reputrans 0.1.0

package/dist/cli/src/auto-detect.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Find the most recent file matching a glob pattern in the current directory.
+ * Returns the full path, or null if none found.
+ */
+export declare function findFile(pattern: RegExp, dir?: string): Promise<string | null>;
+export declare function findKeyFile(dir?: string): Promise<string | null>;
+export declare function findCredentialFile(dir?: string): Promise<string | null>;
+export declare function findProofFile(dir?: string): Promise<string | null>;
+//# sourceMappingURL=auto-detect.d.ts.map

package/dist/cli/src/auto-detect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-detect.d.ts","sourceRoot":"","sources":["../../../cli/src/auto-detect.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,wBAAsB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,SAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAIjF;AAED,wBAAsB,WAAW,CAAC,GAAG,SAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAEnE;AAED,wBAAsB,kBAAkB,CAAC,GAAG,SAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAE1E;AAED,wBAAsB,aAAa,CAAC,GAAG,SAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAErE"}

package/dist/cli/src/auto-detect.js

@@ -0,0 +1,21 @@
+import { readdir } from 'fs/promises';
+import { resolve } from 'path';
+/**
+ * Find the most recent file matching a glob pattern in the current directory.
+ * Returns the full path, or null if none found.
+ */
+export async function findFile(pattern, dir = '.') {
+    const entries = await readdir(resolve(dir));
+    const matches = entries.filter((f) => pattern.test(f)).sort().reverse();
+    return matches.length > 0 ? resolve(dir, matches[0]) : null;
+}
+export async function findKeyFile(dir = '.') {
+    return findFile(/-key\.json$/, dir);
+}
+export async function findCredentialFile(dir = '.') {
+    return findFile(/^credential-.*\.json$/, dir);
+}
+export async function findProofFile(dir = '.') {
+    return findFile(/^proof-.*\.json$/, dir);
+}
+//# sourceMappingURL=auto-detect.js.map

package/dist/cli/src/auto-detect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-detect.js","sourceRoot":"","sources":["../../../cli/src/auto-detect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAE/B;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,OAAe,EAAE,GAAG,GAAG,GAAG;IACvD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;IACxE,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAG,GAAG,GAAG;IACzC,OAAO,QAAQ,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAG,GAAG,GAAG;IAChD,OAAO,QAAQ,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAG,GAAG,GAAG;IAC3C,OAAO,QAAQ,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;AAC3C,CAAC"}

package/dist/cli/src/commands/inspect.d.ts

@@ -0,0 +1,6 @@
+interface InspectOptions {
+    credential?: string;
+}
+export declare function inspect(opts: InspectOptions): Promise<void>;
+export {};
+//# sourceMappingURL=inspect.d.ts.map

package/dist/cli/src/commands/inspect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inspect.d.ts","sourceRoot":"","sources":["../../../../cli/src/commands/inspect.ts"],"names":[],"mappings":"AAIA,UAAU,cAAc;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CA2CjE"}

package/dist/cli/src/commands/inspect.js

@@ -0,0 +1,43 @@
+import { readFile } from 'fs/promises';
+import { resolve } from 'path';
+import { findCredentialFile } from '../auto-detect.js';
+export async function inspect(opts) {
+    let credPath = opts.credential;
+    if (!credPath) {
+        const found = await findCredentialFile();
+        if (!found) {
+            console.error('No credential file found. Run "npx tsx cli/src/index.ts issue" first.');
+            process.exit(1);
+        }
+        credPath = found;
+        console.log(`Using credential: ${credPath}`);
+    }
+    const raw = await readFile(resolve(credPath), 'utf-8');
+    const cred = JSON.parse(raw);
+    console.log(`\nREPUTRANS Credential (v${cred.version})`);
+    console.log(`  Issuer: ${cred.issuer.name || 'unknown'}`);
+    console.log(`  Issued: ${cred.issuedAt || 'unknown'}`);
+    console.log(`  Merkle root: ${cred.merkle.root.slice(0, 20)}...`);
+    console.log();
+    console.log('Fields:');
+    const claims = cred.claims;
+    const sortedKeys = Object.keys(claims).sort();
+    for (let i = 0; i < sortedKeys.length; i++) {
+        const key = sortedKeys[i];
+        const value = claims[key];
+        const isNumeric = /^-?\d+(\.\d+)?$/.test(value);
+        const proofTypes = ['disclose'];
+        if (isNumeric)
+            proofTypes.push('range (gte, lte)');
+        console.log(`  [${i}] ${key} = "${value}"`);
+        console.log(`      Proof types: ${proofTypes.join(', ')}`);
+    }
+    console.log();
+    console.log('Next:');
+    console.log(`  npx tsx cli/src/index.ts prove --disclose ${sortedKeys[0]}`);
+    if (sortedKeys.some((k) => /^-?\d+(\.\d+)?$/.test(claims[k]))) {
+        const numericKey = sortedKeys.find((k) => /^-?\d+(\.\d+)?$/.test(claims[k]));
+        console.log(`  npx tsx cli/src/index.ts prove --range ${numericKey}:gte:${claims[numericKey]}`);
+    }
+}
+//# sourceMappingURL=inspect.js.map

package/dist/cli/src/commands/inspect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inspect.js","sourceRoot":"","sources":["../../../../cli/src/commands/inspect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAMvD,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAoB;IAChD,IAAI,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;IAC/B,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;YACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,QAAQ,GAAG,KAAK,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAE7B,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,SAAS,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAgC,CAAC;IACrD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IAE9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1B,MAAM,SAAS,GAAG,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC,CAAC;QAChC,IAAI,SAAS;YAAE,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAEnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,OAAO,KAAK,GAAG,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,sBAAsB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,CAAC,+CAA+C,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC5E,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9D,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC;QAC9E,OAAO,CAAC,GAAG,CAAC,4CAA4C,UAAU,QAAQ,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAClG,CAAC;AACH,CAAC"}

package/dist/cli/src/commands/issue.d.ts

@@ -0,0 +1,8 @@
+interface IssueOptions {
+    key?: string;
+    claims?: string;
+    out?: string;
+}
+export declare function issue(opts: IssueOptions): Promise<void>;
+export {};
+//# sourceMappingURL=issue.d.ts.map

package/dist/cli/src/commands/issue.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"issue.d.ts","sourceRoot":"","sources":["../../../../cli/src/commands/issue.ts"],"names":[],"mappings":"AAMA,UAAU,YAAY;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AASD,wBAAsB,KAAK,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAmG7D"}

package/dist/cli/src/commands/issue.js

@@ -0,0 +1,107 @@
+import { readFile, writeFile } from 'fs/promises';
+import { resolve } from 'path';
+import { sign } from '../../../sdk/src/eddsa.js';
+import { encodeCredential } from '../../../sdk/src/encoder.js';
+import { findKeyFile } from '../auto-detect.js';
+const EXAMPLE_CLAIMS = {
+    name: 'Alice',
+    field_of_study: 'Computer Science',
+    graduation_year: '2025',
+    gpa: '3.8',
+};
+export async function issue(opts) {
+    // Auto-detect key file
+    let keyPath = opts.key;
+    if (!keyPath) {
+        const found = await findKeyFile();
+        if (!found) {
+            console.error('No key file found. Run "npx tsx cli/src/index.ts keygen" first.');
+            process.exit(1);
+        }
+        keyPath = found;
+        console.log(`Using key: ${keyPath}`);
+    }
+    // Load issuer key
+    const keyRaw = await readFile(resolve(keyPath), 'utf-8');
+    const keyData = JSON.parse(keyRaw);
+    const privateKey = BigInt(keyData.privateKey);
+    // Parse claims - inline JSON, file path, or use example
+    let claims;
+    if (!opts.claims) {
+        claims = EXAMPLE_CLAIMS;
+        console.log('No --claims provided, using example credential:');
+        console.log(`  ${JSON.stringify(claims)}`);
+        console.log();
+    }
+    else if (opts.claims.startsWith('{')) {
+        try {
+            claims = JSON.parse(opts.claims);
+        }
+        catch {
+            // PowerShell strips quotes from JSON - try to fix common mangling
+            const fixed = opts.claims.replace(/([{,])\s*([a-zA-Z_]\w*)\s*:/g, '$1"$2":').replace(/:([^",{}\[\]]+)([,}])/g, ':"$1"$2');
+            try {
+                claims = JSON.parse(fixed);
+            }
+            catch {
+                console.error('Invalid JSON in --claims. Use a file instead:');
+                console.error('  echo \'{"role":"engineer"}\' > claims.json');
+                console.error('  npx tsx cli/src/index.ts issue --claims claims.json');
+                process.exit(1);
+            }
+        }
+    }
+    else {
+        const claimsRaw = await readFile(resolve(opts.claims), 'utf-8');
+        claims = JSON.parse(claimsRaw);
+    }
+    // Ensure all values are strings
+    for (const [k, v] of Object.entries(claims)) {
+        if (typeof v !== 'string') {
+            claims[k] = String(v);
+        }
+    }
+    // Encode into Merkle tree
+    const encoded = encodeCredential(claims);
+    // Sign the Merkle root
+    const { signature, publicKey } = sign(privateKey, encoded.merkleRoot);
+    const credential = {
+        version: '1.0',
+        issuer: {
+            name: keyData.name,
+            publicKey: {
+                x: publicKey.x.toString(),
+                y: publicKey.y.toString(),
+            },
+        },
+        claims,
+        merkle: {
+            root: encoded.merkleRoot.toString(),
+            fieldNames: encoded.fieldNames,
+            fieldValues: encoded.fieldValues.map(String),
+            paths: encoded.merklePaths.map((p) => ({
+                siblings: p.siblings.map(String),
+                indices: p.indices,
+            })),
+        },
+        signature: {
+            r8: {
+                x: signature.r8.x.toString(),
+                y: signature.r8.y.toString(),
+            },
+            s: signature.s.toString(),
+        },
+        issuedAt: new Date().toISOString(),
+    };
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-').slice(0, 19);
+    const outPath = opts.out
+        ? resolve(opts.out)
+        : resolve(`credential-${timestamp}.json`);
+    await writeFile(outPath, JSON.stringify(credential, null, 2));
+    const fieldNames = Object.keys(claims).sort();
+    console.log(`Credential issued by "${keyData.name}"`);
+    console.log(`  Fields: ${fieldNames.join(', ')}`);
+    console.log(`  Saved to: ${outPath}`);
+    console.log(`\nNext: npx tsx cli/src/index.ts inspect`);
+}
+//# sourceMappingURL=issue.js.map

package/dist/cli/src/commands/issue.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"issue.js","sourceRoot":"","sources":["../../../../cli/src/commands/issue.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,2BAA2B,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAQhD,MAAM,cAAc,GAAG;IACrB,IAAI,EAAE,OAAO;IACb,cAAc,EAAE,kBAAkB;IAClC,eAAe,EAAE,MAAM;IACvB,GAAG,EAAE,KAAK;CACX,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,IAAkB;IAC5C,uBAAuB;IACvB,IAAI,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC;IACvB,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,MAAM,WAAW,EAAE,CAAC;QAClC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;YACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO,GAAG,KAAK,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,cAAc,OAAO,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,kBAAkB;IAClB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC,CAAC;IACzD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE9C,wDAAwD;IACxD,IAAI,MAA8B,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,MAAM,GAAG,cAAc,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;SAAM,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACvC,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,kEAAkE;YAClE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,8BAA8B,EAAE,SAAS,CAAC,CAAC,OAAO,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;YAC1H,IAAI,CAAC;gBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC7B,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;gBAC/D,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;gBAC9D,OAAO,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;gBACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC;QAChE,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED,gCAAgC;IAChC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,MAAM,OAAO,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAEzC,uBAAuB;IACvB,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAEtE,MAAM,UAAU,GAAG;QACjB,OAAO,EAAE,KAAK;QACd,MAAM,EAAE;YACN,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,SAAS,EAAE;gBACT,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;gBACzB,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;aAC1B;SACF;QACD,MAAM;QACN,MAAM,EAAE;YACN,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE;YACnC,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC;YAC5C,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAChC,OAAO,EAAE,CAAC,CAAC,OAAO;aACnB,CAAC,CAAC;SACJ;QACD,SAAS,EAAE;YACT,EAAE,EAAE;gBACF,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE;gBAC5B,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE;aAC7B;YACD,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;SAC1B;QACD,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC;IAEF,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG;QACtB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QACnB,CAAC,CAAC,OAAO,CAAC,cAAc,SAAS,OAAO,CAAC,CAAC;IAE5C,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE9D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,yBAAyB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,aAAa,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,EAAE,CAAC,CAAC;IACtC,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;AAC1D,CAAC"}

package/dist/cli/src/commands/keygen.d.ts

@@ -0,0 +1,7 @@
+interface KeygenOptions {
+    name: string;
+    out?: string;
+}
+export declare function keygen(opts: KeygenOptions): Promise<void>;
+export {};
+//# sourceMappingURL=keygen.d.ts.map

package/dist/cli/src/commands/keygen.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"keygen.d.ts","sourceRoot":"","sources":["../../../../cli/src/commands/keygen.ts"],"names":[],"mappings":"AAKA,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,wBAAsB,MAAM,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAsC/D"}

package/dist/cli/src/commands/keygen.js

@@ -0,0 +1,39 @@
+import { writeFile, chmod } from 'fs/promises';
+import { resolve } from 'path';
+import { getPublicKey } from '../../../sdk/src/eddsa.js';
+import { BN254_FIELD_ORDER } from '../../../sdk/src/poseidon.js';
+export async function keygen(opts) {
+    const name = opts.name || 'issuer';
+    // Generate a random BN254 field element as private key
+    const bytes = new Uint8Array(32);
+    crypto.getRandomValues(bytes);
+    let privateKey = 0n;
+    for (const b of bytes)
+        privateKey = (privateKey << 8n) | BigInt(b);
+    privateKey = privateKey % BN254_FIELD_ORDER;
+    // Derive public key
+    const publicKey = getPublicKey(privateKey);
+    const keyData = {
+        version: '1.0',
+        name,
+        privateKey: privateKey.toString(),
+        publicKey: {
+            x: publicKey.x.toString(),
+            y: publicKey.y.toString(),
+        },
+        createdAt: new Date().toISOString(),
+    };
+    const filename = `${name.toLowerCase().replace(/[^a-z0-9]/g, '-')}-key.json`;
+    const outPath = opts.out ? resolve(opts.out) : resolve(filename);
+    await writeFile(outPath, JSON.stringify(keyData, null, 2));
+    // Restrict key file permissions (owner-only read/write)
+    if (process.platform !== 'win32') {
+        await chmod(outPath, 0o600);
+    }
+    console.log(`Keypair generated for "${name}"`);
+    console.log(`  Saved to: ${outPath}`);
+    console.log(`  Public key X: ${publicKey.x.toString().slice(0, 20)}...`);
+    console.log(`  Public key Y: ${publicKey.y.toString().slice(0, 20)}...`);
+    console.log(`\nNext: npx tsx cli/src/index.ts issue --claims '{"field":"value"}'`);
+}
+//# sourceMappingURL=keygen.js.map

package/dist/cli/src/commands/keygen.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keygen.js","sourceRoot":"","sources":["../../../../cli/src/commands/keygen.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAOjE,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAmB;IAC9C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC;IAEnC,uDAAuD;IACvD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,IAAI,UAAU,GAAG,EAAE,CAAC;IACpB,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,UAAU,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACnE,UAAU,GAAG,UAAU,GAAG,iBAAiB,CAAC;IAE5C,oBAAoB;IACpB,MAAM,SAAS,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;IAE3C,MAAM,OAAO,GAAG;QACd,OAAO,EAAE,KAAK;QACd,IAAI;QACJ,UAAU,EAAE,UAAU,CAAC,QAAQ,EAAE;QACjC,SAAS,EAAE;YACT,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;YACzB,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;SAC1B;QACD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,WAAW,CAAC;IAC7E,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEjE,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,wDAAwD;IACxD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,MAAM,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,GAAG,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,EAAE,CAAC,CAAC;IACtC,OAAO,CAAC,GAAG,CAAC,mBAAmB,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,mBAAmB,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,qEAAqE,CAAC,CAAC;AACrF,CAAC"}

package/dist/cli/src/commands/prove.d.ts

@@ -0,0 +1,9 @@
+interface ProveOptions {
+    credential?: string;
+    disclose?: string;
+    range?: string;
+    out?: string;
+}
+export declare function prove(opts: ProveOptions): Promise<void>;
+export {};
+//# sourceMappingURL=prove.d.ts.map

package/dist/cli/src/commands/prove.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prove.d.ts","sourceRoot":"","sources":["../../../../cli/src/commands/prove.ts"],"names":[],"mappings":"AAKA,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,wBAAsB,KAAK,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA8J7D"}

package/dist/cli/src/commands/prove.js

@@ -0,0 +1,139 @@
+import { readFile, writeFile } from 'fs/promises';
+import { resolve } from 'path';
+import { loadCircuit } from '../../../sdk/src/circuit-loader.js';
+import { findCredentialFile } from '../auto-detect.js';
+export async function prove(opts) {
+    // Auto-detect credential
+    let credPath = opts.credential;
+    if (!credPath) {
+        const found = await findCredentialFile();
+        if (!found) {
+            console.error('No credential file found. Run "npx tsx cli/src/index.ts issue" first.');
+            process.exit(1);
+        }
+        credPath = found;
+        console.log(`Using credential: ${credPath}`);
+    }
+    if (!opts.disclose && !opts.range) {
+        console.error('Specify what to prove:');
+        console.error('  --disclose field_name        Reveal a specific field');
+        console.error('  --range field:gte:threshold   Prove a field meets a threshold');
+        console.error('\nRun "npx tsx cli/src/index.ts inspect" to see available fields.');
+        process.exit(1);
+    }
+    // Load credential
+    const raw = await readFile(resolve(credPath), 'utf-8');
+    const cred = JSON.parse(raw);
+    // Parse disclose field
+    const disclosedFieldName = opts.disclose || '';
+    const disclosedIdx = cred.merkle.fieldNames.indexOf(disclosedFieldName);
+    if (opts.disclose && disclosedIdx < 0) {
+        const available = cred.merkle.fieldNames.filter((n) => n !== '');
+        console.error(`Field "${disclosedFieldName}" not found. Available: ${available.join(', ')}`);
+        process.exit(1);
+    }
+    // Parse range spec
+    let rangeFieldName = '';
+    let rangeIdx = 0;
+    let rangeThreshold = '0';
+    let rangeComparisonType = '0'; // 0=gte, 1=lte
+    if (opts.range) {
+        const parts = opts.range.split(':');
+        if (parts.length !== 3) {
+            console.error('Range format: field:operator:threshold (e.g. gpa:gte:3)');
+            process.exit(1);
+        }
+        rangeFieldName = parts[0];
+        const operator = parts[1];
+        rangeThreshold = parts[2];
+        rangeIdx = cred.merkle.fieldNames.indexOf(rangeFieldName);
+        if (rangeIdx < 0) {
+            const available = cred.merkle.fieldNames.filter((n) => n !== '');
+            console.error(`Field "${rangeFieldName}" not found. Available: ${available.join(', ')}`);
+            process.exit(1);
+        }
+        rangeComparisonType = operator === 'lte' ? '1' : '0';
+    }
+    // If no disclose specified but range is, use the range field index for disclosure too
+    const effectiveDisclosedIdx = opts.disclose ? disclosedIdx : rangeIdx;
+    console.log('Loading circuit...');
+    const circuit = await loadCircuit('composite');
+    console.log('Initializing proof system...');
+    const { Noir } = await import('@noir-lang/noir_js');
+    const { BarretenbergBackend } = await import('@noir-lang/backend_barretenberg');
+    const backend = new BarretenbergBackend(circuit);
+    const noir = new Noir(circuit);
+    // Build circuit inputs from credential data
+    const inputs = {
+        // Signature verification
+        pub_key_x: cred.issuer.publicKey.x,
+        pub_key_y: cred.issuer.publicKey.y,
+        signature_r8_x: cred.signature.r8.x,
+        signature_r8_y: cred.signature.r8.y,
+        signature_s: cred.signature.s,
+        msg: cred.merkle.root,
+        // Field disclosure
+        credential_root: cred.merkle.root,
+        disclosed_field_value: cred.merkle.fieldValues[effectiveDisclosedIdx],
+        disclosed_field_index: effectiveDisclosedIdx.toString(),
+        disclosed_merkle_path: cred.merkle.paths[effectiveDisclosedIdx].siblings,
+        disclosed_path_indices: cred.merkle.paths[effectiveDisclosedIdx].indices.map(String),
+        // Range proof - when no range requested, use a padded zero leaf (index 15)
+        // so the Merkle check passes and range check is 0 >= 0 = trivially true
+        range_field_value: opts.range ? cred.merkle.fieldValues[rangeIdx] : cred.merkle.fieldValues[15],
+        range_field_index: opts.range ? rangeIdx.toString() : '15',
+        range_merkle_path: opts.range
+            ? cred.merkle.paths[rangeIdx].siblings
+            : cred.merkle.paths[15].siblings,
+        range_path_indices: opts.range
+            ? cred.merkle.paths[rangeIdx].indices.map(String)
+            : cred.merkle.paths[15].indices.map(String),
+        range_threshold: rangeThreshold,
+        range_comparison_type: rangeComparisonType,
+    };
+    console.log('Generating ZK proof (this takes 10-40 seconds)...');
+    const startTime = Date.now();
+    const { witness } = await noir.execute(inputs);
+    const proof = await backend.generateProof(witness);
+    const elapsed = ((Date.now() - startTime) / 1000).toFixed(1);
+    console.log(`Proof generated in ${elapsed}s`);
+    // Build proof output
+    const proofHex = '0x' + Array.from(proof.proof).map((b) => b.toString(16).padStart(2, '0')).join('');
+    const disclosed = {};
+    if (opts.disclose) {
+        disclosed[disclosedFieldName] = cred.claims[disclosedFieldName];
+    }
+    const proofOutput = {
+        version: '1.0',
+        circuit: 'composite',
+        proof: proofHex,
+        publicInputs: proof.publicInputs,
+        issuer: {
+            name: cred.issuer.name,
+            publicKey: cred.issuer.publicKey,
+        },
+        disclosed,
+        generatedAt: new Date().toISOString(),
+        generationTimeMs: Date.now() - startTime,
+    };
+    if (opts.range) {
+        proofOutput.range = {
+            field: rangeFieldName,
+            operator: rangeComparisonType === '0' ? 'gte' : 'lte',
+            threshold: rangeThreshold,
+        };
+    }
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-').slice(0, 19);
+    const outPath = opts.out ? resolve(opts.out) : resolve(`proof-${timestamp}.json`);
+    await writeFile(outPath, JSON.stringify(proofOutput, null, 2));
+    await backend.destroy?.();
+    console.log(`\nProof saved: ${outPath}`);
+    if (opts.disclose) {
+        console.log(`  Disclosed: ${disclosedFieldName} = "${cred.claims[disclosedFieldName]}"`);
+    }
+    if (opts.range) {
+        console.log(`  Range: ${rangeFieldName} ${rangeComparisonType === '0' ? '>=' : '<='} ${rangeThreshold}`);
+    }
+    console.log(`\nNext: npx tsx cli/src/index.ts verify`);
+}
+//# sourceMappingURL=prove.js.map

package/dist/cli/src/commands/prove.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../../cli/src/commands/prove.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AASvD,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,IAAkB;IAC5C,yBAAyB;IACzB,IAAI,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;IAC/B,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;YACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,QAAQ,GAAG,KAAK,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAClC,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACxE,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACjF,OAAO,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACnF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAE7B,uBAAuB;IACvB,MAAM,kBAAkB,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACxE,IAAI,IAAI,CAAC,QAAQ,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,KAAK,CAAC,UAAU,kBAAkB,2BAA2B,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,mBAAmB;IACnB,IAAI,cAAc,GAAG,EAAE,CAAC;IACxB,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,cAAc,GAAG,GAAG,CAAC;IACzB,IAAI,mBAAmB,GAAG,GAAG,CAAC,CAAC,eAAe;IAE9C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;YACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAE1B,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC1D,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YACzE,OAAO,CAAC,KAAK,CAAC,UAAU,cAAc,2BAA2B,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACzF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mBAAmB,GAAG,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IACvD,CAAC;IAED,sFAAsF;IACtF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEtE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;IAE/C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IACpD,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,iCAAiC,CAAC,CAAC;IAEhF,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC,OAAc,CAAC,CAAC;IACxD,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,OAAc,CAAC,CAAC;IAEtC,4CAA4C;IAC5C,MAAM,MAAM,GAAsC;QAChD,yBAAyB;QACzB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAClC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAClC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACnC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACnC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;QAErB,mBAAmB;QACnB,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;QACjC,qBAAqB,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,qBAAqB,CAAC;QACrE,qBAAqB,EAAE,qBAAqB,CAAC,QAAQ,EAAE;QACvD,qBAAqB,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,QAAQ;QACxE,sBAAsB,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;QAEpF,2EAA2E;QAC3E,wEAAwE;QACxE,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/F,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI;QAC1D,iBAAiB,EAAE,IAAI,CAAC,KAAK;YAC3B,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,QAAQ;YACtC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,QAAQ;QAClC,kBAAkB,EAAE,IAAI,CAAC,KAAK;YAC5B,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;YACjD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;QAC7C,eAAe,EAAE,cAAc;QAC/B,qBAAqB,EAAE,mBAAmB;KAC3C,CAAC;IAEF,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAEnD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,OAAO,CAAC,GAAG,CAAC,sBAAsB,OAAO,GAAG,CAAC,CAAC;IAE9C,qBAAqB;IACrB,MAAM,QAAQ,GAAG,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAErG,MAAM,SAAS,GAA2B,EAAE,CAAC;IAC7C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,SAAS,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,WAAW,GAA4B;QAC3C,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,WAAW;QACpB,KAAK,EAAE,QAAQ;QACf,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,MAAM,EAAE;YACN,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;YACtB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;SACjC;QACD,SAAS;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;KACzC,CAAC;IAEF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,WAAW,CAAC,KAAK,GAAG;YAClB,KAAK,EAAE,cAAc;YACrB,QAAQ,EAAE,mBAAmB,KAAK,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;YACrD,SAAS,EAAE,cAAc;SAC1B,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,SAAS,OAAO,CAAC,CAAC;IAElF,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE/D,MAAO,OAAe,CAAC,OAAO,EAAE,EAAE,CAAC;IAEnC,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;IACzC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,gBAAgB,kBAAkB,OAAO,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAC3F,CAAC;IACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CAAC,YAAY,cAAc,IAAI,mBAAmB,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,cAAc,EAAE,CAAC,CAAC;IAC3G,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;AACzD,CAAC"}

package/dist/cli/src/commands/verify.d.ts

@@ -0,0 +1,6 @@
+interface VerifyOptions {
+    proof?: string;
+}
+export declare function verify(opts: VerifyOptions): Promise<void>;
+export {};
+//# sourceMappingURL=verify.d.ts.map

package/dist/cli/src/commands/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../../cli/src/commands/verify.ts"],"names":[],"mappings":"AAKA,UAAU,aAAa;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAsB,MAAM,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAmE/D"}

package/dist/cli/src/commands/verify.js

@@ -0,0 +1,63 @@
+import { readFile } from 'fs/promises';
+import { resolve } from 'path';
+import { loadCircuit } from '../../../sdk/src/circuit-loader.js';
+import { findProofFile } from '../auto-detect.js';
+export async function verify(opts) {
+    // Auto-detect proof file
+    let proofPath = opts.proof;
+    if (!proofPath) {
+        const found = await findProofFile();
+        if (!found) {
+            console.error('No proof file found. Run "npx tsx cli/src/index.ts prove" first.');
+            process.exit(1);
+        }
+        proofPath = found;
+        console.log(`Using proof: ${proofPath}`);
+    }
+    // Load proof
+    const raw = await readFile(resolve(proofPath), 'utf-8');
+    const proofData = JSON.parse(raw);
+    console.log('Loading circuit...');
+    const circuit = await loadCircuit(proofData.circuit || 'composite');
+    console.log('Verifying proof...');
+    const { BarretenbergBackend } = await import('@noir-lang/backend_barretenberg');
+    const backend = new BarretenbergBackend(circuit);
+    // Decode proof hex to Uint8Array
+    const proofHex = proofData.proof.startsWith('0x')
+        ? proofData.proof.slice(2)
+        : proofData.proof;
+    const proofBytes = Uint8Array.from(proofHex.match(/.{2}/g).map((b) => parseInt(b, 16)));
+    let valid;
+    try {
+        valid = await backend.verifyProof({
+            proof: proofBytes,
+            publicInputs: proofData.publicInputs,
+        });
+    }
+    catch {
+        valid = false;
+    }
+    await backend.destroy?.();
+    if (valid) {
+        console.log('\nProof VALID');
+        console.log(`  Circuit: ${proofData.circuit}`);
+        console.log(`  Issuer: ${proofData.issuer?.name || 'unknown'}`);
+        if (proofData.disclosed && Object.keys(proofData.disclosed).length > 0) {
+            console.log('  Disclosed fields:');
+            for (const [field, value] of Object.entries(proofData.disclosed)) {
+                console.log(`    ${field} = "${value}"`);
+            }
+        }
+        if (proofData.range) {
+            const op = proofData.range.operator === 'gte' ? '>=' : '<=';
+            console.log(`  Range proof: ${proofData.range.field} ${op} ${proofData.range.threshold} PASSED`);
+        }
+        console.log(`  Generated: ${proofData.generatedAt || 'unknown'}`);
+    }
+    else {
+        console.log('\nProof INVALID');
+        console.log('The proof does not verify. The credential may have been tampered with.');
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=verify.js.map

package/dist/cli/src/commands/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../../../cli/src/commands/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAC;AACjE,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAMlD,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAmB;IAC9C,yBAAyB;IACzB,IAAI,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;IAC3B,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;QACpC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;YAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,SAAS,GAAG,KAAK,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,gBAAgB,SAAS,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,aAAa;IACb,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAElC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,CAAC,CAAC;IAEpE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,iCAAiC,CAAC,CAAC;IAChF,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC,OAAc,CAAC,CAAC;IAExD,iCAAiC;IACjC,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;QAC/C,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;QAC1B,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC;IACpB,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAChC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAE,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAC7D,CAAC;IAEF,IAAI,KAAc,CAAC;IACnB,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC;YAChC,KAAK,EAAE,UAAU;YACjB,YAAY,EAAE,SAAS,CAAC,YAAY;SACrC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,KAAK,GAAG,KAAK,CAAC;IAChB,CAAC;IAED,MAAO,OAAe,CAAC,OAAO,EAAE,EAAE,CAAC;IAEnC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,cAAc,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,aAAa,SAAS,CAAC,MAAM,EAAE,IAAI,IAAI,SAAS,EAAE,CAAC,CAAC;QAEhE,IAAI,SAAS,CAAC,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvE,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;YACnC,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;gBACjE,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,OAAO,KAAK,GAAG,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;YACpB,MAAM,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,kBAAkB,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,IAAI,SAAS,CAAC,KAAK,CAAC,SAAS,SAAS,CAAC,CAAC;QACnG,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gBAAgB,SAAS,CAAC,WAAW,IAAI,SAAS,EAAE,CAAC,CAAC;IACpE,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;QACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/cli/src/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cli/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../cli/src/index.ts"],"names":[],"mappings":""}

package/dist/cli/src/index.js

@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import { keygen } from './commands/keygen.js';
+import { issue } from './commands/issue.js';
+import { inspect } from './commands/inspect.js';
+import { prove } from './commands/prove.js';
+import { verify } from './commands/verify.js';
+const program = new Command();
+program
+    .name('reputrans')
+    .description('Zero-knowledge credential toolkit - issue, prove, and verify credentials without revealing private data')
+    .version('0.1.0');
+program
+    .command('keygen')
+    .description('Generate an issuer keypair')
+    .option('--name <name>', 'Issuer name', 'issuer')
+    .option('--out <path>', 'Output file path')
+    .action(keygen);
+program
+    .command('issue')
+    .description('Sign claims into a verifiable credential')
+    .option('--key <path>', 'Path to issuer key JSON (auto-detects *-key.json in current dir)')
+    .option('--claims <json>', 'Claims as JSON string or path to JSON file')
+    .option('--out <path>', 'Output credential path')
+    .action(issue);
+program
+    .command('inspect')
+    .description('Show credential fields and available proof types')
+    .option('--credential <path>', 'Path to credential JSON (auto-detects credential-*.json)')
+    .action(inspect);
+program
+    .command('prove')
+    .description('Generate a ZK proof of selected credential fields')
+    .option('--credential <path>', 'Path to credential JSON (auto-detects credential-*.json)')
+    .option('--disclose <fields>', 'Comma-separated field names to disclose')
+    .option('--range <spec>', 'Range proof: field:operator:threshold (e.g. gpa:gte:3.0)')
+    .option('--out <path>', 'Output proof path')
+    .action(prove);
+program
+    .command('verify')
+    .description('Verify a ZK proof')
+    .option('--proof <path>', 'Path to proof JSON (auto-detects proof-*.json)')
+    .action(verify);
+program.parse();
+//# sourceMappingURL=index.js.map

package/dist/cli/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../cli/src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAE9C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,yGAAyG,CAAC;KACtH,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC;KAChD,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC;KAC1C,MAAM,CAAC,MAAM,CAAC,CAAC;AAElB,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,0CAA0C,CAAC;KACvD,MAAM,CAAC,cAAc,EAAE,kEAAkE,CAAC;KAC1F,MAAM,CAAC,iBAAiB,EAAE,4CAA4C,CAAC;KACvE,MAAM,CAAC,cAAc,EAAE,wBAAwB,CAAC;KAChD,MAAM,CAAC,KAAK,CAAC,CAAC;AAEjB,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,kDAAkD,CAAC;KAC/D,MAAM,CAAC,qBAAqB,EAAE,0DAA0D,CAAC;KACzF,MAAM,CAAC,OAAO,CAAC,CAAC;AAEnB,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,mDAAmD,CAAC;KAChE,MAAM,CAAC,qBAAqB,EAAE,0DAA0D,CAAC;KACzF,MAAM,CAAC,qBAAqB,EAAE,yCAAyC,CAAC;KACxE,MAAM,CAAC,gBAAgB,EAAE,0DAA0D,CAAC;KACpF,MAAM,CAAC,cAAc,EAAE,mBAAmB,CAAC;KAC3C,MAAM,CAAC,KAAK,CAAC,CAAC;AAEjB,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,gBAAgB,EAAE,gDAAgD,CAAC;KAC1E,MAAM,CAAC,MAAM,CAAC,CAAC;AAElB,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/sdk/src/circuit-loader.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Circuit artifact loader for REPUTRANS.
+ *
+ * Loads compiled Noir ACIR artifacts from the filesystem.
+ * Works in Node.js only (uses fs). For browser usage, load
+ * the JSON via fetch and pass directly to createProver/createVerifier.
+ */
+import type { CompiledCircuit } from './prover.js';
+export type CircuitName = 'composite' | 'field_disclosure' | 'range_proof' | 'set_membership' | 'signature_verify' | 'poseidon_compat' | 'map_to_curve';
+/**
+ * Load a compiled circuit artifact by name.
+ *
+ * @param name - Circuit name (must match the directory and JSON filename)
+ * @param circuitsDir - Override the circuits directory path. Defaults to
+ *   the monorepo's circuits/ directory relative to this file, or the
+ *   REPUTRANS_CIRCUITS_DIR environment variable.
+ */
+export declare function loadCircuit(name: CircuitName | string, circuitsDir?: string): Promise<CompiledCircuit>;
+//# sourceMappingURL=circuit-loader.d.ts.map

package/dist/sdk/src/circuit-loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"circuit-loader.d.ts","sourceRoot":"","sources":["../../../sdk/src/circuit-loader.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AA0BnD,MAAM,MAAM,WAAW,GACnB,WAAW,GACX,kBAAkB,GAClB,aAAa,GACb,gBAAgB,GAChB,kBAAkB,GAClB,iBAAiB,GACjB,cAAc,CAAC;AAEnB;;;;;;;GAOG;AACH,wBAAsB,WAAW,CAC/B,IAAI,EAAE,WAAW,GAAG,MAAM,EAC1B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,eAAe,CAAC,CA8B1B"}