withub-cli 0.1.0 → 0.2.1

package/dist/lib/crypto.js

@@ -0,0 +1,62 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AUTH_TAG_LENGTH = exports.IV_LENGTH = exports.KEY_LENGTH = exports.ALGORITHM = void 0;
+exports.generateSessionKey = generateSessionKey;
+exports.encryptBuffer = encryptBuffer;
+exports.decryptBuffer = decryptBuffer;
+const crypto_1 = __importDefault(require("crypto"));
+exports.ALGORITHM = 'aes-256-gcm';
+exports.KEY_LENGTH = 32; // 256 bits
+exports.IV_LENGTH = 12; // 96 bits for GCM
+exports.AUTH_TAG_LENGTH = 16; // 128 bits
+/**
+ * Generates a random 32-byte session key for AES-256-GCM.
+ */
+function generateSessionKey() {
+    return crypto_1.default.randomBytes(exports.KEY_LENGTH);
+}
+/**
+ * Encrypts a buffer using AES-256-GCM.
+ * @param data The data to encrypt
+ * @param key The 32-byte session key
+ * @returns EncryptedData object containing ciphertext, iv, authTag, and algorithm
+ */
+function encryptBuffer(data, key) {
+    if (key.length !== exports.KEY_LENGTH) {
+        throw new Error(`Invalid key length. Expected ${exports.KEY_LENGTH} bytes, got ${key.length}`);
+    }
+    const iv = crypto_1.default.randomBytes(exports.IV_LENGTH);
+    const cipher = crypto_1.default.createCipheriv(exports.ALGORITHM, key, iv);
+    const ciphertext = Buffer.concat([
+        cipher.update(data),
+        cipher.final()
+    ]);
+    const authTag = cipher.getAuthTag();
+    return {
+        ciphertext,
+        iv,
+        authTag,
+        algorithm: exports.ALGORITHM,
+    };
+}
+/**
+ * Decrypts a buffer using AES-256-GCM.
+ * @param encryptedData EncryptedData object or parts
+ * @param key The 32-byte session key
+ * @returns Decrypted buffer
+ */
+function decryptBuffer(encryptedData, key) {
+    if (key.length !== exports.KEY_LENGTH) {
+        throw new Error(`Invalid key length. Expected ${exports.KEY_LENGTH} bytes, got ${key.length}`);
+    }
+    const decipher = crypto_1.default.createDecipheriv(exports.ALGORITHM, key, encryptedData.iv);
+    decipher.setAuthTag(encryptedData.authTag);
+    const decrypted = Buffer.concat([
+        decipher.update(encryptedData.ciphertext),
+        decipher.final()
+    ]);
+    return decrypted;
+}

package/dist/lib/evmClone.js

@@ -0,0 +1,255 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cloneFromMantle = cloneFromMantle;
+exports.downloadCommitChainMantle = downloadCommitChainMantle;
+const promises_1 = __importDefault(require("fs/promises"));
+const path_1 = __importDefault(require("path"));
+const ui_1 = require("./ui");
+const evmRepo_1 = require("./evmRepo");
+const evmProvider_1 = require("./evmProvider");
+const lit_1 = require("./lit");
+const lighthouse_1 = require("./lighthouse");
+const schema_1 = require("./schema");
+const crypto_1 = require("./crypto");
+const fs_1 = require("./fs");
+const repo_1 = require("./repo");
+async function cloneFromMantle(repoIdStr, destDir = process.cwd()) {
+    // 1. Resolve RepoId
+    let repoId;
+    let repoIdHex;
+    if (repoIdStr.startsWith('mantle:')) {
+        repoIdStr = repoIdStr.replace('mantle:', '');
+    }
+    if (repoIdStr.startsWith('0x')) {
+        repoId = BigInt(repoIdStr);
+        repoIdHex = repoIdStr;
+    }
+    else {
+        repoId = BigInt(repoIdStr);
+        repoIdHex = (0, evmRepo_1.formatRepoId)(repoId);
+    }
+    // eslint-disable-next-line no-console
+    console.log(ui_1.colors.header(`Cloning repository ${repoIdHex} from Mantle Testnet...`));
+    // 2. Fetch On-Chain State
+    const signerCtx = await (0, evmProvider_1.loadMantleSigner)();
+    const repoService = new evmRepo_1.EvmRepoService(signerCtx);
+    const head = await repoService.getRepoState(repoId);
+    if (!head || !head.headCommit) {
+        throw new Error(`Repository ${repoIdHex} has no head commit on-chain.`);
+    }
+    // eslint-disable-next-line no-console
+    console.log(ui_1.colors.cyan(`Fetching head commit ${head.headCommit}...`));
+    // 3. Download Commit & Manifest
+    const commitBuf = await downloadBuffer(head.headCommit);
+    const commit = JSON.parse(commitBuf.toString('utf8'));
+    // Support both fields
+    const manifestCid = commit.tree.manifest_cid || commit.tree.manifest_id;
+    if (!manifestCid) {
+        throw new Error('Connect object missing manifest_cid');
+    }
+    // eslint-disable-next-line no-console
+    console.log(ui_1.colors.cyan(`Fetching manifest ${manifestCid}...`));
+    const manifestBuf = await downloadBuffer(manifestCid);
+    const manifestValues = JSON.parse(manifestBuf.toString('utf8'));
+    const manifest = schema_1.ManifestSchema.parse(manifestValues);
+    // 4. Prepare Layout
+    const witPath = await ensureEvmLayout(destDir, repoIdHex);
+    // Persist Head
+    await promises_1.default.writeFile(path_1.default.join(witPath, 'HEAD'), 'refs/heads/main\n', 'utf8');
+    const headRefPath = path_1.default.join(witPath, 'refs', 'heads', 'main');
+    await promises_1.default.mkdir(path_1.default.dirname(headRefPath), { recursive: true });
+    await promises_1.default.writeFile(headRefPath, `${head.headCommit}\n`, 'utf8');
+    // 5. Restore Files (Decrypt loop)
+    const entries = Object.entries(manifest.files);
+    // eslint-disable-next-line no-console
+    console.log(ui_1.colors.cyan(`Restoring ${entries.length} files...`));
+    const litService = new lit_1.LitService();
+    let authSig = null;
+    let decryptionCount = 0;
+    const index = {};
+    for (const [rel, meta] of entries) {
+        const fileCid = meta.cid; // Use CID stored in manifest, not the content hash
+        // Note: If using Walrus, meta.hash is blob ID. For IPFS/Lighthouse, it is CID.
+        // Our Push logic uploaded to Lighthouse and stored CID in meta.hash?
+        // Let's verify Push logic:
+        // "const uploadRes = await uploadBufferToLighthouse(contentToUpload);"
+        // "manifestFiles[rel] = { hash: uploadRes.cid, ... }"
+        // Yes, meta.hash is CID.
+        const fileBuf = await downloadBuffer(fileCid);
+        let plain = Buffer.from(fileBuf);
+        if (meta.enc) {
+            decryptionCount++;
+            // Lazy init AuthSig just once
+            if (!authSig) {
+                // eslint-disable-next-line no-console
+                console.log(ui_1.colors.gray(`  Generating SIWE AuthSig for decryption...`));
+                authSig = await litService.getAuthSig(signerCtx.signer);
+            }
+            const encMeta = meta.enc;
+            // Expected structure from push.ts:
+            // { alg: 'lit-aes-256-gcm', lit_encrypted_key, access_control_conditions, iv, tag, lit_hash }
+            if (encMeta.alg === 'lit-aes-256-gcm') {
+                // eslint-disable-next-line no-console
+                console.log(ui_1.colors.gray(`  Decrypting ${rel} (Lit Protocol)...`));
+                try {
+                    const acc = encMeta.unified_access_control_conditions || encMeta.access_control_conditions;
+                    const sessionKey = await litService.decryptSessionKey(encMeta.lit_encrypted_key, encMeta.lit_hash, acc, authSig);
+                    // 2. Decrypt Content
+                    plain = (0, crypto_1.decryptBuffer)({
+                        ciphertext: plain,
+                        iv: Buffer.from(encMeta.iv, 'hex'),
+                        authTag: Buffer.from(encMeta.tag, 'hex'),
+                    }, sessionKey);
+                }
+                catch (err) {
+                    // Check for Lit Access Denied
+                    const msg = err.message || '';
+                    if (msg.includes('NodeAccessControlConditionsReturnedNotAuthorized') ||
+                        msg.includes('not authorized') ||
+                        (err.errorKind === 'Validation' && err.errorCode === 'NodeAccessControlConditionsReturnedNotAuthorized')) {
+                        // eslint-disable-next-line no-console
+                        console.log(ui_1.colors.red(`❌ Access Denied: You do not have permission to decrypt this file.`));
+                        // eslint-disable-next-line no-console
+                        console.log(ui_1.colors.yellow(`   Please contact the repository owner to add your address to the allowlist.`));
+                        // eslint-disable-next-line no-console
+                        console.log(ui_1.colors.gray(`   Repository ID: ${repoIdHex}`));
+                        process.exit(1);
+                    }
+                    // eslint-disable-next-line no-console
+                    console.error(ui_1.colors.red(`  ❌ Failed to decrypt ${rel}: ${msg}`));
+                    process.exit(1);
+                }
+            }
+        }
+        // Write to disk
+        const absPath = path_1.default.join(destDir, rel);
+        await (0, fs_1.ensureDirForFile)(absPath);
+        await promises_1.default.writeFile(absPath, plain);
+        const mode = parseInt(meta.mode, 8) & 0o777;
+        await promises_1.default.chmod(absPath, mode);
+        index[rel] = { hash: meta.hash, size: meta.size, mode: meta.mode, mtime: meta.mtime };
+    }
+    // Write Index
+    await (0, fs_1.writeIndex)(path_1.default.join(witPath, 'index'), index);
+    // Write Remote State partial
+    const remoteState = {
+        repo_id: repoIdHex,
+        head_commit: head.headCommit,
+        head_manifest: manifestCid,
+        head_quilt: '', // Not used for EVM currently
+        version: Number(head.version),
+    };
+    await (0, repo_1.writeRemoteState)(witPath, remoteState);
+    await (0, repo_1.writeRemoteRef)(witPath, head.headCommit);
+    // eslint-disable-next-line no-console
+    console.log(ui_1.colors.green(`Clone complete.`));
+    if (decryptionCount > 0) {
+        // eslint-disable-next-line no-console
+        console.log(ui_1.colors.green(`Successfully decrypted ${decryptionCount} private files.`));
+    }
+    await litService.disconnect();
+    // 6. Download History (Commit Chain)
+    // We need to initialize the commit map first
+    const map = {}; // fresh clone
+    await downloadCommitChainMantle(head.headCommit, witPath, map);
+    // Write map
+    const mapFile = path_1.default.join(witPath, 'objects', 'maps', 'commit_id_map.json');
+    await (0, fs_1.ensureDirForFile)(mapFile);
+    await promises_1.default.writeFile(mapFile, JSON.stringify(map, null, 2) + '\n', 'utf8');
+}
+async function downloadBuffer(cid) {
+    const res = await (0, lighthouse_1.downloadFromLighthouseGateway)(cid, { verify: false });
+    // Check if it's an HTML directory listing (Lighthouse/IPFS gateway behavior)
+    // We sniff the first few bytes or check strings.
+    const preview = Buffer.from(res.bytes.slice(0, 500)).toString('utf8');
+    if (preview.trim().startsWith('<!DOCTYPE html') || preview.includes('Index of /ipfs/')) {
+        // Parse for the first file link
+        // Format: <a href="/ipfs/{cid}/{filename}">
+        // We look for the specific CID followed by a slash and a filename.
+        // Regex: href="/ipfs/CID/([^"]+)"
+        const regex = new RegExp(`href="/ipfs/${cid}/([^"]+)"`);
+        const match = preview.match(regex) || Buffer.from(res.bytes).toString('utf8').match(regex);
+        if (match && match[1]) {
+            const filename = match[1];
+            // Recurse with the path
+            // Note: We bypass verification because we are modifying the CID/path
+            return downloadBuffer(`${cid}/${filename}`);
+        }
+    }
+    return Buffer.from(res.bytes);
+}
+async function ensureEvmLayout(cwd, repoId) {
+    const witPath = path_1.default.join(cwd, '.wit');
+    await promises_1.default.mkdir(witPath, { recursive: true });
+    // Create Config
+    const cfg = {
+        repo_name: repoId,
+        repo_id: repoId,
+        chain: 'mantle',
+        chains: {
+            mantle: {
+                storage_backend: 'ipfs',
+                author: 'unknown',
+            }
+        },
+        network: 'testnet',
+        created_at: new Date().toISOString()
+    };
+    await (0, repo_1.writeRepoConfig)(witPath, cfg);
+    return witPath;
+}
+async function downloadCommitChainMantle(startId, witPath, map) {
+    const seen = new Set();
+    let current = startId;
+    while (current && !seen.has(current)) {
+        seen.add(current);
+        // Check if we already have it locally
+        if (map[current]) {
+            break;
+        }
+        let commitBuf;
+        const cachedPath = path_1.default.join(witPath, 'objects', 'commits', `${idToFileName(current)}.json`);
+        try {
+            const raw = await promises_1.default.readFile(cachedPath, 'utf8');
+            commitBuf = Buffer.from(raw, 'utf8');
+        }
+        catch (e) {
+            // eslint-disable-next-line no-console
+            console.log(ui_1.colors.gray(`Downloading commit ${current}...`));
+            commitBuf = await downloadBuffer(current);
+            await (0, fs_1.ensureDirForFile)(cachedPath);
+            await promises_1.default.writeFile(cachedPath, commitBuf.toString('utf8'), 'utf8');
+        }
+        let commit;
+        try {
+            commit = JSON.parse(commitBuf.toString('utf8'));
+        }
+        catch {
+            throw new Error(`Invalid commit JSON for ${current}`);
+        }
+        map[current] = current;
+        // Also ensure manifest is present
+        const manifestCid = commit.tree.manifest_cid || commit.tree.manifest_id;
+        if (manifestCid) {
+            const mPath = path_1.default.join(witPath, 'objects', 'manifests', `${idToFileName(manifestCid)}.json`);
+            try {
+                await promises_1.default.access(mPath);
+            }
+            catch {
+                // eslint-disable-next-line no-console
+                console.log(ui_1.colors.gray(`Downloading manifest ${manifestCid}...`));
+                const mBuf = await downloadBuffer(manifestCid);
+                await (0, fs_1.ensureDirForFile)(mPath);
+                await promises_1.default.writeFile(mPath, mBuf.toString('utf8'), 'utf8');
+            }
+        }
+        current = commit.parent;
+    }
+}
+// Helper needed for ID mapping locally if not imported
+function idToFileName(id) {
+    return id.replace(/\//g, '_').replace(/\+/g, '-');
+}

package/dist/lib/evmKeys.js

@@ -0,0 +1,218 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EVM_KEY_HOME = void 0;
+exports.createEvmKey = createEvmKey;
+exports.importEvmKey = importEvmKey;
+exports.listEvmKeys = listEvmKeys;
+exports.loadEvmKey = loadEvmKey;
+exports.readActiveEvmAddress = readActiveEvmAddress;
+exports.setActiveEvmAddress = setActiveEvmAddress;
+exports.normalizeEvmAddress = normalizeEvmAddress;
+exports.normalizeEvmAddressMaybe = normalizeEvmAddressMaybe;
+const promises_1 = __importDefault(require("fs/promises"));
+const os_1 = __importDefault(require("os"));
+const path_1 = __importDefault(require("path"));
+const ethers_1 = require("ethers");
+exports.EVM_KEY_HOME = process.env.WIT_EVM_KEY_HOME || path_1.default.join(os_1.default.homedir(), '.wit', 'keys-evm');
+const GLOBAL_CONFIG = path_1.default.join(os_1.default.homedir(), '.witconfig');
+const EVM_CHAIN_ID = 'mantle';
+async function createEvmKey(alias = 'default') {
+    const wallet = ethers_1.Wallet.createRandom();
+    const privateKey = wallet.privateKey;
+    const publicKey = wallet.signingKey.publicKey;
+    const address = normalizeEvmAddress(wallet.address);
+    const payload = {
+        scheme: 'SECP256K1',
+        chain: 'mantle',
+        privateKey,
+        publicKey,
+        address,
+        createdAt: new Date().toISOString(),
+        alias,
+    };
+    const file = keyPathFor(address);
+    await promises_1.default.mkdir(path_1.default.dirname(file), { recursive: true });
+    await promises_1.default.writeFile(file, JSON.stringify(payload, null, 2) + '\n', { encoding: 'utf8', mode: 0o600 });
+    await setActiveEvmAddress(address, { alias, updateAuthorIfUnknown: true });
+    return { address, privateKey: payload.privateKey, publicKey: payload.publicKey, file };
+}
+async function importEvmKey(privateKeyHex, alias = 'default') {
+    const privateKey = normalizePrivateKey(privateKeyHex);
+    const wallet = new ethers_1.Wallet(privateKey);
+    const publicKey = wallet.signingKey.publicKey;
+    const address = normalizeEvmAddress(wallet.address);
+    const payload = {
+        scheme: 'SECP256K1',
+        chain: 'mantle',
+        privateKey,
+        publicKey,
+        address,
+        createdAt: new Date().toISOString(),
+        alias,
+    };
+    const file = keyPathFor(address);
+    await promises_1.default.mkdir(path_1.default.dirname(file), { recursive: true });
+    await promises_1.default.writeFile(file, JSON.stringify(payload, null, 2) + '\n', { encoding: 'utf8', mode: 0o600 });
+    await setActiveEvmAddress(address, { alias, updateAuthorIfUnknown: true });
+    return { address, privateKey: payload.privateKey, publicKey: payload.publicKey, file };
+}
+async function listEvmKeys() {
+    let entries;
+    try {
+        entries = await promises_1.default.readdir(exports.EVM_KEY_HOME, { withFileTypes: true });
+    }
+    catch (err) {
+        if (err?.code === 'ENOENT')
+            return [];
+        throw err;
+    }
+    const keys = [];
+    for (const entry of entries) {
+        if (!entry.isFile() || !entry.name.endsWith('.key'))
+            continue;
+        const file = path_1.default.join(exports.EVM_KEY_HOME, entry.name);
+        try {
+            const parsed = await readKeyFile(file);
+            if (parsed.chain && parsed.chain !== 'mantle')
+                continue;
+            if (parsed.scheme !== 'SECP256K1')
+                continue;
+            keys.push({
+                address: normalizeEvmAddress(parsed.address),
+                alias: parsed.alias,
+                file,
+                createdAt: parsed.createdAt,
+            });
+        }
+        catch (err) {
+            // eslint-disable-next-line no-console
+            console.warn(`Skipping key ${file}: ${err.message}`);
+        }
+    }
+    return keys.sort((a, b) => (a.createdAt || '').localeCompare(b.createdAt || ''));
+}
+async function loadEvmKey(address) {
+    const resolvedAddress = address ? normalizeEvmAddress(address) : await readActiveEvmAddress();
+    if (!resolvedAddress) {
+        throw new Error('No active EVM address configured. Generate a key with `wit account generate` or set one with `wit account use`.');
+    }
+    const file = await findKeyFile(resolvedAddress);
+    if (!file) {
+        throw new Error(`Key file not found for address ${resolvedAddress}. Generate one with \`wit account generate\`.`);
+    }
+    const parsed = await readKeyFile(file);
+    return {
+        address: normalizeEvmAddress(parsed.address),
+        privateKey: parsed.privateKey,
+        publicKey: parsed.publicKey,
+        file,
+    };
+}
+async function readActiveEvmAddress() {
+    const cfg = await readGlobalConfig();
+    const fromMap = cfg.active_addresses?.[EVM_CHAIN_ID];
+    const normalized = normalizeEvmAddressMaybe(fromMap);
+    if (normalized)
+        return normalized;
+    const fromAuthor = cfg.authors?.[EVM_CHAIN_ID];
+    return normalizeEvmAddressMaybe(fromAuthor);
+}
+async function setActiveEvmAddress(address, opts) {
+    const normalized = normalizeEvmAddress(address);
+    await upsertGlobalConfig((cfg) => {
+        const next = { ...cfg };
+        if (!next.active_addresses)
+            next.active_addresses = {};
+        next.active_addresses[EVM_CHAIN_ID] = normalized;
+        if (opts?.alias) {
+            if (!next.key_aliases)
+                next.key_aliases = {};
+            next.key_aliases[EVM_CHAIN_ID] = opts.alias;
+        }
+        if (opts?.updateAuthorIfUnknown) {
+            if (!next.authors)
+                next.authors = {};
+            if (!next.authors[EVM_CHAIN_ID] || next.authors[EVM_CHAIN_ID] === 'unknown') {
+                next.authors[EVM_CHAIN_ID] = normalized;
+            }
+        }
+        return next;
+    });
+}
+function normalizeEvmAddress(address) {
+    if (!address) {
+        throw new Error('Invalid EVM address.');
+    }
+    try {
+        return (0, ethers_1.getAddress)(withHexPrefix(address));
+    }
+    catch {
+        throw new Error(`Invalid EVM address "${address}".`);
+    }
+}
+function normalizeEvmAddressMaybe(address) {
+    if (!address)
+        return null;
+    try {
+        return (0, ethers_1.getAddress)(withHexPrefix(address));
+    }
+    catch {
+        return null;
+    }
+}
+function keyPathFor(address) {
+    return path_1.default.join(exports.EVM_KEY_HOME, `${normalizeEvmAddress(address)}.key`);
+}
+async function findKeyFile(address) {
+    const file = keyPathFor(address);
+    try {
+        await promises_1.default.access(file);
+        return file;
+    }
+    catch (err) {
+        if (err?.code !== 'ENOENT')
+            throw err;
+    }
+    return null;
+}
+function normalizePrivateKey(input) {
+    const trimmed = input.trim();
+    const hex = trimmed.startsWith('0x') ? trimmed : `0x${trimmed}`;
+    if (!(0, ethers_1.isHexString)(hex, 32)) {
+        throw new Error('Invalid private key. Expected 32-byte hex.');
+    }
+    return hex;
+}
+function withHexPrefix(value) {
+    const trimmed = value.trim();
+    return trimmed.startsWith('0x') ? trimmed : `0x${trimmed}`;
+}
+async function readKeyFile(file) {
+    const raw = await promises_1.default.readFile(file, 'utf8');
+    const parsed = JSON.parse(raw);
+    if (!parsed.privateKey) {
+        throw new Error(`Missing privateKey in ${file}`);
+    }
+    return parsed;
+}
+async function readGlobalConfig() {
+    try {
+        const raw = await promises_1.default.readFile(GLOBAL_CONFIG, 'utf8');
+        return JSON.parse(raw);
+    }
+    catch (err) {
+        if (err?.code === 'ENOENT')
+            return {};
+        // eslint-disable-next-line no-console
+        console.warn(`Warning: could not read ${GLOBAL_CONFIG}: ${err.message}`);
+        return {};
+    }
+}
+async function upsertGlobalConfig(mutator) {
+    const cfg = await readGlobalConfig();
+    const next = mutator(cfg);
+    await promises_1.default.writeFile(GLOBAL_CONFIG, JSON.stringify(next, null, 2) + '\n', 'utf8');
+}

package/dist/lib/evmProvider.js

@@ -0,0 +1,88 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveMantleNetwork = resolveMantleNetwork;
+exports.resolveMantleRpcUrl = resolveMantleRpcUrl;
+exports.resolveMantleChainId = resolveMantleChainId;
+exports.resolveMantleConfig = resolveMantleConfig;
+exports.createMantleProvider = createMantleProvider;
+exports.loadMantleSigner = loadMantleSigner;
+exports.resolveEvmTxContext = resolveEvmTxContext;
+const ethers_1 = require("ethers");
+const evmKeys_1 = require("./evmKeys");
+const DEFAULT_RPC_URLS = {
+    testnet: 'https://rpc.sepolia.mantle.xyz',
+    mainnet: 'https://rpc.mantle.xyz',
+};
+const DEFAULT_CHAIN_IDS = {
+    testnet: 5003,
+    mainnet: 5000,
+};
+const DEFAULT_CHAIN_NAMES = {
+    testnet: 'mantle-sepolia',
+    mainnet: 'mantle',
+};
+function resolveMantleNetwork(input) {
+    return input === 'testnet' ? 'testnet' : 'mainnet';
+}
+function resolveMantleRpcUrl(network) {
+    return (process.env.WIT_MANTLE_RPC_URL ||
+        process.env.MANTLE_RPC_URL ||
+        DEFAULT_RPC_URLS[network]);
+}
+function resolveMantleChainId(network) {
+    const override = process.env.WIT_MANTLE_CHAIN_ID || process.env.MANTLE_CHAIN_ID;
+    if (override) {
+        const parsed = Number(override);
+        if (!Number.isNaN(parsed) && parsed > 0)
+            return parsed;
+    }
+    return DEFAULT_CHAIN_IDS[network];
+}
+function resolveMantleConfig(networkInput) {
+    const network = resolveMantleNetwork(networkInput);
+    return {
+        network,
+        chainId: resolveMantleChainId(network),
+        chainName: DEFAULT_CHAIN_NAMES[network],
+        rpcUrl: resolveMantleRpcUrl(network),
+    };
+}
+function createMantleProvider(networkInput) {
+    const config = resolveMantleConfig(networkInput);
+    return new ethers_1.JsonRpcProvider(config.rpcUrl, {
+        name: config.chainName,
+        chainId: config.chainId,
+    });
+}
+async function loadMantleSigner(networkInput, address) {
+    const config = resolveMantleConfig(networkInput);
+    const provider = new ethers_1.JsonRpcProvider(config.rpcUrl, {
+        name: config.chainName,
+        chainId: config.chainId,
+    });
+    const key = await (0, evmKeys_1.loadEvmKey)(address);
+    const signer = new ethers_1.Wallet(key.privateKey, provider);
+    return {
+        provider,
+        signer,
+        address: signer.address,
+        config,
+    };
+}
+async function resolveEvmTxContext(provider, address, tx) {
+    const [network, nonce, feeData] = await Promise.all([
+        provider.getNetwork(),
+        provider.getTransactionCount(address, 'pending'),
+        provider.getFeeData(),
+    ]);
+    let gasLimit;
+    if (tx) {
+        gasLimit = await provider.estimateGas({ ...tx, from: address });
+    }
+    return {
+        chainId: Number(network.chainId),
+        nonce,
+        feeData,
+        gasLimit,
+    };
+}