion;
-            }
-            // Update existing vault
-            const res = await httpClient.request({
-                url: `${serverUrl}/vault/${existing.uid}`,
-                method: "PUT",
-                headers: {
-                    "Authorization": `Bearer ${token}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify(body),
-            });
-            // Handle version conflict: pull latest, re-merge, retry once
-            if (res.status === 409) {
-                const latest = await fetchServer();
-                if (latest) {
-                    await verifyTag(latest);
-                    onServerData(latest.data, latest.salt, latest.updatedAt);
-                    // Retry with fresh local data and updated version
-                    const retryLocal = getLocalData();
-                    const retryHmac = await computeTag(retryLocal.data);
-                    const retryBody = {
-                        data: retryLocal.data,
-                        salt: retryLocal.salt,
-                        ...(retryHmac != null && { hmac: retryHmac }),
-                    };
-                    if (knownServerVersion != null) {
-                        retryBody.version = knownServerVersion;
-                    }
-                    const retryRes = await httpClient.request({
-                        url: `${serverUrl}/vault/${existing.uid}`,
-                        method: "PUT",
-                        headers: {
-                            "Authorization": `Bearer ${token}`,
-                            "Content-Type": "application/json",
-                        },
-                        body: JSON.stringify(retryBody),
-                    });
-                    if (!retryRes.ok) {
-                        const errorText = await retryRes.text().catch(() => "");
-                        throw new Error(`Server error: ${retryRes.status} ${errorText}`);
-                    }
-                    const result = await retryRes.json();
-                    knownServerVersion = result.version;
-                    return result;
-                }
-            }
-            if (!res.ok) {
-                const errorText = await res.text().catch(() => "");
-                throw new Error(`Server error: ${res.status} ${errorText}`);
-            }
-            const result = await res.json();
-            knownServerVersion = result.version;
-            return result;
-        }
-        // Try to create new vault
-        const createRes = await httpClient.request({
-            url: `${serverUrl}/vault`,
-            method: "POST",
-            headers: {
-                "Authorization": `Bearer ${token}`,
-                "Content-Type": "application/json",
-            },
-            body: JSON.stringify({ name, data, salt, ...(hmac != null && { hmac }) }),
-        });
-        // Handle race condition: vault was created between our check and POST
-        if (createRes.status === 409) {
-            // Fetch the existing vault and update it instead
-            const nowExisting = await fetchServer();
-            if (!nowExisting) {
-                throw new Error("Vault conflict but not found on retry");
-            }
-            const retryBody = { data, salt, ...(hmac != null && { hmac }) };
-            if (knownServerVersion != null) {
-                retryBody.version = knownServerVersion;
-            }
-            const retryRes = await httpClient.request({
-                url: `${serverUrl}/vault/${nowExisting.uid}`,
-                method: "PUT",
-                headers: {
-                    "Authorization": `Bearer ${token}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify(retryBody),
-            });
-            if (!retryRes.ok) {
-                const errorText = await retryRes.text().catch(() => "");
-                throw new Error(`Server error: ${retryRes.status} ${errorText}`);
-            }
-            const result = await retryRes.json();
-            knownServerVersion = result.version;
-            return result;
-        }
-        if (!createRes.ok) {
-            const errorText = await createRes.text().catch(() => "");
-            throw new Error(`Server error: ${createRes.status} ${errorText}`);
-        }
-        const result = await createRes.json();
-        knownServerVersion = result.version;
-        return result;
-    };
-    /**
-     * Sync with server (bidirectional)
-     */
-    const sync = async () => {
-        if (!isOnline()) {
-            setStatus("offline");
-            return;
-        }
-        setStatus("syncing");
-        try {
-            // Process offline queue first
-            const queue = loadQueue();
-            if (queue.pending.length > 0) {
-                // Push most recent pending change
-                const latest = queue.pending[queue.pending.length - 1];
-                if (latest) {
-                    await pushServer(latest.data, latest.salt);
-                    clearQueue();
-                }
-            }
-            // Get local and server state
-            const local = getLocalData();
-            const server = await fetchServer();
-            if (!server) {
-                // No server data, push local
-                if (local.data) {
-                    await pushServer(local.data, local.salt);
-                }
-            }
-            else if (server.updatedAt > local.updatedAt) {
-                // Server is newer — verify integrity before accepting
-                await verifyTag(server);
-                onServerData(server.data, server.salt, server.updatedAt);
-            }
-            else if (local.updatedAt > server.updatedAt) {
-                // Local is newer, push
-                await pushServer(local.data, local.salt);
-            }
-            // If equal, nothing to do
-            lastSyncAt = Date.now();
-            setStatus("synced");
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : "Sync failed";
-            console.error("[ursalock] Sync error:", message);
-            setStatus("error", message);
-            // Queue for later if push failed
-            if (message.includes("Server error")) {
-                const local = getLocalData();
-                enqueue(local.data, local.salt);
-            }
-        }
-    };
-    /**
-     * Push local changes to server (with offline support)
-     */
-    const push = async () => {
-        if (!isOnline()) {
-            const local = getLocalData();
-            enqueue(local.data, local.salt);
-            setStatus("offline");
-            return;
-        }
-        setStatus("syncing");
-        try {
-            const local = getLocalData();
-            await pushServer(local.data, local.salt);
-            lastSyncAt = Date.now();
-            setStatus("synced");
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : "Push failed";
-            console.error("[ursalock] Push error:", message);
-            // Queue for retry
-            const local = getLocalData();
-            enqueue(local.data, local.salt);
-            setStatus("error", message);
-        }
-    };
-    /**
-     * Pull latest from server
-     */
-    const pull = async () => {
-        if (!isOnline()) {
-            setStatus("offline");
-            return false;
-        }
-        setStatus("syncing");
-        try {
-            const server = await fetchServer();
-            if (server) {
-                const local = getLocalData();
-                if (server.updatedAt > local.updatedAt) {
-                    await verifyTag(server);
-                    onServerData(server.data, server.salt, server.updatedAt);
-                    lastSyncAt = Date.now();
-                    setStatus("synced");
-                    return true;
-                }
-            }
-            setStatus("synced");
-            return false;
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : "Pull failed";
-            console.error("[ursalock] Pull error:", message);
-            setStatus("error", message);
-            return false;
-        }
-    };
-    /**
-     * Get current sync state
-     */
-    const getState = () => ({
-        lastSyncAt,
-        status,
-        pendingChanges: loadQueue().pending.length > 0,
-        error,
-    });
-    return {
-        sync,
-        push,
-        pull,
-        getState,
-        clearQueue,
-    };
-}

package/dist/vault.d.ts

@@ -1,152 +0,0 @@
-/**
- * vault() middleware - Drop-in replacement for persist()
- * Adds E2EE encryption and cloud sync to Zustand stores
- *
- * Supports two encryption modes:
- * - Legacy: recoveryKey string (Argon2id key derivation)
- * - New: cipherJwk from ZKCredentials (PRF-derived)
- *
- * Type pattern follows zustand's persist middleware:
- * - Simple internal implementation type (VaultImpl)
- * - Complex public API type (Vault)
- * - Cast at export: `vaultImpl as unknown as Vault`
- */
-import type { StateCreator, StoreMutatorIdentifier } from "zustand";
-import { type VaultStorage } from "./storage.js";
-import type { CipherJWK } from "@ursalock/crypto";
-/** Base vault middleware options */
-interface VaultOptionsBase<S, PersistedState = S> {
-    /** Unique name for this vault (used as storage key) */
-    name: string;
-    /**
-     * Server URL for sync (optional)
-     * If not provided, only local encrypted storage is used
-     */
-    server?: string;
-    /**
-     * Auth token getter for server sync
-     * Required if server is provided
-     */
-    getToken?: () => string | null;
-    /** Custom storage implementation */
-    storage?: VaultStorage;
-    /** Storage key prefix (default: 'ursalock:') */
-    prefix?: string;
-    /**
-     * Partial state to persist
-     * @default (state) => state (persist everything)
-     */
-    partialize?: (state: S) => PersistedState;
-    /**
-     * Merge function for rehydration
-     * @default Object.assign
-     */
-    merge?: (persistedState: unknown, currentState: S) => S;
-    /**
-     * Called when state is loaded from storage
-     */
-    onRehydrateStorage?: (state: S) => ((state?: S, error?: unknown) => void) | void;
-    /**
-     * Skip hydration on init (useful for SSR)
-     * Call rehydrate() manually when ready
-     */
-    skipHydration?: boolean;
-    /**
-     * Sync interval in ms (default: 30000 = 30s)
-     * Set to 0 to disable auto-sync
-     */
-    syncInterval?: number;
-}
-/** Legacy options using recovery key string */
-export interface VaultOptionsLegacy<S, PersistedState = S> extends VaultOptionsBase<S, PersistedState> {
-    /** Recovery key for E2EE encryption (legacy mode) */
-    recoveryKey: string;
-}
-/** New options using CipherJWK from ZKCredentials */
-export interface VaultOptionsJwk<S, PersistedState = S> extends VaultOptionsBase<S, PersistedState> {
-    /** CipherJWK for E2EE encryption (from ZKCredentials) */
-    cipherJwk: CipherJWK;
-}
-export type VaultOptions<S, PersistedState = S> = VaultOptionsLegacy<S, PersistedState> | VaultOptionsJwk<S, PersistedState>;
-export type { SyncStatus, SyncState } from "./sync.js";
-type VaultListener<S> = (state: S) => void;
-import type { SyncStatus } from "./sync.js";
-/** Store shape extended with vault API */
-type StoreVault<S, Ps> = S extends {
-    getState: () => infer T;
-    setState: {
-        (...args: infer Sa1): infer Sr1;
-        (...args: infer Sa2): infer Sr2;
-    };
-} ? {
-    setState(...args: Sa1): Sr1 | Promise<void>;
-    setState(...args: Sa2): Sr2 | Promise<void>;
-    vault: {
-        /** Full bidirectional sync with server */
-        sync: () => Promise<void>;
-        /** Push local changes to server */
-        push: () => Promise<void>;
-        /** Pull latest from server */
-        pull: () => Promise<boolean>;
-        /** Rehydrate from local storage */
-        rehydrate: () => Promise<void>;
-        /** Check if store has been hydrated */
-        hasHydrated: () => boolean;
-        /** Get current sync status */
-        getSyncStatus: () => SyncStatus;
-        /** Check if there are pending offline changes */
-        hasPendingChanges: () => boolean;
-        /** Clear all stored data (local + server) */
-        clearStorage: () => Promise<void>;
-        /** Clean up sync interval and timers */
-        destroy: () => void;
-        /** Subscribe to hydration start */
-        onHydrate: (fn: VaultListener<T>) => () => void;
-        /** Subscribe to hydration complete */
-        onFinishHydration: (fn: VaultListener<T>) => () => void;
-    };
-} : never;
-type Write<T, U> = Omit<T, keyof U> & U;
-type WithVault<S, A> = Write<S, StoreVault<S, A>>;
-/** Public API type with complex mutator support */
-type Vault = <T, Mps extends [StoreMutatorIdentifier, unknown][] = [], Mcs extends [StoreMutatorIdentifier, unknown][] = [], U = T>(initializer: StateCreator<T, [...Mps, ["vault", unknown]], Mcs>, options: VaultOptions<T, U>) => StateCreator<T, Mps, [["vault", U], ...Mcs]>;
-declare module "zustand" {
-    interface StoreMutators<S, A> {
-        vault: WithVault<S, A>;
-    }
-}
-/**
- * vault() middleware - Add E2EE encrypted persistence to Zustand
- *
- * @example Using CipherJWK from ZKCredentials (recommended)
- * ```ts
- * const useStore = create(
- *   vault(
- *     (set) => ({
- *       count: 0,
- *       increment: () => set((s) => ({ count: s.count + 1 })),
- *     }),
- *     {
- *       name: 'my-store',
- *       cipherJwk: credential.cipherJwk, // From ZKCredentials
- *       server: 'https://vault.example.com', // optional
- *     }
- *   )
- * )
- * ```
- *
- * @example Using recovery key (legacy)
- * ```ts
- * const useStore = create(
- *   vault(
- *     (set) => ({ ... }),
- *     {
- *       name: 'my-store',
- *       recoveryKey: 'ABCD-EFGH-...',
- *     }
- *   )
- * )
- * ```
- */
-export declare const vault: Vault;
-//# sourceMappingURL=vault.d.ts.map

package/dist/vault.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../src/vault.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAY,sBAAsB,EAAE,MAAM,SAAS,CAAC;AAC9E,OAAO,EAAsB,KAAK,YAAY,EAAE,MAAM,cAAc,CAAC;AAErE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAMlD,oCAAoC;AACpC,UAAU,gBAAgB,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC;IAC9C,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;IAEb;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IAE/B,oCAAoC;IACpC,OAAO,CAAC,EAAE,YAAY,CAAC;IAEvB,gDAAgD;IAChD,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,UAAU,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,cAAc,CAAC;IAE1C;;;OAGG;IACH,KAAK,CAAC,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,KAAK,CAAC,CAAC;IAExD;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC,GAAG,IAAI,CAAC;IAEjF;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,+CAA+C;AAC/C,MAAM,WAAW,kBAAkB,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC,CAAE,SAAQ,gBAAgB,CAAC,CAAC,EAAE,cAAc,CAAC;IACpG,qDAAqD;IACrD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,qDAAqD;AACrD,MAAM,WAAW,eAAe,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC,CAAE,SAAQ,gBAAgB,CAAC,CAAC,EAAE,cAAc,CAAC;IACjG,yDAAyD;IACzD,SAAS,EAAE,SAAS,CAAC;CACtB;AAED,MAAM,MAAM,YAAY,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC,IAC1C,kBAAkB,CAAC,CAAC,EAAE,cAAc,CAAC,GACrC,eAAe,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;AAEvC,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEvD,KAAK,aAAa,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,CAAC;AAE3C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAE5C,0CAA0C;AAC1C,KAAK,UAAU,CAAC,CAAC,EAAE,EAAE,IAAI,CAAC,SAAS;IACjC,QAAQ,EAAE,MAAM,MAAM,CAAC,CAAC;IACxB,QAAQ,EAAE;QACR,CAAC,GAAG,IAAI,EAAE,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC;QAChC,CAAC,GAAG,IAAI,EAAE,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC;KACjC,CAAC;CACH,GAAG;IACF,QAAQ,CAAC,GAAG,IAAI,EAAE,GAAG,GAAG,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,QAAQ,CAAC,GAAG,IAAI,EAAE,GAAG,GAAG,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,KAAK,EAAE;QACL,0CAA0C;QAC1C,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,mCAAmC;QACnC,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,8BAA8B;QAC9B,IAAI,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7B,mCAAmC;QACnC,SAAS,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/B,uCAAuC;QACvC,WAAW,EAAE,MAAM,OAAO,CAAC;QAC3B,8BAA8B;QAC9B,aAAa,EAAE,MAAM,UAAU,CAAC;QAChC,iDAAiD;QACjD,iBAAiB,EAAE,MAAM,OAAO,CAAC;QACjC,6CAA6C;QAC7C,YAAY,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAClC,wCAAwC;QACxC,OAAO,EAAE,MAAM,IAAI,CAAC;QACpB,mCAAmC;QACnC,SAAS,EAAE,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC;QAChD,sCAAsC;QACtC,iBAAiB,EAAE,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC;KACzD,CAAC;CACH,GAAG,KAAK,CAAC;AAEV,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC;AACxC,KAAK,SAAS,CAAC,CAAC,EAAE,CAAC,IAAI,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAElD,mDAAmD;AACnD,KAAK,KAAK,GAAG,CACX,CAAC,EACD,GAAG,SAAS,CAAC,sBAAsB,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,EACpD,GAAG,SAAS,CAAC,sBAAsB,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,EACpD,CAAC,GAAG,CAAC,EAEL,WAAW,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC,EAC/D,OAAO,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,KACxB,YAAY,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AAElD,OAAO,QAAQ,SAAS,CAAC;IACvB,UAAU,aAAa,CAAC,CAAC,EAAE,CAAC;QAC1B,KAAK,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;KACxB;CACF;AAgQD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,eAAO,MAAM,KAAK,EAA2B,KAAK,CAAC"}