@vess-id/ai-identity 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +153 -0
- package/dist/index.js +4573 -0
- package/dist/index.js.map +1 -0
- package/dist/index.mjs +4513 -0
- package/dist/index.mjs.map +1 -0
- package/package.json +46 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/client.ts","../src/config/index.ts","../src/did/key-manager.ts","../src/storage/filesystem-key-storage.ts","../src/storage/memory-key-storage.ts","../src/utils/sdjwt-client.ts","../src/utils/crypto.ts","../src/agent/agent-did-manager.ts","../src/did/agent.ts","../src/identity/user-identity-manager.ts","../src/vc/vc-manager.ts","../src/vp/vp-manager.ts","../src/tool/tool-manager.ts","../src/memory/memory-manager.ts","../src/organization/organization-manager.ts","../src/grant/grant-manager.ts","../src/vc/api-vc-manager.ts","../src/organization/disclosure-config-manager.ts","../src/organization/key-rotation-manager.ts","../src/monitoring/metrics-manager.ts","../src/revocation/revocation-manager.ts","../src/constraint/constraint-evaluator.ts","../src/registry/action-registry.ts","../src/registry/access-orchestrator.ts","../src/registry/action-registry-json.ts"],"sourcesContent":["// Main client\nexport { AIdentityClient, getClient } from './client'\n\n// Configuration\nexport { configure, AIdentityConfig } from './config'\n\n// Managers\nexport { AgentManager } from './did/agent'\nexport { KeyManager } from './did/key-manager'\nexport { AgentDIDManager } from './agent/agent-did-manager'\nexport { UserIdentityManager } from './identity/user-identity-manager'\nexport { VCManager } from './vc/vc-manager'\nexport { APIVCManager } from './vc/api-vc-manager'\nexport { VPManager } from './vp/vp-manager'\nexport { ToolManager, ToolDefinition } from './tool/tool-manager'\nexport {\n MemoryManager,\n MemoryDocument,\n MemoryQuery,\n MemoryQueryResult,\n} from './memory/memory-manager'\n\n// Organization Managers\nexport {\n KeyRotationManager,\n KeyRotationConfig,\n KeyRotationInfo,\n} from './organization/key-rotation-manager'\nexport {\n DisclosureConfigManager,\n OrganizationDisclosureConfig,\n CredentialDisclosureConfig,\n} from './organization/disclosure-config-manager'\n\n// Monitoring and Revocation\nexport { MetricsManager, SDJWTMetrics, OperationMetric } from './monitoring/metrics-manager'\nexport {\n RevocationManager,\n RevocationList,\n RevocationListEntry,\n CredentialStatusInfo,\n} from './revocation/revocation-manager'\n\n// Constraint Evaluation\nexport {\n ConstraintEvaluator,\n ConstraintEvaluatorOptions,\n defaultConstraintEvaluator,\n evaluateConstraints\n} from './constraint/constraint-evaluator'\n\n// Storage providers\nexport * from './storage'\n\nexport * from './registry'\n\n// Utils\nexport { generateKeyPair, signJWT, verifyJWT, generateNonce } from './utils/crypto'\nexport { SDJwtClient } from './utils/sdjwt-client'\n\n// Re-export types\nexport * from '@vess-id/ai-identity-types'\n\n// Version\nexport const version = '0.0.1'\n","import { AIdentityConfig, configure } from './config'\nimport { AgentManager } from './did/agent'\nimport { KeyManager } from './did/key-manager'\nimport { UserIdentityManager } from './identity/user-identity-manager'\nimport { VCManager } from './vc/vc-manager'\nimport { VPManager } from './vp/vp-manager'\nimport { ToolManager } from './tool/tool-manager'\nimport { MemoryManager } from './memory/memory-manager'\nimport { OrganizationManager } from './organization/organization-manager'\nimport { GrantManager } from './grant/grant-manager'\nimport {\n Agent,\n ConnectorResponse,\n} from '@vess-id/ai-identity-types'\n\nexport class AIdentityClient {\n public readonly agent: AgentManager\n public readonly user: UserIdentityManager\n public readonly vc: VCManager\n public readonly vp: VPManager\n public readonly tool: ToolManager\n public readonly memory: MemoryManager\n public readonly organization: OrganizationManager\n public readonly grant: GrantManager\n\n private keyManager: KeyManager\n private currentAgent?: Agent\n\n constructor(config?: AIdentityConfig, password?: string) {\n if (config) {\n configure(config)\n }\n\n // Initialize key manager with optional password for encryption\n this.keyManager = new KeyManager(password)\n\n // Initialize managers\n this.agent = new AgentManager(this.keyManager)\n this.user = new UserIdentityManager(this.keyManager)\n this.vc = new VCManager(this.keyManager, this.agent, this.user)\n this.vp = new VPManager(this.keyManager)\n this.tool = new ToolManager(this.vp)\n this.memory = new MemoryManager(this.vp)\n this.organization = new OrganizationManager(this.vp, this.vc)\n this.grant = new GrantManager(this.vp)\n }\n\n /**\n * Quick setup: Create or load an agent\n */\n async setup(did?: string): Promise<Agent> {\n if (did) {\n // Load existing agent\n this.currentAgent = await this.agent.export(did).then(({ agent }) => agent)\n } else {\n // Create new agent\n this.currentAgent = await this.agent.create()\n }\n return this.currentAgent\n }\n\n /**\n * Get current agent\n */\n getCurrentAgent(): Agent | undefined {\n return this.currentAgent\n }\n\n /**\n * Get current user DID\n */\n async getCurrentUserDID(): Promise<string> {\n return this.user.getCurrentUserDID()\n }\n\n /**\n * Create or reset user identity\n */\n async resetUserIdentity(): Promise<string> {\n return this.user.resetUserIdentity()\n }\n\n /**\n * Issue a VC for tool permission\n * Enhanced to support User → Agent delegation pattern\n */\n async issueToolPermission(\n tool: string,\n action: string,\n options: {\n subjectDid?: string\n agentId?: string\n issuerDid?: string\n resourceScope?: Record<string, any>\n expiresIn?: string\n }\n ): Promise<string> {\n return this.vc.issue(\n 'ToolPermissionVC',\n {\n tool: `${tool}.${action}`,\n resourceScope: options.resourceScope,\n aud: tool,\n },\n {\n issuerDid: options.issuerDid,\n subjectDid: options.subjectDid,\n agentId: options.agentId,\n expiresIn: options.expiresIn || '1h',\n }\n )\n }\n\n /**\n * Issue a VC for data access\n * Enhanced to support User → Agent delegation pattern\n */\n async issueDataAccess(\n resource: string,\n actions: ('read' | 'write' | 'delete')[],\n options: {\n subjectDid?: string\n agentId?: string\n issuerDid?: string\n expiresIn?: string\n }\n ): Promise<string> {\n return this.vc.issue(\n 'DataAccessVC',\n {\n resource,\n actions,\n },\n {\n issuerDid: options.issuerDid,\n subjectDid: options.subjectDid,\n agentId: options.agentId,\n expiresIn: options.expiresIn || '24h',\n }\n )\n }\n\n /**\n * Invoke a tool with automatic VP creation\n */\n async invokeTool<T = any>(\n tool: string,\n action: string,\n params: Record<string, any>,\n vcs: string[]\n ): Promise<ConnectorResponse<T>> {\n const holderDid = this.currentAgent?.did\n if (!holderDid) {\n throw new Error('No current agent available')\n }\n\n return this.tool.invoke<T>(tool, action, params, {\n vcs,\n holderDid,\n })\n }\n\n /**\n * Write to memory with automatic VP creation\n */\n async writeMemory(\n content: string,\n namespace: string,\n vcs: string[],\n metadata?: Record<string, any>\n ) {\n const holderDid = this.currentAgent?.did\n if (!holderDid) {\n throw new Error('No current agent available')\n }\n\n return this.memory.write(content, {\n namespace,\n metadata,\n vcs,\n holderDid,\n })\n }\n\n /**\n * Query memory with automatic VP creation\n */\n async queryMemory(\n query: string,\n vcs: string[],\n options?: {\n namespace?: string\n limit?: number\n filter?: Record<string, any>\n }\n ) {\n const holderDid = this.currentAgent?.did\n if (!holderDid) {\n throw new Error('No current agent available')\n }\n\n return this.memory.query(query, {\n ...options,\n vcs,\n holderDid,\n })\n }\n}\n\n// Export singleton instance for convenience\nlet defaultClient: AIdentityClient | undefined\n\nexport function getClient(config?: AIdentityConfig, password?: string): AIdentityClient {\n if (!defaultClient) {\n defaultClient = new AIdentityClient(config, password)\n }\n return defaultClient\n}\n\n// Re-export types\nexport * from '@vess-id/ai-identity-types'\nexport { configure, AIdentityConfig } from './config'","export interface AIdentityConfig {\n didApi?: {\n baseUrl: string\n apiKey?: string\n bearerToken?: string\n }\n issuerApi?: {\n baseUrl: string\n apiKey?: string\n bearerToken?: string\n }\n verifierApi?: {\n baseUrl: string\n apiKey?: string\n bearerToken?: string\n }\n proxyApi?: {\n baseUrl: string\n }\n storage?: {\n keyStorePath?: string // Default: ~/.vess/keys\n }\n}\n\nlet globalConfig: AIdentityConfig = {}\n\nexport function configure(config: AIdentityConfig): void {\n globalConfig = { ...globalConfig, ...config }\n}\n\nexport function getConfig(): AIdentityConfig {\n return globalConfig\n}\n\nexport function getDidApiUrl(path: string): string {\n const baseUrl = globalConfig.didApi?.baseUrl || process.env.DID_API_BASE_URL\n if (!baseUrl) {\n throw new Error('DID API base URL not configured')\n }\n return `${baseUrl}${path}`\n}\n\nexport function getIssuerApiUrl(path: string): string {\n const baseUrl = globalConfig.issuerApi?.baseUrl || process.env.ISSUER_API_BASE_URL\n if (!baseUrl) {\n throw new Error('Issuer API base URL not configured')\n }\n return `${baseUrl}${path}`\n}\n\nexport function getVerifierApiUrl(path: string): string {\n const baseUrl = globalConfig.verifierApi?.baseUrl || process.env.VERIFIER_API_BASE_URL\n if (!baseUrl) {\n throw new Error('Verifier API base URL not configured')\n }\n return `${baseUrl}${path}`\n}\n\nexport function getApiHeaders(apiType: 'did' | 'issuer' | 'verifier'): any {\n const headers: any = {\n 'Content-Type': 'application/json',\n }\n\n let apiKey: string | undefined\n let bearerToken: string | undefined\n\n switch (apiType) {\n case 'did':\n apiKey = globalConfig.didApi?.apiKey || process.env.DID_API_KEY\n bearerToken = globalConfig.didApi?.bearerToken\n break\n case 'issuer':\n apiKey = globalConfig.issuerApi?.apiKey || process.env.ISSUER_API_KEY\n bearerToken = globalConfig.issuerApi?.bearerToken\n break\n case 'verifier':\n apiKey = globalConfig.verifierApi?.apiKey || process.env.VERIFIER_API_KEY\n bearerToken = globalConfig.verifierApi?.bearerToken\n break\n }\n\n if (apiKey) {\n headers['x-api-key'] = apiKey\n }\n if (bearerToken) {\n headers['Authorization'] = `Bearer ${bearerToken}`\n }\n\n return headers\n}\n","import * as crypto from 'crypto'\nimport { KeyStorageProvider, FilesystemKeyStorage } from '../storage'\nimport { getConfig } from '../config'\n\nexport class KeyManager {\n private encryptionKey?: Buffer\n private storageProvider: KeyStorageProvider\n\n constructor(password?: string, storageProvider?: KeyStorageProvider) {\n if (password) {\n // Derive encryption key from password\n this.encryptionKey = crypto.scryptSync(password, 'aidentity-salt', 32)\n }\n\n // Use provided storage provider or default to filesystem\n this.storageProvider = storageProvider || this.createDefaultStorageProvider()\n }\n\n private createDefaultStorageProvider(): KeyStorageProvider {\n const config = getConfig()\n return new FilesystemKeyStorage({\n type: 'filesystem',\n options: {\n path: config.storage?.keyStorePath,\n },\n })\n }\n\n async storeKey(did: string, privateKey: any): Promise<void> {\n const keyData = JSON.stringify(privateKey)\n const encrypted = this.encrypt(keyData)\n // const keyId = this.getKeyId(did)\n\n await this.storageProvider.store(did, encrypted)\n }\n\n async getKey(did: string): Promise<any | null> {\n // const keyId = this.getKeyId(did)\n const encrypted = await this.storageProvider.retrieve(did)\n\n if (!encrypted) {\n return null\n }\n\n const decrypted = this.decrypt(encrypted)\n return JSON.parse(decrypted)\n }\n\n async deleteKey(did: string): Promise<void> {\n // const keyId = this.getKeyId(did)\n await this.storageProvider.delete(did)\n }\n\n async listDids(): Promise<string[]> {\n const keyIds = await this.storageProvider.list()\n return keyIds.map(keyId => this.didFromKeyId(keyId))\n }\n\n /**\n * Check if storage is available\n */\n async isAvailable(): Promise<boolean> {\n return this.storageProvider.isAvailable()\n }\n\n // private getKeyId(did: string): string {\n // // Use SHA256 hash to create short, storage-safe identifier\n // return crypto.createHash('sha256').update(did).digest('hex').substring(0, 16)\n // }\n\n private didFromKeyId(keyId: string): string {\n // For now, we cannot reverse the hash, so we need to store the mapping\n // This is a limitation of the current design.\n // TODO: Consider storing DID->keyId mapping in storage provider\n return keyId // Temporary fallback\n }\n\n private encrypt(data: string): string {\n if (!this.encryptionKey) {\n // No encryption if no password provided\n return Buffer.from(data).toString('base64')\n }\n\n const iv = crypto.randomBytes(16)\n const cipher = crypto.createCipheriv('aes-256-gcm', this.encryptionKey, iv)\n\n let encrypted = cipher.update(data, 'utf8', 'base64')\n encrypted += cipher.final('base64')\n\n const authTag = cipher.getAuthTag()\n\n // Combine iv, authTag, and encrypted data\n const combined = Buffer.concat([iv, authTag, Buffer.from(encrypted, 'base64')])\n\n return combined.toString('base64')\n }\n\n private decrypt(encrypted: string): string {\n if (!this.encryptionKey) {\n // No decryption if no password provided\n return Buffer.from(encrypted, 'base64').toString('utf-8')\n }\n\n const combined = Buffer.from(encrypted, 'base64')\n\n // Extract iv, authTag, and encrypted data\n const iv = combined.subarray(0, 16)\n const authTag = combined.subarray(16, 32)\n const encryptedData = combined.subarray(32)\n\n const decipher = crypto.createDecipheriv('aes-256-gcm', this.encryptionKey, iv)\n decipher.setAuthTag(authTag)\n\n let decrypted = decipher.update(encryptedData, undefined, 'utf8')\n decrypted += decipher.final('utf8')\n\n return decrypted\n }\n}\n","import * as fs from 'fs/promises'\nimport * as path from 'path'\nimport * as os from 'os'\nimport { KeyStorageProvider, KeyStorageConfig } from './key-storage.interface'\n\n/**\n * Filesystem-based key storage provider\n */\nexport class FilesystemKeyStorage implements KeyStorageProvider {\n private keyStorePath: string\n\n constructor(config?: KeyStorageConfig) {\n this.keyStorePath = config?.options?.path || path.join(os.homedir(), '.vess', 'keys')\n }\n\n async store(id: string, encryptedKey: string): Promise<void> {\n await this.ensureKeyStoreExists()\n const keyPath = this.getKeyPath(id)\n await fs.writeFile(keyPath, encryptedKey, 'utf-8')\n }\n\n async retrieve(id: string): Promise<string | null> {\n const keyPath = this.getKeyPath(id)\n\n try {\n return await fs.readFile(keyPath, 'utf-8')\n } catch (error) {\n if ((error as any).code === 'ENOENT') {\n return null\n }\n throw error\n }\n }\n\n async delete(id: string): Promise<void> {\n const keyPath = this.getKeyPath(id)\n\n try {\n await fs.unlink(keyPath)\n } catch (error) {\n if ((error as any).code !== 'ENOENT') {\n throw error\n }\n }\n }\n\n async list(): Promise<string[]> {\n await this.ensureKeyStoreExists()\n\n const files = await fs.readdir(this.keyStorePath)\n return files\n .filter(f => f.endsWith('.key'))\n .map(f => f.replace('.key', ''))\n }\n\n async isAvailable(): Promise<boolean> {\n try {\n await this.ensureKeyStoreExists()\n return true\n } catch {\n return false\n }\n }\n\n private async ensureKeyStoreExists(): Promise<void> {\n try {\n await fs.access(this.keyStorePath)\n } catch {\n await fs.mkdir(this.keyStorePath, { recursive: true })\n }\n }\n\n private getKeyPath(id: string): string {\n return path.join(this.keyStorePath, `${id}.key`)\n }\n}","import { KeyStorageProvider } from './key-storage.interface'\n\n/**\n * In-memory key storage provider (for testing)\n */\nexport class MemoryKeyStorage implements KeyStorageProvider {\n private keys: Map<string, string> = new Map()\n\n async store(id: string, encryptedKey: string): Promise<void> {\n this.keys.set(id, encryptedKey)\n }\n\n async retrieve(id: string): Promise<string | null> {\n return this.keys.get(id) || null\n }\n\n async delete(id: string): Promise<void> {\n this.keys.delete(id)\n }\n\n async list(): Promise<string[]> {\n return Array.from(this.keys.keys())\n }\n\n async isAvailable(): Promise<boolean> {\n return true\n }\n\n /**\n * Clear all stored keys (for testing)\n */\n clear(): void {\n this.keys.clear()\n }\n}","import { SDJwtVcInstance } from '@sd-jwt/sd-jwt-vc'\nimport { ES256, digest, generateSalt } from '@sd-jwt/crypto-nodejs'\nimport { generateKeyPair, getSigner, getVerifier } from './crypto'\nimport { KeyManager } from '../did/key-manager'\nimport type { DisclosureFrame } from '@sd-jwt/types'\n\nexport class SDJwtClient {\n private static instances: Map<string, SDJwtVcInstance> = new Map()\n private static keyManager: KeyManager\n private static signerCache: Map<string, any> = new Map()\n private static verifierCache: Map<string, any> = new Map()\n\n private constructor() {}\n\n /**\n * Initialize with KeyManager for DID-based key management\n */\n public static setKeyManager(keyManager: KeyManager) {\n this.keyManager = keyManager\n }\n\n /**\n * Get SDJwtVcInstance for issuer role (VC issuance)\n */\n public static async getIssuerInstance(issuerDid: string): Promise<SDJwtVcInstance> {\n const cacheKey = `${issuerDid}:issuer`\n if (!this.instances.has(cacheKey)) {\n const instance = await this.createInstance(issuerDid, 'issuer')\n this.instances.set(cacheKey, instance)\n }\n return this.instances.get(cacheKey)!\n }\n\n /**\n * Get SDJwtVcInstance for holder role (VP presentation)\n */\n public static async getHolderInstance(holderDid: string): Promise<SDJwtVcInstance> {\n const cacheKey = `${holderDid}:holder`\n if (!this.instances.has(cacheKey)) {\n const instance = await this.createInstance(holderDid, 'holder')\n this.instances.set(cacheKey, instance)\n }\n return this.instances.get(cacheKey)!\n }\n\n /**\n * Get SDJwtVcInstance with specified role (backward compatibility)\n */\n public static async getSDJwtInstance(\n did: string,\n options?: { role?: 'issuer' | 'holder' }\n ): Promise<SDJwtVcInstance> {\n const role = options?.role || 'issuer' // Default to issuer for backward compatibility\n return role === 'holder' ? this.getHolderInstance(did) : this.getIssuerInstance(did)\n }\n\n /**\n * Create a new SDJwtVcInstance with DID-based keys and role\n */\n private static async createInstance(\n did: string,\n role: 'issuer' | 'holder'\n ): Promise<SDJwtVcInstance> {\n if (!this.keyManager) {\n this.keyManager = new KeyManager()\n }\n\n // Get private key for DID\n const privateKey = await this.keyManager.getKey(did)\n\n if (!privateKey) {\n throw new Error(`Private key not found for ${role}: ${did}`)\n }\n\n try {\n // Check cache first\n const signerCacheKey = `signer:${did}`\n const verifierCacheKey = `verifier:${did}`\n\n let signer = this.signerCache.get(signerCacheKey)\n let verifier = this.verifierCache.get(verifierCacheKey)\n\n if (!signer) {\n signer = await getSigner(privateKey)\n this.signerCache.set(signerCacheKey, signer)\n }\n\n if (!verifier) {\n // Extract public key from private key for verifier\n const { d, key_ops, ...publicKey } = privateKey // Remove private component and key_ops\n const publicKeyForVerifier = {\n ...publicKey,\n key_ops: ['verify'], // Set correct key operations for verifier\n }\n verifier = await getVerifier(publicKeyForVerifier)\n this.verifierCache.set(verifierCacheKey, verifier)\n }\n\n // Configure based on role\n const config: any = {\n signer,\n verifier,\n signAlg: ES256.alg,\n hasher: digest,\n hashAlg: 'sha-256',\n saltGenerator: generateSalt,\n }\n\n // Add key binding configuration only for holder role\n if (role === 'holder') {\n config.kbSigner = signer\n config.kbSignAlg = ES256.alg\n }\n\n return new SDJwtVcInstance(config)\n } catch (error) {\n console.error('❌ Error creating SDJwtVcInstance:', error)\n throw error\n }\n }\n\n /**\n * Create disclosure frame for selective disclosure\n */\n public static createDisclosureFrame<T extends Record<string, any>>(\n claims: T,\n selectivelyDisclosable: string[] = []\n ): DisclosureFrame<T> {\n const frame: any = {}\n\n // Filter selectively disclosable fields to only include fields that actually exist in claims\n const existingDisclosableFields = selectivelyDisclosable.filter(field =>\n claims.hasOwnProperty(field)\n )\n\n // Make specified fields selectively disclosable\n if (existingDisclosableFields.length > 0) {\n frame._sd = existingDisclosableFields\n frame._sd_decoy = Math.max(0, Math.floor(existingDisclosableFields.length * 0.1))\n }\n\n // Process nested objects\n for (const [key, value] of Object.entries(claims)) {\n if (typeof value === 'object' && value !== null && !Array.isArray(value)) {\n // Recursively process nested objects\n const nestedKeys = Object.keys(value)\n const nestedFrame = this.createDisclosureFrame(\n value,\n nestedKeys // Make all nested fields disclosable\n )\n frame[key] = nestedFrame\n }\n }\n\n return frame as DisclosureFrame<T>\n }\n\n /**\n * Issue an SD-JWT with selective disclosure\n */\n public static async issueSDJWT(\n payload: Record<string, any>,\n _privateKey: any, // Not used since we get key from KeyManager based on issuer DID\n selectiveDisclosureFields: string[] = []\n ): Promise<string> {\n const issuerDid = payload.iss || 'unknown'\n const sdjwtInstance = await this.getIssuerInstance(issuerDid)\n\n // Ensure payload has required vct field for SD-JWT VC\n const vcPayload = {\n vct: 'IdentityCredential', // Default VC type\n ...payload,\n }\n\n // Create disclosure frame for selective disclosure\n const disclosureFrame = this.createDisclosureFrame(vcPayload, selectiveDisclosureFields)\n\n return await sdjwtInstance.issue(vcPayload as any, disclosureFrame)\n }\n\n /**\n * Verify an SD-JWT\n */\n public static async verifySDJWT(\n credential: string\n ): Promise<{ valid: boolean; payload?: any; error?: string }> {\n try {\n // Parse to get issuer from the SD-JWT\n const parts = credential.split('~')\n if (parts.length === 0) {\n return { valid: false, error: 'Invalid SD-JWT format' }\n }\n\n const jwt = parts[0]\n const jwtParts = jwt.split('.')\n if (jwtParts.length !== 3) {\n return { valid: false, error: 'Invalid JWT format in SD-JWT' }\n }\n\n const payload = JSON.parse(Buffer.from(jwtParts[1], 'base64url').toString())\n const issuerDid = payload.iss\n\n if (!issuerDid) {\n return { valid: false, error: 'Issuer DID not found in SD-JWT' }\n }\n\n const sdjwtInstance = await this.getIssuerInstance(issuerDid)\n\n // Verify the SD-JWT\n const verificationResult = await sdjwtInstance.verify(credential)\n const claims = await sdjwtInstance.getClaims(credential)\n\n return {\n valid: true,\n payload: {\n ...verificationResult.payload,\n claims,\n },\n }\n } catch (error: any) {\n return {\n valid: false,\n error: error.message,\n }\n }\n }\n\n /**\n * Legacy methods for backward compatibility\n */\n public static async createSignerVerifier() {\n const { privateKey, publicKey } = await this.generateKeyPair()\n return {\n signer: await getSigner(privateKey),\n verifier: await getVerifier(publicKey),\n }\n }\n\n public static async generateKeyPair() {\n return await generateKeyPair()\n }\n\n /**\n * Clear caches for optimization\n */\n public static clearCaches(): void {\n this.instances.clear()\n this.signerCache.clear()\n this.verifierCache.clear()\n }\n\n /**\n * Clear cache for specific issuer\n */\n public static clearIssuerCache(issuerDid: string): void {\n this.instances.delete(issuerDid)\n this.signerCache.delete(`signer:${issuerDid}`)\n this.verifierCache.delete(`verifier:${issuerDid}`)\n }\n\n /**\n * Get cache statistics\n */\n public static getCacheStats(): {\n instanceCount: number\n signerCount: number\n verifierCount: number\n } {\n return {\n instanceCount: this.instances.size,\n signerCount: this.signerCache.size,\n verifierCount: this.verifierCache.size,\n }\n }\n}\n","import * as jose from 'jose'\nimport { v4 as uuidv4 } from 'uuid'\nimport { subtle } from 'node:crypto'\n\nexport interface KeyPair {\n publicKey: any\n privateKey: any\n}\n\nexport async function generateKeyPair(): Promise<KeyPair> {\n const keyPair = await subtle.generateKey(\n {\n name: 'ECDSA',\n namedCurve: 'P-256',\n },\n true, // extractable\n ['sign', 'verify']\n )\n\n // Export keys in JWK format\n const publicJwk = await subtle.exportKey('jwk', keyPair.publicKey)\n const privateJwk = await subtle.exportKey('jwk', keyPair.privateKey)\n\n // Add key ID\n const kid = uuidv4()\n ;(publicJwk as any).kid = kid\n ;(privateJwk as any).kid = kid\n\n // Add algorithm\n ;(publicJwk as any).alg = 'ES256'\n ;(privateJwk as any).alg = 'ES256'\n\n return {\n publicKey: publicJwk,\n privateKey: privateJwk,\n }\n}\n\nexport async function signJWT(\n payload: any,\n privateKey: any,\n options?: {\n issuer?: string\n audience?: string\n expiresIn?: string\n notBefore?: string\n subject?: string\n jti?: string\n }\n): Promise<string> {\n const alg = privateKey.alg || 'ES256'\n const key = await jose.importJWK(privateKey, alg)\n\n const jwt = new jose.SignJWT(payload)\n .setProtectedHeader({ alg, kid: privateKey.kid })\n .setIssuedAt()\n .setJti(options?.jti ?? uuidv4())\n\n if (options?.issuer) jwt.setIssuer(options.issuer)\n if (options?.audience) jwt.setAudience(options.audience)\n if (options?.expiresIn) jwt.setExpirationTime(options.expiresIn)\n if (options?.notBefore) jwt.setNotBefore(options.notBefore)\n if (options?.subject) jwt.setSubject(options.subject)\n\n return await jwt.sign(key)\n}\n\nexport async function verifyJWT(\n jwt: string,\n publicKey: any,\n options?: {\n issuer?: string\n audience?: string\n }\n): Promise<jose.JWTPayload> {\n const alg = publicKey.alg || 'ES256'\n const key = await jose.importJWK(publicKey, alg)\n\n const verifyOptions: jose.JWTVerifyOptions = {}\n if (options?.issuer) verifyOptions.issuer = options.issuer\n if (options?.audience) verifyOptions.audience = options.audience\n\n const { payload } = await jose.jwtVerify(jwt, key, verifyOptions)\n return payload\n}\n\nexport function generateNonce(): string {\n return uuidv4()\n}\n\nexport async function getSigner(privateKey: any) {\n try {\n const key = await subtle.importKey(\n 'jwk',\n privateKey,\n {\n name: 'ECDSA',\n namedCurve: 'P-256',\n },\n true,\n ['sign']\n )\n\n return async (data: string) => {\n const encoder = new TextEncoder()\n const signature = await subtle.sign(\n {\n name: 'ECDSA',\n hash: { name: 'SHA-256' },\n },\n key,\n encoder.encode(data)\n )\n\n const result = btoa(String.fromCharCode(...new Uint8Array(signature)))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '') // Convert to base64url format\n\n return result\n }\n } catch (error) {\n console.error('Error in getSigner:', error instanceof Error ? error.message : 'Unknown error')\n console.error('Key algorithm:', privateKey?.alg || 'unknown')\n console.error('Key type:', privateKey?.kty || 'unknown')\n throw error\n }\n}\n\nexport async function getVerifier(publicKey: any) {\n const key = await subtle.importKey(\n 'jwk',\n publicKey,\n {\n name: 'ECDSA',\n namedCurve: 'P-256',\n },\n true,\n ['verify']\n )\n\n return async (data: string, signatureBase64url: string) => {\n const encoder = new TextEncoder()\n const signature = Uint8Array.from(\n atob(signatureBase64url.replace(/-/g, '+').replace(/_/g, '/')),\n c => c.charCodeAt(0)\n )\n\n const isValid = await subtle.verify(\n {\n name: 'ECDSA',\n hash: { name: 'SHA-256' },\n },\n key,\n signature,\n encoder.encode(data)\n )\n\n return isValid\n }\n}\n","import { KeyManager } from '../did/key-manager'\nimport { SDJwtClient } from '../utils/sdjwt-client'\n\n/**\n * Agent DID Manager\n * Manages DID generation and lifecycle for AI Agents specifically\n */\nexport class AgentDIDManager {\n private keyManager: KeyManager\n private agentDIDMap: Map<string, string> = new Map() // agentId -> DID mapping\n\n constructor(keyManager?: KeyManager) {\n this.keyManager = keyManager || new KeyManager()\n }\n\n /**\n * Generate a new DID for an AI Agent\n */\n async generateAgentDID(agentId: string): Promise<string> {\n // Generate unique key pair for this agent\n const keyPair = await SDJwtClient.generateKeyPair()\n\n // Create did:jwk from public key\n const did = this.createDidJwk(keyPair.publicKey)\n\n // Store private key with agent-specific namespace\n await this.keyManager.storeKey(did, keyPair.privateKey)\n\n // Store agent ID -> DID mapping\n this.agentDIDMap.set(agentId, did)\n await this.saveAgentDIDMapping(agentId, did)\n\n return did\n }\n\n /**\n * Get DID for a specific agent\n */\n async getAgentDID(agentId: string): Promise<string> {\n // Check memory cache first\n if (this.agentDIDMap.has(agentId)) {\n return this.agentDIDMap.get(agentId)!\n }\n\n // Load from storage\n const did = await this.loadAgentDIDMapping(agentId)\n if (did) {\n this.agentDIDMap.set(agentId, did)\n return did\n }\n\n throw new Error(`No DID found for agent: ${agentId}`)\n }\n\n /**\n * Check if agent has a DID\n */\n async hasAgentDID(agentId: string): Promise<boolean> {\n try {\n await this.getAgentDID(agentId)\n return true\n } catch {\n return false\n }\n }\n\n /**\n * Get agent's key pair\n */\n async getAgentKeyPair(agentId: string): Promise<any> {\n const did = await this.getAgentDID(agentId)\n const privateKey = await this.keyManager.getKey(did)\n\n if (!privateKey) {\n throw new Error(`Private key not found for agent: ${agentId}`)\n }\n\n return {\n privateKey,\n publicKey: this.extractPublicKey(privateKey),\n }\n }\n\n /**\n * Delete agent DID and associated keys\n */\n async deleteAgentDID(agentId: string): Promise<void> {\n try {\n const did = await this.getAgentDID(agentId)\n\n // Delete private key\n await this.keyManager.deleteKey(did)\n\n // Remove from memory cache\n this.agentDIDMap.delete(agentId)\n\n // Remove from persistent storage\n await this.deleteAgentDIDMapping(agentId)\n } catch (error) {\n throw new Error(`Failed to delete agent DID: ${error}`)\n }\n }\n\n /**\n * List all agent DIDs\n */\n async listAgentDIDs(): Promise<Array<{ agentId: string; did: string }>> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const mappingDir = path.join(os.homedir(), '.vess', 'agent-dids')\n\n try {\n const files = await fs.readdir(mappingDir)\n const results: Array<{ agentId: string; did: string }> = []\n\n for (const file of files) {\n if (file.endsWith('.did')) {\n const agentId = file.replace('.did', '')\n try {\n const did = await this.getAgentDID(agentId)\n results.push({ agentId, did })\n } catch {\n // Skip invalid entries\n }\n }\n }\n\n return results\n } catch {\n return []\n }\n }\n\n /**\n * Create did:jwk from public key\n */\n private createDidJwk(publicKey: any): string {\n const publicJwk = {\n kty: publicKey.kty,\n crv: publicKey.crv,\n x: publicKey.x,\n y: publicKey.y,\n use: publicKey.use,\n alg: publicKey.alg,\n }\n\n const encoded = Buffer.from(JSON.stringify(publicJwk)).toString('base64url')\n return `did:jwk:${encoded}`\n }\n\n /**\n * Extract public key from private key\n */\n private extractPublicKey(privateKey: any): any {\n const { d, key_ops, ...publicKey } = privateKey\n return {\n ...publicKey,\n // Remove key_ops for public key\n }\n }\n\n /**\n * Save agent ID -> DID mapping to persistent storage\n */\n private async saveAgentDIDMapping(agentId: string, did: string): Promise<void> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const mappingDir = path.join(os.homedir(), '.vess', 'agent-dids')\n await fs.mkdir(mappingDir, { recursive: true })\n\n const mappingFile = path.join(mappingDir, `${agentId}.did`)\n await fs.writeFile(mappingFile, did, 'utf-8')\n }\n\n /**\n * Load agent ID -> DID mapping from persistent storage\n */\n private async loadAgentDIDMapping(agentId: string): Promise<string | null> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const mappingFile = path.join(os.homedir(), '.vess', 'agent-dids', `${agentId}.did`)\n\n try {\n return await fs.readFile(mappingFile, 'utf-8')\n } catch {\n return null\n }\n }\n\n /**\n * Delete agent ID -> DID mapping from persistent storage\n */\n private async deleteAgentDIDMapping(agentId: string): Promise<void> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const mappingFile = path.join(os.homedir(), '.vess', 'agent-dids', `${agentId}.did`)\n\n try {\n await fs.unlink(mappingFile)\n } catch {\n // File might not exist, ignore\n }\n }\n}\n","import { Agent, DIDDocument } from '@vess-id/ai-identity-types'\nimport { getDidApiUrl, getApiHeaders } from '../config'\nimport { KeyManager } from './key-manager'\nimport { AgentDIDManager } from '../agent/agent-did-manager'\nimport { v4 as uuidv4 } from 'uuid'\n\nexport class AgentManager {\n private keyManager: KeyManager\n private agentDIDManager: AgentDIDManager\n\n constructor(keyManager?: KeyManager) {\n this.keyManager = keyManager || new KeyManager()\n this.agentDIDManager = new AgentDIDManager(this.keyManager)\n }\n\n /**\n * Create a new AI agent with unique ID and DID\n */\n async create(metadata?: Record<string, any>): Promise<Agent & { id: string }> {\n // Generate unique agent ID\n const agentId = uuidv4()\n\n // Generate dedicated DID for this agent\n const agentDid = await this.agentDIDManager.generateAgentDID(agentId)\n\n // Create DID Document for the agent\n const didDocument = this.resolveDidJwkLocally(agentDid)\n\n // Create agent with ID and DID\n const agent: Agent & { id: string } = {\n id: agentId,\n did: agentDid,\n didDocument,\n createdAt: new Date().toISOString(),\n metadata,\n }\n\n // Optionally register with DID API (if configured)\n try {\n await this.registerDid(agent)\n } catch (error) {\n console.warn('Failed to register DID with API:', error)\n // Continue even if registration fails - DID:jwk works locally\n }\n\n return agent\n }\n\n /**\n * Get agent DID by agent ID\n */\n async getAgentDID(agentId: string): Promise<string> {\n return await this.agentDIDManager.getAgentDID(agentId)\n }\n\n /**\n * Get agent by ID\n */\n async getAgent(agentId: string): Promise<Agent & { id: string }> {\n const agentDid = await this.agentDIDManager.getAgentDID(agentId)\n const didDocument = await this.resolve(agentDid)\n\n return {\n id: agentId,\n did: agentDid,\n didDocument,\n createdAt: new Date().toISOString(), // TODO: Store actual creation time\n }\n }\n\n /**\n * Delete an agent and its DID\n */\n async deleteAgent(agentId: string): Promise<void> {\n await this.agentDIDManager.deleteAgentDID(agentId)\n }\n\n /**\n * Resolve a DID to get DID Document\n */\n async resolve(did: string): Promise<DIDDocument> {\n // For did:jwk, we can resolve locally\n if (did.startsWith('did:jwk:')) {\n return this.resolveDidJwkLocally(did)\n }\n\n // Otherwise, call DID API\n try {\n const response = await fetch(getDidApiUrl(`/api/v1/did/${encodeURIComponent(did)}`), {\n headers: getApiHeaders('did'),\n })\n\n if (!response.ok) {\n throw new Error(`Failed to resolve DID: ${response.statusText}`)\n }\n\n const data = (await response.json()) as any\n return data.didDocument\n } catch (error) {\n throw new Error(`Failed to resolve DID: ${error}`)\n }\n }\n\n /**\n * Export agent with private key (for backup)\n */\n async export(did: string): Promise<{ agent: Agent; privateKey: any }> {\n const didDocument = await this.resolve(did)\n const privateKey = await this.keyManager.getKey(did)\n\n if (!privateKey) {\n throw new Error(`Private key not found for DID: ${did}`)\n }\n\n const agent: Agent = {\n did,\n didDocument,\n createdAt: new Date().toISOString(),\n }\n\n return { agent, privateKey }\n }\n\n /**\n * Import agent from backup\n */\n async import(agent: Agent, privateKey: any): Promise<void> {\n await this.keyManager.storeKey(agent.did, privateKey)\n }\n\n /**\n * List all locally stored agents\n */\n async list(): Promise<Array<Agent & { id: string }>> {\n const agentDIDs = await this.agentDIDManager.listAgentDIDs()\n const agents: Array<Agent & { id: string }> = []\n\n for (const { agentId, did } of agentDIDs) {\n try {\n const didDocument = await this.resolve(did)\n agents.push({\n id: agentId,\n did,\n didDocument,\n createdAt: new Date().toISOString(), // TODO: Store actual creation time\n })\n } catch (error) {\n console.warn(`Failed to resolve Agent DID ${did}:`, error)\n }\n }\n\n return agents\n }\n\n private createDidDocument(did: string, publicKey: any): DIDDocument {\n const verificationMethodId = `${did}#0`\n\n return {\n '@context': ['https://www.w3.org/ns/did/v1', 'https://w3id.org/security/suites/jws-2020/v1'],\n id: did,\n verificationMethod: [\n {\n id: verificationMethodId,\n type: 'JsonWebKey2020',\n controller: did,\n publicKeyJwk: publicKey,\n },\n ],\n authentication: [verificationMethodId],\n assertionMethod: [verificationMethodId],\n capabilityInvocation: [verificationMethodId],\n capabilityDelegation: [verificationMethodId],\n }\n }\n\n private resolveDidJwkLocally(did: string): DIDDocument {\n // Extract JWK from did:jwk\n const encoded = did.replace('did:jwk:', '')\n const publicJwk = JSON.parse(Buffer.from(encoded, 'base64url').toString())\n\n return this.createDidDocument(did, publicJwk)\n }\n\n private async registerDid(_agent: Agent): Promise<void> {\n // This would call the DID API to register the DID\n // Implementation depends on the actual API\n // For now, this is a placeholder\n }\n}\n","import { KeyManager } from '../did/key-manager'\nimport { SDJwtClient } from '../utils/sdjwt-client'\nimport { DIDDocument } from '@vess-id/ai-identity-types'\n\n/**\n * User Identity Manager\n * Manages DID generation and lifecycle for Users (Issuers) specifically\n * Separate from Agent management to avoid confusion\n */\nexport class UserIdentityManager {\n private keyManager: KeyManager\n private currentUserDID: string | null = null\n\n constructor(keyManager?: KeyManager) {\n this.keyManager = keyManager || new KeyManager()\n }\n\n /**\n * Get or create current user DID\n * This represents the user who will be the issuer of VCs\n */\n async getCurrentUserDID(): Promise<string> {\n if (this.currentUserDID) {\n return this.currentUserDID\n }\n\n // Try to load existing user DID\n const existingDID = await this.loadUserDID()\n if (existingDID) {\n this.currentUserDID = existingDID\n return existingDID\n }\n\n // Create new user DID if none exists\n return await this.createUserDID()\n }\n\n /**\n * Create a new user DID (for issuing VCs)\n */\n async createUserDID(): Promise<string> {\n // Generate key pair for user identity\n const keyPair = await SDJwtClient.generateKeyPair()\n\n // Create did:jwk\n const did = this.createDidJwk(keyPair.publicKey)\n\n // Store private key\n await this.keyManager.storeKey(did, keyPair.privateKey)\n\n // Save as current user DID\n await this.saveUserDID(did)\n this.currentUserDID = did\n\n return did\n }\n\n /**\n * Get user's key pair\n */\n async getUserKeyPair(): Promise<any> {\n const did = await this.getCurrentUserDID()\n const privateKey = await this.keyManager.getKey(did)\n\n if (!privateKey) {\n throw new Error('User private key not found')\n }\n\n return {\n privateKey,\n publicKey: this.extractPublicKey(privateKey),\n }\n }\n\n /**\n * Resolve user DID to DID Document\n */\n async resolveUserDID(did?: string): Promise<DIDDocument> {\n const userDid = did || (await this.getCurrentUserDID())\n\n if (!userDid.startsWith('did:jwk:')) {\n throw new Error('Only did:jwk supported for user identity')\n }\n\n return this.resolveDidJwkLocally(userDid)\n }\n\n /**\n * Export user identity for backup\n */\n async exportUserIdentity(): Promise<{ did: string; privateKey: any; didDocument: DIDDocument }> {\n const did = await this.getCurrentUserDID()\n const privateKey = await this.keyManager.getKey(did)\n const didDocument = await this.resolveUserDID(did)\n\n if (!privateKey) {\n throw new Error('User private key not found')\n }\n\n return { did, privateKey, didDocument }\n }\n\n /**\n * Import user identity from backup\n */\n async importUserIdentity(backup: { did: string; privateKey: any }): Promise<void> {\n // Store the private key\n await this.keyManager.storeKey(backup.did, backup.privateKey)\n\n // Set as current user DID\n await this.saveUserDID(backup.did)\n this.currentUserDID = backup.did\n }\n\n /**\n * Reset user identity (create new DID)\n */\n async resetUserIdentity(): Promise<string> {\n // Clear current DID\n this.currentUserDID = null\n\n // Clear saved DID\n await this.clearUserDID()\n\n // Create new DID\n return await this.createUserDID()\n }\n\n /**\n * Create did:jwk from public key\n */\n private createDidJwk(publicKey: any): string {\n const publicJwk = {\n kty: publicKey.kty,\n crv: publicKey.crv,\n x: publicKey.x,\n y: publicKey.y,\n use: publicKey.use,\n alg: publicKey.alg,\n }\n\n const encoded = Buffer.from(JSON.stringify(publicJwk)).toString('base64url')\n return `did:jwk:${encoded}`\n }\n\n /**\n * Extract public key from private key\n */\n private extractPublicKey(privateKey: any): any {\n const { d, key_ops, ...publicKey } = privateKey\n return publicKey\n }\n\n /**\n * Resolve did:jwk locally\n */\n private resolveDidJwkLocally(did: string): DIDDocument {\n const encoded = did.replace('did:jwk:', '')\n const publicJwk = JSON.parse(Buffer.from(encoded, 'base64url').toString())\n\n return this.createDidDocument(did, publicJwk)\n }\n\n /**\n * Create DID Document\n */\n private createDidDocument(did: string, publicKey: any): DIDDocument {\n const verificationMethodId = `${did}#0`\n\n return {\n '@context': ['https://www.w3.org/ns/did/v1', 'https://w3id.org/security/suites/jws-2020/v1'],\n id: did,\n verificationMethod: [\n {\n id: verificationMethodId,\n type: 'JsonWebKey2020',\n controller: did,\n publicKeyJwk: publicKey,\n },\n ],\n authentication: [verificationMethodId],\n assertionMethod: [verificationMethodId],\n capabilityInvocation: [verificationMethodId],\n capabilityDelegation: [verificationMethodId],\n }\n }\n\n /**\n * Save current user DID to persistent storage\n */\n private async saveUserDID(did: string): Promise<void> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const configDir = path.join(os.homedir(), '.vess')\n await fs.mkdir(configDir, { recursive: true })\n\n const userDIDFile = path.join(configDir, 'user-did.txt')\n await fs.writeFile(userDIDFile, did, 'utf-8')\n }\n\n /**\n * Load current user DID from persistent storage\n */\n private async loadUserDID(): Promise<string | null> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const userDIDFile = path.join(os.homedir(), '.vess', 'user-did.txt')\n\n try {\n return await fs.readFile(userDIDFile, 'utf-8')\n } catch {\n return null\n }\n }\n\n /**\n * Clear saved user DID\n */\n private async clearUserDID(): Promise<void> {\n const fs = await import('fs/promises')\n const path = await import('path')\n const os = await import('os')\n\n const userDIDFile = path.join(os.homedir(), '.vess', 'user-did.txt')\n\n try {\n await fs.unlink(userDIDFile)\n } catch {\n // File might not exist, ignore\n }\n }\n}\n","import {\n DelegationVC,\n ToolPermissionVC,\n DataAccessVC,\n VCTemplate,\n} from '@vess-id/ai-identity-types'\nimport { getIssuerApiUrl, getApiHeaders } from '../config'\nimport { KeyManager } from '../did/key-manager'\nimport { SDJwtClient } from '../utils/sdjwt-client'\nimport { AgentManager } from '../did/agent'\nimport { UserIdentityManager } from '../identity/user-identity-manager'\nimport type { DisclosureFrame } from '@sd-jwt/types'\n\nexport class VCManager {\n private keyManager: KeyManager\n private templates: Map<string, VCTemplate> = new Map()\n private agentManager: AgentManager\n private userIdentityManager: UserIdentityManager\n\n constructor(\n keyManager?: KeyManager,\n agentManager?: AgentManager,\n userIdentityManager?: UserIdentityManager\n ) {\n this.keyManager = keyManager || new KeyManager()\n this.agentManager = agentManager || new AgentManager(this.keyManager)\n this.userIdentityManager = userIdentityManager || new UserIdentityManager(this.keyManager)\n this.registerDefaultTemplates()\n }\n\n /**\n * Get fields that should be selectively disclosable based on VC type\n */\n private getSelectivelyDisclosableFields(template: string): string[] {\n switch (template) {\n case 'ToolPermissionVC':\n return ['tool', 'action', 'scope', 'conditions']\n case 'DataAccessVC':\n return ['resource', 'actions', 'scope', 'conditions']\n case 'OrganizationVC':\n return ['organizationId', 'employeeId', 'department', 'role', 'permissions']\n default:\n return []\n }\n }\n\n /**\n * Issue a Verifiable Credential as SD-JWT VC\n * Enhanced to support User/Agent DID separation\n */\n async issue(\n template: string,\n claims: any,\n options: {\n issuerDid?: string // User DID (if not provided, uses current user)\n subjectDid?: string // Subject DID (if not provided, uses issuer DID for backward compatibility)\n agentId?: string // Agent ID (auto-resolves to agent DID as subject)\n expiresIn?: string // e.g., '1h', '30d'\n }\n ): Promise<string> {\n const vcTemplate = this.templates.get(template)\n if (!vcTemplate) {\n throw new Error(`Unknown VC template: ${template}`)\n }\n\n // Determine issuer DID (User Identity)\n const issuerDid = options.issuerDid || (await this.userIdentityManager.getCurrentUserDID())\n\n // Determine subject DID\n let subjectDid: string\n if (options.agentId) {\n // Agent ID provided - resolve to agent DID\n subjectDid = await this.agentManager.getAgentDID(options.agentId)\n } else if (options.subjectDid) {\n // Explicit subject DID provided\n subjectDid = options.subjectDid\n } else {\n // Backward compatibility: use issuer DID as subject\n subjectDid = issuerDid\n }\n\n // Build VC payload according to SD-JWT VC spec\n const now = new Date()\n const iat = Math.floor(now.getTime() / 1000)\n\n // Prepare credential subject with claims\n const credentialSubject = {\n id: subjectDid,\n ...claims,\n }\n\n // Apply template defaults\n if (vcTemplate.defaults) {\n Object.assign(credentialSubject, vcTemplate.defaults)\n }\n\n // Build the VC payload for SD-JWT VC\n const vcPayload: any = {\n // SD-JWT VC specific fields\n vct: vcTemplate.type,\n iss: issuerDid,\n iat,\n cnf: {\n // Confirmation method - binding to subject's key\n jwk: await this.getSubjectPublicKey(subjectDid),\n },\n // Standard VC fields\n credentialSubject,\n }\n\n if (options.expiresIn) {\n const expDate = this.calculateExpirationDate(options.expiresIn)\n vcPayload.exp = Math.floor(expDate.getTime() / 1000)\n }\n\n // Validate with template\n const vc = {\n ...vcPayload,\n '@context': ['https://www.w3.org/ns/credentials/v2'],\n issuer: issuerDid,\n validFrom: now.toISOString(),\n } as DelegationVC\n\n if (vcTemplate.validate && !vcTemplate.validate(vc as any)) {\n throw new Error('VC validation failed')\n }\n\n // Set up SDJwtClient with KeyManager\n SDJwtClient.setKeyManager(this.keyManager)\n\n // Get SD-JWT VC instance for this issuer\n const sdjwtInstance = await SDJwtClient.getIssuerInstance(issuerDid)\n\n // Get selectively disclosable fields for this VC type\n const selectivelyDisclosableFields = this.getSelectivelyDisclosableFields(template)\n\n // Create disclosure frame for the entire payload\n // The credentialSubject should have its own _sd array\n const credentialSubjectFrame = SDJwtClient.createDisclosureFrame(\n credentialSubject,\n selectivelyDisclosableFields\n )\n\n // Create the main disclosure frame that targets credentialSubject\n const disclosureFrame = {\n credentialSubject: credentialSubjectFrame,\n }\n\n // Issue the SD-JWT VC\n //@ts-ignore\n const sdjwtVc = await sdjwtInstance.issue(\n vcPayload,\n disclosureFrame as DisclosureFrame<typeof vcPayload>\n )\n\n return sdjwtVc\n }\n\n /**\n * Get subject's public key for cnf claim\n */\n private async getSubjectPublicKey(subjectDid: string): Promise<any> {\n // Extract JWK from did:jwk DID\n if (!subjectDid.startsWith('did:jwk:')) {\n throw new Error(`Unsupported DID method. Expected did:jwk, got: ${subjectDid}`)\n }\n\n try {\n // Extract the base64url-encoded JWK from the DID\n const jwkEncoded = subjectDid.replace('did:jwk:', '')\n const jwkJson = Buffer.from(jwkEncoded, 'base64url').toString('utf-8')\n const jwk = JSON.parse(jwkJson)\n\n // Return only the public key components (remove private key 'd' if present)\n const { d, key_ops, ...publicJwk } = jwk\n\n // Ensure it has the correct key operations for verification\n const publicKeyForCnf = {\n ...publicJwk,\n // Remove key_ops entirely for cnf claim as it's not needed there\n }\n\n return publicKeyForCnf\n } catch (error) {\n throw new Error(\n `Failed to extract JWK from did:jwk: ${error instanceof Error ? error.message : 'Unknown error'}`\n )\n }\n }\n\n /**\n * Issue using existing Issuer API (OID4VCI)\n */\n async issueViaAPI(\n credentialType: string,\n claims: any,\n options: {\n issuerDid: string\n subjectDid: string\n }\n ): Promise<string> {\n // First get credential offer\n const offerResponse = await fetch(getIssuerApiUrl('/api/v1/credential/offer'), {\n method: 'POST',\n headers: getApiHeaders('issuer'),\n body: JSON.stringify({\n credentialType,\n claims,\n subjectDid: options.subjectDid,\n }),\n })\n\n if (!offerResponse.ok) {\n throw new Error(`Failed to get credential offer: ${offerResponse.statusText}`)\n }\n\n const offer = (await offerResponse.json()) as { id: string }\n\n // Then acquire credential\n const acquireResponse = await fetch(getIssuerApiUrl('/api/v1/credential/acquire'), {\n method: 'POST',\n headers: getApiHeaders('issuer'),\n body: JSON.stringify({\n offerId: offer.id,\n holderDid: options.subjectDid,\n }),\n })\n\n if (!acquireResponse.ok) {\n throw new Error(`Failed to acquire credential: ${acquireResponse.statusText}`)\n }\n\n const credential = (await acquireResponse.json()) as { jwt: string }\n return credential.jwt\n }\n\n /**\n * Verify a SD-JWT VC\n */\n async verify(\n sdjwtVc: string,\n options?: {\n expectedIssuer?: string\n expectedSubject?: string\n requiredClaims?: string[] // Claims that must be disclosed\n }\n ): Promise<any> {\n // Parse to get issuer from the SD-JWT\n const parts = sdjwtVc.split('~')\n const jwt = parts[0]\n const jwtParts = jwt.split('.')\n const payload = JSON.parse(Buffer.from(jwtParts[1], 'base64url').toString())\n\n const issuerDid = payload.iss\n if (!issuerDid) {\n throw new Error('Issuer DID not found in SD-JWT VC')\n }\n\n // Validate expected issuer if provided\n if (options?.expectedIssuer && issuerDid !== options.expectedIssuer) {\n throw new Error(`Issuer mismatch: expected ${options.expectedIssuer}, got ${issuerDid}`)\n }\n\n // Set up SDJwtClient\n SDJwtClient.setKeyManager(this.keyManager)\n\n // Get SD-JWT VC instance for this issuer\n const sdjwtInstance = await SDJwtClient.getIssuerInstance(issuerDid)\n\n // Verify the SD-JWT VC\n const { payload: verifiedPayload } = await sdjwtInstance.verify(\n sdjwtVc,\n options?.requiredClaims ? { requiredClaimKeys: options?.requiredClaims } : undefined\n )\n\n const disclosures = await sdjwtInstance.getClaims(sdjwtVc)\n\n // Validate expected subject if provided\n const subjectId = (verifiedPayload?.credentialSubject as any)?.id || verifiedPayload.sub\n if (options?.expectedSubject) {\n if (subjectId !== options.expectedSubject) {\n throw new Error(`Subject mismatch: expected ${options.expectedSubject}, got ${subjectId}`)\n }\n }\n\n // Return the verified payload and disclosures\n return {\n payload: verifiedPayload,\n disclosures,\n issuer: issuerDid,\n subject: subjectId,\n issuedAt: verifiedPayload?.iat && new Date(verifiedPayload.iat * 1000),\n expiresAt: verifiedPayload.exp ? new Date(verifiedPayload.exp * 1000) : null,\n }\n }\n\n /**\n * Revoke a Verifiable Credential\n */\n async revoke(_vcId: string, _issuerDid: string): Promise<void> {\n // TODO: Call StatusList API to revoke\n throw new Error('VC revocation not yet implemented')\n }\n\n /**\n * Register a custom VC template\n */\n registerTemplate(template: VCTemplate): void {\n this.templates.set(template.name, template)\n }\n\n private registerDefaultTemplates(): void {\n // ToolPermissionVC template\n this.templates.set('ToolPermissionVC', {\n type: 'ToolPermissionVC',\n name: 'ToolPermissionVC',\n description: 'Permission to use a specific tool',\n validate: (vc: DelegationVC) => {\n const toolVc = vc as ToolPermissionVC\n return !!(toolVc.credentialSubject.tool && toolVc.credentialSubject.aud)\n },\n })\n\n // DataAccessVC template\n this.templates.set('DataAccessVC', {\n type: 'DataAccessVC',\n name: 'DataAccessVC',\n description: 'Permission to access data resources',\n validate: (vc: DelegationVC) => {\n const dataVc = vc as DataAccessVC\n return !!(\n dataVc.credentialSubject.resource &&\n dataVc.credentialSubject.actions &&\n dataVc.credentialSubject.actions.length > 0\n )\n },\n })\n }\n\n private calculateExpirationDate(expiresIn: string): Date {\n const now = new Date()\n const match = expiresIn.match(/^(\\d+)([hdm])$/)\n\n if (!match) {\n throw new Error(`Invalid expiresIn format: ${expiresIn}`)\n }\n\n const value = parseInt(match[1])\n const unit = match[2]\n\n switch (unit) {\n case 'h':\n now.setHours(now.getHours() + value)\n break\n case 'd':\n now.setDate(now.getDate() + value)\n break\n case 'm':\n now.setMinutes(now.getMinutes() + value)\n break\n default:\n throw new Error(`Unknown time unit: ${unit}`)\n }\n\n return now\n }\n}\n","import { VerifiablePresentation, VPRequest } from '@vess-id/ai-identity-types'\nimport { generateNonce } from '../utils/crypto'\nimport { KeyManager } from '../did/key-manager'\nimport { getVerifierApiUrl, getApiHeaders } from '../config'\nimport { SDJwtClient } from '../utils/sdjwt-client'\nimport { digest } from '@sd-jwt/crypto-nodejs'\n\nexport class VPManager {\n private keyManager: KeyManager\n\n constructor(keyManager?: KeyManager) {\n this.keyManager = keyManager || new KeyManager()\n // Initialize SDJwtClient with KeyManager\n SDJwtClient.setKeyManager(this.keyManager)\n }\n\n /**\n * Create a SD-JWT presentation using the present() method\n * This properly binds the holder's key to the SD-JWT VC\n */\n async create(\n vcs: string[], // Array of SD-JWT VC strings\n options: {\n holderDid: string\n challenge: string // nonce\n domain: string\n purpose?: string\n }\n ): Promise<string> {\n if (vcs.length === 0) {\n throw new Error('At least one SD-JWT VC is required for presentation')\n }\n\n // Get SDJwtClient instance for the holder DID\n const sdJwtInstance = await SDJwtClient.getHolderInstance(options.holderDid)\n\n // Use the first SD-JWT VC for presentation\n const sdJwtVC = vcs[0]\n\n try {\n // First decode the SD-JWT VC to get available claims\n const decodedVC = await sdJwtInstance.decode(sdJwtVC)\n\n // Get all presentable keys (we'll present all available claims)\n const presentableKeys = await decodedVC.presentableKeys(digest)\n\n // Create presentation frame to present ALL available claims\n // This is a simplified approach - in production you'd be selective\n const presentationFrame: Record<string, boolean> = {}\n presentableKeys.forEach((key: string) => {\n presentationFrame[key] = true\n })\n\n // Create Key Binding JWT payload\n const kbJwtPayload = {\n aud: options.domain,\n nonce: options.challenge,\n iat: Math.floor(Date.now() / 1000),\n }\n\n // Create a presentation using the issued credential and the presentation frame\n // The third parameter is the KB-JWT payload for holder binding\n const presentation = await sdJwtInstance.present(sdJwtVC, presentationFrame, {\n kb: { payload: kbJwtPayload },\n })\n\n return presentation\n } catch (error: any) {\n console.error('ERROR: Error creating SD-JWT presentation:', error)\n throw new Error(`Failed to create SD-JWT presentation: ${error.message}`)\n }\n }\n\n /**\n * Verify a Verifiable Presentation\n */\n async verify(\n vpJwt: string,\n options: {\n expectedChallenge: string\n expectedDomain: string\n expectedHolder?: string\n }\n ): Promise<VerifiablePresentation> {\n // Call Verifier API\n const response = await fetch(getVerifierApiUrl('/api/v1/vp/verify'), {\n method: 'POST',\n headers: getApiHeaders('verifier'),\n body: JSON.stringify({\n vp: vpJwt,\n challenge: options.expectedChallenge,\n domain: options.expectedDomain,\n }),\n })\n\n if (!response.ok) {\n throw new Error(`VP verification failed: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n\n if (!result?.valid) {\n throw new Error(`VP verification failed: ${result?.error}`)\n }\n\n // Additional local verification\n const vp = result?.verifiablePresentation as VerifiablePresentation\n\n if (options.expectedHolder && vp.holder !== options.expectedHolder) {\n throw new Error(`Holder mismatch. Expected: ${options.expectedHolder}, Got: ${vp.holder}`)\n }\n\n if (vp.proof?.challenge !== options.expectedChallenge) {\n throw new Error('Challenge mismatch')\n }\n\n if (vp.proof?.domain !== options.expectedDomain) {\n throw new Error('Domain mismatch')\n }\n\n return vp\n }\n\n /**\n * Create a VP request\n */\n createRequest(\n domain: string,\n query?: {\n type?: string\n credentialQuery?: any\n }\n ): VPRequest {\n return {\n challenge: generateNonce(),\n domain,\n query,\n }\n }\n\n /**\n * Submit VP to a verifier\n */\n async submit(\n vpJwt: string,\n verifierEndpoint: string\n ): Promise<{ verified: boolean; result?: any }> {\n const response = await fetch(verifierEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({ vp: vpJwt }),\n })\n\n if (!response.ok) {\n throw new Error(`Failed to submit VP: ${response.statusText}`)\n }\n\n return response.json() as any\n }\n}\n","import { ToolInvocation, ConnectorResponse, ToolPermissionVC } from '@vess-id/ai-identity-types'\nimport { VPManager } from '../vp/vp-manager'\nimport { getConfig } from '../config'\n\nexport interface ToolDefinition {\n name: string\n description: string\n actions: {\n name: string\n description: string\n parameters: Record<string, any>\n }[]\n}\n\nexport class ToolManager {\n private vpManager: VPManager\n private tools: Map<string, ToolDefinition> = new Map()\n private proxyApiUrl: string\n\n constructor(vpManager?: VPManager) {\n this.vpManager = vpManager || new VPManager()\n const config = getConfig()\n this.proxyApiUrl = config.proxyApi?.baseUrl || 'http://localhost:3000'\n this.registerDefaultTools()\n }\n\n /**\n * Invoke a tool action with VC authorization\n */\n async invoke<T = any>(\n tool: string,\n action: string,\n params: Record<string, any>,\n options: {\n vcs: string[] // VC JWTs authorizing this action\n holderDid: string\n }\n ): Promise<ConnectorResponse<T>> {\n // Validate tool exists\n const toolDef = this.tools.get(tool)\n if (!toolDef) {\n throw new Error(`Unknown tool: ${tool}`)\n }\n\n // Validate action exists\n const actionDef = toolDef.actions.find(a => a.name === action)\n if (!actionDef) {\n throw new Error(`Unknown action ${action} for tool ${tool}`)\n }\n\n // Create VP for this invocation\n const domain = new URL(this.proxyApiUrl).hostname\n const challenge = this.generateChallenge()\n\n const vpJwt = await this.vpManager.create(options.vcs, {\n holderDid: options.holderDid,\n challenge,\n domain,\n purpose: 'invocation',\n })\n\n // Mock mode for demo - avoid API calls\n if (this.proxyApiUrl === 'mock://demo') {\n // Return mock response for demo purposes\n const mockResponse: ConnectorResponse<T> = {\n success: true,\n data: {\n message: 'Mock Slack response - message posted successfully!',\n channel: params.channel || '#general',\n text: params.text || 'Hello from AIdentity!',\n ts: Date.now().toString(),\n ok: true,\n } as T,\n metadata: {\n tool,\n action,\n holder: options.holderDid,\n timestamp: new Date().toISOString(),\n mock: true,\n },\n }\n\n // Simulate API delay\n await new Promise(resolve => setTimeout(resolve, 500))\n return mockResponse\n }\n\n // Call Proxy API - check if we need to send VCs separately\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${vpJwt}`,\n 'X-Holder-DID': options.holderDid,\n 'X-Auth-Challenge': challenge,\n }\n\n // Only send X-VCs header if vpJwt doesn't contain ~ (not a full SD-JWT presentation)\n if (!vpJwt.includes('~')) {\n headers['X-VCs'] = JSON.stringify(options.vcs)\n }\n\n const response = await fetch(`${this.proxyApiUrl}/api/v1/tool/invoke`, {\n method: 'POST',\n headers,\n body: JSON.stringify({\n tool,\n action,\n params,\n challenge,\n }),\n })\n\n if (!response.ok) {\n // Try to parse JSON error response first to preserve metadata (e.g., reauthRequired)\n const contentType = response.headers.get('content-type')\n if (contentType && contentType.includes('application/json')) {\n try {\n const errorResponse = await response.json() as any\n // If the error response already has the ConnectorResponse structure, return it\n if (errorResponse.success === false) {\n return errorResponse as ConnectorResponse<T>\n }\n // Otherwise, wrap it\n return {\n success: false,\n error: errorResponse.message || errorResponse.error || 'Tool invocation failed',\n metadata: errorResponse.metadata,\n }\n } catch (parseError) {\n // If JSON parsing fails, fall back to text\n const error = await response.text()\n return {\n success: false,\n error: `Tool invocation failed: ${error}`,\n }\n }\n } else {\n // Non-JSON response, use text\n const error = await response.text()\n return {\n success: false,\n error: `Tool invocation failed: ${error}`,\n }\n }\n }\n\n const result = await response.json()\n return result as ConnectorResponse<T>\n }\n\n /**\n * List available tools\n */\n list(): ToolDefinition[] {\n return Array.from(this.tools.values())\n }\n\n /**\n * Get a specific tool definition\n */\n getTool(name: string): ToolDefinition | undefined {\n return this.tools.get(name)\n }\n\n /**\n * Register a custom tool\n */\n registerTool(tool: ToolDefinition): void {\n this.tools.set(tool.name, tool)\n }\n\n /**\n * Check if VCs authorize a tool action\n */\n async checkAuthorization(\n vcs: string[],\n tool: string,\n action: string,\n resourceScope?: Record<string, any>\n ): Promise<boolean> {\n // Parse VCs and check permissions\n // This is a simplified check - real implementation would verify signatures\n for (const vcJwt of vcs) {\n try {\n const parts = vcJwt.split('.')\n const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString())\n\n if (payload.credentialSubject?.tool === `${tool}.${action}`) {\n // Check resource scope if provided\n if (resourceScope) {\n const vcScope = payload.credentialSubject.resourceScope\n if (!this.matchScope(vcScope, resourceScope)) {\n continue\n }\n }\n return true\n }\n } catch {\n continue\n }\n }\n return false\n }\n\n private matchScope(vcScope: Record<string, any>, requiredScope: Record<string, any>): boolean {\n // Simple scope matching - can be enhanced\n for (const [key, value] of Object.entries(requiredScope)) {\n if (vcScope[key] !== value && vcScope[key] !== '*') {\n return false\n }\n }\n return true\n }\n\n private generateChallenge(): string {\n return Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15)\n }\n\n private registerDefaultTools(): void {\n // Slack tool\n this.tools.set('slack', {\n name: 'slack',\n description: 'Slack workspace operations',\n actions: [\n {\n name: 'postMessage',\n description: 'Post a message to a channel',\n parameters: {\n channel: 'string',\n text: 'string',\n thread_ts: 'string?',\n },\n },\n {\n name: 'getChannels',\n description: 'List channels',\n parameters: {},\n },\n {\n name: 'getUserInfo',\n description: 'Get user information',\n parameters: {\n userId: 'string',\n },\n },\n {\n name: 'getChannelHistory',\n description: 'Get channel history',\n parameters: {\n channel: 'string',\n latest: 'string?',\n oldest: 'string?',\n limit: 'number?',\n inclusive: 'boolean?',\n },\n },\n ],\n })\n\n // GitHub tool\n this.tools.set('github', {\n name: 'github',\n description: 'GitHub repository operations',\n actions: [\n {\n name: 'createIssue',\n description: 'Create a new issue',\n parameters: {\n owner: 'string',\n repo: 'string',\n title: 'string',\n body: 'string',\n labels: 'string[]?',\n },\n },\n {\n name: 'listIssues',\n description: 'List repository issues',\n parameters: {\n owner: 'string',\n repo: 'string',\n state: 'string?',\n },\n },\n {\n name: 'getRepo',\n description: 'Get repository information',\n parameters: {\n owner: 'string',\n repo: 'string',\n },\n },\n ],\n })\n\n // Gmail tool\n this.tools.set('gmail', {\n name: 'gmail',\n description: 'Gmail operations',\n actions: [\n {\n name: 'sendMessage',\n description: 'Send an email message',\n parameters: {\n to: 'string',\n subject: 'string',\n body: 'string',\n cc: 'string[]?',\n bcc: 'string[]?',\n format: 'string?',\n },\n },\n {\n name: 'getMessages',\n description: 'Get email messages',\n parameters: {\n query: 'string?',\n maxResults: 'number?',\n pageToken: 'string?',\n labelIds: 'string[]?',\n },\n },\n {\n name: 'getMessage',\n description: 'Get a specific email message',\n parameters: {\n messageId: 'string',\n format: 'string?',\n },\n },\n {\n name: 'getLabels',\n description: 'Get available labels',\n parameters: {},\n },\n {\n name: 'searchMessages',\n description: 'Search email messages',\n parameters: {\n query: 'string',\n maxResults: 'number?',\n pageToken: 'string?',\n },\n },\n {\n name: 'modifyMessage',\n description: 'Modify message labels',\n parameters: {\n messageId: 'string',\n addLabelIds: 'string[]?',\n removeLabelIds: 'string[]?',\n },\n },\n {\n name: 'createDraft',\n description: 'Create a draft email',\n parameters: {\n to: 'string',\n subject: 'string',\n body: 'string',\n cc: 'string[]?',\n bcc: 'string[]?',\n format: 'string?',\n },\n },\n ],\n })\n\n // Drive tool\n this.tools.set('drive', {\n name: 'drive',\n description: 'Google Drive operations',\n actions: [\n {\n name: 'listFiles',\n description: 'List files in folder',\n parameters: {\n folderId: 'string?',\n query: 'string?',\n maxResults: 'number?',\n pageToken: 'string?',\n orderBy: 'string?',\n },\n },\n {\n name: 'getFile',\n description: 'Get file information',\n parameters: {\n fileId: 'string',\n fields: 'string?',\n },\n },\n {\n name: 'createFile',\n description: 'Create a new file',\n parameters: {\n name: 'string',\n content: 'string',\n mimeType: 'string?',\n parents: 'string[]?',\n description: 'string?',\n },\n },\n {\n name: 'updateFile',\n description: 'Update an existing file',\n parameters: {\n fileId: 'string',\n name: 'string?',\n content: 'string?',\n description: 'string?',\n },\n },\n {\n name: 'deleteFile',\n description: 'Delete a file',\n parameters: {\n fileId: 'string',\n },\n },\n {\n name: 'getFolders',\n description: 'List folders',\n parameters: {\n parentId: 'string?',\n },\n },\n {\n name: 'createFolder',\n description: 'Create a new folder',\n parameters: {\n name: 'string',\n parentId: 'string?',\n description: 'string?',\n },\n },\n {\n name: 'downloadFile',\n description: 'Download file content',\n parameters: {\n fileId: 'string',\n mimeType: 'string?',\n },\n },\n {\n name: 'shareFile',\n description: 'Share file with permissions',\n parameters: {\n fileId: 'string',\n type: 'string',\n role: 'string',\n emailAddress: 'string?',\n domain: 'string?',\n },\n },\n ],\n })\n\n // Jira tool\n this.tools.set('jira', {\n name: 'jira',\n description: 'Jira project and issue management',\n actions: [\n {\n name: 'getProjects',\n description: 'List all Jira projects',\n parameters: {\n recent: 'number?',\n },\n },\n {\n name: 'getBoard',\n description: 'Get Jira board details',\n parameters: {\n boardId: 'number',\n },\n },\n {\n name: 'getBoards',\n description: 'List all Jira boards',\n parameters: {\n projectKeyOrId: 'string?',\n type: 'string?',\n },\n },\n {\n name: 'getSprints',\n description: 'Get sprints for a Jira board',\n parameters: {\n boardId: 'number',\n state: 'string?',\n },\n },\n {\n name: 'getSprintIssues',\n description: 'Get issues in a specific sprint',\n parameters: {\n sprintId: 'number',\n maxResults: 'number?',\n },\n },\n {\n name: 'searchIssues',\n description: 'Search for Jira issues using JQL',\n parameters: {\n jql: 'string',\n maxResults: 'number?',\n startAt: 'number?',\n },\n },\n {\n name: 'getIssue',\n description: 'Get a specific Jira issue',\n parameters: {\n issueIdOrKey: 'string',\n },\n },\n {\n name: 'getIssueWorklogs',\n description: 'Get worklogs for a specific issue',\n parameters: {\n issueKey: 'string',\n },\n },\n {\n name: 'createIssue',\n description: 'Create a new Jira issue',\n parameters: {\n projectKey: 'string',\n summary: 'string',\n description: 'string?',\n issueType: 'string',\n priority: 'string?',\n assignee: 'string?',\n },\n },\n ],\n })\n }\n}\n","import { DataAccessVC, ConnectorResponse } from '@vess-id/ai-identity-types'\nimport { VPManager } from '../vp/vp-manager'\nimport { getConfig } from '../config'\n\nexport interface MemoryDocument {\n id: string\n namespace: string\n content: string\n metadata?: Record<string, any>\n embedding?: number[]\n createdAt: string\n updatedAt: string\n}\n\nexport interface MemoryQuery {\n query: string\n namespace?: string\n limit?: number\n filter?: Record<string, any>\n includeEmbedding?: boolean\n}\n\nexport interface MemoryQueryResult {\n documents: MemoryDocument[]\n scores?: number[]\n total: number\n}\n\nexport class MemoryManager {\n private vpManager: VPManager\n private proxyApiUrl: string\n\n constructor(vpManager?: VPManager) {\n this.vpManager = vpManager || new VPManager()\n const config = getConfig()\n this.proxyApiUrl = config.proxyApi?.baseUrl || 'http://localhost:3000'\n }\n\n /**\n * Write a document to memory\n */\n async write(\n content: string,\n options: {\n namespace: string\n metadata?: Record<string, any>\n vcs: string[] // DataAccessVC with write permission\n holderDid: string\n }\n ): Promise<MemoryDocument> {\n // Create VP for authorization\n const domain = new URL(this.proxyApiUrl).hostname\n const challenge = this.generateChallenge()\n\n const vpJwt = await this.vpManager.create(options.vcs, {\n holderDid: options.holderDid,\n challenge,\n domain,\n purpose: 'write',\n })\n\n // Call Memory API\n const response = await fetch(`${this.proxyApiUrl}/api/v1/memory/${options.namespace}/doc`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${vpJwt}`,\n },\n body: JSON.stringify({\n content,\n metadata: options.metadata,\n challenge,\n }),\n })\n\n if (!response.ok) {\n const error = await response.text()\n throw new Error(`Failed to write to memory: ${error}`)\n }\n\n return response.json() as unknown as MemoryDocument\n }\n\n /**\n * Query memory with vector search\n */\n async query(\n query: string,\n options: {\n namespace?: string\n limit?: number\n filter?: Record<string, any>\n vcs: string[] // DataAccessVC with read permission\n holderDid: string\n }\n ): Promise<MemoryQueryResult> {\n // Create VP for authorization\n const domain = new URL(this.proxyApiUrl).hostname\n const challenge = this.generateChallenge()\n\n const vpJwt = await this.vpManager.create(options.vcs, {\n holderDid: options.holderDid,\n challenge,\n domain,\n purpose: 'read',\n })\n\n // Build query\n const queryParams: MemoryQuery = {\n query,\n namespace: options.namespace,\n limit: options.limit || 10,\n filter: options.filter,\n }\n\n // Call Memory API\n const namespace = options.namespace || 'default'\n const response = await fetch(`${this.proxyApiUrl}/api/v1/memory/${namespace}/query`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${vpJwt}`,\n },\n body: JSON.stringify({\n ...queryParams,\n challenge,\n }),\n })\n\n if (!response.ok) {\n const error = await response.text()\n throw new Error(`Failed to query memory: ${error}`)\n }\n\n return response.json() as unknown as MemoryQueryResult\n }\n\n /**\n * Delete a document from memory\n */\n async delete(\n documentId: string,\n options: {\n namespace: string\n vcs: string[] // DataAccessVC with delete permission\n holderDid: string\n }\n ): Promise<void> {\n // Create VP for authorization\n const domain = new URL(this.proxyApiUrl).hostname\n const challenge = this.generateChallenge()\n\n const vpJwt = await this.vpManager.create(options.vcs, {\n holderDid: options.holderDid,\n challenge,\n domain,\n purpose: 'delete',\n })\n\n // Call Memory API\n const response = await fetch(\n `${this.proxyApiUrl}/api/v1/memory/${options.namespace}/${documentId}`,\n {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${vpJwt}`,\n 'X-Challenge': challenge,\n },\n }\n )\n\n if (!response.ok) {\n const error = await response.text()\n throw new Error(`Failed to delete from memory: ${error}`)\n }\n }\n\n /**\n * List documents in a namespace\n */\n async list(options: {\n namespace: string\n limit?: number\n offset?: number\n vcs: string[] // DataAccessVC with read permission\n holderDid: string\n }): Promise<MemoryQueryResult> {\n // Create VP for authorization\n const domain = new URL(this.proxyApiUrl).hostname\n const challenge = this.generateChallenge()\n\n const vpJwt = await this.vpManager.create(options.vcs, {\n holderDid: options.holderDid,\n challenge,\n domain,\n purpose: 'read',\n })\n\n // Call Memory API\n const params = new URLSearchParams({\n limit: (options.limit || 100).toString(),\n offset: (options.offset || 0).toString(),\n })\n\n const response = await fetch(\n `${this.proxyApiUrl}/api/v1/memory/${options.namespace}/list?${params}`,\n {\n headers: {\n Authorization: `Bearer ${vpJwt}`,\n 'X-Challenge': challenge,\n },\n }\n )\n\n if (!response.ok) {\n const error = await response.text()\n throw new Error(`Failed to list memory documents: ${error}`)\n }\n\n return response.json() as unknown as MemoryQueryResult\n }\n\n /**\n * Check if VCs authorize memory access\n */\n async checkAuthorization(\n vcs: string[],\n action: 'read' | 'write' | 'delete',\n resource: string\n ): Promise<boolean> {\n // Parse VCs and check permissions\n for (const vcJwt of vcs) {\n try {\n const parts = vcJwt.split('.')\n const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString())\n\n const vcResource = payload.credentialSubject?.resource\n const vcActions = payload.credentialSubject?.actions || []\n\n // Check resource match (with wildcard support)\n if (this.matchResource(vcResource, resource)) {\n // Check action permission\n if (vcActions.includes(action)) {\n return true\n }\n }\n } catch {\n continue\n }\n }\n return false\n }\n\n private matchResource(vcResource: string, requiredResource: string): boolean {\n // Support wildcard matching\n if (vcResource.endsWith('/*')) {\n const prefix = vcResource.slice(0, -2)\n return requiredResource.startsWith(prefix)\n }\n return vcResource === requiredResource\n }\n\n private generateChallenge(): string {\n return Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15)\n }\n}\n","import { VPManager } from '../vp/vp-manager'\nimport { VCManager } from '../vc/vc-manager'\nimport { getConfig } from '../config'\nimport {\n OrganizationVC,\n EmployeeVPRequest,\n ToolPermissionRequest,\n OrganizationConfig,\n} from '@vess-id/ai-identity-types'\n\nexport class OrganizationManager {\n private vpManager: VPManager\n private vcManager: VCManager\n private apiBaseUrl: string\n\n constructor(vpManager?: VPManager, vcManager?: VCManager) {\n this.vpManager = vpManager || new VPManager()\n this.vcManager = vcManager || new VCManager()\n const config = getConfig()\n this.apiBaseUrl = config.proxyApi?.baseUrl || 'http://localhost:3000'\n }\n\n /**\n * Request tool permissions using employee VC\n */\n async requestToolPermissions(\n employeeVCJWT: string,\n requestedTools: ToolPermissionRequest[],\n holderDid: string\n ): Promise<{\n permittedPermissions: ToolPermissionRequest[]\n employee: any\n }> {\n // Generate challenge for this request\n const challenge = this.generateChallenge()\n\n // Create employee VP request\n const vpRequest: EmployeeVPRequest = {\n employeeVC: employeeVCJWT,\n requestedTools,\n challenge,\n domain: new URL(this.apiBaseUrl).hostname,\n }\n\n // Send request to AIdentity API\n const response = await fetch(`${this.apiBaseUrl}/api/organization/employee/permissions`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(vpRequest),\n })\n\n if (!response.ok) {\n throw new Error(`Permission request failed: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n\n if (!result.success) {\n throw new Error(`Permission denied: ${result.error}`)\n }\n\n return {\n permittedPermissions: result.permittedPermissions,\n employee: result.employee,\n }\n }\n\n /**\n * Issue tool permissions to AI Agent based on organization approval\n */\n async issueOrganizationDelegatedPermissions(\n agentDid: string,\n employeeVCJWT: string,\n requestedTools: ToolPermissionRequest[],\n issuerDid: string\n ): Promise<string[]> {\n // First, get permitted permissions from organization\n const { permittedPermissions } = await this.requestToolPermissions(\n employeeVCJWT,\n requestedTools,\n issuerDid\n )\n\n // Issue VCs for each permitted permission\n const issuedVCs: string[] = []\n\n for (const permission of permittedPermissions) {\n for (const action of permission.actions) {\n const vc = await this.vcManager.issue(\n 'ToolPermissionVC',\n {\n tool: `${permission.tool}.${action}`,\n aud: permission.tool,\n organizationDelegated: true,\n sourceEmployeeVC: employeeVCJWT, // Include reference to source employee VC\n },\n {\n issuerDid,\n subjectDid: agentDid,\n expiresIn: permission.duration || '8h',\n }\n )\n\n issuedVCs.push(vc)\n }\n }\n\n return issuedVCs\n }\n\n /**\n * Create simplified workflow for employee to AI Agent delegation\n */\n async delegateToAIAgent(\n employeeVCJWT: string,\n agentDid: string,\n tools: string[], // ['slack', 'gmail', 'github']\n issuerDid: string,\n options?: {\n duration?: string\n justification?: string\n }\n ): Promise<{\n issuedVCs: string[]\n permissionSummary: Record<string, string[]>\n }> {\n // Convert simple tool list to permission requests\n const requestedTools: ToolPermissionRequest[] = tools.map(tool => ({\n tool,\n actions: ['read', 'write'], // Request common actions\n duration: options?.duration,\n justification: options?.justification,\n }))\n\n // Get organization-approved permissions\n const issuedVCs = await this.issueOrganizationDelegatedPermissions(\n agentDid,\n employeeVCJWT,\n requestedTools,\n issuerDid\n )\n\n // Create permission summary\n const permissionSummary: Record<string, string[]> = {}\n for (const tool of tools) {\n const relatedVCs = issuedVCs.filter(vc => vc.includes(tool))\n permissionSummary[tool] = relatedVCs.map(vc => this.extractActionFromVC(vc))\n }\n\n return {\n issuedVCs,\n permissionSummary,\n }\n }\n\n /**\n * Register organization with AIdentity\n */\n async registerOrganization(config: OrganizationConfig): Promise<void> {\n const response = await fetch(`${this.apiBaseUrl}/api/organization/register`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(config),\n })\n\n if (!response.ok) {\n throw new Error(`Organization registration failed: ${response.statusText}`)\n }\n }\n\n private generateChallenge(): string {\n return `challenge_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`\n }\n\n private extractActionFromVC(vcJWT: string): string {\n // Extract action from VC (simplified)\n try {\n const [, payload] = vcJWT.split('.')\n const vc = JSON.parse(Buffer.from(payload, 'base64url').toString())\n return vc.credentialSubject.tool.split('.').pop() || 'unknown'\n } catch {\n return 'unknown'\n }\n }\n}\n","import { VPManager } from '../vp/vp-manager'\nimport { getDidApiUrl } from '../config'\nimport {\n Grant,\n GrantStatus,\n CreateGrantRequest,\n UpdateGrantRequest,\n CheckGrantPermissionRequest,\n CheckGrantPermissionResult,\n} from '@vess-id/ai-identity-types'\n\n/**\n * Grant提案レスポンス\n */\nexport interface GrantSuggestion {\n id: string\n oauthTokenId: string\n targetUserId?: string\n projectId: string\n provider: string\n suggestedActions: string[]\n suggestedResources: Array<{\n type: string\n id?: string\n pattern?: string\n name?: string\n }>\n metadata: {\n providerInfo: any\n scopes: string[]\n }\n createdAt: string\n}\n\n/**\n * Grant提案確認リクエスト\n */\nexport interface ConfirmGrantRequest {\n suggestionId: string\n selectedActions: string[]\n selectedResources: Array<{\n type: string\n id?: string\n pattern?: string\n name?: string\n selected: boolean\n }>\n constraints: {\n maxInvocations?: number\n expiresAt?: string\n timeWindow?: {\n start: string\n end: string\n timezone: string\n daysOfWeek: number[]\n }\n }\n name?: string\n description?: string\n}\n\n/**\n * GrantManager\n * Grants APIを操作するSDKクライアント\n */\nexport class GrantManager {\n constructor(_vpManager: VPManager) {\n // vpManager might be used in future for VP creation\n }\n\n /**\n * Grant提案を取得\n * @param options - 提案オプション\n * @param options.oauthTokenId - OAuthトークンID\n * @param options.targetUserId - 対象ユーザーID\n * @param options.projectId - プロジェクトID\n * @param authOptions - 認証オプション(VP or issuerDid)\n */\n async suggest(\n options: {\n oauthTokenId: string\n targetUserId: string\n projectId: string\n },\n authOptions: {\n vpJwt?: string\n issuerDid?: string\n }\n ): Promise<GrantSuggestion> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (authOptions.vpJwt) {\n headers['Authorization'] = `Bearer ${authOptions.vpJwt}`\n } else if (authOptions.issuerDid) {\n headers['x-issuer-did'] = authOptions.issuerDid\n } else {\n throw new Error('Either vpJwt or issuerDid is required for authentication')\n }\n\n const response = await fetch(getDidApiUrl('/api/v1/grants/suggest'), {\n method: 'POST',\n headers,\n body: JSON.stringify(options),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to get grant suggestion: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grant提案を確認して作成\n * @param request - 確認リクエスト\n * @param authOptions - 認証オプション\n */\n async confirm(\n request: ConfirmGrantRequest,\n authOptions: {\n vpJwt?: string\n issuerDid?: string\n }\n ): Promise<Grant> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (authOptions.vpJwt) {\n headers['Authorization'] = `Bearer ${authOptions.vpJwt}`\n } else if (authOptions.issuerDid) {\n headers['x-issuer-did'] = authOptions.issuerDid\n } else {\n throw new Error('Either vpJwt or issuerDid is required for authentication')\n }\n\n const response = await fetch(getDidApiUrl('/api/v1/grants/confirm'), {\n method: 'POST',\n headers,\n body: JSON.stringify(request),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to confirm grant: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grantを直接作成\n * @param request - Grant作成リクエスト\n * @param authOptions - 認証オプション\n */\n async create(\n request: CreateGrantRequest,\n authOptions: {\n vpJwt?: string\n issuerDid?: string\n }\n ): Promise<Grant> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (authOptions.vpJwt) {\n headers['Authorization'] = `Bearer ${authOptions.vpJwt}`\n } else if (authOptions.issuerDid) {\n headers['x-issuer-did'] = authOptions.issuerDid\n } else {\n throw new Error('Either vpJwt or issuerDid is required for authentication')\n }\n\n const response = await fetch(getDidApiUrl('/api/v1/grants'), {\n method: 'POST',\n headers,\n body: JSON.stringify(request),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to create grant: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * ユーザー用のGrant一覧を取得\n * @param userId - ユーザーID\n * @param status - フィルタするステータス(オプション)\n */\n async listForUser(\n userId: string,\n status?: GrantStatus\n ): Promise<{ grants: Grant[]; total: number }> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n const encodedUserId = encodeURIComponent(userId)\n const url = status\n ? getDidApiUrl(`/api/v1/grants/user/${encodedUserId}?status=${status}`)\n : getDidApiUrl(`/api/v1/grants/user/${encodedUserId}`)\n\n const response = await fetch(url, {\n method: 'GET',\n headers,\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to list grants for user: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Issuer用のGrant一覧を取得\n * @param issuerDid - IssuerのDID\n * @param status - フィルタするステータス(オプション)\n */\n async listForIssuer(\n issuerDid: string,\n status?: GrantStatus\n ): Promise<{ grants: Grant[]; total: number }> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n const encodedDid = encodeURIComponent(issuerDid)\n const url = status\n ? getDidApiUrl(`/api/v1/grants/issuer/${encodedDid}?status=${status}`)\n : getDidApiUrl(`/api/v1/grants/issuer/${encodedDid}`)\n\n const response = await fetch(url, {\n method: 'GET',\n headers,\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to list grants for issuer: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grantを取得\n * @param grantId - GrantのID\n */\n async get(grantId: string): Promise<Grant> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n const response = await fetch(getDidApiUrl(`/api/v1/grants/${grantId}`), {\n method: 'GET',\n headers,\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to get grant: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grantを取り消し\n * @param grantId - GrantのID\n * @param reason - 取り消し理由\n * @param authOptions - 認証オプション\n */\n async revoke(\n grantId: string,\n reason: string,\n authOptions: {\n vpJwt?: string\n issuerDid?: string\n }\n ): Promise<Grant> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (authOptions.vpJwt) {\n headers['Authorization'] = `Bearer ${authOptions.vpJwt}`\n } else if (authOptions.issuerDid) {\n headers['x-issuer-did'] = authOptions.issuerDid\n } else {\n throw new Error('Either vpJwt or issuerDid is required for authentication')\n }\n\n const response = await fetch(getDidApiUrl(`/api/v1/grants/${grantId}`), {\n method: 'DELETE',\n headers,\n body: JSON.stringify({ reason }),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to revoke grant: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grant権限をチェック\n * @param request - 権限チェックリクエスト\n */\n async checkPermission(\n request: CheckGrantPermissionRequest\n ): Promise<CheckGrantPermissionResult> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n const response = await fetch(getDidApiUrl('/api/v1/grants/check'), {\n method: 'POST',\n headers,\n body: JSON.stringify(request),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to check grant permission: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n\n /**\n * Grant更新\n * @param grantId - GrantのID\n * @param request - 更新リクエスト\n * @param authOptions - 認証オプション\n */\n async update(\n grantId: string,\n request: UpdateGrantRequest,\n authOptions: {\n vpJwt?: string\n issuerDid?: string\n }\n ): Promise<Grant> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (authOptions.vpJwt) {\n headers['Authorization'] = `Bearer ${authOptions.vpJwt}`\n } else if (authOptions.issuerDid) {\n headers['x-issuer-did'] = authOptions.issuerDid\n } else {\n throw new Error('Either vpJwt or issuerDid is required for authentication')\n }\n\n const response = await fetch(getDidApiUrl(`/api/v1/grants/${grantId}`), {\n method: 'PUT',\n headers,\n body: JSON.stringify(request),\n })\n\n if (!response.ok) {\n const error = (await response.json()) as any\n throw new Error(error.error || `Failed to update grant: ${response.statusText}`)\n }\n\n const result = (await response.json()) as any\n return result.data\n }\n}\n","import {\n IssueSDJWTVCRequest,\n IssueSDJWTVCResult,\n VerifySDJWTVCResult,\n CredentialType\n} from '@vess-id/ai-identity-types'\nimport { KeyManager } from '../did/key-manager'\nimport { SDJwtClient } from '../utils/sdjwt-client'\nimport { DisclosureConfigManager } from '../organization/disclosure-config-manager'\n\n/**\n * API-focused VC Manager for server-side operations\n * Provides stateless SD-JWT operations without local persistence\n */\nexport class APIVCManager {\n private keyManager: KeyManager\n private disclosureManager: DisclosureConfigManager\n\n constructor(keyManager?: KeyManager, disclosureManager?: DisclosureConfigManager) {\n this.keyManager = keyManager || new KeyManager()\n this.disclosureManager = disclosureManager || new DisclosureConfigManager()\n // Set the KeyManager for SDJwtClient static methods\n SDJwtClient.setKeyManager(this.keyManager)\n }\n\n /**\n * Issue an SD-JWT VC with selective disclosure\n */\n async issueSDJWTVC(request: IssueSDJWTVCRequest): Promise<IssueSDJWTVCResult> {\n // Validate request\n if (!request.issuer || !request.subject) {\n throw new Error('Issuer and subject DIDs are required')\n }\n\n // Get issuer's private key\n const privateKey = await this.keyManager.getKey(request.issuer)\n if (!privateKey) {\n throw new Error(`Private key not found for issuer: ${request.issuer}`)\n }\n\n // Prepare credential payload\n const now = new Date()\n const iat = Math.floor(now.getTime() / 1000)\n\n // Set expiration: use provided date, or default to 24 hours from now\n const expirationDate = request.expirationDate || new Date(now.getTime() + 24 * 60 * 60 * 1000)\n const exp = Math.floor(expirationDate.getTime() / 1000)\n\n // Build IETF SD-JWT VC payload (no W3C VC wrapper)\n const vcPayload = {\n iss: request.issuer,\n sub: request.subject,\n iat,\n exp,\n vct: request.type || CredentialType.TEMPORARY, // IETF SD-JWT VC credential type\n // Direct claims (can be selectively disclosed)\n ...request.claims\n }\n\n // Get organization-specific selective disclosure configuration\n const disclosureConfig = await this.disclosureManager.getSelectiveDisclosureFields(\n request.issuer,\n request.type || CredentialType.TEMPORARY,\n request.selectiveDisclosureFields\n )\n\n // Issue SD-JWT VC with selective disclosure\n const credential = await SDJwtClient.issueSDJWT(\n vcPayload,\n privateKey,\n disclosureConfig.selectiveFields\n )\n\n return {\n credential,\n issuer: request.issuer,\n subject: request.subject,\n type: request.type || CredentialType.TEMPORARY,\n expiresAt: expirationDate\n }\n }\n\n /**\n * Verify an SD-JWT VC\n */\n async verifySDJWTVC(credential: string): Promise<VerifySDJWTVCResult> {\n try {\n // Basic format validation\n if (!credential || typeof credential !== 'string') {\n return {\n valid: false,\n error: 'Invalid credential format'\n }\n }\n\n // Verify the SD-JWT VC\n const result = await SDJwtClient.verifySDJWT(credential)\n\n if (!result.valid || !result.payload) {\n return {\n valid: false,\n error: result.error || 'Verification failed'\n }\n }\n\n return {\n valid: true,\n payload: {\n iss: result.payload.iss,\n sub: result.payload.sub,\n vct: result.payload.vct,\n exp: result.payload.exp,\n iat: result.payload.iat,\n // Include any other claims from the payload\n ...Object.fromEntries(\n Object.entries(result.payload).filter(([key]) =>\n !['iss', 'sub', 'vct', 'exp', 'iat'].includes(key)\n )\n )\n }\n }\n } catch (error) {\n return {\n valid: false,\n error: `Verification error: ${error instanceof Error ? error.message : 'Unknown error'}`\n }\n }\n }\n\n /**\n * Issue a project access credential\n */\n async issueProjectAccessCredential(\n agentDid: string,\n projectId: string,\n permissions: string[],\n issuerDid: string,\n expirationHours = 24\n ): Promise<IssueSDJWTVCResult> {\n const expirationDate = new Date(Date.now() + expirationHours * 60 * 60 * 1000)\n\n return this.issueSDJWTVC({\n issuer: issuerDid,\n subject: agentDid,\n type: CredentialType.PROJECT_ACCESS,\n claims: {\n projectId,\n permissions,\n role: 'developer'\n },\n expirationDate,\n projectId,\n selectiveDisclosureFields: ['permissions']\n })\n }\n\n /**\n * Issue a tool access credential\n */\n async issueToolAccessCredential(\n agentDid: string,\n toolName: string,\n actions: string[],\n projectId: string,\n issuerDid: string,\n expirationHours = 24\n ): Promise<IssueSDJWTVCResult> {\n const expirationDate = new Date(Date.now() + expirationHours * 60 * 60 * 1000)\n\n return this.issueSDJWTVC({\n issuer: issuerDid,\n subject: agentDid,\n type: CredentialType.TOOL_ACCESS,\n claims: {\n tool: toolName,\n actions,\n projectId\n },\n expirationDate,\n projectId,\n selectiveDisclosureFields: ['actions', 'tool']\n })\n }\n\n /**\n * Issue a multi-tool access credential\n */\n async issueMultiToolCredential(\n agentDid: string,\n toolPermissions: Array<{ tool: string; actions: string[] }>,\n projectId: string,\n issuerDid: string,\n expirationHours = 24\n ): Promise<IssueSDJWTVCResult> {\n const expirationDate = new Date(Date.now() + expirationHours * 60 * 60 * 1000)\n\n return this.issueSDJWTVC({\n issuer: issuerDid,\n subject: agentDid,\n type: CredentialType.TOOL_ACCESS,\n claims: {\n toolPermissions,\n projectId\n },\n expirationDate,\n projectId,\n selectiveDisclosureFields: ['toolPermissions']\n })\n }\n\n /**\n * Issue an admin credential\n */\n async issueAdminCredential(\n agentDid: string,\n scope: 'project' | 'global',\n projectId: string | undefined,\n issuerDid: string,\n expirationHours = 8\n ): Promise<IssueSDJWTVCResult> {\n const expirationDate = new Date(Date.now() + expirationHours * 60 * 60 * 1000)\n\n return this.issueSDJWTVC({\n issuer: issuerDid,\n subject: agentDid,\n type: CredentialType.ADMIN,\n claims: {\n scope,\n projectId,\n adminLevel: scope === 'global' ? 'super' : 'project'\n },\n expirationDate,\n projectId,\n selectiveDisclosureFields: ['adminLevel', 'scope']\n })\n }\n}","import { CredentialType } from '@vess-id/ai-identity-types'\n\nexport interface OrganizationDisclosureConfig {\n organizationDid: string\n defaultFields: string[]\n credentialTypeConfigs: Map<CredentialType, CredentialDisclosureConfig>\n createdAt: Date\n updatedAt: Date\n}\n\nexport interface CredentialDisclosureConfig {\n type: CredentialType\n mandatoryFields: string[] // Always disclosed\n selectiveFields: string[] // Can be selectively disclosed\n neverDisclose: string[] // Never disclosed (always hidden)\n decoyFields?: number // Number of decoy fields to add\n}\n\nexport class DisclosureConfigManager {\n private configs: Map<string, OrganizationDisclosureConfig> = new Map()\n\n /**\n * Set disclosure configuration for an organization\n */\n async setOrganizationConfig(\n organizationDid: string,\n config: Partial<OrganizationDisclosureConfig>\n ): Promise<void> {\n const existingConfig = this.configs.get(organizationDid)\n const now = new Date()\n\n const newConfig: OrganizationDisclosureConfig = {\n organizationDid,\n defaultFields: config.defaultFields || [],\n credentialTypeConfigs: config.credentialTypeConfigs || new Map(),\n createdAt: existingConfig?.createdAt || now,\n updatedAt: now\n }\n\n this.configs.set(organizationDid, newConfig)\n }\n\n /**\n * Get disclosure configuration for an organization\n */\n async getOrganizationConfig(organizationDid: string): Promise<OrganizationDisclosureConfig | null> {\n return this.configs.get(organizationDid) || null\n }\n\n /**\n * Set credential type specific disclosure configuration\n */\n async setCredentialTypeConfig(\n organizationDid: string,\n credentialType: CredentialType,\n config: CredentialDisclosureConfig\n ): Promise<void> {\n let orgConfig = this.configs.get(organizationDid)\n\n if (!orgConfig) {\n const now = new Date()\n orgConfig = {\n organizationDid,\n defaultFields: [],\n credentialTypeConfigs: new Map(),\n createdAt: now,\n updatedAt: now\n }\n }\n\n orgConfig.credentialTypeConfigs.set(credentialType, config)\n orgConfig.updatedAt = new Date()\n\n this.configs.set(organizationDid, orgConfig)\n }\n\n /**\n * Get selective disclosure fields for a specific credential type and organization\n */\n async getSelectiveDisclosureFields(\n organizationDid: string,\n credentialType: CredentialType,\n requestedFields?: string[]\n ): Promise<{\n selectiveFields: string[]\n mandatoryFields: string[]\n neverDisclose: string[]\n decoyCount: number\n }> {\n const orgConfig = this.configs.get(organizationDid)\n\n if (!orgConfig) {\n // Return default configuration\n return this.getDefaultConfiguration(credentialType, requestedFields)\n }\n\n const typeConfig = orgConfig.credentialTypeConfigs.get(credentialType)\n\n if (!typeConfig) {\n // Use organization defaults\n return {\n selectiveFields: requestedFields || orgConfig.defaultFields,\n mandatoryFields: [],\n neverDisclose: [],\n decoyCount: 0\n }\n }\n\n // Filter requested fields based on configuration\n let selectiveFields = requestedFields || typeConfig.selectiveFields\n\n // Remove fields that should never be disclosed\n selectiveFields = selectiveFields.filter(field =>\n !typeConfig.neverDisclose.includes(field)\n )\n\n return {\n selectiveFields,\n mandatoryFields: typeConfig.mandatoryFields,\n neverDisclose: typeConfig.neverDisclose,\n decoyCount: typeConfig.decoyFields || 0\n }\n }\n\n /**\n * Get default configuration for credential types\n */\n private getDefaultConfiguration(\n credentialType: CredentialType,\n requestedFields?: string[]\n ): {\n selectiveFields: string[]\n mandatoryFields: string[]\n neverDisclose: string[]\n decoyCount: number\n } {\n const defaultConfigs: Record<CredentialType, Partial<CredentialDisclosureConfig>> = {\n [CredentialType.PROJECT_ACCESS]: {\n selectiveFields: ['permissions', 'projectId'],\n mandatoryFields: ['role'],\n neverDisclose: ['privateKey', 'secret']\n },\n [CredentialType.TOOL_ACCESS]: {\n selectiveFields: ['actions', 'tool', 'resourceScope'],\n mandatoryFields: [],\n neverDisclose: ['privateKey', 'secret']\n },\n [CredentialType.ADMIN]: {\n selectiveFields: ['adminLevel', 'scope'],\n mandatoryFields: ['authorizedBy'],\n neverDisclose: ['privateKey', 'secret', 'internalId']\n },\n [CredentialType.DEVELOPER]: {\n selectiveFields: ['skills', 'experience', 'projects'],\n mandatoryFields: ['name'],\n neverDisclose: ['salary', 'privateInfo']\n },\n [CredentialType.TEMPORARY]: {\n selectiveFields: requestedFields || [],\n mandatoryFields: [],\n neverDisclose: ['privateKey', 'secret']\n },\n [CredentialType.RECEIPT]: {\n selectiveFields: ['action', 'resource', 'outcome','amount', 'description', 'date', 'transactionId'],\n mandatoryFields: ['grantId', 'auditEventId', 'receiptType'],\n neverDisclose: ['signature', 'privateKey', 'secret', 'internalReference']\n }\n }\n\n const config = defaultConfigs[credentialType] || defaultConfigs[CredentialType.TEMPORARY]\n\n return {\n selectiveFields: requestedFields || config.selectiveFields || [],\n mandatoryFields: config.mandatoryFields || [],\n neverDisclose: config.neverDisclose || [],\n decoyCount: 0\n }\n }\n\n /**\n * Validate disclosure request against organization policy\n */\n async validateDisclosureRequest(\n organizationDid: string,\n credentialType: CredentialType,\n requestedFields: string[]\n ): Promise<{\n valid: boolean\n allowedFields: string[]\n rejectedFields: string[]\n errors: string[]\n }> {\n const config = await this.getSelectiveDisclosureFields(organizationDid, credentialType, requestedFields)\n const errors: string[] = []\n const rejectedFields: string[] = []\n\n // Check for fields that should never be disclosed\n const forbiddenFields = requestedFields.filter(field =>\n config.neverDisclose.includes(field)\n )\n\n if (forbiddenFields.length > 0) {\n rejectedFields.push(...forbiddenFields)\n errors.push(`Fields not allowed for disclosure: ${forbiddenFields.join(', ')}`)\n }\n\n const allowedFields = requestedFields.filter(field =>\n !config.neverDisclose.includes(field)\n )\n\n return {\n valid: errors.length === 0,\n allowedFields,\n rejectedFields,\n errors\n }\n }\n\n /**\n * Get all organization configurations (for admin purposes)\n */\n async getAllConfigurations(): Promise<OrganizationDisclosureConfig[]> {\n return Array.from(this.configs.values())\n }\n\n /**\n * Delete organization configuration\n */\n async deleteOrganizationConfig(organizationDid: string): Promise<boolean> {\n return this.configs.delete(organizationDid)\n }\n}","import { KeyManager } from '../did/key-manager'\nimport { generateKeyPair } from '../utils/crypto'\n\nexport interface KeyRotationConfig {\n /** How often keys should be rotated (in hours) */\n rotationInterval: number\n /** How many old keys to keep for verification */\n keepOldKeys: number\n /** Warning threshold before rotation (in hours) */\n warningThreshold: number\n}\n\nexport interface KeyRotationInfo {\n currentKeyId: string\n nextRotationDate: Date\n oldKeys: Array<{\n keyId: string\n rotatedAt: Date\n expiresAt: Date\n }>\n needsRotation: boolean\n warningActive: boolean\n}\n\nexport class KeyRotationManager {\n private keyManager: KeyManager\n private config: KeyRotationConfig\n\n constructor(keyManager: KeyManager, config?: Partial<KeyRotationConfig>) {\n this.keyManager = keyManager\n this.config = {\n rotationInterval: 24 * 30, // 30 days default\n keepOldKeys: 5, // Keep 5 old keys\n warningThreshold: 24, // Warn 1 day before\n ...config\n }\n }\n\n /**\n * Check if organization keys need rotation\n */\n async checkRotationStatus(organizationDid: string): Promise<KeyRotationInfo> {\n // For did:jwk, we currently don't implement rotation\n // This is a placeholder for future extensibility\n const now = new Date()\n const nextRotationDate = new Date(now.getTime() + this.config.rotationInterval * 60 * 60 * 1000)\n\n return {\n currentKeyId: organizationDid,\n nextRotationDate,\n oldKeys: [],\n needsRotation: false,\n warningActive: false\n }\n }\n\n /**\n * Rotate organization keys\n * NOTE: Currently not implemented for did:jwk\n */\n async rotateOrganizationKeys(organizationDid: string): Promise<{\n newDid: string\n newPrivateKey: any\n rotationDate: Date\n }> {\n // For did:jwk, rotating keys means generating a new DID\n // This breaks the immutability principle of did:jwk\n // In production, you would want to use did:web or similar for key rotation\n\n throw new Error('Key rotation is not supported for did:jwk. Consider using did:web for production environments that require key rotation.')\n }\n\n /**\n * Get old keys for verification (useful for grace periods)\n */\n async getOldKeysForVerification(organizationDid: string): Promise<Array<{\n keyId: string\n publicKey: any\n validUntil: Date\n }>> {\n // For did:jwk, there are no old keys since rotation changes the DID\n return []\n }\n\n /**\n * Plan future key rotation (for did:web or other mutable DID methods)\n */\n async planKeyRotation(organizationDid: string): Promise<{\n plannedRotationDate: Date\n currentKeyAge: number\n recommendedAction: 'none' | 'prepare' | 'rotate_now' | 'urgent'\n }> {\n const now = new Date()\n const plannedRotationDate = new Date(now.getTime() + this.config.rotationInterval * 60 * 60 * 1000)\n\n // For did:jwk, keys don't age in the traditional sense\n const currentKeyAge = 0\n\n return {\n plannedRotationDate,\n currentKeyAge,\n recommendedAction: 'none' // No rotation needed for did:jwk\n }\n }\n\n /**\n * Update rotation configuration\n */\n updateConfig(newConfig: Partial<KeyRotationConfig>): void {\n this.config = {\n ...this.config,\n ...newConfig\n }\n }\n\n /**\n * Get current configuration\n */\n getConfig(): KeyRotationConfig {\n return { ...this.config }\n }\n}","export interface SDJWTMetrics {\n issuanceCount: number\n verificationCount: number\n failedIssuances: number\n failedVerifications: number\n averageIssuanceTime: number\n averageVerificationTime: number\n cacheHitRate: number\n lastActivity: Date\n}\n\nexport interface OperationMetric {\n operation: 'issue' | 'verify'\n startTime: number\n endTime: number\n success: boolean\n error?: string\n issuerDid?: string\n credentialType?: string\n}\n\nexport class MetricsManager {\n private metrics: Map<string, SDJWTMetrics> = new Map()\n private operations: OperationMetric[] = []\n private maxOperationHistory = 1000\n\n /**\n * Start tracking an operation\n */\n startOperation(operation: 'issue' | 'verify', metadata?: Record<string, any>): string {\n const operationId = `${operation}_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`\n const startTime = performance.now()\n\n // Store operation start time for tracking\n this.operations.push({\n operation,\n startTime,\n endTime: 0,\n success: false,\n ...metadata,\n })\n\n return operationId\n }\n\n /**\n * End tracking an operation\n */\n endOperation(operationId: string, success: boolean, error?: string): void {\n const endTime = performance.now()\n const operation = this.operations[this.operations.length - 1]\n\n if (operation) {\n operation.endTime = endTime\n operation.success = success\n operation.error = error\n\n // Update metrics\n this.updateMetrics(operation)\n }\n\n // Keep operation history limited\n if (this.operations.length > this.maxOperationHistory) {\n this.operations = this.operations.slice(-this.maxOperationHistory)\n }\n }\n\n /**\n * Update aggregated metrics\n */\n private updateMetrics(operation: OperationMetric): void {\n const key = operation.issuerDid || 'global'\n let metrics = this.metrics.get(key)\n\n if (!metrics) {\n metrics = {\n issuanceCount: 0,\n verificationCount: 0,\n failedIssuances: 0,\n failedVerifications: 0,\n averageIssuanceTime: 0,\n averageVerificationTime: 0,\n cacheHitRate: 0,\n lastActivity: new Date(),\n }\n }\n\n const duration = operation.endTime - operation.startTime\n\n if (operation.operation === 'issue') {\n metrics.issuanceCount++\n if (!operation.success) {\n metrics.failedIssuances++\n }\n // Update rolling average\n metrics.averageIssuanceTime =\n (metrics.averageIssuanceTime * (metrics.issuanceCount - 1) + duration) /\n metrics.issuanceCount\n } else {\n metrics.verificationCount++\n if (!operation.success) {\n metrics.failedVerifications++\n }\n // Update rolling average\n metrics.averageVerificationTime =\n (metrics.averageVerificationTime * (metrics.verificationCount - 1) + duration) /\n metrics.verificationCount\n }\n\n metrics.lastActivity = new Date()\n this.metrics.set(key, metrics)\n }\n\n /**\n * Get metrics for a specific issuer or global\n */\n getMetrics(issuerDid?: string): SDJWTMetrics | null {\n const key = issuerDid || 'global'\n return this.metrics.get(key) || null\n }\n\n /**\n * Get all metrics\n */\n getAllMetrics(): Map<string, SDJWTMetrics> {\n return new Map(this.metrics)\n }\n\n /**\n * Get recent operations\n */\n getRecentOperations(limit = 100): OperationMetric[] {\n return this.operations.slice(-limit)\n }\n\n /**\n * Get operation statistics\n */\n getOperationStats(): {\n totalOperations: number\n successRate: number\n averageResponseTime: number\n operationsPerMinute: number\n } {\n const now = Date.now()\n const oneMinuteAgo = now - 60000\n\n const recentOps = this.operations.filter(op => op.startTime > oneMinuteAgo)\n const successfulOps = this.operations.filter(op => op.success)\n\n const totalDuration = this.operations.reduce((sum, op) => sum + (op.endTime - op.startTime), 0)\n\n return {\n totalOperations: this.operations.length,\n successRate: this.operations.length > 0 ? successfulOps.length / this.operations.length : 0,\n averageResponseTime: this.operations.length > 0 ? totalDuration / this.operations.length : 0,\n operationsPerMinute: recentOps.length,\n }\n }\n\n /**\n * Update cache hit rate\n */\n updateCacheHitRate(issuerDid: string, hit: boolean): void {\n const key = issuerDid || 'global'\n let metrics = this.metrics.get(key)\n\n if (!metrics) {\n metrics = {\n issuanceCount: 0,\n verificationCount: 0,\n failedIssuances: 0,\n failedVerifications: 0,\n averageIssuanceTime: 0,\n averageVerificationTime: 0,\n cacheHitRate: 0,\n lastActivity: new Date(),\n }\n }\n\n // Simple cache hit rate calculation (could be improved with sliding window)\n const currentRate = metrics.cacheHitRate\n const newRate = hit ? Math.min(1, currentRate + 0.1) : Math.max(0, currentRate - 0.1)\n metrics.cacheHitRate = newRate\n metrics.lastActivity = new Date()\n\n this.metrics.set(key, metrics)\n }\n\n /**\n * Reset metrics\n */\n resetMetrics(issuerDid?: string): void {\n if (issuerDid) {\n this.metrics.delete(issuerDid)\n } else {\n this.metrics.clear()\n this.operations = []\n }\n }\n\n /**\n * Export metrics as JSON\n */\n exportMetrics(): {\n aggregatedMetrics: Record<string, SDJWTMetrics>\n recentOperations: OperationMetric[]\n summary: ReturnType<any>\n } {\n return {\n aggregatedMetrics: Object.fromEntries(this.metrics),\n recentOperations: this.getRecentOperations(50),\n summary: this.getOperationStats(),\n }\n }\n}\n","import { CredentialStatus } from '@vess-id/ai-identity-types'\n\nexport interface RevocationListEntry {\n credentialId: string\n revocationDate: Date\n reason?: string\n revokedBy: string\n}\n\nexport interface RevocationList {\n id: string\n issuer: string\n type: 'StatusList2021' | 'BitStringStatusList'\n statusPurpose: 'revocation' | 'suspension'\n encodedList: string\n entries: RevocationListEntry[]\n createdAt: Date\n updatedAt: Date\n}\n\nexport interface CredentialStatusInfo {\n id: string\n type: string\n statusListIndex: number\n statusListCredential: string\n revocationReason?: string\n revocationDate?: Date\n}\n\nexport class RevocationManager {\n private revocationLists: Map<string, RevocationList> = new Map()\n private credentialStatuses: Map<string, CredentialStatusInfo> = new Map()\n\n /**\n * Create a new revocation list\n */\n async createRevocationList(\n issuer: string,\n type: 'StatusList2021' | 'BitStringStatusList' = 'StatusList2021',\n purpose: 'revocation' | 'suspension' = 'revocation'\n ): Promise<RevocationList> {\n const id = `${issuer}#revocation-list-${Date.now()}`\n const now = new Date()\n\n const revocationList: RevocationList = {\n id,\n issuer,\n type,\n statusPurpose: purpose,\n encodedList: this.createEmptyBitString(100000), // Start with 100k slots\n entries: [],\n createdAt: now,\n updatedAt: now\n }\n\n this.revocationLists.set(id, revocationList)\n return revocationList\n }\n\n /**\n * Add credential to revocation list\n */\n async addCredentialToRevocationList(\n credentialId: string,\n listId: string,\n statusIndex?: number\n ): Promise<CredentialStatusInfo> {\n const revocationList = this.revocationLists.get(listId)\n if (!revocationList) {\n throw new Error(`Revocation list not found: ${listId}`)\n }\n\n // Find next available index if not provided\n const index = statusIndex ?? this.findNextAvailableIndex(listId)\n\n const statusInfo: CredentialStatusInfo = {\n id: `${credentialId}#status`,\n type: 'StatusList2021Entry',\n statusListIndex: index,\n statusListCredential: listId\n }\n\n this.credentialStatuses.set(credentialId, statusInfo)\n return statusInfo\n }\n\n /**\n * Revoke a credential\n */\n async revokeCredential(\n credentialId: string,\n reason?: string,\n revokedBy?: string\n ): Promise<boolean> {\n const statusInfo = this.credentialStatuses.get(credentialId)\n if (!statusInfo) {\n throw new Error(`Credential not found in revocation tracking: ${credentialId}`)\n }\n\n const revocationList = this.revocationLists.get(statusInfo.statusListCredential)\n if (!revocationList) {\n throw new Error(`Revocation list not found: ${statusInfo.statusListCredential}`)\n }\n\n // Update bit string to mark as revoked\n const updatedBitString = this.setBitInString(\n revocationList.encodedList,\n statusInfo.statusListIndex,\n true\n )\n\n // Add to revocation entries\n const revocationEntry: RevocationListEntry = {\n credentialId,\n revocationDate: new Date(),\n reason,\n revokedBy: revokedBy || 'system'\n }\n\n revocationList.encodedList = updatedBitString\n revocationList.entries.push(revocationEntry)\n revocationList.updatedAt = new Date()\n\n // Update credential status info\n statusInfo.revocationReason = reason\n statusInfo.revocationDate = new Date()\n\n this.revocationLists.set(revocationList.id, revocationList)\n this.credentialStatuses.set(credentialId, statusInfo)\n\n return true\n }\n\n /**\n * Check if credential is revoked\n */\n async isCredentialRevoked(credentialId: string): Promise<{\n revoked: boolean\n reason?: string\n revokedDate?: Date\n revokedBy?: string\n }> {\n const statusInfo = this.credentialStatuses.get(credentialId)\n if (!statusInfo) {\n return { revoked: false }\n }\n\n const revocationList = this.revocationLists.get(statusInfo.statusListCredential)\n if (!revocationList) {\n return { revoked: false }\n }\n\n const isRevoked = this.getBitFromString(\n revocationList.encodedList,\n statusInfo.statusListIndex\n )\n\n if (!isRevoked) {\n return { revoked: false }\n }\n\n // Find revocation entry for details\n const entry = revocationList.entries.find(e => e.credentialId === credentialId)\n\n return {\n revoked: true,\n reason: entry?.reason,\n revokedDate: entry?.revocationDate,\n revokedBy: entry?.revokedBy\n }\n }\n\n /**\n * Get credential status info\n */\n async getCredentialStatus(credentialId: string): Promise<CredentialStatusInfo | null> {\n return this.credentialStatuses.get(credentialId) || null\n }\n\n /**\n * Get revocation list\n */\n async getRevocationList(listId: string): Promise<RevocationList | null> {\n return this.revocationLists.get(listId) || null\n }\n\n /**\n * Get all revocation lists for an issuer\n */\n async getIssuerRevocationLists(issuer: string): Promise<RevocationList[]> {\n return Array.from(this.revocationLists.values()).filter(list => list.issuer === issuer)\n }\n\n /**\n * Restore/unreovke a credential\n */\n async restoreCredential(credentialId: string): Promise<boolean> {\n const statusInfo = this.credentialStatuses.get(credentialId)\n if (!statusInfo) {\n throw new Error(`Credential not found in revocation tracking: ${credentialId}`)\n }\n\n const revocationList = this.revocationLists.get(statusInfo.statusListCredential)\n if (!revocationList) {\n throw new Error(`Revocation list not found: ${statusInfo.statusListCredential}`)\n }\n\n // Update bit string to mark as not revoked\n const updatedBitString = this.setBitInString(\n revocationList.encodedList,\n statusInfo.statusListIndex,\n false\n )\n\n revocationList.encodedList = updatedBitString\n revocationList.updatedAt = new Date()\n\n // Remove revocation reason/date\n delete statusInfo.revocationReason\n delete statusInfo.revocationDate\n\n this.revocationLists.set(revocationList.id, revocationList)\n this.credentialStatuses.set(credentialId, statusInfo)\n\n return true\n }\n\n /**\n * Create empty bit string\n */\n private createEmptyBitString(size: number): string {\n const bytes = Math.ceil(size / 8)\n const buffer = Buffer.alloc(bytes, 0)\n return buffer.toString('base64')\n }\n\n /**\n * Set bit in encoded string\n */\n private setBitInString(encodedString: string, index: number, value: boolean): string {\n const buffer = Buffer.from(encodedString, 'base64')\n const byteIndex = Math.floor(index / 8)\n const bitIndex = index % 8\n\n if (byteIndex >= buffer.length) {\n throw new Error(`Bit index ${index} is out of bounds for buffer of size ${buffer.length * 8}`)\n }\n\n if (value) {\n buffer[byteIndex] |= (1 << (7 - bitIndex))\n } else {\n buffer[byteIndex] &= ~(1 << (7 - bitIndex))\n }\n\n return buffer.toString('base64')\n }\n\n /**\n * Get bit from encoded string\n */\n private getBitFromString(encodedString: string, index: number): boolean {\n const buffer = Buffer.from(encodedString, 'base64')\n const byteIndex = Math.floor(index / 8)\n const bitIndex = index % 8\n\n if (byteIndex >= buffer.length) {\n return false\n }\n\n return (buffer[byteIndex] & (1 << (7 - bitIndex))) !== 0\n }\n\n /**\n * Find next available index in revocation list\n */\n private findNextAvailableIndex(listId: string): number {\n const usedIndices = Array.from(this.credentialStatuses.values())\n .filter(status => status.statusListCredential === listId)\n .map(status => status.statusListIndex)\n\n let index = 0\n while (usedIndices.includes(index)) {\n index++\n }\n return index\n }\n\n /**\n * Export revocation list in standard format\n */\n async exportRevocationList(listId: string): Promise<{\n '@context': string[]\n id: string\n type: string[]\n issuer: string\n validFrom: string\n credentialSubject: {\n id: string\n type: string\n statusPurpose: string\n encodedList: string\n }\n } | null> {\n const list = this.revocationLists.get(listId)\n if (!list) {\n return null\n }\n\n return {\n '@context': [\n 'https://www.w3.org/2018/credentials/v1',\n 'https://w3id.org/vc/status-list/2021/v1'\n ],\n id: list.id,\n type: ['VerifiableCredential', 'StatusList2021Credential'],\n issuer: list.issuer,\n validFrom: list.createdAt.toISOString(),\n credentialSubject: {\n id: `${list.id}#list`,\n type: list.type,\n statusPurpose: list.statusPurpose,\n encodedList: list.encodedList\n }\n }\n }\n}","/**\n * ConstraintEvaluator\n * Grant制約の評価ロジック\n */\n\nimport {\n GrantConstraints,\n TimeWindowConstraint,\n EvaluationContext,\n ConstraintEvaluationResult,\n ConstraintViolation,\n ConstraintWarning\n} from '@vess-id/ai-identity-types'\n\nexport interface ConstraintEvaluatorOptions {\n /** 警告を発する残り実行回数の閾値 */\n invocationWarningThreshold?: number\n /** 警告を発するリスクスコアの閾値(riskThresholdに対する割合) */\n riskWarningRatio?: number\n /** デフォルトタイムゾーン */\n defaultTimezone?: string\n}\n\nconst DEFAULT_OPTIONS: ConstraintEvaluatorOptions = {\n invocationWarningThreshold: 5,\n riskWarningRatio: 0.8,\n defaultTimezone: 'UTC'\n}\n\n/**\n * 制約評価クラス\n */\nexport class ConstraintEvaluator {\n private options: ConstraintEvaluatorOptions\n\n constructor(options?: Partial<ConstraintEvaluatorOptions>) {\n this.options = { ...DEFAULT_OPTIONS, ...options }\n }\n\n /**\n * 制約を総合評価\n */\n evaluate(\n constraints: GrantConstraints,\n context: EvaluationContext,\n currentInvocations: number,\n expiresAt?: Date\n ): ConstraintEvaluationResult {\n const violations: ConstraintViolation[] = []\n const warnings: ConstraintWarning[] = []\n\n // 1. 期限チェック\n const expirationResult = this.checkExpiration(expiresAt, constraints.expiresAt)\n if (expirationResult.violation) {\n violations.push(expirationResult.violation)\n }\n\n // 2. 回数上限チェック\n const invocationResult = this.checkInvocationLimit(\n constraints.maxInvocations,\n currentInvocations\n )\n if (invocationResult.violation) {\n violations.push(invocationResult.violation)\n }\n if (invocationResult.warning) {\n warnings.push(invocationResult.warning)\n }\n\n // 3. 時間帯チェック\n if (constraints.timeWindow) {\n const timeResult = this.checkTimeWindow(\n constraints.timeWindow,\n new Date(context.timestamp)\n )\n if (timeResult.violation) {\n violations.push(timeResult.violation)\n }\n if (timeResult.warning) {\n warnings.push(timeResult.warning)\n }\n }\n\n // 4. IPアドレスチェック\n if (constraints.ipAllowlist && constraints.ipAllowlist.length > 0 && context.ipAddress) {\n const ipResult = this.checkIpAllowlist(constraints.ipAllowlist, context.ipAddress)\n if (ipResult.violation) {\n violations.push(ipResult.violation)\n }\n }\n\n // 5. リスクスコアチェック\n if (constraints.riskThreshold !== undefined && context.riskScore !== undefined) {\n const riskResult = this.checkRiskThreshold(constraints.riskThreshold, context.riskScore)\n if (riskResult.violation) {\n violations.push(riskResult.violation)\n }\n if (riskResult.warning) {\n warnings.push(riskResult.warning)\n }\n }\n\n return {\n allowed: violations.length === 0,\n violations,\n warnings,\n evaluatedAt: new Date().toISOString(),\n context\n }\n }\n\n /**\n * 期限チェック\n */\n checkExpiration(\n grantExpiresAt?: Date,\n constraintExpiresAt?: string\n ): { violation?: ConstraintViolation } {\n const now = new Date()\n\n // Grantレベルの有効期限\n if (grantExpiresAt && new Date(grantExpiresAt) < now) {\n return {\n violation: {\n type: 'expired',\n message: `Grant expired at ${grantExpiresAt.toISOString()}`,\n details: { expiresAt: grantExpiresAt.toISOString(), now: now.toISOString() }\n }\n }\n }\n\n // Constraintレベルの有効期限\n if (constraintExpiresAt && new Date(constraintExpiresAt) < now) {\n return {\n violation: {\n type: 'expired',\n message: `Constraint expired at ${constraintExpiresAt}`,\n details: { expiresAt: constraintExpiresAt, now: now.toISOString() }\n }\n }\n }\n\n return {}\n }\n\n /**\n * 実行回数チェック\n */\n checkInvocationLimit(\n maxInvocations?: number,\n currentInvocations?: number\n ): { violation?: ConstraintViolation; warning?: ConstraintWarning } {\n if (maxInvocations === undefined || currentInvocations === undefined) {\n return {}\n }\n\n const remaining = maxInvocations - currentInvocations\n\n if (remaining <= 0) {\n return {\n violation: {\n type: 'max_invocations',\n message: `Invocation limit reached (${maxInvocations} max, ${currentInvocations} used)`,\n details: { maxInvocations, currentInvocations, remaining: 0 }\n }\n }\n }\n\n if (remaining <= this.options.invocationWarningThreshold!) {\n return {\n warning: {\n type: 'approaching_limit',\n message: `Only ${remaining} invocations remaining out of ${maxInvocations}`,\n details: { maxInvocations, currentInvocations, remaining }\n }\n }\n }\n\n return {}\n }\n\n /**\n * 時間帯チェック\n */\n checkTimeWindow(\n timeWindow: TimeWindowConstraint,\n currentTime: Date\n ): { violation?: ConstraintViolation; warning?: ConstraintWarning } {\n const timezone = timeWindow.timezone || this.options.defaultTimezone!\n\n // 曜日チェック\n if (timeWindow.daysOfWeek && timeWindow.daysOfWeek.length > 0) {\n const currentDay = this.getDayOfWeekInTimezone(currentTime, timezone)\n if (!timeWindow.daysOfWeek.includes(currentDay)) {\n return {\n violation: {\n type: 'time_window',\n message: `Current day (${this.getDayName(currentDay)}) is not in allowed days`,\n details: {\n currentDay,\n allowedDays: timeWindow.daysOfWeek,\n allowedDayNames: timeWindow.daysOfWeek.map(d => this.getDayName(d))\n }\n }\n }\n }\n }\n\n // 時間帯チェック\n if (timeWindow.start && timeWindow.end) {\n const currentTimeStr = this.getTimeInTimezone(currentTime, timezone)\n\n // 通常の時間帯(例: 09:00-17:00)\n if (timeWindow.start <= timeWindow.end) {\n if (currentTimeStr < timeWindow.start || currentTimeStr > timeWindow.end) {\n return {\n violation: {\n type: 'time_window',\n message: `Current time (${currentTimeStr}) is outside allowed window (${timeWindow.start}-${timeWindow.end})`,\n details: { currentTime: currentTimeStr, start: timeWindow.start, end: timeWindow.end, timezone }\n }\n }\n }\n } else {\n // 日をまたぐ時間帯(例: 22:00-06:00)\n if (currentTimeStr < timeWindow.start && currentTimeStr > timeWindow.end) {\n return {\n violation: {\n type: 'time_window',\n message: `Current time (${currentTimeStr}) is outside allowed window (${timeWindow.start}-${timeWindow.end})`,\n details: { currentTime: currentTimeStr, start: timeWindow.start, end: timeWindow.end, timezone }\n }\n }\n }\n }\n\n // 営業時間外間近の警告(終了1時間前)\n const endMinutes = this.timeToMinutes(timeWindow.end)\n const currentMinutes = this.timeToMinutes(currentTimeStr)\n const minutesUntilEnd = endMinutes - currentMinutes\n\n if (minutesUntilEnd > 0 && minutesUntilEnd <= 60) {\n return {\n warning: {\n type: 'unusual_time',\n message: `Only ${minutesUntilEnd} minutes remaining in allowed time window`,\n details: { minutesUntilEnd, windowEnd: timeWindow.end }\n }\n }\n }\n }\n\n return {}\n }\n\n /**\n * IPアドレスチェック\n */\n checkIpAllowlist(\n allowlist: string[],\n ipAddress: string\n ): { violation?: ConstraintViolation } {\n // ワイルドカードチェック\n if (allowlist.includes('*')) {\n return {}\n }\n\n // 完全一致チェック\n if (allowlist.includes(ipAddress)) {\n return {}\n }\n\n // CIDRマッチングチェック\n for (const entry of allowlist) {\n if (entry.includes('/')) {\n if (this.isIpInCidr(ipAddress, entry)) {\n return {}\n }\n }\n }\n\n return {\n violation: {\n type: 'ip_allowlist',\n message: `IP address ${ipAddress} is not in the allowlist`,\n details: { ipAddress, allowlist }\n }\n }\n }\n\n /**\n * リスクスコアチェック\n */\n checkRiskThreshold(\n threshold: number,\n currentScore: number\n ): { violation?: ConstraintViolation; warning?: ConstraintWarning } {\n if (currentScore > threshold) {\n return {\n violation: {\n type: 'risk_threshold',\n message: `Risk score ${currentScore} exceeds threshold ${threshold}`,\n details: { currentScore, threshold }\n }\n }\n }\n\n const warningThreshold = threshold * this.options.riskWarningRatio!\n if (currentScore > warningThreshold) {\n return {\n warning: {\n type: 'high_risk',\n message: `Risk score ${currentScore} is approaching threshold ${threshold}`,\n details: { currentScore, threshold, warningThreshold }\n }\n }\n }\n\n return {}\n }\n\n // ============================================================================\n // Helper Methods\n // ============================================================================\n\n private getDayOfWeekInTimezone(date: Date, timezone: string): number {\n try {\n const options: Intl.DateTimeFormatOptions = { weekday: 'short', timeZone: timezone }\n const dayStr = date.toLocaleDateString('en-US', options)\n const dayMap: Record<string, number> = { Sun: 0, Mon: 1, Tue: 2, Wed: 3, Thu: 4, Fri: 5, Sat: 6 }\n return dayMap[dayStr] ?? date.getDay()\n } catch {\n return date.getDay()\n }\n }\n\n private getTimeInTimezone(date: Date, timezone: string): string {\n try {\n const options: Intl.DateTimeFormatOptions = {\n hour: '2-digit',\n minute: '2-digit',\n hour12: false,\n timeZone: timezone\n }\n return date.toLocaleTimeString('en-US', options)\n } catch {\n return date.toISOString().slice(11, 16)\n }\n }\n\n private getDayName(day: number): string {\n const names = ['Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday']\n return names[day] || 'Unknown'\n }\n\n private timeToMinutes(time: string): number {\n const [hours, minutes] = time.split(':').map(Number)\n return hours * 60 + minutes\n }\n\n private isIpInCidr(ip: string, cidr: string): boolean {\n try {\n const [range, bits] = cidr.split('/')\n const mask = parseInt(bits, 10)\n\n const ipNum = this.ipToNumber(ip)\n const rangeNum = this.ipToNumber(range)\n const maskNum = ~(2 ** (32 - mask) - 1)\n\n return (ipNum & maskNum) === (rangeNum & maskNum)\n } catch {\n return false\n }\n }\n\n private ipToNumber(ip: string): number {\n const parts = ip.split('.').map(Number)\n return (parts[0] << 24) + (parts[1] << 16) + (parts[2] << 8) + parts[3]\n }\n}\n\n/**\n * デフォルトのConstraintEvaluatorインスタンス\n */\nexport const defaultConstraintEvaluator = new ConstraintEvaluator()\n\n/**\n * 簡易評価関数\n */\nexport function evaluateConstraints(\n constraints: GrantConstraints,\n context: EvaluationContext,\n currentInvocations: number,\n expiresAt?: Date\n): ConstraintEvaluationResult {\n return defaultConstraintEvaluator.evaluate(constraints, context, currentInvocations, expiresAt)\n}\n","// action-registry.ts\n// ------------------------------------------------------------\n// Action Registry 型定義 + Ajv バリデーション + ローダ\n// ------------------------------------------------------------\n\n/* ===== 1) 型定義 ===== */\n\n// RiskLevel is imported from types package to avoid duplicate exports\nimport { RiskLevel } from '@vess-id/ai-identity-types'\nexport type { RiskLevel }\nexport type Relation = 'viewer' | 'editor' | 'admin' | 'owner' | 'act_as'\n\n/** MVPの対象リソース(必要に応じて拡張) */\nexport type ResourceType = 'SlackChannel' | 'GitHubRepo' | 'DriveFile'\n\n/** JSON Schema を受け取るための型。Ajvで別途メタ検証します。 */\nexport type JsonSchema = Record<string, unknown>\n\nexport interface ActionMeta {\n action: string // e.g., \"slack:channel.post_message\"\n resource_type: ResourceType\n required_relations: Relation[] // OR解釈を想定(どれか1つ満たせばOK)\n required_scopes: string[] // プロバイダ生スコープ(例:chat:write, repo)\n capability?: string // 論理バンドル名\n input_schema?: JsonSchema // 入力JSONのSchema(任意)\n constraints?: Record<string, unknown> // rate_bucket, max_size_mb など任意\n effects?: string[] // 監査の説明用\n risk?: RiskLevel\n version: string // \"1.0.0\" など\n}\n\nexport interface CapabilityMeta {\n capability: string // e.g., \"slack.messaging.basic\"\n description?: string\n includes: string[] // アクション名の配列\n version: string\n}\n\nexport interface ActionRegistry {\n registry_version: string // 例: \"2025-09-28\"\n actions: ActionMeta[]\n capabilities?: CapabilityMeta[]\n}\n\n/* ===== 2) Ajv スキーマ ===== */\n\nimport Ajv, { DefinedError } from 'ajv'\nimport addFormats from 'ajv-formats'\n\n/** 型定義に対応するJSON Schema(input_schema自体は別メタ検証) */\nconst actionMetaSchema = {\n $id: 'https://vess.ai/schemas/action-meta.json',\n type: 'object',\n additionalProperties: false,\n required: ['action', 'resource_type', 'required_relations', 'required_scopes', 'version'],\n properties: {\n action: { type: 'string', minLength: 1 },\n resource_type: {\n type: 'string',\n enum: ['SlackChannel', 'GitHubRepo', 'DriveFile'],\n },\n required_relations: {\n type: 'array',\n minItems: 1,\n items: {\n type: 'string',\n enum: ['viewer', 'editor', 'admin', 'owner', 'act_as'],\n },\n },\n required_scopes: {\n type: 'array',\n minItems: 1,\n items: { type: 'string', minLength: 1 },\n },\n capability: { type: 'string' },\n input_schema: { type: 'object' }, // ← ここは後段で「JSON Schemaとして」別検証\n constraints: { type: 'object', additionalProperties: true },\n effects: {\n type: 'array',\n items: { type: 'string', minLength: 1 },\n },\n risk: { type: 'string', enum: ['low', 'medium', 'high'] },\n version: { type: 'string', minLength: 1 },\n },\n} as const\n\nconst capabilityMetaSchema = {\n $id: 'https://vess.ai/schemas/capability-meta.json',\n type: 'object',\n additionalProperties: false,\n required: ['capability', 'includes', 'version'],\n properties: {\n capability: { type: 'string', minLength: 1 },\n description: { type: 'string' },\n includes: {\n type: 'array',\n minItems: 1,\n items: { type: 'string', minLength: 1 },\n },\n version: { type: 'string', minLength: 1 },\n },\n} as const\n\nconst registrySchema = {\n $id: 'https://vess.ai/schemas/action-registry.json',\n type: 'object',\n additionalProperties: false,\n required: ['registry_version', 'actions'],\n properties: {\n registry_version: { type: 'string', minLength: 1 },\n actions: {\n type: 'array',\n minItems: 1,\n items: { $ref: 'https://vess.ai/schemas/action-meta.json' },\n },\n capabilities: {\n type: 'array',\n items: { $ref: 'https://vess.ai/schemas/capability-meta.json' },\n },\n },\n} as const\n\n/* ===== 3) バリデータ構築(input_schemaのメタ検証込み) ===== */\n\n/**\n * Ajv インスタンスを作成。\n * - 本体スキーマ(registry/actions/capabilities)を登録\n * - formats 追加\n * - $id付きで利用\n */\nexport function createAjv(): Ajv {\n const ajv = new Ajv({\n allErrors: true,\n strict: true,\n allowUnionTypes: true,\n // draft-2020-12 デフォルト。input_schema のメタ検証に使う。\n })\n addFormats(ajv)\n\n ajv.addSchema(actionMetaSchema)\n ajv.addSchema(capabilityMetaSchema)\n ajv.addSchema(registrySchema)\n\n return ajv\n}\n\n/**\n * Registry全体の構文検証 + 各Actionの input_schema を「JSON Schemaとして」検証。\n * @returns { ok, errors } 失敗時は diag を含む\n */\nexport function validateRegistryObject(registry: unknown): {\n ok: boolean\n errors?: string[]\n} {\n const ajv = createAjv()\n\n // 1) レジストリ本体の検証\n const validate = ajv.getSchema<ActionRegistry>('https://vess.ai/schemas/action-registry.json')\n if (!validate) {\n return { ok: false, errors: ['Ajv schema not loaded'] }\n }\n const valid = validate(registry)\n if (!valid) {\n return {\n ok: false,\n errors: validate.errors ? formatAjvErrors(validate.errors as DefinedError[]) : [],\n }\n }\n\n const typed = registry as ActionRegistry\n\n // 2) 各action.input_schema を JSON Schema としてメタ検証\n // Ajv は meta-schema を内部保持しているので、compileで検証可能。\n const schemaErrors: string[] = []\n for (const a of typed.actions) {\n if (a.input_schema) {\n try {\n // 個別スキーマとしてコンパイル(不正なら例外 or errors)\n const local = new Ajv({ strict: true, allErrors: true })\n addFormats(local)\n const compiled = local.compile(a.input_schema)\n // コンパイルは成功しても errors が残ることはない想定\n if (compiled.errors?.length) {\n schemaErrors.push(\n `[${a.action}] input_schema errors: ${formatAjvErrors(\n compiled.errors as DefinedError[]\n ).join('; ')}`\n )\n }\n } catch (e: any) {\n schemaErrors.push(`[${a.action}] input_schema invalid: ${e?.message ?? String(e)}`)\n }\n }\n }\n\n if (schemaErrors.length) {\n return { ok: false, errors: schemaErrors }\n }\n\n // 3) capabilities.includes が存在する action に一致するか軽く検証\n if (typed.capabilities?.length) {\n const actionsSet = new Set(typed.actions.map(x => x.action))\n for (const c of typed.capabilities) {\n for (const act of c.includes) {\n if (!actionsSet.has(act)) {\n schemaErrors.push(`[capability:${c.capability}] includes unknown action: ${act}`)\n }\n }\n }\n }\n\n if (schemaErrors.length) {\n return { ok: false, errors: schemaErrors }\n }\n\n return { ok: true }\n}\n\nfunction formatAjvErrors(errors?: DefinedError[] | null): string[] {\n if (!errors?.length) return []\n return errors.map(e => {\n const instancePath = e.instancePath || '/'\n const msg = e.message || 'invalid'\n const params = e.params && Object.keys(e.params).length ? ` (${JSON.stringify(e.params)})` : ''\n return `${instancePath}: ${msg}${params}`\n })\n}\n\n/* ===== 4) ロード関数(ファイル/オブジェクト) ===== */\n\nimport fs from 'node:fs/promises'\nimport path from 'node:path'\n\n/**\n * JSONファイルからAction Registryを読み込み、完全検証して返す。\n * @throws Error 検証エラー時は詳細メッセージ付きでthrow\n */\nexport async function loadActionRegistryFromFile(filePath: string): Promise<ActionRegistry> {\n const abs = path.resolve(filePath)\n const raw = await fs.readFile(abs, 'utf8')\n const json = JSON.parse(raw)\n\n const result = validateRegistryObject(json)\n if (!result.ok) {\n const errs = result.errors?.join('\\n - ') || ''\n throw new Error(`ActionRegistry validation failed:\\n - ${errs}`)\n }\n return json as ActionRegistry\n}\n\n/**\n * 既にパース済みのオブジェクトを検証して返す。\n * @throws Error 検証エラー時は詳細メッセージ付きでthrow\n */\nexport function loadActionRegistryFromObject(obj: unknown): ActionRegistry {\n const result = validateRegistryObject(obj)\n if (!result.ok) {\n const errs = result.errors?.join('\\n - ') || ''\n throw new Error(`ActionRegistry validation failed:\\n - ${errs}`)\n }\n return obj as ActionRegistry\n}\n\n/* ===== 5) ヘルパ ===== */\n\n/** アクション名→ActionMeta のルックアップを作成 */\nexport function indexActions(reg: ActionRegistry): Map<string, ActionMeta> {\n const map = new Map<string, ActionMeta>()\n for (const a of reg.actions) map.set(a.action, a)\n return map\n}\n\n/** Capability名→CapabilityMeta のルックアップを作成 */\nexport function indexCapabilities(reg: ActionRegistry): Map<string, CapabilityMeta> {\n const map = new Map<string, CapabilityMeta>()\n for (const c of reg.capabilities ?? []) map.set(c.capability, c)\n return map\n}\n\n/** 指定アクションの required_scopes を取得(無ければ空配列) */\nexport function getRequiredScopes(regIndex: Map<string, ActionMeta>, action: string): string[] {\n return regIndex.get(action)?.required_scopes ?? []\n}\n\n/** 指定アクションの required_relations(OR解釈)を取得(無ければ空配列) */\nexport function getRequiredRelations(\n regIndex: Map<string, ActionMeta>,\n action: string\n): Relation[] {\n return (regIndex.get(action)?.required_relations ?? []) as Relation[]\n}\n\n/* ===== 6) 使い方サンプル(コメント) =====\nimport { loadActionRegistryFromFile, indexActions, getRequiredScopes } from \"./action-registry\";\n\n(async () => {\n const reg = await loadActionRegistryFromFile(\"./action-registry.json\");\n const idx = indexActions(reg);\n\n const action = \"slack:channel.post_message\";\n console.log(\"required scopes:\", getRequiredScopes(idx, action));\n})();\n========================================================== */\n","// access-orchestrator.ts\n// ------------------------------------------------------------\n// VC発行時:要求アクションの解決・絞り込み\n// VP時 :権限判定(ReBAC→Delegation(VC)→ABAC→Scope/Cred)\n// ------------------------------------------------------------\n\nimport {\n ActionRegistry,\n ActionMeta,\n CapabilityMeta,\n Relation,\n ResourceType,\n indexActions,\n indexCapabilities,\n getRequiredRelations,\n getRequiredScopes,\n} from './action-registry'\n\n/* ========== 1) 依存インターフェース(差し替えポイント) ========== */\n\n/** ReBAC: 関係性チェック(SpiceDB/Zanzibar想定)。OR解釈で複数relationのいずれか成立でtrue */\nexport interface ReBACChecker {\n check(\n subjectDid: string, // User DID or Agent DID\n relations: Relation[], // [\"editor\",\"act_as\"] など\n resourceRef: ResourceRef // リソース参照\n ): Promise<boolean>\n}\n\n/** ABAC: 条件判定(Cerbos/OPA想定)。trueなら許可。 */\nexport interface ABACPolicyEngine {\n evaluate(input: AbacInput): Promise<AbacDecision>\n}\nexport interface AbacInput {\n principal: {\n id: string // DID(Agent/User)\n roles?: string[]\n claims?: Record<string, unknown> // VC由来クレームなど\n }\n resource: {\n kind: ResourceType\n id: string // プロバイダのリソースID\n attr?: Record<string, unknown>\n }\n action: string // 標準化アクション名\n context?: Record<string, unknown> // time/ip/riskなど\n}\nexport interface AbacDecision {\n allow: boolean\n ruleId?: string\n reason?: string\n}\n\n/** Credential選択:最小スコープを満たす外部トークンを取得(Bot/Installation/OAuth) */\nexport interface CredentialStore {\n pickMinimal(\n provider: Provider, // \"slack\" | \"github\" | \"google\"\n iaId: string, // IntegrationAccount ID\n requiredScopes: string[],\n subjectDid: string // 実行主体(Agent/User)\n ): Promise<CredentialRef | null>\n}\nexport type Provider = 'slack' | 'github' | 'google'\nexport interface CredentialRef {\n id: string\n provider: Provider\n scopes: string[]\n // DPoP/MTLSの鍵バインド対応していれば JWK Thumbprint等も\n}\n\n/** VP検証(SD-JWT/ISO 23220/mdoc/OID4VP):成功時にVCクレームを返す */\nexport interface VpVerifier {\n verifyAndExtractClaims(vpToken: string): Promise<VerifiedVcClaims>\n}\n/** 発行した Delegation VC に含めることを想定した最小構造 */\nexport interface VerifiedVcClaims {\n // 権限表明\n allowed_actions: string[] // 標準化アクション名\n resource_scope: ResourceScope[] // 対象スコープ(Workspace/Resource/IA 単位など)\n expires_at?: string // ISO日時\n actor?: string // on_behalf_of 等(任意)\n assurance_level?: number // ABACで使う\n // キー・バインド(DPoP等)\n cnf?: { jwk_thumbprint?: string }\n // 追加クレーム\n [k: string]: unknown\n}\n\n/* ========== 2) ドメイン補助型 ========== */\n\nexport interface ResourceRef {\n /** プロバイダ別のリソース識別子(例:Slack channel id, GitHub repo full_name, Drive file id) */\n id: string\n type: ResourceType\n /** 紐づくIntegrationAccountのID(どのSlackワークスペース/どのGitHub Orgか) */\n iaId: string\n /** 追加属性(機密度など) */\n attr?: Record<string, unknown>\n}\n\n/** VCに刻む「スコープ」表現の一例(最小定義) */\nexport type ResourceScope =\n | { kind: 'Workspace'; id: string }\n | { kind: 'IntegrationAccount'; id: string }\n | { kind: 'Resource'; type: ResourceType; id: string }\n\n/** 監査用の判定理由 */\nexport interface DecisionTrace {\n rebac?: { ok: boolean; relations: Relation[] }\n delegation?: {\n ok: boolean\n matched_action?: boolean\n in_scope?: boolean\n notExpired?: boolean\n }\n abac?: { ok: boolean; ruleId?: string; reason?: string }\n scope?: { ok: boolean; required: string[]; chosenCredentialId?: string }\n}\n\n/* ========== 3) アクション解決ユーティリティ ========== */\n\n/** Capability名やAction名(混在OK)から、実アクション配列に解決 */\nexport function resolveActionsFromSelection(\n registry: ActionRegistry,\n selection: string[] // [\"slack.messaging.basic\", \"gh:repo.create_issue\", ...]\n): string[] {\n const aIndex = indexActions(registry)\n const cIndex = indexCapabilities(registry)\n\n const out = new Set<string>()\n for (const item of selection) {\n if (aIndex.has(item)) {\n out.add(item)\n continue\n }\n const cap = cIndex.get(item)\n if (cap) {\n for (const act of cap.includes) out.add(act)\n continue\n }\n // 未知の名前はスキップ(ログには出してよい)\n }\n return [...out]\n}\n\n/* ========== 4) VC発行計画(発行前チェック & 絞り込み) ========== */\n\nexport interface PlanDelegationInput {\n registry: ActionRegistry\n issuerUserDid: string // 委任元(人間)のDID\n delegateAgentDid: string // 委任先(AI Agent)のDID\n /** ユーザーが UI 等で選んだアクション/ケイパビリティ */\n requested: string[] // action or capability\n /** この委任が及ぶスコープ(Workspace/IA/Resource) */\n resourceScope: ResourceScope[]\n /** 有効期限(ISO) */\n expiresAt?: string\n /** ABAC前提で要求する最小アシュアランス等(必要なら) */\n minAssuranceLevel?: number\n /** ABAC/Cerbos用のruntime context(時間帯/場所/リスク等) */\n context?: Record<string, unknown>\n /** Provider 推測のためのヒント(Credential選択時に使う) */\n providerByIa?: Record<string, Provider> // iaId -> provider\n /** 実行時に用いるReBAC/ABAC/Credentialのハンドラ */\n rebac: ReBACChecker\n abac: ABACPolicyEngine\n creds: CredentialStore\n}\n\nexport interface PlanDelegationResult {\n granted_actions: string[] // VCに刻める実アクション(最終)\n rejected_actions: string[] // 却下されたアクション(理由はtraceで)\n traceByAction: Record<string, DecisionTrace>\n}\n\n/**\n * VC発行前に、リクエストされたアクション群を\n * - Registryに存在\n * - ReBAC(委任元=issuerUserDid が十分な関係を持つ)\n * - ABACポリシー適合\n * - 必要スコープを満たすクレデンシャルが存在\n * の観点で絞り込み、発行して良いものだけ返す。\n */\nexport async function planDelegationForVC(\n input: PlanDelegationInput\n): Promise<PlanDelegationResult> {\n const {\n registry,\n issuerUserDid,\n requested,\n resourceScope,\n rebac,\n abac,\n creds,\n providerByIa = {},\n context,\n } = input\n\n // 1) capability展開 → 実アクションへ\n const requestedActions = resolveActionsFromSelection(registry, requested)\n const aIndex = indexActions(registry)\n\n const granted: string[] = []\n const rejected: string[] = []\n const traceByAction: Record<string, DecisionTrace> = {}\n\n // resourceScopeに Resource 単位が無い場合は、Workspace/IA スコープとして評価し、\n // VC自体は scope をそのまま入れる運用を想定。\n // ここでは「代表リソース」を特定できるケースを優先(Resource Scopeが与えられた場合)\n const resourceScopes = resourceScope.filter(s => s.kind === 'Resource') as {\n kind: 'Resource'\n id: string\n type: ResourceType\n }[]\n\n for (const action of requestedActions) {\n const meta = aIndex.get(action)\n const t: DecisionTrace = {}\n traceByAction[action] = t\n\n if (!meta) {\n rejected.push(action)\n continue\n }\n // 2) ReBACチェック(issuerがそもそも対象を委任できるか)\n // Resourceスコープが与えられていればそれで、無ければスキップ(Workspace/IAは発行時はOKとする運用可)\n if (resourceScopes.length) {\n let rebacOk = false\n for (const rs of resourceScopes) {\n const rels = getRequiredRelations(aIndex, action)\n const ok = await rebac.check(\n issuerUserDid,\n rels.length ? rels : ['owner', 'admin', 'editor', 'viewer'],\n {\n id: rs.id,\n type: rs.type,\n iaId: '', // 発行時点では空でもOK。持っているなら入れる。\n }\n )\n if (ok) {\n rebacOk = true\n break\n }\n }\n t.rebac = { ok: rebacOk, relations: getRequiredRelations(aIndex, action) }\n if (!rebacOk) {\n rejected.push(action)\n continue\n }\n }\n\n // 3) ABAC(発行時の基本ルール:高リスクは委任不可等)\n const abacDec = await abac.evaluate({\n principal: { id: issuerUserDid, roles: ['user'] },\n resource: {\n kind: resourceScopes[0]?.type ?? meta.resource_type,\n id: resourceScopes[0]?.id ?? 'SCOPE_ONLY',\n attr: {},\n },\n action,\n context,\n })\n t.abac = { ok: abacDec.allow, ruleId: abacDec.ruleId, reason: abacDec.reason }\n if (!abacDec.allow) {\n rejected.push(action)\n continue\n }\n\n // 4) Credential存在チェック(最低限:将来の実行で使える見込みか)\n // scope→provider解決は iaId→provider を使う。Resource scope が無ければスキップ可。\n let scopeOk = true\n const required = getRequiredScopes(aIndex, action)\n if (resourceScopes.length && required.length) {\n // どれかのResourceで必要スコープを満たすCredentialが取れればOK\n scopeOk = false\n for (const rs of resourceScopes) {\n const provider = inferProviderByResourceType(rs.type)\n const cred = await creds.pickMinimal(provider, '', required, issuerUserDid)\n if (cred) {\n scopeOk = true\n break\n }\n }\n }\n t.scope = { ok: scopeOk, required }\n if (!scopeOk) {\n rejected.push(action)\n continue\n }\n\n granted.push(action)\n }\n\n return { granted_actions: granted, rejected_actions: rejected, traceByAction }\n}\n\nfunction inferProviderByResourceType(rt: ResourceType): Provider {\n switch (rt) {\n case 'SlackChannel':\n return 'slack'\n case 'GitHubRepo':\n return 'github'\n case 'DriveFile':\n return 'google'\n }\n}\n\n/* ========== 5) 実行時判定(VP提示での許可/拒否) ========== */\n\nexport interface CheckPermissionInput {\n registry: ActionRegistry\n actorDid: string // 実行主体(Agent DID推奨)\n onBehalfOfDid?: string // 人の代理で実行する場合に\n action: string // 標準化アクション\n resource: ResourceRef // 対象リソース\n vpToken: string // 委任VCのVP(SD-JWT/mdoc/OID4VP)\n context?: Record<string, unknown> // ABAC用(時間/場所/リスク等)\n rebac: ReBACChecker\n abac: ABACPolicyEngine\n creds: CredentialStore\n vpVerifier: VpVerifier\n}\n\nexport interface CheckPermissionResult {\n allow: boolean\n reason?: string\n trace: DecisionTrace\n credential?: CredentialRef | null\n}\n\n/**\n * 実行直前のフル判定。\n * 1) ReBAC: actor がresourceに対する 基本関係/act_as を満たすか\n * 2) Delegation(VC): actionがallowedか / resourceがscope内か / 期限内か\n * 3) ABAC: コンテキストやassurance levelに適合するか\n * 4) Scope/Credential: 必要スコープを満たすクレデンシャルが取得できるか\n */\nexport async function checkPermissionWithVP(\n input: CheckPermissionInput\n): Promise<CheckPermissionResult> {\n const { registry, actorDid, action, resource, vpToken, context, rebac, abac, creds, vpVerifier } =\n input\n\n const aIndex = indexActions(registry)\n const meta = aIndex.get(action)\n if (!meta) {\n return { allow: false, reason: 'unknown_action', trace: {} }\n }\n\n const trace: DecisionTrace = {}\n\n // 1) ReBAC\n const rels = getRequiredRelations(aIndex, action)\n const rebacOk = await rebac.check(actorDid, rels.length ? rels : ['viewer'], resource)\n trace.rebac = { ok: rebacOk, relations: rels }\n if (!rebacOk) {\n return { allow: false, reason: 'rebac_denied', trace }\n }\n\n // 2) Delegation(VC/VP)\n const vc = await vpVerifier.verifyAndExtractClaims(vpToken)\n let matchedAction = vc.allowed_actions?.includes(action) ?? false\n // resource scope 判定:VCがWorkspace/IAスコープのみなら、ここではresource.idが含まれるか/包含関係を評価\n let inScope = isResourceInScopes(resource, vc.resource_scope || [])\n // 期限\n const notExpired = !vc.expires_at || new Date(vc.expires_at).getTime() > Date.now()\n\n trace.delegation = {\n ok: matchedAction && inScope && notExpired,\n matched_action: matchedAction,\n in_scope: inScope,\n notExpired,\n }\n if (!trace.delegation.ok) {\n return { allow: false, reason: 'delegation_denied', trace }\n }\n\n // 3) ABAC\n const abacDec = await abac.evaluate({\n principal: {\n id: actorDid,\n roles: ['agent'],\n claims: {\n assurance_level: vc.assurance_level,\n actor: vc.actor,\n },\n },\n resource: {\n kind: resource.type,\n id: resource.id,\n attr: resource.attr || {},\n },\n action,\n context,\n })\n trace.abac = { ok: abacDec.allow, ruleId: abacDec.ruleId, reason: abacDec.reason }\n if (!abacDec.allow) {\n return { allow: false, reason: 'abac_denied', trace }\n }\n\n // 4) 必要スコープを満たすCredential選択\n const provider = inferProviderByResourceType(resource.type)\n const requiredScopes = getRequiredScopes(aIndex, action)\n const cred = await creds.pickMinimal(provider, resource.iaId, requiredScopes, actorDid)\n trace.scope = {\n ok: !!cred,\n required: requiredScopes,\n chosenCredentialId: cred?.id,\n }\n if (!cred) {\n return { allow: false, reason: 'insufficient_scopes', trace, credential: null }\n }\n\n return { allow: true, trace, credential: cred }\n}\n\n/* ========== 6) ヘルパ(スコープ包含) ========== */\n\nfunction isResourceInScopes(resource: ResourceRef, scopes: ResourceScope[]): boolean {\n for (const s of scopes) {\n if (s.kind === 'Resource') {\n if (s.type === resource.type && s.id === resource.id) return true\n } else if (s.kind === 'IntegrationAccount') {\n if (s.id === resource.iaId) return true\n } else if (s.kind === 'Workspace') {\n // Workspace→IA/Resourceの包含をここで判定したければ、マッピングを注入して判定する\n // MVPではWorkspace指定は包括OKとみなす場合は true を返す等、運用方針に合わせて調整\n return true\n }\n }\n return false\n}\n\n/* ========== 7) 例:スタブ実装(MVPテスト用) ========== */\n\n// 開発中の簡易スタブ(本番は各システムに差し替え)\nexport class AllowAllAbac implements ABACPolicyEngine {\n async evaluate(): Promise<AbacDecision> {\n return { allow: true, ruleId: 'allow_all' }\n }\n}\nexport class SimpleRebac implements ReBACChecker {\n constructor(\n private allowRelations: Relation[] = ['viewer', 'editor', 'admin', 'owner', 'act_as']\n ) {}\n async check(_sub: string, relations: Relation[]): Promise<boolean> {\n return relations.some(r => this.allowRelations.includes(r))\n }\n}\nexport class DummyCreds implements CredentialStore {\n async pickMinimal(\n provider: Provider,\n _iaId: string,\n requiredScopes: string[]\n ): Promise<CredentialRef | null> {\n // デモ:githubの'merge'などで'repo'が要れば1個返す、など最小限\n if (!requiredScopes.length) return { id: `${provider}-none`, provider, scopes: [] }\n return { id: `${provider}-demo`, provider, scopes: requiredScopes }\n }\n}\nexport class DummyVpVerifier implements VpVerifier {\n constructor(private vc: VerifiedVcClaims) {}\n async verifyAndExtractClaims(): Promise<VerifiedVcClaims> {\n return this.vc // テスト用:引数無視\n }\n}\n\n/* ========== 8) 使い方(サンプル) ========== */\n/*\n // 1) VC発行計画\n const plan = await planDelegationForVC({\n registry,\n issuerUserDid: \"did:user:alice\",\n delegateAgentDid: \"did:agent:bot1\",\n requested: [\"slack.messaging.basic\", \"gh:repo.merge_pr\"],\n resourceScope: [\n { kind: \"IntegrationAccount\", id: \"slack-ia-1\" },\n { kind: \"Resource\", type: \"GitHubRepo\", id: \"vess/awesome\" },\n ],\n rebac: new SimpleRebac([\"owner\", \"admin\", \"editor\"]), // 例えば発行は editor 以上のみ許可\n abac: new AllowAllAbac(),\n creds: new DummyCreds(),\n });\n console.log(plan);\n \n // 2) 実行時判定(VP提示)\n const vpVerifier = new DummyVpVerifier({\n allowed_actions: [\"slack:channel.post_message\", \"gh:repo.create_issue\"],\n resource_scope: [\n { kind: \"IntegrationAccount\", id: \"slack-ia-1\" },\n { kind: \"Resource\", type: \"GitHubRepo\", id: \"vess/awesome\" },\n ],\n expires_at: \"2099-12-31T00:00:00Z\",\n assurance_level: 2,\n });\n const res = await checkPermissionWithVP({\n registry,\n actorDid: \"did:agent:bot1\",\n action: \"slack:channel.post_message\",\n resource: { id: \"C123\", type: \"SlackChannel\", iaId: \"slack-ia-1\" },\n vpToken: \"ignored-in-dummy\",\n rebac: new SimpleRebac([\"viewer\", \"editor\", \"act_as\"]),\n abac: new AllowAllAbac(),\n creds: new DummyCreds(),\n vpVerifier,\n });\n console.log(res);\n */\n\n// 適用ポイント(MVPコードへの組み込み)\n// VC発行画面/エンドポイント\n// ユーザーが選んだ capability / action と scope を planDelegationForVC に渡す\n// granted_actions を VC の allowed_actions に、resource_scope と expires_at をそのままVCに含めて発行\n// traceByAction を UI の「なぜ発行不可か」ツールチップにそのまま表示可能\n// 実行ミドルウェア(各 Provider Adapter の前段)\n// リクエストを受けたら checkPermissionWithVP を実行\n// allow=true なら返ってきた credential を使って外部APIを実行\n// trace は監査ログに保存(ReBAC/Delegation/ABAC/Scopeの根拠が揃う)\n// 実装を差し替えるだけ\n// ReBACChecker → SpiceDBの CheckPermission をラップ\n// ABACPolicyEngine → Cerbos/OPAクライアントをラップ\n// CredentialStore → 自前のトークン保管庫\n// VpVerifier → 既存VP検証(SD-JWT/ISO 23220/mdoc/OID4VP)に接続\n","export const ACTION_REGISTRY = {\n registry_version: '2025-09-28',\n actions: [\n {\n action: 'slack:channel.post_message',\n resource_type: 'SlackChannel',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['chat:write'],\n capability: 'slack.messaging.basic',\n input_schema: {\n type: 'object',\n properties: {\n text: { type: 'string', minLength: 1, maxLength: 40000 },\n thread_ts: { type: 'string' },\n attachments: { type: 'array' },\n },\n required: ['text'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'slack.post' },\n effects: ['Create:Message'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'slack:channel.read',\n resource_type: 'SlackChannel',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['channels:history', 'groups:history', 'im:history', 'mpim:history'],\n capability: 'slack.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n latest: { type: 'string' },\n oldest: { type: 'string' },\n limit: { type: 'integer', minimum: 1, maximum: 1000 },\n },\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'slack.read' },\n effects: ['Read:Message'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'slack:channel.add_reaction',\n resource_type: 'SlackChannel',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['reactions:write', 'chat:write'],\n capability: 'slack.messaging.enhanced',\n input_schema: {\n type: 'object',\n properties: {\n name: { type: 'string', minLength: 1 },\n timestamp: { type: 'string' },\n },\n required: ['name', 'timestamp'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'slack.post' },\n effects: ['Update:MessageReaction'],\n risk: 'low',\n version: '1.0.0',\n },\n\n {\n action: 'gh:repo.read',\n resource_type: 'GitHubRepo',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['repo', 'public_repo'],\n capability: 'gh.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n path: { type: 'string' },\n ref: { type: 'string' },\n },\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'github.read' },\n effects: ['Read:Repo'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'gh:repo.create_issue',\n resource_type: 'GitHubRepo',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['repo'],\n capability: 'gh.issues.triage',\n input_schema: {\n type: 'object',\n properties: {\n title: { type: 'string', minLength: 1 },\n body: { type: 'string' },\n labels: { type: 'array', items: { type: 'string' } },\n assignees: { type: 'array', items: { type: 'string' } },\n },\n required: ['title'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'github.write' },\n effects: ['Create:Issue'],\n risk: 'medium',\n version: '1.0.0',\n },\n {\n action: 'gh:repo.comment',\n resource_type: 'GitHubRepo',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['repo'],\n capability: 'gh.issues.triage',\n input_schema: {\n type: 'object',\n properties: {\n issue_number: { type: 'integer', minimum: 1 },\n body: { type: 'string', minLength: 1 },\n },\n required: ['issue_number', 'body'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'github.write' },\n effects: ['Create:IssueComment'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'gh:repo.create_pr',\n resource_type: 'GitHubRepo',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['repo'],\n capability: 'gh.code.collab',\n input_schema: {\n type: 'object',\n properties: {\n title: { type: 'string', minLength: 1 },\n head: { type: 'string', minLength: 1 },\n base: { type: 'string', minLength: 1 },\n body: { type: 'string' },\n draft: { type: 'boolean' },\n },\n required: ['title', 'head', 'base'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'github.write' },\n effects: ['Create:PullRequest'],\n risk: 'medium',\n version: '1.0.0',\n },\n {\n action: 'gh:repo.merge_pr',\n resource_type: 'GitHubRepo',\n required_relations: ['admin', 'owner'],\n required_scopes: ['repo'],\n capability: 'gh.code.maintain',\n input_schema: {\n type: 'object',\n properties: {\n pr_number: { type: 'integer', minimum: 1 },\n merge_method: { type: 'string', enum: ['merge', 'squash', 'rebase'] },\n },\n required: ['pr_number'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'github.write', requires_reviews_passed: true },\n effects: ['Update:PullRequestMerge'],\n risk: 'high',\n version: '1.0.0',\n },\n\n {\n action: 'google:drive.file.read',\n resource_type: 'DriveFile',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['https://www.googleapis.com/auth/drive.readonly'],\n capability: 'gdrive.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n fields: { type: 'string' },\n },\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'gdrive.read' },\n effects: ['Read:FileContent'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'google:drive.file.write',\n resource_type: 'DriveFile',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['https://www.googleapis.com/auth/drive.file'],\n capability: 'gdrive.write.basic',\n input_schema: {\n type: 'object',\n properties: {\n mimeType: { type: 'string' },\n content_base64: { type: 'string' },\n },\n required: ['content_base64'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'gdrive.write', max_size_mb: 50 },\n effects: ['Update:FileContent'],\n risk: 'medium',\n version: '1.0.0',\n },\n {\n action: 'google:drive.file.create',\n resource_type: 'DriveFile',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['https://www.googleapis.com/auth/drive.file'],\n capability: 'gdrive.write.basic',\n input_schema: {\n type: 'object',\n properties: {\n name: { type: 'string', minLength: 1 },\n mimeType: { type: 'string' },\n parent_folder_id: { type: 'string' },\n content_base64: { type: 'string' },\n },\n required: ['name'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'gdrive.write', max_size_mb: 50 },\n effects: ['Create:File'],\n risk: 'medium',\n version: '1.0.0',\n },\n {\n action: 'google:drive.file.list_in_folder',\n resource_type: 'DriveFile',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['https://www.googleapis.com/auth/drive.readonly'],\n capability: 'gdrive.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n folder_id: { type: 'string' },\n q: { type: 'string' },\n page_size: { type: 'integer', minimum: 1, maximum: 1000 },\n },\n required: ['folder_id'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'gdrive.read' },\n effects: ['Read:FileList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:issue.search',\n resource_type: 'JiraIssue',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work', 'read:jira-user'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n jql: { type: 'string', minLength: 1 },\n maxResults: { type: 'integer', minimum: 1, maximum: 100 },\n startAt: { type: 'integer', minimum: 0 },\n },\n required: ['jql'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:IssueList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:issue.get',\n resource_type: 'JiraIssue',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n issueIdOrKey: { type: 'string', minLength: 1 },\n },\n required: ['issueIdOrKey'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:Issue'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:project.list',\n resource_type: 'JiraProject',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n recent: { type: 'number' },\n },\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:ProjectList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:board.list',\n resource_type: 'JiraBoard',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n projectKeyOrId: { type: 'string' },\n type: { type: 'string' },\n },\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:BoardList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:sprint.list',\n resource_type: 'JiraSprint',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n boardId: { type: 'number', minimum: 1 },\n state: { type: 'string' },\n },\n required: ['boardId'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:SprintList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:sprint.get_issues',\n resource_type: 'JiraSprint',\n required_relations: ['viewer', 'editor', 'admin', 'owner'],\n required_scopes: ['read:jira-work'],\n capability: 'jira.read.basic',\n input_schema: {\n type: 'object',\n properties: {\n sprintId: { type: 'number', minimum: 1 },\n maxResults: { type: 'number', minimum: 1, maximum: 100 },\n },\n required: ['sprintId'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.read' },\n effects: ['Read:IssueList'],\n risk: 'low',\n version: '1.0.0',\n },\n {\n action: 'jira:issue.create',\n resource_type: 'JiraIssue',\n required_relations: ['editor', 'act_as'],\n required_scopes: ['write:jira-work'],\n capability: 'jira.write.basic',\n input_schema: {\n type: 'object',\n properties: {\n projectKey: { type: 'string', minLength: 1 },\n summary: { type: 'string', minLength: 1 },\n description: { type: 'string' },\n issueType: { type: 'string', minLength: 1 },\n priority: { type: 'string' },\n assignee: { type: 'string' },\n },\n required: ['projectKey', 'summary', 'issueType'],\n additionalProperties: false,\n },\n constraints: { rate_bucket: 'jira.write' },\n effects: ['Create:Issue'],\n risk: 'medium',\n version: '1.0.0',\n },\n ],\n capabilities: [\n {\n capability: 'slack.messaging.basic',\n description: 'Post and read messages in channels',\n includes: ['slack:channel.post_message', 'slack:channel.read'],\n version: '1.0.0',\n },\n {\n capability: 'slack.messaging.enhanced',\n description: 'Reactions and advanced messaging',\n includes: ['slack:channel.add_reaction'],\n version: '1.0.0',\n },\n {\n capability: 'gh.read.basic',\n description: 'Read repository content and metadata',\n includes: ['gh:repo.read'],\n version: '1.0.0',\n },\n {\n capability: 'gh.issues.triage',\n description: 'Create and comment on issues',\n includes: ['gh:repo.create_issue', 'gh:repo.comment'],\n version: '1.0.0',\n },\n {\n capability: 'gh.code.collab',\n description: 'Open pull requests for collaboration',\n includes: ['gh:repo.create_pr'],\n version: '1.0.0',\n },\n {\n capability: 'gh.code.maintain',\n description: 'Merge pull requests (high risk)',\n includes: ['gh:repo.merge_pr'],\n version: '1.0.0',\n },\n {\n capability: 'gdrive.read.basic',\n description: 'Read Drive files and listings',\n includes: ['google:drive.file.read', 'google:drive.file.list_in_folder'],\n version: '1.0.0',\n },\n {\n capability: 'gdrive.write.basic',\n description: 'Create and update Drive files',\n includes: ['google:drive.file.write', 'google:drive.file.create'],\n version: '1.0.0',\n },\n {\n capability: 'jira.read.basic',\n description: 'Read Jira issues, projects, boards, and sprints',\n includes: ['jira:issue.search', 'jira:issue.get', 'jira:project.list', 'jira:board.list', 'jira:sprint.list', 'jira:sprint.get_issues'],\n version: '1.0.0',\n },\n {\n capability: 'jira.write.basic',\n description: 'Create Jira issues',\n includes: ['jira:issue.create'],\n version: '1.0.0',\n },\n ],\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACwBA,IAAI,eAAgC,CAAC;AAE9B,SAAS,UAAU,QAA+B;AACvD,iBAAe,EAAE,GAAG,cAAc,GAAG,OAAO;AAC9C;AAEO,SAAS,YAA6B;AAC3C,SAAO;AACT;AAEO,SAAS,aAAaA,OAAsB;AACjD,QAAM,UAAU,aAAa,QAAQ,WAAW,QAAQ,IAAI;AAC5D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACnD;AACA,SAAO,GAAG,OAAO,GAAGA,KAAI;AAC1B;AAEO,SAAS,gBAAgBA,OAAsB;AACpD,QAAM,UAAU,aAAa,WAAW,WAAW,QAAQ,IAAI;AAC/D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACtD;AACA,SAAO,GAAG,OAAO,GAAGA,KAAI;AAC1B;AAEO,SAAS,kBAAkBA,OAAsB;AACtD,QAAM,UAAU,aAAa,aAAa,WAAW,QAAQ,IAAI;AACjE,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AACA,SAAO,GAAG,OAAO,GAAGA,KAAI;AAC1B;AAEO,SAAS,cAAc,SAA6C;AACzE,QAAM,UAAe;AAAA,IACnB,gBAAgB;AAAA,EAClB;AAEA,MAAI;AACJ,MAAI;AAEJ,UAAQ,SAAS;AAAA,IACf,KAAK;AACH,eAAS,aAAa,QAAQ,UAAU,QAAQ,IAAI;AACpD,oBAAc,aAAa,QAAQ;AACnC;AAAA,IACF,KAAK;AACH,eAAS,aAAa,WAAW,UAAU,QAAQ,IAAI;AACvD,oBAAc,aAAa,WAAW;AACtC;AAAA,IACF,KAAK;AACH,eAAS,aAAa,aAAa,UAAU,QAAQ,IAAI;AACzD,oBAAc,aAAa,aAAa;AACxC;AAAA,EACJ;AAEA,MAAI,QAAQ;AACV,YAAQ,WAAW,IAAI;AAAA,EACzB;AACA,MAAI,aAAa;AACf,YAAQ,eAAe,IAAI,UAAU,WAAW;AAAA,EAClD;AAEA,SAAO;AACT;;;ACzFA,aAAwB;;;ACAxB,SAAoB;AACpB,WAAsB;AACtB,SAAoB;AAMb,IAAM,uBAAN,MAAyD;AAAA,EACtD;AAAA,EAER,YAAY,QAA2B;AACrC,SAAK,eAAe,QAAQ,SAAS,QAAa,UAAQ,WAAQ,GAAG,SAAS,MAAM;AAAA,EACtF;AAAA,EAEA,MAAM,MAAM,IAAY,cAAqC;AAC3D,UAAM,KAAK,qBAAqB;AAChC,UAAM,UAAU,KAAK,WAAW,EAAE;AAClC,UAAS,aAAU,SAAS,cAAc,OAAO;AAAA,EACnD;AAAA,EAEA,MAAM,SAAS,IAAoC;AACjD,UAAM,UAAU,KAAK,WAAW,EAAE;AAElC,QAAI;AACF,aAAO,MAAS,YAAS,SAAS,OAAO;AAAA,IAC3C,SAAS,OAAO;AACd,UAAK,MAAc,SAAS,UAAU;AACpC,eAAO;AAAA,MACT;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,OAAO,IAA2B;AACtC,UAAM,UAAU,KAAK,WAAW,EAAE;AAElC,QAAI;AACF,YAAS,UAAO,OAAO;AAAA,IACzB,SAAS,OAAO;AACd,UAAK,MAAc,SAAS,UAAU;AACpC,cAAM;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,OAA0B;AAC9B,UAAM,KAAK,qBAAqB;AAEhC,UAAM,QAAQ,MAAS,WAAQ,KAAK,YAAY;AAChD,WAAO,MACJ,OAAO,OAAK,EAAE,SAAS,MAAM,CAAC,EAC9B,IAAI,OAAK,EAAE,QAAQ,QAAQ,EAAE,CAAC;AAAA,EACnC;AAAA,EAEA,MAAM,cAAgC;AACpC,QAAI;AACF,YAAM,KAAK,qBAAqB;AAChC,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,uBAAsC;AAClD,QAAI;AACF,YAAS,UAAO,KAAK,YAAY;AAAA,IACnC,QAAQ;AACN,YAAS,SAAM,KAAK,cAAc,EAAE,WAAW,KAAK,CAAC;AAAA,IACvD;AAAA,EACF;AAAA,EAEQ,WAAW,IAAoB;AACrC,WAAY,UAAK,KAAK,cAAc,GAAG,EAAE,MAAM;AAAA,EACjD;AACF;;;ACtEO,IAAM,mBAAN,MAAqD;AAAA,EAClD,OAA4B,oBAAI,IAAI;AAAA,EAE5C,MAAM,MAAM,IAAY,cAAqC;AAC3D,SAAK,KAAK,IAAI,IAAI,YAAY;AAAA,EAChC;AAAA,EAEA,MAAM,SAAS,IAAoC;AACjD,WAAO,KAAK,KAAK,IAAI,EAAE,KAAK;AAAA,EAC9B;AAAA,EAEA,MAAM,OAAO,IAA2B;AACtC,SAAK,KAAK,OAAO,EAAE;AAAA,EACrB;AAAA,EAEA,MAAM,OAA0B;AAC9B,WAAO,MAAM,KAAK,KAAK,KAAK,KAAK,CAAC;AAAA,EACpC;AAAA,EAEA,MAAM,cAAgC;AACpC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,QAAc;AACZ,SAAK,KAAK,MAAM;AAAA,EAClB;AACF;;;AF9BO,IAAM,aAAN,MAAiB;AAAA,EACd;AAAA,EACA;AAAA,EAER,YAAY,UAAmB,iBAAsC;AACnE,QAAI,UAAU;AAEZ,WAAK,gBAAuB,kBAAW,UAAU,kBAAkB,EAAE;AAAA,IACvE;AAGA,SAAK,kBAAkB,mBAAmB,KAAK,6BAA6B;AAAA,EAC9E;AAAA,EAEQ,+BAAmD;AACzD,UAAM,SAAS,UAAU;AACzB,WAAO,IAAI,qBAAqB;AAAA,MAC9B,MAAM;AAAA,MACN,SAAS;AAAA,QACP,MAAM,OAAO,SAAS;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,SAAS,KAAa,YAAgC;AAC1D,UAAM,UAAU,KAAK,UAAU,UAAU;AACzC,UAAM,YAAY,KAAK,QAAQ,OAAO;AAGtC,UAAM,KAAK,gBAAgB,MAAM,KAAK,SAAS;AAAA,EACjD;AAAA,EAEA,MAAM,OAAO,KAAkC;AAE7C,UAAM,YAAY,MAAM,KAAK,gBAAgB,SAAS,GAAG;AAEzD,QAAI,CAAC,WAAW;AACd,aAAO;AAAA,IACT;AAEA,UAAM,YAAY,KAAK,QAAQ,SAAS;AACxC,WAAO,KAAK,MAAM,SAAS;AAAA,EAC7B;AAAA,EAEA,MAAM,UAAU,KAA4B;AAE1C,UAAM,KAAK,gBAAgB,OAAO,GAAG;AAAA,EACvC;AAAA,EAEA,MAAM,WAA8B;AAClC,UAAM,SAAS,MAAM,KAAK,gBAAgB,KAAK;AAC/C,WAAO,OAAO,IAAI,WAAS,KAAK,aAAa,KAAK,CAAC;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAgC;AACpC,WAAO,KAAK,gBAAgB,YAAY;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA,EAOQ,aAAa,OAAuB;AAI1C,WAAO;AAAA,EACT;AAAA,EAEQ,QAAQ,MAAsB;AACpC,QAAI,CAAC,KAAK,eAAe;AAEvB,aAAO,OAAO,KAAK,IAAI,EAAE,SAAS,QAAQ;AAAA,IAC5C;AAEA,UAAM,KAAY,mBAAY,EAAE;AAChC,UAAM,SAAgB,sBAAe,eAAe,KAAK,eAAe,EAAE;AAE1E,QAAI,YAAY,OAAO,OAAO,MAAM,QAAQ,QAAQ;AACpD,iBAAa,OAAO,MAAM,QAAQ;AAElC,UAAM,UAAU,OAAO,WAAW;AAGlC,UAAM,WAAW,OAAO,OAAO,CAAC,IAAI,SAAS,OAAO,KAAK,WAAW,QAAQ,CAAC,CAAC;AAE9E,WAAO,SAAS,SAAS,QAAQ;AAAA,EACnC;AAAA,EAEQ,QAAQ,WAA2B;AACzC,QAAI,CAAC,KAAK,eAAe;AAEvB,aAAO,OAAO,KAAK,WAAW,QAAQ,EAAE,SAAS,OAAO;AAAA,IAC1D;AAEA,UAAM,WAAW,OAAO,KAAK,WAAW,QAAQ;AAGhD,UAAM,KAAK,SAAS,SAAS,GAAG,EAAE;AAClC,UAAM,UAAU,SAAS,SAAS,IAAI,EAAE;AACxC,UAAM,gBAAgB,SAAS,SAAS,EAAE;AAE1C,UAAM,WAAkB,wBAAiB,eAAe,KAAK,eAAe,EAAE;AAC9E,aAAS,WAAW,OAAO;AAE3B,QAAI,YAAY,SAAS,OAAO,eAAe,QAAW,MAAM;AAChE,iBAAa,SAAS,MAAM,MAAM;AAElC,WAAO;AAAA,EACT;AACF;;;AGtHA,uBAAgC;AAChC,2BAA4C;;;ACD5C,WAAsB;AACtB,kBAA6B;AAC7B,yBAAuB;AAOvB,eAAsB,kBAAoC;AACxD,QAAM,UAAU,MAAM,0BAAO;AAAA,IAC3B;AAAA,MACE,MAAM;AAAA,MACN,YAAY;AAAA,IACd;AAAA,IACA;AAAA;AAAA,IACA,CAAC,QAAQ,QAAQ;AAAA,EACnB;AAGA,QAAM,YAAY,MAAM,0BAAO,UAAU,OAAO,QAAQ,SAAS;AACjE,QAAM,aAAa,MAAM,0BAAO,UAAU,OAAO,QAAQ,UAAU;AAGnE,QAAM,UAAM,YAAAC,IAAO;AAClB,EAAC,UAAkB,MAAM;AACzB,EAAC,WAAmB,MAAM;AAG1B,EAAC,UAAkB,MAAM;AACzB,EAAC,WAAmB,MAAM;AAE3B,SAAO;AAAA,IACL,WAAW;AAAA,IACX,YAAY;AAAA,EACd;AACF;AAEA,eAAsB,QACpB,SACA,YACA,SAQiB;AACjB,QAAM,MAAM,WAAW,OAAO;AAC9B,QAAM,MAAM,MAAW,eAAU,YAAY,GAAG;AAEhD,QAAM,MAAM,IAAS,aAAQ,OAAO,EACjC,mBAAmB,EAAE,KAAK,KAAK,WAAW,IAAI,CAAC,EAC/C,YAAY,EACZ,OAAO,SAAS,WAAO,YAAAA,IAAO,CAAC;AAElC,MAAI,SAAS,OAAQ,KAAI,UAAU,QAAQ,MAAM;AACjD,MAAI,SAAS,SAAU,KAAI,YAAY,QAAQ,QAAQ;AACvD,MAAI,SAAS,UAAW,KAAI,kBAAkB,QAAQ,SAAS;AAC/D,MAAI,SAAS,UAAW,KAAI,aAAa,QAAQ,SAAS;AAC1D,MAAI,SAAS,QAAS,KAAI,WAAW,QAAQ,OAAO;AAEpD,SAAO,MAAM,IAAI,KAAK,GAAG;AAC3B;AAEA,eAAsB,UACpB,KACA,WACA,SAI0B;AAC1B,QAAM,MAAM,UAAU,OAAO;AAC7B,QAAM,MAAM,MAAW,eAAU,WAAW,GAAG;AAE/C,QAAM,gBAAuC,CAAC;AAC9C,MAAI,SAAS,OAAQ,eAAc,SAAS,QAAQ;AACpD,MAAI,SAAS,SAAU,eAAc,WAAW,QAAQ;AAExD,QAAM,EAAE,QAAQ,IAAI,MAAW,eAAU,KAAK,KAAK,aAAa;AAChE,SAAO;AACT;AAEO,SAAS,gBAAwB;AACtC,aAAO,YAAAA,IAAO;AAChB;AAEA,eAAsB,UAAU,YAAiB;AAC/C,MAAI;AACF,UAAM,MAAM,MAAM,0BAAO;AAAA,MACvB;AAAA,MACA;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,YAAY;AAAA,MACd;AAAA,MACA;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AAEA,WAAO,OAAO,SAAiB;AAC7B,YAAM,UAAU,IAAI,YAAY;AAChC,YAAM,YAAY,MAAM,0BAAO;AAAA,QAC7B;AAAA,UACE,MAAM;AAAA,UACN,MAAM,EAAE,MAAM,UAAU;AAAA,QAC1B;AAAA,QACA;AAAA,QACA,QAAQ,OAAO,IAAI;AAAA,MACrB;AAEA,YAAM,SAAS,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC,EAClE,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,EAAE;AAEpB,aAAO;AAAA,IACT;AAAA,EACF,SAAS,OAAO;AACd,YAAQ,MAAM,uBAAuB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAC7F,YAAQ,MAAM,kBAAkB,YAAY,OAAO,SAAS;AAC5D,YAAQ,MAAM,aAAa,YAAY,OAAO,SAAS;AACvD,UAAM;AAAA,EACR;AACF;AAEA,eAAsB,YAAY,WAAgB;AAChD,QAAM,MAAM,MAAM,0BAAO;AAAA,IACvB;AAAA,IACA;AAAA,IACA;AAAA,MACE,MAAM;AAAA,MACN,YAAY;AAAA,IACd;AAAA,IACA;AAAA,IACA,CAAC,QAAQ;AAAA,EACX;AAEA,SAAO,OAAO,MAAc,uBAA+B;AACzD,UAAM,UAAU,IAAI,YAAY;AAChC,UAAM,YAAY,WAAW;AAAA,MAC3B,KAAK,mBAAmB,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,CAAC;AAAA,MAC7D,OAAK,EAAE,WAAW,CAAC;AAAA,IACrB;AAEA,UAAM,UAAU,MAAM,0BAAO;AAAA,MAC3B;AAAA,QACE,MAAM;AAAA,QACN,MAAM,EAAE,MAAM,UAAU;AAAA,MAC1B;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ,OAAO,IAAI;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;AD1JO,IAAM,cAAN,MAAkB;AAAA,EACvB,OAAe,YAA0C,oBAAI,IAAI;AAAA,EACjE,OAAe;AAAA,EACf,OAAe,cAAgC,oBAAI,IAAI;AAAA,EACvD,OAAe,gBAAkC,oBAAI,IAAI;AAAA,EAEjD,cAAc;AAAA,EAAC;AAAA;AAAA;AAAA;AAAA,EAKvB,OAAc,cAAc,YAAwB;AAClD,SAAK,aAAa;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,kBAAkB,WAA6C;AACjF,UAAM,WAAW,GAAG,SAAS;AAC7B,QAAI,CAAC,KAAK,UAAU,IAAI,QAAQ,GAAG;AACjC,YAAM,WAAW,MAAM,KAAK,eAAe,WAAW,QAAQ;AAC9D,WAAK,UAAU,IAAI,UAAU,QAAQ;AAAA,IACvC;AACA,WAAO,KAAK,UAAU,IAAI,QAAQ;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,kBAAkB,WAA6C;AACjF,UAAM,WAAW,GAAG,SAAS;AAC7B,QAAI,CAAC,KAAK,UAAU,IAAI,QAAQ,GAAG;AACjC,YAAM,WAAW,MAAM,KAAK,eAAe,WAAW,QAAQ;AAC9D,WAAK,UAAU,IAAI,UAAU,QAAQ;AAAA,IACvC;AACA,WAAO,KAAK,UAAU,IAAI,QAAQ;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,iBAClB,KACA,SAC0B;AAC1B,UAAM,OAAO,SAAS,QAAQ;AAC9B,WAAO,SAAS,WAAW,KAAK,kBAAkB,GAAG,IAAI,KAAK,kBAAkB,GAAG;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAqB,eACnB,KACA,MAC0B;AAC1B,QAAI,CAAC,KAAK,YAAY;AACpB,WAAK,aAAa,IAAI,WAAW;AAAA,IACnC;AAGA,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,GAAG;AAEnD,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,6BAA6B,IAAI,KAAK,GAAG,EAAE;AAAA,IAC7D;AAEA,QAAI;AAEF,YAAM,iBAAiB,UAAU,GAAG;AACpC,YAAM,mBAAmB,YAAY,GAAG;AAExC,UAAI,SAAS,KAAK,YAAY,IAAI,cAAc;AAChD,UAAI,WAAW,KAAK,cAAc,IAAI,gBAAgB;AAEtD,UAAI,CAAC,QAAQ;AACX,iBAAS,MAAM,UAAU,UAAU;AACnC,aAAK,YAAY,IAAI,gBAAgB,MAAM;AAAA,MAC7C;AAEA,UAAI,CAAC,UAAU;AAEb,cAAM,EAAE,GAAG,SAAS,GAAG,UAAU,IAAI;AACrC,cAAM,uBAAuB;AAAA,UAC3B,GAAG;AAAA,UACH,SAAS,CAAC,QAAQ;AAAA;AAAA,QACpB;AACA,mBAAW,MAAM,YAAY,oBAAoB;AACjD,aAAK,cAAc,IAAI,kBAAkB,QAAQ;AAAA,MACnD;AAGA,YAAM,SAAc;AAAA,QAClB;AAAA,QACA;AAAA,QACA,SAAS,2BAAM;AAAA,QACf,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,eAAe;AAAA,MACjB;AAGA,UAAI,SAAS,UAAU;AACrB,eAAO,WAAW;AAClB,eAAO,YAAY,2BAAM;AAAA,MAC3B;AAEA,aAAO,IAAI,iCAAgB,MAAM;AAAA,IACnC,SAAS,OAAO;AACd,cAAQ,MAAM,0CAAqC,KAAK;AACxD,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAc,sBACZ,QACA,yBAAmC,CAAC,GAChB;AACpB,UAAM,QAAa,CAAC;AAGpB,UAAM,4BAA4B,uBAAuB;AAAA,MAAO,WAC9D,OAAO,eAAe,KAAK;AAAA,IAC7B;AAGA,QAAI,0BAA0B,SAAS,GAAG;AACxC,YAAM,MAAM;AACZ,YAAM,YAAY,KAAK,IAAI,GAAG,KAAK,MAAM,0BAA0B,SAAS,GAAG,CAAC;AAAA,IAClF;AAGA,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,MAAM,GAAG;AACjD,UAAI,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK,GAAG;AAExE,cAAM,aAAa,OAAO,KAAK,KAAK;AACpC,cAAM,cAAc,KAAK;AAAA,UACvB;AAAA,UACA;AAAA;AAAA,QACF;AACA,cAAM,GAAG,IAAI;AAAA,MACf;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,WAClB,SACA,aACA,4BAAsC,CAAC,GACtB;AACjB,UAAM,YAAY,QAAQ,OAAO;AACjC,UAAM,gBAAgB,MAAM,KAAK,kBAAkB,SAAS;AAG5D,UAAM,YAAY;AAAA,MAChB,KAAK;AAAA;AAAA,MACL,GAAG;AAAA,IACL;AAGA,UAAM,kBAAkB,KAAK,sBAAsB,WAAW,yBAAyB;AAEvF,WAAO,MAAM,cAAc,MAAM,WAAkB,eAAe;AAAA,EACpE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,YAClB,YAC4D;AAC5D,QAAI;AAEF,YAAM,QAAQ,WAAW,MAAM,GAAG;AAClC,UAAI,MAAM,WAAW,GAAG;AACtB,eAAO,EAAE,OAAO,OAAO,OAAO,wBAAwB;AAAA,MACxD;AAEA,YAAM,MAAM,MAAM,CAAC;AACnB,YAAM,WAAW,IAAI,MAAM,GAAG;AAC9B,UAAI,SAAS,WAAW,GAAG;AACzB,eAAO,EAAE,OAAO,OAAO,OAAO,+BAA+B;AAAA,MAC/D;AAEA,YAAM,UAAU,KAAK,MAAM,OAAO,KAAK,SAAS,CAAC,GAAG,WAAW,EAAE,SAAS,CAAC;AAC3E,YAAM,YAAY,QAAQ;AAE1B,UAAI,CAAC,WAAW;AACd,eAAO,EAAE,OAAO,OAAO,OAAO,iCAAiC;AAAA,MACjE;AAEA,YAAM,gBAAgB,MAAM,KAAK,kBAAkB,SAAS;AAG5D,YAAM,qBAAqB,MAAM,cAAc,OAAO,UAAU;AAChE,YAAM,SAAS,MAAM,cAAc,UAAU,UAAU;AAEvD,aAAO;AAAA,QACL,OAAO;AAAA,QACP,SAAS;AAAA,UACP,GAAG,mBAAmB;AAAA,UACtB;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAY;AACnB,aAAO;AAAA,QACL,OAAO;AAAA,QACP,OAAO,MAAM;AAAA,MACf;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAoB,uBAAuB;AACzC,UAAM,EAAE,YAAY,UAAU,IAAI,MAAM,KAAK,gBAAgB;AAC7D,WAAO;AAAA,MACL,QAAQ,MAAM,UAAU,UAAU;AAAA,MAClC,UAAU,MAAM,YAAY,SAAS;AAAA,IACvC;AAAA,EACF;AAAA,EAEA,aAAoB,kBAAkB;AACpC,WAAO,MAAM,gBAAgB;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,OAAc,cAAoB;AAChC,SAAK,UAAU,MAAM;AACrB,SAAK,YAAY,MAAM;AACvB,SAAK,cAAc,MAAM;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,OAAc,iBAAiB,WAAyB;AACtD,SAAK,UAAU,OAAO,SAAS;AAC/B,SAAK,YAAY,OAAO,UAAU,SAAS,EAAE;AAC7C,SAAK,cAAc,OAAO,YAAY,SAAS,EAAE;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA,EAKA,OAAc,gBAIZ;AACA,WAAO;AAAA,MACL,eAAe,KAAK,UAAU;AAAA,MAC9B,aAAa,KAAK,YAAY;AAAA,MAC9B,eAAe,KAAK,cAAc;AAAA,IACpC;AAAA,EACF;AACF;;;AE3QO,IAAM,kBAAN,MAAsB;AAAA,EACnB;AAAA,EACA,cAAmC,oBAAI,IAAI;AAAA;AAAA,EAEnD,YAAY,YAAyB;AACnC,SAAK,aAAa,cAAc,IAAI,WAAW;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAkC;AAEvD,UAAM,UAAU,MAAM,YAAY,gBAAgB;AAGlD,UAAM,MAAM,KAAK,aAAa,QAAQ,SAAS;AAG/C,UAAM,KAAK,WAAW,SAAS,KAAK,QAAQ,UAAU;AAGtD,SAAK,YAAY,IAAI,SAAS,GAAG;AACjC,UAAM,KAAK,oBAAoB,SAAS,GAAG;AAE3C,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAkC;AAElD,QAAI,KAAK,YAAY,IAAI,OAAO,GAAG;AACjC,aAAO,KAAK,YAAY,IAAI,OAAO;AAAA,IACrC;AAGA,UAAM,MAAM,MAAM,KAAK,oBAAoB,OAAO;AAClD,QAAI,KAAK;AACP,WAAK,YAAY,IAAI,SAAS,GAAG;AACjC,aAAO;AAAA,IACT;AAEA,UAAM,IAAI,MAAM,2BAA2B,OAAO,EAAE;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAmC;AACnD,QAAI;AACF,YAAM,KAAK,YAAY,OAAO;AAC9B,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAA+B;AACnD,UAAM,MAAM,MAAM,KAAK,YAAY,OAAO;AAC1C,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,GAAG;AAEnD,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,oCAAoC,OAAO,EAAE;AAAA,IAC/D;AAEA,WAAO;AAAA,MACL;AAAA,MACA,WAAW,KAAK,iBAAiB,UAAU;AAAA,IAC7C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,SAAgC;AACnD,QAAI;AACF,YAAM,MAAM,MAAM,KAAK,YAAY,OAAO;AAG1C,YAAM,KAAK,WAAW,UAAU,GAAG;AAGnC,WAAK,YAAY,OAAO,OAAO;AAG/B,YAAM,KAAK,sBAAsB,OAAO;AAAA,IAC1C,SAAS,OAAO;AACd,YAAM,IAAI,MAAM,+BAA+B,KAAK,EAAE;AAAA,IACxD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAkE;AACtE,UAAMC,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,aAAaD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,YAAY;AAEhE,QAAI;AACF,YAAM,QAAQ,MAAMF,IAAG,QAAQ,UAAU;AACzC,YAAM,UAAmD,CAAC;AAE1D,iBAAW,QAAQ,OAAO;AACxB,YAAI,KAAK,SAAS,MAAM,GAAG;AACzB,gBAAM,UAAU,KAAK,QAAQ,QAAQ,EAAE;AACvC,cAAI;AACF,kBAAM,MAAM,MAAM,KAAK,YAAY,OAAO;AAC1C,oBAAQ,KAAK,EAAE,SAAS,IAAI,CAAC;AAAA,UAC/B,QAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,IACT,QAAQ;AACN,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAa,WAAwB;AAC3C,UAAM,YAAY;AAAA,MAChB,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAA,MACf,GAAG,UAAU;AAAA,MACb,GAAG,UAAU;AAAA,MACb,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAA,IACjB;AAEA,UAAM,UAAU,OAAO,KAAK,KAAK,UAAU,SAAS,CAAC,EAAE,SAAS,WAAW;AAC3E,WAAO,WAAW,OAAO;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAiB,YAAsB;AAC7C,UAAM,EAAE,GAAG,SAAS,GAAG,UAAU,IAAI;AACrC,WAAO;AAAA,MACL,GAAG;AAAA;AAAA,IAEL;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,oBAAoB,SAAiB,KAA4B;AAC7E,UAAMA,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,aAAaD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,YAAY;AAChE,UAAMF,IAAG,MAAM,YAAY,EAAE,WAAW,KAAK,CAAC;AAE9C,UAAM,cAAcC,MAAK,KAAK,YAAY,GAAG,OAAO,MAAM;AAC1D,UAAMD,IAAG,UAAU,aAAa,KAAK,OAAO;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,oBAAoB,SAAyC;AACzE,UAAMA,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,cAAcD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,cAAc,GAAG,OAAO,MAAM;AAEnF,QAAI;AACF,aAAO,MAAMF,IAAG,SAAS,aAAa,OAAO;AAAA,IAC/C,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,sBAAsB,SAAgC;AAClE,UAAMA,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,cAAcD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,cAAc,GAAG,OAAO,MAAM;AAEnF,QAAI;AACF,YAAMF,IAAG,OAAO,WAAW;AAAA,IAC7B,QAAQ;AAAA,IAER;AAAA,EACF;AACF;;;AC/MA,IAAAG,eAA6B;AAEtB,IAAM,eAAN,MAAmB;AAAA,EAChB;AAAA,EACA;AAAA,EAER,YAAY,YAAyB;AACnC,SAAK,aAAa,cAAc,IAAI,WAAW;AAC/C,SAAK,kBAAkB,IAAI,gBAAgB,KAAK,UAAU;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,UAAiE;AAE5E,UAAM,cAAU,aAAAC,IAAO;AAGvB,UAAM,WAAW,MAAM,KAAK,gBAAgB,iBAAiB,OAAO;AAGpE,UAAM,cAAc,KAAK,qBAAqB,QAAQ;AAGtD,UAAM,QAAgC;AAAA,MACpC,IAAI;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,MAClC;AAAA,IACF;AAGA,QAAI;AACF,YAAM,KAAK,YAAY,KAAK;AAAA,IAC9B,SAAS,OAAO;AACd,cAAQ,KAAK,oCAAoC,KAAK;AAAA,IAExD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAkC;AAClD,WAAO,MAAM,KAAK,gBAAgB,YAAY,OAAO;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAkD;AAC/D,UAAM,WAAW,MAAM,KAAK,gBAAgB,YAAY,OAAO;AAC/D,UAAM,cAAc,MAAM,KAAK,QAAQ,QAAQ;AAE/C,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA;AAAA,IACpC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAgC;AAChD,UAAM,KAAK,gBAAgB,eAAe,OAAO;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAQ,KAAmC;AAE/C,QAAI,IAAI,WAAW,UAAU,GAAG;AAC9B,aAAO,KAAK,qBAAqB,GAAG;AAAA,IACtC;AAGA,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,aAAa,eAAe,mBAAmB,GAAG,CAAC,EAAE,GAAG;AAAA,QACnF,SAAS,cAAc,KAAK;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,0BAA0B,SAAS,UAAU,EAAE;AAAA,MACjE;AAEA,YAAM,OAAQ,MAAM,SAAS,KAAK;AAClC,aAAO,KAAK;AAAA,IACd,SAAS,OAAO;AACd,YAAM,IAAI,MAAM,0BAA0B,KAAK,EAAE;AAAA,IACnD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,KAAyD;AACpE,UAAM,cAAc,MAAM,KAAK,QAAQ,GAAG;AAC1C,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,GAAG;AAEnD,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,kCAAkC,GAAG,EAAE;AAAA,IACzD;AAEA,UAAM,QAAe;AAAA,MACnB;AAAA,MACA;AAAA,MACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,IACpC;AAEA,WAAO,EAAE,OAAO,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,OAAc,YAAgC;AACzD,UAAM,KAAK,WAAW,SAAS,MAAM,KAAK,UAAU;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAA+C;AACnD,UAAM,YAAY,MAAM,KAAK,gBAAgB,cAAc;AAC3D,UAAM,SAAwC,CAAC;AAE/C,eAAW,EAAE,SAAS,IAAI,KAAK,WAAW;AACxC,UAAI;AACF,cAAM,cAAc,MAAM,KAAK,QAAQ,GAAG;AAC1C,eAAO,KAAK;AAAA,UACV,IAAI;AAAA,UACJ;AAAA,UACA;AAAA,UACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA;AAAA,QACpC,CAAC;AAAA,MACH,SAAS,OAAO;AACd,gBAAQ,KAAK,+BAA+B,GAAG,KAAK,KAAK;AAAA,MAC3D;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEU,kBAAkB,KAAa,WAA6B;AACpE,UAAM,uBAAuB,GAAG,GAAG;AAEnC,WAAO;AAAA,MACL,YAAY,CAAC,gCAAgC,8CAA8C;AAAA,MAC3F,IAAI;AAAA,MACJ,oBAAoB;AAAA,QAClB;AAAA,UACE,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,YAAY;AAAA,UACZ,cAAc;AAAA,QAChB;AAAA,MACF;AAAA,MACA,gBAAgB,CAAC,oBAAoB;AAAA,MACrC,iBAAiB,CAAC,oBAAoB;AAAA,MACtC,sBAAsB,CAAC,oBAAoB;AAAA,MAC3C,sBAAsB,CAAC,oBAAoB;AAAA,IAC7C;AAAA,EACF;AAAA,EAEQ,qBAAqB,KAA0B;AAErD,UAAM,UAAU,IAAI,QAAQ,YAAY,EAAE;AAC1C,UAAM,YAAY,KAAK,MAAM,OAAO,KAAK,SAAS,WAAW,EAAE,SAAS,CAAC;AAEzE,WAAO,KAAK,kBAAkB,KAAK,SAAS;AAAA,EAC9C;AAAA,EAEA,MAAc,YAAY,QAA8B;AAAA,EAIxD;AACF;;;ACnLO,IAAM,sBAAN,MAA0B;AAAA,EACvB;AAAA,EACA,iBAAgC;AAAA,EAExC,YAAY,YAAyB;AACnC,SAAK,aAAa,cAAc,IAAI,WAAW;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,oBAAqC;AACzC,QAAI,KAAK,gBAAgB;AACvB,aAAO,KAAK;AAAA,IACd;AAGA,UAAM,cAAc,MAAM,KAAK,YAAY;AAC3C,QAAI,aAAa;AACf,WAAK,iBAAiB;AACtB,aAAO;AAAA,IACT;AAGA,WAAO,MAAM,KAAK,cAAc;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAiC;AAErC,UAAM,UAAU,MAAM,YAAY,gBAAgB;AAGlD,UAAM,MAAM,KAAK,aAAa,QAAQ,SAAS;AAG/C,UAAM,KAAK,WAAW,SAAS,KAAK,QAAQ,UAAU;AAGtD,UAAM,KAAK,YAAY,GAAG;AAC1B,SAAK,iBAAiB;AAEtB,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAA+B;AACnC,UAAM,MAAM,MAAM,KAAK,kBAAkB;AACzC,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,GAAG;AAEnD,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,WAAO;AAAA,MACL;AAAA,MACA,WAAW,KAAK,iBAAiB,UAAU;AAAA,IAC7C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,KAAoC;AACvD,UAAM,UAAU,OAAQ,MAAM,KAAK,kBAAkB;AAErD,QAAI,CAAC,QAAQ,WAAW,UAAU,GAAG;AACnC,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAEA,WAAO,KAAK,qBAAqB,OAAO;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBAA0F;AAC9F,UAAM,MAAM,MAAM,KAAK,kBAAkB;AACzC,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,GAAG;AACnD,UAAM,cAAc,MAAM,KAAK,eAAe,GAAG;AAEjD,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,WAAO,EAAE,KAAK,YAAY,YAAY;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAmB,QAAyD;AAEhF,UAAM,KAAK,WAAW,SAAS,OAAO,KAAK,OAAO,UAAU;AAG5D,UAAM,KAAK,YAAY,OAAO,GAAG;AACjC,SAAK,iBAAiB,OAAO;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAqC;AAEzC,SAAK,iBAAiB;AAGtB,UAAM,KAAK,aAAa;AAGxB,WAAO,MAAM,KAAK,cAAc;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAa,WAAwB;AAC3C,UAAM,YAAY;AAAA,MAChB,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAA,MACf,GAAG,UAAU;AAAA,MACb,GAAG,UAAU;AAAA,MACb,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAA,IACjB;AAEA,UAAM,UAAU,OAAO,KAAK,KAAK,UAAU,SAAS,CAAC,EAAE,SAAS,WAAW;AAC3E,WAAO,WAAW,OAAO;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAiB,YAAsB;AAC7C,UAAM,EAAE,GAAG,SAAS,GAAG,UAAU,IAAI;AACrC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAqB,KAA0B;AACrD,UAAM,UAAU,IAAI,QAAQ,YAAY,EAAE;AAC1C,UAAM,YAAY,KAAK,MAAM,OAAO,KAAK,SAAS,WAAW,EAAE,SAAS,CAAC;AAEzE,WAAO,KAAK,kBAAkB,KAAK,SAAS;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAkB,KAAa,WAA6B;AAClE,UAAM,uBAAuB,GAAG,GAAG;AAEnC,WAAO;AAAA,MACL,YAAY,CAAC,gCAAgC,8CAA8C;AAAA,MAC3F,IAAI;AAAA,MACJ,oBAAoB;AAAA,QAClB;AAAA,UACE,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,YAAY;AAAA,UACZ,cAAc;AAAA,QAChB;AAAA,MACF;AAAA,MACA,gBAAgB,CAAC,oBAAoB;AAAA,MACrC,iBAAiB,CAAC,oBAAoB;AAAA,MACtC,sBAAsB,CAAC,oBAAoB;AAAA,MAC3C,sBAAsB,CAAC,oBAAoB;AAAA,IAC7C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,YAAY,KAA4B;AACpD,UAAMC,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,YAAYD,MAAK,KAAKC,IAAG,QAAQ,GAAG,OAAO;AACjD,UAAMF,IAAG,MAAM,WAAW,EAAE,WAAW,KAAK,CAAC;AAE7C,UAAM,cAAcC,MAAK,KAAK,WAAW,cAAc;AACvD,UAAMD,IAAG,UAAU,aAAa,KAAK,OAAO;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,cAAsC;AAClD,UAAMA,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,cAAcD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,cAAc;AAEnE,QAAI;AACF,aAAO,MAAMF,IAAG,SAAS,aAAa,OAAO;AAAA,IAC/C,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,eAA8B;AAC1C,UAAMA,MAAK,MAAM,OAAO,aAAa;AACrC,UAAMC,QAAO,MAAM,OAAO,MAAM;AAChC,UAAMC,MAAK,MAAM,OAAO,IAAI;AAE5B,UAAM,cAAcD,MAAK,KAAKC,IAAG,QAAQ,GAAG,SAAS,cAAc;AAEnE,QAAI;AACF,YAAMF,IAAG,OAAO,WAAW;AAAA,IAC7B,QAAQ;AAAA,IAER;AAAA,EACF;AACF;;;AC9NO,IAAM,YAAN,MAAgB;AAAA,EACb;AAAA,EACA,YAAqC,oBAAI,IAAI;AAAA,EAC7C;AAAA,EACA;AAAA,EAER,YACE,YACA,cACA,qBACA;AACA,SAAK,aAAa,cAAc,IAAI,WAAW;AAC/C,SAAK,eAAe,gBAAgB,IAAI,aAAa,KAAK,UAAU;AACpE,SAAK,sBAAsB,uBAAuB,IAAI,oBAAoB,KAAK,UAAU;AACzF,SAAK,yBAAyB;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA,EAKQ,gCAAgC,UAA4B;AAClE,YAAQ,UAAU;AAAA,MAChB,KAAK;AACH,eAAO,CAAC,QAAQ,UAAU,SAAS,YAAY;AAAA,MACjD,KAAK;AACH,eAAO,CAAC,YAAY,WAAW,SAAS,YAAY;AAAA,MACtD,KAAK;AACH,eAAO,CAAC,kBAAkB,cAAc,cAAc,QAAQ,aAAa;AAAA,MAC7E;AACE,eAAO,CAAC;AAAA,IACZ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,MACJ,UACA,QACA,SAMiB;AACjB,UAAM,aAAa,KAAK,UAAU,IAAI,QAAQ;AAC9C,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,wBAAwB,QAAQ,EAAE;AAAA,IACpD;AAGA,UAAM,YAAY,QAAQ,aAAc,MAAM,KAAK,oBAAoB,kBAAkB;AAGzF,QAAI;AACJ,QAAI,QAAQ,SAAS;AAEnB,mBAAa,MAAM,KAAK,aAAa,YAAY,QAAQ,OAAO;AAAA,IAClE,WAAW,QAAQ,YAAY;AAE7B,mBAAa,QAAQ;AAAA,IACvB,OAAO;AAEL,mBAAa;AAAA,IACf;AAGA,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,MAAM,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAG3C,UAAM,oBAAoB;AAAA,MACxB,IAAI;AAAA,MACJ,GAAG;AAAA,IACL;AAGA,QAAI,WAAW,UAAU;AACvB,aAAO,OAAO,mBAAmB,WAAW,QAAQ;AAAA,IACtD;AAGA,UAAM,YAAiB;AAAA;AAAA,MAErB,KAAK,WAAW;AAAA,MAChB,KAAK;AAAA,MACL;AAAA,MACA,KAAK;AAAA;AAAA,QAEH,KAAK,MAAM,KAAK,oBAAoB,UAAU;AAAA,MAChD;AAAA;AAAA,MAEA;AAAA,IACF;AAEA,QAAI,QAAQ,WAAW;AACrB,YAAM,UAAU,KAAK,wBAAwB,QAAQ,SAAS;AAC9D,gBAAU,MAAM,KAAK,MAAM,QAAQ,QAAQ,IAAI,GAAI;AAAA,IACrD;AAGA,UAAM,KAAK;AAAA,MACT,GAAG;AAAA,MACH,YAAY,CAAC,sCAAsC;AAAA,MACnD,QAAQ;AAAA,MACR,WAAW,IAAI,YAAY;AAAA,IAC7B;AAEA,QAAI,WAAW,YAAY,CAAC,WAAW,SAAS,EAAS,GAAG;AAC1D,YAAM,IAAI,MAAM,sBAAsB;AAAA,IACxC;AAGA,gBAAY,cAAc,KAAK,UAAU;AAGzC,UAAM,gBAAgB,MAAM,YAAY,kBAAkB,SAAS;AAGnE,UAAM,+BAA+B,KAAK,gCAAgC,QAAQ;AAIlF,UAAM,yBAAyB,YAAY;AAAA,MACzC;AAAA,MACA;AAAA,IACF;AAGA,UAAM,kBAAkB;AAAA,MACtB,mBAAmB;AAAA,IACrB;AAIA,UAAM,UAAU,MAAM,cAAc;AAAA,MAClC;AAAA,MACA;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,oBAAoB,YAAkC;AAElE,QAAI,CAAC,WAAW,WAAW,UAAU,GAAG;AACtC,YAAM,IAAI,MAAM,kDAAkD,UAAU,EAAE;AAAA,IAChF;AAEA,QAAI;AAEF,YAAM,aAAa,WAAW,QAAQ,YAAY,EAAE;AACpD,YAAM,UAAU,OAAO,KAAK,YAAY,WAAW,EAAE,SAAS,OAAO;AACrE,YAAM,MAAM,KAAK,MAAM,OAAO;AAG9B,YAAM,EAAE,GAAG,SAAS,GAAG,UAAU,IAAI;AAGrC,YAAM,kBAAkB;AAAA,QACtB,GAAG;AAAA;AAAA,MAEL;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,uCAAuC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACjG;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,gBACA,QACA,SAIiB;AAEjB,UAAM,gBAAgB,MAAM,MAAM,gBAAgB,0BAA0B,GAAG;AAAA,MAC7E,QAAQ;AAAA,MACR,SAAS,cAAc,QAAQ;AAAA,MAC/B,MAAM,KAAK,UAAU;AAAA,QACnB;AAAA,QACA;AAAA,QACA,YAAY,QAAQ;AAAA,MACtB,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,cAAc,IAAI;AACrB,YAAM,IAAI,MAAM,mCAAmC,cAAc,UAAU,EAAE;AAAA,IAC/E;AAEA,UAAM,QAAS,MAAM,cAAc,KAAK;AAGxC,UAAM,kBAAkB,MAAM,MAAM,gBAAgB,4BAA4B,GAAG;AAAA,MACjF,QAAQ;AAAA,MACR,SAAS,cAAc,QAAQ;AAAA,MAC/B,MAAM,KAAK,UAAU;AAAA,QACnB,SAAS,MAAM;AAAA,QACf,WAAW,QAAQ;AAAA,MACrB,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,gBAAgB,IAAI;AACvB,YAAM,IAAI,MAAM,iCAAiC,gBAAgB,UAAU,EAAE;AAAA,IAC/E;AAEA,UAAM,aAAc,MAAM,gBAAgB,KAAK;AAC/C,WAAO,WAAW;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,SACA,SAKc;AAEd,UAAM,QAAQ,QAAQ,MAAM,GAAG;AAC/B,UAAM,MAAM,MAAM,CAAC;AACnB,UAAM,WAAW,IAAI,MAAM,GAAG;AAC9B,UAAM,UAAU,KAAK,MAAM,OAAO,KAAK,SAAS,CAAC,GAAG,WAAW,EAAE,SAAS,CAAC;AAE3E,UAAM,YAAY,QAAQ;AAC1B,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,mCAAmC;AAAA,IACrD;AAGA,QAAI,SAAS,kBAAkB,cAAc,QAAQ,gBAAgB;AACnE,YAAM,IAAI,MAAM,6BAA6B,QAAQ,cAAc,SAAS,SAAS,EAAE;AAAA,IACzF;AAGA,gBAAY,cAAc,KAAK,UAAU;AAGzC,UAAM,gBAAgB,MAAM,YAAY,kBAAkB,SAAS;AAGnE,UAAM,EAAE,SAAS,gBAAgB,IAAI,MAAM,cAAc;AAAA,MACvD;AAAA,MACA,SAAS,iBAAiB,EAAE,mBAAmB,SAAS,eAAe,IAAI;AAAA,IAC7E;AAEA,UAAM,cAAc,MAAM,cAAc,UAAU,OAAO;AAGzD,UAAM,YAAa,iBAAiB,mBAA2B,MAAM,gBAAgB;AACrF,QAAI,SAAS,iBAAiB;AAC5B,UAAI,cAAc,QAAQ,iBAAiB;AACzC,cAAM,IAAI,MAAM,8BAA8B,QAAQ,eAAe,SAAS,SAAS,EAAE;AAAA,MAC3F;AAAA,IACF;AAGA,WAAO;AAAA,MACL,SAAS;AAAA,MACT;AAAA,MACA,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,UAAU,iBAAiB,OAAO,IAAI,KAAK,gBAAgB,MAAM,GAAI;AAAA,MACrE,WAAW,gBAAgB,MAAM,IAAI,KAAK,gBAAgB,MAAM,GAAI,IAAI;AAAA,IAC1E;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,OAAe,YAAmC;AAE7D,UAAM,IAAI,MAAM,mCAAmC;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,iBAAiB,UAA4B;AAC3C,SAAK,UAAU,IAAI,SAAS,MAAM,QAAQ;AAAA,EAC5C;AAAA,EAEQ,2BAAiC;AAEvC,SAAK,UAAU,IAAI,oBAAoB;AAAA,MACrC,MAAM;AAAA,MACN,MAAM;AAAA,MACN,aAAa;AAAA,MACb,UAAU,CAAC,OAAqB;AAC9B,cAAM,SAAS;AACf,eAAO,CAAC,EAAE,OAAO,kBAAkB,QAAQ,OAAO,kBAAkB;AAAA,MACtE;AAAA,IACF,CAAC;AAGD,SAAK,UAAU,IAAI,gBAAgB;AAAA,MACjC,MAAM;AAAA,MACN,MAAM;AAAA,MACN,aAAa;AAAA,MACb,UAAU,CAAC,OAAqB;AAC9B,cAAM,SAAS;AACf,eAAO,CAAC,EACN,OAAO,kBAAkB,YACzB,OAAO,kBAAkB,WACzB,OAAO,kBAAkB,QAAQ,SAAS;AAAA,MAE9C;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEQ,wBAAwB,WAAyB;AACvD,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,QAAQ,UAAU,MAAM,gBAAgB;AAE9C,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,MAAM,6BAA6B,SAAS,EAAE;AAAA,IAC1D;AAEA,UAAM,QAAQ,SAAS,MAAM,CAAC,CAAC;AAC/B,UAAM,OAAO,MAAM,CAAC;AAEpB,YAAQ,MAAM;AAAA,MACZ,KAAK;AACH,YAAI,SAAS,IAAI,SAAS,IAAI,KAAK;AACnC;AAAA,MACF,KAAK;AACH,YAAI,QAAQ,IAAI,QAAQ,IAAI,KAAK;AACjC;AAAA,MACF,KAAK;AACH,YAAI,WAAW,IAAI,WAAW,IAAI,KAAK;AACvC;AAAA,MACF;AACE,cAAM,IAAI,MAAM,sBAAsB,IAAI,EAAE;AAAA,IAChD;AAEA,WAAO;AAAA,EACT;AACF;;;ACzWA,IAAAG,wBAAuB;AAEhB,IAAM,YAAN,MAAgB;AAAA,EACb;AAAA,EAER,YAAY,YAAyB;AACnC,SAAK,aAAa,cAAc,IAAI,WAAW;AAE/C,gBAAY,cAAc,KAAK,UAAU;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,OACJ,KACA,SAMiB;AACjB,QAAI,IAAI,WAAW,GAAG;AACpB,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AAGA,UAAM,gBAAgB,MAAM,YAAY,kBAAkB,QAAQ,SAAS;AAG3E,UAAM,UAAU,IAAI,CAAC;AAErB,QAAI;AAEF,YAAM,YAAY,MAAM,cAAc,OAAO,OAAO;AAGpD,YAAM,kBAAkB,MAAM,UAAU,gBAAgB,4BAAM;AAI9D,YAAM,oBAA6C,CAAC;AACpD,sBAAgB,QAAQ,CAAC,QAAgB;AACvC,0BAAkB,GAAG,IAAI;AAAA,MAC3B,CAAC;AAGD,YAAM,eAAe;AAAA,QACnB,KAAK,QAAQ;AAAA,QACb,OAAO,QAAQ;AAAA,QACf,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAAA,MACnC;AAIA,YAAM,eAAe,MAAM,cAAc,QAAQ,SAAS,mBAAmB;AAAA,QAC3E,IAAI,EAAE,SAAS,aAAa;AAAA,MAC9B,CAAC;AAED,aAAO;AAAA,IACT,SAAS,OAAY;AACnB,cAAQ,MAAM,8CAA8C,KAAK;AACjE,YAAM,IAAI,MAAM,yCAAyC,MAAM,OAAO,EAAE;AAAA,IAC1E;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,OACA,SAKiC;AAEjC,UAAM,WAAW,MAAM,MAAM,kBAAkB,mBAAmB,GAAG;AAAA,MACnE,QAAQ;AAAA,MACR,SAAS,cAAc,UAAU;AAAA,MACjC,MAAM,KAAK,UAAU;AAAA,QACnB,IAAI;AAAA,QACJ,WAAW,QAAQ;AAAA,QACnB,QAAQ,QAAQ;AAAA,MAClB,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,2BAA2B,SAAS,UAAU,EAAE;AAAA,IAClE;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AAEpC,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,2BAA2B,QAAQ,KAAK,EAAE;AAAA,IAC5D;AAGA,UAAM,KAAK,QAAQ;AAEnB,QAAI,QAAQ,kBAAkB,GAAG,WAAW,QAAQ,gBAAgB;AAClE,YAAM,IAAI,MAAM,8BAA8B,QAAQ,cAAc,UAAU,GAAG,MAAM,EAAE;AAAA,IAC3F;AAEA,QAAI,GAAG,OAAO,cAAc,QAAQ,mBAAmB;AACrD,YAAM,IAAI,MAAM,oBAAoB;AAAA,IACtC;AAEA,QAAI,GAAG,OAAO,WAAW,QAAQ,gBAAgB;AAC/C,YAAM,IAAI,MAAM,iBAAiB;AAAA,IACnC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,cACE,QACA,OAIW;AACX,WAAO;AAAA,MACL,WAAW,cAAc;AAAA,MACzB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,OACA,kBAC8C;AAC9C,UAAM,WAAW,MAAM,MAAM,kBAAkB;AAAA,MAC7C,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU,EAAE,IAAI,MAAM,CAAC;AAAA,IACpC,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,wBAAwB,SAAS,UAAU,EAAE;AAAA,IAC/D;AAEA,WAAO,SAAS,KAAK;AAAA,EACvB;AACF;;;ACnJO,IAAM,cAAN,MAAkB;AAAA,EACf;AAAA,EACA,QAAqC,oBAAI,IAAI;AAAA,EAC7C;AAAA,EAER,YAAY,WAAuB;AACjC,SAAK,YAAY,aAAa,IAAI,UAAU;AAC5C,UAAM,SAAS,UAAU;AACzB,SAAK,cAAc,OAAO,UAAU,WAAW;AAC/C,SAAK,qBAAqB;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,MACA,QACA,QACA,SAI+B;AAE/B,UAAM,UAAU,KAAK,MAAM,IAAI,IAAI;AACnC,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,MAAM,iBAAiB,IAAI,EAAE;AAAA,IACzC;AAGA,UAAM,YAAY,QAAQ,QAAQ,KAAK,OAAK,EAAE,SAAS,MAAM;AAC7D,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,kBAAkB,MAAM,aAAa,IAAI,EAAE;AAAA,IAC7D;AAGA,UAAM,SAAS,IAAI,IAAI,KAAK,WAAW,EAAE;AACzC,UAAM,YAAY,KAAK,kBAAkB;AAEzC,UAAM,QAAQ,MAAM,KAAK,UAAU,OAAO,QAAQ,KAAK;AAAA,MACrD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,IACX,CAAC;AAGD,QAAI,KAAK,gBAAgB,eAAe;AAEtC,YAAM,eAAqC;AAAA,QACzC,SAAS;AAAA,QACT,MAAM;AAAA,UACJ,SAAS;AAAA,UACT,SAAS,OAAO,WAAW;AAAA,UAC3B,MAAM,OAAO,QAAQ;AAAA,UACrB,IAAI,KAAK,IAAI,EAAE,SAAS;AAAA,UACxB,IAAI;AAAA,QACN;AAAA,QACA,UAAU;AAAA,UACR;AAAA,UACA;AAAA,UACA,QAAQ,QAAQ;AAAA,UAChB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,UAClC,MAAM;AAAA,QACR;AAAA,MACF;AAGA,YAAM,IAAI,QAAQ,aAAW,WAAW,SAAS,GAAG,CAAC;AACrD,aAAO;AAAA,IACT;AAGA,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,eAAe,UAAU,KAAK;AAAA,MAC9B,gBAAgB,QAAQ;AAAA,MACxB,oBAAoB;AAAA,IACtB;AAGA,QAAI,CAAC,MAAM,SAAS,GAAG,GAAG;AACxB,cAAQ,OAAO,IAAI,KAAK,UAAU,QAAQ,GAAG;AAAA,IAC/C;AAEA,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,WAAW,uBAAuB;AAAA,MACrE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAEhB,YAAM,cAAc,SAAS,QAAQ,IAAI,cAAc;AACvD,UAAI,eAAe,YAAY,SAAS,kBAAkB,GAAG;AAC3D,YAAI;AACF,gBAAM,gBAAgB,MAAM,SAAS,KAAK;AAE1C,cAAI,cAAc,YAAY,OAAO;AACnC,mBAAO;AAAA,UACT;AAEA,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,cAAc,WAAW,cAAc,SAAS;AAAA,YACvD,UAAU,cAAc;AAAA,UAC1B;AAAA,QACF,SAAS,YAAY;AAEnB,gBAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,2BAA2B,KAAK;AAAA,UACzC;AAAA,QACF;AAAA,MACF,OAAO;AAEL,cAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,2BAA2B,KAAK;AAAA,QACzC;AAAA,MACF;AAAA,IACF;AAEA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAyB;AACvB,WAAO,MAAM,KAAK,KAAK,MAAM,OAAO,CAAC;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,QAAQ,MAA0C;AAChD,WAAO,KAAK,MAAM,IAAI,IAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,MAA4B;AACvC,SAAK,MAAM,IAAI,KAAK,MAAM,IAAI;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBACJ,KACA,MACA,QACA,eACkB;AAGlB,eAAW,SAAS,KAAK;AACvB,UAAI;AACF,cAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,cAAM,UAAU,KAAK,MAAM,OAAO,KAAK,MAAM,CAAC,GAAG,WAAW,EAAE,SAAS,CAAC;AAExE,YAAI,QAAQ,mBAAmB,SAAS,GAAG,IAAI,IAAI,MAAM,IAAI;AAE3D,cAAI,eAAe;AACjB,kBAAM,UAAU,QAAQ,kBAAkB;AAC1C,gBAAI,CAAC,KAAK,WAAW,SAAS,aAAa,GAAG;AAC5C;AAAA,YACF;AAAA,UACF;AACA,iBAAO;AAAA,QACT;AAAA,MACF,QAAQ;AACN;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,WAAW,SAA8B,eAA6C;AAE5F,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,aAAa,GAAG;AACxD,UAAI,QAAQ,GAAG,MAAM,SAAS,QAAQ,GAAG,MAAM,KAAK;AAClD,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,oBAA4B;AAClC,WAAO,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AAAA,EACjG;AAAA,EAEQ,uBAA6B;AAEnC,SAAK,MAAM,IAAI,SAAS;AAAA,MACtB,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,SAAS;AAAA,YACT,MAAM;AAAA,YACN,WAAW;AAAA,UACb;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY,CAAC;AAAA,QACf;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,SAAS;AAAA,YACT,QAAQ;AAAA,YACR,QAAQ;AAAA,YACR,OAAO;AAAA,YACP,WAAW;AAAA,UACb;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAGD,SAAK,MAAM,IAAI,UAAU;AAAA,MACvB,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,OAAO;AAAA,YACP,MAAM;AAAA,YACN,OAAO;AAAA,YACP,MAAM;AAAA,YACN,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,OAAO;AAAA,YACP,MAAM;AAAA,YACN,OAAO;AAAA,UACT;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,OAAO;AAAA,YACP,MAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAGD,SAAK,MAAM,IAAI,SAAS;AAAA,MACtB,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,IAAI;AAAA,YACJ,SAAS;AAAA,YACT,MAAM;AAAA,YACN,IAAI;AAAA,YACJ,KAAK;AAAA,YACL,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,OAAO;AAAA,YACP,YAAY;AAAA,YACZ,WAAW;AAAA,YACX,UAAU;AAAA,UACZ;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,WAAW;AAAA,YACX,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY,CAAC;AAAA,QACf;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,OAAO;AAAA,YACP,YAAY;AAAA,YACZ,WAAW;AAAA,UACb;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,WAAW;AAAA,YACX,aAAa;AAAA,YACb,gBAAgB;AAAA,UAClB;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,IAAI;AAAA,YACJ,SAAS;AAAA,YACT,MAAM;AAAA,YACN,IAAI;AAAA,YACJ,KAAK;AAAA,YACL,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAGD,SAAK,MAAM,IAAI,SAAS;AAAA,MACtB,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,UAAU;AAAA,YACV,OAAO;AAAA,YACP,YAAY;AAAA,YACZ,WAAW;AAAA,YACX,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,YACR,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,MAAM;AAAA,YACN,SAAS;AAAA,YACT,UAAU;AAAA,YACV,SAAS;AAAA,YACT,aAAa;AAAA,UACf;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,SAAS;AAAA,YACT,aAAa;AAAA,UACf;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,UAAU;AAAA,UACZ;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,MAAM;AAAA,YACN,UAAU;AAAA,YACV,aAAa;AAAA,UACf;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,YACR,UAAU;AAAA,UACZ;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,MAAM;AAAA,YACN,cAAc;AAAA,YACd,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAGD,SAAK,MAAM,IAAI,QAAQ;AAAA,MACrB,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,gBAAgB;AAAA,YAChB,MAAM;AAAA,UACR;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,SAAS;AAAA,YACT,OAAO;AAAA,UACT;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,UAAU;AAAA,YACV,YAAY;AAAA,UACd;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,KAAK;AAAA,YACL,YAAY;AAAA,YACZ,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,cAAc;AAAA,UAChB;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,UAAU;AAAA,UACZ;AAAA,QACF;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,aAAa;AAAA,UACb,YAAY;AAAA,YACV,YAAY;AAAA,YACZ,SAAS;AAAA,YACT,aAAa;AAAA,YACb,WAAW;AAAA,YACX,UAAU;AAAA,YACV,UAAU;AAAA,UACZ;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AC9fO,IAAM,gBAAN,MAAoB;AAAA,EACjB;AAAA,EACA;AAAA,EAER,YAAY,WAAuB;AACjC,SAAK,YAAY,aAAa,IAAI,UAAU;AAC5C,UAAM,SAAS,UAAU;AACzB,SAAK,cAAc,OAAO,UAAU,WAAW;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MACJ,SACA,SAMyB;AAEzB,UAAM,SAAS,IAAI,IAAI,KAAK,WAAW,EAAE;AACzC,UAAM,YAAY,KAAK,kBAAkB;AAEzC,UAAM,QAAQ,MAAM,KAAK,UAAU,OAAO,QAAQ,KAAK;AAAA,MACrD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,IACX,CAAC;AAGD,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,WAAW,kBAAkB,QAAQ,SAAS,QAAQ;AAAA,MACzF,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,eAAe,UAAU,KAAK;AAAA,MAChC;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,YAAM,IAAI,MAAM,8BAA8B,KAAK,EAAE;AAAA,IACvD;AAEA,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MACJ,OACA,SAO4B;AAE5B,UAAM,SAAS,IAAI,IAAI,KAAK,WAAW,EAAE;AACzC,UAAM,YAAY,KAAK,kBAAkB;AAEzC,UAAM,QAAQ,MAAM,KAAK,UAAU,OAAO,QAAQ,KAAK;AAAA,MACrD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,IACX,CAAC;AAGD,UAAM,cAA2B;AAAA,MAC/B;AAAA,MACA,WAAW,QAAQ;AAAA,MACnB,OAAO,QAAQ,SAAS;AAAA,MACxB,QAAQ,QAAQ;AAAA,IAClB;AAGA,UAAM,YAAY,QAAQ,aAAa;AACvC,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,WAAW,kBAAkB,SAAS,UAAU;AAAA,MACnF,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,eAAe,UAAU,KAAK;AAAA,MAChC;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,GAAG;AAAA,QACH;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,YAAM,IAAI,MAAM,2BAA2B,KAAK,EAAE;AAAA,IACpD;AAEA,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OACJ,YACA,SAKe;AAEf,UAAM,SAAS,IAAI,IAAI,KAAK,WAAW,EAAE;AACzC,UAAM,YAAY,KAAK,kBAAkB;AAEzC,UAAM,QAAQ,MAAM,KAAK,UAAU,OAAO,QAAQ,KAAK;AAAA,MACrD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,IACX,CAAC;AAGD,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,KAAK,WAAW,kBAAkB,QAAQ,SAAS,IAAI,UAAU;AAAA,MACpE;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,eAAe;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,YAAM,IAAI,MAAM,iCAAiC,KAAK,EAAE;AAAA,IAC1D;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,KAAK,SAMoB;AAE7B,UAAM,SAAS,IAAI,IAAI,KAAK,WAAW,EAAE;AACzC,UAAM,YAAY,KAAK,kBAAkB;AAEzC,UAAM,QAAQ,MAAM,KAAK,UAAU,OAAO,QAAQ,KAAK;AAAA,MACrD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,IACX,CAAC;AAGD,UAAM,SAAS,IAAI,gBAAgB;AAAA,MACjC,QAAQ,QAAQ,SAAS,KAAK,SAAS;AAAA,MACvC,SAAS,QAAQ,UAAU,GAAG,SAAS;AAAA,IACzC,CAAC;AAED,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,KAAK,WAAW,kBAAkB,QAAQ,SAAS,SAAS,MAAM;AAAA,MACrE;AAAA,QACE,SAAS;AAAA,UACP,eAAe,UAAU,KAAK;AAAA,UAC9B,eAAe;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,YAAM,IAAI,MAAM,oCAAoC,KAAK,EAAE;AAAA,IAC7D;AAEA,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBACJ,KACA,QACA,UACkB;AAElB,eAAW,SAAS,KAAK;AACvB,UAAI;AACF,cAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,cAAM,UAAU,KAAK,MAAM,OAAO,KAAK,MAAM,CAAC,GAAG,WAAW,EAAE,SAAS,CAAC;AAExE,cAAM,aAAa,QAAQ,mBAAmB;AAC9C,cAAM,YAAY,QAAQ,mBAAmB,WAAW,CAAC;AAGzD,YAAI,KAAK,cAAc,YAAY,QAAQ,GAAG;AAE5C,cAAI,UAAU,SAAS,MAAM,GAAG;AAC9B,mBAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF,QAAQ;AACN;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,cAAc,YAAoB,kBAAmC;AAE3E,QAAI,WAAW,SAAS,IAAI,GAAG;AAC7B,YAAM,SAAS,WAAW,MAAM,GAAG,EAAE;AACrC,aAAO,iBAAiB,WAAW,MAAM;AAAA,IAC3C;AACA,WAAO,eAAe;AAAA,EACxB;AAAA,EAEQ,oBAA4B;AAClC,WAAO,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AAAA,EACjG;AACF;;;AC/PO,IAAM,sBAAN,MAA0B;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,WAAuB,WAAuB;AACxD,SAAK,YAAY,aAAa,IAAI,UAAU;AAC5C,SAAK,YAAY,aAAa,IAAI,UAAU;AAC5C,UAAM,SAAS,UAAU;AACzB,SAAK,aAAa,OAAO,UAAU,WAAW;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,uBACJ,eACA,gBACA,WAIC;AAED,UAAM,YAAY,KAAK,kBAAkB;AAGzC,UAAM,YAA+B;AAAA,MACnC,YAAY;AAAA,MACZ;AAAA,MACA;AAAA,MACA,QAAQ,IAAI,IAAI,KAAK,UAAU,EAAE;AAAA,IACnC;AAGA,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,UAAU,0CAA0C;AAAA,MACvF,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,SAAS;AAAA,IAChC,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,8BAA8B,SAAS,UAAU,EAAE;AAAA,IACrE;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AAEpC,QAAI,CAAC,OAAO,SAAS;AACnB,YAAM,IAAI,MAAM,sBAAsB,OAAO,KAAK,EAAE;AAAA,IACtD;AAEA,WAAO;AAAA,MACL,sBAAsB,OAAO;AAAA,MAC7B,UAAU,OAAO;AAAA,IACnB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,sCACJ,UACA,eACA,gBACA,WACmB;AAEnB,UAAM,EAAE,qBAAqB,IAAI,MAAM,KAAK;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAGA,UAAM,YAAsB,CAAC;AAE7B,eAAW,cAAc,sBAAsB;AAC7C,iBAAW,UAAU,WAAW,SAAS;AACvC,cAAM,KAAK,MAAM,KAAK,UAAU;AAAA,UAC9B;AAAA,UACA;AAAA,YACE,MAAM,GAAG,WAAW,IAAI,IAAI,MAAM;AAAA,YAClC,KAAK,WAAW;AAAA,YAChB,uBAAuB;AAAA,YACvB,kBAAkB;AAAA;AAAA,UACpB;AAAA,UACA;AAAA,YACE;AAAA,YACA,YAAY;AAAA,YACZ,WAAW,WAAW,YAAY;AAAA,UACpC;AAAA,QACF;AAEA,kBAAU,KAAK,EAAE;AAAA,MACnB;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBACJ,eACA,UACA,OACA,WACA,SAOC;AAED,UAAM,iBAA0C,MAAM,IAAI,WAAS;AAAA,MACjE;AAAA,MACA,SAAS,CAAC,QAAQ,OAAO;AAAA;AAAA,MACzB,UAAU,SAAS;AAAA,MACnB,eAAe,SAAS;AAAA,IAC1B,EAAE;AAGF,UAAM,YAAY,MAAM,KAAK;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAGA,UAAM,oBAA8C,CAAC;AACrD,eAAW,QAAQ,OAAO;AACxB,YAAM,aAAa,UAAU,OAAO,QAAM,GAAG,SAAS,IAAI,CAAC;AAC3D,wBAAkB,IAAI,IAAI,WAAW,IAAI,QAAM,KAAK,oBAAoB,EAAE,CAAC;AAAA,IAC7E;AAEA,WAAO;AAAA,MACL;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBAAqB,QAA2C;AACpE,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,UAAU,8BAA8B;AAAA,MAC3E,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,MAAM;AAAA,IAC7B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,qCAAqC,SAAS,UAAU,EAAE;AAAA,IAC5E;AAAA,EACF;AAAA,EAEQ,oBAA4B;AAClC,WAAO,aAAa,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC,CAAC;AAAA,EAC3E;AAAA,EAEQ,oBAAoB,OAAuB;AAEjD,QAAI;AACF,YAAM,CAAC,EAAE,OAAO,IAAI,MAAM,MAAM,GAAG;AACnC,YAAM,KAAK,KAAK,MAAM,OAAO,KAAK,SAAS,WAAW,EAAE,SAAS,CAAC;AAClE,aAAO,GAAG,kBAAkB,KAAK,MAAM,GAAG,EAAE,IAAI,KAAK;AAAA,IACvD,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACvHO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAAY,YAAuB;AAAA,EAEnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QACJ,SAKA,aAI0B;AAC1B,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,eAAe,IAAI,UAAU,YAAY,KAAK;AAAA,IACxD,WAAW,YAAY,WAAW;AAChC,cAAQ,cAAc,IAAI,YAAY;AAAA,IACxC,OAAO;AACL,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AAEA,UAAM,WAAW,MAAM,MAAM,aAAa,wBAAwB,GAAG;AAAA,MACnE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,mCAAmC,SAAS,UAAU,EAAE;AAAA,IACzF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,QACJ,SACA,aAIgB;AAChB,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,eAAe,IAAI,UAAU,YAAY,KAAK;AAAA,IACxD,WAAW,YAAY,WAAW;AAChC,cAAQ,cAAc,IAAI,YAAY;AAAA,IACxC,OAAO;AACL,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AAEA,UAAM,WAAW,MAAM,MAAM,aAAa,wBAAwB,GAAG;AAAA,MACnE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,4BAA4B,SAAS,UAAU,EAAE;AAAA,IAClF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,OACJ,SACA,aAIgB;AAChB,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,eAAe,IAAI,UAAU,YAAY,KAAK;AAAA,IACxD,WAAW,YAAY,WAAW;AAChC,cAAQ,cAAc,IAAI,YAAY;AAAA,IACxC,OAAO;AACL,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AAEA,UAAM,WAAW,MAAM,MAAM,aAAa,gBAAgB,GAAG;AAAA,MAC3D,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,2BAA2B,SAAS,UAAU,EAAE;AAAA,IACjF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YACJ,QACA,QAC6C;AAC7C,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AACA,UAAM,gBAAgB,mBAAmB,MAAM;AAC/C,UAAM,MAAM,SACR,aAAa,uBAAuB,aAAa,WAAW,MAAM,EAAE,IACpE,aAAa,uBAAuB,aAAa,EAAE;AAEvD,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR;AAAA,IACF,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,mCAAmC,SAAS,UAAU,EAAE;AAAA,IACzF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cACJ,WACA,QAC6C;AAC7C,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AACA,UAAM,aAAa,mBAAmB,SAAS;AAC/C,UAAM,MAAM,SACR,aAAa,yBAAyB,UAAU,WAAW,MAAM,EAAE,IACnE,aAAa,yBAAyB,UAAU,EAAE;AAEtD,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR;AAAA,IACF,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,qCAAqC,SAAS,UAAU,EAAE;AAAA,IAC3F;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,IAAI,SAAiC;AACzC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AACA,UAAM,WAAW,MAAM,MAAM,aAAa,kBAAkB,OAAO,EAAE,GAAG;AAAA,MACtE,QAAQ;AAAA,MACR;AAAA,IACF,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,wBAAwB,SAAS,UAAU,EAAE;AAAA,IAC9E;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OACJ,SACA,QACA,aAIgB;AAChB,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,eAAe,IAAI,UAAU,YAAY,KAAK;AAAA,IACxD,WAAW,YAAY,WAAW;AAChC,cAAQ,cAAc,IAAI,YAAY;AAAA,IACxC,OAAO;AACL,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AAEA,UAAM,WAAW,MAAM,MAAM,aAAa,kBAAkB,OAAO,EAAE,GAAG;AAAA,MACtE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,EAAE,OAAO,CAAC;AAAA,IACjC,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,2BAA2B,SAAS,UAAU,EAAE;AAAA,IACjF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,gBACJ,SACqC;AACrC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AACA,UAAM,WAAW,MAAM,MAAM,aAAa,sBAAsB,GAAG;AAAA,MACjE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,qCAAqC,SAAS,UAAU,EAAE;AAAA,IAC3F;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OACJ,SACA,SACA,aAIgB;AAChB,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,IAClB;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,eAAe,IAAI,UAAU,YAAY,KAAK;AAAA,IACxD,WAAW,YAAY,WAAW;AAChC,cAAQ,cAAc,IAAI,YAAY;AAAA,IACxC,OAAO;AACL,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AAEA,UAAM,WAAW,MAAM,MAAM,aAAa,kBAAkB,OAAO,EAAE,GAAG;AAAA,MACtE,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAS,MAAM,SAAS,KAAK;AACnC,YAAM,IAAI,MAAM,MAAM,SAAS,2BAA2B,SAAS,UAAU,EAAE;AAAA,IACjF;AAEA,UAAM,SAAU,MAAM,SAAS,KAAK;AACpC,WAAO,OAAO;AAAA,EAChB;AACF;;;AfpKA,2BAAc;AA7MP,IAAM,kBAAN,MAAsB;AAAA,EACX;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAER;AAAA,EACA;AAAA,EAER,YAAY,QAA0B,UAAmB;AACvD,QAAI,QAAQ;AACV,gBAAU,MAAM;AAAA,IAClB;AAGA,SAAK,aAAa,IAAI,WAAW,QAAQ;AAGzC,SAAK,QAAQ,IAAI,aAAa,KAAK,UAAU;AAC7C,SAAK,OAAO,IAAI,oBAAoB,KAAK,UAAU;AACnD,SAAK,KAAK,IAAI,UAAU,KAAK,YAAY,KAAK,OAAO,KAAK,IAAI;AAC9D,SAAK,KAAK,IAAI,UAAU,KAAK,UAAU;AACvC,SAAK,OAAO,IAAI,YAAY,KAAK,EAAE;AACnC,SAAK,SAAS,IAAI,cAAc,KAAK,EAAE;AACvC,SAAK,eAAe,IAAI,oBAAoB,KAAK,IAAI,KAAK,EAAE;AAC5D,SAAK,QAAQ,IAAI,aAAa,KAAK,EAAE;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,KAA8B;AACxC,QAAI,KAAK;AAEP,WAAK,eAAe,MAAM,KAAK,MAAM,OAAO,GAAG,EAAE,KAAK,CAAC,EAAE,MAAM,MAAM,KAAK;AAAA,IAC5E,OAAO;AAEL,WAAK,eAAe,MAAM,KAAK,MAAM,OAAO;AAAA,IAC9C;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAqC;AACnC,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAqC;AACzC,WAAO,KAAK,KAAK,kBAAkB;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAqC;AACzC,WAAO,KAAK,KAAK,kBAAkB;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,oBACJ,MACA,QACA,SAOiB;AACjB,WAAO,KAAK,GAAG;AAAA,MACb;AAAA,MACA;AAAA,QACE,MAAM,GAAG,IAAI,IAAI,MAAM;AAAA,QACvB,eAAe,QAAQ;AAAA,QACvB,KAAK;AAAA,MACP;AAAA,MACA;AAAA,QACE,WAAW,QAAQ;AAAA,QACnB,YAAY,QAAQ;AAAA,QACpB,SAAS,QAAQ;AAAA,QACjB,WAAW,QAAQ,aAAa;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,gBACJ,UACA,SACA,SAMiB;AACjB,WAAO,KAAK,GAAG;AAAA,MACb;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,MACA;AAAA,QACE,WAAW,QAAQ;AAAA,QACnB,YAAY,QAAQ;AAAA,QACpB,SAAS,QAAQ;AAAA,QACjB,WAAW,QAAQ,aAAa;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WACJ,MACA,QACA,QACA,KAC+B;AAC/B,UAAM,YAAY,KAAK,cAAc;AACrC,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,WAAO,KAAK,KAAK,OAAU,MAAM,QAAQ,QAAQ;AAAA,MAC/C;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,SACA,WACA,KACA,UACA;AACA,UAAM,YAAY,KAAK,cAAc;AACrC,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,WAAO,KAAK,OAAO,MAAM,SAAS;AAAA,MAChC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,OACA,KACA,SAKA;AACA,UAAM,YAAY,KAAK,cAAc;AACrC,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,WAAO,KAAK,OAAO,MAAM,OAAO;AAAA,MAC9B,GAAG;AAAA,MACH;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAGA,IAAI;AAEG,SAAS,UAAU,QAA0B,UAAoC;AACtF,MAAI,CAAC,eAAe;AAClB,oBAAgB,IAAI,gBAAgB,QAAQ,QAAQ;AAAA,EACtD;AACA,SAAO;AACT;;;AgBzNA,IAAAC,4BAKO;;;ACLP,+BAA+B;AAkBxB,IAAM,0BAAN,MAA8B;AAAA,EAC3B,UAAqD,oBAAI,IAAI;AAAA;AAAA;AAAA;AAAA,EAKrE,MAAM,sBACJ,iBACA,QACe;AACf,UAAM,iBAAiB,KAAK,QAAQ,IAAI,eAAe;AACvD,UAAM,MAAM,oBAAI,KAAK;AAErB,UAAM,YAA0C;AAAA,MAC9C;AAAA,MACA,eAAe,OAAO,iBAAiB,CAAC;AAAA,MACxC,uBAAuB,OAAO,yBAAyB,oBAAI,IAAI;AAAA,MAC/D,WAAW,gBAAgB,aAAa;AAAA,MACxC,WAAW;AAAA,IACb;AAEA,SAAK,QAAQ,IAAI,iBAAiB,SAAS;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,sBAAsB,iBAAuE;AACjG,WAAO,KAAK,QAAQ,IAAI,eAAe,KAAK;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,wBACJ,iBACA,gBACA,QACe;AACf,QAAI,YAAY,KAAK,QAAQ,IAAI,eAAe;AAEhD,QAAI,CAAC,WAAW;AACd,YAAM,MAAM,oBAAI,KAAK;AACrB,kBAAY;AAAA,QACV;AAAA,QACA,eAAe,CAAC;AAAA,QAChB,uBAAuB,oBAAI,IAAI;AAAA,QAC/B,WAAW;AAAA,QACX,WAAW;AAAA,MACb;AAAA,IACF;AAEA,cAAU,sBAAsB,IAAI,gBAAgB,MAAM;AAC1D,cAAU,YAAY,oBAAI,KAAK;AAE/B,SAAK,QAAQ,IAAI,iBAAiB,SAAS;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,6BACJ,iBACA,gBACA,iBAMC;AACD,UAAM,YAAY,KAAK,QAAQ,IAAI,eAAe;AAElD,QAAI,CAAC,WAAW;AAEd,aAAO,KAAK,wBAAwB,gBAAgB,eAAe;AAAA,IACrE;AAEA,UAAM,aAAa,UAAU,sBAAsB,IAAI,cAAc;AAErE,QAAI,CAAC,YAAY;AAEf,aAAO;AAAA,QACL,iBAAiB,mBAAmB,UAAU;AAAA,QAC9C,iBAAiB,CAAC;AAAA,QAClB,eAAe,CAAC;AAAA,QAChB,YAAY;AAAA,MACd;AAAA,IACF;AAGA,QAAI,kBAAkB,mBAAmB,WAAW;AAGpD,sBAAkB,gBAAgB;AAAA,MAAO,WACvC,CAAC,WAAW,cAAc,SAAS,KAAK;AAAA,IAC1C;AAEA,WAAO;AAAA,MACL;AAAA,MACA,iBAAiB,WAAW;AAAA,MAC5B,eAAe,WAAW;AAAA,MAC1B,YAAY,WAAW,eAAe;AAAA,IACxC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,wBACN,gBACA,iBAMA;AACA,UAAM,iBAA8E;AAAA,MAClF,CAAC,wCAAe,cAAc,GAAG;AAAA,QAC/B,iBAAiB,CAAC,eAAe,WAAW;AAAA,QAC5C,iBAAiB,CAAC,MAAM;AAAA,QACxB,eAAe,CAAC,cAAc,QAAQ;AAAA,MACxC;AAAA,MACA,CAAC,wCAAe,WAAW,GAAG;AAAA,QAC5B,iBAAiB,CAAC,WAAW,QAAQ,eAAe;AAAA,QACpD,iBAAiB,CAAC;AAAA,QAClB,eAAe,CAAC,cAAc,QAAQ;AAAA,MACxC;AAAA,MACA,CAAC,wCAAe,KAAK,GAAG;AAAA,QACtB,iBAAiB,CAAC,cAAc,OAAO;AAAA,QACvC,iBAAiB,CAAC,cAAc;AAAA,QAChC,eAAe,CAAC,cAAc,UAAU,YAAY;AAAA,MACtD;AAAA,MACA,CAAC,wCAAe,SAAS,GAAG;AAAA,QAC1B,iBAAiB,CAAC,UAAU,cAAc,UAAU;AAAA,QACpD,iBAAiB,CAAC,MAAM;AAAA,QACxB,eAAe,CAAC,UAAU,aAAa;AAAA,MACzC;AAAA,MACA,CAAC,wCAAe,SAAS,GAAG;AAAA,QAC1B,iBAAiB,mBAAmB,CAAC;AAAA,QACrC,iBAAiB,CAAC;AAAA,QAClB,eAAe,CAAC,cAAc,QAAQ;AAAA,MACxC;AAAA,MACA,CAAC,wCAAe,OAAO,GAAG;AAAA,QACxB,iBAAiB,CAAC,UAAU,YAAY,WAAU,UAAU,eAAe,QAAQ,eAAe;AAAA,QAClG,iBAAiB,CAAC,WAAW,gBAAgB,aAAa;AAAA,QAC1D,eAAe,CAAC,aAAa,cAAc,UAAU,mBAAmB;AAAA,MAC1E;AAAA,IACF;AAEA,UAAM,SAAS,eAAe,cAAc,KAAK,eAAe,wCAAe,SAAS;AAExF,WAAO;AAAA,MACL,iBAAiB,mBAAmB,OAAO,mBAAmB,CAAC;AAAA,MAC/D,iBAAiB,OAAO,mBAAmB,CAAC;AAAA,MAC5C,eAAe,OAAO,iBAAiB,CAAC;AAAA,MACxC,YAAY;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BACJ,iBACA,gBACA,iBAMC;AACD,UAAM,SAAS,MAAM,KAAK,6BAA6B,iBAAiB,gBAAgB,eAAe;AACvG,UAAM,SAAmB,CAAC;AAC1B,UAAM,iBAA2B,CAAC;AAGlC,UAAM,kBAAkB,gBAAgB;AAAA,MAAO,WAC7C,OAAO,cAAc,SAAS,KAAK;AAAA,IACrC;AAEA,QAAI,gBAAgB,SAAS,GAAG;AAC9B,qBAAe,KAAK,GAAG,eAAe;AACtC,aAAO,KAAK,sCAAsC,gBAAgB,KAAK,IAAI,CAAC,EAAE;AAAA,IAChF;AAEA,UAAM,gBAAgB,gBAAgB;AAAA,MAAO,WAC3C,CAAC,OAAO,cAAc,SAAS,KAAK;AAAA,IACtC;AAEA,WAAO;AAAA,MACL,OAAO,OAAO,WAAW;AAAA,MACzB;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,uBAAgE;AACpE,WAAO,MAAM,KAAK,KAAK,QAAQ,OAAO,CAAC;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,yBAAyB,iBAA2C;AACxE,WAAO,KAAK,QAAQ,OAAO,eAAe;AAAA,EAC5C;AACF;;;ADzNO,IAAM,eAAN,MAAmB;AAAA,EAChB;AAAA,EACA;AAAA,EAER,YAAY,YAAyB,mBAA6C;AAChF,SAAK,aAAa,cAAc,IAAI,WAAW;AAC/C,SAAK,oBAAoB,qBAAqB,IAAI,wBAAwB;AAE1E,gBAAY,cAAc,KAAK,UAAU;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,SAA2D;AAE5E,QAAI,CAAC,QAAQ,UAAU,CAAC,QAAQ,SAAS;AACvC,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACxD;AAGA,UAAM,aAAa,MAAM,KAAK,WAAW,OAAO,QAAQ,MAAM;AAC9D,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,qCAAqC,QAAQ,MAAM,EAAE;AAAA,IACvE;AAGA,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,MAAM,KAAK,MAAM,IAAI,QAAQ,IAAI,GAAI;AAG3C,UAAM,iBAAiB,QAAQ,kBAAkB,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,KAAK,KAAK,GAAI;AAC7F,UAAM,MAAM,KAAK,MAAM,eAAe,QAAQ,IAAI,GAAI;AAGtD,UAAM,YAAY;AAAA,MAChB,KAAK,QAAQ;AAAA,MACb,KAAK,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA,KAAK,QAAQ,QAAQ,yCAAe;AAAA;AAAA;AAAA,MAEpC,GAAG,QAAQ;AAAA,IACb;AAGA,UAAM,mBAAmB,MAAM,KAAK,kBAAkB;AAAA,MACpD,QAAQ;AAAA,MACR,QAAQ,QAAQ,yCAAe;AAAA,MAC/B,QAAQ;AAAA,IACV;AAGA,UAAM,aAAa,MAAM,YAAY;AAAA,MACnC;AAAA,MACA;AAAA,MACA,iBAAiB;AAAA,IACnB;AAEA,WAAO;AAAA,MACL;AAAA,MACA,QAAQ,QAAQ;AAAA,MAChB,SAAS,QAAQ;AAAA,MACjB,MAAM,QAAQ,QAAQ,yCAAe;AAAA,MACrC,WAAW;AAAA,IACb;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,YAAkD;AACpE,QAAI;AAEF,UAAI,CAAC,cAAc,OAAO,eAAe,UAAU;AACjD,eAAO;AAAA,UACL,OAAO;AAAA,UACP,OAAO;AAAA,QACT;AAAA,MACF;AAGA,YAAM,SAAS,MAAM,YAAY,YAAY,UAAU;AAEvD,UAAI,CAAC,OAAO,SAAS,CAAC,OAAO,SAAS;AACpC,eAAO;AAAA,UACL,OAAO;AAAA,UACP,OAAO,OAAO,SAAS;AAAA,QACzB;AAAA,MACF;AAEA,aAAO;AAAA,QACL,OAAO;AAAA,QACP,SAAS;AAAA,UACP,KAAK,OAAO,QAAQ;AAAA,UACpB,KAAK,OAAO,QAAQ;AAAA,UACpB,KAAK,OAAO,QAAQ;AAAA,UACpB,KAAK,OAAO,QAAQ;AAAA,UACpB,KAAK,OAAO,QAAQ;AAAA;AAAA,UAEpB,GAAG,OAAO;AAAA,YACR,OAAO,QAAQ,OAAO,OAAO,EAAE;AAAA,cAAO,CAAC,CAAC,GAAG,MACzC,CAAC,CAAC,OAAO,OAAO,OAAO,OAAO,KAAK,EAAE,SAAS,GAAG;AAAA,YACnD;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,aAAO;AAAA,QACL,OAAO;AAAA,QACP,OAAO,uBAAuB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,6BACJ,UACA,WACA,aACA,WACA,kBAAkB,IACW;AAC7B,UAAM,iBAAiB,IAAI,KAAK,KAAK,IAAI,IAAI,kBAAkB,KAAK,KAAK,GAAI;AAE7E,WAAO,KAAK,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,MAAM,yCAAe;AAAA,MACrB,QAAQ;AAAA,QACN;AAAA,QACA;AAAA,QACA,MAAM;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA,2BAA2B,CAAC,aAAa;AAAA,IAC3C,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BACJ,UACA,UACA,SACA,WACA,WACA,kBAAkB,IACW;AAC7B,UAAM,iBAAiB,IAAI,KAAK,KAAK,IAAI,IAAI,kBAAkB,KAAK,KAAK,GAAI;AAE7E,WAAO,KAAK,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,MAAM,yCAAe;AAAA,MACrB,QAAQ;AAAA,QACN,MAAM;AAAA,QACN;AAAA,QACA;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA,2BAA2B,CAAC,WAAW,MAAM;AAAA,IAC/C,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,yBACJ,UACA,iBACA,WACA,WACA,kBAAkB,IACW;AAC7B,UAAM,iBAAiB,IAAI,KAAK,KAAK,IAAI,IAAI,kBAAkB,KAAK,KAAK,GAAI;AAE7E,WAAO,KAAK,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,MAAM,yCAAe;AAAA,MACrB,QAAQ;AAAA,QACN;AAAA,QACA;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA,2BAA2B,CAAC,iBAAiB;AAAA,IAC/C,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBACJ,UACA,OACA,WACA,WACA,kBAAkB,GACW;AAC7B,UAAM,iBAAiB,IAAI,KAAK,KAAK,IAAI,IAAI,kBAAkB,KAAK,KAAK,GAAI;AAE7E,WAAO,KAAK,aAAa;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,MAAM,yCAAe;AAAA,MACrB,QAAQ;AAAA,QACN;AAAA,QACA;AAAA,QACA,YAAY,UAAU,WAAW,UAAU;AAAA,MAC7C;AAAA,MACA;AAAA,MACA;AAAA,MACA,2BAA2B,CAAC,cAAc,OAAO;AAAA,IACnD,CAAC;AAAA,EACH;AACF;;;AEpNO,IAAM,qBAAN,MAAyB;AAAA,EACtB;AAAA,EACA;AAAA,EAER,YAAY,YAAwB,QAAqC;AACvE,SAAK,aAAa;AAClB,SAAK,SAAS;AAAA,MACZ,kBAAkB,KAAK;AAAA;AAAA,MACvB,aAAa;AAAA;AAAA,MACb,kBAAkB;AAAA;AAAA,MAClB,GAAG;AAAA,IACL;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAoB,iBAAmD;AAG3E,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,mBAAmB,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,OAAO,mBAAmB,KAAK,KAAK,GAAI;AAE/F,WAAO;AAAA,MACL,cAAc;AAAA,MACd;AAAA,MACA,SAAS,CAAC;AAAA,MACV,eAAe;AAAA,MACf,eAAe;AAAA,IACjB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,uBAAuB,iBAI1B;AAKD,UAAM,IAAI,MAAM,0HAA0H;AAAA,EAC5I;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BAA0B,iBAI5B;AAEF,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,iBAInB;AACD,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,sBAAsB,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,OAAO,mBAAmB,KAAK,KAAK,GAAI;AAGlG,UAAM,gBAAgB;AAEtB,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,mBAAmB;AAAA;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,WAA6C;AACxD,SAAK,SAAS;AAAA,MACZ,GAAG,KAAK;AAAA,MACR,GAAG;AAAA,IACL;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAA+B;AAC7B,WAAO,EAAE,GAAG,KAAK,OAAO;AAAA,EAC1B;AACF;;;ACpGO,IAAM,iBAAN,MAAqB;AAAA,EAClB,UAAqC,oBAAI,IAAI;AAAA,EAC7C,aAAgC,CAAC;AAAA,EACjC,sBAAsB;AAAA;AAAA;AAAA;AAAA,EAK9B,eAAe,WAA+B,UAAwC;AACpF,UAAM,cAAc,GAAG,SAAS,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC,CAAC;AACzF,UAAM,YAAY,YAAY,IAAI;AAGlC,SAAK,WAAW,KAAK;AAAA,MACnB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT,SAAS;AAAA,MACT,GAAG;AAAA,IACL,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,aAAqB,SAAkB,OAAsB;AACxE,UAAM,UAAU,YAAY,IAAI;AAChC,UAAM,YAAY,KAAK,WAAW,KAAK,WAAW,SAAS,CAAC;AAE5D,QAAI,WAAW;AACb,gBAAU,UAAU;AACpB,gBAAU,UAAU;AACpB,gBAAU,QAAQ;AAGlB,WAAK,cAAc,SAAS;AAAA,IAC9B;AAGA,QAAI,KAAK,WAAW,SAAS,KAAK,qBAAqB;AACrD,WAAK,aAAa,KAAK,WAAW,MAAM,CAAC,KAAK,mBAAmB;AAAA,IACnE;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,WAAkC;AACtD,UAAM,MAAM,UAAU,aAAa;AACnC,QAAI,UAAU,KAAK,QAAQ,IAAI,GAAG;AAElC,QAAI,CAAC,SAAS;AACZ,gBAAU;AAAA,QACR,eAAe;AAAA,QACf,mBAAmB;AAAA,QACnB,iBAAiB;AAAA,QACjB,qBAAqB;AAAA,QACrB,qBAAqB;AAAA,QACrB,yBAAyB;AAAA,QACzB,cAAc;AAAA,QACd,cAAc,oBAAI,KAAK;AAAA,MACzB;AAAA,IACF;AAEA,UAAM,WAAW,UAAU,UAAU,UAAU;AAE/C,QAAI,UAAU,cAAc,SAAS;AACnC,cAAQ;AACR,UAAI,CAAC,UAAU,SAAS;AACtB,gBAAQ;AAAA,MACV;AAEA,cAAQ,uBACL,QAAQ,uBAAuB,QAAQ,gBAAgB,KAAK,YAC7D,QAAQ;AAAA,IACZ,OAAO;AACL,cAAQ;AACR,UAAI,CAAC,UAAU,SAAS;AACtB,gBAAQ;AAAA,MACV;AAEA,cAAQ,2BACL,QAAQ,2BAA2B,QAAQ,oBAAoB,KAAK,YACrE,QAAQ;AAAA,IACZ;AAEA,YAAQ,eAAe,oBAAI,KAAK;AAChC,SAAK,QAAQ,IAAI,KAAK,OAAO;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW,WAAyC;AAClD,UAAM,MAAM,aAAa;AACzB,WAAO,KAAK,QAAQ,IAAI,GAAG,KAAK;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,gBAA2C;AACzC,WAAO,IAAI,IAAI,KAAK,OAAO;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,QAAQ,KAAwB;AAClD,WAAO,KAAK,WAAW,MAAM,CAAC,KAAK;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,oBAKE;AACA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,eAAe,MAAM;AAE3B,UAAM,YAAY,KAAK,WAAW,OAAO,QAAM,GAAG,YAAY,YAAY;AAC1E,UAAM,gBAAgB,KAAK,WAAW,OAAO,QAAM,GAAG,OAAO;AAE7D,UAAM,gBAAgB,KAAK,WAAW,OAAO,CAAC,KAAK,OAAO,OAAO,GAAG,UAAU,GAAG,YAAY,CAAC;AAE9F,WAAO;AAAA,MACL,iBAAiB,KAAK,WAAW;AAAA,MACjC,aAAa,KAAK,WAAW,SAAS,IAAI,cAAc,SAAS,KAAK,WAAW,SAAS;AAAA,MAC1F,qBAAqB,KAAK,WAAW,SAAS,IAAI,gBAAgB,KAAK,WAAW,SAAS;AAAA,MAC3F,qBAAqB,UAAU;AAAA,IACjC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,mBAAmB,WAAmB,KAAoB;AACxD,UAAM,MAAM,aAAa;AACzB,QAAI,UAAU,KAAK,QAAQ,IAAI,GAAG;AAElC,QAAI,CAAC,SAAS;AACZ,gBAAU;AAAA,QACR,eAAe;AAAA,QACf,mBAAmB;AAAA,QACnB,iBAAiB;AAAA,QACjB,qBAAqB;AAAA,QACrB,qBAAqB;AAAA,QACrB,yBAAyB;AAAA,QACzB,cAAc;AAAA,QACd,cAAc,oBAAI,KAAK;AAAA,MACzB;AAAA,IACF;AAGA,UAAM,cAAc,QAAQ;AAC5B,UAAM,UAAU,MAAM,KAAK,IAAI,GAAG,cAAc,GAAG,IAAI,KAAK,IAAI,GAAG,cAAc,GAAG;AACpF,YAAQ,eAAe;AACvB,YAAQ,eAAe,oBAAI,KAAK;AAEhC,SAAK,QAAQ,IAAI,KAAK,OAAO;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,WAA0B;AACrC,QAAI,WAAW;AACb,WAAK,QAAQ,OAAO,SAAS;AAAA,IAC/B,OAAO;AACL,WAAK,QAAQ,MAAM;AACnB,WAAK,aAAa,CAAC;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,gBAIE;AACA,WAAO;AAAA,MACL,mBAAmB,OAAO,YAAY,KAAK,OAAO;AAAA,MAClD,kBAAkB,KAAK,oBAAoB,EAAE;AAAA,MAC7C,SAAS,KAAK,kBAAkB;AAAA,IAClC;AAAA,EACF;AACF;;;AC1LO,IAAM,oBAAN,MAAwB;AAAA,EACrB,kBAA+C,oBAAI,IAAI;AAAA,EACvD,qBAAwD,oBAAI,IAAI;AAAA;AAAA;AAAA;AAAA,EAKxE,MAAM,qBACJ,QACA,OAAiD,kBACjD,UAAuC,cACd;AACzB,UAAM,KAAK,GAAG,MAAM,oBAAoB,KAAK,IAAI,CAAC;AAClD,UAAM,MAAM,oBAAI,KAAK;AAErB,UAAM,iBAAiC;AAAA,MACrC;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe;AAAA,MACf,aAAa,KAAK,qBAAqB,GAAM;AAAA;AAAA,MAC7C,SAAS,CAAC;AAAA,MACV,WAAW;AAAA,MACX,WAAW;AAAA,IACb;AAEA,SAAK,gBAAgB,IAAI,IAAI,cAAc;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,8BACJ,cACA,QACA,aAC+B;AAC/B,UAAM,iBAAiB,KAAK,gBAAgB,IAAI,MAAM;AACtD,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,8BAA8B,MAAM,EAAE;AAAA,IACxD;AAGA,UAAM,QAAQ,eAAe,KAAK,uBAAuB,MAAM;AAE/D,UAAM,aAAmC;AAAA,MACvC,IAAI,GAAG,YAAY;AAAA,MACnB,MAAM;AAAA,MACN,iBAAiB;AAAA,MACjB,sBAAsB;AAAA,IACxB;AAEA,SAAK,mBAAmB,IAAI,cAAc,UAAU;AACpD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBACJ,cACA,QACA,WACkB;AAClB,UAAM,aAAa,KAAK,mBAAmB,IAAI,YAAY;AAC3D,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,gDAAgD,YAAY,EAAE;AAAA,IAChF;AAEA,UAAM,iBAAiB,KAAK,gBAAgB,IAAI,WAAW,oBAAoB;AAC/E,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,8BAA8B,WAAW,oBAAoB,EAAE;AAAA,IACjF;AAGA,UAAM,mBAAmB,KAAK;AAAA,MAC5B,eAAe;AAAA,MACf,WAAW;AAAA,MACX;AAAA,IACF;AAGA,UAAM,kBAAuC;AAAA,MAC3C;AAAA,MACA,gBAAgB,oBAAI,KAAK;AAAA,MACzB;AAAA,MACA,WAAW,aAAa;AAAA,IAC1B;AAEA,mBAAe,cAAc;AAC7B,mBAAe,QAAQ,KAAK,eAAe;AAC3C,mBAAe,YAAY,oBAAI,KAAK;AAGpC,eAAW,mBAAmB;AAC9B,eAAW,iBAAiB,oBAAI,KAAK;AAErC,SAAK,gBAAgB,IAAI,eAAe,IAAI,cAAc;AAC1D,SAAK,mBAAmB,IAAI,cAAc,UAAU;AAEpD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAoB,cAKvB;AACD,UAAM,aAAa,KAAK,mBAAmB,IAAI,YAAY;AAC3D,QAAI,CAAC,YAAY;AACf,aAAO,EAAE,SAAS,MAAM;AAAA,IAC1B;AAEA,UAAM,iBAAiB,KAAK,gBAAgB,IAAI,WAAW,oBAAoB;AAC/E,QAAI,CAAC,gBAAgB;AACnB,aAAO,EAAE,SAAS,MAAM;AAAA,IAC1B;AAEA,UAAM,YAAY,KAAK;AAAA,MACrB,eAAe;AAAA,MACf,WAAW;AAAA,IACb;AAEA,QAAI,CAAC,WAAW;AACd,aAAO,EAAE,SAAS,MAAM;AAAA,IAC1B;AAGA,UAAM,QAAQ,eAAe,QAAQ,KAAK,OAAK,EAAE,iBAAiB,YAAY;AAE9E,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,OAAO;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,WAAW,OAAO;AAAA,IACpB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBAAoB,cAA4D;AACpF,WAAO,KAAK,mBAAmB,IAAI,YAAY,KAAK;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkB,QAAgD;AACtE,WAAO,KAAK,gBAAgB,IAAI,MAAM,KAAK;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,yBAAyB,QAA2C;AACxE,WAAO,MAAM,KAAK,KAAK,gBAAgB,OAAO,CAAC,EAAE,OAAO,UAAQ,KAAK,WAAW,MAAM;AAAA,EACxF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkB,cAAwC;AAC9D,UAAM,aAAa,KAAK,mBAAmB,IAAI,YAAY;AAC3D,QAAI,CAAC,YAAY;AACf,YAAM,IAAI,MAAM,gDAAgD,YAAY,EAAE;AAAA,IAChF;AAEA,UAAM,iBAAiB,KAAK,gBAAgB,IAAI,WAAW,oBAAoB;AAC/E,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,8BAA8B,WAAW,oBAAoB,EAAE;AAAA,IACjF;AAGA,UAAM,mBAAmB,KAAK;AAAA,MAC5B,eAAe;AAAA,MACf,WAAW;AAAA,MACX;AAAA,IACF;AAEA,mBAAe,cAAc;AAC7B,mBAAe,YAAY,oBAAI,KAAK;AAGpC,WAAO,WAAW;AAClB,WAAO,WAAW;AAElB,SAAK,gBAAgB,IAAI,eAAe,IAAI,cAAc;AAC1D,SAAK,mBAAmB,IAAI,cAAc,UAAU;AAEpD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAqB,MAAsB;AACjD,UAAM,QAAQ,KAAK,KAAK,OAAO,CAAC;AAChC,UAAM,SAAS,OAAO,MAAM,OAAO,CAAC;AACpC,WAAO,OAAO,SAAS,QAAQ;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAe,eAAuB,OAAe,OAAwB;AACnF,UAAM,SAAS,OAAO,KAAK,eAAe,QAAQ;AAClD,UAAM,YAAY,KAAK,MAAM,QAAQ,CAAC;AACtC,UAAM,WAAW,QAAQ;AAEzB,QAAI,aAAa,OAAO,QAAQ;AAC9B,YAAM,IAAI,MAAM,aAAa,KAAK,wCAAwC,OAAO,SAAS,CAAC,EAAE;AAAA,IAC/F;AAEA,QAAI,OAAO;AACT,aAAO,SAAS,KAAM,KAAM,IAAI;AAAA,IAClC,OAAO;AACL,aAAO,SAAS,KAAK,EAAE,KAAM,IAAI;AAAA,IACnC;AAEA,WAAO,OAAO,SAAS,QAAQ;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAiB,eAAuB,OAAwB;AACtE,UAAM,SAAS,OAAO,KAAK,eAAe,QAAQ;AAClD,UAAM,YAAY,KAAK,MAAM,QAAQ,CAAC;AACtC,UAAM,WAAW,QAAQ;AAEzB,QAAI,aAAa,OAAO,QAAQ;AAC9B,aAAO;AAAA,IACT;AAEA,YAAQ,OAAO,SAAS,IAAK,KAAM,IAAI,cAAgB;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKQ,uBAAuB,QAAwB;AACrD,UAAM,cAAc,MAAM,KAAK,KAAK,mBAAmB,OAAO,CAAC,EAC5D,OAAO,YAAU,OAAO,yBAAyB,MAAM,EACvD,IAAI,YAAU,OAAO,eAAe;AAEvC,QAAI,QAAQ;AACZ,WAAO,YAAY,SAAS,KAAK,GAAG;AAClC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBAAqB,QAYjB;AACR,UAAM,OAAO,KAAK,gBAAgB,IAAI,MAAM;AAC5C,QAAI,CAAC,MAAM;AACT,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL,YAAY;AAAA,QACV;AAAA,QACA;AAAA,MACF;AAAA,MACA,IAAI,KAAK;AAAA,MACT,MAAM,CAAC,wBAAwB,0BAA0B;AAAA,MACzD,QAAQ,KAAK;AAAA,MACb,WAAW,KAAK,UAAU,YAAY;AAAA,MACtC,mBAAmB;AAAA,QACjB,IAAI,GAAG,KAAK,EAAE;AAAA,QACd,MAAM,KAAK;AAAA,QACX,eAAe,KAAK;AAAA,QACpB,aAAa,KAAK;AAAA,MACpB;AAAA,IACF;AAAA,EACF;AACF;;;AC9SA,IAAM,kBAA8C;AAAA,EAClD,4BAA4B;AAAA,EAC5B,kBAAkB;AAAA,EAClB,iBAAiB;AACnB;AAKO,IAAM,sBAAN,MAA0B;AAAA,EACvB;AAAA,EAER,YAAY,SAA+C;AACzD,SAAK,UAAU,EAAE,GAAG,iBAAiB,GAAG,QAAQ;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,SACE,aACA,SACA,oBACA,WAC4B;AAC5B,UAAM,aAAoC,CAAC;AAC3C,UAAM,WAAgC,CAAC;AAGvC,UAAM,mBAAmB,KAAK,gBAAgB,WAAW,YAAY,SAAS;AAC9E,QAAI,iBAAiB,WAAW;AAC9B,iBAAW,KAAK,iBAAiB,SAAS;AAAA,IAC5C;AAGA,UAAM,mBAAmB,KAAK;AAAA,MAC5B,YAAY;AAAA,MACZ;AAAA,IACF;AACA,QAAI,iBAAiB,WAAW;AAC9B,iBAAW,KAAK,iBAAiB,SAAS;AAAA,IAC5C;AACA,QAAI,iBAAiB,SAAS;AAC5B,eAAS,KAAK,iBAAiB,OAAO;AAAA,IACxC;AAGA,QAAI,YAAY,YAAY;AAC1B,YAAM,aAAa,KAAK;AAAA,QACtB,YAAY;AAAA,QACZ,IAAI,KAAK,QAAQ,SAAS;AAAA,MAC5B;AACA,UAAI,WAAW,WAAW;AACxB,mBAAW,KAAK,WAAW,SAAS;AAAA,MACtC;AACA,UAAI,WAAW,SAAS;AACtB,iBAAS,KAAK,WAAW,OAAO;AAAA,MAClC;AAAA,IACF;AAGA,QAAI,YAAY,eAAe,YAAY,YAAY,SAAS,KAAK,QAAQ,WAAW;AACtF,YAAM,WAAW,KAAK,iBAAiB,YAAY,aAAa,QAAQ,SAAS;AACjF,UAAI,SAAS,WAAW;AACtB,mBAAW,KAAK,SAAS,SAAS;AAAA,MACpC;AAAA,IACF;AAGA,QAAI,YAAY,kBAAkB,UAAa,QAAQ,cAAc,QAAW;AAC9E,YAAM,aAAa,KAAK,mBAAmB,YAAY,eAAe,QAAQ,SAAS;AACvF,UAAI,WAAW,WAAW;AACxB,mBAAW,KAAK,WAAW,SAAS;AAAA,MACtC;AACA,UAAI,WAAW,SAAS;AACtB,iBAAS,KAAK,WAAW,OAAO;AAAA,MAClC;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS,WAAW,WAAW;AAAA,MAC/B;AAAA,MACA;AAAA,MACA,cAAa,oBAAI,KAAK,GAAE,YAAY;AAAA,MACpC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,gBACE,gBACA,qBACqC;AACrC,UAAM,MAAM,oBAAI,KAAK;AAGrB,QAAI,kBAAkB,IAAI,KAAK,cAAc,IAAI,KAAK;AACpD,aAAO;AAAA,QACL,WAAW;AAAA,UACT,MAAM;AAAA,UACN,SAAS,oBAAoB,eAAe,YAAY,CAAC;AAAA,UACzD,SAAS,EAAE,WAAW,eAAe,YAAY,GAAG,KAAK,IAAI,YAAY,EAAE;AAAA,QAC7E;AAAA,MACF;AAAA,IACF;AAGA,QAAI,uBAAuB,IAAI,KAAK,mBAAmB,IAAI,KAAK;AAC9D,aAAO;AAAA,QACL,WAAW;AAAA,UACT,MAAM;AAAA,UACN,SAAS,yBAAyB,mBAAmB;AAAA,UACrD,SAAS,EAAE,WAAW,qBAAqB,KAAK,IAAI,YAAY,EAAE;AAAA,QACpE;AAAA,MACF;AAAA,IACF;AAEA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKA,qBACE,gBACA,oBACkE;AAClE,QAAI,mBAAmB,UAAa,uBAAuB,QAAW;AACpE,aAAO,CAAC;AAAA,IACV;AAEA,UAAM,YAAY,iBAAiB;AAEnC,QAAI,aAAa,GAAG;AAClB,aAAO;AAAA,QACL,WAAW;AAAA,UACT,MAAM;AAAA,UACN,SAAS,6BAA6B,cAAc,SAAS,kBAAkB;AAAA,UAC/E,SAAS,EAAE,gBAAgB,oBAAoB,WAAW,EAAE;AAAA,QAC9D;AAAA,MACF;AAAA,IACF;AAEA,QAAI,aAAa,KAAK,QAAQ,4BAA6B;AACzD,aAAO;AAAA,QACL,SAAS;AAAA,UACP,MAAM;AAAA,UACN,SAAS,QAAQ,SAAS,iCAAiC,cAAc;AAAA,UACzE,SAAS,EAAE,gBAAgB,oBAAoB,UAAU;AAAA,QAC3D;AAAA,MACF;AAAA,IACF;AAEA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKA,gBACE,YACA,aACkE;AAClE,UAAM,WAAW,WAAW,YAAY,KAAK,QAAQ;AAGrD,QAAI,WAAW,cAAc,WAAW,WAAW,SAAS,GAAG;AAC7D,YAAM,aAAa,KAAK,uBAAuB,aAAa,QAAQ;AACpE,UAAI,CAAC,WAAW,WAAW,SAAS,UAAU,GAAG;AAC/C,eAAO;AAAA,UACL,WAAW;AAAA,YACT,MAAM;AAAA,YACN,SAAS,gBAAgB,KAAK,WAAW,UAAU,CAAC;AAAA,YACpD,SAAS;AAAA,cACP;AAAA,cACA,aAAa,WAAW;AAAA,cACxB,iBAAiB,WAAW,WAAW,IAAI,OAAK,KAAK,WAAW,CAAC,CAAC;AAAA,YACpE;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,QAAI,WAAW,SAAS,WAAW,KAAK;AACtC,YAAM,iBAAiB,KAAK,kBAAkB,aAAa,QAAQ;AAGnE,UAAI,WAAW,SAAS,WAAW,KAAK;AACtC,YAAI,iBAAiB,WAAW,SAAS,iBAAiB,WAAW,KAAK;AACxE,iBAAO;AAAA,YACL,WAAW;AAAA,cACT,MAAM;AAAA,cACN,SAAS,iBAAiB,cAAc,gCAAgC,WAAW,KAAK,IAAI,WAAW,GAAG;AAAA,cAC1G,SAAS,EAAE,aAAa,gBAAgB,OAAO,WAAW,OAAO,KAAK,WAAW,KAAK,SAAS;AAAA,YACjG;AAAA,UACF;AAAA,QACF;AAAA,MACF,OAAO;AAEL,YAAI,iBAAiB,WAAW,SAAS,iBAAiB,WAAW,KAAK;AACxE,iBAAO;AAAA,YACL,WAAW;AAAA,cACT,MAAM;AAAA,cACN,SAAS,iBAAiB,cAAc,gCAAgC,WAAW,KAAK,IAAI,WAAW,GAAG;AAAA,cAC1G,SAAS,EAAE,aAAa,gBAAgB,OAAO,WAAW,OAAO,KAAK,WAAW,KAAK,SAAS;AAAA,YACjG;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAGA,YAAM,aAAa,KAAK,cAAc,WAAW,GAAG;AACpD,YAAM,iBAAiB,KAAK,cAAc,cAAc;AACxD,YAAM,kBAAkB,aAAa;AAErC,UAAI,kBAAkB,KAAK,mBAAmB,IAAI;AAChD,eAAO;AAAA,UACL,SAAS;AAAA,YACP,MAAM;AAAA,YACN,SAAS,QAAQ,eAAe;AAAA,YAChC,SAAS,EAAE,iBAAiB,WAAW,WAAW,IAAI;AAAA,UACxD;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKA,iBACE,WACA,WACqC;AAErC,QAAI,UAAU,SAAS,GAAG,GAAG;AAC3B,aAAO,CAAC;AAAA,IACV;AAGA,QAAI,UAAU,SAAS,SAAS,GAAG;AACjC,aAAO,CAAC;AAAA,IACV;AAGA,eAAW,SAAS,WAAW;AAC7B,UAAI,MAAM,SAAS,GAAG,GAAG;AACvB,YAAI,KAAK,WAAW,WAAW,KAAK,GAAG;AACrC,iBAAO,CAAC;AAAA,QACV;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,MACL,WAAW;AAAA,QACT,MAAM;AAAA,QACN,SAAS,cAAc,SAAS;AAAA,QAChC,SAAS,EAAE,WAAW,UAAU;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,mBACE,WACA,cACkE;AAClE,QAAI,eAAe,WAAW;AAC5B,aAAO;AAAA,QACL,WAAW;AAAA,UACT,MAAM;AAAA,UACN,SAAS,cAAc,YAAY,sBAAsB,SAAS;AAAA,UAClE,SAAS,EAAE,cAAc,UAAU;AAAA,QACrC;AAAA,MACF;AAAA,IACF;AAEA,UAAM,mBAAmB,YAAY,KAAK,QAAQ;AAClD,QAAI,eAAe,kBAAkB;AACnC,aAAO;AAAA,QACL,SAAS;AAAA,UACP,MAAM;AAAA,UACN,SAAS,cAAc,YAAY,6BAA6B,SAAS;AAAA,UACzE,SAAS,EAAE,cAAc,WAAW,iBAAiB;AAAA,QACvD;AAAA,MACF;AAAA,IACF;AAEA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAMQ,uBAAuB,MAAY,UAA0B;AACnE,QAAI;AACF,YAAM,UAAsC,EAAE,SAAS,SAAS,UAAU,SAAS;AACnF,YAAM,SAAS,KAAK,mBAAmB,SAAS,OAAO;AACvD,YAAM,SAAiC,EAAE,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,EAAE;AAChG,aAAO,OAAO,MAAM,KAAK,KAAK,OAAO;AAAA,IACvC,QAAQ;AACN,aAAO,KAAK,OAAO;AAAA,IACrB;AAAA,EACF;AAAA,EAEQ,kBAAkB,MAAY,UAA0B;AAC9D,QAAI;AACF,YAAM,UAAsC;AAAA,QAC1C,MAAM;AAAA,QACN,QAAQ;AAAA,QACR,QAAQ;AAAA,QACR,UAAU;AAAA,MACZ;AACA,aAAO,KAAK,mBAAmB,SAAS,OAAO;AAAA,IACjD,QAAQ;AACN,aAAO,KAAK,YAAY,EAAE,MAAM,IAAI,EAAE;AAAA,IACxC;AAAA,EACF;AAAA,EAEQ,WAAW,KAAqB;AACtC,UAAM,QAAQ,CAAC,UAAU,UAAU,WAAW,aAAa,YAAY,UAAU,UAAU;AAC3F,WAAO,MAAM,GAAG,KAAK;AAAA,EACvB;AAAA,EAEQ,cAAc,MAAsB;AAC1C,UAAM,CAAC,OAAO,OAAO,IAAI,KAAK,MAAM,GAAG,EAAE,IAAI,MAAM;AACnD,WAAO,QAAQ,KAAK;AAAA,EACtB;AAAA,EAEQ,WAAW,IAAY,MAAuB;AACpD,QAAI;AACF,YAAM,CAAC,OAAO,IAAI,IAAI,KAAK,MAAM,GAAG;AACpC,YAAM,OAAO,SAAS,MAAM,EAAE;AAE9B,YAAM,QAAQ,KAAK,WAAW,EAAE;AAChC,YAAM,WAAW,KAAK,WAAW,KAAK;AACtC,YAAM,UAAU,EAAE,MAAM,KAAK,QAAQ;AAErC,cAAQ,QAAQ,cAAc,WAAW;AAAA,IAC3C,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,WAAW,IAAoB;AACrC,UAAM,QAAQ,GAAG,MAAM,GAAG,EAAE,IAAI,MAAM;AACtC,YAAQ,MAAM,CAAC,KAAK,OAAO,MAAM,CAAC,KAAK,OAAO,MAAM,CAAC,KAAK,KAAK,MAAM,CAAC;AAAA,EACxE;AACF;AAKO,IAAM,6BAA6B,IAAI,oBAAoB;AAK3D,SAAS,oBACd,aACA,SACA,oBACA,WAC4B;AAC5B,SAAO,2BAA2B,SAAS,aAAa,SAAS,oBAAoB,SAAS;AAChG;;;AC9VA,iBAAkC;AAClC,yBAAuB;AAuLvB,sBAAe;AACf,uBAAiB;AArLjB,IAAM,mBAAmB;AAAA,EACvB,KAAK;AAAA,EACL,MAAM;AAAA,EACN,sBAAsB;AAAA,EACtB,UAAU,CAAC,UAAU,iBAAiB,sBAAsB,mBAAmB,SAAS;AAAA,EACxF,YAAY;AAAA,IACV,QAAQ,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IACvC,eAAe;AAAA,MACb,MAAM;AAAA,MACN,MAAM,CAAC,gBAAgB,cAAc,WAAW;AAAA,IAClD;AAAA,IACA,oBAAoB;AAAA,MAClB,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO;AAAA,QACL,MAAM;AAAA,QACN,MAAM,CAAC,UAAU,UAAU,SAAS,SAAS,QAAQ;AAAA,MACvD;AAAA,IACF;AAAA,IACA,iBAAiB;AAAA,MACf,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IACxC;AAAA,IACA,YAAY,EAAE,MAAM,SAAS;AAAA,IAC7B,cAAc,EAAE,MAAM,SAAS;AAAA;AAAA,IAC/B,aAAa,EAAE,MAAM,UAAU,sBAAsB,KAAK;AAAA,IAC1D,SAAS;AAAA,MACP,MAAM;AAAA,MACN,OAAO,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IACxC;AAAA,IACA,MAAM,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,UAAU,MAAM,EAAE;AAAA,IACxD,SAAS,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,EAC1C;AACF;AAEA,IAAM,uBAAuB;AAAA,EAC3B,KAAK;AAAA,EACL,MAAM;AAAA,EACN,sBAAsB;AAAA,EACtB,UAAU,CAAC,cAAc,YAAY,SAAS;AAAA,EAC9C,YAAY;AAAA,IACV,YAAY,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IAC3C,aAAa,EAAE,MAAM,SAAS;AAAA,IAC9B,UAAU;AAAA,MACR,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IACxC;AAAA,IACA,SAAS,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,EAC1C;AACF;AAEA,IAAM,iBAAiB;AAAA,EACrB,KAAK;AAAA,EACL,MAAM;AAAA,EACN,sBAAsB;AAAA,EACtB,UAAU,CAAC,oBAAoB,SAAS;AAAA,EACxC,YAAY;AAAA,IACV,kBAAkB,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,IACjD,SAAS;AAAA,MACP,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO,EAAE,MAAM,2CAA2C;AAAA,IAC5D;AAAA,IACA,cAAc;AAAA,MACZ,MAAM;AAAA,MACN,OAAO,EAAE,MAAM,+CAA+C;AAAA,IAChE;AAAA,EACF;AACF;AAUO,SAAS,YAAiB;AAC/B,QAAM,MAAM,IAAI,WAAAC,QAAI;AAAA,IAClB,WAAW;AAAA,IACX,QAAQ;AAAA,IACR,iBAAiB;AAAA;AAAA,EAEnB,CAAC;AACD,yBAAAC,SAAW,GAAG;AAEd,MAAI,UAAU,gBAAgB;AAC9B,MAAI,UAAU,oBAAoB;AAClC,MAAI,UAAU,cAAc;AAE5B,SAAO;AACT;AAMO,SAAS,uBAAuB,UAGrC;AACA,QAAM,MAAM,UAAU;AAGtB,QAAM,WAAW,IAAI,UAA0B,8CAA8C;AAC7F,MAAI,CAAC,UAAU;AACb,WAAO,EAAE,IAAI,OAAO,QAAQ,CAAC,uBAAuB,EAAE;AAAA,EACxD;AACA,QAAM,QAAQ,SAAS,QAAQ;AAC/B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,QAAQ,SAAS,SAAS,gBAAgB,SAAS,MAAwB,IAAI,CAAC;AAAA,IAClF;AAAA,EACF;AAEA,QAAM,QAAQ;AAId,QAAM,eAAyB,CAAC;AAChC,aAAW,KAAK,MAAM,SAAS;AAC7B,QAAI,EAAE,cAAc;AAClB,UAAI;AAEF,cAAM,QAAQ,IAAI,WAAAD,QAAI,EAAE,QAAQ,MAAM,WAAW,KAAK,CAAC;AACvD,+BAAAC,SAAW,KAAK;AAChB,cAAM,WAAW,MAAM,QAAQ,EAAE,YAAY;AAE7C,YAAI,SAAS,QAAQ,QAAQ;AAC3B,uBAAa;AAAA,YACX,IAAI,EAAE,MAAM,0BAA0B;AAAA,cACpC,SAAS;AAAA,YACX,EAAE,KAAK,IAAI,CAAC;AAAA,UACd;AAAA,QACF;AAAA,MACF,SAAS,GAAQ;AACf,qBAAa,KAAK,IAAI,EAAE,MAAM,2BAA2B,GAAG,WAAW,OAAO,CAAC,CAAC,EAAE;AAAA,MACpF;AAAA,IACF;AAAA,EACF;AAEA,MAAI,aAAa,QAAQ;AACvB,WAAO,EAAE,IAAI,OAAO,QAAQ,aAAa;AAAA,EAC3C;AAGA,MAAI,MAAM,cAAc,QAAQ;AAC9B,UAAM,aAAa,IAAI,IAAI,MAAM,QAAQ,IAAI,OAAK,EAAE,MAAM,CAAC;AAC3D,eAAW,KAAK,MAAM,cAAc;AAClC,iBAAW,OAAO,EAAE,UAAU;AAC5B,YAAI,CAAC,WAAW,IAAI,GAAG,GAAG;AACxB,uBAAa,KAAK,eAAe,EAAE,UAAU,8BAA8B,GAAG,EAAE;AAAA,QAClF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,MAAI,aAAa,QAAQ;AACvB,WAAO,EAAE,IAAI,OAAO,QAAQ,aAAa;AAAA,EAC3C;AAEA,SAAO,EAAE,IAAI,KAAK;AACpB;AAEA,SAAS,gBAAgB,QAA0C;AACjE,MAAI,CAAC,QAAQ,OAAQ,QAAO,CAAC;AAC7B,SAAO,OAAO,IAAI,OAAK;AACrB,UAAM,eAAe,EAAE,gBAAgB;AACvC,UAAM,MAAM,EAAE,WAAW;AACzB,UAAM,SAAS,EAAE,UAAU,OAAO,KAAK,EAAE,MAAM,EAAE,SAAS,KAAK,KAAK,UAAU,EAAE,MAAM,CAAC,MAAM;AAC7F,WAAO,GAAG,YAAY,KAAK,GAAG,GAAG,MAAM;AAAA,EACzC,CAAC;AACH;AAWA,eAAsB,2BAA2B,UAA2C;AAC1F,QAAM,MAAM,iBAAAC,QAAK,QAAQ,QAAQ;AACjC,QAAM,MAAM,MAAM,gBAAAC,QAAG,SAAS,KAAK,MAAM;AACzC,QAAM,OAAO,KAAK,MAAM,GAAG;AAE3B,QAAM,SAAS,uBAAuB,IAAI;AAC1C,MAAI,CAAC,OAAO,IAAI;AACd,UAAM,OAAO,OAAO,QAAQ,KAAK,OAAO,KAAK;AAC7C,UAAM,IAAI,MAAM;AAAA,KAAyC,IAAI,EAAE;AAAA,EACjE;AACA,SAAO;AACT;AAMO,SAAS,6BAA6B,KAA8B;AACzE,QAAM,SAAS,uBAAuB,GAAG;AACzC,MAAI,CAAC,OAAO,IAAI;AACd,UAAM,OAAO,OAAO,QAAQ,KAAK,OAAO,KAAK;AAC7C,UAAM,IAAI,MAAM;AAAA,KAAyC,IAAI,EAAE;AAAA,EACjE;AACA,SAAO;AACT;AAKO,SAAS,aAAa,KAA8C;AACzE,QAAM,MAAM,oBAAI,IAAwB;AACxC,aAAW,KAAK,IAAI,QAAS,KAAI,IAAI,EAAE,QAAQ,CAAC;AAChD,SAAO;AACT;AAGO,SAAS,kBAAkB,KAAkD;AAClF,QAAM,MAAM,oBAAI,IAA4B;AAC5C,aAAW,KAAK,IAAI,gBAAgB,CAAC,EAAG,KAAI,IAAI,EAAE,YAAY,CAAC;AAC/D,SAAO;AACT;AAGO,SAAS,kBAAkB,UAAmC,QAA0B;AAC7F,SAAO,SAAS,IAAI,MAAM,GAAG,mBAAmB,CAAC;AACnD;AAGO,SAAS,qBACd,UACA,QACY;AACZ,SAAQ,SAAS,IAAI,MAAM,GAAG,sBAAsB,CAAC;AACvD;;;ACxKO,SAAS,4BACd,UACA,WACU;AACV,QAAM,SAAS,aAAa,QAAQ;AACpC,QAAM,SAAS,kBAAkB,QAAQ;AAEzC,QAAM,MAAM,oBAAI,IAAY;AAC5B,aAAW,QAAQ,WAAW;AAC5B,QAAI,OAAO,IAAI,IAAI,GAAG;AACpB,UAAI,IAAI,IAAI;AACZ;AAAA,IACF;AACA,UAAM,MAAM,OAAO,IAAI,IAAI;AAC3B,QAAI,KAAK;AACP,iBAAW,OAAO,IAAI,SAAU,KAAI,IAAI,GAAG;AAC3C;AAAA,IACF;AAAA,EAEF;AACA,SAAO,CAAC,GAAG,GAAG;AAChB;AAwCA,eAAsB,oBACpB,OAC+B;AAC/B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,CAAC;AAAA,IAChB;AAAA,EACF,IAAI;AAGJ,QAAM,mBAAmB,4BAA4B,UAAU,SAAS;AACxE,QAAM,SAAS,aAAa,QAAQ;AAEpC,QAAM,UAAoB,CAAC;AAC3B,QAAM,WAAqB,CAAC;AAC5B,QAAM,gBAA+C,CAAC;AAKtD,QAAM,iBAAiB,cAAc,OAAO,OAAK,EAAE,SAAS,UAAU;AAMtE,aAAW,UAAU,kBAAkB;AACrC,UAAM,OAAO,OAAO,IAAI,MAAM;AAC9B,UAAM,IAAmB,CAAC;AAC1B,kBAAc,MAAM,IAAI;AAExB,QAAI,CAAC,MAAM;AACT,eAAS,KAAK,MAAM;AACpB;AAAA,IACF;AAGA,QAAI,eAAe,QAAQ;AACzB,UAAI,UAAU;AACd,iBAAW,MAAM,gBAAgB;AAC/B,cAAM,OAAO,qBAAqB,QAAQ,MAAM;AAChD,cAAM,KAAK,MAAM,MAAM;AAAA,UACrB;AAAA,UACA,KAAK,SAAS,OAAO,CAAC,SAAS,SAAS,UAAU,QAAQ;AAAA,UAC1D;AAAA,YACE,IAAI,GAAG;AAAA,YACP,MAAM,GAAG;AAAA,YACT,MAAM;AAAA;AAAA,UACR;AAAA,QACF;AACA,YAAI,IAAI;AACN,oBAAU;AACV;AAAA,QACF;AAAA,MACF;AACA,QAAE,QAAQ,EAAE,IAAI,SAAS,WAAW,qBAAqB,QAAQ,MAAM,EAAE;AACzE,UAAI,CAAC,SAAS;AACZ,iBAAS,KAAK,MAAM;AACpB;AAAA,MACF;AAAA,IACF;AAGA,UAAM,UAAU,MAAM,KAAK,SAAS;AAAA,MAClC,WAAW,EAAE,IAAI,eAAe,OAAO,CAAC,MAAM,EAAE;AAAA,MAChD,UAAU;AAAA,QACR,MAAM,eAAe,CAAC,GAAG,QAAQ,KAAK;AAAA,QACtC,IAAI,eAAe,CAAC,GAAG,MAAM;AAAA,QAC7B,MAAM,CAAC;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AACD,MAAE,OAAO,EAAE,IAAI,QAAQ,OAAO,QAAQ,QAAQ,QAAQ,QAAQ,QAAQ,OAAO;AAC7E,QAAI,CAAC,QAAQ,OAAO;AAClB,eAAS,KAAK,MAAM;AACpB;AAAA,IACF;AAIA,QAAI,UAAU;AACd,UAAM,WAAW,kBAAkB,QAAQ,MAAM;AACjD,QAAI,eAAe,UAAU,SAAS,QAAQ;AAE5C,gBAAU;AACV,iBAAW,MAAM,gBAAgB;AAC/B,cAAM,WAAW,4BAA4B,GAAG,IAAI;AACpD,cAAM,OAAO,MAAM,MAAM,YAAY,UAAU,IAAI,UAAU,aAAa;AAC1E,YAAI,MAAM;AACR,oBAAU;AACV;AAAA,QACF;AAAA,MACF;AAAA,IACF;AACA,MAAE,QAAQ,EAAE,IAAI,SAAS,SAAS;AAClC,QAAI,CAAC,SAAS;AACZ,eAAS,KAAK,MAAM;AACpB;AAAA,IACF;AAEA,YAAQ,KAAK,MAAM;AAAA,EACrB;AAEA,SAAO,EAAE,iBAAiB,SAAS,kBAAkB,UAAU,cAAc;AAC/E;AAEA,SAAS,4BAA4B,IAA4B;AAC/D,UAAQ,IAAI;AAAA,IACV,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,EACX;AACF;AAgCA,eAAsB,sBACpB,OACgC;AAChC,QAAM,EAAE,UAAU,UAAU,QAAQ,UAAU,SAAS,SAAS,OAAO,MAAM,OAAO,WAAW,IAC7F;AAEF,QAAM,SAAS,aAAa,QAAQ;AACpC,QAAM,OAAO,OAAO,IAAI,MAAM;AAC9B,MAAI,CAAC,MAAM;AACT,WAAO,EAAE,OAAO,OAAO,QAAQ,kBAAkB,OAAO,CAAC,EAAE;AAAA,EAC7D;AAEA,QAAM,QAAuB,CAAC;AAG9B,QAAM,OAAO,qBAAqB,QAAQ,MAAM;AAChD,QAAM,UAAU,MAAM,MAAM,MAAM,UAAU,KAAK,SAAS,OAAO,CAAC,QAAQ,GAAG,QAAQ;AACrF,QAAM,QAAQ,EAAE,IAAI,SAAS,WAAW,KAAK;AAC7C,MAAI,CAAC,SAAS;AACZ,WAAO,EAAE,OAAO,OAAO,QAAQ,gBAAgB,MAAM;AAAA,EACvD;AAGA,QAAM,KAAK,MAAM,WAAW,uBAAuB,OAAO;AAC1D,MAAI,gBAAgB,GAAG,iBAAiB,SAAS,MAAM,KAAK;AAE5D,MAAI,UAAU,mBAAmB,UAAU,GAAG,kBAAkB,CAAC,CAAC;AAElE,QAAM,aAAa,CAAC,GAAG,cAAc,IAAI,KAAK,GAAG,UAAU,EAAE,QAAQ,IAAI,KAAK,IAAI;AAElF,QAAM,aAAa;AAAA,IACjB,IAAI,iBAAiB,WAAW;AAAA,IAChC,gBAAgB;AAAA,IAChB,UAAU;AAAA,IACV;AAAA,EACF;AACA,MAAI,CAAC,MAAM,WAAW,IAAI;AACxB,WAAO,EAAE,OAAO,OAAO,QAAQ,qBAAqB,MAAM;AAAA,EAC5D;AAGA,QAAM,UAAU,MAAM,KAAK,SAAS;AAAA,IAClC,WAAW;AAAA,MACT,IAAI;AAAA,MACJ,OAAO,CAAC,OAAO;AAAA,MACf,QAAQ;AAAA,QACN,iBAAiB,GAAG;AAAA,QACpB,OAAO,GAAG;AAAA,MACZ;AAAA,IACF;AAAA,IACA,UAAU;AAAA,MACR,MAAM,SAAS;AAAA,MACf,IAAI,SAAS;AAAA,MACb,MAAM,SAAS,QAAQ,CAAC;AAAA,IAC1B;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,OAAO,EAAE,IAAI,QAAQ,OAAO,QAAQ,QAAQ,QAAQ,QAAQ,QAAQ,OAAO;AACjF,MAAI,CAAC,QAAQ,OAAO;AAClB,WAAO,EAAE,OAAO,OAAO,QAAQ,eAAe,MAAM;AAAA,EACtD;AAGA,QAAM,WAAW,4BAA4B,SAAS,IAAI;AAC1D,QAAM,iBAAiB,kBAAkB,QAAQ,MAAM;AACvD,QAAM,OAAO,MAAM,MAAM,YAAY,UAAU,SAAS,MAAM,gBAAgB,QAAQ;AACtF,QAAM,QAAQ;AAAA,IACZ,IAAI,CAAC,CAAC;AAAA,IACN,UAAU;AAAA,IACV,oBAAoB,MAAM;AAAA,EAC5B;AACA,MAAI,CAAC,MAAM;AACT,WAAO,EAAE,OAAO,OAAO,QAAQ,uBAAuB,OAAO,YAAY,KAAK;AAAA,EAChF;AAEA,SAAO,EAAE,OAAO,MAAM,OAAO,YAAY,KAAK;AAChD;AAIA,SAAS,mBAAmB,UAAuB,QAAkC;AACnF,aAAW,KAAK,QAAQ;AACtB,QAAI,EAAE,SAAS,YAAY;AACzB,UAAI,EAAE,SAAS,SAAS,QAAQ,EAAE,OAAO,SAAS,GAAI,QAAO;AAAA,IAC/D,WAAW,EAAE,SAAS,sBAAsB;AAC1C,UAAI,EAAE,OAAO,SAAS,KAAM,QAAO;AAAA,IACrC,WAAW,EAAE,SAAS,aAAa;AAGjC,aAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO;AACT;AAKO,IAAM,eAAN,MAA+C;AAAA,EACpD,MAAM,WAAkC;AACtC,WAAO,EAAE,OAAO,MAAM,QAAQ,YAAY;AAAA,EAC5C;AACF;AACO,IAAM,cAAN,MAA0C;AAAA,EAC/C,YACU,iBAA6B,CAAC,UAAU,UAAU,SAAS,SAAS,QAAQ,GACpF;AADQ;AAAA,EACP;AAAA,EACH,MAAM,MAAM,MAAc,WAAyC;AACjE,WAAO,UAAU,KAAK,OAAK,KAAK,eAAe,SAAS,CAAC,CAAC;AAAA,EAC5D;AACF;AACO,IAAM,aAAN,MAA4C;AAAA,EACjD,MAAM,YACJ,UACA,OACA,gBAC+B;AAE/B,QAAI,CAAC,eAAe,OAAQ,QAAO,EAAE,IAAI,GAAG,QAAQ,SAAS,UAAU,QAAQ,CAAC,EAAE;AAClF,WAAO,EAAE,IAAI,GAAG,QAAQ,SAAS,UAAU,QAAQ,eAAe;AAAA,EACpE;AACF;AACO,IAAM,kBAAN,MAA4C;AAAA,EACjD,YAAoB,IAAsB;AAAtB;AAAA,EAAuB;AAAA,EAC3C,MAAM,yBAAoD;AACxD,WAAO,KAAK;AAAA,EACd;AACF;;;ACjdO,IAAM,kBAAkB;AAAA,EAC7B,kBAAkB;AAAA,EAClB,SAAS;AAAA,IACP;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,YAAY;AAAA,MAC9B,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,MAAM,EAAE,MAAM,UAAU,WAAW,GAAG,WAAW,IAAM;AAAA,UACvD,WAAW,EAAE,MAAM,SAAS;AAAA,UAC5B,aAAa,EAAE,MAAM,QAAQ;AAAA,QAC/B;AAAA,QACA,UAAU,CAAC,MAAM;AAAA,QACjB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,aAAa;AAAA,MACzC,SAAS,CAAC,gBAAgB;AAAA,MAC1B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,oBAAoB,kBAAkB,cAAc,cAAc;AAAA,MACpF,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,QAAQ,EAAE,MAAM,SAAS;AAAA,UACzB,QAAQ,EAAE,MAAM,SAAS;AAAA,UACzB,OAAO,EAAE,MAAM,WAAW,SAAS,GAAG,SAAS,IAAK;AAAA,QACtD;AAAA,QACA,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,aAAa;AAAA,MACzC,SAAS,CAAC,cAAc;AAAA,MACxB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,mBAAmB,YAAY;AAAA,MACjD,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,MAAM,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACrC,WAAW,EAAE,MAAM,SAAS;AAAA,QAC9B;AAAA,QACA,UAAU,CAAC,QAAQ,WAAW;AAAA,QAC9B,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,aAAa;AAAA,MACzC,SAAS,CAAC,wBAAwB;AAAA,MAClC,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,QAAQ,aAAa;AAAA,MACvC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,MAAM,EAAE,MAAM,SAAS;AAAA,UACvB,KAAK,EAAE,MAAM,SAAS;AAAA,QACxB;AAAA,QACA,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,cAAc;AAAA,MAC1C,SAAS,CAAC,WAAW;AAAA,MACrB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,MAAM;AAAA,MACxB,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,OAAO,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACtC,MAAM,EAAE,MAAM,SAAS;AAAA,UACvB,QAAQ,EAAE,MAAM,SAAS,OAAO,EAAE,MAAM,SAAS,EAAE;AAAA,UACnD,WAAW,EAAE,MAAM,SAAS,OAAO,EAAE,MAAM,SAAS,EAAE;AAAA,QACxD;AAAA,QACA,UAAU,CAAC,OAAO;AAAA,QAClB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,eAAe;AAAA,MAC3C,SAAS,CAAC,cAAc;AAAA,MACxB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,MAAM;AAAA,MACxB,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,cAAc,EAAE,MAAM,WAAW,SAAS,EAAE;AAAA,UAC5C,MAAM,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,QACvC;AAAA,QACA,UAAU,CAAC,gBAAgB,MAAM;AAAA,QACjC,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,eAAe;AAAA,MAC3C,SAAS,CAAC,qBAAqB;AAAA,MAC/B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,MAAM;AAAA,MACxB,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,OAAO,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACtC,MAAM,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACrC,MAAM,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACrC,MAAM,EAAE,MAAM,SAAS;AAAA,UACvB,OAAO,EAAE,MAAM,UAAU;AAAA,QAC3B;AAAA,QACA,UAAU,CAAC,SAAS,QAAQ,MAAM;AAAA,QAClC,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,eAAe;AAAA,MAC3C,SAAS,CAAC,oBAAoB;AAAA,MAC9B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,SAAS,OAAO;AAAA,MACrC,iBAAiB,CAAC,MAAM;AAAA,MACxB,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,WAAW,EAAE,MAAM,WAAW,SAAS,EAAE;AAAA,UACzC,cAAc,EAAE,MAAM,UAAU,MAAM,CAAC,SAAS,UAAU,QAAQ,EAAE;AAAA,QACtE;AAAA,QACA,UAAU,CAAC,WAAW;AAAA,QACtB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,gBAAgB,yBAAyB,KAAK;AAAA,MAC1E,SAAS,CAAC,yBAAyB;AAAA,MACnC,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gDAAgD;AAAA,MAClE,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,QAAQ,EAAE,MAAM,SAAS;AAAA,QAC3B;AAAA,QACA,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,cAAc;AAAA,MAC1C,SAAS,CAAC,kBAAkB;AAAA,MAC5B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,4CAA4C;AAAA,MAC9D,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,UAAU,EAAE,MAAM,SAAS;AAAA,UAC3B,gBAAgB,EAAE,MAAM,SAAS;AAAA,QACnC;AAAA,QACA,UAAU,CAAC,gBAAgB;AAAA,QAC3B,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,gBAAgB,aAAa,GAAG;AAAA,MAC5D,SAAS,CAAC,oBAAoB;AAAA,MAC9B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,4CAA4C;AAAA,MAC9D,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,MAAM,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACrC,UAAU,EAAE,MAAM,SAAS;AAAA,UAC3B,kBAAkB,EAAE,MAAM,SAAS;AAAA,UACnC,gBAAgB,EAAE,MAAM,SAAS;AAAA,QACnC;AAAA,QACA,UAAU,CAAC,MAAM;AAAA,QACjB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,gBAAgB,aAAa,GAAG;AAAA,MAC5D,SAAS,CAAC,aAAa;AAAA,MACvB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gDAAgD;AAAA,MAClE,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,WAAW,EAAE,MAAM,SAAS;AAAA,UAC5B,GAAG,EAAE,MAAM,SAAS;AAAA,UACpB,WAAW,EAAE,MAAM,WAAW,SAAS,GAAG,SAAS,IAAK;AAAA,QAC1D;AAAA,QACA,UAAU,CAAC,WAAW;AAAA,QACtB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,cAAc;AAAA,MAC1C,SAAS,CAAC,eAAe;AAAA,MACzB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,kBAAkB,gBAAgB;AAAA,MACpD,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,KAAK,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACpC,YAAY,EAAE,MAAM,WAAW,SAAS,GAAG,SAAS,IAAI;AAAA,UACxD,SAAS,EAAE,MAAM,WAAW,SAAS,EAAE;AAAA,QACzC;AAAA,QACA,UAAU,CAAC,KAAK;AAAA,QAChB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,gBAAgB;AAAA,MAC1B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gBAAgB;AAAA,MAClC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,cAAc,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,QAC/C;AAAA,QACA,UAAU,CAAC,cAAc;AAAA,QACzB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,YAAY;AAAA,MACtB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gBAAgB;AAAA,MAClC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,QAAQ,EAAE,MAAM,SAAS;AAAA,QAC3B;AAAA,QACA,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,kBAAkB;AAAA,MAC5B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gBAAgB;AAAA,MAClC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,gBAAgB,EAAE,MAAM,SAAS;AAAA,UACjC,MAAM,EAAE,MAAM,SAAS;AAAA,QACzB;AAAA,QACA,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,gBAAgB;AAAA,MAC1B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gBAAgB;AAAA,MAClC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,SAAS,EAAE,MAAM,UAAU,SAAS,EAAE;AAAA,UACtC,OAAO,EAAE,MAAM,SAAS;AAAA,QAC1B;AAAA,QACA,UAAU,CAAC,SAAS;AAAA,QACpB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,iBAAiB;AAAA,MAC3B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,UAAU,SAAS,OAAO;AAAA,MACzD,iBAAiB,CAAC,gBAAgB;AAAA,MAClC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,UAAU,EAAE,MAAM,UAAU,SAAS,EAAE;AAAA,UACvC,YAAY,EAAE,MAAM,UAAU,SAAS,GAAG,SAAS,IAAI;AAAA,QACzD;AAAA,QACA,UAAU,CAAC,UAAU;AAAA,QACrB,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,YAAY;AAAA,MACxC,SAAS,CAAC,gBAAgB;AAAA,MAC1B,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,eAAe;AAAA,MACf,oBAAoB,CAAC,UAAU,QAAQ;AAAA,MACvC,iBAAiB,CAAC,iBAAiB;AAAA,MACnC,YAAY;AAAA,MACZ,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,YAAY;AAAA,UACV,YAAY,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UAC3C,SAAS,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UACxC,aAAa,EAAE,MAAM,SAAS;AAAA,UAC9B,WAAW,EAAE,MAAM,UAAU,WAAW,EAAE;AAAA,UAC1C,UAAU,EAAE,MAAM,SAAS;AAAA,UAC3B,UAAU,EAAE,MAAM,SAAS;AAAA,QAC7B;AAAA,QACA,UAAU,CAAC,cAAc,WAAW,WAAW;AAAA,QAC/C,sBAAsB;AAAA,MACxB;AAAA,MACA,aAAa,EAAE,aAAa,aAAa;AAAA,MACzC,SAAS,CAAC,cAAc;AAAA,MACxB,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,cAAc;AAAA,IACZ;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,8BAA8B,oBAAoB;AAAA,MAC7D,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,4BAA4B;AAAA,MACvC,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,cAAc;AAAA,MACzB,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,wBAAwB,iBAAiB;AAAA,MACpD,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,mBAAmB;AAAA,MAC9B,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,kBAAkB;AAAA,MAC7B,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,0BAA0B,kCAAkC;AAAA,MACvE,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,2BAA2B,0BAA0B;AAAA,MAChE,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,qBAAqB,kBAAkB,qBAAqB,mBAAmB,oBAAoB,wBAAwB;AAAA,MACtI,SAAS;AAAA,IACX;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,aAAa;AAAA,MACb,UAAU,CAAC,mBAAmB;AAAA,MAC9B,SAAS;AAAA,IACX;AAAA,EACF;AACF;;;AzB1YA,0BAAc,uCA7Dd;AAgEO,IAAM,UAAU;","names":["path","uuidv4","fs","path","os","import_uuid","uuidv4","fs","path","os","import_crypto_nodejs","import_ai_identity_types","Ajv","addFormats","path","fs"]}
|