@wireapp/core-crypto 9.3.3 → 10.0.0-pre.10

package/src/corecrypto.d.ts

@@ -1,2567 +0,0 @@
-// Generated by dts-bundle-generator v9.5.1
-
-/* tslint:disable */
-/* eslint-disable */
-/**
- * Construct a ciphersuite enum instance from its discriminant.
- */
-export function ciphersuiteFromU16(discriminant: number): Ciphersuite;
-/**
- * Get an instance of the default ciphersuite.
- */
-export function ciphersuiteDefault(): Ciphersuite;
-/**
- * Updates the key of the CoreCrypto database.
- * To be used only once, when moving from CoreCrypto <= 5.x to CoreCrypto 6.x.
- */
-export function migrateDatabaseKeyTypeToBytes(path: string, old_key: string, new_key: DatabaseKey): Promise<void>;
-/**
- * Updates the key of the CoreCrypto database.
- */
-export function updateDatabaseKey(name: string, old_key: DatabaseKey, new_key: DatabaseKey): Promise<void>;
-/**
- * Open or create a [Database].
- */
-export function openDatabase(name: string, key: DatabaseKey): Promise<Database>;
-/**
- * MLS ciphersuites.
- */
-export enum Ciphersuite {
-	/**
-	 * DH KEM x25519 | AES-GCM 128 | SHA2-256 | Ed25519
-	 */
-	MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519 = 1,
-	/**
-	 * DH KEM P256 | AES-GCM 128 | SHA2-256 | EcDSA P256
-	 */
-	MLS_128_DHKEMP256_AES128GCM_SHA256_P256 = 2,
-	/**
-	 * DH KEM x25519 | Chacha20Poly1305 | SHA2-256 | Ed25519
-	 */
-	MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519 = 3,
-	/**
-	 * DH KEM x448 | AES-GCM 256 | SHA2-512 | Ed448
-	 */
-	MLS_256_DHKEMX448_AES256GCM_SHA512_Ed448 = 4,
-	/**
-	 * DH KEM P521 | AES-GCM 256 | SHA2-512 | EcDSA P521
-	 */
-	MLS_256_DHKEMP521_AES256GCM_SHA512_P521 = 5,
-	/**
-	 * DH KEM x448 | Chacha20Poly1305 | SHA2-512 | Ed448
-	 */
-	MLS_256_DHKEMX448_CHACHA20POLY1305_SHA512_Ed448 = 6,
-	/**
-	 * DH KEM P384 | AES-GCM 256 | SHA2-384 | EcDSA P384
-	 */
-	MLS_256_DHKEMP384_AES256GCM_SHA384_P384 = 7
-}
-/**
- * Type of Credential
- */
-export enum CredentialType {
-	/**
-	 * Basic credential i.e. a KeyPair
-	 */
-	Basic = 1,
-	/**
-	 * A x509 certificate generally obtained through e2e identity enrollment process
-	 */
-	X509 = 2
-}
-/**
- * Indicates the standalone status of a device Credential in a MLS group at a moment T.
- *
- * This does not represent the states where a device is not using MLS or is not using end-to-end identity
- */
-export enum DeviceStatus {
-	/**
-	 * All is fine
-	 */
-	Valid = 1,
-	/**
-	 * The Credential's certificate is expired
-	 */
-	Expired = 2,
-	/**
-	 * The Credential's certificate is revoked (not implemented yet)
-	 */
-	Revoked = 3
-}
-declare enum E2eiConversationState {
-	/**
-	 * All clients have a valid E2EI certificate
-	 */
-	Verified = 1,
-	/**
-	 * Some clients are either still Basic or their certificate is expired
-	 */
-	NotVerified = 2,
-	/**
-	 * All clients are still Basic. If all client have expired certificates, [E2eiConversationState::NotVerified] is returned.
-	 */
-	NotEnabled = 3
-}
-declare enum MlsGroupInfoEncryptionType {
-	/**
-	 * Unencrypted `GroupInfo`
-	 */
-	Plaintext = 1,
-	/**
-	 * `GroupInfo` encrypted in a JWE
-	 */
-	JweEncrypted = 2
-}
-declare enum MlsRatchetTreeType {
-	/**
-	 * Plain old and complete `GroupInfo`
-	 */
-	Full = 1,
-	/**
-	 * Contains `GroupInfo` changes since previous epoch (not yet implemented)
-	 * (see [draft](https://github.com/rohan-wire/ietf-drafts/blob/main/mahy-mls-ratchet-tree-delta/draft-mahy-mls-ratchet-tree-delta.md))
-	 */
-	Delta = 2,
-	ByRef = 3
-}
-/**
- * See [core_crypto::prelude::MlsWirePolicy]
- */
-export enum WirePolicy {
-	/**
-	 * Handshake messages are never encrypted
-	 */
-	Plaintext = 1,
-	/**
-	 * Handshake messages are always encrypted
-	 */
-	Ciphertext = 2
-}
-/**
- * For creating a challenge.
- *
- * - See <https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1>
- * - See [core_crypto::e2e_identity::types::E2eiAcmeChallenge]
- */
-export class AcmeChallenge {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Contains raw JSON data of this challenge. This is parsed by the underlying Rust library hence should not be accessed
-	 */
-	readonly delegate: Uint8Array;
-	/**
-	 * URL of this challenge
-	 */
-	readonly url: string;
-	/**
-	 * Non-standard, Wire specific claim. Indicates the consumer from where it should get the challenge proof.
-	 * Either from wire-server "/access-token" endpoint in case of a DPoP challenge, or from an OAuth token endpoint for an OIDC challenge
-	 */
-	readonly target: string;
-}
-declare class AcmeDirectory {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * URL for fetching a new nonce. Use this only for creating a new account.
-	 */
-	readonly newNonce: string;
-	/**
-	 * URL for creating a new account.
-	 */
-	readonly newAccount: string;
-	/**
-	 * URL for creating a new order.
-	 */
-	readonly newOrder: string;
-	/**
-	 * Revocation URL
-	 */
-	readonly revokeCert: string;
-}
-declare class BufferedDecryptedMessage {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Decrypted plaintext
-	 */
-	readonly message: Uint8Array | undefined;
-	/**
-	 * False if processing this message caused the client to be removed from the group, i.e. due to a Remove commit
-	 */
-	readonly isActive: boolean;
-	/**
-	 * Commit delay in seconds.
-	 *
-	 * When set, clients must delay this long before processing a commit.
-	 * This reduces load on the backend, which otherwise would receive epoch change notifications from all clients simultaneously.
-	 */
-	readonly commitDelay: bigint | undefined;
-	/**
-	 * [ClientId] of the sender of the message being decrypted. Only present for application messages.
-	 */
-	readonly senderClientId: ClientId | undefined;
-	/**
-	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
-	 *
-	 * Deprecated: this member will be removed in the future. Prefer using the `EpochObserver` interface.
-	 */
-	readonly hasEpochChanged: boolean;
-	/**
-	 * Identity claims present in the sender credential
-	 */
-	readonly identity: WireIdentity;
-	/**
-	 * New CRL distribution points that appeared by the introduction of a new credential
-	 */
-	readonly crlNewDistributionPoints: string[] | undefined;
-}
-/**
- * Metadata describing the conditions of the build of this software.
- */
-export class BuildMetadata {
-	private constructor();
-	/**
-	** Return copy of self without private attributes.
-	*/
-	toJSON(): Object;
-	/**
-	* Return stringified version of self.
-	*/
-	toString(): string;
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Build Timestamp
-	 */
-	readonly timestamp: string;
-	/**
-	 * Whether this build was in Debug mode (true) or Release mode (false)
-	 */
-	readonly cargoDebug: string;
-	/**
-	 * Features enabled for this build
-	 */
-	readonly cargoFeatures: string;
-	/**
-	 * Optimization level
-	 */
-	readonly optLevel: string;
-	/**
-	 * Build target triple
-	 */
-	readonly targetTriple: string;
-	/**
-	 * Git branch
-	 */
-	readonly gitBranch: string;
-	/**
-	 * Output of `git describe`
-	 */
-	readonly gitDescribe: string;
-	/**
-	 * Hash of current git commit
-	 */
-	readonly gitSha: string;
-	/**
-	 * `true` when the source code differed from the commit at the most recent git hash
-	 */
-	readonly gitDirty: string;
-}
-/**
- * A Client identifier
- *
- * A unique identifier for clients. A client is an identifier for each App a user is using, such as desktop,
- * mobile, etc. Users can have multiple clients.
- * More information [here](https://messaginglayersecurity.rocks/mls-architecture/draft-ietf-mls-architecture.html#name-group-members-and-clients)
- */
-export class ClientId {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Instantiate a client id from a byte array.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Copy the id into a new byte array.
-	 */
-	copyBytes(): Uint8Array;
-}
-declare class ConversationConfiguration {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a `ConversationConfiguration` from its parts.
-	 */
-	constructor(ciphersuite?: Ciphersuite | null, external_senders?: ExternalSenderKey[] | null, key_rotation_span?: number | null, wire_policy?: WirePolicy | null);
-	/**
-	 * The ciphersuite used in the group
-	 */
-	readonly ciphersuite: Ciphersuite | undefined;
-	/**
-	 * Delivery service public signature key and credential
-	 */
-	readonly externalSenders: ExternalSenderKey[];
-	/**
-	 * Implementation specific configuration
-	 */
-	readonly custom: CustomConfiguration;
-}
-/**
- * r" A unique identifier for a single conversation.
- * r"
- * r" The backend provides an opaque string identifying a new conversation.
- * r" Construct an instance of this newtype to pass that identifier to Rust.
- */
-export class ConversationId {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-declare class CoreCryptoContext {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_enrollment]
-	 */
-	e2ei_new_enrollment(client_id: string, display_name: string, handle: string, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite): Promise<FfiWireE2EIdentity>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_activation_enrollment]
-	 */
-	e2ei_new_activation_enrollment(display_name: string, handle: string, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite): Promise<FfiWireE2EIdentity>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_new_rotate_enrollment]
-	 */
-	e2ei_new_rotate_enrollment(display_name: string | null | undefined, handle: string | null | undefined, team: string | null | undefined, expiry_sec: number, ciphersuite: Ciphersuite): Promise<FfiWireE2EIdentity>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_acme_ca]
-	 */
-	e2ei_register_acme_ca(trust_anchor_pem: string): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_intermediate_ca_pem]
-	 */
-	e2ei_register_intermediate_ca(cert_pem: string): Promise<string[] | undefined>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_register_crl]
-	 */
-	e2ei_register_crl(crl_dp: string, crl_der: Uint8Array): Promise<CrlRegistration>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_mls_init_only]
-	 */
-	e2ei_mls_init_only(enrollment: FfiWireE2EIdentity, certificate_chain: string, nb_key_package?: number | null): Promise<string[] | undefined>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::e2ei_rotate]
-	 */
-	e2ei_rotate(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::save_x509_credential]
-	 */
-	save_x509_credential(enrollment: FfiWireE2EIdentity, certificate_chain: string): Promise<string[] | undefined>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::delete_stale_key_packages]
-	 */
-	delete_stale_key_packages(ciphersuite: Ciphersuite): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_enrollment_stash]
-	 *
-	 * Note that this can only succeed if the enrollment is unique and there are no other hard refs to it.
-	 */
-	e2ei_enrollment_stash(enrollment: FfiWireE2EIdentity): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::e2ei_enrollment_stash_pop]
-	 */
-	e2ei_enrollment_stash_pop(handle: Uint8Array): Promise<FfiWireE2EIdentity>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::e2ei_conversation_state]
-	 */
-	e2ei_conversation_state(conversation_id: ConversationId): Promise<E2eiConversationState>;
-	/**
-	 * See [core_crypto::prelude::Session::e2ei_is_enabled]
-	 */
-	e2ei_is_enabled(ciphersuite: Ciphersuite): Promise<boolean>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::get_device_identities]
-	 */
-	get_device_identities(conversation_id: ConversationId, device_ids: ClientId[]): Promise<WireIdentity[]>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::get_user_identities]
-	 */
-	get_user_identities(conversation_id: ConversationId, user_ids: string[]): Promise<Map<string, WireIdentity[]>>;
-	/**
-	 * See [core_crypto::prelude::Session::e2ei_is_pki_env_setup]
-	 */
-	e2ei_is_pki_env_setup(): Promise<boolean>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::mls_init]
-	 */
-	mls_init(client_id: ClientId, ciphersuites: any[], nb_key_package?: number | null): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::client_public_key]
-	 */
-	client_public_key(ciphersuite: Ciphersuite, credential_type: CredentialType): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::epoch]
-	 */
-	conversation_epoch(conversation_id: ConversationId): Promise<bigint>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::ciphersuite]
-	 */
-	conversation_ciphersuite(conversation_id: ConversationId): Promise<Ciphersuite>;
-	/**
-	 * See [core_crypto::prelude::Session::conversation_exists]
-	 */
-	conversation_exists(conversation_id: ConversationId): Promise<boolean>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::get_client_ids]
-	 */
-	get_client_ids(conversation_id: ConversationId): Promise<ClientId[]>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::export_secret_key]
-	 */
-	export_secret_key(conversation_id: ConversationId, key_length: number): Promise<SecretKey>;
-	/**
-	 * See [core_crypto::mls::conversation::Conversation::get_external_sender]
-	 */
-	get_external_sender(conversation_id: ConversationId): Promise<ExternalSenderKey>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::get_or_create_client_keypackages]
-	 */
-	client_keypackages(ciphersuite: Ciphersuite, credential_type: CredentialType, amount_requested: number): Promise<KeyPackage[]>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::client_valid_key_packages_count]
-	 */
-	client_valid_keypackages_count(ciphersuite: Ciphersuite, credential_type: CredentialType): Promise<bigint>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::new_conversation]
-	 */
-	create_conversation(conversation_id: ConversationId, creator_credential_type: CredentialType, config: ConversationConfiguration): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::process_raw_welcome_message]
-	 */
-	process_welcome_message(welcome_message: Welcome, custom_configuration: CustomConfiguration): Promise<WelcomeBundle>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::add_members]
-	 */
-	add_clients_to_conversation(conversation_id: ConversationId, key_packages: KeyPackage[]): Promise<string[] | undefined>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::remove_members]
-	 */
-	remove_clients_from_conversation(conversation_id: ConversationId, clients: ClientId[]): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::mark_as_child_of]
-	 */
-	mark_conversation_as_child_of(child_id: ConversationId, parent_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::update_key_material]
-	 */
-	update_keying_material(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::commit_pending_proposals]
-	 */
-	commit_pending_proposals(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::wipe]
-	 */
-	wipe_conversation(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::decrypt_message]
-	 */
-	decrypt_message(conversation_id: ConversationId, payload: Uint8Array): Promise<DecryptedMessage>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::encrypt_message]
-	 */
-	encrypt_message(conversation_id: ConversationId, message: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::join_by_external_commit]
-	 */
-	join_by_external_commit(group_info: GroupInfo, custom_configuration: CustomConfiguration, credential_type: CredentialType): Promise<WelcomeBundle>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::enable_history_sharing]
-	 */
-	enable_history_sharing(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::mls::conversation::ConversationGuard::disable_history_sharing]
-	 */
-	disable_history_sharing(conversation_id: ConversationId): Promise<void>;
-	/**
-	 * See [core_crypto::proteus::ProteusCentral::try_new]
-	 */
-	proteus_init(): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_session_from_prekey]
-	 */
-	proteus_session_from_prekey(session_id: string, prekey: Uint8Array): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_session_from_message]
-	 */
-	proteus_session_from_message(session_id: string, envelope: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_session_save]
-	 *
-	 * **Note**: This isn't usually needed as persisting sessions happens automatically when
-	 * decrypting/encrypting messages and initializing Sessions
-	 */
-	proteus_session_save(session_id: string): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_session_delete]
-	 */
-	proteus_session_delete(session_id: string): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_session_exists]
-	 */
-	proteus_session_exists(session_id: string): Promise<boolean>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_decrypt]
-	 */
-	proteus_decrypt(session_id: string, ciphertext: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * Decrypt a message whether or not the proteus session already exists, and saves the session.
-	 *
-	 * This is intended to replace simple usages of `proteusDecrypt`.
-	 *
-	 * However, when decrypting large numbers of messages in a single session, the existing methods
-	 * may be more efficient.
-	 */
-	proteus_decrypt_safe(session_id: string, ciphertext: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_encrypt]
-	 */
-	proteus_encrypt(session_id: string, plaintext: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_encrypt_batched]
-	 */
-	proteus_encrypt_batched(sessions: string[], plaintext: Uint8Array): Promise<Map<string, Uint8Array>>;
-	/**
-	 * Creates a new Proteus prekey with the given id and returns the CBOR-serialized version of the prekey bundle
-	 *
-	 * Warning: The Proteus client **MUST** be initialized with `proteus_init` first or an error will be returned
-	 *
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_new_prekey]
-	 */
-	proteus_new_prekey(prekey_id: number): Promise<Uint8Array>;
-	/**
-	 * Creates a new Proteus prekey with an automatically incremented ID and returns the CBOR-serialized version of the prekey bundle
-	 *
-	 * Warning: The Proteus client **MUST** be initialized with `proteus_init` first or an error will be returned
-	 *
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_new_prekey_auto]
-	 */
-	proteus_new_prekey_auto(): Promise<ProteusAutoPrekeyBundle>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_last_resort_prekey]
-	 */
-	proteus_last_resort_prekey(): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_fingerprint]
-	 */
-	proteus_fingerprint(): Promise<string>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_fingerprint_local]
-	 */
-	proteus_fingerprint_local(session_id: string): Promise<string>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_fingerprint_remote]
-	 */
-	proteus_fingerprint_remote(session_id: string): Promise<string>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::proteus_reload_sessions]
-	 */
-	proteus_reload_sessions(): Promise<void>;
-	/**
-	 * See [core_crypto::proteus::ProteusCentral::last_resort_prekey_id]
-	 */
-	static proteus_last_resort_prekey_id(): number;
-	/**
-	 * See [core_crypto::proteus::ProteusCentral::fingerprint_prekeybundle]
-	 */
-	static proteus_fingerprint_prekeybundle(prekey: Uint8Array): string;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::set_data]
-	 */
-	set_data(data: Uint8Array): Promise<void>;
-	/**
-	 * See [core_crypto::transaction_context::TransactionContext::get_data]
-	 */
-	get_data(): Promise<Uint8Array | undefined>;
-	/**
-	 * See [core_crypto::prelude::Session::random_bytes].
-	 */
-	random_bytes(len: number): Promise<Uint8Array>;
-}
-declare class CrlRegistration {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Contstruct a CRL registration from its fields
-	 */
-	constructor(dirty: boolean, expiration?: bigint | null);
-	/**
-	 * Whether this CRL modifies the old CRL (i.e. has a different revocated cert list)
-	 */
-	dirty: boolean;
-	/**
-	 * Optional expiration timestamp
-	 */
-	get expiration(): bigint | undefined;
-	/**
-	 * Optional expiration timestamp
-	 */
-	set expiration(value: bigint | null | undefined);
-}
-/**
- * see [core_crypto::prelude::MlsCustomConfiguration]
- */
-export class CustomConfiguration {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a `CustomConfiguration` from its parts.
-	 */
-	constructor(key_rotation_span?: number | null, wire_policy?: WirePolicy | null);
-	/**
-	 *  Duration in seconds after which we will automatically force a self-update commit
-	 *  Note: This isn't currently implemented
-	 */
-	get keyRotationSpan(): number | undefined;
-	/**
-	 *  Duration in seconds after which we will automatically force a self-update commit
-	 *  Note: This isn't currently implemented
-	 */
-	set keyRotationSpan(value: number | null | undefined);
-	/**
-	 * Defines if handshake messages are encrypted or not
-	 * Note: encrypted handshake messages are not supported by wire-server
-	 */
-	get wirePolicy(): WirePolicy | undefined;
-	/**
-	 * Defines if handshake messages are encrypted or not
-	 * Note: encrypted handshake messages are not supported by wire-server
-	 */
-	set wirePolicy(value: WirePolicy | null | undefined);
-}
-/**
- * The database acting as a core crypto keystore.
- */
-export class Database {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-}
-/**
- * The key used to encrypt the database.
- */
-export class DatabaseKey {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance from a byte vector.
-	 */
-	constructor(buf: Uint8Array);
-}
-declare class DecryptedMessage {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Decrypted plaintext
-	 */
-	readonly message: Uint8Array | undefined;
-	/**
-	 * False if processing this message caused the client to be removed from the group, i.e. due to a Remove commit
-	 */
-	readonly isActive: boolean;
-	/**
-	 * Commit delay in seconds.
-	 *
-	 * When set, clients must delay this long before processing a commit.
-	 * This reduces load on the backend, which otherwise would receive epoch change notifications from all clients simultaneously.
-	 */
-	readonly commitDelay: bigint | undefined;
-	/**
-	 * [ClientId] of the sender of the message being decrypted. Only present for application messages.
-	 */
-	readonly senderClientId: ClientId | undefined;
-	/**
-	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
-	 *
-	 * Deprecated: this member will be removed in the future. Prefer using the `EpochObserver` interface.
-	 */
-	readonly hasEpochChanged: boolean;
-	/**
-	 * Identity claims present in the sender credential
-	 */
-	readonly identity: WireIdentity;
-	/**
-	 * Only set when the decrypted message is a commit.
-	 *
-	 * Contains buffered messages for next epoch which were received before the commit creating the epoch
-	 * because the DS did not fan them out in order.
-	 */
-	readonly bufferedMessages: BufferedDecryptedMessage[] | undefined;
-	/**
-	 * New CRL distribution points that appeared by the introduction of a new credential
-	 */
-	readonly crlNewDistributionPoints: string[] | undefined;
-}
-/**
- * r" The raw public key of an external sender.
- * r"
- * r" This can be used to initialize a subconversation.
- */
-export class ExternalSenderKey {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-declare class FfiWireE2EIdentity {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::directory_response]
-	 */
-	directory_response(directory: Uint8Array): Promise<AcmeDirectory>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_account_request]
-	 */
-	new_account_request(previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_account_response]
-	 */
-	new_account_response(account: Uint8Array): Promise<void>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_order_request]
-	 */
-	new_order_request(previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_order_response]
-	 */
-	new_order_response(order: Uint8Array): Promise<NewAcmeOrder>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_authz_request]
-	 */
-	new_authz_request(url: string, previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_authz_response]
-	 */
-	new_authz_response(authz: Uint8Array): Promise<NewAcmeAuthz>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::create_dpop_token]
-	 */
-	create_dpop_token(expiry_secs: number, backend_nonce: string): Promise<string>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_dpop_challenge_request]
-	 */
-	new_dpop_challenge_request(access_token: string, previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_dpop_challenge_response]
-	 */
-	new_dpop_challenge_response(challenge: Uint8Array): Promise<void>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::check_order_request]
-	 */
-	check_order_request(order_url: string, previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::check_order_response]
-	 */
-	check_order_response(order: Uint8Array): Promise<string>;
-	/**
-	 * See [core_crypto::prelude::E2eiEnrollment::finalize_request]
-	 */
-	finalize_request(previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::prelude::E2eiEnrollment::finalize_response]
-	 */
-	finalize_response(finalize: Uint8Array): Promise<string>;
-	/**
-	 * See [core_crypto::prelude::E2eiEnrollment::certificate_request]
-	 */
-	certificate_request(previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_oidc_challenge_request]
-	 */
-	new_oidc_challenge_request(id_token: string, previous_nonce: string): Promise<Uint8Array>;
-	/**
-	 * See [core_crypto::e2e_identity::E2eiEnrollment::new_oidc_challenge_response]
-	 */
-	new_oidc_challenge_response(challenge: Uint8Array): Promise<void>;
-}
-/**
- * r" MLS Group Information
- * r"
- * r" This is used when joining by external commit.
- * r" It can be found within the `GroupInfoBundle` within a `CommitBundle`.
- */
-export class GroupInfo {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-declare class KeyPackage {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-/**
- * An entity / data which has been packaged by the application to be encrypted
- * and transmitted in an application message.
- */
-export class MlsTransportData {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct `MlsTransportData` by providing data
-	 */
-	constructor(buf: Uint8Array);
-	/**
-	 * The specific data which has been packaged to be encrypted/transmitted.
-	 */
-	readonly data: Uint8Array;
-}
-/**
- * Result of an authorization creation.
- *
- * - See <https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5>
- * - See [core_crypto::e2e_identity::types::E2eiNewAcmeAuthz]
- */
-export class NewAcmeAuthz {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * DNS entry associated with those challenge
-	 */
-	readonly identifier: string;
-	/**
-	 * ACME challenge + ACME key thumbprint
-	 */
-	readonly keyauth: string | undefined;
-	/**
-	 * Associated ACME Challenge
-	 */
-	readonly challenge: AcmeChallenge;
-}
-/**
- * Result of an order creation.
- *
- * - See <https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4>
- * - See [core_crypto::e2e_identity::types::E2eiNewAcmeOrder]
- */
-export class NewAcmeOrder {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Opaque raw json value
-	 */
-	readonly delegate: Uint8Array;
-	/**
-	 * Authorizations to create with `new_authz_request`
-	 */
-	readonly authorizations: string[];
-}
-declare class ProteusAutoPrekeyBundle {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Prekey id (automatically incremented)
-	 */
-	readonly id: number;
-	/**
-	 * CBOR serialization of prekey
-	 */
-	readonly pkb: Uint8Array;
-}
-/**
- * r" A secret key derived from the group secret.
- * r"
- * r" This is intended to be used for AVS.
- */
-export class SecretKey {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-/**
- * r" A TLS-serialized Welcome message.
- * r"
- * r" This structure is defined in RFC 9420:
- * r" <https://www.rfc-editor.org/rfc/rfc9420.html#joining-via-welcome-message>.
- */
-export class Welcome {
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Construct a new instance, transferring data from the client layer to Rust.
-	 */
-	constructor(bytes: Uint8Array);
-	/**
-	 * Get the raw bytes from this type, transferring data from Rust to the client layer.
-	 *
-	 * This does not consume the newtype, instead copying the internal data across the FFI boundary.
-	 */
-	copyBytes(): Uint8Array;
-}
-/**
- * see [core_crypto::prelude::WelcomeBundle]
- */
-export class WelcomeBundle {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Identifier of the joined conversation
-	 */
-	readonly id: ConversationId;
-	/**
-	 * New CRL Distribution of members of this group
-	 */
-	readonly crlNewDistributionPoints: string[] | undefined;
-}
-/**
- * Represents the identity claims identifying a client
- * Those claims are verifiable by any member in the group
- */
-export class WireIdentity {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * Unique client identifier e.g. `T4Coy4vdRzianwfOgXpn6A:6add501bacd1d90e@whitehouse.gov`
-	 */
-	readonly clientId: string;
-	/**
-	 * Status of the Credential at the moment this object is created
-	 */
-	readonly status: DeviceStatus;
-	/**
-	 * MLS thumbprint
-	 */
-	readonly thumbprint: string;
-	/**
-	 * Indicates whether the credential is Basic or X509
-	 */
-	credentialType: CredentialType;
-	/**
-	 * In case 'credential_type' is [CredentialType::X509] this is populated
-	 */
-	readonly x509Identity: X509Identity | undefined;
-}
-/**
- * Represents the parts of [WireIdentity][crate::WireIdentity] that are specific to a X509 certificate (and not a Basic one).
- *
- * We don't use an enum here since the sole purpose of this is to be exposed through the FFI (and
- * union types are impossible to carry over the FFI boundary)
- */
-export class X509Identity {
-	private constructor();
-	free(): void;
-	[Symbol.dispose](): void;
-	/**
-	 * user handle e.g. `john_wire`
-	 */
-	readonly handle: string;
-	/**
-	 * Name as displayed in the messaging application e.g. `John Fitzgerald Kennedy`
-	 */
-	readonly displayName: string;
-	/**
-	 * DNS domain for which this identity proof was generated e.g. `whitehouse.gov`
-	 */
-	readonly domain: string;
-	/**
-	 * X509 certificate identifying this client in the MLS group ; PEM encoded
-	 */
-	readonly certificate: string;
-	/**
-	 * X509 certificate serial number
-	 */
-	readonly serialNumber: string;
-	/**
-	 * X509 certificate not before as Unix timestamp
-	 */
-	readonly notBefore: bigint;
-	/**
-	 * X509 certificate not after as Unix timestamp
-	 */
-	readonly notAfter: bigint;
-}
-interface ConversationConfiguration$1 {
-	/**
-	 * The ciphersuite which should be used to encrypt this conversation.
-	 */
-	ciphersuite?: Ciphersuite;
-	/**
-	 * List of client IDs that are allowed to be external senders
-	 */
-	externalSenders?: ExternalSenderKey[];
-	/**
-	 *  Duration in seconds after which we will automatically force a self-update commit
-	 *  Note: This isn't currently implemented
-	 */
-	keyRotationSpan?: number;
-	/**
-	 * Defines if handshake messages are encrypted or not
-	 * Note: encrypted handshake messages are not supported by wire-server
-	 */
-	wirePolicy?: WirePolicy;
-}
-/**
- * The error structure produced by our rust code.
- **/
-export interface CoreCryptoRichError<T extends ErrorType> {
-	message: string;
-	error_name?: string;
-	error_stack?: string[];
-	type?: T;
-	context?: ErrorContext[T];
-}
-/**
- * Error wrapper that takes care of extracting rich error details across the FFI (through JSON parsing)
- *
- * Whenever you're supposed to get this class (that extends `Error`) you might end up with a base `Error`
- * in case the parsing of the message structure fails. This is unlikely but the case is still covered and fall backs automatically.
- * More information will be found in the base `Error.cause` to inform you why the parsing has failed.
- *
- * Please note that in this case the extra properties will not be available.
- */
-export declare class CoreCryptoError<T extends ErrorType> extends Error {
-	errorStack: string[];
-	context?: ErrorContext[T];
-	type?: T;
-	private constructor();
-	private static fallback;
-	static build<E extends ErrorType>(msg: string, ...params: unknown[]): CoreCryptoError<E>;
-	static fromStdError(e: Error): CoreCryptoError<ErrorType>;
-	static asyncMapErr<T, E extends ErrorType>(p: Promise<T>): Promise<T>;
-}
-/**
- * Helper type to ensure that error contexts match their type
- */
-export type ErrorTypeWithContext<T> = {
-	[K in keyof T]: {
-		type: K;
-		context: T[K];
-	};
-}[keyof T];
-/**
- * Variants of core crypto errors
- */
-export declare enum ErrorType {
-	Mls = "Mls",
-	Proteus = "Proteus",
-	E2ei = "E2ei",
-	TransactionFailed = "TransactionFailed",
-	Other = "Other"
-}
-export declare function isCcError<E extends ErrorType>(error: unknown, errorType: E): error is CoreCryptoError<E>;
-/**
- * Structured core crypto error
- */
-export interface ErrorContext {
-	[ErrorType.Mls]: ErrorTypeWithContext<MlsErrorContext>;
-	[ErrorType.Proteus]: ErrorTypeWithContext<ProteusErrorContext>;
-	[ErrorType.E2ei]: {
-		e2eiError: string;
-	};
-	[ErrorType.TransactionFailed]: {
-		error: string;
-	};
-	[ErrorType.Other]: {
-		msg: string;
-	};
-}
-export declare function isE2eiError(error: unknown): error is CoreCryptoError<ErrorType.E2ei>;
-export declare function isTransactionFailedError(error: unknown): error is CoreCryptoError<ErrorType.TransactionFailed>;
-export declare function isOtherError(error: unknown): error is CoreCryptoError<ErrorType.Other>;
-/**
- * Variants of core crypto mls errors
- */
-export declare enum MlsErrorType {
-	ConversationAlreadyExists = "ConversationAlreadyExists",
-	DuplicateMessage = "DuplicateMessage",
-	BufferedFutureMessage = "BufferedFutureMessage",
-	WrongEpoch = "WrongEpoch",
-	BufferedCommit = "BufferedCommit",
-	MessageEpochTooOld = "MessageEpochTooOld",
-	SelfCommitIgnored = "SelfCommitIgnored",
-	UnmergedPendingGroup = "UnmergedPendingGroup",
-	StaleProposal = "StaleProposal",
-	StaleCommit = "StaleCommit",
-	/**
-	 * This happens when the DS cannot flag KeyPackages as claimed or not. In this scenario, a client
-	 * requests their old KeyPackages to be deleted but one has already been claimed by another client to create a Welcome.
-	 * In that case the only solution is that the client receiving such a Welcome tries to join the group
-	 * with an External Commit instead
-	 */
-	OrphanWelcome = "OrphanWelcome",
-	MessageRejected = "MessageRejected",
-	Other = "Other"
-}
-/**
- * Structured core crypto mls error (embedded in a core crypto error)
- */
-export interface MlsErrorContext {
-	[MlsErrorType.ConversationAlreadyExists]: {
-		conversationId: Array<number>;
-	};
-	[MlsErrorType.DuplicateMessage]: Record<string, never>;
-	[MlsErrorType.BufferedFutureMessage]: Record<string, never>;
-	[MlsErrorType.WrongEpoch]: Record<string, never>;
-	[MlsErrorType.BufferedCommit]: Record<string, never>;
-	[MlsErrorType.MessageEpochTooOld]: Record<string, never>;
-	[MlsErrorType.SelfCommitIgnored]: Record<string, never>;
-	[MlsErrorType.UnmergedPendingGroup]: Record<string, never>;
-	[MlsErrorType.StaleProposal]: Record<string, never>;
-	[MlsErrorType.StaleCommit]: Record<string, never>;
-	[MlsErrorType.OrphanWelcome]: Record<string, never>;
-	[MlsErrorType.MessageRejected]: {
-		reason: string;
-	};
-	[MlsErrorType.Other]: {
-		msg: string;
-	};
-}
-export declare function isMlsError<E extends MlsErrorType>(error: unknown, errorType: E): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: E;
-	}>;
-};
-export declare function isMlsConversationAlreadyExistsError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.ConversationAlreadyExists;
-	}>;
-};
-export declare function isMlsDuplicateMessageError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.DuplicateMessage;
-	}>;
-};
-export declare function isMlsBufferedFutureMessageError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.BufferedFutureMessage;
-	}>;
-};
-export declare function isMlsWrongEpochError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.WrongEpoch;
-	}>;
-};
-export declare function isMlsBufferedCommitError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.BufferedCommit;
-	}>;
-};
-export declare function isMlsSelfCommitIgnoredError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.SelfCommitIgnored;
-	}>;
-};
-export declare function isMlsUnmergedPendingGroupError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.UnmergedPendingGroup;
-	}>;
-};
-export declare function isMlsStaleProposalError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.StaleProposal;
-	}>;
-};
-export declare function isMlsStaleCommitError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.StaleCommit;
-	}>;
-};
-export declare function isMlsOrphanWelcomeError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.OrphanWelcome;
-	}>;
-};
-export declare function isMlsMessageRejectedError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.MessageRejected;
-	}>;
-};
-export declare function isMlsOtherError(error: unknown): error is CoreCryptoError<ErrorType.Mls> & {
-	context: Extract<ErrorContext[ErrorType.Mls], {
-		type: MlsErrorType.Other;
-	}>;
-};
-/**
- * Variants of core crypto proteus errors
- */
-export declare enum ProteusErrorType {
-	SessionNotFound = "SessionNotFound",
-	DuplicateMessage = "DuplicateMessage",
-	RemoteIdentityChanged = "RemoteIdentityChanged",
-	Other = "Other"
-}
-/**
- * Structured core crypto proteus error (embedded in a core crypto error)
- */
-export interface ProteusErrorContext {
-	[ProteusErrorType.SessionNotFound]: {
-		errorCode: number;
-	};
-	[ProteusErrorType.DuplicateMessage]: {
-		errorCode: number;
-	};
-	[ProteusErrorType.RemoteIdentityChanged]: {
-		errorCode: number;
-	};
-	[ProteusErrorType.Other]: {
-		errorCode: number;
-	};
-}
-export declare function isProteusError<E extends ProteusErrorType>(error: unknown, errorType: E): error is CoreCryptoError<ErrorType.Proteus> & {
-	context: Extract<ErrorContext[ErrorType.Proteus], {
-		type: E;
-	}>;
-};
-export declare function isProteusSessionNotFoundError(error: unknown): error is CoreCryptoError<ErrorType.Proteus> & {
-	context: Extract<ErrorContext[ErrorType.Proteus], {
-		type: ProteusErrorType.SessionNotFound;
-	}>;
-};
-export declare function isProteusDuplicateMessageError(error: unknown): error is CoreCryptoError<ErrorType.Proteus> & {
-	context: Extract<ErrorContext[ErrorType.Proteus], {
-		type: ProteusErrorType.DuplicateMessage;
-	}>;
-};
-export declare function isProteusRemoteIdentityChangedError(error: unknown): error is CoreCryptoError<ErrorType.Proteus> & {
-	context: Extract<ErrorContext[ErrorType.Proteus], {
-		type: ProteusErrorType.RemoteIdentityChanged;
-	}>;
-};
-export declare function isProteusOtherError(error: unknown): error is CoreCryptoError<ErrorType.Proteus> & {
-	context: Extract<ErrorContext[ErrorType.Proteus], {
-		type: ProteusErrorType.Other;
-	}>;
-};
-/**
- * Alias for proposal reference. It is a byte array of size 16.
- */
-export type ProposalRef = Uint8Array;
-/**
- * A `HistorySecret` encodes sufficient client state that it can be used to instantiate an
- * ephemeral client.
- */
-export interface HistorySecret {
-	clientId: ClientId;
-	data: Uint8Array;
-}
-/**
- * Data shape for a MLS generic commit + optional bundle (aka stapled commit & welcome)
- */
-export interface CommitBundle {
-	/**
-	 * TLS-serialized MLS Commit that needs to be fanned out to other (existing) members of the conversation
-	 *
-	 * @readonly
-	 */
-	commit: Uint8Array;
-	/**
-	 * Optional TLS-serialized MLS Welcome message that needs to be fanned out to the clients newly added to the conversation
-	 *
-	 * @readonly
-	 */
-	welcome?: Welcome;
-	/**
-	 * MLS GroupInfo which is required for joining a group by external commit
-	 *
-	 * @readonly
-	 */
-	groupInfo: GroupInfoBundle;
-	/**
-	 * An encrypted message to fan out to all other conversation members in the new epoch
-	 * @readonly
-	 */
-	encryptedMessage?: Uint8Array;
-}
-/**
- * Wraps a GroupInfo in order to efficiently upload it to the Delivery Service.
- * This is not part of MLS protocol but parts might be standardized at some point.
- */
-export interface GroupInfoBundle {
-	/**
-	 * see {@link GroupInfoEncryptionType}
-	 */
-	encryptionType: MlsGroupInfoEncryptionType;
-	/**
-	 * see {@link RatchetTreeType}
-	 */
-	ratchetTreeType: MlsRatchetTreeType;
-	/**
-	 * TLS-serialized GroupInfo
-	 */
-	payload: GroupInfo;
-}
-/**
- * This is a wrapper for all the possible outcomes you can get after decrypting a message
- */
-interface DecryptedMessage$1 {
-	/**
-	 * Raw decrypted application message, if the decrypted MLS message is an application message
-	 */
-	message?: Uint8Array;
-	/**
-	 * It is set to false if ingesting this MLS message has resulted in the client being removed from the group (i.e. a Remove commit)
-	 */
-	isActive: boolean;
-	/**
-	 * Commit delay hint (in milliseconds) to prevent clients from hammering the server with epoch changes
-	 */
-	commitDelay?: number;
-	/**
-	 * Client identifier of the sender of the message being decrypted. Only present for application messages.
-	 */
-	senderClientId?: ClientId;
-	/**
-	 * true when the decrypted message resulted in an epoch change i.e. it was a commit
-	 */
-	hasEpochChanged: boolean;
-	/**
-	 * Identity claims present in the sender credential
-	 * Only present when the credential is a x509 certificate
-	 * Present for all messages
-	 */
-	identity?: WireIdentity;
-	/**
-	 * Only set when the decrypted message is a commit.
-	 * Contains buffered messages for next epoch which were received before the commit creating the epoch
-	 * because the DS did not fan them out in order.
-	 */
-	bufferedMessages?: BufferedDecryptedMessage$1[];
-	/**
-	 * New CRL distribution points that appeared by the introduction of a new credential
-	 */
-	crlNewDistributionPoints?: string[];
-}
-/**
- * Almost same as {@link DecryptedMessage} but avoids recursion
- */
-interface BufferedDecryptedMessage$1 {
-	/**
-	 * see {@link DecryptedMessage.message}
-	 */
-	message?: Uint8Array;
-	/**
-	 * see {@link DecryptedMessage.isActive}
-	 */
-	isActive: boolean;
-	/**
-	 * see {@link DecryptedMessage.commitDelay}
-	 */
-	commitDelay?: number;
-	/**
-	 * see {@link DecryptedMessage.senderClientId}
-	 */
-	senderClientId?: ClientId;
-	/**
-	 * see {@link DecryptedMessage.hasEpochChanged}
-	 */
-	hasEpochChanged: boolean;
-	/**
-	 * see {@link DecryptedMessage.identity}
-	 */
-	identity?: WireIdentity;
-	/**
-	 * see {@link DecryptedMessage.crlNewDistributionPoints}
-	 */
-	crlNewDistributionPoints?: string[];
-}
-/**
- * Returned by {@link MlsTransport} callbacks.
- */
-export type MlsTransportResponse = "success" | "retry" | {
-	/**
-	 * The message was rejected by the delivery service and there's no recovery.
-	 */
-	abort: {
-		reason: string;
-	};
-};
-/**
- * An interface that must be implemented and provided to CoreCrypto via
- * {@link CoreCrypto.provideTransport}.
- */
-export interface MlsTransport {
-	/**
-	 * This callback is called by CoreCrypto to send a commit bundle to the delivery service.
-	 *
-	 * @param commitBundle - the commit bundle
-	 * @returns a promise resolving to a {@link MlsTransportResponse}
-	 */
-	sendCommitBundle: (commitBundle: CommitBundle) => Promise<MlsTransportResponse>;
-	/**
-	 *  This callback is called by CoreCrypto to send a regular message to the delivery service.
-	 * @param message
-	 * @returns a promise resolving to a {@link MlsTransportResponse}
-	 */
-	sendMessage: (message: Uint8Array) => Promise<MlsTransportResponse>;
-	/**
-	 *  This callback is called by CoreCrypto to prepare a history secret to be sent to the delivery service.
-	 * @param secret
-	 * @returns a promise resolving to a {@link MlsTransportData}
-	 */
-	prepareForTransport: (secret: HistorySecret) => Promise<MlsTransportData>;
-}
-/**
- *  Supporting struct for CRL registration result
- */
-export interface CRLRegistration {
-	/**
-	 * Whether this CRL modifies the old CRL (i.e. has a different revocated cert list)
-	 *
-	 * @readonly
-	 */
-	dirty: boolean;
-	/**
-	 * Optional expiration timestamp
-	 *
-	 * @readonly
-	 */
-	expiration?: number;
-}
-interface AcmeDirectory$1 {
-	/**
-	 * URL for fetching a new nonce. Use this only for creating a new account.
-	 */
-	newNonce: string;
-	/**
-	 * URL for creating a new account.
-	 */
-	newAccount: string;
-	/**
-	 * URL for creating a new order.
-	 */
-	newOrder: string;
-	/**
-	 * Revocation URL
-	 */
-	revokeCert: string;
-}
-/**
- * Returned by APIs whose code paths potentially discover new certificate revocation list distribution URLs.
- */
-export type NewCrlDistributionPoints = string[] | undefined;
-export type JsonRawData = Uint8Array;
-export declare class E2eiEnrollment {
-	#private;
-	/** @hidden */
-	constructor(e2ei: FfiWireE2EIdentity);
-	free(): void;
-	/**
-	 * Should only be used internally
-	 */
-	inner(): unknown;
-	/**
-	 * Parses the response from `GET /acme/{provisioner-name}/directory`.
-	 * Use this {@link AcmeDirectory} in the next step to fetch the first nonce from the acme server. Use
-	 * {@link AcmeDirectory.newNonce}.
-	 *
-	 * @param directory HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.1.1
-	 */
-	directoryResponse(directory: JsonRawData): Promise<AcmeDirectory$1>;
-	/**
-	 * For creating a new acme account. This returns a signed JWS-alike request body to send to
-	 * `POST /acme/{provisioner-name}/new-account`.
-	 *
-	 * @param previousNonce you got from calling `HEAD {@link AcmeDirectory.newNonce}`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.3
-	 */
-	newAccountRequest(previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/new-account`.
-	 * @param account HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.3
-	 */
-	newAccountResponse(account: JsonRawData): Promise<void>;
-	/**
-	 * Creates a new acme order for the handle (userId + display name) and the clientId.
-	 *
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/new-account`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	newOrderRequest(previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/new-order`.
-	 *
-	 * @param order HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	newOrderResponse(order: JsonRawData): Promise<NewAcmeOrder>;
-	/**
-	 * Creates a new authorization request.
-	 *
-	 * @param url one of the URL in new order's authorizations from {@link newOrderResponse})
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/new-order` (or from the
-	 * previous to this method if you are creating the second authorization)
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5
-	 */
-	newAuthzRequest(url: string, previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/authz/{authz-id}`
-	 *
-	 * @param authz HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5
-	 */
-	newAuthzResponse(authz: JsonRawData): Promise<NewAcmeAuthz>;
-	/**
-	 * Generates a new client Dpop JWT token. It demonstrates proof of possession of the nonces
-	 * (from wire-server & acme server) and will be verified by the acme server when verifying the
-	 * challenge (in order to deliver a certificate).
-	 *
-	 * Then send it to `POST /clients/{id}/access-token`
-	 * {@link https://staging-nginz-https.zinfra.io/api/swagger-ui/#/default/post_clients__cid__access_token} on wire-server.
-	 *
-	 * @param expirySecs of the client Dpop JWT. This should be equal to the grace period set in Team Management
-	 * @param backendNonce you get by calling `GET /clients/token/nonce` on wire-server as defined here {@link https://staging-nginz-https.zinfra.io/api/swagger-ui/#/default/get_clients__client__nonce}
-	 */
-	createDpopToken(expirySecs: number, backendNonce: string): Promise<Uint8Array>;
-	/**
-	 * Creates a new challenge request for Wire Dpop challenge.
-	 *
-	 * @param accessToken returned by wire-server from https://staging-nginz-https.zinfra.io/api/swagger-ui/#/default/post_clients__cid__access_token
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
-	 */
-	newDpopChallengeRequest(accessToken: string, previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/challenge/{challenge-id}` for the DPoP challenge.
-	 *
-	 * @param challenge HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
-	 */
-	newDpopChallengeResponse(challenge: JsonRawData): Promise<void>;
-	/**
-	 * Creates a new challenge request for Wire Oidc challenge.
-	 *
-	 * @param idToken you get back from Identity Provider
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
-	 */
-	newOidcChallengeRequest(idToken: string, previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/challenge/{challenge-id}` for the OIDC challenge.
-	 *
-	 * @param challenge HTTP response body
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
-	 */
-	newOidcChallengeResponse(challenge: JsonRawData): Promise<void>;
-	/**
-	 * Verifies that the previous challenge has been completed.
-	 *
-	 * @param orderUrl `location` header from http response you got from {@link newOrderResponse}
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/challenge/{challenge-id}`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	checkOrderRequest(orderUrl: string, previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/order/{order-id}`.
-	 *
-	 * @param order HTTP response body
-	 * @return finalize url to use with {@link finalizeRequest}
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	checkOrderResponse(order: JsonRawData): Promise<string>;
-	/**
-	 * Final step before fetching the certificate.
-	 *
-	 * @param previousNonce - `replay-nonce` response header from `POST /acme/{provisioner-name}/order/{order-id}`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	finalizeRequest(previousNonce: string): Promise<JsonRawData>;
-	/**
-	 * Parses the response from `POST /acme/{provisioner-name}/order/{order-id}/finalize`.
-	 *
-	 * @param finalize HTTP response body
-	 * @return the certificate url to use with {@link certificateRequest}
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
-	 */
-	finalizeResponse(finalize: JsonRawData): Promise<string>;
-	/**
-	 * Creates a request for finally fetching the x509 certificate.
-	 *
-	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/order/{order-id}/finalize`
-	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4.2
-	 */
-	certificateRequest(previousNonce: string): Promise<JsonRawData>;
-}
-/**
- * Indicates the state of a Conversation regarding end-to-end identity.
- * Note: this does not check pending state (pending commit, pending proposals) so it does not
- * consider members about to be added/removed
- */
-declare enum E2eiConversationState$1 {
-	/**
-	 * All clients have a valid E2EI certificate
-	 */
-	Verified = 1,
-	/**
-	 * Some clients are either still Basic or their certificate is expired
-	 */
-	NotVerified = 2,
-	/**
-	 * All clients are still Basic. If all client have expired certificates, NotVerified is returned.
-	 */
-	NotEnabled = 3
-}
-/**
- * Data shape for proteusNewPrekeyAuto() call returns.
- */
-interface ProteusAutoPrekeyBundle$1 {
-	/**
-	 * Proteus PreKey id
-	 *
-	 * @readonly
-	 */
-	id: number;
-	/**
-	 * CBOR-serialized Proteus PreKeyBundle
-	 *
-	 * @readonly
-	 */
-	pkb: Uint8Array;
-}
-declare class CoreCryptoContext$1 {
-	#private;
-	/** @hidden */
-	private constructor();
-	/** @hidden */
-	static fromFfiContext(ctx: CoreCryptoContext): CoreCryptoContext$1;
-	/**
-	 * Set arbitrary data to be retrieved by {@link getData}.
-	 * This is meant to be used as a check point at the end of a transaction.
-	 * The data should be limited to a reasonable size.
-	 */
-	setData(data: Uint8Array): Promise<void>;
-	/**
-	 * Get data if it has previously been set by {@link setData}, or `undefined` otherwise.
-	 * This is meant to be used as a check point at the end of a transaction.
-	 */
-	getData(): Promise<Uint8Array | undefined>;
-	/**
-	 * Use this after {@link CoreCrypto.deferredInit} when you have a clientId. It initializes MLS.
-	 *
-	 * @param clientId - {@link CoreCryptoParams#clientId} but required
-	 * @param ciphersuites - All the ciphersuites supported by this MLS client
-	 * @param nbKeyPackage - number of initial KeyPackage to create when initializing the client
-	 */
-	mlsInit(clientId: ClientId, ciphersuites: Ciphersuite[], nbKeyPackage?: number): Promise<void>;
-	/**
-	 * Checks if the Client is member of a given conversation and if the MLS Group is loaded up
-	 *
-	 * @returns Whether the given conversation ID exists
-	 *
-	 * @example
-	 * ```ts
-	 *  const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
-	 *  const encoder = new TextEncoder();
-	 *  if (await cc.conversationExists(encoder.encode("my super chat"))) {
-	 *    // Do something
-	 *  } else {
-	 *    // Do something else
-	 *  }
-	 * ```
-	 */
-	conversationExists(conversationId: ConversationId): Promise<boolean>;
-	/**
-	 * Marks a conversation as child of another one
-	 * This will mostly affect the behavior of the callbacks (the parentConversationClients parameter will be filled)
-	 *
-	 * @param childId - conversation identifier of the child conversation
-	 * @param parentId - conversation identifier of the parent conversation
-	 */
-	markConversationAsChildOf(childId: ConversationId, parentId: ConversationId): Promise<void>;
-	/**
-	 * Returns the current epoch of a conversation
-	 *
-	 * @returns the epoch of the conversation
-	 *
-	 * @example
-	 * ```ts
-	 *  const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
-	 *  const encoder = new TextEncoder();
-	 *  console.log(await cc.conversationEpoch(encoder.encode("my super chat")))
-	 * ```
-	 */
-	conversationEpoch(conversationId: ConversationId): Promise<number>;
-	/**
-	 * Returns the ciphersuite of a conversation
-	 *
-	 * @returns the ciphersuite of the conversation
-	 */
-	conversationCiphersuite(conversationId: ConversationId): Promise<Ciphersuite>;
-	/**
-	 * Wipes and destroys the local storage of a given conversation / MLS group
-	 *
-	 * @param conversationId - The ID of the conversation to remove
-	 */
-	wipeConversation(conversationId: ConversationId): Promise<void>;
-	/**
-	 * Creates a new conversation with the current client being the sole member
-	 * You will want to use {@link addClientsToConversation} afterwards to add clients to this conversation
-	 *
-	 * @param conversationId - The conversation ID; You can either make them random or let the backend attribute MLS group IDs
-	 * @param creatorCredentialType - kind of credential the creator wants to create the group with
-	 * @param configuration - configuration of the MLS group
-	 * @param configuration.ciphersuite - The {@link Ciphersuite} that is chosen to be the group's
-	 * @param configuration.externalSenders - Array of Client IDs that are qualified as external senders within the group
-	 */
-	createConversation(conversationId: ConversationId, creatorCredentialType: CredentialType, configuration?: ConversationConfiguration$1): Promise<void>;
-	/**
-	 * Decrypts a message for a given conversation.
-	 *
-	 * Note: you should catch & ignore the following error reasons:
-	 * * "We already decrypted this message once"
-	 * * "You tried to join with an external commit but did not merge it yet. We will reapply this message for you when you merge your external commit"
-	 * * "Incoming message is for a future epoch. We will buffer it until the commit for that epoch arrives"
-	 *
-	 * @param conversationId - The ID of the conversation
-	 * @param payload - The encrypted message buffer
-	 *
-	 * @returns a {@link DecryptedMessage}. Note that {@link DecryptedMessage#message} is `undefined` when the encrypted payload contains a system message such a proposal or commit
-	 */
-	decryptMessage(conversationId: ConversationId, payload: Uint8Array): Promise<DecryptedMessage$1>;
-	/**
-	 * Encrypts a message for a given conversation
-	 *
-	 * @param conversationId - The ID of the conversation
-	 * @param message - The plaintext message to encrypt
-	 *
-	 * @returns The encrypted payload for the given group. This needs to be fanned out to the other members of the group.
-	 */
-	encryptMessage(conversationId: ConversationId, message: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * Ingest a TLS-serialized MLS welcome message to join an existing MLS group
-	 *
-	 * You have to catch the error with this reason "Although this Welcome seems valid, the local KeyPackage
-	 * it references has already been deleted locally. Join this group with an external commit", ignore it and then
-	 * join this group via {@link CoreCryptoContext.joinByExternalCommit}.
-	 *
-	 * @param welcomeMessage - TLS-serialized MLS Welcome message
-	 * @param configuration - configuration of the MLS group
-	 * @returns The conversation ID of the newly joined group. You can use the same ID to decrypt/encrypt messages
-	 */
-	processWelcomeMessage(welcomeMessage: Welcome, configuration?: Partial<CustomConfiguration>): Promise<WelcomeBundle>;
-	/**
-	 * Get the client's public signature key. To upload to the DS for further backend side validation
-	 *
-	 * @param ciphersuite - of the signature key to get
-	 * @param credentialType - of the public key to look for
-	 * @returns the client's public signature key
-	 */
-	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<Uint8Array>;
-	/**
-	 *
-	 * @param ciphersuite - of the KeyPackages to count
-	 * @param credentialType - of the KeyPackages to count
-	 * @returns The amount of valid, non-expired KeyPackages that are persisted in the backing storage
-	 */
-	clientValidKeypackagesCount(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<number>;
-	/**
-	 * Fetches a requested amount of keypackages
-	 *
-	 * @param ciphersuite - of the KeyPackages to generate
-	 * @param credentialType - of the KeyPackages to generate
-	 * @param amountRequested - The amount of keypackages requested
-	 * @returns An array of length `amountRequested` containing TLS-serialized KeyPackages
-	 */
-	clientKeypackages(ciphersuite: Ciphersuite, credentialType: CredentialType, amountRequested: number): Promise<Array<Uint8Array>>;
-	/**
-	 * Adds new clients to a conversation, assuming the current client has the right to add new clients to the conversation.
-	 *
-	 * Sends the corresponding commit via {@link MlsTransport.sendCommitBundle} and merges it if the call is successful.
-	 *
-	 * @param conversationId - The ID of the conversation
-	 * @param keyPackages - KeyPackages of the new clients to add
-	 *
-	 * @returns Potentially a list of newly discovered crl distribution points
-	 */
-	addClientsToConversation(conversationId: ConversationId, keyPackages: Uint8Array[]): Promise<NewCrlDistributionPoints>;
-	/**
-	 * Removes the provided clients from a conversation; Assuming those clients exist and the current client is allowed
-	 * to do so, otherwise this operation does nothing.
-	 *
-	 * @param conversationId - The ID of the conversation
-	 * @param clientIds - Array of Client IDs to remove.
-	 */
-	removeClientsFromConversation(conversationId: ConversationId, clientIds: ClientId[]): Promise<void>;
-	/**
-	 * Update the keying material of the conversation.
-	 *
-	 * @param conversationId - The ID of the conversation
-	 */
-	updateKeyingMaterial(conversationId: ConversationId): Promise<void>;
-	/**
-	 * Commits the local pending proposals.
-	 *
-	 * Sends the corresponding commit via {@link MlsTransport.sendCommitBundle}
-	 * and merges it if the call is successful.
-	 *
-	 * @param conversationId - The ID of the conversation
-	 */
-	commitPendingProposals(conversationId: ConversationId): Promise<void>;
-	/**
-	 * "Apply" to join a group through its GroupInfo.
-	 *
-	 * Sends the corresponding commit via {@link MlsTransport.sendCommitBundle}
-	 * and creates the group if the call is successful.
-	 *
-	 * @param groupInfo - a TLS encoded GroupInfo fetched from the Delivery Service
-	 * @param credentialType - kind of Credential to use for joining this group. If {@link CredentialType.Basic} is
-	 * chosen and no Credential has been created yet for it, a new one will be generated.
-	 * @param configuration - configuration of the MLS group
-	 * When {@link CredentialType.X509} is chosen, it fails when no Credential has been created for the given {@link Ciphersuite}.
-	 *
-	 * @return see {@link WelcomeBundle}
-	 */
-	joinByExternalCommit(groupInfo: GroupInfo, credentialType: CredentialType, configuration?: Partial<CustomConfiguration>): Promise<WelcomeBundle>;
-	/**
-	 * Enable history sharing by generating a history client and adding it to the conversation.
-	 */
-	enableHistorySharing(conversationId: ConversationId): Promise<void>;
-	/**
-	 * Disable history sharing by removing histroy clients from the conversation.
-	 */
-	disableHistorySharing(conversationId: ConversationId): Promise<void>;
-	/**
-	 * Derives a new key from the group
-	 *
-	 * @param conversationId - The group's ID
-	 * @param keyLength - the length of the key to be derived. If the value is higher than the
-	 * bounds of `u16` or the context hash * 255, an error will be returned
-	 *
-	 * @returns A `Uint8Array` representing the derived key
-	 */
-	exportSecretKey(conversationId: ConversationId, keyLength: number): Promise<SecretKey>;
-	/**
-	 * Returns the raw public key of the single external sender present in this group.
-	 * This should be used to initialize a subconversation
-	 *
-	 * @param conversationId - The group's ID
-	 *
-	 * @returns A `Uint8Array` representing the external sender raw public key
-	 */
-	getExternalSender(conversationId: ConversationId): Promise<ExternalSenderKey>;
-	/**
-	 * Returns all clients from group's members
-	 *
-	 * @param conversationId - The group's ID
-	 *
-	 * @returns A list of clients from the members of the group
-	 */
-	getClientIds(conversationId: ConversationId): Promise<ClientId[]>;
-	/**
-	 * Allows {@link CoreCryptoContext} to act as a CSPRNG provider
-	 *
-	 * The underlying CSPRNG algorithm is ChaCha20 and takes in account the external seed provider.
-	 *
-	 * @param length - The number of bytes to be returned in the `Uint8Array`
-	 *
-	 * @returns A `Uint8Array` buffer that contains `length` cryptographically-secure random bytes
-	 */
-	randomBytes(length: number): Promise<Uint8Array>;
-	/**
-	 * Initializes the proteus client
-	 */
-	proteusInit(): Promise<void>;
-	/**
-	 * Create a Proteus session using a prekey
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @param prekey - CBOR-encoded Proteus prekey of the other client
-	 */
-	proteusSessionFromPrekey(sessionId: string, prekey: Uint8Array): Promise<void>;
-	/**
-	 * Create a Proteus session from a handshake message
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @param envelope - CBOR-encoded Proteus message
-	 *
-	 * @returns A `Uint8Array` containing the message that was sent along with the session handshake
-	 */
-	proteusSessionFromMessage(sessionId: string, envelope: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * Locally persists a session to the keystore
-	 *
-	 * **Note**: This isn't usually needed as persisting sessions happens automatically when decrypting/encrypting messages and initializing Sessions
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 */
-	proteusSessionSave(sessionId: string): Promise<void>;
-	/**
-	 * Deletes a session
-	 * Note: this also deletes the persisted data within the keystore
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 */
-	proteusSessionDelete(sessionId: string): Promise<void>;
-	/**
-	 * Checks if a session exists
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 *
-	 * @returns whether the session exists or not
-	 */
-	proteusSessionExists(sessionId: string): Promise<boolean>;
-	/**
-	 * Decrypt an incoming message for an existing Proteus session
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @param ciphertext - CBOR encoded, encrypted proteus message
-	 * @returns The decrypted payload contained within the message
-	 */
-	proteusDecrypt(sessionId: string, ciphertext: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * Encrypt a message for a given Proteus session
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @param plaintext - payload to encrypt
-	 * @returns The CBOR-serialized encrypted message
-	 */
-	proteusEncrypt(sessionId: string, plaintext: Uint8Array): Promise<Uint8Array>;
-	/**
-	 * Batch encryption for proteus messages
-	 * This is used to minimize FFI roundtrips when used in the context of a multi-client session (i.e. conversation)
-	 *
-	 * @param sessions - List of Proteus session IDs to encrypt the message for
-	 * @param plaintext - payload to encrypt
-	 * @returns A map indexed by each session ID and the corresponding CBOR-serialized encrypted message for this session
-	 */
-	proteusEncryptBatched(sessions: string[], plaintext: Uint8Array): Promise<Map<string, Uint8Array>>;
-	/**
-	 * Creates a new prekey with the requested ID.
-	 *
-	 * @param prekeyId - ID of the PreKey to generate. This cannot be bigger than a u16
-	 * @returns: A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey
-	 */
-	proteusNewPrekey(prekeyId: number): Promise<Uint8Array>;
-	/**
-	 * Creates a new prekey with an automatically generated ID..
-	 *
-	 * @returns A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey accompanied by its ID
-	 */
-	proteusNewPrekeyAuto(): Promise<ProteusAutoPrekeyBundle$1>;
-	/**
-	 * Proteus last resort prekey stuff
-	 *
-	 * @returns A CBOR-serialize version of the PreKeyBundle associated with the last resort PreKey (holding the last resort prekey id)
-	 */
-	proteusLastResortPrekey(): Promise<Uint8Array>;
-	/**
-	 * @returns The last resort PreKey id
-	 */
-	static proteusLastResortPrekeyId(): number;
-	/**
-	 * Proteus public key fingerprint
-	 * It's basically the public key encoded as an hex string
-	 *
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprint(): Promise<string>;
-	/**
-	 * Proteus session local fingerprint
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprintLocal(sessionId: string): Promise<string>;
-	/**
-	 * Proteus session remote fingerprint
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprintRemote(sessionId: string): Promise<string>;
-	/**
-	 * Hex-encoded fingerprint of the given prekey
-	 *
-	 * @param prekey - the prekey bundle to get the fingerprint from
-	 * @returns Hex-encoded public key string
-	 **/
-	static proteusFingerprintPrekeybundle(prekey: Uint8Array): string;
-	/**
-	 * Creates an enrollment instance with private key material you can use in order to fetch
-	 * a new x509 certificate from the acme server.
-	 *
-	 * @param clientId - client identifier e.g. `b7ac11a4-8f01-4527-af88-1c30885a7931:6add501bacd1d90e@example.com`
-	 * @param displayName - human-readable name displayed in the application e.g. `Smith, Alice M (QA)`
-	 * @param handle - user handle e.g. `alice.smith.qa@example.com`
-	 * @param expirySec - generated x509 certificate expiry
-	 * @param ciphersuite - for generating signing key material
-	 * @param team - name of the Wire team a user belongs to
-	 * @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCryptoContext.e2eiMlsInitOnly}
-	 */
-	e2eiNewEnrollment(clientId: string, displayName: string, handle: string, expirySec: number, ciphersuite: Ciphersuite, team?: string): Promise<E2eiEnrollment>;
-	/**
-	 * Generates an E2EI enrollment instance for a "regular" client (with a Basic credential) willing to migrate to E2EI.
-	 * Once the enrollment is finished, use {@link CoreCryptoContext.e2eiRotate} to do key rotation.
-	 *
-	 * @param displayName - human-readable name displayed in the application e.g. `Smith, Alice M (QA)`
-	 * @param handle - user handle e.g. `alice.smith.qa@example.com`
-	 * @param expirySec - generated x509 certificate expiry
-	 * @param ciphersuite - for generating signing key material
-	 * @param team - name of the Wire team a user belongs to
-	 * @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCryptoContext.e2eiRotate}
-	 */
-	e2eiNewActivationEnrollment(displayName: string, handle: string, expirySec: number, ciphersuite: Ciphersuite, team?: string): Promise<E2eiEnrollment>;
-	/**
-	 * Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential)
-	 * having to change/rotate their credential, either because the former one is expired or it
-	 * has been revoked. It lets you change the DisplayName or the handle
-	 * if you need to. Once the enrollment is finished, use {@link CoreCryptoContext.e2eiRotate}
-	 * to do key rotation.
-	 *
-	 * @param expirySec - generated x509 certificate expiry
-	 * @param ciphersuite - for generating signing key material
-	 * @param displayName - human-readable name displayed in the application e.g. `Smith, Alice M (QA)`
-	 * @param handle - user handle e.g. `alice.smith.qa@example.com`
-	 * @param team - name of the Wire team a user belongs to
-	 * @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCryptoContext.e2eiRotate}
-	 */
-	e2eiNewRotateEnrollment(expirySec: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string, team?: string): Promise<E2eiEnrollment>;
-	/**
-	 * Use this method to initialize end-to-end identity when a client signs up and the grace period is already expired ;
-	 * that means he cannot initialize with a Basic credential
-	 *
-	 * @param enrollment - the enrollment instance used to fetch the certificates
-	 * @param certificateChain - the raw response from ACME server
-	 * @param nbKeyPackage - number of initial KeyPackage to create when initializing the client
-	 * @returns a MlsClient initialized with only a x509 credential
-	 */
-	e2eiMlsInitOnly(enrollment: E2eiEnrollment, certificateChain: string, nbKeyPackage?: number): Promise<NewCrlDistributionPoints>;
-	/**
-	 * @returns whether the E2EI PKI environment is setup (i.e. Root CA, Intermediates, CRLs)
-	 */
-	e2eiIsPKIEnvSetup(): Promise<boolean>;
-	/**
-	 * Registers a Root Trust Anchor CA for the use in E2EI processing.
-	 *
-	 * Please note that without a Root Trust Anchor, all validations *will* fail;
-	 * So this is the first step to perform after initializing your E2EI client
-	 *
-	 * @param trustAnchorPEM - PEM certificate to anchor as a Trust Root
-	 */
-	e2eiRegisterAcmeCA(trustAnchorPEM: string): Promise<void>;
-	/**
-	 * Registers an Intermediate CA for the use in E2EI processing.
-	 *
-	 * Please note that a Root Trust Anchor CA is needed to validate Intermediate CAs;
-	 * You **need** to have a Root CA registered before calling this
-	 *
-	 * @param certPEM - PEM certificate to register as an Intermediate CA
-	 */
-	e2eiRegisterIntermediateCA(certPEM: string): Promise<NewCrlDistributionPoints>;
-	/**
-	 * Registers a CRL for the use in E2EI processing.
-	 *
-	 * Please note that a Root Trust Anchor CA is needed to validate CRLs;
-	 * You **need** to have a Root CA registered before calling this
-	 *
-	 * @param crlDP - CRL Distribution Point; Basically the URL you fetched it from
-	 * @param crlDER - DER representation of the CRL
-	 *
-	 * @returns a {@link CRLRegistration} with the dirty state of the new CRL (see struct) and its expiration timestamp
-	 */
-	e2eiRegisterCRL(crlDP: string, crlDER: Uint8Array): Promise<CRLRegistration>;
-	/**
-	 * Creates an update commit which replaces your leaf containing basic credentials with a leaf node containing x509 credentials in the conversation.
-	 *
-	 * NOTE: you can only call this after you've completed the enrollment for an end-to-end identity, and saved the
-	 * resulting credential with {@link CoreCryptoContext.saveX509Credential}.
-	 * Calling this without a valid end-to-end identity will result in an error.
-	 *
-	 * Sends the corresponding commit via {@link MlsTransport.sendCommitBundle} and merges it if the call is successful.
-	 *
-	 * @param conversationId - The ID of the conversation
-	 */
-	e2eiRotate(conversationId: ConversationId): Promise<void>;
-	/**
-	 * Saves a new X509 credential. Requires first
-	 * having enrolled a new X509 certificate with either {@link CoreCryptoContext.e2eiNewActivationEnrollment}
-	 * or {@link CoreCryptoContext.e2eiNewRotateEnrollment}
-	 *
-	 * # Expected actions to perform after this function (in this order)
-	 * 1. Rotate credentials for each conversation using {@link CoreCryptoContext.e2eiRotate}
-	 * 2. Generate new key packages with {@link CoreCryptoContext.clientKeypackages}
-	 * 3. Use these to replace the stale ones the in the backend
-	 * 4. Delete the stale ones locally using {@link CoreCryptoContext.deleteStaleKeyPackages}
-	 *      * This is the last step because you might still need the old key packages to avoid
-	 *        an orphan welcome message
-	 *
-	 * @param enrollment - the enrollment instance used to fetch the certificates
-	 * @param certificateChain - the raw response from ACME server
-	 * @returns Potentially a list of new crl distribution points discovered in the certificate chain
-	 */
-	saveX509Credential(enrollment: E2eiEnrollment, certificateChain: string): Promise<NewCrlDistributionPoints>;
-	/**
-	 * Deletes all key packages whose credential does not match the most recently
-	 * saved x509 credential and the provided signature scheme.
-	 * @param ciphersuite
-	 */
-	deleteStaleKeyPackages(ciphersuite: Ciphersuite): Promise<void>;
-	/**
-	 * Allows persisting an active enrollment (for example while redirecting the user during OAuth) in order to resume
-	 * it later with {@link e2eiEnrollmentStashPop}
-	 *
-	 * @param enrollment the enrollment instance to persist
-	 * @returns a handle to fetch the enrollment later with {@link e2eiEnrollmentStashPop}
-	 */
-	e2eiEnrollmentStash(enrollment: E2eiEnrollment): Promise<Uint8Array>;
-	/**
-	 * Fetches the persisted enrollment and deletes it from the keystore
-	 *
-	 * @param handle returned by {@link e2eiEnrollmentStash}
-	 * @returns the persisted enrollment instance
-	 */
-	e2eiEnrollmentStashPop(handle: Uint8Array): Promise<E2eiEnrollment>;
-	/**
-	 * Indicates when to mark a conversation as not verified i.e. when not all its members have a X509.
-	 * Credential generated by Wire's end-to-end identity enrollment
-	 *
-	 * @param conversationId The group's ID
-	 * @returns the conversation state given current members
-	 */
-	e2eiConversationState(conversationId: ConversationId): Promise<E2eiConversationState$1>;
-	/**
-	 * Returns true when end-to-end-identity is enabled for the given Ciphersuite
-	 *
-	 * @param ciphersuite of the credential to check
-	 * @returns true if end-to-end identity is enabled for the given ciphersuite
-	 */
-	e2eiIsEnabled(ciphersuite: Ciphersuite): Promise<boolean>;
-	/**
-	 * From a given conversation, get the identity of the members supplied. Identity is only present for members with a
-	 * Certificate Credential (after turning on end-to-end identity).
-	 *
-	 * @param conversationId - identifier of the conversation
-	 * @param deviceIds - identifiers of the devices
-	 * @returns identities or if no member has a x509 certificate, it will return an empty List
-	 */
-	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId[]): Promise<WireIdentity[]>;
-	/**
-	 * From a given conversation, get the identity of the users (device holders) supplied.
-	 * Identity is only present for devices with a Certificate Credential (after turning on end-to-end identity).
-	 * If no member has a x509 certificate, it will return an empty Vec.
-	 *
-	 * @param conversationId - identifier of the conversation
-	 * @param userIds - user identifiers hyphenated UUIDv4 e.g. 'bd4c7053-1c5a-4020-9559-cd7bf7961954'
-	 * @returns a Map with all the identities for a given users. Consumers are then recommended to reduce those identities to determine the actual status of a user.
-	 */
-	getUserIdentities(conversationId: ConversationId, userIds: string[]): Promise<Map<string, WireIdentity[]>>;
-}
-/**
- * Params for CoreCrypto deferred initialization
- * Please note that the `entropySeed` parameter MUST be exactly 32 bytes
- */
-export interface CoreCryptoDeferredParams {
-	/**
-	 * Name of the IndexedDB database
-	 */
-	databaseName: string;
-	/**
-	 * Encryption master key
-	 * This should be appropriately stored in a secure location (i.e. WebCrypto private key storage)
-	 */
-	key: DatabaseKey;
-	/**
-	 * External PRNG entropy pool seed.
-	 * This **must** be exactly 32 bytes
-	 */
-	entropySeed?: Uint8Array;
-}
-/**
- * Params for CoreCrypto initialization
- * Please note that the `entropySeed` parameter MUST be exactly 32 bytes
- */
-export interface CoreCryptoParams extends CoreCryptoDeferredParams {
-	/**
-	 * MLS Client ID.
-	 * This should stay consistent as it will be verified against the stored signature & identity to validate the persisted credential
-	 */
-	clientId: ClientId;
-	/**
-	 * All the ciphersuites this MLS client can support
-	 */
-	ciphersuites: Ciphersuite[];
-	/**
-	 * Number of initial KeyPackage to create when initializing the client
-	 */
-	nbKeyPackage?: number;
-}
-export interface EpochObserver {
-	epochChanged(conversationId: ConversationId, epoch: number): Promise<void>;
-}
-export interface HistoryObserver {
-	historyClientCreated(conversationId: ConversationId, secret: HistorySecret): Promise<void>;
-}
-/**
- * Initializes the global logger for Core Crypto and registers the callback.
- *
- * **NOTE:** you must call this after `await CoreCrypto.init(params)` or `await CoreCrypto.deferredInit(params)`.
- *
- * @param logger - the interface to be called when something is going to be logged
- **/
-export declare function setLogger(logger: CoreCryptoLogger): void;
-/**
- * An interface to register a logger in CoreCrypto
- **/
-export interface CoreCryptoLogger {
-	/**
-	 * This method will be called by Core Crypto to log messages. It is up to the implementer to decide how to handle the message and where to actually log it.
-	 * @param level - the level of the logged message. it will also be present in the json message
-	 * @param message - log message
-	 * @param context - additional context captured when the log was made.
-	 **/
-	log: (level: CoreCryptoLogLevel, message: string, context: string) => void;
-}
-/**
- * Defines the maximum log level for the logs from Core Crypto
- **/
-export declare enum CoreCryptoLogLevel {
-	Off = 1,
-	Trace = 2,
-	Debug = 3,
-	Info = 4,
-	Warn = 5,
-	Error = 6
-}
-/**
- * Sets maximum log level for logs forwarded to the logger, defaults to `Warn`.
- *
- * @param level - the max level that should be logged
- */
-export declare function setMaxLogLevel(level: CoreCryptoLogLevel): void;
-/**
- * Returns build metadata for the {@link CoreCrypto} libary.
- *
- * @returns varous build metadata for `core-crypto`.
- */
-export declare function buildMetadata(): BuildMetadata;
-/**
- * Returns the current version of {@link CoreCrypto}
- *
- * @returns the CoreCrypto version as a string (e.g. "3.1.2")
- */
-export declare function version(): string;
-/**
- * Wrapper for the WASM-compiled version of CoreCrypto
- */
-export declare class CoreCrypto {
-	#private;
-	/**
-	 * Should only be used internally
-	 */
-	inner(): unknown;
-	static setLogger(logger: CoreCryptoLogger): void;
-	static setMaxLogLevel(level: CoreCryptoLogLevel): void;
-	/**
-	 * This is your entrypoint to initialize {@link CoreCrypto}!
-	 *
-	 * @param params - {@link CoreCryptoParams}
-	 *
-	 * @example
-	 * ## Simple init
-	 * ```ts
-	 * const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
-	 * // Do the rest with `cc`
-	 * ```
-	 *
-	 * ## Custom Entropy seed init
-	 * ```ts
-	 * // FYI, this is the IETF test vector #1
-	 * const entropySeed = Uint32Array.from([
-	 *   0xade0b876, 0x903df1a0, 0xe56a5d40, 0x28bd8653,
-	 *   0xb819d2bd, 0x1aed8da0, 0xccef36a8, 0xc70d778b,
-	 *   0x7c5941da, 0x8d485751, 0x3fe02477, 0x374ad8b8,
-	 *   0xf4b8436a, 0x1ca11815, 0x69b687c3, 0x8665eeb2,
-	 * ]);
-	 *
-	 * const cc = await CoreCrypto.init({
-	 *   databaseName: "test",
-	 *   key: "test",
-	 *   clientId: "test",
-	 *   entropySeed,
-	 * });
-	 * ````
-	 */
-	static init({ databaseName, key, clientId, ciphersuites, entropySeed, nbKeyPackage, }: CoreCryptoParams): Promise<CoreCrypto>;
-	/**
-	 * Almost identical to {@link CoreCrypto.init} but allows a 2 phase initialization of MLS.
-	 * First, calling this will set up the keystore and will allow generating proteus prekeys.
-	 * Then, those keys can be traded for a clientId.
-	 * Use this clientId to initialize MLS with {@link CoreCryptoContext.mlsInit}.
-	 * @param params - {@link CoreCryptoDeferredParams}
-	 */
-	static deferredInit({ databaseName, key, entropySeed, }: CoreCryptoDeferredParams): Promise<CoreCrypto>;
-	/**
-	 * Instantiate a history client.
-	 *
-	 * This client exposes the full interface of `CoreCrypto`, but it should only be used to decrypt messages.
-	 * Other use is a logic error.
-	 */
-	static historyClient(historySecret: HistorySecret): Promise<CoreCrypto>;
-	/**
-	 * Starts a new transaction in Core Crypto. If the callback succeeds, it will be committed,
-	 * otherwise, every operation performed with the context will be discarded.
-	 *
-	 * @param callback - The callback to execute within the transaction
-	 *
-	 * @returns the result of the callback will be returned from this call
-	 */
-	transaction<R>(callback: (ctx: CoreCryptoContext$1) => Promise<R>): Promise<R>;
-	/** @hidden */
-	private constructor();
-	/**
-	 * Waits for any transaction that is currently in progress, then closes this {@link CoreCrypto}
-	 * instance and deallocates all loaded resources
-	 *
-	 * **CAUTION**: This {@link CoreCrypto} instance won't be usable after a call to this method,
-	 * but there's no way to express this requirement in TypeScript, so you'll get errors instead!
-	 */
-	close(): Promise<void>;
-	/**
-	 * Registers the transport callbacks for core crypto to give it access to backend endpoints for sending
-	 * a commit bundle or a message, respectively.
-	 *
-	 * @param transportProvider - Any implementor of the {@link MlsTransport} interface
-	 * @param _ctx - unused
-	 */
-	provideTransport(transportProvider: MlsTransport, _ctx?: unknown): Promise<void>;
-	/**
-	 * See {@link CoreCryptoContext.conversationExists}.
-	 */
-	conversationExists(conversationId: ConversationId): Promise<boolean>;
-	/**
-	 * See {@link CoreCryptoContext.conversationEpoch}.
-	 *
-	 * @returns the epoch of the conversation
-	 *
-	 * @example
-	 * ```ts
-	 *  const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
-	 *  const encoder = new TextEncoder();
-	 *  console.log(await cc.conversationEpoch(encoder.encode("my super chat")))
-	 * ```
-	 */
-	conversationEpoch(conversationId: ConversationId): Promise<number>;
-	/**
-	 * See {@link CoreCryptoContext.conversationCiphersuite}.
-	 *
-	 * @returns the ciphersuite of the conversation
-	 */
-	conversationCiphersuite(conversationId: ConversationId): Promise<Ciphersuite>;
-	/**
-	 * See {@link CoreCryptoContext.clientPublicKey}.
-	 *
-	 * @param ciphersuite - of the signature key to get
-	 * @param credentialType - of the public key to look for
-	 * @returns the client's public signature key
-	 */
-	clientPublicKey(ciphersuite: Ciphersuite, credentialType: CredentialType): Promise<Uint8Array>;
-	/**
-	 * See {@link CoreCryptoContext.exportSecretKey}.
-	 *
-	 * @param conversationId - The group's ID
-	 * @param keyLength - the length of the key to be derived. If the value is higher than the
-	 * bounds of `u16` or the context hash * 255, an error will be returned
-	 *
-	 * @returns A `Uint8Array` representing the derived key
-	 */
-	exportSecretKey(conversationId: ConversationId, keyLength: number): Promise<Uint8Array>;
-	/**
-	 * Check if history sharing is enabled, i.e., if any of the conversation members have a {@link ClientId} starting
-	 * with the history client id prefix.
-	 *
-	 * @param conversationId - The group's ID
-	 *
-	 * @returns Whether history sharing is enabled
-	 */
-	isHistorySharingEnabled(conversationId: ConversationId): Promise<boolean>;
-	/**
-	 * See {@link CoreCryptoContext.getExternalSender}.
-	 *
-	 * @param conversationId - The group's ID
-	 *
-	 * @returns A `Uint8Array` representing the external sender raw public key
-	 */
-	getExternalSender(conversationId: ConversationId): Promise<Uint8Array>;
-	/**
-	 * See {@link CoreCryptoContext.getClientIds}.
-	 *
-	 * @param conversationId - The group's ID
-	 *
-	 * @returns A list of clients from the members of the group
-	 */
-	getClientIds(conversationId: ConversationId): Promise<ClientId[]>;
-	/**
-	 * See {@link CoreCryptoContext.randomBytes}.
-	 *
-	 * @param length - The number of bytes to be returned in the `Uint8Array`
-	 *
-	 * @returns A `Uint8Array` buffer that contains `length` cryptographically-secure random bytes
-	 */
-	randomBytes(length: number): Promise<Uint8Array>;
-	/**
-	 * Allows to reseed {@link CoreCrypto}'s internal CSPRNG with a new seed.
-	 *
-	 * @param seed - **exactly 32** bytes buffer seed
-	 */
-	reseedRng(seed: Uint8Array): Promise<void>;
-	/**
-	 * Checks if a session exists
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 *
-	 * @returns whether the session exists or not
-	 */
-	proteusSessionExists(sessionId: string): Promise<boolean>;
-	/**
-	 * @returns The last resort PreKey id
-	 */
-	static proteusLastResortPrekeyId(): number;
-	/**
-	 * Proteus public key fingerprint
-	 * It's basically the public key encoded as an hex string
-	 *
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprint(): Promise<string>;
-	/**
-	 * Proteus session local fingerprint
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprintLocal(sessionId: string): Promise<string>;
-	/**
-	 * Proteus session remote fingerprint
-	 *
-	 * @param sessionId - ID of the Proteus session
-	 * @returns Hex-encoded public key string
-	 */
-	proteusFingerprintRemote(sessionId: string): Promise<string>;
-	/**
-	 * Hex-encoded fingerprint of the given prekey
-	 *
-	 * @param prekey - the prekey bundle to get the fingerprint from
-	 * @returns Hex-encoded public key string
-	 **/
-	static proteusFingerprintPrekeybundle(prekey: Uint8Array): string;
-	/**
-	 * See {@link CoreCryptoContext.e2eiIsPKIEnvSetup}.
-	 * @returns whether the E2EI PKI environment is setup (i.e. Root CA, Intermediates, CRLs)
-	 */
-	e2eiIsPKIEnvSetup(): Promise<boolean>;
-	/**
-	 * See {@link CoreCryptoContext.e2eiIsEnabled}.
-	 *
-	 * @param ciphersuite of the credential to check
-	 * @returns true if end-to-end identity is enabled for the given ciphersuite
-	 */
-	e2eiIsEnabled(ciphersuite: Ciphersuite): Promise<boolean>;
-	/**
-	 * See {@link CoreCryptoContext.getDeviceIdentities}.
-	 *
-	 * @param conversationId - identifier of the conversation
-	 * @param deviceIds - identifiers of the devices
-	 * @returns identities or if no member has a x509 certificate, it will return an empty List
-	 */
-	getDeviceIdentities(conversationId: ConversationId, deviceIds: ClientId[]): Promise<WireIdentity[]>;
-	/**
-	 * See {@link CoreCryptoContext.getUserIdentities}.
-	 *
-	 * @param conversationId - identifier of the conversation
-	 * @param userIds - user identifiers hyphenated UUIDv4 e.g. 'bd4c7053-1c5a-4020-9559-cd7bf7961954'
-	 * @returns a Map with all the identities for a given users. Consumers are then recommended to reduce those identities to determine the actual status of a user.
-	 */
-	getUserIdentities(conversationId: ConversationId, userIds: string[]): Promise<Map<string, WireIdentity[]>>;
-	/**
-	 * Registers an epoch observer, which will then be notified every time a conversation's epoch changes.
-	 *
-	 * @param observer must conform to the {@link EpochObserver} interface
-	 * @returns nothing
-	 */
-	registerEpochObserver(observer: EpochObserver): Promise<void>;
-	/**
-	 * Registers a history observer, which will then be notified every time a history client is created.
-	 *
-	 * @param observer must conform to the {@link HistoryObserver} interface
-	 * @returns nothing
-	 */
-	registerHistoryObserver(observer: HistoryObserver): Promise<void>;
-}
-/**
- * Initialises the wasm module necessary for running core crypto.
- *
- * @param location path where the wasm module is located. If omitted the module is assumed be located at the root of the core crypto module.
- */
-export declare function initWasmModule(location?: string | undefined): Promise<void>;
-
-export {
-	AcmeDirectory$1 as AcmeDirectory,
-	BufferedDecryptedMessage$1 as BufferedDecryptedMessage,
-	ConversationConfiguration$1 as ConversationConfiguration,
-	CoreCryptoContext$1 as CoreCryptoContext,
-	DecryptedMessage$1 as DecryptedMessage,
-	E2eiConversationState$1 as E2eiConversationState,
-	MlsGroupInfoEncryptionType as GroupInfoEncryptionType,
-	MlsRatchetTreeType as RatchetTreeType,
-	ProteusAutoPrekeyBundle$1 as ProteusAutoPrekeyBundle,
-};
-
-export {};