import type { ZKEngine } from '@reclaimprotocol/zk-symmetric-crypto';
import type { InitRequest, ProviderClaimInfo } from '../../proto/api.ts';
import { ClaimTunnelRequest } from '../../proto/api.ts';
import type { IDecryptedTranscript, Logger, OPRFRawReplacement, ProviderCtx, TCPSocketProperties, Transcript } from '../../types/index.ts';
/**
 * Asserts that the claim request is valid.
 *
 * 1. We begin by verifying the signature of the claim request.
 * 2. Next, we produce the transcript of the TLS exchange
 * from the proofs provided by the client.
 * 3. We then pull the provider the client is trying to claim
 * from
 * 4. We then use the provider's verification function to verify
 *  whether the claim is valid.
 *
 * If any of these steps fail, we throw an error.
 */
export declare function assertValidClaimRequest(request: ClaimTunnelRequest, metadata: InitRequest, logger: Logger): Promise<import("../../proto/api.ts").ClaimRequestData>;
/**
 * Verify that the transcript contains a valid claim
 * for the provider.
 */
export declare function assertValidProviderTranscript<T extends ProviderClaimInfo>(applData: Transcript<Uint8Array>, metadata: InitRequest, info: T, logger: Logger, providerCtx: ProviderCtx, oprfRawReplacements?: OPRFRawReplacement[]): Promise<T>;
/**
 * Verify that the transcript provided by the client
 * matches the transcript of the tunnel, the server
 * has created.
 */
export declare function assertTranscriptsMatch(clientTranscript: ClaimTunnelRequest['transcript'], tunnelTranscript: TCPSocketProperties['transcript']): void;
export declare function decryptTranscript(transcript: ClaimTunnelRequest['transcript'], logger: Logger, zkEngine: ZKEngine, serverIV: Uint8Array, clientIV: Uint8Array): Promise<IDecryptedTranscript>;
export declare function getWithoutHeader(message: Uint8Array): Uint8Array<ArrayBuffer>;
