{"version":3,"sources":["../../src/auth-capture/constants.ts","../../src/auth-capture/client/scheme.ts","../../src/auth-capture/nonce.ts","../../src/auth-capture/utils.ts"],"sourcesContent":["// Scheme identifier for the auth-capture payment scheme.\nexport const AUTH_CAPTURE_SCHEME = \"auth-capture\" as const;\n\n// Canonical AuthCaptureEscrow + token collector deployments from\n// base/commerce-payments (https://github.com/base/commerce-payments). These are\n// the audited, live addresses listed in the upstream README and are the source\n// of truth for this scheme. They are universal constants, not configurable per\n// merchant.\nexport const AUTH_CAPTURE_ESCROW_ADDRESS =\n  \"0xBdEA0D1bcC5966192B070Fdf62aB4EF5b4420cff\" as const satisfies `0x${string}`;\nexport const EIP3009_TOKEN_COLLECTOR_ADDRESS =\n  \"0x0E3dF9510de65469C4518D7843919c0b8C7A7757\" as const satisfies `0x${string}`;\nexport const PERMIT2_TOKEN_COLLECTOR_ADDRESS =\n  \"0x992476B9Ee81d52a5BdA0622C333938D0Af0aB26\" as const satisfies `0x${string}`;\n\n// ERC-3009 ReceiveWithAuthorization EIP-712 types\nexport const RECEIVE_AUTHORIZATION_TYPES = {\n  ReceiveWithAuthorization: [\n    { name: \"from\", type: \"address\" },\n    { name: \"to\", type: \"address\" },\n    { name: \"value\", type: \"uint256\" },\n    { name: \"validAfter\", type: \"uint256\" },\n    { name: \"validBefore\", type: \"uint256\" },\n    { name: \"nonce\", type: \"bytes32\" },\n  ],\n} as const;\n\n// Uniswap Permit2 PermitTransferFrom EIP-712 types\nexport const PERMIT2_TRANSFER_FROM_TYPES = {\n  PermitTransferFrom: [\n    { name: \"permitted\", type: \"TokenPermissions\" },\n    { name: \"spender\", type: \"address\" },\n    { name: \"nonce\", type: \"uint256\" },\n    { name: \"deadline\", type: \"uint256\" },\n  ],\n  TokenPermissions: [\n    { name: \"token\", type: \"address\" },\n    { name: \"amount\", type: \"uint256\" },\n  ],\n} as const;\n","/**\n * AuthCapture Scheme - Client\n * Builds payment payloads for auth-capture payments.\n *\n * Implements x402's SchemeNetworkClient interface so it can be registered\n * on an x402Client via client.register('eip155:84532', new AuthCaptureEvmScheme(signer)).\n */\n\nimport type {\n  PaymentPayloadContext,\n  PaymentPayloadResult,\n  PaymentRequirements,\n  SchemeNetworkClient,\n} from \"@x402/core/types\";\nimport type { ClientEvmSigner } from \"../../signer\";\nimport { hexToBigInt } from \"viem\";\nimport {\n  AUTH_CAPTURE_SCHEME,\n  EIP3009_TOKEN_COLLECTOR_ADDRESS,\n  PERMIT2_TOKEN_COLLECTOR_ADDRESS,\n} from \"../constants\";\nimport {\n  computePayerAgnosticPaymentInfoHash,\n  generateSalt,\n  signERC3009,\n  signPermit2,\n} from \"../nonce\";\nimport type { AuthCaptureExtra, Eip3009Payload, PaymentInfoStruct, Permit2Payload } from \"../types\";\nimport { parseChainId } from \"../utils\";\n\n/**\n * Client-side implementation of the auth-capture scheme: derives the canonical\n * payer-agnostic PaymentInfo hash, signs an ERC-3009 ReceiveWithAuthorization\n * (default) or a Permit2 PermitTransferFrom against it, and returns a wire\n * payload the facilitator can settle. Implements `SchemeNetworkClient`.\n */\nexport class AuthCaptureEvmScheme implements SchemeNetworkClient {\n  readonly scheme = AUTH_CAPTURE_SCHEME;\n\n  /**\n   * Construct a client-side auth-capture scheme bound to a specific signer.\n   *\n   * @param signer - Client-side signer that exposes `address` and `signTypedData`.\n   */\n  constructor(private readonly signer: ClientEvmSigner) {}\n\n  /**\n   * Build and sign an auth-capture payment payload for the given requirements.\n   * Validates all spec-mandated `extra` fields and the asset-transfer method\n   * (default `eip3009`, alternative `permit2`), reconstructs the on-chain\n   * PaymentInfo struct, computes its payer-agnostic hash, and returns the\n   * signed wire payload.\n   *\n   * @param x402Version - Wire protocol version; only `2` is supported.\n   * @param requirements - Resource server's payment requirements (includes scheme `extra`).\n   * @param _ - Unused FacilitatorContext (interface compatibility).\n   * @returns The signed wire payload tagged with the x402 protocol version.\n   * @throws If `x402Version !== 2` or any required `extra` field is missing.\n   */\n  async createPaymentPayload(\n    x402Version: number,\n    requirements: PaymentRequirements,\n    _?: PaymentPayloadContext,\n  ): Promise<PaymentPayloadResult> {\n    if (x402Version !== 2) {\n      throw new Error(`Unsupported x402Version: ${x402Version}. Only version 2 is supported.`);\n    }\n\n    const extra = requirements.extra as unknown as AuthCaptureExtra;\n\n    // Validate required EIP-712 token-domain parameters\n    if (!extra.name) {\n      throw new Error(\n        `EIP-712 domain parameter 'name' is required in payment requirements for asset ${requirements.asset}`,\n      );\n    }\n    if (!extra.version) {\n      throw new Error(\n        `EIP-712 domain parameter 'version' is required in payment requirements for asset ${requirements.asset}`,\n      );\n    }\n    if (!extra.captureAuthorizer) {\n      throw new Error(`'captureAuthorizer' is required in payment requirements extra`);\n    }\n    if (!extra.feeRecipient) {\n      throw new Error(`'feeRecipient' is required in payment requirements extra`);\n    }\n    if (typeof extra.captureDeadline !== \"number\") {\n      throw new Error(`'captureDeadline' is required in payment requirements extra`);\n    }\n    if (typeof extra.refundDeadline !== \"number\") {\n      throw new Error(`'refundDeadline' is required in payment requirements extra`);\n    }\n    if (typeof extra.minFeeBps !== \"number\") {\n      throw new Error(`'minFeeBps' is required in payment requirements extra`);\n    }\n    if (typeof extra.maxFeeBps !== \"number\") {\n      throw new Error(`'maxFeeBps' is required in payment requirements extra`);\n    }\n    if (typeof requirements.maxTimeoutSeconds !== \"number\") {\n      throw new Error(\n        `'maxTimeoutSeconds' is required in PaymentRequirements (used to derive preApprovalExpiry)`,\n      );\n    }\n\n    const chainId = parseChainId(requirements.network);\n    const maxAmount = requirements.amount;\n    const nowSeconds = Math.floor(Date.now() / 1000);\n    const preApprovalExpiry = nowSeconds + requirements.maxTimeoutSeconds;\n    const salt = generateSalt();\n    const assetTransferMethod = extra.assetTransferMethod ?? \"eip3009\";\n\n    // Build the canonical PaymentInfo struct (Solidity field names — do not rename).\n    const paymentInfo: PaymentInfoStruct = {\n      operator: extra.captureAuthorizer,\n      payer: this.signer.address,\n      receiver: requirements.payTo as `0x${string}`,\n      token: requirements.asset as `0x${string}`,\n      maxAmount,\n      preApprovalExpiry,\n      authorizationExpiry: extra.captureDeadline,\n      refundExpiry: extra.refundDeadline,\n      minFeeBps: extra.minFeeBps,\n      maxFeeBps: extra.maxFeeBps,\n      feeReceiver: extra.feeRecipient,\n      salt,\n    };\n\n    // Payer-agnostic PaymentInfo hash — used as ERC-3009 nonce or Permit2 nonce.\n    const nonce = computePayerAgnosticPaymentInfoHash(chainId, paymentInfo);\n\n    if (assetTransferMethod === \"permit2\") {\n      const permit2Authorization: Permit2Payload[\"permit2Authorization\"] = {\n        from: this.signer.address,\n        permitted: {\n          token: requirements.asset as `0x${string}`,\n          amount: maxAmount,\n        },\n        spender: PERMIT2_TOKEN_COLLECTOR_ADDRESS,\n        nonce: hexToBigInt(nonce).toString(),\n        deadline: String(preApprovalExpiry),\n      };\n      const signature = await signPermit2(this.signer, permit2Authorization, chainId);\n      const payload: Permit2Payload = { permit2Authorization, signature, salt };\n      return { x402Version, payload: payload as unknown as Record<string, unknown> };\n    }\n\n    // Default: EIP-3009 ReceiveWithAuthorization to the canonical EIP-3009 token collector.\n    const authorization: Eip3009Payload[\"authorization\"] = {\n      from: this.signer.address,\n      to: EIP3009_TOKEN_COLLECTOR_ADDRESS,\n      value: maxAmount,\n      validAfter: \"0\",\n      validBefore: String(preApprovalExpiry),\n      nonce,\n    };\n    const signature = await signERC3009(\n      this.signer,\n      authorization,\n      extra,\n      requirements.asset as `0x${string}`,\n      chainId,\n    );\n    const payload: Eip3009Payload = { authorization, signature, salt };\n    return { x402Version, payload: payload as unknown as Record<string, unknown> };\n  }\n}\n","/**\n * Nonce computation, salt generation, and signing helpers.\n */\n\nimport { encodeAbiParameters, getAddress, keccak256, toHex, zeroAddress } from \"viem\";\nimport type { ClientEvmSigner } from \"../signer\";\nimport { PERMIT2_ADDRESS } from \"../constants\";\nimport {\n  AUTH_CAPTURE_ESCROW_ADDRESS,\n  PERMIT2_TRANSFER_FROM_TYPES,\n  RECEIVE_AUTHORIZATION_TYPES,\n} from \"./constants\";\nimport type { AuthCaptureExtra, Eip3009Payload, PaymentInfoStruct, Permit2Payload } from \"./types\";\n\n/**\n * PaymentInfo typehash — must match AuthCaptureEscrow.PAYMENT_INFO_TYPEHASH.\n */\nconst PAYMENT_INFO_TYPEHASH = keccak256(\n  new TextEncoder().encode(\n    \"PaymentInfo(address operator,address payer,address receiver,address token,uint120 maxAmount,uint48 preApprovalExpiry,uint48 authorizationExpiry,uint48 refundExpiry,uint16 minFeeBps,uint16 maxFeeBps,address feeReceiver,uint256 salt)\",\n  ),\n);\n\n/**\n * Compute the payer-agnostic PaymentInfo hash that auth-capture uses as both\n * the ERC-3009 nonce (`bytes32`) and the Permit2 nonce (`uint256`, via the\n * same 32 bytes interpreted as an integer). The payer field is zeroed before\n * hashing so the facilitator can reconstruct the same hash on the verify side\n * without knowing payer identity in advance.\n *\n * Freshness comes from `paymentInfo.salt`; generate a new salt per signing\n * call via `generateSalt`. Identical extras + same salt would collide across\n * payers.\n *\n * @param chainId - EVM chain id; binds the hash to a specific chain.\n * @param paymentInfo - The reconstructed PaymentInfo struct (canonical Solidity field names).\n * @returns The 32-byte hash to use as the nonce on the wire.\n */\nexport function computePayerAgnosticPaymentInfoHash(\n  chainId: number,\n  paymentInfo: PaymentInfoStruct,\n): `0x${string}` {\n  const paymentInfoEncoded = encodeAbiParameters(\n    [\n      { name: \"typehash\", type: \"bytes32\" },\n      { name: \"operator\", type: \"address\" },\n      { name: \"payer\", type: \"address\" },\n      { name: \"receiver\", type: \"address\" },\n      { name: \"token\", type: \"address\" },\n      { name: \"maxAmount\", type: \"uint120\" },\n      { name: \"preApprovalExpiry\", type: \"uint48\" },\n      { name: \"authorizationExpiry\", type: \"uint48\" },\n      { name: \"refundExpiry\", type: \"uint48\" },\n      { name: \"minFeeBps\", type: \"uint16\" },\n      { name: \"maxFeeBps\", type: \"uint16\" },\n      { name: \"feeReceiver\", type: \"address\" },\n      { name: \"salt\", type: \"uint256\" },\n    ],\n    [\n      PAYMENT_INFO_TYPEHASH,\n      paymentInfo.operator,\n      zeroAddress,\n      paymentInfo.receiver,\n      paymentInfo.token,\n      BigInt(paymentInfo.maxAmount),\n      paymentInfo.preApprovalExpiry,\n      paymentInfo.authorizationExpiry,\n      paymentInfo.refundExpiry,\n      paymentInfo.minFeeBps,\n      paymentInfo.maxFeeBps,\n      paymentInfo.feeReceiver,\n      BigInt(paymentInfo.salt),\n    ],\n  );\n  const paymentInfoHash = keccak256(paymentInfoEncoded);\n\n  const outerEncoded = encodeAbiParameters(\n    [\n      { name: \"chainId\", type: \"uint256\" },\n      { name: \"escrow\", type: \"address\" },\n      { name: \"paymentInfoHash\", type: \"bytes32\" },\n    ],\n    [BigInt(chainId), AUTH_CAPTURE_ESCROW_ADDRESS, paymentInfoHash],\n  );\n\n  return keccak256(outerEncoded);\n}\n\n/**\n * Sign an ERC-3009 `ReceiveWithAuthorization` over the supplied authorization\n * fields. The EIP-712 domain is bound to the **token contract** (not the\n * escrow), so the token's `name` and `version` come from `extra` because they\n * vary per asset (e.g. `\"USDC\"` on Sepolia vs `\"USD Coin\"` on mainnet).\n *\n * @param signer - Client signer with `signTypedData`.\n * @param authorization - The ERC-3009 authorization to sign.\n * @param extra - Carries the token EIP-712 domain `name` + `version`.\n * @param tokenAddress - Address of the token contract (verifyingContract in the domain).\n * @param chainId - EVM chain id (chainId in the domain).\n * @returns The 65-byte ECDSA signature (or EIP-1271 / EIP-6492 envelope, depending on the signer).\n */\nexport async function signERC3009(\n  signer: ClientEvmSigner,\n  authorization: Eip3009Payload[\"authorization\"],\n  extra: AuthCaptureExtra,\n  tokenAddress: `0x${string}`,\n  chainId: number,\n): Promise<`0x${string}`> {\n  const domain = {\n    name: extra.name,\n    version: extra.version,\n    chainId,\n    verifyingContract: getAddress(tokenAddress),\n  };\n\n  const message = {\n    from: getAddress(authorization.from),\n    to: getAddress(authorization.to),\n    value: BigInt(authorization.value),\n    validAfter: BigInt(authorization.validAfter),\n    validBefore: BigInt(authorization.validBefore),\n    nonce: authorization.nonce,\n  };\n\n  return signer.signTypedData({\n    domain,\n    types: RECEIVE_AUTHORIZATION_TYPES,\n    primaryType: \"ReceiveWithAuthorization\",\n    message,\n  });\n}\n\n/**\n * Sign a Permit2 `PermitTransferFrom` over the supplied permit fields. Domain\n * is bound to the canonical Permit2 contract. No witness struct is needed —\n * the deterministic nonce (the payer-agnostic PaymentInfo hash, packed into\n * uint256) cryptographically binds all payment parameters including receiver,\n * amount, and deadlines.\n *\n * @param signer - Client signer with `signTypedData`.\n * @param permit - The Permit2 PermitTransferFrom message to sign.\n * @param chainId - EVM chain id (chainId in the Permit2 domain).\n * @returns The 65-byte ECDSA signature (or EIP-1271 / EIP-6492 envelope, depending on the signer).\n */\nexport async function signPermit2(\n  signer: ClientEvmSigner,\n  permit: Permit2Payload[\"permit2Authorization\"],\n  chainId: number,\n): Promise<`0x${string}`> {\n  const domain = {\n    name: \"Permit2\",\n    chainId,\n    verifyingContract: PERMIT2_ADDRESS,\n  };\n\n  const message = {\n    permitted: {\n      token: getAddress(permit.permitted.token),\n      amount: BigInt(permit.permitted.amount),\n    },\n    spender: getAddress(permit.spender),\n    nonce: BigInt(permit.nonce),\n    deadline: BigInt(permit.deadline),\n  };\n\n  return signer.signTypedData({\n    domain,\n    types: PERMIT2_TRANSFER_FROM_TYPES,\n    primaryType: \"PermitTransferFrom\",\n    message,\n  });\n}\n\n/**\n * Generate a fresh cryptographically-random 32-byte salt. MUST be called once\n * per signing request — never reuse across requests. Freshness is required\n * because the nonce derivation zeroes the payer field; identical extras with\n * the same salt would collide across payers.\n *\n * @returns A new 32-byte salt as a `0x`-prefixed hex string.\n */\nexport function generateSalt(): `0x${string}` {\n  const bytes = new Uint8Array(32);\n  crypto.getRandomValues(bytes);\n  return toHex(bytes);\n}\n","/**\n * Parse chainId from CAIP-2 network identifier\n *\n * @param network - CAIP-2 network identifier (e.g., 'eip155:84532')\n * @returns The chain ID as a number\n */\nexport function parseChainId(network: string): number {\n  const parts = network.split(\":\");\n  if (parts.length !== 2 || parts[0] !== \"eip155\") {\n    throw new Error(`Invalid network format: ${network}. Expected 'eip155:<chainId>'`);\n  }\n  const chainId = parseInt(parts[1], 10);\n  if (isNaN(chainId)) {\n    throw new Error(`Invalid chainId in network: ${network}`);\n  }\n  return chainId;\n}\n"],"mappings":";;;;;AACO,IAAM,sBAAsB;AAO5B,IAAM,8BACX;AACK,IAAM,kCACX;AACK,IAAM,kCACX;AAGK,IAAM,8BAA8B;AAAA,EACzC,0BAA0B;AAAA,IACxB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC,EAAE,MAAM,MAAM,MAAM,UAAU;AAAA,IAC9B,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,cAAc,MAAM,UAAU;AAAA,IACtC,EAAE,MAAM,eAAe,MAAM,UAAU;AAAA,IACvC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,EACnC;AACF;AAGO,IAAM,8BAA8B;AAAA,EACzC,oBAAoB;AAAA,IAClB,EAAE,MAAM,aAAa,MAAM,mBAAmB;AAAA,IAC9C,EAAE,MAAM,WAAW,MAAM,UAAU;AAAA,IACnC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,EACtC;AAAA,EACA,kBAAkB;AAAA,IAChB,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,EACpC;AACF;;;ACxBA,SAAS,mBAAmB;;;ACX5B,SAAS,qBAAqB,YAAY,WAAW,OAAO,mBAAmB;AAa/E,IAAM,wBAAwB;AAAA,EAC5B,IAAI,YAAY,EAAE;AAAA,IAChB;AAAA,EACF;AACF;AAiBO,SAAS,oCACd,SACA,aACe;AACf,QAAM,qBAAqB;AAAA,IACzB;AAAA,MACE,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,MACpC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,MACpC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,MACjC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,MACpC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,MACjC,EAAE,MAAM,aAAa,MAAM,UAAU;AAAA,MACrC,EAAE,MAAM,qBAAqB,MAAM,SAAS;AAAA,MAC5C,EAAE,MAAM,uBAAuB,MAAM,SAAS;AAAA,MAC9C,EAAE,MAAM,gBAAgB,MAAM,SAAS;AAAA,MACvC,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,MACpC,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,MACpC,EAAE,MAAM,eAAe,MAAM,UAAU;AAAA,MACvC,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAClC;AAAA,IACA;AAAA,MACE;AAAA,MACA,YAAY;AAAA,MACZ;AAAA,MACA,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,OAAO,YAAY,SAAS;AAAA,MAC5B,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,OAAO,YAAY,IAAI;AAAA,IACzB;AAAA,EACF;AACA,QAAM,kBAAkB,UAAU,kBAAkB;AAEpD,QAAM,eAAe;AAAA,IACnB;AAAA,MACE,EAAE,MAAM,WAAW,MAAM,UAAU;AAAA,MACnC,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,MAClC,EAAE,MAAM,mBAAmB,MAAM,UAAU;AAAA,IAC7C;AAAA,IACA,CAAC,OAAO,OAAO,GAAG,6BAA6B,eAAe;AAAA,EAChE;AAEA,SAAO,UAAU,YAAY;AAC/B;AAeA,eAAsB,YACpB,QACA,eACA,OACA,cACA,SACwB;AACxB,QAAM,SAAS;AAAA,IACb,MAAM,MAAM;AAAA,IACZ,SAAS,MAAM;AAAA,IACf;AAAA,IACA,mBAAmB,WAAW,YAAY;AAAA,EAC5C;AAEA,QAAM,UAAU;AAAA,IACd,MAAM,WAAW,cAAc,IAAI;AAAA,IACnC,IAAI,WAAW,cAAc,EAAE;AAAA,IAC/B,OAAO,OAAO,cAAc,KAAK;AAAA,IACjC,YAAY,OAAO,cAAc,UAAU;AAAA,IAC3C,aAAa,OAAO,cAAc,WAAW;AAAA,IAC7C,OAAO,cAAc;AAAA,EACvB;AAEA,SAAO,OAAO,cAAc;AAAA,IAC1B;AAAA,IACA,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF,CAAC;AACH;AAcA,eAAsB,YACpB,QACA,QACA,SACwB;AACxB,QAAM,SAAS;AAAA,IACb,MAAM;AAAA,IACN;AAAA,IACA,mBAAmB;AAAA,EACrB;AAEA,QAAM,UAAU;AAAA,IACd,WAAW;AAAA,MACT,OAAO,WAAW,OAAO,UAAU,KAAK;AAAA,MACxC,QAAQ,OAAO,OAAO,UAAU,MAAM;AAAA,IACxC;AAAA,IACA,SAAS,WAAW,OAAO,OAAO;AAAA,IAClC,OAAO,OAAO,OAAO,KAAK;AAAA,IAC1B,UAAU,OAAO,OAAO,QAAQ;AAAA,EAClC;AAEA,SAAO,OAAO,cAAc;AAAA,IAC1B;AAAA,IACA,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF,CAAC;AACH;AAUO,SAAS,eAA8B;AAC5C,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,SAAO,gBAAgB,KAAK;AAC5B,SAAO,MAAM,KAAK;AACpB;;;ACnLO,SAAS,aAAa,SAAyB;AACpD,QAAM,QAAQ,QAAQ,MAAM,GAAG;AAC/B,MAAI,MAAM,WAAW,KAAK,MAAM,CAAC,MAAM,UAAU;AAC/C,UAAM,IAAI,MAAM,2BAA2B,OAAO,+BAA+B;AAAA,EACnF;AACA,QAAM,UAAU,SAAS,MAAM,CAAC,GAAG,EAAE;AACrC,MAAI,MAAM,OAAO,GAAG;AAClB,UAAM,IAAI,MAAM,+BAA+B,OAAO,EAAE;AAAA,EAC1D;AACA,SAAO;AACT;;;AFoBO,IAAM,uBAAN,MAA0D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQ/D,YAA6B,QAAyB;AAAzB;AAP7B,SAAS,SAAS;AAAA,EAOqC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAevD,MAAM,qBACJ,aACA,cACA,GAC+B;AAC/B,QAAI,gBAAgB,GAAG;AACrB,YAAM,IAAI,MAAM,4BAA4B,WAAW,gCAAgC;AAAA,IACzF;AAEA,UAAM,QAAQ,aAAa;AAG3B,QAAI,CAAC,MAAM,MAAM;AACf,YAAM,IAAI;AAAA,QACR,iFAAiF,aAAa,KAAK;AAAA,MACrG;AAAA,IACF;AACA,QAAI,CAAC,MAAM,SAAS;AAClB,YAAM,IAAI;AAAA,QACR,oFAAoF,aAAa,KAAK;AAAA,MACxG;AAAA,IACF;AACA,QAAI,CAAC,MAAM,mBAAmB;AAC5B,YAAM,IAAI,MAAM,+DAA+D;AAAA,IACjF;AACA,QAAI,CAAC,MAAM,cAAc;AACvB,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AACA,QAAI,OAAO,MAAM,oBAAoB,UAAU;AAC7C,YAAM,IAAI,MAAM,6DAA6D;AAAA,IAC/E;AACA,QAAI,OAAO,MAAM,mBAAmB,UAAU;AAC5C,YAAM,IAAI,MAAM,4DAA4D;AAAA,IAC9E;AACA,QAAI,OAAO,MAAM,cAAc,UAAU;AACvC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AACA,QAAI,OAAO,MAAM,cAAc,UAAU;AACvC,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AACA,QAAI,OAAO,aAAa,sBAAsB,UAAU;AACtD,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,UAAM,UAAU,aAAa,aAAa,OAAO;AACjD,UAAM,YAAY,aAAa;AAC/B,UAAM,aAAa,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAC/C,UAAM,oBAAoB,aAAa,aAAa;AACpD,UAAM,OAAO,aAAa;AAC1B,UAAM,sBAAsB,MAAM,uBAAuB;AAGzD,UAAM,cAAiC;AAAA,MACrC,UAAU,MAAM;AAAA,MAChB,OAAO,KAAK,OAAO;AAAA,MACnB,UAAU,aAAa;AAAA,MACvB,OAAO,aAAa;AAAA,MACpB;AAAA,MACA;AAAA,MACA,qBAAqB,MAAM;AAAA,MAC3B,cAAc,MAAM;AAAA,MACpB,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,MACjB,aAAa,MAAM;AAAA,MACnB;AAAA,IACF;AAGA,UAAM,QAAQ,oCAAoC,SAAS,WAAW;AAEtE,QAAI,wBAAwB,WAAW;AACrC,YAAM,uBAA+D;AAAA,QACnE,MAAM,KAAK,OAAO;AAAA,QAClB,WAAW;AAAA,UACT,OAAO,aAAa;AAAA,UACpB,QAAQ;AAAA,QACV;AAAA,QACA,SAAS;AAAA,QACT,OAAO,YAAY,KAAK,EAAE,SAAS;AAAA,QACnC,UAAU,OAAO,iBAAiB;AAAA,MACpC;AACA,YAAMA,aAAY,MAAM,YAAY,KAAK,QAAQ,sBAAsB,OAAO;AAC9E,YAAMC,WAA0B,EAAE,sBAAsB,WAAAD,YAAW,KAAK;AACxE,aAAO,EAAE,aAAa,SAASC,SAA8C;AAAA,IAC/E;AAGA,UAAM,gBAAiD;AAAA,MACrD,MAAM,KAAK,OAAO;AAAA,MAClB,IAAI;AAAA,MACJ,OAAO;AAAA,MACP,YAAY;AAAA,MACZ,aAAa,OAAO,iBAAiB;AAAA,MACrC;AAAA,IACF;AACA,UAAM,YAAY,MAAM;AAAA,MACtB,KAAK;AAAA,MACL;AAAA,MACA;AAAA,MACA,aAAa;AAAA,MACb;AAAA,IACF;AACA,UAAM,UAA0B,EAAE,eAAe,WAAW,KAAK;AACjE,WAAO,EAAE,aAAa,QAAuD;AAAA,EAC/E;AACF;","names":["signature","payload"]}