fangorn-sdk 0.0.0

package/lib/crypto/constants.d.ts

@@ -0,0 +1,5 @@
+//#region src/crypto/constants.d.ts
+declare const TREE_DEPTH = 8;
+//#endregion
+export { TREE_DEPTH };
+//# sourceMappingURL=constants.d.ts.map

package/lib/crypto/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","names":[],"sources":["../../src/crypto/constants.ts"],"sourcesContent":[],"mappings":";cAEa,UAAA"}

package/lib/crypto/constants.js

@@ -0,0 +1,6 @@
+//#region src/crypto/constants.ts
+const TREE_DEPTH = 8;
+
+//#endregion
+export { TREE_DEPTH };
+//# sourceMappingURL=constants.js.map

package/lib/crypto/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","names":[],"sources":["../../src/crypto/constants.ts"],"sourcesContent":["// constants\n\nexport const TREE_DEPTH = 8;\n"],"mappings":";AAEA,MAAa,aAAa"}

package/lib/crypto/encryption.d.ts

@@ -0,0 +1,11 @@
+import { EncryptedData } from "../types/types.js";
+
+//#region src/crypto/encryption.d.ts
+declare function encryptData(data: string | Uint8Array): Promise<{
+  encryptedData: EncryptedData;
+  keyMaterial: Uint8Array<ArrayBuffer>;
+}>;
+declare function decryptData(encryptedData: EncryptedData, keyMaterial: Uint8Array<ArrayBuffer>): Promise<Uint8Array>;
+//#endregion
+export { decryptData, encryptData };
+//# sourceMappingURL=encryption.d.ts.map

package/lib/crypto/encryption.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encryption.d.ts","names":[],"sources":["../../src/crypto/encryption.ts"],"sourcesContent":[],"mappings":";;;iBAGsB,WAAA,gBAA2B,aAAa;iBAC9C;EADM,WAAA,EAER,UAFmB,CAER,WAFQ,CAAA;CAAgB,CAAA;AACjC,iBA6CM,WAAA,CA7CN,aAAA,EA8CA,aA9CA,EAAA,WAAA,EA+CF,UA/CE,CA+CS,WA/CT,CAAA,CAAA,EAgDb,OAhDa,CAgDL,UAhDK,CAAA"}

package/lib/crypto/encryption.js

@@ -0,0 +1,52 @@
+import { getRandomValues, getSubtleCrypto } from "./rand.js";
+
+//#region src/crypto/encryption.ts
+async function encryptData(data) {
+	const subtle = getSubtleCrypto();
+	const salt = getRandomValues(new Uint8Array(16));
+	const iv = getRandomValues(new Uint8Array(12));
+	const keyMaterial = getRandomValues(new Uint8Array(32));
+	const key = await subtle.importKey("raw", keyMaterial, { name: "AES-GCM" }, false, ["encrypt"]);
+	const encodedData = typeof data === "string" ? new TextEncoder().encode(data) : data;
+	const encryptedContent = await subtle.encrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: 128
+	}, key, encodedData);
+	const ciphertext = encryptedContent.slice(0, encryptedContent.byteLength - 16);
+	const authTag = encryptedContent.slice(encryptedContent.byteLength - 16);
+	return {
+		encryptedData: {
+			ciphertext: new Uint8Array(ciphertext),
+			iv,
+			authTag: new Uint8Array(authTag),
+			salt
+		},
+		keyMaterial
+	};
+}
+async function decryptData(encryptedData, keyMaterial) {
+	const subtle = getSubtleCrypto();
+	const ciphertext = toUint8Array(encryptedData.ciphertext);
+	const iv = toUint8Array(encryptedData.iv);
+	const authTag = toUint8Array(encryptedData.authTag);
+	const key = await subtle.importKey("raw", keyMaterial, { name: "AES-GCM" }, false, ["decrypt"]);
+	const dataWithAuthTag = new Uint8Array(ciphertext.length + authTag.length);
+	dataWithAuthTag.set(ciphertext, 0);
+	dataWithAuthTag.set(authTag, ciphertext.length);
+	const decryptedContent = await subtle.decrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: 128
+	}, key, dataWithAuthTag);
+	return new Uint8Array(decryptedContent);
+}
+function toUint8Array(data) {
+	if (data instanceof Uint8Array) return data;
+	if (Array.isArray(data)) return new Uint8Array(data);
+	return new Uint8Array(Object.values(data));
+}
+
+//#endregion
+export { decryptData, encryptData };
+//# sourceMappingURL=encryption.js.map

package/lib/crypto/encryption.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"encryption.js","names":[],"sources":["../../src/crypto/encryption.ts"],"sourcesContent":["import { EncryptedData } from \"../types/types\";\nimport { getSubtleCrypto, getRandomValues } from \"./rand\";\n\nexport async function encryptData(data: string | Uint8Array): Promise<{\n\tencryptedData: EncryptedData;\n\tkeyMaterial: Uint8Array<ArrayBuffer>;\n}> {\n\tconst subtle = getSubtleCrypto();\n\tconst salt = getRandomValues(new Uint8Array(16));\n\tconst iv = getRandomValues(new Uint8Array(12));\n\tconst keyMaterial = getRandomValues(new Uint8Array(32));\n\tconst key = await subtle.importKey(\n\t\t\"raw\",\n\t\tkeyMaterial,\n\t\t{ name: \"AES-GCM\" },\n\t\tfalse,\n\t\t[\"encrypt\"],\n\t);\n\n\tconst encodedData =\n\t\ttypeof data === \"string\" ? new TextEncoder().encode(data) : data;\n\n\tconst encryptedContent = await subtle.encrypt(\n\t\t{\n\t\t\tname: \"AES-GCM\",\n\t\t\tiv,\n\t\t\ttagLength: 128,\n\t\t},\n\t\tkey,\n\t\tencodedData as Uint8Array<ArrayBuffer>,\n\t);\n\n\tconst ciphertext = encryptedContent.slice(\n\t\t0,\n\t\tencryptedContent.byteLength - 16,\n\t);\n\tconst authTag = encryptedContent.slice(encryptedContent.byteLength - 16);\n\n\treturn {\n\t\tencryptedData: {\n\t\t\tciphertext: new Uint8Array(ciphertext) as Uint8Array<ArrayBuffer>,\n\t\t\tiv,\n\t\t\tauthTag: new Uint8Array(authTag) as Uint8Array<ArrayBuffer>,\n\t\t\tsalt,\n\t\t},\n\t\tkeyMaterial,\n\t};\n}\n\nexport async function decryptData(\n\tencryptedData: EncryptedData,\n\tkeyMaterial: Uint8Array<ArrayBuffer>,\n): Promise<Uint8Array> {\n\tconst subtle = getSubtleCrypto();\n\n\t// Ensure these are proper Uint8Arrays (may have been serialized to JSON)\n\tconst ciphertext = toUint8Array(encryptedData.ciphertext);\n\tconst iv = toUint8Array(encryptedData.iv);\n\tconst authTag = toUint8Array(encryptedData.authTag);\n\n\tconst key = await subtle.importKey(\n\t\t\"raw\",\n\t\tkeyMaterial,\n\t\t{ name: \"AES-GCM\" },\n\t\tfalse,\n\t\t[\"decrypt\"],\n\t);\n\n\tconst dataWithAuthTag = new Uint8Array(ciphertext.length + authTag.length);\n\tdataWithAuthTag.set(ciphertext, 0);\n\tdataWithAuthTag.set(authTag, ciphertext.length);\n\n\tconst decryptedContent = await subtle.decrypt(\n\t\t{ name: \"AES-GCM\", iv, tagLength: 128 },\n\t\tkey,\n\t\tdataWithAuthTag as Uint8Array<ArrayBuffer>,\n\t);\n\n\treturn new Uint8Array(decryptedContent);\n}\n\nfunction toUint8Array(\n\tdata: Uint8Array | Record<string, number> | number[],\n): Uint8Array<ArrayBuffer> {\n\tif (data instanceof Uint8Array) {\n\t\treturn data as Uint8Array<ArrayBuffer>;\n\t}\n\tif (Array.isArray(data)) {\n\t\treturn new Uint8Array(data) as Uint8Array<ArrayBuffer>;\n\t}\n\treturn new Uint8Array(Object.values(data)) as Uint8Array<ArrayBuffer>;\n}\n"],"mappings":";;;AAGA,eAAsB,YAAY,MAG/B;CACF,MAAM,SAAS,iBAAiB;CAChC,MAAM,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC;CAChD,MAAM,KAAK,gBAAgB,IAAI,WAAW,GAAG,CAAC;CAC9C,MAAM,cAAc,gBAAgB,IAAI,WAAW,GAAG,CAAC;CACvD,MAAM,MAAM,MAAM,OAAO,UACxB,OACA,aACA,EAAE,MAAM,WAAW,EACnB,OACA,CAAC,UAAU,CACX;CAED,MAAM,cACL,OAAO,SAAS,WAAW,IAAI,aAAa,CAAC,OAAO,KAAK,GAAG;CAE7D,MAAM,mBAAmB,MAAM,OAAO,QACrC;EACC,MAAM;EACN;EACA,WAAW;EACX,EACD,KACA,YACA;CAED,MAAM,aAAa,iBAAiB,MACnC,GACA,iBAAiB,aAAa,GAC9B;CACD,MAAM,UAAU,iBAAiB,MAAM,iBAAiB,aAAa,GAAG;AAExE,QAAO;EACN,eAAe;GACd,YAAY,IAAI,WAAW,WAAW;GACtC;GACA,SAAS,IAAI,WAAW,QAAQ;GAChC;GACA;EACD;EACA;;AAGF,eAAsB,YACrB,eACA,aACsB;CACtB,MAAM,SAAS,iBAAiB;CAGhC,MAAM,aAAa,aAAa,cAAc,WAAW;CACzD,MAAM,KAAK,aAAa,cAAc,GAAG;CACzC,MAAM,UAAU,aAAa,cAAc,QAAQ;CAEnD,MAAM,MAAM,MAAM,OAAO,UACxB,OACA,aACA,EAAE,MAAM,WAAW,EACnB,OACA,CAAC,UAAU,CACX;CAED,MAAM,kBAAkB,IAAI,WAAW,WAAW,SAAS,QAAQ,OAAO;AAC1E,iBAAgB,IAAI,YAAY,EAAE;AAClC,iBAAgB,IAAI,SAAS,WAAW,OAAO;CAE/C,MAAM,mBAAmB,MAAM,OAAO,QACrC;EAAE,MAAM;EAAW;EAAI,WAAW;EAAK,EACvC,KACA,gBACA;AAED,QAAO,IAAI,WAAW,iBAAiB;;AAGxC,SAAS,aACR,MAC0B;AAC1B,KAAI,gBAAgB,WACnB,QAAO;AAER,KAAI,MAAM,QAAQ,KAAK,CACtB,QAAO,IAAI,WAAW,KAAK;AAE5B,QAAO,IAAI,WAAW,OAAO,OAAO,KAAK,CAAC"}

package/lib/crypto/merkle.d.ts

@@ -0,0 +1,15 @@
+//#region src/crypto/merkle.d.ts
+declare function hashCidToField(cid: string): bigint;
+declare function buildTreeFromLeaves(leaves: bigint[]): Promise<{
+  root: bigint;
+  layers: bigint[][];
+}>;
+declare function getProof(layers: bigint[][], index: number): {
+  path: bigint[];
+  indices: number[];
+};
+declare function fieldToHex(field: bigint): `0x${string}`;
+declare function hexToField(hex: string): bigint;
+//#endregion
+export { buildTreeFromLeaves, fieldToHex, getProof, hashCidToField, hexToField };
+//# sourceMappingURL=merkle.d.ts.map

package/lib/crypto/merkle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"merkle.d.ts","names":[],"sources":["../../src/crypto/merkle.ts"],"sourcesContent":[],"mappings":";iBAGgB,cAAA;AAAA,iBAUM,mBAAA,CAVQ,MAAA,EAAA,MAAA,EAAA,CAAA,EAU+B,OAV/B,CAAA;EAUR,IAAA,EAAA,MAAA;EA6BN,MAAA,EAAA,MAAQ,EAAA,EAAA;AAkBxB,CAAA,CAAA;AAIgB,iBAtBA,QAAA,CAsBU,MAAA,EAAA,MAAA,EAAA,EAAA,EAAA,KAAA,EAAA,MAAA,CAAA,EAAA;;;;iBAJV,UAAA;iBAIA,UAAA"}

package/lib/crypto/merkle.js

@@ -0,0 +1,56 @@
+import { poseidon2Hash } from "../utils/index.js";
+import { TREE_DEPTH } from "./constants.js";
+
+//#region src/crypto/merkle.ts
+function hashCidToField(cid) {
+	const bytes = new TextEncoder().encode(cid);
+	let value = 0n;
+	for (let i = 0; i < Math.min(bytes.length, 31); i++) value = value << 8n | BigInt(bytes[i]);
+	return value;
+}
+async function buildTreeFromLeaves(leaves) {
+	const size = 2 ** TREE_DEPTH;
+	const paddedLeaves = [...leaves];
+	while (paddedLeaves.length < size) paddedLeaves.push(0n);
+	const layers = [paddedLeaves];
+	let current = paddedLeaves;
+	while (current.length > 1) {
+		const next = [];
+		for (let i = 0; i < current.length; i += 2) {
+			const hash = await poseidon2Hash(current[i], current[i + 1]);
+			next.push(hash);
+		}
+		layers.push(next);
+		current = next;
+	}
+	return {
+		root: layers[layers.length - 1][0],
+		layers
+	};
+}
+function getProof(layers, index) {
+	const path = [];
+	const indices = [];
+	for (let i = 0; i < TREE_DEPTH; i++) {
+		const isRight = index % 2 === 1;
+		const siblingIndex = isRight ? index - 1 : index + 1;
+		path.push(layers[i][siblingIndex] ?? 0n);
+		indices.push(isRight ? 1 : 0);
+		index = Math.floor(index / 2);
+	}
+	return {
+		path,
+		indices
+	};
+}
+function fieldToHex(field) {
+	return `0x${field.toString(16).padStart(64, "0")}`;
+}
+function hexToField(hex) {
+	const cleanHex = hex.startsWith("0x") ? hex : `0x${hex}`;
+	return BigInt(cleanHex);
+}
+
+//#endregion
+export { buildTreeFromLeaves, fieldToHex, getProof, hashCidToField, hexToField };
+//# sourceMappingURL=merkle.js.map

package/lib/crypto/merkle.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"merkle.js","names":["layers: bigint[][]","next: bigint[]","path: bigint[]","indices: number[]"],"sources":["../../src/crypto/merkle.ts"],"sourcesContent":["import { poseidon2Hash } from \"../utils/index.js\";\nimport { TREE_DEPTH } from \"./constants.js\";\n\nexport function hashCidToField(cid: string): bigint {\n\t// Convert CID to field element\n\tconst bytes = new TextEncoder().encode(cid);\n\tlet value = 0n;\n\tfor (let i = 0; i < Math.min(bytes.length, 31); i++) {\n\t\tvalue = (value << 8n) | BigInt(bytes[i]);\n\t}\n\treturn value;\n}\n\nexport async function buildTreeFromLeaves(leaves: bigint[]): Promise<{\n\troot: bigint;\n\tlayers: bigint[][];\n}> {\n\tconst size = 2 ** TREE_DEPTH;\n\tconst paddedLeaves = [...leaves];\n\twhile (paddedLeaves.length < size) {\n\t\tpaddedLeaves.push(0n);\n\t}\n\n\tconst layers: bigint[][] = [paddedLeaves];\n\tlet current = paddedLeaves;\n\n\twhile (current.length > 1) {\n\t\tconst next: bigint[] = [];\n\t\tfor (let i = 0; i < current.length; i += 2) {\n\t\t\tconst hash = await poseidon2Hash(current[i], current[i + 1]);\n\t\t\tnext.push(hash);\n\t\t}\n\t\tlayers.push(next);\n\t\tcurrent = next;\n\t}\n\n\treturn {\n\t\troot: layers[layers.length - 1][0],\n\t\tlayers,\n\t};\n}\n\nexport function getProof(\n\tlayers: bigint[][],\n\tindex: number,\n): { path: bigint[]; indices: number[] } {\n\tconst path: bigint[] = [];\n\tconst indices: number[] = [];\n\n\tfor (let i = 0; i < TREE_DEPTH; i++) {\n\t\tconst isRight = index % 2 === 1;\n\t\tconst siblingIndex = isRight ? index - 1 : index + 1;\n\t\tpath.push(layers[i][siblingIndex] ?? 0n);\n\t\tindices.push(isRight ? 1 : 0);\n\t\tindex = Math.floor(index / 2);\n\t}\n\n\treturn { path, indices };\n}\n\nexport function fieldToHex(field: bigint): `0x${string}` {\n\treturn `0x${field.toString(16).padStart(64, \"0\")}` as `0x${string}`;\n}\n\nexport function hexToField(hex: string): bigint {\n\tconst cleanHex = hex.startsWith(\"0x\") ? hex : `0x${hex}`;\n\treturn BigInt(cleanHex);\n}\n"],"mappings":";;;;AAGA,SAAgB,eAAe,KAAqB;CAEnD,MAAM,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI;CAC3C,IAAI,QAAQ;AACZ,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IAAI,MAAM,QAAQ,GAAG,EAAE,IAC/C,SAAS,SAAS,KAAM,OAAO,MAAM,GAAG;AAEzC,QAAO;;AAGR,eAAsB,oBAAoB,QAGvC;CACF,MAAM,OAAO,KAAK;CAClB,MAAM,eAAe,CAAC,GAAG,OAAO;AAChC,QAAO,aAAa,SAAS,KAC5B,cAAa,KAAK,GAAG;CAGtB,MAAMA,SAAqB,CAAC,aAAa;CACzC,IAAI,UAAU;AAEd,QAAO,QAAQ,SAAS,GAAG;EAC1B,MAAMC,OAAiB,EAAE;AACzB,OAAK,IAAI,IAAI,GAAG,IAAI,QAAQ,QAAQ,KAAK,GAAG;GAC3C,MAAM,OAAO,MAAM,cAAc,QAAQ,IAAI,QAAQ,IAAI,GAAG;AAC5D,QAAK,KAAK,KAAK;;AAEhB,SAAO,KAAK,KAAK;AACjB,YAAU;;AAGX,QAAO;EACN,MAAM,OAAO,OAAO,SAAS,GAAG;EAChC;EACA;;AAGF,SAAgB,SACf,QACA,OACwC;CACxC,MAAMC,OAAiB,EAAE;CACzB,MAAMC,UAAoB,EAAE;AAE5B,MAAK,IAAI,IAAI,GAAG,IAAI,YAAY,KAAK;EACpC,MAAM,UAAU,QAAQ,MAAM;EAC9B,MAAM,eAAe,UAAU,QAAQ,IAAI,QAAQ;AACnD,OAAK,KAAK,OAAO,GAAG,iBAAiB,GAAG;AACxC,UAAQ,KAAK,UAAU,IAAI,EAAE;AAC7B,UAAQ,KAAK,MAAM,QAAQ,EAAE;;AAG9B,QAAO;EAAE;EAAM;EAAS;;AAGzB,SAAgB,WAAW,OAA8B;AACxD,QAAO,KAAK,MAAM,SAAS,GAAG,CAAC,SAAS,IAAI,IAAI;;AAGjD,SAAgB,WAAW,KAAqB;CAC/C,MAAM,WAAW,IAAI,WAAW,KAAK,GAAG,MAAM,KAAK;AACnD,QAAO,OAAO,SAAS"}

package/lib/crypto/proof.d.ts

@@ -0,0 +1,12 @@
+import { VaultEntry, VaultManifest } from "../types/types.js";
+
+//#region src/crypto/proof.d.ts
+declare function buildCircuitInputs(password: string, entry: VaultEntry, userAddress: `0x${string}`, vaultId: `0x${string}`, manifest: VaultManifest): Promise<{
+  inputs: Record<string, any>;
+  nullifier: `0x${string}`;
+  cidCommitment: `0x${string}`;
+}>;
+declare function computeTagCommitment(vaultId: string, tag: string): Promise<bigint>;
+//#endregion
+export { buildCircuitInputs, computeTagCommitment };
+//# sourceMappingURL=proof.d.ts.map

package/lib/crypto/proof.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"proof.d.ts","names":[],"sources":["../../src/crypto/proof.ts"],"sourcesContent":[],"mappings":";;;iBAQsB,kBAAA,0BAEd,0EAGG,gBACR;UACM;EAPa,SAAA,EAAA,KAAA,MAAkB,EAAA;EAEhC,aAAA,EAAA,KAAA,MAAA,EAAA;CAGG,CAAA;AAEF,iBAmFa,oBAAA,CAnFb,OAAA,EAAA,MAAA,EAAA,GAAA,EAAA,MAAA,CAAA,EAsFN,OAtFM,CAAA,MAAA,CAAA"}

package/lib/crypto/proof.js

@@ -0,0 +1,69 @@
+import { poseidon2Hash } from "../utils/index.js";
+import { TREE_DEPTH } from "./constants.js";
+import { fieldToHex, getProof, hexToField } from "./merkle.js";
+import { keccak256 } from "viem";
+import { blake3 } from "@noble/hashes/blake3.js";
+
+//#region src/crypto/proof.ts
+async function buildCircuitInputs(password, entry, userAddress, vaultId, manifest) {
+	const { path, indices } = getProof(manifest.tree.map((layer) => layer.map(hexToField)), Number(entry.index));
+	const cidCommitment = hexToField(entry.leaf);
+	let current = cidCommitment;
+	for (let i = 0; i < TREE_DEPTH; i++) {
+		const sibling = path[i];
+		const [left, right] = indices[i] === 1 ? [sibling, current] : [current, sibling];
+		current = await poseidon2Hash(left, right);
+	}
+	const expectedRoot = hexToField(manifest.poseidon_root);
+	if (current !== expectedRoot) throw new Error(`Merkle root mismatch: computed ${current}, expected ${expectedRoot}`);
+	const passwordBytes = new Uint8Array(32);
+	passwordBytes.set(new TextEncoder().encode(password).slice(0, 32));
+	const expectedHash = keccak256(passwordBytes);
+	const userAddressBytes = new Uint8Array(32);
+	const addrBytes = Buffer.from(userAddress.slice(2), "hex");
+	userAddressBytes.set(addrBytes, 32 - addrBytes.length);
+	const vaultIdBytes = new Uint8Array(32);
+	const vaultBytes = Buffer.from(vaultId.slice(2), "hex");
+	vaultIdBytes.set(vaultBytes, 32 - vaultBytes.length);
+	const cidBytes = new Uint8Array(32);
+	let temp = cidCommitment;
+	for (let i = 31; i >= 0; i--) {
+		cidBytes[i] = Number(temp & 255n);
+		temp = temp >> 8n;
+	}
+	const nullifierInput = new Uint8Array(128);
+	nullifierInput.set(passwordBytes, 0);
+	nullifierInput.set(userAddressBytes, 32);
+	nullifierInput.set(vaultIdBytes, 64);
+	nullifierInput.set(cidBytes, 96);
+	const nullifierHash = blake3(nullifierInput);
+	const nullifier = `0x${Buffer.from(nullifierHash).toString("hex")}`;
+	const expectedHashBytes = Array.from(Buffer.from(expectedHash.slice(2), "hex"));
+	const nullifierBytesArr = Array.from(nullifierHash);
+	return {
+		inputs: {
+			password: Array.from(passwordBytes),
+			merkle_path: path.map((p) => p.toString()),
+			merkle_indices: indices.map((i) => i.toString()),
+			expected_hash: expectedHashBytes,
+			merkle_root: expectedRoot.toString(),
+			user_address: Array.from(userAddressBytes),
+			vault_id: Array.from(vaultIdBytes),
+			nullifier: nullifierBytesArr,
+			cid_commitment: cidCommitment.toString()
+		},
+		nullifier,
+		cidCommitment: fieldToHex(cidCommitment)
+	};
+}
+async function computeTagCommitment(vaultId, tag) {
+	const vaultIdBigInt = BigInt(vaultId);
+	const tagBytes = new TextEncoder().encode(tag);
+	let tagField = 0n;
+	for (let i = 0; i < Math.min(tagBytes.length, 31); i++) tagField = tagField << 8n | BigInt(tagBytes[i]);
+	return await poseidon2Hash(vaultIdBigInt, tagField);
+}
+
+//#endregion
+export { buildCircuitInputs, computeTagCommitment };
+//# sourceMappingURL=proof.js.map

package/lib/crypto/proof.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proof.js","names":[],"sources":["../../src/crypto/proof.ts"],"sourcesContent":["import { Hex, keccak256, toBytes } from \"viem\";\nimport { VaultEntry, VaultManifest } from \"../types/types.js\";\nimport { blake3 } from \"@noble/hashes/blake3.js\";\n\nimport { poseidon2Hash } from \"../utils/index.js\";\nimport { fieldToHex, getProof, hexToField } from \"./merkle.js\";\nimport { TREE_DEPTH } from \"./constants.js\";\n\nexport async function buildCircuitInputs(\n\tpassword: string,\n\tentry: VaultEntry,\n\tuserAddress: `0x${string}`,\n\tvaultId: `0x${string}`,\n\tmanifest: VaultManifest,\n): Promise<{\n\tinputs: Record<string, any>;\n\tnullifier: `0x${string}`;\n\tcidCommitment: `0x${string}`;\n}> {\n\tconst layers = manifest.tree!.map((layer) => layer.map(hexToField));\n\tconst { path, indices } = getProof(layers, Number(entry.index));\n\n\tconst cidCommitment = hexToField(entry.leaf);\n\n\t// verify merkle root locally\n\tlet current = cidCommitment;\n\tfor (let i = 0; i < TREE_DEPTH; i++) {\n\t\tconst sibling = path[i];\n\t\tconst isRight = indices[i] === 1;\n\t\tconst [left, right] = isRight ? [sibling, current] : [current, sibling];\n\t\tcurrent = await poseidon2Hash(left, right);\n\t}\n\n\tconst expectedRoot = hexToField(manifest.poseidon_root);\n\tif (current !== expectedRoot) {\n\t\tthrow new Error(\n\t\t\t`Merkle root mismatch: computed ${current}, expected ${expectedRoot}`,\n\t\t);\n\t}\n\n\t// Password (padded to 32 bytes)\n\tconst passwordBytes = new Uint8Array(32);\n\tpasswordBytes.set(new TextEncoder().encode(password).slice(0, 32));\n\tconst expectedHash = keccak256(passwordBytes);\n\n\t// User address (left-padded to 32 bytes)\n\tconst userAddressBytes = new Uint8Array(32);\n\tconst addrBytes = Buffer.from(userAddress.slice(2), \"hex\");\n\tuserAddressBytes.set(addrBytes, 32 - addrBytes.length);\n\n\t// Vault ID (32 bytes)\n\tconst vaultIdBytes = new Uint8Array(32);\n\tconst vaultBytes = Buffer.from(vaultId.slice(2), \"hex\");\n\tvaultIdBytes.set(vaultBytes, 32 - vaultBytes.length);\n\n\t// CID commitment as big-endian bytes (for nullifier)\n\tconst cidBytes = new Uint8Array(32);\n\tlet temp = cidCommitment;\n\tfor (let i = 31; i >= 0; i--) {\n\t\tcidBytes[i] = Number(temp & 0xffn);\n\t\ttemp = temp >> 8n;\n\t}\n\n\t// Nullifier = blake3(password || user_address || vault_id || cid_commitment)\n\tconst nullifierInput = new Uint8Array(128);\n\tnullifierInput.set(passwordBytes, 0);\n\tnullifierInput.set(userAddressBytes, 32);\n\tnullifierInput.set(vaultIdBytes, 64);\n\tnullifierInput.set(cidBytes, 96);\n\tconst nullifierHash = blake3(nullifierInput);\n\tconst nullifier =\n\t\t`0x${Buffer.from(nullifierHash).toString(\"hex\")}` as `0x${string}`;\n\n\tconst expectedHashBytes = Array.from(\n\t\tBuffer.from(expectedHash.slice(2), \"hex\"),\n\t);\n\tconst nullifierBytesArr = Array.from(nullifierHash);\n\n\treturn {\n\t\tinputs: {\n\t\t\t// Private\n\t\t\tpassword: Array.from(passwordBytes),\n\t\t\tmerkle_path: path.map((p) => p.toString()),\n\t\t\tmerkle_indices: indices.map((i) => i.toString()),\n\t\t\t// Public\n\t\t\texpected_hash: expectedHashBytes,\n\t\t\tmerkle_root: expectedRoot.toString(),\n\t\t\tuser_address: Array.from(userAddressBytes),\n\t\t\tvault_id: Array.from(vaultIdBytes),\n\t\t\tnullifier: nullifierBytesArr,\n\t\t\tcid_commitment: cidCommitment.toString(),\n\t\t},\n\t\tnullifier,\n\t\tcidCommitment: fieldToHex(cidCommitment),\n\t};\n}\n\n// create a commitment to the (vaultId, tag) combo using poseidon2\nexport async function computeTagCommitment(\n\tvaultId: string,\n\ttag: string,\n): Promise<bigint> {\n\tconst vaultIdBigInt = BigInt(vaultId);\n\n\t// Convert tag to field\n\tconst tagBytes = new TextEncoder().encode(tag);\n\tlet tagField = 0n;\n\tfor (let i = 0; i < Math.min(tagBytes.length, 31); i++) {\n\t\ttagField = (tagField << 8n) | BigInt(tagBytes[i]);\n\t}\n\n\tconst hash = await poseidon2Hash(vaultIdBigInt, tagField);\n\treturn hash;\n}\n"],"mappings":";;;;;;;AAQA,eAAsB,mBACrB,UACA,OACA,aACA,SACA,UAKE;CAEF,MAAM,EAAE,MAAM,YAAY,SADX,SAAS,KAAM,KAAK,UAAU,MAAM,IAAI,WAAW,CAAC,EACxB,OAAO,MAAM,MAAM,CAAC;CAE/D,MAAM,gBAAgB,WAAW,MAAM,KAAK;CAG5C,IAAI,UAAU;AACd,MAAK,IAAI,IAAI,GAAG,IAAI,YAAY,KAAK;EACpC,MAAM,UAAU,KAAK;EAErB,MAAM,CAAC,MAAM,SADG,QAAQ,OAAO,IACC,CAAC,SAAS,QAAQ,GAAG,CAAC,SAAS,QAAQ;AACvE,YAAU,MAAM,cAAc,MAAM,MAAM;;CAG3C,MAAM,eAAe,WAAW,SAAS,cAAc;AACvD,KAAI,YAAY,aACf,OAAM,IAAI,MACT,kCAAkC,QAAQ,aAAa,eACvD;CAIF,MAAM,gBAAgB,IAAI,WAAW,GAAG;AACxC,eAAc,IAAI,IAAI,aAAa,CAAC,OAAO,SAAS,CAAC,MAAM,GAAG,GAAG,CAAC;CAClE,MAAM,eAAe,UAAU,cAAc;CAG7C,MAAM,mBAAmB,IAAI,WAAW,GAAG;CAC3C,MAAM,YAAY,OAAO,KAAK,YAAY,MAAM,EAAE,EAAE,MAAM;AAC1D,kBAAiB,IAAI,WAAW,KAAK,UAAU,OAAO;CAGtD,MAAM,eAAe,IAAI,WAAW,GAAG;CACvC,MAAM,aAAa,OAAO,KAAK,QAAQ,MAAM,EAAE,EAAE,MAAM;AACvD,cAAa,IAAI,YAAY,KAAK,WAAW,OAAO;CAGpD,MAAM,WAAW,IAAI,WAAW,GAAG;CACnC,IAAI,OAAO;AACX,MAAK,IAAI,IAAI,IAAI,KAAK,GAAG,KAAK;AAC7B,WAAS,KAAK,OAAO,OAAO,KAAM;AAClC,SAAO,QAAQ;;CAIhB,MAAM,iBAAiB,IAAI,WAAW,IAAI;AAC1C,gBAAe,IAAI,eAAe,EAAE;AACpC,gBAAe,IAAI,kBAAkB,GAAG;AACxC,gBAAe,IAAI,cAAc,GAAG;AACpC,gBAAe,IAAI,UAAU,GAAG;CAChC,MAAM,gBAAgB,OAAO,eAAe;CAC5C,MAAM,YACL,KAAK,OAAO,KAAK,cAAc,CAAC,SAAS,MAAM;CAEhD,MAAM,oBAAoB,MAAM,KAC/B,OAAO,KAAK,aAAa,MAAM,EAAE,EAAE,MAAM,CACzC;CACD,MAAM,oBAAoB,MAAM,KAAK,cAAc;AAEnD,QAAO;EACN,QAAQ;GAEP,UAAU,MAAM,KAAK,cAAc;GACnC,aAAa,KAAK,KAAK,MAAM,EAAE,UAAU,CAAC;GAC1C,gBAAgB,QAAQ,KAAK,MAAM,EAAE,UAAU,CAAC;GAEhD,eAAe;GACf,aAAa,aAAa,UAAU;GACpC,cAAc,MAAM,KAAK,iBAAiB;GAC1C,UAAU,MAAM,KAAK,aAAa;GAClC,WAAW;GACX,gBAAgB,cAAc,UAAU;GACxC;EACD;EACA,eAAe,WAAW,cAAc;EACxC;;AAIF,eAAsB,qBACrB,SACA,KACkB;CAClB,MAAM,gBAAgB,OAAO,QAAQ;CAGrC,MAAM,WAAW,IAAI,aAAa,CAAC,OAAO,IAAI;CAC9C,IAAI,WAAW;AACf,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IAAI,SAAS,QAAQ,GAAG,EAAE,IAClD,YAAY,YAAY,KAAM,OAAO,SAAS,GAAG;AAIlD,QADa,MAAM,cAAc,eAAe,SAAS"}

package/lib/crypto/rand.d.ts

@@ -0,0 +1,6 @@
+//#region src/crypto/rand.d.ts
+declare function getSubtleCrypto(): SubtleCrypto;
+declare function getRandomValues(array: Uint8Array): Uint8Array<ArrayBuffer>;
+//#endregion
+export { getRandomValues, getSubtleCrypto };
+//# sourceMappingURL=rand.d.ts.map

package/lib/crypto/rand.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rand.d.ts","names":[],"sources":["../../src/crypto/rand.ts"],"sourcesContent":[],"mappings":";iBAYgB,eAAA,CAAA,GAAmB;AAAnB,iBASA,eAAA,CATmB,KAAA,EASI,UATQ,CAAA,EASK,UATL,CASgB,WAThB,CAAA"}

package/lib/crypto/rand.js

@@ -0,0 +1,17 @@
+//#region src/crypto/rand.ts
+function getCrypto() {
+	if (typeof globalThis.crypto !== "undefined") return globalThis.crypto;
+	throw new Error("No crypto available - are you in Node < 19?");
+}
+function getSubtleCrypto() {
+	if (typeof window !== "undefined" && window.crypto) return window.crypto.subtle;
+	else return getCrypto().subtle;
+}
+function getRandomValues(array) {
+	if (typeof window !== "undefined" && window.crypto) return window.crypto.getRandomValues(array);
+	else return getCrypto().getRandomValues(array);
+}
+
+//#endregion
+export { getRandomValues, getSubtleCrypto };
+//# sourceMappingURL=rand.js.map

package/lib/crypto/rand.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rand.js","names":[],"sources":["../../src/crypto/rand.ts"],"sourcesContent":["function getCrypto(): Crypto {\n\tif (typeof globalThis.crypto !== \"undefined\") {\n\t\treturn globalThis.crypto;\n\t}\n\n\t// Node 19+ has globalThis.crypto, but for older versions:\n\tthrow new Error(\"No crypto available - are you in Node < 19?\");\n}\n\n// For Node 15-18, you might need top-level await or lazy init:\nlet cryptoModule: Crypto | null = null;\n\nexport function getSubtleCrypto(): SubtleCrypto {\n\tif (typeof window !== \"undefined\" && window.crypto) {\n\t\treturn window.crypto.subtle;\n\t} else {\n\t\tconst webcrypto = getCrypto();\n\t\treturn webcrypto.subtle as SubtleCrypto;\n\t}\n}\n\nexport function getRandomValues(array: Uint8Array): Uint8Array<ArrayBuffer> {\n\tif (typeof window !== \"undefined\" && window.crypto) {\n\t\treturn window.crypto.getRandomValues(array) as Uint8Array<ArrayBuffer>;\n\t} else {\n\t\tconst webcrypto = getCrypto();\n\t\treturn webcrypto.getRandomValues(array) as Uint8Array<ArrayBuffer>;\n\t}\n}\n"],"mappings":";AAAA,SAAS,YAAoB;AAC5B,KAAI,OAAO,WAAW,WAAW,YAChC,QAAO,WAAW;AAInB,OAAM,IAAI,MAAM,8CAA8C;;AAM/D,SAAgB,kBAAgC;AAC/C,KAAI,OAAO,WAAW,eAAe,OAAO,OAC3C,QAAO,OAAO,OAAO;KAGrB,QADkB,WAAW,CACZ;;AAInB,SAAgB,gBAAgB,OAA4C;AAC3E,KAAI,OAAO,WAAW,eAAe,OAAO,OAC3C,QAAO,OAAO,OAAO,gBAAgB,MAAM;KAG3C,QADkB,WAAW,CACZ,gBAAgB,MAAM"}

package/lib/deployContract.d.ts

@@ -0,0 +1,62 @@
+import { Account, Address, Hex } from "viem";
+
+//#region src/deployContract.d.ts
+
+/**
+ * Deploys HonkVerifier (circuit-specific)
+ */
+declare function deployVerifier({
+  account
+}: {
+  account: Account;
+}): Promise<{
+  verifierAddress: Address;
+  verifierAbi: any;
+}>;
+/**
+ * Deploys ZKGate (universal, verifier-agnostic)
+ */
+declare function deployZKGate({
+  account,
+  verifierAddress,
+  treasuryAddress,
+  vaultCreationFee
+}: {
+  account: Account;
+  verifierAddress: Address;
+  treasuryAddress: Address;
+  vaultCreationFee: bigint;
+}): Promise<{
+  zkGateAddress: Address;
+  zkGateAbi: any;
+}>;
+/**
+ * Deploys both contracts
+ */
+declare function deployContracts({
+  account
+}: {
+  account: Account;
+}): Promise<{
+  verifierAddress: Address;
+  zkGateAddress: Address;
+  verifierAbi: any;
+  zkGateAbi: any;
+}>;
+/**
+ * Verifies a proof using a deployed verifier contract
+ */
+declare function verifyProof({
+  contractAddress,
+  abi,
+  proof,
+  publicInputs
+}: {
+  contractAddress: Address;
+  abi: any;
+  proof: Hex;
+  publicInputs: Hex[];
+}): Promise<boolean>;
+//#endregion
+export { deployContracts, deployVerifier, deployZKGate, verifyProof };
+//# sourceMappingURL=deployContract.d.ts.map

package/lib/deployContract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deployContract.d.ts","names":[],"sources":["../src/deployContract.ts"],"sourcesContent":[],"mappings":";;;;;;AAgJA;AACC,iBADqB,cAAA,CACrB;EAAA;CAAA,EAAA;EAES,OAAA,EAAA,OAAA;CAEQ,CAAA,EADd,OACc,CAAA;EADd,eAAA,EACc,OADd;EAAO,WAAA,EAAA,GAAA;AAyGX,CAAA,CAAA;;;;AAIC,iBAJqB,YAAA,CAIrB;EAAA,OAAA;EAAA,eAAA;EAAA,eAAA;EAAA;CAAA,EAAA;EAES,OAAA,EAAA,OAAA;EACQ,eAAA,EAAA,OAAA;EACA,eAAA,EAAA,OAAA;EAGF,gBAAA,EAAA,MAAA;CADZ,CAAA,EAAA,OAAA,CAAA;EAAO,aAAA,EACK,OADL;EAoDW,SAAA,EAAA,GAAA;CACrB,CAAA;;;;AAGG,iBAJkB,eAAA,CAIlB;EAAA;AA2BJ,CA3BI,EAAA;EAAO,OAAA,EADD,OACC;AA2BX,CAAA,CAAA,EA3BI,OA2BkB,CAAA;EACrB,eAAA,EA3BiB,OA2BjB;EACA,aAAA,EA3Be,OA2Bf;EACA,WAAA,EAAA,GAAA;EACA,SAAA,EAAA,GAAA;CAEiB,CAAA;;;;AAIP,iBAVW,WAAA,CAUX;EAAA,eAAA;EAAA,GAAA;EAAA,KAAA;EAAA;CAAA,EAAA;mBAJO;;SAEV;gBACO;IACX"}

package/lib/deployContract.js

@@ -0,0 +1,230 @@
+import { require_preimage } from "./circuits/preimage/target/preimage.js";
+import { readFileSync } from "fs";
+import { fileURLToPath } from "url";
+import { dirname, join } from "path";
+import { createPublicClient, createWalletClient, encodeDeployData, http, parseEther } from "viem";
+import solc from "solc";
+import { Barretenberg, UltraHonkBackend } from "@aztec/bb.js";
+import { baseSepolia } from "viem/chains";
+
+//#region src/deployContract.ts
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const circuit = require_preimage();
+const currentChain = baseSepolia;
+/**
+* Compiles verifier from circuit
+*/
+async function compileVerifier() {
+	const api = await Barretenberg.new({ threads: 1 });
+	const backend = new UltraHonkBackend(circuit.bytecode, api);
+	const vk = await backend.getVerificationKey({ verifierTarget: "evm" });
+	const verifierSource = await backend.getSolidityVerifier(vk, { verifierTarget: "evm" });
+	const input = {
+		language: "Solidity",
+		sources: { "PreimageVerifier.sol": { content: verifierSource } },
+		settings: {
+			metadata: {
+				appendCBOR: false,
+				useLiteralContent: false
+			},
+			optimizer: {
+				enabled: true,
+				runs: 1
+			},
+			outputSelection: { "*": { "*": ["abi", "evm.bytecode"] } }
+		}
+	};
+	const output = JSON.parse(solc.compile(JSON.stringify(input)));
+	if (output.errors?.some((e) => e.severity === "error")) {
+		console.error("Compilation errors:", output.errors.filter((e) => e.severity === "error"));
+		throw new Error("Verifier compilation failed");
+	}
+	const contracts = {};
+	for (const [name, contract] of Object.entries(output.contracts["PreimageVerifier.sol"])) contracts[name] = {
+		abi: contract.abi,
+		bytecode: contract.evm.bytecode.object
+	};
+	return contracts;
+}
+/**
+* Compiles ZKGate
+*/
+function compileZKGate() {
+	const zkGateSource = readFileSync(join(__dirname, "..", "./contracts/src", "ZKGate.sol"), "utf-8");
+	const input = {
+		language: "Solidity",
+		sources: { "ZKGate.sol": { content: zkGateSource } },
+		settings: {
+			metadata: {
+				appendCBOR: false,
+				useLiteralContent: false
+			},
+			optimizer: {
+				enabled: true,
+				runs: 200
+			},
+			outputSelection: { "*": { "*": ["abi", "evm.bytecode"] } }
+		}
+	};
+	const output = JSON.parse(solc.compile(JSON.stringify(input)));
+	if (output.errors?.some((e) => e.severity === "error")) {
+		console.error("Compilation errors:", output.errors.filter((e) => e.severity === "error"));
+		throw new Error("ZKGate compilation failed");
+	}
+	const zkGate = output.contracts["ZKGate.sol"]["ZKGate"];
+	return {
+		abi: zkGate.abi,
+		bytecode: zkGate.evm.bytecode.object
+	};
+}
+/**
+* Links library addresses into bytecode
+*/
+function linkBytecode(bytecode, libraries) {
+	let linked = bytecode;
+	for (const [, libAddress] of Object.entries(libraries)) linked = linked.replace(/__\$[a-fA-F0-9]{34}\$__/g, libAddress.slice(2).toLowerCase());
+	const remaining = linked.match(/__\$[a-fA-F0-9]{34}\$__/);
+	if (remaining) throw new Error(`Unlinked library: ${remaining[0]}`);
+	return `0x${linked}`;
+}
+/**
+* Deploys HonkVerifier (circuit-specific)
+*/
+async function deployVerifier({ account }) {
+	console.log("Compiling verifier...");
+	const contracts = await compileVerifier();
+	const rpcUrl = process.env.CHAIN_RPC_URL;
+	if (!rpcUrl) throw new Error("CHAIN_RPC_URL environment variable is required");
+	const publicClient = createPublicClient({ transport: http(rpcUrl) });
+	const walletClient = createWalletClient({
+		account,
+		transport: http(rpcUrl)
+	});
+	console.log("Deploying ZKTranscriptLib...");
+	const libBytecode = contracts["ZKTranscriptLib"]?.bytecode;
+	if (!libBytecode) throw new Error("ZKTranscriptLib not found");
+	console.log("Estimating gas...");
+	const gasEstimate = await publicClient.estimateGas({
+		data: `0x${libBytecode}`,
+		account: walletClient.account.address
+	});
+	console.log("Gas estimate:", gasEstimate);
+	const gasPrice = await publicClient.getGasPrice();
+	await publicClient.getTransactionCount({ address: walletClient.account.address });
+	console.log("Sending transaction...");
+	const libHash = await walletClient.sendTransaction({
+		data: `0x${libBytecode}`,
+		gas: gasEstimate + gasEstimate / 10n,
+		gasPrice,
+		chain: currentChain
+	});
+	const libAddress = (await publicClient.waitForTransactionReceipt({ hash: libHash })).contractAddress;
+	console.log(`ZKTranscriptLib deployed: ${libAddress}`);
+	console.log("Deploying HonkVerifier...");
+	const verifier = contracts["HonkVerifier"];
+	if (!verifier) throw new Error("HonkVerifier not found");
+	const linkedBytecode = linkBytecode(verifier.bytecode, { ZKTranscriptLib: libAddress });
+	const verifierGasEstimate = await publicClient.estimateGas({
+		data: linkedBytecode,
+		account: walletClient.account.address
+	});
+	console.log("Verifier gas estimate:", verifierGasEstimate);
+	await publicClient.getTransactionCount({ address: walletClient.account.address });
+	console.log("Sending transaction...");
+	const verifierHash = await walletClient.sendTransaction({
+		data: linkedBytecode,
+		gas: verifierGasEstimate + verifierGasEstimate / 10n,
+		gasPrice,
+		chain: currentChain
+	});
+	const verifierReceipt = await publicClient.waitForTransactionReceipt({ hash: verifierHash });
+	console.log("Receipt status:", verifierReceipt.status);
+	console.log("Contract address from receipt:", verifierReceipt.contractAddress);
+	const code = await publicClient.getCode({ address: verifierReceipt.contractAddress });
+	console.log("Code length:", code?.length);
+	console.log("Has code:", code && code !== "0x" && code.length > 2);
+	const verifierAddress = verifierReceipt.contractAddress;
+	console.log(`HonkVerifier deployed: ${verifierAddress}`);
+	return {
+		verifierAddress,
+		verifierAbi: verifier.abi
+	};
+}
+/**
+* Deploys ZKGate (universal, verifier-agnostic)
+*/
+async function deployZKGate({ account, verifierAddress, treasuryAddress, vaultCreationFee }) {
+	console.log("Compiling ZKGate...");
+	const zkGate = compileZKGate();
+	const rpcUrl = process.env.CHAIN_RPC_URL;
+	if (!rpcUrl) throw new Error("CHAIN_RPC_URL environment variable is required");
+	const publicClient = createPublicClient({ transport: http(rpcUrl) });
+	const walletClient = createWalletClient({
+		account,
+		transport: http(rpcUrl)
+	});
+	console.log("Deploying ZKGate...");
+	const deployData = encodeDeployData({
+		abi: zkGate.abi,
+		bytecode: `0x${zkGate.bytecode}`,
+		args: [
+			verifierAddress,
+			treasuryAddress,
+			vaultCreationFee
+		]
+	});
+	const gasPrice = await publicClient.getGasPrice();
+	const gasEstimate = await publicClient.estimateGas({
+		data: deployData,
+		account: walletClient.account.address
+	});
+	const zkGateHash = await walletClient.sendTransaction({
+		data: deployData,
+		gas: gasEstimate + gasEstimate / 10n,
+		gasPrice,
+		chain: currentChain
+	});
+	const zkGateAddress = (await publicClient.waitForTransactionReceipt({ hash: zkGateHash })).contractAddress;
+	console.log(`ZKGate deployed: ${zkGateAddress}`);
+	return {
+		zkGateAddress,
+		zkGateAbi: zkGate.abi
+	};
+}
+/**
+* Deploys both contracts
+*/
+async function deployContracts({ account }) {
+	const { verifierAddress, verifierAbi } = await deployVerifier({ account });
+	const { zkGateAddress, zkGateAbi } = await deployZKGate({
+		account,
+		verifierAddress,
+		treasuryAddress: account.address,
+		vaultCreationFee: parseEther("0.001")
+	});
+	return {
+		verifierAddress,
+		zkGateAddress,
+		verifierAbi,
+		zkGateAbi
+	};
+}
+/**
+* Verifies a proof using a deployed verifier contract
+*/
+async function verifyProof({ contractAddress, abi, proof, publicInputs }) {
+	const rpcUrl = process.env.CHAIN_RPC_URL;
+	if (!rpcUrl) throw new Error("CHAIN_RPC_URL environment variable is required");
+	const result = await createPublicClient({ transport: http(rpcUrl) }).readContract({
+		address: contractAddress,
+		abi,
+		functionName: "verify",
+		args: [proof, publicInputs]
+	});
+	console.log(`Verification result: ${result}`);
+	return result;
+}
+
+//#endregion
+export { deployContracts, deployVerifier, deployZKGate, verifyProof };
+//# sourceMappingURL=deployContract.js.map