accounts 0.7.0 → 0.7.2

package/src/react-native/adapter.ts

@@ -9,7 +9,7 @@ import {
 } from 'ox'
 import { KeyAuthorization } from 'ox/tempo'
 import { prepareTransactionRequest } from 'viem/actions'
-import { Account as TempoAccount, Secp256k1 } from 'viem/tempo'
+import { Actions, Account as TempoAccount, Secp256k1 } from 'viem/tempo'
 
 import * as AccessKey from '../core/AccessKey.js'
 import * as Adapter from '../core/Adapter.js'
@@ -28,27 +28,59 @@ export function reactNative(options: reactNative.Options): Adapter.Adapter {
     async function loadManagedKey(
       address: Adapter.authorizeAccessKey.ReturnType['rootAddress'],
       parameters: loadManagedKey.Options = {},
-    ): Promise<ManagedKeyEntry | undefined> {
+    ): Promise<loadManagedKey.ReturnType | undefined> {
       const { keyType } = parameters
       const { secureStorage } = options
       if (!secureStorage) return undefined
 
       const { chainId } = store.getState()
-      const storageKey = managedKeyStorageKey(address, chainId, keyType)
-      const entry = await secureStorage.getItem<ManagedKeyEntry>(storageKey)
+      const storageKeys = keyType
+        ? [managedKeyStorageKey(address, chainId, keyType)]
+        : [
+            managedKeyStorageKey(address, chainId, 'secp256k1'),
+            managedKeyStorageKey(address, chainId, 'p256'),
+            managedKeyStorageKey(address, chainId),
+          ]
+      let entry: ManagedKeyEntry | null = null
+      for (const storageKey of storageKeys) {
+        entry = await secureStorage.getItem<ManagedKeyEntry>(storageKey)
+        if (entry) break
+      }
       if (!entry) return undefined
 
+      const account =
+        entry.keyType === 'p256'
+          ? TempoAccount.fromP256(entry.key, { access: address })
+          : TempoAccount.fromSecp256k1(entry.key, { access: address })
+      const keyAddress = core_Address.fromPublicKey(PublicKey.from(account.publicKey))
       const deserialized = KeyAuthorization.deserialize(entry.keyAuthorization)
       if (!deserialized.signature) throw new Error('Managed access key is missing a signature.')
       const keyAuthorization = deserialized as KeyAuthorization.Signed
-      AccessKey.save({
-        address,
-        keyAuthorization,
-        privateKey: entry.key,
-        store,
-      })
 
-      return entry
+      if (keyAuthorization.address.toLowerCase() === keyAddress.toLowerCase())
+        AccessKey.save({
+          address,
+          keyAuthorization,
+          privateKey: entry.key,
+          store,
+        })
+      else
+        store.setState((state) => ({
+          accessKeys: state.accessKeys.filter(
+            (accessKey) =>
+              accessKey.address.toLowerCase() !== keyAuthorization.address.toLowerCase(),
+          ),
+        }))
+
+      return {
+        account,
+        expiry: entry.expiry,
+        key: entry.key,
+        keyAddress,
+        keyType: entry.keyType,
+        publicKey: account.publicKey,
+        storedAuthorization: keyAuthorization,
+      }
     }
 
     async function resolveManagedKey(
@@ -63,19 +95,14 @@ export function reactNative(options: reactNative.Options): Adapter.Adapter {
       const entry = address
         ? await loadManagedKey(address, requestedKeyType ? { keyType: requestedKeyType } : {})
         : undefined
-      if (entry) {
-        const account =
-          entry.keyType === 'p256'
-            ? TempoAccount.fromP256(entry.key, { access: address })
-            : TempoAccount.fromSecp256k1(entry.key, { access: address })
+      if (entry)
         return {
-          account,
+          account: entry.account,
           key: entry.key,
           keyAddress: entry.keyAddress,
           keyType: entry.keyType,
-          publicKey: account.publicKey,
+          publicKey: entry.publicKey,
         }
-      }
 
       const nextKeyType = requestedKeyType === 'p256' ? 'p256' : 'secp256k1'
       const key = nextKeyType === 'p256' ? P256.randomPrivateKey() : Secp256k1.randomPrivateKey()
@@ -124,6 +151,44 @@ export function reactNative(options: reactNative.Options): Adapter.Adapter {
       await secureStorage.setItem(storageKey, entry)
     }
 
+    async function isManagedKeyAuthorized(
+      address: Adapter.authorizeAccessKey.ReturnType['rootAddress'],
+      managedKey: loadManagedKey.ReturnType,
+    ) {
+      try {
+        const metadata = await Actions.accessKey.getMetadata(getClient(), {
+          account: address,
+          accessKey: managedKey.keyAddress,
+        })
+        return (
+          metadata.address.toLowerCase() === managedKey.keyAddress.toLowerCase() &&
+          !metadata.isRevoked
+        )
+      } catch {
+        return false
+      }
+    }
+
+    async function reauthorizeManagedKey(
+      address: Adapter.authorizeAccessKey.ReturnType['rootAddress'],
+      managedKey: loadManagedKey.ReturnType,
+    ) {
+      const result = await authorize({
+        account: address,
+        authorizeAccessKey: {
+          expiry: managedKey.expiry,
+          keyType: managedKey.keyType,
+          ...(managedKey.storedAuthorization.limits
+            ? { limits: managedKey.storedAuthorization.limits.map((limit) => ({ ...limit })) }
+            : {}),
+          publicKey: managedKey.publicKey,
+        },
+        method: 'wallet_authorizeAccessKey',
+      })
+      await saveManagedKey(address, managedKey, result.keyAuthorization)
+      return result.keyAuthorization
+    }
+
     async function withManagedAccessKey<result>(
       fn: (
         account: TempoAccount.Account,
@@ -131,10 +196,14 @@ export function reactNative(options: reactNative.Options): Adapter.Adapter {
       ) => Promise<result>,
     ) {
       const rootAddress = store.getState().accounts[store.getState().activeAccount]?.address
-      if (rootAddress) await loadManagedKey(rootAddress)
+      const managedKey = rootAddress ? await loadManagedKey(rootAddress) : undefined
+
+      const account = managedKey?.account ?? getAccount({ signable: true })
+      let keyAuthorization = AccessKey.getPending(account, { store })
+      if (rootAddress && managedKey && !keyAuthorization)
+        if (!(await isManagedKeyAuthorized(rootAddress, managedKey)))
+          keyAuthorization = await reauthorizeManagedKey(rootAddress, managedKey)
 
-      const account = getAccount({ signable: true })
-      const keyAuthorization = AccessKey.getPending(account, { store })
       try {
         const result = await fn(account, keyAuthorization ?? undefined)
         AccessKey.removePending(account, { store })
@@ -371,6 +440,11 @@ declare namespace loadManagedKey {
   type Options = {
     keyType?: 'secp256k1' | 'p256' | undefined
   }
+
+  type ReturnType = resolveManagedKey.ReturnType & {
+    expiry: number
+    storedAuthorization: KeyAuthorization.Signed
+  }
 }
 
 /** Entry shape persisted to secure storage for managed access keys. */

package/src/server/internal/handlers/codeAuth.ts

@@ -1,6 +1,6 @@
 import type { Chain, Client, Transport } from 'viem'
 import { createClient, http } from 'viem'
-import { tempo, tempoModerato } from 'viem/chains'
+import { tempo, tempoDevnet, tempoModerato } from 'viem/chains'
 import * as z from 'zod/mini'
 
 import * as CliAuth from '../../CliAuth.js'
@@ -20,7 +20,7 @@ import { type Handler, from } from '../../Handler.js'
  */
 export function codeAuth(options: codeAuth.Options = {}): Handler {
   const {
-    chains = [tempo, tempoModerato],
+    chains = [tempo, tempoModerato, tempoDevnet],
     now,
     path = '/auth/pkce',
     policy,
@@ -127,7 +127,7 @@ export declare namespace codeAuth {
     /**
      * Supported chains. The handler resolves the client based on chain IDs carried
      * by device-code requests and key authorizations.
-     * @default [tempo, tempoModerato]
+     * @default [tempo, tempoModerato, tempoDevnet]
      */
     chains?: readonly [Chain, ...Chain[]] | undefined
     /** Time source used for TTL evaluation. */

package/src/server/internal/handlers/relay.ts

@@ -15,7 +15,7 @@ import {
 } from 'viem'
 import type { LocalAccount } from 'viem/accounts'
 import { simulateCalls } from 'viem/actions'
-import { tempo, tempoLocalnet, tempoMainnet, tempoModerato } from 'viem/chains'
+import { tempo, tempoDevnet, tempoLocalnet, tempoMainnet, tempoModerato } from 'viem/chains'
 import { Abis, Actions, Addresses, Capabilities, Transaction } from 'viem/tempo'
 
 import * as ExecutionError from '../../../core/ExecutionError.js'
@@ -64,7 +64,7 @@ import * as Utils from './utils.js'
  */
 export function relay(options: relay.Options = {}): Handler {
   const {
-    chains = [tempo, tempoModerato],
+    chains = [tempo, tempoModerato, tempoDevnet],
     onRequest,
     path = '/',
     resolveTokens = (chainId) =>
@@ -420,6 +420,12 @@ export namespace relay {
       '0x20c0000000000000000000009e8d7eb59b783726', // USDC.e
       '0x20c000000000000000000000d72572838bbee59c', // EURC.e
     ],
+    [tempoDevnet.id]: [
+      '0x20c0000000000000000000000000000000000000', // pathUSD
+      '0x20c0000000000000000000000000000000000001', // alphaUSD
+      '0x20c0000000000000000000000000000000000002', // betaUSD
+      '0x20c0000000000000000000000000000000000003', // thetaUSD
+    ],
     [tempoLocalnet.id]: [
       '0x20c0000000000000000000000000000000000000', // pathUSD
       '0x20c0000000000000000000000000000000000001', // alphaUSD
@@ -442,7 +448,7 @@ export namespace relay {
     /**
      * Supported chains. The handler resolves the client based on the
      * `chainId` in the incoming transaction.
-     * @default [tempo, tempoModerato]
+     * @default [tempo, tempoModerato, tempoDevnet]
      */
     chains?: readonly [Chain, ...Chain[]] | undefined
     /**

package/src/wagmi/index.ts

@@ -1,2 +1,38 @@
-export * as Connector from './Connector.js'
-export { dangerous_secp256k1, dialog, dialog as tempoWallet, webAuthn } from './Connector.js'
+import * as wagmi_tempo from '@wagmi/core/tempo'
+
+/**
+ * Compatibility object for legacy `accounts/wagmi` `Connector.*` access.
+ *
+ * @deprecated Import named exports from `wagmi/tempo` or `@wagmi/core/tempo` instead. If you only need `tempoWallet`, you can also import it from `wagmi/connectors`.
+ */
+export const Connector = {
+  ...wagmi_tempo,
+  dialog: wagmi_tempo.tempoWallet,
+} as const
+
+export {
+  /**
+   * Compatibility alias for the Tempo Wallet connector.
+   *
+   * @deprecated Import `tempoWallet` from `wagmi/connectors`, `wagmi/tempo`, or `@wagmi/core/tempo` instead.
+   */
+  tempoWallet as dialog,
+  /**
+   * Compatibility alias for the Tempo `dangerous_secp256k1` connector.
+   *
+   * @deprecated Import `dangerous_secp256k1` from `wagmi/tempo` or `@wagmi/core/tempo` instead.
+   */
+  dangerous_secp256k1,
+  /**
+   * Compatibility alias for the Tempo Wallet connector.
+   *
+   * @deprecated Import `tempoWallet` from `wagmi/connectors`, `wagmi/tempo`, or `@wagmi/core/tempo` instead.
+   */
+  tempoWallet,
+  /**
+   * Compatibility alias for the Tempo `webAuthn` connector.
+   *
+   * @deprecated Import `webAuthn` from `wagmi/tempo` or `@wagmi/core/tempo` instead.
+   */
+  webAuthn,
+} from '@wagmi/core/tempo'

package/dist/wagmi/Connector.d.ts

@@ -1,130 +0,0 @@
-import { type Address } from 'viem';
-import * as z from 'zod/mini';
-import { dangerous_secp256k1 as dangerous_secp256k1_adapter } from '../core/adapters/dangerous_secp256k1.js';
-import { dialog as core_dialog } from '../core/adapters/dialog.js';
-import { webAuthn as webAuthn_adapter } from '../core/adapters/webAuthn.js';
-import * as Provider from '../core/Provider.js';
-import * as Rpc from '../core/zod/rpc.js';
-/**
- * Creates a wagmi connector backed by an accounts provider.
- */
-export declare function setup(parameters?: setup.Parameters): import("@wagmi/core").CreateConnectorFn<Provider.Provider, {
-    connect<withCapabilities extends boolean = false>(parameters?: {
-        capabilities?: NonNullable<z.output<typeof Rpc.wallet_connect.capabilities.request>> | undefined;
-        chainId?: number | undefined;
-        isReconnecting?: boolean | undefined;
-        withCapabilities?: withCapabilities | boolean | undefined;
-    }): Promise<{
-        accounts: withCapabilities extends true ? readonly {
-            address: Address;
-            capabilities: z.output<typeof Rpc.wallet_connect.capabilities.result>;
-        }[] : readonly Address[];
-        chainId: number;
-    }>;
-}, Record<string, unknown>>;
-export declare namespace setup {
-    type Parameters = Provider.create.Options;
-}
-/**
- * Creates a wagmi connector backed by a WebAuthn adapter.
- *
- * @example
- * ```ts
- * import { createConfig, http } from 'wagmi'
- * import { tempoModerato } from 'wagmi/chains'
- * import { webAuthn } from 'accounts/wagmi'
- *
- * const config = createConfig({
- *   chains: [tempoModerato],
- *   connectors: [webAuthn()],
- *   transports: { [tempoModerato.id]: http() },
- * })
- * ```
- */
-export declare function webAuthn(options?: webAuthn.Options): import("@wagmi/core").CreateConnectorFn<Provider.Provider, {
-    connect<withCapabilities extends boolean = false>(parameters?: {
-        capabilities?: NonNullable<z.output<typeof Rpc.wallet_connect.capabilities.request>> | undefined;
-        chainId?: number | undefined;
-        isReconnecting?: boolean | undefined;
-        withCapabilities?: withCapabilities | boolean | undefined;
-    }): Promise<{
-        accounts: withCapabilities extends true ? readonly {
-            address: Address;
-            capabilities: z.output<typeof Rpc.wallet_connect.capabilities.result>;
-        }[] : readonly Address[];
-        chainId: number;
-    }>;
-}, Record<string, unknown>>;
-export declare namespace webAuthn {
-    type Options = webAuthn_adapter.Options & Omit<setup.Parameters, 'adapter'>;
-}
-/**
- * Creates a wagmi connector backed by a dialog adapter.
- *
- * @example
- * ```ts
- * import { createConfig, http } from 'wagmi'
- * import { tempoModerato } from 'wagmi/chains'
- * import { dialog } from 'accounts/wagmi'
- *
- * const config = createConfig({
- *   chains: [tempoModerato],
- *   connectors: [dialog()],
- *   transports: { [tempoModerato.id]: http() },
- * })
- * ```
- */
-export declare function dialog(options?: dialog.Options): import("@wagmi/core").CreateConnectorFn<Provider.Provider, {
-    connect<withCapabilities extends boolean = false>(parameters?: {
-        capabilities?: NonNullable<z.output<typeof Rpc.wallet_connect.capabilities.request>> | undefined;
-        chainId?: number | undefined;
-        isReconnecting?: boolean | undefined;
-        withCapabilities?: withCapabilities | boolean | undefined;
-    }): Promise<{
-        accounts: withCapabilities extends true ? readonly {
-            address: Address;
-            capabilities: z.output<typeof Rpc.wallet_connect.capabilities.result>;
-        }[] : readonly Address[];
-        chainId: number;
-    }>;
-}, Record<string, unknown>>;
-export declare namespace dialog {
-    type Options = core_dialog.Options & Omit<setup.Parameters, 'adapter'>;
-}
-/**
- * Creates a wagmi connector backed by a secp256k1 adapter.
- *
- * @deprecated Private keys are stored in plaintext via the provider's storage adapter.
- * Use only for development, testing, or when the threat model allows it.
- *
- * @example
- * ```ts
- * import { createConfig, http } from 'wagmi'
- * import { tempoModerato } from 'wagmi/chains'
- * import { dangerous_secp256k1 } from 'accounts/wagmi'
- *
- * const config = createConfig({
- *   chains: [tempoModerato],
- *   connectors: [dangerous_secp256k1()],
- *   transports: { [tempoModerato.id]: http() },
- * })
- * ```
- */
-export declare function dangerous_secp256k1(options?: dangerous_secp256k1.Options): import("@wagmi/core").CreateConnectorFn<Provider.Provider, {
-    connect<withCapabilities extends boolean = false>(parameters?: {
-        capabilities?: NonNullable<z.output<typeof Rpc.wallet_connect.capabilities.request>> | undefined;
-        chainId?: number | undefined;
-        isReconnecting?: boolean | undefined;
-        withCapabilities?: withCapabilities | boolean | undefined;
-    }): Promise<{
-        accounts: withCapabilities extends true ? readonly {
-            address: Address;
-            capabilities: z.output<typeof Rpc.wallet_connect.capabilities.result>;
-        }[] : readonly Address[];
-        chainId: number;
-    }>;
-}, Record<string, unknown>>;
-export declare namespace dangerous_secp256k1 {
-    type Options = dangerous_secp256k1_adapter.Options & Omit<setup.Parameters, 'adapter'>;
-}
-//# sourceMappingURL=Connector.d.ts.map

package/dist/wagmi/Connector.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"Connector.d.ts","sourceRoot":"","sources":["../../src/wagmi/Connector.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,OAAO,EAKb,MAAM,MAAM,CAAA;AACb,OAAO,KAAK,CAAC,MAAM,UAAU,CAAA;AAE7B,OAAO,EAAE,mBAAmB,IAAI,2BAA2B,EAAE,MAAM,yCAAyC,CAAA;AAC5G,OAAO,EAAE,MAAM,IAAI,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAClE,OAAO,EAAE,QAAQ,IAAI,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAC3E,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAA;AAC/C,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAA;AAEzC;;GAEG;AACH,wBAAgB,KAAK,CAAC,UAAU,GAAE,KAAK,CAAC,UAAmC;YAE/D,gBAAgB,SAAS,OAAO,uBAAuB;QAC7D,YAAY,CAAC,EACT,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GACrE,SAAS,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QAC5B,cAAc,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;QACpC,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,OAAO,GAAG,SAAS,CAAA;KAC1D,GAAG,OAAO,CAAC;QACV,QAAQ,EAAE,gBAAgB,SAAS,IAAI,GACnC,SAAS;YACP,OAAO,EAAE,OAAO,CAAA;YAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;SACtE,EAAE,GACH,SAAS,OAAO,EAAE,CAAA;QACtB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAC;4BAsML;AAED,MAAM,CAAC,OAAO,WAAW,KAAK,CAAC;IAC7B,KAAK,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAA;CAC1C;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,QAAQ,CAAC,OAAO,GAAE,QAAQ,CAAC,OAAY;YA3O3C,gBAAgB,SAAS,OAAO,uBAAuB;QAC7D,YAAY,CAAC,EACT,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GACrE,SAAS,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QAC5B,cAAc,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;QACpC,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,OAAO,GAAG,SAAS,CAAA;KAC1D,GAAG,OAAO,CAAC;QACV,QAAQ,EAAE,gBAAgB,SAAS,IAAI,GACnC,SAAS;YACP,OAAO,EAAE,OAAO,CAAA;YAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;SACtE,EAAE,GACH,SAAS,OAAO,EAAE,CAAA;QACtB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAC;4BAsOL;AAED,MAAM,CAAC,OAAO,WAAW,QAAQ,CAAC;IAChC,KAAK,OAAO,GAAG,gBAAgB,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,SAAS,CAAC,CAAA;CAC5E;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,MAAM,CAAC,OAAO,GAAE,MAAM,CAAC,OAAY;YA3QvC,gBAAgB,SAAS,OAAO,uBAAuB;QAC7D,YAAY,CAAC,EACT,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GACrE,SAAS,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QAC5B,cAAc,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;QACpC,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,OAAO,GAAG,SAAS,CAAA;KAC1D,GAAG,OAAO,CAAC;QACV,QAAQ,EAAE,gBAAgB,SAAS,IAAI,GACnC,SAAS;YACP,OAAO,EAAE,OAAO,CAAA;YAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;SACtE,EAAE,GACH,SAAS,OAAO,EAAE,CAAA;QACtB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAC;4BAkQL;AAED,MAAM,CAAC,OAAO,WAAW,MAAM,CAAC;IAC9B,KAAK,OAAO,GAAG,WAAW,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,SAAS,CAAC,CAAA;CACvE;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,mBAAmB,CAAC,OAAY;YA1SjE,gBAAgB,SAAS,OAAO,uBAAuB;QAC7D,YAAY,CAAC,EACT,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,GACrE,SAAS,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QAC5B,cAAc,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;QACpC,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,OAAO,GAAG,SAAS,CAAA;KAC1D,GAAG,OAAO,CAAC;QACV,QAAQ,EAAE,gBAAgB,SAAS,IAAI,GACnC,SAAS;YACP,OAAO,EAAE,OAAO,CAAA;YAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;SACtE,EAAE,GACH,SAAS,OAAO,EAAE,CAAA;QACtB,OAAO,EAAE,MAAM,CAAA;KAChB,CAAC;4BAiSL;AAED,MAAM,CAAC,OAAO,WAAW,mBAAmB,CAAC;IAC3C,KAAK,OAAO,GAAG,2BAA2B,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,SAAS,CAAC,CAAA;CACvF"}