@zhoujun_aptos/octopus-ts-sdk-min 0.22.4 → 0.22.6

package/dist/common/index.js

@@ -0,0 +1,4491 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ElGamal: () => elgamal_exports,
+  Enc: () => enc_exports,
+  Group: () => group_exports,
+  IBE: () => ibe_exports,
+  Sig: () => sig_exports,
+  SilentSetupEncryption: () => silent_setup_encryption_exports,
+  SilentSetupEncryptionXChain: () => silent_setup_encryption_xchain_exports,
+  Sym: () => sym_exports,
+  ThresholdIbe: () => threshold_ibe_exports,
+  Utils: () => utils_exports,
+  WorkerConfig: () => worker_config_exports,
+  WorkerTask: () => WorkerTask
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/elgamal.ts
+var elgamal_exports = {};
+__export(elgamal_exports, {
+  Ciphertext: () => Ciphertext,
+  DecKey: () => DecKey,
+  EncKey: () => EncKey,
+  dec: () => dec,
+  enc: () => enc,
+  multiExp: () => multiExp
+});
+var import_ts_sdk3 = require("@aptos-labs/ts-sdk");
+
+// src/group.ts
+var group_exports = {};
+__export(group_exports, {
+  Element: () => Element,
+  Scalar: () => Scalar,
+  msm: () => msm,
+  scalarFrom512BitHash: () => scalarFrom512BitHash
+});
+var import_ts_sdk2 = require("@aptos-labs/ts-sdk");
+var import_ed25519 = require("@noble/curves/ed25519");
+var import_utils = require("@noble/curves/utils");
+
+// src/utils.ts
+var utils_exports = {};
+__export(utils_exports, {
+  CONTRACT_ADDRESS_HEX: () => CONTRACT_ADDRESS_HEX,
+  SHELBYNET_CONTRACT_ADDRESS_HEX: () => SHELBYNET_CONTRACT_ADDRESS_HEX,
+  concatBytes: () => concatBytes,
+  getAptosConfig: () => getAptosConfig,
+  hmac_sha3_256: () => hmac_sha3_256,
+  kdf: () => kdf,
+  randBytes: () => randBytes,
+  sha3_256: () => sha3_256,
+  sha3_512: () => sha3_512,
+  xorBytes: () => xorBytes
+});
+var import_gas_station_client = require("@aptos-labs/gas-station-client");
+var import_ts_sdk = require("@aptos-labs/ts-sdk");
+var import_sha3 = require("@noble/hashes/sha3");
+var CONTRACT_ADDRESS_HEX = "0x114f3ad54703b5afb48d596103253fdfeed121e131edb83a25dfed6cb92b73ed";
+var SHELBYNET_CONTRACT_ADDRESS_HEX = "0xaa5c09269872b767ebe0dad214fc02dc9f00074380d05ff78cbcf4a1c49e0e62";
+function randBytes(length) {
+  if (typeof crypto !== "undefined" && crypto.getRandomValues) {
+    return crypto.getRandomValues(new Uint8Array(length));
+  }
+  const bytes = new Uint8Array(length);
+  for (let i = 0; i < length; i++) {
+    bytes[i] = Math.floor(Math.random() * 256);
+  }
+  return bytes;
+}
+function xorBytes(blinder, plaintext) {
+  if (blinder.length != plaintext.length) {
+    throw new Error("Blinder and plaintext must be the same length");
+  }
+  return new Uint8Array(blinder.map((byte, index) => byte ^ plaintext[index]));
+}
+function concatBytes(a, b) {
+  const result = new Uint8Array(a.length + b.length);
+  result.set(a, 0);
+  result.set(b, a.length);
+  return result;
+}
+var KeyBlockDeriveInput = class {
+  seed;
+  dst;
+  targetLength;
+  blockIndex;
+  constructor(seed, dst, targetLength, blockIndex) {
+    this.seed = seed;
+    this.dst = dst;
+    this.targetLength = targetLength;
+    this.blockIndex = blockIndex;
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.seed);
+    serializer.serializeBytes(this.dst);
+    serializer.serializeU64(this.targetLength);
+    serializer.serializeU64(this.blockIndex);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+function kdf(seed, dst, targetLength) {
+  if (seed.length < 32) {
+    throw new Error("Seed must be at least 32 bytes");
+  }
+  let blockPreImage = new KeyBlockDeriveInput(seed, dst, targetLength, 0);
+  let output = new Uint8Array(0);
+  while (targetLength > 0) {
+    let blockOutput = new Uint8Array(sha3_256(blockPreImage.toBytes()).slice(0, Math.min(32, targetLength)));
+    output = concatBytes(output, blockOutput);
+    targetLength -= blockOutput.length;
+    blockPreImage.blockIndex++;
+  }
+  return output;
+}
+function hmac_sha3_256(key, message) {
+  if (key.length !== 32) {
+    throw new Error("Key must be 32 bytes");
+  }
+  key = concatBytes(key, new Uint8Array(32));
+  let ipad = new Uint8Array(64);
+  let opad = new Uint8Array(64);
+  for (let i = 0; i < 64; i++) {
+    ipad[i] = 54;
+    opad[i] = 92;
+  }
+  const innerInput = concatBytes(xorBytes(ipad, key), message);
+  const outerInput = concatBytes(xorBytes(opad, key), sha3_256(innerInput));
+  return sha3_256(outerInput);
+}
+function sha3_256(message) {
+  return (0, import_sha3.sha3_256)(message);
+}
+function sha3_512(message) {
+  return (0, import_sha3.sha3_512)(message);
+}
+function getAptosConfig(networkName) {
+  if (networkName === "testnet") {
+    return new import_ts_sdk.AptosConfig({
+      network: import_ts_sdk.Network.TESTNET,
+      clientConfig: {
+        API_KEY: "AG-AQYQBGCUUXENJVPK8S6BQXSKXLFP7WN6U"
+      },
+      pluginSettings: { TRANSACTION_SUBMITTER: new import_gas_station_client.GasStationTransactionSubmitter({
+        network: import_ts_sdk.Network.TESTNET,
+        apiKey: "aptoslabs_UjL29oi1TsS_88HcxKLRWoDssNhLCfiasWygcioZP9MFn"
+      }) }
+    });
+  } else if (networkName === "shelbynet") {
+    return new import_ts_sdk.AptosConfig({
+      network: import_ts_sdk.Network.CUSTOM,
+      clientConfig: {
+        API_KEY: "AG-CTZKWQBKTBHPRZBDDTF6YWNTQ7MKSA1ZE"
+      },
+      pluginSettings: { TRANSACTION_SUBMITTER: new import_gas_station_client.GasStationTransactionSubmitter({
+        network: import_ts_sdk.Network.CUSTOM,
+        apiKey: "aptoslabs_BMhkGMQWaPj_7GLMCrSRKR34fYeESUAR82QfscPkVgtvb",
+        baseUrl: "https://api.shelbynet.shelby.xyz/gs/v1"
+      }) },
+      fullnode: "https://api.shelbynet.shelby.xyz/v1"
+    });
+  } else {
+    throw new Error(`Unsupported network name: ${networkName}`);
+  }
+}
+
+// src/group.ts
+var Q = BigInt("0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed");
+var Element = class _Element {
+  bytes;
+  constructor(bytes) {
+    this.bytes = bytes;
+  }
+  static dummy() {
+    return new _Element(new Uint8Array(32));
+  }
+  static fromInner(inner) {
+    const compressed = true;
+    const bytes = inner.toRawBytes(compressed);
+    return new _Element(bytes);
+  }
+  static groupIdentity() {
+    return _Element.fromInner(import_ed25519.RistrettoPoint.ZERO);
+  }
+  static rand() {
+    const randomBytes2 = randBytes(64);
+    const point = import_ed25519.RistrettoPoint.hashToCurve(randomBytes2);
+    return _Element.fromInner(point);
+  }
+  static deserialize(deserializer) {
+    const bytes = deserializer.deserializeBytes();
+    return new _Element(bytes);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk2.Deserializer(bytes);
+    const ret = _Element.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid element bytes");
+    }
+    return ret;
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.bytes);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk2.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils.bytesToHex)(this.toBytes());
+  }
+  asInner() {
+    return import_ed25519.RistrettoPoint.fromHex(this.bytes);
+  }
+  add(other) {
+    const pointA = this.asInner();
+    const pointB = other.asInner();
+    const result = pointA.add(pointB);
+    return _Element.fromInner(result);
+  }
+  sub(other) {
+    const pointA = this.asInner();
+    const pointB = other.asInner();
+    const result = pointA.subtract(pointB);
+    return _Element.fromInner(result);
+  }
+  scale(scalar) {
+    if (scalar.isZero()) {
+      return _Element.groupIdentity();
+    }
+    const point = this.asInner();
+    const s = (0, import_utils.bytesToNumberLE)(scalar.bytes);
+    const result = point.multiply(s);
+    return _Element.fromInner(result);
+  }
+};
+var Scalar = class _Scalar {
+  bytes;
+  constructor(bytes) {
+    this.bytes = bytes;
+  }
+  static dummy() {
+    return new _Scalar(new Uint8Array(32));
+  }
+  static fromU64(x) {
+    return new _Scalar((0, import_utils.numberToBytesLE)(x, 32));
+  }
+  static fromLittleEndianBytesModQ(bytes) {
+    const value = (0, import_utils.bytesToNumberLE)(bytes) % Q;
+    return new _Scalar((0, import_utils.numberToBytesLE)(value, 32));
+  }
+  static rand() {
+    const randomBytes2 = randBytes(64);
+    const value = (0, import_utils.bytesToNumberLE)(randomBytes2) % Q;
+    const scalarValue = value === 0n ? 1n : value;
+    return new _Scalar((0, import_utils.numberToBytesLE)(scalarValue, 32));
+  }
+  static deserialize(deserializer) {
+    const bytes = deserializer.deserializeBytes();
+    return new _Scalar(bytes);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk2.Deserializer(bytes);
+    const ret = _Scalar.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid scalar bytes");
+    }
+    return ret;
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.bytes);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk2.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils.bytesToHex)(this.toBytes());
+  }
+  isZero() {
+    return this.bytes.every((b) => b === 0);
+  }
+  add(other) {
+    const result = ((0, import_utils.bytesToNumberLE)(this.bytes) + (0, import_utils.bytesToNumberLE)(other.bytes)) % Q;
+    return new _Scalar((0, import_utils.numberToBytesLE)(result, 32));
+  }
+  sub(other) {
+    const result = (Q - (0, import_utils.bytesToNumberLE)(other.bytes) + (0, import_utils.bytesToNumberLE)(this.bytes)) % Q;
+    return new _Scalar((0, import_utils.numberToBytesLE)(result, 32));
+  }
+  mul(other) {
+    const result = (0, import_utils.bytesToNumberLE)(this.bytes) * (0, import_utils.bytesToNumberLE)(other.bytes) % Q;
+    return new _Scalar((0, import_utils.numberToBytesLE)(result, 32));
+  }
+  neg() {
+    const result = Q - (0, import_utils.bytesToNumberLE)(this.bytes);
+    return new _Scalar((0, import_utils.numberToBytesLE)(result, 32));
+  }
+};
+function msm(bases, scalars) {
+  let acc = Element.groupIdentity();
+  for (let i = 0; i < bases.length; i++) {
+    const scaled = bases[i].scale(scalars[i]);
+    acc = acc.add(scaled);
+  }
+  return acc;
+}
+function scalarFrom512BitHash(hash) {
+  if (hash.length !== 64) {
+    throw new Error("Hash must be 512 bits (64 bytes)");
+  }
+  const value = (0, import_utils.bytesToNumberLE)(hash) % Q;
+  return new Scalar((0, import_utils.numberToBytesLE)(value, 32));
+}
+
+// src/elgamal.ts
+var Ciphertext = class _Ciphertext {
+  c0;
+  c1;
+  constructor(c0, c1) {
+    this.c0 = c0;
+    this.c1 = c1;
+  }
+  static deserialize(deserializer) {
+    const c0 = Element.deserialize(deserializer);
+    const c1 = Element.deserialize(deserializer);
+    return new _Ciphertext(c0, c1);
+  }
+  encode(serializer) {
+    this.c0.serialize(serializer);
+    this.c1.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk3.Serializer();
+    this.encode(serializer);
+    return serializer.toUint8Array();
+  }
+  add(other) {
+    return new _Ciphertext(this.c0.add(other.c0), this.c1.add(other.c1));
+  }
+  scale(scalar) {
+    return new _Ciphertext(this.c0.scale(scalar), this.c1.scale(scalar));
+  }
+};
+var DecKey = class _DecKey {
+  encBase;
+  privateScalar;
+  constructor(encBase, privateScalar) {
+    this.encBase = encBase;
+    this.privateScalar = privateScalar;
+  }
+  static deserialize(deserializer) {
+    const encBase = Element.deserialize(deserializer);
+    const privateScalar = Scalar.deserialize(deserializer);
+    return new _DecKey(encBase, privateScalar);
+  }
+  encode(serializer) {
+    this.encBase.serialize(serializer);
+    this.privateScalar.serialize(serializer);
+  }
+};
+var EncKey = class _EncKey {
+  encBase;
+  publicPoint;
+  constructor(encBase, publicPoint) {
+    this.encBase = encBase;
+    this.publicPoint = publicPoint;
+  }
+  static decode(deserializer) {
+    const encBase = Element.deserialize(deserializer);
+    const publicPoint = Element.deserialize(deserializer);
+    return new _EncKey(encBase, publicPoint);
+  }
+  encode(serializer) {
+    this.encBase.serialize(serializer);
+    this.publicPoint.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk3.Serializer();
+    this.encode(serializer);
+    return serializer.toUint8Array();
+  }
+};
+function enc(ek, randomizer, ptxt) {
+  return new Ciphertext(
+    ek.encBase.scale(randomizer),
+    ptxt.add(ek.publicPoint.scale(randomizer))
+  );
+}
+function dec(dk, ciph) {
+  const unblinder = ciph.c0.scale(dk.privateScalar);
+  return ciph.c1.sub(unblinder);
+}
+function multiExp(ciphs, scalars) {
+  let acc = new Ciphertext(
+    Element.groupIdentity(),
+    Element.groupIdentity()
+  );
+  for (let i = 0; i < ciphs.length; i++) {
+    acc = acc.add(ciphs[i].scale(scalars[i]));
+  }
+  return acc;
+}
+
+// src/enc/index.ts
+var enc_exports = {};
+__export(enc_exports, {
+  Ciphertext: () => Ciphertext2,
+  DecryptionKey: () => DecryptionKey,
+  EncryptionKey: () => EncryptionKey,
+  SCHEME_SIMPLE_ELGAMAL_RISTRETTO255: () => SCHEME_SIMPLE_ELGAMAL_RISTRETTO255,
+  decrypt: () => decrypt2,
+  deriveEncryptionKey: () => deriveEncryptionKey2,
+  encrypt: () => encrypt2,
+  encryptWithRandomness: () => encryptWithRandomness2,
+  keygen: () => keygen2
+});
+var import_ts_sdk5 = require("@aptos-labs/ts-sdk");
+var import_utils5 = require("@noble/hashes/utils");
+
+// src/enc/simple_elgamal_ristretto255.ts
+var import_ts_sdk4 = require("@aptos-labs/ts-sdk");
+var import_utils3 = require("@noble/hashes/utils");
+var SimpleElGamalRistretto255EncKey = class _SimpleElGamalRistretto255EncKey {
+  elgamalEk;
+  constructor(elgamalEk) {
+    this.elgamalEk = elgamalEk;
+  }
+  static deserialize(deserializer) {
+    const elgamalEk = EncKey.decode(deserializer);
+    return new _SimpleElGamalRistretto255EncKey(elgamalEk);
+  }
+  serialize(serializer) {
+    this.elgamalEk.encode(serializer);
+  }
+};
+var SimpleElGamalRistretto255DecKey = class _SimpleElGamalRistretto255DecKey {
+  elgamalDk;
+  constructor(elgamalDk) {
+    this.elgamalDk = elgamalDk;
+  }
+  static deserialize(deserializer) {
+    const elgamalDk = DecKey.deserialize(deserializer);
+    return new _SimpleElGamalRistretto255DecKey(elgamalDk);
+  }
+  serialize(serializer) {
+    this.elgamalDk.encode(serializer);
+  }
+};
+var SimpleElGamalRistretto255Ciphertext = class _SimpleElGamalRistretto255Ciphertext {
+  elgamalCiph;
+  symmetricCiph;
+  mac;
+  constructor(elgamalCiph, symmetricCiph, mac) {
+    this.elgamalCiph = elgamalCiph;
+    this.symmetricCiph = symmetricCiph;
+    this.mac = mac;
+  }
+  static deserialize(deserializer) {
+    const elgamalCiph = Ciphertext.deserialize(deserializer);
+    const symmetricCiph = deserializer.deserializeBytes();
+    const mac = deserializer.deserializeBytes();
+    return new _SimpleElGamalRistretto255Ciphertext(elgamalCiph, symmetricCiph, mac);
+  }
+  serialize(serializer) {
+    this.elgamalCiph.encode(serializer);
+    serializer.serializeBytes(this.symmetricCiph);
+    serializer.serializeBytes(this.mac);
+  }
+};
+function keygen() {
+  const encBase = Element.rand();
+  const privateScalar = Scalar.rand();
+  const elgamalDk = new DecKey(encBase, privateScalar);
+  return new SimpleElGamalRistretto255DecKey(elgamalDk);
+}
+function deriveEncryptionKey(dk) {
+  const { elgamalDk } = dk;
+  const { encBase, privateScalar } = elgamalDk;
+  const publicPoint = encBase.scale(privateScalar);
+  const elgamalEk = new EncKey(encBase, publicPoint);
+  return new SimpleElGamalRistretto255EncKey(elgamalEk);
+}
+var EncRandomizer = class _EncRandomizer {
+  elgamalPtxt;
+  elgamalRand;
+  constructor(elgamalPtxt, elgamalRand) {
+    this.elgamalPtxt = elgamalPtxt;
+    this.elgamalRand = elgamalRand;
+  }
+  static deserialize(deserializer) {
+    const elgamalPtxt = Element.deserialize(deserializer);
+    const elgamalRand = Scalar.deserialize(deserializer);
+    return new _EncRandomizer(elgamalPtxt, elgamalRand);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk4.Deserializer(bytes);
+    const ret = _EncRandomizer.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid enc randomizer bytes");
+    }
+    return ret;
+  }
+  serialize(serializer) {
+    this.elgamalPtxt.serialize(serializer);
+    this.elgamalRand.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk4.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+function encrypt(ek, msg) {
+  const elgamalPtxt = Element.rand();
+  const elgamalRand = Scalar.rand();
+  const encRandomizer = new EncRandomizer(elgamalPtxt, elgamalRand);
+  return encryptWithRandomness(ek, msg, encRandomizer.toBytes());
+}
+function encryptWithRandomness(ek, msg, randomness) {
+  const { elgamalEk } = ek;
+  const { elgamalPtxt, elgamalRand } = EncRandomizer.fromBytes(randomness);
+  const elgamalCiph = enc(elgamalEk, elgamalRand, elgamalPtxt);
+  const seed = elgamalPtxt.toBytes();
+  const otp = kdf(seed, new TextEncoder().encode("OTP/SIMPLE_ELGAMAL_RISTRETTO255"), msg.length);
+  const symmetricCiph = xorBytes(otp, msg);
+  const hmacKey = kdf(seed, new TextEncoder().encode("HMAC/SIMPLE_ELGAMAL_RISTRETTO255"), 32);
+  const mac = hmac_sha3_256(hmacKey, symmetricCiph);
+  return new SimpleElGamalRistretto255Ciphertext(elgamalCiph, symmetricCiph, mac);
+}
+function decrypt(dk, ciphertext) {
+  const { elgamalDk } = dk;
+  const { elgamalCiph, symmetricCiph, mac } = ciphertext;
+  const elgamalPtxt = dec(elgamalDk, elgamalCiph);
+  const seed = elgamalPtxt.toBytes();
+  const hmacKey = kdf(seed, new TextEncoder().encode("HMAC/SIMPLE_ELGAMAL_RISTRETTO255"), 32);
+  const macAnother = hmac_sha3_256(hmacKey, symmetricCiph);
+  if ((0, import_utils3.bytesToHex)(mac) !== (0, import_utils3.bytesToHex)(macAnother)) {
+    return void 0;
+  }
+  const otp = kdf(seed, new TextEncoder().encode("OTP/SIMPLE_ELGAMAL_RISTRETTO255"), symmetricCiph.length);
+  const msg = xorBytes(otp, symmetricCiph);
+  return msg;
+}
+
+// src/enc/index.ts
+var SCHEME_SIMPLE_ELGAMAL_RISTRETTO255 = 0;
+var EncryptionKey = class _EncryptionKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+      const inner = SimpleElGamalRistretto255EncKey.deserialize(deserializer);
+      return new _EncryptionKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk5.Deserializer(bytes);
+    const result = _EncryptionKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid encryption key bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _EncryptionKey.fromBytes((0, import_utils5.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk5.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils5.bytesToHex)(this.toBytes());
+  }
+};
+var DecryptionKey = class _DecryptionKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+      const inner = SimpleElGamalRistretto255DecKey.deserialize(deserializer);
+      return new _DecryptionKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk5.Deserializer(bytes);
+    const result = _DecryptionKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid decryption key bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _DecryptionKey.fromBytes((0, import_utils5.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk5.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils5.bytesToHex)(this.toBytes());
+  }
+};
+var Ciphertext2 = class _Ciphertext {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+      const inner = SimpleElGamalRistretto255Ciphertext.deserialize(deserializer);
+      return new _Ciphertext(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk5.Deserializer(bytes);
+    const result = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid ciphertext bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils5.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk5.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils5.bytesToHex)(this.toBytes());
+  }
+};
+function keygen2(schemeId) {
+  const scheme = schemeId ?? SCHEME_SIMPLE_ELGAMAL_RISTRETTO255;
+  if (scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+    const dk = keygen();
+    return new DecryptionKey(scheme, dk);
+  } else {
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+}
+function deriveEncryptionKey2(dk) {
+  if (dk.scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+    const ek = deriveEncryptionKey(dk.inner);
+    return new EncryptionKey(dk.scheme, ek);
+  } else {
+    throw new Error(`Unknown scheme: ${dk.scheme}`);
+  }
+}
+function encrypt2(ek, msg) {
+  if (ek.scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+    const ciphertext = encrypt(ek.inner, msg);
+    return new Ciphertext2(ek.scheme, ciphertext);
+  } else {
+    throw new Error(`Unknown scheme: ${ek.scheme}`);
+  }
+}
+function encryptWithRandomness2(ek, msg, randomness) {
+  if (ek.scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+    const ciphertext = encryptWithRandomness(ek.inner, msg, randomness);
+    return new Ciphertext2(ek.scheme, ciphertext);
+  } else {
+    throw new Error(`Unknown scheme: ${ek.scheme}`);
+  }
+}
+function decrypt2(dk, ciphertext) {
+  if (dk.scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255 && ciphertext.scheme === SCHEME_SIMPLE_ELGAMAL_RISTRETTO255) {
+    return decrypt(dk.inner, ciphertext.inner);
+  } else {
+    throw new Error(`Unknown scheme: dk=${dk.scheme}, ciphertext=${ciphertext.scheme}`);
+  }
+}
+
+// src/ibe/index.ts
+var ibe_exports = {};
+__export(ibe_exports, {
+  Ciphertext: () => Ciphertext4,
+  IdentityPrivateKey: () => IdentityPrivateKey2,
+  MasterPrivateKey: () => MasterPrivateKey2,
+  MasterPublicKey: () => MasterPublicKey2,
+  SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK: () => SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK,
+  decrypt: () => decrypt4,
+  derivePublicKey: () => derivePublicKey2,
+  encrypt: () => encrypt4,
+  encryptWithRandomness: () => encryptWithRandomness4,
+  extract: () => extract2,
+  keygen: () => keygen4
+});
+var import_ts_sdk6 = require("@aptos-labs/ts-sdk");
+var import_utils9 = require("@noble/curves/abstract/utils");
+
+// src/ibe/otp_hmac_boneh_franklin_bls12381_short_pk.ts
+var import_bls12_381 = require("@noble/curves/bls12-381");
+var import_utils6 = require("@noble/curves/utils");
+var import_utils7 = require("@noble/hashes/utils");
+var DST_OTP = new TextEncoder().encode("BONEH_FRANKLIN_BLS12381_SHORT_PK/OTP");
+var DST_ID_HASH = new TextEncoder().encode("BONEH_FRANKLIN_BLS12381_SHORT_PK/HASH_ID_TO_CURVE");
+var DST_MAC = new TextEncoder().encode("BONEH_FRANKLIN_BLS12381_SHORT_PK/MAC");
+var MasterPublicKey = class _MasterPublicKey {
+  base;
+  publicPointG1;
+  constructor(base, publicPointG1) {
+    this.base = base;
+    this.publicPointG1 = publicPointG1;
+  }
+  static deserialize(deserializer) {
+    const baseBytes = deserializer.deserializeBytes();
+    const base = import_bls12_381.bls12_381.G1.Point.fromBytes(baseBytes);
+    const publicPointG1Bytes = deserializer.deserializeBytes();
+    const publicPointG1 = import_bls12_381.bls12_381.G1.Point.fromBytes(publicPointG1Bytes);
+    return new _MasterPublicKey(base, publicPointG1);
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.base.toBytes());
+    serializer.serializeBytes(this.publicPointG1.toBytes());
+  }
+};
+var MasterPrivateKey = class _MasterPrivateKey {
+  base;
+  privateScalar;
+  constructor(base, privateScalar) {
+    this.base = base;
+    this.privateScalar = privateScalar;
+  }
+  static deserialize(deserializer) {
+    const baseBytes = deserializer.deserializeBytes();
+    const base = import_bls12_381.bls12_381.G1.Point.fromBytes(baseBytes);
+    const privateScalarBytes = deserializer.deserializeBytes();
+    const privateScalar = BigInt("0x" + Array.from(privateScalarBytes).reverse().map((b) => b.toString(16).padStart(2, "0")).join(""));
+    return new _MasterPrivateKey(base, privateScalar);
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.base.toBytes());
+    serializer.serializeBytes((0, import_utils6.numberToBytesLE)(this.privateScalar, 32));
+  }
+};
+var IdentityPrivateKey = class _IdentityPrivateKey {
+  privatePointG2;
+  constructor(privatePointG2) {
+    this.privatePointG2 = privatePointG2;
+  }
+  static deserialize(deserializer) {
+    const privatePointG2Bytes = deserializer.deserializeBytes();
+    const privatePointG2 = import_bls12_381.bls12_381.G2.Point.fromBytes(privatePointG2Bytes);
+    return new _IdentityPrivateKey(privatePointG2);
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.privatePointG2.toBytes());
+  }
+};
+var Ciphertext3 = class _Ciphertext {
+  c0;
+  symmetricCiph;
+  mac;
+  constructor(c0, symmetricCiph, mac) {
+    this.c0 = c0;
+    this.symmetricCiph = symmetricCiph;
+    this.mac = mac;
+  }
+  static deserialize(deserializer) {
+    const c0Bytes = deserializer.deserializeBytes();
+    const c0 = import_bls12_381.bls12_381.G1.Point.fromBytes(c0Bytes);
+    const symmetricCiph = deserializer.deserializeBytes();
+    const mac = deserializer.deserializeBytes();
+    return new _Ciphertext(c0, symmetricCiph, mac);
+  }
+  serialize(serializer) {
+    serializer.serializeBytes(this.c0.toBytes());
+    serializer.serializeBytes(this.symmetricCiph);
+    serializer.serializeBytes(this.mac);
+  }
+};
+function keygen3() {
+  const base = import_bls12_381.bls12_381.G1.hashToCurve((0, import_utils7.randomBytes)(32));
+  const privateScalar = (0, import_utils6.bytesToNumberBE)(import_bls12_381.bls12_381.utils.randomSecretKey());
+  return new MasterPrivateKey(base, privateScalar);
+}
+function derivePublicKey(privateKey) {
+  const publicPoint = privateKey.base.multiply(privateKey.privateScalar);
+  return new MasterPublicKey(privateKey.base, publicPoint);
+}
+function encrypt3(publicKey, id, plaintext) {
+  const r = (0, import_utils6.bytesToNumberBE)(import_bls12_381.bls12_381.utils.randomSecretKey());
+  return encryptWithRandomness3(publicKey, id, plaintext, (0, import_utils6.numberToBytesLE)(r, 32));
+}
+function encryptWithRandomness3(publicKey, id, plaintext, randomness) {
+  const r = (0, import_utils6.bytesToNumberLE)(randomness);
+  const idPoint = import_bls12_381.bls12_381.G2.hashToCurve(id, { DST: DST_ID_HASH });
+  const seedElement = import_bls12_381.bls12_381.pairing(publicKey.publicPointG1.multiply(r), idPoint);
+  const seed = bls12381GtReprNobleToAptos(import_bls12_381.bls12_381.fields.Fp12.toBytes(seedElement));
+  const otp = kdf(seed, DST_OTP, plaintext.length);
+  const macKey = kdf(seed, DST_MAC, 32);
+  const symmetricCiph = xorBytes(otp, plaintext);
+  const mac = hmac_sha3_256(macKey, symmetricCiph);
+  const c0 = publicKey.base.multiply(r);
+  return new Ciphertext3(c0, symmetricCiph, mac);
+}
+function bls12381GtReprNobleToAptos(noble) {
+  if (noble.length !== 576) {
+    throw new Error("noble must be 576 bytes");
+  }
+  const chunks = [];
+  for (let i = 0; i < noble.length; i += 48) {
+    chunks.push(noble.slice(i, i + 48).reverse());
+  }
+  const result = new Uint8Array(576);
+  for (let i = 0; i < 12; i++) {
+    result.set(chunks[i], i * 48);
+  }
+  return result;
+}
+function extract(privateKey, id) {
+  const idPoint = import_bls12_381.bls12_381.G2.hashToCurve(id, { DST: DST_ID_HASH });
+  const privatePointG2 = idPoint.multiply(privateKey.privateScalar);
+  return new IdentityPrivateKey(privatePointG2);
+}
+function decrypt3(identityKey, ciphertext) {
+  const seedElementGt = import_bls12_381.bls12_381.pairing(ciphertext.c0, identityKey.privatePointG2);
+  const seed = bls12381GtReprNobleToAptos(import_bls12_381.bls12_381.fields.Fp12.toBytes(seedElementGt));
+  const macKey = kdf(seed, DST_MAC, 32);
+  const macAnother = hmac_sha3_256(macKey, ciphertext.symmetricCiph);
+  if ((0, import_utils7.bytesToHex)(ciphertext.mac) !== (0, import_utils7.bytesToHex)(macAnother)) {
+    return void 0;
+  }
+  const otp = kdf(seed, DST_OTP, ciphertext.symmetricCiph.length);
+  const plaintext = xorBytes(otp, ciphertext.symmetricCiph);
+  return plaintext;
+}
+
+// src/ibe/index.ts
+var SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK = 0;
+var MasterPublicKey2 = class _MasterPublicKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    if (scheme !== SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      const inner = MasterPublicKey.deserialize(deserializer);
+      return new _MasterPublicKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk6.Deserializer(bytes);
+    const ret = _MasterPublicKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Deserialization failed");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _MasterPublicKey.fromBytes((0, import_utils9.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk6.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils9.bytesToHex)(this.toBytes());
+  }
+};
+var MasterPrivateKey2 = class _MasterPrivateKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    if (scheme !== SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      const inner = MasterPrivateKey.deserialize(deserializer);
+      return new _MasterPrivateKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk6.Deserializer(bytes);
+    const ret = _MasterPrivateKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Deserialization failed");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _MasterPrivateKey.fromBytes((0, import_utils9.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk6.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils9.bytesToHex)(this.toBytes());
+  }
+};
+var IdentityPrivateKey2 = class _IdentityPrivateKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    if (scheme !== SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      const inner = IdentityPrivateKey.deserialize(deserializer);
+      return new _IdentityPrivateKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk6.Deserializer(bytes);
+    const ret = _IdentityPrivateKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Deserialization failed");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _IdentityPrivateKey.fromBytes((0, import_utils9.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk6.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils9.bytesToHex)(this.toBytes());
+  }
+};
+var Ciphertext4 = class _Ciphertext {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    if (scheme !== SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      const inner = Ciphertext3.deserialize(deserializer);
+      return new _Ciphertext(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk6.Deserializer(bytes);
+    const ret = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Deserialization failed");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils9.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk6.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils9.bytesToHex)(this.toBytes());
+  }
+};
+function keygen4(scheme) {
+  if (scheme === void 0) {
+    scheme = SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK;
+  }
+  if (scheme === SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    let msk = keygen3();
+    return new MasterPrivateKey2(scheme, msk);
+  }
+  throw new Error(`Unknown scheme: ${scheme}`);
+}
+function derivePublicKey2(privateKey) {
+  if (privateKey.scheme == SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    return new MasterPublicKey2(SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK, derivePublicKey(privateKey.inner));
+  }
+  throw new Error(`Unknown scheme: ${privateKey.scheme}`);
+}
+function encrypt4(publicKey, id, plaintext) {
+  if (publicKey.scheme == SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    return new Ciphertext4(
+      SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK,
+      encrypt3(publicKey.inner, id, plaintext)
+    );
+  }
+  throw new Error(`Unknown scheme: ${publicKey.scheme}`);
+}
+function encryptWithRandomness4(publicKey, id, plaintext, randomness) {
+  if (publicKey.scheme == SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    return new Ciphertext4(
+      SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK,
+      encryptWithRandomness3(publicKey.inner, id, plaintext, randomness)
+    );
+  }
+  throw new Error(`Unknown scheme: ${publicKey.scheme}`);
+}
+function extract2(privateKey, id) {
+  if (privateKey.scheme == SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    return new IdentityPrivateKey2(
+      SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK,
+      extract(privateKey.inner, id)
+    );
+  }
+  throw new Error(`Unknown scheme: ${privateKey.scheme}`);
+}
+function decrypt4(identityKey, ciphertext) {
+  if (identityKey.scheme == SCHEME_OTP_HAMC_BONEH_FRANKLIN_BLS12381_SHORT_PK) {
+    return decrypt3(identityKey.inner, ciphertext.inner);
+  }
+  throw new Error(`Unknown scheme: ${identityKey.scheme}`);
+}
+
+// src/sig/index.ts
+var sig_exports = {};
+__export(sig_exports, {
+  SCHEME_SCHNORR_RISTRETTO255: () => SCHEME_SCHNORR_RISTRETTO255,
+  Signature: () => Signature,
+  SigningKey: () => SigningKey,
+  VerifyingKey: () => VerifyingKey,
+  deriveVerifyingKey: () => deriveVerifyingKey2,
+  keygen: () => keygen6,
+  sign: () => sign2,
+  signWithRandomness: () => signWithRandomness2,
+  verify: () => verify2
+});
+var import_ts_sdk7 = require("@aptos-labs/ts-sdk");
+var import_utils12 = require("@noble/hashes/utils");
+
+// src/sig/schnorr_ristretto255.ts
+var import_utils10 = require("@noble/hashes/utils");
+var SchnorrRistretto255SigningKey = class _SchnorrRistretto255SigningKey {
+  base;
+  privateScalar;
+  constructor(base, privateScalar) {
+    this.base = base;
+    this.privateScalar = privateScalar;
+  }
+  static deserialize(deserializer) {
+    const base = Element.deserialize(deserializer);
+    const privateScalar = Scalar.deserialize(deserializer);
+    return new _SchnorrRistretto255SigningKey(base, privateScalar);
+  }
+  serialize(serializer) {
+    this.base.serialize(serializer);
+    this.privateScalar.serialize(serializer);
+  }
+};
+var SchnorrRistretto255VerifyingKey = class _SchnorrRistretto255VerifyingKey {
+  base;
+  publicPoint;
+  constructor(base, publicPoint) {
+    this.base = base;
+    this.publicPoint = publicPoint;
+  }
+  static deserialize(deserializer) {
+    const base = Element.deserialize(deserializer);
+    const publicPoint = Element.deserialize(deserializer);
+    return new _SchnorrRistretto255VerifyingKey(base, publicPoint);
+  }
+  serialize(serializer) {
+    this.base.serialize(serializer);
+    this.publicPoint.serialize(serializer);
+  }
+};
+var SchnorrRistretto255Signature = class _SchnorrRistretto255Signature {
+  challenge;
+  z;
+  constructor(challenge, z) {
+    this.challenge = challenge;
+    this.z = z;
+  }
+  static deserialize(deserializer) {
+    const challenge = Scalar.deserialize(deserializer);
+    const z = Scalar.deserialize(deserializer);
+    return new _SchnorrRistretto255Signature(challenge, z);
+  }
+  serialize(serializer) {
+    this.challenge.serialize(serializer);
+    this.z.serialize(serializer);
+  }
+};
+function keygen5() {
+  const base = Element.rand();
+  const privateScalar = Scalar.rand();
+  return new SchnorrRistretto255SigningKey(base, privateScalar);
+}
+function deriveVerifyingKey(sk) {
+  const { base, privateScalar } = sk;
+  const publicPoint = base.scale(privateScalar);
+  return new SchnorrRistretto255VerifyingKey(base, publicPoint);
+}
+function sign(sk, msg) {
+  const randomness = Scalar.rand().toBytes();
+  return signWithRandomness(sk, msg, randomness);
+}
+function signWithRandomness(sk, msg, randomness) {
+  const { base, privateScalar } = sk;
+  const scalarR = Scalar.fromBytes(randomness);
+  const pointA = base.scale(scalarR);
+  const scalarChallenge = hashTranscriptToScalar(pointA, msg);
+  console.log("scalarChallenge", scalarChallenge.toHex());
+  const scalarZ = scalarR.sub(privateScalar.mul(scalarChallenge));
+  return new SchnorrRistretto255Signature(scalarChallenge, scalarZ);
+}
+function verify(vk, msg, sig) {
+  const { base, publicPoint } = vk;
+  const { challenge, z } = sig;
+  const pointA = msm([base, publicPoint], [z, challenge]);
+  const scalarChallengeAnother = hashTranscriptToScalar(pointA, msg);
+  return (0, import_utils10.bytesToHex)(challenge.toBytes()) === (0, import_utils10.bytesToHex)(scalarChallengeAnother.toBytes());
+}
+function hashTranscriptToScalar(pointA, msg) {
+  const dst = new TextEncoder().encode("DST/SCHNORR_RISTRETTO255/OCTOPUS");
+  const transcript = new Uint8Array(dst.length + pointA.toBytes().length + msg.length);
+  let offset = 0;
+  transcript.set(dst, offset);
+  offset += dst.length;
+  transcript.set(pointA.toBytes(), offset);
+  offset += pointA.toBytes().length;
+  transcript.set(msg, offset);
+  const transcriptHash = sha3_512(transcript);
+  return scalarFrom512BitHash(transcriptHash);
+}
+
+// src/sig/index.ts
+var SCHEME_SCHNORR_RISTRETTO255 = 0;
+var SigningKey = class _SigningKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SCHNORR_RISTRETTO255) {
+      const inner = SchnorrRistretto255SigningKey.deserialize(deserializer);
+      return new _SigningKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk7.Deserializer(bytes);
+    const result = _SigningKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid signing key bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _SigningKey.fromBytes((0, import_utils12.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk7.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils12.bytesToHex)(this.toBytes());
+  }
+};
+var VerifyingKey = class _VerifyingKey {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SCHNORR_RISTRETTO255) {
+      const inner = SchnorrRistretto255VerifyingKey.deserialize(deserializer);
+      return new _VerifyingKey(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk7.Deserializer(bytes);
+    const result = _VerifyingKey.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid verifying key bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _VerifyingKey.fromBytes((0, import_utils12.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk7.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils12.bytesToHex)(this.toBytes());
+  }
+};
+var Signature = class _Signature {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_SCHNORR_RISTRETTO255) {
+      const inner = SchnorrRistretto255Signature.deserialize(deserializer);
+      return new _Signature(scheme, inner);
+    }
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk7.Deserializer(bytes);
+    const result = _Signature.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid signature bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _Signature.fromBytes((0, import_utils12.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk7.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils12.bytesToHex)(this.toBytes());
+  }
+};
+function keygen6(schemeId) {
+  const scheme = schemeId ?? SCHEME_SCHNORR_RISTRETTO255;
+  if (scheme === SCHEME_SCHNORR_RISTRETTO255) {
+    const sk = keygen5();
+    return new SigningKey(scheme, sk);
+  } else {
+    throw new Error(`Unknown scheme: ${scheme}`);
+  }
+}
+function deriveVerifyingKey2(sk) {
+  if (sk.scheme === SCHEME_SCHNORR_RISTRETTO255) {
+    const vk = deriveVerifyingKey(sk.inner);
+    return new VerifyingKey(sk.scheme, vk);
+  } else {
+    throw new Error(`Unknown scheme: ${sk.scheme}`);
+  }
+}
+function sign2(sk, msg) {
+  if (sk.scheme === SCHEME_SCHNORR_RISTRETTO255) {
+    const signature = sign(sk.inner, msg);
+    return new Signature(sk.scheme, signature);
+  } else {
+    throw new Error(`Unknown scheme: ${sk.scheme}`);
+  }
+}
+function signWithRandomness2(sk, msg, randomness) {
+  if (sk.scheme === SCHEME_SCHNORR_RISTRETTO255) {
+    const signature = signWithRandomness(sk.inner, msg, randomness);
+    return new Signature(sk.scheme, signature);
+  } else {
+    throw new Error(`Unknown scheme: ${sk.scheme}`);
+  }
+}
+function verify2(vk, msg, sig) {
+  if (vk.scheme === SCHEME_SCHNORR_RISTRETTO255 && sig.scheme === SCHEME_SCHNORR_RISTRETTO255) {
+    return verify(vk.inner, msg, sig.inner);
+  } else {
+    throw new Error(`Unknown scheme: vk=${vk.scheme}, sig=${sig.scheme}`);
+  }
+}
+
+// src/silent_setup_encryption.ts
+var silent_setup_encryption_exports = {};
+__export(silent_setup_encryption_exports, {
+  Ciphertext: () => Ciphertext8,
+  DecryptionContext: () => DecryptionContext,
+  Decryptor: () => Decryptor,
+  EncryptionContext: () => EncryptionContext,
+  Encryptor: () => Encryptor,
+  RequestForDecryptionKey: () => RequestForDecryptionKey
+});
+var import_ts_sdk16 = require("@aptos-labs/ts-sdk");
+var import_utils21 = require("@noble/curves/utils");
+
+// src/shamir_gf256.ts
+var import_ts_sdk8 = require("@aptos-labs/ts-sdk");
+function hasDuplicates(array) {
+  return new Set(array).size !== array.length;
+}
+function allEqual(array) {
+  if (array.length === 0) {
+    return true;
+  }
+  return array.every((item) => item === array[0]);
+}
+var GF256 = class _GF256 {
+  value;
+  constructor(value) {
+    if (value < 0 || value >= GF256_SIZE) {
+      throw new Error(`Invalid value ${value} for GF256`);
+    }
+    this.value = value;
+  }
+  log() {
+    if (this.value === 0) {
+      throw new Error("Invalid value");
+    }
+    return LOG[this.value - 1];
+  }
+  static exp(x) {
+    return new _GF256(EXP[x % (GF256_SIZE - 1)]);
+  }
+  add(other) {
+    return new _GF256(this.value ^ other.value);
+  }
+  sub(other) {
+    return this.add(other);
+  }
+  neg() {
+    return this;
+  }
+  mul(other) {
+    if (this.value === 0 || other.value === 0) {
+      return new _GF256(0);
+    }
+    return _GF256.exp(this.log() + other.log());
+  }
+  div(other) {
+    return this.mul(_GF256.exp(GF256_SIZE - other.log() - 1));
+  }
+  equals(other) {
+    return this.value === other.value;
+  }
+  static zero() {
+    return new _GF256(0);
+  }
+  static one() {
+    return new _GF256(1);
+  }
+};
+var EXP = [
+  1,
+  3,
+  5,
+  15,
+  17,
+  51,
+  85,
+  255,
+  26,
+  46,
+  114,
+  150,
+  161,
+  248,
+  19,
+  53,
+  95,
+  225,
+  56,
+  72,
+  216,
+  115,
+  149,
+  164,
+  247,
+  2,
+  6,
+  10,
+  30,
+  34,
+  102,
+  170,
+  229,
+  52,
+  92,
+  228,
+  55,
+  89,
+  235,
+  38,
+  106,
+  190,
+  217,
+  112,
+  144,
+  171,
+  230,
+  49,
+  83,
+  245,
+  4,
+  12,
+  20,
+  60,
+  68,
+  204,
+  79,
+  209,
+  104,
+  184,
+  211,
+  110,
+  178,
+  205,
+  76,
+  212,
+  103,
+  169,
+  224,
+  59,
+  77,
+  215,
+  98,
+  166,
+  241,
+  8,
+  24,
+  40,
+  120,
+  136,
+  131,
+  158,
+  185,
+  208,
+  107,
+  189,
+  220,
+  127,
+  129,
+  152,
+  179,
+  206,
+  73,
+  219,
+  118,
+  154,
+  181,
+  196,
+  87,
+  249,
+  16,
+  48,
+  80,
+  240,
+  11,
+  29,
+  39,
+  105,
+  187,
+  214,
+  97,
+  163,
+  254,
+  25,
+  43,
+  125,
+  135,
+  146,
+  173,
+  236,
+  47,
+  113,
+  147,
+  174,
+  233,
+  32,
+  96,
+  160,
+  251,
+  22,
+  58,
+  78,
+  210,
+  109,
+  183,
+  194,
+  93,
+  231,
+  50,
+  86,
+  250,
+  21,
+  63,
+  65,
+  195,
+  94,
+  226,
+  61,
+  71,
+  201,
+  64,
+  192,
+  91,
+  237,
+  44,
+  116,
+  156,
+  191,
+  218,
+  117,
+  159,
+  186,
+  213,
+  100,
+  172,
+  239,
+  42,
+  126,
+  130,
+  157,
+  188,
+  223,
+  122,
+  142,
+  137,
+  128,
+  155,
+  182,
+  193,
+  88,
+  232,
+  35,
+  101,
+  175,
+  234,
+  37,
+  111,
+  177,
+  200,
+  67,
+  197,
+  84,
+  252,
+  31,
+  33,
+  99,
+  165,
+  244,
+  7,
+  9,
+  27,
+  45,
+  119,
+  153,
+  176,
+  203,
+  70,
+  202,
+  69,
+  207,
+  74,
+  222,
+  121,
+  139,
+  134,
+  145,
+  168,
+  227,
+  62,
+  66,
+  198,
+  81,
+  243,
+  14,
+  18,
+  54,
+  90,
+  238,
+  41,
+  123,
+  141,
+  140,
+  143,
+  138,
+  133,
+  148,
+  167,
+  242,
+  13,
+  23,
+  57,
+  75,
+  221,
+  124,
+  132,
+  151,
+  162,
+  253,
+  28,
+  36,
+  108,
+  180,
+  199,
+  82,
+  246
+];
+var LOG = [
+  0,
+  25,
+  1,
+  50,
+  2,
+  26,
+  198,
+  75,
+  199,
+  27,
+  104,
+  51,
+  238,
+  223,
+  3,
+  100,
+  4,
+  224,
+  14,
+  52,
+  141,
+  129,
+  239,
+  76,
+  113,
+  8,
+  200,
+  248,
+  105,
+  28,
+  193,
+  125,
+  194,
+  29,
+  181,
+  249,
+  185,
+  39,
+  106,
+  77,
+  228,
+  166,
+  114,
+  154,
+  201,
+  9,
+  120,
+  101,
+  47,
+  138,
+  5,
+  33,
+  15,
+  225,
+  36,
+  18,
+  240,
+  130,
+  69,
+  53,
+  147,
+  218,
+  142,
+  150,
+  143,
+  219,
+  189,
+  54,
+  208,
+  206,
+  148,
+  19,
+  92,
+  210,
+  241,
+  64,
+  70,
+  131,
+  56,
+  102,
+  221,
+  253,
+  48,
+  191,
+  6,
+  139,
+  98,
+  179,
+  37,
+  226,
+  152,
+  34,
+  136,
+  145,
+  16,
+  126,
+  110,
+  72,
+  195,
+  163,
+  182,
+  30,
+  66,
+  58,
+  107,
+  40,
+  84,
+  250,
+  133,
+  61,
+  186,
+  43,
+  121,
+  10,
+  21,
+  155,
+  159,
+  94,
+  202,
+  78,
+  212,
+  172,
+  229,
+  243,
+  115,
+  167,
+  87,
+  175,
+  88,
+  168,
+  80,
+  244,
+  234,
+  214,
+  116,
+  79,
+  174,
+  233,
+  213,
+  231,
+  230,
+  173,
+  232,
+  44,
+  215,
+  117,
+  122,
+  235,
+  22,
+  11,
+  245,
+  89,
+  203,
+  95,
+  176,
+  156,
+  169,
+  81,
+  160,
+  127,
+  12,
+  246,
+  111,
+  23,
+  196,
+  73,
+  236,
+  216,
+  67,
+  31,
+  45,
+  164,
+  118,
+  123,
+  183,
+  204,
+  187,
+  62,
+  90,
+  251,
+  96,
+  177,
+  134,
+  59,
+  82,
+  161,
+  108,
+  170,
+  85,
+  41,
+  157,
+  151,
+  178,
+  135,
+  144,
+  97,
+  190,
+  220,
+  252,
+  188,
+  149,
+  207,
+  205,
+  55,
+  63,
+  91,
+  209,
+  83,
+  57,
+  132,
+  60,
+  65,
+  162,
+  109,
+  71,
+  20,
+  42,
+  158,
+  93,
+  86,
+  242,
+  211,
+  171,
+  68,
+  17,
+  146,
+  217,
+  35,
+  32,
+  46,
+  137,
+  180,
+  124,
+  184,
+  38,
+  119,
+  153,
+  227,
+  165,
+  103,
+  74,
+  237,
+  222,
+  197,
+  49,
+  254,
+  24,
+  13,
+  99,
+  140,
+  128,
+  192,
+  247,
+  112,
+  7
+];
+var Polynomial = class _Polynomial {
+  coefficients;
+  /**
+   * Construct a new Polynomial over [GF256] from the given coefficients.
+   * The first coefficient is the constant term.
+   */
+  constructor(coefficients) {
+    this.coefficients = coefficients.slice();
+    while (this.coefficients.length > 0 && this.coefficients[this.coefficients.length - 1].value === 0) {
+      this.coefficients.pop();
+    }
+  }
+  static fromBytes(bytes) {
+    return new _Polynomial(Array.from(bytes, (b) => new GF256(b)));
+  }
+  degree() {
+    if (this.coefficients.length === 0) {
+      return 0;
+    }
+    return this.coefficients.length - 1;
+  }
+  getCoefficient(index) {
+    if (index >= this.coefficients.length) {
+      return GF256.zero();
+    }
+    return this.coefficients[index];
+  }
+  add(other) {
+    const degree = Math.max(this.degree(), other.degree());
+    return new _Polynomial(
+      Array.from(
+        { length: degree + 1 },
+        (_, i) => this.getCoefficient(i).add(other.getCoefficient(i))
+      )
+    );
+  }
+  mul(other) {
+    const degree = this.degree() + other.degree();
+    return new _Polynomial(
+      Array.from({ length: degree + 1 }, (_, i) => {
+        let sum = GF256.zero();
+        for (let j = 0; j <= i; j++) {
+          if (j <= this.degree() && i - j <= other.degree()) {
+            sum = sum.add(this.getCoefficient(j).mul(other.getCoefficient(i - j)));
+          }
+        }
+        return sum;
+      })
+    );
+  }
+  /** The polynomial s * this. */
+  scale(s) {
+    return new _Polynomial(this.coefficients.map((c) => c.mul(s)));
+  }
+  div(s) {
+    return this.scale(new GF256(1).div(s));
+  }
+  /** The polynomial x + c. */
+  static monic_linear(c) {
+    return new _Polynomial([c, GF256.one()]);
+  }
+  static zero() {
+    return new _Polynomial([]);
+  }
+  static one() {
+    return new _Polynomial([GF256.one()]);
+  }
+  /** Given a set of coordinates, interpolate a polynomial. */
+  static interpolate(coordinates) {
+    if (coordinates.length < 1) {
+      throw new Error("At least one coefficient is required");
+    }
+    if (hasDuplicates(coordinates.map(({ x }) => x.value))) {
+      throw new Error("Coefficients must have unique x values");
+    }
+    return coordinates.reduce(
+      (sum, { x: x_j, y: y_j }, j) => sum.add(
+        coordinates.filter((_, i) => i !== j).reduce(
+          (product, { x: x_i }) => product.mul(_Polynomial.monic_linear(x_i.neg()).div(x_j.sub(x_i))),
+          _Polynomial.one()
+        ).scale(y_j)
+      ),
+      _Polynomial.zero()
+    );
+  }
+  /** Given a set of coordinates, interpolate a polynomial and evaluate it at x = 0. */
+  static combine(coordinates) {
+    if (coordinates.length < 1) {
+      throw new Error("At least one coefficient is required");
+    }
+    const xValues = coordinates.map(({ x }) => x.value);
+    if (hasDuplicates(xValues)) {
+      throw new Error(`Coefficients must have unique x values. Found duplicates: ${xValues.join(", ")}`);
+    }
+    const quotient = coordinates.reduce((sum, { x: x_j, y: y_j }, j) => {
+      const denominator = x_j.mul(
+        coordinates.filter((_, i) => i !== j).reduce((product, { x: x_i }) => {
+          const diff = x_i.sub(x_j);
+          if (diff.value === 0) {
+            throw new Error(`Duplicate x values detected: x_i=${x_i.value}, x_j=${x_j.value}`);
+          }
+          return product.mul(diff);
+        }, GF256.one())
+      );
+      return sum.add(y_j.div(denominator));
+    }, GF256.zero());
+    const xProduct = coordinates.reduce((product, { x }) => product.mul(x), GF256.one());
+    return xProduct.mul(quotient);
+  }
+  /** Evaluate the polynomial at x. */
+  evaluate(x) {
+    return this.coefficients.slice().reverse().reduce((sum, coefficient) => sum.mul(x).add(coefficient), GF256.zero());
+  }
+  equals(other) {
+    if (this.coefficients.length !== other.coefficients.length) {
+      return false;
+    }
+    return this.coefficients.every((c, i) => c.equals(other.getCoefficient(i)));
+  }
+};
+var GF256_SIZE = 256;
+var Share = class _Share {
+  index;
+  payload;
+  constructor(index, payload) {
+    this.index = index;
+    this.payload = payload;
+  }
+  deserialize(deserializer) {
+    this.index = deserializer.deserializeU8();
+    this.payload = deserializer.deserializeBytes();
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk8.Deserializer(bytes);
+    const share = new _Share(0, new Uint8Array());
+    share.deserialize(deserializer);
+    return share;
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.index);
+    serializer.serializeBytes(this.payload);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk8.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+function toInternalShare(share) {
+  return {
+    index: new GF256(share.index),
+    payload: Array.from(share.payload, (byte) => new GF256(byte))
+  };
+}
+function toShare(internalShare) {
+  return new Share(internalShare.index.value, new Uint8Array(internalShare.payload.map((byte) => byte.value)));
+}
+function samplePolynomial(constant, degree) {
+  const randomCoefficients = new Uint8Array(degree);
+  crypto.getRandomValues(randomCoefficients);
+  return Polynomial.fromBytes(new Uint8Array([constant.value, ...randomCoefficients]));
+}
+function split(secret, threshold, total) {
+  if (threshold > total || threshold < 1 || total > GF256_SIZE) {
+    throw new Error(`Invalid threshold ${threshold} or total ${total}`);
+  }
+  const polynomials = Array.from(secret, (s) => samplePolynomial(new GF256(s), threshold - 1));
+  return Array.from({ length: total }, (_, i) => {
+    const index = new GF256(i + 1);
+    const payload = polynomials.map((p) => p.evaluate(index));
+    return toShare({ index, payload });
+  });
+}
+function validateShares(shares) {
+  if (shares.length < 1) {
+    throw new Error("At least one share is required");
+  }
+  if (!allEqual(shares.map(({ payload }) => payload.length))) {
+    throw new Error("All shares must have the same length");
+  }
+  if (hasDuplicates(shares.map(({ index }) => index))) {
+    throw new Error("Shares must have unique indices");
+  }
+  const internalShares = shares.map(toInternalShare);
+  const length = internalShares[0].payload.length;
+  return { internalShares, length };
+}
+function combine(shares) {
+  const { internalShares, length } = validateShares(shares);
+  return new Uint8Array(
+    Array.from(
+      { length },
+      (_, i) => Polynomial.combine(
+        internalShares.map(({ index, payload }) => ({
+          x: index,
+          y: payload[i]
+        }))
+      ).value
+    )
+  );
+}
+
+// src/sym/index.ts
+var sym_exports = {};
+__export(sym_exports, {
+  Ciphertext: () => Ciphertext6,
+  Key: () => Key2,
+  decrypt: () => decrypt6,
+  encrypt: () => encrypt6,
+  encryptWithRandomness: () => encryptWithRandomness6,
+  keygen: () => keygen8
+});
+var import_ts_sdk10 = require("@aptos-labs/ts-sdk");
+var import_utils15 = require("@noble/curves/utils");
+
+// src/sym/aes256gcm.ts
+var import_ts_sdk9 = require("@aptos-labs/ts-sdk");
+var import_aes = require("@noble/ciphers/aes");
+var import_utils13 = require("@noble/curves/utils");
+var Key = class _Key {
+  inner;
+  constructor(inner) {
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const inner = deserializer.deserializeFixedBytes(32);
+    return new _Key(inner);
+  }
+  serialize(serializer) {
+    serializer.serializeFixedBytes(this.inner);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk9.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils13.bytesToHex)(this.toBytes());
+  }
+};
+var Ciphertext5 = class _Ciphertext {
+  iv;
+  ct;
+  tag;
+  constructor(iv, ct, tag) {
+    this.iv = iv;
+    this.ct = ct;
+    this.tag = tag;
+  }
+  static dummy() {
+    return new _Ciphertext(new Uint8Array(12), new Uint8Array(0), new Uint8Array(16));
+  }
+  static deserialize(deserializer) {
+    let iv = deserializer.deserializeFixedBytes(12);
+    let ct = deserializer.deserializeBytes();
+    let tag = deserializer.deserializeFixedBytes(16);
+    return new _Ciphertext(iv, ct, tag);
+  }
+  static fromBytes(bytes) {
+    let deserializer = new import_ts_sdk9.Deserializer(bytes);
+    const result = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid ciphertext bytes");
+    }
+    return result;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils13.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeFixedBytes(this.iv);
+    serializer.serializeBytes(this.ct);
+    serializer.serializeFixedBytes(this.tag);
+  }
+  toBytes() {
+    let serializer = new import_ts_sdk9.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils13.bytesToHex)(this.toBytes());
+  }
+};
+function keygen7() {
+  return new Key(randBytes(32));
+}
+function encrypt5(key, plaintext) {
+  const nonce = randBytes(12);
+  return encryptWithRandomness5(key, plaintext, nonce);
+}
+function encryptWithRandomness5(key, plaintext, randomness) {
+  const nonce = randomness.slice(0, 12);
+  const gcmInstance = (0, import_aes.gcm)(key.inner, nonce);
+  const encrypted = gcmInstance.encrypt(plaintext);
+  const tagLength = 16;
+  const ciphertext = encrypted.slice(0, -tagLength);
+  const tag = encrypted.slice(-tagLength);
+  return new Ciphertext5(nonce, ciphertext, tag);
+}
+function decrypt5(key, ciphertext) {
+  const gcmInstance = (0, import_aes.gcm)(key.inner, ciphertext.iv);
+  const encryptedData = new Uint8Array(ciphertext.ct.length + ciphertext.tag.length);
+  encryptedData.set(ciphertext.ct, 0);
+  encryptedData.set(ciphertext.tag, ciphertext.ct.length);
+  try {
+    return gcmInstance.decrypt(encryptedData);
+  } catch (e) {
+    console.log("Failed to decrypt AES-256-GCM ciphertext", e);
+    return void 0;
+  }
+}
+
+// src/sym/index.ts
+var SCHEME_AES256GCM = 0;
+var Key2 = class _Key {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_AES256GCM) {
+      const inner = Key.deserialize(deserializer);
+      return new _Key(scheme, inner);
+    }
+    throw new Error("Invalid scheme");
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk10.Deserializer(bytes);
+    const result = _Key.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid key bytes");
+    }
+    return result;
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme === SCHEME_AES256GCM) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error("Invalid scheme");
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk10.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils15.bytesToHex)(this.toBytes());
+  }
+};
+var Ciphertext6 = class _Ciphertext {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static dummy() {
+    return new _Ciphertext(SCHEME_AES256GCM, Ciphertext5.dummy());
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === SCHEME_AES256GCM) {
+      const inner = Ciphertext5.deserialize(deserializer);
+      return new _Ciphertext(scheme, inner);
+    }
+    throw new Error("Invalid scheme");
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk10.Deserializer(bytes);
+    const result = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Invalid ciphertext bytes");
+    }
+    return result;
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk10.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils15.bytesToHex)(this.toBytes());
+  }
+};
+function keygen8(scheme) {
+  if (scheme === void 0) {
+    scheme = SCHEME_AES256GCM;
+  }
+  if (scheme === SCHEME_AES256GCM) {
+    return new Key2(SCHEME_AES256GCM, keygen7());
+  }
+  throw new Error("Invalid scheme");
+}
+function encrypt6(key, plaintext) {
+  if (key.scheme === SCHEME_AES256GCM) {
+    return new Ciphertext6(SCHEME_AES256GCM, encrypt5(key.inner, plaintext));
+  }
+  throw new Error("Invalid scheme");
+}
+function encryptWithRandomness6(key, plaintext, randomness) {
+  if (key.scheme === SCHEME_AES256GCM) {
+    return new Ciphertext6(SCHEME_AES256GCM, encryptWithRandomness5(key.inner, plaintext, randomness));
+  }
+  throw new Error("Invalid scheme");
+}
+function decrypt6(key, ciphertext) {
+  if (key.scheme === SCHEME_AES256GCM) {
+    return decrypt5(key.inner, ciphertext.inner);
+  }
+  throw new Error("Invalid scheme");
+}
+
+// src/worker_config.ts
+var worker_config_exports = {};
+__export(worker_config_exports, {
+  WorkerConfig: () => WorkerConfig,
+  get: () => get,
+  randWorker: () => randWorker,
+  view: () => view
+});
+var import_ts_sdk11 = require("@aptos-labs/ts-sdk");
+var import_utils16 = require("@noble/curves/utils");
+var WorkerConfig = class _WorkerConfig {
+  expiryTimeMicrosecs;
+  endpoint;
+  encEk;
+  sigVk;
+  ibeMpk;
+  constructor(expiryTimeMicrosecs, endpoint, encEk, sigVk, ibeMpk) {
+    this.expiryTimeMicrosecs = expiryTimeMicrosecs;
+    this.endpoint = endpoint;
+    this.encEk = encEk;
+    this.sigVk = sigVk;
+    this.ibeMpk = ibeMpk;
+  }
+  static dummy() {
+    const encDk = keygen2();
+    const encEk = deriveEncryptionKey2(encDk);
+    const sigSk = keygen6();
+    const sigVk = deriveVerifyingKey2(sigSk);
+    const ibeMsk = keygen4();
+    const ibeMpk = derivePublicKey2(ibeMsk);
+    return new _WorkerConfig(1e18, "http://localhost:3000", encEk, sigVk, ibeMpk);
+  }
+  static deserialize(deserializer) {
+    const expiryTimeMicrosecs = Number(deserializer.deserializeU64());
+    const endpoint = deserializer.deserializeStr();
+    const encEk = EncryptionKey.deserialize(deserializer);
+    const sigVk = VerifyingKey.deserialize(deserializer);
+    const ibeMpk = MasterPublicKey2.deserialize(deserializer);
+    return new _WorkerConfig(expiryTimeMicrosecs, endpoint, encEk, sigVk, ibeMpk);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk11.Deserializer(bytes);
+    return _WorkerConfig.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _WorkerConfig.fromBytes((0, import_utils16.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU64(BigInt(this.expiryTimeMicrosecs));
+    serializer.serializeStr(this.endpoint);
+    this.encEk.serialize(serializer);
+    this.sigVk.serialize(serializer);
+    this.ibeMpk.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk11.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils16.bytesToHex)(this.toBytes());
+  }
+  toPrettyJson() {
+    return JSON.stringify({
+      expiryTimeMicrosecs: this.expiryTimeMicrosecs,
+      endpoint: this.endpoint,
+      encEk: this.encEk.toHex(),
+      sigVk: this.sigVk.toHex(),
+      ibeMpk: this.ibeMpk.toHex()
+    }, null, 2);
+  }
+};
+async function view(aptos, worker) {
+  const moduleAddrHex = aptos.config.network === import_ts_sdk11.Network.SHELBYNET ? utils_exports.SHELBYNET_CONTRACT_ADDRESS_HEX : utils_exports.CONTRACT_ADDRESS_HEX;
+  const configBcsMoveVals = await aptos.view({
+    payload: {
+      function: `${moduleAddrHex}::worker_config::get_bcs`,
+      typeArguments: [],
+      functionArguments: [worker]
+    }
+  });
+  return WorkerConfig.fromHex(configBcsMoveVals[0].toString().slice(2));
+}
+async function get(workerEndpoint) {
+  const url = `${workerEndpoint}/config_bcs`;
+  const response = await fetch(url, {
+    method: "GET"
+  });
+  if (!response.ok) {
+    throw new Error(`Failed to fetch worker config: ${response.status} ${response.statusText}`);
+  }
+  const hex = await response.text();
+  return WorkerConfig.fromHex(hex);
+}
+function randWorker() {
+  const addr = new import_ts_sdk11.AccountAddress(utils_exports.randBytes(32));
+  const encDk = keygen2();
+  const encEk = deriveEncryptionKey2(encDk);
+  const sigSk = keygen6();
+  const sigVk = deriveVerifyingKey2(sigSk);
+  const ibeMsk = keygen4();
+  const ibeMpk = derivePublicKey2(ibeMsk);
+  const config = new WorkerConfig(1e6, "http://localhost:3000", encEk, sigVk, ibeMpk);
+  return { addr, config, encDk, sigSk, ibeMsk };
+}
+
+// src/worker_task.ts
+var import_ts_sdk15 = require("@aptos-labs/ts-sdk");
+var import_utils20 = require("@noble/hashes/utils");
+
+// src/threshold-ibe/index.ts
+var threshold_ibe_exports = {};
+__export(threshold_ibe_exports, {
+  Ciphertext: () => Ciphertext7,
+  Committee: () => Committee,
+  ContractID: () => ContractID3,
+  DecryptionKey: () => DecryptionKey2,
+  EncryptionKey: () => EncryptionKey2,
+  FullDecryptionDomain: () => FullDecryptionDomain,
+  ProofOfPermission: () => ProofOfPermission3,
+  decrypt: () => decrypt7,
+  encrypt: () => encrypt7,
+  verifyAndExtract: () => verifyAndExtract
+});
+var import_ts_sdk14 = require("@aptos-labs/ts-sdk");
+var import_utils19 = require("@noble/hashes/utils");
+var SolanaSDK = __toESM(require("@solana/web3.js"));
+
+// src/threshold-ibe/aptos.ts
+var import_ts_sdk12 = require("@aptos-labs/ts-sdk");
+var import_utils17 = require("@noble/hashes/utils");
+var ContractID = class _ContractID {
+  chainId;
+  moduleAddr;
+  moduleName;
+  functionName;
+  constructor(chainId, moduleAddr, moduleName, functionName) {
+    this.chainId = chainId;
+    this.moduleAddr = moduleAddr;
+    this.moduleName = moduleName;
+    this.functionName = functionName;
+  }
+  static dummy() {
+    return new _ContractID(0, import_ts_sdk12.AccountAddress.fromString("0x1"), "module3", "function3");
+  }
+  static deserialize(deserializer) {
+    const chainId = deserializer.deserializeU8();
+    const moduleAddr = deserializer.deserialize(import_ts_sdk12.AccountAddress);
+    const moduleName = deserializer.deserializeStr();
+    const functionName = deserializer.deserializeStr();
+    return new _ContractID(chainId, moduleAddr, moduleName, functionName);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk12.Deserializer(bytes);
+    const ret = _ContractID.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("ContractID deserialization failed: extra bytes");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils17.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.chainId);
+    serializer.serialize(this.moduleAddr);
+    serializer.serializeStr(this.moduleName);
+    serializer.serializeStr(this.functionName);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk12.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils17.bytesToHex)(this.toBytes());
+  }
+  toPrettyMessage(indent = 0) {
+    const pad = "  ".repeat(indent);
+    return `
+${pad}chainId: ${this.chainId}
+${pad}moduleAddr: ${this.moduleAddr.toStringLong()}
+${pad}moduleName: ${this.moduleName}
+${pad}functionName: ${this.functionName}`;
+  }
+};
+var PK_SCHEME_ED25519 = 0;
+var PK_SCHEME_ANY = 1;
+var PK_SCHEME_MULTI_ED25519 = 2;
+var PK_SCHEME_MULTI_KEY = 3;
+var PK_SCHEME_KEYLESS = 4;
+var PK_SCHEME_FEDERATED_KEYLESS = 5;
+function getPublicKeyScheme(publicKey) {
+  if (publicKey instanceof import_ts_sdk12.Ed25519PublicKey) {
+    return PK_SCHEME_ED25519;
+  } else if (publicKey instanceof import_ts_sdk12.AnyPublicKey) {
+    return PK_SCHEME_ANY;
+  } else if (publicKey instanceof import_ts_sdk12.MultiEd25519PublicKey) {
+    return PK_SCHEME_MULTI_ED25519;
+  } else if (publicKey instanceof import_ts_sdk12.MultiKey) {
+    return PK_SCHEME_MULTI_KEY;
+  } else if (publicKey instanceof import_ts_sdk12.KeylessPublicKey) {
+    return PK_SCHEME_KEYLESS;
+  } else if (publicKey instanceof import_ts_sdk12.FederatedKeylessPublicKey) {
+    return PK_SCHEME_FEDERATED_KEYLESS;
+  } else {
+    throw new Error(`Unsupported public key type: ${publicKey.constructor.name}`);
+  }
+}
+function deserializePublicKey(scheme, deserializer) {
+  if (scheme === PK_SCHEME_ED25519) {
+    return deserializer.deserialize(import_ts_sdk12.Ed25519PublicKey);
+  } else if (scheme === PK_SCHEME_ANY) {
+    return deserializer.deserialize(import_ts_sdk12.AnyPublicKey);
+  } else if (scheme === PK_SCHEME_MULTI_ED25519) {
+    return deserializer.deserialize(import_ts_sdk12.MultiEd25519PublicKey);
+  } else if (scheme === PK_SCHEME_MULTI_KEY) {
+    return deserializer.deserialize(import_ts_sdk12.MultiKey);
+  } else if (scheme === PK_SCHEME_KEYLESS) {
+    return deserializer.deserialize(import_ts_sdk12.KeylessPublicKey);
+  } else if (scheme === PK_SCHEME_FEDERATED_KEYLESS) {
+    return deserializer.deserialize(import_ts_sdk12.FederatedKeylessPublicKey);
+  } else {
+    throw new Error(`Unsupported public key scheme: ${scheme}`);
+  }
+}
+var SIG_SCHEME_ED25519 = 0;
+var SIG_SCHEME_ANY = 1;
+var SIG_SCHEME_MULTI_ED25519 = 2;
+var SIG_SCHEME_MULTI_KEY = 3;
+var SIG_SCHEME_KEYLESS = 4;
+function getSignatureScheme(signature) {
+  if (signature instanceof import_ts_sdk12.Ed25519Signature) {
+    return SIG_SCHEME_ED25519;
+  } else if (signature instanceof import_ts_sdk12.AnySignature) {
+    return SIG_SCHEME_ANY;
+  } else if (signature instanceof import_ts_sdk12.MultiEd25519Signature) {
+    return SIG_SCHEME_MULTI_ED25519;
+  } else if (signature instanceof import_ts_sdk12.MultiKeySignature) {
+    return SIG_SCHEME_MULTI_KEY;
+  } else if (signature instanceof import_ts_sdk12.KeylessSignature) {
+    return SIG_SCHEME_KEYLESS;
+  } else {
+    throw new Error(`Unsupported signature type: ${signature.constructor.name}`);
+  }
+}
+function deserializeSignature(scheme, deserializer) {
+  if (scheme === SIG_SCHEME_ED25519) {
+    return deserializer.deserialize(import_ts_sdk12.Ed25519Signature);
+  } else if (scheme === SIG_SCHEME_ANY) {
+    return deserializer.deserialize(import_ts_sdk12.AnySignature);
+  } else if (scheme === SIG_SCHEME_MULTI_ED25519) {
+    return deserializer.deserialize(import_ts_sdk12.MultiEd25519Signature);
+  } else if (scheme === SIG_SCHEME_MULTI_KEY) {
+    return deserializer.deserialize(import_ts_sdk12.MultiKeySignature);
+  } else if (scheme === SIG_SCHEME_KEYLESS) {
+    return deserializer.deserialize(import_ts_sdk12.KeylessSignature);
+  } else {
+    throw new Error(`Unsupported signature scheme: ${scheme}`);
+  }
+}
+var ProofOfPermission = class _ProofOfPermission {
+  userAddr;
+  publicKeyScheme;
+  publicKey;
+  signatureScheme;
+  signature;
+  fullMessage;
+  constructor({ userAddr, publicKey, signature, fullMessage }) {
+    this.userAddr = userAddr;
+    this.publicKey = publicKey;
+    this.signature = signature;
+    this.fullMessage = fullMessage;
+    this.publicKeyScheme = getPublicKeyScheme(publicKey);
+    this.signatureScheme = getSignatureScheme(signature);
+  }
+  static deserialize(deserializer) {
+    const userAddr = deserializer.deserialize(import_ts_sdk12.AccountAddress);
+    const authenticationScheme = deserializer.deserializeU8();
+    const publicKey = deserializePublicKey(authenticationScheme, deserializer);
+    const signatureScheme = deserializer.deserializeU8();
+    const signature = deserializeSignature(signatureScheme, deserializer);
+    const fullMessage = deserializer.deserializeStr();
+    return new _ProofOfPermission({ userAddr, publicKey, signature, fullMessage });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk12.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils17.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serialize(this.userAddr);
+    serializer.serializeU8(this.publicKeyScheme);
+    serializer.serialize(this.publicKey);
+    serializer.serializeU8(this.signatureScheme);
+    serializer.serialize(this.signature);
+    serializer.serializeStr(this.fullMessage);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk12.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils17.bytesToHex)(this.toBytes());
+  }
+};
+async function verifyPermission({ fullDecryptionDomain, proof }) {
+  const aptos = createAptos(getChainNameFromChainId(fullDecryptionDomain.getAptosContractID().chainId));
+  const taskVerifySig = async () => {
+    const msgToSign = fullDecryptionDomain.toPrettyMessage();
+    const msgToSignHex = (0, import_utils17.bytesToHex)(new TextEncoder().encode(msgToSign));
+    const fullMessageFromPetra = proof.fullMessage.includes(msgToSign);
+    const fullMessageFromAptosConnect = proof.fullMessage.includes(msgToSignHex);
+    if (!fullMessageFromPetra && !fullMessageFromAptosConnect) return false;
+    try {
+      return await proof.publicKey.verifySignatureAsync({
+        aptosConfig: aptos.config,
+        message: proof.fullMessage,
+        signature: proof.signature
+      });
+    } catch (error) {
+      return false;
+    }
+  };
+  const taskCheckAuthKey = async () => {
+    try {
+      const onChainAuthKeyBytes = await getAccountAuthKeyBytes(aptos, proof.userAddr);
+      const userAuthKeyBytes = proof.publicKey.authKey().bcsToBytes();
+      const onChainHex = (0, import_utils17.bytesToHex)(onChainAuthKeyBytes);
+      const userHex = (0, import_utils17.bytesToHex)(userAuthKeyBytes);
+      console.log(`onChainHex: ${onChainHex}`);
+      console.log(`userHex   : ${userHex}`);
+      return onChainHex === userHex;
+    } catch (error) {
+      return false;
+    }
+  };
+  const taskCheckPermission = async () => {
+    const contractId = fullDecryptionDomain.getAptosContractID();
+    try {
+      const userIsPermittedMoveVal = await view2(
+        aptos,
+        `${contractId.moduleAddr.toStringLong()}::${contractId.moduleName}::${contractId.functionName}`,
+        [],
+        [proof.userAddr, fullDecryptionDomain.domain]
+      );
+      return userIsPermittedMoveVal?.toString() === "true";
+    } catch (error) {
+      return false;
+    }
+  };
+  const [sigIsValid, authKeyMatches, userIsPermitted] = await Promise.all([
+    taskVerifySig(),
+    taskCheckAuthKey(),
+    taskCheckPermission()
+  ]);
+  if (!sigIsValid) {
+    throw new Error("Signature invalid.");
+  }
+  if (!authKeyMatches) {
+    throw new Error("Authentication key mismatch: on-chain key does not match provided public key.");
+  }
+  if (!userIsPermitted) {
+    throw new Error("Permission denied.");
+  }
+}
+function getChainNameFromChainId(chainId) {
+  if (chainId === 1) {
+    return "mainnet";
+  } else if (chainId === 2) {
+    return "testnet";
+  } else if (chainId === 14) {
+    return "devnet";
+  } else if (chainId >= 104) {
+    return "shelbynet";
+  } else {
+    throw new Error(`Unknown chain id: ${chainId}`);
+  }
+}
+function createAptos(networkName) {
+  let config;
+  if (networkName === "mainnet") {
+    config = new import_ts_sdk12.AptosConfig({ network: import_ts_sdk12.Network.MAINNET });
+  } else if (networkName === "testnet") {
+    config = new import_ts_sdk12.AptosConfig({ network: import_ts_sdk12.Network.TESTNET });
+  } else if (networkName === "devnet") {
+    config = new import_ts_sdk12.AptosConfig({ network: import_ts_sdk12.Network.DEVNET });
+  } else if (networkName === "shelbynet") {
+    config = new import_ts_sdk12.AptosConfig({
+      network: import_ts_sdk12.Network.CUSTOM,
+      fullnode: "https://api.shelbynet.shelby.xyz/v1"
+    });
+  } else {
+    throw new Error(`Unsupported network name: ${networkName}`);
+  }
+  return new import_ts_sdk12.Aptos(config);
+}
+async function getAccountAuthKeyBytes(aptos, address) {
+  const accountInfo = await aptos.getAccountInfo({ accountAddress: address });
+  return (0, import_utils17.hexToBytes)(accountInfo.authentication_key.replace("0x", ""));
+}
+async function view2(aptos, func, typeArguments, functionArguments) {
+  const result = await aptos.view({
+    payload: {
+      function: func,
+      typeArguments,
+      functionArguments
+    }
+  });
+  if (result.length === 0) {
+    throw new Error(`View function returned empty result`);
+  }
+  return result[0];
+}
+
+// src/threshold-ibe/solana.ts
+var import_ts_sdk13 = require("@aptos-labs/ts-sdk");
+var import_utils18 = require("@noble/hashes/utils");
+var import_web3 = require("@solana/web3.js");
+var ContractID2 = class _ContractID {
+  knownChainName;
+  // mainnet-beta/testnet/devnet
+  programId;
+  constructor({ knownChainName, programId }) {
+    this.knownChainName = knownChainName;
+    this.programId = programId;
+  }
+  static deserialize(deserializer) {
+    const knownChainName = deserializer.deserializeStr();
+    const programId = new import_web3.PublicKey(deserializer.deserializeBytes());
+    return new _ContractID({ knownChainName, programId });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk13.Deserializer(bytes);
+    return _ContractID.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils18.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeStr(this.knownChainName);
+    serializer.serializeBytes(this.programId.toBytes());
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk13.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils18.bytesToHex)(this.toBytes());
+  }
+  toPrettyMessage(indent = 0) {
+    const pad = "  ".repeat(indent);
+    return `
+${pad}knownChainName: ${this.knownChainName}
+${pad}programId: ${this.programId.toBase58()}`;
+  }
+};
+var ProofOfPermission2 = class _ProofOfPermission {
+  static SCHEME_UNVERSIONED = 0;
+  static SCHEME_VERSIONED = 1;
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newVersioned(txn) {
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_VERSIONED, txn);
+  }
+  static newUnversioned(txn) {
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_UNVERSIONED, txn);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    const bytes = deserializer.deserializeBytes();
+    if (scheme == _ProofOfPermission.SCHEME_VERSIONED) {
+      const inner = import_web3.VersionedTransaction.deserialize(bytes);
+      return new _ProofOfPermission(_ProofOfPermission.SCHEME_VERSIONED, inner);
+    } else if (scheme == _ProofOfPermission.SCHEME_UNVERSIONED) {
+      const inner = import_web3.Transaction.from(Buffer.from(bytes));
+      return new _ProofOfPermission(_ProofOfPermission.SCHEME_UNVERSIONED, inner);
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk13.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils18.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == _ProofOfPermission.SCHEME_VERSIONED) {
+      serializer.serializeBytes(this.inner.serialize());
+    } else if (this.scheme == _ProofOfPermission.SCHEME_UNVERSIONED) {
+      serializer.serializeBytes(this.inner.serialize());
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk13.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils18.bytesToHex)(this.toBytes());
+  }
+};
+async function verifyPermission2({ fullDecryptionDomain, proof }) {
+  const txn = proof.inner;
+  assertTransactionValid({ txn, fullDecryptionDomain });
+  await assertTransactionSimulationPasses(txn, fullDecryptionDomain.getSolanaContractID().knownChainName);
+}
+function assertTransactionValid({ txn, fullDecryptionDomain }) {
+  let instructions;
+  if (txn instanceof import_web3.VersionedTransaction) {
+    const message = txn.message;
+    instructions = message.compiledInstructions.map((ix) => {
+      if (ix.programIdIndex >= message.staticAccountKeys.length) {
+        throw new Error(`Program ID index ${ix.programIdIndex} is out of bounds for static account keys (length: ${message.staticAccountKeys.length}). Address table lookups are not supported for validation.`);
+      }
+      const programId = message.staticAccountKeys[ix.programIdIndex];
+      return { programId, data: Buffer.from(ix.data) };
+    });
+  } else {
+    instructions = txn.instructions.map((ix) => ({
+      programId: ix.programId,
+      data: Buffer.from(ix.data)
+    }));
+  }
+  if (instructions.length !== 1) {
+    throw new Error(`transaction must contain exactly 1 instruction, found ${instructions.length}`);
+  }
+  const instruction = instructions[0];
+  if (!instruction.programId.equals(fullDecryptionDomain.getSolanaContractID().programId)) {
+    throw new Error(`transaction instruction program ID (${instruction.programId.toString()}) does not match contract program ID`);
+  }
+  const instructionData = instruction.data;
+  if (instructionData.length < 12) {
+    throw new Error("instruction data too short (must be at least 12 bytes: 8-byte discriminator + 4-byte Vec length)");
+  }
+  const paramData = instructionData.slice(8);
+  const vecLength = paramData.readUInt32LE(0);
+  if (paramData.length < 4 + vecLength) {
+    throw new Error(`instruction data incomplete: expected ${4 + vecLength} bytes after discriminator, found ${paramData.length}`);
+  }
+  const fullBlobNameBytes = paramData.slice(4, 4 + vecLength);
+  const expectedParamDataLength = 4 + vecLength;
+  if (paramData.length > expectedParamDataLength) {
+    throw new Error(`instruction data has extra bytes: expected exactly ${expectedParamDataLength} bytes after discriminator, found ${paramData.length}`);
+  }
+  if ((0, import_utils18.bytesToHex)(fullBlobNameBytes) !== fullDecryptionDomain.toHex()) {
+    throw new Error(`domain mismatch: instruction parameter does not match decryptionContext.domain`);
+  }
+}
+async function assertTransactionSimulationPasses(txn, chainName) {
+  let rpcUrl;
+  if (chainName === "localnet" || chainName === "localhost") {
+    rpcUrl = "http://127.0.0.1:8899";
+  } else if (chainName === "devnet") {
+    rpcUrl = "https://api.devnet.solana.com";
+  } else if (chainName === "testnet") {
+    rpcUrl = "https://api.testnet.solana.com";
+  } else if (chainName === "mainnet-beta") {
+    rpcUrl = "https://api.mainnet-beta.solana.com";
+  } else {
+    throw new Error(`Unknown chain name: ${chainName}`);
+  }
+  const connection = new import_web3.Connection(rpcUrl, "confirmed");
+  let simulation;
+  if (txn instanceof import_web3.VersionedTransaction) {
+    simulation = await connection.simulateTransaction(txn, {
+      sigVerify: true
+    });
+  } else {
+    simulation = await connection.simulateTransaction(txn);
+  }
+  if (simulation.value.err) {
+    throw new Error(`transaction simulation failed: ${JSON.stringify(simulation.value.err)}`);
+  }
+}
+
+// src/threshold-ibe/index.ts
+var Committee = class _Committee {
+  workerEndpoints;
+  threshold;
+  constructor({ workerEndpoints, threshold }) {
+    if (workerEndpoints.length === 0) throw new Error("workerEndpoints must be non-empty");
+    if (threshold === 0) throw new Error("threshold must be greater than 0");
+    if (threshold > workerEndpoints.length) throw new Error("threshold must be less than or equal to the number of workerEndpoints");
+    this.workerEndpoints = workerEndpoints;
+    this.threshold = threshold;
+  }
+  static dummy() {
+    return new _Committee({ workerEndpoints: ["http://localhost:3000"], threshold: 1 });
+  }
+  static deserialize(deserializer) {
+    const numWorkerEndpoints = deserializer.deserializeUleb128AsU32();
+    const workerEndpoints = Array.from({ length: numWorkerEndpoints }, () => deserializer.deserializeStr());
+    const threshold = Number(deserializer.deserializeU64());
+    return new _Committee({ workerEndpoints, threshold });
+  }
+  serialize(serializer) {
+    serializer.serializeU32AsUleb128(this.workerEndpoints.length);
+    this.workerEndpoints.forEach((workerEndpoint) => serializer.serializeStr(workerEndpoint));
+    serializer.serializeU64(this.threshold);
+  }
+  toPrettyMessage(indent = 0) {
+    const pad = "  ".repeat(indent);
+    const endpoints = this.workerEndpoints.map((e) => `
+${pad}  - ${e}`).join("");
+    return `
+${pad}workerEndpoints:${endpoints}
+${pad}threshold: ${this.threshold}`;
+  }
+};
+var ContractID3 = class _ContractID {
+  static SCHEME_APTOS = 0;
+  static SCHEME_SOLANA = 1;
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newAptos({ chainId, moduleAddr, moduleName, functionName }) {
+    return new _ContractID(_ContractID.SCHEME_APTOS, new ContractID(chainId, moduleAddr, moduleName, functionName));
+  }
+  static newSolana({ knownChainName, programId }) {
+    return new _ContractID(_ContractID.SCHEME_SOLANA, new ContractID2({ knownChainName, programId }));
+  }
+  static dummy() {
+    return new _ContractID(_ContractID.SCHEME_APTOS, ContractID.dummy());
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme == _ContractID.SCHEME_APTOS) {
+      return new _ContractID(_ContractID.SCHEME_APTOS, ContractID.deserialize(deserializer));
+    } else if (scheme == _ContractID.SCHEME_SOLANA) {
+      return new _ContractID(_ContractID.SCHEME_SOLANA, ContractID2.deserialize(deserializer));
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk14.Deserializer(bytes);
+    return _ContractID.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils19.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == _ContractID.SCHEME_APTOS) {
+      this.inner.serialize(serializer);
+    } else if (this.scheme == _ContractID.SCHEME_SOLANA) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk14.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils19.bytesToHex)(this.toBytes());
+  }
+  toPrettyMessage(indent = 0) {
+    const pad = "  ".repeat(indent);
+    const schemeName = this.scheme === _ContractID.SCHEME_APTOS ? "aptos" : "solana";
+    const innerMsg = this.inner.toPrettyMessage(indent + 2);
+    return `
+${pad}scheme: ${schemeName}
+${pad}inner:${innerMsg}`;
+  }
+};
+var EncryptionKey2 = class _EncryptionKey {
+  ibeMpks;
+  constructor({ ibeMpks }) {
+    this.ibeMpks = ibeMpks;
+  }
+  static async fetch({ committee }) {
+    const ibeMpks = await Promise.all(committee.workerEndpoints.map(async (endpoint) => {
+      const config = await worker_config_exports.get(endpoint);
+      return config.ibeMpk;
+    }));
+    return new _EncryptionKey({ ibeMpks });
+  }
+};
+var DecryptionKey2 = class _DecryptionKey {
+  ibeDecryptionKeys;
+  constructor(ibeDecryptionKeys) {
+    this.ibeDecryptionKeys = ibeDecryptionKeys;
+  }
+  static async fetch({ committee, contractId, domain, proof }) {
+    const decKeyLoadResults = await Promise.all(committee.workerEndpoints.map(async (workerEndpoint) => {
+      const task = WorkerTask.newThresholdIbeDecryptionKey({ committee, contractId, domain, proof });
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), 5e3);
+      var response = null;
+      try {
+        response = await fetch(workerEndpoint, {
+          method: "POST",
+          body: task.toHex(),
+          signal: controller.signal
+        });
+      } catch (error) {
+        clearTimeout(timeoutId);
+      }
+      if (response == null) {
+        return new WorkerTimedOut();
+      }
+      const responseBody = await response.text();
+      if (response.status !== 200) {
+        return new WorkerRejected(response.status, responseBody);
+      }
+      try {
+        return IdentityPrivateKey2.fromHex(responseBody);
+      } catch (error) {
+        return new CouldNotParseDecryptionKey(responseBody);
+      }
+    }));
+    const numSharesCollected = decKeyLoadResults.filter((loadResult) => loadResult instanceof IdentityPrivateKey2).length;
+    if (numSharesCollected < committee.threshold) {
+      const workerResults = committee.workerEndpoints.map((workerEndpoint, i) => {
+        const result = decKeyLoadResults[i];
+        return `${workerEndpoint}: ${result instanceof IdentityPrivateKey2 ? "Success" : result.toDisplayString()}`;
+      }).join(", ");
+      throw new Error(`Failed to collect enough shares to decrypt. Collected ${numSharesCollected} shares, but needed ${committee.threshold} shares. Worker results: ${workerResults}`);
+    }
+    const decKeys = decKeyLoadResults.map((loadResult) => loadResult instanceof IdentityPrivateKey2 ? loadResult : null);
+    return new _DecryptionKey(decKeys);
+  }
+};
+var Ciphertext7 = class _Ciphertext {
+  aesCiph;
+  ibeCiphs;
+  constructor(aesCiph, ibeCiphs) {
+    this.aesCiph = aesCiph;
+    this.ibeCiphs = ibeCiphs;
+  }
+  static dummy() {
+    return new _Ciphertext(Ciphertext6.dummy(), []);
+  }
+  static deserialize(deserializer) {
+    const aesCiph = Ciphertext6.deserialize(deserializer);
+    const ibeCiphs = deserializer.deserializeVector(Ciphertext4);
+    return new _Ciphertext(aesCiph, ibeCiphs);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk14.Deserializer(bytes);
+    const ret = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Ciphertext deserialization failed: extra bytes");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils19.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.aesCiph.serialize(serializer);
+    serializer.serializeU32AsUleb128(this.ibeCiphs.length);
+    this.ibeCiphs.forEach((ibeCiph) => ibeCiph.serialize(serializer));
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk14.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+var FullDecryptionDomain = class _FullDecryptionDomain {
+  committee;
+  contractId;
+  domain;
+  constructor({ committee, contractId, domain }) {
+    this.committee = committee;
+    this.contractId = contractId;
+    this.domain = domain;
+  }
+  static dummy() {
+    return new _FullDecryptionDomain({
+      committee: Committee.dummy(),
+      contractId: ContractID3.dummy(),
+      domain: new Uint8Array(0)
+    });
+  }
+  static deserialize(deserializer) {
+    const committee = Committee.deserialize(deserializer);
+    const contractId = ContractID3.deserialize(deserializer);
+    const domain = deserializer.deserializeBytes();
+    return new _FullDecryptionDomain({ committee, contractId, domain });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk14.Deserializer(bytes);
+    const ret = _FullDecryptionDomain.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("FullDecryptionDomain deserialization failed: extra bytes");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _FullDecryptionDomain.fromBytes((0, import_utils19.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.committee.serialize(serializer);
+    this.contractId.serialize(serializer);
+    serializer.serializeBytes(this.domain);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk14.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils19.bytesToHex)(this.toBytes());
+  }
+  toPrettyMessage(indent = 0) {
+    const pad = "  ".repeat(indent);
+    return `
+${pad}committee:${this.committee.toPrettyMessage(indent + 1)}
+${pad}contractId:${this.contractId.toPrettyMessage(indent + 1)}
+${pad}domain: 0x${(0, import_utils19.bytesToHex)(this.domain)}`;
+  }
+  getSolanaContractID() {
+    if (this.contractId.scheme != ContractID3.SCHEME_SOLANA) {
+      throw new Error("ContractID is not a Solana contract ID");
+    }
+    return this.contractId.inner;
+  }
+  getAptosContractID() {
+    if (this.contractId.scheme != ContractID3.SCHEME_APTOS) {
+      throw new Error("ContractID is not a Aptos contract ID");
+    }
+    return this.contractId.inner;
+  }
+};
+var ProofOfPermission3 = class _ProofOfPermission {
+  static SCHEME_APTOS = 0;
+  static SCHEME_SOLANA = 1;
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  /** @deprecated Use `ProofOfPermission.createAptos()` instead */
+  static newAptos(id) {
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_APTOS, id);
+  }
+  /** @deprecated Use `ProofOfPermission.createSolana()` instead */
+  static newSolana(id) {
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_SOLANA, id);
+  }
+  static createAptos({ userAddr, publicKey, signature, fullMessage }) {
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_APTOS, new ProofOfPermission({ userAddr, publicKey, signature, fullMessage }));
+  }
+  static createSolana({ txn }) {
+    const solanaProof = txn instanceof SolanaSDK.VersionedTransaction ? ProofOfPermission2.newVersioned(txn) : ProofOfPermission2.newUnversioned(txn);
+    return new _ProofOfPermission(_ProofOfPermission.SCHEME_SOLANA, solanaProof);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme == _ProofOfPermission.SCHEME_APTOS) {
+      return new _ProofOfPermission(_ProofOfPermission.SCHEME_APTOS, ProofOfPermission.deserialize(deserializer));
+    } else if (scheme == _ProofOfPermission.SCHEME_SOLANA) {
+      return new _ProofOfPermission(_ProofOfPermission.SCHEME_SOLANA, ProofOfPermission2.deserialize(deserializer));
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk14.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils19.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == _ProofOfPermission.SCHEME_APTOS) {
+      this.inner.serialize(serializer);
+    } else if (this.scheme == _ProofOfPermission.SCHEME_SOLANA) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk14.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils19.bytesToHex)(this.toBytes());
+  }
+};
+function encrypt7({ committee, encryptionKey, contractId, domain, plaintext }) {
+  if (committee.workerEndpoints.length !== encryptionKey.ibeMpks.length) {
+    throw new Error("committee.workerEndpoints.length !== encryptionKey.ibeMpks.length");
+  }
+  const fullDecryptionDomain = new FullDecryptionDomain({
+    committee,
+    contractId,
+    domain
+  });
+  const symmKey = keygen8();
+  const symmKeyShares = split(symmKey.toBytes(), committee.threshold, committee.workerEndpoints.length);
+  const symmCiph = encrypt6(symmKey, plaintext);
+  const ibeCiphs = symmKeyShares.map((share, idx) => encrypt4(encryptionKey.ibeMpks[idx], fullDecryptionDomain.toBytes(), share.payload));
+  return { fullDecryptionDomain, ciphertext: new Ciphertext7(symmCiph, ibeCiphs) };
+}
+function decrypt7({ decryptionKey, ciphertext }) {
+  if (decryptionKey.ibeDecryptionKeys.length !== ciphertext.ibeCiphs.length) {
+    throw new Error("decryptionKey.ibeDecryptionKeys.length !== ciphertext.ibeCiphs.length");
+  }
+  const symmKeyShares = ciphertext.ibeCiphs.map((ibeCiph, idx) => {
+    if (decryptionKey.ibeDecryptionKeys[idx] == null) return null;
+    const sharePayload = decrypt4(decryptionKey.ibeDecryptionKeys[idx], ibeCiph);
+    if (sharePayload == null) return null;
+    return new Share(idx + 1, sharePayload);
+  }).filter((share) => share != null);
+  const symmKeyBytes = combine(symmKeyShares);
+  const symmKey = Key2.fromBytes(symmKeyBytes);
+  return decrypt6(symmKey, ciphertext.aesCiph);
+}
+async function verifyAndExtract({ ibeMsk, committee, contractId, domain, proof }) {
+  const decryptionContext = new FullDecryptionDomain({ committee, contractId, domain });
+  if (contractId.scheme == ContractID3.SCHEME_APTOS && proof.scheme == ProofOfPermission3.SCHEME_APTOS) {
+    await verifyPermission({ fullDecryptionDomain: decryptionContext, proof: proof.inner });
+  } else if (contractId.scheme == ContractID3.SCHEME_SOLANA && proof.scheme == ProofOfPermission3.SCHEME_SOLANA) {
+    await verifyPermission2({ fullDecryptionDomain: decryptionContext, proof: proof.inner });
+  } else {
+    throw new Error(`Unknown scheme: contractId=${contractId.scheme}, proof=${proof.scheme}`);
+  }
+  return extract2(ibeMsk, decryptionContext.toBytes());
+}
+var WorkerTimedOut = class {
+  toDisplayString() {
+    return "Timed out";
+  }
+};
+var WorkerRejected = class {
+  statusCode;
+  responseBody;
+  constructor(statusCode, responseBody) {
+    this.statusCode = statusCode;
+    this.responseBody = responseBody;
+  }
+  toDisplayString() {
+    return `Rejected: ${this.statusCode} ${this.responseBody}`;
+  }
+};
+var CouldNotParseDecryptionKey = class {
+  originalHex;
+  constructor(originalHex) {
+    this.originalHex = originalHex;
+  }
+  toDisplayString() {
+    return `Could not parse decryption key: ${this.originalHex}`;
+  }
+};
+
+// src/worker_task.ts
+var TYPE_SILENT_SETUP_DECRYPTION_KEY = 5;
+var TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY = 6;
+var TYPE_THRESHOLD_IBE_DECRYPTION_KEY = 7;
+var WorkerTask = class _WorkerTask {
+  taskType;
+  inner;
+  constructor(taskType, inner) {
+    if (taskType == TYPE_SILENT_SETUP_DECRYPTION_KEY && inner instanceof silent_setup_encryption_exports.RequestForDecryptionKey) {
+      this.taskType = TYPE_SILENT_SETUP_DECRYPTION_KEY;
+      this.inner = inner;
+    } else if (taskType == TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY && inner instanceof silent_setup_encryption_xchain_exports.RequestForDecryptionKey) {
+      this.taskType = TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY;
+      this.inner = inner;
+    } else if (taskType == TYPE_THRESHOLD_IBE_DECRYPTION_KEY && inner instanceof RequestForThresholdIbeDecryptionKey) {
+      this.taskType = TYPE_THRESHOLD_IBE_DECRYPTION_KEY;
+      this.inner = inner;
+    } else {
+      throw new Error(`Invalid task type: ${taskType}`);
+    }
+  }
+  static newSilentSetupDecryptionKey(decryptionContext, userAddr, publicKey, signature) {
+    return new _WorkerTask(TYPE_SILENT_SETUP_DECRYPTION_KEY, new silent_setup_encryption_exports.RequestForDecryptionKey(decryptionContext, userAddr, publicKey, signature));
+  }
+  static newXChainSilentSetupDecryptionKey(decryptionContext, proofOfPermission) {
+    return new _WorkerTask(TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY, new silent_setup_encryption_xchain_exports.RequestForDecryptionKey(decryptionContext, proofOfPermission));
+  }
+  static newThresholdIbeDecryptionKey(args) {
+    return new _WorkerTask(TYPE_THRESHOLD_IBE_DECRYPTION_KEY, new RequestForThresholdIbeDecryptionKey(args));
+  }
+  static deserialize(deserializer) {
+    const taskType = deserializer.deserializeU8();
+    let inner;
+    if (taskType === TYPE_SILENT_SETUP_DECRYPTION_KEY) {
+      inner = silent_setup_encryption_exports.RequestForDecryptionKey.deserialize(deserializer);
+    } else if (taskType === TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY) {
+      inner = silent_setup_encryption_xchain_exports.RequestForDecryptionKey.deserialize(deserializer);
+    } else if (taskType === TYPE_THRESHOLD_IBE_DECRYPTION_KEY) {
+      inner = RequestForThresholdIbeDecryptionKey.deserialize(deserializer);
+    } else {
+      throw new Error(`Invalid task type: ${taskType}`);
+    }
+    return new _WorkerTask(taskType, inner);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk15.Deserializer(bytes);
+    return _WorkerTask.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _WorkerTask.fromBytes((0, import_utils20.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.taskType);
+    if (this.taskType === TYPE_SILENT_SETUP_DECRYPTION_KEY) {
+      this.inner.serialize(serializer);
+    } else if (this.taskType === TYPE_XCHAIN_SILENT_SETUP_DECRYPTION_KEY) {
+      this.inner.serialize(serializer);
+    } else if (this.taskType === TYPE_THRESHOLD_IBE_DECRYPTION_KEY) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Invalid task type: ${this.taskType}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk15.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils20.bytesToHex)(this.toBytes());
+  }
+  unpackThresholdIbeDecryptionKey() {
+    if (this.taskType !== TYPE_THRESHOLD_IBE_DECRYPTION_KEY) {
+      throw new Error(`Invalid task type: ${this.taskType}`);
+    }
+    const request = this.inner;
+    return {
+      committee: request.committee,
+      contractId: request.contractId,
+      domain: request.domain,
+      proof: request.proof
+    };
+  }
+};
+var RequestForThresholdIbeDecryptionKey = class _RequestForThresholdIbeDecryptionKey {
+  committee;
+  contractId;
+  domain;
+  proof;
+  constructor({ committee, contractId, domain, proof }) {
+    this.committee = committee;
+    this.contractId = contractId;
+    this.domain = domain;
+    this.proof = proof;
+  }
+  static deserialize(deserializer) {
+    const committee = Committee.deserialize(deserializer);
+    const contractId = ContractID3.deserialize(deserializer);
+    const domain = deserializer.deserializeBytes();
+    const proof = ProofOfPermission3.deserialize(deserializer);
+    return new _RequestForThresholdIbeDecryptionKey({ committee, contractId, domain, proof });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk15.Deserializer(bytes);
+    return _RequestForThresholdIbeDecryptionKey.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _RequestForThresholdIbeDecryptionKey.fromBytes((0, import_utils20.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.committee.serialize(serializer);
+    this.contractId.serialize(serializer);
+    serializer.serializeBytes(this.domain);
+    this.proof.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk15.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils20.bytesToHex)(this.toBytes());
+  }
+};
+
+// src/silent_setup_encryption.ts
+var EncryptionContext = class {
+  workers;
+  threshold;
+  moduleAddr;
+  moduleName;
+  constructor({ workers, threshold, moduleAddr, moduleName }) {
+    this.workers = workers;
+    this.threshold = threshold;
+    this.moduleAddr = moduleAddr;
+    this.moduleName = moduleName;
+  }
+  serialize(serializer) {
+    serializer.serializeVector(this.workers);
+    serializer.serializeU64(this.threshold);
+    serializer.serialize(this.moduleAddr);
+    serializer.serializeStr(this.moduleName);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk16.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  async loadEncryptor(aptos) {
+    const workerConfigs = await Promise.all(this.workers.map(async (worker) => {
+      const config = await view(aptos, worker);
+      return config;
+    }));
+    return new Encryptor(this, workerConfigs);
+  }
+};
+var DecryptionContext = class _DecryptionContext {
+  workers;
+  threshold;
+  moduleAddr;
+  moduleName;
+  domain;
+  constructor({ workers, threshold, moduleAddr, moduleName, domain }) {
+    this.workers = workers;
+    this.threshold = threshold;
+    this.moduleAddr = moduleAddr;
+    this.moduleName = moduleName;
+    this.domain = domain;
+  }
+  static dummy() {
+    return new _DecryptionContext({
+      workers: [],
+      threshold: 0,
+      moduleAddr: import_ts_sdk16.AccountAddress.fromString("0x0"),
+      moduleName: "",
+      domain: new Uint8Array(0)
+    });
+  }
+  static deserialize(deserializer) {
+    const workers = deserializer.deserializeVector(import_ts_sdk16.AccountAddress);
+    const threshold = Number(deserializer.deserializeU64());
+    const moduleAddr = deserializer.deserialize(import_ts_sdk16.AccountAddress);
+    const moduleName = deserializer.deserializeStr();
+    const domain = deserializer.deserializeBytes();
+    return new _DecryptionContext({ workers, threshold, moduleAddr, moduleName, domain });
+  }
+  serialize(serializer) {
+    serializer.serializeVector(this.workers);
+    serializer.serializeU64(this.threshold);
+    serializer.serialize(this.moduleAddr);
+    serializer.serializeStr(this.moduleName);
+    serializer.serializeBytes(this.domain);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk16.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils21.bytesToHex)(this.toBytes());
+  }
+  toWalletSignMessage() {
+    return JSON.stringify({
+      messageType: "ThresholdDecryptionRequestV0",
+      workers: this.workers.map((w) => w.toString()),
+      threshold: this.threshold,
+      moduleAddr: this.moduleAddr.toString(),
+      moduleName: this.moduleName,
+      domain: `0x${(0, import_utils21.bytesToHex)(this.domain)}`
+    });
+  }
+  async loadDecryptor({ aptos, userAddr, publicKey, signature }) {
+    const decKeyLoadResults = await Promise.all(this.workers.map(async (worker) => {
+      const config = await view(aptos, worker);
+      const task = WorkerTask.newSilentSetupDecryptionKey(this, userAddr, publicKey, signature);
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), 5e3);
+      var response = null;
+      try {
+        response = await fetch(config.endpoint, {
+          method: "POST",
+          body: task.toHex(),
+          signal: controller.signal
+        });
+      } catch (error) {
+        clearTimeout(timeoutId);
+      }
+      if (response == null) {
+        return new WorkerTimedOut2();
+      }
+      const responseBody = await response.text();
+      if (response.status !== 200) {
+        return new WorkerRejected2(response.status, responseBody);
+      }
+      try {
+        return IdentityPrivateKey2.fromHex(responseBody);
+      } catch (error) {
+        return new CouldNotParseDecryptionKey2(responseBody);
+      }
+    }));
+    const numSharesCollected = decKeyLoadResults.filter((loadResult) => loadResult instanceof IdentityPrivateKey2).length;
+    if (numSharesCollected < this.threshold) {
+      const workerResults = this.workers.map((worker, i) => {
+        const result = decKeyLoadResults[i];
+        return `${worker}: ${result instanceof IdentityPrivateKey2 ? "Success" : result.toDisplayString()}`;
+      }).join(", ");
+      throw new Error(`Failed to collect enough shares to decrypt. Collected ${numSharesCollected} shares, but needed ${this.threshold} shares. Worker results: ${workerResults}`);
+    }
+    const decKeys = decKeyLoadResults.map((loadResult) => loadResult instanceof IdentityPrivateKey2 ? loadResult : null);
+    return new Decryptor(this, decKeys);
+  }
+};
+var Ciphertext8 = class _Ciphertext {
+  decryptionContext;
+  aesCiph;
+  ibeCiphs;
+  constructor(decryptionContext, aesCiph, ibeCiphs) {
+    this.decryptionContext = decryptionContext;
+    this.aesCiph = aesCiph;
+    this.ibeCiphs = ibeCiphs;
+  }
+  static dummy() {
+    return new _Ciphertext(DecryptionContext.dummy(), Ciphertext6.dummy(), []);
+  }
+  static deserialize(deserializer) {
+    const decryptionContext = DecryptionContext.deserialize(deserializer);
+    const aesCiph = Ciphertext6.deserialize(deserializer);
+    const ibeCiphs = deserializer.deserializeVector(Ciphertext4);
+    return new _Ciphertext(decryptionContext, aesCiph, ibeCiphs);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk16.Deserializer(bytes);
+    const ret = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Ciphertext deserialization failed: extra bytes");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils21.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.decryptionContext.serialize(serializer);
+    this.aesCiph.serialize(serializer);
+    serializer.serializeU32AsUleb128(this.ibeCiphs.length);
+    this.ibeCiphs.forEach((ibeCiph) => ibeCiph.serialize(serializer));
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk16.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+var Encryptor = class {
+  domain;
+  workerConfigs;
+  constructor(domain, workerConfigs) {
+    this.domain = domain;
+    this.workerConfigs = workerConfigs;
+  }
+  encrypt({ domain, plaintext }) {
+    const decCtxt = new DecryptionContext({
+      workers: this.domain.workers,
+      threshold: this.domain.threshold,
+      moduleAddr: this.domain.moduleAddr,
+      moduleName: this.domain.moduleName,
+      domain
+    });
+    const symmKey = keygen8();
+    const symmKeyShares = split(symmKey.toBytes(), this.domain.threshold, this.domain.workers.length);
+    const symmCiph = encrypt6(symmKey, plaintext);
+    const ibeCiphs = symmKeyShares.map((share, idx) => encrypt4(this.workerConfigs[idx].ibeMpk, decCtxt.toBytes(), share.payload));
+    return new Ciphertext8(decCtxt, symmCiph, ibeCiphs);
+  }
+};
+var Decryptor = class {
+  ibeDecryptionKeys;
+  decryptionContext;
+  constructor(decryptionContext, ibeDecryptionKeys) {
+    this.decryptionContext = decryptionContext;
+    this.ibeDecryptionKeys = ibeDecryptionKeys;
+  }
+  decrypt(ciphertext) {
+    if (ciphertext.decryptionContext.toHex() !== this.decryptionContext.toHex()) {
+      throw new Error("Ciphertext does not match decryption domain");
+    }
+    const symmKeyShares = ciphertext.ibeCiphs.map((ibeCiph, idx) => {
+      if (this.ibeDecryptionKeys[idx] == null) {
+        console.log(`idx=${idx}, isk is null`);
+        return null;
+      }
+      const sharePayload = decrypt4(this.ibeDecryptionKeys[idx], ibeCiph);
+      if (sharePayload == null) {
+        console.log(`idx=${idx}, sharePayload is null`);
+        return null;
+      }
+      return new Share(idx + 1, sharePayload);
+    }).filter((share) => share != null);
+    const symmKeyBytes = combine(symmKeyShares);
+    const symmKey = Key2.fromBytes(symmKeyBytes);
+    return decrypt6(symmKey, ciphertext.aesCiph);
+  }
+};
+var WorkerTimedOut2 = class {
+  toDisplayString() {
+    return "Timed out";
+  }
+};
+var WorkerRejected2 = class {
+  statusCode;
+  responseBody;
+  constructor(statusCode, responseBody) {
+    this.statusCode = statusCode;
+    this.responseBody = responseBody;
+  }
+  toDisplayString() {
+    return `Rejected: ${this.statusCode} ${this.responseBody}`;
+  }
+};
+var CouldNotParseDecryptionKey2 = class {
+  originalHex;
+  constructor(originalHex) {
+    this.originalHex = originalHex;
+  }
+  toDisplayString() {
+    return `Could not parse decryption key: ${this.originalHex}`;
+  }
+};
+var RequestForDecryptionKey = class _RequestForDecryptionKey {
+  decryptionContext;
+  userAddr;
+  publicKey;
+  signature;
+  constructor(decryptionContext, userAddr, publicKey, signature) {
+    this.decryptionContext = decryptionContext;
+    this.userAddr = userAddr;
+    this.publicKey = publicKey;
+    this.signature = signature;
+  }
+  static deserialize(deserializer) {
+    const decryptionContext = DecryptionContext.deserialize(deserializer);
+    const userAddr = deserializer.deserialize(import_ts_sdk16.AccountAddress);
+    const publicKey = deserializer.deserialize(import_ts_sdk16.Ed25519PublicKey);
+    const signature = deserializer.deserialize(import_ts_sdk16.Ed25519Signature);
+    return new _RequestForDecryptionKey(decryptionContext, userAddr, publicKey, signature);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk16.Deserializer(bytes);
+    const ret = _RequestForDecryptionKey.deserialize(deserializer);
+    return ret;
+  }
+  static fromHex(hex) {
+    return _RequestForDecryptionKey.fromBytes((0, import_utils21.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.decryptionContext.serialize(serializer);
+    serializer.serialize(this.userAddr);
+    serializer.serialize(this.publicKey);
+    serializer.serialize(this.signature);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk16.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils21.bytesToHex)(this.toBytes());
+  }
+};
+
+// src/silent_setup_encryption_xchain/index.ts
+var silent_setup_encryption_xchain_exports = {};
+__export(silent_setup_encryption_xchain_exports, {
+  Aptos: () => aptos_exports,
+  Ciphertext: () => Ciphertext9,
+  ContractID: () => ContractID6,
+  DecryptionContext: () => DecryptionContext2,
+  Decryptor: () => Decryptor2,
+  EncryptionContext: () => EncryptionContext2,
+  Encryptor: () => Encryptor2,
+  ProofOfPermission: () => ProofOfPermission6,
+  RequestForDecryptionKey: () => RequestForDecryptionKey2,
+  SCHEME_APTOS: () => SCHEME_APTOS,
+  SCHEME_SOLANA: () => SCHEME_SOLANA,
+  Solana: () => solana_exports
+});
+var import_ts_sdk19 = require("@aptos-labs/ts-sdk");
+var import_utils24 = require("@noble/hashes/utils");
+
+// src/silent_setup_encryption_xchain/aptos.ts
+var aptos_exports = {};
+__export(aptos_exports, {
+  ContractID: () => ContractID4,
+  POP_SCHEME__V0: () => POP_SCHEME__V0,
+  ProofOfPermission: () => ProofOfPermission4,
+  ProofOfPermissionV0: () => ProofOfPermissionV0
+});
+var import_ts_sdk17 = require("@aptos-labs/ts-sdk");
+var import_utils22 = require("@noble/hashes/utils");
+var ContractID4 = class _ContractID {
+  chainId;
+  // u8
+  moduleAddr;
+  moduleName;
+  constructor(chainId, moduleAddr, moduleName) {
+    this.chainId = chainId;
+    this.moduleAddr = moduleAddr;
+    this.moduleName = moduleName;
+  }
+  static dummy() {
+    return new _ContractID(0, import_ts_sdk17.AccountAddress.fromString("0x0"), "");
+  }
+  static deserialize(deserializer) {
+    const chainId = deserializer.deserializeU8();
+    const moduleAddr = deserializer.deserialize(import_ts_sdk17.AccountAddress);
+    const moduleName = deserializer.deserializeStr();
+    return new _ContractID(chainId, moduleAddr, moduleName);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk17.Deserializer(bytes);
+    return _ContractID.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils22.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.chainId);
+    serializer.serialize(this.moduleAddr);
+    serializer.serializeStr(this.moduleName);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk17.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils22.bytesToHex)(this.toBytes());
+  }
+};
+var POP_SCHEME__V0 = 0;
+var ProofOfPermission4 = class _ProofOfPermission {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newV0(v0) {
+    return new _ProofOfPermission(POP_SCHEME__V0, v0);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme === POP_SCHEME__V0) {
+      const inner = ProofOfPermissionV0.deserialize(deserializer);
+      return new _ProofOfPermission(scheme, inner);
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk17.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils22.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    this.inner.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk17.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils22.bytesToHex)(this.toBytes());
+  }
+};
+var ProofOfPermissionV0 = class _ProofOfPermissionV0 {
+  userAddr;
+  publicKey;
+  signature;
+  constructor(userAddr, publicKey, signature) {
+    this.userAddr = userAddr;
+    this.publicKey = publicKey;
+    this.signature = signature;
+  }
+  static deserialize(deserializer) {
+    const userAddr = deserializer.deserialize(import_ts_sdk17.AccountAddress);
+    const publicKey = deserializer.deserialize(import_ts_sdk17.Ed25519PublicKey);
+    const signature = deserializer.deserialize(import_ts_sdk17.Ed25519Signature);
+    return new _ProofOfPermissionV0(userAddr, publicKey, signature);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk17.Deserializer(bytes);
+    return _ProofOfPermissionV0.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermissionV0.fromBytes((0, import_utils22.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serialize(this.userAddr);
+    serializer.serialize(this.publicKey);
+    serializer.serialize(this.signature);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk17.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils22.bytesToHex)(this.toBytes());
+  }
+};
+
+// src/silent_setup_encryption_xchain/solana.ts
+var solana_exports = {};
+__export(solana_exports, {
+  ContractID: () => ContractID5,
+  ContractIDV0: () => ContractIDV0,
+  POP_SCHEME__UNVERSIONED_TXN: () => POP_SCHEME__UNVERSIONED_TXN,
+  POP_SCHEME__VERSIONED_TXN: () => POP_SCHEME__VERSIONED_TXN,
+  ProofOfPermission: () => ProofOfPermission5,
+  SCHEME_V0: () => SCHEME_V0
+});
+var import_ts_sdk18 = require("@aptos-labs/ts-sdk");
+var import_utils23 = require("@noble/hashes/utils");
+var import_web32 = require("@solana/web3.js");
+var SCHEME_V0 = 0;
+var ContractID5 = class _ContractID {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newV0(v0) {
+    return new _ContractID(SCHEME_V0, v0);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme == SCHEME_V0) {
+      return new _ContractID(SCHEME_V0, ContractIDV0.deserialize(deserializer));
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk18.Deserializer(bytes);
+    return _ContractID.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils23.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == SCHEME_V0) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk18.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils23.bytesToHex)(this.toBytes());
+  }
+};
+var ContractIDV0 = class _ContractIDV0 {
+  knownChainName;
+  // mainnet-beta/testnet/devnet
+  programId;
+  constructor(knownChainName, programId) {
+    this.knownChainName = knownChainName;
+    this.programId = programId;
+  }
+  static deserialize(deserializer) {
+    const knownChainName = deserializer.deserializeStr();
+    const programId = new import_web32.PublicKey(deserializer.deserializeBytes());
+    return new _ContractIDV0(knownChainName, programId);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk18.Deserializer(bytes);
+    return _ContractIDV0.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractIDV0.fromBytes((0, import_utils23.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeStr(this.knownChainName);
+    serializer.serializeBytes(this.programId.toBytes());
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk18.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils23.bytesToHex)(this.toBytes());
+  }
+};
+var POP_SCHEME__UNVERSIONED_TXN = 0;
+var POP_SCHEME__VERSIONED_TXN = 1;
+var ProofOfPermission5 = class _ProofOfPermission {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newVersioned(txn) {
+    return new _ProofOfPermission(POP_SCHEME__VERSIONED_TXN, txn);
+  }
+  static newUnversioned(txn) {
+    return new _ProofOfPermission(POP_SCHEME__UNVERSIONED_TXN, txn);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    const bytes = deserializer.deserializeBytes();
+    if (scheme == POP_SCHEME__VERSIONED_TXN) {
+      const inner = import_web32.VersionedTransaction.deserialize(bytes);
+      return new _ProofOfPermission(POP_SCHEME__VERSIONED_TXN, inner);
+    } else if (scheme == POP_SCHEME__UNVERSIONED_TXN) {
+      const inner = import_web32.Transaction.from(Buffer.from(bytes));
+      return new _ProofOfPermission(POP_SCHEME__UNVERSIONED_TXN, inner);
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk18.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils23.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == POP_SCHEME__VERSIONED_TXN) {
+      serializer.serializeBytes(this.inner.serialize());
+    } else if (this.scheme == POP_SCHEME__UNVERSIONED_TXN) {
+      serializer.serializeBytes(this.inner.serialize());
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk18.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils23.bytesToHex)(this.toBytes());
+  }
+};
+
+// src/silent_setup_encryption_xchain/index.ts
+var SCHEME_APTOS = 0;
+var SCHEME_SOLANA = 1;
+var ContractID6 = class _ContractID {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newAptos(id) {
+    return new _ContractID(SCHEME_APTOS, id);
+  }
+  static newSolana(id) {
+    return new _ContractID(SCHEME_SOLANA, id);
+  }
+  static dummy() {
+    return new _ContractID(SCHEME_APTOS, ContractID4.dummy());
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme == SCHEME_APTOS) {
+      return new _ContractID(SCHEME_APTOS, ContractID4.deserialize(deserializer));
+    } else if (scheme == SCHEME_SOLANA) {
+      return new _ContractID(SCHEME_SOLANA, ContractID5.deserialize(deserializer));
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    return _ContractID.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ContractID.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == SCHEME_APTOS) {
+      this.inner.serialize(serializer);
+    } else if (this.scheme == SCHEME_SOLANA) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils24.bytesToHex)(this.toBytes());
+  }
+};
+var ProofOfPermission6 = class _ProofOfPermission {
+  scheme;
+  inner;
+  constructor(scheme, inner) {
+    this.scheme = scheme;
+    this.inner = inner;
+  }
+  static newAptos(id) {
+    return new _ProofOfPermission(SCHEME_APTOS, id);
+  }
+  static newSolana(id) {
+    return new _ProofOfPermission(SCHEME_SOLANA, id);
+  }
+  static deserialize(deserializer) {
+    const scheme = deserializer.deserializeU8();
+    if (scheme == SCHEME_APTOS) {
+      return new _ProofOfPermission(SCHEME_APTOS, ProofOfPermission4.deserialize(deserializer));
+    } else if (scheme == SCHEME_SOLANA) {
+      return new _ProofOfPermission(SCHEME_SOLANA, ProofOfPermission5.deserialize(deserializer));
+    } else {
+      throw new Error(`Unknown scheme: ${scheme}`);
+    }
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    return _ProofOfPermission.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _ProofOfPermission.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU8(this.scheme);
+    if (this.scheme == SCHEME_APTOS) {
+      this.inner.serialize(serializer);
+    } else if (this.scheme == SCHEME_SOLANA) {
+      this.inner.serialize(serializer);
+    } else {
+      throw new Error(`Unknown scheme: ${this.scheme}`);
+    }
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils24.bytesToHex)(this.toBytes());
+  }
+};
+var EncryptionContext2 = class _EncryptionContext {
+  workers;
+  threshold;
+  contractId;
+  constructor({ workers, threshold, contractId }) {
+    this.workers = workers;
+    this.threshold = threshold;
+    this.contractId = contractId;
+  }
+  static deserialize(deserializer) {
+    const numWorkers = deserializer.deserializeUleb128AsU32();
+    if (numWorkers === 0) throw new Error("workers must be non-empty");
+    const workers = Array.from({ length: numWorkers }, () => deserializer.deserializeStr());
+    const threshold = Number(deserializer.deserializeU64());
+    if (threshold == 0) throw new Error("threshold must be greater than 0");
+    if (threshold > numWorkers) throw new Error("threshold must be less than or equal to the number of workers");
+    const contractId = ContractID6.deserialize(deserializer);
+    return new _EncryptionContext({ workers, threshold, contractId });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    return _EncryptionContext.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _EncryptionContext.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU32AsUleb128(this.workers.length);
+    this.workers.forEach((w) => serializer.serializeStr(w));
+    serializer.serializeU64(this.threshold);
+    this.contractId.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils24.bytesToHex)(this.toBytes());
+  }
+  async loadEncryptor() {
+    const workerConfigs = await Promise.all(this.workers.map(async (worker) => {
+      const config = await worker_config_exports.get(worker);
+      return config;
+    }));
+    return new Encryptor2(this, workerConfigs);
+  }
+};
+var DecryptionContext2 = class _DecryptionContext {
+  workers;
+  threshold;
+  contractId;
+  domain;
+  constructor({ workers, threshold, contractId, domain }) {
+    if (workers.length === 0) throw new Error("workers must be non-empty");
+    if (threshold > workers.length) throw new Error("threshold must be less than or equal to the number of workers");
+    if (threshold == 0) throw new Error("threshold must be greater than 0");
+    this.workers = workers;
+    this.threshold = threshold;
+    this.contractId = contractId;
+    this.domain = domain;
+  }
+  static dummy() {
+    return new _DecryptionContext({
+      workers: [],
+      threshold: 0,
+      contractId: ContractID6.dummy(),
+      domain: new Uint8Array(0)
+    });
+  }
+  static deserialize(deserializer) {
+    const numWorkers = deserializer.deserializeUleb128AsU32();
+    if (numWorkers === 0) throw new Error("workers must be non-empty");
+    const workers = Array.from({ length: numWorkers }, () => deserializer.deserializeStr());
+    const threshold = Number(deserializer.deserializeU64());
+    if (threshold == 0) throw new Error("threshold must be greater than 0");
+    if (threshold > numWorkers) throw new Error("threshold must be less than or equal to the number of workers");
+    const contractId = ContractID6.deserialize(deserializer);
+    const domain = deserializer.deserializeBytes();
+    return new _DecryptionContext({ workers, threshold, contractId, domain });
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    return _DecryptionContext.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _DecryptionContext.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    serializer.serializeU32AsUleb128(this.workers.length);
+    this.workers.forEach((w) => serializer.serializeStr(w));
+    serializer.serializeU64(this.threshold);
+    this.contractId.serialize(serializer);
+    serializer.serializeBytes(this.domain);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils24.bytesToHex)(this.toBytes());
+  }
+  async loadDecryptor(proof) {
+    const decKeyLoadResults = await Promise.all(this.workers.map(async (workerEndpoint) => {
+      const task = WorkerTask.newXChainSilentSetupDecryptionKey(this, proof);
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), 5e3);
+      var response = null;
+      try {
+        response = await fetch(workerEndpoint, {
+          method: "POST",
+          body: task.toHex(),
+          signal: controller.signal
+        });
+      } catch (error) {
+        clearTimeout(timeoutId);
+      }
+      if (response == null) {
+        return new WorkerTimedOut3();
+      }
+      const responseBody = await response.text();
+      if (response.status !== 200) {
+        return new WorkerRejected3(response.status, responseBody);
+      }
+      try {
+        return IdentityPrivateKey2.fromHex(responseBody);
+      } catch (error) {
+        return new CouldNotParseDecryptionKey3(responseBody);
+      }
+    }));
+    const numSharesCollected = decKeyLoadResults.filter((loadResult) => loadResult instanceof IdentityPrivateKey2).length;
+    if (numSharesCollected < this.threshold) {
+      const workerResults = this.workers.map((worker, i) => {
+        const result = decKeyLoadResults[i];
+        return `${worker}: ${result instanceof IdentityPrivateKey2 ? "Success" : result.toDisplayString()}`;
+      }).join(", ");
+      throw new Error(`Failed to collect enough shares to decrypt. Collected ${numSharesCollected} shares, but needed ${this.threshold} shares. Worker results: ${workerResults}`);
+    }
+    const decKeys = decKeyLoadResults.map((loadResult) => loadResult instanceof IdentityPrivateKey2 ? loadResult : null);
+    return new Decryptor2(this, decKeys);
+  }
+};
+var Ciphertext9 = class _Ciphertext {
+  decryptionContext;
+  aesCiph;
+  ibeCiphs;
+  constructor(decryptionContext, aesCiph, ibeCiphs) {
+    this.decryptionContext = decryptionContext;
+    this.aesCiph = aesCiph;
+    this.ibeCiphs = ibeCiphs;
+  }
+  static dummy() {
+    return new _Ciphertext(DecryptionContext2.dummy(), Ciphertext6.dummy(), []);
+  }
+  static deserialize(deserializer) {
+    const decryptionContext = DecryptionContext2.deserialize(deserializer);
+    const aesCiph = Ciphertext6.deserialize(deserializer);
+    const ibeCiphs = deserializer.deserializeVector(Ciphertext4);
+    return new _Ciphertext(decryptionContext, aesCiph, ibeCiphs);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    const ret = _Ciphertext.deserialize(deserializer);
+    if (deserializer.remaining() !== 0) {
+      throw new Error("Ciphertext deserialization failed: extra bytes");
+    }
+    return ret;
+  }
+  static fromHex(hex) {
+    return _Ciphertext.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.decryptionContext.serialize(serializer);
+    this.aesCiph.serialize(serializer);
+    serializer.serializeU32AsUleb128(this.ibeCiphs.length);
+    this.ibeCiphs.forEach((ibeCiph) => ibeCiph.serialize(serializer));
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+};
+var Encryptor2 = class {
+  domain;
+  workerConfigs;
+  constructor(domain, workerConfigs) {
+    this.domain = domain;
+    this.workerConfigs = workerConfigs;
+  }
+  encrypt({ domain, plaintext }) {
+    const decCtxt = new DecryptionContext2({
+      workers: this.domain.workers,
+      threshold: this.domain.threshold,
+      contractId: this.domain.contractId,
+      domain
+    });
+    const symmKey = keygen8();
+    const symmKeyShares = split(symmKey.toBytes(), this.domain.threshold, this.domain.workers.length);
+    const symmCiph = encrypt6(symmKey, plaintext);
+    const ibeCiphs = symmKeyShares.map((share, idx) => encrypt4(this.workerConfigs[idx].ibeMpk, decCtxt.toBytes(), share.payload));
+    return new Ciphertext9(decCtxt, symmCiph, ibeCiphs);
+  }
+};
+var Decryptor2 = class {
+  ibeDecryptionKeys;
+  decryptionContext;
+  constructor(decryptionContext, ibeDecryptionKeys) {
+    this.decryptionContext = decryptionContext;
+    this.ibeDecryptionKeys = ibeDecryptionKeys;
+  }
+  decrypt(ciphertext) {
+    if (ciphertext.decryptionContext.toHex() !== this.decryptionContext.toHex()) {
+      throw new Error("Ciphertext does not match decryption domain");
+    }
+    const symmKeyShares = ciphertext.ibeCiphs.map((ibeCiph, idx) => {
+      if (this.ibeDecryptionKeys[idx] == null) {
+        console.log(`idx=${idx}, isk is null`);
+        return null;
+      }
+      const sharePayload = decrypt4(this.ibeDecryptionKeys[idx], ibeCiph);
+      if (sharePayload == null) {
+        console.log(`idx=${idx}, sharePayload is null`);
+        return null;
+      }
+      return new Share(idx + 1, sharePayload);
+    }).filter((share) => share != null);
+    const symmKeyBytes = combine(symmKeyShares);
+    const symmKey = Key2.fromBytes(symmKeyBytes);
+    return decrypt6(symmKey, ciphertext.aesCiph);
+  }
+};
+var WorkerTimedOut3 = class {
+  toDisplayString() {
+    return "Timed out";
+  }
+};
+var WorkerRejected3 = class {
+  statusCode;
+  responseBody;
+  constructor(statusCode, responseBody) {
+    this.statusCode = statusCode;
+    this.responseBody = responseBody;
+  }
+  toDisplayString() {
+    return `Rejected: ${this.statusCode} ${this.responseBody}`;
+  }
+};
+var CouldNotParseDecryptionKey3 = class {
+  originalHex;
+  constructor(originalHex) {
+    this.originalHex = originalHex;
+  }
+  toDisplayString() {
+    return `Could not parse decryption key: ${this.originalHex}`;
+  }
+};
+var RequestForDecryptionKey2 = class _RequestForDecryptionKey {
+  decryptionContext;
+  proofOfPermission;
+  constructor(decryptionContext, proofOfPermission) {
+    this.decryptionContext = decryptionContext;
+    this.proofOfPermission = proofOfPermission;
+  }
+  static deserialize(deserializer) {
+    const decryptionContext = DecryptionContext2.deserialize(deserializer);
+    const proofOfPermission = ProofOfPermission6.deserialize(deserializer);
+    return new _RequestForDecryptionKey(decryptionContext, proofOfPermission);
+  }
+  static fromBytes(bytes) {
+    const deserializer = new import_ts_sdk19.Deserializer(bytes);
+    return _RequestForDecryptionKey.deserialize(deserializer);
+  }
+  static fromHex(hex) {
+    return _RequestForDecryptionKey.fromBytes((0, import_utils24.hexToBytes)(hex));
+  }
+  serialize(serializer) {
+    this.decryptionContext.serialize(serializer);
+    this.proofOfPermission.serialize(serializer);
+  }
+  toBytes() {
+    const serializer = new import_ts_sdk19.Serializer();
+    this.serialize(serializer);
+    return serializer.toUint8Array();
+  }
+  toHex() {
+    return (0, import_utils24.bytesToHex)(this.toBytes());
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ElGamal,
+  Enc,
+  Group,
+  IBE,
+  Sig,
+  SilentSetupEncryption,
+  SilentSetupEncryptionXChain,
+  Sym,
+  ThresholdIbe,
+  Utils,
+  WorkerConfig,
+  WorkerTask
+});
+//# sourceMappingURL=index.js.map