npm - @wireapp/core-crypto - Versions diffs - 5.3.0 → 6.0.0 - Mend

@wireapp/core-crypto 5.3.0 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json +21 -22
package/src/core-crypto-ffi_bg.wasm +0 -0
package/src/core-crypto-ffi_bg.wasm.d.ts +227 -188
package/src/corecrypto.d.ts +485 -475
package/src/corecrypto.js +1496 -902

package/src/corecrypto.d.ts CHANGED Viewed

@@ -33,47 +33,77 @@ export declare enum Ciphersuite {
 	 */
 	MLS_256_DHKEMP384_AES256GCM_SHA384_P384 = 7
 }
-declare enum Ciphersuite$1 {
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Updates the key of the CoreCrypto database.
+ * To be used only once, when moving from CoreCrypto <= 5.x to CoreCrypto 6.x.
+ */
+export function migrateDatabaseKeyTypeToBytes(name: string, old_key: string, new_key: DatabaseKey): Promise<void>;
+export enum CredentialType {
 	/**
-	 * DH KEM x25519 | AES-GCM 128 | SHA2-256 | Ed25519
+	 * Basic credential i.e. a KeyPair
 	 */
-	MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519 = 1,
+	Basic = 1,
 	/**
-	 * DH KEM P256 | AES-GCM 128 | SHA2-256 | EcDSA P256
+	 * A x509 certificate generally obtained through e2e identity enrollment process
 	 */
-	MLS_128_DHKEMP256_AES128GCM_SHA256_P256 = 2,
+	X509 = 2
+}
+export enum DeviceStatus {
 	/**
-	 * DH KEM x25519 | Chacha20Poly1305 | SHA2-256 | Ed25519
+	 * All is fine
 	 */
-	MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519 = 3,
+	Valid = 1,
 	/**
-	 * DH KEM x448 | AES-GCM 256 | SHA2-512 | Ed448
+	 * The Credential's certificate is expired
 	 */
-	MLS_256_DHKEMX448_AES256GCM_SHA512_Ed448 = 4,
+	Expired = 2,
 	/**
-	 * DH KEM P521 | AES-GCM 256 | SHA2-512 | EcDSA P521
+	 * The Credential's certificate is revoked (not implemented yet)
 	 */
-	MLS_256_DHKEMP521_AES256GCM_SHA512_P521 = 5,
+	Revoked = 3
+}
+declare enum E2eiConversationState {
 	/**
-	 * DH KEM x448 | Chacha20Poly1305 | SHA2-512 | Ed448
+	 * All clients have a valid E2EI certificate
 	 */
-	MLS_256_DHKEMX448_CHACHA20POLY1305_SHA512_Ed448 = 6,
+	Verified = 1,
 	/**
-	 * DH KEM P384 | AES-GCM 256 | SHA2-384 | EcDSA P384
+	 * Some clients are either still Basic or their certificate is expired
 	 */
-	MLS_256_DHKEMP384_AES256GCM_SHA384_P384 = 7
+	NotVerified = 2,
+	/**
+	 * All clients are still Basic. If all client have expired certificates, [E2eiConversationState::NotVerified] is returned.
+	 */
+	NotEnabled = 3
 }
-declare enum CredentialType {
+declare enum MlsGroupInfoEncryptionType {
 	/**
-	 * Just a KeyPair
+	 * Unencrypted `GroupInfo`
 	 */
-	Basic = 1,
+	Plaintext = 1,
 	/**
-	 * A certificate obtained through e2e identity enrollment process
+	 * `GroupInfo` encrypted in a JWE
 	 */
-	X509 = 2
+	JweEncrypted = 2
 }
-declare enum WirePolicy {
+declare enum MlsRatchetTreeType {
+	/**
+	 * Plain old and complete `GroupInfo`
+	 */
+	Full = 1,
+	/**
+	 * Contains `GroupInfo` changes since previous epoch (not yet implemented)
+	 * (see [draft](https://github.com/rohan-wire/ietf-drafts/blob/main/mahy-mls-ratchet-tree-delta/draft-mahy-mls-ratchet-tree-delta.md))
+	 */
+	Delta = 2,
+	ByRef = 3
+}
+/**
+ * See [core_crypto::prelude::MlsWirePolicy]
+ */
+export enum WirePolicy {
 	/**
 	 * Handshake messages are never encrypted
 	 */
@@ -85,7 +115,9 @@ declare enum WirePolicy {
 }
 /**
  * For creating a challenge.
- * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
+ *
+ * - See https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
+ * - See [core_crypto::e2e_identity::types::E2eiAcmeChallenge]
  */
 export class AcmeChallenge {
 	private constructor();
@@ -104,6 +136,57 @@ export class AcmeChallenge {
 	 */
 	readonly target: string;
 }
+declare class AcmeDirectory {
+	private constructor();
+	free(): void;
+	/**
+	 * URL for fetching a new nonce. Use this only for creating a new account.
+	 */
+	readonly newNonce: string;
+	/**
+	 * URL for creating a new account.
+	 */
+	readonly newAccount: string;
+	/**
+	 * URL for creating a new order.
+	 */
+	readonly newOrder: string;
+	/**
+	 * Revocation URL
+	 */
+	readonly revokeCert: string;
+}
+declare class ArrayOfByteArray {
+	free(): void;
+	constructor(aoba: Uint8Array[]);
+	as_arrays(): Uint8Array[];
+}
+declare class BufferedDecryptedMessage {
+	private constructor();
+	free(): void;
+	readonly message: Uint8Array | undefined;
+	readonly proposals: ProposalBundle[];
+	/**
+	 * It is set to false if ingesting this MLS message has resulted in the client being removed from the group (i.e. a Remove commit)
+	 */
+	readonly isActive: boolean;
+	/**
+	 * Commit delay hint (in milliseconds) to prevent clients from hammering the server with epoch changes
+	 */
+	readonly commitDelay: bigint | undefined;
+	readonly senderClientId: ClientId | undefined;
+	/**
+	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
+	 *
+	 * Deprecated: this member will be removed in the future. Prefer using the `EpochObserver` interface.
+	 */
+	readonly hasEpochChanged: boolean;
+	readonly identity: WireIdentity;
+	/**
+	 * New CRL Distribution of members of this group
+	 */
+	readonly crlNewDistributionPoints: NewCrlDistributionPoints;
+}
 /**
  * Metadata describing the conditions of the build of this software.
  */
@@ -155,416 +238,372 @@ export class BuildMetadata {
 	 */
 	readonly gitDirty: string;
 }
+declare class Ciphersuite$1 {
+	free(): void;
+	as_u16(): number;
+	constructor(discriminant: number);
+}
+declare class Ciphersuites {
+	free(): void;
+	constructor(ids: Uint16Array);
+}
+declare class ClientId {
+	free(): void;
+	constructor(bytes: Uint8Array);
+	as_bytes(): Uint8Array;
+}
 declare class ConversationConfiguration {
 	free(): void;
-	constructor(ciphersuite?: Ciphersuite$1, external_senders?: (Uint8Array)[], key_rotation_span?: number, wire_policy?: WirePolicy);
-	/**
-	 * List of client IDs that are allowed to be external senders
-	 */
-	readonly externalSenders: Array<any>;
-	/**
-	 * Conversation ciphersuite
-	 */
+	constructor(ciphersuite?: Ciphersuite$1 | null, external_senders?: Uint8Array[] | null, key_rotation_span?: number | null, wire_policy?: WirePolicy | null);
 	readonly ciphersuite: Ciphersuite$1 | undefined;
+	readonly custom: CustomConfiguration;
 	/**
-	 * Additional configuration
+	 * List of client IDs that are allowed to be external senders
 	 */
-	readonly custom: CustomConfiguration;
+	readonly externalSenders: Uint8Array[];
 }
 declare class CoreCryptoContext {
 	private constructor();
 	free(): void;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::context::CentralContext::set_data]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_enrollment]
 	 */
-	set_data(data: Uint8Array): Promise<any>;
+	e2ei_new_enrollment(client_id: string, display_name: string, handle: string, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<FfiWireE2EIdentity>;
 	/**
-	 * Returns: [`WasmCryptoResult<Option<js_sys::Uint8Array>>`]
-	 *
-	 * see [core_crypto::context::CentralContext::get_data]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_activation_enrollment]
 	 */
-	get_data(): Promise<any>;
+	e2ei_new_activation_enrollment(display_name: string, handle: string, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<FfiWireE2EIdentity>;
 	/**
-	 * see [core_crypto::mls::context::CentralContext::mls_init]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_rotate_enrollment]
 	 */
-	mls_init(client_id: Uint8Array, ciphersuites: Uint16Array, nb_key_package?: number): Promise<any>;
+	e2ei_new_rotate_enrollment(display_name: string | null | undefined, handle: string | null | undefined, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<FfiWireE2EIdentity>;
 	/**
-	 * Returns [`WasmCryptoResult<Vec<u8>>`]
-	 *
-	 * See [core_crypto::mls::context::CentralContext::mls_generate_keypairs]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_acme_ca]
 	 */
-	mls_generate_keypair(ciphersuites: Uint16Array): Promise<any>;
+	e2ei_register_acme_ca(trust_anchor_pem: string): Promise<void>;
 	/**
-	 * Returns [`WasmCryptoResult<()>`]
-	 *
-	 * See [core_crypto::mls::context::CentralContext::mls_init_with_client_id]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_intermediate_ca_pem]
 	 */
-	mls_init_with_client_id(client_id: Uint8Array, signature_public_keys: (Uint8Array)[], ciphersuites: Uint16Array): Promise<any>;
+	e2ei_register_intermediate_ca(cert_pem: string): Promise<NewCrlDistributionPoints>;
 	/**
-	 * Returns:: [`WasmCryptoResult<js_sys::Uint8Array>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::client_public_key]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_crl]
 	 */
-	client_public_key(ciphersuite: Ciphersuite$1, credential_type: CredentialType): Promise<any>;
+	e2ei_register_crl(crl_dp: string, crl_der: Uint8Array): Promise<CrlRegistration>;
 	/**
-	 * Returns: [`WasmCryptoResult<js_sys::Array<js_sys::Uint8Array>>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::get_or_create_client_keypackages]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_mls_init_only]
 	 */
-	client_keypackages(ciphersuite: Ciphersuite$1, credential_type: CredentialType, amount_requested: number): Promise<any>;
+	e2ei_mls_init_only(enrollment: FfiWireE2EIdentity, certificate_chain: string, nb_key_package?: number | null): Promise<NewCrlDistributionPoints>;
 	/**
-	 * Returns: [`WasmCryptoResult<usize>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::client_valid_key_packages_count]
+	 * See [core_crypto::mls::conversation::ConversationGuard::e2ei_rotate]
 	 */
-	client_valid_keypackages_count(ciphersuite: Ciphersuite$1, credential_type: CredentialType): Promise<any>;
+	e2ei_rotate(conversation_id: Uint8Array): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<usize>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::delete_keypackages]
+	 * See [core_crypto::transaction_context::TransactionContext::save_x509_credential]
 	 */
-	delete_keypackages(refs: (Uint8Array)[]): Promise<any>;
+	save_x509_credential(enrollment: FfiWireE2EIdentity, certificate_chain: string): Promise<NewCrlDistributionPoints>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::new_conversation]
+	 * See [core_crypto::transaction_context::TransactionContext::delete_stale_key_packages]
 	 */
-	create_conversation(conversation_id: Uint8Array, creator_credential_type: CredentialType, config: ConversationConfiguration): Promise<any>;
+	delete_stale_key_packages(ciphersuite: Ciphersuite$1): Promise<void>;
 	/**
-	 * Returns [`WasmCryptoResult<u64>`]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_enrollment_stash]
 	 *
-	 * see [core_crypto::mls::conversation::ConversationGuard::epoch]
+	 * Note that this can only succeed id the enrollment is unique and there are no other hard refs to it.
 	 */
-	conversation_epoch(conversation_id: Uint8Array): Promise<any>;
+	e2ei_enrollment_stash(enrollment: FfiWireE2EIdentity): Promise<Uint8Array>;
 	/**
-	 * Returns [`WasmCryptoResult<Ciphersuite>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::conversation_ciphersuite]
+	 * See [core_crypto::transaction_context::TransactionContext::e2ei_enrollment_stash_pop]
 	 */
-	conversation_ciphersuite(conversation_id: Uint8Array): Promise<any>;
+	e2ei_enrollment_stash_pop(handle: Uint8Array): Promise<FfiWireE2EIdentity>;
 	/**
-	 * Returns: [`bool`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::conversation_exists]
+	 * See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::e2ei_conversation_state]
 	 */
-	conversation_exists(conversation_id: Uint8Array): Promise<any>;
+	e2ei_conversation_state(conversation_id: Uint8Array): Promise<E2eiConversationState>;
 	/**
-	 * Returns: [`WasmCryptoResult<Uint8Array>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::process_raw_welcome_message]
+	 * See [core_crypto::mls::Client::e2ei_is_enabled]
 	 */
-	process_welcome_message(welcome_message: Uint8Array, custom_configuration: CustomConfiguration): Promise<any>;
+	e2ei_is_enabled(ciphersuite: Ciphersuite$1): Promise<boolean>;
 	/**
-	 * Returns: [`WasmCryptoResult<Option<Vec<String>>>`]
-	 *
-	 * see [core_crypto::mls::conversation::conversation_guard::ConversationGuard::add_members]
+	 * See [core_crypto::mls::Client::get_device_identities]
 	 */
-	add_clients_to_conversation(conversation_id: Uint8Array, key_packages: (Uint8Array)[]): Promise<any>;
+	get_device_identities(conversation_id: Uint8Array, device_ids: ClientId[]): Promise<WireIdentity[]>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::remove_members_from_conversation]
+	 * See [core_crypto::mls::Client::get_user_identities]
 	 */
-	remove_clients_from_conversation(conversation_id: Uint8Array, clients: (Uint8Array)[]): Promise<any>;
+	get_user_identities(conversation_id: Uint8Array, user_ids: string[]): Promise<Map<string, WireIdentity[]>>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::mls::conversation::ConversationGuard::mark_as_child_of]
+	 * See [core_crypto::mls::Client::get_credential_in_use]
 	 */
-	mark_conversation_as_child_of(child_id: Uint8Array, parent_id: Uint8Array): Promise<any>;
+	get_credential_in_use(group_info: Uint8Array, credential_type: CredentialType): Promise<E2eiConversationState>;
+	e2ei_dump_pki_env(): Promise<E2eiDumpedPkiEnv | undefined>;
 	/**
-	 * Returns: [`WasmCryptoResult()`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::update_keying_material]
+	 * See [core_crypto::mls::MlsCentral::e2ei_is_pki_env_setup]
 	 */
-	update_keying_material(conversation_id: Uint8Array): Promise<any>;
+	e2ei_is_pki_env_setup(): Promise<boolean>;
 	/**
-	 * Returns: [`WasmCryptoResult()`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::commit_pending_proposals]
+	 * See [core_crypto::context::CentralContext::mls_init]
 	 */
-	commit_pending_proposals(conversation_id: Uint8Array): Promise<any>;
+	mls_init(client_id: ClientId, ciphersuites: Ciphersuites, nb_key_package?: number | null): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::wipe_conversation]
+	 * See [core_crypto::context::CentralContext::mls_generate_keypairs]
 	 */
-	wipe_conversation(conversation_id: Uint8Array): Promise<any>;
+	mls_generate_keypairs(ciphersuites: Ciphersuites): Promise<ClientId[]>;
 	/**
-	 * Returns: [`WasmCryptoResult<DecryptedMessage>`]
-	 *
-	 * see [core_crypto::mls::conversation::conversation_guard::ConversationGuard::decrypt_message]
+	 * See [core_crypto::context::CentralContext::mls_init_with_client_id]
 	 */
-	decrypt_message(conversation_id: Uint8Array, payload: Uint8Array): Promise<any>;
+	mls_init_with_client_id(client_id: ClientId, tmp_client_ids: ClientId[], ciphersuites: Ciphersuites): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<Uint8Array>`]
-	 *
-	 * see [core_crypto::mls::conversation::conversation_guard::ConversationGuard::encrypt_message]
+	 * See [core_crypto::mls::MlsCentral::client_public_key]
 	 */
-	encrypt_message(conversation_id: Uint8Array, message: Uint8Array): Promise<any>;
+	client_public_key(ciphersuite: Ciphersuite$1, credential_type: CredentialType): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<WelcomeBundle>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::join_by_external_commit]
+	 * See [core_crypto::mls::conversation::ConversationGuard::epoch]
 	 */
-	join_by_external_commit(group_info: Uint8Array, custom_configuration: CustomConfiguration, credential_type: CredentialType): Promise<any>;
+	conversation_epoch(conversation_id: Uint8Array): Promise<bigint>;
 	/**
-	 * Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::random_bytes]
+	 * See [core_crypto::mls::conversation::ConversationGuard::ciphersuite]
 	 */
-	random_bytes(len: number): Promise<any>;
+	conversation_ciphersuite(conversation_id: Uint8Array): Promise<Ciphersuite$1>;
 	/**
-	 * Returns: [`WasmCryptoResult<Vec<u8>>`]
-	 *
-	 * see [core_crypto::mls::conversation::ImmutableConversation::export_secret_key]
+	 * See [core_crypto::mls::MlsCentral::conversation_exists]
 	 */
-	export_secret_key(conversation_id: Uint8Array, key_length: number): Promise<any>;
+	conversation_exists(conversation_id: Uint8Array): Promise<boolean>;
 	/**
-	 * Returns: [`WasmCryptoResult<Vec<u8>>`]
-	 *
-	 * see [core_crypto::mls::conversation::ImmutableConversation::get_external_sender]
+	 * See [core_crypto::mls::conversation::ImmutableConversation::get_client_ids]
 	 */
-	get_external_sender(id: Uint8Array): Promise<any>;
+	get_client_ids(conversation_id: Uint8Array): Promise<ClientId[]>;
 	/**
-	 * Returns: [`WasmCryptoResult<Box<[js_sys::Uint8Array]>`]
-	 *
-	 * see [core_crypto::conversation::ImmutableConversation::get_client_ids]
+	 * See [core_crypto::mls::conversation::ImmutableConversation::export_secret_key]
 	 */
-	get_client_ids(conversation_id: Uint8Array): Promise<any>;
+	export_secret_key(conversation_id: Uint8Array, key_length: number): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::proteus::ProteusCentral::try_new]
+	 * See [core_crypto::mls::conversation::ImmutableConversation::get_external_sender]
 	 */
-	proteus_init(): Promise<any>;
+	get_external_sender(conversation_id: Uint8Array): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_session_from_prekey]
+	 * See [core_crypto::context::CentralContext::get_or_create_client_keypackages]
 	 */
-	proteus_session_from_prekey(session_id: string, prekey: Uint8Array): Promise<any>;
+	client_keypackages(ciphersuite: Ciphersuite$1, credential_type: CredentialType, amount_requested: number): Promise<ArrayOfByteArray>;
 	/**
-	 * Returns: [`WasmCryptoResult<Vec<u8>>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_session_from_message]
+	 * See [core_crypto::context::CentralContext::client_valid_key_packages_count]
 	 */
-	proteus_session_from_message(session_id: string, envelope: Uint8Array): Promise<any>;
+	client_valid_keypackages_count(ciphersuite: Ciphersuite$1, credential_type: CredentialType): Promise<bigint>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * /// **Note**: This isn't usually needed as persisting sessions happens automatically when decrypting/encrypting messages and initializing Sessions
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_session_save]
+	 * See [core_crypto::context::CentralContext::delete_keypackages]
 	 */
-	proteus_session_save(session_id: string): Promise<any>;
+	delete_keypackages(refs: ArrayOfByteArray): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_session_delete]
+	 * See [core_crypto::context::CentralContext::new_conversation]
 	 */
-	proteus_session_delete(session_id: string): Promise<any>;
+	create_conversation(conversation_id: Uint8Array, creator_credential_type: CredentialType, config: ConversationConfiguration): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<bool>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_session_exists]
+	 * See [core_crypto::context::CentralContext::process_raw_welcome_message]
 	 */
-	proteus_session_exists(session_id: string): Promise<any>;
+	process_welcome_message(welcome_message: Uint8Array, custom_configuration: CustomConfiguration): Promise<WelcomeBundle>;
 	/**
-	 * Returns: [`WasmCryptoResult<Vec<u8>>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_decrypt]
+	 * See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::add_members]
 	 */
-	proteus_decrypt(session_id: string, ciphertext: Uint8Array): Promise<any>;
+	add_clients_to_conversation(conversation_id: Uint8Array, key_packages: ArrayOfByteArray): Promise<NewCrlDistributionPoints>;
 	/**
-	 * Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_encrypt]
+	 * See [core_crypto::context::CentralContext::remove_members_from_conversation]
 	 */
-	proteus_encrypt(session_id: string, plaintext: Uint8Array): Promise<any>;
+	remove_clients_from_conversation(conversation_id: Uint8Array, clients: ClientId[]): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<js_sys::Map<string, Uint8Array>>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_encrypt_batched]
+	 * See [core_crypto::mls::conversation::ConversationGuard::mark_as_child_of]
 	 */
-	proteus_encrypt_batched(sessions: (string)[], plaintext: Uint8Array): Promise<any>;
+	mark_conversation_as_child_of(child_id: Uint8Array, parent_id: Uint8Array): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<Uint8Array>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_new_prekey]
+	 * See [core_crypto::context::CentralContext::update_keying_material]
 	 */
-	proteus_new_prekey(prekey_id: number): Promise<any>;
+	update_keying_material(conversation_id: Uint8Array): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<ProteusAutoPrekeyBundle>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_new_prekey_auto]
+	 * See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::commit_pending_proposals]
 	 */
-	proteus_new_prekey_auto(): Promise<any>;
+	commit_pending_proposals(conversation_id: Uint8Array): Promise<void>;
 	/**
-	 * Returns [`WasmCryptoResult<Uint8Array>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_last_resort_prekey]
+	 * see [core_crypto::context::CentralContext::wipe_conversation]
 	 */
-	proteus_last_resort_prekey(): Promise<any>;
+	wipe_conversation(conversation_id: Uint8Array): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<u16>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_last_resort_prekey_id]
+	 * See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::decrypt_message]
 	 */
-	static proteus_last_resort_prekey_id(): number;
+	decrypt_message(conversation_id: Uint8Array, payload: Uint8Array): Promise<DecryptedMessage>;
 	/**
-	 * Returns: [`WasmCryptoResult<String>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_fingerprint]
+	 * See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::encrypt_message]
 	 */
-	proteus_fingerprint(): Promise<string>;
+	encrypt_message(conversation_id: Uint8Array, message: Uint8Array): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<String>`]
-	 *
-	 * see [core_crypto::proteus::ProteusCentral::fingerprint_local]
+	 * See [core_crypto::context::CentralContext::join_by_external_commit]
 	 */
-	proteus_fingerprint_local(session_id: string): Promise<string>;
+	join_by_external_commit(group_info: Uint8Array, custom_configuration: CustomConfiguration, credential_type: CredentialType): Promise<WelcomeBundle>;
 	/**
-	 * Returns: [`WasmCryptoResult<String>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_fingerprint_remote]
+	 * See [core_crypto::proteus::ProteusCentral::try_new]
 	 */
-	proteus_fingerprint_remote(session_id: string): Promise<string>;
+	proteus_init(): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<String>`]
-	 *
-	 * See [core_crypto::proteus::ProteusCentral::fingerprint_prekeybundle]
+	 * See [core_crypto::context::CentralContext::proteus_session_from_prekey]
 	 */
-	static proteus_fingerprint_prekeybundle(prekey: Uint8Array): string;
+	proteus_session_from_prekey(session_id: string, prekey: Uint8Array): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * See [core_crypto::context::CentralContext::proteus_cryptobox_migrate]
+	 * See [core_crypto::context::CentralContext::proteus_session_from_message]
 	 */
-	proteus_cryptobox_migrate(path: string): Promise<any>;
+	proteus_session_from_message(session_id: string, envelope: Uint8Array): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<E2eiEnrollment>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::e2ei_new_enrollment]
+	 * See [core_crypto::context::CentralContext::proteus_session_save]
+	 * **Note**: This isn't usually needed as persisting sessions happens automatically when decrypting/encrypting messages and initializing Sessions
 	 */
-	e2ei_new_enrollment(client_id: string, display_name: string, handle: string, team: string | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<any>;
+	proteus_session_save(session_id: string): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<E2eiEnrollment>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::e2ei_new_activation_enrollment]
+	 * See [core_crypto::context::CentralContext::proteus_session_delete]
 	 */
-	e2ei_new_activation_enrollment(display_name: string, handle: string, team: string | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<any>;
+	proteus_session_delete(session_id: string): Promise<void>;
 	/**
-	 * Returns: [`WasmCryptoResult<E2eiEnrollment>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::e2ei_new_rotate_enrollment]
+	 * See [core_crypto::context::CentralContext::proteus_session_exists]
 	 */
-	e2ei_new_rotate_enrollment(display_name: string | undefined, handle: string | undefined, team: string | undefined, expiry_sec: number, ciphersuite: Ciphersuite$1): Promise<any>;
+	proteus_session_exists(session_id: string): Promise<boolean>;
 	/**
-	 * See [core_crypto::mls::context::CentralContext::e2ei_dump_pki_env]
+	 * See [core_crypto::context::CentralContext::proteus_decrypt]
 	 */
-	e2ei_dump_pki_env(): Promise<Promise<any>>;
+	proteus_decrypt(session_id: string, ciphertext: Uint8Array): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::mls::context::CentralContext::e2ei_is_pki_env_setup]
+	 * See [core_crypto::context::CentralContext::proteus_encrypt]
 	 */
-	e2ei_is_pki_env_setup(): Promise<Promise<any>>;
+	proteus_encrypt(session_id: string, plaintext: Uint8Array): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::mls::context::CentralContext::e2ei_register_acme_ca]
+	 * See [core_crypto::context::CentralContext::proteus_encrypt_batched]
 	 */
-	e2ei_register_acme_ca(trust_anchor_pem: string): Promise<Promise<any>>;
+	proteus_encrypt_batched(sessions: string[], plaintext: Uint8Array): Promise<Map<string, Uint8Array>>;
 	/**
-	 * See [core_crypto::mls::context::CentralContext::e2ei_register_intermediate_ca]
+	 * See [core_crypto::context::CentralContext::proteus_new_prekey]
 	 */
-	e2ei_register_intermediate_ca(cert_pem: string): Promise<Promise<any>>;
+	proteus_new_prekey(prekey_id: number): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::mls::context::CentralContext::e2ei_register_crl]
+	 * See [core_crypto::context::CentralContext::proteus_new_prekey_auto]
 	 */
-	e2ei_register_crl(crl_dp: string, crl_der: Uint8Array): Promise<Promise<any>>;
+	proteus_new_prekey_auto(): Promise<ProteusAutoPrekeyBundle>;
 	/**
-	 * see [core_crypto::mls::context::CentralContext::e2ei_mls_init_only]
+	 * See [core_crypto::context::CentralContext::proteus_last_resort_prekey]
 	 */
-	e2ei_mls_init_only(enrollment: FfiWireE2EIdentity, certificate_chain: string, nb_key_package?: number): Promise<any>;
+	proteus_last_resort_prekey(): Promise<Uint8Array>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * See [core_crypto::mls::conversation::ConversationGuard::e2ei_rotate]
+	 * See [core_crypto::context::CentralContext::proteus_fingerprint]
 	 */
-	e2ei_rotate(conversation_id: Uint8Array): Promise<any>;
+	proteus_fingerprint(): Promise<string>;
 	/**
-	 * Returns: [`WasmCryptoResult<Option<Vec<String>>>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::save_x509_credential]
+	 * See [core_crypto::context::CentralContext::proteus_fingerprint_local]
 	 */
-	save_x509_credential(enrollment: FfiWireE2EIdentity, certificate_chain: string): Promise<any>;
+	proteus_fingerprint_local(session_id: string): Promise<string>;
 	/**
-	 * Returns: [`WasmCryptoResult<()>`]
-	 *
-	 * see [core_crypto::context::CentralContext::delete_stale_key_packages]
+	 * See [core_crypto::context::CentralContext::proteus_fingerprint_remote]
 	 */
-	delete_stale_key_packages(cipher_suite: Ciphersuite$1): Promise<any>;
+	proteus_fingerprint_remote(session_id: string): Promise<string>;
 	/**
-	 * see [core_crypto::mls::context::CentralContext::e2ei_enrollment_stash]
+	 * See [core_crypto::context::CentralContext::proteus_cryptobox_migrate]
 	 */
-	e2ei_enrollment_stash(enrollment: FfiWireE2EIdentity): Promise<any>;
+	proteus_cryptobox_migrate(path: string): Promise<void>;
 	/**
-	 * see [core_crypto::mls::context::CentralContext::e2ei_enrollment_stash_pop]
+	 * See [core_crypto::context::CentralContext::proteus_reload_sessions]
 	 */
-	e2ei_enrollment_stash_pop(handle: Uint8Array): Promise<any>;
+	proteus_reload_sessions(): Promise<void>;
 	/**
-	 * Returns [`WasmCryptoResult<u8>`]
-	 *
-	 * see [core_crypto::mls::conversation::ImmutableConversation::e2ei_conversation_state]
+	 * See [core_crypto::proteus::ProteusCentral::last_resort_prekey_id]
 	 */
-	e2ei_conversation_state(conversation_id: Uint8Array): Promise<any>;
+	static proteus_last_resort_prekey_id(): number;
 	/**
-	 * Returns [`WasmCryptoResult<bool>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::e2ei_is_enabled]
+	 * See [core_crypto::proteus::ProteusCentral::fingerprint_prekeybundle]
 	 */
-	e2ei_is_enabled(ciphersuite: Ciphersuite$1): Promise<any>;
+	static proteus_fingerprint_prekeybundle(prekey: Uint8Array): string;
 	/**
-	 * Returns [`WasmCryptoResult<Vec<WireIdentity>>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::get_device_identities]
+	 * See [core_crypto::context::CentralContext::set_data].
 	 */
-	get_device_identities(conversation_id: Uint8Array, device_ids: (Uint8Array)[]): Promise<any>;
+	set_data(data: Uint8Array): Promise<void>;
 	/**
-	 * Returns [`WasmCryptoResult<HashMap<String, Vec<WireIdentity>>>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::get_user_identities]
+	 * See [core_crypto::context::CentralContext::get_data].
 	 */
-	get_user_identities(conversation_id: Uint8Array, user_ids: (string)[]): Promise<any>;
+	get_data(): Promise<Uint8Array | undefined>;
 	/**
-	 * Returns: [`WasmCryptoResult<u8>`]
-	 *
-	 * see [core_crypto::mls::context::CentralContext::get_credential_in_use]
+	 * see [core_crypto::mls::context::CentralContext::random_bytes]
 	 */
-	get_credential_in_use(group_info: Uint8Array, credential_type: CredentialType): Promise<any>;
+	random_bytes(len: number): Promise<Uint8Array>;
 }
-declare class CoreCryptoWasmLogger {
+declare class CrlRegistration {
 	free(): void;
-	constructor(logger: Function, ctx: any);
+	constructor(dirty: boolean, expiration?: bigint | null);
+	/**
+	 * Whether this CRL modifies the old CRL (i.e. has a different revocated cert list)
+	 */
+	dirty: boolean;
+	/**
+	 * Optional expiration timestamp
+	 */
+	get expiration(): bigint | undefined;
+	/**
+	 * Optional expiration timestamp
+	 */
+	set expiration(value: bigint | null | undefined);
 }
 /**
  * see [core_crypto::prelude::MlsCustomConfiguration]
  */
 export class CustomConfiguration {
 	free(): void;
-	constructor(key_rotation_span?: number, wire_policy?: WirePolicy);
+	constructor(key_rotation_span?: number | null, wire_policy?: WirePolicy | null);
 	/**
 	 *  Duration in seconds after which we will automatically force a self-update commit
 	 *  Note: This isn't currently implemented
 	 */
-	keyRotationSpan?: number;
+	get keyRotationSpan(): number | undefined;
+	/**
+	 *  Duration in seconds after which we will automatically force a self-update commit
+	 *  Note: This isn't currently implemented
+	 */
+	set keyRotationSpan(value: number | null | undefined);
 	/**
 	 * Defines if handshake messages are encrypted or not
 	 * Note: encrypted handshake messages are not supported by wire-server
 	 */
-	wirePolicy?: WirePolicy;
+	get wirePolicy(): WirePolicy | undefined;
+	/**
+	 * Defines if handshake messages are encrypted or not
+	 * Note: encrypted handshake messages are not supported by wire-server
+	 */
+	set wirePolicy(value: WirePolicy | null | undefined);
+}
+export class DatabaseKey {
+	free(): void;
+	constructor(buf: Uint8Array);
 }
-declare class E2eiDumpedPkiEnv {
+declare class DecryptedMessage {
+	private constructor();
+	free(): void;
+	readonly message: Uint8Array | undefined;
+	readonly proposals: ProposalBundle[];
+	/**
+	 * It is set to false if ingesting this MLS message has resulted in the client being removed from the group (i.e. a Remove commit)
+	 */
+	readonly isActive: boolean;
+	/**
+	 * Commit delay hint (in milliseconds) to prevent clients from hammering the server with epoch changes
+	 */
+	readonly commitDelay: bigint | undefined;
+	readonly senderClientId: ClientId | undefined;
+	/**
+	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
+	 *
+	 * Deprecated: this member will be removed in the future. Prefer using the `EpochObserver` interface.
+	 */
+	readonly hasEpochChanged: boolean;
+	readonly identity: WireIdentity;
+	readonly bufferedMessages: BufferedDecryptedMessage[] | undefined;
+	/**
+	 * New CRL Distribution of members of this group
+	 */
+	readonly crlNewDistributionPoints: NewCrlDistributionPoints;
+}
+/**
+ * Dump of the PKI environemnt as PEM
+ */
+export class E2eiDumpedPkiEnv {
 	private constructor();
 	free(): void;
 	/**
@@ -574,85 +613,91 @@ declare class E2eiDumpedPkiEnv {
 	/**
 	 * Intermediate CAs that are loaded
 	 */
-	readonly intermediates: (string)[];
+	readonly intermediates: string[];
 	/**
 	 * CRLs registered in the PKI env
 	 */
-	readonly crls: (string)[];
+	readonly crls: string[];
 }
 declare class FfiWireE2EIdentity {
 	private constructor();
 	free(): void;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::directory_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::directory_response]
 	 */
-	directory_response(directory: Uint8Array): Promise<any>;
+	directory_response(directory: Uint8Array): Promise<AcmeDirectory>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_account_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_account_request]
 	 */
-	new_account_request(previous_nonce: string): Promise<any>;
+	new_account_request(previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_account_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_account_response]
 	 */
-	new_account_response(account: Uint8Array): Promise<any>;
+	new_account_response(account: Uint8Array): Promise<void>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_order_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_order_request]
 	 */
-	new_order_request(previous_nonce: string): Promise<any>;
+	new_order_request(previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_order_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_order_response]
 	 */
-	new_order_response(order: Uint8Array): Promise<any>;
+	new_order_response(order: Uint8Array): Promise<NewAcmeOrder>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_authz_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_authz_request]
 	 */
-	new_authz_request(url: string, previous_nonce: string): Promise<any>;
+	new_authz_request(url: string, previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_authz_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_authz_response]
 	 */
-	new_authz_response(authz: Uint8Array): Promise<any>;
+	new_authz_response(authz: Uint8Array): Promise<NewAcmeAuthz>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::create_dpop_token]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::create_dpop_token]
 	 */
-	create_dpop_token(expiry_secs: number, backend_nonce: string): Promise<any>;
+	create_dpop_token(expiry_secs: number, backend_nonce: string): Promise<string>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_dpop_challenge_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_dpop_challenge_request]
 	 */
-	new_dpop_challenge_request(access_token: string, previous_nonce: string): Promise<any>;
+	new_dpop_challenge_request(access_token: string, previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_dpop_challenge_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_dpop_challenge_response]
 	 */
-	new_dpop_challenge_response(challenge: Uint8Array): Promise<any>;
+	new_dpop_challenge_response(challenge: Uint8Array): Promise<void>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_oidc_challenge_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::check_order_request]
 	 */
-	new_oidc_challenge_request(id_token: string, previous_nonce: string): Promise<any>;
+	check_order_request(order_url: string, previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::new_oidc_challenge_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::check_order_response]
 	 */
-	new_oidc_challenge_response(challenge: Uint8Array): Promise<any>;
+	check_order_response(order: Uint8Array): Promise<string>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::check_order_request]
+	 * See [core_crypto::prelude::E2eiEnrollment::finalize_request]
 	 */
-	check_order_request(order_url: string, previous_nonce: string): Promise<any>;
+	finalize_request(previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::check_order_response]
+	 * See [core_crypto::prelude::E2eiEnrollment::finalize_response]
 	 */
-	check_order_response(order: Uint8Array): Promise<any>;
+	finalize_response(finalize: Uint8Array): Promise<string>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::finalize_request]
+	 * See [core_crypto::prelude::E2eiEnrollment::certificate_request]
 	 */
-	finalize_request(previous_nonce: string): Promise<any>;
+	certificate_request(previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::finalize_response]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_oidc_challenge_request]
 	 */
-	finalize_response(finalize: Uint8Array): Promise<any>;
+	new_oidc_challenge_request(id_token: string, previous_nonce: string): Promise<Uint8Array>;
 	/**
-	 * See [core_crypto::e2e_identity::WireE2eIdentity::certificate_request]
+	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_oidc_challenge_response]
 	 */
-	certificate_request(previous_nonce: string): Promise<any>;
+	new_oidc_challenge_response(challenge: Uint8Array): Promise<void>;
 }
-declare class NewAcmeAuthz {
+/**
+ * Result of an authorization creation.
+ *
+ * - See https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5
+ * - See [core_crypto::e2e_identity::types::E2eiNewAcmeAuthz]
+ */
+export class NewAcmeAuthz {
 	private constructor();
 	free(): void;
 	/**
@@ -668,30 +713,70 @@ declare class NewAcmeAuthz {
 	 */
 	readonly challenge: AcmeChallenge;
 }
-declare class NewAcmeOrder {
+/**
+ * Result of an order creation.
+ *
+ * - See https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
+ * - See [core_crypto::e2e_identity::types::E2eiNewAcmeOrder]
+ */
+export class NewAcmeOrder {
+	private constructor();
+	free(): void;
+	readonly delegate: Uint8Array;
+	readonly authorizations: string[];
+}
+declare class NewCrlDistributionPoints {
+	private constructor();
+	free(): void;
+	as_strings(): string[] | undefined;
+}
+declare class ProposalBundle {
 	private constructor();
 	free(): void;
-	readonly authorizations: (Uint8Array)[];
 	/**
-	 * Contains raw JSON data of this order. This is parsed by the underlying Rust library hence should not be accessed
+	 * TLS-serialized MLS proposal that needs to be fanned out to other (existing) members of the conversation
 	 */
-	readonly delegate: Uint8Array;
+	proposal: Uint8Array;
+	/**
+	 * Unique identifier of a proposal.
+	 */
+	proposal_ref: Uint8Array;
+	/**
+	 * New CRL Distribution of members of this group
+	 */
+	get crl_new_distribution_points(): string[] | undefined;
+	/**
+	 * New CRL Distribution of members of this group
+	 */
+	set crl_new_distribution_points(value: string[] | null | undefined);
 }
+declare class ProteusAutoPrekeyBundle {
+	private constructor();
+	free(): void;
+	readonly id: number;
+	readonly pkb: Uint8Array;
+}
+/**
+ * see [core_crypto::prelude::MlsConversationCreationMessage]
+ */
 export class WelcomeBundle {
 	private constructor();
 	free(): void;
 	/**
 	 * Identifier of the joined conversation
 	 */
-	readonly id: Uint8Array;
+	id: Uint8Array;
+	/**
+	 * New CRL Distribution of members of this group
+	 */
+	get crl_new_distribution_points(): string[] | undefined;
 	/**
 	 * New CRL Distribution of members of this group
 	 */
-	readonly crlNewDistributionPoints: Array<any> | undefined;
+	set crl_new_distribution_points(value: string[] | null | undefined);
 }
 /**
- * Represents the identity claims identifying a client
- * Those claims are verifiable by any member in the group
+ * See [core_crypto::prelude::WireIdentity]
  */
 export class WireIdentity {
 	private constructor();
@@ -703,49 +788,27 @@ export class WireIdentity {
 	/**
 	 * Status of the Credential at the moment this object is created
 	 */
-	readonly status: number;
+	readonly status: DeviceStatus;
 	/**
 	 * MLS thumbprint
 	 */
 	readonly thumbprint: string;
-	readonly credentialType: number;
+	credentialType: CredentialType;
 	readonly x509Identity: X509Identity | undefined;
 }
 /**
- * Represents the identity claims identifying a client
- * Those claims are verifiable by any member in the group
+ * See [core_crypto::prelude::X509Identity]
  */
 export class X509Identity {
 	private constructor();
 	free(): void;
-	/**
-	 * user handle e.g. `john_wire`
-	 */
-	readonly handle: string;
-	/**
-	 * Name as displayed in the messaging application e.g. `John Fitzgerald Kennedy`
-	 */
-	readonly displayName: string;
-	/**
-	 * DNS domain for which this identity proof was generated e.g. `whitehouse.gov`
-	 */
-	readonly domain: string;
-	/**
-	 * X509 certificate identifying this client in the MLS group ; PEM encoded
-	 */
-	readonly certificate: string;
-	/**
-	 * X509 certificate serial number
-	 */
-	readonly serialNumber: string;
-	/**
-	 * X509 certificate not before as Unix timestamp
-	 */
-	readonly notBefore: bigint;
-	/**
-	 * X509 certificate not after as Unix timestamp
-	 */
-	readonly notAfter: bigint;
+	handle: string;
+	display_name: string;
+	domain: string;
+	certificate: string;
+	serial_number: string;
+	not_before: bigint;
+	not_after: bigint;
 }
 interface ConversationConfiguration$1 {
 	/**
@@ -791,29 +854,6 @@ export declare class CoreCryptoError extends Error {
 	static fromStdError(e: Error): CoreCryptoError | Error;
 	static asyncMapErr<T>(p: Promise<T>): Promise<T>;
 }
-declare enum CredentialType$1 {
-	/**
-	 * Just a KeyPair
-	 */
-	Basic = 1,
-	/**
-	 * A certificate obtained through e2e identity enrollment process
-	 */
-	X509 = 2
-}
-/**
- * see [core_crypto::prelude::MlsWirePolicy]
- */
-declare enum WirePolicy$1 {
-	/**
-	 * Handshake messages are never encrypted
-	 */
-	Plaintext = 1,
-	/**
-	 * Handshake messages are always encrypted
-	 */
-	Ciphertext = 2
-}
 /**
  * Alias for conversation IDs.
  * This is a freeform, uninspected buffer.
@@ -823,7 +863,7 @@ export type ConversationId = Uint8Array;
  * Alias for client identifier.
  * This is a freeform, uninspected buffer.
  */
-export type ClientId = Uint8Array;
+type ClientId$1 = Uint8Array;
 /**
  * Alias for proposal reference. It is a byte array of size 16.
  */
@@ -859,52 +899,20 @@ export interface GroupInfoBundle {
 	/**
 	 * see {@link GroupInfoEncryptionType}
 	 */
-	encryptionType: GroupInfoEncryptionType;
+	encryptionType: MlsGroupInfoEncryptionType;
 	/**
 	 * see {@link RatchetTreeType}
 	 */
-	ratchetTreeType: RatchetTreeType;
+	ratchetTreeType: MlsRatchetTreeType;
 	/**
 	 * TLS-serialized GroupInfo
 	 */
 	payload: Uint8Array;
 }
-/**
- * Informs whether the GroupInfo is confidential
- * see [core_crypto::mls::conversation::group_info::GroupInfoEncryptionType]
- */
-export declare enum GroupInfoEncryptionType {
-	/**
-	 * Unencrypted
-	 */
-	Plaintext = 1,
-	/**
-	 * Encrypted in a JWE (not yet implemented)
-	 */
-	JweEncrypted = 2
-}
-/**
- * Represents different ways of carrying the Ratchet Tree with some optimizations to save some space
- * see [core_crypto::mls::conversation::group_info::RatchetTreeType]
- */
-export declare enum RatchetTreeType {
-	/**
-	 * Complete GroupInfo
-	 */
-	Full = 1,
-	/**
-	 * Contains the difference since previous epoch (not yet implemented)
-	 */
-	Delta = 2,
-	/**
-	 * To define (not yet implemented)
-	 */
-	ByRef = 3
-}
 /**
  * This is a wrapper for all the possible outcomes you can get after decrypting a message
  */
-export interface DecryptedMessage {
+interface DecryptedMessage$1 {
 	/**
 	 * Raw decrypted application message, if the decrypted MLS message is an application message
 	 */
@@ -915,7 +923,7 @@ export interface DecryptedMessage {
 	 *   * local pending proposal not in the accepted commit
 	 *   * If there is a pending commit, its proposals which are not in the accepted commit
 	 */
-	proposals: ProposalBundle[];
+	proposals: ProposalBundle$1[];
 	/**
 	 * It is set to false if ingesting this MLS message has resulted in the client being removed from the group (i.e. a Remove commit)
 	 */
@@ -927,7 +935,7 @@ export interface DecryptedMessage {
 	/**
 	 * Client identifier of the sender of the message being decrypted. Only present for application messages.
 	 */
-	senderClientId?: ClientId;
+	senderClientId?: ClientId$1;
 	/**
 	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
 	 */
@@ -943,7 +951,7 @@ export interface DecryptedMessage {
 	 * Contains buffered messages for next epoch which were received before the commit creating the epoch
 	 * because the DS did not fan them out in order.
 	 */
-	bufferedMessages?: BufferedDecryptedMessage[];
+	bufferedMessages?: BufferedDecryptedMessage$1[];
 	/**
 	 * New CRL distribution points that appeared by the introduction of a new credential
 	 */
@@ -952,7 +960,7 @@ export interface DecryptedMessage {
 /**
  * Almost same as {@link DecryptedMessage} but avoids recursion
  */
-export interface BufferedDecryptedMessage {
+interface BufferedDecryptedMessage$1 {
 	/**
 	 * see {@link DecryptedMessage.message}
 	 */
@@ -960,7 +968,7 @@ export interface BufferedDecryptedMessage {
 	/**
 	 * see {@link DecryptedMessage.proposals}
 	 */
-	proposals: ProposalBundle[];
+	proposals: ProposalBundle$1[];
 	/**
 	 * see {@link DecryptedMessage.isActive}
 	 */
@@ -972,7 +980,7 @@ export interface BufferedDecryptedMessage {
 	/**
 	 * see {@link DecryptedMessage.senderClientId}
 	 */
-	senderClientId?: ClientId;
+	senderClientId?: ClientId$1;
 	/**
 	 * see {@link DecryptedMessage.hasEpochChanged}
 	 */
@@ -986,28 +994,10 @@ export interface BufferedDecryptedMessage {
 	 */
 	crlNewDistributionPoints?: string[];
 }
-/**
- * Indicates the standalone status of a device Credential in a MLS group at a moment T.
- * This does not represent the states where a device is not using MLS or is not using end-to-end identity
- */
-export declare enum DeviceStatus {
-	/**
-	 * All is fine
-	 */
-	Valid = 1,
-	/**
-	 * The Credential's certificate is expired
-	 */
-	Expired = 2,
-	/**
-	 * The Credential's certificate is revoked
-	 */
-	Revoked = 3
-}
 /**
  * Returned by all methods creating proposals. Contains a proposal message and an identifier to roll back the proposal
  */
-export interface ProposalBundle {
+interface ProposalBundle$1 {
 	/**
 	 * TLS-serialized MLS proposal that needs to be fanned out to other (existing) members of the conversation
 	 *
@@ -1074,7 +1064,7 @@ export interface CRLRegistration {
 	 */
 	expiration?: number;
 }
-export interface AcmeDirectory {
+interface AcmeDirectory$1 {
 	/**
 	 * URL for fetching a new nonce. Use this only for creating a new account.
 	 */
@@ -1095,12 +1085,12 @@ export interface AcmeDirectory {
 /**
  * Returned by APIs whose code paths potentially discover new certificate revocation list distribution URLs.
  */
-export type NewCrlDistributionPoints = string[] | undefined;
+type NewCrlDistributionPoints$1 = string[] | undefined;
 export type JsonRawData = Uint8Array;
 export declare class E2eiEnrollment {
 	#private;
 	/** @hidden */
-	constructor(e2ei: unknown);
+	constructor(e2ei: FfiWireE2EIdentity);
 	free(): void;
 	/**
 	 * Should only be used internally
@@ -1114,7 +1104,7 @@ export declare class E2eiEnrollment {
 	 * @param directory HTTP response body
 	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.1.1
 	 */
-	directoryResponse(directory: JsonRawData): Promise<AcmeDirectory>;
+	directoryResponse(directory: JsonRawData): Promise<AcmeDirectory$1>;
 	/**
 	 * For creating a new acme account. This returns a signed JWS-alike request body to send to
 	 * `POST /acme/{provisioner-name}/new-account`.
@@ -1245,7 +1235,7 @@ export declare class E2eiEnrollment {
  * Note: this does not check pending state (pending commit, pending proposals) so it does not
  * consider members about to be added/removed
  */
-export declare enum E2eiConversationState {
+declare enum E2eiConversationState$1 {
 	/**
 	 * All clients have a valid E2EI certificate
 	 */
@@ -1262,7 +1252,7 @@ export declare enum E2eiConversationState {
 /**
  * Data shape for proteusNewPrekeyAuto() call returns.
  */
-export interface ProteusAutoPrekeyBundle {
+interface ProteusAutoPrekeyBundle$1 {
 	/**
 	 * Proteus PreKey id
 	 *
@@ -1300,7 +1290,7 @@ declare class CoreCryptoContext$1 {
 	 * @param ciphersuites - All the ciphersuites supported by this MLS client
 	 * @param nbKeyPackage - number of initial KeyPackage to create when initializing the client
 	 */
-	mlsInit(clientId: ClientId, ciphersuites: Ciphersuite[], nbKeyPackage?: number): Promise<void>;
+	mlsInit(clientId: ClientId$1, ciphersuites: Ciphersuite[], nbKeyPackage?: number): Promise<void>;
 	/**
 	 * Generates a MLS KeyPair/CredentialBundle with a temporary, random client ID.
 	 * This method is designed to be used in conjunction with {@link CoreCryptoContext.mlsInitWithClientId} and represents the first step in this process
@@ -1318,7 +1308,7 @@ declare class CoreCryptoContext$1 {
 	 * @param signaturePublicKeys - The public key you were given at the first step; This is for authentication purposes
 	 * @param ciphersuites - All the ciphersuites supported by this MLS client
 	 */
-	mlsInitWithClientId(clientId: ClientId, signaturePublicKeys: Uint8Array[], ciphersuites: Ciphersuite[]): Promise<void>;
+	mlsInitWithClientId(clientId: ClientId$1, signaturePublicKeys: Uint8Array[], ciphersuites: Ciphersuite[]): Promise<void>;
 	/**
 	 * Checks if the Client is member of a given conversation and if the MLS Group is loaded up
 	 *
@@ -1378,9 +1368,8 @@ declare class CoreCryptoContext$1 {
 	 * @param configuration - configuration of the MLS group
 	 * @param configuration.ciphersuite - The {@link Ciphersuite} that is chosen to be the group's
 	 * @param configuration.externalSenders - Array of Client IDs that are qualified as external senders within the group
-	 * @param configuration.custom - {@link CustomConfiguration}
 	 */
-	createConversation(conversationId: ConversationId, creatorCredentialType: CredentialType$1, configuration?: ConversationConfiguration$1): Promise<any>;
+	createConversation(conversationId: ConversationId, creatorCredentialType: CredentialType, configuration?: ConversationConfiguration$1): Promise<void>;
 	/**
 	 * Decrypts a message for a given conversation.
 	 *
@@ -1394,7 +1383,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @returns a {@link DecryptedMessage}. Note that {@link DecryptedMessage#message} is `undefined` when the encrypted payload contains a system message such a proposal or commit
 	 */
-	decryptMessage(conversationId: ConversationId, payload: Uint8Array): Promise<DecryptedMessage>;
+	decryptMessage(conversationId: ConversationId, payload: Uint8Array): Promise<DecryptedMessage$1>;
 	/**
 	 * Encrypts a message for a given conversation
 	 *
@@ -1423,14 +1412,14 @@ declare class CoreCryptoContext$1 {
 	 * @param credentialType - of the public key to look for
 	 * @returns the client's public signature key
 	 */
-	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType$1): Promise<Uint8Array>;
+	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<Uint8Array>;
 	/**
 	 *
 	 * @param ciphersuite - of the KeyPackages to count
 	 * @param credentialType - of the KeyPackages to count
 	 * @returns The amount of valid, non-expired KeyPackages that are persisted in the backing storage
 	 */
-	clientValidKeypackagesCount(ciphersuite: Ciphersuite, credentialType: CredentialType$1): Promise<number>;
+	clientValidKeypackagesCount(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<number>;
 	/**
 	 * Fetches a requested amount of keypackages
 	 *
@@ -1439,7 +1428,7 @@ declare class CoreCryptoContext$1 {
 	 * @param amountRequested - The amount of keypackages requested
 	 * @returns An array of length `amountRequested` containing TLS-serialized KeyPackages
 	 */
-	clientKeypackages(ciphersuite: Ciphersuite, credentialType: CredentialType$1, amountRequested: number): Promise<Array<Uint8Array>>;
+	clientKeypackages(ciphersuite: Ciphersuite, credentialType: CredentialType, amountRequested: number): Promise<Array<Uint8Array>>;
 	/**
 	 * Prunes local KeyPackages after making sure they also have been deleted on the backend side
 	 * You should only use this after calling {@link CoreCryptoContext.e2eiRotate} on all conversations.
@@ -1457,7 +1446,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @returns Potentially a list of newly discovered crl distribution points
 	 */
-	addClientsToConversation(conversationId: ConversationId, keyPackages: Uint8Array[]): Promise<NewCrlDistributionPoints>;
+	addClientsToConversation(conversationId: ConversationId, keyPackages: Uint8Array[]): Promise<NewCrlDistributionPoints$1>;
 	/**
 	 * Removes the provided clients from a conversation; Assuming those clients exist and the current client is allowed
 	 * to do so, otherwise this operation does nothing.
@@ -1465,7 +1454,7 @@ declare class CoreCryptoContext$1 {
 	 * @param conversationId - The ID of the conversation
 	 * @param clientIds - Array of Client IDs to remove.
 	 */
-	removeClientsFromConversation(conversationId: ConversationId, clientIds: ClientId[]): Promise<void>;
+	removeClientsFromConversation(conversationId: ConversationId, clientIds: ClientId$1[]): Promise<void>;
 	/**
 	 * Update the keying material of the conversation.
 	 *
@@ -1495,7 +1484,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @return see {@link WelcomeBundle}
 	 */
-	joinByExternalCommit(groupInfo: Uint8Array, credentialType: CredentialType$1, configuration?: Partial<CustomConfiguration>): Promise<WelcomeBundle>;
+	joinByExternalCommit(groupInfo: Uint8Array, credentialType: CredentialType, configuration?: Partial<CustomConfiguration>): Promise<WelcomeBundle>;
 	/**
 	 * Derives a new key from the group
 	 *
@@ -1522,7 +1511,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @returns A list of clients from the members of the group
 	 */
-	getClientIds(conversationId: ConversationId): Promise<ClientId[]>;
+	getClientIds(conversationId: ConversationId): Promise<ClientId$1[]>;
 	/**
 	 * Allows {@link CoreCryptoContext} to act as a CSPRNG provider
 	 *
@@ -1613,7 +1602,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @returns A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey accompanied by its ID
 	 */
-	proteusNewPrekeyAuto(): Promise<ProteusAutoPrekeyBundle>;
+	proteusNewPrekeyAuto(): Promise<ProteusAutoPrekeyBundle$1>;
 	/**
 	 * Proteus last resort prekey stuff
 	 *
@@ -1707,7 +1696,7 @@ declare class CoreCryptoContext$1 {
 	 * @param nbKeyPackage - number of initial KeyPackage to create when initializing the client
 	 * @returns a MlsClient initialized with only a x509 credential
 	 */
-	e2eiMlsInitOnly(enrollment: E2eiEnrollment, certificateChain: string, nbKeyPackage?: number): Promise<NewCrlDistributionPoints>;
+	e2eiMlsInitOnly(enrollment: E2eiEnrollment, certificateChain: string, nbKeyPackage?: number): Promise<NewCrlDistributionPoints$1>;
 	/**
 	 * Dumps the PKI environment as PEM
 	 *
@@ -1735,7 +1724,7 @@ declare class CoreCryptoContext$1 {
 	 *
 	 * @param certPEM - PEM certificate to register as an Intermediate CA
 	 */
-	e2eiRegisterIntermediateCA(certPEM: string): Promise<NewCrlDistributionPoints>;
+	e2eiRegisterIntermediateCA(certPEM: string): Promise<NewCrlDistributionPoints$1>;
 	/**
 	 * Registers a CRL for the use in E2EI processing.
 	 *
@@ -1777,7 +1766,7 @@ declare class CoreCryptoContext$1 {
 	 * @param certificateChain - the raw response from ACME server
 	 * @returns Potentially a list of new crl distribution points discovered in the certificate chain
 	 */
-	saveX509Credential(enrollment: E2eiEnrollment, certificateChain: string): Promise<NewCrlDistributionPoints>;
+	saveX509Credential(enrollment: E2eiEnrollment, certificateChain: string): Promise<NewCrlDistributionPoints$1>;
 	/**
 	 * Deletes all key packages whose credential does not match the most recently
 	 * saved x509 credential and the provided signature scheme.
@@ -1806,7 +1795,7 @@ declare class CoreCryptoContext$1 {
 	 * @param conversationId The group's ID
 	 * @returns the conversation state given current members
 	 */
-	e2eiConversationState(conversationId: ConversationId): Promise<E2eiConversationState>;
+	e2eiConversationState(conversationId: ConversationId): Promise<E2eiConversationState$1>;
 	/**
 	 * Returns true when end-to-end-identity is enabled for the given Ciphersuite
 	 *
@@ -1822,7 +1811,7 @@ declare class CoreCryptoContext$1 {
 	 * @param deviceIds - identifiers of the devices
 	 * @returns identities or if no member has a x509 certificate, it will return an empty List
 	 */
-	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId[]): Promise<WireIdentity[]>;
+	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId$1[]): Promise<WireIdentity[]>;
 	/**
 	 * From a given conversation, get the identity of the users (device holders) supplied.
 	 * Identity is only present for devices with a Certificate Credential (after turning on end-to-end identity).
@@ -1841,7 +1830,7 @@ declare class CoreCryptoContext$1 {
 	 * @param credentialType - kind of Credential to check usage of. Defaults to X509 for now as no other value will give any result.
 	 * @returns see {@link E2eiConversationState}
 	 */
-	getCredentialInUse(groupInfo: Uint8Array, credentialType?: CredentialType$1): Promise<E2eiConversationState>;
+	getCredentialInUse(groupInfo: Uint8Array, credentialType?: CredentialType): Promise<E2eiConversationState$1>;
 }
 /**
  * Params for CoreCrypto deferred initialization
@@ -1856,7 +1845,7 @@ export interface CoreCryptoDeferredParams {
 	 * Encryption master key
 	 * This should be appropriately stored in a secure location (i.e. WebCrypto private key storage)
 	 */
-	key: string;
+	key: DatabaseKey;
 	/**
 	 * External PRNG entropy pool seed.
 	 * This **must** be exactly 32 bytes
@@ -1876,7 +1865,7 @@ export interface CoreCryptoParams extends CoreCryptoDeferredParams {
 	 * MLS Client ID.
 	 * This should stay consistent as it will be verified against the stored signature & identity to validate the persisted credential
 	 */
-	clientId: ClientId;
+	clientId: ClientId$1;
 	/**
 	 * All the ciphersuites this MLS client can support
 	 */
@@ -1896,7 +1885,7 @@ export interface EpochObserver {
  *
  * @param logger - the interface to be called when something is going to be logged
  **/
-export declare function setLogger(logger: CoreCryptoLogger, ctx?: unknown): void;
+export declare function setLogger(logger: CoreCryptoLogger): void;
 /**
  * An interface to register a logger in CoreCrypto
  **/
@@ -1947,7 +1936,7 @@ export declare class CoreCrypto {
 	 * Should only be used internally
 	 */
 	inner(): unknown;
-	static setLogger(logger: CoreCryptoWasmLogger): void;
+	static setLogger(logger: CoreCryptoLogger): void;
 	static setMaxLogLevel(level: CoreCryptoLogLevel): void;
 	/**
 	 * This is your entrypoint to initialize {@link CoreCrypto}!
@@ -2003,11 +1992,23 @@ export declare class CoreCrypto {
 	transaction<R>(callback: (ctx: CoreCryptoContext$1) => Promise<R>): Promise<R>;
 	/** @hidden */
 	private constructor();
+	/**
+	 * If this returns `false` you **cannot** call {@link CoreCrypto.close} as it will produce an error because of the
+	 * outstanding references that were detected.
+	 *
+	 * As always with this kind of thing, beware TOCTOU.
+	 *
+	 * @returns whether the CoreCrypto instance can currently close.
+	 */
+	canClose(): Promise<boolean>;
 	/**
 	 * If this returns `true` you **cannot** call {@link CoreCrypto.close} as it will produce an error because of the
 	 * outstanding references that were detected.
 	 *
-	 * @returns whether the CoreCrypto instance is locked
+	 * This will never return `true` as we need an async method to accurately determine whether or not this can close.
+	 *
+	 * @returns false
+	 * @deprecated prefer {@link CoreCrypto.canClose}
 	 */
 	isLocked(): boolean;
 	/**
@@ -2021,8 +2022,9 @@ export declare class CoreCrypto {
 	 * a commit bundle or a message, respectively.
 	 *
 	 * @param transportProvider - Any implementor of the {@link MlsTransport} interface
+	 * @param _ctx - unused
 	 */
-	provideTransport(transportProvider: MlsTransport, ctx?: unknown): Promise<void>;
+	provideTransport(transportProvider: MlsTransport, _ctx?: unknown): Promise<void>;
 	/**
 	 * See {@link CoreCryptoContext.conversationExists}.
 	 */
@@ -2053,7 +2055,7 @@ export declare class CoreCrypto {
 	 * @param credentialType - of the public key to look for
 	 * @returns the client's public signature key
 	 */
-	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType$1): Promise<Uint8Array>;
+	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<Uint8Array>;
 	/**
 	 * See {@link CoreCryptoContext.exportSecretKey}.
 	 *
@@ -2079,7 +2081,7 @@ export declare class CoreCrypto {
 	 *
 	 * @returns A list of clients from the members of the group
 	 */
-	getClientIds(conversationId: ConversationId): Promise<ClientId[]>;
+	getClientIds(conversationId: ConversationId): Promise<ClientId$1[]>;
 	/**
 	 * See {@link CoreCryptoContext.randomBytes}.
 	 *
@@ -2159,7 +2161,7 @@ export declare class CoreCrypto {
 	 * @param deviceIds - identifiers of the devices
 	 * @returns identities or if no member has a x509 certificate, it will return an empty List
 	 */
-	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId[]): Promise<WireIdentity[]>;
+	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId$1[]): Promise<WireIdentity[]>;
 	/**
 	 * See {@link CoreCryptoContext.getUserIdentities}.
 	 *
@@ -2175,7 +2177,7 @@ export declare class CoreCrypto {
 	 * @param credentialType - kind of Credential to check usage of. Defaults to X509 for now as no other value will give any result.
 	 * @returns see {@link E2eiConversationState}
 	 */
-	getCredentialInUse(groupInfo: Uint8Array, credentialType?: CredentialType$1): Promise<E2eiConversationState>;
+	getCredentialInUse(groupInfo: Uint8Array, credentialType?: CredentialType): Promise<E2eiConversationState$1>;
 	/**
 	 * Registers an epoch observer, which will then be notified every time a conversation's epoch changes.
 	 *
@@ -2186,10 +2188,18 @@ export declare class CoreCrypto {
 }
 export {
+	AcmeDirectory$1 as AcmeDirectory,
+	BufferedDecryptedMessage$1 as BufferedDecryptedMessage,
+	ClientId$1 as ClientId,
 	ConversationConfiguration$1 as ConversationConfiguration,
 	CoreCryptoContext$1 as CoreCryptoContext,
-	CredentialType$1 as CredentialType,
-	WirePolicy$1 as WirePolicy,
+	DecryptedMessage$1 as DecryptedMessage,
+	E2eiConversationState$1 as E2eiConversationState,
+	MlsGroupInfoEncryptionType as GroupInfoEncryptionType,
+	MlsRatchetTreeType as RatchetTreeType,
+	NewCrlDistributionPoints$1 as NewCrlDistributionPoints,
+	ProposalBundle$1 as ProposalBundle,
+	ProteusAutoPrekeyBundle$1 as ProteusAutoPrekeyBundle,
 };
 export {};