@veil-cash/sdk 0.6.3 → 0.6.4

package/README.md

@@ -288,6 +288,7 @@ Commands print human-readable success output by default. Errors are standardized
 The CLI is the main entrypoint for most users. If you are integrating Veil programmatically, use the dedicated SDK guide:
 
 - [SDK Quick Start and API Reference](./SDK.md)
+- [Browser proof generation](./SDK.md#browser-proof-generation)
 - [AI agent and signer integration notes](./SDK.md#for-ai-agents)
 
 ## Deposit Flow

package/SDK.md

@@ -182,6 +182,51 @@ const mergeResult = await mergeUtxos({
 });
 ```
 
+### Browser Proof Generation
+
+`withdraw()`, `transfer()`, `mergeUtxos()`, `mergeSubaccount()`, `buildWithdrawProof()`,
+`buildTransferProof()`, and `prepareTransaction()` can generate proofs in browser
+runtimes.
+
+In Node, the SDK uses the packaged `keys/` directory by default. In browsers,
+the SDK defaults to same-origin hosted proving keys:
+
+```text
+/keys/transaction2.wasm
+/keys/transaction2.zkey
+/keys/transaction16.wasm
+/keys/transaction16.zkey
+```
+
+For most web apps, copy the SDK `keys/` files into your app's public assets
+directory. For example, in Next.js/Vite, serving them from `public/keys` makes
+the default path work.
+
+If you host keys elsewhere, pass `provingKeyPath`:
+
+```typescript
+await withdraw({
+  amount: '0.05',
+  recipient: '0xRecipientAddress',
+  keypair,
+  provingKeyPath: 'https://cdn.example.com/veil-keys',
+});
+
+await transfer({
+  amount: '0.02',
+  recipientAddress: '0xRecipientAddress',
+  senderKeypair: keypair,
+  provingKeyPath: (circuitName) => `/static/zk/${circuitName}`,
+});
+```
+
+`provingKeyPath` may be a directory/base URL (`/keys`) or a resolver returning
+the circuit base path without the `.wasm` / `.zkey` extension.
+
+This removes Node `fs` key lookup from the browser proof path. Some bundlers
+may still require standard Node-core polyfills for existing legacy dependencies
+such as `circomlib`, `eth-sig-util`, and `fixed-merkle-tree`.
+
 ### Balance Queries
 
 Balance functions accept an optional `pool` parameter (`'eth'` | `'usdc'`), defaulting to `'eth'`.

package/dist/cli/index.cjs

@@ -8,35 +8,18 @@ var readline = require('readline');
 var fs = require('fs');
 var path = require('path');
 var ethers = require('ethers');
-var crypto = require('crypto');
+var buffer = require('buffer');
+var ethSigUtil = require('eth-sig-util');
+var circomlib = require('circomlib');
 var MerkleTree = require('fixed-merkle-tree-legacy');
 var snarkjs = require('snarkjs');
-var url = require('url');
+var ffjavascript = require('ffjavascript');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
-function _interopNamespace(e) {
-  if (e && e.__esModule) return e;
-  var n = Object.create(null);
-  if (e) {
-    Object.keys(e).forEach(function (k) {
-      if (k !== 'default') {
-        var d = Object.getOwnPropertyDescriptor(e, k);
-        Object.defineProperty(n, k, d.get ? d : {
-          enumerable: true,
-          get: function () { return e[k]; }
-        });
-      }
-    });
-  }
-  n.default = e;
-  return Object.freeze(n);
-}
-
-var fs__namespace = /*#__PURE__*/_interopNamespace(fs);
-var path__namespace = /*#__PURE__*/_interopNamespace(path);
-var crypto__namespace = /*#__PURE__*/_interopNamespace(crypto);
+var ethSigUtil__default = /*#__PURE__*/_interopDefault(ethSigUtil);
+var circomlib__default = /*#__PURE__*/_interopDefault(circomlib);
 var MerkleTree__default = /*#__PURE__*/_interopDefault(MerkleTree);
 
 var __create = Object.create;
@@ -1234,8 +1217,8 @@ var require_command = __commonJS({
   "node_modules/commander/lib/command.js"(exports$1) {
     var EventEmitter = __require("events").EventEmitter;
     var childProcess = __require("child_process");
-    var path2 = __require("path");
-    var fs2 = __require("fs");
+    var path = __require("path");
+    var fs = __require("fs");
     var process2 = __require("process");
     var { Argument: Argument2, humanReadableArgName } = require_argument();
     var { CommanderError: CommanderError2 } = require_error();
@@ -2228,7 +2211,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @param {string} subcommandName
        */
       _checkForMissingExecutable(executableFile, executableDir, subcommandName) {
-        if (fs2.existsSync(executableFile)) return;
+        if (fs.existsSync(executableFile)) return;
         const executableDirMessage = executableDir ? `searched for local subcommand relative to directory '${executableDir}'` : "no directory for search for local subcommand, use .executableDir() to supply a custom directory";
         const executableMissing = `'${executableFile}' does not exist
  - if '${subcommandName}' is not meant to be an executable command, remove description parameter from '.command()' and use '.description()' instead
@@ -2246,11 +2229,11 @@ Expecting one of '${allowedValues.join("', '")}'`);
         let launchWithNode = false;
         const sourceExt = [".js", ".ts", ".tsx", ".mjs", ".cjs"];
         function findFile(baseDir, baseName) {
-          const localBin = path2.resolve(baseDir, baseName);
-          if (fs2.existsSync(localBin)) return localBin;
-          if (sourceExt.includes(path2.extname(baseName))) return void 0;
+          const localBin = path.resolve(baseDir, baseName);
+          if (fs.existsSync(localBin)) return localBin;
+          if (sourceExt.includes(path.extname(baseName))) return void 0;
           const foundExt = sourceExt.find(
-            (ext) => fs2.existsSync(`${localBin}${ext}`)
+            (ext) => fs.existsSync(`${localBin}${ext}`)
           );
           if (foundExt) return `${localBin}${foundExt}`;
           return void 0;
@@ -2262,21 +2245,21 @@ Expecting one of '${allowedValues.join("', '")}'`);
         if (this._scriptPath) {
           let resolvedScriptPath;
           try {
-            resolvedScriptPath = fs2.realpathSync(this._scriptPath);
+            resolvedScriptPath = fs.realpathSync(this._scriptPath);
           } catch {
             resolvedScriptPath = this._scriptPath;
           }
-          executableDir = path2.resolve(
-            path2.dirname(resolvedScriptPath),
+          executableDir = path.resolve(
+            path.dirname(resolvedScriptPath),
             executableDir
           );
         }
         if (executableDir) {
           let localFile = findFile(executableDir, executableFile);
           if (!localFile && !subcommand._executableFile && this._scriptPath) {
-            const legacyName = path2.basename(
+            const legacyName = path.basename(
               this._scriptPath,
-              path2.extname(this._scriptPath)
+              path.extname(this._scriptPath)
             );
             if (legacyName !== this._name) {
               localFile = findFile(
@@ -2287,7 +2270,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
           }
           executableFile = localFile || executableFile;
         }
-        launchWithNode = sourceExt.includes(path2.extname(executableFile));
+        launchWithNode = sourceExt.includes(path.extname(executableFile));
         let proc;
         if (process2.platform !== "win32") {
           if (launchWithNode) {
@@ -3202,7 +3185,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @return {Command}
        */
       nameFromFilename(filename) {
-        this._name = path2.basename(filename, path2.extname(filename));
+        this._name = path.basename(filename, path.extname(filename));
         return this;
       }
       /**
@@ -3216,9 +3199,9 @@ Expecting one of '${allowedValues.join("', '")}'`);
        * @param {string} [path]
        * @return {(string|null|Command)}
        */
-      executableDir(path3) {
-        if (path3 === void 0) return this._executableDir;
-        this._executableDir = path3;
+      executableDir(path2) {
+        if (path2 === void 0) return this._executableDir;
+        this._executableDir = path2;
         return this;
       }
       /**
@@ -3567,10 +3550,10 @@ var require_package = __commonJS({
 // node_modules/dotenv/lib/main.js
 var require_main = __commonJS({
   "node_modules/dotenv/lib/main.js"(exports$1, module) {
-    var fs2 = __require("fs");
-    var path2 = __require("path");
+    var fs = __require("fs");
+    var path = __require("path");
     var os = __require("os");
-    var crypto2 = __require("crypto");
+    var crypto = __require("crypto");
     var packageJson = require_package();
     var version = packageJson.version;
     var TIPS = [
@@ -3709,7 +3692,7 @@ var require_main = __commonJS({
       if (options && options.path && options.path.length > 0) {
         if (Array.isArray(options.path)) {
           for (const filepath of options.path) {
-            if (fs2.existsSync(filepath)) {
+            if (fs.existsSync(filepath)) {
               possibleVaultPath = filepath.endsWith(".vault") ? filepath : `${filepath}.vault`;
             }
           }
@@ -3717,15 +3700,15 @@ var require_main = __commonJS({
           possibleVaultPath = options.path.endsWith(".vault") ? options.path : `${options.path}.vault`;
         }
       } else {
-        possibleVaultPath = path2.resolve(process.cwd(), ".env.vault");
+        possibleVaultPath = path.resolve(process.cwd(), ".env.vault");
       }
-      if (fs2.existsSync(possibleVaultPath)) {
+      if (fs.existsSync(possibleVaultPath)) {
         return possibleVaultPath;
       }
       return null;
     }
     function _resolveHome(envPath) {
-      return envPath[0] === "~" ? path2.join(os.homedir(), envPath.slice(1)) : envPath;
+      return envPath[0] === "~" ? path.join(os.homedir(), envPath.slice(1)) : envPath;
     }
     function _configVault(options) {
       const debug = parseBoolean(process.env.DOTENV_CONFIG_DEBUG || options && options.debug);
@@ -3742,7 +3725,7 @@ var require_main = __commonJS({
       return { parsed };
     }
     function configDotenv(options) {
-      const dotenvPath = path2.resolve(process.cwd(), ".env");
+      const dotenvPath = path.resolve(process.cwd(), ".env");
       let encoding = "utf8";
       let processEnv = process.env;
       if (options && options.processEnv != null) {
@@ -3770,13 +3753,13 @@ var require_main = __commonJS({
       }
       let lastError;
       const parsedAll = {};
-      for (const path3 of optionPaths) {
+      for (const path2 of optionPaths) {
         try {
-          const parsed = DotenvModule.parse(fs2.readFileSync(path3, { encoding }));
+          const parsed = DotenvModule.parse(fs.readFileSync(path2, { encoding }));
           DotenvModule.populate(parsedAll, parsed, options);
         } catch (e) {
           if (debug) {
-            _debug(`Failed to load ${path3} ${e.message}`);
+            _debug(`Failed to load ${path2} ${e.message}`);
           }
           lastError = e;
         }
@@ -3789,7 +3772,7 @@ var require_main = __commonJS({
         const shortPaths = [];
         for (const filePath of optionPaths) {
           try {
-            const relative = path2.relative(process.cwd(), filePath);
+            const relative = path.relative(process.cwd(), filePath);
             shortPaths.push(relative);
           } catch (e) {
             if (debug) {
@@ -3824,7 +3807,7 @@ var require_main = __commonJS({
       const authTag = ciphertext.subarray(-16);
       ciphertext = ciphertext.subarray(12, -16);
       try {
-        const aesgcm = crypto2.createDecipheriv("aes-256-gcm", key, nonce);
+        const aesgcm = crypto.createDecipheriv("aes-256-gcm", key, nonce);
         aesgcm.setAuthTag(authTag);
         return `${aesgcm.update(ciphertext)}${aesgcm.final()}`;
       } catch (error) {
@@ -5107,15 +5090,18 @@ function loadEnv() {
   } catch {
   }
 }
-var circomlib = __require("circomlib");
-var poseidon = circomlib.poseidon;
+var poseidon = circomlib__default.default.poseidon;
 var FIELD_SIZE = BigInt(
   "21888242871839275222246405745257275088548364400416034343698204186575808495617"
 );
 var poseidonHash = (items) => BigInt(poseidon(items).toString());
 var poseidonHash2 = (a, b) => poseidonHash([a, b]);
 var randomBN = (nbytes = 31) => {
-  const bytes = crypto__namespace.randomBytes(nbytes);
+  const cryptoApi = globalThis.crypto;
+  if (!cryptoApi?.getRandomValues) {
+    throw new Error("Secure random number generation is unavailable in this runtime");
+  }
+  const bytes = cryptoApi.getRandomValues(new Uint8Array(nbytes));
   let hex = "0x";
   for (let i = 0; i < bytes.length; i++) {
     hex += bytes[i].toString(16).padStart(2, "0");
@@ -5124,7 +5110,7 @@ var randomBN = (nbytes = 31) => {
 };
 function toFixedHex(number, length = 32) {
   let hexValue;
-  if (number instanceof Buffer) {
+  if (number instanceof buffer.Buffer) {
     hexValue = number.toString("hex");
   } else {
     let bigIntValue = BigInt(number);
@@ -5139,11 +5125,10 @@ function toFixedHex(number, length = 32) {
 var toBuffer = (value, length) => {
   const bigIntValue = BigInt(value);
   const hex = bigIntValue.toString(16).padStart(length * 2, "0");
-  return Buffer.from(hex, "hex");
+  return buffer.Buffer.from(hex, "hex");
 };
 function getExtDataHash(extData) {
-  const { ethers: ethers2 } = __require("ethers");
-  const abi = ethers2.AbiCoder.defaultAbiCoder();
+  const abi = ethers.ethers.AbiCoder.defaultAbiCoder();
   const encodedData = abi.encode(
     ["tuple(address,int256,address,uint256,bytes,bytes)"],
     [[
@@ -5155,7 +5140,7 @@ function getExtDataHash(extData) {
       extData.encryptedOutput2
     ]]
   );
-  const hash = ethers2.keccak256(encodedData);
+  const hash = ethers.ethers.keccak256(encodedData);
   return BigInt(hash) % FIELD_SIZE;
 }
 function shuffle(array) {
@@ -5171,15 +5156,14 @@ function shuffle(array) {
 
 // src/keypair.ts
 var VEIL_SIGNED_MESSAGE = "Sign this message to create your Veil Wallet private key. This will be used to decrypt your balances. Ensure you are signing this message on the Veil Cash website.";
-var ethSigUtil = __require("eth-sig-util");
 function packEncryptedMessage(encryptedMessage) {
-  const nonceBuf = Buffer.from(encryptedMessage.nonce, "base64");
-  const ephemPublicKeyBuf = Buffer.from(encryptedMessage.ephemPublicKey, "base64");
-  const ciphertextBuf = Buffer.from(encryptedMessage.ciphertext, "base64");
-  const messageBuff = Buffer.concat([
-    Buffer.alloc(24 - nonceBuf.length),
+  const nonceBuf = buffer.Buffer.from(encryptedMessage.nonce, "base64");
+  const ephemPublicKeyBuf = buffer.Buffer.from(encryptedMessage.ephemPublicKey, "base64");
+  const ciphertextBuf = buffer.Buffer.from(encryptedMessage.ciphertext, "base64");
+  const messageBuff = buffer.Buffer.concat([
+    buffer.Buffer.alloc(24 - nonceBuf.length),
     nonceBuf,
-    Buffer.alloc(32 - ephemPublicKeyBuf.length),
+    buffer.Buffer.alloc(32 - ephemPublicKeyBuf.length),
     ephemPublicKeyBuf,
     ciphertextBuf
   ]);
@@ -5189,7 +5173,7 @@ function unpackEncryptedMessage(encryptedMessage) {
   if (encryptedMessage.slice(0, 2) === "0x") {
     encryptedMessage = encryptedMessage.slice(2);
   }
-  const messageBuff = Buffer.from(encryptedMessage, "hex");
+  const messageBuff = buffer.Buffer.from(encryptedMessage, "hex");
   const nonceBuf = messageBuff.slice(0, 24);
   const ephemPublicKeyBuf = messageBuff.slice(24, 56);
   const ciphertextBuf = messageBuff.slice(56);
@@ -5214,7 +5198,7 @@ var Keypair = class _Keypair {
   constructor(privkey = ethers.ethers.Wallet.createRandom().privateKey) {
     this.privkey = privkey;
     this.pubkey = poseidonHash([this.privkey]);
-    this.encryptionKey = ethSigUtil.getEncryptionPublicKey(privkey.slice(2));
+    this.encryptionKey = ethSigUtil__default.default.getEncryptionPublicKey(privkey.slice(2));
   }
   /**
    * Get the deposit key for this keypair
@@ -5222,7 +5206,7 @@ var Keypair = class _Keypair {
    * @returns Deposit key as hex string (130 chars with 0x prefix)
    */
   toString() {
-    return toFixedHex(this.pubkey) + Buffer.from(this.encryptionKey, "base64").toString("hex");
+    return toFixedHex(this.pubkey) + buffer.Buffer.from(this.encryptionKey, "base64").toString("hex");
   }
   /**
    * Alias for toString() - returns the deposit key
@@ -5247,7 +5231,7 @@ var Keypair = class _Keypair {
     return Object.assign(new _Keypair(), {
       privkey: null,
       pubkey: BigInt("0x" + str.slice(0, 64)),
-      encryptionKey: Buffer.from(str.slice(64, 128), "hex").toString("base64")
+      encryptionKey: buffer.Buffer.from(str.slice(64, 128), "hex").toString("base64")
     });
   }
   /**
@@ -5332,7 +5316,7 @@ var Keypair = class _Keypair {
    */
   encrypt(bytes) {
     return packEncryptedMessage(
-      ethSigUtil.encrypt(
+      ethSigUtil__default.default.encrypt(
         this.encryptionKey,
         { data: bytes.toString("base64") },
         "x25519-xsalsa20-poly1305"
@@ -5348,8 +5332,8 @@ var Keypair = class _Keypair {
     if (!this.privkey) {
       throw new Error("Cannot decrypt without private key");
     }
-    return Buffer.from(
-      ethSigUtil.decrypt(unpackEncryptedMessage(data), this.privkey.slice(2)),
+    return buffer.Buffer.from(
+      ethSigUtil__default.default.decrypt(unpackEncryptedMessage(data), this.privkey.slice(2)),
       "base64"
     );
   }
@@ -5423,10 +5407,10 @@ async function confirm(question) {
     input: process.stdin,
     output: process.stdout
   });
-  return new Promise((resolve2) => {
+  return new Promise((resolve) => {
     rl.question(`${question} (y/n): `, (answer) => {
       rl.close();
-      resolve2(answer.toLowerCase() === "y" || answer.toLowerCase() === "yes");
+      resolve(answer.toLowerCase() === "y" || answer.toLowerCase() === "yes");
     });
   });
 }
@@ -5792,8 +5776,6 @@ function createRegisterCommand() {
   });
   return register;
 }
-
-// src/utxo.ts
 var Utxo = class _Utxo {
   amount;
   blinding;
@@ -5844,7 +5826,7 @@ var Utxo = class _Utxo {
    * @returns Encrypted data as 0x-prefixed hex string
    */
   encrypt() {
-    const bytes = Buffer.concat([
+    const bytes = buffer.Buffer.concat([
       toBuffer(this.amount, 31),
       toBuffer(this.blinding, 31)
     ]);
@@ -6533,30 +6515,46 @@ async function buildMerkleTree(commitments) {
   const tree = new MerkleTree__default.default(MERKLE_TREE_HEIGHT, leaves, { hashFunction });
   return tree;
 }
-var utils = null;
-try {
-  const ffjavascript = __require("ffjavascript");
-  utils = ffjavascript.utils;
-} catch {
-  console.warn("ffjavascript not found. Proof generation may not work.");
+var ffUtils = ffjavascript.utils;
+function isBrowserRuntime() {
+  return !(typeof process !== "undefined" && !!process.versions?.node);
 }
-function findKeysDirectory() {
+function stripTrailingSlash(value) {
+  return value.endsWith("/") ? value.slice(0, -1) : value;
+}
+function normalizeCircuitBasePath(provingKeyPath, circuitName) {
+  const resolvedPath = typeof provingKeyPath === "function" ? provingKeyPath(circuitName) : provingKeyPath;
+  const withoutExtension = resolvedPath.replace(/\.(wasm|zkey)$/i, "");
+  if (withoutExtension.endsWith(`/${circuitName}`) || withoutExtension.endsWith(`\\${circuitName}`)) {
+    return withoutExtension;
+  }
+  return `${stripTrailingSlash(withoutExtension)}/${circuitName}`;
+}
+function importNodeModule(specifier) {
+  const dynamicImport = new Function("specifier", "return import(specifier)");
+  return dynamicImport(specifier);
+}
+async function findNodeKeysDirectory() {
+  const [{ existsSync: existsSync2 }, pathModule, { fileURLToPath }] = await Promise.all([
+    importNodeModule("node:fs"),
+    importNodeModule("node:path"),
+    importNodeModule("node:url")
+  ]);
+  const path = pathModule;
   const possiblePaths = [
     // When running from package (installed via npm)
-    path__namespace.resolve(__dirname, "..", "keys"),
-    path__namespace.resolve(__dirname, "..", "..", "keys"),
+    path.resolve(process.cwd(), "node_modules", "@veil-cash", "sdk", "keys"),
     // When running from source
-    path__namespace.resolve(process.cwd(), "keys")
-    // ESM module path
+    path.resolve(process.cwd(), "keys")
   ];
   try {
-    const currentFilePath = url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
-    const currentDir = path__namespace.dirname(currentFilePath);
-    possiblePaths.unshift(path__namespace.resolve(currentDir, "..", "keys"));
+    const currentFilePath = fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
+    const currentDir = path.dirname(currentFilePath);
+    possiblePaths.unshift(path.resolve(currentDir, "..", "keys"));
   } catch {
   }
   for (const p of possiblePaths) {
-    if (fs__namespace.existsSync(p) && fs__namespace.existsSync(path__namespace.join(p, "transaction2.wasm"))) {
+    if (existsSync2(p) && existsSync2(path.join(p, "transaction2.wasm"))) {
       return p;
     }
   }
@@ -6564,26 +6562,48 @@ function findKeysDirectory() {
     "Circuit keys not found. Expected to find keys/ directory with transaction2.wasm and transaction2.zkey files."
   );
 }
-async function prove(input, circuitName) {
-  if (!utils) {
-    throw new Error("ffjavascript is required for proof generation. Please install it: npm install ffjavascript");
-  }
-  const keysDir = findKeysDirectory();
-  const wasmPath = path__namespace.join(keysDir, `${circuitName}.wasm`);
-  const zkeyPath = path__namespace.join(keysDir, `${circuitName}.zkey`);
-  if (!fs__namespace.existsSync(wasmPath)) {
+async function resolveProvingKeyPaths(circuitName, provingKeyPath) {
+  if (provingKeyPath) {
+    const circuitBasePath = normalizeCircuitBasePath(provingKeyPath, circuitName);
+    return {
+      wasmPath: `${circuitBasePath}.wasm`,
+      zkeyPath: `${circuitBasePath}.zkey`
+    };
+  }
+  if (isBrowserRuntime()) {
+    return {
+      wasmPath: `/keys/${circuitName}.wasm`,
+      zkeyPath: `/keys/${circuitName}.zkey`
+    };
+  }
+  const keysDir = await findNodeKeysDirectory();
+  return {
+    wasmPath: `${keysDir}/${circuitName}.wasm`,
+    zkeyPath: `${keysDir}/${circuitName}.zkey`
+  };
+}
+async function assertNodeKeyFilesExist(wasmPath, zkeyPath) {
+  if (isBrowserRuntime() || wasmPath.startsWith("http://") || wasmPath.startsWith("https://")) {
+    return;
+  }
+  const { existsSync: existsSync2 } = await importNodeModule("node:fs");
+  if (!existsSync2(wasmPath)) {
     throw new Error(`Circuit WASM file not found: ${wasmPath}`);
   }
-  if (!fs__namespace.existsSync(zkeyPath)) {
+  if (!existsSync2(zkeyPath)) {
     throw new Error(`Circuit zkey file not found: ${zkeyPath}`);
   }
+}
+async function prove(input, circuitName, options = {}) {
+  const { wasmPath, zkeyPath } = await resolveProvingKeyPaths(circuitName, options.provingKeyPath);
+  await assertNodeKeyFilesExist(wasmPath, zkeyPath);
   const result = await snarkjs.groth16.fullProve(
-    utils.stringifyBigInts(input),
+    ffUtils.stringifyBigInts(input),
     wasmPath,
     zkeyPath,
     void 0,
     void 0,
-    { singleThread: true }
+    { singleThread: options.singleThread ?? true }
   );
   const proof = result.proof;
   return "0x" + toFixedHex(proof.pi_a[0]).slice(2) + toFixedHex(proof.pi_a[1]).slice(2) + toFixedHex(proof.pi_b[0][1]).slice(2) + toFixedHex(proof.pi_b[0][0]).slice(2) + toFixedHex(proof.pi_b[1][1]).slice(2) + toFixedHex(proof.pi_b[1][0]).slice(2) + toFixedHex(proof.pi_c[0]).slice(2) + toFixedHex(proof.pi_c[1]).slice(2);
@@ -6607,7 +6627,8 @@ async function getProof({
   fee,
   recipient,
   relayer,
-  onProgress
+  onProgress,
+  provingKeyPath
 }) {
   inputs = shuffle([...inputs]);
   outputs = shuffle([...outputs]);
@@ -6667,7 +6688,7 @@ async function getProof({
   };
   onProgress?.("Generating ZK proof...", `${inputs.length} inputs`);
   const circuitName = selectCircuit(inputs.length);
-  const proof = await prove(proofInput, circuitName);
+  const proof = await prove(proofInput, circuitName, { provingKeyPath });
   const args = {
     proof,
     root: toFixedHex(proofInput.root),
@@ -6689,7 +6710,8 @@ async function prepareTransaction({
   fee = 0,
   recipient = 0,
   relayer = 0,
-  onProgress
+  onProgress,
+  provingKeyPath
 }) {
   if (inputs.length > 16 || outputs.length > 2) {
     throw new Error("Incorrect inputs/outputs count. Maximum: 16 inputs, 2 outputs.");
@@ -6711,7 +6733,8 @@ async function prepareTransaction({
     fee: BigInt(fee),
     recipient: String(recipient),
     relayer: String(relayer),
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return result;
 }
@@ -6861,6 +6884,7 @@ async function buildWithdrawProof(options) {
     keypair,
     pool = "eth",
     rpcUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const poolConfig = POOL_CONFIG[pool];
@@ -6924,7 +6948,8 @@ async function buildWithdrawProof(options) {
     fee: 0,
     recipient,
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return {
     proofArgs: {
@@ -7085,6 +7110,7 @@ async function buildTransferProof(options) {
     senderKeypair,
     pool = "eth",
     rpcUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const poolConfig = POOL_CONFIG[pool];
@@ -7163,7 +7189,8 @@ async function buildTransferProof(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   return {
     proofArgs: {
@@ -7205,7 +7232,7 @@ async function transfer(options) {
   };
 }
 async function mergeUtxos(options) {
-  const { amount, keypair, pool = "eth", rpcUrl, onProgress } = options;
+  const { amount, keypair, pool = "eth", rpcUrl, provingKeyPath, onProgress } = options;
   const poolConfig = POOL_CONFIG[pool];
   const poolAddress = getPoolAddress(pool);
   onProgress?.("Fetching your UTXOs...");
@@ -7273,7 +7300,8 @@ async function mergeUtxos(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   onProgress?.("Submitting to relay...");
   const relayResult = await submitRelay({
@@ -7964,6 +7992,7 @@ async function mergeSubaccount(options) {
     pool = "eth",
     rpcUrl,
     relayUrl,
+    provingKeyPath,
     onProgress
   } = options;
   const normalizedSlot = normalizeSlot(slot);
@@ -8056,7 +8085,8 @@ async function mergeSubaccount(options) {
     fee: 0,
     recipient: "0x0000000000000000000000000000000000000000",
     relayer: "0x0000000000000000000000000000000000000000",
-    onProgress
+    onProgress,
+    provingKeyPath
   });
   onProgress?.("Submitting to relay...");
   const relayResult = await submitRelay({