canary-kit 2.6.2 → 2.7.1

package/INTEGRATION.md

@@ -367,19 +367,122 @@ authorisation:
 
 CANARY tokens rotate on a time-based counter (P4: Replay Resistance). For
 transaction-specific dynamic linking (required by FCA for remote electronic
-payments), construct the session namespace or counter from transaction parameters:
+payments), construct the session namespace or counter from transaction parameters.
+
+#### Full FCA SCA implementation
+
+```typescript
+import { createSession, deriveSeed, generateSeed } from 'canary-kit/session'
+```
+
+**Step 1: Server-side seed derivation (backend, runs once per customer)**
 
 ```typescript
+// The master key lives in an HSM — never in application code
+// deriveSeed uses HMAC-SHA256 with null-byte-separated components
+const customerSeed = deriveSeed(
+  hsmMasterKey,           // Uint8Array from HSM (min 16 bytes)
+  customerId,             // e.g. 'CUST-2026-00491'
+  seedVersion.toString(), // increment to rotate without re-enrolment
+)
+// Deliver customerSeed to the customer's app over TLS during login
+// Store in iOS Keychain / Android KeyStore (possession factor)
+```
+
+**Step 2: Standard call verification (agent side)**
+
+```typescript
+// Agent's desktop app — seed was derived from the same master_key + customer_id
 const session = createSession({
-  secret: seed,
-  namespace: `aviva:payment:${payeeId}:${amountPence}`,
+  secret: customerSeed,
+  namespace: 'aviva',
+  roles: ['caller', 'agent'],
+  myRole: 'agent',
+  preset: 'call',          // 30-second rotation, 1 word, ±1 tolerance
+  theirIdentity: customerId,
+})
+
+// Agent asks: "What's your verification word?"
+// Customer speaks their word from the app
+const result = session.verify(spokenWord)
+
+switch (result.status) {
+  case 'valid':
+    // Customer identity confirmed — two SCA factors satisfied:
+    //   Knowledge: customer knows the seed (derives the correct word)
+    //   Possession: seed stored on their device behind biometrics
+    const agentWord = session.myToken()
+    // Agent reads aloud: "Your confirmation word is: [agentWord]"
+    // Customer verifies on their app — bidirectional authentication
+    break
+
+  case 'duress':
+    // Customer spoke their duress word — they are under coercion
+    showVerified()                        // maintain plausible deniability
+    triggerDuressProtocol(result.identities) // silent security alert
+    break
+
+  case 'invalid':
+    // Word does not match — escalate to manual identity checks
+    escalateToSecurity()
+    break
+}
+```
+
+**Step 3: Transaction-specific dynamic linking (FCA requirement)**
+
+FCA SCA requires authentication codes to be dynamically linked to the specific
+transaction amount and payee for remote electronic payments. Encode transaction
+parameters into the session namespace:
+
+```typescript
+// Payment: £1,250.00 to payee 'ACME-CORP'
+const paymentSession = createSession({
+  secret: customerSeed,
+  namespace: `aviva:payment:ACME-CORP:125000`, // payee + amount in pence
   roles: ['caller', 'agent'],
   myRole: 'agent',
   preset: 'call',
   theirIdentity: customerId,
 })
+
+// This session produces different words from the standard session —
+// the token is cryptographically bound to the transaction parameters.
+// Changing the amount or payee produces a different word.
+const paymentWord = paymentSession.myToken()
+```
+
+**Step 4: Customer-side implementation (mobile app)**
+
+```typescript
+// Customer's app — same seed, same namespace, opposite role
+const customerSession = createSession({
+  secret: customerSeed,       // retrieved from Keychain/KeyStore
+  namespace: 'aviva',
+  roles: ['caller', 'agent'],
+  myRole: 'caller',           // customer is the caller
+  preset: 'call',
+  theirIdentity: 'aviva-agent',
+})
+
+// App displays:
+//   "Your word: [customerSession.myToken()]"     — speak this to the agent
+//   "Expect to hear: [customerSession.theirToken()]" — agent should say this
+//   Countdown bar showing seconds until rotation
 ```
 
+**Replacing SMS OTP with CANARY**
+
+| Property | SMS OTP | CANARY |
+|----------|---------|--------|
+| Factor type | Possession only (SIM) | Knowledge + Possession |
+| Phishing resistance | None (code can be relayed) | High (HMAC-derived, no transmittable code) |
+| Offline capable | No (requires SMS delivery) | Yes (derived locally after initial sync) |
+| Bidirectional | No (institution never proves identity) | Yes (mutual verification) |
+| Coercion resistance | None | Duress word triggers silent alert |
+| SIM-swap vulnerability | Critical | None (seed in device secure storage) |
+| Dynamic linking | Separate mechanism needed | Built into namespace construction |
+
 ### RBI Digital Payment Authentication (India)
 
 Pattern 1 satisfies the RBI's two-factor authentication requirement for digital
@@ -634,6 +737,229 @@ Nostr relays. The vault is a single JSON blob containing all group states,
 encrypted with the user's own keypair, published as a kind 30078 event with
 a `d` tag of `canary:vault`.
 
+## Distributed Deployment Architecture
+
+When deploying CANARY across multiple nodes (multi-region call centres, redundant
+backend services, or clustered enterprise systems), verification state must be
+synchronised without compromising the protocol's deepfake-proof guarantees.
+
+### Architecture overview
+
+```
+┌──────────────┐     ┌──────────────┐     ┌──────────────┐
+│  Node A      │     │  Node B      │     │  Node C      │
+│  (London)    │     │  (Mumbai)    │     │  (Dubai)     │
+│              │     │              │     │              │
+│  GroupState   │◄───►│  GroupState   │◄───►│  GroupState   │
+│  applySyncMsg │     │  applySyncMsg │     │  applySyncMsg │
+│              │     │              │     │              │
+│  Verify ✓    │     │  Verify ✓    │     │  Verify ✓    │
+└──────┬───────┘     └──────┬───────┘     └──────┬───────┘
+       │                    │                    │
+       └────────────────────┼────────────────────┘
+                            │
+                    ┌───────┴───────┐
+                    │  Nostr Relays │
+                    │  (sync layer) │
+                    └───────────────┘
+```
+
+### Key principle: verification is stateless, sync is not
+
+Verification word derivation (`deriveVerificationWord`, `deriveToken`,
+`session.myToken()`) is a pure function of `(seed, counter)`. Any node with the
+seed can derive the correct word independently. No network round-trip needed.
+
+State synchronisation is only required for:
+- **Counter advances** (burn-after-use rotation)
+- **Member changes** (join/leave triggers reseed)
+- **Reseed events** (new seed distribution)
+
+This means nodes can verify callers even during network partitions. Sync is
+an optimisation for counter freshness, not a requirement for verification.
+
+### Conflict resolution via authority invariants
+
+The sync protocol enforces six invariants (I1-I6) that guarantee convergence:
+
+```typescript
+import {
+  applySyncMessage,
+  decodeSyncMessage,
+  decryptEnvelope,
+  deriveGroupKey,
+  type SyncMessage,
+} from 'canary-kit/sync'
+
+// Each node maintains its own GroupState and applies messages identically
+function handleIncomingSync(
+  localState: GroupState,
+  encryptedPayload: string,
+  senderPubkey: string,
+): GroupState {
+  const groupKey = deriveGroupKey(localState.seed)
+  const decrypted = await decryptEnvelope(groupKey, encryptedPayload)
+  const msg = decodeSyncMessage(decrypted)
+  const nowSec = Math.floor(Date.now() / 1000)
+
+  // applySyncMessage enforces all invariants:
+  //   I1: sender must be in admins (for privileged actions)
+  //   I2: opId must not be consumed (replay protection)
+  //   I3: epoch must match local epoch (non-reseed ops)
+  //   I4: reseed epoch must be local.epoch + 1
+  //   I5: snapshot epoch must be >= local epoch
+  //   I6: stale epoch messages are dropped
+  return applySyncMessage(localState, msg, nowSec, senderPubkey)
+}
+```
+
+### Eventual consistency model
+
+CANARY's sync protocol guarantees **eventual consistency** across nodes:
+
+| Scenario | Resolution |
+|----------|------------|
+| Two nodes advance counter simultaneously | Monotonic rule: `effective(incoming) > effective(local)` — highest wins, lower is no-op |
+| Node misses a counter advance | Next advance carries the latest counter; stale node catches up |
+| Node misses a reseed | Stale node rejects subsequent messages (epoch mismatch I3); admin must re-invite |
+| Network partition heals | Nodes exchange messages; invariant checks accept valid, reject stale |
+| Duplicate message delivery | opId replay guard (I2) silently drops duplicates |
+| Clock skew between nodes | ±60 second future skew tolerance; counter derived from `floor(time / interval)` absorbs drift |
+
+### Multi-node sync implementation
+
+```typescript
+import {
+  encodeSyncMessage,
+  applySyncMessage,
+  applySyncMessageWithResult,
+  encryptEnvelope,
+  decryptEnvelope,
+  deriveGroupKey,
+  STORED_MESSAGE_TYPES,
+} from 'canary-kit/sync'
+import { buildSignalEvent, buildStoredSignalEvent } from 'canary-kit/nostr'
+
+// Publish a state change to all nodes via Nostr relay
+async function broadcastSync(
+  group: GroupState,
+  msg: SyncMessage,
+  signer: EventSigner,
+): Promise<void> {
+  const groupKey = deriveGroupKey(group.seed)
+  const encrypted = await encryptEnvelope(groupKey, encodeSyncMessage(msg))
+
+  // Stored messages (member changes, reseeds) use kind 30078
+  // so offline nodes receive them when they reconnect.
+  // Ephemeral messages (beacons, liveness) use kind 20078.
+  const event = STORED_MESSAGE_TYPES.has(msg.type)
+    ? buildStoredSignalEvent({
+        groupId: group.name,
+        signalType: msg.type,
+        encryptedContent: encrypted,
+      })
+    : buildSignalEvent({
+        groupId: group.name,
+        signalType: msg.type,
+        encryptedContent: encrypted,
+      })
+
+  const signed = await signer.sign({ ...event, pubkey: signer.pubkey })
+  await relay.publish(signed)
+}
+
+// Receive and apply sync messages from other nodes
+function onSyncMessage(
+  localState: GroupState,
+  encryptedPayload: string,
+  senderPubkey: string,
+): { state: GroupState; applied: boolean } {
+  const groupKey = deriveGroupKey(localState.seed)
+  const decrypted = await decryptEnvelope(groupKey, encryptedPayload)
+  const msg = decodeSyncMessage(decrypted)
+  const nowSec = Math.floor(Date.now() / 1000)
+
+  // applySyncMessageWithResult tells you whether the message was applied
+  // or silently rejected by invariant checks — useful for logging
+  const result = applySyncMessageWithResult(localState, msg, nowSec, senderPubkey)
+
+  if (!result.applied) {
+    // Message rejected — log for debugging (never log seed material)
+    auditLog.warn('sync_rejected', {
+      type: msg.type,
+      epoch: (msg as { epoch?: number }).epoch,
+      localEpoch: localState.epoch,
+      sender: senderPubkey,
+    })
+  }
+
+  return result
+}
+```
+
+### Handling network partitions
+
+During a partition, each node continues to derive and verify words locally.
+When the partition heals:
+
+1. **Counter advances** — the monotonic rule resolves ordering automatically.
+   Only the highest effective counter is kept; lower values are no-ops.
+
+2. **Member changes during partition** — if an admin added/removed members while
+   a node was partitioned, the node will reject post-reseed messages (epoch
+   mismatch). The admin must send a `state-snapshot` to catch up partitioned
+   nodes within the same epoch, or re-invite for cross-epoch recovery.
+
+3. **Verification during partition** — works normally. Words derive from
+   `(seed, counter)` which both sides share. The only risk is counter drift
+   if one side burned words (burn-after-use) while the other didn't. The
+   tolerance window (`±tolerance` counter values) absorbs small drift.
+
+### Error handling
+
+```typescript
+import { decodeSyncMessage } from 'canary-kit/sync'
+
+// decodeSyncMessage validates all fields and rejects malformed messages
+try {
+  const msg = decodeSyncMessage(payload)
+} catch (err) {
+  // Common rejection reasons:
+  //   'Unsupported protocol version' — sender is on a different protocol version
+  //   'Invalid sync message type'    — unknown message type (forward compatibility)
+  //   'not valid JSON'               — corrupted or tampered payload
+  // All are safe to log and discard
+}
+
+// applySyncMessage returns unchanged state on rejection (fail-closed)
+// Use applySyncMessageWithResult to distinguish applied from rejected
+const { state, applied } = applySyncMessageWithResult(group, msg, nowSec, sender)
+if (!applied) {
+  // Invariant violation — message is either:
+  //   - From a non-admin (I1)
+  //   - Replayed opId (I2)
+  //   - Wrong epoch (I3/I4/I6)
+  //   - Stale counter (monotonic check)
+  // Safe to discard. Do not retry.
+}
+```
+
+### Deepfake-proof guarantees in distributed deployments
+
+The distributed architecture preserves all CANARY security properties:
+
+| Property | How it's preserved across nodes |
+|----------|-------------------------------|
+| P1: Token Unpredictability | Each node derives tokens from the same `(seed, counter)` — pure HMAC-SHA256 |
+| P2: Duress Indistinguishability | Duress derivation is local; duress alerts propagate via encrypted sync |
+| P4: Replay Resistance | Counter monotonicity enforced by `applySyncMessage`; opId deduplication prevents replay |
+| P5: Coercion Resistance | Duress signals broadcast to all nodes via sync; all nodes alert security teams |
+| P6: Liveness Guarantee | Liveness heartbeats are fire-and-forget; freshness gate (300s) prevents stale replay |
+| P8: Timing Safety | Constant-time string comparison (`timingSafeStringEqual`) on every node |
+
+The sync layer is a consistency optimisation. The security properties are
+properties of the cryptographic derivation, not the transport.
+
 ## Licence
 
 MIT — same as canary-kit.

package/README.md

@@ -1,5 +1,7 @@
 # canary-kit
 
+**Nostr:** [`npub1mgvlrnf5hm9yf0n5mf9nqmvarhvxkc6remu5ec3vf8r0txqkuk7su0e7q2`](https://njump.me/npub1mgvlrnf5hm9yf0n5mf9nqmvarhvxkc6remu5ec3vf8r0txqkuk7su0e7q2)
+
 > Deepfake-proof identity verification. Open protocol, minimal dependencies.
 
 [![npm](https://img.shields.io/npm/v/canary-kit)](https://www.npmjs.com/package/canary-kit)
@@ -148,7 +150,7 @@ import { createSession } from 'canary-kit/session'    // just sessions
 import { deriveToken } from 'canary-kit/token'         // just derivation
 import { encodeAsWords } from 'canary-kit/encoding'    // just encoding
 import { WORDLIST } from 'canary-kit/wordlist'          // just the wordlist
-import { buildGroupEvent } from 'canary-kit/nostr'     // just Nostr
+import { buildGroupStateEvent } from 'canary-kit/nostr' // just Nostr
 import { encryptBeacon } from 'canary-kit/beacon'      // just beacons
 import { applySyncMessage } from 'canary-kit/sync'     // just sync protocol
 ```
@@ -172,7 +174,7 @@ See [SECURITY.md](SECURITY.md) for vulnerability disclosure and known limitation
 | `canary-kit/token` | `deriveToken`, `verifyToken`, `deriveDuressToken`, `deriveLivenessToken` |
 | `canary-kit/encoding` | `encodeAsWords`, `encodeAsPin`, `encodeAsHex` |
 | `canary-kit` | `createGroup`, `getCurrentWord`, `verifyWord`, `addMember`, `reseed` |
-| `canary-kit/nostr` | `buildGroupEvent`, `buildBeaconEvent`, + 4 more builders |
+| `canary-kit/nostr` | `buildGroupStateEvent`, `buildSignalEvent`, `buildStoredSignalEvent`, `buildRumourEvent` |
 | `canary-kit/beacon` | `encryptBeacon`, `decryptBeacon`, `buildDuressAlert` |
 | `canary-kit/sync` | `applySyncMessage`, `encodeSyncMessage`, `deriveGroupKey` |
 | `canary-kit/wordlist` | `WORDLIST`, `getWord`, `indexOf` |
@@ -185,14 +187,11 @@ The full protocol specification is in [CANARY.md](CANARY.md). The Nostr binding
 
 | Event | Kind | Type |
 |---|---|---|
-| Group announcement | `38800` | Replaceable |
-| Seed distribution | `28800` | Ephemeral |
-| Member update | `38801` | Replaceable |
-| Reseed | `28801` | Ephemeral |
-| Word used | `28802` | Ephemeral |
-| Encrypted location beacon | `20800` | Ephemeral |
+| Group state / stored signals | `30078` | Parameterised replaceable |
+| Real-time signals | `20078` | Ephemeral |
+| Seed distribution / member updates | `14` → `1059` | NIP-17 gift wrap (kind 14 rumour sealed + wrapped) |
 
-Content is encrypted with **NIP-44**. Events may carry a **NIP-40** `expiration` tag.
+Content is encrypted with **NIP-44**. Group state events use the `ssg/` d-tag namespace. Seed distribution and member updates use **NIP-17** gift wrapping (kind 14 rumour → kind 13 seal → kind 1059 gift wrap). Events may carry a **NIP-40** `expiration` tag.
 
 ## For AI Assistants
 
@@ -208,6 +207,23 @@ If you find canary-kit useful, consider sending a tip:
 - **Lightning:** `thedonkey@strike.me`
 - **Nostr zaps:** `npub1mgvlrnf5hm9yf0n5mf9nqmvarhvxkc6remu5ec3vf8r0txqkuk7su0e7q2`
 
+## Part of the ForgeSworn Toolkit
+
+[ForgeSworn](https://forgesworn.dev) builds open-source cryptographic identity, payments, and coordination tools for Nostr.
+
+| Library | What it does |
+|---------|-------------|
+| [nsec-tree](https://github.com/forgesworn/nsec-tree) | Deterministic sub-identity derivation |
+| [ring-sig](https://github.com/forgesworn/ring-sig) | SAG/LSAG ring signatures on secp256k1 |
+| [range-proof](https://github.com/forgesworn/range-proof) | Pedersen commitment range proofs |
+| [canary-kit](https://github.com/forgesworn/canary-kit) | Coercion-resistant spoken verification |
+| [spoken-token](https://github.com/forgesworn/spoken-token) | Human-speakable verification tokens |
+| [toll-booth](https://github.com/forgesworn/toll-booth) | L402 payment middleware |
+| [geohash-kit](https://github.com/forgesworn/geohash-kit) | Geohash toolkit with polygon coverage |
+| [nostr-attestations](https://github.com/forgesworn/nostr-attestations) | NIP-VA verifiable attestations |
+| [dominion](https://github.com/forgesworn/dominion) | Epoch-based encrypted access control |
+| [nostr-veil](https://github.com/forgesworn/nostr-veil) | Privacy-preserving Web of Trust |
+
 ## Licence
 
 MIT

package/SECURITY.md

@@ -4,7 +4,8 @@
 
 | Version | Supported |
 |---------|-----------|
-| 1.x.x   | Yes       |
+| 2.x.x   | Yes       |
+| 1.x.x   | No        |
 | < 1.0.0 | No        |
 
 ## Reporting a Vulnerability

package/dist/beacon.d.ts

@@ -27,7 +27,7 @@ export declare function deriveBeaconKey(seedHex: string): Uint8Array;
  * @throws {Error} If seedHex is not a valid 64-character hex string.
  */
 export declare function deriveDuressKey(seedHex: string): Uint8Array;
-/** Decrypted content of a kind 20800 location beacon event. */
+/** Decrypted content of an encrypted location beacon (kind 20078 signal). */
 export interface BeaconPayload {
     geohash: string;
     precision: number;
@@ -56,7 +56,7 @@ export declare function encryptBeacon(key: Uint8Array, geohash: string, precisio
 export declare function decryptBeacon(key: Uint8Array, content: string): Promise<BeaconPayload>;
 /** Duress propagation scope. */
 export type DuressScope = 'group' | 'persona' | 'master';
-/** Decrypted content of a duress alert beacon (kind 20800, AES-GCM encrypted). */
+/** Decrypted content of a duress alert beacon (kind 20078 signal, AES-GCM encrypted). */
 export interface DuressAlert {
     type: 'duress';
     member: string;

package/dist/beacon.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"beacon.d.ts","sourceRoot":"","sources":["../src/beacon.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AA0BH;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAG3D;AAED;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAG3D;AA2CD,+DAA+D;AAC/D,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;;;;;;;GASG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,CAAC,CAgBjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,aAAa,CAAC,CAmBxB;AAMD,gCAAgC;AAChC,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,SAAS,GAAG,QAAQ,CAAA;AAExD,kFAAkF;AAClF,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,QAAQ,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,EAAE,QAAQ,GAAG,UAAU,GAAG,MAAM,CAAA;IAC9C,SAAS,EAAE,MAAM,CAAA;IACjB,oGAAoG;IACpG,KAAK,EAAE,WAAW,CAAA;IAClB,qGAAqG;IACrG,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,0EAA0E;AAC1E,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,EAAE,QAAQ,GAAG,UAAU,CAAA;CACtC;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAC9B,YAAY,EAAE,MAAM,EACpB,QAAQ,EAAE,cAAc,GAAG,IAAI,EAC/B,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,WAAW,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GACxD,WAAW,CAmCb;AAED;;;;;;;;GAQG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,UAAU,EACf,KAAK,EAAE,WAAW,GACjB,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CA2CtB"}
+{"version":3,"file":"beacon.d.ts","sourceRoot":"","sources":["../src/beacon.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AA0BH;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAG3D;AAED;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAG3D;AA2CD,6EAA6E;AAC7E,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;;;;;;;GASG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,CAAC,CAgBjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,aAAa,CAAC,CAmBxB;AAMD,gCAAgC;AAChC,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,SAAS,GAAG,QAAQ,CAAA;AAExD,yFAAyF;AACzF,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,QAAQ,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,EAAE,QAAQ,GAAG,UAAU,GAAG,MAAM,CAAA;IAC9C,SAAS,EAAE,MAAM,CAAA;IACjB,oGAAoG;IACpG,KAAK,EAAE,WAAW,CAAA;IAClB,qGAAqG;IACrG,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,0EAA0E;AAC1E,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,cAAc,EAAE,QAAQ,GAAG,UAAU,CAAA;CACtC;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAC9B,YAAY,EAAE,MAAM,EACpB,QAAQ,EAAE,cAAc,GAAG,IAAI,EAC/B,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,WAAW,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GACxD,WAAW,CAmCb;AAED;;;;;;;;GAQG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,UAAU,EACf,KAAK,EAAE,WAAW,GACjB,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,UAAU,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CA2CtB"}