import { BaseCoin, BitGoBase, BitGoRequest, CoinConstructor, DecryptKeysOptions, DecryptOptions, EcdhDerivedKeypair, EncryptOptions, EnvironmentName, GetSharingKeyOptions, GetSigningKeyApi, IRequestTracer } from '@bitgo/sdk-core';
import { type IHmacAuthStrategy } from '@bitgo/sdk-hmac';
import { ECPairInterface } from '@bitgo/utxo-lib';
import * as superagent from 'superagent';
import { AccessTokenOptions, AddAccessTokenOptions, AddAccessTokenResponse, AuthenticateOptions, AuthenticateWithAuthCodeOptions, BitGoAPIOptions, BitGoJson, BitGoSimulateWebhookOptions, CalculateHmacSubjectOptions, CalculateRequestHeadersOptions, CalculateRequestHmacOptions, ChangePasswordOptions, Constants, DeprecatedVerifyAddressOptions, EstimateFeeOptions, ExtendTokenOptions, GetEcdhSecretOptions, GetUserOptions, ListWebhookNotificationsOptions, LoginResponse, PingOptions, ProcessedAuthenticationOptions, ReconstitutedSecret, ReconstituteSecretOptions, RegisterPushTokenOptions, RemoveAccessTokenOptions, RequestHeaders, RequestMethods, SplitSecret, SplitSecretOptions, TokenIssuance, TokenIssuanceResponse, UnlockOptions, User, VerifyPasswordOptions, VerifyPushTokenOptions, VerifyResponseInfo, VerifyResponseOptions, VerifyShardsOptions, WebhookOptions } from './types';
export declare class BitGoAPI implements BitGoBase {
    protected _keychains: any;
    protected _wallets: any;
    protected _markets?: any;
    protected _blockchain?: any;
    protected _travelRule?: any;
    protected _pendingApprovals?: any;
    protected static _constants: any;
    protected static _constantsExpire: any;
    protected static _testnetWarningMessage: boolean;
    readonly env: EnvironmentName;
    protected readonly _baseUrl: string;
    protected readonly _baseApiUrl: string;
    protected readonly _baseApiUrlV2: string;
    protected readonly _baseApiUrlV3: string;
    protected readonly _env: EnvironmentName;
    protected readonly _authVersion: Exclude<BitGoAPIOptions['authVersion'], undefined>;
    protected _hmacVerification: boolean;
    protected readonly _proxy?: string;
    protected _user?: User;
    protected _extensionKey?: ECPairInterface;
    protected _reqId?: IRequestTracer;
    protected _token?: string;
    protected _version: string;
    protected _userAgent?: string;
    protected _ecdhXprv?: string;
    protected _refreshToken?: string;
    protected readonly _clientId?: string;
    protected readonly _clientSecret?: string;
    protected _validate: boolean;
    readonly cookiesPropagationEnabled: boolean;
    private _customProxyAgent?;
    private _requestIdPrefix?;
    private getAdditionalHeadersCb?;
    protected _hmacAuthStrategy: IHmacAuthStrategy;
    constructor(params?: BitGoAPIOptions);
    /**
     * Initialize client constants if provided.
     * @param clientConstants - The client constants from params
     * @private
     */
    private _initializeClientConstants;
    /**
     * Get a superagent request for specified http method and URL configured to the SDK configuration
     * @param method - http method for the new request
     * @param url - URL for the new request
     */
    protected getAgentRequest(method: RequestMethods, url: string): superagent.SuperAgentRequest;
    /**
     * Create a basecoin object
     * @param name
     */
    coin(name: string): BaseCoin;
    /**
     * Return the current BitGo environment
     */
    getEnv(): EnvironmentName;
    /**
     * Return the current auth version used for requests to the BitGo server
     */
    getAuthVersion(): number;
    /**
     * Signs and sends a v2-authenticated request, then verifies the response HMAC.
     * Extracted from the req.then override in requestPatch to keep that method readable.
     */
    private _sendRequestWithHmac;
    /**
     * This is a patching function which can apply our authorization
     * headers to any outbound request.
     * @param method
     */
    private requestPatch;
    get(url: string): BitGoRequest;
    post(url: string): BitGoRequest;
    put(url: string): BitGoRequest;
    del(url: string): BitGoRequest;
    patch(url: string): BitGoRequest;
    options(url: string): BitGoRequest;
    /**
     * Calculate the HMAC for the given key and message
     * @param key {String} - the key to use for the HMAC
     * @param message {String} - the actual message to HMAC
     * @returns {*} - the result of the HMAC operation
     */
    calculateHMAC(key: string, message: string): string;
    /**
     * Calculate the subject string that is to be HMAC'ed for a HTTP request or response
     * @param urlPath request url, including query params
     * @param text request body text
     * @param timestamp request timestamp from `Date.now()`
     * @param statusCode Only set for HTTP responses, leave blank for requests
     * @param method request method
     * @returns {string | Buffer}
     */
    calculateHMACSubject<T extends string | Buffer = string>(params: CalculateHmacSubjectOptions<T>): T;
    /**
     * Calculate the HMAC for an HTTP request
     */
    calculateRequestHMAC(params: CalculateRequestHmacOptions): string;
    /**
     * Calculate request headers with HMAC
     */
    calculateRequestHeaders(params: CalculateRequestHeadersOptions): RequestHeaders;
    /**
     * Verify the HMAC for an HTTP response (synchronous, uses sdk-hmac directly).
     * Kept for backward compatibility with external callers.
     */
    verifyResponse(params: VerifyResponseOptions): VerifyResponseInfo;
    /**
     * Verify the HMAC for an HTTP response via the configured strategy (async).
     * Used internally by the request pipeline.
     */
    verifyResponseAsync(params: VerifyResponseOptions): Promise<VerifyResponseInfo>;
    /**
     * Fetch useful constant values from the BitGo server.
     * These values do change infrequently, so they need to be fetched,
     * but are unlikely to change during the lifetime of a BitGo object,
     * so they can safely cached.
     */
    fetchConstants(): Promise<Constants>;
    /**
     * Create a url for calling BitGo platform APIs
     * @param path
     * @param version
     */
    url(path: string, version?: number): string;
    /**
     * Create a url for calling BitGo microservice APIs
     */
    microservicesUrl(path: string): string;
    /**
     * Gets the version of the BitGoJS package
     */
    version(): string;
    /**
     * Test connectivity to the server
     * @param params
     */
    ping({ reqId }?: PingOptions): Promise<any>;
    /**
     * Set a request tracer to provide request IDs during multi-request workflows
     */
    setRequestTracer(reqTracer: IRequestTracer): void;
    /**
     * Utility function to encrypt locally.
     */
    encrypt(params: EncryptOptions): string;
    /**
     * Async encrypt that dispatches to v1 (SJCL) or v2 (Argon2id + AES-256-GCM)
     * based on `encryptionVersion`.
     */
    encryptAsync(params: EncryptOptions): Promise<string>;
    /**
     * Create an encryption session for multi-call operations.
     * Runs Argon2id once; all subsequent calls derive keys via HKDF.
     */
    createEncryptionSession(password: string): Promise<import("./encryptionSession").EncryptionSession>;
    /**
     * Decrypt an encrypted string locally.
     */
    decrypt(params: DecryptOptions): string;
    /**
     * Async decrypt that auto-detects v1 (SJCL) or v2 (Argon2id).
     * Migration path from sync decrypt() -- use this before the breaking release.
     */
    decryptAsync(params: DecryptOptions): Promise<string>;
    /**
     * Attempt to decrypt multiple wallet keys with the provided passphrase
     * @param {DecryptKeysOptions} params - Parameters object containing wallet key pairs and password
     * @param {Array<{walletId: string, encryptedPrv: string}>} params.walletIdEncryptedKeyPairs - Array of wallet ID and encrypted private key pairs
     * @param {string} params.password - The passphrase to attempt decryption with
     * @returns {string[]} - Array of wallet IDs for which decryption failed
     */
    decryptKeys(params: DecryptKeysOptions): string[];
    /**
     * Serialize this BitGo object to a JSON object.
     *
     * Caution: contains sensitive data
     */
    toJSON(): BitGoJson;
    /**
     * Get the current user
     */
    user(): User | undefined;
    /**
     * Deserialize a JSON serialized BitGo object.
     *
     * Overwrites the properties on the current BitGo object with
     * those of the deserialzed object.
     *
     * @param json
     */
    fromJSON(json: BitGoJson): void;
    /**
     * Process the username, password and otp into an object containing the username and hashed password, ready to
     * send to bitgo for authentication.
     */
    preprocessAuthenticationParams({ username, password, otp, forceSMS, extensible, trust, forReset2FA, initialHash, fingerprintHash, }: AuthenticateOptions): Promise<ProcessedAuthenticationOptions>;
    /**
     * Validate the passkey response is in the expected format
     * Should be as is returned from navigator.credentials.get()
     */
    validatePasskeyResponse(passkeyResponse: string): void;
    /**
     * Synchronous method for activating an access token.
     */
    authenticateWithAccessToken({ accessToken }: AccessTokenOptions): void;
    /**
     * Creates a new ECDH keychain for the user.
     * @param {string} loginPassword - The user's login password.
     * @returns {Promise<any>} - A promise that resolves with the new ECDH keychain data.
     * @throws {Error} - Throws an error if there is an issue creating the keychain.
     */
    createUserEcdhKeychain(loginPassword: string): Promise<any>;
    /**
     * Updates the user's settings with the provided parameters.
     * @param {Object} params - The parameters to update the user's settings with.
     * @returns {Promise<any>}
     * @throws {Error} - Throws an error if there is an issue updating the user's settings.
     */
    private updateUserSettings;
    /**
     * Ensures that the user's ECDH keychain is created for wallet sharing and TSS wallets.
     * If the keychain does not exist, it will be created and the user's settings will be updated.
     * @param {string} loginPassword - The user's login password.
     * @returns {Promise<any>} - A promise that resolves with the user's settings ensuring we have the ecdhKeychain in there.
     * @throws {Error} - Throws an error if there is an issue creating the keychain or updating the user's settings.
     */
    private ensureUserEcdhKeychainIsCreated;
    /**
     * Login to the bitgo platform.
     */
    authenticate(params: AuthenticateOptions): Promise<LoginResponse | any>;
    /**
     * Login to the bitgo platform with passkey.
     */
    authenticateWithPasskey(passkey: string, initialHash?: string, fingerprintHash?: string): Promise<LoginResponse | any>;
    /**
     *
     * @param responseBody Response body object
     * @param password Password for the symmetric decryption
     */
    handleTokenIssuance(responseBody: TokenIssuanceResponse, password?: string): TokenIssuance;
    /**
     */
    verifyPassword(params?: VerifyPasswordOptions): Promise<any>;
    /**
     * Clear out all state from this BitGo object, effectively logging out the current user.
     */
    clear(): void;
    clearAsync(): Promise<void>;
    /**
     * Use refresh token to get new access token.
     * If the refresh token is null/defined, then we use the stored token from auth
     */
    refreshToken(params?: {
        refreshToken?: string;
    }): Promise<any>;
    /**
     *
     * listAccessTokens
     * Get information on all of the BitGo access tokens on the user
     * @return {
     *  id: <id of the token>
     *  label: <the user-provided label for this token>
     *  user: <id of the user on the token>
     *  enterprise <id of the enterprise this token is valid for>
     *  client: <the auth client that this token belongs to>
     *  scope: <list of allowed OAuth scope values>
     *  created: <date the token was created>
     *  expires: <date the token will expire>
     *  origin: <the origin for which this token is valid>
     *  isExtensible: <flag indicating if the token can be extended>
     *  extensionAddress: <address whose private key's signature is necessary for extensions>
     *  unlock: <info for actions that require an unlock before firing>
     * }
     */
    listAccessTokens(): Promise<any>;
    /**
     * addAccessToken
     * Add a BitGo API Access Token to the current user account
     * @param params {
     *    otp: (required) <valid otp code>
     *    label: (required) <label for the token>
     *    duration: <length of time in seconds the token will be valid for>
     *    ipRestrict: <array of IP address strings to whitelist>
     *    txValueLimit: <number of outgoing satoshis allowed on this token>
     *    scope: (required) <authorization scope of the requested token>
     * }
     * @return {
     *    id: <id of the token>
     *    token: <access token hex string to be used for BitGo API request verification>
     *    label: <user-provided label for this token>
     *    user: <id of the user on the token>
     *    enterprise <id of the enterprise this token is valid for>
     *    client: <the auth client that this token belongs to>
     *    scope: <list of allowed OAuth scope values>
     *    created: <date the token was created>
     *    expires: <date the token will expire>
     *    origin: <the origin for which this token is valid>
     *    isExtensible: <flag indicating if the token can be extended>
     *    extensionAddress: <address whose private key's signature is necessary for extensions>
     *    unlock: <info for actions that require an unlock before firing>
     * }
     */
    addAccessToken(params: AddAccessTokenOptions): Promise<AddAccessTokenResponse>;
    /**
     * Sets the expire time of an access token matching either the id or label to the current date, effectively deleting it
     *
     * Params:
     * id: <id of the access token to be deleted>
     * label: <label of the access token to be deleted>
     *
     * Returns:
     * id: <id of the token>
     * label: <user-provided label for this token>
     * user: <id of the user on the token>
     * enterprise <id of the enterprise this token is valid for>
     * client: <the auth client that this token belongs to>
     * scope: <list of allowed OAuth scope values>
     * created: <date the token was created>
     * expires: <date the token will expire>
     * origin: <the origin for which this token is valid>
     * isExtensible: <flag indicating if the token can be extended>
     * extensionAddress: <address whose private key's signature is ne*cessary for extensions>
     * unlock: <info for actions that require an unlock before firing>
     * @param params
     */
    removeAccessToken({ id, label }: RemoveAccessTokenOptions): Promise<any>;
    /**
     * Generate a random password
     * @param   {Number} numWords     Number of 32-bit words
     * @returns {String}          base58 random password
     */
    generateRandomPassword(numWords?: number): string;
    /**
     * Logout of BitGo
     */
    logout(): Promise<any>;
    /**
     * Get a user by ID (name/email only)
     * @param id
     *
     * @deprecated
     */
    getUser({ id }: GetUserOptions): Promise<any>;
    /**
     * Get the current logged in user
     */
    me(): Promise<any>;
    /**
     * Unlock the session by providing OTP
     * @param {string} otp Required OTP code for the account.
     * @param {number} duration Desired duration of the unlock in seconds (default=600, max=3600).
     */
    unlock({ otp, duration }: UnlockOptions): Promise<any>;
    /**
     * Lock the session
     */
    lock(): Promise<any>;
    /**
     * Get the current session
     */
    session(): Promise<any>;
    /**
     * Trigger a push/sms for the OTP code
     * @param {boolean} params.forceSMS If set to true, will use SMS to send the OTP to the user even if they have other 2FA method set up.
     * @deprecated
     */
    sendOTP(params?: {
        forceSMS?: boolean;
    }): Promise<any>;
    /**
     * Extend token, provided the current token is extendable
     * @param params
     * - duration: duration in seconds by which to extend the token, starting at the current time
     */
    extendToken(params?: ExtendTokenOptions): Promise<any>;
    /**
     * Get a key for sharing a wallet with a user
     * @param email email of user to share wallet with
     */
    getSharingKey({ email }: GetSharingKeyOptions): Promise<any>;
    /**
     * Users that want to sign with a key will use this api to fetch the keychain and the path.
     * Users that want to verify a signature will use this api to fetch another users ecdh pubkey.
     * Note: If the user id is not provided, it will default to getting the current user's keychain.
     * @param bitgo
     * @param enterpriseId
     * @param userId
     */
    getSigningKeyForUser(enterpriseId: string, userId?: string): Promise<GetSigningKeyApi>;
    /**
     *
     */
    getValidate(): boolean;
    /**
     *
     */
    setValidate(validate: boolean): void;
    /**
     * Register a new coin instance with its builder factory
     * @param {string} name coin name as it was registered in @bitgo/statics
     * @param {CoinConstructor} coin the builder factory class for that coin
     * @returns {void}
     */
    register(name: string, coin: CoinConstructor): void;
    /**
     * Get bitcoin market data
     *
     * @deprecated
     */
    markets(): any;
    /**
     * Get the latest bitcoin prices
     * (Deprecated: Will be removed in the future) use `bitgo.markets().latest()`
     * @deprecated
     */
    market(): Promise<any>;
    /**
     * Get market data from yesterday
     * (Deprecated: Will be removed in the future) use bitgo.markets().yesterday()
     * @deprecated
     */
    yesterday(): Promise<any>;
    /**
     * Get the blockchain object.
     * @deprecated
     */
    blockchain(): any;
    /**
     * Get the user's keychains object.
     * @deprecated
     */
    keychains(): any;
    /**
     * Get the travel rule object
     * @deprecated
     */
    travelRule(): any;
    /**
     * Get the user's wallets object.
     * @deprecated
     */
    wallets(): any;
    /**
     * Get pending approvals that can be approved/ or rejected
     * @deprecated
     */
    pendingApprovals(): any;
    /**
     * A factory method to create a new Wallet object, initialized with the wallet params
     * Can be used to reconstitute a wallet from cached data
     * @param walletParams
     * @deprecated
     */
    newWalletObject(walletParams: any): any;
    /**
     * V1 method for calculating miner fee amounts, given the number and
     * type of transaction inputs, along with a fee rate in satoshis per vkB.
     *
     * This method should not be used for new code.
     *
     * @deprecated
     * @param params
     * @return {any}
     */
    calculateMinerFeeInfo(params: any): Promise<any>;
    /**
     * Verify a Bitcoin address is a valid base58 address
     * @deprecated
     */
    verifyAddress(params?: DeprecatedVerifyAddressOptions): boolean;
    /**
     * Split a secret into shards using Shamir Secret Sharing.
     * @param seed A hexadecimal secret to split
     * @param passwords An array of the passwords used to encrypt each share
     * @param m The threshold number of shards necessary to reconstitute the secret
     */
    splitSecret({ seed, passwords, m }: SplitSecretOptions): SplitSecret;
    /**
     * Reconstitute a secret which was sharded with `splitSecret`.
     * @param shards
     * @param passwords
     */
    reconstituteSecret({ shards, passwords }: ReconstituteSecretOptions): ReconstitutedSecret;
    /**
     *
     * @param shards
     * @param passwords
     * @param m
     * @param xpub Optional xpub to verify the results against
     */
    verifyShards({ shards, passwords, m, xpub }: VerifyShardsOptions): boolean;
    /**
     * @deprecated - use `getSharedSecret()`
     */
    getECDHSecret({ otherPubKeyHex, eckey }: GetEcdhSecretOptions): string;
    /**
     * Gets the user's private ECDH keychain
     */
    getECDHKeychain(ecdhKeychainPub?: string): Promise<any>;
    /**
     * Returns the user derived public and private ECDH keypair
     * @param password password to decrypt the user's ECDH encrypted private key
     * @param entId? optional enterprise id to check for permissions
     */
    getEcdhKeypairPrivate(password: string, entId: string): Promise<EcdhDerivedKeypair>;
    /**
     * @param params
     * - operatingSystem: one of ios, android
     * - pushToken: hex-formatted token for the respective native push notification service
     * @returns {*}
     * @deprecated
     */
    registerPushToken(params: RegisterPushTokenOptions): Promise<any>;
    /**
     * @param params
     * - pushVerificationToken: the token received via push notification to confirm the device's mobility
     * @deprecated
     */
    verifyPushToken(params: VerifyPushTokenOptions): Promise<any>;
    /**
     * Login to the bitgo system using an authcode generated via Oauth
     */
    authenticateWithAuthCode(params: AuthenticateWithAuthCodeOptions): Promise<any>;
    /**
     * Change the password of the currently logged in user.
     * Also change all v1 and v2 keychain passwords if they match the
     * given oldPassword. Returns nothing on success.
     * @param oldPassword {String} - the current password
     * @param newPassword {String} - the new password
     */
    changePassword({ oldPassword, newPassword }: ChangePasswordOptions): Promise<any>;
    /**
     * Get all the address labels on all of the user's wallets
     *
     * @deprecated
     */
    labels(): Promise<any>;
    /**
     * Estimates approximate fee per kb needed for a tx to get into a block
     * @param {number} params.numBlocks target blocks for the transaction to be confirmed
     * @param {number} params.maxFee maximum fee willing to be paid (for safety)
     * @param {array[string]} params.inputs list of unconfirmed txIds from which this transaction uses inputs
     * @param {number} params.txSize estimated transaction size in bytes, optional parameter used for CPFP estimation.
     * @param {boolean} params.cpfpAware flag indicating fee should take into account CPFP
     * @deprecated
     */
    estimateFee(params?: EstimateFeeOptions): Promise<any>;
    /**
     * Get BitGo's guarantee using an instant id
     * @param params
     * @deprecated
     */
    instantGuarantee(params: {
        id: string;
    }): Promise<any>;
    /**
     * Get a target address for payment of a BitGo fee
     * @deprecated
     */
    getBitGoFeeAddress(): Promise<any>;
    /**
     * Gets an address object (including the wallet id) for a given address.
     * @param {string} params.address The address to look up.
     * @deprecated
     */
    getWalletAddress({ address }: {
        address: string;
    }): Promise<any>;
    /**
     * Fetch list of user webhooks
     *
     * @returns {*}
     * @deprecated
     */
    listWebhooks(): Promise<any>;
    /**
     * Add new user webhook
     *
     * @param params
     * @returns {*}
     * @deprecated
     */
    addWebhook(params: WebhookOptions): Promise<any>;
    /**
     * Remove user webhook
     *
     * @param params
     * @returns {*}
     * @deprecated
     */
    removeWebhook(params: WebhookOptions): Promise<any>;
    /**
     * Fetch list of webhook notifications for the user
     *
     * @param params
     * @returns {*}
     */
    listWebhookNotifications(params?: ListWebhookNotificationsOptions): Promise<any>;
    /**
     * Simulate a user webhook
     *
     * @param params
     * @returns {*}
     */
    simulateWebhook(params: BitGoSimulateWebhookOptions): Promise<any>;
    /**
     * Synchronously get constants which are relevant to the client.
     *
     * Note: This function has a known race condition. It may return different values over time,
     * especially if called shortly after creation of the BitGo object.
     *
     * New code should call fetchConstants() directly instead.
     *
     * @deprecated
     * @return {Object} The client constants object
     */
    getConstants(): any;
    /**
     * Execute an asset request which does not need HMAC validation
     * @param url The URL for the asset request
     * @returns {Promise<any>} The response body
     */
    protected executeAssetRequest(url: string): Promise<any>;
    /**
     * Pack keychains into batches using First Fit Decreasing (FFD) algorithm.
     *
     * @param keychains - V1 keychains
     * @param v2Keychains - V2 keychains
     * @param maxBatchSizeBytes - Maximum byte size per batch
     * @private
     */
    private packKeychainsFFD;
    /**
     * Process keychain password updates in batches with retry logic.
     * Uses First Fit Decreasing (FFD) bin packing to ensure no batch exceeds
     * maxBatchSizeKB
     *
     * @param keychains - The v1 keychains to update
     * @param v2Keychains - The v2 keychains to update
     * @param maxBatchSizeKB - Maximum payload size per batch in kilobytes
     * @param maxRetries - Maximum number of retries per batch
     * @private
     */
    private processKeychainPasswordUpdatesInBatches;
}
//# sourceMappingURL=bitgoAPI.d.ts.map