@veridex/sdk 1.0.0-beta.1

package/dist/queries/index.mjs

@@ -0,0 +1,1508 @@
+// src/queries/constants.ts
+var WORMHOLE_QUERY_PROXY_URLS = {
+  mainnet: "https://query.wormhole.com/v1/query",
+  testnet: "https://testnet.query.wormhole.com/v1/query"
+};
+var WORMHOLE_QUERY_RATE_LIMIT_PER_SECOND = 6;
+var WORMHOLE_QUERY_CHAIN_IDS = {
+  ETHEREUM: 2,
+  POLYGON: 5,
+  ARBITRUM: 23,
+  OPTIMISM: 24,
+  BASE: 30
+};
+
+// src/queries/hubState.ts
+import axios from "axios";
+import { Buffer } from "buffer";
+import { ethers } from "ethers";
+import {
+  EthCallQueryRequest,
+  EthCallQueryResponse,
+  PerChainQueryRequest,
+  QueryRequest,
+  QueryResponse,
+  hexToUint8Array,
+  isValidHexString
+} from "@wormhole-foundation/wormhole-query-sdk";
+
+// src/constants.ts
+var TESTNET_CHAINS = {
+  baseSepolia: {
+    name: "Base Sepolia",
+    chainId: 84532,
+    wormholeChainId: 10004,
+    rpcUrl: "https://sepolia.base.org",
+    // Public CORS-friendly RPC
+    explorerUrl: "https://sepolia.basescan.org",
+    isEvm: true,
+    contracts: {
+      hub: "0x66D87dE68327f48A099c5B9bE97020Feab9a7c82",
+      vaultFactory: "0x40D9B16094808Fa48e73598E31AB964Cf15b475f",
+      vaultImplementation: "0xcBEb49b0109E61c1C69C51D5D9483A3aD6D18258",
+      wormholeCoreBridge: "0x79A1027a6A159502049F10906D333EC57E95F083",
+      tokenBridge: "0x86F55A04690fd7815A3D802bD587e83eA888B239"
+    }
+  },
+  optimismSepolia: {
+    name: "Optimism Sepolia",
+    chainId: 11155420,
+    wormholeChainId: 10005,
+    rpcUrl: "https://sepolia.optimism.io",
+    explorerUrl: "https://sepolia-optimism.etherscan.io",
+    isEvm: true,
+    contracts: {
+      vaultFactory: "0xAbB421166E648953CDBE93c0078a0A794c56Fb84",
+      vaultImplementation: "0xDCD7daEf1AC06f4a8392957cca4834F7a16c058D",
+      wormholeCoreBridge: "0x31377888146f3253211EFEf5c676D41ECe7D58Fe",
+      tokenBridge: "0x99737Ec4B815d816c49A385943baf0380e75c0Ac"
+    }
+  },
+  arbitrumSepolia: {
+    name: "Arbitrum Sepolia",
+    chainId: 421614,
+    wormholeChainId: 10003,
+    rpcUrl: "https://sepolia-rollup.arbitrum.io/rpc",
+    explorerUrl: "https://sepolia.arbiscan.io",
+    isEvm: true,
+    contracts: {
+      vaultFactory: "0xd36D3D5DB59d78f1E33813490F72DABC15C9B07c",
+      vaultImplementation: "0xB10ACf39eBF17fc33F722cBD955b7aeCB0611bc4",
+      wormholeCoreBridge: "0x6b9C8671cdDC8dEab9c719bB87cBd3e782bA6a35",
+      tokenBridge: "0xC7A204bDBFe983FCD8d8E61D02b475D4073fF97e"
+    }
+  },
+  seiTestnet: {
+    name: "Sei Atlantic-2",
+    chainId: 1328,
+    wormholeChainId: 40,
+    rpcUrl: "https://evm-rpc-testnet.sei-apis.com",
+    explorerUrl: "https://seitrace.com/?chain=atlantic-2",
+    isEvm: true,
+    contracts: {
+      vaultFactory: "0x07F608AFf6d63b68029488b726d895c4Bb593038",
+      vaultImplementation: "0xD66153fccFB6731fB6c4944FbD607ba86A76a1f6",
+      wormholeCoreBridge: "0x0000000000000000000000000000000000000000"
+      // Mock - not yet deployed
+    }
+  },
+  solanaDevnet: {
+    name: "Solana Devnet",
+    chainId: 0,
+    wormholeChainId: 1,
+    rpcUrl: "https://api.devnet.solana.com",
+    explorerUrl: "https://explorer.solana.com",
+    isEvm: false,
+    contracts: {
+      hub: "AnyXHsqq9c2BiW4WgBcj6Aye7Ua7a7L7iSuwpfJxECJM",
+      wormholeCoreBridge: "3u8hJUVTA4jH1wYAyUur7FFZVQ8H635K3tSHHF4ssjQ5",
+      tokenBridge: "DZnkkTmCiFWfYTfT41X3Rd1kDgozqzxWaHqsw6W4x2oe"
+    }
+  },
+  aptosTestnet: {
+    name: "Aptos Testnet",
+    chainId: 0,
+    wormholeChainId: 22,
+    rpcUrl: "https://fullnode.testnet.aptoslabs.com/v1",
+    explorerUrl: "https://explorer.aptoslabs.com",
+    isEvm: false,
+    contracts: {
+      hub: "0x1a89da9e9f8f0bc90d8d492890bd55fb261c6277d2a95dfcac70c268d0c23dcc",
+      wormholeCoreBridge: "0x5bc11445584a763c1fa7ed39081f1b920954da14e04b32440cba863d03e19625",
+      tokenBridge: "0x576410486a2da45eee6c949c995670112ddf2fbeedab20350d506328eefc9d4f"
+    }
+  },
+  suiTestnet: {
+    name: "Sui Testnet",
+    chainId: 0,
+    wormholeChainId: 21,
+    rpcUrl: "https://fullnode.testnet.sui.io:443",
+    explorerUrl: "https://suiscan.xyz/testnet",
+    isEvm: false,
+    contracts: {
+      hub: "0x35e99fdbbc1cde7e093da6f9e758ba2c4a077904bd64caee2fa6db5e6c4e9e37",
+      wormholeCoreBridge: "0x31358d198147da50db32eda2562951d53973a0c0ad5ed738e9b17d88b213d790"
+    }
+  },
+  starknetSepolia: {
+    name: "Starknet Sepolia",
+    chainId: 0,
+    // Native Starknet chain ID (SN_SEPOLIA = 0x534e5f5345504f4c4941)
+    wormholeChainId: 50001,
+    // Custom chain ID (50000+ reserved for non-Wormhole chains)
+    rpcUrl: "https://starknet-sepolia.g.alchemy.com/starknet/version/rpc/v0_7/tsOnfTBZDKMXcUA26OED-",
+    explorerUrl: "https://sepolia.starkscan.co",
+    isEvm: false,
+    contracts: {
+      // Starknet spoke contract
+      hub: "0x68adcc730ed6c355200d00f763825448497b9cdf7936ca121711e078c88e811",
+      // Custom bridge contract (NOT Wormhole)
+      wormholeCoreBridge: "0x2c458c1ae64556482b05cc2d3ee5b032ed114d68429dda2062c9849a5a725f8"
+    },
+    // Hub chain ID that Starknet bridge validates (Base Sepolia = 10004)
+    hubChainId: 10004
+  }
+};
+var MAINNET_CHAINS = {
+  ethereum: {
+    name: "Ethereum",
+    chainId: 1,
+    wormholeChainId: 2,
+    rpcUrl: "https://eth.llamarpc.com",
+    explorerUrl: "https://etherscan.io",
+    isEvm: true,
+    contracts: {
+      wormholeCoreBridge: "0x98f3c9e6E3fAce36bAAd05FE09d375Ef1464288B",
+      tokenBridge: "0x3ee18B2214AFF97000D974cf647E7C347E8fa585"
+    }
+  },
+  base: {
+    name: "Base",
+    chainId: 8453,
+    wormholeChainId: 30,
+    rpcUrl: "https://mainnet.base.org",
+    explorerUrl: "https://basescan.org",
+    isEvm: true,
+    contracts: {
+      wormholeCoreBridge: "0xbebdb6C8ddC678FfA9f8748f85C815C556Dd8ac6",
+      tokenBridge: "0x8d2de8d2f73F1F4cAB472AC9A881C9b123C79627"
+    }
+  },
+  optimism: {
+    name: "Optimism",
+    chainId: 10,
+    wormholeChainId: 24,
+    rpcUrl: "https://mainnet.optimism.io",
+    explorerUrl: "https://optimistic.etherscan.io",
+    isEvm: true,
+    contracts: {
+      wormholeCoreBridge: "0xEe91C335eab126dF5fDB3797EA9d6aD93aeC9722",
+      tokenBridge: "0x1D68124e65faFC907325e3EDbF8c4d84499DAa8b"
+    }
+  },
+  arbitrum: {
+    name: "Arbitrum",
+    chainId: 42161,
+    wormholeChainId: 23,
+    rpcUrl: "https://arb1.arbitrum.io/rpc",
+    explorerUrl: "https://arbiscan.io",
+    isEvm: true,
+    contracts: {
+      wormholeCoreBridge: "0xa5f208e072434bC67592E4C49C1B991BA79BCA46",
+      tokenBridge: "0x0b2402144Bb366A632D14B83F244D2e0e21bD39c"
+    }
+  },
+  polygon: {
+    name: "Polygon",
+    chainId: 137,
+    wormholeChainId: 5,
+    rpcUrl: "https://polygon-rpc.com",
+    explorerUrl: "https://polygonscan.com",
+    isEvm: true,
+    contracts: {
+      wormholeCoreBridge: "0x7A4B5a56256163F07b2C80A7cA55aBE66c4ec4d7",
+      tokenBridge: "0x5a58505a96D1dbf8dF91cB21B54419FC36e93fdE"
+    }
+  },
+  solana: {
+    name: "Solana",
+    chainId: 0,
+    wormholeChainId: 1,
+    rpcUrl: "https://api.mainnet-beta.solana.com",
+    explorerUrl: "https://explorer.solana.com",
+    isEvm: false,
+    contracts: {
+      wormholeCoreBridge: "worm2ZoG2kUd4vFXhvjh93UUH596ayRfgQ2MgjNMTth",
+      tokenBridge: "wormDTUJ6AWPNvk59vGQbDvGJmqbDTdgWgAqcLBCgUb"
+    }
+  },
+  aptos: {
+    name: "Aptos",
+    chainId: 0,
+    wormholeChainId: 22,
+    rpcUrl: "https://fullnode.mainnet.aptoslabs.com/v1",
+    explorerUrl: "https://explorer.aptoslabs.com",
+    isEvm: false,
+    contracts: {
+      wormholeCoreBridge: "0x5bc11445584a763c1fa7ed39081f1b920954da14e04b32440cba863d03e19625",
+      tokenBridge: "0x576410486a2da45eee6c949c995670112ddf2fbeedab20350d506328eefc9d4f"
+    }
+  },
+  sui: {
+    name: "Sui",
+    chainId: 0,
+    wormholeChainId: 21,
+    rpcUrl: "https://fullnode.mainnet.sui.io:443",
+    explorerUrl: "https://suiscan.xyz/mainnet",
+    isEvm: false,
+    contracts: {
+      wormholeCoreBridge: "0xaeab97f96cf9877fee2883315d459552b2b921edc16d7ceac6eab944dd88919c"
+    }
+  }
+};
+
+// src/queries/hubState.ts
+var QueryHubStateError = class extends Error {
+  code;
+  cause;
+  constructor(code, message, cause) {
+    super(message);
+    this.name = "QueryHubStateError";
+    this.code = code;
+    this.cause = cause;
+  }
+};
+function resolveNetwork(options) {
+  if (options?.network) return options.network;
+  const envCandidates = [
+    globalThis?.process?.env?.NEXT_PUBLIC_VERIDEX_NETWORK,
+    globalThis?.process?.env?.VERIDEX_NETWORK,
+    globalThis?.process?.env?.NEXT_PUBLIC_WORMHOLE_NETWORK,
+    globalThis?.process?.env?.WORMHOLE_NETWORK
+  ].filter(Boolean);
+  const env = envCandidates[0]?.toLowerCase();
+  if (env === "mainnet" || env === "testnet") return env;
+  return "testnet";
+}
+function concatBytes(parts) {
+  const total = parts.reduce((sum, p) => sum + p.length, 0);
+  const out = new Uint8Array(total);
+  let offset = 0;
+  for (const p of parts) {
+    out.set(p, offset);
+    offset += p.length;
+  }
+  return out;
+}
+function signaturesToProofBytes(signatures) {
+  const chunks = [];
+  for (const sig of signatures) {
+    if (typeof sig !== "string" || sig.length !== 132 || !/^[0-9a-fA-F]+$/.test(sig)) {
+      throw new QueryHubStateError(
+        "PROXY_RESPONSE_INVALID",
+        `Invalid guardian signature format (expected 132 hex chars): ${String(sig)}`
+      );
+    }
+    chunks.push(hexToUint8Array(`0x${sig}`));
+  }
+  return concatBytes(chunks);
+}
+function decodeQueryBytes(bytes) {
+  if (typeof bytes !== "string" || bytes.length === 0) {
+    throw new QueryHubStateError("PROXY_RESPONSE_INVALID", "Missing query response bytes");
+  }
+  if (isValidHexString(bytes)) {
+    return hexToUint8Array(bytes);
+  }
+  try {
+    if (typeof atob === "function") {
+      const raw = atob(bytes);
+      const arr = new Uint8Array(raw.length);
+      for (let i = 0; i < raw.length; i++) arr[i] = raw.charCodeAt(i);
+      return arr;
+    }
+  } catch {
+  }
+  try {
+    return new Uint8Array(Buffer.from(bytes, "base64"));
+  } catch (cause) {
+    throw new QueryHubStateError("PROXY_RESPONSE_INVALID", "Unrecognized query response bytes encoding", cause);
+  }
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function withExponentialBackoff(fn, maxAttempts) {
+  let attempt = 0;
+  let lastError;
+  while (attempt < maxAttempts) {
+    try {
+      return await fn();
+    } catch (err) {
+      lastError = err;
+      attempt += 1;
+      if (attempt >= maxAttempts) break;
+      const baseMs = 250;
+      const backoffMs = Math.min(5e3, baseMs * 2 ** (attempt - 1));
+      const jitterMs = Math.floor(Math.random() * 100);
+      await sleep(backoffMs + jitterMs);
+    }
+  }
+  throw lastError;
+}
+function getHubConfig(network) {
+  if (network === "testnet") {
+    const baseSepolia = TESTNET_CHAINS.baseSepolia;
+    if (!baseSepolia?.contracts?.hub) {
+      throw new QueryHubStateError("MISSING_HUB_ADDRESS", "Missing Base Sepolia hub address in SDK constants");
+    }
+    return {
+      wormholeChainId: baseSepolia.wormholeChainId,
+      hubAddress: baseSepolia.contracts.hub,
+      endpoint: WORMHOLE_QUERY_PROXY_URLS.testnet,
+      rpcUrl: baseSepolia.rpcUrl
+    };
+  }
+  if (network === "mainnet") {
+    const base = MAINNET_CHAINS.base;
+    const hubAddress = base?.contracts?.hub;
+    if (!hubAddress) {
+      throw new QueryHubStateError(
+        "MISSING_HUB_ADDRESS",
+        "Missing mainnet hub address in SDK constants (MAINNET_CHAINS.base.contracts.hub)"
+      );
+    }
+    return {
+      wormholeChainId: base.wormholeChainId,
+      hubAddress,
+      endpoint: WORMHOLE_QUERY_PROXY_URLS.mainnet,
+      rpcUrl: base.rpcUrl
+    };
+  }
+  throw new QueryHubStateError("UNSUPPORTED_NETWORK", `Unsupported network: ${network}`);
+}
+function encodeHubCalls(hubAddress, userKeyHash) {
+  const nonceAbiCandidates = [
+    "function getUserNonce(bytes32 userKeyHash) view returns (uint256)",
+    "function userNonces(bytes32 userKeyHash) view returns (uint256)",
+    "function getNonceByHash(bytes32 userKeyHash) view returns (uint256)"
+  ];
+  const registeredAbiCandidates = [
+    "function registeredKeys(bytes32 userKeyHash) view returns (bool)",
+    "function isKeyRegisteredByHash(bytes32 userKeyHash) view returns (bool)"
+  ];
+  const actionHashAbiCandidates = [
+    "function getUserLastActionHash(bytes32 userKeyHash) view returns (bytes32)",
+    "function userLastActionHash(bytes32 userKeyHash) view returns (bytes32)"
+  ];
+  const iface = new ethers.Interface([
+    ...nonceAbiCandidates,
+    ...registeredAbiCandidates,
+    ...actionHashAbiCandidates
+  ]);
+  const nonceFnNames = ["getUserNonce", "userNonces", "getNonceByHash"];
+  const regFnNames = ["registeredKeys", "isKeyRegisteredByHash"];
+  const actionHashFnNames = ["getUserLastActionHash", "userLastActionHash"];
+  return [
+    ...nonceFnNames.map((fn) => ({
+      to: hubAddress,
+      data: iface.encodeFunctionData(fn, [userKeyHash])
+    })),
+    ...regFnNames.map((fn) => ({
+      to: hubAddress,
+      data: iface.encodeFunctionData(fn, [userKeyHash])
+    })),
+    ...actionHashFnNames.map((fn) => ({
+      to: hubAddress,
+      data: iface.encodeFunctionData(fn, [userKeyHash])
+    }))
+  ];
+}
+function decodeFirstNonce(results) {
+  const candidates = [
+    "function getUserNonce(bytes32 userKeyHash) view returns (uint256)",
+    "function userNonces(bytes32 userKeyHash) view returns (uint256)",
+    "function getNonceByHash(bytes32 userKeyHash) view returns (uint256)"
+  ];
+  const iface = new ethers.Interface(candidates);
+  const fnNames = ["getUserNonce", "userNonces", "getNonceByHash"];
+  for (let idx = 0; idx < fnNames.length; idx++) {
+    const fnName = fnNames[idx];
+    try {
+      const data = results[idx];
+      if (!data || data === "0x") continue;
+      const decoded = iface.decodeFunctionResult(fnName, data);
+      return decoded[0];
+    } catch {
+    }
+  }
+  throw new QueryHubStateError("QUERY_RESPONSE_INVALID", "Unable to decode user nonce from query response");
+}
+function decodeFirstIsRegistered(results) {
+  const nonceCandidateCount = 3;
+  const candidates = [
+    "function registeredKeys(bytes32 userKeyHash) view returns (bool)",
+    "function isKeyRegisteredByHash(bytes32 userKeyHash) view returns (bool)"
+  ];
+  const iface = new ethers.Interface(candidates);
+  const fnNames = ["registeredKeys", "isKeyRegisteredByHash"];
+  for (let i = 0; i < fnNames.length; i++) {
+    const fnName = fnNames[i];
+    try {
+      const data = results[nonceCandidateCount + i];
+      if (!data || data === "0x") continue;
+      const decoded = iface.decodeFunctionResult(fnName, data);
+      return Boolean(decoded[0]);
+    } catch {
+    }
+  }
+  return false;
+}
+function decodeLastActionHash(results) {
+  const nonceCandidateCount = 3;
+  const registeredCandidateCount = 2;
+  const actionHashOffset = nonceCandidateCount + registeredCandidateCount;
+  const candidates = [
+    "function getUserLastActionHash(bytes32 userKeyHash) view returns (bytes32)",
+    "function userLastActionHash(bytes32 userKeyHash) view returns (bytes32)"
+  ];
+  const iface = new ethers.Interface(candidates);
+  const fnNames = ["getUserLastActionHash", "userLastActionHash"];
+  for (let i = 0; i < fnNames.length; i++) {
+    const fnName = fnNames[i];
+    try {
+      const data = results[actionHashOffset + i];
+      if (!data || data === "0x") continue;
+      const decoded = iface.decodeFunctionResult(fnName, data);
+      return decoded[0];
+    } catch {
+    }
+  }
+  return ethers.ZeroHash;
+}
+async function queryHubState(userKeyHash, apiKey, options) {
+  if (typeof userKeyHash !== "string" || userKeyHash.length === 0) {
+    throw new QueryHubStateError("INVALID_ARGUMENT", "userKeyHash is required");
+  }
+  if (!isValidHexString(userKeyHash) || hexToUint8Array(userKeyHash).length !== 32) {
+    throw new QueryHubStateError("INVALID_ARGUMENT", "userKeyHash must be a 32-byte hex string");
+  }
+  if (typeof apiKey !== "string" || apiKey.length === 0) {
+    throw new QueryHubStateError("INVALID_ARGUMENT", "apiKey is required");
+  }
+  const network = resolveNetwork(options);
+  const maxAgeSeconds = options?.maxAge ?? 60;
+  const maxAttempts = options?.maxAttempts ?? 4;
+  const { wormholeChainId, hubAddress, endpoint, rpcUrl } = getHubConfig(network);
+  const provider = new ethers.JsonRpcProvider(rpcUrl);
+  const callData = encodeHubCalls(hubAddress, userKeyHash);
+  const doFetch = async () => {
+    try {
+      const latestBlock = await provider.getBlockNumber();
+      const blockTag = Math.max(0, latestBlock - 2);
+      const request = new QueryRequest(Date.now() & 4294967295, [
+        new PerChainQueryRequest(wormholeChainId, new EthCallQueryRequest(blockTag, callData))
+      ]);
+      const requestHex = Buffer.from(request.serialize()).toString("hex");
+      const response = await axios.post(
+        endpoint,
+        { bytes: requestHex },
+        {
+          headers: {
+            "X-API-Key": apiKey,
+            "Content-Type": "application/json"
+          },
+          timeout: 1e4
+        }
+      );
+      const data = response.data;
+      const signatures = data?.signatures;
+      const bytes = data?.bytes;
+      if (!Array.isArray(signatures) || typeof bytes !== "string") {
+        throw new QueryHubStateError("PROXY_RESPONSE_INVALID", "Query Proxy response missing signatures/bytes");
+      }
+      const proof = signaturesToProofBytes(signatures);
+      const queryBytes = decodeQueryBytes(bytes);
+      const parsed = QueryResponse.from(queryBytes);
+      const perChain = parsed.responses.find((r) => r.chainId === wormholeChainId);
+      if (!perChain) {
+        throw new QueryHubStateError("QUERY_RESPONSE_INVALID", "Missing per-chain response for hub chain");
+      }
+      const chainResp = EthCallQueryResponse.from(perChain.response.serialize());
+      const blockTime = Number(chainResp.blockTime);
+      const nowSeconds = Math.floor(Date.now() / 1e3);
+      if (nowSeconds - blockTime > maxAgeSeconds) {
+        throw new QueryHubStateError(
+          "ATTESTATION_STALE",
+          `Guardian attestation is stale (blockTime=${blockTime}, now=${nowSeconds}, maxAge=${maxAgeSeconds}s)`
+        );
+      }
+      const nonce = decodeFirstNonce(chainResp.results);
+      const isRegistered = decodeFirstIsRegistered(chainResp.results);
+      const lastActionHash = decodeLastActionHash(chainResp.results);
+      return {
+        nonce,
+        isRegistered,
+        blockTime,
+        proof,
+        lastActionHash
+      };
+    } catch (err) {
+      if (err instanceof QueryHubStateError) throw err;
+      if (axios.isAxiosError(err)) {
+        const ax = err;
+        const status = ax.response?.status;
+        const statusText = ax.response?.statusText;
+        const details = typeof ax.response?.data === "string" ? ax.response?.data : void 0;
+        throw new QueryHubStateError(
+          "PROXY_HTTP_ERROR",
+          `Query Proxy request failed${status ? ` (${status} ${statusText ?? ""})` : ""}${details ? `: ${details}` : ""}`,
+          err
+        );
+      }
+      throw new QueryHubStateError("PROXY_HTTP_ERROR", "Query Proxy request failed", err);
+    }
+  };
+  return await withExponentialBackoff(doFetch, maxAttempts);
+}
+
+// src/queries/portfolio.ts
+import axios2 from "axios";
+import { Buffer as Buffer2 } from "buffer";
+import { ethers as ethers4 } from "ethers";
+import { PublicKey } from "@solana/web3.js";
+import {
+  EthCallQueryRequest as EthCallQueryRequest2,
+  EthCallQueryResponse as EthCallQueryResponse2,
+  PerChainQueryRequest as PerChainQueryRequest2,
+  QueryRequest as QueryRequest2,
+  QueryResponse as QueryResponse2,
+  SolanaAccountQueryRequest,
+  SolanaAccountQueryResponse,
+  hexToUint8Array as hexToUint8Array2,
+  isValidHexString as isValidHexString2
+} from "@wormhole-foundation/wormhole-query-sdk";
+
+// src/core/WalletManager.ts
+import { ethers as ethers3 } from "ethers";
+
+// src/utils.ts
+import { ethers as ethers2 } from "ethers";
+function computeKeyHash(publicKeyX, publicKeyY) {
+  return ethers2.keccak256(
+    ethers2.solidityPacked(["uint256", "uint256"], [publicKeyX, publicKeyY])
+  );
+}
+
+// src/core/WalletManager.ts
+var PROXY_BYTECODE_PREFIX = "0x3d602d80600a3d3981f3363d3d373d3d3d363d73";
+var PROXY_BYTECODE_SUFFIX = "5af43d82803e903d91602b57fd5bf3";
+var WalletManager = class {
+  config;
+  addressCache = /* @__PURE__ */ new Map();
+  constructor(config = {}) {
+    this.config = {
+      cacheAddresses: config.cacheAddresses ?? true,
+      persistToStorage: config.persistToStorage ?? false,
+      storageKey: config.storageKey ?? "veridex_wallet_addresses"
+    };
+    if (this.config.persistToStorage && typeof window !== "undefined") {
+      this.loadFromStorage();
+    }
+  }
+  // ========================================================================
+  // Address Computation
+  // ========================================================================
+  /**
+   * Compute the deterministic vault address for an EVM chain
+   * 
+   * Uses CREATE2 with EIP-1167 minimal proxy pattern:
+   * - Salt = keccak256(factoryAddress, ownerKeyHash)
+   * - InitCode = EIP-1167 proxy bytecode with implementation address
+   * 
+   * @param keyHash - The owner's key hash (keccak256 of public key coordinates)
+   * @param factoryAddress - The vault factory contract address
+   * @param implementationAddress - The vault implementation contract address
+   * @returns The deterministic vault address
+   */
+  computeVaultAddress(keyHash, factoryAddress, implementationAddress) {
+    const salt = ethers3.keccak256(
+      ethers3.solidityPacked(
+        ["address", "bytes32"],
+        [factoryAddress, keyHash]
+      )
+    );
+    const initCode = this.buildProxyInitCode(implementationAddress);
+    const initCodeHash = ethers3.keccak256(initCode);
+    const create2Data = ethers3.solidityPacked(
+      ["bytes1", "address", "bytes32", "bytes32"],
+      ["0xff", factoryAddress, salt, initCodeHash]
+    );
+    const hash = ethers3.keccak256(create2Data);
+    return ethers3.getAddress("0x" + hash.slice(26));
+  }
+  /**
+   * Compute vault address from public key coordinates
+   * 
+   * @param publicKeyX - P-256 public key X coordinate
+   * @param publicKeyY - P-256 public key Y coordinate
+   * @param factoryAddress - The vault factory contract address
+   * @param implementationAddress - The vault implementation contract address
+   * @returns The deterministic vault address
+   */
+  computeVaultAddressFromPublicKey(publicKeyX, publicKeyY, factoryAddress, implementationAddress) {
+    const keyHash = computeKeyHash(publicKeyX, publicKeyY);
+    return this.computeVaultAddress(keyHash, factoryAddress, implementationAddress);
+  }
+  /**
+   * Build EIP-1167 minimal proxy initcode
+   */
+  buildProxyInitCode(implementationAddress) {
+    const impl = implementationAddress.toLowerCase().replace("0x", "");
+    return PROXY_BYTECODE_PREFIX + impl + PROXY_BYTECODE_SUFFIX;
+  }
+  // ========================================================================
+  // Unified Identity
+  // ========================================================================
+  /**
+   * Get unified identity with addresses across all configured chains
+   * 
+   * @param credential - The passkey credential
+   * @param chainConfigs - Map of chain configurations with factory/implementation addresses
+   * @returns Unified identity with addresses on each chain
+   */
+  async getUnifiedIdentity(credential, chainConfigs) {
+    const addresses = [];
+    for (const [wormholeChainId, config] of chainConfigs) {
+      const address = await this.deriveAddressForChain(
+        credential,
+        wormholeChainId,
+        config
+      );
+      if (address) {
+        addresses.push(address);
+      }
+    }
+    const identity = {
+      keyHash: credential.keyHash,
+      publicKeyX: credential.publicKeyX,
+      publicKeyY: credential.publicKeyY,
+      credentialId: credential.credentialId,
+      addresses,
+      createdAt: Date.now(),
+      updatedAt: Date.now()
+    };
+    if (this.config.cacheAddresses) {
+      this.addressCache.set(credential.keyHash, addresses);
+    }
+    if (this.config.persistToStorage) {
+      this.saveToStorage(identity);
+    }
+    return identity;
+  }
+  /**
+   * Derive address for a specific chain
+   */
+  async deriveAddressForChain(credential, wormholeChainId, config) {
+    if (config.isEvm) {
+      if (!config.factoryAddress || !config.implementationAddress) {
+        return null;
+      }
+      const address = this.computeVaultAddress(
+        credential.keyHash,
+        config.factoryAddress,
+        config.implementationAddress
+      );
+      return {
+        wormholeChainId,
+        chainName: config.chainName,
+        address,
+        isEvm: true,
+        deployed: false
+        // Will be checked separately
+      };
+    } else {
+      return this.deriveNonEvmAddress(credential, wormholeChainId, config);
+    }
+  }
+  /**
+   * Derive address for non-EVM chains
+   * 
+   * Each chain has its own address format:
+   * - Solana: Base58 encoded public key hash
+   * - Aptos: 32-byte hex address
+   * - Sui: 32-byte hex address with 0x prefix
+   */
+  deriveNonEvmAddress(credential, wormholeChainId, _config) {
+    switch (wormholeChainId) {
+      case 1:
+        return {
+          wormholeChainId: 1,
+          chainName: "Solana",
+          address: credential.keyHash,
+          // PDA will be derived from this
+          isEvm: false,
+          derivationType: "pda",
+          deployed: false
+        };
+      case 22:
+        return {
+          wormholeChainId: 22,
+          chainName: "Aptos",
+          address: credential.keyHash,
+          isEvm: false,
+          derivationType: "resource_account",
+          deployed: false
+        };
+      case 21:
+        return {
+          wormholeChainId: 21,
+          chainName: "Sui",
+          address: credential.keyHash,
+          isEvm: false,
+          derivationType: "object",
+          deployed: false
+        };
+      default:
+        return null;
+    }
+  }
+  // ========================================================================
+  // Address Lookup
+  // ========================================================================
+  /**
+   * Get cached address for a chain
+   */
+  getAddressForChain(keyHash, wormholeChainId) {
+    const addresses = this.addressCache.get(keyHash);
+    return addresses?.find((a) => a.wormholeChainId === wormholeChainId);
+  }
+  /**
+   * Get all cached addresses for a key hash
+   */
+  getAddresses(keyHash) {
+    return this.addressCache.get(keyHash) ?? [];
+  }
+  /**
+   * Update deployment status for an address
+   */
+  updateDeploymentStatus(keyHash, wormholeChainId, deployed, deploymentTxHash) {
+    const addresses = this.addressCache.get(keyHash);
+    if (!addresses) return;
+    const address = addresses.find((a) => a.wormholeChainId === wormholeChainId);
+    if (address) {
+      address.deployed = deployed;
+      address.deploymentTxHash = deploymentTxHash;
+    }
+    if (this.config.persistToStorage) {
+      this.saveAddressesToStorage(keyHash, addresses);
+    }
+  }
+  // ========================================================================
+  // Storage
+  // ========================================================================
+  /**
+   * Load addresses from localStorage
+   */
+  loadFromStorage() {
+    if (typeof window === "undefined") return;
+    try {
+      const stored = localStorage.getItem(this.config.storageKey);
+      if (!stored) return;
+      const data = JSON.parse(stored);
+      for (const [keyHash, addresses] of Object.entries(data.addresses)) {
+        this.addressCache.set(keyHash, addresses);
+      }
+    } catch (error) {
+      console.warn("Failed to load wallet addresses from storage:", error);
+    }
+  }
+  /**
+   * Save identity to localStorage
+   */
+  saveToStorage(identity) {
+    if (typeof window === "undefined") return;
+    try {
+      const stored = localStorage.getItem(this.config.storageKey) ?? "{}";
+      const data = JSON.parse(stored);
+      if (!data.addresses) {
+        data.addresses = {};
+      }
+      data.addresses[identity.keyHash] = identity.addresses;
+      data.identities = data.identities ?? {};
+      data.identities[identity.keyHash] = {
+        keyHash: identity.keyHash,
+        publicKeyX: identity.publicKeyX.toString(),
+        publicKeyY: identity.publicKeyY.toString(),
+        credentialId: identity.credentialId,
+        createdAt: identity.createdAt,
+        updatedAt: identity.updatedAt
+      };
+      localStorage.setItem(this.config.storageKey, JSON.stringify(data));
+    } catch (error) {
+      console.warn("Failed to save wallet addresses to storage:", error);
+    }
+  }
+  /**
+   * Save addresses to localStorage
+   */
+  saveAddressesToStorage(keyHash, addresses) {
+    if (typeof window === "undefined") return;
+    try {
+      const stored = localStorage.getItem(this.config.storageKey) ?? "{}";
+      const data = JSON.parse(stored);
+      if (!data.addresses) {
+        data.addresses = {};
+      }
+      data.addresses[keyHash] = addresses;
+      localStorage.setItem(this.config.storageKey, JSON.stringify(data));
+    } catch (error) {
+      console.warn("Failed to save wallet addresses to storage:", error);
+    }
+  }
+  /**
+   * Clear all cached data
+   */
+  clearCache() {
+    this.addressCache.clear();
+    if (this.config.persistToStorage && typeof window !== "undefined") {
+      localStorage.removeItem(this.config.storageKey);
+    }
+  }
+  /**
+   * Load identity from storage
+   */
+  loadIdentityFromStorage(keyHash) {
+    if (typeof window === "undefined") return null;
+    try {
+      const stored = localStorage.getItem(this.config.storageKey);
+      if (!stored) return null;
+      const data = JSON.parse(stored);
+      const storedIdentity = data.identities?.[keyHash];
+      const addresses = data.addresses?.[keyHash];
+      if (!storedIdentity || !addresses) return null;
+      return {
+        keyHash: storedIdentity.keyHash,
+        publicKeyX: BigInt(storedIdentity.publicKeyX),
+        publicKeyY: BigInt(storedIdentity.publicKeyY),
+        credentialId: storedIdentity.credentialId,
+        addresses,
+        createdAt: storedIdentity.createdAt,
+        updatedAt: storedIdentity.updatedAt
+      };
+    } catch (error) {
+      console.warn("Failed to load identity from storage:", error);
+      return null;
+    }
+  }
+};
+
+// src/constants/tokens.ts
+var NATIVE_TOKEN_ADDRESS = "native";
+var EVM_ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
+var BASE_SEPOLIA_TOKENS = {
+  wormholeChainId: 10004,
+  chainName: "Base Sepolia",
+  nativeToken: {
+    symbol: "ETH",
+    name: "Ether",
+    address: NATIVE_TOKEN_ADDRESS,
+    decimals: 18,
+    isNative: true
+  },
+  tokens: [
+    {
+      symbol: "USDC",
+      name: "USD Coin (Test)",
+      address: "0x036CbD53842c5426634e7929541eC2318f3dCF7e",
+      // Circle test USDC
+      decimals: 6,
+      isNative: false
+    },
+    {
+      symbol: "WETH",
+      name: "Wrapped Ether",
+      address: "0x4200000000000000000000000000000000000006",
+      decimals: 18,
+      isNative: false
+    }
+  ]
+};
+var OPTIMISM_SEPOLIA_TOKENS = {
+  wormholeChainId: 10005,
+  chainName: "Optimism Sepolia",
+  nativeToken: {
+    symbol: "ETH",
+    name: "Ether",
+    address: NATIVE_TOKEN_ADDRESS,
+    decimals: 18,
+    isNative: true
+  },
+  tokens: [
+    {
+      symbol: "USDC",
+      name: "USD Coin (Test)",
+      address: "0x5fd84259d66Cd46123540766Be93DFE6D43130D7",
+      // Test USDC
+      decimals: 6,
+      isNative: false
+    },
+    {
+      symbol: "WETH",
+      name: "Wrapped Ether",
+      address: "0x4200000000000000000000000000000000000006",
+      decimals: 18,
+      isNative: false
+    }
+  ]
+};
+var ARBITRUM_SEPOLIA_TOKENS = {
+  wormholeChainId: 10003,
+  chainName: "Arbitrum Sepolia",
+  nativeToken: {
+    symbol: "ETH",
+    name: "Ether",
+    address: NATIVE_TOKEN_ADDRESS,
+    decimals: 18,
+    isNative: true
+  },
+  tokens: [
+    {
+      symbol: "USDC",
+      name: "USD Coin (Test)",
+      address: "0x75faf114eafb1BDbe2F0316DF893fd58CE46AA4d",
+      // Circle USDC Arbitrum Sepolia
+      decimals: 6,
+      isNative: false
+    },
+    {
+      symbol: "WETH",
+      name: "Wrapped Ether",
+      address: "0x980B62Da83eFf3D4576C647993b0c1D7faf17c73",
+      decimals: 18,
+      isNative: false
+    }
+  ]
+};
+var TOKEN_REGISTRY = {
+  10004: BASE_SEPOLIA_TOKENS,
+  10005: OPTIMISM_SEPOLIA_TOKENS,
+  10003: ARBITRUM_SEPOLIA_TOKENS
+};
+function getTokenList(wormholeChainId) {
+  return TOKEN_REGISTRY[wormholeChainId] ?? null;
+}
+function getAllTokens(wormholeChainId) {
+  const list = getTokenList(wormholeChainId);
+  if (!list) return [];
+  return [list.nativeToken, ...list.tokens];
+}
+function isNativeToken(address) {
+  return address.toLowerCase() === NATIVE_TOKEN_ADDRESS || address === EVM_ZERO_ADDRESS;
+}
+
+// src/queries/portfolio.ts
+var QueryPortfolioError = class extends Error {
+  code;
+  cause;
+  constructor(code, message, cause) {
+    super(message);
+    this.name = "QueryPortfolioError";
+    this.code = code;
+    this.cause = cause;
+  }
+};
+var PORTFOLIO_CACHE = /* @__PURE__ */ new Map();
+function resolveNetwork2(options) {
+  if (options?.network) return options.network;
+  const envCandidates = [
+    globalThis?.process?.env?.NEXT_PUBLIC_VERIDEX_NETWORK,
+    globalThis?.process?.env?.VERIDEX_NETWORK,
+    globalThis?.process?.env?.NEXT_PUBLIC_WORMHOLE_NETWORK,
+    globalThis?.process?.env?.WORMHOLE_NETWORK
+  ].filter(Boolean);
+  const env = envCandidates[0]?.toLowerCase();
+  if (env === "mainnet" || env === "testnet") return env;
+  return "testnet";
+}
+function concatBytes2(parts) {
+  const total = parts.reduce((sum, p) => sum + p.length, 0);
+  const out = new Uint8Array(total);
+  let offset = 0;
+  for (const p of parts) {
+    out.set(p, offset);
+    offset += p.length;
+  }
+  return out;
+}
+function signaturesToProofBytes2(signatures) {
+  const chunks = [];
+  for (const sig of signatures) {
+    if (typeof sig !== "string" || sig.length !== 132 || !/^[0-9a-fA-F]+$/.test(sig)) {
+      throw new QueryPortfolioError(
+        "PROXY_RESPONSE_INVALID",
+        `Invalid guardian signature format (expected 132 hex chars): ${String(sig)}`
+      );
+    }
+    chunks.push(hexToUint8Array2(`0x${sig}`));
+  }
+  return concatBytes2(chunks);
+}
+function decodeQueryBytes2(bytes) {
+  if (typeof bytes !== "string" || bytes.length === 0) {
+    throw new QueryPortfolioError("PROXY_RESPONSE_INVALID", "Missing query response bytes");
+  }
+  if (isValidHexString2(bytes)) {
+    return hexToUint8Array2(bytes);
+  }
+  try {
+    if (typeof atob === "function") {
+      const raw = atob(bytes);
+      const arr = new Uint8Array(raw.length);
+      for (let i = 0; i < raw.length; i++) arr[i] = raw.charCodeAt(i);
+      return arr;
+    }
+  } catch {
+  }
+  try {
+    return new Uint8Array(Buffer2.from(bytes, "base64"));
+  } catch (cause) {
+    throw new QueryPortfolioError("PROXY_RESPONSE_INVALID", "Unrecognized query response bytes encoding", cause);
+  }
+}
+function sleep2(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+var rateLimiter = {
+  queue: [],
+  lastRequest: 0,
+  minInterval: 170,
+  // ~6 req/s with buffer
+  async acquire() {
+    return new Promise((resolve) => {
+      const tryAcquire = () => {
+        const now = Date.now();
+        const elapsed = now - rateLimiter.lastRequest;
+        if (elapsed >= rateLimiter.minInterval) {
+          rateLimiter.lastRequest = now;
+          resolve();
+        } else {
+          setTimeout(tryAcquire, rateLimiter.minInterval - elapsed);
+        }
+      };
+      tryAcquire();
+    });
+  }
+};
+async function withExponentialBackoff2(fn, maxAttempts) {
+  let attempt = 0;
+  let lastError;
+  while (attempt < maxAttempts) {
+    try {
+      return await fn();
+    } catch (err) {
+      lastError = err;
+      attempt += 1;
+      if (attempt >= maxAttempts) break;
+      const baseMs = 250;
+      const backoffMs = Math.min(5e3, baseMs * 2 ** (attempt - 1));
+      const jitterMs = Math.floor(Math.random() * 100);
+      await sleep2(backoffMs + jitterMs);
+    }
+  }
+  throw lastError;
+}
+function getChainConfigs(network) {
+  return network === "testnet" ? TESTNET_CHAINS : MAINNET_CHAINS;
+}
+function getProxyEndpoint(network, options) {
+  if (options?.endpoint) return options.endpoint;
+  return network === "testnet" ? WORMHOLE_QUERY_PROXY_URLS.testnet : WORMHOLE_QUERY_PROXY_URLS.mainnet;
+}
+function getDefaultPortfolioChains(network) {
+  return network === "testnet" ? [10004, 10005, 10003, 1] : [30, 24, 23, 1];
+}
+function normalizeHex32(hex) {
+  if (typeof hex !== "string" || !/^0x[0-9a-fA-F]{64}$/.test(hex)) {
+    throw new QueryPortfolioError("INVALID_ARGUMENT", `Invalid userKeyHash (expected 0x + 32 bytes hex): ${hex}`);
+  }
+  return new Uint8Array(Buffer2.from(hex.slice(2), "hex"));
+}
+function deriveSolanaVaultAddress(programIdBase58, userKeyHash) {
+  const programId = new PublicKey(programIdBase58);
+  const keyHashBytes = normalizeHex32(userKeyHash);
+  const [vaultPda] = PublicKey.findProgramAddressSync([Buffer2.from("vault"), Buffer2.from(keyHashBytes)], programId);
+  return vaultPda.toBase58();
+}
+function makeCacheKey(userKeyHash, apiKey, options, chainIds) {
+  const payload = {
+    userKeyHash,
+    network: resolveNetwork2(options),
+    chainIds: [...chainIds].sort((a, b) => a - b),
+    vaultAddresses: options?.vaultAddresses ?? null,
+    evmTokenAddresses: options?.evmTokenAddresses ?? null,
+    solanaAccounts: options?.solanaAccounts ?? null,
+    endpoint: options?.endpoint ?? null
+  };
+  void apiKey;
+  return JSON.stringify(payload);
+}
+function safeNumberFromBigint(b) {
+  const n = Number(b);
+  return Number.isFinite(n) ? n : 0;
+}
+function priceLookup(pricesUsd, symbol, assetId) {
+  if (!pricesUsd) return void 0;
+  if (symbol && pricesUsd[symbol] != null) return pricesUsd[symbol];
+  if (assetId && pricesUsd[assetId] != null) return pricesUsd[assetId];
+  return void 0;
+}
+function sumUsd(balances, pricesUsd) {
+  let total = 0;
+  let any = false;
+  for (const b of balances) {
+    const p = priceLookup(pricesUsd, b.symbol, b.assetId);
+    if (p == null) continue;
+    if (b.decimals == null) continue;
+    const denom = 10 ** b.decimals;
+    const amount = Number(b.amount) / denom;
+    if (!Number.isFinite(amount)) continue;
+    total += amount * p;
+    any = true;
+  }
+  return any ? total : void 0;
+}
+async function getRecentBlockTag(rpcUrl) {
+  const provider = new ethers4.JsonRpcProvider(rpcUrl);
+  const latest = await provider.getBlockNumber();
+  return Math.max(0, latest - 2);
+}
+function encodeErc20BalanceCalls(vaultAddress, tokenAddresses) {
+  const iface = new ethers4.Interface(["function balanceOf(address owner) view returns (uint256)"]);
+  return tokenAddresses.map((token) => ({
+    to: token,
+    data: iface.encodeFunctionData("balanceOf", [vaultAddress])
+  }));
+}
+function decodeErc20Balances(results, tokenAddresses) {
+  const iface = new ethers4.Interface(["function balanceOf(address owner) view returns (uint256)"]);
+  const out = [];
+  for (let i = 0; i < tokenAddresses.length; i++) {
+    const data = results[i];
+    if (!data || data === "0x") {
+      out.push(0n);
+      continue;
+    }
+    const decoded = iface.decodeFunctionResult("balanceOf", data);
+    out.push(decoded[0]);
+  }
+  return out;
+}
+async function queryPortfolio(userKeyHash, apiKey, options) {
+  const network = resolveNetwork2(options);
+  const maxAgeSeconds = options?.maxAge ?? 60;
+  const maxAttempts = options?.maxAttempts ?? 4;
+  const cacheTtlMs = options?.cacheTtlMs ?? 3e4;
+  const endpoint = getProxyEndpoint(network, options);
+  const chainIds = options?.rpcUrls ? Object.keys(options.rpcUrls).map(Number) : void 0;
+  void chainIds;
+  const requestedChains = options?.vaultAddresses ? Object.keys(options.vaultAddresses).map(Number) : void 0;
+  const defaultChains = getDefaultPortfolioChains(network);
+  const wormholeChainIds = options?.evmTokenAddresses ? Array.from(/* @__PURE__ */ new Set([...defaultChains, ...Object.keys(options.evmTokenAddresses).map(Number)])) : defaultChains;
+  const finalChainIds = requestedChains ? Array.from(/* @__PURE__ */ new Set([...wormholeChainIds, ...requestedChains])) : wormholeChainIds;
+  if (!apiKey || typeof apiKey !== "string") {
+    throw new QueryPortfolioError("INVALID_ARGUMENT", "Missing Query Proxy apiKey");
+  }
+  const cacheKey = makeCacheKey(userKeyHash, apiKey, options, finalChainIds);
+  const cached = PORTFOLIO_CACHE.get(cacheKey);
+  if (cached && cached.expiresAt > Date.now()) {
+    return cached.value;
+  }
+  const chains = getChainConfigs(network);
+  const walletManager = new WalletManager({ cacheAddresses: true, persistToStorage: false });
+  const pricesUsd = {
+    USDC: 1,
+    ...options?.pricesUsd ?? {}
+  };
+  const doFetch = async () => {
+    try {
+      const perChainRequests = [];
+      const chainMeta = {};
+      const evmChainIds = finalChainIds.filter((id) => {
+        const cfg = Object.values(chains).find((c) => c.wormholeChainId === id);
+        return cfg?.isEvm;
+      });
+      const blockTagsByChainId = /* @__PURE__ */ new Map();
+      await Promise.all(
+        evmChainIds.map(async (wormholeChainId) => {
+          const cfg = Object.values(chains).find((c) => c.wormholeChainId === wormholeChainId);
+          if (!cfg) return;
+          const rpcUrl = options?.rpcUrls?.[wormholeChainId] ?? cfg.rpcUrl;
+          const blockTag = await getRecentBlockTag(rpcUrl);
+          blockTagsByChainId.set(wormholeChainId, blockTag);
+        })
+      );
+      for (const wormholeChainId of finalChainIds) {
+        const cfg = Object.values(chains).find((c) => c.wormholeChainId === wormholeChainId);
+        if (wormholeChainId === 22) {
+          chainMeta[wormholeChainId] = { kind: "unsupported", chainName: cfg?.name };
+          continue;
+        }
+        if (!cfg) {
+          chainMeta[wormholeChainId] = { kind: "unsupported" };
+          continue;
+        }
+        if (cfg.isEvm) {
+          const vaultAddress = options?.vaultAddresses?.[wormholeChainId] ?? (cfg.contracts.vaultFactory && cfg.contracts.vaultImplementation ? walletManager.computeVaultAddress(userKeyHash, cfg.contracts.vaultFactory, cfg.contracts.vaultImplementation) : void 0);
+          chainMeta[wormholeChainId] = { kind: "evm", vaultAddress, chainName: cfg.name };
+          if (!vaultAddress) {
+            continue;
+          }
+          const tokenAddresses = options?.evmTokenAddresses?.[wormholeChainId] ?? getAllTokens(wormholeChainId).filter((t) => !isNativeToken(t.address)).map((t) => t.address);
+          if (!tokenAddresses.length) {
+            continue;
+          }
+          const blockTag = blockTagsByChainId.get(wormholeChainId);
+          if (blockTag == null) {
+            continue;
+          }
+          const calls = encodeErc20BalanceCalls(vaultAddress, tokenAddresses);
+          perChainRequests.push(new PerChainQueryRequest2(wormholeChainId, new EthCallQueryRequest2(blockTag, calls)));
+          continue;
+        }
+        if (wormholeChainId === 1) {
+          const programId = options?.vaultAddresses?.[wormholeChainId] ?? cfg.contracts.hub;
+          chainMeta[wormholeChainId] = { kind: "solana", chainName: cfg.name };
+          if (!programId) {
+            continue;
+          }
+          const vaultAddress = deriveSolanaVaultAddress(programId, userKeyHash);
+          chainMeta[wormholeChainId] = { kind: "solana", chainName: cfg.name, vaultAddress };
+          const accounts = [vaultAddress, ...options?.solanaAccounts ?? []];
+          perChainRequests.push(
+            new PerChainQueryRequest2(
+              wormholeChainId,
+              new SolanaAccountQueryRequest("finalized", accounts, void 0, 0n, 0n)
+            )
+          );
+          continue;
+        }
+        chainMeta[wormholeChainId] = { kind: "unsupported", chainName: cfg.name };
+      }
+      if (perChainRequests.length > 255) {
+        throw new QueryPortfolioError(
+          "INVALID_ARGUMENT",
+          `Too many per-chain requests (${perChainRequests.length}); max is 255 per Query Proxy request`
+        );
+      }
+      if (perChainRequests.length === 0) {
+        const chainsOut2 = finalChainIds.map((wormholeChainId) => {
+          const meta = chainMeta[wormholeChainId] ?? { kind: "unsupported" };
+          return {
+            wormholeChainId,
+            chainName: meta.chainName,
+            vaultAddress: meta.vaultAddress,
+            balances: [],
+            error: {
+              code: "MISSING_VAULT",
+              message: "Unable to build query: missing vault address or no tokens configured"
+            }
+          };
+        });
+        return { proof: new Uint8Array(), totalUsd: 0, chains: chainsOut2 };
+      }
+      const request = new QueryRequest2(Date.now() & 4294967295, perChainRequests);
+      const requestHex = Buffer2.from(request.serialize()).toString("hex");
+      await rateLimiter.acquire();
+      let response;
+      try {
+        console.log("[queryPortfolio] Sending request to:", endpoint);
+        console.log("[queryPortfolio] Request bytes length:", requestHex.length);
+        const defaultTimeout = network === "testnet" ? 15e3 : 1e4;
+        const requestTimeout = options?.timeout ?? defaultTimeout;
+        response = await axios2.post(
+          endpoint,
+          { bytes: requestHex },
+          {
+            headers: {
+              "X-API-Key": apiKey,
+              "Content-Type": "application/json"
+            },
+            timeout: requestTimeout
+          }
+        );
+      } catch (axiosErr) {
+        const err = axiosErr;
+        if (!err.response) {
+          console.error("[queryPortfolio] Network error:", {
+            message: err.message,
+            code: err.code,
+            name: err.name
+          });
+          throw new QueryPortfolioError(
+            "NETWORK_ERROR",
+            `Network error: ${err.message} (code: ${err.code})`
+          );
+        }
+        const status = err.response.status;
+        const errData = err.response.data;
+        console.error("[queryPortfolio] Wormhole Query Proxy error:", { status, data: errData });
+        throw new QueryPortfolioError(
+          "PROXY_RESPONSE_INVALID",
+          `Query Proxy returned ${status}: ${JSON.stringify(errData)}`
+        );
+      }
+      const data = response.data;
+      const signatures = data?.signatures;
+      const bytes = data?.bytes;
+      if (!Array.isArray(signatures) || typeof bytes !== "string") {
+        throw new QueryPortfolioError("PROXY_RESPONSE_INVALID", "Query Proxy response missing signatures/bytes");
+      }
+      const proof = signaturesToProofBytes2(signatures);
+      const queryBytes = decodeQueryBytes2(bytes);
+      const parsed = QueryResponse2.from(queryBytes);
+      const nowSeconds = Math.floor(Date.now() / 1e3);
+      const chainsOut = [];
+      for (const wormholeChainId of finalChainIds) {
+        const meta = chainMeta[wormholeChainId] ?? { kind: "unsupported" };
+        if (meta.kind === "unsupported") {
+          const msg = wormholeChainId === 22 ? "Aptos Queries are not supported by the Wormhole Query SDK yet" : "Chain is not supported by this portfolio query implementation";
+          chainsOut.push({
+            wormholeChainId,
+            chainName: meta.chainName,
+            balances: [],
+            error: { code: "UNSUPPORTED_CHAIN", message: msg }
+          });
+          continue;
+        }
+        if (!meta.vaultAddress) {
+          chainsOut.push({
+            wormholeChainId,
+            chainName: meta.chainName,
+            balances: [],
+            error: { code: "MISSING_VAULT", message: "Unable to derive vault address for chain" }
+          });
+          continue;
+        }
+        const perChain = parsed.responses.find((r) => r.chainId === wormholeChainId);
+        if (!perChain) {
+          chainsOut.push({
+            wormholeChainId,
+            chainName: meta.chainName,
+            vaultAddress: meta.vaultAddress,
+            balances: [],
+            error: { code: "DECODE_ERROR", message: "Missing per-chain response from Query Proxy" }
+          });
+          continue;
+        }
+        try {
+          if (meta.kind === "evm") {
+            const cfg = Object.values(chains).find((c) => c.wormholeChainId === wormholeChainId);
+            const tokenAddresses = options?.evmTokenAddresses?.[wormholeChainId] ?? getAllTokens(wormholeChainId).filter((t) => !isNativeToken(t.address)).map((t) => t.address);
+            if (!tokenAddresses.length) {
+              chainsOut.push({
+                wormholeChainId,
+                chainName: meta.chainName,
+                vaultAddress: meta.vaultAddress,
+                balances: [],
+                error: { code: "MISSING_TOKENS", message: "No ERC20 tokens configured for EVM portfolio query" }
+              });
+              continue;
+            }
+            const chainResp2 = EthCallQueryResponse2.from(perChain.response.serialize());
+            const blockTime2 = Number(chainResp2.blockTime);
+            const age2 = nowSeconds - blockTime2;
+            if (age2 > maxAgeSeconds) {
+              chainsOut.push({
+                wormholeChainId,
+                chainName: meta.chainName,
+                vaultAddress: meta.vaultAddress,
+                blockTime: blockTime2,
+                balances: [],
+                error: { code: "ATTESTATION_STALE", message: `Attestation stale by ${age2}s (maxAge=${maxAgeSeconds}s)` }
+              });
+              continue;
+            }
+            const amounts = decodeErc20Balances(chainResp2.results, tokenAddresses);
+            const tokenInfos = getAllTokens(wormholeChainId).filter((t) => !isNativeToken(t.address));
+            const balances2 = tokenAddresses.map((addr, i) => {
+              const info = tokenInfos.find((t) => t.address.toLowerCase() === addr.toLowerCase());
+              const symbol = info?.symbol;
+              const decimals = info?.decimals;
+              const usdPrice = priceLookup(pricesUsd, symbol, addr);
+              const usdValue = usdPrice != null && decimals != null ? Number(amounts[i]) / 10 ** decimals * usdPrice : void 0;
+              return {
+                assetId: addr,
+                amount: amounts[i],
+                symbol,
+                decimals,
+                usdValue: Number.isFinite(usdValue ?? NaN) ? usdValue : void 0
+              };
+            });
+            void cfg;
+            chainsOut.push({
+              wormholeChainId,
+              chainName: meta.chainName,
+              vaultAddress: meta.vaultAddress,
+              blockTime: blockTime2,
+              balances: balances2
+            });
+            continue;
+          }
+          const chainResp = SolanaAccountQueryResponse.from(perChain.response.serialize());
+          const blockTime = safeNumberFromBigint(chainResp.blockTime);
+          const age = nowSeconds - blockTime;
+          if (age > maxAgeSeconds) {
+            chainsOut.push({
+              wormholeChainId,
+              chainName: meta.chainName,
+              vaultAddress: meta.vaultAddress,
+              blockTime,
+              balances: [],
+              error: { code: "ATTESTATION_STALE", message: `Attestation stale by ${age}s (maxAge=${maxAgeSeconds}s)` }
+            });
+            continue;
+          }
+          const vaultResult = chainResp.results[0];
+          const lamports = vaultResult?.lamports ?? 0n;
+          const balances = [
+            {
+              assetId: "SOL",
+              amount: lamports,
+              decimals: 9,
+              symbol: "SOL",
+              usdValue: priceLookup(pricesUsd, "SOL", "SOL") != null ? Number(lamports) / 1e9 * priceLookup(pricesUsd, "SOL", "SOL") : void 0
+            }
+          ];
+          chainsOut.push({
+            wormholeChainId,
+            chainName: meta.chainName,
+            vaultAddress: meta.vaultAddress,
+            blockTime,
+            balances
+          });
+        } catch (cause) {
+          chainsOut.push({
+            wormholeChainId,
+            chainName: meta.chainName,
+            vaultAddress: meta.vaultAddress,
+            balances: [],
+            error: { code: "DECODE_ERROR", message: `Failed to decode chain response: ${String(cause?.message ?? cause)}` }
+          });
+        }
+      }
+      const allBalances = chainsOut.flatMap((c) => c.balances);
+      const totalUsd = sumUsd(allBalances, pricesUsd);
+      const result2 = { proof, totalUsd, chains: chainsOut };
+      PORTFOLIO_CACHE.set(cacheKey, { expiresAt: Date.now() + cacheTtlMs, value: result2 });
+      return result2;
+    } catch (err) {
+      if (err instanceof QueryPortfolioError) throw err;
+      if (axios2.isAxiosError(err)) {
+        const ax = err;
+        const status = ax.response?.status;
+        const statusText = ax.response?.statusText;
+        const details = typeof ax.response?.data === "string" ? ax.response?.data : void 0;
+        throw new QueryPortfolioError(
+          "PROXY_HTTP_ERROR",
+          `Query Proxy request failed${status ? ` (${status} ${statusText ?? ""})` : ""}${details ? `: ${details}` : ""}`,
+          err
+        );
+      }
+      throw new QueryPortfolioError("PROXY_HTTP_ERROR", "Query Proxy request failed", err);
+    }
+  };
+  const result = await withExponentialBackoff2(doFetch, maxAttempts);
+  PORTFOLIO_CACHE.set(cacheKey, { expiresAt: Date.now() + cacheTtlMs, value: result });
+  return result;
+}
+export {
+  QueryHubStateError,
+  QueryPortfolioError,
+  WORMHOLE_QUERY_CHAIN_IDS,
+  WORMHOLE_QUERY_PROXY_URLS,
+  WORMHOLE_QUERY_RATE_LIMIT_PER_SECOND,
+  queryHubState,
+  queryPortfolio
+};
+//# sourceMappingURL=index.mjs.map