Sponsored
BC.Game
The best crypto casino in the world. Get up to 5 BtC in daily bonuses with our free spin wheel. Spin Now!
Join now and instantly enjoy bonus of 1000000 USDC, 760% exclusive deposit bonus.
Rainbet
Crypto Casino & Sportsbook Play Now!
20k Weekly Raffle ticket, Use Base on Rainbet, Instant Withdrawals, Originals, slots, sports - Provably Fair.
Sponsored
BC.Game
The best crypto casino in the world. 760% exclusive deposits bonus. Deposit Now!
50+ token options, 100% bet insurance for a worry-free gaming experience.
Stake
200% Bonus, Instant Withdrawals, 100K Daily Giveaways, BEST VIP Club Claim Bonus!
20+ Cryptos, 3000+ Slots, Daily & Monthly Bonuses, Exclusive Sports Promos - Provably Fair!
Kings.Game
500% Bonus, 7000+ Slots&Live, VIP Club, Crypto Deposits, Fast Withdrawals! Play Now!
Welcome Bonus 500% + 500FS, VIP Club, Rakeback up to 30%, Daily Wheel 9.99 BTC.
Source Code
Overview
ETH Balance
0 ETH
ETH Value
$0.00
Cross-Chain Transactions
Loading...
Loading
Contract Name:
NattSwap
Compiler Version
v0.8.24+commit.e11b9ed9
Contract Source Code (Solidity)
/** *Submitted for verification at basescan.org on 2026-03-11 */ // Sources flattened with hardhat v2.28.6 https://hardhat.org // SPDX-License-Identifier: MIT // File @openzeppelin/contracts/access/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.4.0) (access/IAccessControl.sol) pragma solidity >=0.8.4; /** * @dev External interface of AccessControl declared to support ERC-165 detection. */ interface IAccessControl { /** * @dev The `account` is missing a role. */ error AccessControlUnauthorizedAccount(address account, bytes32 neededRole); /** * @dev The caller of a function is not the expected one. * * NOTE: Don't confuse with {AccessControlUnauthorizedAccount}. */ error AccessControlBadConfirmation(); /** * @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole` * * `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite * {RoleAdminChanged} not being emitted to signal this. */ event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole); /** * @dev Emitted when `account` is granted `role`. * * `sender` is the account that originated the contract call. This account bears the admin role (for the granted role). * Expected in cases where the role was granted using the internal {AccessControl-_grantRole}. */ event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender); /** * @dev Emitted when `account` is revoked `role`. * * `sender` is the account that originated the contract call: * - if using `revokeRole`, it is the admin role bearer * - if using `renounceRole`, it is the role bearer (i.e. `account`) */ event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender); /** * @dev Returns `true` if `account` has been granted `role`. */ function hasRole(bytes32 role, address account) external view returns (bool); /** * @dev Returns the admin role that controls `role`. See {grantRole} and * {revokeRole}. * * To change a role's admin, use {AccessControl-_setRoleAdmin}. */ function getRoleAdmin(bytes32 role) external view returns (bytes32); /** * @dev Grants `role` to `account`. * * If `account` had not been already granted `role`, emits a {RoleGranted} * event. * * Requirements: * * - the caller must have ``role``'s admin role. */ function grantRole(bytes32 role, address account) external; /** * @dev Revokes `role` from `account`. * * If `account` had been granted `role`, emits a {RoleRevoked} event. * * Requirements: * * - the caller must have ``role``'s admin role. */ function revokeRole(bytes32 role, address account) external; /** * @dev Revokes `role` from the calling account. * * Roles are often managed via {grantRole} and {revokeRole}: this function's * purpose is to provide a mechanism for accounts to lose their privileges * if they are compromised (such as when a trusted device is misplaced). * * If the calling account had been granted `role`, emits a {RoleRevoked} * event. * * Requirements: * * - the caller must be `callerConfirmation`. */ function renounceRole(bytes32 role, address callerConfirmation) external; } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol) pragma solidity ^0.8.20; /** * @dev Provides information about the current execution context, including the * sender of the transaction and its data. While these are generally available * via msg.sender and msg.data, they should not be accessed in such a direct * manner, since when dealing with meta-transactions the account sending and * paying for execution may not be the actual sender (as far as an application * is concerned). * * This contract is only required for intermediate, library-like contracts. */ abstract contract Context { function _msgSender() internal view virtual returns (address) { return msg.sender; } function _msgData() internal view virtual returns (bytes calldata) { return msg.data; } function _contextSuffixLength() internal view virtual returns (uint256) { return 0; } } // File @openzeppelin/contracts/utils/introspection/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol) pragma solidity >=0.4.16; /** * @dev Interface of the ERC-165 standard, as defined in the * https://eips.ethereum.org/EIPS/eip-165[ERC]. * * Implementers can declare support of contract interfaces, which can then be * queried by others ({ERC165Checker}). * * For an implementation, see {ERC165}. */ interface IERC165 { /** * @dev Returns true if this contract implements the interface defined by * `interfaceId`. See the corresponding * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section] * to learn more about how these ids are created. * * This function call must use less than 30 000 gas. */ function supportsInterface(bytes4 interfaceId) external view returns (bool); } // File @openzeppelin/contracts/utils/introspection/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/ERC165.sol) pragma solidity ^0.8.20; /** * @dev Implementation of the {IERC165} interface. * * Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check * for the additional interface id that will be supported. For example: * * ```solidity * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) { * return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId); * } * ``` */ abstract contract ERC165 is IERC165 { /// @inheritdoc IERC165 function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) { return interfaceId == type(IERC165).interfaceId; } } // File @openzeppelin/contracts/access/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (access/AccessControl.sol) pragma solidity ^0.8.20; /** * @dev Contract module that allows children to implement role-based access * control mechanisms. This is a lightweight version that doesn't allow enumerating role * members except through off-chain means by accessing the contract event logs. Some * applications may benefit from on-chain enumerability, for those cases see * {AccessControlEnumerable}. * * Roles are referred to by their `bytes32` identifier. These should be exposed * in the external API and be unique. The best way to achieve this is by * using `public constant` hash digests: * * ```solidity * bytes32 public constant MY_ROLE = keccak256("MY_ROLE"); * ``` * * Roles can be used to represent a set of permissions. To restrict access to a * function call, use {hasRole}: * * ```solidity * function foo() public { * require(hasRole(MY_ROLE, msg.sender)); * ... * } * ``` * * Roles can be granted and revoked dynamically via the {grantRole} and * {revokeRole} functions. Each role has an associated admin role, and only * accounts that have a role's admin role can call {grantRole} and {revokeRole}. * * By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means * that only accounts with this role will be able to grant or revoke other * roles. More complex role relationships can be created by using * {_setRoleAdmin}. * * WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to * grant and revoke this role. Extra precautions should be taken to secure * accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules} * to enforce additional security measures for this role. */ abstract contract AccessControl is Context, IAccessControl, ERC165 { struct RoleData { mapping(address account => bool) hasRole; bytes32 adminRole; } mapping(bytes32 role => RoleData) private _roles; bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00; /** * @dev Modifier that checks that an account has a specific role. Reverts * with an {AccessControlUnauthorizedAccount} error including the required role. */ modifier onlyRole(bytes32 role) { _checkRole(role); _; } /// @inheritdoc ERC165 function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) { return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId); } /** * @dev Returns `true` if `account` has been granted `role`. */ function hasRole(bytes32 role, address account) public view virtual returns (bool) { return _roles[role].hasRole[account]; } /** * @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()` * is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier. */ function _checkRole(bytes32 role) internal view virtual { _checkRole(role, _msgSender()); } /** * @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account` * is missing `role`. */ function _checkRole(bytes32 role, address account) internal view virtual { if (!hasRole(role, account)) { revert AccessControlUnauthorizedAccount(account, role); } } /** * @dev Returns the admin role that controls `role`. See {grantRole} and * {revokeRole}. * * To change a role's admin, use {_setRoleAdmin}. */ function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) { return _roles[role].adminRole; } /** * @dev Grants `role` to `account`. * * If `account` had not been already granted `role`, emits a {RoleGranted} * event. * * Requirements: * * - the caller must have ``role``'s admin role. * * May emit a {RoleGranted} event. */ function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) { _grantRole(role, account); } /** * @dev Revokes `role` from `account`. * * If `account` had been granted `role`, emits a {RoleRevoked} event. * * Requirements: * * - the caller must have ``role``'s admin role. * * May emit a {RoleRevoked} event. */ function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) { _revokeRole(role, account); } /** * @dev Revokes `role` from the calling account. * * Roles are often managed via {grantRole} and {revokeRole}: this function's * purpose is to provide a mechanism for accounts to lose their privileges * if they are compromised (such as when a trusted device is misplaced). * * If the calling account had been revoked `role`, emits a {RoleRevoked} * event. * * Requirements: * * - the caller must be `callerConfirmation`. * * May emit a {RoleRevoked} event. */ function renounceRole(bytes32 role, address callerConfirmation) public virtual { if (callerConfirmation != _msgSender()) { revert AccessControlBadConfirmation(); } _revokeRole(role, callerConfirmation); } /** * @dev Sets `adminRole` as ``role``'s admin role. * * Emits a {RoleAdminChanged} event. */ function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual { bytes32 previousAdminRole = getRoleAdmin(role); _roles[role].adminRole = adminRole; emit RoleAdminChanged(role, previousAdminRole, adminRole); } /** * @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted. * * Internal function without access restriction. * * May emit a {RoleGranted} event. */ function _grantRole(bytes32 role, address account) internal virtual returns (bool) { if (!hasRole(role, account)) { _roles[role].hasRole[account] = true; emit RoleGranted(role, account, _msgSender()); return true; } else { return false; } } /** * @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked. * * Internal function without access restriction. * * May emit a {RoleRevoked} event. */ function _revokeRole(bytes32 role, address account) internal virtual returns (bool) { if (hasRole(role, account)) { _roles[role].hasRole[account] = false; emit RoleRevoked(role, account, _msgSender()); return true; } else { return false; } } } // File @openzeppelin/contracts/utils/math/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/math/SafeCast.sol) // This file was procedurally generated from scripts/generate/templates/SafeCast.js. pragma solidity ^0.8.20; /** * @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow * checks. * * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can * easily result in undesired exploitation or bugs, since developers usually * assume that overflows raise errors. `SafeCast` restores this intuition by * reverting the transaction when such an operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. */ library SafeCast { /** * @dev Value doesn't fit in a uint of `bits` size. */ error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value); /** * @dev An int value doesn't fit in a uint of `bits` size. */ error SafeCastOverflowedIntToUint(int256 value); /** * @dev Value doesn't fit in an int of `bits` size. */ error SafeCastOverflowedIntDowncast(uint8 bits, int256 value); /** * @dev A uint value doesn't fit in an int of `bits` size. */ error SafeCastOverflowedUintToInt(uint256 value); /** * @dev Returns the downcasted uint248 from uint256, reverting on * overflow (when the input is greater than largest uint248). * * Counterpart to Solidity's `uint248` operator. * * Requirements: * * - input must fit into 248 bits */ function toUint248(uint256 value) internal pure returns (uint248) { if (value > type(uint248).max) { revert SafeCastOverflowedUintDowncast(248, value); } return uint248(value); } /** * @dev Returns the downcasted uint240 from uint256, reverting on * overflow (when the input is greater than largest uint240). * * Counterpart to Solidity's `uint240` operator. * * Requirements: * * - input must fit into 240 bits */ function toUint240(uint256 value) internal pure returns (uint240) { if (value > type(uint240).max) { revert SafeCastOverflowedUintDowncast(240, value); } return uint240(value); } /** * @dev Returns the downcasted uint232 from uint256, reverting on * overflow (when the input is greater than largest uint232). * * Counterpart to Solidity's `uint232` operator. * * Requirements: * * - input must fit into 232 bits */ function toUint232(uint256 value) internal pure returns (uint232) { if (value > type(uint232).max) { revert SafeCastOverflowedUintDowncast(232, value); } return uint232(value); } /** * @dev Returns the downcasted uint224 from uint256, reverting on * overflow (when the input is greater than largest uint224). * * Counterpart to Solidity's `uint224` operator. * * Requirements: * * - input must fit into 224 bits */ function toUint224(uint256 value) internal pure returns (uint224) { if (value > type(uint224).max) { revert SafeCastOverflowedUintDowncast(224, value); } return uint224(value); } /** * @dev Returns the downcasted uint216 from uint256, reverting on * overflow (when the input is greater than largest uint216). * * Counterpart to Solidity's `uint216` operator. * * Requirements: * * - input must fit into 216 bits */ function toUint216(uint256 value) internal pure returns (uint216) { if (value > type(uint216).max) { revert SafeCastOverflowedUintDowncast(216, value); } return uint216(value); } /** * @dev Returns the downcasted uint208 from uint256, reverting on * overflow (when the input is greater than largest uint208). * * Counterpart to Solidity's `uint208` operator. * * Requirements: * * - input must fit into 208 bits */ function toUint208(uint256 value) internal pure returns (uint208) { if (value > type(uint208).max) { revert SafeCastOverflowedUintDowncast(208, value); } return uint208(value); } /** * @dev Returns the downcasted uint200 from uint256, reverting on * overflow (when the input is greater than largest uint200). * * Counterpart to Solidity's `uint200` operator. * * Requirements: * * - input must fit into 200 bits */ function toUint200(uint256 value) internal pure returns (uint200) { if (value > type(uint200).max) { revert SafeCastOverflowedUintDowncast(200, value); } return uint200(value); } /** * @dev Returns the downcasted uint192 from uint256, reverting on * overflow (when the input is greater than largest uint192). * * Counterpart to Solidity's `uint192` operator. * * Requirements: * * - input must fit into 192 bits */ function toUint192(uint256 value) internal pure returns (uint192) { if (value > type(uint192).max) { revert SafeCastOverflowedUintDowncast(192, value); } return uint192(value); } /** * @dev Returns the downcasted uint184 from uint256, reverting on * overflow (when the input is greater than largest uint184). * * Counterpart to Solidity's `uint184` operator. * * Requirements: * * - input must fit into 184 bits */ function toUint184(uint256 value) internal pure returns (uint184) { if (value > type(uint184).max) { revert SafeCastOverflowedUintDowncast(184, value); } return uint184(value); } /** * @dev Returns the downcasted uint176 from uint256, reverting on * overflow (when the input is greater than largest uint176). * * Counterpart to Solidity's `uint176` operator. * * Requirements: * * - input must fit into 176 bits */ function toUint176(uint256 value) internal pure returns (uint176) { if (value > type(uint176).max) { revert SafeCastOverflowedUintDowncast(176, value); } return uint176(value); } /** * @dev Returns the downcasted uint168 from uint256, reverting on * overflow (when the input is greater than largest uint168). * * Counterpart to Solidity's `uint168` operator. * * Requirements: * * - input must fit into 168 bits */ function toUint168(uint256 value) internal pure returns (uint168) { if (value > type(uint168).max) { revert SafeCastOverflowedUintDowncast(168, value); } return uint168(value); } /** * @dev Returns the downcasted uint160 from uint256, reverting on * overflow (when the input is greater than largest uint160). * * Counterpart to Solidity's `uint160` operator. * * Requirements: * * - input must fit into 160 bits */ function toUint160(uint256 value) internal pure returns (uint160) { if (value > type(uint160).max) { revert SafeCastOverflowedUintDowncast(160, value); } return uint160(value); } /** * @dev Returns the downcasted uint152 from uint256, reverting on * overflow (when the input is greater than largest uint152). * * Counterpart to Solidity's `uint152` operator. * * Requirements: * * - input must fit into 152 bits */ function toUint152(uint256 value) internal pure returns (uint152) { if (value > type(uint152).max) { revert SafeCastOverflowedUintDowncast(152, value); } return uint152(value); } /** * @dev Returns the downcasted uint144 from uint256, reverting on * overflow (when the input is greater than largest uint144). * * Counterpart to Solidity's `uint144` operator. * * Requirements: * * - input must fit into 144 bits */ function toUint144(uint256 value) internal pure returns (uint144) { if (value > type(uint144).max) { revert SafeCastOverflowedUintDowncast(144, value); } return uint144(value); } /** * @dev Returns the downcasted uint136 from uint256, reverting on * overflow (when the input is greater than largest uint136). * * Counterpart to Solidity's `uint136` operator. * * Requirements: * * - input must fit into 136 bits */ function toUint136(uint256 value) internal pure returns (uint136) { if (value > type(uint136).max) { revert SafeCastOverflowedUintDowncast(136, value); } return uint136(value); } /** * @dev Returns the downcasted uint128 from uint256, reverting on * overflow (when the input is greater than largest uint128). * * Counterpart to Solidity's `uint128` operator. * * Requirements: * * - input must fit into 128 bits */ function toUint128(uint256 value) internal pure returns (uint128) { if (value > type(uint128).max) { revert SafeCastOverflowedUintDowncast(128, value); } return uint128(value); } /** * @dev Returns the downcasted uint120 from uint256, reverting on * overflow (when the input is greater than largest uint120). * * Counterpart to Solidity's `uint120` operator. * * Requirements: * * - input must fit into 120 bits */ function toUint120(uint256 value) internal pure returns (uint120) { if (value > type(uint120).max) { revert SafeCastOverflowedUintDowncast(120, value); } return uint120(value); } /** * @dev Returns the downcasted uint112 from uint256, reverting on * overflow (when the input is greater than largest uint112). * * Counterpart to Solidity's `uint112` operator. * * Requirements: * * - input must fit into 112 bits */ function toUint112(uint256 value) internal pure returns (uint112) { if (value > type(uint112).max) { revert SafeCastOverflowedUintDowncast(112, value); } return uint112(value); } /** * @dev Returns the downcasted uint104 from uint256, reverting on * overflow (when the input is greater than largest uint104). * * Counterpart to Solidity's `uint104` operator. * * Requirements: * * - input must fit into 104 bits */ function toUint104(uint256 value) internal pure returns (uint104) { if (value > type(uint104).max) { revert SafeCastOverflowedUintDowncast(104, value); } return uint104(value); } /** * @dev Returns the downcasted uint96 from uint256, reverting on * overflow (when the input is greater than largest uint96). * * Counterpart to Solidity's `uint96` operator. * * Requirements: * * - input must fit into 96 bits */ function toUint96(uint256 value) internal pure returns (uint96) { if (value > type(uint96).max) { revert SafeCastOverflowedUintDowncast(96, value); } return uint96(value); } /** * @dev Returns the downcasted uint88 from uint256, reverting on * overflow (when the input is greater than largest uint88). * * Counterpart to Solidity's `uint88` operator. * * Requirements: * * - input must fit into 88 bits */ function toUint88(uint256 value) internal pure returns (uint88) { if (value > type(uint88).max) { revert SafeCastOverflowedUintDowncast(88, value); } return uint88(value); } /** * @dev Returns the downcasted uint80 from uint256, reverting on * overflow (when the input is greater than largest uint80). * * Counterpart to Solidity's `uint80` operator. * * Requirements: * * - input must fit into 80 bits */ function toUint80(uint256 value) internal pure returns (uint80) { if (value > type(uint80).max) { revert SafeCastOverflowedUintDowncast(80, value); } return uint80(value); } /** * @dev Returns the downcasted uint72 from uint256, reverting on * overflow (when the input is greater than largest uint72). * * Counterpart to Solidity's `uint72` operator. * * Requirements: * * - input must fit into 72 bits */ function toUint72(uint256 value) internal pure returns (uint72) { if (value > type(uint72).max) { revert SafeCastOverflowedUintDowncast(72, value); } return uint72(value); } /** * @dev Returns the downcasted uint64 from uint256, reverting on * overflow (when the input is greater than largest uint64). * * Counterpart to Solidity's `uint64` operator. * * Requirements: * * - input must fit into 64 bits */ function toUint64(uint256 value) internal pure returns (uint64) { if (value > type(uint64).max) { revert SafeCastOverflowedUintDowncast(64, value); } return uint64(value); } /** * @dev Returns the downcasted uint56 from uint256, reverting on * overflow (when the input is greater than largest uint56). * * Counterpart to Solidity's `uint56` operator. * * Requirements: * * - input must fit into 56 bits */ function toUint56(uint256 value) internal pure returns (uint56) { if (value > type(uint56).max) { revert SafeCastOverflowedUintDowncast(56, value); } return uint56(value); } /** * @dev Returns the downcasted uint48 from uint256, reverting on * overflow (when the input is greater than largest uint48). * * Counterpart to Solidity's `uint48` operator. * * Requirements: * * - input must fit into 48 bits */ function toUint48(uint256 value) internal pure returns (uint48) { if (value > type(uint48).max) { revert SafeCastOverflowedUintDowncast(48, value); } return uint48(value); } /** * @dev Returns the downcasted uint40 from uint256, reverting on * overflow (when the input is greater than largest uint40). * * Counterpart to Solidity's `uint40` operator. * * Requirements: * * - input must fit into 40 bits */ function toUint40(uint256 value) internal pure returns (uint40) { if (value > type(uint40).max) { revert SafeCastOverflowedUintDowncast(40, value); } return uint40(value); } /** * @dev Returns the downcasted uint32 from uint256, reverting on * overflow (when the input is greater than largest uint32). * * Counterpart to Solidity's `uint32` operator. * * Requirements: * * - input must fit into 32 bits */ function toUint32(uint256 value) internal pure returns (uint32) { if (value > type(uint32).max) { revert SafeCastOverflowedUintDowncast(32, value); } return uint32(value); } /** * @dev Returns the downcasted uint24 from uint256, reverting on * overflow (when the input is greater than largest uint24). * * Counterpart to Solidity's `uint24` operator. * * Requirements: * * - input must fit into 24 bits */ function toUint24(uint256 value) internal pure returns (uint24) { if (value > type(uint24).max) { revert SafeCastOverflowedUintDowncast(24, value); } return uint24(value); } /** * @dev Returns the downcasted uint16 from uint256, reverting on * overflow (when the input is greater than largest uint16). * * Counterpart to Solidity's `uint16` operator. * * Requirements: * * - input must fit into 16 bits */ function toUint16(uint256 value) internal pure returns (uint16) { if (value > type(uint16).max) { revert SafeCastOverflowedUintDowncast(16, value); } return uint16(value); } /** * @dev Returns the downcasted uint8 from uint256, reverting on * overflow (when the input is greater than largest uint8). * * Counterpart to Solidity's `uint8` operator. * * Requirements: * * - input must fit into 8 bits */ function toUint8(uint256 value) internal pure returns (uint8) { if (value > type(uint8).max) { revert SafeCastOverflowedUintDowncast(8, value); } return uint8(value); } /** * @dev Converts a signed int256 into an unsigned uint256. * * Requirements: * * - input must be greater than or equal to 0. */ function toUint256(int256 value) internal pure returns (uint256) { if (value < 0) { revert SafeCastOverflowedIntToUint(value); } return uint256(value); } /** * @dev Returns the downcasted int248 from int256, reverting on * overflow (when the input is less than smallest int248 or * greater than largest int248). * * Counterpart to Solidity's `int248` operator. * * Requirements: * * - input must fit into 248 bits */ function toInt248(int256 value) internal pure returns (int248 downcasted) { downcasted = int248(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(248, value); } } /** * @dev Returns the downcasted int240 from int256, reverting on * overflow (when the input is less than smallest int240 or * greater than largest int240). * * Counterpart to Solidity's `int240` operator. * * Requirements: * * - input must fit into 240 bits */ function toInt240(int256 value) internal pure returns (int240 downcasted) { downcasted = int240(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(240, value); } } /** * @dev Returns the downcasted int232 from int256, reverting on * overflow (when the input is less than smallest int232 or * greater than largest int232). * * Counterpart to Solidity's `int232` operator. * * Requirements: * * - input must fit into 232 bits */ function toInt232(int256 value) internal pure returns (int232 downcasted) { downcasted = int232(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(232, value); } } /** * @dev Returns the downcasted int224 from int256, reverting on * overflow (when the input is less than smallest int224 or * greater than largest int224). * * Counterpart to Solidity's `int224` operator. * * Requirements: * * - input must fit into 224 bits */ function toInt224(int256 value) internal pure returns (int224 downcasted) { downcasted = int224(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(224, value); } } /** * @dev Returns the downcasted int216 from int256, reverting on * overflow (when the input is less than smallest int216 or * greater than largest int216). * * Counterpart to Solidity's `int216` operator. * * Requirements: * * - input must fit into 216 bits */ function toInt216(int256 value) internal pure returns (int216 downcasted) { downcasted = int216(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(216, value); } } /** * @dev Returns the downcasted int208 from int256, reverting on * overflow (when the input is less than smallest int208 or * greater than largest int208). * * Counterpart to Solidity's `int208` operator. * * Requirements: * * - input must fit into 208 bits */ function toInt208(int256 value) internal pure returns (int208 downcasted) { downcasted = int208(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(208, value); } } /** * @dev Returns the downcasted int200 from int256, reverting on * overflow (when the input is less than smallest int200 or * greater than largest int200). * * Counterpart to Solidity's `int200` operator. * * Requirements: * * - input must fit into 200 bits */ function toInt200(int256 value) internal pure returns (int200 downcasted) { downcasted = int200(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(200, value); } } /** * @dev Returns the downcasted int192 from int256, reverting on * overflow (when the input is less than smallest int192 or * greater than largest int192). * * Counterpart to Solidity's `int192` operator. * * Requirements: * * - input must fit into 192 bits */ function toInt192(int256 value) internal pure returns (int192 downcasted) { downcasted = int192(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(192, value); } } /** * @dev Returns the downcasted int184 from int256, reverting on * overflow (when the input is less than smallest int184 or * greater than largest int184). * * Counterpart to Solidity's `int184` operator. * * Requirements: * * - input must fit into 184 bits */ function toInt184(int256 value) internal pure returns (int184 downcasted) { downcasted = int184(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(184, value); } } /** * @dev Returns the downcasted int176 from int256, reverting on * overflow (when the input is less than smallest int176 or * greater than largest int176). * * Counterpart to Solidity's `int176` operator. * * Requirements: * * - input must fit into 176 bits */ function toInt176(int256 value) internal pure returns (int176 downcasted) { downcasted = int176(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(176, value); } } /** * @dev Returns the downcasted int168 from int256, reverting on * overflow (when the input is less than smallest int168 or * greater than largest int168). * * Counterpart to Solidity's `int168` operator. * * Requirements: * * - input must fit into 168 bits */ function toInt168(int256 value) internal pure returns (int168 downcasted) { downcasted = int168(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(168, value); } } /** * @dev Returns the downcasted int160 from int256, reverting on * overflow (when the input is less than smallest int160 or * greater than largest int160). * * Counterpart to Solidity's `int160` operator. * * Requirements: * * - input must fit into 160 bits */ function toInt160(int256 value) internal pure returns (int160 downcasted) { downcasted = int160(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(160, value); } } /** * @dev Returns the downcasted int152 from int256, reverting on * overflow (when the input is less than smallest int152 or * greater than largest int152). * * Counterpart to Solidity's `int152` operator. * * Requirements: * * - input must fit into 152 bits */ function toInt152(int256 value) internal pure returns (int152 downcasted) { downcasted = int152(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(152, value); } } /** * @dev Returns the downcasted int144 from int256, reverting on * overflow (when the input is less than smallest int144 or * greater than largest int144). * * Counterpart to Solidity's `int144` operator. * * Requirements: * * - input must fit into 144 bits */ function toInt144(int256 value) internal pure returns (int144 downcasted) { downcasted = int144(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(144, value); } } /** * @dev Returns the downcasted int136 from int256, reverting on * overflow (when the input is less than smallest int136 or * greater than largest int136). * * Counterpart to Solidity's `int136` operator. * * Requirements: * * - input must fit into 136 bits */ function toInt136(int256 value) internal pure returns (int136 downcasted) { downcasted = int136(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(136, value); } } /** * @dev Returns the downcasted int128 from int256, reverting on * overflow (when the input is less than smallest int128 or * greater than largest int128). * * Counterpart to Solidity's `int128` operator. * * Requirements: * * - input must fit into 128 bits */ function toInt128(int256 value) internal pure returns (int128 downcasted) { downcasted = int128(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(128, value); } } /** * @dev Returns the downcasted int120 from int256, reverting on * overflow (when the input is less than smallest int120 or * greater than largest int120). * * Counterpart to Solidity's `int120` operator. * * Requirements: * * - input must fit into 120 bits */ function toInt120(int256 value) internal pure returns (int120 downcasted) { downcasted = int120(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(120, value); } } /** * @dev Returns the downcasted int112 from int256, reverting on * overflow (when the input is less than smallest int112 or * greater than largest int112). * * Counterpart to Solidity's `int112` operator. * * Requirements: * * - input must fit into 112 bits */ function toInt112(int256 value) internal pure returns (int112 downcasted) { downcasted = int112(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(112, value); } } /** * @dev Returns the downcasted int104 from int256, reverting on * overflow (when the input is less than smallest int104 or * greater than largest int104). * * Counterpart to Solidity's `int104` operator. * * Requirements: * * - input must fit into 104 bits */ function toInt104(int256 value) internal pure returns (int104 downcasted) { downcasted = int104(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(104, value); } } /** * @dev Returns the downcasted int96 from int256, reverting on * overflow (when the input is less than smallest int96 or * greater than largest int96). * * Counterpart to Solidity's `int96` operator. * * Requirements: * * - input must fit into 96 bits */ function toInt96(int256 value) internal pure returns (int96 downcasted) { downcasted = int96(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(96, value); } } /** * @dev Returns the downcasted int88 from int256, reverting on * overflow (when the input is less than smallest int88 or * greater than largest int88). * * Counterpart to Solidity's `int88` operator. * * Requirements: * * - input must fit into 88 bits */ function toInt88(int256 value) internal pure returns (int88 downcasted) { downcasted = int88(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(88, value); } } /** * @dev Returns the downcasted int80 from int256, reverting on * overflow (when the input is less than smallest int80 or * greater than largest int80). * * Counterpart to Solidity's `int80` operator. * * Requirements: * * - input must fit into 80 bits */ function toInt80(int256 value) internal pure returns (int80 downcasted) { downcasted = int80(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(80, value); } } /** * @dev Returns the downcasted int72 from int256, reverting on * overflow (when the input is less than smallest int72 or * greater than largest int72). * * Counterpart to Solidity's `int72` operator. * * Requirements: * * - input must fit into 72 bits */ function toInt72(int256 value) internal pure returns (int72 downcasted) { downcasted = int72(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(72, value); } } /** * @dev Returns the downcasted int64 from int256, reverting on * overflow (when the input is less than smallest int64 or * greater than largest int64). * * Counterpart to Solidity's `int64` operator. * * Requirements: * * - input must fit into 64 bits */ function toInt64(int256 value) internal pure returns (int64 downcasted) { downcasted = int64(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(64, value); } } /** * @dev Returns the downcasted int56 from int256, reverting on * overflow (when the input is less than smallest int56 or * greater than largest int56). * * Counterpart to Solidity's `int56` operator. * * Requirements: * * - input must fit into 56 bits */ function toInt56(int256 value) internal pure returns (int56 downcasted) { downcasted = int56(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(56, value); } } /** * @dev Returns the downcasted int48 from int256, reverting on * overflow (when the input is less than smallest int48 or * greater than largest int48). * * Counterpart to Solidity's `int48` operator. * * Requirements: * * - input must fit into 48 bits */ function toInt48(int256 value) internal pure returns (int48 downcasted) { downcasted = int48(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(48, value); } } /** * @dev Returns the downcasted int40 from int256, reverting on * overflow (when the input is less than smallest int40 or * greater than largest int40). * * Counterpart to Solidity's `int40` operator. * * Requirements: * * - input must fit into 40 bits */ function toInt40(int256 value) internal pure returns (int40 downcasted) { downcasted = int40(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(40, value); } } /** * @dev Returns the downcasted int32 from int256, reverting on * overflow (when the input is less than smallest int32 or * greater than largest int32). * * Counterpart to Solidity's `int32` operator. * * Requirements: * * - input must fit into 32 bits */ function toInt32(int256 value) internal pure returns (int32 downcasted) { downcasted = int32(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(32, value); } } /** * @dev Returns the downcasted int24 from int256, reverting on * overflow (when the input is less than smallest int24 or * greater than largest int24). * * Counterpart to Solidity's `int24` operator. * * Requirements: * * - input must fit into 24 bits */ function toInt24(int256 value) internal pure returns (int24 downcasted) { downcasted = int24(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(24, value); } } /** * @dev Returns the downcasted int16 from int256, reverting on * overflow (when the input is less than smallest int16 or * greater than largest int16). * * Counterpart to Solidity's `int16` operator. * * Requirements: * * - input must fit into 16 bits */ function toInt16(int256 value) internal pure returns (int16 downcasted) { downcasted = int16(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(16, value); } } /** * @dev Returns the downcasted int8 from int256, reverting on * overflow (when the input is less than smallest int8 or * greater than largest int8). * * Counterpart to Solidity's `int8` operator. * * Requirements: * * - input must fit into 8 bits */ function toInt8(int256 value) internal pure returns (int8 downcasted) { downcasted = int8(value); if (downcasted != value) { revert SafeCastOverflowedIntDowncast(8, value); } } /** * @dev Converts an unsigned uint256 into a signed int256. * * Requirements: * * - input must be less than or equal to maxInt256. */ function toInt256(uint256 value) internal pure returns (int256) { // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive if (value > uint256(type(int256).max)) { revert SafeCastOverflowedUintToInt(value); } return int256(value); } /** * @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump. */ function toUint(bool b) internal pure returns (uint256 u) { assembly ("memory-safe") { u := iszero(iszero(b)) } } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol) pragma solidity ^0.8.20; /** * @dev Helper library for emitting standardized panic codes. * * ```solidity * contract Example { * using Panic for uint256; * * // Use any of the declared internal constants * function foo() { Panic.GENERIC.panic(); } * * // Alternatively * function foo() { Panic.panic(Panic.GENERIC); } * } * ``` * * Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil]. * * _Available since v5.1._ */ // slither-disable-next-line unused-state library Panic { /// @dev generic / unspecified error uint256 internal constant GENERIC = 0x00; /// @dev used by the assert() builtin uint256 internal constant ASSERT = 0x01; /// @dev arithmetic underflow or overflow uint256 internal constant UNDER_OVERFLOW = 0x11; /// @dev division or modulo by zero uint256 internal constant DIVISION_BY_ZERO = 0x12; /// @dev enum conversion error uint256 internal constant ENUM_CONVERSION_ERROR = 0x21; /// @dev invalid encoding in storage uint256 internal constant STORAGE_ENCODING_ERROR = 0x22; /// @dev empty array pop uint256 internal constant EMPTY_ARRAY_POP = 0x31; /// @dev array out of bounds access uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32; /// @dev resource error (too large allocation or too large array) uint256 internal constant RESOURCE_ERROR = 0x41; /// @dev calling invalid internal function uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51; /// @dev Reverts with a panic code. Recommended to use with /// the internal constants with predefined codes. function panic(uint256 code) internal pure { assembly ("memory-safe") { mstore(0x00, 0x4e487b71) mstore(0x20, code) revert(0x1c, 0x24) } } } // File @openzeppelin/contracts/utils/math/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/math/Math.sol) pragma solidity ^0.8.20; /** * @dev Standard math utilities missing in the Solidity language. */ library Math { enum Rounding { Floor, // Toward negative infinity Ceil, // Toward positive infinity Trunc, // Toward zero Expand // Away from zero } /** * @dev Return the 512-bit addition of two uint256. * * The result is stored in two 256 variables such that sum = high * 2²⁵⁶ + low. */ function add512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) { assembly ("memory-safe") { low := add(a, b) high := lt(low, a) } } /** * @dev Return the 512-bit multiplication of two uint256. * * The result is stored in two 256 variables such that product = high * 2²⁵⁶ + low. */ function mul512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) { // 512-bit multiply [high low] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use // the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256 // variables such that product = high * 2²⁵⁶ + low. assembly ("memory-safe") { let mm := mulmod(a, b, not(0)) low := mul(a, b) high := sub(sub(mm, low), lt(mm, low)) } } /** * @dev Returns the addition of two unsigned integers, with a success flag (no overflow). */ function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) { unchecked { uint256 c = a + b; success = c >= a; result = c * SafeCast.toUint(success); } } /** * @dev Returns the subtraction of two unsigned integers, with a success flag (no overflow). */ function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) { unchecked { uint256 c = a - b; success = c <= a; result = c * SafeCast.toUint(success); } } /** * @dev Returns the multiplication of two unsigned integers, with a success flag (no overflow). */ function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) { unchecked { uint256 c = a * b; assembly ("memory-safe") { // Only true when the multiplication doesn't overflow // (c / a == b) || (a == 0) success := or(eq(div(c, a), b), iszero(a)) } // equivalent to: success ? c : 0 result = c * SafeCast.toUint(success); } } /** * @dev Returns the division of two unsigned integers, with a success flag (no division by zero). */ function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) { unchecked { success = b > 0; assembly ("memory-safe") { // The `DIV` opcode returns zero when the denominator is 0. result := div(a, b) } } } /** * @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero). */ function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) { unchecked { success = b > 0; assembly ("memory-safe") { // The `MOD` opcode returns zero when the denominator is 0. result := mod(a, b) } } } /** * @dev Unsigned saturating addition, bounds to `2²⁵⁶ - 1` instead of overflowing. */ function saturatingAdd(uint256 a, uint256 b) internal pure returns (uint256) { (bool success, uint256 result) = tryAdd(a, b); return ternary(success, result, type(uint256).max); } /** * @dev Unsigned saturating subtraction, bounds to zero instead of overflowing. */ function saturatingSub(uint256 a, uint256 b) internal pure returns (uint256) { (, uint256 result) = trySub(a, b); return result; } /** * @dev Unsigned saturating multiplication, bounds to `2²⁵⁶ - 1` instead of overflowing. */ function saturatingMul(uint256 a, uint256 b) internal pure returns (uint256) { (bool success, uint256 result) = tryMul(a, b); return ternary(success, result, type(uint256).max); } /** * @dev Branchless ternary evaluation for `condition ? a : b`. Gas costs are constant. * * IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone. * However, the compiler may optimize Solidity ternary operations (i.e. `condition ? a : b`) to only compute * one branch when needed, making this function more expensive. */ function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) { unchecked { // branchless ternary works because: // b ^ (a ^ b) == a // b ^ 0 == b return b ^ ((a ^ b) * SafeCast.toUint(condition)); } } /** * @dev Returns the largest of two numbers. */ function max(uint256 a, uint256 b) internal pure returns (uint256) { return ternary(a > b, a, b); } /** * @dev Returns the smallest of two numbers. */ function min(uint256 a, uint256 b) internal pure returns (uint256) { return ternary(a < b, a, b); } /** * @dev Returns the average of two numbers. The result is rounded towards * zero. */ function average(uint256 a, uint256 b) internal pure returns (uint256) { unchecked { // (a + b) / 2 can overflow. return (a & b) + (a ^ b) / 2; } } /** * @dev Returns the ceiling of the division of two numbers. * * This differs from standard division with `/` in that it rounds towards infinity instead * of rounding towards zero. */ function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) { if (b == 0) { // Guarantee the same behavior as in a regular Solidity division. Panic.panic(Panic.DIVISION_BY_ZERO); } // The following calculation ensures accurate ceiling division without overflow. // Since a is non-zero, (a - 1) / b will not overflow. // The largest possible result occurs when (a - 1) / b is type(uint256).max, // but the largest value we can obtain is type(uint256).max - 1, which happens // when a = type(uint256).max and b = 1. unchecked { return SafeCast.toUint(a > 0) * ((a - 1) / b + 1); } } /** * @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or * denominator == 0. * * Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by * Uniswap Labs also under MIT license. */ function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) { unchecked { (uint256 high, uint256 low) = mul512(x, y); // Handle non-overflow cases, 256 by 256 division. if (high == 0) { // Solidity will revert if denominator == 0, unlike the div opcode on its own. // The surrounding unchecked block does not change this fact. // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic. return low / denominator; } // Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0. if (denominator <= high) { Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW)); } /////////////////////////////////////////////// // 512 by 256 division. /////////////////////////////////////////////// // Make division exact by subtracting the remainder from [high low]. uint256 remainder; assembly ("memory-safe") { // Compute remainder using mulmod. remainder := mulmod(x, y, denominator) // Subtract 256 bit number from 512 bit number. high := sub(high, gt(remainder, low)) low := sub(low, remainder) } // Factor powers of two out of denominator and compute largest power of two divisor of denominator. // Always >= 1. See https://cs.stackexchange.com/q/138556/92363. uint256 twos = denominator & (0 - denominator); assembly ("memory-safe") { // Divide denominator by twos. denominator := div(denominator, twos) // Divide [high low] by twos. low := div(low, twos) // Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one. twos := add(div(sub(0, twos), twos), 1) } // Shift in bits from high into low. low |= high * twos; // Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such // that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for // four bits. That is, denominator * inv ≡ 1 mod 2⁴. uint256 inverse = (3 * denominator) ^ 2; // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also // works in modular arithmetic, doubling the correct bits in each step. inverse *= 2 - denominator * inverse; // inverse mod 2⁸ inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶ inverse *= 2 - denominator * inverse; // inverse mod 2³² inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴ inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸ inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶ // Because the division is now exact we can divide by multiplying with the modular inverse of denominator. // This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is // less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and high // is no longer required. result = low * inverse; return result; } } /** * @dev Calculates x * y / denominator with full precision, following the selected rounding direction. */ function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) { return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0); } /** * @dev Calculates floor(x * y >> n) with full precision. Throws if result overflows a uint256. */ function mulShr(uint256 x, uint256 y, uint8 n) internal pure returns (uint256 result) { unchecked { (uint256 high, uint256 low) = mul512(x, y); if (high >= 1 << n) { Panic.panic(Panic.UNDER_OVERFLOW); } return (high << (256 - n)) | (low >> n); } } /** * @dev Calculates x * y >> n with full precision, following the selected rounding direction. */ function mulShr(uint256 x, uint256 y, uint8 n, Rounding rounding) internal pure returns (uint256) { return mulShr(x, y, n) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, 1 << n) > 0); } /** * @dev Calculate the modular multiplicative inverse of a number in Z/nZ. * * If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0. * If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible. * * If the input value is not inversible, 0 is returned. * * NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the * inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}. */ function invMod(uint256 a, uint256 n) internal pure returns (uint256) { unchecked { if (n == 0) return 0; // The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version) // Used to compute integers x and y such that: ax + ny = gcd(a, n). // When the gcd is 1, then the inverse of a modulo n exists and it's x. // ax + ny = 1 // ax = 1 + (-y)n // ax ≡ 1 (mod n) # x is the inverse of a modulo n // If the remainder is 0 the gcd is n right away. uint256 remainder = a % n; uint256 gcd = n; // Therefore the initial coefficients are: // ax + ny = gcd(a, n) = n // 0a + 1n = n int256 x = 0; int256 y = 1; while (remainder != 0) { uint256 quotient = gcd / remainder; (gcd, remainder) = ( // The old remainder is the next gcd to try. remainder, // Compute the next remainder. // Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd // where gcd is at most n (capped to type(uint256).max) gcd - remainder * quotient ); (x, y) = ( // Increment the coefficient of a. y, // Decrement the coefficient of n. // Can overflow, but the result is casted to uint256 so that the // next value of y is "wrapped around" to a value between 0 and n - 1. x - y * int256(quotient) ); } if (gcd != 1) return 0; // No inverse exists. return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative. } } /** * @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`. * * From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is * prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that * `a**(p-2)` is the modular multiplicative inverse of a in Fp. * * NOTE: this function does NOT check that `p` is a prime greater than `2`. */ function invModPrime(uint256 a, uint256 p) internal view returns (uint256) { unchecked { return Math.modExp(a, p - 2, p); } } /** * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m) * * Requirements: * - modulus can't be zero * - underlying staticcall to precompile must succeed * * IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make * sure the chain you're using it on supports the precompiled contract for modular exponentiation * at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, * the underlying function will succeed given the lack of a revert, but the result may be incorrectly * interpreted as 0. */ function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) { (bool success, uint256 result) = tryModExp(b, e, m); if (!success) { Panic.panic(Panic.DIVISION_BY_ZERO); } return result; } /** * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m). * It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying * to operate modulo 0 or if the underlying precompile reverted. * * IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain * you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in * https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack * of a revert, but the result may be incorrectly interpreted as 0. */ function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) { if (m == 0) return (false, 0); assembly ("memory-safe") { let ptr := mload(0x40) // | Offset | Content | Content (Hex) | // |-----------|------------|--------------------------------------------------------------------| // | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 | // | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 | // | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 | // | 0x60:0x7f | value of b | 0x<.............................................................b> | // | 0x80:0x9f | value of e | 0x<.............................................................e> | // | 0xa0:0xbf | value of m | 0x<.............................................................m> | mstore(ptr, 0x20) mstore(add(ptr, 0x20), 0x20) mstore(add(ptr, 0x40), 0x20) mstore(add(ptr, 0x60), b) mstore(add(ptr, 0x80), e) mstore(add(ptr, 0xa0), m) // Given the result < m, it's guaranteed to fit in 32 bytes, // so we can use the memory scratch space located at offset 0. success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20) result := mload(0x00) } } /** * @dev Variant of {modExp} that supports inputs of arbitrary length. */ function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) { (bool success, bytes memory result) = tryModExp(b, e, m); if (!success) { Panic.panic(Panic.DIVISION_BY_ZERO); } return result; } /** * @dev Variant of {tryModExp} that supports inputs of arbitrary length. */ function tryModExp( bytes memory b, bytes memory e, bytes memory m ) internal view returns (bool success, bytes memory result) { if (_zeroBytes(m)) return (false, new bytes(0)); uint256 mLen = m.length; // Encode call args in result and move the free memory pointer result = abi.encodePacked(b.length, e.length, mLen, b, e, m); assembly ("memory-safe") { let dataPtr := add(result, 0x20) // Write result on top of args to avoid allocating extra memory. success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen) // Overwrite the length. // result.length > returndatasize() is guaranteed because returndatasize() == m.length mstore(result, mLen) // Set the memory pointer after the returned data. mstore(0x40, add(dataPtr, mLen)) } } /** * @dev Returns whether the provided byte array is zero. */ function _zeroBytes(bytes memory buffer) private pure returns (bool) { uint256 chunk; for (uint256 i = 0; i < buffer.length; i += 0x20) { // See _unsafeReadBytesOffset from utils/Bytes.sol assembly ("memory-safe") { chunk := mload(add(add(buffer, 0x20), i)) } if (chunk >> (8 * saturatingSub(i + 0x20, buffer.length)) != 0) { return false; } } return true; } /** * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded * towards zero. * * This method is based on Newton's method for computing square roots; the algorithm is restricted to only * using integer operations. */ function sqrt(uint256 a) internal pure returns (uint256) { unchecked { // Take care of easy edge cases when a == 0 or a == 1 if (a <= 1) { return a; } // In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a // sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between // the current value as `ε_n = | x_n - sqrt(a) |`. // // For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root // of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is // bigger than any uint256. // // By noticing that // `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)` // we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar // to the msb function. uint256 aa = a; uint256 xn = 1; if (aa >= (1 << 128)) { aa >>= 128; xn <<= 64; } if (aa >= (1 << 64)) { aa >>= 64; xn <<= 32; } if (aa >= (1 << 32)) { aa >>= 32; xn <<= 16; } if (aa >= (1 << 16)) { aa >>= 16; xn <<= 8; } if (aa >= (1 << 8)) { aa >>= 8; xn <<= 4; } if (aa >= (1 << 4)) { aa >>= 4; xn <<= 2; } if (aa >= (1 << 2)) { xn <<= 1; } // We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1). // // We can refine our estimation by noticing that the middle of that interval minimizes the error. // If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2). // This is going to be our x_0 (and ε_0) xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2) // From here, Newton's method give us: // x_{n+1} = (x_n + a / x_n) / 2 // // One should note that: // x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a // = ((x_n² + a) / (2 * x_n))² - a // = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a // = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²) // = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²) // = (x_n² - a)² / (2 * x_n)² // = ((x_n² - a) / (2 * x_n))² // ≥ 0 // Which proves that for all n ≥ 1, sqrt(a) ≤ x_n // // This gives us the proof of quadratic convergence of the sequence: // ε_{n+1} = | x_{n+1} - sqrt(a) | // = | (x_n + a / x_n) / 2 - sqrt(a) | // = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) | // = | (x_n - sqrt(a))² / (2 * x_n) | // = | ε_n² / (2 * x_n) | // = ε_n² / | (2 * x_n) | // // For the first iteration, we have a special case where x_0 is known: // ε_1 = ε_0² / | (2 * x_0) | // ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2))) // ≤ 2**(2*e-4) / (3 * 2**(e-1)) // ≤ 2**(e-3) / 3 // ≤ 2**(e-3-log2(3)) // ≤ 2**(e-4.5) // // For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n: // ε_{n+1} = ε_n² / | (2 * x_n) | // ≤ (2**(e-k))² / (2 * 2**(e-1)) // ≤ 2**(2*e-2*k) / 2**e // ≤ 2**(e-2*k) xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5 xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9 xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18 xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36 xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72 // Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision // ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either // sqrt(a) or sqrt(a) + 1. return xn - SafeCast.toUint(xn > a / xn); } } /** * @dev Calculates sqrt(a), following the selected rounding direction. */ function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = sqrt(a); return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a); } } /** * @dev Return the log in base 2 of a positive value rounded towards zero. * Returns 0 if given 0. */ function log2(uint256 x) internal pure returns (uint256 r) { // If value has upper 128 bits set, log2 result is at least 128 r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7; // If upper 64 bits of 128-bit half set, add 64 to result r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6; // If upper 32 bits of 64-bit half set, add 32 to result r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5; // If upper 16 bits of 32-bit half set, add 16 to result r |= SafeCast.toUint((x >> r) > 0xffff) << 4; // If upper 8 bits of 16-bit half set, add 8 to result r |= SafeCast.toUint((x >> r) > 0xff) << 3; // If upper 4 bits of 8-bit half set, add 4 to result r |= SafeCast.toUint((x >> r) > 0xf) << 2; // Shifts value right by the current result and use it as an index into this lookup table: // // | x (4 bits) | index | table[index] = MSB position | // |------------|---------|-----------------------------| // | 0000 | 0 | table[0] = 0 | // | 0001 | 1 | table[1] = 0 | // | 0010 | 2 | table[2] = 1 | // | 0011 | 3 | table[3] = 1 | // | 0100 | 4 | table[4] = 2 | // | 0101 | 5 | table[5] = 2 | // | 0110 | 6 | table[6] = 2 | // | 0111 | 7 | table[7] = 2 | // | 1000 | 8 | table[8] = 3 | // | 1001 | 9 | table[9] = 3 | // | 1010 | 10 | table[10] = 3 | // | 1011 | 11 | table[11] = 3 | // | 1100 | 12 | table[12] = 3 | // | 1101 | 13 | table[13] = 3 | // | 1110 | 14 | table[14] = 3 | // | 1111 | 15 | table[15] = 3 | // // The lookup table is represented as a 32-byte value with the MSB positions for 0-15 in the first 16 bytes (most significant half). assembly ("memory-safe") { r := or(r, byte(shr(r, x), 0x0000010102020202030303030303030300000000000000000000000000000000)) } } /** * @dev Return the log in base 2, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log2(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log2(value); return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value); } } /** * @dev Return the log in base 10 of a positive value rounded towards zero. * Returns 0 if given 0. */ function log10(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >= 10 ** 64) { value /= 10 ** 64; result += 64; } if (value >= 10 ** 32) { value /= 10 ** 32; result += 32; } if (value >= 10 ** 16) { value /= 10 ** 16; result += 16; } if (value >= 10 ** 8) { value /= 10 ** 8; result += 8; } if (value >= 10 ** 4) { value /= 10 ** 4; result += 4; } if (value >= 10 ** 2) { value /= 10 ** 2; result += 2; } if (value >= 10 ** 1) { result += 1; } } return result; } /** * @dev Return the log in base 10, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log10(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log10(value); return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value); } } /** * @dev Return the log in base 256 of a positive value rounded towards zero. * Returns 0 if given 0. * * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string. */ function log256(uint256 x) internal pure returns (uint256 r) { // If value has upper 128 bits set, log2 result is at least 128 r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7; // If upper 64 bits of 128-bit half set, add 64 to result r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6; // If upper 32 bits of 64-bit half set, add 32 to result r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5; // If upper 16 bits of 32-bit half set, add 16 to result r |= SafeCast.toUint((x >> r) > 0xffff) << 4; // Add 1 if upper 8 bits of 16-bit half set, and divide accumulated result by 8 return (r >> 3) | SafeCast.toUint((x >> r) > 0xff); } /** * @dev Return the log in base 256, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log256(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log256(value); return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value); } } /** * @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers. */ function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) { return uint8(rounding) % 2 == 1; } /** * @dev Counts the number of leading zero bits in a uint256. */ function clz(uint256 x) internal pure returns (uint256) { return ternary(x == 0, 256, 255 - log2(x)); } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/Bytes.sol) pragma solidity ^0.8.24; /** * @dev Bytes operations. */ library Bytes { /** * @dev Forward search for `s` in `buffer` * * If `s` is present in the buffer, returns the index of the first instance * * If `s` is not present in the buffer, returns type(uint256).max * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf[Javascript's `Array.indexOf`] */ function indexOf(bytes memory buffer, bytes1 s) internal pure returns (uint256) { return indexOf(buffer, s, 0); } /** * @dev Forward search for `s` in `buffer` starting at position `pos` * * If `s` is present in the buffer (at or after `pos`), returns the index of the next instance * * If `s` is not present in the buffer (at or after `pos`), returns type(uint256).max * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf[Javascript's `Array.indexOf`] */ function indexOf(bytes memory buffer, bytes1 s, uint256 pos) internal pure returns (uint256) { uint256 length = buffer.length; for (uint256 i = pos; i < length; ++i) { if (bytes1(_unsafeReadBytesOffset(buffer, i)) == s) { return i; } } return type(uint256).max; } /** * @dev Backward search for `s` in `buffer` * * If `s` is present in the buffer, returns the index of the last instance * * If `s` is not present in the buffer, returns type(uint256).max * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/lastIndexOf[Javascript's `Array.lastIndexOf`] */ function lastIndexOf(bytes memory buffer, bytes1 s) internal pure returns (uint256) { return lastIndexOf(buffer, s, type(uint256).max); } /** * @dev Backward search for `s` in `buffer` starting at position `pos` * * If `s` is present in the buffer (at or before `pos`), returns the index of the previous instance * * If `s` is not present in the buffer (at or before `pos`), returns type(uint256).max * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/lastIndexOf[Javascript's `Array.lastIndexOf`] */ function lastIndexOf(bytes memory buffer, bytes1 s, uint256 pos) internal pure returns (uint256) { unchecked { uint256 length = buffer.length; for (uint256 i = Math.min(Math.saturatingAdd(pos, 1), length); i > 0; --i) { if (bytes1(_unsafeReadBytesOffset(buffer, i - 1)) == s) { return i - 1; } } return type(uint256).max; } } /** * @dev Copies the content of `buffer`, from `start` (included) to the end of `buffer` into a new bytes object in * memory. * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`] */ function slice(bytes memory buffer, uint256 start) internal pure returns (bytes memory) { return slice(buffer, start, buffer.length); } /** * @dev Copies the content of `buffer`, from `start` (included) to `end` (excluded) into a new bytes object in * memory. The `end` argument is truncated to the length of the `buffer`. * * NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`] */ function slice(bytes memory buffer, uint256 start, uint256 end) internal pure returns (bytes memory) { // sanitize end = Math.min(end, buffer.length); start = Math.min(start, end); // allocate and copy bytes memory result = new bytes(end - start); assembly ("memory-safe") { mcopy(add(result, 0x20), add(add(buffer, 0x20), start), sub(end, start)) } return result; } /** * @dev Moves the content of `buffer`, from `start` (included) to the end of `buffer` to the start of that buffer, * and shrinks the buffer length accordingly, effectively overriding the content of buffer with buffer[start:]. * * NOTE: This function modifies the provided buffer in place. If you need to preserve the original buffer, use {slice} instead */ function splice(bytes memory buffer, uint256 start) internal pure returns (bytes memory) { return splice(buffer, start, buffer.length); } /** * @dev Moves the content of `buffer`, from `start` (included) to `end` (excluded) to the start of that buffer, * and shrinks the buffer length accordingly, effectively overriding the content of buffer with buffer[start:end]. * The `end` argument is truncated to the length of the `buffer`. * * NOTE: This function modifies the provided buffer in place. If you need to preserve the original buffer, use {slice} instead */ function splice(bytes memory buffer, uint256 start, uint256 end) internal pure returns (bytes memory) { // sanitize end = Math.min(end, buffer.length); start = Math.min(start, end); // move and resize assembly ("memory-safe") { mcopy(add(buffer, 0x20), add(add(buffer, 0x20), start), sub(end, start)) mstore(buffer, sub(end, start)) } return buffer; } /** * @dev Replaces bytes in `buffer` starting at `pos` with all bytes from `replacement`. * * Parameters are clamped to valid ranges (i.e. `pos` is clamped to `[0, buffer.length]`). * If `pos >= buffer.length`, no replacement occurs and the buffer is returned unchanged. * * NOTE: This function modifies the provided buffer in place. */ function replace(bytes memory buffer, uint256 pos, bytes memory replacement) internal pure returns (bytes memory) { return replace(buffer, pos, replacement, 0, replacement.length); } /** * @dev Replaces bytes in `buffer` starting at `pos` with bytes from `replacement` starting at `offset`. * Copies at most `length` bytes from `replacement` to `buffer`. * * Parameters are clamped to valid ranges (i.e. `pos` is clamped to `[0, buffer.length]`, `offset` is * clamped to `[0, replacement.length]`, and `length` is clamped to `min(length, replacement.length - offset, * buffer.length - pos))`. If `pos >= buffer.length` or `offset >= replacement.length`, no replacement occurs * and the buffer is returned unchanged. * * NOTE: This function modifies the provided buffer in place. */ function replace( bytes memory buffer, uint256 pos, bytes memory replacement, uint256 offset, uint256 length ) internal pure returns (bytes memory) { // sanitize pos = Math.min(pos, buffer.length); offset = Math.min(offset, replacement.length); length = Math.min(length, Math.min(replacement.length - offset, buffer.length - pos)); // replace assembly ("memory-safe") { mcopy(add(add(buffer, 0x20), pos), add(add(replacement, 0x20), offset), length) } return buffer; } /** * @dev Concatenate an array of bytes into a single bytes object. * * For fixed bytes types, we recommend using the solidity built-in `bytes.concat` or (equivalent) * `abi.encodePacked`. * * NOTE: this could be done in assembly with a single loop that expands starting at the FMP, but that would be * significantly less readable. It might be worth benchmarking the savings of the full-assembly approach. */ function concat(bytes[] memory buffers) internal pure returns (bytes memory) { uint256 length = 0; for (uint256 i = 0; i < buffers.length; ++i) { length += buffers[i].length; } bytes memory result = new bytes(length); uint256 offset = 0x20; for (uint256 i = 0; i < buffers.length; ++i) { bytes memory input = buffers[i]; assembly ("memory-safe") { mcopy(add(result, offset), add(input, 0x20), mload(input)) } unchecked { offset += input.length; } } return result; } /** * @dev Split each byte in `input` into two nibbles (4 bits each) * * Example: hex"01234567" → hex"0001020304050607" */ function toNibbles(bytes memory input) internal pure returns (bytes memory output) { assembly ("memory-safe") { let length := mload(input) output := mload(0x40) mstore(0x40, add(add(output, 0x20), mul(length, 2))) mstore(output, mul(length, 2)) for { let i := 0 } lt(i, length) { i := add(i, 0x10) } { let chunk := shr(128, mload(add(add(input, 0x20), i))) chunk := and( 0x0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff, or(shl(64, chunk), chunk) ) chunk := and( 0x00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff, or(shl(32, chunk), chunk) ) chunk := and( 0x0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff, or(shl(16, chunk), chunk) ) chunk := and( 0x00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff00ff, or(shl(8, chunk), chunk) ) chunk := and( 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f, or(shl(4, chunk), chunk) ) mstore(add(add(output, 0x20), mul(i, 2)), chunk) } } } /** * @dev Returns true if the two byte buffers are equal. */ function equal(bytes memory a, bytes memory b) internal pure returns (bool) { return a.length == b.length && keccak256(a) == keccak256(b); } /** * @dev Reverses the byte order of a bytes32 value, converting between little-endian and big-endian. * Inspired by https://graphics.stanford.edu/~seander/bithacks.html#ReverseParallel[Reverse Parallel] */ function reverseBytes32(bytes32 value) internal pure returns (bytes32) { value = // swap bytes ((value >> 8) & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) | ((value & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) << 8); value = // swap 2-byte long pairs ((value >> 16) & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) | ((value & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) << 16); value = // swap 4-byte long pairs ((value >> 32) & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) | ((value & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) << 32); value = // swap 8-byte long pairs ((value >> 64) & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) | ((value & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) << 64); return (value >> 128) | (value << 128); // swap 16-byte long pairs } /// @dev Same as {reverseBytes32} but optimized for 128-bit values. function reverseBytes16(bytes16 value) internal pure returns (bytes16) { value = // swap bytes ((value & 0xFF00FF00FF00FF00FF00FF00FF00FF00) >> 8) | ((value & 0x00FF00FF00FF00FF00FF00FF00FF00FF) << 8); value = // swap 2-byte long pairs ((value & 0xFFFF0000FFFF0000FFFF0000FFFF0000) >> 16) | ((value & 0x0000FFFF0000FFFF0000FFFF0000FFFF) << 16); value = // swap 4-byte long pairs ((value & 0xFFFFFFFF00000000FFFFFFFF00000000) >> 32) | ((value & 0x00000000FFFFFFFF00000000FFFFFFFF) << 32); return (value >> 64) | (value << 64); // swap 8-byte long pairs } /// @dev Same as {reverseBytes32} but optimized for 64-bit values. function reverseBytes8(bytes8 value) internal pure returns (bytes8) { value = ((value & 0xFF00FF00FF00FF00) >> 8) | ((value & 0x00FF00FF00FF00FF) << 8); // swap bytes value = ((value & 0xFFFF0000FFFF0000) >> 16) | ((value & 0x0000FFFF0000FFFF) << 16); // swap 2-byte long pairs return (value >> 32) | (value << 32); // swap 4-byte long pairs } /// @dev Same as {reverseBytes32} but optimized for 32-bit values. function reverseBytes4(bytes4 value) internal pure returns (bytes4) { value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8); // swap bytes return (value >> 16) | (value << 16); // swap 2-byte long pairs } /// @dev Same as {reverseBytes32} but optimized for 16-bit values. function reverseBytes2(bytes2 value) internal pure returns (bytes2) { return (value >> 8) | (value << 8); } /** * @dev Counts the number of leading zero bits a bytes array. Returns `8 * buffer.length` * if the buffer is all zeros. */ function clz(bytes memory buffer) internal pure returns (uint256) { for (uint256 i = 0; i < buffer.length; i += 0x20) { bytes32 chunk = _unsafeReadBytesOffset(buffer, i); if (chunk != bytes32(0)) { return Math.min(8 * i + Math.clz(uint256(chunk)), 8 * buffer.length); } } return 8 * buffer.length; } /** * @dev Reads a bytes32 from a bytes array without bounds checking. * * NOTE: making this function internal would mean it could be used with memory unsafe offset, and marking the * assembly block as such would prevent some optimizations. */ function _unsafeReadBytesOffset(bytes memory buffer, uint256 offset) private pure returns (bytes32 value) { // This is not memory safe in the general case, but all calls to this private function are within bounds. assembly ("memory-safe") { value := mload(add(add(buffer, 0x20), offset)) } } } // File @openzeppelin/contracts/utils/math/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SignedMath.sol) pragma solidity ^0.8.20; /** * @dev Standard signed math utilities missing in the Solidity language. */ library SignedMath { /** * @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant. * * IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone. * However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute * one branch when needed, making this function more expensive. */ function ternary(bool condition, int256 a, int256 b) internal pure returns (int256) { unchecked { // branchless ternary works because: // b ^ (a ^ b) == a // b ^ 0 == b return b ^ ((a ^ b) * int256(SafeCast.toUint(condition))); } } /** * @dev Returns the largest of two signed numbers. */ function max(int256 a, int256 b) internal pure returns (int256) { return ternary(a > b, a, b); } /** * @dev Returns the smallest of two signed numbers. */ function min(int256 a, int256 b) internal pure returns (int256) { return ternary(a < b, a, b); } /** * @dev Returns the average of two signed numbers without overflow. * The result is rounded towards zero. */ function average(int256 a, int256 b) internal pure returns (int256) { // Formula from the book "Hacker's Delight" int256 x = (a & b) + ((a ^ b) >> 1); return x + (int256(uint256(x) >> 255) & (a ^ b)); } /** * @dev Returns the absolute unsigned value of a signed value. */ function abs(int256 n) internal pure returns (uint256) { unchecked { // Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson. // Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift, // taking advantage of the most significant (or "sign" bit) in two's complement representation. // This opcode adds new most significant bits set to the value of the previous most significant bit. As a result, // the mask will either be `bytes32(0)` (if n is positive) or `~bytes32(0)` (if n is negative). int256 mask = n >> 255; // A `bytes32(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it. return uint256((n + mask) ^ mask); } } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/Strings.sol) pragma solidity ^0.8.24; /** * @dev String operations. */ library Strings { using SafeCast for *; bytes16 private constant HEX_DIGITS = "0123456789abcdef"; uint8 private constant ADDRESS_LENGTH = 20; uint256 private constant SPECIAL_CHARS_LOOKUP = 0xffffffff | // first 32 bits corresponding to the control characters (U+0000 to U+001F) (1 << 0x22) | // double quote (1 << 0x5c); // backslash /** * @dev The `value` string doesn't fit in the specified `length`. */ error StringsInsufficientHexLength(uint256 value, uint256 length); /** * @dev The string being parsed contains characters that are not in scope of the given base. */ error StringsInvalidChar(); /** * @dev The string being parsed is not a properly formatted address. */ error StringsInvalidAddressFormat(); /** * @dev Converts a `uint256` to its ASCII `string` decimal representation. */ function toString(uint256 value) internal pure returns (string memory) { unchecked { uint256 length = Math.log10(value) + 1; string memory buffer = new string(length); uint256 ptr; assembly ("memory-safe") { ptr := add(add(buffer, 0x20), length) } while (true) { ptr--; assembly ("memory-safe") { mstore8(ptr, byte(mod(value, 10), HEX_DIGITS)) } value /= 10; if (value == 0) break; } return buffer; } } /** * @dev Converts a `int256` to its ASCII `string` decimal representation. */ function toStringSigned(int256 value) internal pure returns (string memory) { return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value))); } /** * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation. */ function toHexString(uint256 value) internal pure returns (string memory) { unchecked { return toHexString(value, Math.log256(value) + 1); } } /** * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length. */ function toHexString(uint256 value, uint256 length) internal pure returns (string memory) { uint256 localValue = value; bytes memory buffer = new bytes(2 * length + 2); buffer[0] = "0"; buffer[1] = "x"; for (uint256 i = 2 * length + 1; i > 1; --i) { buffer[i] = HEX_DIGITS[localValue & 0xf]; localValue >>= 4; } if (localValue != 0) { revert StringsInsufficientHexLength(value, length); } return string(buffer); } /** * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal * representation. */ function toHexString(address addr) internal pure returns (string memory) { return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH); } /** * @dev Converts an `address` with fixed length of 20 bytes to its checksummed ASCII `string` hexadecimal * representation, according to EIP-55. */ function toChecksumHexString(address addr) internal pure returns (string memory) { bytes memory buffer = bytes(toHexString(addr)); // hash the hex part of buffer (skip length + 2 bytes, length 40) uint256 hashValue; assembly ("memory-safe") { hashValue := shr(96, keccak256(add(buffer, 0x22), 40)) } for (uint256 i = 41; i > 1; --i) { // possible values for buffer[i] are 48 (0) to 57 (9) and 97 (a) to 102 (f) if (hashValue & 0xf > 7 && uint8(buffer[i]) > 96) { // case shift by xoring with 0x20 buffer[i] ^= 0x20; } hashValue >>= 4; } return string(buffer); } /** * @dev Converts a `bytes` buffer to its ASCII `string` hexadecimal representation. */ function toHexString(bytes memory input) internal pure returns (string memory) { unchecked { bytes memory buffer = new bytes(2 * input.length + 2); buffer[0] = "0"; buffer[1] = "x"; for (uint256 i = 0; i < input.length; ++i) { uint8 v = uint8(input[i]); buffer[2 * i + 2] = HEX_DIGITS[v >> 4]; buffer[2 * i + 3] = HEX_DIGITS[v & 0xf]; } return string(buffer); } } /** * @dev Returns true if the two strings are equal. */ function equal(string memory a, string memory b) internal pure returns (bool) { return Bytes.equal(bytes(a), bytes(b)); } /** * @dev Parse a decimal string and returns the value as a `uint256`. * * Requirements: * - The string must be formatted as `[0-9]*` * - The result must fit into an `uint256` type */ function parseUint(string memory input) internal pure returns (uint256) { return parseUint(input, 0, bytes(input).length); } /** * @dev Variant of {parseUint-string} that parses a substring of `input` located between position `begin` (included) and * `end` (excluded). * * Requirements: * - The substring must be formatted as `[0-9]*` * - The result must fit into an `uint256` type */ function parseUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) { (bool success, uint256 value) = tryParseUint(input, begin, end); if (!success) revert StringsInvalidChar(); return value; } /** * @dev Variant of {parseUint-string} that returns false if the parsing fails because of an invalid character. * * NOTE: This function will revert if the result does not fit in a `uint256`. */ function tryParseUint(string memory input) internal pure returns (bool success, uint256 value) { return _tryParseUintUncheckedBounds(input, 0, bytes(input).length); } /** * @dev Variant of {parseUint-string-uint256-uint256} that returns false if the parsing fails because of an invalid * character. * * NOTE: This function will revert if the result does not fit in a `uint256`. */ function tryParseUint( string memory input, uint256 begin, uint256 end ) internal pure returns (bool success, uint256 value) { if (end > bytes(input).length || begin > end) return (false, 0); return _tryParseUintUncheckedBounds(input, begin, end); } /** * @dev Implementation of {tryParseUint-string-uint256-uint256} that does not check bounds. Caller should make sure that * `begin <= end <= input.length`. Other inputs would result in undefined behavior. */ function _tryParseUintUncheckedBounds( string memory input, uint256 begin, uint256 end ) private pure returns (bool success, uint256 value) { bytes memory buffer = bytes(input); uint256 result = 0; for (uint256 i = begin; i < end; ++i) { uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i))); if (chr > 9) return (false, 0); result *= 10; result += chr; } return (true, result); } /** * @dev Parse a decimal string and returns the value as a `int256`. * * Requirements: * - The string must be formatted as `[-+]?[0-9]*` * - The result must fit in an `int256` type. */ function parseInt(string memory input) internal pure returns (int256) { return parseInt(input, 0, bytes(input).length); } /** * @dev Variant of {parseInt-string} that parses a substring of `input` located between position `begin` (included) and * `end` (excluded). * * Requirements: * - The substring must be formatted as `[-+]?[0-9]*` * - The result must fit in an `int256` type. */ function parseInt(string memory input, uint256 begin, uint256 end) internal pure returns (int256) { (bool success, int256 value) = tryParseInt(input, begin, end); if (!success) revert StringsInvalidChar(); return value; } /** * @dev Variant of {parseInt-string} that returns false if the parsing fails because of an invalid character or if * the result does not fit in a `int256`. * * NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`. */ function tryParseInt(string memory input) internal pure returns (bool success, int256 value) { return _tryParseIntUncheckedBounds(input, 0, bytes(input).length); } uint256 private constant ABS_MIN_INT256 = 2 ** 255; /** * @dev Variant of {parseInt-string-uint256-uint256} that returns false if the parsing fails because of an invalid * character or if the result does not fit in a `int256`. * * NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`. */ function tryParseInt( string memory input, uint256 begin, uint256 end ) internal pure returns (bool success, int256 value) { if (end > bytes(input).length || begin > end) return (false, 0); return _tryParseIntUncheckedBounds(input, begin, end); } /** * @dev Implementation of {tryParseInt-string-uint256-uint256} that does not check bounds. Caller should make sure that * `begin <= end <= input.length`. Other inputs would result in undefined behavior. */ function _tryParseIntUncheckedBounds( string memory input, uint256 begin, uint256 end ) private pure returns (bool success, int256 value) { bytes memory buffer = bytes(input); // Check presence of a negative sign. bytes1 sign = begin == end ? bytes1(0) : bytes1(_unsafeReadBytesOffset(buffer, begin)); // don't do out-of-bound (possibly unsafe) read if sub-string is empty bool positiveSign = sign == bytes1("+"); bool negativeSign = sign == bytes1("-"); uint256 offset = (positiveSign || negativeSign).toUint(); (bool absSuccess, uint256 absValue) = tryParseUint(input, begin + offset, end); if (absSuccess && absValue < ABS_MIN_INT256) { return (true, negativeSign ? -int256(absValue) : int256(absValue)); } else if (absSuccess && negativeSign && absValue == ABS_MIN_INT256) { return (true, type(int256).min); } else return (false, 0); } /** * @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as a `uint256`. * * Requirements: * - The string must be formatted as `(0x)?[0-9a-fA-F]*` * - The result must fit in an `uint256` type. */ function parseHexUint(string memory input) internal pure returns (uint256) { return parseHexUint(input, 0, bytes(input).length); } /** * @dev Variant of {parseHexUint-string} that parses a substring of `input` located between position `begin` (included) and * `end` (excluded). * * Requirements: * - The substring must be formatted as `(0x)?[0-9a-fA-F]*` * - The result must fit in an `uint256` type. */ function parseHexUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) { (bool success, uint256 value) = tryParseHexUint(input, begin, end); if (!success) revert StringsInvalidChar(); return value; } /** * @dev Variant of {parseHexUint-string} that returns false if the parsing fails because of an invalid character. * * NOTE: This function will revert if the result does not fit in a `uint256`. */ function tryParseHexUint(string memory input) internal pure returns (bool success, uint256 value) { return _tryParseHexUintUncheckedBounds(input, 0, bytes(input).length); } /** * @dev Variant of {parseHexUint-string-uint256-uint256} that returns false if the parsing fails because of an * invalid character. * * NOTE: This function will revert if the result does not fit in a `uint256`. */ function tryParseHexUint( string memory input, uint256 begin, uint256 end ) internal pure returns (bool success, uint256 value) { if (end > bytes(input).length || begin > end) return (false, 0); return _tryParseHexUintUncheckedBounds(input, begin, end); } /** * @dev Implementation of {tryParseHexUint-string-uint256-uint256} that does not check bounds. Caller should make sure that * `begin <= end <= input.length`. Other inputs would result in undefined behavior. */ function _tryParseHexUintUncheckedBounds( string memory input, uint256 begin, uint256 end ) private pure returns (bool success, uint256 value) { bytes memory buffer = bytes(input); // skip 0x prefix if present bool hasPrefix = (end > begin + 1) && bytes2(_unsafeReadBytesOffset(buffer, begin)) == bytes2("0x"); // don't do out-of-bound (possibly unsafe) read if sub-string is empty uint256 offset = hasPrefix.toUint() * 2; uint256 result = 0; for (uint256 i = begin + offset; i < end; ++i) { uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i))); if (chr > 15) return (false, 0); result *= 16; unchecked { // Multiplying by 16 is equivalent to a shift of 4 bits (with additional overflow check). // This guarantees that adding a value < 16 will not cause an overflow, hence the unchecked. result += chr; } } return (true, result); } /** * @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as an `address`. * * Requirements: * - The string must be formatted as `(0x)?[0-9a-fA-F]{40}` */ function parseAddress(string memory input) internal pure returns (address) { return parseAddress(input, 0, bytes(input).length); } /** * @dev Variant of {parseAddress-string} that parses a substring of `input` located between position `begin` (included) and * `end` (excluded). * * Requirements: * - The substring must be formatted as `(0x)?[0-9a-fA-F]{40}` */ function parseAddress(string memory input, uint256 begin, uint256 end) internal pure returns (address) { (bool success, address value) = tryParseAddress(input, begin, end); if (!success) revert StringsInvalidAddressFormat(); return value; } /** * @dev Variant of {parseAddress-string} that returns false if the parsing fails because the input is not a properly * formatted address. See {parseAddress-string} requirements. */ function tryParseAddress(string memory input) internal pure returns (bool success, address value) { return tryParseAddress(input, 0, bytes(input).length); } /** * @dev Variant of {parseAddress-string-uint256-uint256} that returns false if the parsing fails because input is not a properly * formatted address. See {parseAddress-string-uint256-uint256} requirements. */ function tryParseAddress( string memory input, uint256 begin, uint256 end ) internal pure returns (bool success, address value) { if (end > bytes(input).length || begin > end) return (false, address(0)); bool hasPrefix = (end > begin + 1) && bytes2(_unsafeReadBytesOffset(bytes(input), begin)) == bytes2("0x"); // don't do out-of-bound (possibly unsafe) read if sub-string is empty uint256 expectedLength = 40 + hasPrefix.toUint() * 2; // check that input is the correct length if (end - begin == expectedLength) { // length guarantees that this does not overflow, and value is at most type(uint160).max (bool s, uint256 v) = _tryParseHexUintUncheckedBounds(input, begin, end); return (s, address(uint160(v))); } else { return (false, address(0)); } } function _tryParseChr(bytes1 chr) private pure returns (uint8) { uint8 value = uint8(chr); // Try to parse `chr`: // - Case 1: [0-9] // - Case 2: [a-f] // - Case 3: [A-F] // - otherwise not supported unchecked { if (value > 47 && value < 58) value -= 48; else if (value > 96 && value < 103) value -= 87; else if (value > 64 && value < 71) value -= 55; else return type(uint8).max; } return value; } /** * @dev Escape special characters in JSON strings. This can be useful to prevent JSON injection in NFT metadata. * * WARNING: This function should only be used in double quoted JSON strings. Single quotes are not escaped. * * NOTE: This function escapes backslashes (including those in \uXXXX sequences) and the characters in ranges * defined in section 2.5 of RFC-4627 (U+0000 to U+001F, U+0022 and U+005C). All control characters in U+0000 * to U+001F are escaped (\b, \t, \n, \f, \r use short form; others use \u00XX). ECMAScript's `JSON.parse` does * recover escaped unicode characters that are not in this range, but other tooling may provide different results. */ function escapeJSON(string memory input) internal pure returns (string memory) { bytes memory buffer = bytes(input); // Put output at the FMP. Memory will be reserved later when we figure out the actual length of the escaped // string. All write are done using _unsafeWriteBytesOffset, which avoid the (expensive) length checks for // each character written. bytes memory output; assembly ("memory-safe") { output := mload(0x40) } uint256 outputLength = 0; for (uint256 i = 0; i < buffer.length; ++i) { uint8 char = uint8(bytes1(_unsafeReadBytesOffset(buffer, i))); if (((SPECIAL_CHARS_LOOKUP & (1 << char)) != 0)) { _unsafeWriteBytesOffset(output, outputLength++, "\\"); if (char == 0x08) _unsafeWriteBytesOffset(output, outputLength++, "b"); else if (char == 0x09) _unsafeWriteBytesOffset(output, outputLength++, "t"); else if (char == 0x0a) _unsafeWriteBytesOffset(output, outputLength++, "n"); else if (char == 0x0c) _unsafeWriteBytesOffset(output, outputLength++, "f"); else if (char == 0x0d) _unsafeWriteBytesOffset(output, outputLength++, "r"); else if (char == 0x5c) _unsafeWriteBytesOffset(output, outputLength++, "\\"); else if (char == 0x22) { // solhint-disable-next-line quotes _unsafeWriteBytesOffset(output, outputLength++, '"'); } else { // U+0000 to U+001F without short form: output \u00XX _unsafeWriteBytesOffset(output, outputLength++, "u"); _unsafeWriteBytesOffset(output, outputLength++, "0"); _unsafeWriteBytesOffset(output, outputLength++, "0"); _unsafeWriteBytesOffset(output, outputLength++, HEX_DIGITS[char >> 4]); _unsafeWriteBytesOffset(output, outputLength++, HEX_DIGITS[char & 0x0f]); } } else { _unsafeWriteBytesOffset(output, outputLength++, bytes1(char)); } } // write the actual length and reserve memory assembly ("memory-safe") { mstore(output, outputLength) mstore(0x40, add(output, add(outputLength, 0x20))) } return string(output); } /** * @dev Reads a bytes32 from a bytes array without bounds checking. * * NOTE: making this function internal would mean it could be used with memory unsafe offset, and marking the * assembly block as such would prevent some optimizations. */ function _unsafeReadBytesOffset(bytes memory buffer, uint256 offset) private pure returns (bytes32 value) { // This is not memory safe in the general case, but all calls to this private function are within bounds. assembly ("memory-safe") { value := mload(add(add(buffer, 0x20), offset)) } } /** * @dev Write a bytes1 to a bytes array without bounds checking. * * NOTE: making this function internal would mean it could be used with memory unsafe offset, and marking the * assembly block as such would prevent some optimizations. */ function _unsafeWriteBytesOffset(bytes memory buffer, uint256 offset, bytes1 value) private pure { // This is not memory safe in the general case, but all calls to this private function are within bounds. assembly ("memory-safe") { mstore8(add(add(buffer, 0x20), offset), shr(248, value)) } } } // File @openzeppelin/contracts/utils/cryptography/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/cryptography/MessageHashUtils.sol) pragma solidity ^0.8.24; /** * @dev Signature message hash utilities for producing digests to be consumed by {ECDSA} recovery or signing. * * The library provides methods for generating a hash of a message that conforms to the * https://eips.ethereum.org/EIPS/eip-191[ERC-191] and https://eips.ethereum.org/EIPS/eip-712[EIP 712] * specifications. */ library MessageHashUtils { error ERC5267ExtensionsNotSupported(); /** * @dev Returns the keccak256 digest of an ERC-191 signed data with version * `0x45` (`personal_sign` messages). * * The digest is calculated by prefixing a bytes32 `messageHash` with * `"\x19Ethereum Signed Message:\n32"` and hashing the result. It corresponds with the * hash signed when using the https://ethereum.org/en/developers/docs/apis/json-rpc/#eth_sign[`eth_sign`] JSON-RPC method. * * NOTE: The `messageHash` parameter is intended to be the result of hashing a raw message with * keccak256, although any bytes32 value can be safely used because the final digest will * be re-hashed. * * See {ECDSA-recover}. */ function toEthSignedMessageHash(bytes32 messageHash) internal pure returns (bytes32 digest) { assembly ("memory-safe") { mstore(0x00, "\x19Ethereum Signed Message:\n32") // 32 is the bytes-length of messageHash mstore(0x1c, messageHash) // 0x1c (28) is the length of the prefix digest := keccak256(0x00, 0x3c) // 0x3c is the length of the prefix (0x1c) + messageHash (0x20) } } /** * @dev Returns the keccak256 digest of an ERC-191 signed data with version * `0x45` (`personal_sign` messages). * * The digest is calculated by prefixing an arbitrary `message` with * `"\x19Ethereum Signed Message:\n" + len(message)` and hashing the result. It corresponds with the * hash signed when using the https://ethereum.org/en/developers/docs/apis/json-rpc/#eth_sign[`eth_sign`] JSON-RPC method. * * See {ECDSA-recover}. */ function toEthSignedMessageHash(bytes memory message) internal pure returns (bytes32) { return keccak256(bytes.concat("\x19Ethereum Signed Message:\n", bytes(Strings.toString(message.length)), message)); } /** * @dev Returns the keccak256 digest of an ERC-191 signed data with version * `0x00` (data with intended validator). * * The digest is calculated by prefixing an arbitrary `data` with `"\x19\x00"` and the intended * `validator` address. Then hashing the result. * * See {ECDSA-recover}. */ function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) { return keccak256(abi.encodePacked(hex"19_00", validator, data)); } /** * @dev Variant of {toDataWithIntendedValidatorHash-address-bytes} optimized for cases where `data` is a bytes32. */ function toDataWithIntendedValidatorHash( address validator, bytes32 messageHash ) internal pure returns (bytes32 digest) { assembly ("memory-safe") { mstore(0x00, hex"19_00") mstore(0x02, shl(96, validator)) mstore(0x16, messageHash) digest := keccak256(0x00, 0x36) } } /** * @dev Returns the keccak256 digest of an EIP-712 typed data (ERC-191 version `0x01`). * * The digest is calculated from a `domainSeparator` and a `structHash`, by prefixing them with * `\x19\x01` and hashing the result. It corresponds to the hash signed by the * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] JSON-RPC method as part of EIP-712. * * See {ECDSA-recover}. */ function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 digest) { assembly ("memory-safe") { let ptr := mload(0x40) mstore(ptr, hex"19_01") mstore(add(ptr, 0x02), domainSeparator) mstore(add(ptr, 0x22), structHash) digest := keccak256(ptr, 0x42) } } /** * @dev Returns the EIP-712 domain separator constructed from an `eip712Domain`. See {IERC5267-eip712Domain} * * This function dynamically constructs the domain separator based on which fields are present in the * `fields` parameter. It contains flags that indicate which domain fields are present: * * * Bit 0 (0x01): name * * Bit 1 (0x02): version * * Bit 2 (0x04): chainId * * Bit 3 (0x08): verifyingContract * * Bit 4 (0x10): salt * * Arguments that correspond to fields which are not present in `fields` are ignored. For example, if `fields` is * `0x0f` (`0b01111`), then the `salt` parameter is ignored. */ function toDomainSeparator( bytes1 fields, string memory name, string memory version, uint256 chainId, address verifyingContract, bytes32 salt ) internal pure returns (bytes32 hash) { return toDomainSeparator( fields, keccak256(bytes(name)), keccak256(bytes(version)), chainId, verifyingContract, salt ); } /// @dev Variant of {toDomainSeparator-bytes1-string-string-uint256-address-bytes32} that uses hashed name and version. function toDomainSeparator( bytes1 fields, bytes32 nameHash, bytes32 versionHash, uint256 chainId, address verifyingContract, bytes32 salt ) internal pure returns (bytes32 hash) { bytes32 domainTypeHash = toDomainTypeHash(fields); assembly ("memory-safe") { // align fields to the right for easy processing fields := shr(248, fields) // FMP used as scratch space let fmp := mload(0x40) mstore(fmp, domainTypeHash) let ptr := add(fmp, 0x20) if and(fields, 0x01) { mstore(ptr, nameHash) ptr := add(ptr, 0x20) } if and(fields, 0x02) { mstore(ptr, versionHash) ptr := add(ptr, 0x20) } if and(fields, 0x04) { mstore(ptr, chainId) ptr := add(ptr, 0x20) } if and(fields, 0x08) { mstore(ptr, verifyingContract) ptr := add(ptr, 0x20) } if and(fields, 0x10) { mstore(ptr, salt) ptr := add(ptr, 0x20) } hash := keccak256(fmp, sub(ptr, fmp)) } } /// @dev Builds an EIP-712 domain type hash depending on the `fields` provided, following https://eips.ethereum.org/EIPS/eip-5267[ERC-5267] function toDomainTypeHash(bytes1 fields) internal pure returns (bytes32 hash) { if (fields & 0x20 == 0x20) revert ERC5267ExtensionsNotSupported(); assembly ("memory-safe") { // align fields to the right for easy processing fields := shr(248, fields) // FMP used as scratch space let fmp := mload(0x40) mstore(fmp, "EIP712Domain(") let ptr := add(fmp, 0x0d) // name field if and(fields, 0x01) { mstore(ptr, "string name,") ptr := add(ptr, 0x0c) } // version field if and(fields, 0x02) { mstore(ptr, "string version,") ptr := add(ptr, 0x0f) } // chainId field if and(fields, 0x04) { mstore(ptr, "uint256 chainId,") ptr := add(ptr, 0x10) } // verifyingContract field if and(fields, 0x08) { mstore(ptr, "address verifyingContract,") ptr := add(ptr, 0x1a) } // salt field if and(fields, 0x10) { mstore(ptr, "bytes32 salt,") ptr := add(ptr, 0x0d) } // if any field is enabled, remove the trailing comma ptr := sub(ptr, iszero(iszero(and(fields, 0x1f)))) // add the closing brace mstore8(ptr, 0x29) // add closing brace ptr := add(ptr, 1) hash := keccak256(fmp, sub(ptr, fmp)) } } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.3.0) (utils/Pausable.sol) pragma solidity ^0.8.20; /** * @dev Contract module which allows children to implement an emergency stop * mechanism that can be triggered by an authorized account. * * This module is used through inheritance. It will make available the * modifiers `whenNotPaused` and `whenPaused`, which can be applied to * the functions of your contract. Note that they will not be pausable by * simply including this module, only once the modifiers are put in place. */ abstract contract Pausable is Context { bool private _paused; /** * @dev Emitted when the pause is triggered by `account`. */ event Paused(address account); /** * @dev Emitted when the pause is lifted by `account`. */ event Unpaused(address account); /** * @dev The operation failed because the contract is paused. */ error EnforcedPause(); /** * @dev The operation failed because the contract is not paused. */ error ExpectedPause(); /** * @dev Modifier to make a function callable only when the contract is not paused. * * Requirements: * * - The contract must not be paused. */ modifier whenNotPaused() { _requireNotPaused(); _; } /** * @dev Modifier to make a function callable only when the contract is paused. * * Requirements: * * - The contract must be paused. */ modifier whenPaused() { _requirePaused(); _; } /** * @dev Returns true if the contract is paused, and false otherwise. */ function paused() public view virtual returns (bool) { return _paused; } /** * @dev Throws if the contract is paused. */ function _requireNotPaused() internal view virtual { if (paused()) { revert EnforcedPause(); } } /** * @dev Throws if the contract is not paused. */ function _requirePaused() internal view virtual { if (!paused()) { revert ExpectedPause(); } } /** * @dev Triggers stopped state. * * Requirements: * * - The contract must not be paused. */ function _pause() internal virtual whenNotPaused { _paused = true; emit Paused(_msgSender()); } /** * @dev Returns to normal state. * * Requirements: * * - The contract must be paused. */ function _unpause() internal virtual whenPaused { _paused = false; emit Unpaused(_msgSender()); } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol) // This file was procedurally generated from scripts/generate/templates/StorageSlot.js. pragma solidity ^0.8.20; /** * @dev Library for reading and writing primitive types to specific storage slots. * * Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts. * This library helps with reading and writing to such slots without the need for inline assembly. * * The functions in this library return Slot structs that contain a `value` member that can be used to read or write. * * Example usage to set ERC-1967 implementation slot: * ```solidity * contract ERC1967 { * // Define the slot. Alternatively, use the SlotDerivation library to derive the slot. * bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc; * * function _getImplementation() internal view returns (address) { * return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value; * } * * function _setImplementation(address newImplementation) internal { * require(newImplementation.code.length > 0); * StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation; * } * } * ``` * * TIP: Consider using this library along with {SlotDerivation}. */ library StorageSlot { struct AddressSlot { address value; } struct BooleanSlot { bool value; } struct Bytes32Slot { bytes32 value; } struct Uint256Slot { uint256 value; } struct Int256Slot { int256 value; } struct StringSlot { string value; } struct BytesSlot { bytes value; } /** * @dev Returns an `AddressSlot` with member `value` located at `slot`. */ function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns a `BooleanSlot` with member `value` located at `slot`. */ function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns a `Bytes32Slot` with member `value` located at `slot`. */ function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns a `Uint256Slot` with member `value` located at `slot`. */ function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns a `Int256Slot` with member `value` located at `slot`. */ function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns a `StringSlot` with member `value` located at `slot`. */ function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns an `StringSlot` representation of the string storage pointer `store`. */ function getStringSlot(string storage store) internal pure returns (StringSlot storage r) { assembly ("memory-safe") { r.slot := store.slot } } /** * @dev Returns a `BytesSlot` with member `value` located at `slot`. */ function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) { assembly ("memory-safe") { r.slot := slot } } /** * @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`. */ function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) { assembly ("memory-safe") { r.slot := store.slot } } } // File @openzeppelin/contracts/utils/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.5.0) (utils/ReentrancyGuard.sol) pragma solidity ^0.8.20; /** * @dev Contract module that helps prevent reentrant calls to a function. * * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier * available, which can be applied to functions to make sure there are no nested * (reentrant) calls to them. * * Note that because there is a single `nonReentrant` guard, functions marked as * `nonReentrant` may not call one another. This can be worked around by making * those functions `private`, and then adding `external` `nonReentrant` entry * points to them. * * TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at, * consider using {ReentrancyGuardTransient} instead. * * TIP: If you would like to learn more about reentrancy and alternative ways * to protect against it, check out our blog post * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul]. * * IMPORTANT: Deprecated. This storage-based reentrancy guard will be removed and replaced * by the {ReentrancyGuardTransient} variant in v6.0. * * @custom:stateless */ abstract contract ReentrancyGuard { using StorageSlot for bytes32; // keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ReentrancyGuard")) - 1)) & ~bytes32(uint256(0xff)) bytes32 private constant REENTRANCY_GUARD_STORAGE = 0x9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00; // Booleans are more expensive than uint256 or any type that takes up a full // word because each write operation emits an extra SLOAD to first read the // slot's contents, replace the bits taken up by the boolean, and then write // back. This is the compiler's defense against contract upgrades and // pointer aliasing, and it cannot be disabled. // The values being non-zero value makes deployment a bit more expensive, // but in exchange the refund on every call to nonReentrant will be lower in // amount. Since refunds are capped to a percentage of the total // transaction's gas, it is best to keep them low in cases like this one, to // increase the likelihood of the full refund coming into effect. uint256 private constant NOT_ENTERED = 1; uint256 private constant ENTERED = 2; /** * @dev Unauthorized reentrant call. */ error ReentrancyGuardReentrantCall(); constructor() { _reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED; } /** * @dev Prevents a contract from calling itself, directly or indirectly. * Calling a `nonReentrant` function from another `nonReentrant` * function is not supported. It is possible to prevent this from happening * by making the `nonReentrant` function external, and making it call a * `private` function that does the actual work. */ modifier nonReentrant() { _nonReentrantBefore(); _; _nonReentrantAfter(); } /** * @dev A `view` only version of {nonReentrant}. Use to block view functions * from being called, preventing reading from inconsistent contract state. * * CAUTION: This is a "view" modifier and does not change the reentrancy * status. Use it only on view functions. For payable or non-payable functions, * use the standard {nonReentrant} modifier instead. */ modifier nonReentrantView() { _nonReentrantBeforeView(); _; } function _nonReentrantBeforeView() private view { if (_reentrancyGuardEntered()) { revert ReentrancyGuardReentrantCall(); } } function _nonReentrantBefore() private { // On the first call to nonReentrant, _status will be NOT_ENTERED _nonReentrantBeforeView(); // Any calls to nonReentrant after this point will fail _reentrancyGuardStorageSlot().getUint256Slot().value = ENTERED; } function _nonReentrantAfter() private { // By storing the original value once again, a refund is triggered (see // https://eips.ethereum.org/EIPS/eip-2200) _reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED; } /** * @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a * `nonReentrant` function in the call stack. */ function _reentrancyGuardEntered() internal view returns (bool) { return _reentrancyGuardStorageSlot().getUint256Slot().value == ENTERED; } function _reentrancyGuardStorageSlot() internal pure virtual returns (bytes32) { return REENTRANCY_GUARD_STORAGE; } } // File @openzeppelin/contracts/utils/cryptography/[email protected] // Original license: SPDX_License_Identifier: MIT // OpenZeppelin Contracts (last updated v5.6.0) (utils/cryptography/ECDSA.sol) pragma solidity ^0.8.20; /** * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations. * * These functions can be used to verify that a message was signed by the holder * of the private keys of a given address. */ library ECDSA { enum RecoverError { NoError, InvalidSignature, InvalidSignatureLength, InvalidSignatureS } /** * @dev The signature is invalid. */ error ECDSAInvalidSignature(); /** * @dev The signature has an invalid length. */ error ECDSAInvalidSignatureLength(uint256 length); /** * @dev The signature has an S value that is in the upper half order. */ error ECDSAInvalidSignatureS(bytes32 s); /** * @dev Returns the address that signed a hashed message (`hash`) with `signature` or an error. This will not * return address(0) without also returning an error description. Errors are documented using an enum (error type) * and a bytes32 providing additional information about the error. * * If no error is returned, then the address can be used for verification purposes. * * The `ecrecover` EVM precompile allows for malleable (non-unique) signatures: * this function rejects them by requiring the `s` value to be in the lower * half order, and the `v` value to be either 27 or 28. * * NOTE: This function only supports 65-byte signatures. ERC-2098 short signatures are rejected. This restriction * is DEPRECATED and will be removed in v6.0. Developers SHOULD NOT use signatures as unique identifiers; use hash * invalidation or nonces for replay protection. * * IMPORTANT: `hash` _must_ be the result of a hash operation for the * verification to be secure: it is possible to craft signatures that * recover to arbitrary addresses for non-hashed data. A safe way to ensure * this is by receiving a hash of the original message (which may otherwise * be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it. * * Documentation for signature generation: * * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js] * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers] */ function tryRecover( bytes32 hash, bytes memory signature ) internal pure returns (address recovered, RecoverError err, bytes32 errArg) { if (signature.length == 65) { bytes32 r; bytes32 s; uint8 v; // ecrecover takes the signature parameters, and the only way to get them // currently is to use assembly. assembly ("memory-safe") { r := mload(add(signature, 0x20)) s := mload(add(signature, 0x40)) v := byte(0, mload(add(signature, 0x60))) } return tryRecover(hash, v, r, s); } else { return (address(0), RecoverError.InvalidSignatureLength, bytes32(signature.length)); } } /** * @dev Variant of {tryRecover} that takes a signature in calldata */ function tryRecoverCalldata( bytes32 hash, bytes calldata signature ) internal pure returns (address recovered, RecoverError err, bytes32 errArg) { if (signature.length == 65) { bytes32 r; bytes32 s; uint8 v; // ecrecover takes the signature parameters, calldata slices would work here, but are // significantly more expensive (length check) than using calldataload in assembly. assembly ("memory-safe") { r := calldataload(signature.offset) s := calldataload(add(signature.offset, 0x20)) v := byte(0, calldataload(add(signature.offset, 0x40))) } return tryRecover(hash, v, r, s); } else { return (address(0), RecoverError.InvalidSignatureLength, bytes32(signature.length)); } } /** * @dev Returns the address that signed a hashed message (`hash`) with * `signature`. This address can then be used for verification purposes. * * The `ecrecover` EVM precompile allows for malleable (non-unique) signatures: * this function rejects them by requiring the `s` value to be in the lower * half order, and the `v` value to be either 27 or 28. * * NOTE: This function only supports 65-byte signatures. ERC-2098 short signatures are rejected. This restriction * is DEPRECATED and will be removed in v6.0. Developers SHOULD NOT use signatures as unique identifiers; use hash * invalidation or nonces for replay protection. * * IMPORTANT: `hash` _must_ be the result of a hash operation for the * verification to be secure: it is possible to craft signatures that * recover to arbitrary addresses for non-hashed data. A safe way to ensure * this is by receiving a hash of the original message (which may otherwise * be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it. */ function recover(bytes32 hash, bytes memory signature) internal pure returns (address) { (address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, signature); _throwError(error, errorArg); return recovered; } /** * @dev Variant of {recover} that takes a signature in calldata */ function recoverCalldata(bytes32 hash, bytes calldata signature) internal pure returns (address) { (address recovered, RecoverError error, bytes32 errorArg) = tryRecoverCalldata(hash, signature); _throwError(error, errorArg); return recovered; } /** * @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately. * * See https://eips.ethereum.org/EIPS/eip-2098[ERC-2098 short signatures] */ function tryRecover( bytes32 hash, bytes32 r, bytes32 vs ) internal pure returns (address recovered, RecoverError err, bytes32 errArg) { unchecked { bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff); // We do not check for an overflow here since the shift operation results in 0 or 1. uint8 v = uint8((uint256(vs) >> 255) + 27); return tryRecover(hash, v, r, s); } } /** * @dev Overload of {ECDSA-recover} that receives the `r` and `vs` short-signature fields separately. */ function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) { (address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, r, vs); _throwError(error, errorArg); return recovered; } /** * @dev Overload of {ECDSA-tryRecover} that receives the `v`, * `r` and `s` signature fields separately. */ function tryRecover( bytes32 hash, uint8 v, bytes32 r, bytes32 s ) internal pure returns (address recovered, RecoverError err, bytes32 errArg) { // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines // the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most // signatures from current libraries generate a unique signature with an s-value in the lower half order. // // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept // these malleable signatures as well. if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) { return (address(0), RecoverError.InvalidSignatureS, s); } // If the signature is valid (and not malleable), return the signer address address signer = ecrecover(hash, v, r, s); if (signer == address(0)) { return (address(0), RecoverError.InvalidSignature, bytes32(0)); } return (signer, RecoverError.NoError, bytes32(0)); } /** * @dev Overload of {ECDSA-recover} that receives the `v`, * `r` and `s` signature fields separately. */ function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) { (address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, v, r, s); _throwError(error, errorArg); return recovered; } /** * @dev Parse a signature into its `v`, `r` and `s` components. Supports 65-byte and 64-byte (ERC-2098) * formats. Returns (0,0,0) for invalid signatures. * * For 64-byte signatures, `v` is automatically normalized to 27 or 28. * For 65-byte signatures, `v` is returned as-is and MUST already be 27 or 28 for use with ecrecover. * * Consider validating the result before use, or use {tryRecover}/{recover} which perform full validation. */ function parse(bytes memory signature) internal pure returns (uint8 v, bytes32 r, bytes32 s) { assembly ("memory-safe") { // Check the signature length switch mload(signature) // - case 65: r,s,v signature (standard) case 65 { r := mload(add(signature, 0x20)) s := mload(add(signature, 0x40)) v := byte(0, mload(add(signature, 0x60))) } // - case 64: r,vs signature (cf https://eips.ethereum.org/EIPS/eip-2098) case 64 { let vs := mload(add(signature, 0x40)) r := mload(add(signature, 0x20)) s := and(vs, shr(1, not(0))) v := add(shr(255, vs), 27) } default { r := 0 s := 0 v := 0 } } } /** * @dev Variant of {parse} that takes a signature in calldata */ function parseCalldata(bytes calldata signature) internal pure returns (uint8 v, bytes32 r, bytes32 s) { assembly ("memory-safe") { // Check the signature length switch signature.length // - case 65: r,s,v signature (standard) case 65 { r := calldataload(signature.offset) s := calldataload(add(signature.offset, 0x20)) v := byte(0, calldataload(add(signature.offset, 0x40))) } // - case 64: r,vs signature (cf https://eips.ethereum.org/EIPS/eip-2098) case 64 { let vs := calldataload(add(signature.offset, 0x20)) r := calldataload(signature.offset) s := and(vs, shr(1, not(0))) v := add(shr(255, vs), 27) } default { r := 0 s := 0 v := 0 } } } /** * @dev Optionally reverts with the corresponding custom error according to the `error` argument provided. */ function _throwError(RecoverError error, bytes32 errorArg) private pure { if (error == RecoverError.NoError) { return; // no error: do nothing } else if (error == RecoverError.InvalidSignature) { revert ECDSAInvalidSignature(); } else if (error == RecoverError.InvalidSignatureLength) { revert ECDSAInvalidSignatureLength(uint256(errorArg)); } else if (error == RecoverError.InvalidSignatureS) { revert ECDSAInvalidSignatureS(errorArg); } } } // File contracts/NattSwap.sol // Original license: SPDX_License_Identifier: MIT pragma solidity ^0.8.24; /** * @title INattDataAnchor * @notice Interface for the NattDataAnchor contract (deployed at 0x920cCEa3BeED76DD7ebC2d3da2cFcDAAa323AcF7) */ interface INattDataAnchor { function distributeSwapReward(address wallet, uint256 amount, address referrer) external; } /** * @title NattSwap — The Uniswap for AI Agents & Humans * @author HYPERNATT Team (Heladj / HyperNatt Core Intelligence) * @notice Distributes NDAT rewards for cross-chain swaps executed via Li.Fi. * This contract does NOT route swaps — Li.Fi handles routing. * This contract ONLY distributes NDAT rewards after verified swaps. * * @dev SECURITY — 5 Anti-Lazarus Protections (DOC1 Section 4): * * 🛡️ PROTECTION 1 — Access Control (OWASP #1 — $953M lost in 2024) * NattSwap NEVER calls mint() directly on NattDataToken. * It calls distributeSwapReward() on NattDataAnchor, which has MINTER_ROLE. * NattDataAnchor verifies SWAP_REWARD_ROLE before minting. * * 🛡️ PROTECTION 2 — CEI + nonReentrant (Reentrancy — $35M lost in 2024) * Strict Checks → Effects → Interactions ordering. * OpenZeppelin ReentrancyGuard on all state-changing functions. * * 🛡️ PROTECTION 3 — Input Validation (Logic Errors — $63M lost in 2024) * Signature verification from VPS backend signer. * Anti-replay via consumed nonces. * Volume and reward amount bounds checking. * * 🛡️ PROTECTION 4 — Hardcoded Reward Cap (Mint Abuse Prevention) * Maximum 10,000 NDAT per claim — immutable constant. * Even if an attacker finds a logic flaw, damage is capped. * * 🛡️ PROTECTION 5 — Address Configuration (Frontend Tamper — $540M lost) * All critical addresses (Anchor, Signer) are set at deploy and admin-controlled. * Adresses hardcoded in frontend constants.ts. * Private key NEVER in code — .env Docker only. */ contract NattSwap is AccessControl, ReentrancyGuard, Pausable { using ECDSA for bytes32; using MessageHashUtils for bytes32; // ================================================================ // ROLES // ================================================================ bytes32 public constant PAUSER_ROLE = keccak256("PAUSER_ROLE"); // ================================================================ // IMMUTABLE CONFIGURATION — PROTECTION 5 // ================================================================ INattDataAnchor public immutable anchor; // ================================================================ // SECURITY STATE — PROTECTION 3 (Anti-Replay) // ================================================================ address public backendSigner; mapping(bytes32 => bool) public usedNonces; // ================================================================ // REWARD CONSTANTS — PROTECTION 4 (Hardcoded Cap) // ================================================================ /// @notice Maximum NDAT reward per single claim transaction (10,000 NDAT) uint256 public constant MAX_REWARD_PER_CLAIM = 10_000 * 10**18; /// @notice Maximum reward value in USD basis points per swap (8 bps = 0.08%) uint256 public constant REWARD_RATE_BPS = 8; uint256 public constant BPS_DENOMINATOR = 10_000; // ================================================================ // BONDING CURVE STATE (Phase 2 Bootstrap) // ================================================================ /// @notice Total NDAT distributed through swaps (used for bonding curve) uint256 public totalNdatDistributed; /// @notice Total USD volume processed (used for halving) uint256 public totalVolumeUSD; // Stored in 6 decimals (like USDC) /// @notice Base price of NDAT in the bonding curve: 0.01 USD (stored as 1e16 = 0.01 * 1e18) uint256 public constant BASE_NDAT_PRICE = 1e16; // 0.01 USD in 18 decimals /// @notice Step size for bonding curve price increase: 100,000 NDAT uint256 public constant BONDING_STEP_SIZE = 100_000 * 10**18; /// @notice Price multiplier per step: 110% (10% increase) uint256 public constant BONDING_STEP_MULTIPLIER = 110; uint256 public constant BONDING_STEP_BASE = 100; /// @notice Volume threshold for halving: $10,000,000 (in 6 decimals) uint256 public constant HALVING_VOLUME_THRESHOLD = 10_000_000 * 10**6; /// @notice Halving decay per threshold: 90% retained (10% reduction) uint256 public constant HALVING_DECAY_NUMERATOR = 90; uint256 public constant HALVING_DECAY_DENOMINATOR = 100; /// @notice Phase flag: false = bonding curve (Phase 2), true = external oracle (Phase 3) bool public useExternalOracle; /// @notice External oracle price (set by admin in Phase 3, in 18 decimals USD) uint256 public externalOraclePrice; // ================================================================ // EVENTS // ================================================================ event SwapRewardClaimed( address indexed wallet, uint256 rewardAmount, uint256 volumeUSD, address indexed referrer, uint256 referrerBonus, bytes32 nonce ); event BackendSignerUpdated(address indexed oldSigner, address indexed newSigner); event OracleSwitched(bool useExternal, uint256 externalPrice); // ================================================================ // CONSTRUCTOR — PROTECTION 5 (Hardcoded addresses at deploy) // ================================================================ constructor( address _anchor, address _backendSigner ) { // PROTECTION 5: Validate critical addresses at deployment require(_anchor != address(0), "NattSwap: Invalid Anchor address"); require(_backendSigner != address(0), "NattSwap: Invalid signer address"); anchor = INattDataAnchor(_anchor); backendSigner = _backendSigner; _grantRole(DEFAULT_ADMIN_ROLE, msg.sender); _grantRole(PAUSER_ROLE, msg.sender); } // ================================================================ // CORE FUNCTION — claimSwapReward // ================================================================ /** * @notice Claim NDAT rewards for a verified cross-chain swap. * @dev Implements full CEI pattern (PROTECTION 2) with signature verification (PROTECTION 3). * * Flow: * 1. Agent executes swap via Li.Fi (off-chain, any chain) * 2. Backend verifies txHash via Li.Fi status API * 3. Backend signs (wallet, nonce, rewardAmount, referrer) * 4. Agent calls this function with the signature * 5. This contract calls Anchor.distributeSwapReward() → Token.mint() * * @param signature ECDSA signature from the VPS backend signer * @param nonce Unique nonce to prevent replay attacks * @param rewardAmount The NDAT reward amount (in 18 decimals) * @param volumeUSD The swap volume in USD (in 6 decimals, for tracking) * @param referrer Address of the referring agent (address(0) if none) */ function claimSwapReward( bytes calldata signature, bytes32 nonce, uint256 rewardAmount, uint256 volumeUSD, address referrer ) external nonReentrant whenNotPaused { // ============================================================ // CHECKS — Validate all preconditions before ANY state changes // ============================================================ // PROTECTION 3: Anti-replay — each nonce can only be used once require(!usedNonces[nonce], "NattSwap: Nonce already used"); // PROTECTION 4: Enforce hardcoded reward cap require(rewardAmount > 0, "NattSwap: Reward must be > 0"); require(rewardAmount <= MAX_REWARD_PER_CLAIM, "NattSwap: Exceeds max reward cap"); // PROTECTION 3: Verify volume is reasonable require(volumeUSD > 0, "NattSwap: Volume must be > 0"); // PROTECTION 3: Verify the cryptographic signature from the VPS backend bytes32 messageHash = keccak256( abi.encodePacked(msg.sender, nonce, rewardAmount, volumeUSD, referrer) ); bytes32 ethSignedMessageHash = messageHash.toEthSignedMessageHash(); address recoveredSigner = ethSignedMessageHash.recover(signature); require(recoveredSigner == backendSigner, "NattSwap: Invalid backend signature"); // PROTECTION 3: Referrer cannot be the claimer themselves if (referrer != address(0)) { require(referrer != msg.sender, "NattSwap: Cannot refer yourself"); } // ============================================================ // EFFECTS — Update state BEFORE any external interactions // ============================================================ // Mark nonce as consumed (PROTECTION 2: Effects before Interactions) usedNonces[nonce] = true; // Update cumulative tracking for bonding curve and halving totalNdatDistributed += rewardAmount; totalVolumeUSD += volumeUSD; // Calculate referrer bonus (10% Proof-of-Recruitment) uint256 referrerBonus = 0; if (referrer != address(0)) { referrerBonus = (rewardAmount * 10) / 100; } // ============================================================ // INTERACTIONS — External calls LAST (PROTECTION 1 + 2) // ============================================================ // PROTECTION 1: Call Anchor (which has MINTER_ROLE) to distribute rewards // NattSwap NEVER calls mint() directly — always through the Anchor. anchor.distributeSwapReward(msg.sender, rewardAmount, referrer); emit SwapRewardClaimed( msg.sender, rewardAmount, volumeUSD, referrer, referrerBonus, nonce ); } // ================================================================ // VIEW FUNCTIONS — Bonding Curve & Price Discovery // ================================================================ /** * @notice Get the current NDAT price based on the bonding curve (Phase 2) * or the external oracle (Phase 3). * @return price The current NDAT price in USD (18 decimals) */ function getCurrentNdatPrice() public view returns (uint256 price) { if (useExternalOracle) { require(externalOraclePrice > 0, "NattSwap: Oracle price not set"); return externalOraclePrice; } // Phase 2: Bonding Curve // Price = BASE_PRICE × (MULTIPLIER/BASE)^steps // Where steps = totalNdatDistributed / BONDING_STEP_SIZE uint256 steps = totalNdatDistributed / BONDING_STEP_SIZE; price = BASE_NDAT_PRICE; for (uint256 i = 0; i < steps && i < 50; i++) { // Each step: price = price × 110 / 100 price = (price * BONDING_STEP_MULTIPLIER) / BONDING_STEP_BASE; } return price; } /** * @notice Calculate the NDAT reward for a given USD volume. * @param volumeUSD The swap volume in USD (6 decimals) * @return rewardAmount The NDAT reward (18 decimals) */ function calculateReward(uint256 volumeUSD) public view returns (uint256 rewardAmount) { // Reward value in USD = volume × 0.08% // Convert volume from 6 decimals to 18 decimals first uint256 rewardValueUSD = (volumeUSD * 10**12 * REWARD_RATE_BPS) / BPS_DENOMINATOR; // Apply halving based on total volume uint256 halvings = totalVolumeUSD / HALVING_VOLUME_THRESHOLD; for (uint256 i = 0; i < halvings && i < 20; i++) { rewardValueUSD = (rewardValueUSD * HALVING_DECAY_NUMERATOR) / HALVING_DECAY_DENOMINATOR; } // Convert USD value to NDAT amount using current price uint256 ndatPrice = getCurrentNdatPrice(); require(ndatPrice > 0, "NattSwap: NDAT price cannot be zero"); rewardAmount = (rewardValueUSD * 10**18) / ndatPrice; // Enforce cap if (rewardAmount > MAX_REWARD_PER_CLAIM) { rewardAmount = MAX_REWARD_PER_CLAIM; } return rewardAmount; } /** * @notice Get the current halving factor based on total volume processed. * @return factor The remaining reward factor (100 = no halving, 90 = 1 halving, etc.) * @return halvingCount Number of halvings applied */ function getHalvingInfo() public view returns (uint256 factor, uint256 halvingCount) { halvingCount = totalVolumeUSD / HALVING_VOLUME_THRESHOLD; factor = 100; for (uint256 i = 0; i < halvingCount && i < 20; i++) { factor = (factor * HALVING_DECAY_NUMERATOR) / HALVING_DECAY_DENOMINATOR; } return (factor, halvingCount); } // ================================================================ // ADMIN FUNCTIONS — PROTECTION 5 (Role-gated) // ================================================================ /** * @notice Update the backend signer address. * @dev Only callable by DEFAULT_ADMIN_ROLE. * PROTECTION 5: Key rotation without contract redeployment. */ function setBackendSigner(address _newSigner) external onlyRole(DEFAULT_ADMIN_ROLE) { require(_newSigner != address(0), "NattSwap: Invalid signer"); address oldSigner = backendSigner; backendSigner = _newSigner; emit BackendSignerUpdated(oldSigner, _newSigner); } /** * @notice Switch from bonding curve (Phase 2) to external oracle (Phase 3). * @dev This is a one-way administrative action for market transition. * Called when the NDAT/USDC liquidity pool is established on Aerodrome. */ function switchToExternalOracle(uint256 _oraclePrice) external onlyRole(DEFAULT_ADMIN_ROLE) { require(_oraclePrice > 0, "NattSwap: Oracle price must be > 0"); useExternalOracle = true; externalOraclePrice = _oraclePrice; emit OracleSwitched(true, _oraclePrice); } /** * @notice Update the external oracle price (Phase 3 only). * @dev In production, this would be replaced by a Chainlink/TWAP oracle feed. */ function updateOraclePrice(uint256 _oraclePrice) external onlyRole(DEFAULT_ADMIN_ROLE) { require(useExternalOracle, "NattSwap: Not in oracle mode"); require(_oraclePrice > 0, "NattSwap: Oracle price must be > 0"); externalOraclePrice = _oraclePrice; emit OracleSwitched(true, _oraclePrice); } /** * @notice Pause the contract in case of emergency. */ function pause() external onlyRole(PAUSER_ROLE) { _pause(); } /** * @notice Unpause the contract. */ function unpause() external onlyRole(DEFAULT_ADMIN_ROLE) { _unpause(); } }
Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[{"internalType":"address","name":"_anchor","type":"address"},{"internalType":"address","name":"_backendSigner","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"AccessControlBadConfirmation","type":"error"},{"inputs":[{"internalType":"address","name":"account","type":"address"},{"internalType":"bytes32","name":"neededRole","type":"bytes32"}],"name":"AccessControlUnauthorizedAccount","type":"error"},{"inputs":[],"name":"ECDSAInvalidSignature","type":"error"},{"inputs":[{"internalType":"uint256","name":"length","type":"uint256"}],"name":"ECDSAInvalidSignatureLength","type":"error"},{"inputs":[{"internalType":"bytes32","name":"s","type":"bytes32"}],"name":"ECDSAInvalidSignatureS","type":"error"},{"inputs":[],"name":"EnforcedPause","type":"error"},{"inputs":[],"name":"ExpectedPause","type":"error"},{"inputs":[],"name":"ReentrancyGuardReentrantCall","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"oldSigner","type":"address"},{"indexed":true,"internalType":"address","name":"newSigner","type":"address"}],"name":"BackendSignerUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bool","name":"useExternal","type":"bool"},{"indexed":false,"internalType":"uint256","name":"externalPrice","type":"uint256"}],"name":"OracleSwitched","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"account","type":"address"}],"name":"Paused","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"role","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"previousAdminRole","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"newAdminRole","type":"bytes32"}],"name":"RoleAdminChanged","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"role","type":"bytes32"},{"indexed":true,"internalType":"address","name":"account","type":"address"},{"indexed":true,"internalType":"address","name":"sender","type":"address"}],"name":"RoleGranted","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"role","type":"bytes32"},{"indexed":true,"internalType":"address","name":"account","type":"address"},{"indexed":true,"internalType":"address","name":"sender","type":"address"}],"name":"RoleRevoked","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"wallet","type":"address"},{"indexed":false,"internalType":"uint256","name":"rewardAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"volumeUSD","type":"uint256"},{"indexed":true,"internalType":"address","name":"referrer","type":"address"},{"indexed":false,"internalType":"uint256","name":"referrerBonus","type":"uint256"},{"indexed":false,"internalType":"bytes32","name":"nonce","type":"bytes32"}],"name":"SwapRewardClaimed","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"account","type":"address"}],"name":"Unpaused","type":"event"},{"inputs":[],"name":"BASE_NDAT_PRICE","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"BONDING_STEP_BASE","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"BONDING_STEP_MULTIPLIER","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"BONDING_STEP_SIZE","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"BPS_DENOMINATOR","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"DEFAULT_ADMIN_ROLE","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"HALVING_DECAY_DENOMINATOR","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"HALVING_DECAY_NUMERATOR","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"HALVING_VOLUME_THRESHOLD","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"MAX_REWARD_PER_CLAIM","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"PAUSER_ROLE","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"REWARD_RATE_BPS","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"anchor","outputs":[{"internalType":"contract INattDataAnchor","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"backendSigner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"volumeUSD","type":"uint256"}],"name":"calculateReward","outputs":[{"internalType":"uint256","name":"rewardAmount","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"signature","type":"bytes"},{"internalType":"bytes32","name":"nonce","type":"bytes32"},{"internalType":"uint256","name":"rewardAmount","type":"uint256"},{"internalType":"uint256","name":"volumeUSD","type":"uint256"},{"internalType":"address","name":"referrer","type":"address"}],"name":"claimSwapReward","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"externalOraclePrice","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getCurrentNdatPrice","outputs":[{"internalType":"uint256","name":"price","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getHalvingInfo","outputs":[{"internalType":"uint256","name":"factor","type":"uint256"},{"internalType":"uint256","name":"halvingCount","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"role","type":"bytes32"}],"name":"getRoleAdmin","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"role","type":"bytes32"},{"internalType":"address","name":"account","type":"address"}],"name":"grantRole","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"role","type":"bytes32"},{"internalType":"address","name":"account","type":"address"}],"name":"hasRole","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pause","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"paused","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"role","type":"bytes32"},{"internalType":"address","name":"callerConfirmation","type":"address"}],"name":"renounceRole","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"role","type":"bytes32"},{"internalType":"address","name":"account","type":"address"}],"name":"revokeRole","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_newSigner","type":"address"}],"name":"setBackendSigner","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes4","name":"interfaceId","type":"bytes4"}],"name":"supportsInterface","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"_oraclePrice","type":"uint256"}],"name":"switchToExternalOracle","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"totalNdatDistributed","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalVolumeUSD","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"unpause","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"_oraclePrice","type":"uint256"}],"name":"updateOraclePrice","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"useExternalOracle","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"name":"usedNonces","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"}]Contract Creation Code
60a060405234801562000010575f80fd5b50604051620017dc380380620017dc833981016040819052620000339162000241565b60017f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00556001600160a01b038216620000b35760405162461bcd60e51b815260206004820181905260248201527f4e617474537761703a20496e76616c696420416e63686f72206164647265737360448201526064015b60405180910390fd5b6001600160a01b0381166200010b5760405162461bcd60e51b815260206004820181905260248201527f4e617474537761703a20496e76616c6964207369676e657220616464726573736044820152606401620000aa565b6001600160a01b038083166080526001805491831661010002610100600160a81b0319909216919091179055620001435f3362000179565b50620001707f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a3362000179565b50505062000277565b5f828152602081815260408083206001600160a01b038516845290915281205460ff166200021c575f838152602081815260408083206001600160a01b03861684529091529020805460ff19166001179055620001d33390565b6001600160a01b0316826001600160a01b0316847f2f8788117e7eff1d82e926ec794901d17c78024a50270940304540a733656f0d60405160405180910390a45060016200021f565b505f5b92915050565b80516001600160a01b03811681146200023c575f80fd5b919050565b5f806040838503121562000253575f80fd5b6200025e8362000225565b91506200026e6020840162000225565b90509250929050565b608051611545620002975f395f81816103e90152610c6101526115455ff3fe608060405234801561000f575f80fd5b5060043610610208575f3560e01c80638456cb591161011f578063d2d7231f116100a9578063e1a4521811610079578063e1a452181461041e578063e63ab1e914610427578063f24a6e891461044e578063feb617241461045c578063ffb85e1c1461047e575f80fd5b8063d2d7231f146103c4578063d3ac21f2146103d7578063d3fb73b4146103e4578063d547741f1461040b575f80fd5b8063a217fddf116100ef578063a217fddf1461037e578063b9aed44714610385578063bc3409991461038d578063be018d4b1461039e578063c7ff8025146103b1575f80fd5b80638456cb591461035257806391d148541461035a5780639291ccd51461036d5780639b4dc3ad14610376575f80fd5b806336f95670116101a05780635ead3c5d116101705780635ead3c5d146102fa5780635ed7eef31461030d57806365d65e8614610315578063795572ac1461030d5780637c582d2b14610345575f80fd5b806336f95670146102cb5780633f4ba83a146102de57806355e40aea146102e65780635c975abb146102ef575f80fd5b8063248a9ca3116101db578063248a9ca3146102785780632f210b851461029a5780632f2ff15d146102a357806336568abe146102b8575f80fd5b806301ffc9a71461020c5780630d9d41961461023457806310d60dc4146102535780631f9cf89414610270575b5f80fd5b61021f61021a36600461130e565b610486565b60405190151581526020015b60405180910390f35b61024569021e19e0c9bab240000081565b60405190815260200161022b565b61025b6104bc565b6040805192835260208301919091520161022b565b61024561051e565b61024561028636600461133c565b5f9081526020819052604090206001015490565b61024560065481565b6102b66102b136600461136e565b6105f3565b005b6102b66102c636600461136e565b61061d565b6102b66102d9366004611398565b610655565b6102b661070f565b61024560035481565b60015460ff1661021f565b6102b661030836600461133c565b610724565b610245606481565b60015461032d9061010090046001600160a01b031681565b6040516001600160a01b03909116815260200161022b565b60055461021f9060ff1681565b6102b66107e3565b61021f61036836600461136e565b610815565b61024560045481565b610245600881565b6102455f81565b610245606e81565b61024569152d02c7e14af680000081565b6102b66103ac36600461133c565b61083d565b6102b66103bf3660046113b1565b6108b1565b6102456103d236600461133c565b610d42565b6102456509184e72a00081565b61032d7f000000000000000000000000000000000000000000000000000000000000000081565b6102b661041936600461136e565b610e74565b61024561271081565b6102457f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a81565b610245662386f26fc1000081565b61021f61046a36600461133c565b60026020525f908152604090205460ff1681565b610245605a81565b5f6001600160e01b03198216637965db0b60e01b14806104b657506301ffc9a760e01b6001600160e01b03198316145b92915050565b5f806509184e72a0006004546104d29190611458565b9050606491505f5b81811080156104e95750601481105b156105195760646104fb605a85611477565b6105059190611458565b9250806105118161148e565b9150506104da565b509091565b6005545f9060ff1615610588575f600654116105815760405162461bcd60e51b815260206004820152601e60248201527f4e617474537761703a204f7261636c65207072696365206e6f7420736574000060448201526064015b60405180910390fd5b5060065490565b5f69152d02c7e14af68000006003546105a19190611458565b9050662386f26fc1000091505f5b81811080156105be5750603281105b156105ee5760646105d0606e85611477565b6105da9190611458565b9250806105e68161148e565b9150506105af565b505090565b5f8281526020819052604090206001015461060d81610e98565b6106178383610ea2565b50505050565b6001600160a01b03811633146106465760405163334bd91960e11b815260040160405180910390fd5b6106508282610f31565b505050565b5f61065f81610e98565b6001600160a01b0382166106b55760405162461bcd60e51b815260206004820152601860248201527f4e617474537761703a20496e76616c6964207369676e657200000000000000006044820152606401610578565b600180546001600160a01b03848116610100818102610100600160a81b031985161790945560405193909204169182907f93f9d0472cb0fc12887bf8f1f15cc7a197a5acd122ab23b8dcc25de0191e0d5e905f90a3505050565b5f61071981610e98565b610721610f9a565b50565b5f61072e81610e98565b60055460ff166107805760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a204e6f7420696e206f7261636c65206d6f6465000000006044820152606401610578565b5f821161079f5760405162461bcd60e51b8152600401610578906114a6565b60068290556040805160018152602081018490527f7112ec2915b07261bb1a7d086ef6630f9ae25b99af7e3ade9a240e67da938bd491015b60405180910390a15050565b7f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a61080d81610e98565b610721610fec565b5f918252602082815260408084206001600160a01b0393909316845291905290205460ff1690565b5f61084781610e98565b5f82116108665760405162461bcd60e51b8152600401610578906114a6565b6005805460ff19166001908117909155600683905560408051918252602082018490527f7112ec2915b07261bb1a7d086ef6630f9ae25b99af7e3ade9a240e67da938bd491016107d7565b6108b9611027565b6108c1611055565b5f8481526002602052604090205460ff161561091f5760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a204e6f6e636520616c72656164792075736564000000006044820152606401610578565b5f831161096e5760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a20526577617264206d757374206265203e2030000000006044820152606401610578565b69021e19e0c9bab24000008311156109c85760405162461bcd60e51b815260206004820181905260248201527f4e617474537761703a2045786365656473206d617820726577617264206361706044820152606401610578565b5f8211610a175760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a20566f6c756d65206d757374206265203e2030000000006044820152606401610578565b6040516bffffffffffffffffffffffff1933606090811b8216602084015260348301879052605483018690526074830185905283901b1660948201525f9060a8016040516020818303038152906040528051906020012090505f610aa7827f19457468657265756d205369676e6564204d6573736167653a0a3332000000005f908152601c91909152603c902090565b90505f610aeb89898080601f0160208091040260200160405190810160405280939291908181526020018383808284375f92019190915250869392505061107b9050565b6001549091506001600160a01b038083166101009092041614610b5c5760405162461bcd60e51b815260206004820152602360248201527f4e617474537761703a20496e76616c6964206261636b656e64207369676e617460448201526275726560e81b6064820152608401610578565b6001600160a01b03841615610bc357336001600160a01b03851603610bc35760405162461bcd60e51b815260206004820152601f60248201527f4e617474537761703a2043616e6e6f7420726566657220796f757273656c66006044820152606401610578565b5f878152600260205260408120805460ff1916600117905560038054889290610bed9084906114e8565b925050819055508460045f828254610c0591906114e8565b909155505f90506001600160a01b03851615610c35576064610c2888600a611477565b610c329190611458565b90505b604051633c12124960e21b8152336004820152602481018890526001600160a01b0386811660448301527f0000000000000000000000000000000000000000000000000000000000000000169063f0484924906064015f604051808303815f87803b158015610ca2575f80fd5b505af1158015610cb4573d5f803e3d5ffd5b5050604080518a8152602081018a9052908101849052606081018b90526001600160a01b03881692503391507f3f9b94454546587f60c8feff5f80fae66fc0ab83cb0a03986c26dd40ee397c1e9060800160405180910390a350505050610d3a60017f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f0055565b505050505050565b5f806127106008610d588564e8d4a51000611477565b610d629190611477565b610d6c9190611458565b90505f6509184e72a000600454610d839190611458565b90505f5b8181108015610d965750601481105b15610dc6576064610da8605a85611477565b610db29190611458565b925080610dbe8161148e565b915050610d87565b505f610dd061051e565b90505f8111610e2d5760405162461bcd60e51b815260206004820152602360248201527f4e617474537761703a204e4441542070726963652063616e6e6f74206265207a60448201526265726f60e81b6064820152608401610578565b80610e4084670de0b6b3a7640000611477565b610e4a9190611458565b935069021e19e0c9bab2400000841115610e6c5769021e19e0c9bab240000093505b505050919050565b5f82815260208190526040902060010154610e8e81610e98565b6106178383610f31565b61072181336110a3565b5f610ead8383610815565b610f2a575f838152602081815260408083206001600160a01b03861684529091529020805460ff19166001179055610ee23390565b6001600160a01b0316826001600160a01b0316847f2f8788117e7eff1d82e926ec794901d17c78024a50270940304540a733656f0d60405160405180910390a45060016104b6565b505f6104b6565b5f610f3c8383610815565b15610f2a575f838152602081815260408083206001600160a01b0386168085529252808320805460ff1916905551339286917ff6391f5c32d9c69d2a47ea670b442974b53935d1edc7fd64eb21e047a839171b9190a45060016104b6565b610fa26110e0565b6001805460ff191690557f5db9ee0a495bf2e6ff9c91a7834c1ba4fdd244a5e8aa4e537bd38aeae4b073aa335b6040516001600160a01b03909116815260200160405180910390a1565b610ff4611055565b6001805460ff1916811790557f62e78cea01bee320cd4e420270b5ea74000d11b0c9f74754ebdbfc544b05a25833610fcf565b61102f611103565b60027f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f0055565b60015460ff16156110795760405163d93c066560e01b815260040160405180910390fd5b565b5f805f806110898686611145565b925092509250611099828261118e565b5090949350505050565b6110ad8282610815565b6110dc5760405163e2517d3f60e01b81526001600160a01b038216600482015260248101839052604401610578565b5050565b60015460ff1661107957604051638dfc202b60e01b815260040160405180910390fd5b7f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f005460020361107957604051633ee5aeb560e01b815260040160405180910390fd5b5f805f835160410361117c576020840151604085015160608601515f1a61116e88828585611246565b955095509550505050611187565b505081515f91506002905b9250925092565b5f8260038111156111a1576111a16114fb565b036111aa575050565b60018260038111156111be576111be6114fb565b036111dc5760405163f645eedf60e01b815260040160405180910390fd5b60028260038111156111f0576111f06114fb565b036112115760405163fce698f760e01b815260048101829052602401610578565b6003826003811115611225576112256114fb565b036110dc576040516335e2f38360e21b815260048101829052602401610578565b5f80807f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a084111561127f57505f91506003905082611304565b604080515f808252602082018084528a905260ff891692820192909252606081018790526080810186905260019060a0016020604051602081039080840390855afa1580156112d0573d5f803e3d5ffd5b5050604051601f1901519150506001600160a01b0381166112fb57505f925060019150829050611304565b92505f91508190505b9450945094915050565b5f6020828403121561131e575f80fd5b81356001600160e01b031981168114611335575f80fd5b9392505050565b5f6020828403121561134c575f80fd5b5035919050565b80356001600160a01b0381168114611369575f80fd5b919050565b5f806040838503121561137f575f80fd5b8235915061138f60208401611353565b90509250929050565b5f602082840312156113a8575f80fd5b61133582611353565b5f805f805f8060a087890312156113c6575f80fd5b863567ffffffffffffffff808211156113dd575f80fd5b818901915089601f8301126113f0575f80fd5b8135818111156113fe575f80fd5b8a602082850101111561140f575f80fd5b602092830198509650508701359350604087013592506060870135915061143860808801611353565b90509295509295509295565b634e487b7160e01b5f52601160045260245ffd5b5f8261147257634e487b7160e01b5f52601260045260245ffd5b500490565b80820281158282048414176104b6576104b6611444565b5f6001820161149f5761149f611444565b5060010190565b60208082526022908201527f4e617474537761703a204f7261636c65207072696365206d757374206265203e604082015261020360f41b606082015260800190565b808201808211156104b6576104b6611444565b634e487b7160e01b5f52602160045260245ffdfea26469706673582212205ed3ab6ae6b056dedac68fc371351305bf98f5614e6b58458c9d3e4d01b2dfad64736f6c63430008180033000000000000000000000000920ccea3beed76dd7ebc2d3da2cfcdaaa323acf70000000000000000000000005a78ace5dd133316c8aaf7e156fbfc57e1209cf9
Deployed Bytecode
0x608060405234801561000f575f80fd5b5060043610610208575f3560e01c80638456cb591161011f578063d2d7231f116100a9578063e1a4521811610079578063e1a452181461041e578063e63ab1e914610427578063f24a6e891461044e578063feb617241461045c578063ffb85e1c1461047e575f80fd5b8063d2d7231f146103c4578063d3ac21f2146103d7578063d3fb73b4146103e4578063d547741f1461040b575f80fd5b8063a217fddf116100ef578063a217fddf1461037e578063b9aed44714610385578063bc3409991461038d578063be018d4b1461039e578063c7ff8025146103b1575f80fd5b80638456cb591461035257806391d148541461035a5780639291ccd51461036d5780639b4dc3ad14610376575f80fd5b806336f95670116101a05780635ead3c5d116101705780635ead3c5d146102fa5780635ed7eef31461030d57806365d65e8614610315578063795572ac1461030d5780637c582d2b14610345575f80fd5b806336f95670146102cb5780633f4ba83a146102de57806355e40aea146102e65780635c975abb146102ef575f80fd5b8063248a9ca3116101db578063248a9ca3146102785780632f210b851461029a5780632f2ff15d146102a357806336568abe146102b8575f80fd5b806301ffc9a71461020c5780630d9d41961461023457806310d60dc4146102535780631f9cf89414610270575b5f80fd5b61021f61021a36600461130e565b610486565b60405190151581526020015b60405180910390f35b61024569021e19e0c9bab240000081565b60405190815260200161022b565b61025b6104bc565b6040805192835260208301919091520161022b565b61024561051e565b61024561028636600461133c565b5f9081526020819052604090206001015490565b61024560065481565b6102b66102b136600461136e565b6105f3565b005b6102b66102c636600461136e565b61061d565b6102b66102d9366004611398565b610655565b6102b661070f565b61024560035481565b60015460ff1661021f565b6102b661030836600461133c565b610724565b610245606481565b60015461032d9061010090046001600160a01b031681565b6040516001600160a01b03909116815260200161022b565b60055461021f9060ff1681565b6102b66107e3565b61021f61036836600461136e565b610815565b61024560045481565b610245600881565b6102455f81565b610245606e81565b61024569152d02c7e14af680000081565b6102b66103ac36600461133c565b61083d565b6102b66103bf3660046113b1565b6108b1565b6102456103d236600461133c565b610d42565b6102456509184e72a00081565b61032d7f000000000000000000000000920ccea3beed76dd7ebc2d3da2cfcdaaa323acf781565b6102b661041936600461136e565b610e74565b61024561271081565b6102457f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a81565b610245662386f26fc1000081565b61021f61046a36600461133c565b60026020525f908152604090205460ff1681565b610245605a81565b5f6001600160e01b03198216637965db0b60e01b14806104b657506301ffc9a760e01b6001600160e01b03198316145b92915050565b5f806509184e72a0006004546104d29190611458565b9050606491505f5b81811080156104e95750601481105b156105195760646104fb605a85611477565b6105059190611458565b9250806105118161148e565b9150506104da565b509091565b6005545f9060ff1615610588575f600654116105815760405162461bcd60e51b815260206004820152601e60248201527f4e617474537761703a204f7261636c65207072696365206e6f7420736574000060448201526064015b60405180910390fd5b5060065490565b5f69152d02c7e14af68000006003546105a19190611458565b9050662386f26fc1000091505f5b81811080156105be5750603281105b156105ee5760646105d0606e85611477565b6105da9190611458565b9250806105e68161148e565b9150506105af565b505090565b5f8281526020819052604090206001015461060d81610e98565b6106178383610ea2565b50505050565b6001600160a01b03811633146106465760405163334bd91960e11b815260040160405180910390fd5b6106508282610f31565b505050565b5f61065f81610e98565b6001600160a01b0382166106b55760405162461bcd60e51b815260206004820152601860248201527f4e617474537761703a20496e76616c6964207369676e657200000000000000006044820152606401610578565b600180546001600160a01b03848116610100818102610100600160a81b031985161790945560405193909204169182907f93f9d0472cb0fc12887bf8f1f15cc7a197a5acd122ab23b8dcc25de0191e0d5e905f90a3505050565b5f61071981610e98565b610721610f9a565b50565b5f61072e81610e98565b60055460ff166107805760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a204e6f7420696e206f7261636c65206d6f6465000000006044820152606401610578565b5f821161079f5760405162461bcd60e51b8152600401610578906114a6565b60068290556040805160018152602081018490527f7112ec2915b07261bb1a7d086ef6630f9ae25b99af7e3ade9a240e67da938bd491015b60405180910390a15050565b7f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a61080d81610e98565b610721610fec565b5f918252602082815260408084206001600160a01b0393909316845291905290205460ff1690565b5f61084781610e98565b5f82116108665760405162461bcd60e51b8152600401610578906114a6565b6005805460ff19166001908117909155600683905560408051918252602082018490527f7112ec2915b07261bb1a7d086ef6630f9ae25b99af7e3ade9a240e67da938bd491016107d7565b6108b9611027565b6108c1611055565b5f8481526002602052604090205460ff161561091f5760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a204e6f6e636520616c72656164792075736564000000006044820152606401610578565b5f831161096e5760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a20526577617264206d757374206265203e2030000000006044820152606401610578565b69021e19e0c9bab24000008311156109c85760405162461bcd60e51b815260206004820181905260248201527f4e617474537761703a2045786365656473206d617820726577617264206361706044820152606401610578565b5f8211610a175760405162461bcd60e51b815260206004820152601c60248201527f4e617474537761703a20566f6c756d65206d757374206265203e2030000000006044820152606401610578565b6040516bffffffffffffffffffffffff1933606090811b8216602084015260348301879052605483018690526074830185905283901b1660948201525f9060a8016040516020818303038152906040528051906020012090505f610aa7827f19457468657265756d205369676e6564204d6573736167653a0a3332000000005f908152601c91909152603c902090565b90505f610aeb89898080601f0160208091040260200160405190810160405280939291908181526020018383808284375f92019190915250869392505061107b9050565b6001549091506001600160a01b038083166101009092041614610b5c5760405162461bcd60e51b815260206004820152602360248201527f4e617474537761703a20496e76616c6964206261636b656e64207369676e617460448201526275726560e81b6064820152608401610578565b6001600160a01b03841615610bc357336001600160a01b03851603610bc35760405162461bcd60e51b815260206004820152601f60248201527f4e617474537761703a2043616e6e6f7420726566657220796f757273656c66006044820152606401610578565b5f878152600260205260408120805460ff1916600117905560038054889290610bed9084906114e8565b925050819055508460045f828254610c0591906114e8565b909155505f90506001600160a01b03851615610c35576064610c2888600a611477565b610c329190611458565b90505b604051633c12124960e21b8152336004820152602481018890526001600160a01b0386811660448301527f000000000000000000000000920ccea3beed76dd7ebc2d3da2cfcdaaa323acf7169063f0484924906064015f604051808303815f87803b158015610ca2575f80fd5b505af1158015610cb4573d5f803e3d5ffd5b5050604080518a8152602081018a9052908101849052606081018b90526001600160a01b03881692503391507f3f9b94454546587f60c8feff5f80fae66fc0ab83cb0a03986c26dd40ee397c1e9060800160405180910390a350505050610d3a60017f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f0055565b505050505050565b5f806127106008610d588564e8d4a51000611477565b610d629190611477565b610d6c9190611458565b90505f6509184e72a000600454610d839190611458565b90505f5b8181108015610d965750601481105b15610dc6576064610da8605a85611477565b610db29190611458565b925080610dbe8161148e565b915050610d87565b505f610dd061051e565b90505f8111610e2d5760405162461bcd60e51b815260206004820152602360248201527f4e617474537761703a204e4441542070726963652063616e6e6f74206265207a60448201526265726f60e81b6064820152608401610578565b80610e4084670de0b6b3a7640000611477565b610e4a9190611458565b935069021e19e0c9bab2400000841115610e6c5769021e19e0c9bab240000093505b505050919050565b5f82815260208190526040902060010154610e8e81610e98565b6106178383610f31565b61072181336110a3565b5f610ead8383610815565b610f2a575f838152602081815260408083206001600160a01b03861684529091529020805460ff19166001179055610ee23390565b6001600160a01b0316826001600160a01b0316847f2f8788117e7eff1d82e926ec794901d17c78024a50270940304540a733656f0d60405160405180910390a45060016104b6565b505f6104b6565b5f610f3c8383610815565b15610f2a575f838152602081815260408083206001600160a01b0386168085529252808320805460ff1916905551339286917ff6391f5c32d9c69d2a47ea670b442974b53935d1edc7fd64eb21e047a839171b9190a45060016104b6565b610fa26110e0565b6001805460ff191690557f5db9ee0a495bf2e6ff9c91a7834c1ba4fdd244a5e8aa4e537bd38aeae4b073aa335b6040516001600160a01b03909116815260200160405180910390a1565b610ff4611055565b6001805460ff1916811790557f62e78cea01bee320cd4e420270b5ea74000d11b0c9f74754ebdbfc544b05a25833610fcf565b61102f611103565b60027f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f0055565b60015460ff16156110795760405163d93c066560e01b815260040160405180910390fd5b565b5f805f806110898686611145565b925092509250611099828261118e565b5090949350505050565b6110ad8282610815565b6110dc5760405163e2517d3f60e01b81526001600160a01b038216600482015260248101839052604401610578565b5050565b60015460ff1661107957604051638dfc202b60e01b815260040160405180910390fd5b7f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f005460020361107957604051633ee5aeb560e01b815260040160405180910390fd5b5f805f835160410361117c576020840151604085015160608601515f1a61116e88828585611246565b955095509550505050611187565b505081515f91506002905b9250925092565b5f8260038111156111a1576111a16114fb565b036111aa575050565b60018260038111156111be576111be6114fb565b036111dc5760405163f645eedf60e01b815260040160405180910390fd5b60028260038111156111f0576111f06114fb565b036112115760405163fce698f760e01b815260048101829052602401610578565b6003826003811115611225576112256114fb565b036110dc576040516335e2f38360e21b815260048101829052602401610578565b5f80807f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a084111561127f57505f91506003905082611304565b604080515f808252602082018084528a905260ff891692820192909252606081018790526080810186905260019060a0016020604051602081039080840390855afa1580156112d0573d5f803e3d5ffd5b5050604051601f1901519150506001600160a01b0381166112fb57505f925060019150829050611304565b92505f91508190505b9450945094915050565b5f6020828403121561131e575f80fd5b81356001600160e01b031981168114611335575f80fd5b9392505050565b5f6020828403121561134c575f80fd5b5035919050565b80356001600160a01b0381168114611369575f80fd5b919050565b5f806040838503121561137f575f80fd5b8235915061138f60208401611353565b90509250929050565b5f602082840312156113a8575f80fd5b61133582611353565b5f805f805f8060a087890312156113c6575f80fd5b863567ffffffffffffffff808211156113dd575f80fd5b818901915089601f8301126113f0575f80fd5b8135818111156113fe575f80fd5b8a602082850101111561140f575f80fd5b602092830198509650508701359350604087013592506060870135915061143860808801611353565b90509295509295509295565b634e487b7160e01b5f52601160045260245ffd5b5f8261147257634e487b7160e01b5f52601260045260245ffd5b500490565b80820281158282048414176104b6576104b6611444565b5f6001820161149f5761149f611444565b5060010190565b60208082526022908201527f4e617474537761703a204f7261636c65207072696365206d757374206265203e604082015261020360f41b606082015260800190565b808201808211156104b6576104b6611444565b634e487b7160e01b5f52602160045260245ffdfea26469706673582212205ed3ab6ae6b056dedac68fc371351305bf98f5614e6b58458c9d3e4d01b2dfad64736f6c63430008180033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
000000000000000000000000920ccea3beed76dd7ebc2d3da2cfcdaaa323acf70000000000000000000000005a78ace5dd133316c8aaf7e156fbfc57e1209cf9
-----Decoded View---------------
Arg [0] : _anchor (address): 0x920cCEa3BeED76DD7ebC2d3da2cFcDAAa323AcF7
Arg [1] : _backendSigner (address): 0x5a78ACE5DD133316c8aaf7E156FBfc57E1209Cf9
-----Encoded View---------------
2 Constructor Arguments found :
Arg [0] : 000000000000000000000000920ccea3beed76dd7ebc2d3da2cfcdaaa323acf7
Arg [1] : 0000000000000000000000005a78ace5dd133316c8aaf7e156fbfc57e1209cf9
Deployed Bytecode Sourcemap
161133:13672:0:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;9179:204;;;;;;:::i;:::-;;:::i;:::-;;;470:14:1;;463:22;445:41;;433:2;418:18;9179:204:0;;;;;;;;162325:62;;162372:15;162325:62;;;;;643:25:1;;;631:2;616:18;162325:62:0;497:177:1;172307:384:0;;;:::i;:::-;;;;853:25:1;;;909:2;894:18;;887:34;;;;826:18;172307:384:0;679:248:1;170017:754:0;;;:::i;10459:122::-;;;;;;:::i;:::-;10524:7;10551:12;;;;;;;;;;:22;;;;10459:122;164150:34;;;;;;10891:138;;;;;;:::i;:::-;;:::i;:::-;;12028:251;;;;;;:::i;:::-;;:::i;173095:304::-;;;;;;:::i;:::-;;:::i;174716:86::-;;;:::i;162869:35::-;;;;;;136101:86;136172:7;;;;136101:86;;174153:333;;;;;;:::i;:::-;;:::i;163513:47::-;;163557:3;163513:47;;161949:28;;;;;;;;-1:-1:-1;;;;;161949:28:0;;;;;;-1:-1:-1;;;;;2276:32:1;;;2258:51;;2246:2;2231:18;161949:28:0;2112:203:1;164023:29:0;;;;;;;;;174573:75;;;:::i;9475:138::-;;;;;;:::i;:::-;;:::i;162980:29::-;;;;;;162483:43;;162525:1;162483:43;;8823:49;;8868:4;8823:49;;163453:53;;163503:3;163453:53;;163316:60;;163360:16;163316:60;;173670:304;;;;;;:::i;:::-;;:::i;166570:3014::-;;;;;;:::i;:::-;;:::i;170987:1062::-;;;;;;:::i;:::-;;:::i;163648:69::-;;163699:18;163648:69;;161701:39;;;;;11322:140;;;;;;:::i;:::-;;:::i;162533:48::-;;162575:6;162533:48;;161435:62;;161473:24;161435:62;;163156:46;;163198:4;163156:46;;161984:42;;;;;;:::i;:::-;;;;;;;;;;;;;;;;163805:52;;163855:2;163805:52;;9179:204;9264:4;-1:-1:-1;;;;;;9288:47:0;;-1:-1:-1;;;9288:47:0;;:87;;-1:-1:-1;;;;;;;;;;6596:40:0;;;9339:36;9281:94;9179:204;-1:-1:-1;;9179:204:0:o;172307:384::-;172354:14;172370:20;163699:18;172418:14;;:41;;;;:::i;:::-;172403:56;;172479:3;172470:12;;172498:9;172493:151;172517:12;172513:1;:16;:26;;;;;172537:2;172533:1;:6;172513:26;172493:151;;;163916:3;172571:32;163855:2;172571:6;:32;:::i;:::-;172570:62;;;;:::i;:::-;172561:71;-1:-1:-1;172541:3:0;;;;:::i;:::-;;;;172493:151;;;;172307:384;;:::o;170017:754::-;170099:17;;170069:13;;170099:17;;170095:157;;;170163:1;170141:19;;:23;170133:66;;;;-1:-1:-1;;;170133:66:0;;4303:2:1;170133:66:0;;;4285:21:1;4342:2;4322:18;;;4315:30;4381:32;4361:18;;;4354:60;4431:18;;170133:66:0;;;;;;;;;-1:-1:-1;170221:19:0;;;170017:754::o;170095:157::-;170432:13;163360:16;170448:20;;:40;;;;:::i;:::-;170432:56;;163198:4;170509:23;;170548:9;170543:188;170567:5;170563:1;:9;:19;;;;;170580:2;170576:1;:6;170563:19;170543:188;;;163557:3;170667:31;163503:3;170667:5;:31;:::i;:::-;170666:53;;;;:::i;:::-;170658:61;-1:-1:-1;170584:3:0;;;;:::i;:::-;;;;170543:188;;;;170751:12;170017:754;:::o;10891:138::-;10524:7;10551:12;;;;;;;;;;:22;;;9107:16;9118:4;9107:10;:16::i;:::-;10996:25:::1;11007:4;11013:7;10996:10;:25::i;:::-;;10891:138:::0;;;:::o;12028:251::-;-1:-1:-1;;;;;12122:34:0;;4461:10;12122:34;12118:104;;12180:30;;-1:-1:-1;;;12180:30:0;;;;;;;;;;;12118:104;12234:37;12246:4;12252:18;12234:11;:37::i;:::-;;12028:251;;:::o;173095:304::-;8868:4;9107:16;8868:4;9107:10;:16::i;:::-;-1:-1:-1;;;;;173198:24:0;::::1;173190:61;;;::::0;-1:-1:-1;;;173190:61:0;;4662:2:1;173190:61:0::1;::::0;::::1;4644:21:1::0;4701:2;4681:18;;;4674:30;4740:26;4720:18;;;4713:54;4784:18;;173190:61:0::1;4460:348:1::0;173190:61:0::1;173282:13;::::0;;-1:-1:-1;;;;;173306:26:0;;::::1;173282:13;173306:26:::0;;::::1;-1:-1:-1::0;;;;;;173306:26:0;::::1;;::::0;;;173348:43:::1;::::0;173282:13;;;::::1;;::::0;;;173348:43:::1;::::0;173262:17:::1;::::0;173348:43:::1;173179:220;173095:304:::0;;:::o;174716:86::-;8868:4;9107:16;8868:4;9107:10;:16::i;:::-;174784:10:::1;:8;:10::i;:::-;174716:86:::0;:::o;174153:333::-;8868:4;9107:16;8868:4;9107:10;:16::i;:::-;174259:17:::1;::::0;::::1;;174251:58;;;::::0;-1:-1:-1;;;174251:58:0;;5015:2:1;174251:58:0::1;::::0;::::1;4997:21:1::0;5054:2;5034:18;;;5027:30;5093;5073:18;;;5066:58;5141:18;;174251:58:0::1;4813:352:1::0;174251:58:0::1;174343:1;174328:12;:16;174320:63;;;;-1:-1:-1::0;;;174320:63:0::1;;;;;;;:::i;:::-;174394:19;:34:::0;;;174444::::1;::::0;;174459:4:::1;5741:41:1::0;;5813:2;5798:18;;5791:34;;;174444::0::1;::::0;5714:18:1;174444:34:0::1;;;;;;;;174153:333:::0;;:::o;174573:75::-;161473:24;9107:16;9118:4;9107:10;:16::i;:::-;174632:8:::1;:6;:8::i;9475:138::-:0;9552:4;9576:12;;;;;;;;;;;-1:-1:-1;;;;;9576:29:0;;;;;;;;;;;;;;;9475:138::o;173670:304::-;8868:4;9107:16;8868:4;9107:10;:16::i;:::-;173796:1:::1;173781:12;:16;173773:63;;;;-1:-1:-1::0;;;173773:63:0::1;;;;;;;:::i;:::-;173847:17;:24:::0;;-1:-1:-1;;173847:24:0::1;173867:4;173847:24:::0;;::::1;::::0;;;173882:19:::1;:34:::0;;;173932::::1;::::0;;5741:41:1;;;5813:2;5798:18;;5791:34;;;173932::0::1;::::0;5714:18:1;173932:34:0::1;5573:258:1::0;166570:3014:0;144670:21;:19;:21::i;:::-;135706:19:::1;:17;:19::i;:::-;167109:17:::2;::::0;;;:10:::2;:17;::::0;;;;;::::2;;167108:18;167100:59;;;::::0;-1:-1:-1;;;167100:59:0;;6038:2:1;167100:59:0::2;::::0;::::2;6020:21:1::0;6077:2;6057:18;;;6050:30;6116;6096:18;;;6089:58;6164:18;;167100:59:0::2;5836:352:1::0;167100:59:0::2;167258:1;167243:12;:16;167235:57;;;::::0;-1:-1:-1;;;167235:57:0;;6395:2:1;167235:57:0::2;::::0;::::2;6377:21:1::0;6434:2;6414:18;;;6407:30;6473;6453:18;;;6446:58;6521:18;;167235:57:0::2;6193:352:1::0;167235:57:0::2;162372:15;167311:12;:36;;167303:81;;;::::0;-1:-1:-1;;;167303:81:0;;6752:2:1;167303:81:0::2;::::0;::::2;6734:21:1::0;;;6771:18;;;6764:30;6830:34;6810:18;;;6803:62;6882:18;;167303:81:0::2;6550:356:1::0;167303:81:0::2;167479:1;167467:9;:13;167459:54;;;::::0;-1:-1:-1;;;167459:54:0;;7113:2:1;167459:54:0::2;::::0;::::2;7095:21:1::0;7152:2;7132:18;;;7125:30;7191;7171:18;;;7164:58;7239:18;;167459:54:0::2;6911:352:1::0;167459:54:0::2;167662:70;::::0;-1:-1:-1;;167679:10:0::2;7579:2:1::0;7575:15;;;7571:24;;167662:70:0::2;::::0;::::2;7559:37:1::0;7612:12;;;7605:28;;;7649:12;;;7642:28;;;7686:12;;;7679:28;;;7742:15;;;7738:24;7723:13;;;7716:47;167616:19:0::2;::::0;7779:13:1;;167662:70:0::2;;;;;;;;;;;;167638:105;;;;;;167616:127;;167754:28;167785:36;:11;126894:34:::0;126814:14;126881:48;;;126991:4;126984:25;;;;127090:4;127074:21;;;126738:439;167785:36:::2;167754:67;;167832:23;167858:39;167887:9;;167858:39;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;::::0;::::2;::::0;;;;-1:-1:-1;167858:20:0;;:39;-1:-1:-1;;167858:28:0::2;:39:::0;-1:-1:-1;167858:39:0:i:2;:::-;167935:13;::::0;167832:65;;-1:-1:-1;;;;;;167916:32:0;;::::2;167935:13;::::0;;::::2;;167916:32;167908:80;;;::::0;-1:-1:-1;;;167908:80:0;;8005:2:1;167908:80:0::2;::::0;::::2;7987:21:1::0;8044:2;8024:18;;;8017:30;8083:34;8063:18;;;8056:62;-1:-1:-1;;;8134:18:1;;;8127:33;8177:19;;167908:80:0::2;7803:399:1::0;167908:80:0::2;-1:-1:-1::0;;;;;168081:22:0;::::2;::::0;168077:121:::2;;168140:10;-1:-1:-1::0;;;;;168128:22:0;::::2;::::0;168120:66:::2;;;::::0;-1:-1:-1;;;168120:66:0;;8409:2:1;168120:66:0::2;::::0;::::2;8391:21:1::0;8448:2;8428:18;;;8421:30;8487:33;8467:18;;;8460:61;8538:18;;168120:66:0::2;8207:355:1::0;168120:66:0::2;168515:17;::::0;;;:10:::2;:17;::::0;;;;:24;;-1:-1:-1;;168515:24:0::2;168535:4;168515:24;::::0;;168629:20:::2;:36:::0;;168653:12;;168515:17;168629:36:::2;::::0;168653:12;;168629:36:::2;:::i;:::-;;;;;;;;168694:9;168676:14;;:27;;;;;;;:::i;:::-;::::0;;;-1:-1:-1;168788:21:0::2;::::0;-1:-1:-1;;;;;;168828:22:0;::::2;::::0;168824:96:::2;;168905:3;168884:17;:12:::0;168899:2:::2;168884:17;:::i;:::-;168883:25;;;;:::i;:::-;168867:41;;168824:96;169320:63;::::0;-1:-1:-1;;;169320:63:0;;169348:10:::2;169320:63;::::0;::::2;8937:34:1::0;8987:18;;;8980:34;;;-1:-1:-1;;;;;9050:15:1;;;9030:18;;;9023:43;169320:6:0::2;:27;::::0;::::2;::::0;8872:18:1;;169320:63:0::2;;;;;;;;;;;;;;;;;::::0;::::2;;;;;;;;;;;;::::0;::::2;;;;;-1:-1:-1::0;;169401:175:0::2;::::0;;9308:25:1;;;9364:2;9349:18;;9342:34;;;9392:18;;;9385:34;;;9450:2;9435:18;;9428:34;;;-1:-1:-1;;;;;169401:175:0;::::2;::::0;-1:-1:-1;169433:10:0::2;::::0;-1:-1:-1;169401:175:0::2;::::0;9295:3:1;9280:19;169401:175:0::2;;;;;;;166783:2801;;;;144714:20:::0;143992:1;143119:66;145648:62;145420:298;144714:20;166570:3014;;;;;;:::o;170987:1062::-;171052:20;;162575:6;162525:1;171225:18;:9;171237:6;171225:18;:::i;:::-;:36;;;;:::i;:::-;171224:56;;;;:::i;:::-;171199:81;;171349:16;163699:18;171368:14;;:41;;;;:::i;:::-;171349:60;;171425:9;171420:163;171444:8;171440:1;:12;:22;;;;;171460:2;171456:1;:6;171440:22;171420:163;;;163916:3;171502:40;163855:2;171502:14;:40;:::i;:::-;171501:70;;;;:::i;:::-;171484:87;-1:-1:-1;171464:3:0;;;;:::i;:::-;;;;171420:163;;;;171668:17;171688:21;:19;:21::i;:::-;171668:41;;171740:1;171728:9;:13;171720:61;;;;-1:-1:-1;;;171720:61:0;;9675:2:1;171720:61:0;;;9657:21:1;9714:2;9694:18;;;9687:30;9753:34;9733:18;;;9726:62;-1:-1:-1;;;9804:18:1;;;9797:33;9847:19;;171720:61:0;9473:399:1;171720:61:0;171845:9;171818:23;:14;171835:6;171818:23;:::i;:::-;171817:37;;;;:::i;:::-;171802:52;;162372:15;171903:12;:35;171899:103;;;162372:15;171955:35;;171899:103;172022:19;;;170987:1062;;;:::o;11322:140::-;10524:7;10551:12;;;;;;;;;;:22;;;9107:16;9118:4;9107:10;:16::i;:::-;11428:26:::1;11440:4;11446:7;11428:11;:26::i;9828:105::-:0;9895:30;9906:4;4461:10;9895;:30::i;12905:324::-;12982:4;13004:22;13012:4;13018:7;13004;:22::i;:::-;12999:223;;13043:6;:12;;;;;;;;;;;-1:-1:-1;;;;;13043:29:0;;;;;;;;;:36;;-1:-1:-1;;13043:36:0;13075:4;13043:36;;;13126:12;4461:10;;4381:98;13126:12;-1:-1:-1;;;;;13099:40:0;13117:7;-1:-1:-1;;;;;13099:40:0;13111:4;13099:40;;;;;;;;;;-1:-1:-1;13161:4:0;13154:11;;12999:223;-1:-1:-1;13205:5:0;13198:12;;13475:325;13553:4;13574:22;13582:4;13588:7;13574;:22::i;:::-;13570:223;;;13645:5;13613:12;;;;;;;;;;;-1:-1:-1;;;;;13613:29:0;;;;;;;;;;:37;;-1:-1:-1;;13613:37:0;;;13670:40;4461:10;;13613:12;;13670:40;;13645:5;13670:40;-1:-1:-1;13732:4:0;13725:11;;137002:120;135965:16;:14;:16::i;:::-;137061:7:::1;:15:::0;;-1:-1:-1;;137061:15:0::1;::::0;;137092:22:::1;4461:10:::0;137101:12:::1;137092:22;::::0;-1:-1:-1;;;;;2276:32:1;;;2258:51;;2246:2;2231:18;137092:22:0::1;;;;;;;137002:120::o:0;136743:118::-;135706:19;:17;:19::i;:::-;136813:4:::1;136803:14:::0;;-1:-1:-1;;136803:14:0::1;::::0;::::1;::::0;;136833:20:::1;4461:10:::0;136840:12:::1;4381:98:::0;145420:298;145545:25;:23;:25::i;:::-;144035:1;143119:66;145648:62;145420:298::o;136260:132::-;136172:7;;;;136322:63;;;136358:15;;-1:-1:-1;;;136358:15:0;;;;;;;;;;;136322:63;136260:132::o;151955:259::-;152033:7;152054:17;152073:18;152093:16;152113:27;152124:4;152130:9;152113:10;:27::i;:::-;152053:87;;;;;;152151:28;152163:5;152170:8;152151:11;:28::i;:::-;-1:-1:-1;152197:9:0;;151955:259;-1:-1:-1;;;;151955:259:0:o;10069:201::-;10158:22;10166:4;10172:7;10158;:22::i;:::-;10153:110;;10204:47;;-1:-1:-1;;;10204:47:0;;-1:-1:-1;;;;;10069:32:1;;10204:47:0;;;10051:51:1;10118:18;;;10111:34;;;10024:18;;10204:47:0;9877:274:1;10153:110:0;10069:201;;:::o;136469:130::-;136172:7;;;;136528:64;;136565:15;;-1:-1:-1;;;136565:15:0;;;;;;;;;;;145251:161;143119:66;146250:52;144035:1;146250:63;145310:95;;145363:30;;-1:-1:-1;;;145363:30:0;;;;;;;;;;;149035:797;149141:17;149160:16;149178:14;149209:9;:16;149229:2;149209:22;149205:620;;149521:4;149506:20;;149500:27;149571:4;149556:20;;149550:27;149629:4;149614:20;;149608:27;149248:9;149600:36;149672:25;149683:4;149600:36;149500:27;149550;149672:10;:25::i;:::-;149665:32;;;;;;;;;;;149205:620;-1:-1:-1;;149795:16:0;;149746:1;;-1:-1:-1;149750:35:0;;149205:620;149035:797;;;;;:::o;158445:542::-;158541:20;158532:5;:29;;;;;;;;:::i;:::-;;158528:452;;158445:542;;:::o;158528:452::-;158639:29;158630:5;:38;;;;;;;;:::i;:::-;;158626:354;;158692:23;;-1:-1:-1;;;158692:23:0;;;;;;;;;;;158626:354;158746:35;158737:5;:44;;;;;;;;:::i;:::-;;158733:247;;158805:46;;-1:-1:-1;;;158805:46:0;;;;;643:25:1;;;616:18;;158805:46:0;497:177:1;158733:247:0;158882:30;158873:5;:39;;;;;;;;:::i;:::-;;158869:111;;158936:32;;-1:-1:-1;;;158936:32:0;;;;;643:25:1;;;616:18;;158936:32:0;497:177:1;153854:1577:0;153985:17;;;154949:66;154936:79;;154932:166;;;-1:-1:-1;155048:1:0;;-1:-1:-1;155052:30:0;;-1:-1:-1;155084:1:0;155032:54;;154932:166;155212:24;;;155195:14;155212:24;;;;;;;;;10515:25:1;;;10588:4;10576:17;;10556:18;;;10549:45;;;;10610:18;;;10603:34;;;10653:18;;;10646:34;;;155212:24:0;;10487:19:1;;155212:24:0;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;155212:24:0;;-1:-1:-1;;155212:24:0;;;-1:-1:-1;;;;;;;155251:20:0;;155247:115;;-1:-1:-1;155304:1:0;;-1:-1:-1;155308:29:0;;-1:-1:-1;155304:1:0;;-1:-1:-1;155288:62:0;;155247:115;155382:6;-1:-1:-1;155390:20:0;;-1:-1:-1;155390:20:0;;-1:-1:-1;153854:1577:0;;;;;;;;;:::o;14:286:1:-;72:6;125:2;113:9;104:7;100:23;96:32;93:52;;;141:1;138;131:12;93:52;167:23;;-1:-1:-1;;;;;;219:32:1;;209:43;;199:71;;266:1;263;256:12;199:71;289:5;14:286;-1:-1:-1;;;14:286:1:o;932:180::-;991:6;1044:2;1032:9;1023:7;1019:23;1015:32;1012:52;;;1060:1;1057;1050:12;1012:52;-1:-1:-1;1083:23:1;;932:180;-1:-1:-1;932:180:1:o;1299:173::-;1367:20;;-1:-1:-1;;;;;1416:31:1;;1406:42;;1396:70;;1462:1;1459;1452:12;1396:70;1299:173;;;:::o;1477:254::-;1545:6;1553;1606:2;1594:9;1585:7;1581:23;1577:32;1574:52;;;1622:1;1619;1612:12;1574:52;1658:9;1645:23;1635:33;;1687:38;1721:2;1710:9;1706:18;1687:38;:::i;:::-;1677:48;;1477:254;;;;;:::o;1736:186::-;1795:6;1848:2;1836:9;1827:7;1823:23;1819:32;1816:52;;;1864:1;1861;1854:12;1816:52;1887:29;1906:9;1887:29;:::i;2320:877::-;2426:6;2434;2442;2450;2458;2466;2519:3;2507:9;2498:7;2494:23;2490:33;2487:53;;;2536:1;2533;2526:12;2487:53;2576:9;2563:23;2605:18;2646:2;2638:6;2635:14;2632:34;;;2662:1;2659;2652:12;2632:34;2700:6;2689:9;2685:22;2675:32;;2745:7;2738:4;2734:2;2730:13;2726:27;2716:55;;2767:1;2764;2757:12;2716:55;2807:2;2794:16;2833:2;2825:6;2822:14;2819:34;;;2849:1;2846;2839:12;2819:34;2896:7;2889:4;2880:6;2876:2;2872:15;2868:26;2865:39;2862:59;;;2917:1;2914;2907:12;2862:59;2948:4;2940:13;;;;-1:-1:-1;2972:6:1;-1:-1:-1;;3010:20:1;;2997:34;;-1:-1:-1;3078:2:1;3063:18;;3050:32;;-1:-1:-1;3129:2:1;3114:18;;3101:32;;-1:-1:-1;3152:39:1;3186:3;3171:19;;3152:39;:::i;:::-;3142:49;;2320:877;;;;;;;;:::o;3434:127::-;3495:10;3490:3;3486:20;3483:1;3476:31;3526:4;3523:1;3516:15;3550:4;3547:1;3540:15;3566:217;3606:1;3632;3622:132;;3676:10;3671:3;3667:20;3664:1;3657:31;3711:4;3708:1;3701:15;3739:4;3736:1;3729:15;3622:132;-1:-1:-1;3768:9:1;;3566:217::o;3788:168::-;3861:9;;;3892;;3909:15;;;3903:22;;3889:37;3879:71;;3930:18;;:::i;3961:135::-;4000:3;4021:17;;;4018:43;;4041:18;;:::i;:::-;-1:-1:-1;4088:1:1;4077:13;;3961:135::o;5170:398::-;5372:2;5354:21;;;5411:2;5391:18;;;5384:30;5450:34;5445:2;5430:18;;5423:62;-1:-1:-1;;;5516:2:1;5501:18;;5494:32;5558:3;5543:19;;5170:398::o;8567:125::-;8632:9;;;8653:10;;;8650:36;;;8666:18;;:::i;10156:127::-;10217:10;10212:3;10208:20;10205:1;10198:31;10248:4;10245:1;10238:15;10272:4;10269:1;10262:15
Swarm Source
ipfs://5ed3ab6ae6b056dedac68fc371351305bf98f5614e6b58458c9d3e4d01b2dfad
Loading...
Loading
Loading...
Loading
Loading...
Loading
0xBdaf0Bb940eb703CF40ee2B2E6AA7A7B6673f314
Net Worth in USD
$0.00
Net Worth in ETH
0
Multichain Portfolio | 32 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
Loading...
Loading
Loading...
Loading
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.