better-near-auth 0.6.0 → 1.0.0

package/README.md

@@ -13,14 +13,14 @@
 
 </div>
 
-This [Better Auth](https://better-auth.com) plugin enables secure authentication via NEAR wallets following [NEP-413](https://github.com/near/NEPs/blob/master/neps/nep-0413.md) and adds a built-in [NEP-366](https://github.com/near/NEPs/blob/master/neps/nep-0366.md) delegate action relayer so authenticated users can call on-chain contracts gaslessly. It uses [FastNear](https://fastnear.com) for wallet connection, RPC queries, and transaction broadcasting.
+This [Better Auth](https://better-auth.com) plugin enables secure authentication via NEAR wallets following [NEP-413](https://github.com/near/NEPs/blob/master/neps/nep-0413.md) and adds a built-in [NEP-366](https://github.com/near/NEPs/blob/master/neps/nep-0366.md) delegate action relayer so authenticated users can call on-chain contracts gaslessly. It uses [near-kit](https://github.com/elliotBraem/near-kit) for RPC queries and transaction broadcasting, and [@hot-labs/near-connect](https://github.com/azbang/near-connect) for wallet connection.
 
 ## Features
 
 - **SIWN authentication** — wallet-based sign-in with automatic single-step/two-step flow detection
 - **Gasless relay** — server relays signed delegate actions on-chain, paying gas from a relayer account
 - **Ephemeral relayer keypair** — auto-generated ED25519 keypair on first startup, private key encrypted with AES-256-GCM in the database, persists across restarts
-- **Profile integration** — FastNear KV primary, NEAR Social fallback
+- **Profile integration** — near-kit profile lookup primary, NEAR Social fallback
 
 ## Installation
 
@@ -43,7 +43,6 @@ npm install better-near-auth
         plugins: [
             siwn({
                 recipient: "myapp.com",
-                anonymous: true,
 
                 // Optional: enable gasless relay
                 relayer: {
@@ -120,19 +119,7 @@ export function LoginButton() {
 }
 ```
 
-**Supported wallets for single-step flow:** Meteor Wallet, Intear Wallet, NEAR CLI, HOT Wallet, MyNearWallet, and more.
-
-### Manual Two-Step Flow (Optional)
-
-```ts
-await authClient.requestSignIn.near({
-  onSuccess: () => console.log("Wallet connected"),
-});
-
-await authClient.signIn.near({
-  onSuccess: () => console.log("Signed in!"),
-});
-```
+**Supported wallets:** HOT Wallet, Meteor Wallet, Intear Wallet, MyNearWallet, and more.
 
 ### Gasless Relay
 
@@ -140,20 +127,19 @@ Once the relayer is configured on the server, authenticated users can call on-ch
 
 ```ts
 // 1. Build a signed delegate action using the wallet's FAK
-const signedAction = await authClient.near.buildSignedDelegateAction({
-  receiverId: "myapp.near",
-  actions: [{
-    type: "FunctionCall",
-    methodName: "some_method",
-    args: new TextEncoder().encode(JSON.stringify({ key: "value" })),
-    gas: "30000000000000",
-    deposit: "0",
-  }],
-});
+import { Gas } from "near-kit";
+
+const signedAction = await authClient.near.buildSignedDelegateAction(
+  "myapp.near",
+  (builder, receiverId) => builder.functionCall(receiverId, "some_method", { key: "value" }, {
+    gas: Gas.Tgas(30),
+    attachedDeposit: BigInt(0),
+  })
+);
 
 // 2. Relay it — the server pays gas
 const result = await authClient.near.relayTransaction({
-  signedDelegateAction: signedAction,
+  payload: signedAction,
 });
 
 console.log("Tx hash:", result.txHash);
@@ -183,16 +169,11 @@ await authClient.near.disconnect();
 | Option | Type | Default | Description |
 |---|---|---|---|
 | `recipient` | `string` | — | NEP-413 recipient identifier (required) |
-| `anonymous` | `boolean` | `true` | Allow anonymous sign-ins |
-| `emailDomainName` | `string` | recipient | Email domain for non-anonymous accounts |
-| `requireFullAccessKey` | `boolean` | `true` | Require full access keys |
+| `requireFullAccessKey` | `boolean` | `false` | Require full access keys |
 | `getNonce` | `() => Promise<Uint8Array>` | — | Custom nonce generation |
-| `validateNonce` | `(nonce: Uint8Array) => boolean` | — | Custom nonce validation |
-| `validateRecipient` | `(recipient: string) => boolean` | — | Custom recipient validation |
-| `validateMessage` | `(message: string) => boolean` | — | Custom message validation |
 | `getProfile` | `(accountId: string) => Promise<Profile \| null>` | — | Custom profile lookup |
 | `validateLimitedAccessKey` | `(args) => Promise<boolean>` | — | Validate FAK when `requireFullAccessKey` is false |
-| `fastnearApiKey` | `string` | `process.env.FASTNEAR_API_KEY` | FastNear API key |
+| `apiKey` | `string` | `process.env.FASTNEAR_API_KEY` | API key for RPC |
 | `relayer` | `RelayerConfig` | — | Relayer configuration (see below) |
 
 #### Relayer Configuration
@@ -201,10 +182,9 @@ await authClient.near.disconnect();
 |---|---|---|---|
 | `accountId` | `string` | — | Named relayer account (explicit mode) |
 | `privateKey` | `string` | — | Base64 private key (explicit mode) |
-| `relayTarget` | `string` | FastNear RPC | RPC URL for broadcasting |
 | `whitelistedContracts` | `string[]` | — | Restrict relay to these contracts |
-| `maxGasPerTransaction` | `string` | `"300 Tgas"` | Max gas per relayed tx |
-| `maxDepositPerTransaction` | `string` | `"0"` | Max deposit per relayed tx |
+| `maxGasPerTransaction` | `string` | — | Max gas per relayed tx |
+| `maxDepositPerTransaction` | `string` | — | Max deposit per relayed tx |
 
 When `accountId` and `privateKey` are omitted, the relayer starts in **ephemeral mode**: an ED25519 keypair is generated on first startup, the implicit account ID is derived from the public key, and the private key is encrypted with AES-256-GCM (using `BETTER_AUTH_SECRET` as KEK via HKDF-SHA256) and stored in the database. The same keypair is recovered on restart.
 
@@ -213,7 +193,7 @@ When `accountId` and `privateKey` are omitted, the relayer starts in **ephemeral
 | Option | Type | Default | Description |
 |---|---|---|---|
 | `recipient` | `string` | — | NEP-413 recipient (must match server) |
-| `networkId` | `string` | `"mainnet"` | NEAR network |
+| `networkId` | `"mainnet" \| "testnet"` | `"mainnet"` | NEAR network |
 
 ## Schema
 
@@ -261,7 +241,7 @@ When `accountId` and `privateKey` are omitted, the relayer starts in **ephemeral
 **SIWN**
 - `nonce(params)` — Request a nonce from the server
 - `verify(params)` — Verify an auth token with the server
-- `getProfile(accountId?)` — Get user profile (FastNear KV → NEAR Social fallback)
+- `getProfile(accountId?)` — Get user profile (near-kit profile lookup → NEAR Social fallback)
 - `getAccountId()` — Currently connected account ID
 - `getState()` — Current wallet state
 - `disconnect()` — Disconnect wallet and clear cached data
@@ -270,15 +250,14 @@ When `accountId` and `privateKey` are omitted, the relayer starts in **ephemeral
 - `listAccounts()` — List all linked NEAR accounts
 
 **Relay**
-- `buildSignedDelegateAction({ receiverId, actions })` — Build + sign a delegate action via wallet FAK
-- `relayTransaction({ signedDelegateAction })` — Submit a signed delegate action to the relayer
+- `buildSignedDelegateAction(receiverId, buildActions)` — Build + sign a delegate action via wallet FAK
+- `relayTransaction({ payload })` — Submit a signed delegate action to the relayer
 - `getRelayStatus(txHash)` — Check relayed transaction status
-
-### `authClient.requestSignIn`
-- `near(callbacks?)` — Connect wallet and cache nonce (two-step flow)
+- `getRelayerInfo()` — Get relayer account info, mode, and balance
+- `relayHistory()` — List relayed transactions for current user
 
 ### `authClient.signIn`
-- `near(callbacks?)` — Sign message and authenticate (single-step or two-step)
+- `near(callbacks?)` — Connect wallet, sign message, and authenticate (single popup)
 
 ### Callback Interface
 
@@ -293,11 +272,8 @@ interface AuthCallbacks {
 
 | Code | Description |
 |---|---|
-| `SIGNER_NOT_AVAILABLE` | NEAR wallet not available |
-| `WALLET_NOT_CONNECTED` | Wallet not connected before signing |
-| `ACCOUNT_MISMATCH` | Cached nonce doesn't match current account |
-| `UNAUTHORIZED_NONCE_REPLAY` | Nonce already used |
-| `UNAUTHORIZED_INVALID_SIGNATURE` | Invalid signature verification |
+| `UNAUTHORIZED_NONCE_REPLAY` | Nonce already used (replay attack detected) |
+| `UNAUTHORIZED` | Generic auth failure (invalid signature, account mismatch, etc.) |
 
 ### Server Endpoints
 
@@ -312,13 +288,15 @@ interface AuthCallbacks {
 | POST | `/near/relay` | Relay a signed delegate action on-chain |
 | GET | `/near/relay-status/:txHash` | Check relayed transaction status |
 | GET | `/near/relayer-info` | Get relayer accountId, mode, balance |
+| GET | `/near/relay-history` | List relayed transactions for current user |
+| POST | `/near/view` | Server-side read-only contract call (authenticated) |
 
 ## Advanced Configuration
 
 ```ts title="advanced-auth.ts"
 import { betterAuth } from "better-auth";
 import { siwn } from "better-near-auth";
-import { generateNonce } from "near-sign-verify";
+import { generateNonce } from "near-kit";
 
 const usedNonces = new Set<string>();
 
@@ -326,27 +304,10 @@ export const auth = betterAuth({
   plugins: [
     siwn({
       recipient: "myapp.com",
-      anonymous: false,
-      emailDomainName: "myapp.com",
       requireFullAccessKey: false,
 
       getNonce: async () => generateNonce(),
 
-      validateNonce: (nonce: Uint8Array) => {
-        const nonceHex = Array.from(nonce).map(b => b.toString(16).padStart(2, '0')).join('');
-        if (usedNonces.has(nonceHex)) return false;
-        usedNonces.add(nonceHex);
-        return true;
-      },
-
-      validateRecipient: (recipient: string) => {
-        return ["myapp.com", "staging.myapp.com"].includes(recipient);
-      },
-
-      validateMessage: (message: string) => {
-        return message.includes("Sign in to") && message.length > 10;
-      },
-
       getProfile: async (accountId) => {
         try {
           const res = await fetch(`https://api.myapp.com/profiles/${accountId}`);
@@ -363,7 +324,7 @@ export const auth = betterAuth({
         return recipient ? allowed.includes(recipient) : true;
       },
 
-      fastnearApiKey: process.env.FASTNEAR_API_KEY,
+      apiKey: process.env.FASTNEAR_API_KEY,
 
       relayer: {
         accountId: "relayer.myapp.near",
@@ -389,7 +350,7 @@ The plugin detects the network from the account ID:
 ### NEP-413 Compliance
 - Proper nonce handling prevents replay attacks
 - Message format and recipient validation
-- 15-minute server-side nonce expiration, 5-minute client-side cache
+- 15-minute server-side nonce expiration with DB replay detection
 
 ### Relayer Key Security
 - Ephemeral private key encrypted at rest with AES-256-GCM
@@ -406,8 +367,6 @@ The plugin detects the network from the account ID:
 
 | Issue | Solution |
 |---|---|
-| "Wallet not connected" | Call `requestSignIn.near()` before `signIn.near()` |
-| "No valid nonce found" | Ensure `requestSignIn.near()` completed; client nonces expire after 5 min |
 | "Invalid or expired nonce" | Server nonces expire after 15 min; check clock sync |
 | "Account ID mismatch" | Verify signed message account ID matches wallet |
 | "Network ID mismatch" | Ensure networkId matches the account's network |
@@ -454,7 +413,7 @@ pnpm test
 - [NEAR Protocol](https://near.org)
 - [NEP-413 Specification](https://github.com/near/NEPs/blob/master/neps/nep-0413.md)
 - [NEP-366 Delegate Actions](https://github.com/near/NEPs/blob/master/neps/nep-0366.md)
-- [FastNear](https://fastnear.com)
-- [near-sign-verify](https://github.com/elliotBraem/near-sign-verify)
+- [near-kit](https://github.com/elliotBraem/near-kit)
+- [@hot-labs/near-connect](https://github.com/azbang/near-connect)
 - [Example Implementation](https://better-near-auth.near.page)
 - [Contributing Guide](./CONTRIBUTING.md)

package/dist/client.d.ts

@@ -1,9 +1,9 @@
-import * as nearWallet from "@fastnear/wallet";
-type NearWallet = typeof nearWallet;
+import { TransactionBuilder } from "near-kit";
+import type { Near as NearType } from "near-kit";
 import type { BetterAuthClientPlugin, BetterAuthClientOptions, BetterFetch, BetterFetchResponse, ClientStore } from "better-auth/client";
 import { atom } from "nanostores";
 import type { siwn } from "./index.js";
-import { type AccountId, type NonceRequestT, type NonceResponseT, type ProfileResponseT, type VerifyRequestT, type VerifyResponseT, type NearActionInput, type RelayResponseT, type RelayStatusResponseT, type NearAccount } from "./types.js";
+import { type AccountId, type NonceRequestT, type NonceResponseT, type ProfileResponseT, type VerifyRequestT, type VerifyResponseT, type RelayResponseT, type RelayStatusResponseT, type NearAccount, type ViewContractRequestT, type ViewContractResponseT, type RelayerInfo, type RelayHistoryResponseT } from "./types.js";
 export interface AuthCallbacks {
     onSuccess?: () => void;
     onError?: (error: Error & {
@@ -14,20 +14,13 @@ export interface AuthCallbacks {
 export interface SIWNClientConfig {
     recipient: string;
     networkId?: "mainnet" | "testnet";
-    fastnearApiKey?: string;
-}
-export interface CachedNonceData {
-    nonce: string;
-    accountId: string;
-    publicKey?: string | null;
-    networkId: string;
-    timestamp: number;
 }
 export interface SIWNClientActions {
     near: {
         nonce: (params: NonceRequestT) => Promise<BetterFetchResponse<NonceResponseT>>;
         verify: (params: VerifyRequestT) => Promise<BetterFetchResponse<VerifyResponseT>>;
         getProfile: (accountId?: AccountId) => Promise<BetterFetchResponse<ProfileResponseT>>;
+        view: (params: ViewContractRequestT) => Promise<BetterFetchResponse<ViewContractResponseT>>;
         getAccountId: () => string | null;
         getState: () => {
             accountId: string | null;
@@ -46,18 +39,16 @@ export interface SIWNClientActions {
         listAccounts: () => Promise<BetterFetchResponse<{
             accounts: NearAccount[];
         }>>;
-        buildSignedDelegateAction: (params: {
-            receiverId: string;
-            actions: NearActionInput[];
-        }) => Promise<string>;
+        buildSignedDelegateAction: (receiverId: string, buildActions: (builder: TransactionBuilder, receiverId: string) => TransactionBuilder) => Promise<string>;
         relayTransaction: (params: {
-            signedDelegateAction: string;
+            payload: string;
         }) => Promise<BetterFetchResponse<RelayResponseT>>;
         getRelayStatus: (txHash: string) => Promise<BetterFetchResponse<RelayStatusResponseT>>;
-        wallet: NearWallet;
-    };
-    requestSignIn: {
-        near: (callbacks?: AuthCallbacks) => Promise<void>;
+        getRelayerInfo: () => Promise<BetterFetchResponse<RelayerInfo & {
+            enabled: boolean;
+        }>>;
+        relayHistory: () => Promise<BetterFetchResponse<RelayHistoryResponseT>>;
+        client: NearType;
     };
     signIn: {
         near: (callbacks?: AuthCallbacks) => Promise<void>;
@@ -72,10 +63,8 @@ export interface SIWNClientPlugin extends BetterAuthClientPlugin {
             publicKey: string | null;
             networkId: string;
         } | null>>;
-        cachedNonce: ReturnType<typeof atom<CachedNonceData | null>>;
     };
     getActions: ($fetch: BetterFetch, $store: ClientStore, options: BetterAuthClientOptions | undefined) => SIWNClientActions;
 }
 export declare const siwnClient: (config: SIWNClientConfig) => SIWNClientPlugin;
-export {};
 //# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,kBAAkB,CAAC;AAE/C,KAAK,UAAU,GAAG,OAAO,UAAU,CAAC;AACpC,OAAO,KAAK,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,WAAW,EAAqB,mBAAmB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC5J,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAElC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,KAAK,SAAS,EAAE,KAAK,aAAa,EAAE,KAAK,cAAc,EAAE,KAAK,gBAAgB,EAAE,KAAK,cAAc,EAAE,KAAK,eAAe,EAAE,KAAK,eAAe,EAAE,KAAK,cAAc,EAAE,KAAK,oBAAoB,EAAE,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAG/O,MAAM,WAAW,aAAa;IAC7B,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;IACvB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,GAAG;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAC;CACtE;AAED,MAAM,WAAW,gBAAgB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IACjC,IAAI,EAAE;QACL,KAAK,EAAE,CAAC,MAAM,EAAE,aAAa,KAAK,OAAO,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC;QAC/E,MAAM,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,OAAO,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC,CAAC;QAClF,UAAU,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,KAAK,OAAO,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC,CAAC;QACtF,YAAY,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;QAClC,QAAQ,EAAE,MAAM;YAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,GAAG,IAAI,CAAC;QACjG,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAChC,IAAI,EAAE,CAAC,SAAS,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,MAAM,EAAE;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;SAAE,KAAK,OAAO,CAAC,mBAAmB,CAAC;YAAE,OAAO,EAAE,OAAO,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC,CAAC;QAChJ,YAAY,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC;YAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;SAAE,CAAC,CAAC,CAAC;QAC9E,yBAAyB,EAAE,CAAC,MAAM,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,eAAe,EAAE,CAAA;SAAE,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAC3G,gBAAgB,EAAE,CAAC,MAAM,EAAE;YAAE,oBAAoB,EAAE,MAAM,CAAA;SAAE,KAAK,OAAO,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC;QAC7G,cAAc,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,mBAAmB,CAAC,oBAAoB,CAAC,CAAC,CAAC;QACvF,MAAM,EAAE,UAAU,CAAC;KACnB,CAAC;IACF,aAAa,EAAE;QACd,IAAI,EAAE,CAAC,SAAS,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;KACnD,CAAC;IACF,MAAM,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;KACnD,CAAC;CACF;AAED,MAAM,WAAW,gBAAiB,SAAQ,sBAAsB;IAC/D,EAAE,EAAE,MAAM,CAAC;IACX,kBAAkB,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC,CAAC;IAC5C,QAAQ,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK;QAClC,SAAS,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC;YAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,GAAG,IAAI,CAAC,CAAC,CAAC;QACrH,WAAW,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC;KAC7D,CAAC;IACF,UAAU,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,uBAAuB,GAAG,SAAS,KAAK,iBAAiB,CAAC;CAC1H;AAED,eAAO,MAAM,UAAU,GAAI,QAAQ,gBAAgB,KAAG,gBAmVrD,CAAC"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwC,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACpF,OAAO,KAAK,EAAE,IAAI,IAAI,QAAQ,EAAiB,MAAM,UAAU,CAAC;AAIhE,OAAO,KAAK,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,WAAW,EAAqB,mBAAmB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC5J,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAClC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,KAAK,SAAS,EAAE,KAAK,aAAa,EAAE,KAAK,cAAc,EAAE,KAAK,gBAAgB,EAAE,KAAK,cAAc,EAAE,KAAK,eAAe,EAAE,KAAK,cAAc,EAAE,KAAK,oBAAoB,EAAE,KAAK,WAAW,EAAE,KAAK,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,KAAK,WAAW,EAAE,KAAK,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAE9T,MAAM,WAAW,aAAa;IAC7B,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;IACvB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,GAAG;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAC;CACtE;AAED,MAAM,WAAW,gBAAgB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;CAClC;AASD,MAAM,WAAW,iBAAiB;IACjC,IAAI,EAAE;QACL,KAAK,EAAE,CAAC,MAAM,EAAE,aAAa,KAAK,OAAO,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC;QAC/E,MAAM,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,OAAO,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC,CAAC;QAClF,UAAU,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,KAAK,OAAO,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC,CAAC;QACtF,IAAI,EAAE,CAAC,MAAM,EAAE,oBAAoB,KAAK,OAAO,CAAC,mBAAmB,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC5F,YAAY,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;QAClC,QAAQ,EAAE,MAAM;YAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,GAAG,IAAI,CAAC;QACjG,UAAU,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAChC,IAAI,EAAE,CAAC,SAAS,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,MAAM,EAAE;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;SAAE,KAAK,OAAO,CAAC,mBAAmB,CAAC;YAAE,OAAO,EAAE,OAAO,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC,CAAC;QAChJ,YAAY,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC;YAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;SAAE,CAAC,CAAC,CAAC;QAC9E,yBAAyB,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,KAAK,kBAAkB,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAC1J,gBAAgB,EAAE,CAAC,MAAM,EAAE;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,KAAK,OAAO,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC;QAChG,cAAc,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,mBAAmB,CAAC,oBAAoB,CAAC,CAAC,CAAC;QACvF,cAAc,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,WAAW,GAAG;YAAE,OAAO,EAAE,OAAO,CAAA;SAAE,CAAC,CAAC,CAAC;QACvF,YAAY,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,qBAAqB,CAAC,CAAC,CAAC;QACxE,MAAM,EAAE,QAAQ,CAAC;KACjB,CAAC;IACF,MAAM,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,CAAC,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;KACnD,CAAC;CACF;AAED,MAAM,WAAW,gBAAiB,SAAQ,sBAAsB;IAC/D,EAAE,EAAE,MAAM,CAAC;IACX,kBAAkB,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC,CAAC;IAC5C,QAAQ,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK;QAClC,SAAS,EAAE,UAAU,CAAC,OAAO,IAAI,CAAC;YAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,GAAG,IAAI,CAAC,CAAC,CAAC;KACrH,CAAC;IACF,UAAU,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,uBAAuB,GAAG,SAAS,KAAK,iBAAiB,CAAC;CAC1H;AAED,eAAO,MAAM,UAAU,GAAI,QAAQ,gBAAgB,KAAG,gBAmSrD,CAAC"}