morok-bot-sdk 1.0.1

package/dist/crypto/stores.js

@@ -0,0 +1,314 @@
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+import { timingSafeEqual, randomUUID } from 'node:crypto';
+function toArrayBuffer(b64) {
+    const buf = Buffer.from(b64, 'base64');
+    return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
+}
+function fromArrayBuffer(buf) {
+    return Buffer.from(buf).toString('base64');
+}
+function serializeKeyPair(kp) {
+    return {
+        pub: fromArrayBuffer(kp.pubKey),
+        priv: fromArrayBuffer(kp.privKey),
+    };
+}
+function deserializeKeyPair(s) {
+    return {
+        pubKey: toArrayBuffer(s.pub),
+        privKey: toArrayBuffer(s.priv),
+    };
+}
+function constantTimeEqualBytes(a, b) {
+    if (a.byteLength !== b.byteLength)
+        return false;
+    return timingSafeEqual(Buffer.from(a), Buffer.from(b));
+}
+async function writeJsonAtomic(filePath, value) {
+    await fs.mkdir(path.dirname(filePath), { recursive: true, mode: 0o700 });
+    const tmp = `${filePath}.tmp-${randomUUID()}`;
+    await fs.writeFile(tmp, JSON.stringify(value), { mode: 0o600 });
+    await fs.rename(tmp, filePath);
+}
+async function readJson(filePath) {
+    try {
+        const raw = await fs.readFile(filePath, 'utf8');
+        return JSON.parse(raw);
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return undefined;
+        throw err;
+    }
+}
+const DIRECTION_ENUM = {
+    SENDING: 1,
+    RECEIVING: 2,
+};
+export class FileSignalStore {
+    stateDir;
+    Direction = DIRECTION_ENUM;
+    identityCache;
+    stateCache;
+    constructor(stateDir) {
+        this.stateDir = stateDir;
+    }
+    async ensureLayout() {
+        for (const sub of ['', 'sessions', 'prekeys', 'identity-cache', 'quarantine']) {
+            await fs.mkdir(path.join(this.stateDir, sub), { recursive: true, mode: 0o700 });
+        }
+    }
+    async importInitial(opts) {
+        await this.ensureLayout();
+        const existing = await readJson(this.identityFile());
+        if (existing) {
+            if (existing.userId && existing.userId !== opts.botUserId) {
+                throw new Error(`state directory ${this.stateDir} already holds bot user ${existing.userId}; ` +
+                    `refusing to overwrite with bot user ${opts.botUserId}. Use a different stateDir.`);
+            }
+            if (existing.registrationId !== opts.registrationId) {
+                throw new Error(`state directory ${this.stateDir} holds registrationId ${existing.registrationId}; ` +
+                    `incoming .morokbot has ${opts.registrationId}. The .morokbot likely doesn't ` +
+                    `match the imported state. Use a fresh stateDir or restore the matching file.`);
+            }
+            if (!existing.userId) {
+                await writeJsonAtomic(this.identityFile(), {
+                    ...existing,
+                    userId: opts.botUserId,
+                    deviceId: opts.deviceId,
+                });
+                this.identityCache = undefined;
+            }
+            return;
+        }
+        const initState = {
+            lastSignedPreKeyRotationMs: Date.now(),
+            nextOneTimePreKeyId: Math.max(...opts.oneTimePreKeys.map(k => k.keyId), 0) + 1,
+            nextSignedPreKeyId: opts.signedPreKey.keyId + 1,
+        };
+        await writeJsonAtomic(this.stateFile(), initState);
+        await writeJsonAtomic(this.signedPreKeyFile(opts.signedPreKey.keyId), {
+            keyId: opts.signedPreKey.keyId,
+            pub: opts.signedPreKey.pub,
+            priv: opts.signedPreKey.priv,
+            signature: opts.signedPreKey.signature,
+        });
+        for (const otp of opts.oneTimePreKeys) {
+            await writeJsonAtomic(this.oneTimePreKeyFile(otp.keyId), {
+                keyId: otp.keyId,
+                pub: otp.pub,
+                priv: otp.priv,
+            });
+        }
+        const identity = {
+            identityKeyPair: opts.identityKeyPair,
+            registrationId: opts.registrationId,
+            userId: opts.botUserId,
+            deviceId: opts.deviceId,
+            accountSigningKey: opts.accountSigningKey,
+        };
+        await writeJsonAtomic(this.identityFile(), identity);
+    }
+    async fsck() {
+        await this.ensureLayout();
+        const quarantinedSessions = [];
+        const quarantinedPreKeys = [];
+        for (const entry of await fs.readdir(path.join(this.stateDir, 'sessions')).catch(() => [])) {
+            const full = path.join(this.stateDir, 'sessions', entry);
+            let bad;
+            try {
+                const j = await readJson(full);
+                bad = !j || typeof j.record !== 'string' || j.record.length === 0;
+            }
+            catch {
+                bad = true;
+            }
+            if (bad) {
+                const dst = path.join(this.stateDir, 'quarantine', `session-${Date.now()}-${entry}`);
+                await fs.rename(full, dst).catch(() => { });
+                quarantinedSessions.push(full);
+            }
+        }
+        for (const entry of await fs.readdir(path.join(this.stateDir, 'prekeys')).catch(() => [])) {
+            const full = path.join(this.stateDir, 'prekeys', entry);
+            let bad;
+            try {
+                const j = await readJson(full);
+                bad = !j || typeof j.pub !== 'string' || typeof j.priv !== 'string';
+            }
+            catch {
+                bad = true;
+            }
+            if (bad) {
+                const dst = path.join(this.stateDir, 'quarantine', `prekey-${Date.now()}-${entry}`);
+                await fs.rename(full, dst).catch(() => { });
+                quarantinedPreKeys.push(full);
+            }
+        }
+        return { quarantinedSessions, quarantinedPreKeys };
+    }
+    async getIdentityKeyPair() {
+        const id = await this.loadPersistedIdentity();
+        if (!id)
+            return undefined;
+        return deserializeKeyPair(id.identityKeyPair);
+    }
+    async getLocalRegistrationId() {
+        return (await this.loadPersistedIdentity())?.registrationId;
+    }
+    async isTrustedIdentity(identifier, identityKey, _direction) {
+        const cached = await this.loadPeerIdentity(identifier);
+        if (!cached)
+            return true;
+        return constantTimeEqualBytes(cached, identityKey);
+    }
+    async saveIdentity(encodedAddress, publicKey, _nonblockingApproval) {
+        const existing = await this.loadPeerIdentity(encodedAddress);
+        if (existing && constantTimeEqualBytes(existing, publicKey)) {
+            return false;
+        }
+        await writeJsonAtomic(this.identityCacheFile(encodedAddress), {
+            identityKey: fromArrayBuffer(publicKey),
+        });
+        return existing !== undefined;
+    }
+    async peekPeerIdentity(encodedAddress) {
+        return this.loadPeerIdentity(encodedAddress);
+    }
+    async loadSession(encodedAddress) {
+        const j = await readJson(this.sessionFile(encodedAddress));
+        return j?.record;
+    }
+    async storeSession(encodedAddress, record) {
+        await writeJsonAtomic(this.sessionFile(encodedAddress), { record });
+    }
+    async loadPreKey(keyId) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        const j = await readJson(this.oneTimePreKeyFile(id));
+        if (!j)
+            return undefined;
+        return deserializeKeyPair(j);
+    }
+    async storePreKey(keyId, keyPair) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        await writeJsonAtomic(this.oneTimePreKeyFile(id), {
+            keyId: id,
+            ...serializeKeyPair(keyPair),
+        });
+    }
+    async removePreKey(keyId) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        await fs.unlink(this.oneTimePreKeyFile(id)).catch(err => {
+            if (err.code !== 'ENOENT')
+                throw err;
+        });
+    }
+    async loadSignedPreKey(keyId) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        const j = await readJson(this.signedPreKeyFile(id));
+        if (!j)
+            return undefined;
+        return deserializeKeyPair(j);
+    }
+    async storeSignedPreKey(keyId, keyPair) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        const existing = await readJson(this.signedPreKeyFile(id));
+        await writeJsonAtomic(this.signedPreKeyFile(id), {
+            keyId: id,
+            ...serializeKeyPair(keyPair),
+            ...(existing?.signature ? { signature: existing.signature } : {}),
+        });
+    }
+    async removeSignedPreKey(keyId) {
+        const id = typeof keyId === 'string' ? Number(keyId) : keyId;
+        await fs.unlink(this.signedPreKeyFile(id)).catch(err => {
+            if (err.code !== 'ENOENT')
+                throw err;
+        });
+    }
+    async storeSignedPreKeyFull(rec) {
+        await writeJsonAtomic(this.signedPreKeyFile(rec.keyId), {
+            keyId: rec.keyId,
+            ...serializeKeyPair(rec.keyPair),
+            signature: fromArrayBuffer(rec.signature),
+        });
+    }
+    async getSignedPreKeyRecord(keyId) {
+        return readJson(this.signedPreKeyFile(keyId));
+    }
+    async listOneTimePreKeyIds() {
+        const dir = path.join(this.stateDir, 'prekeys');
+        const out = [];
+        for (const entry of await fs.readdir(dir).catch(() => [])) {
+            const m = /^onetime-(\d+)\.json$/.exec(entry);
+            if (m)
+                out.push(Number(m[1]));
+        }
+        return out;
+    }
+    async loadState() {
+        if (this.stateCache)
+            return this.stateCache;
+        const s = await readJson(this.stateFile());
+        if (s) {
+            this.stateCache = s;
+            return s;
+        }
+        const init = {
+            lastSignedPreKeyRotationMs: 0,
+            nextOneTimePreKeyId: 1,
+            nextSignedPreKeyId: 1,
+        };
+        await writeJsonAtomic(this.stateFile(), init);
+        this.stateCache = init;
+        return init;
+    }
+    async patchState(patch) {
+        const cur = await this.loadState();
+        const next = { ...cur, ...patch };
+        await writeJsonAtomic(this.stateFile(), next);
+        this.stateCache = next;
+    }
+    async loadPersistedIdentity() {
+        if (this.identityCache)
+            return this.identityCache;
+        const id = await readJson(this.identityFile());
+        if (id)
+            this.identityCache = id;
+        return id;
+    }
+    async loadPeerIdentity(encodedAddress) {
+        const j = await readJson(this.identityCacheFile(encodedAddress));
+        if (!j)
+            return undefined;
+        return toArrayBuffer(j.identityKey);
+    }
+    identityFile() { return path.join(this.stateDir, 'identity.json'); }
+    stateFile() { return path.join(this.stateDir, 'state.json'); }
+    sessionFile(addr) {
+        return path.join(this.stateDir, 'sessions', `${sanitizeAddr(addr)}.json`);
+    }
+    identityCacheFile(addr) {
+        return path.join(this.stateDir, 'identity-cache', `${sanitizeIdentityAddr(addr)}.json`);
+    }
+    signedPreKeyFile(keyId) {
+        return path.join(this.stateDir, 'prekeys', `signed-${keyId}.json`);
+    }
+    oneTimePreKeyFile(keyId) {
+        return path.join(this.stateDir, 'prekeys', `onetime-${keyId}.json`);
+    }
+}
+function sanitizeAddr(addr) {
+    if (!/^\d+\.\d+$/.test(addr)) {
+        throw new Error(`refusing unsafe session address "${addr}" - expected <userId>.<deviceId>`);
+    }
+    return addr;
+}
+function sanitizeIdentityAddr(addr) {
+    if (!/^\d+(\.\d+)?$/.test(addr)) {
+        throw new Error(`refusing unsafe identity address "${addr}" - expected <userId> or <userId>.<deviceId>`);
+    }
+    return addr;
+}
+//# sourceMappingURL=stores.js.map

package/dist/crypto/stores.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stores.js","sourceRoot":"","sources":["../../src/crypto/stores.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAO,SAAS,CAAA;AACzC,OAAO,IAAI,MAAqB,WAAW,CAAA;AAC3C,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAYzD,SAAS,aAAa,CAAC,GAAW;IAC9B,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IAEtC,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC,UAAU,CAAgB,CAAA;AAC3F,CAAC;AAED,SAAS,eAAe,CAAC,GAAgB;IACrC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC9C,CAAC;AAED,SAAS,gBAAgB,CAAC,EAAe;IACrC,OAAO;QACH,GAAG,EAAG,eAAe,CAAC,EAAE,CAAC,MAAM,CAAC;QAChC,IAAI,EAAE,eAAe,CAAC,EAAE,CAAC,OAAO,CAAC;KACpC,CAAA;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAoB;IAC5C,OAAO;QACH,MAAM,EAAG,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC;QAC7B,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC;KACjC,CAAA;AACL,CAAC;AAED,SAAS,sBAAsB,CAAC,CAAc,EAAE,CAAc;IAC1D,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,UAAU;QAAE,OAAO,KAAK,CAAA;IAC/C,OAAO,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;AAC1D,CAAC;AAGD,KAAK,UAAU,eAAe,CAAC,QAAgB,EAAE,KAAc;IAC3D,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;IAGxE,MAAM,GAAG,GAAG,GAAG,QAAQ,QAAQ,UAAU,EAAE,EAAE,CAAA;IAC7C,MAAM,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;IAC/D,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;AAClC,CAAC;AAED,KAAK,UAAU,QAAQ,CAAI,QAAgB;IACvC,IAAI,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QAC/C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAM,CAAA;IAC/B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAA;QACtE,MAAM,GAAG,CAAA;IACb,CAAC;AACL,CAAC;AA4BD,MAAM,cAAc,GAAG;IACnB,OAAO,EAAI,CAAC;IACZ,SAAS,EAAE,CAAC;CACN,CAAA;AAGV,MAAM,OAAO,eAAe;IAMK;IALpB,SAAS,GAA0B,cAAc,CAAA;IAElD,aAAa,CAAoB;IACjC,UAAU,CAAoB;IAEtC,YAA6B,QAAgB;QAAhB,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAIjD,KAAK,CAAC,YAAY;QACd,KAAK,MAAM,GAAG,IAAI,CAAC,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,gBAAgB,EAAE,YAAY,CAAC,EAAE,CAAC;YAC5E,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;QACnF,CAAC;IACL,CAAC;IASD,KAAK,CAAC,aAAa,CAAC,IAiBnB;QACG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAA;QAEzB,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAoB,IAAI,CAAC,YAAY,EAAE,CAAC,CAAA;QACvE,IAAI,QAAQ,EAAE,CAAC;YACX,IAAI,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CACX,mBAAmB,IAAI,CAAC,QAAQ,2BAA2B,QAAQ,CAAC,MAAM,IAAI;oBAC9E,uCAAuC,IAAI,CAAC,SAAS,6BAA6B,CACrF,CAAA;YACL,CAAC;YACD,IAAI,QAAQ,CAAC,cAAc,KAAK,IAAI,CAAC,cAAc,EAAE,CAAC;gBAClD,MAAM,IAAI,KAAK,CACX,mBAAmB,IAAI,CAAC,QAAQ,yBAAyB,QAAQ,CAAC,cAAc,IAAI;oBACpF,0BAA0B,IAAI,CAAC,cAAc,iCAAiC;oBAC9E,8EAA8E,CACjF,CAAA;YACL,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE;oBACvC,GAAG,QAAQ;oBACX,MAAM,EAAI,IAAI,CAAC,SAAS;oBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;iBAC1B,CAAC,CAAA;gBACF,IAAI,CAAC,aAAa,GAAG,SAAS,CAAA;YAClC,CAAC;YACD,OAAM;QACV,CAAC;QAED,MAAM,SAAS,GAAmB;YAC9B,0BAA0B,EAAE,IAAI,CAAC,GAAG,EAAE;YACtC,mBAAmB,EAAS,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC;YACrF,kBAAkB,EAAU,IAAI,CAAC,YAAY,CAAC,KAAK,GAAG,CAAC;SAC1D,CAAA;QACD,MAAM,eAAe,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAElD,MAAM,eAAe,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE;YAClE,KAAK,EAAM,IAAI,CAAC,YAAY,CAAC,KAAK;YAClC,GAAG,EAAQ,IAAI,CAAC,YAAY,CAAC,GAAG;YAChC,IAAI,EAAO,IAAI,CAAC,YAAY,CAAC,IAAI;YACjC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,SAAS;SACzC,CAAC,CAAA;QAEF,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACpC,MAAM,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;gBACrD,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,GAAG,EAAI,GAAG,CAAC,GAAG;gBACd,IAAI,EAAG,GAAG,CAAC,IAAI;aAClB,CAAC,CAAA;QACN,CAAC;QAGD,MAAM,QAAQ,GAAsB;YAChC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,cAAc,EAAG,IAAI,CAAC,cAAc;YACpC,MAAM,EAAW,IAAI,CAAC,SAAS;YAC/B,QAAQ,EAAS,IAAI,CAAC,QAAQ;YAC9B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;SAC5C,CAAA;QACD,MAAM,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,QAAQ,CAAC,CAAA;IACxD,CAAC;IAMD,KAAK,CAAC,IAAI;QACN,MAAM,IAAI,CAAC,YAAY,EAAE,CAAA;QACzB,MAAM,mBAAmB,GAAa,EAAE,CAAA;QACxC,MAAM,kBAAkB,GAAc,EAAE,CAAA;QAExC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;YACzF,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,CAAC,CAAA;YACxD,IAAI,GAAY,CAAA;YAChB,IAAI,CAAC;gBACD,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAuB,IAAI,CAAC,CAAA;gBACpD,GAAG,GAAG,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,CAAA;YACrE,CAAC;YAAC,MAAM,CAAC;gBAAC,GAAG,GAAG,IAAI,CAAA;YAAC,CAAC;YACtB,IAAI,GAAG,EAAE,CAAC;gBACN,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,WAAW,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,EAAE,CAAC,CAAA;gBACpF,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;gBAC1C,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAClC,CAAC;QACL,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;YACxF,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;YACvD,IAAI,GAAY,CAAA;YAChB,IAAI,CAAC;gBACD,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAoC,IAAI,CAAC,CAAA;gBACjE,GAAG,GAAG,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAA;YACvE,CAAC;YAAC,MAAM,CAAC;gBAAC,GAAG,GAAG,IAAI,CAAA;YAAC,CAAC;YACtB,IAAI,GAAG,EAAE,CAAC;gBACN,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,EAAE,CAAC,CAAA;gBACnF,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;gBAC1C,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACjC,CAAC;QACL,CAAC;QAED,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,CAAA;IACtD,CAAC;IAKD,KAAK,CAAC,kBAAkB;QACpB,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAA;QAC7C,IAAI,CAAC,EAAE;YAAE,OAAO,SAAS,CAAA;QACzB,OAAO,kBAAkB,CAAC,EAAE,CAAC,eAAe,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,sBAAsB;QACxB,OAAO,CAAC,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC,EAAE,cAAc,CAAA;IAC/D,CAAC;IAKD,KAAK,CAAC,iBAAiB,CACnB,UAAkB,EAClB,WAAwB,EACxB,UAAqB;QAErB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAA;QACtD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QACxB,OAAO,sBAAsB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,YAAY,CACd,cAAsB,EACtB,SAAsB,EACtB,oBAA8B;QAE9B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAA;QAC5D,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC;YAC1D,OAAO,KAAK,CAAA;QAChB,CAAC;QACD,MAAM,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,EAAE;YAC1D,WAAW,EAAE,eAAe,CAAC,SAAS,CAAC;SAC1C,CAAC,CAAA;QAGF,OAAO,QAAQ,KAAK,SAAS,CAAA;IACjC,CAAC;IAMD,KAAK,CAAC,gBAAgB,CAAC,cAAsB;QACzC,OAAO,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAA;IAChD,CAAC;IAKD,KAAK,CAAC,WAAW,CAAC,cAAsB;QACpC,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAqB,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC,CAAA;QAC9E,OAAO,CAAC,EAAE,MAAM,CAAA;IACpB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,cAAsB,EAAE,MAAyB;QAChE,MAAM,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IACvE,CAAC;IAKD,KAAK,CAAC,UAAU,CAAC,KAAsB;QACnC,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC5D,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAoB,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAA;QACvE,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAA;QACxB,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAA;IAChC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAsB,EAAE,OAAoB;QAC1D,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC5D,MAAM,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,EAAE;YAC9C,KAAK,EAAE,EAAE;YACT,GAAG,gBAAgB,CAAC,OAAO,CAAC;SAC/B,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAAsB;QACrC,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC5D,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;YACpD,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;gBAAE,MAAM,GAAG,CAAA;QACnE,CAAC,CAAC,CAAA;IACN,CAAC;IAKD,KAAK,CAAC,gBAAgB,CAAC,KAAsB;QACzC,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC5D,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAoB,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAA;QACtE,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAA;QACxB,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAA;IAChC,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAsB,EAAE,OAAoB;QAChE,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAG5D,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAyB,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAA;QAClF,MAAM,eAAe,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,EAAE;YAC7C,KAAK,EAAE,EAAE;YACT,GAAG,gBAAgB,CAAC,OAAO,CAAC;YAC5B,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACpE,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAsB;QAC3C,MAAM,EAAE,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC5D,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;YACnD,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;gBAAE,MAAM,GAAG,CAAA;QACnE,CAAC,CAAC,CAAA;IACN,CAAC;IAMD,KAAK,CAAC,qBAAqB,CAAC,GAI3B;QACG,MAAM,eAAe,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YACpD,KAAK,EAAM,GAAG,CAAC,KAAK;YACpB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC;YAChC,SAAS,EAAE,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC;SAC5C,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAa;QAGrC,OAAO,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,oBAAoB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC/C,MAAM,GAAG,GAAa,EAAE,CAAA;QACxB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;YACxD,MAAM,CAAC,GAAG,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC7C,IAAI,CAAC;gBAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjC,CAAC;QACD,OAAO,GAAG,CAAA;IACd,CAAC;IAED,KAAK,CAAC,SAAS;QACX,IAAI,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC,UAAU,CAAA;QAC3C,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAiB,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;QAC1D,IAAI,CAAC,EAAE,CAAC;YACJ,IAAI,CAAC,UAAU,GAAG,CAAC,CAAA;YACnB,OAAO,CAAC,CAAA;QACZ,CAAC;QACD,MAAM,IAAI,GAAmB;YACzB,0BAA0B,EAAE,CAAC;YAC7B,mBAAmB,EAAS,CAAC;YAC7B,kBAAkB,EAAU,CAAC;SAChC,CAAA;QACD,MAAM,eAAe,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,IAAI,CAAC,CAAA;QAC7C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,OAAO,IAAI,CAAA;IACf,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,KAA8B;QAC3C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;QAClC,MAAM,IAAI,GAAmB,EAAE,GAAG,GAAG,EAAE,GAAG,KAAK,EAAE,CAAA;QACjD,MAAM,eAAe,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,IAAI,CAAC,CAAA;QAC7C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;IAC1B,CAAC;IAKO,KAAK,CAAC,qBAAqB;QAC/B,IAAI,IAAI,CAAC,aAAa;YAAE,OAAO,IAAI,CAAC,aAAa,CAAA;QACjD,MAAM,EAAE,GAAG,MAAM,QAAQ,CAAoB,IAAI,CAAC,YAAY,EAAE,CAAC,CAAA;QACjE,IAAI,EAAE;YAAE,IAAI,CAAC,aAAa,GAAG,EAAE,CAAA;QAC/B,OAAO,EAAE,CAAA;IACb,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,cAAsB;QACjD,MAAM,CAAC,GAAG,MAAM,QAAQ,CAA0B,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAC,CAAA;QACzF,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAA;QACxB,OAAO,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;IACvC,CAAC;IAKO,YAAY,KAAkB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAA,CAAC,CAAC;IAChF,SAAS,KAAqB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA,CAAC,CAAC;IAC7E,WAAW,CAAC,IAAY;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC7E,CAAC;IACO,iBAAiB,CAAC,IAAY;QAClC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,EAAE,GAAG,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC3F,CAAC;IACO,gBAAgB,CAAC,KAAa;QAClC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,KAAK,OAAO,CAAC,CAAA;IACtE,CAAC;IACO,iBAAiB,CAAC,KAAa;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,WAAW,KAAK,OAAO,CAAC,CAAA;IACvE,CAAC;CACJ;AAKD,SAAS,YAAY,CAAC,IAAY;IAC9B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,kCAAkC,CAAC,CAAA;IAC/F,CAAC;IACD,OAAO,IAAI,CAAA;AACf,CAAC;AAKD,SAAS,oBAAoB,CAAC,IAAY;IACtC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,8CAA8C,CAAC,CAAA;IAC5G,CAAC;IACD,OAAO,IAAI,CAAA;AACf,CAAC"}

package/dist/flow/attachments.d.ts

@@ -0,0 +1,110 @@
+/**
+ * Attachment upload and download. uploadAttachment picks single-shot or chunked by plaintext size:
+ *   <= 50 MB:  POST /files/upload
+ *   > 50 MB:   POST /files/upload/init + chunk x N + complete
+ *
+ * Each chunk gets its own random IV and AAD chunkAad(i, total) so the server can't reorder or drop chunks
+ * Byte-exact mirror of frontend/src/api/files.ts
+ *
+ * Upload mints a fresh AES-256-GCM key, encrypts, SHA-256s the ciphertext (server dedup), POSTs
+ * The server returns { fileId, sha256, ... }. The caller embeds an EncryptedFileRef in the message plaintext
+ * Download is lazy via IncomingAttachment.download(): GET ciphertext, decrypt, length-check
+ *
+ * The plaintext never reaches the server. The 32-byte AES key is exported once into the ref
+ */
+import { webcrypto } from 'node:crypto';
+import type { HttpClient } from '../transport/http.js';
+import type { SdkLogger } from '../types.js';
+type CryptoKey = webcrypto.CryptoKey;
+export declare const SINGLE_UPLOAD_PLAINTEXT_LIMIT: number;
+export declare const MAX_PLAINTEXT_BYTES: number;
+/**
+ * `EncryptedFileRef` is the JSON handle the SDK embeds into the message plaintext,
+ * byte-for-byte compatible with the FE's `EncryptedFileRef` (frontend/src/api/files.ts)
+ */
+export interface EncryptedFileRef {
+    fileId: number;
+    sha256: string;
+    /** Base64 of the raw 32-byte AES key */
+    key: string;
+    /** Base64 of the 12-byte IV (single-shot only) */
+    iv: string;
+    /** Plaintext size in bytes */
+    size: number;
+    /** Plaintext mime */
+    mime: string;
+    /** Optional filename hint */
+    name?: string;
+    /** Set on chunked uploads */
+    chunked?: boolean;
+    totalChunks?: number;
+}
+export interface UploadOptions {
+    /** Plaintext mime. Default application/octet-stream */
+    mime?: string;
+    /** Filename, server records via x-file-extension */
+    filename?: string;
+    /** true for voice and video_note. The server keeps bytes on local disk and skips the per-user quota */
+    noteMedia?: boolean;
+}
+/**
+ * Thrown when the server rejects a file upload with a typed code,
+ * e.g. BOT_STAGING_FULL when the bot's unsent staging is full
+ */
+export declare class UploadRejectedError extends Error {
+    readonly code?: string | undefined;
+    readonly status?: number | undefined;
+    constructor(message: string, code?: string | undefined, status?: number | undefined);
+}
+/**
+ * Encrypt and upload, single-shot for <=50 MB and chunked for >50 MB up to 5 GB, throwing above 5 GB
+ * Note media (voice and video_note) rides either path and the server keeps it on the asset disk, off the quota
+ */
+export declare function uploadAttachment(http: HttpClient, plaintext: Uint8Array, opts?: UploadOptions, logger?: SdkLogger): Promise<EncryptedFileRef>;
+/** Fetch and decrypt under the ref's key. Lazy getter behind IncomingAttachment.download()
+ *  The server can return 404 (file row gone), 410 (sender hard-deleted), or 503 (P2P-only),
+ *  all surface as a plain Error */
+export declare function downloadAttachment(http: HttpClient, ref: EncryptedFileRef, logger?: SdkLogger): Promise<Buffer>;
+/** Chunked decrypt. Walk the blob in WIRE_CHUNK_BUDGET strides, decrypt each chunk under chunkAad(i, total)
+ *  so a reorder, drop, or swap fails the GCM tag. The last chunk may be shorter */
+declare function downloadChunked(ref: EncryptedFileRef, ciphertextBytes: Buffer, key: CryptoKey, logger?: SdkLogger): Promise<Buffer>;
+/** Narrows an unknown to EncryptedFileRef. A malformed ref is a misbehaving sender,
+ * the receiver drops it with a warn-log */
+export declare function isEncryptedFileRef(x: unknown): x is EncryptedFileRef;
+export declare const GALLERY_MIN_ITEMS = 2;
+export declare const GALLERY_MAX_ITEMS = 10;
+export type GalleryFileItem = {
+    type: 'file';
+    ref: EncryptedFileRef;
+};
+export type GalleryContactItem = {
+    type: 'contact';
+    userId: number;
+    username?: string;
+    displayName?: string;
+    avatarUrl?: string;
+    avatarEmoji?: string;
+};
+export type GalleryLocationItem = {
+    type: 'location';
+    lat: number;
+    lng: number;
+};
+export type GalleryItem = GalleryFileItem | GalleryContactItem | GalleryLocationItem;
+export interface GalleryPayload {
+    type: 'gallery';
+    items: GalleryItem[];
+    caption?: string;
+}
+/** Build the JSON envelope for an outbound gallery. Pure, the caller passes already-uploaded refs */
+export declare function buildGalleryPayload(items: GalleryItem[], caption?: string): string;
+/** Narrow an unknown to GalleryItem, null if malformed. The caller decides whether to keep a half-valid gallery */
+export declare function parseGalleryItem(raw: unknown): GalleryItem | null;
+export declare const _internals: {
+    downloadChunked: typeof downloadChunked;
+    WIRE_CHUNK_BUDGET: number;
+    CHUNK_PLAINTEXT_SIZE: number;
+    MAX_CHUNK_COUNT: number;
+};
+export {};
+//# sourceMappingURL=attachments.d.ts.map

package/dist/flow/attachments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attachments.d.ts","sourceRoot":"","sources":["../../src/flow/attachments.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAc,SAAS,EAAE,MAAiB,aAAa,CAAA;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAuB,sBAAsB,CAAA;AAOvE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAG5C,KAAK,SAAS,GAAG,SAAS,CAAC,SAAS,CAAA;AAIpC,eAAO,MAAM,6BAA6B,QAAmB,CAAA;AAE7D,eAAO,MAAM,mBAAmB,QAAmC,CAAA;AAenE;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC7B,MAAM,EAAQ,MAAM,CAAA;IACpB,MAAM,EAAQ,MAAM,CAAA;IACpB,wCAAwC;IACxC,GAAG,EAAW,MAAM,CAAA;IACpB,kDAAkD;IAClD,EAAE,EAAY,MAAM,CAAA;IACpB,8BAA8B;IAC9B,IAAI,EAAU,MAAM,CAAA;IACpB,qBAAqB;IACrB,IAAI,EAAU,MAAM,CAAA;IACpB,6BAA6B;IAC7B,IAAI,CAAC,EAAS,MAAM,CAAA;IACpB,6BAA6B;IAC7B,OAAO,CAAC,EAAM,OAAO,CAAA;IACrB,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB;AAaD,MAAM,WAAW,aAAa;IAC1B,uDAAuD;IACvD,IAAI,CAAC,EAAM,MAAM,CAAA;IACjB,oDAAoD;IACpD,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,uGAAuG;IACvG,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAGD;;;GAGG;AACH,qBAAa,mBAAoB,SAAQ,KAAK;IACb,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM;IAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM;gBAAjE,OAAO,EAAE,MAAM,EAAW,IAAI,CAAC,EAAE,MAAM,YAAA,EAAW,MAAM,CAAC,EAAE,MAAM,YAAA;CAIhF;AAgBD;;;GAGG;AACH,wBAAsB,gBAAgB,CAClC,IAAI,EAAQ,UAAU,EACtB,SAAS,EAAG,UAAU,EACtB,IAAI,GAAQ,aAAkB,EAC9B,MAAM,CAAC,EAAK,SAAS,GACtB,OAAO,CAAC,gBAAgB,CAAC,CAoB3B;AAkQD;;mCAEmC;AACnC,wBAAsB,kBAAkB,CACpC,IAAI,EAAK,UAAU,EACnB,GAAG,EAAM,gBAAgB,EACzB,MAAM,CAAC,EAAE,SAAS,GACnB,OAAO,CAAC,MAAM,CAAC,CA8BjB;AAgCD;mFACmF;AACnF,iBAAe,eAAe,CAC1B,GAAG,EAAc,gBAAgB,EACjC,eAAe,EAAE,MAAM,EACvB,GAAG,EAAc,SAAS,EAC1B,MAAM,CAAC,EAAU,SAAS,GAC3B,OAAO,CAAC,MAAM,CAAC,CA0FjB;AAyCD;2CAC2C;AAC3C,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,gBAAgB,CAuBpE;AAMD,eAAO,MAAM,iBAAiB,IAAI,CAAA;AAClC,eAAO,MAAM,iBAAiB,KAAK,CAAA;AAGnC,MAAM,MAAM,eAAe,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAK,GAAG,EAAE,gBAAgB,CAAA;CAAE,CAAA;AACzE,MAAM,MAAM,kBAAkB,GAAG;IAC7B,IAAI,EAAE,SAAS,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AACD,MAAM,MAAM,mBAAmB,GAAG;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;AAChF,MAAM,MAAM,WAAW,GAAG,eAAe,GAAG,kBAAkB,GAAG,mBAAmB,CAAA;AAGpF,MAAM,WAAW,cAAc;IAC3B,IAAI,EAAM,SAAS,CAAA;IACnB,KAAK,EAAK,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,EAAE,MAAM,CAAA;CACnB;AAGD,qGAAqG;AACrG,wBAAgB,mBAAmB,CAC/B,KAAK,EAAI,WAAW,EAAE,EACtB,OAAO,CAAC,EAAE,MAAM,GACjB,MAAM,CAIR;AAGD,mHAAmH;AACnH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,OAAO,GAAG,WAAW,GAAG,IAAI,CAsBjE;AAID,eAAO,MAAM,UAAU;;;;;CAKtB,CAAA"}