@veil-cash/sdk 0.6.2 → 0.6.4

package/dist/cli/index.cjs

@@ -8,35 +8,18 @@ var readline = require('readline');
 var fs = require('fs');
 var path = require('path');
 var ethers = require('ethers');
-var crypto = require('crypto');
+var buffer = require('buffer');
+var ethSigUtil = require('eth-sig-util');
+var circomlib = require('circomlib');
 var MerkleTree = require('fixed-merkle-tree-legacy');
 var snarkjs = require('snarkjs');
-var url = require('url');
+var ffjavascript = require('ffjavascript');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
-function _interopNamespace(e) {
-  if (e && e.__esModule) return e;
-  var n = Object.create(null);
-  if (e) {
-    Object.keys(e).forEach(function (k) {
-      if (k !== 'default') {
-        var d = Object.getOwnPropertyDescriptor(e, k);
-        Object.defineProperty(n, k, d.get ? d : {
-          enumerable: true,
-          get: function () { return e[k]; }
-        });
-      }
-    });
-  }
-  n.default = e;
-  return Object.freeze(n);
-}
-
-var fs__namespace = /*#__PURE__*/_interopNamespace(fs);
-var path__namespace = /*#__PURE__*/_interopNamespace(path);
-var crypto__namespace = /*#__PURE__*/_interopNamespace(crypto);
+var ethSigUtil__default = /*#__PURE__*/_interopDefault(ethSigUtil);
+var circomlib__default = /*#__PURE__*/_interopDefault(circomlib);
 var MerkleTree__default = /*#__PURE__*/_interopDefault(MerkleTree);
 
 var __create = Object.create;
@@ -1234,8 +1217,8 @@ var require_command = __commonJS({
   "node_modules/commander/lib/command.js"(exports$1) {
     var EventEmitter = __require("events").EventEmitter;
     var childProcess = __require("child_process");
-    var path2 = __require("path");
-    var fs2 = __require("fs");
+    var path = __require("path");
+    var fs = __require("fs");
     var process2 = __require("process");
     var { Argument: Argument2, humanReadableArgName } = require_argument();
     var { CommanderError: CommanderError2 } = require_error();
@@ -2228,7 +2211,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @param {string} subcommandName
        */
       _checkForMissingExecutable(executableFile, executableDir, subcommandName) {
-        if (fs2.existsSync(executableFile)) return;
+        if (fs.existsSync(executableFile)) return;
         const executableDirMessage = executableDir ? `searched for local subcommand relative to directory '${executableDir}'` : "no directory for search for local subcommand, use .executableDir() to supply a custom directory";
         const executableMissing = `'${executableFile}' does not exist
  - if '${subcommandName}' is not meant to be an executable command, remove description parameter from '.command()' and use '.description()' instead
@@ -2246,11 +2229,11 @@ Expecting one of '${allowedValues.join("', '")}'`);
         let launchWithNode = false;
         const sourceExt = [".js", ".ts", ".tsx", ".mjs", ".cjs"];
         function findFile(baseDir, baseName) {
-          const localBin = path2.resolve(baseDir, baseName);
-          if (fs2.existsSync(localBin)) return localBin;
-          if (sourceExt.includes(path2.extname(baseName))) return void 0;
+          const localBin = path.resolve(baseDir, baseName);
+          if (fs.existsSync(localBin)) return localBin;
+          if (sourceExt.includes(path.extname(baseName))) return void 0;
           const foundExt = sourceExt.find(
-            (ext) => fs2.existsSync(`${localBin}${ext}`)
+            (ext) => fs.existsSync(`${localBin}${ext}`)
           );
           if (foundExt) return `${localBin}${foundExt}`;
           return void 0;
@@ -2262,21 +2245,21 @@ Expecting one of '${allowedValues.join("', '")}'`);
         if (this._scriptPath) {
           let resolvedScriptPath;
           try {
-            resolvedScriptPath = fs2.realpathSync(this._scriptPath);
+            resolvedScriptPath = fs.realpathSync(this._scriptPath);
           } catch {
             resolvedScriptPath = this._scriptPath;
           }
-          executableDir = path2.resolve(
-            path2.dirname(resolvedScriptPath),
+          executableDir = path.resolve(
+            path.dirname(resolvedScriptPath),
             executableDir
           );
         }
         if (executableDir) {
           let localFile = findFile(executableDir, executableFile);
           if (!localFile && !subcommand._executableFile && this._scriptPath) {
-            const legacyName = path2.basename(
+            const legacyName = path.basename(
               this._scriptPath,
-              path2.extname(this._scriptPath)
+              path.extname(this._scriptPath)
             );
             if (legacyName !== this._name) {
               localFile = findFile(
@@ -2287,7 +2270,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
           }
           executableFile = localFile || executableFile;
         }
-        launchWithNode = sourceExt.includes(path2.extname(executableFile));
+        launchWithNode = sourceExt.includes(path.extname(executableFile));
         let proc;
         if (process2.platform !== "win32") {
           if (launchWithNode) {
@@ -3202,7 +3185,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @return {Command}
        */
       nameFromFilename(filename) {
-        this._name = path2.basename(filename, path2.extname(filename));
+        this._name = path.basename(filename, path.extname(filename));
         return this;
       }
       /**
@@ -3216,9 +3199,9 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @param {string} [path]
        * @return {(string|null|Command)}
        */
-      executableDir(path3) {
-        if (path3 === void 0) return this._executableDir;
-        this._executableDir = path3;
+      executableDir(path2) {
+        if (path2 === void 0) return this._executableDir;
+        this._executableDir = path2;
         return this;
       }
       /**
@@ -3567,10 +3550,10 @@ var require_package = __commonJS({
 // node_modules/dotenv/lib/main.js
 var require_main = __commonJS({
   "node_modules/dotenv/lib/main.js"(exports$1, module) {
-    var fs2 = __require("fs");
-    var path2 = __require("path");
+    var fs = __require("fs");
+    var path = __require("path");
     var os = __require("os");
-    var crypto2 = __require("crypto");
+    var crypto = __require("crypto");
     var packageJson = require_package();
     var version = packageJson.version;
     var TIPS = [
@@ -3709,7 +3692,7 @@ var require_main = __commonJS({
       if (options && options.path && options.path.length > 0) {
         if (Array.isArray(options.path)) {
           for (const filepath of options.path) {
-            if (fs2.existsSync(filepath)) {
+            if (fs.existsSync(filepath)) {
               possibleVaultPath = filepath.endsWith(".vault") ? filepath : `${filepath}.vault`;
             }
           }
@@ -3717,15 +3700,15 @@ var require_main = __commonJS({
           possibleVaultPath = options.path.endsWith(".vault") ? options.path : `${options.path}.vault`;
         }
       } else {
-        possibleVaultPath = path2.resolve(process.cwd(), ".env.vault");
+        possibleVaultPath = path.resolve(process.cwd(), ".env.vault");
       }
-      if (fs2.existsSync(possibleVaultPath)) {
+      if (fs.existsSync(possibleVaultPath)) {
         return possibleVaultPath;
       }
       return null;
     }
     function _resolveHome(envPath) {
-      return envPath[0] === "~" ? path2.join(os.homedir(), envPath.slice(1)) : envPath;
+      return envPath[0] === "~" ? path.join(os.homedir(), envPath.slice(1)) : envPath;
     }
     function _configVault(options) {
       const debug = parseBoolean(process.env.DOTENV_CONFIG_DEBUG || options && options.debug);
@@ -3742,7 +3725,7 @@ var require_main = __commonJS({
       return { parsed };
     }
     function configDotenv(options) {
-      const dotenvPath = path2.resolve(process.cwd(), ".env");
+      const dotenvPath = path.resolve(process.cwd(), ".env");
       let encoding = "utf8";
       let processEnv = process.env;
       if (options && options.processEnv != null) {
@@ -3770,13 +3753,13 @@ var require_main = __commonJS({
       }
       let lastError;
       const parsedAll = {};
-      for (const path3 of optionPaths) {
+      for (const path2 of optionPaths) {
         try {
-          const parsed = DotenvModule.parse(fs2.readFileSync(path3, { encoding }));
+          const parsed = DotenvModule.parse(fs.readFileSync(path2, { encoding }));
           DotenvModule.populate(parsedAll, parsed, options);
         } catch (e) {
           if (debug) {
-            _debug(`Failed to load ${path3} ${e.message}`);
+            _debug(`Failed to load ${path2} ${e.message}`);
           }
           lastError = e;
         }
@@ -3789,7 +3772,7 @@ var require_main = __commonJS({
         const shortPaths = [];
         for (const filePath of optionPaths) {
           try {
-            const relative = path2.relative(process.cwd(), filePath);
+            const relative = path.relative(process.cwd(), filePath);
             shortPaths.push(relative);
           } catch (e) {
             if (debug) {
@@ -3824,7 +3807,7 @@ var require_main = __commonJS({
       const authTag = ciphertext.subarray(-16);
       ciphertext = ciphertext.subarray(12, -16);
       try {
-        const aesgcm = crypto2.createDecipheriv("aes-256-gcm", key, nonce);
+        const aesgcm = crypto.createDecipheriv("aes-256-gcm", key, nonce);
         aesgcm.setAuthTag(authTag);
         return `${aesgcm.update(ciphertext)}${aesgcm.final()}`;
       } catch (error) {
@@ -4203,6 +4186,14 @@ var QUEUE_ABI = [
     outputs: [{ name: "count", type: "uint256" }],
     stateMutability: "view",
     type: "function"
+  },
+  // Get remaining daily free deposits for an address (V3+)
+  {
+    inputs: [{ name: "_depositor", type: "address" }],
+    name: "getDailyFreeRemaining",
+    outputs: [{ name: "remaining", type: "uint256" }],
+    stateMutability: "view",
+    type: "function"
   }
 ];
 var POOL_ABI = [
@@ -5099,15 +5090,18 @@ function loadEnv() {
   } catch {
   }
 }
-var circomlib = __require("circomlib");
-var poseidon = circomlib.poseidon;
+var poseidon = circomlib__default.default.poseidon;
 var FIELD_SIZE = BigInt(
   "21888242871839275222246405745257275088548364400416034343698204186575808495617"
 );
 var poseidonHash = (items) => BigInt(poseidon(items).toString());
 var poseidonHash2 = (a, b) => poseidonHash([a, b]);
 var randomBN = (nbytes = 31) => {
-  const bytes = crypto__namespace.randomBytes(nbytes);
+  const cryptoApi = globalThis.crypto;
+  if (!cryptoApi?.getRandomValues) {
+    throw new Error("Secure random number generation is unavailable in this runtime");
+  }
+  const bytes = cryptoApi.getRandomValues(new Uint8Array(nbytes));
   let hex = "0x";
   for (let i = 0; i < bytes.length; i++) {
     hex += bytes[i].toString(16).padStart(2, "0");
@@ -5116,7 +5110,7 @@ var randomBN = (nbytes = 31) => {
 };
 function toFixedHex(number, length = 32) {
   let hexValue;
-  if (number instanceof Buffer) {
+  if (number instanceof buffer.Buffer) {
     hexValue = number.toString("hex");
   } else {
     let bigIntValue = BigInt(number);
@@ -5131,11 +5125,10 @@ function toFixedHex(number, length = 32) {
 var toBuffer = (value, length) => {
   const bigIntValue = BigInt(value);
   const hex = bigIntValue.toString(16).padStart(length * 2, "0");
-  return Buffer.from(hex, "hex");
+  return buffer.Buffer.from(hex, "hex");
 };
 function getExtDataHash(extData) {
-  const { ethers: ethers2 } = __require("ethers");
-  const abi = ethers2.AbiCoder.defaultAbiCoder();
+  const abi = ethers.ethers.AbiCoder.defaultAbiCoder();
   const encodedData = abi.encode(
     ["tuple(address,int256,address,uint256,bytes,bytes)"],
     [[
@@ -5147,7 +5140,7 @@ function getExtDataHash(extData) {
       extData.encryptedOutput2
     ]]
   );
-  const hash = ethers2.keccak256(encodedData);
+  const hash = ethers.ethers.keccak256(encodedData);
   return BigInt(hash) % FIELD_SIZE;
 }
 function shuffle(array) {
@@ -5163,15 +5156,14 @@ function shuffle(array) {
 
 // src/keypair.ts
 var VEIL_SIGNED_MESSAGE = "Sign this message to create your Veil Wallet private key. This will be used to decrypt your balances. Ensure you are signing this message on the Veil Cash website.";
-var ethSigUtil = __require("eth-sig-util");
 function packEncryptedMessage(encryptedMessage) {
-  const nonceBuf = Buffer.from(encryptedMessage.nonce, "base64");
-  const ephemPublicKeyBuf = Buffer.from(encryptedMessage.ephemPublicKey, "base64");
-  const ciphertextBuf = Buffer.from(encryptedMessage.ciphertext, "base64");
-  const messageBuff = Buffer.concat([
-    Buffer.alloc(24 - nonceBuf.length),
+  const nonceBuf = buffer.Buffer.from(encryptedMessage.nonce, "base64");
+  const ephemPublicKeyBuf = buffer.Buffer.from(encryptedMessage.ephemPublicKey, "base64");
+  const ciphertextBuf = buffer.Buffer.from(encryptedMessage.ciphertext, "base64");
+  const messageBuff = buffer.Buffer.concat([
+    buffer.Buffer.alloc(24 - nonceBuf.length),
     nonceBuf,
-    Buffer.alloc(32 - ephemPublicKeyBuf.length),
+    buffer.Buffer.alloc(32 - ephemPublicKeyBuf.length),
     ephemPublicKeyBuf,
     ciphertextBuf
   ]);
@@ -5181,7 +5173,7 @@ function unpackEncryptedMessage(encryptedMessage) {
   if (encryptedMessage.slice(0, 2) === "0x") {
     encryptedMessage = encryptedMessage.slice(2);
   }
-  const messageBuff = Buffer.from(encryptedMessage, "hex");
+  const messageBuff = buffer.Buffer.from(encryptedMessage, "hex");
   const nonceBuf = messageBuff.slice(0, 24);
   const ephemPublicKeyBuf = messageBuff.slice(24, 56);
   const ciphertextBuf = messageBuff.slice(56);
@@ -5206,7 +5198,7 @@ var Keypair = class _Keypair {
   constructor(privkey = ethers.ethers.Wallet.createRandom().privateKey) {
     this.privkey = privkey;
     this.pubkey = poseidonHash([this.privkey]);
-    this.encryptionKey = ethSigUtil.getEncryptionPublicKey(privkey.slice(2));
+    this.encryptionKey = ethSigUtil__default.default.getEncryptionPublicKey(privkey.slice(2));
   }
   /**
    * Get the deposit key for this keypair
@@ -5214,7 +5206,7 @@ var Keypair = class _Keypair {
    * @returns Deposit key as hex string (130 chars with 0x prefix)
    */
   toString() {
-    return toFixedHex(this.pubkey) + Buffer.from(this.encryptionKey, "base64").toString("hex");
+    return toFixedHex(this.pubkey) + buffer.Buffer.from(this.encryptionKey, "base64").toString("hex");
   }
   /**
    * Alias for toString() - returns the deposit key
@@ -5239,7 +5231,7 @@ var Keypair = class _Keypair {
     return Object.assign(new _Keypair(), {
       privkey: null,
       pubkey: BigInt("0x" + str.slice(0, 64)),
-      encryptionKey: Buffer.from(str.slice(64, 128), "hex").toString("base64")
+      encryptionKey: buffer.Buffer.from(str.slice(64, 128), "hex").toString("base64")
     });
   }
   /**
@@ -5324,7 +5316,7 @@ var Keypair = class _Keypair {
    */
   encrypt(bytes) {
     return packEncryptedMessage(
-      ethSigUtil.encrypt(
+      ethSigUtil__default.default.encrypt(
         this.encryptionKey,
         { data: bytes.toString("base64") },
         "x25519-xsalsa20-poly1305"
@@ -5340,8 +5332,8 @@ var Keypair = class _Keypair {
     if (!this.privkey) {
       throw new Error("Cannot decrypt without private key");
     }
-    return Buffer.from(
-      ethSigUtil.decrypt(unpackEncryptedMessage(data), this.privkey.slice(2)),
+    return buffer.Buffer.from(
+      ethSigUtil__default.default.decrypt(unpackEncryptedMessage(data), this.privkey.slice(2)),
       "base64"
     );
   }
@@ -5415,10 +5407,10 @@ async function confirm(question) {
     input: process.stdin,
     output: process.stdout
   });
-  return new Promise((resolve2) => {
+  return new Promise((resolve) => {
     rl.question(`${question} (y/n): `, (answer) => {
       rl.close();
-      resolve2(answer.toLowerCase() === "y" || answer.toLowerCase() === "yes");
+      resolve(answer.toLowerCase() === "y" || answer.toLowerCase() === "yes");
     });
   });
 }
@@ -5784,176 +5776,6 @@ function createRegisterCommand() {
   });
   return register;
 }
-var MINIMUM_NET = {
-  ETH: 0.01,
-  USDC: 10
-};
-async function getGrossAmount(netWei, rpcUrl) {
-  const publicClient = viem.createPublicClient({
-    chain: chains.base,
-    transport: viem.http(rpcUrl)
-  });
-  const grossWei = await publicClient.readContract({
-    address: getAddresses().entry,
-    abi: ENTRY_ABI,
-    functionName: "getDepositAmountWithFee",
-    args: [netWei]
-  });
-  return { grossWei, feeWei: grossWei - netWei };
-}
-var SUPPORTED_ASSETS = ["ETH", "USDC"];
-function createDepositCommand() {
-  const deposit = new Command("deposit").description("Deposit ETH or USDC into Veil").argument("<asset>", "Asset to deposit (ETH or USDC)").argument("<amount>", "Amount to deposit \u2014 this is what arrives in your Veil balance").option("--unsigned", "Output unsigned transaction payload instead of sending").option("--json", "Output as JSON").addHelpText("after", `
-The amount you specify is the net amount that lands in your Veil balance.
-The 0.3% protocol fee is automatically added on top.
-
-Examples:
-  veil deposit ETH 0.1          # deposits 0.1 ETH (sends ~0.1003 ETH)
-  veil deposit USDC 100         # deposits 100 USDC (sends ~100.30 USDC)
-  veil deposit ETH 0.1 --unsigned
-  veil deposit ETH 0.1 --json
-`).action(async (asset, amount, options) => {
-    try {
-      const assetUpper = asset.toUpperCase();
-      if (!SUPPORTED_ASSETS.includes(assetUpper)) {
-        throw new CLIError(ErrorCode.INVALID_AMOUNT, `Unsupported asset: ${asset}. Supported: ${SUPPORTED_ASSETS.join(", ")}`);
-      }
-      const amountNum = parseFloat(amount);
-      const minimumNet = MINIMUM_NET[assetUpper];
-      if (amountNum < minimumNet) {
-        throw new CLIError(
-          ErrorCode.INVALID_AMOUNT,
-          `Minimum deposit is ${minimumNet} ${assetUpper}.`
-        );
-      }
-      const rpcUrl = process.env.RPC_URL;
-      const poolConfig = POOL_CONFIG[assetUpper.toLowerCase()];
-      const netWei = assetUpper === "ETH" ? viem.parseEther(amount) : viem.parseUnits(amount, poolConfig.decimals);
-      const progress = createProgressReporter();
-      progress("Calculating fee...");
-      const { grossWei, feeWei } = await getGrossAmount(netWei, rpcUrl);
-      const grossStr = assetUpper === "ETH" ? viem.formatEther(grossWei) : viem.formatUnits(grossWei, poolConfig.decimals);
-      const feeStr = assetUpper === "ETH" ? viem.formatEther(feeWei) : viem.formatUnits(feeWei, poolConfig.decimals);
-      const depositKey = process.env.DEPOSIT_KEY;
-      if (!depositKey) {
-        throw new CLIError(ErrorCode.DEPOSIT_KEY_MISSING, 'DEPOSIT_KEY not set. Run "veil init" first.');
-      }
-      progress("Building transaction...");
-      let tx;
-      let approveTx = null;
-      if (assetUpper === "USDC") {
-        approveTx = buildApproveUSDCTx({ amount: grossStr });
-        tx = buildDepositUSDCTx({ depositKey, amount: grossStr });
-      } else {
-        tx = buildDepositETHTx({ depositKey, amount: grossStr });
-      }
-      if (options.unsigned) {
-        clearProgress();
-        const payloads = [];
-        if (approveTx) {
-          payloads.push({
-            step: "approve",
-            to: approveTx.to,
-            data: approveTx.data,
-            value: "0",
-            chainId: 8453
-          });
-        }
-        payloads.push({
-          step: "deposit",
-          to: tx.to,
-          data: tx.data,
-          value: tx.value ? tx.value.toString() : "0",
-          chainId: 8453
-        });
-        printJson(payloads.length === 1 ? payloads[0] : payloads);
-        return;
-      }
-      const config = getConfig(options);
-      const address = getAddress(config.privateKey);
-      if (assetUpper === "ETH") {
-        progress("Checking balance...");
-        const balance = await getBalance(address, config.rpcUrl);
-        if (balance < grossWei) {
-          clearProgress();
-          throw new CLIError(
-            ErrorCode.INSUFFICIENT_BALANCE,
-            `Insufficient ETH balance. Have: ${viem.formatEther(balance)} ETH, Need: ${grossStr} ETH (${amount} + fee)`
-          );
-        }
-      }
-      if (approveTx) {
-        progress(`Approving ${assetUpper}...`);
-        const approvalResult = await sendTransaction(config, approveTx);
-        if (assetUpper === "USDC") {
-          const publicClient = viem.createPublicClient({
-            chain: chains.base,
-            transport: viem.http(config.rpcUrl)
-          });
-          const addresses = getAddresses();
-          let allowance = await publicClient.readContract({
-            address: getAddresses().usdcToken,
-            abi: ERC20_ABI,
-            functionName: "allowance",
-            args: [address, addresses.entry]
-          });
-          for (let confirmations = 2; allowance < grossWei && confirmations <= 3; confirmations++) {
-            await publicClient.waitForTransactionReceipt({
-              hash: approvalResult.hash,
-              confirmations
-            });
-            allowance = await publicClient.readContract({
-              address: addresses.usdcToken,
-              abi: ERC20_ABI,
-              functionName: "allowance",
-              args: [address, addresses.entry]
-            });
-          }
-          if (allowance < grossWei) {
-            throw new CLIError(
-              ErrorCode.CONTRACT_ERROR,
-              `USDC approval is not yet visible on RPC after confirmation. Allowance ${allowance.toString()} < required ${grossWei.toString()}.`
-            );
-          }
-        }
-      }
-      progress("Sending deposit transaction...");
-      const result = await sendTransaction(config, tx);
-      progress("Confirming...");
-      clearProgress();
-      const output = {
-        success: result.receipt.status === "success",
-        hash: result.hash,
-        asset: assetUpper,
-        amount,
-        fee: feeStr,
-        totalSent: grossStr,
-        blockNumber: result.receipt.blockNumber.toString()
-      };
-      if (options.json) {
-        printJson(output);
-        return;
-      }
-      printHeader("Deposit Submitted");
-      printFields([
-        { label: "Asset", value: assetUpper },
-        { label: "Amount", value: `${amount} ${assetUpper}` },
-        { label: "Fee", value: `${feeStr} ${assetUpper} (0.3%)` },
-        { label: "Total sent", value: `${grossStr} ${assetUpper}` },
-        { label: "From", value: address },
-        { label: "Transaction", value: txUrl(result.hash) },
-        { label: "Block", value: result.receipt.blockNumber }
-      ]);
-      printLine();
-    } catch (error) {
-      clearProgress();
-      handleCLIError(error);
-    }
-  });
-  return deposit;
-}
-
-// src/utxo.ts
 var Utxo = class _Utxo {
   amount;
   blinding;
@@ -6004,7 +5826,7 @@ var Utxo = class _Utxo {
    * @returns Encrypted data as 0x-prefixed hex string
    */
   encrypt() {
-    const bytes = Buffer.concat([
+    const bytes = buffer.Buffer.concat([
       toBuffer(this.amount, 31),
       toBuffer(this.blinding, 31)
     ]);
@@ -6084,6 +5906,25 @@ async function getQueueBalance(options) {
     pendingCount: pendingDeposits.length
   };
 }
+async function getDailyFreeRemaining(options) {
+  const { address, pool = "eth", rpcUrl } = options;
+  const queueAddress = getQueueAddress(pool);
+  const publicClient = viem.createPublicClient({
+    chain: chains.base,
+    transport: viem.http(rpcUrl)
+  });
+  try {
+    const remaining = await publicClient.readContract({
+      address: queueAddress,
+      abi: QUEUE_ABI,
+      functionName: "getDailyFreeRemaining",
+      args: [address]
+    });
+    return Number(remaining);
+  } catch {
+    return 0;
+  }
+}
 async function getPrivateBalance(options) {
   const { keypair, pool = "eth", rpcUrl, onProgress } = options;
   const poolAddress = getPoolAddress(pool);
@@ -6177,6 +6018,206 @@ async function getPrivateBalance(options) {
     utxos: utxoInfos
   };
 }
+var MINIMUM_NET = {
+  ETH: 0.01,
+  USDC: 10
+};
+async function getGrossAmount(netWei, depositor, pool, rpcUrl) {
+  const freeRemaining = await getDailyFreeRemaining({ address: depositor, pool, rpcUrl });
+  if (freeRemaining > 0) {
+    return { grossWei: netWei, feeWei: 0n, dailyFreeUsed: true, dailyFreeRemaining: freeRemaining - 1 };
+  }
+  const publicClient = viem.createPublicClient({
+    chain: chains.base,
+    transport: viem.http(rpcUrl)
+  });
+  const grossWei = await publicClient.readContract({
+    address: getAddresses().entry,
+    abi: ENTRY_ABI,
+    functionName: "getDepositAmountWithFee",
+    args: [netWei]
+  });
+  return { grossWei, feeWei: grossWei - netWei, dailyFreeUsed: false, dailyFreeRemaining: 0 };
+}
+var SUPPORTED_ASSETS = ["ETH", "USDC"];
+function createDepositCommand() {
+  const deposit = new Command("deposit").description("Deposit ETH or USDC into Veil").argument("<asset>", "Asset to deposit (ETH or USDC)").argument("<amount>", "Amount to deposit \u2014 this is what arrives in your Veil balance").option("--address <address>", "Signer address (required in --unsigned mode unless SIGNER_ADDRESS or WALLET_KEY is set)").option("--unsigned", "Output unsigned transaction payload instead of sending").option("--json", "Output as JSON").addHelpText("after", `
+The amount you specify is the net amount that lands in your Veil balance.
+A 0.3% protocol fee is normally added on top, but each address gets
+free daily deposits (fee waived). The CLI checks automatically.
+
+Examples:
+  veil deposit ETH 0.1          # deposits 0.1 ETH (free or ~0.1003 ETH)
+  veil deposit USDC 100         # deposits 100 USDC (free or ~100.30 USDC)
+  veil deposit ETH 0.1 --unsigned --address 0x...
+  SIGNER_ADDRESS=0x... veil deposit ETH 0.1 --unsigned
+  veil deposit ETH 0.1 --json
+`).action(async (asset, amount, options) => {
+    try {
+      const assetUpper = asset.toUpperCase();
+      if (!SUPPORTED_ASSETS.includes(assetUpper)) {
+        throw new CLIError(ErrorCode.INVALID_AMOUNT, `Unsupported asset: ${asset}. Supported: ${SUPPORTED_ASSETS.join(", ")}`);
+      }
+      const amountNum = parseFloat(amount);
+      const minimumNet = MINIMUM_NET[assetUpper];
+      if (amountNum < minimumNet) {
+        throw new CLIError(
+          ErrorCode.INVALID_AMOUNT,
+          `Minimum deposit is ${minimumNet} ${assetUpper}.`
+        );
+      }
+      const rpcUrl = process.env.RPC_URL;
+      const pool = assetUpper.toLowerCase();
+      const poolConfig = POOL_CONFIG[pool];
+      const netWei = assetUpper === "ETH" ? viem.parseEther(amount) : viem.parseUnits(amount, poolConfig.decimals);
+      const progress = createProgressReporter();
+      let config = null;
+      let address;
+      let feeRpcUrl = rpcUrl;
+      if (options.unsigned) {
+        const resolved = resolveAddress({ address: options.address }, { required: true });
+        if (!resolved) {
+          throw new CLIError(
+            ErrorCode.WALLET_KEY_MISSING,
+            "Must provide --address, set SIGNER_ADDRESS, or set WALLET_KEY env."
+          );
+        }
+        address = resolved.address;
+      } else {
+        config = getConfig(options);
+        address = getAddress(config.privateKey);
+        feeRpcUrl = config.rpcUrl;
+      }
+      progress("Checking deposit fee...");
+      const { grossWei, feeWei, dailyFreeUsed, dailyFreeRemaining } = await getGrossAmount(
+        netWei,
+        address,
+        pool,
+        feeRpcUrl
+      );
+      const grossStr = assetUpper === "ETH" ? viem.formatEther(grossWei) : viem.formatUnits(grossWei, poolConfig.decimals);
+      const feeStr = assetUpper === "ETH" ? viem.formatEther(feeWei) : viem.formatUnits(feeWei, poolConfig.decimals);
+      const depositKey = process.env.DEPOSIT_KEY;
+      if (!depositKey) {
+        throw new CLIError(ErrorCode.DEPOSIT_KEY_MISSING, 'DEPOSIT_KEY not set. Run "veil init" first.');
+      }
+      progress("Building transaction...");
+      let tx;
+      let approveTx = null;
+      if (assetUpper === "USDC") {
+        approveTx = buildApproveUSDCTx({ amount: grossStr });
+        tx = buildDepositUSDCTx({ depositKey, amount: grossStr });
+      } else {
+        tx = buildDepositETHTx({ depositKey, amount: grossStr });
+      }
+      if (options.unsigned) {
+        clearProgress();
+        const payloads = [];
+        if (approveTx) {
+          payloads.push({
+            step: "approve",
+            to: approveTx.to,
+            data: approveTx.data,
+            value: "0",
+            chainId: 8453
+          });
+        }
+        payloads.push({
+          step: "deposit",
+          to: tx.to,
+          data: tx.data,
+          value: tx.value ? tx.value.toString() : "0",
+          chainId: 8453
+        });
+        printJson(payloads.length === 1 ? payloads[0] : payloads);
+        return;
+      }
+      if (!config) {
+        throw new CLIError(ErrorCode.WALLET_KEY_MISSING, "WALLET_KEY env var required. Set it before running this command.");
+      }
+      if (assetUpper === "ETH") {
+        progress("Checking balance...");
+        const balance = await getBalance(address, config.rpcUrl);
+        if (balance < grossWei) {
+          clearProgress();
+          throw new CLIError(
+            ErrorCode.INSUFFICIENT_BALANCE,
+            `Insufficient ETH balance. Have: ${viem.formatEther(balance)} ETH, Need: ${grossStr} ETH (${amount} + fee)`
+          );
+        }
+      }
+      if (approveTx) {
+        progress(`Approving ${assetUpper}...`);
+        const approvalResult = await sendTransaction(config, approveTx);
+        if (assetUpper === "USDC") {
+          const publicClient = viem.createPublicClient({
+            chain: chains.base,
+            transport: viem.http(config.rpcUrl)
+          });
+          const addresses = getAddresses();
+          let allowance = await publicClient.readContract({
+            address: getAddresses().usdcToken,
+            abi: ERC20_ABI,
+            functionName: "allowance",
+            args: [address, addresses.entry]
+          });
+          for (let confirmations = 2; allowance < grossWei && confirmations <= 3; confirmations++) {
+            await publicClient.waitForTransactionReceipt({
+              hash: approvalResult.hash,
+              confirmations
+            });
+            allowance = await publicClient.readContract({
+              address: addresses.usdcToken,
+              abi: ERC20_ABI,
+              functionName: "allowance",
+              args: [address, addresses.entry]
+            });
+          }
+          if (allowance < grossWei) {
+            throw new CLIError(
+              ErrorCode.CONTRACT_ERROR,
+              `USDC approval is not yet visible on RPC after confirmation. Allowance ${allowance.toString()} < required ${grossWei.toString()}.`
+            );
+          }
+        }
+      }
+      progress("Sending deposit transaction...");
+      const result = await sendTransaction(config, tx);
+      progress("Confirming...");
+      clearProgress();
+      const output = {
+        success: result.receipt.status === "success",
+        hash: result.hash,
+        asset: assetUpper,
+        amount,
+        fee: feeStr,
+        dailyFreeUsed,
+        totalSent: grossStr,
+        blockNumber: result.receipt.blockNumber.toString()
+      };
+      if (options.json) {
+        printJson(output);
+        return;
+      }
+      const feeLabel = dailyFreeUsed ? `0 ${assetUpper} (free \u2014 ${dailyFreeRemaining} remaining today)` : `${feeStr} ${assetUpper} (0.3%)`;
+      printHeader("Deposit Submitted");
+      printFields([
+        { label: "Asset", value: assetUpper },
+        { label: "Amount", value: `${amount} ${assetUpper}` },
+        { label: "Fee", value: feeLabel },
+        { label: "Total sent", value: `${grossStr} ${assetUpper}` },
+        { label: "From", value: address },
+        { label: "Transaction", value: txUrl(result.hash) },
+        { label: "Block", value: result.receipt.blockNumber }
+      ]);
+      printLine();
+    } catch (error) {
+      clearProgress();
+      handleCLIError(error);
+    }
+  });
+  return deposit;
+}
 
 // src/cli/commands/private-balance.ts
 var SUPPORTED_POOLS = ["eth", "usdc"];
@@ -6474,30 +6515,46 @@ async function buildMerkleTree(commitments) {
   const tree = new MerkleTree__default.default(MERKLE_TREE_HEIGHT, leaves, { hashFunction });
   return tree;
 }
-var utils = null;
-try {
-  const ffjavascript = __require("ffjavascript");
-  utils = ffjavascript.utils;
-} catch {
-  console.warn("ffjavascript not found. Proof generation may not work.");
+var ffUtils = ffjavascript.utils;
+function isBrowserRuntime() {
+  return !(typeof process !== "undefined" && !!process.versions?.node);
+}
+function stripTrailingSlash(value) {
+  return value.endsWith("/") ? value.slice(0, -1) : value;
+}
+function normalizeCircuitBasePath(provingKeyPath, circuitName) {
+  const resolvedPath = typeof provingKeyPath === "function" ? provingKeyPath(circuitName) : provingKeyPath;
+  const withoutExtension = resolvedPath.replace(/\.(wasm|zkey)$/i, "");
+  if (withoutExtension.endsWith(`/${circuitName}`) || withoutExtension.endsWith(`\\${circuitName}`)) {
+    return withoutExtension;
+  }
+  return `${stripTrailingSlash(withoutExtension)}/${circuitName}`;
+}
+function importNodeModule(specifier) {
+  const dynamicImport = new Function("specifier", "return import(specifier)");
+  return dynamicImport(specifier);
 }
-function findKeysDirectory() {
+async function findNodeKeysDirectory() {
+  const [{ existsSync: existsSync2 }, pathModule, { fileURLToPath }] = await Promise.all([
+    importNodeModule("node:fs"),
+    importNodeModule("node:path"),
+    importNodeModule("node:url")
+  ]);
+  const path = pathModule;
   const possiblePaths = [
     // When running from package (installed via npm)
-    path__namespace.resolve(__dirname, "..", "keys"),
-    path__namespace.resolve(__dirname, "..", "..", "keys"),
+    path.resolve(process.cwd(), "node_modules", "@veil-cash", "sdk", "keys"),
     // When running from source
-    path__namespace.resolve(process.cwd(), "keys")
-    // ESM module path
+    path.resolve(process.cwd(), "keys")
   ];
   try {
-    const currentFilePath = url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
-    const currentDir = path__namespace.dirname(currentFilePath);
-    possiblePaths.unshift(path__namespace.resolve(currentDir, "..", "keys"));
+    const currentFilePath = fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
+    const currentDir = path.dirname(currentFilePath);
+    possiblePaths.unshift(path.resolve(currentDir, "..", "keys"));
   } catch {
   }
   for (const p of possiblePaths) {
-    if (fs__namespace.existsSync(p) && fs__namespace.existsSync(path__namespace.join(p, "transaction2.wasm"))) {
+    if (existsSync2(p) && existsSync2(path.join(p, "transaction2.wasm"))) {
       return p;
     }
   }
@@ -6505,26 +6562,48 @@ function findKeysDirectory() {
     "Circuit keys not found. Expected to find keys/ directory with transaction2.wasm and transaction2.zkey files."
   );
 }
-async function prove(input, circuitName) {
-  if (!utils) {
-    throw new Error("ffjavascript is required for proof generation. Please install it: npm install ffjavascript");
-  }
-  const keysDir = findKeysDirectory();
-  const wasmPath = path__namespace.join(keysDir, `${circuitName}.wasm`);
-  const zkeyPath = path__namespace.join(keysDir, `${circuitName}.zkey`);
-  if (!fs__namespace.existsSync(wasmPath)) {
+async function resolveProvingKeyPaths(circuitName, provingKeyPath) {
+  if (provingKeyPath) {
+    const circuitBasePath = normalizeCircuitBasePath(provingKeyPath, circuitName);
+    return {
+      wasmPath: `${circuitBasePath}.wasm`,
+      zkeyPath: `${circuitBasePath}.zkey`
+    };
+  }
+  if (isBrowserRuntime()) {
+    return {
+      wasmPath: `/keys/${circuitName}.wasm`,
+      zkeyPath: `/keys/${circuitName}.zkey`
+    };
+  }
+  const keysDir = await findNodeKeysDirectory();
+  return {
+    wasmPath: `${keysDir}/${circuitName}.wasm`,
+    zkeyPath: `${keysDir}/${circuitName}.zkey`
+  };
+}
+async function assertNodeKeyFilesExist(wasmPath, zkeyPath) {
+  if (isBrowserRuntime() || wasmPath.startsWith("http://") || wasmPath.startsWith("https://")) {
+    return;
+  }
+  const { existsSync: existsSync2 } = await importNodeModule("node:fs");
+  if (!existsSync2(wasmPath)) {
     throw new Error(`Circuit WASM file not found: ${wasmPath}`);
   }
-  if (!fs__namespace.existsSync(zkeyPath)) {
+  if (!existsSync2(zkeyPath)) {
     throw new Error(`Circuit zkey file not found: ${zkeyPath}`);
   }
+}
+async function prove(input, circuitName, options = {}) {
+  const { wasmPath, zkeyPath } = await resolveProvingKeyPaths(circuitName, options.provingKeyPath);
+  await assertNodeKeyFilesExist(wasmPath, zkeyPath);
   const result = await snarkjs.groth16.fullProve(
-    utils.stringifyBigInts(input),
+    ffUtils.stringifyBigInts(input),
     wasmPath,
     zkeyPath,
     void 0,
     void 0,
-    { singleThread: true }
+    { singleThread: options.singleThread ?? true }
   );
   const proof = result.proof;
   return "0x" + toFixedHex(proof.pi_a[0]).slice(2) + toFixedHex(proof.pi_a[1]).slice(2) + toFixedHex(proof.pi_b[0][1]).slice(2) + toFixedHex(proof.pi_b[0][0]).slice(2) + toFixedHex(proof.pi_b[1][1]).slice(2) + toFixedHex(proof.pi_b[1][0]).slice(2) + toFixedHex(proof.pi_c[0]).slice(2) + toFixedHex(proof.pi_c[1]).slice(2);
@@ -6548,7 +6627,8 @@ async function getProof({
   fee,
   recipient,
   relayer,
-  onProgress
+  onProgress,
+  provingKeyPath
 }) {
   inputs = shuffle([...inputs]);
   outputs = shuffle([...outputs]);
@@ -6608,7 +6688,7 @@ async function getProof({
   };
   onProgress?.("Generating ZK proof...", `${inputs.length} inputs`);
   const circuitName = selectCircuit(inputs.length);
-  const proof = await prove(proofInput, circuitName);
+  const proof = await prove(proofInput, circuitName, { provingKeyPath });
   const args = {
     proof,
     root: toFixedHex(proofInput.root),
@@ -6630,7 +6710,8 @@ async function prepareTransaction({
   fee = 0,
   recipient = 0,
   relayer = 0,
-  onProgress
+  onProgress,
+  provingKeyPath
 }) {
   if (inputs.length > 16 || outputs.length > 2) {
     throw new Error("Incorrect inputs/outputs count. Maximum: 16 inputs, 2 outputs.");
@@ -6652,7 +6733,8 @@ async function prepareTransaction({
     fee: BigInt(fee),
     recipient: String(recipient),
     relayer: String(relayer),
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return result;
 }
@@ -6802,6 +6884,7 @@ async function buildWithdrawProof(options) {
     keypair,
     pool = "eth",
     rpcUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const poolConfig = POOL_CONFIG[pool];
@@ -6865,7 +6948,8 @@ async function buildWithdrawProof(options) {
     fee: 0,
     recipient,
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return {
     proofArgs: {
@@ -7026,6 +7110,7 @@ async function buildTransferProof(options) {
     senderKeypair,
     pool = "eth",
     rpcUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const poolConfig = POOL_CONFIG[pool];
@@ -7104,7 +7189,8 @@ async function buildTransferProof(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return {
     proofArgs: {
@@ -7146,7 +7232,7 @@ async function transfer(options) {
   };
 }
 async function mergeUtxos(options) {
-  const { amount, keypair, pool = "eth", rpcUrl, onProgress } = options;
+  const { amount, keypair, pool = "eth", rpcUrl, provingKeyPath, onProgress } = options;
   const poolConfig = POOL_CONFIG[pool];
   const poolAddress = getPoolAddress(pool);
   onProgress?.("Fetching your UTXOs...");
@@ -7214,7 +7300,8 @@ async function mergeUtxos(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   onProgress?.("Submitting to relay...");
   const relayResult = await submitRelay({
@@ -7905,6 +7992,7 @@ async function mergeSubaccount(options) {
     pool = "eth",
     rpcUrl,
     relayUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const normalizedSlot = normalizeSlot(slot);
@@ -7997,7 +8085,8 @@ async function mergeSubaccount(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   onProgress?.("Submitting to relay...");
   const relayResult = await submitRelay({