@usesigil/kit 0.15.0 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/advanced-analytics.d.ts +3 -2
- package/dist/advanced-analytics.d.ts.map +1 -1
- package/dist/advanced-analytics.js +9 -42
- package/dist/advanced-analytics.js.map +1 -1
- package/dist/agent-bootstrap.d.ts +117 -0
- package/dist/agent-bootstrap.d.ts.map +1 -0
- package/dist/agent-bootstrap.js +211 -0
- package/dist/agent-bootstrap.js.map +1 -0
- package/dist/agent-errors.d.ts +20 -4
- package/dist/agent-errors.d.ts.map +1 -1
- package/dist/agent-errors.js +947 -377
- package/dist/agent-errors.js.map +1 -1
- package/dist/audit-log.d.ts +101 -0
- package/dist/audit-log.d.ts.map +1 -0
- package/dist/audit-log.js +145 -0
- package/dist/audit-log.js.map +1 -0
- package/dist/build-unsigned.d.ts +152 -0
- package/dist/build-unsigned.d.ts.map +1 -0
- package/dist/build-unsigned.js +152 -0
- package/dist/build-unsigned.js.map +1 -0
- package/dist/caip2-network.d.ts +171 -0
- package/dist/caip2-network.d.ts.map +1 -0
- package/dist/caip2-network.js +202 -0
- package/dist/caip2-network.js.map +1 -0
- package/dist/canonical-encode.d.ts +59 -0
- package/dist/canonical-encode.d.ts.map +1 -0
- package/dist/canonical-encode.js +141 -0
- package/dist/canonical-encode.js.map +1 -0
- package/dist/cosign-helper.d.ts +264 -0
- package/dist/cosign-helper.d.ts.map +1 -0
- package/dist/cosign-helper.js +147 -0
- package/dist/cosign-helper.js.map +1 -0
- package/dist/create-vault.d.ts +102 -1
- package/dist/create-vault.d.ts.map +1 -1
- package/dist/create-vault.js +108 -9
- package/dist/create-vault.js.map +1 -1
- package/dist/dashboard/close-vault.d.ts +110 -0
- package/dist/dashboard/close-vault.d.ts.map +1 -0
- package/dist/dashboard/close-vault.js +165 -0
- package/dist/dashboard/close-vault.js.map +1 -0
- package/dist/dashboard/errors.d.ts +37 -0
- package/dist/dashboard/errors.d.ts.map +1 -1
- package/dist/dashboard/errors.js +81 -1
- package/dist/dashboard/errors.js.map +1 -1
- package/dist/dashboard/from-json.d.ts.map +1 -1
- package/dist/dashboard/from-json.js +1 -2
- package/dist/dashboard/from-json.js.map +1 -1
- package/dist/dashboard/index.d.ts +204 -31
- package/dist/dashboard/index.d.ts.map +1 -1
- package/dist/dashboard/index.js +290 -49
- package/dist/dashboard/index.js.map +1 -1
- package/dist/dashboard/mutations.d.ts +160 -10
- package/dist/dashboard/mutations.d.ts.map +1 -1
- package/dist/dashboard/mutations.js +584 -66
- package/dist/dashboard/mutations.js.map +1 -1
- package/dist/dashboard/post-assertion-validation.d.ts +88 -0
- package/dist/dashboard/post-assertion-validation.d.ts.map +1 -0
- package/dist/dashboard/post-assertion-validation.js +312 -0
- package/dist/dashboard/post-assertion-validation.js.map +1 -0
- package/dist/dashboard/reads.d.ts +92 -1
- package/dist/dashboard/reads.d.ts.map +1 -1
- package/dist/dashboard/reads.js +244 -26
- package/dist/dashboard/reads.js.map +1 -1
- package/dist/dashboard/types.d.ts +172 -21
- package/dist/dashboard/types.d.ts.map +1 -1
- package/dist/errors/agent-errors.generated.d.ts +21 -0
- package/dist/errors/agent-errors.generated.d.ts.map +1 -0
- package/dist/errors/agent-errors.generated.js +133 -0
- package/dist/errors/agent-errors.generated.js.map +1 -0
- package/dist/errors/codes.d.ts +21 -2
- package/dist/errors/codes.d.ts.map +1 -1
- package/dist/errors/codes.js +20 -1
- package/dist/errors/codes.js.map +1 -1
- package/dist/errors/context.d.ts +9 -1
- package/dist/errors/context.d.ts.map +1 -1
- package/dist/event-analytics.d.ts +1 -3
- package/dist/event-analytics.d.ts.map +1 -1
- package/dist/event-analytics.js +28 -81
- package/dist/event-analytics.js.map +1 -1
- package/dist/events.d.ts.map +1 -1
- package/dist/events.js +23 -13
- package/dist/events.js.map +1 -1
- package/dist/generated/accounts/agentSpendOverlay.d.ts +60 -0
- package/dist/generated/accounts/agentSpendOverlay.d.ts.map +1 -1
- package/dist/generated/accounts/agentSpendOverlay.js +6 -2
- package/dist/generated/accounts/agentSpendOverlay.js.map +1 -1
- package/dist/generated/accounts/agentVault.d.ts +168 -4
- package/dist/generated/accounts/agentVault.d.ts.map +1 -1
- package/dist/generated/accounts/agentVault.js +11 -3
- package/dist/generated/accounts/agentVault.js.map +1 -1
- package/dist/generated/accounts/auditLogRejected.d.ts +66 -0
- package/dist/generated/accounts/auditLogRejected.d.ts.map +1 -0
- package/dist/generated/accounts/auditLogRejected.js +68 -0
- package/dist/generated/accounts/auditLogRejected.js.map +1 -0
- package/dist/generated/accounts/auditLogSuccess.d.ts +78 -0
- package/dist/generated/accounts/auditLogSuccess.d.ts.map +1 -0
- package/dist/generated/accounts/auditLogSuccess.js +68 -0
- package/dist/generated/accounts/auditLogSuccess.js.map +1 -0
- package/dist/generated/accounts/index.d.ts +4 -4
- package/dist/generated/accounts/index.d.ts.map +1 -1
- package/dist/generated/accounts/index.js +4 -4
- package/dist/generated/accounts/index.js.map +1 -1
- package/dist/generated/accounts/pendingAgentGrant.d.ts +199 -0
- package/dist/generated/accounts/pendingAgentGrant.d.ts.map +1 -0
- package/dist/generated/accounts/pendingAgentGrant.js +75 -0
- package/dist/generated/accounts/pendingAgentGrant.js.map +1 -0
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts +76 -0
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.js +9 -1
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/accounts/pendingOwnershipTransfer.d.ts +131 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.js +76 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.js.map +1 -0
- package/dist/generated/accounts/pendingPolicyUpdate.d.ts +220 -4
- package/dist/generated/accounts/pendingPolicyUpdate.d.ts.map +1 -1
- package/dist/generated/accounts/pendingPolicyUpdate.js +25 -5
- package/dist/generated/accounts/pendingPolicyUpdate.js.map +1 -1
- package/dist/generated/accounts/policyConfig.d.ts +495 -34
- package/dist/generated/accounts/policyConfig.d.ts.map +1 -1
- package/dist/generated/accounts/policyConfig.js +34 -7
- package/dist/generated/accounts/policyConfig.js.map +1 -1
- package/dist/generated/accounts/postExecutionAssertions.d.ts +2 -2
- package/dist/generated/accounts/postExecutionAssertions.d.ts.map +1 -1
- package/dist/generated/accounts/postExecutionAssertions.js +3 -3
- package/dist/generated/accounts/sessionAuthority.d.ts +154 -12
- package/dist/generated/accounts/sessionAuthority.d.ts.map +1 -1
- package/dist/generated/accounts/sessionAuthority.js +12 -10
- package/dist/generated/accounts/sessionAuthority.js.map +1 -1
- package/dist/generated/accounts/spendTracker.d.ts +83 -3
- package/dist/generated/accounts/spendTracker.d.ts.map +1 -1
- package/dist/generated/accounts/spendTracker.js +14 -2
- package/dist/generated/accounts/spendTracker.js.map +1 -1
- package/dist/generated/errors/sigil.d.ts +160 -100
- package/dist/generated/errors/sigil.d.ts.map +1 -1
- package/dist/generated/errors/sigil.js +214 -124
- package/dist/generated/errors/sigil.js.map +1 -1
- package/dist/generated/event-discriminators.d.ts.map +1 -1
- package/dist/generated/event-discriminators.js +11 -13
- package/dist/generated/event-discriminators.js.map +1 -1
- package/dist/generated/instructions/acceptOwnershipTransfer.d.ts +142 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.js +171 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts +142 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.js +171 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.js.map +1 -0
- package/dist/generated/instructions/applyAgentGrant.d.ts +100 -0
- package/dist/generated/instructions/applyAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/{applyConstraintsUpdate.js → applyAgentGrant.js} +66 -42
- package/dist/generated/instructions/applyAgentGrant.js.map +1 -0
- package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts +31 -8
- package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/applyAgentPermissionsUpdate.js +38 -2
- package/dist/generated/instructions/applyAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/instructions/applyPendingPolicy.d.ts +18 -7
- package/dist/generated/instructions/applyPendingPolicy.d.ts.map +1 -1
- package/dist/generated/instructions/applyPendingPolicy.js +38 -2
- package/dist/generated/instructions/applyPendingPolicy.js.map +1 -1
- package/dist/generated/instructions/cancelAgentGrant.d.ts +106 -0
- package/dist/generated/instructions/cancelAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/{allocatePendingConstraintsPda.js → cancelAgentGrant.js} +54 -42
- package/dist/generated/instructions/cancelAgentGrant.js.map +1 -0
- package/dist/generated/instructions/cancelOwnershipTransfer.d.ts +121 -0
- package/dist/generated/instructions/cancelOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/{queueCloseConstraints.js → cancelOwnershipTransfer.js} +58 -44
- package/dist/generated/instructions/cancelOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/closePostAssertions.d.ts +6 -1
- package/dist/generated/instructions/closePostAssertions.d.ts.map +1 -1
- package/dist/generated/instructions/closePostAssertions.js +11 -3
- package/dist/generated/instructions/closePostAssertions.js.map +1 -1
- package/dist/generated/instructions/closeVault.d.ts +40 -8
- package/dist/generated/instructions/closeVault.d.ts.map +1 -1
- package/dist/generated/instructions/closeVault.js +40 -2
- package/dist/generated/instructions/closeVault.js.map +1 -1
- package/dist/generated/instructions/createPostAssertions.d.ts +4 -0
- package/dist/generated/instructions/createPostAssertions.d.ts.map +1 -1
- package/dist/generated/instructions/createPostAssertions.js +2 -0
- package/dist/generated/instructions/createPostAssertions.js.map +1 -1
- package/dist/generated/instructions/depositFunds.d.ts +21 -10
- package/dist/generated/instructions/depositFunds.d.ts.map +1 -1
- package/dist/generated/instructions/depositFunds.js +37 -2
- package/dist/generated/instructions/depositFunds.js.map +1 -1
- package/dist/generated/instructions/finalizeSession.d.ts +49 -7
- package/dist/generated/instructions/finalizeSession.d.ts.map +1 -1
- package/dist/generated/instructions/finalizeSession.js +59 -2
- package/dist/generated/instructions/finalizeSession.js.map +1 -1
- package/dist/generated/instructions/freezeVault.d.ts +39 -5
- package/dist/generated/instructions/freezeVault.d.ts.map +1 -1
- package/dist/generated/instructions/freezeVault.js +77 -5
- package/dist/generated/instructions/freezeVault.js.map +1 -1
- package/dist/generated/instructions/index.d.ts +10 -14
- package/dist/generated/instructions/index.d.ts.map +1 -1
- package/dist/generated/instructions/index.js +10 -14
- package/dist/generated/instructions/index.js.map +1 -1
- package/dist/generated/instructions/initializeVault.d.ts +79 -13
- package/dist/generated/instructions/initializeVault.d.ts.map +1 -1
- package/dist/generated/instructions/initializeVault.js +57 -5
- package/dist/generated/instructions/initializeVault.js.map +1 -1
- package/dist/generated/instructions/initiateOwnershipTransfer.d.ts +106 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.js +181 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/pauseAgent.d.ts +49 -5
- package/dist/generated/instructions/pauseAgent.d.ts.map +1 -1
- package/dist/generated/instructions/pauseAgent.js +80 -5
- package/dist/generated/instructions/pauseAgent.js.map +1 -1
- package/dist/generated/instructions/promoteGraylistDestination.d.ts +56 -0
- package/dist/generated/instructions/promoteGraylistDestination.d.ts.map +1 -0
- package/dist/generated/instructions/{createInstructionConstraints.js → promoteGraylistDestination.js} +23 -40
- package/dist/generated/instructions/promoteGraylistDestination.js.map +1 -0
- package/dist/generated/instructions/queueAgentGrant.d.ts +113 -0
- package/dist/generated/instructions/queueAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/queueAgentGrant.js +181 -0
- package/dist/generated/instructions/queueAgentGrant.js.map +1 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts +8 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/queueAgentPermissionsUpdate.js +4 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/instructions/queuePolicyUpdate.d.ts +40 -8
- package/dist/generated/instructions/queuePolicyUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/queuePolicyUpdate.js +21 -5
- package/dist/generated/instructions/queuePolicyUpdate.js.map +1 -1
- package/dist/generated/instructions/reactivateVault.d.ts +71 -5
- package/dist/generated/instructions/reactivateVault.d.ts.map +1 -1
- package/dist/generated/instructions/reactivateVault.js +80 -5
- package/dist/generated/instructions/reactivateVault.js.map +1 -1
- package/dist/generated/instructions/recordAgentViolation.d.ts +89 -0
- package/dist/generated/instructions/recordAgentViolation.d.ts.map +1 -0
- package/dist/generated/instructions/recordAgentViolation.js +152 -0
- package/dist/generated/instructions/recordAgentViolation.js.map +1 -0
- package/dist/generated/instructions/registerAgent.d.ts +84 -6
- package/dist/generated/instructions/registerAgent.d.ts.map +1 -1
- package/dist/generated/instructions/registerAgent.js +81 -4
- package/dist/generated/instructions/registerAgent.js.map +1 -1
- package/dist/generated/instructions/revokeAgent.d.ts +49 -6
- package/dist/generated/instructions/revokeAgent.d.ts.map +1 -1
- package/dist/generated/instructions/revokeAgent.js +81 -4
- package/dist/generated/instructions/revokeAgent.js.map +1 -1
- package/dist/generated/instructions/setObserveOnly.d.ts +56 -0
- package/dist/generated/instructions/setObserveOnly.d.ts.map +1 -0
- package/dist/generated/instructions/setObserveOnly.js +111 -0
- package/dist/generated/instructions/setObserveOnly.js.map +1 -0
- package/dist/generated/instructions/unpauseAgent.d.ts +46 -5
- package/dist/generated/instructions/unpauseAgent.d.ts.map +1 -1
- package/dist/generated/instructions/unpauseAgent.js +80 -5
- package/dist/generated/instructions/unpauseAgent.js.map +1 -1
- package/dist/generated/instructions/validateAndAuthorize.d.ts +29 -0
- package/dist/generated/instructions/validateAndAuthorize.d.ts.map +1 -1
- package/dist/generated/instructions/validateAndAuthorize.js +4 -0
- package/dist/generated/instructions/validateAndAuthorize.js.map +1 -1
- package/dist/generated/instructions/withdrawFunds.d.ts +53 -11
- package/dist/generated/instructions/withdrawFunds.d.ts.map +1 -1
- package/dist/generated/instructions/withdrawFunds.js +51 -2
- package/dist/generated/instructions/withdrawFunds.js.map +1 -1
- package/dist/generated/programs/sigil.d.ts +79 -95
- package/dist/generated/programs/sigil.d.ts.map +1 -1
- package/dist/generated/programs/sigil.js +139 -187
- package/dist/generated/programs/sigil.js.map +1 -1
- package/dist/generated/types/actionAuthorized.d.ts +0 -2
- package/dist/generated/types/actionAuthorized.d.ts.map +1 -1
- package/dist/generated/types/actionAuthorized.js +0 -2
- package/dist/generated/types/actionAuthorized.js.map +1 -1
- package/dist/generated/types/agentAutoRevoked.d.ts +31 -0
- package/dist/generated/types/agentAutoRevoked.d.ts.map +1 -0
- package/dist/generated/types/{pdaAllocated.js → agentAutoRevoked.js} +12 -10
- package/dist/generated/types/agentAutoRevoked.js.map +1 -0
- package/dist/generated/types/agentEntry.d.ts +48 -0
- package/dist/generated/types/agentEntry.d.ts.map +1 -1
- package/dist/generated/types/agentEntry.js +4 -2
- package/dist/generated/types/agentEntry.js.map +1 -1
- package/dist/generated/types/agentGrantApplied.d.ts +38 -0
- package/dist/generated/types/agentGrantApplied.d.ts.map +1 -0
- package/dist/generated/types/agentGrantApplied.js +34 -0
- package/dist/generated/types/agentGrantApplied.js.map +1 -0
- package/dist/generated/types/agentGrantCancelled.d.ts +33 -0
- package/dist/generated/types/agentGrantCancelled.d.ts.map +1 -0
- package/dist/generated/types/agentGrantCancelled.js +28 -0
- package/dist/generated/types/agentGrantCancelled.js.map +1 -0
- package/dist/generated/types/agentGrantQueued.d.ts +38 -0
- package/dist/generated/types/agentGrantQueued.d.ts.map +1 -0
- package/dist/generated/types/agentGrantQueued.js +32 -0
- package/dist/generated/types/agentGrantQueued.js.map +1 -0
- package/dist/generated/types/auditEntry.d.ts +120 -0
- package/dist/generated/types/auditEntry.d.ts.map +1 -0
- package/dist/generated/types/auditEntry.js +34 -0
- package/dist/generated/types/auditEntry.js.map +1 -0
- package/dist/generated/types/destinationGraylistEntry.d.ts +32 -0
- package/dist/generated/types/destinationGraylistEntry.d.ts.map +1 -0
- package/dist/generated/types/destinationGraylistEntry.js +24 -0
- package/dist/generated/types/destinationGraylistEntry.js.map +1 -0
- package/dist/generated/types/graylistEntered.d.ts +31 -0
- package/dist/generated/types/graylistEntered.d.ts.map +1 -0
- package/dist/generated/types/graylistEntered.js +30 -0
- package/dist/generated/types/graylistEntered.js.map +1 -0
- package/dist/generated/types/graylistPromoted.d.ts +29 -0
- package/dist/generated/types/graylistPromoted.d.ts.map +1 -0
- package/dist/generated/types/graylistPromoted.js +28 -0
- package/dist/generated/types/graylistPromoted.js.map +1 -0
- package/dist/generated/types/index.d.ts +13 -21
- package/dist/generated/types/index.d.ts.map +1 -1
- package/dist/generated/types/index.js +13 -21
- package/dist/generated/types/index.js.map +1 -1
- package/dist/generated/types/observeOnlyChanged.d.ts +33 -0
- package/dist/generated/types/observeOnlyChanged.d.ts.map +1 -0
- package/dist/generated/types/observeOnlyChanged.js +32 -0
- package/dist/generated/types/observeOnlyChanged.js.map +1 -0
- package/dist/generated/types/ownershipTransferAccepted.d.ts +32 -0
- package/dist/generated/types/ownershipTransferAccepted.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferAccepted.js +30 -0
- package/dist/generated/types/ownershipTransferAccepted.js.map +1 -0
- package/dist/generated/types/ownershipTransferCancelled.d.ts +29 -0
- package/dist/generated/types/ownershipTransferCancelled.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferCancelled.js +28 -0
- package/dist/generated/types/ownershipTransferCancelled.js.map +1 -0
- package/dist/generated/types/ownershipTransferInitiated.d.ts +33 -0
- package/dist/generated/types/ownershipTransferInitiated.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferInitiated.js +30 -0
- package/dist/generated/types/ownershipTransferInitiated.js.map +1 -0
- package/dist/generated/types/perRecipientCounter.d.ts +61 -0
- package/dist/generated/types/perRecipientCounter.d.ts.map +1 -0
- package/dist/generated/types/perRecipientCounter.js +26 -0
- package/dist/generated/types/perRecipientCounter.js.map +1 -0
- package/dist/generated/types/postAssertionEntry.d.ts +14 -7
- package/dist/generated/types/postAssertionEntry.d.ts.map +1 -1
- package/dist/generated/types/postAssertionEntry.js +5 -7
- package/dist/generated/types/postAssertionEntry.js.map +1 -1
- package/dist/generated/types/postAssertionEntryZC.d.ts +53 -22
- package/dist/generated/types/postAssertionEntryZC.d.ts.map +1 -1
- package/dist/generated/types/postAssertionEntryZC.js +4 -6
- package/dist/generated/types/postAssertionEntryZC.js.map +1 -1
- package/dist/generated/types/sessionFinalized.d.ts +0 -4
- package/dist/generated/types/sessionFinalized.d.ts.map +1 -1
- package/dist/generated/types/sessionFinalized.js +0 -2
- package/dist/generated/types/sessionFinalized.js.map +1 -1
- package/dist/generated/types/vaultFrozen.d.ts +26 -0
- package/dist/generated/types/vaultFrozen.d.ts.map +1 -1
- package/dist/generated/types/vaultFrozen.js +5 -1
- package/dist/generated/types/vaultFrozen.js.map +1 -1
- package/dist/index.d.ts +35 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +81 -7
- package/dist/index.js.map +1 -1
- package/dist/inscribe.d.ts +0 -4
- package/dist/inscribe.d.ts.map +1 -1
- package/dist/inscribe.js +0 -1
- package/dist/inscribe.js.map +1 -1
- package/dist/inspector.d.ts +0 -23
- package/dist/inspector.d.ts.map +1 -1
- package/dist/inspector.js +0 -52
- package/dist/inspector.js.map +1 -1
- package/dist/kit-adapter.d.ts +1 -1
- package/dist/kit-adapter.d.ts.map +1 -1
- package/dist/kit-adapter.js +1 -1
- package/dist/kit-adapter.js.map +1 -1
- package/dist/logger.d.ts +48 -0
- package/dist/logger.d.ts.map +1 -1
- package/dist/logger.js +36 -0
- package/dist/logger.js.map +1 -1
- package/dist/multisig-detection.d.ts +83 -0
- package/dist/multisig-detection.d.ts.map +1 -0
- package/dist/multisig-detection.js +128 -0
- package/dist/multisig-detection.js.map +1 -0
- package/dist/owner-transaction.d.ts +8 -0
- package/dist/owner-transaction.d.ts.map +1 -1
- package/dist/owner-transaction.js +1 -0
- package/dist/owner-transaction.js.map +1 -1
- package/dist/ownership-transfer.d.ts +79 -0
- package/dist/ownership-transfer.d.ts.map +1 -0
- package/dist/ownership-transfer.js +66 -0
- package/dist/ownership-transfer.js.map +1 -0
- package/dist/policy/compute-cosign-digest.d.ts +193 -0
- package/dist/policy/compute-cosign-digest.d.ts.map +1 -0
- package/dist/policy/compute-cosign-digest.js +318 -0
- package/dist/policy/compute-cosign-digest.js.map +1 -0
- package/dist/policy/compute-policy-preview-digest.d.ts +258 -0
- package/dist/policy/compute-policy-preview-digest.d.ts.map +1 -0
- package/dist/policy/compute-policy-preview-digest.js +351 -0
- package/dist/policy/compute-policy-preview-digest.js.map +1 -0
- package/dist/policy-attestation.d.ts +51 -0
- package/dist/policy-attestation.d.ts.map +1 -0
- package/dist/policy-attestation.js +43 -0
- package/dist/policy-attestation.js.map +1 -0
- package/dist/presets.d.ts +1 -7
- package/dist/presets.d.ts.map +1 -1
- package/dist/presets.js +0 -5
- package/dist/presets.js.map +1 -1
- package/dist/preview-create-vault.d.ts +280 -0
- package/dist/preview-create-vault.d.ts.map +1 -0
- package/dist/preview-create-vault.js +498 -0
- package/dist/preview-create-vault.js.map +1 -0
- package/dist/resolve-accounts.d.ts +75 -10
- package/dist/resolve-accounts.d.ts.map +1 -1
- package/dist/resolve-accounts.js +68 -32
- package/dist/resolve-accounts.js.map +1 -1
- package/dist/rpc-helpers.d.ts +29 -3
- package/dist/rpc-helpers.d.ts.map +1 -1
- package/dist/rpc-helpers.js +51 -12
- package/dist/rpc-helpers.js.map +1 -1
- package/dist/seal/intent-digest.d.ts +195 -0
- package/dist/seal/intent-digest.d.ts.map +1 -0
- package/dist/seal/intent-digest.js +372 -0
- package/dist/seal/intent-digest.js.map +1 -0
- package/dist/seal.d.ts +166 -3
- package/dist/seal.d.ts.map +1 -1
- package/dist/seal.js +428 -8
- package/dist/seal.js.map +1 -1
- package/dist/security-analytics.d.ts +3 -3
- package/dist/security-analytics.d.ts.map +1 -1
- package/dist/security-analytics.js +13 -128
- package/dist/security-analytics.js.map +1 -1
- package/dist/session-mint.d.ts +72 -0
- package/dist/session-mint.d.ts.map +1 -0
- package/dist/session-mint.js +59 -0
- package/dist/session-mint.js.map +1 -0
- package/dist/sigil.d.ts +0 -4
- package/dist/sigil.d.ts.map +1 -1
- package/dist/simulation.d.ts +19 -0
- package/dist/simulation.d.ts.map +1 -1
- package/dist/simulation.js +211 -138
- package/dist/simulation.js.map +1 -1
- package/dist/squads-detection.d.ts +135 -0
- package/dist/squads-detection.d.ts.map +1 -0
- package/dist/squads-detection.js +124 -0
- package/dist/squads-detection.js.map +1 -0
- package/dist/state-resolver.d.ts +0 -16
- package/dist/state-resolver.d.ts.map +1 -1
- package/dist/state-resolver.js +162 -97
- package/dist/state-resolver.js.map +1 -1
- package/dist/testing/devnet.d.ts +40 -1
- package/dist/testing/devnet.d.ts.map +1 -1
- package/dist/testing/devnet.js +333 -45
- package/dist/testing/devnet.js.map +1 -1
- package/dist/testing/errors/expect.d.ts +137 -0
- package/dist/testing/errors/expect.d.ts.map +1 -0
- package/dist/testing/errors/expect.js +372 -0
- package/dist/testing/errors/expect.js.map +1 -0
- package/dist/testing/errors/index.d.ts +3 -0
- package/dist/testing/errors/index.d.ts.map +1 -0
- package/dist/testing/errors/index.js +8 -0
- package/dist/testing/errors/index.js.map +1 -0
- package/dist/testing/errors/names.generated.d.ts +211 -0
- package/dist/testing/errors/names.generated.d.ts.map +1 -0
- package/dist/testing/errors/names.generated.js +206 -0
- package/dist/testing/errors/names.generated.js.map +1 -0
- package/dist/testing/index.d.ts +1 -0
- package/dist/testing/index.d.ts.map +1 -1
- package/dist/testing/index.js +8 -0
- package/dist/testing/index.js.map +1 -1
- package/dist/testing/mock-rpc.d.ts +16 -0
- package/dist/testing/mock-rpc.d.ts.map +1 -1
- package/dist/testing/mock-rpc.js +27 -0
- package/dist/testing/mock-rpc.js.map +1 -1
- package/dist/testing/mock-state.d.ts +2 -0
- package/dist/testing/mock-state.d.ts.map +1 -1
- package/dist/testing/mock-state.js +45 -6
- package/dist/testing/mock-state.js.map +1 -1
- package/dist/types.d.ts +5 -15
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +11 -69
- package/dist/types.js.map +1 -1
- package/dist/vault-analytics.d.ts +0 -2
- package/dist/vault-analytics.d.ts.map +1 -1
- package/dist/vault-analytics.js +1 -9
- package/dist/vault-analytics.js.map +1 -1
- package/package.json +12 -5
- package/dist/dashboard/constraint-reads.d.ts +0 -50
- package/dist/dashboard/constraint-reads.d.ts.map +0 -1
- package/dist/dashboard/constraint-reads.js +0 -119
- package/dist/dashboard/constraint-reads.js.map +0 -1
- package/dist/generated/accounts/escrowDeposit.d.ts +0 -50
- package/dist/generated/accounts/escrowDeposit.d.ts.map +0 -1
- package/dist/generated/accounts/escrowDeposit.js +0 -76
- package/dist/generated/accounts/escrowDeposit.js.map +0 -1
- package/dist/generated/accounts/instructionConstraints.d.ts +0 -46
- package/dist/generated/accounts/instructionConstraints.d.ts.map +0 -1
- package/dist/generated/accounts/instructionConstraints.js +0 -73
- package/dist/generated/accounts/instructionConstraints.js.map +0 -1
- package/dist/generated/accounts/pendingCloseConstraints.d.ts +0 -37
- package/dist/generated/accounts/pendingCloseConstraints.d.ts.map +0 -1
- package/dist/generated/accounts/pendingCloseConstraints.js +0 -66
- package/dist/generated/accounts/pendingCloseConstraints.js.map +0 -1
- package/dist/generated/accounts/pendingConstraintsUpdate.d.ts +0 -62
- package/dist/generated/accounts/pendingConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/accounts/pendingConstraintsUpdate.js +0 -75
- package/dist/generated/accounts/pendingConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/allocateConstraintsPda.d.ts +0 -62
- package/dist/generated/instructions/allocateConstraintsPda.d.ts.map +0 -1
- package/dist/generated/instructions/allocateConstraintsPda.js +0 -134
- package/dist/generated/instructions/allocateConstraintsPda.js.map +0 -1
- package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts +0 -66
- package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts.map +0 -1
- package/dist/generated/instructions/allocatePendingConstraintsPda.js.map +0 -1
- package/dist/generated/instructions/applyCloseConstraints.d.ts +0 -59
- package/dist/generated/instructions/applyCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/applyCloseConstraints.js +0 -143
- package/dist/generated/instructions/applyCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/applyConstraintsUpdate.d.ts +0 -62
- package/dist/generated/instructions/applyConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/applyConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/cancelCloseConstraints.d.ts +0 -51
- package/dist/generated/instructions/cancelCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/cancelCloseConstraints.js +0 -115
- package/dist/generated/instructions/cancelCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/cancelConstraintsUpdate.d.ts +0 -51
- package/dist/generated/instructions/cancelConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/cancelConstraintsUpdate.js +0 -115
- package/dist/generated/instructions/cancelConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/closeSettledEscrow.d.ts +0 -72
- package/dist/generated/instructions/closeSettledEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/closeSettledEscrow.js +0 -127
- package/dist/generated/instructions/closeSettledEscrow.js.map +0 -1
- package/dist/generated/instructions/createEscrow.d.ts +0 -131
- package/dist/generated/instructions/createEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/createEscrow.js +0 -272
- package/dist/generated/instructions/createEscrow.js.map +0 -1
- package/dist/generated/instructions/createInstructionConstraints.d.ts +0 -68
- package/dist/generated/instructions/createInstructionConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/createInstructionConstraints.js.map +0 -1
- package/dist/generated/instructions/extendPda.d.ts +0 -52
- package/dist/generated/instructions/extendPda.d.ts.map +0 -1
- package/dist/generated/instructions/extendPda.js +0 -86
- package/dist/generated/instructions/extendPda.js.map +0 -1
- package/dist/generated/instructions/queueCloseConstraints.d.ts +0 -66
- package/dist/generated/instructions/queueCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/queueCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/queueConstraintsUpdate.d.ts +0 -75
- package/dist/generated/instructions/queueConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/queueConstraintsUpdate.js +0 -154
- package/dist/generated/instructions/queueConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/refundEscrow.d.ts +0 -74
- package/dist/generated/instructions/refundEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/refundEscrow.js +0 -142
- package/dist/generated/instructions/refundEscrow.js.map +0 -1
- package/dist/generated/instructions/settleEscrow.d.ts +0 -80
- package/dist/generated/instructions/settleEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/settleEscrow.js +0 -173
- package/dist/generated/instructions/settleEscrow.js.map +0 -1
- package/dist/generated/types/accountConstraint.d.ts +0 -18
- package/dist/generated/types/accountConstraint.d.ts.map +0 -1
- package/dist/generated/types/accountConstraint.js +0 -24
- package/dist/generated/types/accountConstraint.js.map +0 -1
- package/dist/generated/types/accountConstraintZC.d.ts +0 -18
- package/dist/generated/types/accountConstraintZC.d.ts.map +0 -1
- package/dist/generated/types/accountConstraintZC.js +0 -26
- package/dist/generated/types/accountConstraintZC.js.map +0 -1
- package/dist/generated/types/closeConstraintsApplied.d.ts +0 -20
- package/dist/generated/types/closeConstraintsApplied.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsApplied.js +0 -24
- package/dist/generated/types/closeConstraintsApplied.js.map +0 -1
- package/dist/generated/types/closeConstraintsCancelled.d.ts +0 -16
- package/dist/generated/types/closeConstraintsCancelled.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsCancelled.js +0 -18
- package/dist/generated/types/closeConstraintsCancelled.js.map +0 -1
- package/dist/generated/types/closeConstraintsQueued.d.ts +0 -20
- package/dist/generated/types/closeConstraintsQueued.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsQueued.js +0 -24
- package/dist/generated/types/closeConstraintsQueued.js.map +0 -1
- package/dist/generated/types/constraintEntry.d.ts +0 -39
- package/dist/generated/types/constraintEntry.d.ts.map +0 -1
- package/dist/generated/types/constraintEntry.js +0 -31
- package/dist/generated/types/constraintEntry.js.map +0 -1
- package/dist/generated/types/constraintEntryZC.d.ts +0 -68
- package/dist/generated/types/constraintEntryZC.d.ts.map +0 -1
- package/dist/generated/types/constraintEntryZC.js +0 -49
- package/dist/generated/types/constraintEntryZC.js.map +0 -1
- package/dist/generated/types/constraintOperator.d.ts +0 -22
- package/dist/generated/types/constraintOperator.d.ts.map +0 -1
- package/dist/generated/types/constraintOperator.js +0 -28
- package/dist/generated/types/constraintOperator.js.map +0 -1
- package/dist/generated/types/constraintsChangeApplied.d.ts +0 -30
- package/dist/generated/types/constraintsChangeApplied.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeApplied.js +0 -32
- package/dist/generated/types/constraintsChangeApplied.js.map +0 -1
- package/dist/generated/types/constraintsChangeCancelled.d.ts +0 -16
- package/dist/generated/types/constraintsChangeCancelled.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeCancelled.js +0 -18
- package/dist/generated/types/constraintsChangeCancelled.js.map +0 -1
- package/dist/generated/types/constraintsChangeQueued.d.ts +0 -30
- package/dist/generated/types/constraintsChangeQueued.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeQueued.js +0 -32
- package/dist/generated/types/constraintsChangeQueued.js.map +0 -1
- package/dist/generated/types/dataConstraint.d.ts +0 -23
- package/dist/generated/types/dataConstraint.d.ts.map +0 -1
- package/dist/generated/types/dataConstraint.js +0 -27
- package/dist/generated/types/dataConstraint.js.map +0 -1
- package/dist/generated/types/dataConstraintZC.d.ts +0 -20
- package/dist/generated/types/dataConstraintZC.d.ts.map +0 -1
- package/dist/generated/types/dataConstraintZC.js +0 -30
- package/dist/generated/types/dataConstraintZC.js.map +0 -1
- package/dist/generated/types/discriminatorFormat.d.ts +0 -25
- package/dist/generated/types/discriminatorFormat.d.ts.map +0 -1
- package/dist/generated/types/discriminatorFormat.js +0 -31
- package/dist/generated/types/discriminatorFormat.js.map +0 -1
- package/dist/generated/types/escrowCreated.d.ts +0 -30
- package/dist/generated/types/escrowCreated.d.ts.map +0 -1
- package/dist/generated/types/escrowCreated.js +0 -34
- package/dist/generated/types/escrowCreated.js.map +0 -1
- package/dist/generated/types/escrowRefunded.d.ts +0 -26
- package/dist/generated/types/escrowRefunded.d.ts.map +0 -1
- package/dist/generated/types/escrowRefunded.js +0 -30
- package/dist/generated/types/escrowRefunded.js.map +0 -1
- package/dist/generated/types/escrowSettled.d.ts +0 -26
- package/dist/generated/types/escrowSettled.d.ts.map +0 -1
- package/dist/generated/types/escrowSettled.js +0 -30
- package/dist/generated/types/escrowSettled.js.map +0 -1
- package/dist/generated/types/escrowStatus.d.ts +0 -18
- package/dist/generated/types/escrowStatus.d.ts.map +0 -1
- package/dist/generated/types/escrowStatus.js +0 -24
- package/dist/generated/types/escrowStatus.js.map +0 -1
- package/dist/generated/types/instructionConstraintsCreated.d.ts +0 -34
- package/dist/generated/types/instructionConstraintsCreated.d.ts.map +0 -1
- package/dist/generated/types/instructionConstraintsCreated.js +0 -36
- package/dist/generated/types/instructionConstraintsCreated.js.map +0 -1
- package/dist/generated/types/pdaAllocated.d.ts +0 -24
- package/dist/generated/types/pdaAllocated.d.ts.map +0 -1
- package/dist/generated/types/pdaAllocated.js.map +0 -1
- package/dist/generated/types/pdaExtended.d.ts +0 -24
- package/dist/generated/types/pdaExtended.d.ts.map +0 -1
- package/dist/generated/types/pdaExtended.js +0 -28
- package/dist/generated/types/pdaExtended.js.map +0 -1
- package/dist/integrations/protocol-handler.d.ts +0 -59
- package/dist/integrations/protocol-handler.d.ts.map +0 -1
- package/dist/integrations/protocol-handler.js +0 -9
- package/dist/integrations/protocol-handler.js.map +0 -1
|
@@ -0,0 +1,258 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TA-19 — Canonical policy preview digest (SDK side).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `programs/sigil/src/utils/policy_digest.rs` exactly. The SDK computes
|
|
5
|
+
* this off-chain, the owner signs `queue_policy_update` / `initialize_vault`
|
|
6
|
+
* with the digest as an arg, and the on-chain handler recomputes it from the
|
|
7
|
+
* resulting policy state. If the two digests do not match the handler rejects
|
|
8
|
+
* with `PolicyPreviewMismatch` (6080).
|
|
9
|
+
*
|
|
10
|
+
* Defense rationale:
|
|
11
|
+
* - Sequence: SDK builds policy fields → SDK computes digest → owner signs
|
|
12
|
+
* the transaction (digest is in the instruction data, signed alongside).
|
|
13
|
+
* - On-chain handler reads the policy fields from the args, re-computes the
|
|
14
|
+
* same digest, and asserts equality.
|
|
15
|
+
* - The only ways the two digests can diverge are: (a) an owner blind-signed
|
|
16
|
+
* mutated fields that the SDK never told them about; (b) a rogue program
|
|
17
|
+
* tampered with the pending PDA between queue and apply (a future
|
|
18
|
+
* discriminator-collision attack). Both cases reject — the owner sees a
|
|
19
|
+
* mismatch error rather than silently committing.
|
|
20
|
+
*
|
|
21
|
+
* CANONICAL ENCODING (FIXED — DO NOT REORDER):
|
|
22
|
+
* 1. daily_spending_cap_usd: u64 LE (8 bytes)
|
|
23
|
+
* 2. max_transaction_size_usd: u64 LE (8 bytes)
|
|
24
|
+
* 3. max_slippage_bps: u16 LE (2 bytes)
|
|
25
|
+
* 4. developer_fee_rate: u16 LE (2 bytes) — PEN-CROSS-6 (Phase 2 close-up)
|
|
26
|
+
* 5. protocol_mode: u8 (1 byte)
|
|
27
|
+
* 6. protocols: Vec<Pubkey> = u32 LE length (4 bytes) ++ each Pubkey 32 bytes
|
|
28
|
+
* 7. destination_mode: u8 (1 byte)
|
|
29
|
+
* 8. allowed_destinations: Vec<Pubkey> = u32 LE length (4 bytes) ++ each Pubkey 32 bytes
|
|
30
|
+
* 9. timelock_duration: u64 LE (8 bytes)
|
|
31
|
+
* 10. session_expiry_seconds: u64 LE (8 bytes)
|
|
32
|
+
* 11. observe_only: bool as 1 byte (0 or 1)
|
|
33
|
+
* 12. has_constraints: bool as 1 byte (0 or 1)
|
|
34
|
+
* 13. has_post_assertions: u8 (1 byte)
|
|
35
|
+
* 14. created_at_slot: u64 LE (8 bytes) — PEN-CROSS-2 (Phase 2 close-up)
|
|
36
|
+
* 15. operating_hours: u32 LE (4 bytes) — TA-05 (Phase 3 pre-exec)
|
|
37
|
+
* 16. auto_promote_grays: bool as 1 byte (0/1) — TA-07 (Phase 3 pre-exec)
|
|
38
|
+
* 17. auto_revoke_threshold: u8 (1 byte) — TA-17 (Phase 3 pre-exec)
|
|
39
|
+
* 18. stable_balance_floor: u64 LE (8 bytes) — TA-12 (Phase 5 post-exec)
|
|
40
|
+
* 19. per_recipient_daily_cap_usd: u64 LE (8 bytes) — TA-14 (Phase 5 post-exec)
|
|
41
|
+
* 20. cosign_required: bool (1 byte 0/1) — G6 (audit 2026-05-18 cosign opt-in)
|
|
42
|
+
* 21. agent_set_hash: [u8; 32] — Phase 8 PEN-CROSS-1 (audit 2026-05-19)
|
|
43
|
+
* 22. cosign_session_pubkey: Pubkey (32 bytes) — D-5 (audit 2026-05-19, F-RP3-1)
|
|
44
|
+
*
|
|
45
|
+
* Phase 3 append-only additions (TA-05/07/17): operating_hours,
|
|
46
|
+
* auto_promote_grays, auto_revoke_threshold are appended at positions 15-17
|
|
47
|
+
* to preserve the 14-field prefix (F-14 APPEND-ONLY rule).
|
|
48
|
+
*
|
|
49
|
+
* Phase 5 append-only additions (TA-12/TA-14): stable_balance_floor at
|
|
50
|
+
* position 18, per_recipient_daily_cap_usd at position 19. Both bound by
|
|
51
|
+
* TA-19 so silent SDK / pending-PDA mutations can't bypass the owner's
|
|
52
|
+
* signed digest.
|
|
53
|
+
*
|
|
54
|
+
* G6 append-only addition (audit 2026-05-18 cosign opt-in): cosign_required
|
|
55
|
+
* at position 20 (1 byte, 0/1). Owner's choice to opt into TA-09 cosign
|
|
56
|
+
* enforcement is part of the signed policy — a compromised SDK cannot
|
|
57
|
+
* silently disable cosign between owner approval and on-chain landing.
|
|
58
|
+
* Disabling cosign on a live policy where this is true is itself an
|
|
59
|
+
* elevated mutation per `queue_policy_update` (one-way ratchet).
|
|
60
|
+
*
|
|
61
|
+
* Phase 8 PEN-CROSS-1 append-only addition (Council ISC-66/A8/A9): the
|
|
62
|
+
* `agent_set_hash` at position 21 binds the EXISTING agent set into the
|
|
63
|
+
* signed digest. SHA-256 over Borsh of `Vec<(Pubkey, u8 capability)>`
|
|
64
|
+
* sorted by pubkey ascending. Closes the silent-insertion vector where
|
|
65
|
+
* a phished-owner `register_agent(capability=OPERATOR)` would otherwise
|
|
66
|
+
* grant operator-class without diverging the digest from the last value
|
|
67
|
+
* the owner signed. Empty Vec produces a deterministic 32-byte hash
|
|
68
|
+
* (`EMPTY_AGENT_SET_HASH` — SHA-256 of [0x00,0x00,0x00,0x00]).
|
|
69
|
+
*
|
|
70
|
+
* D-5 append-only addition (audit 2026-05-19, F-RP3-1): the
|
|
71
|
+
* `cosign_session_pubkey` at position 22 binds the owner's chosen
|
|
72
|
+
* reactivate-time cosigner pubkey into the signed digest. The
|
|
73
|
+
* `reactivate_vault` handler reads this pubkey at runtime and requires
|
|
74
|
+
* a matching `is_signer == true` entry in `remaining_accounts` whenever
|
|
75
|
+
* the operation grafts a new agent at `FULL_CAPABILITY`. A tampered SDK
|
|
76
|
+
* cannot silently flip the gate between owner approval and on-chain
|
|
77
|
+
* landing — the digest mismatch closes that gap. Default
|
|
78
|
+
* `Pubkey::default()` (32 zero bytes) means the gate is OFF; owners
|
|
79
|
+
* opt in via `queue_policy_update`.
|
|
80
|
+
*
|
|
81
|
+
* The `destination_graylist: Vec<(Pubkey, i64)>` is intentionally NOT in
|
|
82
|
+
* the digest. Graylist entries are derived/ephemeral — they auto-populate
|
|
83
|
+
* when the owner adds a destination via queue_policy_update, and they
|
|
84
|
+
* only delay an already-signed allowlist entry. Promoting via
|
|
85
|
+
* promote_graylist_destination only accelerates the existing unlock — it
|
|
86
|
+
* cannot widen the allowlist. The owner-signed digest already binds the
|
|
87
|
+
* destination allowlist (position 8).
|
|
88
|
+
*
|
|
89
|
+
* Total bounded by MAX_ALLOWED_PROTOCOLS=10 + MAX_ALLOWED_DESTINATIONS=10 at
|
|
90
|
+
* 32 bytes each + fixed scalars ≈ 700 bytes worst case.
|
|
91
|
+
*/
|
|
92
|
+
import type { Address } from "../kit-adapter.js";
|
|
93
|
+
import { digestsEqual as canonicalDigestsEqual } from "../canonical-encode.js";
|
|
94
|
+
/**
|
|
95
|
+
* Canonical preview-fields shape. Matches the on-chain `PolicyPreviewFields`
|
|
96
|
+
* struct in `programs/sigil/src/utils/policy_digest.rs` exactly.
|
|
97
|
+
*/
|
|
98
|
+
export interface PolicyPreviewFields {
|
|
99
|
+
/** $ × 1e6 (USDC/USDT decimals). e.g. $500 = 500_000_000n. */
|
|
100
|
+
dailySpendingCapUsd: bigint;
|
|
101
|
+
/** $ × 1e6. */
|
|
102
|
+
maxTransactionSizeUsd: bigint;
|
|
103
|
+
/** Basis points (0-5000). */
|
|
104
|
+
maxSlippageBps: number;
|
|
105
|
+
/**
|
|
106
|
+
* Developer fee rate (rate / 1,000,000). Bound by the owner-signed digest
|
|
107
|
+
* since PEN-CROSS-6 (Phase 2 close-up). 0..=MAX_DEVELOPER_FEE_RATE (500).
|
|
108
|
+
*/
|
|
109
|
+
developerFeeRate: number;
|
|
110
|
+
/** 1 = ALLOWLIST (Phase 2 Option A). Other values rejected on-chain. */
|
|
111
|
+
protocolMode: number;
|
|
112
|
+
/** Up to MAX_ALLOWED_PROTOCOLS (10) base58-encoded program IDs. */
|
|
113
|
+
protocols: readonly (Address | string)[];
|
|
114
|
+
/** 0 = RESTRICTED (Phase 2 Option A). Other values rejected on-chain. */
|
|
115
|
+
destinationMode: number;
|
|
116
|
+
/** Up to MAX_ALLOWED_DESTINATIONS (10) base58-encoded wallet pubkeys. */
|
|
117
|
+
allowedDestinations: readonly (Address | string)[];
|
|
118
|
+
/** Timelock duration in seconds (>= MIN_TIMELOCK_DURATION=1800). */
|
|
119
|
+
timelockDuration: bigint;
|
|
120
|
+
/** Owner-configurable session expiry (0 = use default 30s). */
|
|
121
|
+
sessionExpirySeconds: bigint;
|
|
122
|
+
/** TA-19: observe-only kill switch (rejects all validate_and_authorize). */
|
|
123
|
+
observeOnly: boolean;
|
|
124
|
+
/** Whether post-execution assertions are configured (0 = no, non-zero = yes). */
|
|
125
|
+
hasPostAssertions: number;
|
|
126
|
+
/**
|
|
127
|
+
* PEN-CROSS-2 (Phase 2 close-up): the slot at which `initialize_vault`
|
|
128
|
+
* minted the live policy. Bound by TA-19 at position 14. Closes the
|
|
129
|
+
* close+reinit replay window.
|
|
130
|
+
*/
|
|
131
|
+
createdAtSlot: bigint;
|
|
132
|
+
/**
|
|
133
|
+
* TA-05 (Phase 3): 24-bit UTC operating-hours bitmask. Bit `n` (0..=23)
|
|
134
|
+
* set → the vault permits spending at UTC hour `n`. Default 0 when
|
|
135
|
+
* omitted by legacy callers (preserves existing test fixtures). Production
|
|
136
|
+
* SDK consumers should pass 0xFFFFFF (all 24h enabled) explicitly.
|
|
137
|
+
* Upper 8 bits MUST be zero — on-chain handler rejects with
|
|
138
|
+
* `ErrOutsideOperatingHours` (6084) if violated. Bound at position 15
|
|
139
|
+
* of the canonical encoding.
|
|
140
|
+
*/
|
|
141
|
+
operatingHours?: number;
|
|
142
|
+
/**
|
|
143
|
+
* TA-07 (Phase 3): owner-side toggle to bypass the 24h graylist friction
|
|
144
|
+
* for newly-added destinations. Default false (friction enforced).
|
|
145
|
+
* Bound by TA-19 at canonical position 16 so silent flips can't change
|
|
146
|
+
* the friction model.
|
|
147
|
+
*/
|
|
148
|
+
autoPromoteGrays?: boolean;
|
|
149
|
+
/**
|
|
150
|
+
* TA-17 (Phase 3): consecutive-failure threshold for agent auto-revoke.
|
|
151
|
+
* Range 3..=20. Default 0 (legacy callers — but on-chain handler now
|
|
152
|
+
* requires this to be in [3, 20] at policy-write time). Bound at
|
|
153
|
+
* canonical position 17.
|
|
154
|
+
*/
|
|
155
|
+
autoRevokeThreshold?: number;
|
|
156
|
+
/**
|
|
157
|
+
* TA-12 (Phase 5 post-exec): owner-chosen hard reserve on combined
|
|
158
|
+
* USDC+USDT vault balance, asserted at every `finalize_session`
|
|
159
|
+
* spending path completion. 6-decimal USDC face value (e.g.
|
|
160
|
+
* `$100 = 100_000_000n`). Default 0 (no reserve — preserves existing
|
|
161
|
+
* vault behavior). Bound at canonical position 18.
|
|
162
|
+
*/
|
|
163
|
+
stableBalanceFloor?: bigint;
|
|
164
|
+
/**
|
|
165
|
+
* TA-14 (Phase 5 post-exec): owner-chosen rolling 24h per-recipient
|
|
166
|
+
* outflow cap. 6-decimal USDC face value. Default 0 (no per-recipient
|
|
167
|
+
* cap — preserves existing vault behavior). Bound at canonical
|
|
168
|
+
* position 19.
|
|
169
|
+
*/
|
|
170
|
+
perRecipientDailyCapUsd?: bigint;
|
|
171
|
+
/**
|
|
172
|
+
* G6 (audit 2026-05-18 cosign opt-in): owner-chosen opt-in to TA-09
|
|
173
|
+
* cosign enforcement on elevated mutations. Default false (low-friction
|
|
174
|
+
* — preserves existing vault behavior; owner-signature-only flow on
|
|
175
|
+
* elevated mutations). When true, the `queue_policy_update` handler's
|
|
176
|
+
* 7-trigger elevation gate (raises caps, expands allowlists, weakens
|
|
177
|
+
* floor / per-recipient / protocol caps) requires a cosign session.
|
|
178
|
+
* Disabling cosign on a live policy where this is true is itself an
|
|
179
|
+
* elevated mutation (one-way ratchet). Bound at canonical position 20.
|
|
180
|
+
*/
|
|
181
|
+
cosignRequired?: boolean;
|
|
182
|
+
/**
|
|
183
|
+
* Phase 8 PEN-CROSS-1 (Council ISC-66/A8/A9): SHA-256 over Borsh of
|
|
184
|
+
* `Vec<(pubkey, u8 capability)>` sorted by pubkey ascending. Pass the
|
|
185
|
+
* result of `computeAgentSetHash(...)` over the live vault's agent set
|
|
186
|
+
* (use empty array for a freshly-initialized vault). Empty vault produces
|
|
187
|
+
* the deterministic `EMPTY_AGENT_SET_HASH` value. Bound at canonical
|
|
188
|
+
* position 21. Optional with default `EMPTY_AGENT_SET_HASH` so legacy
|
|
189
|
+
* fixtures (no agents) continue to compute the canonical digest.
|
|
190
|
+
*/
|
|
191
|
+
agentSetHash?: Uint8Array;
|
|
192
|
+
/**
|
|
193
|
+
* D-5 (audit 2026-05-19, F-RP3-1): the owner-chosen reactivate-time
|
|
194
|
+
* cosigner pubkey. Default `Pubkey::default()` (zero pubkey, encoded
|
|
195
|
+
* as 32 zero bytes) when omitted, matching the on-chain init state
|
|
196
|
+
* where the gate is disabled. Owners opt in by passing a non-default
|
|
197
|
+
* pubkey via `queue_policy_update` (the SDK helper here mirrors that
|
|
198
|
+
* value into the digest). Bound at canonical position 22.
|
|
199
|
+
*
|
|
200
|
+
* Type: base58 string (e.g. an Address) OR a 32-byte raw Uint8Array.
|
|
201
|
+
* The encoder accepts both shapes for parity with the protocols /
|
|
202
|
+
* allowedDestinations fields.
|
|
203
|
+
*/
|
|
204
|
+
cosignSessionPubkey?: Address | string | Uint8Array;
|
|
205
|
+
/**
|
|
206
|
+
* F-Q6 (2026-06-02): owner-configured delay (in seconds) before an OPERATOR
|
|
207
|
+
* capability grant takes effect. Default 0n when omitted (matching the
|
|
208
|
+
* on-chain init default). An owner-set security control gating OPERATOR
|
|
209
|
+
* seating — bound by TA-19 at canonical position 22 so a tampered SDK or
|
|
210
|
+
* pending-PDA mutation cannot silently lower it between owner approval and
|
|
211
|
+
* on-chain landing. Owners change it only via the timelocked
|
|
212
|
+
* `queue_policy_update` path.
|
|
213
|
+
*/
|
|
214
|
+
operatorGrantDelaySeconds?: bigint;
|
|
215
|
+
}
|
|
216
|
+
/** Mirrors `policy_digest.rs::POLICY_PREVIEW_FIELD_COUNT`.
|
|
217
|
+
* M1-04: was 22; has_constraints removed (digest-version bump).
|
|
218
|
+
* F-Q6 (2026-06-02): 21 → 22, binds operator_grant_delay_seconds. */
|
|
219
|
+
export declare const POLICY_PREVIEW_FIELD_COUNT = 22;
|
|
220
|
+
/**
|
|
221
|
+
* Phase 8 PEN-CROSS-1 (Council ISC-141): SHA-256 of the Borsh-encoded
|
|
222
|
+
* empty `Vec<(Pubkey, u8)>` — i.e. SHA-256 of [0x00, 0x00, 0x00, 0x00].
|
|
223
|
+
* Deterministic; pinned across Rust (`policy_digest.rs::EMPTY_AGENT_SET_HASH`)
|
|
224
|
+
* and TypeScript (this constant). Used by `computePolicyPreviewDigest`
|
|
225
|
+
* when the caller omits `agentSetHash` (legacy fixture path).
|
|
226
|
+
*/
|
|
227
|
+
export declare const EMPTY_AGENT_SET_HASH: Uint8Array;
|
|
228
|
+
/**
|
|
229
|
+
* Compute the canonical `agent_set_hash` from a list of agents. SHA-256
|
|
230
|
+
* over Borsh of `Vec<(Pubkey, u8 capability)>` sorted by pubkey ascending.
|
|
231
|
+
* Mirrors `policy_digest.rs::compute_agent_set_hash` byte-for-byte.
|
|
232
|
+
*
|
|
233
|
+
* Pass the result into `computePolicyPreviewDigest({ ...fields, agentSetHash })`.
|
|
234
|
+
*
|
|
235
|
+
* @throws if any pubkey doesn't base58-decode to 32 bytes
|
|
236
|
+
*/
|
|
237
|
+
export declare function computeAgentSetHash(agents: ReadonlyArray<{
|
|
238
|
+
pubkey: Address | string;
|
|
239
|
+
capability: number;
|
|
240
|
+
}>): Uint8Array;
|
|
241
|
+
/**
|
|
242
|
+
* Compute the canonical SHA-256 of the policy preview fields.
|
|
243
|
+
*
|
|
244
|
+
* Returns a 32-byte Uint8Array. Identical to the on-chain helper
|
|
245
|
+
* `compute_policy_preview_digest` for the same input.
|
|
246
|
+
*
|
|
247
|
+
* @throws if any pubkey doesn't base58-decode to exactly 32 bytes
|
|
248
|
+
* @throws if a u64 is negative or out of range
|
|
249
|
+
*/
|
|
250
|
+
export declare function computePolicyPreviewDigest(fields: PolicyPreviewFields): Uint8Array;
|
|
251
|
+
/**
|
|
252
|
+
* Equivalent of `Buffer.equals` for two `Uint8Array` digests. Re-exported
|
|
253
|
+
* from `../canonical-encode.ts` (constant-time XOR-accumulate; no early
|
|
254
|
+
* exit) so callers that previously imported it from this module continue
|
|
255
|
+
* to work after Batch C.
|
|
256
|
+
*/
|
|
257
|
+
export declare const digestsEqual: typeof canonicalDigestsEqual;
|
|
258
|
+
//# sourceMappingURL=compute-policy-preview-digest.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compute-policy-preview-digest.d.ts","sourceRoot":"","sources":["../../src/policy/compute-policy-preview-digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0FG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAML,YAAY,IAAI,qBAAqB,EACtC,MAAM,wBAAwB,CAAC;AAEhC;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,8DAA8D;IAC9D,mBAAmB,EAAE,MAAM,CAAC;IAC5B,eAAe;IACf,qBAAqB,EAAE,MAAM,CAAC;IAC9B,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB,wEAAwE;IACxE,YAAY,EAAE,MAAM,CAAC;IACrB,mEAAmE;IACnE,SAAS,EAAE,SAAS,CAAC,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC;IACzC,yEAAyE;IACzE,eAAe,EAAE,MAAM,CAAC;IACxB,yEAAyE;IACzE,mBAAmB,EAAE,SAAS,CAAC,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC;IACnD,oEAAoE;IACpE,gBAAgB,EAAE,MAAM,CAAC;IACzB,+DAA+D;IAC/D,oBAAoB,EAAE,MAAM,CAAC;IAC7B,4EAA4E;IAC5E,WAAW,EAAE,OAAO,CAAC;IAErB,iFAAiF;IACjF,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;;OAIG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;;;;;;;OAQG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC;;;;;;;;;OASG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;;;;;;;OAQG;IACH,YAAY,CAAC,EAAE,UAAU,CAAC;IAC1B;;;;;;;;;;;OAWG;IACH,mBAAmB,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,CAAC;IACpD;;;;;;;;OAQG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;CACpC;AAgCD;;sEAEsE;AACtE,eAAO,MAAM,0BAA0B,KAAK,CAAC;AAE7C;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,EAAE,UAG/B,CAAC;AAEL;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,aAAa,CAAC;IAAE,MAAM,EAAE,OAAO,GAAG,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC,GACtE,UAAU,CA8BZ;AA4DD;;;;;;;;GAQG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,mBAAmB,GAC1B,UAAU,CAoHZ;AAED;;;;;GAKG;AACH,eAAO,MAAM,YAAY,8BAAwB,CAAC"}
|
|
@@ -0,0 +1,351 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TA-19 — Canonical policy preview digest (SDK side).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `programs/sigil/src/utils/policy_digest.rs` exactly. The SDK computes
|
|
5
|
+
* this off-chain, the owner signs `queue_policy_update` / `initialize_vault`
|
|
6
|
+
* with the digest as an arg, and the on-chain handler recomputes it from the
|
|
7
|
+
* resulting policy state. If the two digests do not match the handler rejects
|
|
8
|
+
* with `PolicyPreviewMismatch` (6080).
|
|
9
|
+
*
|
|
10
|
+
* Defense rationale:
|
|
11
|
+
* - Sequence: SDK builds policy fields → SDK computes digest → owner signs
|
|
12
|
+
* the transaction (digest is in the instruction data, signed alongside).
|
|
13
|
+
* - On-chain handler reads the policy fields from the args, re-computes the
|
|
14
|
+
* same digest, and asserts equality.
|
|
15
|
+
* - The only ways the two digests can diverge are: (a) an owner blind-signed
|
|
16
|
+
* mutated fields that the SDK never told them about; (b) a rogue program
|
|
17
|
+
* tampered with the pending PDA between queue and apply (a future
|
|
18
|
+
* discriminator-collision attack). Both cases reject — the owner sees a
|
|
19
|
+
* mismatch error rather than silently committing.
|
|
20
|
+
*
|
|
21
|
+
* CANONICAL ENCODING (FIXED — DO NOT REORDER):
|
|
22
|
+
* 1. daily_spending_cap_usd: u64 LE (8 bytes)
|
|
23
|
+
* 2. max_transaction_size_usd: u64 LE (8 bytes)
|
|
24
|
+
* 3. max_slippage_bps: u16 LE (2 bytes)
|
|
25
|
+
* 4. developer_fee_rate: u16 LE (2 bytes) — PEN-CROSS-6 (Phase 2 close-up)
|
|
26
|
+
* 5. protocol_mode: u8 (1 byte)
|
|
27
|
+
* 6. protocols: Vec<Pubkey> = u32 LE length (4 bytes) ++ each Pubkey 32 bytes
|
|
28
|
+
* 7. destination_mode: u8 (1 byte)
|
|
29
|
+
* 8. allowed_destinations: Vec<Pubkey> = u32 LE length (4 bytes) ++ each Pubkey 32 bytes
|
|
30
|
+
* 9. timelock_duration: u64 LE (8 bytes)
|
|
31
|
+
* 10. session_expiry_seconds: u64 LE (8 bytes)
|
|
32
|
+
* 11. observe_only: bool as 1 byte (0 or 1)
|
|
33
|
+
* 12. has_constraints: bool as 1 byte (0 or 1)
|
|
34
|
+
* 13. has_post_assertions: u8 (1 byte)
|
|
35
|
+
* 14. created_at_slot: u64 LE (8 bytes) — PEN-CROSS-2 (Phase 2 close-up)
|
|
36
|
+
* 15. operating_hours: u32 LE (4 bytes) — TA-05 (Phase 3 pre-exec)
|
|
37
|
+
* 16. auto_promote_grays: bool as 1 byte (0/1) — TA-07 (Phase 3 pre-exec)
|
|
38
|
+
* 17. auto_revoke_threshold: u8 (1 byte) — TA-17 (Phase 3 pre-exec)
|
|
39
|
+
* 18. stable_balance_floor: u64 LE (8 bytes) — TA-12 (Phase 5 post-exec)
|
|
40
|
+
* 19. per_recipient_daily_cap_usd: u64 LE (8 bytes) — TA-14 (Phase 5 post-exec)
|
|
41
|
+
* 20. cosign_required: bool (1 byte 0/1) — G6 (audit 2026-05-18 cosign opt-in)
|
|
42
|
+
* 21. agent_set_hash: [u8; 32] — Phase 8 PEN-CROSS-1 (audit 2026-05-19)
|
|
43
|
+
* 22. cosign_session_pubkey: Pubkey (32 bytes) — D-5 (audit 2026-05-19, F-RP3-1)
|
|
44
|
+
*
|
|
45
|
+
* Phase 3 append-only additions (TA-05/07/17): operating_hours,
|
|
46
|
+
* auto_promote_grays, auto_revoke_threshold are appended at positions 15-17
|
|
47
|
+
* to preserve the 14-field prefix (F-14 APPEND-ONLY rule).
|
|
48
|
+
*
|
|
49
|
+
* Phase 5 append-only additions (TA-12/TA-14): stable_balance_floor at
|
|
50
|
+
* position 18, per_recipient_daily_cap_usd at position 19. Both bound by
|
|
51
|
+
* TA-19 so silent SDK / pending-PDA mutations can't bypass the owner's
|
|
52
|
+
* signed digest.
|
|
53
|
+
*
|
|
54
|
+
* G6 append-only addition (audit 2026-05-18 cosign opt-in): cosign_required
|
|
55
|
+
* at position 20 (1 byte, 0/1). Owner's choice to opt into TA-09 cosign
|
|
56
|
+
* enforcement is part of the signed policy — a compromised SDK cannot
|
|
57
|
+
* silently disable cosign between owner approval and on-chain landing.
|
|
58
|
+
* Disabling cosign on a live policy where this is true is itself an
|
|
59
|
+
* elevated mutation per `queue_policy_update` (one-way ratchet).
|
|
60
|
+
*
|
|
61
|
+
* Phase 8 PEN-CROSS-1 append-only addition (Council ISC-66/A8/A9): the
|
|
62
|
+
* `agent_set_hash` at position 21 binds the EXISTING agent set into the
|
|
63
|
+
* signed digest. SHA-256 over Borsh of `Vec<(Pubkey, u8 capability)>`
|
|
64
|
+
* sorted by pubkey ascending. Closes the silent-insertion vector where
|
|
65
|
+
* a phished-owner `register_agent(capability=OPERATOR)` would otherwise
|
|
66
|
+
* grant operator-class without diverging the digest from the last value
|
|
67
|
+
* the owner signed. Empty Vec produces a deterministic 32-byte hash
|
|
68
|
+
* (`EMPTY_AGENT_SET_HASH` — SHA-256 of [0x00,0x00,0x00,0x00]).
|
|
69
|
+
*
|
|
70
|
+
* D-5 append-only addition (audit 2026-05-19, F-RP3-1): the
|
|
71
|
+
* `cosign_session_pubkey` at position 22 binds the owner's chosen
|
|
72
|
+
* reactivate-time cosigner pubkey into the signed digest. The
|
|
73
|
+
* `reactivate_vault` handler reads this pubkey at runtime and requires
|
|
74
|
+
* a matching `is_signer == true` entry in `remaining_accounts` whenever
|
|
75
|
+
* the operation grafts a new agent at `FULL_CAPABILITY`. A tampered SDK
|
|
76
|
+
* cannot silently flip the gate between owner approval and on-chain
|
|
77
|
+
* landing — the digest mismatch closes that gap. Default
|
|
78
|
+
* `Pubkey::default()` (32 zero bytes) means the gate is OFF; owners
|
|
79
|
+
* opt in via `queue_policy_update`.
|
|
80
|
+
*
|
|
81
|
+
* The `destination_graylist: Vec<(Pubkey, i64)>` is intentionally NOT in
|
|
82
|
+
* the digest. Graylist entries are derived/ephemeral — they auto-populate
|
|
83
|
+
* when the owner adds a destination via queue_policy_update, and they
|
|
84
|
+
* only delay an already-signed allowlist entry. Promoting via
|
|
85
|
+
* promote_graylist_destination only accelerates the existing unlock — it
|
|
86
|
+
* cannot widen the allowlist. The owner-signed digest already binds the
|
|
87
|
+
* destination allowlist (position 8).
|
|
88
|
+
*
|
|
89
|
+
* Total bounded by MAX_ALLOWED_PROTOCOLS=10 + MAX_ALLOWED_DESTINATIONS=10 at
|
|
90
|
+
* 32 bytes each + fixed scalars ≈ 700 bytes worst case.
|
|
91
|
+
*/
|
|
92
|
+
import { base58Decode32 as base58Decode, sha256, writeU16Le, writeU32Le, writeU64Le, digestsEqual as canonicalDigestsEqual, } from "../canonical-encode.js";
|
|
93
|
+
// Base58 decode + sha256 + cursor writers now live in `../canonical-encode.ts`
|
|
94
|
+
// so the AL3 SealInput intent digest (`seal/intent-digest.ts`, Phase 9
|
|
95
|
+
// Batch I) can reuse them. The shared module guarantees byte-identical
|
|
96
|
+
// output for both TA-19 and AL3 — silent encoder drift between the two
|
|
97
|
+
// would defeat the cross-impl Rust↔TS hash invariant.
|
|
98
|
+
// ── §RP-2 L-NEW-1 forward-looking ratchet (audit 2026-05-19) ────────────────
|
|
99
|
+
//
|
|
100
|
+
// Mirrors the Rust-side `POLICY_PREVIEW_FIELD_COUNT` const-assert at
|
|
101
|
+
// `programs/sigil/src/utils/policy_digest.rs:143` and the destructuring
|
|
102
|
+
// test in `field_count_invariant`. The Rust defenses are exhaustive
|
|
103
|
+
// (compile-time struct destructuring catches "field added but encoder
|
|
104
|
+
// not updated"), but the TS encoder is a plain procedural write loop —
|
|
105
|
+
// adding a 21st field to `PolicyPreviewFields` here AND bumping
|
|
106
|
+
// `POLICY_PREVIEW_FIELD_COUNT` to 21 still passes the build if the
|
|
107
|
+
// developer forgets to write the encoding line.
|
|
108
|
+
//
|
|
109
|
+
// `PER_FIELD_FIXED_SIZES` is a 1:1 array of the FIXED-WIDTH byte cost
|
|
110
|
+
// of each canonical field (excluding the variable per-element 32-byte
|
|
111
|
+
// pubkey appendages for protocols + allowed_destinations). The
|
|
112
|
+
// `EXPECTED_FIXED_SIZE` derived sum + the runtime assertion against
|
|
113
|
+
// the encoded buffer's length forces the developer to update this
|
|
114
|
+
// table AND the encoder in lockstep. Silent bypass is closed.
|
|
115
|
+
//
|
|
116
|
+
// To add a field: (1) extend `PolicyPreviewFields` (2) extend
|
|
117
|
+
// `PER_FIELD_FIXED_SIZES` with the new field's fixed byte cost (3)
|
|
118
|
+
// bump `POLICY_PREVIEW_FIELD_COUNT` (4) write the encoder line. The
|
|
119
|
+
// `assert_field_count_in_lockstep` IIFE catches step-skips at module
|
|
120
|
+
// load.
|
|
121
|
+
/** Mirrors `policy_digest.rs::POLICY_PREVIEW_FIELD_COUNT`.
|
|
122
|
+
* M1-04: was 22; has_constraints removed (digest-version bump).
|
|
123
|
+
* F-Q6 (2026-06-02): 21 → 22, binds operator_grant_delay_seconds. */
|
|
124
|
+
export const POLICY_PREVIEW_FIELD_COUNT = 22;
|
|
125
|
+
/**
|
|
126
|
+
* Phase 8 PEN-CROSS-1 (Council ISC-141): SHA-256 of the Borsh-encoded
|
|
127
|
+
* empty `Vec<(Pubkey, u8)>` — i.e. SHA-256 of [0x00, 0x00, 0x00, 0x00].
|
|
128
|
+
* Deterministic; pinned across Rust (`policy_digest.rs::EMPTY_AGENT_SET_HASH`)
|
|
129
|
+
* and TypeScript (this constant). Used by `computePolicyPreviewDigest`
|
|
130
|
+
* when the caller omits `agentSetHash` (legacy fixture path).
|
|
131
|
+
*/
|
|
132
|
+
export const EMPTY_AGENT_SET_HASH = (() => {
|
|
133
|
+
const empty = new Uint8Array(4); // u32 LE length prefix = 0
|
|
134
|
+
return sha256(empty);
|
|
135
|
+
})();
|
|
136
|
+
/**
|
|
137
|
+
* Compute the canonical `agent_set_hash` from a list of agents. SHA-256
|
|
138
|
+
* over Borsh of `Vec<(Pubkey, u8 capability)>` sorted by pubkey ascending.
|
|
139
|
+
* Mirrors `policy_digest.rs::compute_agent_set_hash` byte-for-byte.
|
|
140
|
+
*
|
|
141
|
+
* Pass the result into `computePolicyPreviewDigest({ ...fields, agentSetHash })`.
|
|
142
|
+
*
|
|
143
|
+
* @throws if any pubkey doesn't base58-decode to 32 bytes
|
|
144
|
+
*/
|
|
145
|
+
export function computeAgentSetHash(agents) {
|
|
146
|
+
// Decode + project to (rawBytes, capability) tuples.
|
|
147
|
+
const decoded = agents.map((a) => ({
|
|
148
|
+
raw: base58Decode(a.pubkey),
|
|
149
|
+
capability: a.capability & 0xff,
|
|
150
|
+
}));
|
|
151
|
+
// Sort by pubkey ascending — byte-wise lex order matches Solana's
|
|
152
|
+
// `Pubkey::cmp` (just a [u8;32] comparison).
|
|
153
|
+
decoded.sort((a, b) => {
|
|
154
|
+
for (let i = 0; i < 32; i++) {
|
|
155
|
+
if (a.raw[i] < b.raw[i])
|
|
156
|
+
return -1;
|
|
157
|
+
if (a.raw[i] > b.raw[i])
|
|
158
|
+
return 1;
|
|
159
|
+
}
|
|
160
|
+
return 0;
|
|
161
|
+
});
|
|
162
|
+
// Borsh encode: u32 LE length prefix + each (Pubkey: 32 bytes, capability: 1 byte).
|
|
163
|
+
// Per-entry size = 33 bytes; total = 4 + decoded.length * 33.
|
|
164
|
+
const buf = new Uint8Array(4 + decoded.length * 33);
|
|
165
|
+
new DataView(buf.buffer, buf.byteOffset, 4).setUint32(0, decoded.length, true);
|
|
166
|
+
let off = 4;
|
|
167
|
+
for (const e of decoded) {
|
|
168
|
+
buf.set(e.raw, off);
|
|
169
|
+
off += 32;
|
|
170
|
+
buf[off++] = e.capability;
|
|
171
|
+
}
|
|
172
|
+
return sha256(buf);
|
|
173
|
+
}
|
|
174
|
+
/**
|
|
175
|
+
* Fixed-width byte cost per canonical field. Variable parts (the
|
|
176
|
+
* per-element 32-byte pubkey appendages of protocols and
|
|
177
|
+
* allowed_destinations) are NOT included — those are accounted for
|
|
178
|
+
* separately at encode time. Indices map 1:1 to the canonical fields
|
|
179
|
+
* listed in the module header.
|
|
180
|
+
*/
|
|
181
|
+
const PER_FIELD_FIXED_SIZES = [
|
|
182
|
+
8, // 1. daily_spending_cap_usd (u64 LE)
|
|
183
|
+
8, // 2. max_transaction_size_usd (u64 LE)
|
|
184
|
+
2, // 3. max_slippage_bps (u16 LE)
|
|
185
|
+
2, // 4. developer_fee_rate (u16 LE) PEN-CROSS-6
|
|
186
|
+
1, // 5. protocol_mode (u8)
|
|
187
|
+
4, // 6. protocols (u32 LE length prefix; pubkeys variable)
|
|
188
|
+
1, // 7. destination_mode (u8)
|
|
189
|
+
4, // 8. allowed_destinations (u32 LE length prefix; pubkeys variable)
|
|
190
|
+
8, // 9. timelock_duration (u64 LE)
|
|
191
|
+
8, // 10. session_expiry_seconds (u64 LE)
|
|
192
|
+
1, // 11. observe_only (bool as u8)
|
|
193
|
+
// M1-04: field 12 has_constraints REMOVED (digest-version bump); renumbered below.
|
|
194
|
+
1, // 12. has_post_assertions (u8)
|
|
195
|
+
8, // 13. created_at_slot (u64 LE) PEN-CROSS-2
|
|
196
|
+
4, // 14. operating_hours (u32 LE) TA-05
|
|
197
|
+
1, // 15. auto_promote_grays (bool as u8) TA-07
|
|
198
|
+
1, // 16. auto_revoke_threshold (u8) TA-17
|
|
199
|
+
8, // 17. stable_balance_floor (u64 LE) TA-12
|
|
200
|
+
8, // 18. per_recipient_daily_cap_usd (u64 LE) TA-14
|
|
201
|
+
1, // 19. cosign_required (bool as u8) G6
|
|
202
|
+
32, // 20. agent_set_hash ([u8;32]) Phase 8 PEN-CROSS-1
|
|
203
|
+
32, // 21. cosign_session_pubkey (Pubkey) D-5 (audit 2026-05-19, F-RP3-1)
|
|
204
|
+
8, // 22. operator_grant_delay_seconds (u64 LE) F-Q6 (2026-06-02)
|
|
205
|
+
];
|
|
206
|
+
/** Derived sum — must match the encoder's `fixedSize` exactly. */
|
|
207
|
+
const EXPECTED_FIXED_SIZE = PER_FIELD_FIXED_SIZES.reduce((a, b) => a + b, 0);
|
|
208
|
+
// Module-load assertion: enforce that PER_FIELD_FIXED_SIZES.length and
|
|
209
|
+
// POLICY_PREVIEW_FIELD_COUNT diverge → throw at import time. Catches a
|
|
210
|
+
// developer who bumps the count without updating the table (or vice
|
|
211
|
+
// versa). Cheap one-time cost, runs once per process.
|
|
212
|
+
(function assert_field_count_in_lockstep() {
|
|
213
|
+
if (PER_FIELD_FIXED_SIZES.length !== POLICY_PREVIEW_FIELD_COUNT) {
|
|
214
|
+
throw new Error(`§RP-2 L-NEW-1 (TA-19 ratchet): PER_FIELD_FIXED_SIZES.length=${PER_FIELD_FIXED_SIZES.length} ` +
|
|
215
|
+
`diverges from POLICY_PREVIEW_FIELD_COUNT=${POLICY_PREVIEW_FIELD_COUNT}. ` +
|
|
216
|
+
"Either add the missing field's byte cost to PER_FIELD_FIXED_SIZES, " +
|
|
217
|
+
"or update POLICY_PREVIEW_FIELD_COUNT, in the SAME commit. " +
|
|
218
|
+
"Silent diverge would bypass TA-19 (PEN-7 class).");
|
|
219
|
+
}
|
|
220
|
+
})();
|
|
221
|
+
// ── Encoders ─────────────────────────────────────────────────────────────────
|
|
222
|
+
//
|
|
223
|
+
// Cursor writers (writeU8 / writeU16Le / writeU32Le / writeU64Le / writeBool)
|
|
224
|
+
// now live in `../canonical-encode.ts` and are imported at the top of this
|
|
225
|
+
// file. The hand-rolled versions previously here were byte-identical.
|
|
226
|
+
/**
|
|
227
|
+
* Compute the canonical SHA-256 of the policy preview fields.
|
|
228
|
+
*
|
|
229
|
+
* Returns a 32-byte Uint8Array. Identical to the on-chain helper
|
|
230
|
+
* `compute_policy_preview_digest` for the same input.
|
|
231
|
+
*
|
|
232
|
+
* @throws if any pubkey doesn't base58-decode to exactly 32 bytes
|
|
233
|
+
* @throws if a u64 is negative or out of range
|
|
234
|
+
*/
|
|
235
|
+
export function computePolicyPreviewDigest(fields) {
|
|
236
|
+
// Pre-size: 8+8+2+1 + 4+32*10 + 1 + 4+32*10 + 8+8+1+1+1 = ~684 bytes worst case
|
|
237
|
+
const protocols = fields.protocols;
|
|
238
|
+
const dests = fields.allowedDestinations;
|
|
239
|
+
// Decode pubkeys first so any error surfaces with a useful message before
|
|
240
|
+
// we start the hash walk.
|
|
241
|
+
const protoBytes = protocols.map((p) => base58Decode(p));
|
|
242
|
+
const destBytes = dests.map((p) => base58Decode(p));
|
|
243
|
+
// §RP-2 L-NEW-1: fixedSize is now derived from the PER_FIELD_FIXED_SIZES
|
|
244
|
+
// table above (must equal POLICY_PREVIEW_FIELD_COUNT entries). The inline
|
|
245
|
+
// "8 + 8 + ..." literal was the original hand-summed form — a 21st-field
|
|
246
|
+
// bug would silently bypass it. The table-driven form forces the
|
|
247
|
+
// developer to update both the table AND the encoder body when adding
|
|
248
|
+
// a field (the offset assertion at the bottom catches the inconsistency).
|
|
249
|
+
const fixedSize = EXPECTED_FIXED_SIZE;
|
|
250
|
+
const variableSize = protoBytes.length * 32 + destBytes.length * 32;
|
|
251
|
+
const buf = new Uint8Array(fixedSize + variableSize);
|
|
252
|
+
const view = new DataView(buf.buffer, buf.byteOffset, buf.byteLength);
|
|
253
|
+
let off = 0;
|
|
254
|
+
off = writeU64Le(view, off, fields.dailySpendingCapUsd);
|
|
255
|
+
off = writeU64Le(view, off, fields.maxTransactionSizeUsd);
|
|
256
|
+
off = writeU16Le(view, off, fields.maxSlippageBps);
|
|
257
|
+
// PEN-CROSS-6: developer_fee_rate at position 4 of canonical encoding.
|
|
258
|
+
off = writeU16Le(view, off, fields.developerFeeRate);
|
|
259
|
+
buf[off++] = fields.protocolMode;
|
|
260
|
+
off = writeU32Le(view, off, protoBytes.length);
|
|
261
|
+
for (const pk of protoBytes) {
|
|
262
|
+
buf.set(pk, off);
|
|
263
|
+
off += 32;
|
|
264
|
+
}
|
|
265
|
+
buf[off++] = fields.destinationMode;
|
|
266
|
+
off = writeU32Le(view, off, destBytes.length);
|
|
267
|
+
for (const pk of destBytes) {
|
|
268
|
+
buf.set(pk, off);
|
|
269
|
+
off += 32;
|
|
270
|
+
}
|
|
271
|
+
off = writeU64Le(view, off, fields.timelockDuration);
|
|
272
|
+
off = writeU64Le(view, off, fields.sessionExpirySeconds);
|
|
273
|
+
buf[off++] = fields.observeOnly ? 1 : 0;
|
|
274
|
+
// M1-04: has_constraints byte removed (digest-version bump).
|
|
275
|
+
buf[off++] = fields.hasPostAssertions;
|
|
276
|
+
// PEN-CROSS-2: created_at_slot at position 14 of canonical encoding.
|
|
277
|
+
off = writeU64Le(view, off, fields.createdAtSlot);
|
|
278
|
+
// TA-05 (Phase 3): operating_hours at position 15 of canonical encoding.
|
|
279
|
+
// Default 0 when omitted by legacy callers; production SDK consumers
|
|
280
|
+
// should pass 0xFFFFFF explicitly via `initializeVault`/`queuePolicyUpdate`.
|
|
281
|
+
off = writeU32Le(view, off, fields.operatingHours ?? 0);
|
|
282
|
+
// TA-07 (Phase 3): auto_promote_grays at position 16.
|
|
283
|
+
buf[off++] = fields.autoPromoteGrays ? 1 : 0;
|
|
284
|
+
// TA-17 (Phase 3): auto_revoke_threshold at position 17.
|
|
285
|
+
buf[off++] = fields.autoRevokeThreshold ?? 0;
|
|
286
|
+
// TA-12 (Phase 5): stable_balance_floor at position 18.
|
|
287
|
+
off = writeU64Le(view, off, fields.stableBalanceFloor ?? 0n);
|
|
288
|
+
// TA-14 (Phase 5): per_recipient_daily_cap_usd at position 19.
|
|
289
|
+
off = writeU64Le(view, off, fields.perRecipientDailyCapUsd ?? 0n);
|
|
290
|
+
// G6 (audit 2026-05-18 cosign opt-in): cosign_required at position 20.
|
|
291
|
+
buf[off++] = fields.cosignRequired ? 1 : 0;
|
|
292
|
+
// Phase 8 PEN-CROSS-1: agent_set_hash at position 21. Default
|
|
293
|
+
// EMPTY_AGENT_SET_HASH so legacy callers (no agents) continue to
|
|
294
|
+
// produce a canonical digest without explicit setup.
|
|
295
|
+
const agentSetHash = fields.agentSetHash ?? EMPTY_AGENT_SET_HASH;
|
|
296
|
+
if (agentSetHash.length !== 32) {
|
|
297
|
+
throw new Error(`agentSetHash must be exactly 32 bytes, got ${agentSetHash.length}`);
|
|
298
|
+
}
|
|
299
|
+
buf.set(agentSetHash, off);
|
|
300
|
+
off += 32;
|
|
301
|
+
// D-5 (audit 2026-05-19, F-RP3-1): cosign_session_pubkey at position
|
|
302
|
+
// 22. Default `Pubkey::default()` (32 zero bytes) so legacy callers
|
|
303
|
+
// that don't opt into the reactivate-cosign gate continue to produce
|
|
304
|
+
// the canonical digest. Owner opt-in passes a base58 string OR a
|
|
305
|
+
// 32-byte Uint8Array; the encoder normalises both into the canonical
|
|
306
|
+
// 32-byte buffer.
|
|
307
|
+
const cosignSessionRaw = fields.cosignSessionPubkey;
|
|
308
|
+
let cosignSessionBytes;
|
|
309
|
+
if (cosignSessionRaw === undefined) {
|
|
310
|
+
cosignSessionBytes = new Uint8Array(32); // Pubkey::default()
|
|
311
|
+
}
|
|
312
|
+
else if (cosignSessionRaw instanceof Uint8Array) {
|
|
313
|
+
cosignSessionBytes = cosignSessionRaw;
|
|
314
|
+
}
|
|
315
|
+
else {
|
|
316
|
+
cosignSessionBytes = base58Decode(cosignSessionRaw);
|
|
317
|
+
}
|
|
318
|
+
if (cosignSessionBytes.length !== 32) {
|
|
319
|
+
throw new Error(`cosignSessionPubkey must decode to exactly 32 bytes, got ${cosignSessionBytes.length}`);
|
|
320
|
+
}
|
|
321
|
+
buf.set(cosignSessionBytes, off);
|
|
322
|
+
off += 32;
|
|
323
|
+
// F-Q6 (2026-06-02): operator_grant_delay_seconds at position 22 (u64 LE).
|
|
324
|
+
// Default 0n so legacy callers that don't configure a delay continue to
|
|
325
|
+
// produce the canonical digest. Owner opts in via queue_policy_update.
|
|
326
|
+
off = writeU64Le(view, off, fields.operatorGrantDelaySeconds ?? 0n);
|
|
327
|
+
// §RP-2 L-NEW-1 forward-looking ratchet: the encoder MUST write
|
|
328
|
+
// exactly `fixedSize + variableSize` bytes. `fixedSize` is now
|
|
329
|
+
// derived from the PER_FIELD_FIXED_SIZES table (which is asserted
|
|
330
|
+
// at module load to be 1:1 with POLICY_PREVIEW_FIELD_COUNT). A
|
|
331
|
+
// future engineer who adds a 21st field MUST update both the table
|
|
332
|
+
// AND the encoder body — if they update only the table (bumping
|
|
333
|
+
// EXPECTED_FIXED_SIZE) but forget to write the encoder line, this
|
|
334
|
+
// assertion fires with a clear mismatch. If they update only the
|
|
335
|
+
// encoder line, the SAME assertion fires (the buffer was too small
|
|
336
|
+
// and the OOB write at line `buf[off++] = ...` already threw).
|
|
337
|
+
if (off !== buf.length) {
|
|
338
|
+
throw new Error(`computePolicyPreviewDigest: encoded ${off} bytes, expected ${buf.length}. ` +
|
|
339
|
+
`If you added a field to PolicyPreviewFields, update PER_FIELD_FIXED_SIZES + ` +
|
|
340
|
+
`POLICY_PREVIEW_FIELD_COUNT AND write the encoder line in the SAME commit.`);
|
|
341
|
+
}
|
|
342
|
+
return sha256(buf);
|
|
343
|
+
}
|
|
344
|
+
/**
|
|
345
|
+
* Equivalent of `Buffer.equals` for two `Uint8Array` digests. Re-exported
|
|
346
|
+
* from `../canonical-encode.ts` (constant-time XOR-accumulate; no early
|
|
347
|
+
* exit) so callers that previously imported it from this module continue
|
|
348
|
+
* to work after Batch C.
|
|
349
|
+
*/
|
|
350
|
+
export const digestsEqual = canonicalDigestsEqual;
|
|
351
|
+
//# sourceMappingURL=compute-policy-preview-digest.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compute-policy-preview-digest.js","sourceRoot":"","sources":["../../src/policy/compute-policy-preview-digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0FG;AAGH,OAAO,EACL,cAAc,IAAI,YAAY,EAC9B,MAAM,EACN,UAAU,EACV,UAAU,EACV,UAAU,EACV,YAAY,IAAI,qBAAqB,GACtC,MAAM,wBAAwB,CAAC;AA8HhC,+EAA+E;AAC/E,uEAAuE;AACvE,uEAAuE;AACvE,uEAAuE;AACvE,sDAAsD;AAEtD,+EAA+E;AAC/E,EAAE;AACF,qEAAqE;AACrE,wEAAwE;AACxE,oEAAoE;AACpE,sEAAsE;AACtE,uEAAuE;AACvE,gEAAgE;AAChE,mEAAmE;AACnE,gDAAgD;AAChD,EAAE;AACF,sEAAsE;AACtE,sEAAsE;AACtE,+DAA+D;AAC/D,oEAAoE;AACpE,kEAAkE;AAClE,8DAA8D;AAC9D,EAAE;AACF,8DAA8D;AAC9D,mEAAmE;AACnE,oEAAoE;AACpE,qEAAqE;AACrE,QAAQ;AAER;;sEAEsE;AACtE,MAAM,CAAC,MAAM,0BAA0B,GAAG,EAAE,CAAC;AAE7C;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAe,CAAC,GAAG,EAAE;IACpD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC5D,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;AACvB,CAAC,CAAC,EAAE,CAAC;AAEL;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAuE;IAEvE,qDAAqD;IACrD,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,MAAgB,CAAC;QACrC,UAAU,EAAE,CAAC,CAAC,UAAU,GAAG,IAAI;KAChC,CAAC,CAAC,CAAC;IACJ,kEAAkE;IAClE,6CAA6C;IAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE;gBAAE,OAAO,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAE;gBAAE,OAAO,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC,CAAC,CAAC;IACH,oFAAoF;IACpF,8DAA8D;IAC9D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACpD,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,SAAS,CACnD,CAAC,EACD,OAAO,CAAC,MAAM,EACd,IAAI,CACL,CAAC;IACF,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACpB,GAAG,IAAI,EAAE,CAAC;QACV,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC;IAC5B,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,qBAAqB,GAAG;IAC5B,CAAC,EAAE,4CAA4C;IAC/C,CAAC,EAAE,4CAA4C;IAC/C,CAAC,EAAE,4CAA4C;IAC/C,CAAC,EAAE,yDAAyD;IAC5D,CAAC,EAAE,wCAAwC;IAC3C,CAAC,EAAE,4EAA4E;IAC/E,CAAC,EAAE,wCAAwC;IAC3C,CAAC,EAAE,4EAA4E;IAC/E,CAAC,EAAE,4CAA4C;IAC/C,CAAC,EAAE,4CAA4C;IAC/C,CAAC,EAAE,gDAAgD;IACnD,mFAAmF;IACnF,CAAC,EAAE,wCAAwC;IAC3C,CAAC,EAAE,wDAAwD;IAC3D,CAAC,EAAE,kDAAkD;IACrD,CAAC,EAAE,sDAAsD;IACzD,CAAC,EAAE,8CAA8C;IACjD,CAAC,EAAE,kDAAkD;IACrD,CAAC,EAAE,kDAAkD;IACrD,CAAC,EAAE,mDAAmD;IACtD,EAAE,EAAE,gEAAgE;IACpE,EAAE,EAAE,4EAA4E;IAChF,CAAC,EAAE,+DAA+D;CAC1D,CAAC;AAEX,kEAAkE;AAClE,MAAM,mBAAmB,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAE7E,uEAAuE;AACvE,uEAAuE;AACvE,oEAAoE;AACpE,sDAAsD;AACtD,CAAC,SAAS,8BAA8B;IACtC,IAAI,qBAAqB,CAAC,MAAM,KAAK,0BAA0B,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CACb,+DAA+D,qBAAqB,CAAC,MAAM,GAAG;YAC5F,4CAA4C,0BAA0B,IAAI;YAC1E,qEAAqE;YACrE,4DAA4D;YAC5D,kDAAkD,CACrD,CAAC;IACJ,CAAC;AACH,CAAC,CAAC,EAAE,CAAC;AAEL,gFAAgF;AAChF,EAAE;AACF,8EAA8E;AAC9E,2EAA2E;AAC3E,sEAAsE;AAEtE;;;;;;;;GAQG;AACH,MAAM,UAAU,0BAA0B,CACxC,MAA2B;IAE3B,gFAAgF;IAChF,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC;IACzC,0EAA0E;IAC1E,0BAA0B;IAC1B,MAAM,UAAU,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAW,CAAC,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAW,CAAC,CAAC,CAAC;IAE9D,yEAAyE;IACzE,0EAA0E;IAC1E,yEAAyE;IACzE,iEAAiE;IACjE,sEAAsE;IACtE,0EAA0E;IAC1E,MAAM,SAAS,GAAG,mBAAmB,CAAC;IACtC,MAAM,YAAY,GAAG,UAAU,CAAC,MAAM,GAAG,EAAE,GAAG,SAAS,CAAC,MAAM,GAAG,EAAE,CAAC;IACpE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,SAAS,GAAG,YAAY,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;IAEtE,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,mBAAmB,CAAC,CAAC;IACxD,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,qBAAqB,CAAC,CAAC;IAC1D,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,cAAc,CAAC,CAAC;IACnD,uEAAuE;IACvE,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACrD,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,YAAY,CAAC;IACjC,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;IAC/C,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;QAC5B,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACjB,GAAG,IAAI,EAAE,CAAC;IACZ,CAAC;IACD,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC;IACpC,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;IAC9C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;QAC3B,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACjB,GAAG,IAAI,EAAE,CAAC;IACZ,CAAC;IACD,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACrD,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;IACzD,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxC,6DAA6D;IAC7D,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,iBAAiB,CAAC;IACtC,qEAAqE;IACrE,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IAClD,yEAAyE;IACzE,qEAAqE;IACrE,6EAA6E;IAC7E,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC,CAAC;IACxD,sDAAsD;IACtD,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,yDAAyD;IACzD,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,mBAAmB,IAAI,CAAC,CAAC;IAC7C,wDAAwD;IACxD,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC;IAC7D,+DAA+D;IAC/D,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,uBAAuB,IAAI,EAAE,CAAC,CAAC;IAClE,uEAAuE;IACvE,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,8DAA8D;IAC9D,iEAAiE;IACjE,qDAAqD;IACrD,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,oBAAoB,CAAC;IACjE,IAAI,YAAY,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CACb,8CAA8C,YAAY,CAAC,MAAM,EAAE,CACpE,CAAC;IACJ,CAAC;IACD,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC3B,GAAG,IAAI,EAAE,CAAC;IACV,qEAAqE;IACrE,oEAAoE;IACpE,qEAAqE;IACrE,iEAAiE;IACjE,qEAAqE;IACrE,kBAAkB;IAClB,MAAM,gBAAgB,GAAG,MAAM,CAAC,mBAAmB,CAAC;IACpD,IAAI,kBAA8B,CAAC;IACnC,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACnC,kBAAkB,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,oBAAoB;IAC/D,CAAC;SAAM,IAAI,gBAAgB,YAAY,UAAU,EAAE,CAAC;QAClD,kBAAkB,GAAG,gBAAgB,CAAC;IACxC,CAAC;SAAM,CAAC;QACN,kBAAkB,GAAG,YAAY,CAAC,gBAA0B,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,kBAAkB,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,4DAA4D,kBAAkB,CAAC,MAAM,EAAE,CACxF,CAAC;IACJ,CAAC;IACD,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;IACjC,GAAG,IAAI,EAAE,CAAC;IACV,2EAA2E;IAC3E,wEAAwE;IACxE,uEAAuE;IACvE,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;IAEpE,gEAAgE;IAChE,+DAA+D;IAC/D,kEAAkE;IAClE,+DAA+D;IAC/D,mEAAmE;IACnE,gEAAgE;IAChE,kEAAkE;IAClE,iEAAiE;IACjE,mEAAmE;IACnE,+DAA+D;IAC/D,IAAI,GAAG,KAAK,GAAG,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,uCAAuC,GAAG,oBAAoB,GAAG,CAAC,MAAM,IAAI;YAC1E,8EAA8E;YAC9E,2EAA2E,CAC9E,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,qBAAqB,CAAC"}
|