UNPKG

@a.annzzz/directdeposit-widget

Version:

A plug-and-play React component for connecting a Web3 wallet and displaying deposit schedule information.

1,299 lines (1,298 loc) • 43.8 kB

JavaScript

import { u as le, v as de, w as he, x as we, y as ge, z as kt, C as me, D as pe, E as ye, F as be } from "./index-BupfU0fk.js"; /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ const zt = /* @__PURE__ */ BigInt(0), Ot = /* @__PURE__ */ BigInt(1); function lt(e) { return e instanceof Uint8Array || ArrayBuffer.isView(e) && e.constructor.name === "Uint8Array"; } function Zt(e) { if (!lt(e)) throw new Error("Uint8Array expected"); } function at(e, n) { if (typeof n != "boolean") throw new Error(e + " boolean expected, got " + n); } function ht(e) { const n = e.toString(16); return n.length & 1 ? "0" + n : n; } function Dt(e) { if (typeof e != "string") throw new Error("hex string expected, got " + typeof e); return e === "" ? zt : BigInt("0x" + e); } const Wt = ( // @ts-ignore typeof Uint8Array.from([]).toHex == "function" && typeof Uint8Array.fromHex == "function" ), Ee = /* @__PURE__ */ Array.from({ length: 256 }, (e, n) => n.toString(16).padStart(2, "0")); function ut(e) { if (Zt(e), Wt) return e.toHex(); let n = ""; for (let t = 0; t < e.length; t++) n += Ee[e[t]]; return n; } const W = { _0: 48, _9: 57, A: 65, F: 70, a: 97, f: 102 }; function _t(e) { if (e >= W._0 && e <= W._9) return e - W._0; if (e >= W.A && e <= W.F) return e - (W.A - 10); if (e >= W.a && e <= W.f) return e - (W.a - 10); } function wt(e) { if (typeof e != "string") throw new Error("hex string expected, got " + typeof e); if (Wt) return Uint8Array.fromHex(e); const n = e.length, t = n / 2; if (n % 2) throw new Error("hex string expected, got unpadded hex of length " + n); const r = new Uint8Array(t); for (let i = 0, s = 0; i < t; i++, s += 2) { const c = _t(e.charCodeAt(s)), u = _t(e.charCodeAt(s + 1)); if (c === void 0 || u === void 0) { const o = e[s] + e[s + 1]; throw new Error('hex string expected, got non-hex character "' + o + '" at index ' + s); } r[i] = c * 16 + u; } return r; } function et(e) { return Dt(ut(e)); } function Gt(e) { return Zt(e), Dt(ut(Uint8Array.from(e).reverse())); } function dt(e, n) { return wt(e.toString(16).padStart(n * 2, "0")); } function Xt(e, n) { return dt(e, n).reverse(); } function K(e, n, t) { let r; if (typeof n == "string") try { r = wt(n); } catch (s) { throw new Error(e + " must be hex string or Uint8Array, cause: " + s); } else if (lt(n)) r = Uint8Array.from(n); else throw new Error(e + " must be hex string or Uint8Array"); const i = r.length; if (typeof t == "number" && i !== t) throw new Error(e + " of length " + t + " expected, got " + i); return r; } function gt(...e) { let n = 0; for (let r = 0; r < e.length; r++) { const i = e[r]; Zt(i), n += i.length; } const t = new Uint8Array(n); for (let r = 0, i = 0; r < e.length; r++) { const s = e[r]; t.set(s, i), i += s.length; } return t; } const Et = (e) => typeof e == "bigint" && zt <= e; function Ut(e, n, t) { return Et(e) && Et(n) && Et(t) && n <= e && e < t; } function it(e, n, t, r) { if (!Ut(n, t, r)) throw new Error("expected valid " + e + ": " + t + " <= n < " + r + ", got " + n); } function Be(e) { let n; for (n = 0; e > zt; e >>= Ot, n += 1) ; return n; } const mt = (e) => (Ot << BigInt(e)) - Ot, Bt = (e) => new Uint8Array(e), Ct = (e) => Uint8Array.from(e); function ve(e, n, t) { if (typeof e != "number" || e < 2) throw new Error("hashLen must be a number"); if (typeof n != "number" || n < 2) throw new Error("qByteLen must be a number"); if (typeof t != "function") throw new Error("hmacFn must be a function"); let r = Bt(e), i = Bt(e), s = 0; const c = () => { r.fill(1), i.fill(0), s = 0; }, u = (...A) => t(i, r, ...A), o = (A = Bt(0)) => { i = u(Ct([0]), A), r = u(), A.length !== 0 && (i = u(Ct([1]), A), r = u()); }, d = () => { if (s++ >= 1e3) throw new Error("drbg: tried 1000 values"); let A = 0; const N = []; for (; A < n; ) { r = u(); const R = r.slice(); N.push(R), A += r.length; } return gt(...N); }; return (A, N) => { c(), o(A); let R; for (; !(R = N(d())); ) o(); return c(), R; }; } const xe = { bigint: (e) => typeof e == "bigint", function: (e) => typeof e == "function", boolean: (e) => typeof e == "boolean", string: (e) => typeof e == "string", stringOrUint8Array: (e) => typeof e == "string" || lt(e), isSafeInteger: (e) => Number.isSafeInteger(e), array: (e) => Array.isArray(e), field: (e, n) => n.Fp.isValid(e), hash: (e) => typeof e == "function" && Number.isSafeInteger(e.outputLen) }; function pt(e, n, t = {}) { const r = (i, s, c) => { const u = xe[s]; if (typeof u != "function") throw new Error("invalid validator function"); const o = e[i]; if (!(c && o === void 0) && !u(o, e)) throw new Error("param " + String(i) + " is invalid. Expected " + s + ", got " + o); }; for (const [i, s] of Object.entries(n)) r(i, s, !1); for (const [i, s] of Object.entries(t)) r(i, s, !0); return e; } function Vt(e) { const n = /* @__PURE__ */ new WeakMap(); return (t, ...r) => { const i = n.get(t); if (i !== void 0) return i; const s = e(t, ...r); return n.set(t, s), s; }; } /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ const Y = BigInt(0), C = BigInt(1), tt = /* @__PURE__ */ BigInt(2), Se = /* @__PURE__ */ BigInt(3), Ft = /* @__PURE__ */ BigInt(4), Qt = /* @__PURE__ */ BigInt(5), Jt = /* @__PURE__ */ BigInt(8); function M(e, n) { const t = e % n; return t >= Y ? t : n + t; } function j(e, n, t) { let r = e; for (; n-- > Y; ) r *= r, r %= t; return r; } function qt(e, n) { if (e === Y) throw new Error("invert: expected non-zero number"); if (n <= Y) throw new Error("invert: expected positive modulus, got " + n); let t = M(e, n), r = n, i = Y, s = C; for (; t !== Y; ) { const u = r / t, o = r % t, d = i - s * u; r = t, t = o, i = s, s = d; } if (r !== C) throw new Error("invert: does not exist"); return M(i, n); } function te(e, n) { const t = (e.ORDER + C) / Ft, r = e.pow(n, t); if (!e.eql(e.sqr(r), n)) throw new Error("Cannot find square root"); return r; } function Ae(e, n) { const t = (e.ORDER - Qt) / Jt, r = e.mul(n, tt), i = e.pow(r, t), s = e.mul(n, i), c = e.mul(e.mul(s, tt), i), u = e.mul(s, e.sub(c, e.ONE)); if (!e.eql(e.sqr(u), n)) throw new Error("Cannot find square root"); return u; } function Ie(e) { if (e < BigInt(3)) throw new Error("sqrt is not defined for small field"); let n = e - C, t = 0; for (; n % tt === Y; ) n /= tt, t++; let r = tt; const i = Tt(e); for (; Mt(i, r) === 1; ) if (r++ > 1e3) throw new Error("Cannot find square root: probably non-prime P"); if (t === 1) return te; let s = i.pow(r, n); const c = (n + C) / tt; return function(o, d) { if (o.is0(d)) return d; if (Mt(o, d) !== 1) throw new Error("Cannot find square root"); let m = t, A = o.mul(o.ONE, s), N = o.pow(d, n), R = o.pow(d, c); for (; !o.eql(N, o.ONE); ) { if (o.is0(N)) return o.ZERO; let z = 1, g = o.sqr(N); for (; !o.eql(g, o.ONE); ) if (z++, g = o.sqr(g), z === m) throw new Error("Cannot find square root"); const k = C << BigInt(m - z - 1), Z = o.pow(A, k); m = z, A = o.sqr(Z), N = o.mul(N, A), R = o.mul(R, Z); } return R; }; } function Ne(e) { return e % Ft === Se ? te : e % Jt === Qt ? Ae : Ie(e); } const Oe = [ "create", "isValid", "is0", "neg", "inv", "sqrt", "sqr", "eql", "add", "sub", "mul", "pow", "div", "addN", "subN", "mulN", "sqrN" ]; function qe(e) { const n = { ORDER: "bigint", MASK: "bigint", BYTES: "isSafeInteger", BITS: "isSafeInteger" }, t = Oe.reduce((r, i) => (r[i] = "function", r), n); return pt(e, t); } function He(e, n, t) { if (t < Y) throw new Error("invalid exponent, negatives unsupported"); if (t === Y) return e.ONE; if (t === C) return n; let r = e.ONE, i = n; for (; t > Y; ) t & C && (r = e.mul(r, i)), i = e.sqr(i), t >>= C; return r; } function ee(e, n, t = !1) { const r = new Array(n.length).fill(t ? e.ZERO : void 0), i = n.reduce((c, u, o) => e.is0(u) ? c : (r[o] = c, e.mul(c, u)), e.ONE), s = e.inv(i); return n.reduceRight((c, u, o) => e.is0(u) ? c : (r[o] = e.mul(c, r[o]), e.mul(c, u)), s), r; } function Mt(e, n) { const t = (e.ORDER - C) / tt, r = e.pow(n, t), i = e.eql(r, e.ONE), s = e.eql(r, e.ZERO), c = e.eql(r, e.neg(e.ONE)); if (!i && !s && !c) throw new Error("invalid Legendre symbol result"); return i ? 1 : s ? 0 : -1; } function ne(e, n) { n !== void 0 && le(n); const t = n !== void 0 ? n : e.toString(2).length, r = Math.ceil(t / 8); return { nBitLength: t, nByteLength: r }; } function Tt(e, n, t = !1, r = {}) { if (e <= Y) throw new Error("invalid field: expected ORDER > 0, got " + e); const { nBitLength: i, nByteLength: s } = ne(e, n); if (s > 2048) throw new Error("invalid field: expected ORDER of <= 2048 bytes"); let c; const u = Object.freeze({ ORDER: e, isLE: t, BITS: i, BYTES: s, MASK: mt(i), ZERO: Y, ONE: C, create: (o) => M(o, e), isValid: (o) => { if (typeof o != "bigint") throw new Error("invalid field element: expected bigint, got " + typeof o); return Y <= o && o < e; }, is0: (o) => o === Y, isOdd: (o) => (o & C) === C, neg: (o) => M(-o, e), eql: (o, d) => o === d, sqr: (o) => M(o * o, e), add: (o, d) => M(o + d, e), sub: (o, d) => M(o - d, e), mul: (o, d) => M(o * d, e), pow: (o, d) => He(u, o, d), div: (o, d) => M(o * qt(d, e), e), // Same as above, but doesn't normalize sqrN: (o) => o * o, addN: (o, d) => o + d, subN: (o, d) => o - d, mulN: (o, d) => o * d, inv: (o) => qt(o, e), sqrt: r.sqrt || ((o) => (c || (c = Ne(e)), c(u, o))), toBytes: (o) => t ? Xt(o, s) : dt(o, s), fromBytes: (o) => { if (o.length !== s) throw new Error("Field.fromBytes: expected " + s + " bytes, got " + o.length); return t ? Gt(o) : et(o); }, // TODO: we don't need it here, move out to separate fn invertBatch: (o) => ee(u, o), // We can't move this out because Fp6, Fp12 implement it // and it's unclear what to return in there. cmov: (o, d, m) => m ? d : o }); return Object.freeze(u); } function re(e) { if (typeof e != "bigint") throw new Error("field order must be bigint"); const n = e.toString(2).length; return Math.ceil(n / 8); } function oe(e) { const n = re(e); return n + Math.ceil(n / 2); } function Le(e, n, t = !1) { const r = e.length, i = re(n), s = oe(n); if (r < 16 || r < s || r > 1024) throw new Error("expected " + s + "-1024 bytes of input, got " + r); const c = t ? Gt(e) : et(e), u = M(c, n - C) + C; return t ? Xt(u, i) : dt(u, i); } class ie extends de { constructor(n, t) { super(), this.finished = !1, this.destroyed = !1, he(n); const r = we(t); if (this.iHash = n.create(), typeof this.iHash.update != "function") throw new Error("Expected instance of class which extends utils.Hash"); this.blockLen = this.iHash.blockLen, this.outputLen = this.iHash.outputLen; const i = this.blockLen, s = new Uint8Array(i); s.set(r.length > i ? n.create().update(r).digest() : r); for (let c = 0; c < s.length; c++) s[c] ^= 54; this.iHash.update(s), this.oHash = n.create(); for (let c = 0; c < s.length; c++) s[c] ^= 106; this.oHash.update(s), ge(s); } update(n) { return kt(this), this.iHash.update(n), this; } digestInto(n) { kt(this), me(n, this.outputLen), this.finished = !0, this.iHash.digestInto(n), this.oHash.update(n), this.oHash.digestInto(n), this.destroy(); } digest() { const n = new Uint8Array(this.oHash.outputLen); return this.digestInto(n), n; } _cloneInto(n) { n || (n = Object.create(Object.getPrototypeOf(this), {})); const { oHash: t, iHash: r, finished: i, destroyed: s, blockLen: c, outputLen: u } = this; return n = n, n.finished = i, n.destroyed = s, n.blockLen = c, n.outputLen = u, n.oHash = t._cloneInto(n.oHash), n.iHash = r._cloneInto(n.iHash), n; } clone() { return this._cloneInto(); } destroy() { this.destroyed = !0, this.oHash.destroy(), this.iHash.destroy(); } } const se = (e, n, t) => new ie(e, n).update(t).digest(); se.create = (e, n) => new ie(e, n); /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ const Yt = BigInt(0), Ht = BigInt(1); function vt(e, n) { const t = n.negate(); return e ? t : n; } function ce(e, n) { if (!Number.isSafeInteger(e) || e <= 0 || e > n) throw new Error("invalid window size, expected [1.." + n + "], got W=" + e); } function xt(e, n) { ce(e, n); const t = Math.ceil(n / e) + 1, r = 2 ** (e - 1), i = 2 ** e, s = mt(e), c = BigInt(e); return { windows: t, windowSize: r, mask: s, maxNumber: i, shiftBy: c }; } function jt(e, n, t) { const { windowSize: r, mask: i, maxNumber: s, shiftBy: c } = t; let u = Number(e & i), o = e >> c; u > r && (u -= s, o += Ht); const d = n * r, m = d + Math.abs(u) - 1, A = u === 0, N = u < 0, R = n % 2 !== 0; return { nextN: o, offset: m, isZero: A, isNeg: N, isNegF: R, offsetF: d }; } function Re(e, n) { if (!Array.isArray(e)) throw new Error("array expected"); e.forEach((t, r) => { if (!(t instanceof n)) throw new Error("invalid point at index " + r); }); } function ze(e, n) { if (!Array.isArray(e)) throw new Error("array of scalars expected"); e.forEach((t, r) => { if (!n.isValid(t)) throw new Error("invalid scalar at index " + r); }); } const St = /* @__PURE__ */ new WeakMap(), fe = /* @__PURE__ */ new WeakMap(); function At(e) { return fe.get(e) || 1; } function Ze(e, n) { return { constTimeNegate: vt, hasPrecomputes(t) { return At(t) !== 1; }, // non-const time multiplication ladder unsafeLadder(t, r, i = e.ZERO) { let s = t; for (; r > Yt; ) r & Ht && (i = i.add(s)), s = s.double(), r >>= Ht; return i; }, /** * Creates a wNAF precomputation window. Used for caching. * Default window size is set by `utils.precompute()` and is equal to 8. * Number of precomputed points depends on the curve size: * 2^(𝑊−1) * (Math.ceil(𝑛 / 𝑊) + 1), where: * - 𝑊 is the window size * - 𝑛 is the bitlength of the curve order. * For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224. * @param elm Point instance * @param W window size * @returns precomputed point tables flattened to a single array */ precomputeWindow(t, r) { const { windows: i, windowSize: s } = xt(r, n), c = []; let u = t, o = u; for (let d = 0; d < i; d++) { o = u, c.push(o); for (let m = 1; m < s; m++) o = o.add(u), c.push(o); u = o.double(); } return c; }, /** * Implements ec multiplication using precomputed tables and w-ary non-adjacent form. * @param W window size * @param precomputes precomputed tables * @param n scalar (we don't check here, but should be less than curve order) * @returns real and fake (for const-time) points */ wNAF(t, r, i) { let s = e.ZERO, c = e.BASE; const u = xt(t, n); for (let o = 0; o < u.windows; o++) { const { nextN: d, offset: m, isZero: A, isNeg: N, isNegF: R, offsetF: z } = jt(i, o, u); i = d, A ? c = c.add(vt(R, r[z])) : s = s.add(vt(N, r[m])); } return { p: s, f: c }; }, /** * Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form. * @param W window size * @param precomputes precomputed tables * @param n scalar (we don't check here, but should be less than curve order) * @param acc accumulator point to add result of multiplication * @returns point */ wNAFUnsafe(t, r, i, s = e.ZERO) { const c = xt(t, n); for (let u = 0; u < c.windows && i !== Yt; u++) { const { nextN: o, offset: d, isZero: m, isNeg: A } = jt(i, u, c); if (i = o, !m) { const N = r[d]; s = s.add(A ? N.negate() : N); } } return s; }, getPrecomputes(t, r, i) { let s = St.get(r); return s || (s = this.precomputeWindow(r, t), t !== 1 && St.set(r, i(s))), s; }, wNAFCached(t, r, i) { const s = At(t); return this.wNAF(s, this.getPrecomputes(s, t, i), r); }, wNAFCachedUnsafe(t, r, i, s) { const c = At(t); return c === 1 ? this.unsafeLadder(t, r, s) : this.wNAFUnsafe(c, this.getPrecomputes(c, t, i), r, s); }, // We calculate precomputes for elliptic curve point multiplication // using windowed method. This specifies window size and // stores precomputed values. Usually only base point would be precomputed. setWindowSize(t, r) { ce(r, n), fe.set(t, r), St.delete(t); } }; } function Ue(e, n, t, r) { Re(t, e), ze(r, n); const i = t.length, s = r.length; if (i !== s) throw new Error("arrays of points and scalars must have equal length"); const c = e.ZERO, u = Be(BigInt(i)); let o = 1; u > 12 ? o = u - 3 : u > 4 ? o = u - 2 : u > 0 && (o = 2); const d = mt(o), m = new Array(Number(d) + 1).fill(c), A = Math.floor((n.BITS - 1) / o) * o; let N = c; for (let R = A; R >= 0; R -= o) { m.fill(c); for (let g = 0; g < s; g++) { const k = r[g], Z = Number(k >> BigInt(R) & d); m[Z] = m[Z].add(t[g]); } let z = c; for (let g = m.length - 1, k = c; g > 0; g--) k = k.add(m[g]), z = z.add(k); if (N = N.add(z), R !== 0) for (let g = 0; g < o; g++) N = N.double(); } return N; } function ae(e) { return qe(e.Fp), pt(e, { n: "bigint", h: "bigint", Gx: "field", Gy: "field" }, { nBitLength: "isSafeInteger", nByteLength: "isSafeInteger" }), Object.freeze({ ...ne(e.n, e.nBitLength), ...e, p: e.Fp.ORDER }); } /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ function Kt(e) { e.lowS !== void 0 && at("lowS", e.lowS), e.prehash !== void 0 && at("prehash", e.prehash); } function Te(e) { const n = ae(e); pt(n, { a: "field", b: "field" }, { allowInfinityPoint: "boolean", allowedPrivateKeyLengths: "array", clearCofactor: "function", fromBytes: "function", isTorsionFree: "function", toBytes: "function", wrapPrivateKey: "boolean" }); const { endo: t, Fp: r, a: i } = n; if (t) { if (!r.eql(i, r.ZERO)) throw new Error("invalid endo: CURVE.a must be 0"); if (typeof t != "object" || typeof t.beta != "bigint" || typeof t.splitScalar != "function") throw new Error('invalid endo: expected "beta": bigint and "splitScalar": function'); } return Object.freeze({ ...n }); } class ke extends Error { constructor(n = "") { super(n); } } const G = { // asn.1 DER encoding utils Err: ke, // Basic building block is TLV (Tag-Length-Value) _tlv: { encode: (e, n) => { const { Err: t } = G; if (e < 0 || e > 256) throw new t("tlv.encode: wrong tag"); if (n.length & 1) throw new t("tlv.encode: unpadded data"); const r = n.length / 2, i = ht(r); if (i.length / 2 & 128) throw new t("tlv.encode: long form length too big"); const s = r > 127 ? ht(i.length / 2 | 128) : ""; return ht(e) + s + i + n; }, // v - value, l - left bytes (unparsed) decode(e, n) { const { Err: t } = G; let r = 0; if (e < 0 || e > 256) throw new t("tlv.encode: wrong tag"); if (n.length < 2 || n[r++] !== e) throw new t("tlv.decode: wrong tlv"); const i = n[r++], s = !!(i & 128); let c = 0; if (!s) c = i; else { const o = i & 127; if (!o) throw new t("tlv.decode(long): indefinite length not supported"); if (o > 4) throw new t("tlv.decode(long): byte length is too big"); const d = n.subarray(r, r + o); if (d.length !== o) throw new t("tlv.decode: length bytes not complete"); if (d[0] === 0) throw new t("tlv.decode(long): zero leftmost byte"); for (const m of d) c = c << 8 | m; if (r += o, c < 128) throw new t("tlv.decode(long): not minimal encoding"); } const u = n.subarray(r, r + c); if (u.length !== c) throw new t("tlv.decode: wrong value length"); return { v: u, l: n.subarray(r + c) }; } }, // https://crypto.stackexchange.com/a/57734 Leftmost bit of first byte is 'negative' flag, // since we always use positive integers here. It must always be empty: // - add zero byte if exists // - if next byte doesn't have a flag, leading zero is not allowed (minimal encoding) _int: { encode(e) { const { Err: n } = G; if (e < X) throw new n("integer: negative integers are not allowed"); let t = ht(e); if (Number.parseInt(t[0], 16) & 8 && (t = "00" + t), t.length & 1) throw new n("unexpected DER parsing assertion: unpadded hex"); return t; }, decode(e) { const { Err: n } = G; if (e[0] & 128) throw new n("invalid signature integer: negative"); if (e[0] === 0 && !(e[1] & 128)) throw new n("invalid signature integer: unnecessary leading zero"); return et(e); } }, toSig(e) { const { Err: n, _int: t, _tlv: r } = G, i = K("signature", e), { v: s, l: c } = r.decode(48, i); if (c.length) throw new n("invalid signature: left bytes after parsing"); const { v: u, l: o } = r.decode(2, s), { v: d, l: m } = r.decode(2, o); if (m.length) throw new n("invalid signature: left bytes after parsing"); return { r: t.decode(u), s: t.decode(d) }; }, hexFromSig(e) { const { _tlv: n, _int: t } = G, r = n.encode(2, t.encode(e.r)), i = n.encode(2, t.encode(e.s)), s = r + i; return n.encode(48, s); } }; function It(e, n) { return ut(dt(e, n)); } const X = BigInt(0), U = BigInt(1); BigInt(2); const Nt = BigInt(3), _e = BigInt(4); function Ce(e) { const n = Te(e), { Fp: t } = n, r = Tt(n.n, n.nBitLength), i = n.toBytes || ((x, f, h) => { const p = f.toAffine(); return gt(Uint8Array.from([4]), t.toBytes(p.x), t.toBytes(p.y)); }), s = n.fromBytes || ((x) => { const f = x.subarray(1), h = t.fromBytes(f.subarray(0, t.BYTES)), p = t.fromBytes(f.subarray(t.BYTES, 2 * t.BYTES)); return { x: h, y: p }; }); function c(x) { const { a: f, b: h } = n, p = t.sqr(x), B = t.mul(p, x); return t.add(t.add(B, t.mul(x, f)), h); } function u(x, f) { const h = t.sqr(f), p = c(x); return t.eql(h, p); } if (!u(n.Gx, n.Gy)) throw new Error("bad curve params: generator point"); const o = t.mul(t.pow(n.a, Nt), _e), d = t.mul(t.sqr(n.b), BigInt(27)); if (t.is0(t.add(o, d))) throw new Error("bad curve params: a or b"); function m(x) { return Ut(x, U, n.n); } function A(x) { const { allowedPrivateKeyLengths: f, nByteLength: h, wrapPrivateKey: p, n: B } = n; if (f && typeof x != "bigint") { if (lt(x) && (x = ut(x)), typeof x != "string" || !f.includes(x.length)) throw new Error("invalid private key"); x = x.padStart(h * 2, "0"); } let O; try { O = typeof x == "bigint" ? x : et(K("private key", x, h)); } catch { throw new Error("invalid private key, expected hex or " + h + " bytes, got " + typeof x); } return p && (O = M(O, B)), it("private key", O, U, B), O; } function N(x) { if (!(x instanceof g)) throw new Error("ProjectivePoint expected"); } const R = Vt((x, f) => { const { px: h, py: p, pz: B } = x; if (t.eql(B, t.ONE)) return { x: h, y: p }; const O = x.is0(); f == null && (f = O ? t.ONE : t.inv(B)); const H = t.mul(h, f), q = t.mul(p, f), y = t.mul(B, f); if (O) return { x: t.ZERO, y: t.ZERO }; if (!t.eql(y, t.ONE)) throw new Error("invZ was invalid"); return { x: H, y: q }; }), z = Vt((x) => { if (x.is0()) { if (n.allowInfinityPoint && !t.is0(x.py)) return; throw new Error("bad point: ZERO"); } const { x: f, y: h } = x.toAffine(); if (!t.isValid(f) || !t.isValid(h)) throw new Error("bad point: x or y not FE"); if (!u(f, h)) throw new Error("bad point: equation left != right"); if (!x.isTorsionFree()) throw new Error("bad point: not in prime-order subgroup"); return !0; }); class g { constructor(f, h, p) { if (f == null || !t.isValid(f)) throw new Error("x required"); if (h == null || !t.isValid(h) || t.is0(h)) throw new Error("y required"); if (p == null || !t.isValid(p)) throw new Error("z required"); this.px = f, this.py = h, this.pz = p, Object.freeze(this); } // Does not validate if the point is on-curve. // Use fromHex instead, or call assertValidity() later. static fromAffine(f) { const { x: h, y: p } = f || {}; if (!f || !t.isValid(h) || !t.isValid(p)) throw new Error("invalid affine point"); if (f instanceof g) throw new Error("projective point not allowed"); const B = (O) => t.eql(O, t.ZERO); return B(h) && B(p) ? g.ZERO : new g(h, p, t.ONE); } get x() { return this.toAffine().x; } get y() { return this.toAffine().y; } /** * Takes a bunch of Projective Points but executes only one * inversion on all of them. Inversion is very slow operation, * so this improves performance massively. * Optimization: converts a list of projective points to a list of identical points with Z=1. */ static normalizeZ(f) { const h = ee(t, f.map((p) => p.pz)); return f.map((p, B) => p.toAffine(h[B])).map(g.fromAffine); } /** * Converts hash string or Uint8Array to Point. * @param hex short/long ECDSA hex */ static fromHex(f) { const h = g.fromAffine(s(K("pointHex", f))); return h.assertValidity(), h; } // Multiplies generator point by privateKey. static fromPrivateKey(f) { return g.BASE.multiply(A(f)); } // Multiscalar Multiplication static msm(f, h) { return Ue(g, r, f, h); } // "Private method", don't use it directly _setWindowSize(f) { $.setWindowSize(this, f); } // A point on curve is valid if it conforms to equation. assertValidity() { z(this); } hasEvenY() { const { y: f } = this.toAffine(); if (t.isOdd) return !t.isOdd(f); throw new Error("Field doesn't support isOdd"); } /** * Compare one point to another. */ equals(f) { N(f); const { px: h, py: p, pz: B } = this, { px: O, py: H, pz: q } = f, y = t.eql(t.mul(h, q), t.mul(O, B)), I = t.eql(t.mul(p, q), t.mul(H, B)); return y && I; } /** * Flips point to one corresponding to (x, -y) in Affine coordinates. */ negate() { return new g(this.px, t.neg(this.py), this.pz); } // Renes-Costello-Batina exception-free doubling formula. // There is 30% faster Jacobian formula, but it is not complete. // https://eprint.iacr.org/2015/1060, algorithm 3 // Cost: 8M + 3S + 3*a + 2*b3 + 15add. double() { const { a: f, b: h } = n, p = t.mul(h, Nt), { px: B, py: O, pz: H } = this; let q = t.ZERO, y = t.ZERO, I = t.ZERO, b = t.mul(B, B), T = t.mul(O, O), l = t.mul(H, H), a = t.mul(B, O); return a = t.add(a, a), I = t.mul(B, H), I = t.add(I, I), q = t.mul(f, I), y = t.mul(p, l), y = t.add(q, y), q = t.sub(T, y), y = t.add(T, y), y = t.mul(q, y), q = t.mul(a, q), I = t.mul(p, I), l = t.mul(f, l), a = t.sub(b, l), a = t.mul(f, a), a = t.add(a, I), I = t.add(b, b), b = t.add(I, b), b = t.add(b, l), b = t.mul(b, a), y = t.add(y, b), l = t.mul(O, H), l = t.add(l, l), b = t.mul(l, a), q = t.sub(q, b), I = t.mul(l, T), I = t.add(I, I), I = t.add(I, I), new g(q, y, I); } // Renes-Costello-Batina exception-free addition formula. // There is 30% faster Jacobian formula, but it is not complete. // https://eprint.iacr.org/2015/1060, algorithm 1 // Cost: 12M + 0S + 3*a + 3*b3 + 23add. add(f) { N(f); const { px: h, py: p, pz: B } = this, { px: O, py: H, pz: q } = f; let y = t.ZERO, I = t.ZERO, b = t.ZERO; const T = n.a, l = t.mul(n.b, Nt); let a = t.mul(h, O), w = t.mul(p, H), S = t.mul(B, q), E = t.add(h, p), v = t.add(O, H); E = t.mul(E, v), v = t.add(a, w), E = t.sub(E, v), v = t.add(h, B); let L = t.add(O, q); return v = t.mul(v, L), L = t.add(a, S), v = t.sub(v, L), L = t.add(p, B), y = t.add(H, q), L = t.mul(L, y), y = t.add(w, S), L = t.sub(L, y), b = t.mul(T, v), y = t.mul(l, S), b = t.add(y, b), y = t.sub(w, b), b = t.add(w, b), I = t.mul(y, b), w = t.add(a, a), w = t.add(w, a), S = t.mul(T, S), v = t.mul(l, v), w = t.add(w, S), S = t.sub(a, S), S = t.mul(T, S), v = t.add(v, S), a = t.mul(w, v), I = t.add(I, a), a = t.mul(L, v), y = t.mul(E, y), y = t.sub(y, a), a = t.mul(E, w), b = t.mul(L, b), b = t.add(b, a), new g(y, I, b); } subtract(f) { return this.add(f.negate()); } is0() { return this.equals(g.ZERO); } wNAF(f) { return $.wNAFCached(this, f, g.normalizeZ); } /** * Non-constant-time multiplication. Uses double-and-add algorithm. * It's faster, but should only be used when you don't care about * an exposed private key e.g. sig verification, which works over *public* keys. */ multiplyUnsafe(f) { const { endo: h, n: p } = n; it("scalar", f, X, p); const B = g.ZERO; if (f === X) return B; if (this.is0() || f === U) return this; if (!h || $.hasPrecomputes(this)) return $.wNAFCachedUnsafe(this, f, g.normalizeZ); let { k1neg: O, k1: H, k2neg: q, k2: y } = h.splitScalar(f), I = B, b = B, T = this; for (; H > X || y > X; ) H & U && (I = I.add(T)), y & U && (b = b.add(T)), T = T.double(), H >>= U, y >>= U; return O && (I = I.negate()), q && (b = b.negate()), b = new g(t.mul(b.px, h.beta), b.py, b.pz), I.add(b); } /** * Constant time multiplication. * Uses wNAF method. Windowed method may be 10% faster, * but takes 2x longer to generate and consumes 2x memory. * Uses precomputes when available. * Uses endomorphism for Koblitz curves. * @param scalar by which the point would be multiplied * @returns New point */ multiply(f) { const { endo: h, n: p } = n; it("scalar", f, U, p); let B, O; if (h) { const { k1neg: H, k1: q, k2neg: y, k2: I } = h.splitScalar(f); let { p: b, f: T } = this.wNAF(q), { p: l, f: a } = this.wNAF(I); b = $.constTimeNegate(H, b), l = $.constTimeNegate(y, l), l = new g(t.mul(l.px, h.beta), l.py, l.pz), B = b.add(l), O = T.add(a); } else { const { p: H, f: q } = this.wNAF(f); B = H, O = q; } return g.normalizeZ([B, O])[0]; } /** * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly. * Not using Strauss-Shamir trick: precomputation tables are faster. * The trick could be useful if both P and Q are not G (not in our case). * @returns non-zero affine point */ multiplyAndAddUnsafe(f, h, p) { const B = g.BASE, O = (q, y) => y === X || y === U || !q.equals(B) ? q.multiplyUnsafe(y) : q.multiply(y), H = O(this, h).add(O(f, p)); return H.is0() ? void 0 : H; } // Converts Projective point to affine (x, y) coordinates. // Can accept precomputed Z^-1 - for example, from invertBatch. // (x, y, z) ∋ (x=x/z, y=y/z) toAffine(f) { return R(this, f); } isTorsionFree() { const { h: f, isTorsionFree: h } = n; if (f === U) return !0; if (h) return h(g, this); throw new Error("isTorsionFree() has not been declared for the elliptic curve"); } clearCofactor() { const { h: f, clearCofactor: h } = n; return f === U ? this : h ? h(g, this) : this.multiplyUnsafe(n.h); } toRawBytes(f = !0) { return at("isCompressed", f), this.assertValidity(), i(g, this, f); } toHex(f = !0) { return at("isCompressed", f), ut(this.toRawBytes(f)); } } g.BASE = new g(n.Gx, n.Gy, t.ONE), g.ZERO = new g(t.ZERO, t.ONE, t.ZERO); const { endo: k, nBitLength: Z } = n, $ = Ze(g, k ? Math.ceil(Z / 2) : Z); return { CURVE: n, ProjectivePoint: g, normPrivateKeyToScalar: A, weierstrassEquation: c, isWithinCurveOrder: m }; } function Ve(e) { const n = ae(e); return pt(n, { hash: "hash", hmac: "function", randomBytes: "function" }, { bits2int: "function", bits2int_modN: "function", lowS: "boolean" }), Object.freeze({ lowS: !0, ...n }); } function Me(e) { const n = Ve(e), { Fp: t, n: r, nByteLength: i, nBitLength: s } = n, c = t.BYTES + 1, u = 2 * t.BYTES + 1; function o(l) { return M(l, r); } function d(l) { return qt(l, r); } const { ProjectivePoint: m, normPrivateKeyToScalar: A, weierstrassEquation: N, isWithinCurveOrder: R } = Ce({ ...n, toBytes(l, a, w) { const S = a.toAffine(), E = t.toBytes(S.x), v = gt; return at("isCompressed", w), w ? v(Uint8Array.from([a.hasEvenY() ? 2 : 3]), E) : v(Uint8Array.from([4]), E, t.toBytes(S.y)); }, fromBytes(l) { const a = l.length, w = l[0], S = l.subarray(1); if (a === c && (w === 2 || w === 3)) { const E = et(S); if (!Ut(E, U, t.ORDER)) throw new Error("Point is not on curve"); const v = N(E); let L; try { L = t.sqrt(v); } catch (P) { const V = P instanceof Error ? ": " + P.message : ""; throw new Error("Point is not on curve" + V); } const _ = (L & U) === U; return (w & 1) === 1 !== _ && (L = t.neg(L)), { x: E, y: L }; } else if (a === u && w === 4) { const E = t.fromBytes(S.subarray(0, t.BYTES)), v = t.fromBytes(S.subarray(t.BYTES, 2 * t.BYTES)); return { x: E, y: v }; } else { const E = c, v = u; throw new Error("invalid Point, expected length of " + E + ", or uncompressed " + v + ", got " + a); } } }); function z(l) { const a = r >> U; return l > a; } function g(l) { return z(l) ? o(-l) : l; } const k = (l, a, w) => et(l.slice(a, w)); class Z { constructor(a, w, S) { it("r", a, U, r), it("s", w, U, r), this.r = a, this.s = w, S != null && (this.recovery = S), Object.freeze(this); } // pair (bytes of r, bytes of s) static fromCompact(a) { const w = i; return a = K("compactSignature", a, w * 2), new Z(k(a, 0, w), k(a, w, 2 * w)); } // DER encoded ECDSA signature // https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script static fromDER(a) { const { r: w, s: S } = G.toSig(K("DER", a)); return new Z(w, S); } /** * @todo remove * @deprecated */ assertValidity() { } addRecoveryBit(a) { return new Z(this.r, this.s, a); } recoverPublicKey(a) { const { r: w, s: S, recovery: E } = this, v = B(K("msgHash", a)); if (E == null || ![0, 1, 2, 3].includes(E)) throw new Error("recovery id invalid"); const L = E === 2 || E === 3 ? w + n.n : w; if (L >= t.ORDER) throw new Error("recovery id 2 or 3 invalid"); const _ = (E & 1) === 0 ? "02" : "03", D = m.fromHex(_ + It(L, t.BYTES)), P = d(L), V = o(-v * P), nt = o(S * P), F = m.BASE.multiplyAndAddUnsafe(D, V, nt); if (!F) throw new Error("point at infinify"); return F.assertValidity(), F; } // Signatures should be low-s, to prevent malleability. hasHighS() { return z(this.s); } normalizeS() { return this.hasHighS() ? new Z(this.r, o(-this.s), this.recovery) : this; } // DER-encoded toDERRawBytes() { return wt(this.toDERHex()); } toDERHex() { return G.hexFromSig(this); } // padded bytes of r, then padded bytes of s toCompactRawBytes() { return wt(this.toCompactHex()); } toCompactHex() { const a = i; return It(this.r, a) + It(this.s, a); } } const $ = { isValidPrivateKey(l) { try { return A(l), !0; } catch { return !1; } }, normPrivateKeyToScalar: A, /** * Produces cryptographically secure private key from random of size * (groupLen + ceil(groupLen / 2)) with modulo bias being negligible. */ randomPrivateKey: () => { const l = oe(n.n); return Le(n.randomBytes(l), n.n); }, /** * Creates precompute table for an arbitrary EC point. Makes point "cached". * Allows to massively speed-up `point.multiply(scalar)`. * @returns cached point * @example * const fast = utils.precompute(8, ProjectivePoint.fromHex(someonesPubKey)); * fast.multiply(privKey); // much faster ECDH now */ precompute(l = 8, a = m.BASE) { return a._setWindowSize(l), a.multiply(BigInt(3)), a; } }; function x(l, a = !0) { return m.fromPrivateKey(l).toRawBytes(a); } function f(l) { if (typeof l == "bigint") return !1; if (l instanceof m) return !0; const w = K("key", l).length, S = t.BYTES, E = S + 1, v = 2 * S + 1; if (!(n.allowedPrivateKeyLengths || i === E)) return w === E || w === v; } function h(l, a, w = !0) { if (f(l) === !0) throw new Error("first arg must be private key"); if (f(a) === !1) throw new Error("second arg must be public key"); return m.fromHex(a).multiply(A(l)).toRawBytes(w); } const p = n.bits2int || function(l) { if (l.length > 8192) throw new Error("input is too large"); const a = et(l), w = l.length * 8 - s; return w > 0 ? a >> BigInt(w) : a; }, B = n.bits2int_modN || function(l) { return o(p(l)); }, O = mt(s); function H(l) { return it("num < 2^" + s, l, X, O), dt(l, i); } function q(l, a, w = y) { if (["recovered", "canonical"].some((Q) => Q in w)) throw new Error("sign() legacy options not supported"); const { hash: S, randomBytes: E } = n; let { lowS: v, prehash: L, extraEntropy: _ } = w; v == null && (v = !0), l = K("msgHash", l), Kt(w), L && (l = K("prehashed msgHash", S(l))); const D = B(l), P = A(a), V = [H(P), H(D)]; if (_ != null && _ !== !1) { const Q = _ === !0 ? E(t.BYTES) : _; V.push(K("extraEntropy", Q)); } const nt = gt(...V), F = D; function yt(Q) { const rt = p(Q); if (!R(rt)) return; const bt = d(rt), st = m.BASE.multiply(rt).toAffine(), J = o(st.x); if (J === X) return; const ct = o(bt * o(F + J * P)); if (ct === X) return; let ft = (st.x === J ? 0 : 2) | Number(st.y & U), ot = ct; return v && z(ct) && (ot = g(ct), ft ^= 1), new Z(J, ot, ft); } return { seed: nt, k2sig: yt }; } const y = { lowS: n.lowS, prehash: !1 }, I = { lowS: n.lowS, prehash: !1 }; function b(l, a, w = y) { const { seed: S, k2sig: E } = q(l, a, w), v = n; return ve(v.hash.outputLen, v.nByteLength, v.hmac)(S, E); } m.BASE._setWindowSize(8); function T(l, a, w, S = I) { var ft; const E = l; a = K("msgHash", a), w = K("publicKey", w); const { lowS: v, prehash: L, format: _ } = S; if (Kt(S), "strict" in S) throw new Error("options.strict was renamed to lowS"); if (_ !== void 0 && _ !== "compact" && _ !== "der") throw new Error("format must be compact or der"); const D = typeof E == "string" || lt(E), P = !D && !_ && typeof E == "object" && E !== null && typeof E.r == "bigint" && typeof E.s == "bigint"; if (!D && !P) throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance"); let V, nt; try { if (P && (V = new Z(E.r, E.s)), D) { try { _ !== "compact" && (V = Z.fromDER(E)); } catch (ot) { if (!(ot instanceof G.Err)) throw ot; } !V && _ !== "der" && (V = Z.fromCompact(E)); } nt = m.fromHex(w); } catch { return !1; } if (!V || v && V.hasHighS()) return !1; L && (a = n.hash(a)); const { r: F, s: yt } = V, Q = B(a), rt = d(yt), bt = o(Q * rt), st = o(F * rt), J = (ft = m.BASE.multiplyAndAddUnsafe(nt, bt, st)) == null ? void 0 : ft.toAffine(); return J ? o(J.x) === F : !1; } return { CURVE: n, getPublicKey: x, getSharedSecret: h, sign: b, verify: T, ProjectivePoint: m, Signature: Z, utils: $ }; } /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ function Ye(e) { return { hash: e, hmac: (n, ...t) => se(e, n, ye(...t)), randomBytes: pe }; } function je(e, n) { const t = (r) => Me({ ...e, ...Ye(r) }); return { ...t(n), create: t }; } /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ const ue = BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"), Pt = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"), Ke = BigInt(0), Pe = BigInt(1), Lt = BigInt(2), $t = (e, n) => (e + n / Lt) / n; function $e(e) { const n = ue, t = BigInt(3), r = BigInt(6), i = BigInt(11), s = BigInt(22), c = BigInt(23), u = BigInt(44), o = BigInt(88), d = e * e * e % n, m = d * d * e % n, A = j(m, t, n) * m % n, N = j(A, t, n) * m % n, R = j(N, Lt, n) * d % n, z = j(R, i, n) * R % n, g = j(z, s, n) * z % n, k = j(g, u, n) * g % n, Z = j(k, o, n) * k % n, $ = j(Z, u, n) * g % n, x = j($, t, n) * m % n, f = j(x, c, n) * z % n, h = j(f, r, n) * d % n, p = j(h, Lt, n); if (!Rt.eql(Rt.sqr(p), e)) throw new Error("Cannot find square root"); return p; } const Rt = Tt(ue, void 0, void 0, { sqrt: $e }), We = je({ a: Ke, b: BigInt(7), Fp: Rt, n: Pt, Gx: BigInt("55066263022277343669578718895168534326250603453777594175500187360389116729240"), Gy: BigInt("32670510020758816978083085130507043184471273380659243275938904335757337482424"), h: BigInt(1), lowS: !0, // Allow only low-S signatures by default in sign() and verify() endo: { // Endomorphism, see above beta: BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"), splitScalar: (e) => { const n = Pt, t = BigInt("0x3086d221a7d46bcde86c90e49284eb15"), r = -Pe * BigInt("0xe4437ed6010e88286f547fa90abfe4c3"), i = BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"), s = t, c = BigInt("0x100000000000000000000000000000000"), u = $t(s * e, n), o = $t(-r * e, n); let d = M(e - u * t - o * i, n), m = M(-u * r - o * s, n); const A = d > c, N = m > c; if (A && (d = n - d), N && (m = n - m), d > c || m > c) throw new Error("splitScalar: Endomorphism failed, k=" + e); return { k1neg: A, k1: d, k2neg: N, k2: m }; } } }, be); export { We as secp256k1 }; //# sourceMappingURL=secp256k1-C1b9AcNw.js.map