@waku/rln 0.0.1 → 0.0.2-c41b319.0

package/bundle/packages/rln/dist/contract/rln_contract.js

@@ -0,0 +1,427 @@
+import '../../../interfaces/dist/protocols.js';
+import '../../../interfaces/dist/connection_manager.js';
+import '../../../interfaces/dist/health_indicator.js';
+import { hexToBytes } from '../../../utils/dist/bytes/index.js';
+import { Logger } from '../../../utils/dist/logger/index.js';
+import { MerkleRootTracker } from '../root_tracker.js';
+import { zeroPadLE } from '../utils/bytes.js';
+import { RLN_V2_ABI } from './abi/rlnv2.js';
+import { RATE_LIMIT_PARAMS, DEFAULT_RATE_LIMIT } from './constants.js';
+import { Contract } from '../../../../node_modules/@ethersproject/contracts/lib.esm/index.js';
+import { BigNumber } from '../../../../node_modules/@ethersproject/bignumber/lib.esm/bignumber.js';
+
+const log = new Logger("waku:rln:contract");
+var MembershipState;
+(function (MembershipState) {
+    MembershipState["Active"] = "Active";
+    MembershipState["GracePeriod"] = "GracePeriod";
+    MembershipState["Expired"] = "Expired";
+    MembershipState["ErasedAwaitsWithdrawal"] = "ErasedAwaitsWithdrawal";
+})(MembershipState || (MembershipState = {}));
+class RLNContract {
+    contract;
+    merkleRootTracker;
+    deployBlock;
+    rateLimit;
+    _members = new Map();
+    _membersFilter;
+    _membersRemovedFilter;
+    /**
+     * Asynchronous initializer for RLNContract.
+     * Allows injecting a mocked contract for testing purposes.
+     */
+    static async init(rlnInstance, options) {
+        const rlnContract = new RLNContract(rlnInstance, options);
+        await rlnContract.fetchMembers(rlnInstance);
+        rlnContract.subscribeToMembers(rlnInstance);
+        return rlnContract;
+    }
+    constructor(rlnInstance, options) {
+        const { address, signer, rateLimit = DEFAULT_RATE_LIMIT, contract } = options;
+        if (rateLimit < RATE_LIMIT_PARAMS.MIN_RATE ||
+            rateLimit > RATE_LIMIT_PARAMS.MAX_RATE) {
+            throw new Error(`Rate limit must be between ${RATE_LIMIT_PARAMS.MIN_RATE} and ${RATE_LIMIT_PARAMS.MAX_RATE} messages per epoch`);
+        }
+        this.rateLimit = rateLimit;
+        const initialRoot = rlnInstance.zerokit.getMerkleRoot();
+        // Use the injected contract if provided; otherwise, instantiate a new one.
+        this.contract =
+            contract || new Contract(address, RLN_V2_ABI, signer);
+        this.merkleRootTracker = new MerkleRootTracker(5, initialRoot);
+        // Initialize event filters for MembershipRegistered and MembershipRemoved
+        this._membersFilter = this.contract.filters.MembershipRegistered();
+        this._membersRemovedFilter = this.contract.filters.MembershipRemoved();
+    }
+    /**
+     * Gets the current rate limit for this contract instance
+     */
+    getRateLimit() {
+        return this.rateLimit;
+    }
+    /**
+     * Gets the minimum allowed rate limit from the contract
+     * @returns Promise<number> The minimum rate limit in messages per epoch
+     */
+    async getMinRateLimit() {
+        const minRate = await this.contract.minMembershipRateLimit();
+        return minRate.toNumber();
+    }
+    /**
+     * Gets the maximum allowed rate limit from the contract
+     * @returns Promise<number> The maximum rate limit in messages per epoch
+     */
+    async getMaxRateLimit() {
+        const maxRate = await this.contract.maxMembershipRateLimit();
+        return maxRate.toNumber();
+    }
+    /**
+     * Gets the maximum total rate limit across all memberships
+     * @returns Promise<number> The maximum total rate limit in messages per epoch
+     */
+    async getMaxTotalRateLimit() {
+        const maxTotalRate = await this.contract.maxTotalRateLimit();
+        return maxTotalRate.toNumber();
+    }
+    /**
+     * Gets the current total rate limit usage across all memberships
+     * @returns Promise<number> The current total rate limit usage in messages per epoch
+     */
+    async getCurrentTotalRateLimit() {
+        const currentTotal = await this.contract.currentTotalRateLimit();
+        return currentTotal.toNumber();
+    }
+    /**
+     * Gets the remaining available total rate limit that can be allocated
+     * @returns Promise<number> The remaining rate limit that can be allocated
+     */
+    async getRemainingTotalRateLimit() {
+        const [maxTotal, currentTotal] = await Promise.all([
+            this.contract.maxTotalRateLimit(),
+            this.contract.currentTotalRateLimit()
+        ]);
+        return maxTotal.sub(currentTotal).toNumber();
+    }
+    /**
+     * Updates the rate limit for future registrations
+     * @param newRateLimit The new rate limit to use
+     */
+    async setRateLimit(newRateLimit) {
+        this.rateLimit = newRateLimit;
+    }
+    get members() {
+        const sortedMembers = Array.from(this._members.values()).sort((left, right) => left.index.toNumber() - right.index.toNumber());
+        return sortedMembers;
+    }
+    get membersFilter() {
+        if (!this._membersFilter) {
+            throw Error("Members filter was not initialized.");
+        }
+        return this._membersFilter;
+    }
+    get membersRemovedFilter() {
+        if (!this._membersRemovedFilter) {
+            throw Error("MembersRemoved filter was not initialized.");
+        }
+        return this._membersRemovedFilter;
+    }
+    async fetchMembers(rlnInstance, options = {}) {
+        const registeredMemberEvents = await queryFilter(this.contract, {
+            fromBlock: this.deployBlock,
+            ...options,
+            membersFilter: this.membersFilter
+        });
+        const removedMemberEvents = await queryFilter(this.contract, {
+            fromBlock: this.deployBlock,
+            ...options,
+            membersFilter: this.membersRemovedFilter
+        });
+        const events = [...registeredMemberEvents, ...removedMemberEvents];
+        this.processEvents(rlnInstance, events);
+    }
+    processEvents(rlnInstance, events) {
+        const toRemoveTable = new Map();
+        const toInsertTable = new Map();
+        events.forEach((evt) => {
+            if (!evt.args) {
+                return;
+            }
+            if (evt.event === "MembershipRemoved") {
+                const index = evt.args.index;
+                const toRemoveVal = toRemoveTable.get(evt.blockNumber);
+                if (toRemoveVal != undefined) {
+                    toRemoveVal.push(index.toNumber());
+                    toRemoveTable.set(evt.blockNumber, toRemoveVal);
+                }
+                else {
+                    toRemoveTable.set(evt.blockNumber, [index.toNumber()]);
+                }
+            }
+            else if (evt.event === "MembershipRegistered") {
+                let eventsPerBlock = toInsertTable.get(evt.blockNumber);
+                if (eventsPerBlock == undefined) {
+                    eventsPerBlock = [];
+                }
+                eventsPerBlock.push(evt);
+                toInsertTable.set(evt.blockNumber, eventsPerBlock);
+            }
+        });
+        this.removeMembers(rlnInstance, toRemoveTable);
+        this.insertMembers(rlnInstance, toInsertTable);
+    }
+    insertMembers(rlnInstance, toInsert) {
+        toInsert.forEach((events, blockNumber) => {
+            events.forEach((evt) => {
+                if (!evt.args)
+                    return;
+                const _idCommitment = evt.args.idCommitment;
+                const index = evt.args.index;
+                if (!_idCommitment || !index) {
+                    return;
+                }
+                const idCommitment = zeroPadLE(hexToBytes(_idCommitment), 32);
+                rlnInstance.zerokit.insertMember(idCommitment);
+                this._members.set(index.toNumber(), {
+                    index,
+                    idCommitment: _idCommitment
+                });
+            });
+            const currentRoot = rlnInstance.zerokit.getMerkleRoot();
+            this.merkleRootTracker.pushRoot(blockNumber, currentRoot);
+        });
+    }
+    removeMembers(rlnInstance, toRemove) {
+        const removeDescending = new Map([...toRemove].reverse());
+        removeDescending.forEach((indexes, blockNumber) => {
+            indexes.forEach((index) => {
+                if (this._members.has(index)) {
+                    this._members.delete(index);
+                    rlnInstance.zerokit.deleteMember(index);
+                }
+            });
+            this.merkleRootTracker.backFill(blockNumber);
+        });
+    }
+    subscribeToMembers(rlnInstance) {
+        this.contract.on(this.membersFilter, (_idCommitment, _rateLimit, _index, event) => {
+            this.processEvents(rlnInstance, [event]);
+        });
+        this.contract.on(this.membersRemovedFilter, (_idCommitment, _index, event) => {
+            this.processEvents(rlnInstance, [event]);
+        });
+    }
+    async registerWithIdentity(identity) {
+        try {
+            log.info(`Registering identity with rate limit: ${this.rateLimit} messages/epoch`);
+            const txRegisterResponse = await this.contract.register(identity.IDCommitmentBigInt, this.rateLimit, [], { gasLimit: 300000 });
+            const txRegisterReceipt = await txRegisterResponse.wait();
+            const memberRegistered = txRegisterReceipt.events?.find((event) => event.event === "MembershipRegistered");
+            if (!memberRegistered || !memberRegistered.args) {
+                log.error("Failed to register membership: No MembershipRegistered event found");
+                return undefined;
+            }
+            const decodedData = {
+                idCommitment: memberRegistered.args.idCommitment,
+                rateLimit: memberRegistered.args.rateLimit,
+                index: memberRegistered.args.index
+            };
+            log.info(`Successfully registered membership with index ${decodedData.index} ` +
+                `and rate limit ${decodedData.rateLimit}`);
+            const network = await this.contract.provider.getNetwork();
+            const address = this.contract.address;
+            const membershipId = decodedData.index.toNumber();
+            return {
+                identity,
+                membership: {
+                    address,
+                    treeIndex: membershipId,
+                    chainId: network.chainId
+                }
+            };
+        }
+        catch (error) {
+            log.error(`Error in registerWithIdentity: ${error.message}`);
+            return undefined;
+        }
+    }
+    /**
+     * Helper method to get remaining messages in current epoch
+     * @param membershipId The ID of the membership to check
+     * @returns number of remaining messages allowed in current epoch
+     */
+    async getRemainingMessages(membershipId) {
+        try {
+            const [startTime, , rateLimit] = await this.contract.getMembershipInfo(membershipId);
+            // Calculate current epoch
+            const currentTime = Math.floor(Date.now() / 1000);
+            const epochsPassed = Math.floor((currentTime - startTime) / RATE_LIMIT_PARAMS.EPOCH_LENGTH);
+            const currentEpochStart = startTime + epochsPassed * RATE_LIMIT_PARAMS.EPOCH_LENGTH;
+            // Get message count in current epoch using contract's function
+            const messageCount = await this.contract.getMessageCount(membershipId, currentEpochStart);
+            return Math.max(0, rateLimit.sub(messageCount).toNumber());
+        }
+        catch (error) {
+            log.error(`Error getting remaining messages: ${error.message}`);
+            return 0; // Fail safe: assume no messages remaining on error
+        }
+    }
+    async registerWithPermitAndErase(identity, permit, idCommitmentsToErase) {
+        try {
+            log.info(`Registering identity with permit and rate limit: ${this.rateLimit} messages/epoch`);
+            const txRegisterResponse = await this.contract.registerWithPermit(permit.owner, permit.deadline, permit.v, permit.r, permit.s, identity.IDCommitmentBigInt, this.rateLimit, idCommitmentsToErase.map((id) => BigNumber.from(id)));
+            const txRegisterReceipt = await txRegisterResponse.wait();
+            const memberRegistered = txRegisterReceipt.events?.find((event) => event.event === "MembershipRegistered");
+            if (!memberRegistered || !memberRegistered.args) {
+                log.error("Failed to register membership with permit: No MembershipRegistered event found");
+                return undefined;
+            }
+            const decodedData = {
+                idCommitment: memberRegistered.args.idCommitment,
+                rateLimit: memberRegistered.args.rateLimit,
+                index: memberRegistered.args.index
+            };
+            log.info(`Successfully registered membership with permit. Index: ${decodedData.index}, ` +
+                `Rate limit: ${decodedData.rateLimit}, Erased ${idCommitmentsToErase.length} commitments`);
+            const network = await this.contract.provider.getNetwork();
+            const address = this.contract.address;
+            const membershipId = decodedData.index.toNumber();
+            return {
+                identity,
+                membership: {
+                    address,
+                    treeIndex: membershipId,
+                    chainId: network.chainId
+                }
+            };
+        }
+        catch (error) {
+            log.error(`Error in registerWithPermitAndErase: ${error.message}`);
+            return undefined;
+        }
+    }
+    roots() {
+        return this.merkleRootTracker.roots();
+    }
+    async withdraw(token, holder) {
+        try {
+            const tx = await this.contract.withdraw(token, { from: holder });
+            await tx.wait();
+        }
+        catch (error) {
+            log.error(`Error in withdraw: ${error.message}`);
+        }
+    }
+    async getMembershipInfo(idCommitment) {
+        try {
+            const [startBlock, endBlock, rateLimit] = await this.contract.getMembershipInfo(idCommitment);
+            const currentBlock = await this.contract.provider.getBlockNumber();
+            let state;
+            if (currentBlock < startBlock) {
+                state = MembershipState.Active;
+            }
+            else if (currentBlock < endBlock) {
+                state = MembershipState.GracePeriod;
+            }
+            else {
+                state = MembershipState.Expired;
+            }
+            const index = await this.getMemberIndex(idCommitment);
+            if (!index)
+                return undefined;
+            return {
+                index,
+                idCommitment,
+                rateLimit: rateLimit.toNumber(),
+                startBlock: startBlock.toNumber(),
+                endBlock: endBlock.toNumber(),
+                state
+            };
+        }
+        catch (error) {
+            return undefined;
+        }
+    }
+    async extendMembership(idCommitment) {
+        return this.contract.extendMemberships([idCommitment]);
+    }
+    async eraseMembership(idCommitment, eraseFromMembershipSet = true) {
+        return this.contract.eraseMemberships([idCommitment], eraseFromMembershipSet);
+    }
+    async registerMembership(idCommitment, rateLimit = DEFAULT_RATE_LIMIT) {
+        if (rateLimit < RATE_LIMIT_PARAMS.MIN_RATE ||
+            rateLimit > RATE_LIMIT_PARAMS.MAX_RATE) {
+            throw new Error(`Rate limit must be between ${RATE_LIMIT_PARAMS.MIN_RATE} and ${RATE_LIMIT_PARAMS.MAX_RATE}`);
+        }
+        return this.contract.register(idCommitment, rateLimit, []);
+    }
+    async getMemberIndex(idCommitment) {
+        try {
+            const events = await this.contract.queryFilter(this.contract.filters.MembershipRegistered(idCommitment));
+            if (events.length === 0)
+                return undefined;
+            // Get the most recent registration event
+            const event = events[events.length - 1];
+            return event.args?.index;
+        }
+        catch (error) {
+            return undefined;
+        }
+    }
+}
+// These values should be tested on other networks
+const FETCH_CHUNK = 5;
+const BLOCK_RANGE = 3000;
+async function queryFilter(contract, options) {
+    const { fromBlock, membersFilter, fetchRange = BLOCK_RANGE, fetchChunks = FETCH_CHUNK } = options;
+    if (fromBlock === undefined) {
+        return contract.queryFilter(membersFilter);
+    }
+    if (!contract.provider) {
+        throw Error("No provider found on the contract.");
+    }
+    const toBlock = await contract.provider.getBlockNumber();
+    if (toBlock - fromBlock < fetchRange) {
+        return contract.queryFilter(membersFilter, fromBlock, toBlock);
+    }
+    const events = [];
+    const chunks = splitToChunks(fromBlock, toBlock, fetchRange);
+    for (const portion of takeN(chunks, fetchChunks)) {
+        const promises = portion.map(([left, right]) => ignoreErrors(contract.queryFilter(membersFilter, left, right), []));
+        const fetchedEvents = await Promise.all(promises);
+        events.push(fetchedEvents.flatMap((v) => v));
+    }
+    return events.flatMap((v) => v);
+}
+function splitToChunks(from, to, step) {
+    const chunks = [];
+    let left = from;
+    while (left < to) {
+        const right = left + step < to ? left + step : to;
+        chunks.push([left, right]);
+        left = right;
+    }
+    return chunks;
+}
+function* takeN(array, size) {
+    let start = 0;
+    while (start < array.length) {
+        const portion = array.slice(start, start + size);
+        yield portion;
+        start += size;
+    }
+}
+async function ignoreErrors(promise, defaultValue) {
+    try {
+        return await promise;
+    }
+    catch (err) {
+        if (err instanceof Error) {
+            log.info(`Ignoring an error during query: ${err.message}`);
+        }
+        else {
+            log.info(`Ignoring an unknown error during query`);
+        }
+        return defaultValue;
+    }
+}
+
+export { MembershipState, RLNContract };

package/bundle/packages/rln/dist/create.js

@@ -0,0 +1,9 @@
+async function createRLN() {
+    // A dependency graph that contains any wasm must all be imported
+    // asynchronously. This file does the single async import, so
+    // that no one else needs to worry about it again.
+    const rlnModule = await import('./rln.js');
+    return rlnModule.create();
+}
+
+export { createRLN };

package/bundle/packages/rln/dist/identity.js

@@ -0,0 +1,54 @@
+import { arrayify } from '../../../node_modules/@ethersproject/bytes/lib.esm/index.js';
+import { keccak256 } from '../../../node_modules/@ethersproject/keccak256/lib.esm/index.js';
+import { Poseidon as m } from '../../../node_modules/@iden3/js-crypto/dist/browser/esm/index.js';
+import { streamXOR } from '../../../node_modules/@stablelib/chacha/lib/chacha.js';
+import { buildBigIntFromUint8Array } from './utils/bytes.js';
+import './utils/epoch.js';
+
+class IdentityCredential {
+    IDTrapdoor;
+    IDNullifier;
+    IDSecretHash;
+    IDCommitment;
+    IDCommitmentBigInt;
+    constructor(IDTrapdoor, IDNullifier, IDSecretHash, IDCommitment, IDCommitmentBigInt) {
+        this.IDTrapdoor = IDTrapdoor;
+        this.IDNullifier = IDNullifier;
+        this.IDSecretHash = IDSecretHash;
+        this.IDCommitment = IDCommitment;
+        this.IDCommitmentBigInt = IDCommitmentBigInt;
+    }
+    static fromBytes(memKeys) {
+        if (memKeys.length < 128) {
+            throw new Error("Invalid memKeys length - must be at least 128 bytes");
+        }
+        const idTrapdoor = memKeys.subarray(0, 32);
+        const idNullifier = memKeys.subarray(32, 64);
+        const idSecretHash = memKeys.subarray(64, 96);
+        const idCommitment = memKeys.subarray(96, 128);
+        const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment, 32);
+        return new IdentityCredential(idTrapdoor, idNullifier, idSecretHash, idCommitment, idCommitmentBigInt);
+    }
+    static generateSeeded(signature) {
+        // Generate deterministic seed from signature
+        const seed = arrayify(keccak256(signature));
+        // Use ChaCha for deterministic randomness (as in Rust code)
+        const nonce = new Uint8Array(12);
+        const idSecretHash = new Uint8Array(32);
+        streamXOR(seed, nonce, idSecretHash, idSecretHash);
+        // Convert to bigint for Poseidon
+        const secretBigInt = BigInt("0x" + Buffer.from(idSecretHash).toString("hex"));
+        // Generate commitment using Poseidon
+        const idCommitmentBigInt = m.hash([secretBigInt]);
+        // Convert commitment back to Uint8Array
+        const idCommitment = arrayify("0x" + idCommitmentBigInt.toString(16).padStart(64, "0"));
+        // Generate deterministic trapdoor and nullifier from the secret hash
+        const idTrapdoor = new Uint8Array(32);
+        const idNullifier = new Uint8Array(32);
+        streamXOR(idSecretHash, nonce, idTrapdoor, idTrapdoor);
+        streamXOR(idTrapdoor, nonce, idNullifier, idNullifier);
+        return new IdentityCredential(idTrapdoor, idNullifier, idSecretHash, idCommitment, idCommitmentBigInt);
+    }
+}
+
+export { IdentityCredential };

package/bundle/packages/rln/dist/keystore/cipher.js

@@ -0,0 +1,31 @@
+import { cipherDecrypt as cipherDecrypt_1 } from '../../node_modules/@chainsafe/bls-keystore/lib/cipher.js';
+import { kdf as kdf_2 } from '../../node_modules/@chainsafe/bls-keystore/lib/kdf.js';
+import { normalizePassword as normalizePassword_1 } from '../../node_modules/@chainsafe/bls-keystore/lib/password.js';
+import { keccak256 } from '../../../../node_modules/ethereum-cryptography/esm/keccak.js';
+import { hexToBytes } from '../../../../node_modules/ethereum-cryptography/esm/utils.js';
+import { concatBytes, bytesToHex } from '../../../../node_modules/@noble/hashes/esm/utils.js';
+
+// eipKeystore supports only sha256 checksum so we just make an assumption it is keccak256
+const validateChecksum = async (password, eipKeystore) => {
+    const computedChecksum = await keccak256Checksum(password, eipKeystore);
+    return computedChecksum === eipKeystore.crypto.checksum.message;
+};
+// decrypt from @chainsafe/bls-keystore supports only sha256
+// but nwaku uses keccak256
+// https://github.com/waku-org/nwaku/blob/25d6e52e3804d15f9b61bc4cc6dd448540c072a1/waku/waku_keystore/keyfile.nim#L367
+const decryptEipKeystore = async (password, eipKeystore) => {
+    const decryptionKey = await kdf_2(eipKeystore.crypto.kdf, normalizePassword_1(password));
+    const isChecksumValid = await validateChecksum(password, eipKeystore);
+    if (!isChecksumValid) {
+        throw Error("Password is invalid.");
+    }
+    return cipherDecrypt_1(eipKeystore.crypto.cipher, decryptionKey.slice(0, 16));
+};
+const keccak256Checksum = async (password, eipKeystore) => {
+    const key = await kdf_2(eipKeystore.crypto.kdf, normalizePassword_1(password));
+    const payload = concatBytes(key.slice(16), hexToBytes(eipKeystore.crypto.cipher.message));
+    const ciphertext = keccak256(payload);
+    return bytesToHex(ciphertext);
+};
+
+export { decryptEipKeystore, keccak256Checksum };

package/bundle/packages/rln/dist/keystore/credential_validation_generated.js

@@ -0,0 +1,119 @@
+/* eslint eslint-comments/no-unlimited-disable: "off" */
+// This file was generated by /scripts/schema-validation-codegen.ts
+// Do not modify this file by hand.
+/* eslint-disable */
+// @ts-ignore
+const Credential = validate11;
+function validate11(data, { instancePath = "", parentData, parentDataProperty, rootData = data } = {}) { let vErrors = null; let errors = 0; {
+    if (data && typeof data == "object" && !Array.isArray(data)) {
+        let missing0;
+        if ((data.crypto === undefined) && (missing0 = "crypto")) {
+            validate11.errors = [{ instancePath, schemaPath: "#/required", keyword: "required", params: { missingProperty: missing0 }, message: "must have required property '" + missing0 + "'" }];
+            return false;
+        }
+        else {
+            if (data.crypto !== undefined) {
+                let data0 = data.crypto;
+                {
+                    if (data0 && typeof data0 == "object" && !Array.isArray(data0)) {
+                        let missing1;
+                        if (((((((data0.cipher === undefined) && (missing1 = "cipher")) || ((data0.cipherparams === undefined) && (missing1 = "cipherparams"))) || ((data0.ciphertext === undefined) && (missing1 = "ciphertext"))) || ((data0.kdf === undefined) && (missing1 = "kdf"))) || ((data0.kdfparams === undefined) && (missing1 = "kdfparams"))) || ((data0.mac === undefined) && (missing1 = "mac"))) {
+                            validate11.errors = [{ instancePath: instancePath + "/crypto", schemaPath: "#/properties/crypto/required", keyword: "required", params: { missingProperty: missing1 }, message: "must have required property '" + missing1 + "'" }];
+                            return false;
+                        }
+                        else {
+                            if (data0.cipher !== undefined) {
+                                const _errs3 = errors;
+                                if (typeof data0.cipher !== "string") {
+                                    validate11.errors = [{ instancePath: instancePath + "/crypto/cipher", schemaPath: "#/properties/crypto/properties/cipher/type", keyword: "type", params: { type: "string" }, message: "must be string" }];
+                                    return false;
+                                }
+                                var valid1 = _errs3 === errors;
+                            }
+                            else {
+                                var valid1 = true;
+                            }
+                            if (valid1) {
+                                if (data0.cipherparams !== undefined) {
+                                    let data2 = data0.cipherparams;
+                                    const _errs5 = errors;
+                                    if (!(data2 && typeof data2 == "object" && !Array.isArray(data2))) {
+                                        validate11.errors = [{ instancePath: instancePath + "/crypto/cipherparams", schemaPath: "#/properties/crypto/properties/cipherparams/type", keyword: "type", params: { type: "object" }, message: "must be object" }];
+                                        return false;
+                                    }
+                                    var valid1 = _errs5 === errors;
+                                }
+                                else {
+                                    var valid1 = true;
+                                }
+                                if (valid1) {
+                                    if (data0.ciphertext !== undefined) {
+                                        const _errs7 = errors;
+                                        if (typeof data0.ciphertext !== "string") {
+                                            validate11.errors = [{ instancePath: instancePath + "/crypto/ciphertext", schemaPath: "#/properties/crypto/properties/ciphertext/type", keyword: "type", params: { type: "string" }, message: "must be string" }];
+                                            return false;
+                                        }
+                                        var valid1 = _errs7 === errors;
+                                    }
+                                    else {
+                                        var valid1 = true;
+                                    }
+                                    if (valid1) {
+                                        if (data0.kdf !== undefined) {
+                                            const _errs9 = errors;
+                                            if (typeof data0.kdf !== "string") {
+                                                validate11.errors = [{ instancePath: instancePath + "/crypto/kdf", schemaPath: "#/properties/crypto/properties/kdf/type", keyword: "type", params: { type: "string" }, message: "must be string" }];
+                                                return false;
+                                            }
+                                            var valid1 = _errs9 === errors;
+                                        }
+                                        else {
+                                            var valid1 = true;
+                                        }
+                                        if (valid1) {
+                                            if (data0.kdfparams !== undefined) {
+                                                let data5 = data0.kdfparams;
+                                                const _errs11 = errors;
+                                                if (!(data5 && typeof data5 == "object" && !Array.isArray(data5))) {
+                                                    validate11.errors = [{ instancePath: instancePath + "/crypto/kdfparams", schemaPath: "#/properties/crypto/properties/kdfparams/type", keyword: "type", params: { type: "object" }, message: "must be object" }];
+                                                    return false;
+                                                }
+                                                var valid1 = _errs11 === errors;
+                                            }
+                                            else {
+                                                var valid1 = true;
+                                            }
+                                            if (valid1) {
+                                                if (data0.mac !== undefined) {
+                                                    const _errs13 = errors;
+                                                    if (typeof data0.mac !== "string") {
+                                                        validate11.errors = [{ instancePath: instancePath + "/crypto/mac", schemaPath: "#/properties/crypto/properties/mac/type", keyword: "type", params: { type: "string" }, message: "must be string" }];
+                                                        return false;
+                                                    }
+                                                    var valid1 = _errs13 === errors;
+                                                }
+                                                else {
+                                                    var valid1 = true;
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                    else {
+                        validate11.errors = [{ instancePath: instancePath + "/crypto", schemaPath: "#/properties/crypto/type", keyword: "type", params: { type: "object" }, message: "must be object" }];
+                        return false;
+                    }
+                }
+            }
+        }
+    }
+    else {
+        validate11.errors = [{ instancePath, schemaPath: "#/type", keyword: "type", params: { type: "object" }, message: "must be object" }];
+        return false;
+    }
+} validate11.errors = vErrors; return errors === 0; }
+
+export { Credential };