Sponsored
MoonPay
Buy crypto with our non-custodial and fully decentralised platform. Buy Now!
15M+ users trust MoonPay. Checkout with your preferred payment method.
MetaMask
Manage your web3 everything with MetaMask Portfolio. Try Now!
Ready to onboard to Ethereum? With MetaMask Portfolio, you're in control.
Nexo
Join the hunt for $12,000,000+ in NEXO Tokens. Get Nexo
Collect points for eligible actions and use multipliers to win big.
Sponsored
MetaMask
Meet MetaMask Portfolio - your key to getting more out of web3. Try Now
Ready to simplify your web3 experience? Try the all-in-one web3 app trusted by millions worldwide.
CEX.IO
Join the best crypto ecosystem and get rewarded! JOIN NOW
Buy, sell, and exchange 200+ cryptocurrencies effortlessly. Get your free crypto debit card and pay with crypto anywhere.
eToro
One-stop crypto shop: trusted, simple & safe.
Don’t invest unless you’re prepared to lose all the money you invest.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
MegaDice.com
-No KYC casino, Deposit Any Crypto, 200% up-to 1BTC Bonus. Play Now!
Play all your favorite Slots & Live Games, including Plinko, Aviator and Crash! Truly anonymous casino.
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoWins
200% Welcome Bonus – Supercharge Your Crypto Up to 4 BTC! Claim Now!
Play 100s of games anonymously with all major cryptos. Join CryptoWins & start winning!
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
Overview
ETH Balance
59.450136829047289435 ETH
Eth Value
$226,599.91 (@ $3,811.60/ETH)Token Holdings
More Info
Private Name Tags
ContractCreator
Latest 25 from a total of 9,937 transactions
| Transaction Hash |
Method
|
Block
|
From
|
To
|
Value | ||||
|---|---|---|---|---|---|---|---|---|---|
| Withdraw Group M... | 18444055 | 214 days ago | IN | 0 ETH | 0.00731605 | ||||
| Withdraw Group M... | 18430772 | 216 days ago | IN | 0 ETH | 0.0103899 | ||||
| Withdraw Group M... | 18430748 | 216 days ago | IN | 0 ETH | 0.00145133 | ||||
| Withdraw Group M... | 18430746 | 216 days ago | IN | 0 ETH | 0.00916558 | ||||
| Withdraw Group M... | 18430660 | 216 days ago | IN | 0 ETH | 0.00620342 | ||||
| Withdraw Group M... | 18430605 | 216 days ago | IN | 0 ETH | 0.00645193 | ||||
| Withdraw Group M... | 18430602 | 216 days ago | IN | 0 ETH | 0.00697153 | ||||
| Withdraw Group M... | 18430600 | 216 days ago | IN | 0 ETH | 0.00710616 | ||||
| Withdraw Group M... | 18430598 | 216 days ago | IN | 0 ETH | 0.00703787 | ||||
| Withdraw Group M... | 18430595 | 216 days ago | IN | 0 ETH | 0.00720309 | ||||
| Withdraw Group M... | 18430591 | 216 days ago | IN | 0 ETH | 0.00666099 | ||||
| Withdraw Group M... | 18430553 | 216 days ago | IN | 0 ETH | 0.0066877 | ||||
| Withdraw Group M... | 18430550 | 216 days ago | IN | 0 ETH | 0.00694447 | ||||
| Withdraw Group M... | 18430539 | 216 days ago | IN | 0 ETH | 0.00739419 | ||||
| Withdraw Group M... | 18430537 | 216 days ago | IN | 0 ETH | 0.00751266 | ||||
| Withdraw Group M... | 18430531 | 216 days ago | IN | 0 ETH | 0.00753821 | ||||
| Withdraw Group M... | 18430526 | 216 days ago | IN | 0 ETH | 0.0071713 | ||||
| Withdraw Group M... | 18430523 | 216 days ago | IN | 0 ETH | 0.00780625 | ||||
| Withdraw Group M... | 18430510 | 216 days ago | IN | 0 ETH | 0.0080139 | ||||
| Withdraw Group M... | 18430510 | 216 days ago | IN | 0 ETH | 0.00710566 | ||||
| Withdraw Group M... | 18430399 | 216 days ago | IN | 0 ETH | 0.00663888 | ||||
| Withdraw Group M... | 18430387 | 216 days ago | IN | 0 ETH | 0.00645466 | ||||
| Withdraw Group M... | 18430369 | 216 days ago | IN | 0 ETH | 0.00700478 | ||||
| Withdraw Group M... | 18430369 | 216 days ago | IN | 0 ETH | 0.00667649 | ||||
| Withdraw Group M... | 18430298 | 216 days ago | IN | 0 ETH | 0.00670692 |
Latest 25 internal transactions (View All)
Advanced mode:
| Parent Transaction Hash | Block | From | To | Value | ||
|---|---|---|---|---|---|---|
| 18444055 | 214 days ago | 0.03945619 ETH | ||||
| 18430772 | 216 days ago | 0.07059906 ETH | ||||
| 18430746 | 216 days ago | 0.0884163 ETH | ||||
| 18430660 | 216 days ago | 0.15970052 ETH | ||||
| 18430605 | 216 days ago | 0.20964301 ETH | ||||
| 18430602 | 216 days ago | 0.09440877 ETH | ||||
| 18430600 | 216 days ago | 0.07891239 ETH | ||||
| 18430598 | 216 days ago | 0.05143988 ETH | ||||
| 18430595 | 216 days ago | 0.14253929 ETH | ||||
| 18430591 | 216 days ago | 0.14157798 ETH | ||||
| 18430553 | 216 days ago | 0.1141774 ETH | ||||
| 18430550 | 216 days ago | 0.11285038 ETH | ||||
| 18430539 | 216 days ago | 0.07664862 ETH | ||||
| 18430537 | 216 days ago | 0.11440546 ETH | ||||
| 18430531 | 216 days ago | 0.11826521 ETH | ||||
| 18430526 | 216 days ago | 0.11832214 ETH | ||||
| 18430523 | 216 days ago | 0.18880114 ETH | ||||
| 18430510 | 216 days ago | 0.10084859 ETH | ||||
| 18430510 | 216 days ago | 0.17231774 ETH | ||||
| 18430399 | 216 days ago | 0.06482263 ETH | ||||
| 18430387 | 216 days ago | 0.13004463 ETH | ||||
| 18430369 | 216 days ago | 0.20497542 ETH | ||||
| 18430369 | 216 days ago | 0.1089366 ETH | ||||
| 18430298 | 216 days ago | 0.0497598 ETH | ||||
| 18430295 | 216 days ago | 0.19603967 ETH |
Loading...
Loading
This contract contains unverified libraries: BLS, Groups, GroupSelection, DKGResultVerification, Reimbursements, DelayFactor
This contract may be a proxy contract. Click on More Options and select Is this a proxy? to confirm and enable the "Read as Proxy" & "Write as Proxy" tabs.
Contract Name:
KeepRandomBeaconOperator
Compiler Version
v0.5.17+commit.d19bba13
Contract Source Code (Solidity Standard Json-Input format)
/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "openzeppelin-solidity/contracts/utils/ReentrancyGuard.sol";
import "./TokenStaking.sol";
import "./KeepRegistry.sol";
import "./GasPriceOracle.sol";
import "./cryptography/BLS.sol";
import "./utils/AddressArrayUtils.sol";
import "./utils/PercentUtils.sol";
import "./libraries/operator/GroupSelection.sol";
import "./libraries/operator/Groups.sol";
import "./libraries/operator/DKGResultVerification.sol";
import "./libraries/operator/Reimbursements.sol";
import "./libraries/operator/DelayFactor.sol";
interface ServiceContract {
function entryCreated(uint256 requestId, bytes calldata entry, address payable submitter) external;
function fundRequestSubsidyFeePool() external payable;
function fundDkgFeePool() external payable;
function callbackSurplusRecipient(uint256 requestId) external view returns(address payable);
}
/// @title KeepRandomBeaconOperator
/// @notice Keep client facing contract for random beacon security-critical operations.
/// Handles group creation and expiration, BLS signature verification and incentives.
/// The contract is not upgradeable. New functionality can be implemented by deploying
/// new versions following Keep client update and re-authorization by the stakers.
contract KeepRandomBeaconOperator is ReentrancyGuard, GasPriceOracleConsumer {
using SafeMath for uint256;
using PercentUtils for uint256;
using AddressArrayUtils for address[];
using GroupSelection for GroupSelection.Storage;
using Groups for Groups.Storage;
using DKGResultVerification for DKGResultVerification.Storage;
event OnGroupRegistered(bytes groupPubKey);
event DkgResultSubmittedEvent(
uint256 memberIndex,
bytes groupPubKey,
bytes misbehaved
);
event RelayEntryRequested(bytes previousEntry, bytes groupPublicKey);
event RelayEntrySubmitted();
event GroupSelectionStarted(uint256 newEntry);
event GroupMemberRewardsWithdrawn(
address indexed beneficiary,
address operator,
uint256 amount,
uint256 groupIndex
);
event RelayEntryTimeoutReported(uint256 indexed groupIndex);
event UnauthorizedSigningReported(uint256 indexed groupIndex);
GroupSelection.Storage groupSelection;
Groups.Storage groups;
DKGResultVerification.Storage dkgResultVerification;
address[] internal serviceContracts;
KeepRegistry internal registry;
TokenStaking internal stakingContract;
GasPriceOracle internal gasPriceOracle;
/// @dev Each signing group member reward expressed in wei.
uint256 public groupMemberBaseReward = 1000000*1e9; // 1M Gwei
/// @dev Gas price ceiling value used to calculate the gas price for reimbursement
/// next to the actual gas price from the transaction. We use gas price
/// ceiling to defend against malicious miner-submitters who can manipulate
/// transaction gas price.
uint256 public gasPriceCeiling = 60*1e9; // (60 Gwei = 60 * 10^9 wei)
/// @dev Size of a group in the threshold relay.
uint256 public groupSize = 64;
/// @dev Minimum number of group members needed to interact according to the
/// protocol to produce a relay entry.
uint256 public groupThreshold = 33;
/// @dev Time in blocks after which the next group member is eligible
/// to submit the result.
uint256 public resultPublicationBlockStep = 6;
/// @dev Timeout in blocks for a relay entry to appear on the chain. Blocks
/// are counted from the moment relay request occur.
///
/// Timeout is never shorter than the time needed by clients to generate
/// relay entry and the time it takes for the last group member to become
/// eligible to submit the result plus at least one block to submit it.
uint256 public relayEntryTimeout = groupSize.mul(resultPublicationBlockStep);
/// @dev Gas required to verify BLS signature and produce successful relay
/// entry. Excludes callback and DKG gas. The worst case (most expensive)
/// scenario.
uint256 public entryVerificationGasEstimate = 280000;
/// @dev Gas required to submit DKG result. Excludes initiation of group selection.
uint256 public dkgGasEstimate = 1740000;
/// @dev Gas required to trigger DKG (starting group selection).
uint256 public groupSelectionGasEstimate = 200000;
/// @dev Reimbursement for the submitter of the DKG result. This value is set
/// when a new DKG request comes to the operator contract.
///
/// When submitting DKG result, the submitter is reimbursed with the actual cost
/// and some part of the fee stored in this field may be returned to the service
/// contract.
uint256 public dkgSubmitterReimbursementFee;
/// @dev Seed value used for the genesis group selection.
/// https://www.wolframalpha.com/input/?i=pi+to+78+digits
uint256 internal constant _genesisGroupSeed = 31415926535897932384626433832795028841971693993751058209749445923078164062862;
/// @dev Service contract that triggered current group selection.
ServiceContract internal groupSelectionStarterContract;
// current relay request data
uint256 internal currentRequestId;
uint256 public currentRequestStartBlock;
uint256 public currentRequestGroupIndex;
bytes public currentRequestPreviousEntry;
uint256 internal currentRequestEntryVerificationAndProfitFee;
uint256 internal currentRequestCallbackFee;
address internal currentRequestServiceContract;
/// @notice Triggers group selection if there are no active groups.
function genesis() public payable {
// If we run into a very unlikely situation when there are no active
// groups on the contract because of slashing and groups terminated
// or because beacon has not been used for a very long time and all
// groups expired, we first want to make a cleanup.
groups.expireOldGroups();
require(numberOfGroups() == 0, "Groups exist");
// Cleanup after potential failed DKG
groupSelection.finish();
// Set latest added service contract as a group selection starter to receive any DKG fee surplus.
groupSelectionStarterContract = ServiceContract(serviceContracts[serviceContracts.length.sub(1)]);
startGroupSelection(_genesisGroupSeed, msg.value);
}
modifier onlyServiceContract() {
require(
serviceContracts.contains(msg.sender),
"Caller is not a service contract"
);
_;
}
constructor(
address _serviceContract,
address _tokenStaking,
address _keepRegistry,
address _gasPriceOracle
) public {
serviceContracts.push(_serviceContract);
stakingContract = TokenStaking(_tokenStaking);
registry = KeepRegistry(_keepRegistry);
gasPriceOracle = GasPriceOracle(_gasPriceOracle);
groups.stakingContract = stakingContract;
groups.groupActiveTime = 86400 * 14 / 15; // 14 days equivalent in 15s blocks
groups.relayEntryTimeout = relayEntryTimeout;
// There are 78 blocks to submit group selection tickets. To minimize
// the submitter's cost by minimizing the number of redundant tickets
// that are not selected into the group, the following approach is
// recommended:
//
// Tickets are submitted in 11 rounds, each round taking 6 blocks.
// As the basic principle, the number of leading zeros in the ticket
// value is subtracted from the number of rounds to determine the round
// the ticket should be submitted in:
// - in round 0, tickets with 11 or more leading zeros are submitted
// - in round 1, tickets with 10 or more leading zeros are submitted
// (...)
// - in round 11, tickets with no leading zeros are submitted.
//
// In each round, group member candidate needs to monitor tickets
// submitted by other candidates and compare them against tickets of
// the candidate not yet submitted to determine if continuing with
// ticket submission still makes sense.
//
// After 66 blocks, there is a 12 blocks mining lag allowing all
// outstanding ticket submissions to have a higher chance of being
// mined before the deadline.
groupSelection.ticketSubmissionTimeout = 6 * 11 + 12;
groupSelection.groupSize = groupSize;
dkgResultVerification.timeDKG = 5*(1+5) + 2*(1+10) + 20;
dkgResultVerification.resultPublicationBlockStep = resultPublicationBlockStep;
dkgResultVerification.groupSize = groupSize;
dkgResultVerification.signatureThreshold = groupThreshold + (groupSize - groupThreshold) / 2;
}
/// @notice Adds service contract
/// @param serviceContract Address of the service contract.
function addServiceContract(address serviceContract) public {
require(
registry.serviceContractUpgraderFor(address(this)) == msg.sender,
"Not authorized"
);
serviceContracts.push(serviceContract);
}
/// @notice Pulls the most recent gas price from gas price oracle.
function refreshGasPrice() public {
gasPriceCeiling = gasPriceOracle.gasPrice();
}
/// @notice Triggers the selection process of a new candidate group.
/// @param _newEntry New random beacon value that stakers will use to
/// generate their tickets.
/// @param submitter Operator of this contract.
function createGroup(uint256 _newEntry, address payable submitter) public payable onlyServiceContract {
uint256 groupSelectionStartFee = groupSelectionGasEstimate.mul(gasPriceCeiling);
groupSelectionStarterContract = ServiceContract(msg.sender);
startGroupSelection(_newEntry, msg.value.sub(groupSelectionStartFee));
// reimbursing a submitter that triggered group selection
(bool success, ) = stakingContract.beneficiaryOf(submitter).call.value(groupSelectionStartFee)("");
require(success, "Group selection reimbursement failed");
}
function startGroupSelection(uint256 _newEntry, uint256 _payment) internal {
require(
_payment >= gasPriceCeiling.mul(dkgGasEstimate),
"Insufficient DKG fee"
);
require(isGroupSelectionPossible(), "Group selection in progress");
// If previous group selection failed and there is reimbursement left
// return it to the DKG fee pool.
if (dkgSubmitterReimbursementFee > 0) {
uint256 surplus = dkgSubmitterReimbursementFee;
dkgSubmitterReimbursementFee = 0;
ServiceContract(groupSelectionStarterContract).fundDkgFeePool.value(surplus)();
}
groupSelection.minimumStake = stakingContract.minimumStake();
groupSelection.start(_newEntry);
emit GroupSelectionStarted(_newEntry);
dkgSubmitterReimbursementFee = _payment;
}
/// @notice Checks if it is possible to fire a new group selection.
/// Triggering new group selection is only possible when there is no
/// pending group selection or when the pending group selection timed out.
function isGroupSelectionPossible() public view returns (bool) {
if (!groupSelection.inProgress) {
return true;
}
// dkgTimeout is the time after key generation protocol is expected to
// be complete plus the expected time to submit the result.
uint256 dkgTimeout = groupSelection.ticketSubmissionStartBlock +
groupSelection.ticketSubmissionTimeout +
dkgResultVerification.timeDKG +
groupSize * resultPublicationBlockStep;
return block.number > dkgTimeout;
}
/// @notice Submits ticket to request to participate in a new candidate group.
/// @param ticket Bytes representation of a ticket that holds the following:
/// - ticketValue: first 8 bytes of a result of keccak256 cryptography hash
/// function on the combination of the group selection seed (previous
/// beacon output), staker-specific value (address) and virtual staker index.
/// - stakerValue: a staker-specific value which is the address of the staker.
/// - virtualStakerIndex: 4-bytes number within a range of 1 to staker's weight;
/// has to be unique for all tickets submitted by the given staker for the
/// current candidate group selection.
function submitTicket(bytes32 ticket) public {
uint256 stakingWeight = stakingContract.eligibleStake(
msg.sender, address(this)
).div(groupSelection.minimumStake);
groupSelection.submitTicket(ticket, stakingWeight);
}
/// @notice Gets the timeout in blocks after which group candidate ticket
/// submission is finished.
function ticketSubmissionTimeout() public view returns (uint256) {
return groupSelection.ticketSubmissionTimeout;
}
/// @notice Gets the submitted group candidate tickets so far.
function submittedTickets() public view returns (uint64[] memory) {
return groupSelection.tickets;
}
/// @notice Gets selected participants in ascending order of their tickets.
function selectedParticipants() public view returns (address[] memory) {
return groupSelection.selectedParticipants();
}
/// @notice Submits result of DKG protocol. It is on-chain part of phase 14 of
/// the protocol.
/// @param submitterMemberIndex Claimed submitter candidate group member index
/// @param groupPubKey Generated candidate group public key
/// @param misbehaved Bytes array of misbehaved (disqualified or inactive)
/// group members indexes in ascending order; Indexes reflect positions of
/// members in the group as outputted by the group selection protocol.
/// @param signatures Concatenation of signatures from members supporting the
/// result.
/// @param signingMembersIndexes Indices of members corresponding to each
/// signature.
function submitDkgResult(
uint256 submitterMemberIndex,
bytes memory groupPubKey,
bytes memory misbehaved,
bytes memory signatures,
uint[] memory signingMembersIndexes
) public nonReentrant {
address[] memory members = selectedParticipants();
dkgResultVerification.verify(
submitterMemberIndex,
groupPubKey,
misbehaved,
signatures,
signingMembersIndexes,
members,
groupSelection.ticketSubmissionStartBlock + groupSelection.ticketSubmissionTimeout
);
groups.setGroupMembers(groupPubKey, members, misbehaved);
groups.addGroup(groupPubKey);
reimburseDkgSubmitter();
emit DkgResultSubmittedEvent(submitterMemberIndex, groupPubKey, misbehaved);
groupSelection.finish();
}
/// @notice Compare the reimbursement fee calculated based on the current
/// transaction gas price and the current price feed estimate with the DKG
/// reimbursement fee calculated and paid at the moment when the DKG was
/// requested. If there is any surplus, it will be returned to the DKG fee
/// pool of the service contract which triggered the DKG.
function reimburseDkgSubmitter() internal {
uint256 gasPrice = gasPriceCeiling;
// We need to check if tx.gasprice is non-zero as a workaround to a bug
// in go-ethereum:
// https://github.com/ethereum/go-ethereum/pull/20189
if (tx.gasprice > 0 && tx.gasprice < gasPriceCeiling) {
gasPrice = tx.gasprice;
}
uint256 reimbursementFee = dkgGasEstimate.mul(gasPrice);
address payable beneficiary = stakingContract.beneficiaryOf(msg.sender);
if (reimbursementFee < dkgSubmitterReimbursementFee) {
uint256 surplus = dkgSubmitterReimbursementFee.sub(reimbursementFee);
dkgSubmitterReimbursementFee = 0;
// Reimburse submitter with actual DKG cost.
beneficiary.call.value(reimbursementFee)("");
// Return surplus to the contract that started DKG.
groupSelectionStarterContract.fundDkgFeePool.value(surplus)();
} else {
// If submitter used higher gas price reimburse only
// dkgSubmitterReimbursementFee max.
reimbursementFee = dkgSubmitterReimbursementFee;
dkgSubmitterReimbursementFee = 0;
beneficiary.call.value(reimbursementFee)("");
}
}
/// @notice Creates a request to generate a new relay entry, which will include
/// a random number (by signing the previous entry's random number).
/// @param requestId Request Id trackable by service contract
/// @param previousEntry Previous relay entry
function sign(
uint256 requestId,
bytes memory previousEntry
) public payable onlyServiceContract {
uint256 entryVerificationAndProfitFee = groupProfitFee().add(
entryVerificationFee()
);
require(
msg.value >= entryVerificationAndProfitFee,
"Insufficient new entry fee"
);
uint256 callbackFee = msg.value.sub(entryVerificationAndProfitFee);
signRelayEntry(
requestId, previousEntry, msg.sender,
entryVerificationAndProfitFee, callbackFee
);
}
function signRelayEntry(
uint256 requestId,
bytes memory previousEntry,
address serviceContract,
uint256 entryVerificationAndProfitFee,
uint256 callbackFee
) internal {
require(!isEntryInProgress(), "Beacon is busy");
uint256 groupIndex = groups.selectGroup(uint256(keccak256(previousEntry)));
currentRequestId = requestId;
currentRequestStartBlock = block.number;
currentRequestEntryVerificationAndProfitFee = entryVerificationAndProfitFee;
currentRequestCallbackFee = callbackFee;
currentRequestGroupIndex = groupIndex;
currentRequestPreviousEntry = previousEntry;
currentRequestServiceContract = serviceContract;
bytes memory groupPubKey = groups.getGroupPublicKey(groupIndex);
emit RelayEntryRequested(previousEntry, groupPubKey);
}
/// @notice Creates a new relay entry and stores the associated data on the chain.
/// @param _groupSignature Group BLS signature over the concatenation of the
/// previous entry and seed.
function relayEntry(bytes memory _groupSignature) public nonReentrant {
require(isEntryInProgress(), "Entry was submitted");
require(!hasEntryTimedOut(), "Entry timed out");
bytes memory groupPubKey = groups.getGroupPublicKey(currentRequestGroupIndex);
require(
BLS.verify(
groupPubKey,
currentRequestPreviousEntry,
_groupSignature
),
"Invalid signature"
);
emit RelayEntrySubmitted();
// Spend no more than groupSelectionGasEstimate + 40000 gas max
// This will prevent relayEntry failure in case the service contract is compromised
currentRequestServiceContract.call.gas(groupSelectionGasEstimate.add(40000))(
abi.encodeWithSignature(
"entryCreated(uint256,bytes,address)",
currentRequestId,
_groupSignature,
msg.sender
)
);
if (currentRequestCallbackFee > 0) {
executeCallback(uint256(keccak256(_groupSignature)));
}
(uint256 groupMemberReward, uint256 submitterReward, uint256 subsidy) = newEntryRewardsBreakdown();
groups.addGroupMemberReward(groupPubKey, groupMemberReward);
stakingContract.beneficiaryOf(msg.sender).call.value(submitterReward)("");
if (subsidy > 0) {
currentRequestServiceContract.call.gas(35000).value(subsidy)(
abi.encodeWithSignature("fundRequestSubsidyFeePool()")
);
}
currentRequestStartBlock = 0;
}
/// @notice Executes customer specified callback for the relay entry request.
/// @param entry The generated random number.
function executeCallback(uint256 entry) internal {
// Make sure not to spend more than what was received from the service
// contract for the callback
uint256 gasLimit = currentRequestCallbackFee.div(gasPriceCeiling);
// Make sure not to spend more than 2 million gas on a callback.
// This is to protect members from relay entry failure and potential
// slashing in case of any changes in .call() gas limit.
gasLimit = gasLimit > 2000000 ? 2000000 : gasLimit;
bytes memory callbackSurplusRecipientData;
(, callbackSurplusRecipientData) = currentRequestServiceContract.call.gas(
40000
)(abi.encodeWithSignature(
"callbackSurplusRecipient(uint256)",
currentRequestId
));
uint256 gasBeforeCallback = gasleft();
currentRequestServiceContract.call.gas(
gasLimit
)(abi.encodeWithSignature(
"executeCallback(uint256,uint256)",
currentRequestId,
entry
));
uint256 gasAfterCallback = gasleft();
uint256 gasSpent = gasBeforeCallback.sub(gasAfterCallback);
Reimbursements.reimburseCallback(
stakingContract,
gasPriceCeiling,
gasLimit,
gasSpent,
currentRequestCallbackFee,
callbackSurplusRecipientData
);
}
/// @notice Get rewards breakdown in wei for successful entry for the
/// current signing request.
function newEntryRewardsBreakdown() internal view returns(
uint256 groupMemberReward,
uint256 submitterReward,
uint256 subsidy
) {
uint256 decimals = 1e16; // Adding 16 decimals to perform float division.
uint256 delayFactor = DelayFactor.calculate(
currentRequestStartBlock,
relayEntryTimeout
);
groupMemberReward = groupMemberBaseReward.mul(delayFactor).div(decimals);
// delay penalty = base reward * (1 - delay factor)
uint256 groupMemberDelayPenalty = groupMemberBaseReward.mul(decimals.sub(delayFactor));
// The submitter reward consists of:
// The callback gas expenditure (reimbursed by the service contract)
// The entry verification fee to cover the cost of verifying the submission,
// paid regardless of their gas expenditure
// Submitter extra reward - 5% of the delay penalties of the entire group
uint256 submitterExtraReward = groupMemberDelayPenalty.mul(groupSize).percent(5).div(decimals);
uint256 entryVerificationFee = currentRequestEntryVerificationAndProfitFee.sub(groupProfitFee());
submitterReward = entryVerificationFee.add(submitterExtraReward);
// Rewards not paid out to the operators are paid out to requesters to subsidize new requests.
subsidy = groupProfitFee().sub(groupMemberReward.mul(groupSize)).sub(submitterExtraReward);
}
/// @notice Returns true if generation of a new relay entry is currently in
/// progress.
function isEntryInProgress() public view returns (bool) {
return currentRequestStartBlock != 0;
}
/// @notice Returns true if the currently ongoing new relay entry generation
/// operation timed out. There is a certain timeout for a new relay entry
/// to be produced, see `relayEntryTimeout` value.
function hasEntryTimedOut() internal view returns (bool) {
return currentRequestStartBlock != 0 && block.number > currentRequestStartBlock + relayEntryTimeout;
}
/// @notice Function used to inform about the fact the currently ongoing
/// new relay entry generation operation timed out. As a result, the group
/// which was supposed to produce a new relay entry is immediately
/// terminated and a new group is selected to produce a new relay entry.
/// All members of the group are punished by seizing minimum stake of
/// their tokens. The submitter of the transaction is rewarded with a
/// tattletale reward which is limited to min(1, 20 / group_size) of the
/// maximum tattletale reward.
function reportRelayEntryTimeout() public {
require(hasEntryTimedOut(), "Entry did not time out");
groups.reportRelayEntryTimeout(currentRequestGroupIndex, groupSize);
currentRequestStartBlock = 0;
// We could terminate the last active group. If that's the case,
// do not try to execute signing again because there is no group
// which can handle it.
if (numberOfGroups() > 0) {
signRelayEntry(
currentRequestId,
currentRequestPreviousEntry,
currentRequestServiceContract,
currentRequestEntryVerificationAndProfitFee,
currentRequestCallbackFee
);
}
emit RelayEntryTimeoutReported(currentRequestGroupIndex);
}
/// @notice Gets group profit fee expressed in wei.
function groupProfitFee() public view returns(uint256) {
return groupMemberBaseReward.mul(groupSize);
}
/// @notice Checks if the specified account has enough active stake to become
/// network operator and that this contract has been authorized for potential
/// slashing.
///
/// Having the required minimum of active stake makes the operator eligible
/// to join the network. If the active stake is not currently undelegating,
/// operator is also eligible for work selection.
///
/// @param staker Staker's address
/// @return True if has enough active stake to participate in the network,
/// false otherwise.
function hasMinimumStake(address staker) public view returns(bool) {
return stakingContract.hasMinimumStake(staker, address(this));
}
/// @notice Checks if group with the given public key is registered.
function isGroupRegistered(bytes memory groupPubKey) public view returns(bool) {
return groups.isGroupRegistered(groupPubKey);
}
/// @notice Checks if a group with the given public key is a stale group.
/// Stale group is an expired group which is no longer performing any
/// operations. It is important to understand that an expired group may
/// still perform some operations for which it was selected when it was still
/// active. We consider a group to be stale when it's expired and when its
/// expiration time and potentially executed operation timeout are both in
/// the past.
function isStaleGroup(bytes memory groupPubKey) public view returns(bool) {
return groups.isStaleGroup(groupPubKey);
}
/// @notice Gets the number of active groups as currently marked in the
/// contract. This is the state from when the expired groups were last updated
/// without accounting for recent expirations.
///
/// @dev Even if numberOfGroups() > 0, it is still possible requesting for
/// a new relay entry will revert with "no active groups" failure message.
/// This function returns the number of active groups as they are currently
/// marked on-chain. However, during relay request, before group selection,
/// we run group expiration and it may happen that some groups seen as active
/// turns out to be expired.
function numberOfGroups() public view returns(uint256) {
return groups.numberOfGroups();
}
/// @notice Returns accumulated group member rewards for provided group.
function getGroupMemberRewards(bytes memory groupPubKey) public view returns (uint256) {
return groups.groupMemberRewards[groupPubKey];
}
/// @notice Return whether the given operator has withdrawn their rewards
/// from the given group.
function hasWithdrawnRewards(address operator, uint256 groupIndex)
public view returns (bool) {
return groups.hasWithdrawnRewards(operator, groupIndex);
}
/// @notice Withdraws accumulated group member rewards for operator
/// using the provided group index.
/// Once the accumulated reward is withdrawn from the selected group,
/// the operator is flagged as withdrawn.
/// Rewards can be withdrawn only from stale group.
/// @param operator Operator address
/// @param groupIndex Group index
function withdrawGroupMemberRewards(address operator, uint256 groupIndex)
public nonReentrant {
uint256 accumulatedRewards = groups.withdrawFromGroup(operator, groupIndex);
(bool success, ) = stakingContract.beneficiaryOf(operator).call.value(accumulatedRewards)("");
if (success) {
emit GroupMemberRewardsWithdrawn(stakingContract.beneficiaryOf(operator), operator, accumulatedRewards, groupIndex);
}
}
/// @notice Gets the index of the first active group.
function getFirstActiveGroupIndex() public view returns (uint256) {
return groups.expiredGroupOffset;
}
/// @notice Gets public key of the group with the given index.
function getGroupPublicKey(uint256 groupIndex) public view returns (bytes memory) {
return groups.getGroupPublicKey(groupIndex);
}
/// @notice Returns fee for entry verification in wei. Does not include group
/// profit fee, DKG contribution or callback fee.
function entryVerificationFee() public view returns (uint256) {
return entryVerificationGasEstimate.mul(gasPriceCeiling);
}
/// @notice Returns fee for group creation in wei. Includes the cost of DKG
/// and the cost of triggering group selection.
function groupCreationFee() public view returns (uint256) {
return dkgGasEstimate.add(groupSelectionGasEstimate).mul(gasPriceCeiling);
}
/// @notice Returns members of the given group by group public key.
function getGroupMembers(bytes memory groupPubKey) public view returns (address[] memory members) {
return groups.getGroupMembers(groupPubKey);
}
function getNumberOfCreatedGroups() public view returns (uint256) {
return groups.groups.length;
}
function getGroupRegistrationTime(uint256 groupIndex) public view returns (uint256) {
return groups.getGroupRegistrationTime(groupIndex);
}
function isGroupTerminated(uint256 groupIndex) public view returns (bool) {
return groups.isGroupTerminated(groupIndex);
}
/// @notice Reports unauthorized signing for the provided group. Must provide
/// a valid signature of the tattletale address as a message. Successful signature
/// verification means the private key has been leaked and all group members
/// should be punished by seizing their tokens. The submitter of this proof is
/// rewarded with 5% of the total seized amount scaled by the reward adjustment
/// parameter and the rest 95% is burned.
function reportUnauthorizedSigning(
uint256 groupIndex,
bytes memory signedMsgSender
) public {
groups.reportUnauthorizedSigning(
groupIndex,
signedMsgSender,
stakingContract.minimumStake()
);
emit UnauthorizedSigningReported(groupIndex);
}
}/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Burnable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/SafeERC20.sol";
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "./StakeDelegatable.sol";
import "./libraries/staking/MinimumStakeSchedule.sol";
import "./libraries/staking/GrantStaking.sol";
import "./libraries/staking/Locks.sol";
import "./libraries/staking/TopUps.sol";
import "./utils/PercentUtils.sol";
import "./utils/BytesLib.sol";
import "./Authorizations.sol";
import "./TokenStakingEscrow.sol";
import "./TokenSender.sol";
/// @title TokenStaking
/// @notice A token staking contract for a specified standard ERC20Burnable token.
/// A holder of the specified token can stake delegate its tokens to this contract
/// and recover the stake after undelegation period is over.
contract TokenStaking is Authorizations, StakeDelegatable {
using BytesLib for bytes;
using SafeMath for uint256;
using PercentUtils for uint256;
using SafeERC20 for ERC20Burnable;
using GrantStaking for GrantStaking.Storage;
using Locks for Locks.Storage;
using TopUps for TopUps.Storage;
event StakeDelegated(
address indexed owner,
address indexed operator
);
event OperatorStaked(
address indexed operator,
address indexed beneficiary,
address indexed authorizer,
uint256 value
);
event StakeOwnershipTransferred(
address indexed operator,
address indexed newOwner
);
event TopUpInitiated(address indexed operator, uint256 topUp);
event TopUpCompleted(address indexed operator, uint256 newAmount);
event Undelegated(address indexed operator, uint256 undelegatedAt);
event RecoveredStake(address operator);
event TokensSlashed(address indexed operator, uint256 amount);
event TokensSeized(address indexed operator, uint256 amount);
event StakeLocked(address indexed operator, address lockCreator, uint256 until);
event LockReleased(address indexed operator, address lockCreator);
event ExpiredLockReleased(address indexed operator, address lockCreator);
uint256 public deployedAt;
uint256 public initializationPeriod; // varies between mainnet and testnet
ERC20Burnable internal token;
TokenGrant internal tokenGrant;
TokenStakingEscrow internal escrow;
GrantStaking.Storage internal grantStaking;
Locks.Storage internal locks;
TopUps.Storage internal topUps;
uint256 internal constant twoWeeks = 1209600; // [sec]
uint256 internal constant twoMonths = 5184000; // [sec]
// 2020-04-28; the date of deploying KEEP token.
// TX: 0xea22d72bc7de4c82798df7194734024a1f2fd57b173d0e065864ff4e9d3dc014
uint256 internal constant minimumStakeScheduleStart = 1588042366;
/// @notice Creates a token staking contract for a provided Standard ERC20Burnable token.
/// @param _token KEEP token contract.
/// @param _tokenGrant KEEP token grant contract.
/// @param _escrow Escrow dedicated for this staking contract.
/// @param _registry Keep contract registry contract.
/// @param _initializationPeriod To avoid certain attacks on work selection, recently created
/// operators must wait for a specific period of time before being eligible for work selection.
constructor(
ERC20Burnable _token,
TokenGrant _tokenGrant,
TokenStakingEscrow _escrow,
KeepRegistry _registry,
uint256 _initializationPeriod
) Authorizations(_registry) public {
token = _token;
tokenGrant = _tokenGrant;
escrow = _escrow;
registry = _registry;
initializationPeriod = _initializationPeriod;
deployedAt = block.timestamp;
}
/// @notice Returns minimum amount of KEEP that allows sMPC cluster client to
/// participate in the Keep network. Expressed as number with 18-decimal places.
/// Initial minimum stake is higher than the final and lowered periodically based
/// on the amount of steps and the length of the minimum stake schedule in seconds.
function minimumStake() public view returns (uint256) {
return MinimumStakeSchedule.current(minimumStakeScheduleStart);
}
/// @notice Returns the current value of the undelegation period.
/// The staking contract guarantees that an undelegated operator’s stakes
/// will stay locked for a period of time after undelegation, and thus
/// available as collateral for any work the operator is engaged in.
/// The undelegation period is two weeks for the first two months and
/// two months after that.
function undelegationPeriod() public view returns(uint256) {
return block.timestamp < deployedAt.add(twoMonths) ? twoWeeks : twoMonths;
}
/// @notice Receives approval of token transfer and stakes the approved
/// amount or adds the approved amount to an existing delegation (a “top-up”).
/// In case of a top-up, it is expected that the operator stake is not
/// undelegated and that the top-up is performed from the same source of
/// tokens as the initial delegation. That is, if the tokens were delegated
/// from a grant, top-up has to be performed from the same grant. If the
/// delegation was done using liquid tokens, only liquid tokens from the
/// same owner can be used to top-up the stake.
/// Top-up can not be cancelled so it is important to be careful with the
/// amount of KEEP added to the stake.
/// @dev Requires that the provided token contract be the same one linked to
/// this contract.
/// @param _from The owner of the tokens who approved them to transfer.
/// @param _value Approved amount for the transfer and stake.
/// @param _token Token contract address.
/// @param _extraData Data for stake delegation. This byte array must have
/// the following values concatenated:
/// - Beneficiary address (20 bytes), ignored for a top-up
/// - Operator address (20 bytes)
/// - Authorizer address (20 bytes), ignored for a top-up
/// - Grant ID (32 bytes) - required only when called by TokenStakingEscrow
function receiveApproval(
address _from,
uint256 _value,
address _token,
bytes memory _extraData
) public {
require(ERC20Burnable(_token) == token, "Unrecognized token");
require(_extraData.length >= 60, "Corrupted delegation data");
// Transfer tokens to this contract.
token.safeTransferFrom(_from, address(this), _value);
address operator = _extraData.toAddress(20);
// See if there is an existing delegation for this operator...
if (operators[operator].packedParams.getCreationTimestamp() == 0) {
// If there is no existing delegation, delegate tokens using
// beneficiary and authorizer passed in _extraData.
delegate(_from, _value, operator, _extraData);
} else {
// If there is an existing delegation, top-up the stake.
topUp(_from, _value, operator, _extraData);
}
}
/// @notice Delegates tokens to a new operator using beneficiary and
/// authorizer passed in _extraData parameter.
/// @param _from The owner of the tokens who approved them to transfer.
/// @param _value Approved amount for the transfer and stake.
/// @param _operator The new operator address.
/// @param _extraData Data for stake delegation as passed to receiveApproval.
function delegate(
address _from,
uint256 _value,
address _operator,
bytes memory _extraData
) internal {
require(_value >= minimumStake(), "Less than the minimum stake");
address payable beneficiary = address(uint160(_extraData.toAddress(0)));
address authorizer = _extraData.toAddress(40);
operators[_operator] = Operator(
OperatorParams.pack(_value, block.timestamp, 0),
_from,
beneficiary,
authorizer
);
grantStaking.tryCapturingDelegationData(
tokenGrant,
address(escrow),
_from,
_operator,
_extraData
);
emit StakeDelegated(_from, _operator);
emit OperatorStaked(_operator, beneficiary, authorizer, _value);
}
/// @notice Performs top-up to an existing operator. Tokens added during
/// stake initialization period are immediatelly added to the stake and
/// stake initialization timer is reset to the current block. Tokens added
/// in a top-up after the stake initialization period is over are not
/// included in the operator stake until the initialization period for
/// a top-up passes and top-up is committed. Operator must not have the stake
/// undelegated. It is expected that the top-up is done from the same source
/// of tokens as the initial delegation. That is, if the tokens were
/// delegated from a grant, top-up has to be performed from the same grant.
/// If the delegation was done using liquid tokens, only liquid tokens from
/// the same owner can be used to top-up the stake.
/// Top-up can not be cancelled so it is important to be careful with the
/// amount of KEEP added to the stake.
/// @param _from The owner of the tokens who approved them to transfer.
/// @param _value Approved amount for the transfer and top-up to
/// an existing stake.
/// @param _operator The new operator address.
/// @param _extraData Data for stake delegation as passed to receiveApproval
function topUp(
address _from,
uint256 _value,
address _operator,
bytes memory _extraData
) internal {
// Top-up comes from a grant if it's been initiated from TokenGrantStake
// contract or if it's been initiated from TokenStakingEscrow by
// redelegation.
bool isFromGrant = address(tokenGrant.grantStakes(_operator)) == _from ||
address(escrow) == _from;
if (grantStaking.hasGrantDelegated(_operator)) {
// Operator has grant delegated. We need to see if the top-up
// is performed also from a grant.
require(isFromGrant, "Must be from a grant");
// If it is from a grant, we need to make sure it's from the same
// grant as the original delegation. We do not want to mix unlocking
// schedules.
uint256 previousGrantId = grantStaking.getGrantForOperator(_operator);
(, uint256 grantId) = grantStaking.tryCapturingDelegationData(
tokenGrant, address(escrow), _from, _operator, _extraData
);
require(grantId == previousGrantId, "Not the same grant");
} else {
// Operator has no grant delegated. We need to see if the top-up
// is performed from liquid tokens of the same owner.
require(!isFromGrant, "Must not be from a grant");
require(operators[_operator].owner == _from, "Not the same owner");
}
uint256 operatorParams = operators[_operator].packedParams;
if (!_isInitialized(operatorParams)) {
// If the stake is not yet initialized, we add tokens immediately
// but we also reset stake initialization time counter.
operators[_operator].packedParams = topUps.instantComplete(
_value, _operator, operatorParams, escrow
);
} else {
// If the stake is initialized, we do NOT add tokens immediately.
// We initiate the top-up and will add tokens to the stake only
// after the initialization period for a top-up passes.
topUps.initiate(_value, _operator, operatorParams, escrow);
}
}
/// @notice Commits pending top-up for the provided operator. If the top-up
/// did not pass the initialization period, the function fails.
/// @param _operator The operator with a pending top-up that is getting
/// committed.
function commitTopUp(address _operator) public {
operators[_operator].packedParams = topUps.commit(
_operator,
operators[_operator].packedParams,
initializationPeriod
);
}
/// @notice Cancels stake of tokens within the operator initialization period
/// without being subjected to the token lockup for the undelegation period.
/// This can be used to undo mistaken delegation to the wrong operator address.
/// @param _operator Address of the stake operator.
function cancelStake(address _operator) public {
address owner = operators[_operator].owner;
require(
msg.sender == owner ||
msg.sender == _operator ||
grantStaking.canUndelegate(_operator, tokenGrant),
"Not authorized"
);
uint256 operatorParams = operators[_operator].packedParams;
require(
!_isInitialized(operatorParams),
"Initialized stake"
);
uint256 amount = operatorParams.getAmount();
operators[_operator].packedParams = operatorParams.setAmount(0);
transferOrDeposit(owner, _operator, amount);
}
/// @notice Undelegates staked tokens. You will be able to recover your stake by calling
/// `recoverStake()` with operator address once undelegation period is over.
/// @param _operator Address of the stake operator.
function undelegate(address _operator) public {
undelegateAt(_operator, block.timestamp);
}
/// @notice Set an undelegation time for staked tokens.
/// Undelegation will begin at the specified timestamp.
/// You will be able to recover your stake by calling
/// `recoverStake()` with operator address once undelegation period is over.
/// @param _operator Address of the stake operator.
/// @param _undelegationTimestamp The timestamp undelegation is to start at.
function undelegateAt(
address _operator,
uint256 _undelegationTimestamp
) public {
require(
msg.sender == _operator ||
msg.sender == operators[_operator].owner ||
grantStaking.canUndelegate(_operator, tokenGrant),
"Not authorized"
);
uint256 oldParams = operators[_operator].packedParams;
require(
_undelegationTimestamp >= block.timestamp &&
_undelegationTimestamp > oldParams.getCreationTimestamp().add(initializationPeriod),
"Invalid timestamp"
);
uint256 existingUndelegationTimestamp = oldParams.getUndelegationTimestamp();
require(
// Undelegation not in progress OR
existingUndelegationTimestamp == 0 ||
// Undelegating sooner than previously set time OR
existingUndelegationTimestamp > _undelegationTimestamp ||
// We have already checked above that msg.sender is owner, grantee,
// or operator. Only owner and grantee are eligible to postpone the
// delegation so it is enough if we exclude operator here.
msg.sender != _operator,
"Operator may not postpone"
);
operators[_operator].packedParams = oldParams.setUndelegationTimestamp(
_undelegationTimestamp
);
emit Undelegated(_operator, _undelegationTimestamp);
}
/// @notice Recovers staked tokens and transfers them back to the owner.
/// Recovering tokens can only be performed when the operator finished
/// undelegating.
/// @param _operator Operator address.
function recoverStake(address _operator) public {
uint256 operatorParams = operators[_operator].packedParams;
require(
operatorParams.getUndelegationTimestamp() != 0,
"Not undelegated"
);
require(
_isUndelegatingFinished(operatorParams),
"Still undelegating"
);
require(
!isStakeLocked(_operator),
"Locked stake"
);
uint256 amount = operatorParams.getAmount();
// If there is a pending top-up, force-commit it before returning tokens.
amount = amount.add(topUps.cancel(_operator));
operators[_operator].packedParams = operatorParams.setAmount(0);
transferOrDeposit(operators[_operator].owner, _operator, amount);
emit RecoveredStake(_operator);
}
/// @notice Gets stake delegation info for the given operator.
/// @param _operator Operator address.
/// @return amount The amount of tokens the given operator delegated.
/// @return createdAt The time when the stake has been delegated.
/// @return undelegatedAt The time when undelegation has been requested.
/// If undelegation has not been requested, 0 is returned.
function getDelegationInfo(address _operator)
public view returns (uint256 amount, uint256 createdAt, uint256 undelegatedAt) {
return operators[_operator].packedParams.unpack();
}
/// @notice Locks given operator stake for the specified duration.
/// Locked stake may not be recovered until the lock expires or is released,
/// even if the normal undelegation period has passed.
/// Only previously authorized operator contract can lock the stake.
/// @param operator Operator address.
/// @param duration Lock duration in seconds.
function lockStake(
address operator,
uint256 duration
) public onlyApprovedOperatorContract(msg.sender) {
require(
isAuthorizedForOperator(operator, msg.sender),
"Not authorized"
);
uint256 operatorParams = operators[operator].packedParams;
require(
_isInitialized(operatorParams),
"Inactive stake"
);
require(
!_isUndelegating(operatorParams),
"Undelegating stake"
);
locks.lockStake(operator, duration);
}
/// @notice Removes a lock the caller had previously placed on the operator.
/// @dev Only for operator contracts.
/// To remove expired or disabled locks, use `releaseExpiredLocks`.
/// The authorization check ensures that the caller must have been able
/// to place a lock on the operator sometime in the past.
/// We don't need to check for current approval status of the caller
/// because unlocking stake cannot harm the operator
/// nor interfere with other operator contracts.
/// Therefore even disabled operator contracts may freely unlock stake.
/// @param operator Operator address.
function unlockStake(
address operator
) public {
require(
isAuthorizedForOperator(operator, msg.sender),
"Not authorized"
);
locks.releaseLock(operator);
}
/// @notice Removes the lock of the specified operator contract
/// if the lock has expired or the contract has been disabled.
/// @dev Necessary for removing locks placed by contracts
/// that have been disabled by the panic button.
/// Also applicable to prevent inadvertent DoS of `recoverStake`
/// if too many operator contracts have failed to clean up their locks.
function releaseExpiredLock(
address operator,
address operatorContract
) public {
locks.releaseExpiredLock(operator, operatorContract, address(this));
}
/// @notice Check whether the operator has any active locks
/// that haven't expired yet
/// and whose creators aren't disabled by the panic button.
function isStakeLocked(address operator) public view returns (bool) {
return locks.isStakeLocked(operator, address(this));
}
/// @notice Get the locks placed on the operator.
/// @return creators The addresses of operator contracts
/// that have placed a lock on the operator.
/// @return expirations The expiration times
/// of the locks placed on the operator.
function getLocks(address operator)
public
view
returns (address[] memory creators, uint256[] memory expirations) {
return locks.getLocks(operator);
}
/// @notice Slash provided token amount from every member in the misbehaved
/// operators array and burn 100% of all the tokens.
/// @param amountToSlash Token amount to slash from every misbehaved operator.
/// @param misbehavedOperators Array of addresses to seize the tokens from.
function slash(uint256 amountToSlash, address[] memory misbehavedOperators)
public
onlyApprovedOperatorContract(msg.sender) {
uint256 totalAmountToBurn;
address authoritySource = getAuthoritySource(msg.sender);
for (uint i = 0; i < misbehavedOperators.length; i++) {
address operator = misbehavedOperators[i];
require(authorizations[authoritySource][operator], "Not authorized");
uint256 operatorParams = operators[operator].packedParams;
require(
_isInitialized(operatorParams),
"Inactive stake"
);
require(
!_isStakeReleased(operator, operatorParams, msg.sender),
"Stake is released"
);
uint256 currentAmount = operatorParams.getAmount();
if (currentAmount < amountToSlash) {
totalAmountToBurn = totalAmountToBurn.add(currentAmount);
operators[operator].packedParams = operatorParams.setAmount(0);
emit TokensSlashed(operator, currentAmount);
} else {
totalAmountToBurn = totalAmountToBurn.add(amountToSlash);
operators[operator].packedParams = operatorParams.setAmount(
currentAmount.sub(amountToSlash)
);
emit TokensSlashed(operator, amountToSlash);
}
}
token.burn(totalAmountToBurn);
}
/// @notice Seize provided token amount from every member in the misbehaved
/// operators array. The tattletale is rewarded with 5% of the total seized
/// amount scaled by the reward adjustment parameter and the rest 95% is burned.
/// @param amountToSeize Token amount to seize from every misbehaved operator.
/// @param rewardMultiplier Reward adjustment in percentage. Min 1% and 100% max.
/// @param tattletale Address to receive the 5% reward.
/// @param misbehavedOperators Array of addresses to seize the tokens from.
function seize(
uint256 amountToSeize,
uint256 rewardMultiplier,
address tattletale,
address[] memory misbehavedOperators
) public onlyApprovedOperatorContract(msg.sender) {
uint256 totalAmountToBurn;
address authoritySource = getAuthoritySource(msg.sender);
for (uint i = 0; i < misbehavedOperators.length; i++) {
address operator = misbehavedOperators[i];
require(authorizations[authoritySource][operator], "Not authorized");
uint256 operatorParams = operators[operator].packedParams;
require(
_isInitialized(operatorParams),
"Inactive stake"
);
require(
!_isStakeReleased(operator, operatorParams, msg.sender),
"Stake is released"
);
uint256 currentAmount = operatorParams.getAmount();
if (currentAmount < amountToSeize) {
totalAmountToBurn = totalAmountToBurn.add(currentAmount);
operators[operator].packedParams = operatorParams.setAmount(0);
emit TokensSeized(operator, currentAmount);
} else {
totalAmountToBurn = totalAmountToBurn.add(amountToSeize);
operators[operator].packedParams = operatorParams.setAmount(
currentAmount.sub(amountToSeize)
);
emit TokensSeized(operator, amountToSeize);
}
}
uint256 tattletaleReward = (totalAmountToBurn.percent(5)).percent(rewardMultiplier);
token.safeTransfer(tattletale, tattletaleReward);
token.burn(totalAmountToBurn.sub(tattletaleReward));
}
/// @notice Allows the current staking relationship owner to transfer the
/// ownership to someone else.
/// @param operator Address of the stake operator.
/// @param newOwner Address of the new staking relationship owner.
function transferStakeOwnership(address operator, address newOwner) public {
require(msg.sender == operators[operator].owner, "Not authorized");
operators[operator].owner = newOwner;
emit StakeOwnershipTransferred(operator, newOwner);
}
/// @notice Gets the eligible stake balance of the specified address.
/// An eligible stake is a stake that passed the initialization period
/// and is not currently undelegating. Also, the operator had to approve
/// the specified operator contract.
///
/// Operator with a minimum required amount of eligible stake can join the
/// network and participate in new work selection.
///
/// @param _operator address of stake operator.
/// @param _operatorContract address of operator contract.
/// @return an uint256 representing the eligible stake balance.
function eligibleStake(
address _operator,
address _operatorContract
) public view returns (uint256 balance) {
uint256 operatorParams = operators[_operator].packedParams;
// To be eligible for work selection, the operator must:
// - have the operator contract authorized
// - have the stake initialized
// - must not be undelegating; keep in mind the `undelegatedAt` may be
// set to a time in the future, to schedule undelegation in advance.
// In this case the operator is still eligible until the timestamp
// `undelegatedAt`.
if (
isAuthorizedForOperator(_operator, _operatorContract) &&
_isInitialized(operatorParams) &&
!_isUndelegating(operatorParams)
) {
balance = operatorParams.getAmount();
}
}
/// @notice Gets the active stake balance of the specified address.
/// An active stake is a stake that passed the initialization period,
/// and may be in the process of undelegation
/// but has not been released yet,
/// either because the undelegation period is not over,
/// or because the operator contract has an active lock on the operator.
/// Also, the operator had to approve the specified operator contract.
///
/// The difference between eligible stake is that active stake does not make
/// the operator eligible for work selection but it may be still finishing
/// earlier work until the stake is released.
/// Operator with a minimum required
/// amount of active stake can join the network but cannot be selected to any
/// new work.
///
/// @param _operator address of stake operator.
/// @param _operatorContract address of operator contract.
/// @return an uint256 representing the eligible stake balance.
function activeStake(
address _operator,
address _operatorContract
) public view returns (uint256 balance) {
uint256 operatorParams = operators[_operator].packedParams;
if (
isAuthorizedForOperator(_operator, _operatorContract) &&
_isInitialized(operatorParams) &&
!_isStakeReleased(
_operator,
operatorParams,
_operatorContract
)
) {
balance = operatorParams.getAmount();
}
}
/// @notice Checks if the specified account has enough active stake to become
/// network operator and that the specified operator contract has been
/// authorized for potential slashing.
///
/// Having the required minimum of active stake makes the operator eligible
/// to join the network. If the active stake is not currently undelegating,
/// operator is also eligible for work selection.
///
/// @param staker Staker's address
/// @param operatorContract Operator contract's address
/// @return True if has enough active stake to participate in the network,
/// false otherwise.
function hasMinimumStake(
address staker,
address operatorContract
) public view returns(bool) {
return activeStake(staker, operatorContract) >= minimumStake();
}
/// @notice Is the operator with the given params initialized
function _isInitialized(uint256 _operatorParams)
internal view returns (bool) {
return block.timestamp > _operatorParams.getCreationTimestamp().add(initializationPeriod);
}
/// @notice Is the operator with the given params undelegating
function _isUndelegating(uint256 _operatorParams)
internal view returns (bool) {
uint256 undelegatedAt = _operatorParams.getUndelegationTimestamp();
return (undelegatedAt != 0) && (block.timestamp > undelegatedAt);
}
/// @notice Has the operator with the given params finished undelegating
function _isUndelegatingFinished(uint256 _operatorParams)
internal view returns (bool) {
uint256 undelegatedAt = _operatorParams.getUndelegationTimestamp();
return (undelegatedAt != 0) && (block.timestamp > undelegatedAt.add(undelegationPeriod()));
}
/// @notice Get whether the operator's stake is released
/// as far as the operator contract is concerned.
/// If the operator contract has a lock on the operator,
/// the operator's stake is be released when the lock expires.
/// Otherwise the stake is released when the operator finishes undelegating.
function _isStakeReleased(
address _operator,
uint256 _operatorParams,
address _operatorContract
) internal view returns (bool) {
return _isUndelegatingFinished(_operatorParams) &&
locks.isStakeReleased(_operator, _operatorContract);
}
function transferOrDeposit(
address _owner,
address _operator,
uint256 _amount
) internal {
if (grantStaking.hasGrantDelegated(_operator)) {
// For tokens staked from a grant, transfer them to the escrow.
TokenSender(address(token)).approveAndCall(
address(escrow),
_amount,
abi.encode(_operator, grantStaking.getGrantForOperator(_operator))
);
} else {
// For liquid tokens staked, transfer them straight to the owner.
token.safeTransfer(_owner, _amount);
}
}
}/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "./KeepRegistry.sol";
/// @title AuthorityDelegator
/// @notice An operator contract can delegate authority to other operator
/// contracts by implementing the AuthorityDelegator interface.
///
/// To delegate authority,
/// the recipient of delegated authority must call `claimDelegatedAuthority`,
/// specifying the contract it wants delegated authority from.
/// The staking contract calls `delegator.__isRecognized(recipient)`
/// and if the call returns `true`,
/// the named delegator contract is set as the recipient's authority delegator.
/// Any future checks of registry approval or per-operator authorization
/// will transparently mirror the delegator's status.
///
/// Authority can be delegated recursively;
/// an operator contract receiving delegated authority
/// can recognize other operator contracts as recipients of its authority.
interface AuthorityDelegator {
function __isRecognized(address delegatedAuthorityRecipient) external returns (bool);
}
/// @title AuthorityVerifier
/// @notice An operator contract can delegate authority to other operator
/// contracts. Entry in the registry is not updated and source contract remains
/// listed there as authorized. This interface is a verifier that support verification
/// of contract authorization in case of authority delegation from the source contract.
interface AuthorityVerifier {
/// @notice Returns true if the given operator contract has been approved
/// for use. The function never reverts.
function isApprovedOperatorContract(address _operatorContract)
external
view
returns (bool);
}
contract Authorizations is AuthorityVerifier {
// Authorized operator contracts.
mapping(address => mapping (address => bool)) internal authorizations;
// Granters of delegated authority to operator contracts.
// E.g. keep factories granting delegated authority to keeps.
// `delegatedAuthority[keep] = factory`
mapping(address => address) internal delegatedAuthority;
// Registry contract with a list of approved operator contracts and upgraders.
KeepRegistry internal registry;
modifier onlyApprovedOperatorContract(address operatorContract) {
require(
isApprovedOperatorContract(operatorContract),
"Operator contract unapproved"
);
_;
}
constructor(KeepRegistry _registry) public {
registry = _registry;
}
/// @notice Gets the authorizer for the specified operator address.
/// @return Authorizer address.
function authorizerOf(address _operator) public view returns (address);
/// @notice Authorizes operator contract to access staked token balance of
/// the provided operator. Can only be executed by stake operator authorizer.
/// Contracts using delegated authority
/// cannot be authorized with `authorizeOperatorContract`.
/// Instead, authorize `getAuthoritySource(_operatorContract)`.
/// @param _operator address of stake operator.
/// @param _operatorContract address of operator contract.
function authorizeOperatorContract(address _operator, address _operatorContract)
public
onlyApprovedOperatorContract(_operatorContract) {
require(
authorizerOf(_operator) == msg.sender,
"Not operator authorizer"
);
require(
getAuthoritySource(_operatorContract) == _operatorContract,
"Delegated authority used"
);
authorizations[_operatorContract][_operator] = true;
}
/// @notice Checks if operator contract has access to the staked token balance of
/// the provided operator.
/// @param _operator address of stake operator.
/// @param _operatorContract address of operator contract.
function isAuthorizedForOperator(
address _operator,
address _operatorContract
) public view returns (bool) {
return authorizations[getAuthoritySource(_operatorContract)][_operator];
}
/// @notice Grant the sender the same authority as `delegatedAuthoritySource`
/// @dev If `delegatedAuthoritySource` is an approved operator contract
/// and recognizes the claimant, this relationship will be recorded in
/// `delegatedAuthority`. Later, the claimant can slash, seize, place locks etc.
/// on operators that have authorized the `delegatedAuthoritySource`.
/// If the `delegatedAuthoritySource` is disabled with the panic button,
/// any recipients of delegated authority from it will also be disabled.
function claimDelegatedAuthority(
address delegatedAuthoritySource
) public onlyApprovedOperatorContract(delegatedAuthoritySource) {
require(
AuthorityDelegator(delegatedAuthoritySource).__isRecognized(msg.sender),
"Unrecognized claimant"
);
delegatedAuthority[msg.sender] = delegatedAuthoritySource;
}
/// @notice Checks if the operator contract is authorized in the registry.
/// If the contract uses delegated authority it checks authorization of the
/// source contract.
/// @param _operatorContract address of operator contract.
/// @return True if operator contract is approved, false if operator contract
/// has not been approved or if it was disabled by the panic button.
function isApprovedOperatorContract(address _operatorContract)
public
view
returns (bool)
{
return
registry.isApprovedOperatorContract(
getAuthoritySource(_operatorContract)
);
}
/// @notice Get the source of the operator contract's authority.
/// If the contract uses delegated authority,
/// returns the original source of the delegated authority.
/// If the contract doesn't use delegated authority,
/// returns the contract itself.
/// Authorize `getAuthoritySource(operatorContract)`
/// to grant `operatorContract` the authority to penalize an operator.
function getAuthoritySource(
address operatorContract
) public view returns (address) {
address delegatedAuthoritySource = delegatedAuthority[operatorContract];
if (delegatedAuthoritySource == address(0)) {
return operatorContract;
}
return getAuthoritySource(delegatedAuthoritySource);
}
}pragma solidity 0.5.17;
/// @title KeepRegistry
/// @notice Governance owned registry of approved contracts and roles.
contract KeepRegistry {
enum ContractStatus {New, Approved, Disabled}
// Governance role is to enable recovery from key compromise by rekeying
// other roles. Also, it can disable operator contract panic buttons
// permanently.
address public governance;
// Registry Keeper maintains approved operator contracts. Each operator
// contract must be approved before it can be authorized by a staker or
// used by a service contract.
address public registryKeeper;
// Each operator contract has a Panic Button which can disable malicious
// or malfunctioning contract that have been previously approved by the
// Registry Keeper.
//
// New operator contract added to the registry has a default panic button
// value assigned (defaultPanicButton). Panic button for each operator
// contract can be later updated by Governance to individual value.
//
// It is possible to disable panic button for individual contract by
// setting the panic button to zero address. In such case, operator contract
// can not be disabled and is permanently approved in the registry.
mapping(address => address) public panicButtons;
// Default panic button for each new operator contract added to the
// registry. Can be later updated for each contract.
address public defaultPanicButton;
// Each service contract has a Operator Contract Upgrader whose purpose
// is to manage operator contracts for that specific service contract.
// The Operator Contract Upgrader can add new operator contracts to the
// service contract’s operator contract list, and deprecate old ones.
mapping(address => address) public operatorContractUpgraders;
// Operator contract may have a Service Contract Upgrader whose purpose is
// to manage service contracts for that specific operator contract.
// Service Contract Upgrader can add and remove service contracts
// from the list of service contracts approved to work with the operator
// contract. List of service contracts is maintained in the operator
// contract and is optional - not every operator contract needs to have
// a list of service contracts it wants to cooperate with.
mapping(address => address) public serviceContractUpgraders;
// The registry of operator contracts
mapping(address => ContractStatus) public operatorContracts;
event OperatorContractApproved(address operatorContract);
event OperatorContractDisabled(address operatorContract);
event GovernanceUpdated(address governance);
event RegistryKeeperUpdated(address registryKeeper);
event DefaultPanicButtonUpdated(address defaultPanicButton);
event OperatorContractPanicButtonDisabled(address operatorContract);
event OperatorContractPanicButtonUpdated(
address operatorContract,
address panicButton
);
event OperatorContractUpgraderUpdated(
address serviceContract,
address upgrader
);
event ServiceContractUpgraderUpdated(
address operatorContract,
address keeper
);
modifier onlyGovernance() {
require(governance == msg.sender, "Not authorized");
_;
}
modifier onlyRegistryKeeper() {
require(registryKeeper == msg.sender, "Not authorized");
_;
}
modifier onlyPanicButton(address _operatorContract) {
address panicButton = panicButtons[_operatorContract];
require(panicButton != address(0), "Panic button disabled");
require(panicButton == msg.sender, "Not authorized");
_;
}
modifier onlyForNewContract(address _operatorContract) {
require(
isNewOperatorContract(_operatorContract),
"Not a new operator contract"
);
_;
}
modifier onlyForApprovedContract(address _operatorContract) {
require(
isApprovedOperatorContract(_operatorContract),
"Not an approved operator contract"
);
_;
}
constructor() public {
governance = msg.sender;
registryKeeper = msg.sender;
defaultPanicButton = msg.sender;
}
function setGovernance(address _governance) public onlyGovernance {
governance = _governance;
emit GovernanceUpdated(governance);
}
function setRegistryKeeper(address _registryKeeper) public onlyGovernance {
registryKeeper = _registryKeeper;
emit RegistryKeeperUpdated(registryKeeper);
}
function setDefaultPanicButton(address _panicButton) public onlyGovernance {
defaultPanicButton = _panicButton;
emit DefaultPanicButtonUpdated(defaultPanicButton);
}
function setOperatorContractPanicButton(
address _operatorContract,
address _panicButton
) public onlyForApprovedContract(_operatorContract) onlyGovernance {
require(
panicButtons[_operatorContract] != address(0),
"Disabled panic button cannot be updated"
);
require(
_panicButton != address(0),
"Panic button must be non-zero address"
);
panicButtons[_operatorContract] = _panicButton;
emit OperatorContractPanicButtonUpdated(
_operatorContract,
_panicButton
);
}
function disableOperatorContractPanicButton(address _operatorContract)
public
onlyForApprovedContract(_operatorContract)
onlyGovernance
{
require(
panicButtons[_operatorContract] != address(0),
"Panic button already disabled"
);
panicButtons[_operatorContract] = address(0);
emit OperatorContractPanicButtonDisabled(_operatorContract);
}
function setOperatorContractUpgrader(
address _serviceContract,
address _operatorContractUpgrader
) public onlyGovernance {
operatorContractUpgraders[_serviceContract] = _operatorContractUpgrader;
emit OperatorContractUpgraderUpdated(
_serviceContract,
_operatorContractUpgrader
);
}
function setServiceContractUpgrader(
address _operatorContract,
address _serviceContractUpgrader
) public onlyGovernance {
serviceContractUpgraders[_operatorContract] = _serviceContractUpgrader;
emit ServiceContractUpgraderUpdated(
_operatorContract,
_serviceContractUpgrader
);
}
function approveOperatorContract(address operatorContract)
public
onlyForNewContract(operatorContract)
onlyRegistryKeeper
{
operatorContracts[operatorContract] = ContractStatus.Approved;
panicButtons[operatorContract] = defaultPanicButton;
emit OperatorContractApproved(operatorContract);
}
function disableOperatorContract(address operatorContract)
public
onlyForApprovedContract(operatorContract)
onlyPanicButton(operatorContract)
{
operatorContracts[operatorContract] = ContractStatus.Disabled;
emit OperatorContractDisabled(operatorContract);
}
function isNewOperatorContract(address operatorContract)
public
view
returns (bool)
{
return operatorContracts[operatorContract] == ContractStatus.New;
}
function isApprovedOperatorContract(address operatorContract)
public
view
returns (bool)
{
return operatorContracts[operatorContract] == ContractStatus.Approved;
}
function operatorContractUpgraderFor(address _serviceContract)
public
view
returns (address)
{
return operatorContractUpgraders[_serviceContract];
}
function serviceContractUpgraderFor(address _operatorContract)
public
view
returns (address)
{
return serviceContractUpgraders[_operatorContract];
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
library UnlockingSchedule {
using SafeMath for uint256;
function getUnlockedAmount(
uint256 _now,
uint256 grantedAmount,
uint256 duration,
uint256 start,
uint256 cliff
) internal pure returns (uint256) {
bool cliffNotReached = _now < cliff;
if (cliffNotReached) { return 0; }
uint256 timeElapsed = _now.sub(start);
bool unlockingPeriodFinished = timeElapsed >= duration;
if (unlockingPeriodFinished) { return grantedAmount; }
return grantedAmount.mul(timeElapsed).div(duration);
}
}pragma solidity 0.5.17;
library AddressArrayUtils {
function contains(address[] memory self, address _address)
internal
pure
returns (bool)
{
for (uint i = 0; i < self.length; i++) {
if (_address == self[i]) {
return true;
}
}
return false;
}
function removeAddress(address[] storage self, address _addressToRemove)
internal
returns (address[] storage)
{
for (uint i = 0; i < self.length; i++) {
// If address is found in array.
if (_addressToRemove == self[i]) {
// Delete element at index and shift array.
for (uint j = i; j < self.length-1; j++) {
self[j] = self[j+1];
}
self.length--;
i--;
}
}
return self;
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Burnable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/SafeERC20.sol";
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "./TokenStaking.sol";
import "./TokenSender.sol";
import "./utils/BytesLib.sol";
/// @dev Interface of sender contract for approveAndCall pattern.
interface tokenSender {
function approveAndCall(address _spender, uint256 _value, bytes calldata _extraData) external;
}
contract TokenGrantStake {
using SafeMath for uint256;
using BytesLib for bytes;
ERC20Burnable token;
TokenStaking tokenStaking;
address tokenGrant; // Address of the master grant contract.
uint256 grantId; // ID of the grant for this stake.
uint256 amount; // Amount of staked tokens.
address operator; // Operator of the stake.
constructor(
address _tokenAddress,
uint256 _grantId,
address _tokenStaking
) public {
require(
_tokenAddress != address(0x0),
"Token address can't be zero."
);
require(
_tokenStaking != address(0x0),
"Staking contract address can't be zero."
);
token = ERC20Burnable(_tokenAddress);
tokenGrant = msg.sender;
grantId = _grantId;
tokenStaking = TokenStaking(_tokenStaking);
}
function stake(
uint256 _amount,
bytes memory _extraData
) public onlyGrant {
amount = _amount;
operator = _extraData.toAddress(20);
tokenSender(address(token)).approveAndCall(
address(tokenStaking),
_amount,
_extraData
);
}
function getGrantId() public view onlyGrant returns (uint256) {
return grantId;
}
function getAmount() public view onlyGrant returns (uint256) {
return amount;
}
function getStakingContract() public view onlyGrant returns (address) {
return address(tokenStaking);
}
function getDetails() public view onlyGrant returns (
uint256 _grantId,
uint256 _amount,
address _tokenStaking
) {
return (
grantId,
amount,
address(tokenStaking)
);
}
function cancelStake() public onlyGrant returns (uint256) {
tokenStaking.cancelStake(operator);
return returnTokens();
}
function undelegate() public onlyGrant {
tokenStaking.undelegate(operator);
}
function recoverStake() public onlyGrant returns (uint256) {
tokenStaking.recoverStake(operator);
return returnTokens();
}
function returnTokens() internal returns (uint256) {
uint256 returnedAmount = token.balanceOf(address(this));
amount -= returnedAmount;
token.transfer(tokenGrant, returnedAmount);
return returnedAmount;
}
modifier onlyGrant {
require(
msg.sender == tokenGrant,
"For token grant contract only"
);
_;
}
}pragma solidity 0.5.17;
/// @title GrantStakingPolicy
/// @notice A staking policy defines the function `getStakeableAmount`
/// which calculates how many tokens may be staked from a token grant.
contract GrantStakingPolicy {
function getStakeableAmount(
uint256 _now,
uint256 grantedAmount,
uint256 duration,
uint256 start,
uint256 cliff,
uint256 withdrawn) public view returns (uint256);
}/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/SafeERC20.sol";
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "./libraries/grant/UnlockingSchedule.sol";
import "./utils/BytesLib.sol";
import "./KeepToken.sol";
import "./utils/BytesLib.sol";
import "./TokenGrant.sol";
import "./ManagedGrant.sol";
import "./TokenSender.sol";
/// @title TokenStakingEscrow
/// @notice Escrow lets the staking contract to deposit undelegated, granted
/// tokens and either withdraw them based on the grant unlocking schedule or
/// re-delegate them to another operator.
/// @dev The owner of TokenStakingEscrow is TokenStaking contract and only owner
/// can deposit. This contract works with an assumption that operator is unique
/// in the scope of `TokenStaking`, that is, no more than one delegation in the
/// `TokenStaking` can be done do the given operator ever. Even if the previous
/// delegation ended, operator address cannot be reused.
contract TokenStakingEscrow is Ownable {
using SafeERC20 for IERC20;
using SafeMath for uint256;
using BytesLib for bytes;
using UnlockingSchedule for uint256;
event Deposited(
address indexed operator,
uint256 indexed grantId,
uint256 amount
);
event DepositRedelegated(
address indexed previousOperator,
address indexed newOperator,
uint256 indexed grantId,
uint256 amount
);
event DepositWithdrawn(
address indexed operator,
address indexed grantee,
uint256 amount
);
event RevokedDepositWithdrawn(
address indexed operator,
address indexed grantManager,
uint256 amount
);
event EscrowAuthorized(
address indexed grantManager,
address escrow
);
IERC20 public keepToken;
TokenGrant public tokenGrant;
struct Deposit {
uint256 grantId;
uint256 amount;
uint256 withdrawn;
uint256 redelegated;
}
// operator address -> KEEP deposit
mapping(address => Deposit) internal deposits;
// Other escrows authorized by grant manager. Grantee may request to migrate
// tokens to another authorized escrow.
// grant manager -> escrow -> authorized?
mapping(address => mapping (address => bool)) internal authorizedEscrows;
constructor(
KeepToken _keepToken,
TokenGrant _tokenGrant
) public {
keepToken = _keepToken;
tokenGrant = _tokenGrant;
}
/// @notice receiveApproval accepts deposits from staking contract and
/// stores them in the escrow by the operator address from which they were
/// undelegated. Function expects operator address and grant identifier to
/// be passed as ABI-encoded information in extraData. Grant with the given
/// identifier has to exist.
/// @param from Address depositing tokens - it has to be the address of
/// TokenStaking contract owning TokenStakingEscrow.
/// @param value The amount of KEEP tokens deposited.
/// @param token The address of KEEP token contract.
/// @param extraData ABI-encoded data containing operator address (32 bytes)
/// and grant ID (32 bytes).
function receiveApproval(
address from,
uint256 value,
address token,
bytes memory extraData
) public {
require(IERC20(token) == keepToken, "Not a KEEP token");
require(msg.sender == token, "KEEP token is not the sender");
require(extraData.length == 64, "Unexpected data length");
(address operator, uint256 grantId) = abi.decode(
extraData, (address, uint256)
);
receiveDeposit(from, value, operator, grantId);
}
/// @notice Redelegates deposit or part of the deposit to another operator.
/// Uses the same staking contract as the original delegation.
/// @param previousOperator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
/// @dev Only grantee is allowed to call this function. For managed grant,
/// caller has to be the managed grantee.
/// @param amount Amount of tokens to delegate.
/// @param extraData Data for stake delegation. This byte array must have
/// the following values concatenated:
/// - Beneficiary address (20 bytes)
/// - Operator address (20 bytes)
/// - Authorizer address (20 bytes)
function redelegate(
address previousOperator,
uint256 amount,
bytes memory extraData
) public {
require(extraData.length == 60, "Corrupted delegation data");
Deposit memory deposit = deposits[previousOperator];
uint256 grantId = deposit.grantId;
address newOperator = extraData.toAddress(20);
require(isGrantee(msg.sender, grantId), "Not authorized");
require(getAmountRevoked(grantId) == 0, "Grant revoked");
require(
availableAmount(previousOperator) >= amount,
"Insufficient balance"
);
require(
!hasDeposit(newOperator),
"Redelegating to previously used operator is not allowed"
);
deposits[previousOperator].redelegated = deposit.redelegated.add(amount);
TokenSender(address(keepToken)).approveAndCall(
owner(), // TokenStaking contract associated with the escrow
amount,
abi.encodePacked(extraData, grantId)
);
emit DepositRedelegated(
previousOperator,
newOperator,
grantId,
amount
);
}
/// @notice Returns true if there is a deposit for the given operator in
/// the escrow. Otherwise, returns false.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function hasDeposit(address operator) public view returns (bool) {
return depositedAmount(operator) > 0;
}
/// @notice Returns the currently available amount deposited in the escrow
/// that may or may not be currently withdrawable. The available amount
/// is the amount initially deposited minus the amount withdrawn and
/// redelegated so far from that deposit.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function availableAmount(address operator) public view returns (uint256) {
Deposit memory deposit = deposits[operator];
return deposit.amount.sub(deposit.withdrawn).sub(deposit.redelegated);
}
/// @notice Returns the total amount deposited in the escrow after
/// undelegating it from the provided operator.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function depositedAmount(address operator) public view returns (uint256) {
return deposits[operator].amount;
}
/// @notice Returns grant ID for the amount deposited in the escrow after
/// undelegating it from the provided operator.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function depositGrantId(address operator) public view returns (uint256) {
return deposits[operator].grantId;
}
/// @notice Returns the amount withdrawn so far from the value deposited
/// in the escrow contract after undelegating it from the provided operator.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function depositWithdrawnAmount(address operator) public view returns (uint256) {
return deposits[operator].withdrawn;
}
/// @notice Returns the total amount redelegated so far from the value
/// deposited in the escrow contract after undelegating it from the provided
/// operator.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function depositRedelegatedAmount(address operator) public view returns (uint256) {
return deposits[operator].redelegated;
}
/// @notice Returns the currently withdrawable amount that was previously
/// deposited in the escrow after undelegating it from the provided operator.
/// Tokens are unlocked based on their grant unlocking schedule.
/// Function returns 0 for non-existing deposits and revoked grants if they
/// have been revoked before they fully unlocked.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function withdrawable(address operator) public view returns (uint256) {
Deposit memory deposit = deposits[operator];
// Staked tokens can be only withdrawn by grantee for non-revoked grant
// assuming that grant has not fully unlocked before it's been
// revoked.
//
// It is not possible for the escrow to determine the number of tokens
// it should return to the grantee of a revoked grant given different
// possible staking contracts and staking policies.
//
// If the entire grant unlocked before it's been reverted, escrow
// lets to withdraw the entire deposited amount.
if (getAmountRevoked(deposit.grantId) == 0) {
(
uint256 duration,
uint256 start,
uint256 cliff
) = getUnlockingSchedule(deposit.grantId);
uint256 unlocked = now.getUnlockedAmount(
deposit.amount,
duration,
start,
cliff
);
if (deposit.withdrawn.add(deposit.redelegated) < unlocked) {
return unlocked.sub(deposit.withdrawn).sub(deposit.redelegated);
}
}
return 0;
}
/// @notice Withdraws currently unlocked tokens deposited in the escrow
/// after undelegating them from the provided operator. Only grantee or
/// operator can call this function. Important: this function can not be
/// called for a `ManagedGrant` grantee. This may lead to locking tokens.
/// For `ManagedGrant`, please use `withdrawToManagedGrantee` instead.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function withdraw(address operator) public {
Deposit memory deposit = deposits[operator];
address grantee = getGrantee(deposit.grantId);
// Make sure this function is not called for a managed grant.
// If called for a managed grant, tokens could be locked there.
// Better be safe than sorry.
(bool success, ) = address(this).call(
abi.encodeWithSignature("getManagedGrantee(address)", grantee)
);
require(!success, "Can not be called for managed grant");
require(
msg.sender == grantee || msg.sender == operator,
"Only grantee or operator can withdraw"
);
withdraw(deposit, operator, grantee);
}
/// @notice Withdraws currently unlocked tokens deposited in the escrow
/// after undelegating them from the provided operator. Only grantee or
/// operator can call this function. This function works only for
/// `ManagedGrant` grantees. For a standard grant, please use `withdraw`
/// instead.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function withdrawToManagedGrantee(address operator) public {
Deposit memory deposit = deposits[operator];
address managedGrant = getGrantee(deposit.grantId);
address grantee = getManagedGrantee(managedGrant);
require(
msg.sender == grantee || msg.sender == operator,
"Only grantee or operator can withdraw"
);
withdraw(deposit, operator, grantee);
}
/// @notice Migrates all available tokens to another authorized escrow.
/// Can be requested only by grantee.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
/// @param receivingEscrow Escrow to which tokens should be migrated.
/// @dev The receiving escrow needs to accept deposits from this escrow, at
/// least for the period of migration.
function migrate(
address operator,
address receivingEscrow
) public {
Deposit memory deposit = deposits[operator];
require(isGrantee(msg.sender, deposit.grantId), "Not authorized");
address grantManager = getGrantManager(deposit.grantId);
require(
authorizedEscrows[grantManager][receivingEscrow],
"Escrow not authorized"
);
uint256 amountLeft = availableAmount(operator);
deposits[operator].withdrawn = deposit.withdrawn.add(amountLeft);
TokenSender(address(keepToken)).approveAndCall(
receivingEscrow,
amountLeft,
abi.encode(operator, deposit.grantId)
);
}
/// @notice Withdraws the entire amount that is still deposited in the
/// escrow in case the grant has been revoked. Anyone can call this function
/// and the entire amount is transferred back to the grant manager.
/// @param operator Address of the operator from the undelegated/canceled
/// delegation from which tokens were deposited.
function withdrawRevoked(address operator) public {
Deposit memory deposit = deposits[operator];
require(
getAmountRevoked(deposit.grantId) > 0,
"No revoked tokens to withdraw"
);
address grantManager = getGrantManager(deposit.grantId);
withdrawRevoked(deposit, operator, grantManager);
}
/// @notice Used by grant manager to authorize another escrows for
// funds migration.
function authorizeEscrow(address anotherEscrow) public {
require(
anotherEscrow != address(0x0),
"Escrow address can't be zero"
);
authorizedEscrows[msg.sender][anotherEscrow] = true;
emit EscrowAuthorized(msg.sender, anotherEscrow);
}
/// @notice Resolves the final grantee of ManagedGrant contract. If the
/// provided address is not a ManagedGrant contract, function reverts.
/// @param managedGrant Address of the managed grant contract.
function getManagedGrantee(
address managedGrant
) public view returns(address) {
ManagedGrant grant = ManagedGrant(managedGrant);
return grant.grantee();
}
function receiveDeposit(
address from,
uint256 value,
address operator,
uint256 grantId
) internal {
// This contract works with an assumption that operator is unique.
// This is fine as long as the staking contract works with the same
// assumption so we are limiting deposits to the staking contract only.
require(from == owner(), "Only owner can deposit");
require(
getAmountGranted(grantId) > 0,
"Grant with this ID does not exist"
);
require(
!hasDeposit(operator),
"Stake for the operator already deposited in the escrow"
);
keepToken.safeTransferFrom(from, address(this), value);
deposits[operator] = Deposit(grantId, value, 0, 0);
emit Deposited(operator, grantId, value);
}
function isGrantee(
address maybeGrantee,
uint256 grantId
) internal returns (bool) {
// Let's check the simplest case first - standard grantee.
// If the given address is set as a grantee for grant with the given ID,
// we return true.
address grantee = getGrantee(grantId);
if (maybeGrantee == grantee) {
return true;
}
// If the given address is not a standard grantee, there is still
// a chance that address is a managed grantee. We are calling
// getManagedGrantee that will cast the grantee to ManagedGrant and try
// to call getGrantee() function. If this call returns non-zero address,
// it means we are dealing with a ManagedGrant.
(, bytes memory result) = address(this).call(
abi.encodeWithSignature("getManagedGrantee(address)", grantee)
);
if (result.length == 0) {
return false;
}
// At this point we know we are dealing with a ManagedGrant, so the last
// thing we need to check is whether the managed grantee of that grant
// is the grantee address passed as a parameter.
address managedGrantee = abi.decode(result, (address));
return maybeGrantee == managedGrantee;
}
function withdraw(
Deposit memory deposit,
address operator,
address grantee
) internal {
uint256 amount = withdrawable(operator);
deposits[operator].withdrawn = deposit.withdrawn.add(amount);
keepToken.safeTransfer(grantee, amount);
emit DepositWithdrawn(operator, grantee, amount);
}
function withdrawRevoked(
Deposit memory deposit,
address operator,
address grantManager
) internal {
uint256 amount = availableAmount(operator);
deposits[operator].withdrawn = amount;
keepToken.safeTransfer(grantManager, amount);
emit RevokedDepositWithdrawn(operator, grantManager, amount);
}
function getAmountGranted(uint256 grantId) internal view returns (
uint256 amountGranted
) {
(amountGranted,,,,,) = tokenGrant.getGrant(grantId);
}
function getAmountRevoked(uint256 grantId) internal view returns (
uint256 amountRevoked
) {
(,,,amountRevoked,,) = tokenGrant.getGrant(grantId);
}
function getUnlockingSchedule(uint256 grantId) internal view returns (
uint256 duration,
uint256 start,
uint256 cliff
) {
(,duration,start,cliff,) = tokenGrant.getGrantUnlockingSchedule(grantId);
}
function getGrantee(uint256 grantId) internal view returns (
address grantee
) {
(,,,,,grantee) = tokenGrant.getGrant(grantId);
}
function getGrantManager(uint256 grantId) internal view returns (
address grantManager
) {
(grantManager,,,,) = tokenGrant.getGrantUnlockingSchedule(grantId);
}
}pragma solidity 0.5.17;
/// @dev Interface of sender contract for approveAndCall pattern.
interface TokenSender {
function approveAndCall(address _spender, uint256 _value, bytes calldata _extraData) external;
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Burnable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Detailed.sol";
/// @dev Interface of recipient contract for approveAndCall pattern.
interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes calldata _extraData) external; }
/// @title KEEP Token
/// @dev Standard ERC20Burnable token
contract KeepToken is ERC20Burnable, ERC20Detailed {
string public constant NAME = "KEEP Token";
string public constant SYMBOL = "KEEP";
uint8 public constant DECIMALS = 18; // The number of digits after the decimal place when displaying token values on-screen.
uint256 public constant INITIAL_SUPPLY = 10**27; // 1 billion tokens, 18 decimal places.
/// @dev Gives msg.sender all of existing tokens.
constructor() public ERC20Detailed(NAME, SYMBOL, DECIMALS) {
_mint(msg.sender, INITIAL_SUPPLY);
}
/// @notice Set allowance for other address and notify.
/// Allows `_spender` to spend no more than `_value` tokens
/// on your behalf and then ping the contract about it.
/// @param _spender The address authorized to spend.
/// @param _value The max amount they can spend.
/// @param _extraData Extra information to send to the approved contract.
function approveAndCall(address _spender, uint256 _value, bytes memory _extraData) public returns (bool success) {
tokenRecipient spender = tokenRecipient(_spender);
if (approve(_spender, _value)) {
spender.receiveApproval(msg.sender, _value, address(this), _extraData);
return true;
}
}
}pragma solidity ^0.5.4;
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Burnable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/SafeERC20.sol";
import "./TokenGrant.sol";
/// @title ManagedGrant
/// @notice A managed grant acts as the grantee towards the token grant contract,
/// proxying instructions from the actual grantee.
/// The address used by the actual grantee
/// to issue instructions and withdraw tokens
/// can be reassigned with the consent of the grant manager.
contract ManagedGrant {
using SafeERC20 for ERC20Burnable;
ERC20Burnable public token;
TokenGrant public tokenGrant;
address public grantManager;
uint256 public grantId;
address public grantee;
address public requestedNewGrantee;
event GranteeReassignmentRequested(
address newGrantee
);
event GranteeReassignmentConfirmed(
address oldGrantee,
address newGrantee
);
event GranteeReassignmentCancelled(
address cancelledRequestedGrantee
);
event GranteeReassignmentChanged(
address previouslyRequestedGrantee,
address newRequestedGrantee
);
event TokensWithdrawn(
address destination,
uint256 amount
);
constructor(
address _tokenAddress,
address _tokenGrant,
address _grantManager,
uint256 _grantId,
address _grantee
) public {
token = ERC20Burnable(_tokenAddress);
tokenGrant = TokenGrant(_tokenGrant);
grantManager = _grantManager;
grantId = _grantId;
grantee = _grantee;
}
/// @notice Request a reassignment of the grantee address.
/// Can only be called by the grantee.
/// @param _newGrantee The requested new grantee.
function requestGranteeReassignment(address _newGrantee)
public
onlyGrantee
noRequestedReassignment
{
_setRequestedNewGrantee(_newGrantee);
emit GranteeReassignmentRequested(_newGrantee);
}
/// @notice Cancel a pending grantee reassignment request.
/// Can only be called by the grantee.
function cancelReassignmentRequest()
public
onlyGrantee
withRequestedReassignment
{
address cancelledGrantee = requestedNewGrantee;
requestedNewGrantee = address(0);
emit GranteeReassignmentCancelled(cancelledGrantee);
}
/// @notice Change a pending reassignment request to a different grantee.
/// Can only be called by the grantee.
/// @param _newGrantee The address of the new requested grantee.
function changeReassignmentRequest(address _newGrantee)
public
onlyGrantee
withRequestedReassignment
{
address previouslyRequestedGrantee = requestedNewGrantee;
require(
previouslyRequestedGrantee != _newGrantee,
"Unchanged reassignment request"
);
_setRequestedNewGrantee(_newGrantee);
emit GranteeReassignmentChanged(previouslyRequestedGrantee, _newGrantee);
}
/// @notice Confirm a grantee reassignment request and set the new grantee as the grantee.
/// Can only be called by the grant manager.
/// @param _newGrantee The address of the new grantee.
/// Must match the currently requested new grantee.
function confirmGranteeReassignment(address _newGrantee)
public
onlyManager
withRequestedReassignment
{
address oldGrantee = grantee;
require(
requestedNewGrantee == _newGrantee,
"Reassignment address mismatch"
);
grantee = requestedNewGrantee;
requestedNewGrantee = address(0);
emit GranteeReassignmentConfirmed(oldGrantee, _newGrantee);
}
/// @notice Withdraw all unlocked tokens from the grant.
function withdraw() public onlyGrantee {
require(
requestedNewGrantee == address(0),
"Can not withdraw with pending reassignment"
);
tokenGrant.withdraw(grantId);
uint256 amount = token.balanceOf(address(this));
token.safeTransfer(grantee, amount);
emit TokensWithdrawn(grantee, amount);
}
/// @notice Stake tokens from the grant.
/// @param _stakingContract The contract to stake the tokens on.
/// @param _amount The amount of tokens to stake.
/// @param _extraData Data for the stake delegation.
/// This byte array must have the following values concatenated:
/// beneficiary address (20 bytes)
/// operator address (20 bytes)
/// authorizer address (20 bytes)
function stake(
address _stakingContract,
uint256 _amount,
bytes memory _extraData
) public onlyGrantee {
tokenGrant.stake(grantId, _stakingContract, _amount, _extraData);
}
/// @notice Cancel delegating tokens to the given operator.
function cancelStake(address _operator) public onlyGranteeOr(_operator) {
tokenGrant.cancelStake(_operator);
}
/// @notice Begin undelegating tokens from the given operator.
function undelegate(address _operator) public onlyGranteeOr(_operator) {
tokenGrant.undelegate(_operator);
}
/// @notice Recover tokens previously staked and delegated to the operator.
function recoverStake(address _operator) public {
tokenGrant.recoverStake(_operator);
}
function _setRequestedNewGrantee(address _newGrantee) internal {
require(_newGrantee != address(0), "Invalid new grantee address");
require(_newGrantee != grantee, "New grantee same as current grantee");
requestedNewGrantee = _newGrantee;
}
modifier withRequestedReassignment {
require(
requestedNewGrantee != address(0),
"No reassignment requested"
);
_;
}
modifier noRequestedReassignment {
require(
requestedNewGrantee == address(0),
"Reassignment already requested"
);
_;
}
modifier onlyGrantee {
require(
msg.sender == grantee,
"Only grantee may perform this action"
);
_;
}
modifier onlyGranteeOr(address _operator) {
require(
msg.sender == grantee || msg.sender == _operator,
"Only grantee or operator may perform this action"
);
_;
}
modifier onlyManager {
require(
msg.sender == grantManager,
"Only grantManager may perform this action"
);
_;
}
}/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
/// @dev Interface expected to be implemented by contracts added as a gas price
/// oracle consumers. Consumers are notified by GasPriceOracle every time gas
/// price change is finalized by calling their refreshGasPrice function. Each
/// consumer may decide to pull the new value from the oracle immediatelly or
/// at the moment right for the consumer.
/// Consumers must be trusted contracts whose refreshGasPrice must always
/// succeed and never consume excessive gas.
interface GasPriceOracleConsumer {
function refreshGasPrice() external;
}
/// @notice Oracle presenting the current gas price. The oracle is manually
/// updated by its owner.
contract GasPriceOracle is Ownable {
using SafeMath for uint256;
event GasPriceUpdated(uint256 newValue);
uint256 public constant governanceDelay = 1 hours;
uint256 public gasPrice;
uint256 public newGasPrice;
uint256 public gasPriceChangeInitiated;
address[] public consumerContracts;
modifier onlyAfterGovernanceDelay {
require(gasPriceChangeInitiated > 0, "Change not initiated");
require(
block.timestamp.sub(gasPriceChangeInitiated) >= governanceDelay,
"Governance delay has not elapsed"
);
_;
}
/// @notice Initialize the gas price update. Change is finalized after
/// the governance delay elapses.
/// @param _newGasPrice New gas price in wei.
function beginGasPriceUpdate(uint256 _newGasPrice) public onlyOwner {
newGasPrice = _newGasPrice;
gasPriceChangeInitiated = block.timestamp;
}
/// @notice Finalizes the gas price update. Finalization may happen only
/// after the governance delay elapses.
function finalizeGasPriceUpdate() public onlyAfterGovernanceDelay {
gasPrice = newGasPrice;
newGasPrice = 0;
gasPriceChangeInitiated = 0;
emit GasPriceUpdated(gasPrice);
for (uint256 i = 0; i < consumerContracts.length; i++) {
GasPriceOracleConsumer(consumerContracts[i]).refreshGasPrice();
}
}
/// @notice Adds a new consumer contract to the oracle. Consumer contract is
/// expected to implement GasPriceOracleConsumer interface and receives
/// a notifcation every time gas price update is finalized.
/// @param consumerContract The new consumer contract to add to the oracle.
function addConsumerContract(address consumerContract) public onlyOwner {
consumerContracts.push(consumerContract);
}
/// @notice Removes consumer contract from the oracle by its index.
/// @param index Index of the consumer contract to be removed.
function removeConsumerContract(uint256 index) public onlyOwner {
require(index < consumerContracts.length, "Invalid index");
consumerContracts[index] = consumerContracts[consumerContracts.length - 1];
consumerContracts.length--;
}
/// @notice Returns all consumer contracts currently registered in the
/// oracle.
function getConsumerContracts() public view returns (address[] memory) {
return consumerContracts;
}
}pragma solidity 0.5.17;
import "../utils/AddressArrayUtils.sol";
import "../StakeDelegatable.sol";
import "../TokenGrant.sol";
import "../ManagedGrant.sol";
/// @title Roles Lookup
/// @notice Library facilitating lookup of roles in stake delegation setup.
library RolesLookup {
using AddressArrayUtils for address[];
/// @notice Returns true if the tokenOwner delegated tokens to operator
/// using the provided stakeDelegatable contract. Othwerwise, returns false.
/// This function works only for the case when tokenOwner own those tokens
/// and those are not tokens from a grant.
function isTokenOwnerForOperator(
address tokenOwner,
address operator,
StakeDelegatable stakeDelegatable
) internal view returns (bool) {
return stakeDelegatable.ownerOf(operator) == tokenOwner;
}
/// @notice Returns true if the grantee delegated tokens to operator
/// with the provided tokenGrant contract. Otherwise, returns false.
/// This function works only for the case when tokens were generated from
/// a non-managed grant, that is, the grantee is a non-contract address to
/// which the delegated tokens were granted.
/// @dev This function does not validate the staking reltionship on
/// a particular staking contract. It only checks whether the grantee
/// staked at least one time with the given operator. If you are interested
/// in a particular token staking contract, you need to perform additional
/// check.
function isGranteeForOperator(
address grantee,
address operator,
TokenGrant tokenGrant
) internal view returns (bool) {
address[] memory operators = tokenGrant.getGranteeOperators(grantee);
return operators.contains(operator);
}
/// @notice Returns true if the grantee from the given managed grant contract
/// delegated tokens to operator with the provided tokenGrant contract.
/// Otherwise, returns false. In case the grantee declared by the managed
/// grant contract does not match the provided grantee, function reverts.
/// This function works only for cases when grantee, from TokenGrant's
/// perspective, is a smart contract exposing grantee() function returning
/// the final grantee. One possibility is the ManagedGrant contract.
/// @dev This function does not validate the staking reltionship on
/// a particular staking contract. It only checks whether the grantee
/// staked at least one time with the given operator. If you are interested
/// in a particular token staking contract, you need to perform additional
/// check.
function isManagedGranteeForOperator(
address grantee,
address operator,
address managedGrantContract,
TokenGrant tokenGrant
) internal view returns (bool) {
require(
ManagedGrant(managedGrantContract).grantee() == grantee,
"Not a grantee of the provided contract"
);
address[] memory operators = tokenGrant.getGranteeOperators(
managedGrantContract
);
return operators.contains(operator);
}
/// @notice Returns true if grant with the given ID has been created with
/// managed grant pointing currently to the grantee passed as a parameter.
/// @dev The function does not revert if grant has not been created with
/// a managed grantee. This function is not a view because it uses low-level
/// call to check if the grant has been created with a managed grant.
/// It does not however modify any state.
function isManagedGranteeForGrant(
address grantee,
uint256 grantId,
TokenGrant tokenGrant
) internal returns (bool) {
(,,,,, address managedGrant) = tokenGrant.getGrant(grantId);
(, bytes memory result) = managedGrant.call(
abi.encodeWithSignature("grantee()")
);
if (result.length == 0) {
return false;
}
address managedGrantee = abi.decode(result, (address));
return grantee == managedGrantee;
}
}pragma solidity 0.5.17;
library LockUtils {
struct Lock {
address creator;
uint96 expiresAt;
}
/// @notice The LockSet is like an array of unique `uint256`s,
/// but additionally supports O(1) membership tests and removals.
/// @dev Because the LockSet relies on a mapping,
/// it can only be used in storage, not in memory.
struct LockSet {
// locks[positions[lock.creator] - 1] = lock
Lock[] locks;
mapping(address => uint256) positions;
}
/// @notice Check whether the LockSet `self` contains a lock by `creator`
function contains(LockSet storage self, address creator)
internal view returns (bool) {
return (self.positions[creator] != 0);
}
function getLockTime(LockSet storage self, address creator)
internal view returns (uint96) {
uint256 positionPlusOne = self.positions[creator];
if (positionPlusOne == 0) { return 0; }
return self.locks[positionPlusOne - 1].expiresAt;
}
/// @notice Set the lock of `creator` to `expiresAt`,
/// overriding the current value if any.
function setLock(
LockSet storage self,
address _creator,
uint96 _expiresAt
) internal {
uint256 positionPlusOne = self.positions[_creator];
Lock memory lock = Lock(_creator, _expiresAt);
// No existing lock
if (positionPlusOne == 0) {
self.locks.push(lock);
self.positions[_creator] = self.locks.length;
// Existing lock present
} else {
self.locks[positionPlusOne - 1].expiresAt = _expiresAt;
}
}
/// @notice Remove the lock of `creator`.
/// If no lock present, do nothing.
function releaseLock(
LockSet storage self,
address _creator
) internal {
uint256 positionPlusOne = self.positions[_creator];
if (positionPlusOne != 0) {
uint256 lockCount = self.locks.length;
if (positionPlusOne != lockCount) {
// Not the last lock,
// so we need to move the last lock into the emptied position.
Lock memory lastLock = self.locks[lockCount - 1];
self.locks[positionPlusOne - 1] = lastLock;
self.positions[lastLock.creator] = positionPlusOne;
}
self.locks.length--;
self.positions[_creator] = 0;
}
}
/// @notice Return the locks of the LockSet `self`.
function enumerate(LockSet storage self)
internal view returns (Lock[] memory) {
return self.locks;
}
}pragma solidity ^0.5.0;
import "../../GSN/Context.sol";
import "./ERC20.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public {
_burn(_msgSender(), amount);
}
/**
* @dev See {ERC20-_burnFrom}.
*/
function burnFrom(address account, uint256 amount) public {
_burnFrom(account, amount);
}
}pragma solidity ^0.5.0;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
contract Context {
// Empty internal constructor, to prevent people from mistakenly deploying
// an instance of this contract, which should be used via inheritance.
constructor () internal { }
// solhint-disable-previous-line no-empty-blocks
function _msgSender() internal view returns (address payable) {
return msg.sender;
}
function _msgData() internal view returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}pragma solidity ^0.5.0;
import "../../GSN/Context.sol";
import "./IERC20.sol";
import "../../math/SafeMath.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal {
require(account != address(0), "ERC20: burn from the zero address");
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
}pragma solidity ^0.5.0;
import "./IERC20.sol";
/**
* @dev Optional functions from the ERC20 standard.
*/
contract ERC20Detailed is IERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Sets the values for `name`, `symbol`, and `decimals`. All three of
* these values are immutable: they can only be set once during
* construction.
*/
constructor (string memory name, string memory symbol, uint8 decimals) public {
_name = name;
_symbol = symbol;
_decimals = decimals;
}
/**
* @dev Returns the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}pragma solidity ^0.5.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}pragma solidity ^0.5.0;
import "./IERC20.sol";
import "../../math/SafeMath.sol";
import "../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for ERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using SafeMath for uint256;
using Address for address;
function safeTransfer(IERC20 token, address to, uint256 value) internal {
callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
// solhint-disable-next-line max-line-length
require((value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).add(value);
callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves.
// A Solidity high level call has three parts:
// 1. The target address is checked to verify it contains contract code
// 2. The call itself is made, and success asserted
// 3. The return value is decoded, which in turn checks the size of the returned data.
// solhint-disable-next-line max-line-length
require(address(token).isContract(), "SafeERC20: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = address(token).call(data);
require(success, "SafeERC20: low-level call failed");
if (returndata.length > 0) { // Return data is optional
// solhint-disable-next-line max-line-length
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}pragma solidity ^0.5.5;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* This test is non-exhaustive, and there may be false-negatives: during the
* execution of a contract's constructor, its address will be reported as
* not containing a contract.
*
* IMPORTANT: It is unsafe to assume that an address for which this
* function returns false is an externally-owned account (EOA) and not a
* contract.
*/
function isContract(address account) internal view returns (bool) {
// This method relies in extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != 0x0 && codehash != accountHash);
}
/**
* @dev Converts an `address` into `address payable`. Note that this is
* simply a type cast: the actual underlying value is not changed.
*
* _Available since v2.4.0._
*/
function toPayable(address account) internal pure returns (address payable) {
return address(uint160(account));
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*
* _Available since v2.4.0._
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-call-value
(bool success, ) = recipient.call.value(amount)("");
require(success, "Address: unable to send value, recipient may have reverted");
}
}/**
▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀
▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌
▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓
Trust math, not hardware.
*/
pragma solidity 0.5.17;
import "./utils/OperatorParams.sol";
/// @title Stake Delegatable
/// @notice A base contract to allow stake delegation for staking contracts.
contract StakeDelegatable {
using OperatorParams for uint256;
mapping(address => Operator) internal operators;
struct Operator {
uint256 packedParams;
address owner;
address payable beneficiary;
address authorizer;
}
/// @notice Gets the stake balance of the specified address.
/// @param _address The address to query the balance of.
/// @return An uint256 representing the amount staked by the passed address.
function balanceOf(address _address) public view returns (uint256 balance) {
return operators[_address].packedParams.getAmount();
}
/// @notice Gets the stake owner for the specified operator address.
/// @return Stake owner address.
function ownerOf(address _operator) public view returns (address) {
return operators[_operator].owner;
}
/// @notice Gets the beneficiary for the specified operator address.
/// @return Beneficiary address.
function beneficiaryOf(address _operator) public view returns (address payable) {
return operators[_operator].beneficiary;
}
/// @notice Gets the authorizer for the specified operator address.
/// @return Authorizer address.
function authorizerOf(address _operator) public view returns (address) {
return operators[_operator].authorizer;
}
}pragma solidity 0.5.17;
library OperatorParams {
// OperatorParams packs values that are commonly used together
// into a single uint256 to reduce the cost functions
// like querying eligibility.
//
// An OperatorParams uint256 contains:
// - the operator's staked token amount (uint128)
// - the operator's creation timestamp (uint64)
// - the operator's undelegation timestamp (uint64)
//
// These are packed as [amount | createdAt | undelegatedAt]
//
// Staked KEEP is stored in an uint128,
// which is sufficient because KEEP tokens have 18 decimals (2^60)
// and there will be at most 10^9 KEEP in existence (2^30).
//
// Creation and undelegation times are stored in an uint64 each.
// Thus uint64s would be sufficient for around 3*10^11 years.
uint256 constant TIMESTAMP_WIDTH = 64;
uint256 constant AMOUNT_WIDTH = 128;
uint256 constant TIMESTAMP_MAX = (2**TIMESTAMP_WIDTH) - 1;
uint256 constant AMOUNT_MAX = (2**AMOUNT_WIDTH) - 1;
uint256 constant CREATION_SHIFT = TIMESTAMP_WIDTH;
uint256 constant AMOUNT_SHIFT = 2 * TIMESTAMP_WIDTH;
function pack(
uint256 amount,
uint256 createdAt,
uint256 undelegatedAt
) internal pure returns (uint256) {
// Check for staked amount overflow.
// We shouldn't actually ever need this.
require(
amount <= AMOUNT_MAX,
"uint128 overflow"
);
// Bitwise OR the timestamps together.
// The resulting number is equal or greater than either,
// and tells if we have a bit set outside the 64 available bits.
require(
(createdAt | undelegatedAt) <= TIMESTAMP_MAX,
"uint64 overflow"
);
return (amount << AMOUNT_SHIFT | createdAt << CREATION_SHIFT | undelegatedAt);
}
function unpack(uint256 packedParams) internal pure returns (
uint256 amount,
uint256 createdAt,
uint256 undelegatedAt
) {
amount = getAmount(packedParams);
createdAt = getCreationTimestamp(packedParams);
undelegatedAt = getUndelegationTimestamp(packedParams);
}
function getAmount(uint256 packedParams)
internal pure returns (uint256) {
return (packedParams >> AMOUNT_SHIFT) & AMOUNT_MAX;
}
function setAmount(
uint256 packedParams,
uint256 amount
) internal pure returns (uint256) {
return pack(
amount,
getCreationTimestamp(packedParams),
getUndelegationTimestamp(packedParams)
);
}
function getCreationTimestamp(uint256 packedParams)
internal pure returns (uint256) {
return (packedParams >> CREATION_SHIFT) & TIMESTAMP_MAX;
}
function setCreationTimestamp(
uint256 packedParams,
uint256 creationTimestamp
) internal pure returns (uint256) {
return pack(
getAmount(packedParams),
creationTimestamp,
getUndelegationTimestamp(packedParams)
);
}
function getUndelegationTimestamp(uint256 packedParams)
internal pure returns (uint256) {
return packedParams & TIMESTAMP_MAX;
}
function setUndelegationTimestamp(
uint256 packedParams,
uint256 undelegationTimestamp
) internal pure returns (uint256) {
return pack(
getAmount(packedParams),
getCreationTimestamp(packedParams),
undelegationTimestamp
);
}
function setAmountAndCreationTimestamp(
uint256 packedParams,
uint256 amount,
uint256 creationTimestamp
) internal pure returns (uint256) {
return pack(
amount,
creationTimestamp,
getUndelegationTimestamp(packedParams)
);
}
}pragma solidity ^0.5.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
/// @notice MinimumStakeSchedule defines the minimum stake parametrization and
/// schedule. It starts with a minimum stake of 100k KEEP. Over the following
/// 2 years, the minimum stake is lowered periodically using a uniform stepwise
/// function, eventually ending at 10k.
library MinimumStakeSchedule {
using SafeMath for uint256;
// 2 years in seconds (seconds per day * days in a year * years)
uint256 public constant schedule = 86400 * 365 * 2;
uint256 public constant steps = 10;
uint256 public constant base = 10000 * 1e18;
/// @notice Returns the current value of the minimum stake. The minimum
/// stake is lowered periodically over the course of 2 years since the time
/// of the shedule start and eventually ends at 10k KEEP.
function current(uint256 scheduleStart) internal view returns (uint256) {
if (now < scheduleStart.add(schedule)) {
uint256 currentStep = steps.mul(now.sub(scheduleStart)).div(schedule);
return base.mul(steps.sub(currentStep));
}
return base;
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "../../utils/BytesLib.sol";
/// @title Group Selection
/// @notice The group selection protocol is an interactive method of selecting
/// candidate group from the set of all stakers given a pseudorandom seed value.
///
/// The protocol produces a representative result, where each staker's profit is
/// proportional to the number of tokens they have staked. Produced candidate
/// groups are of constant size.
///
/// Group selection protocol accepts seed as an input - a pseudorandom value
/// used to construct candidate tickets. Each candidate group member can
/// submit their tickets. The maximum number of tickets one can submit depends
/// on their staking weight - relation of the minimum stake to the candidate's
/// stake.
///
/// There is a certain timeout, expressed in blocks, when tickets can be
/// submitted. Each ticket is a mix of staker's address, virtual staker index
/// and group selection seed. Candidate group members are selected based on
/// the best tickets submitted. There has to be a minimum number of tickets
/// submitted, equal to the candidate group size so that the protocol can
/// complete successfully.
library GroupSelection {
using SafeMath for uint256;
using BytesLib for bytes;
struct Storage {
// Tickets submitted by member candidates during the current group
// selection execution and accepted by the protocol for the
// consideration.
uint64[] tickets;
// Information about ticket submitters (group member candidates).
mapping(uint256 => address) candidate;
// Pseudorandom seed value used as an input for the group selection.
uint256 seed;
// Timeout in blocks after which the ticket submission is finished.
uint256 ticketSubmissionTimeout;
// Number of block at which the group selection started and from which
// ticket submissions are accepted.
uint256 ticketSubmissionStartBlock;
// Indicates whether a group selection is currently in progress.
// Concurrent group selections are not allowed.
bool inProgress;
// Captures the minimum stake when group selection starts. This is to ensure the
// same staking weight divisor is applied for all member candidates participating.
uint256 minimumStake;
// Map simulates a sorted linked list of ticket values by their indexes.
// key -> value represent indices from the tickets[] array.
// 'key' index holds an index of a ticket and 'value' holds an index
// of the next ticket. Tickets are sorted by their value in
// descending order starting from the tail.
// Ex. tickets = [151, 42, 175, 7]
// tail: 2 because tickets[2] = 175
// previousTicketIndex[0] -> 1
// previousTicketIndex[1] -> 3
// previousTicketIndex[2] -> 0
// previousTicketIndex[3] -> 3 note: index that holds a lowest
// value points to itself because there is no `nil` in Solidity.
// Traversing from tail: [2]->[0]->[1]->[3] result in 175->151->42->7
bytes previousTicketIndices;
// Tail represents an index of a ticket in a tickets[] array which holds
// the highest ticket value. It is a tail of the linked list defined by
// `previousTicketIndex`.
uint256 tail;
// Size of a group in the threshold relay.
uint256 groupSize;
}
/// @notice Starts group selection protocol.
/// @param _seed pseudorandom seed value used as an input for the group
/// selection. All submitted tickets needs to have the seed mixed-in into the
/// value.
function start(Storage storage self, uint256 _seed) public {
// We execute the minimum required cleanup here needed in case the
// previous group selection failed and did not clean up properly in
// finish function.
cleanupTickets(self);
self.inProgress = true;
self.seed = _seed;
self.ticketSubmissionStartBlock = block.number;
}
/// @notice Finishes group selection protocol clearing up all the submitted
/// tickets. This function may be expensive if not executed as a part of
/// another transaction consuming a lot of gas and as a result, getting
/// gas refund for clearing up the storage.
function finish(Storage storage self) public {
cleanupCandidates(self);
cleanupTickets(self);
self.inProgress = false;
}
/// @notice Submits ticket to request to participate in a new candidate group.
/// @param ticket Bytes representation of a ticket that holds the following:
/// - ticketValue: first 8 bytes of a result of keccak256 cryptography hash
/// function on the combination of the group selection seed (previous
/// beacon output), staker-specific value (address) and virtual staker index.
/// - stakerValue: a staker-specific value which is the address of the staker.
/// - virtualStakerIndex: 4-bytes number within a range of 1 to staker's weight;
/// has to be unique for all tickets submitted by the given staker for the
/// current candidate group selection.
/// @param stakingWeight Ratio of the minimum stake to the candidate's
/// stake.
function submitTicket(
Storage storage self,
bytes32 ticket,
uint256 stakingWeight
) public {
uint64 ticketValue;
uint160 stakerValue;
uint32 virtualStakerIndex;
bytes memory ticketBytes = abi.encodePacked(ticket);
/* solium-disable-next-line */
assembly {
// ticket value is 8 bytes long
ticketValue := mload(add(ticketBytes, 8))
// staker value is 20 bytes long
stakerValue := mload(add(ticketBytes, 28))
// virtual staker index is 4 bytes long
virtualStakerIndex := mload(add(ticketBytes, 32))
}
submitTicket(
self,
ticketValue,
uint256(stakerValue),
uint256(virtualStakerIndex),
stakingWeight
);
}
/// @notice Submits ticket to request to participate in a new candidate group.
/// @param ticketValue First 8 bytes of a result of keccak256 cryptography hash
/// function on the combination of the group selection seed (previous
/// beacon output), staker-specific value (address) and virtual staker index.
/// @param stakerValue Staker-specific value which is the address of the staker.
/// @param virtualStakerIndex 4-bytes number within a range of 1 to staker's weight;
/// has to be unique for all tickets submitted by the given staker for the
/// current candidate group selection.
/// @param stakingWeight Ratio of the minimum stake to the candidate's
/// stake.
function submitTicket(
Storage storage self,
uint64 ticketValue,
uint256 stakerValue,
uint256 virtualStakerIndex,
uint256 stakingWeight
) public {
if (block.number > self.ticketSubmissionStartBlock.add(self.ticketSubmissionTimeout)) {
revert("Ticket submission is over");
}
if (self.candidate[ticketValue] != address(0)) {
revert("Duplicate ticket");
}
if (isTicketValid(
ticketValue,
stakerValue,
virtualStakerIndex,
stakingWeight,
self.seed
)) {
addTicket(self, ticketValue);
} else {
revert("Invalid ticket");
}
}
/// @notice Performs full verification of the ticket.
function isTicketValid(
uint64 ticketValue,
uint256 stakerValue,
uint256 virtualStakerIndex,
uint256 stakingWeight,
uint256 groupSelectionSeed
) internal view returns(bool) {
uint64 ticketValueExpected;
bytes memory ticketBytes = abi.encodePacked(
keccak256(
abi.encodePacked(
groupSelectionSeed,
stakerValue,
virtualStakerIndex
)
)
);
// use first 8 bytes to compare ticket values
/* solium-disable-next-line */
assembly {
ticketValueExpected := mload(add(ticketBytes, 8))
}
bool isVirtualStakerIndexValid = virtualStakerIndex > 0 && virtualStakerIndex <= stakingWeight;
bool isStakerValueValid = stakerValue == uint256(msg.sender);
bool isTicketValueValid = ticketValue == ticketValueExpected;
return isVirtualStakerIndexValid && isStakerValueValid && isTicketValueValid;
}
/// @notice Adds a new, verified ticket. Ticket is accepted when it is lower
/// than the currently highest ticket or when the number of tickets is still
/// below the group size.
function addTicket(Storage storage self, uint64 newTicketValue) internal {
uint256[] memory previousTicketIndex = readPreviousTicketIndices(self);
uint256[] memory ordered = getTicketValueOrderedIndices(
self,
previousTicketIndex
);
// any ticket goes when the tickets array size is lower than the group size
if (self.tickets.length < self.groupSize) {
// no tickets
if (self.tickets.length == 0) {
self.tickets.push(newTicketValue);
// higher than the current highest
} else if (newTicketValue > self.tickets[self.tail]) {
self.tickets.push(newTicketValue);
uint256 oldTail = self.tail;
self.tail = self.tickets.length-1;
previousTicketIndex[self.tail] = oldTail;
// lower than the current lowest
} else if (newTicketValue < self.tickets[ordered[0]]) {
self.tickets.push(newTicketValue);
// last element points to itself
previousTicketIndex[self.tickets.length - 1] = self.tickets.length - 1;
// previous lowest ticket points to the new lowest
previousTicketIndex[ordered[0]] = self.tickets.length - 1;
// higher than the lowest ticket value and lower than the highest ticket value
} else {
self.tickets.push(newTicketValue);
uint256 j = findReplacementIndex(self, newTicketValue, ordered);
previousTicketIndex[self.tickets.length - 1] = previousTicketIndex[j];
previousTicketIndex[j] = self.tickets.length - 1;
}
self.candidate[newTicketValue] = msg.sender;
} else if (newTicketValue < self.tickets[self.tail]) {
uint256 ticketToRemove = self.tickets[self.tail];
// new ticket is lower than currently lowest
if (newTicketValue < self.tickets[ordered[0]]) {
// replacing highest ticket with the new lowest
self.tickets[self.tail] = newTicketValue;
uint256 newTail = previousTicketIndex[self.tail];
previousTicketIndex[ordered[0]] = self.tail;
previousTicketIndex[self.tail] = self.tail;
self.tail = newTail;
} else { // new ticket is between lowest and highest
uint256 j = findReplacementIndex(self, newTicketValue, ordered);
self.tickets[self.tail] = newTicketValue;
// do not change the order if a new ticket is still highest
if (j != self.tail) {
uint newTail = previousTicketIndex[self.tail];
previousTicketIndex[self.tail] = previousTicketIndex[j];
previousTicketIndex[j] = self.tail;
self.tail = newTail;
}
}
// we are replacing tickets so we also need to replace information
// about the submitter
delete self.candidate[ticketToRemove];
self.candidate[newTicketValue] = msg.sender;
}
storePreviousTicketIndices(self, previousTicketIndex);
}
/// @notice Use binary search to find an index for a new ticket in the tickets[] array
function findReplacementIndex(
Storage storage self,
uint64 newTicketValue,
uint256[] memory ordered
) internal view returns (uint256) {
uint256 lo = 0;
uint256 hi = ordered.length - 1;
uint256 mid = 0;
while (lo <= hi) {
mid = (lo + hi) >> 1;
if (newTicketValue < self.tickets[ordered[mid]]) {
hi = mid - 1;
} else if (newTicketValue > self.tickets[ordered[mid]]) {
lo = mid + 1;
} else {
return ordered[mid];
}
}
return ordered[lo];
}
function readPreviousTicketIndices(Storage storage self)
internal view returns (uint256[] memory uncompressed)
{
bytes memory compressed = self.previousTicketIndices;
uncompressed = new uint256[](self.groupSize);
for (uint256 i = 0; i < compressed.length; i++) {
uncompressed[i] = uint256(uint8(compressed[i]));
}
}
function storePreviousTicketIndices(
Storage storage self,
uint256[] memory uncompressed
) internal {
bytes memory compressed = new bytes(uncompressed.length);
for (uint256 i = 0; i < compressed.length; i++) {
compressed[i] = bytes1(uint8(uncompressed[i]));
}
self.previousTicketIndices = compressed;
}
/// @notice Creates an array of ticket indexes based on their values in the
/// ascending order:
///
/// ordered[n-1] = tail
/// ordered[n-2] = previousTicketIndex[tail]
/// ordered[n-3] = previousTicketIndex[ordered[n-2]]
function getTicketValueOrderedIndices(
Storage storage self,
uint256[] memory previousIndices
) internal view returns (uint256[] memory) {
uint256[] memory ordered = new uint256[](self.tickets.length);
if (ordered.length > 0) {
ordered[self.tickets.length-1] = self.tail;
if (ordered.length > 1) {
for (uint256 i = self.tickets.length - 1; i > 0; i--) {
ordered[i-1] = previousIndices[ordered[i]];
}
}
}
return ordered;
}
/// @notice Gets selected participants in ascending order of their tickets.
function selectedParticipants(Storage storage self) public view returns (address[] memory) {
require(
block.number >= self.ticketSubmissionStartBlock.add(self.ticketSubmissionTimeout),
"Ticket submission in progress"
);
require(self.tickets.length >= self.groupSize, "Not enough tickets submitted");
uint256[] memory previousTicketIndex = readPreviousTicketIndices(self);
address[] memory selected = new address[](self.groupSize);
uint256 ticketIndex = self.tail;
selected[self.tickets.length - 1] = self.candidate[self.tickets[ticketIndex]];
for (uint256 i = self.tickets.length - 1; i > 0; i--) {
ticketIndex = previousTicketIndex[ticketIndex];
selected[i-1] = self.candidate[self.tickets[ticketIndex]];
}
return selected;
}
/// @notice Clears up data of the group selection tickets.
function cleanupTickets(Storage storage self) internal {
delete self.tickets;
self.tail = 0;
}
/// @notice Clears up data of the group selection candidates.
/// This operation may have a significant cost if not executed as a part of
/// another transaction consuming a lot of gas and as a result, getting
/// gas refund for clearing up the storage.
function cleanupCandidates(Storage storage self) internal {
for (uint i = 0; i < self.tickets.length; i++) {
delete self.candidate[self.tickets[i]];
}
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "../../utils/BytesLib.sol";
import "../../utils/PercentUtils.sol";
import "../../cryptography/AltBn128.sol";
import "../../cryptography/BLS.sol";
import "../../TokenStaking.sol";
library Groups {
using SafeMath for uint256;
using PercentUtils for uint256;
using BytesLib for bytes;
// The index of a group is flagged with the most significant bit set,
// to distinguish the group `0` from null.
// The flag is toggled with bitwise XOR (`^`)
// which keeps all other bits intact but flips the flag bit.
// The flag should be set before writing to `groupIndices`,
// and unset after reading from `groupIndices`
// before using the value.
uint256 constant GROUP_INDEX_FLAG = 1 << 255;
uint256 constant ONE_MONTH = 86400 * 30;
uint256 constant THREE_MONTHS = 3 * ONE_MONTH;
uint256 constant SIX_MONTHS = 6 * ONE_MONTH;
struct Group {
bytes groupPubKey;
uint256 registrationBlockHeight;
bool terminated;
uint248 registrationTime;
}
struct Storage {
// Time in blocks after which a group expires.
uint256 groupActiveTime;
// Duplicated constant from operator contract to avoid extra call.
// The value is set when the operator contract is added.
uint256 relayEntryTimeout;
// Mapping of `groupPubKey` to flagged `groupIndex`
mapping (bytes => uint256) groupIndices;
Group[] groups;
uint256[] activeTerminatedGroups;
mapping (bytes => address[]) groupMembers;
// Sum of all group member rewards earned so far. The value is the same for
// all group members. Submitter reward and reimbursement is paid immediately
// and is not included here. Each group member can withdraw no more than
// this value.
mapping (bytes => uint256) groupMemberRewards;
// Mapping of `groupPubKey, operator`
// to whether the operator has withdrawn rewards from that group.
mapping(bytes => mapping(address => bool)) withdrawn;
// expiredGroupOffset is pointing to the first active group, it is also the
// expired groups counter
uint256 expiredGroupOffset;
TokenStaking stakingContract;
}
/// @notice Adds a new group.
function addGroup(
Storage storage self,
bytes memory groupPubKey
) public {
self.groupIndices[groupPubKey] = (self.groups.length ^ GROUP_INDEX_FLAG);
self.groups.push(Group(groupPubKey, block.number, false, uint248(block.timestamp)));
}
/// @notice Sets addresses of members for the group with the given public key
/// eliminating members at positions pointed by the misbehaved array.
/// @param groupPubKey Group public key.
/// @param members Group member addresses as outputted by the group selection
/// protocol.
/// @param misbehaved Bytes array of misbehaved (disqualified or inactive)
/// group members indexes in ascending order; Indexes reflect positions of
/// members in the group as outputted by the group selection protocol -
/// member indexes start from 1.
function setGroupMembers(
Storage storage self,
bytes memory groupPubKey,
address[] memory members,
bytes memory misbehaved
) public {
self.groupMembers[groupPubKey] = members;
// Iterate misbehaved array backwards, replace misbehaved
// member with the last element and reduce array length
uint256 i = misbehaved.length;
while (i > 0) {
// group member indexes start from 1, so we need to -1 on misbehaved
uint256 memberArrayPosition = misbehaved.toUint8(i - 1) - 1;
self.groupMembers[groupPubKey][memberArrayPosition] = self.groupMembers[groupPubKey][self.groupMembers[groupPubKey].length - 1];
self.groupMembers[groupPubKey].length--;
i--;
}
}
/// @notice Adds group member reward per group so the accumulated amount can
/// be withdrawn later.
function addGroupMemberReward(
Storage storage self,
bytes memory groupPubKey,
uint256 amount
) internal {
self.groupMemberRewards[groupPubKey] = self.groupMemberRewards[groupPubKey].add(amount);
}
/// @notice Returns accumulated group member rewards for provided group.
function getGroupMemberRewards(
Storage storage self,
bytes memory groupPubKey
) internal view returns (uint256) {
return self.groupMemberRewards[groupPubKey];
}
/// @notice Gets group public key.
function getGroupPublicKey(
Storage storage self,
uint256 groupIndex
) internal view returns (bytes memory) {
return self.groups[groupIndex].groupPubKey;
}
/// @notice Gets group member.
function getGroupMember(
Storage storage self,
bytes memory groupPubKey,
uint256 memberIndex
) internal view returns (address) {
return self.groupMembers[groupPubKey][memberIndex];
}
/// @notice Terminates group with the provided index. Reverts if the group
/// is already terminated.
function terminateGroup(
Storage storage self,
uint256 groupIndex
) public {
require(
!isGroupTerminated(self, groupIndex),
"Group has been already terminated"
);
self.groups[groupIndex].terminated = true;
self.activeTerminatedGroups.length++;
// Sorting activeTerminatedGroups in ascending order so a non-terminated
// group is properly selected.
uint256 i;
for (
i = self.activeTerminatedGroups.length - 1;
i > 0 && self.activeTerminatedGroups[i - 1] > groupIndex;
i--
) {
self.activeTerminatedGroups[i] = self.activeTerminatedGroups[i - 1];
}
self.activeTerminatedGroups[i] = groupIndex;
}
/// @notice Checks if group with the given index is terminated.
function isGroupTerminated(
Storage storage self,
uint256 groupIndex
) internal view returns(bool) {
return self.groups[groupIndex].terminated;
}
/// @notice Checks if group with the given public key is registered.
function isGroupRegistered(
Storage storage self,
bytes memory groupPubKey
) internal view returns(bool) {
// Values in `groupIndices` are flagged with `GROUP_INDEX_FLAG`
// and thus nonzero, even for group 0
return self.groupIndices[groupPubKey] > 0;
}
/// @notice Gets the cutoff time in blocks until which the given group is
/// considered as an active group assuming it hasn't been terminated before.
function groupActiveTimeOf(
Storage storage self,
Group memory group
) internal view returns(uint256) {
return uint256(group.registrationBlockHeight).add(self.groupActiveTime);
}
/// @notice Gets the cutoff time in blocks after which the given group is
/// considered as stale. Stale group is an expired group which is no longer
/// performing any operations.
function groupStaleTime(
Storage storage self,
Group memory group
) internal view returns(uint256) {
return groupActiveTimeOf(self, group).add(self.relayEntryTimeout);
}
/// @notice Checks if a group with the given public key is a stale group.
/// Stale group is an expired group which is no longer performing any
/// operations. It is important to understand that an expired group may
/// still perform some operations for which it was selected when it was still
/// active. We consider a group to be stale when it's expired and when its
/// expiration time and potentially executed operation timeout are both in
/// the past.
function isStaleGroup(
Storage storage self,
bytes memory groupPubKey
) public view returns(bool) {
uint256 flaggedIndex = self.groupIndices[groupPubKey];
require(flaggedIndex != 0, "Group does not exist");
uint256 index = flaggedIndex ^ GROUP_INDEX_FLAG;
bool isExpired = self.expiredGroupOffset > index;
bool isStale = groupStaleTime(self, self.groups[index]) < block.number;
return isExpired && isStale;
}
/// @notice Checks if a group with the given index is a stale group.
/// Stale group is an expired group which is no longer performing any
/// operations. It is important to understand that an expired group may
/// still perform some operations for which it was selected when it was still
/// active. We consider a group to be stale when it's expired and when its
/// expiration time and potentially executed operation timeout are both in
/// the past.
function isStaleGroup(
Storage storage self,
uint256 groupIndex
) public view returns(bool) {
return groupStaleTime(self, self.groups[groupIndex]) < block.number;
}
/// @notice Gets the number of active groups. Expired and terminated groups are
/// not counted as active.
function numberOfGroups(
Storage storage self
) internal view returns(uint256) {
return self.groups.length.sub(self.expiredGroupOffset).sub(self.activeTerminatedGroups.length);
}
/// @notice Goes through groups starting from the oldest one that is still
/// active and checks if it hasn't expired. If so, updates the information
/// about expired groups so that all expired groups are marked as such.
function expireOldGroups(Storage storage self) public {
// Move expiredGroupOffset as long as there are some groups that should
// be marked as expired. It is possible that expired group offset will
// move out of the groups array by one position. It means that all groups
// are expired (it points to the first active group) and that place in
// groups array - currently empty - will be possibly filled later by
// a new group.
while(
self.expiredGroupOffset < self.groups.length &&
groupActiveTimeOf(self, self.groups[self.expiredGroupOffset]) < block.number
) {
self.expiredGroupOffset++;
}
// Go through all activeTerminatedGroups and if some of the terminated
// groups are expired, remove them from activeTerminatedGroups collection.
// This is needed because we evaluate the shift of selected group index
// based on how many non-expired groups has been terminated.
for (uint i = 0; i < self.activeTerminatedGroups.length; i++) {
if (self.expiredGroupOffset > self.activeTerminatedGroups[i]) {
self.activeTerminatedGroups[i] = self.activeTerminatedGroups[self.activeTerminatedGroups.length - 1];
self.activeTerminatedGroups.length--;
}
}
}
/// @notice Returns an index of a randomly selected active group. Terminated
/// and expired groups are not considered as active.
/// Before new group is selected, information about expired groups
/// is updated. At least one active group needs to be present for this
/// function to succeed.
/// @param seed Random number used as a group selection seed.
function selectGroup(
Storage storage self,
uint256 seed
) public returns(uint256) {
expireOldGroups(self);
require(numberOfGroups(self) > 0, "No active groups");
uint256 selectedGroup = seed % numberOfGroups(self);
return shiftByTerminatedGroups(self, shiftByExpiredGroups(self, selectedGroup));
}
/// @notice Evaluates the shift of selected group index based on the number of
/// expired groups.
function shiftByExpiredGroups(
Storage storage self,
uint256 selectedIndex
) internal view returns(uint256) {
return self.expiredGroupOffset.add(selectedIndex);
}
/// @notice Evaluates the shift of selected group index based on the number of
/// non-expired, terminated groups.
function shiftByTerminatedGroups(
Storage storage self,
uint256 selectedIndex
) internal view returns(uint256) {
uint256 shiftedIndex = selectedIndex;
for (uint i = 0; i < self.activeTerminatedGroups.length; i++) {
if (self.activeTerminatedGroups[i] <= shiftedIndex) {
shiftedIndex++;
}
}
return shiftedIndex;
}
/// @notice Withdraws accumulated group member rewards for operator
/// using the provided group index.
/// Once the accumulated reward is withdrawn from the selected group,
/// the operator is flagged as withdrawn.
/// Rewards can be withdrawn only from stale group.
/// @param operator Operator address.
/// @param groupIndex Group index.
function withdrawFromGroup(
Storage storage self,
address operator,
uint256 groupIndex
) public returns (uint256 rewards) {
bool isExpired = self.expiredGroupOffset > groupIndex;
bool isStale = isStaleGroup(self, groupIndex);
require(isExpired && isStale, "Group must be expired and stale");
bytes memory groupPublicKey = getGroupPublicKey(self, groupIndex);
require(
!(self.withdrawn[groupPublicKey][operator]),
"Rewards already withdrawn"
);
self.withdrawn[groupPublicKey][operator] = true;
for (uint i = 0; i < self.groupMembers[groupPublicKey].length; i++) {
if (operator == self.groupMembers[groupPublicKey][i]) {
rewards = rewards.add(self.groupMemberRewards[groupPublicKey]);
}
}
}
/// @notice Returns members of the given group by group public key.
/// @param groupPubKey Group public key.
function getGroupMembers(
Storage storage self,
bytes memory groupPubKey
) public view returns (address[] memory members) {
return self.groupMembers[groupPubKey];
}
/// @notice Returns addresses of all the members in the provided group.
function getGroupMembers(
Storage storage self,
uint256 groupIndex
) public view returns (address[] memory members) {
bytes memory groupPubKey = self.groups[groupIndex].groupPubKey;
return self.groupMembers[groupPubKey];
}
function getGroupRegistrationTime(
Storage storage self,
uint256 groupIndex
) public view returns (uint256) {
return uint256(self.groups[groupIndex].registrationTime);
}
/// @notice Reports unauthorized signing for the provided group. Must provide
/// a valid signature of the group address as a message. Successful signature
/// verification means the private key has been leaked and all group members
/// should be punished by seizing their tokens. The submitter of this proof is
/// rewarded with 5% of the total seized amount scaled by the reward adjustment
/// parameter and the rest 95% is burned. Group has to be active or expired.
/// Unauthorized signing cannot be reported for stale or terminated group.
/// In case of reporting unauthorized signing for stale group,
/// terminated group, or when the signature is inavlid, function reverts.
function reportUnauthorizedSigning(
Storage storage self,
uint256 groupIndex,
bytes memory signedMsgSender,
uint256 minimumStake
) public {
require(!isStaleGroup(self, groupIndex), "Group can not be stale");
bytes memory groupPubKey = getGroupPublicKey(self, groupIndex);
require(
BLS.verifyBytes(
groupPubKey,
abi.encodePacked(msg.sender),
signedMsgSender
),
"Invalid signature"
);
terminateGroup(self, groupIndex);
self.stakingContract.seize(minimumStake, 100, msg.sender, self.groupMembers[groupPubKey]);
}
function reportRelayEntryTimeout(
Storage storage self,
uint256 groupIndex,
uint256 groupSize
) public {
uint256 punishment = relayEntryTimeoutPunishment(self);
terminateGroup(self, groupIndex);
// Reward is limited to min(1, 20 / group_size) of the maximum tattletale reward, see the Yellow Paper for more details.
uint256 rewardAdjustment = uint256(20 * 100).div(groupSize); // Reward adjustment in percentage
rewardAdjustment = rewardAdjustment > 100 ? 100:rewardAdjustment; // Reward adjustment can be 100% max
self.stakingContract.seize(punishment, rewardAdjustment, msg.sender, getGroupMembers(self, groupIndex));
}
/// @notice Evaluates relay entry timeout punishment using the following
/// rules:
/// - 1% of the minimum stake for the first 3 months,
/// - 50% of the minimum stake between the first 3 and 6 months,
/// - 100% of the minimum stake after the first 6 months.
function relayEntryTimeoutPunishment(
Storage storage self
) public view returns (uint256) {
uint256 minimumStake = self.stakingContract.minimumStake();
uint256 stakingContractDeployedAt = self.stakingContract.deployedAt();
/* solium-disable-next-line security/no-block-members */
if (now < stakingContractDeployedAt + THREE_MONTHS) {
return minimumStake.percent(1);
/* solium-disable-next-line security/no-block-members */
} else if (now < stakingContractDeployedAt + SIX_MONTHS) {
return minimumStake.percent(50);
} else {
return minimumStake;
}
}
/// @notice Return whether the given operator
/// has withdrawn their rewards from the given group.
function hasWithdrawnRewards(
Storage storage self,
address operator,
uint256 groupIndex
) public view returns (bool) {
return self.withdrawn[getGroupPublicKey(self, groupIndex)][operator];
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/cryptography/ECDSA.sol";
import "../../utils/BytesLib.sol";
import "./GroupSelection.sol";
library DKGResultVerification {
using BytesLib for bytes;
using ECDSA for bytes32;
using GroupSelection for GroupSelection.Storage;
struct Storage {
// Time in blocks after which DKG result is complete and ready to be
// published by clients.
uint256 timeDKG;
// Time in blocks after which the next group member is eligible
// to submit DKG result.
uint256 resultPublicationBlockStep;
// Size of a group in the threshold relay.
uint256 groupSize;
// The minimum number of signatures required to support DKG result.
// This number needs to be at least the same as the signing threshold
// and it is recommended to make it higher than the signing threshold
// to keep a safety margin for misbehaving members.
uint256 signatureThreshold;
}
/// @notice Verifies the submitted DKG result against supporting member
/// signatures and if the submitter is eligible to submit at the current
/// block. Every signature supporting the result has to be from a unique
/// group member.
///
/// @param submitterMemberIndex Claimed submitter candidate group member index
/// @param groupPubKey Generated candidate group public key
/// @param misbehaved Bytes array of misbehaved (disqualified or inactive)
/// group members indexes; Indexes reflect positions of members in the group,
/// as outputted by the group selection protocol.
/// @param signatures Concatenation of signatures from members supporting the
/// result.
/// @param signingMemberIndices Indices of members corresponding to each
/// signature. Indices have to be unique.
/// @param members Addresses of candidate group members as outputted by the
/// group selection protocol.
/// @param groupSelectionEndBlock Block height at which the group selection
/// protocol ended.
function verify(
Storage storage self,
uint256 submitterMemberIndex,
bytes memory groupPubKey,
bytes memory misbehaved,
bytes memory signatures,
uint256[] memory signingMemberIndices,
address[] memory members,
uint256 groupSelectionEndBlock
) public view {
require(submitterMemberIndex > 0, "Invalid submitter index");
require(
members[submitterMemberIndex - 1] == msg.sender,
"Unexpected submitter index"
);
uint T_init = groupSelectionEndBlock + self.timeDKG;
require(
block.number >= (T_init + (submitterMemberIndex-1) * self.resultPublicationBlockStep),
"Submitter not eligible"
);
require(groupPubKey.length == 128, "Malformed group public key");
require(
misbehaved.length <= self.groupSize - self.signatureThreshold,
"Malformed misbehaved bytes"
);
uint256 signaturesCount = signatures.length / 65;
require(signatures.length >= 65, "Too short signatures array");
require(signatures.length % 65 == 0, "Malformed signatures array");
require(signaturesCount == signingMemberIndices.length, "Unexpected signatures count");
require(signaturesCount >= self.signatureThreshold, "Too few signatures");
require(signaturesCount <= self.groupSize, "Too many signatures");
bytes32 resultHash = keccak256(abi.encodePacked(groupPubKey, misbehaved));
bytes memory current; // Current signature to be checked.
bool[] memory usedMemberIndices = new bool[](self.groupSize);
for(uint i = 0; i < signaturesCount; i++){
uint256 memberIndex = signingMemberIndices[i];
require(memberIndex > 0, "Invalid index");
require(memberIndex <= members.length, "Index out of range");
require(!usedMemberIndices[memberIndex - 1], "Duplicate member index");
usedMemberIndices[memberIndex - 1] = true;
current = signatures.slice(65*i, 65);
address recoveredAddress = resultHash.toEthSignedMessageHash().recover(current);
require(members[memberIndex - 1] == recoveredAddress, "Invalid signature");
}
}
}pragma solidity 0.5.17;
library ModUtils {
/**
* @dev Wrap the modular exponent pre-compile introduced in Byzantium.
* Returns base^exponent mod p.
*/
function modExp(uint256 base, uint256 exponent, uint256 p)
internal
view returns(uint256 o)
{
/* solium-disable-next-line */
assembly {
// Args for the precompile: [<length_of_BASE> <length_of_EXPONENT>
// <length_of_MODULUS> <BASE> <EXPONENT> <MODULUS>]
let output := mload(0x40)
let args := add(output, 0x20)
mstore(args, 0x20)
mstore(add(args, 0x20), 0x20)
mstore(add(args, 0x40), 0x20)
mstore(add(args, 0x60), base)
mstore(add(args, 0x80), exponent)
mstore(add(args, 0xa0), p)
// 0x05 is the modular exponent contract address
if iszero(staticcall(not(0), 0x05, args, 0xc0, output, 0x20)) {
revert(0, 0)
}
o := mload(output)
}
}
/**
* @dev Calculates and returns the square root of a mod p if such a square
* root exists. The modulus p must be an odd prime. If a square root does
* not exist, function returns 0.
*/
function modSqrt(uint256 a, uint256 p)
internal
view returns(uint256)
{
if (legendre(a, p) != 1) {
return 0;
}
if (a == 0) {
return 0;
}
if (p % 4 == 3) {
return modExp(a, (p + 1) / 4, p);
}
uint256 s = p - 1;
uint256 e = 0;
while (s % 2 == 0) {
s = s / 2;
e = e + 1;
}
// Note the smaller int- finding n with Legendre symbol or -1
// should be quick
uint256 n = 2;
while (legendre(n, p) != -1) {
n = n + 1;
}
uint256 x = modExp(a, (s + 1) / 2, p);
uint256 b = modExp(a, s, p);
uint256 g = modExp(n, s, p);
uint256 r = e;
uint256 gs = 0;
uint256 m = 0;
uint256 t = b;
while (true) {
t = b;
m = 0;
for (m = 0; m < r; m++) {
if (t == 1) {
break;
}
t = modExp(t, 2, p);
}
if (m == 0) {
return x;
}
gs = modExp(g, uint256(2) ** (r - m - 1), p);
g = (gs * gs) % p;
x = (x * gs) % p;
b = (b * g) % p;
r = m;
}
}
/**
* @dev Calculates the Legendre symbol of the given a mod p.
* @return Returns 1 if a is a quadratic residue mod p, -1 if it is
* a non-quadratic residue, and 0 if a is 0.
*/
function legendre(uint256 a, uint256 p)
internal
view returns(int256)
{
uint256 raised = modExp(a, (p - 1) / uint256(2), p);
if (raised == 0 || raised == 1) {
return int256(raised);
} else if (raised == p - 1) {
return -1;
}
require(false, "Failed to calculate legendre.");
}
}pragma solidity ^0.5.0;
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* NOTE: This call _does not revert_ if the signature is invalid, or
* if the signer is otherwise unable to be retrieved. In those scenarios,
* the zero address is returned.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
// Check the signature length
if (signature.length != 65) {
return (address(0));
}
// Divide the signature in r, s and v variables
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
// solhint-disable-next-line no-inline-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (281): 0 < s < secp256k1n ÷ 2 + 1, and for v in (282): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return address(0);
}
if (v != 27 && v != 28) {
return address(0);
}
// If the signature is valid (and not malleable), return the signer address
return ecrecover(hash, v, r, s);
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* replicates the behavior of the
* https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign[`eth_sign`]
* JSON-RPC method.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "../../utils/BytesLib.sol";
import "../../TokenStaking.sol";
library Reimbursements {
using SafeMath for uint256;
using BytesLib for bytes;
/// @notice Reimburses callback execution cost and surplus based on actual gas
/// usage to the submitter's beneficiary address and if necessary to the
/// callback requestor (surplus recipient).
/// @param stakingContract Staking contract to get the address of the beneficiary
/// @param gasPriceCeiling Gas price ceiling in wei
/// @param gasLimit Gas limit set for the callback
/// @param gasSpent Gas spent by the submitter on the callback
/// @param callbackFee Fee paid for the callback by the requestor
/// @param callbackSurplusRecipientData Data containing surplus recipient address
function reimburseCallback(
TokenStaking stakingContract,
uint256 gasPriceCeiling,
uint256 gasLimit,
uint256 gasSpent,
uint256 callbackFee,
bytes memory callbackSurplusRecipientData
) public {
uint256 gasPrice = gasPriceCeiling;
// We need to check if tx.gasprice is non-zero as a workaround to a bug
// in go-ethereum:
// https://github.com/ethereum/go-ethereum/pull/20189
if (tx.gasprice > 0 && tx.gasprice < gasPriceCeiling) {
gasPrice = tx.gasprice;
}
// Obtain the actual callback gas expenditure and refund the surplus.
//
// In case of heavily underpriced transactions, EVM may wrap the call
// with additional opcodes. In this case gasSpent > gasLimit.
// The worst scenario cost is included in entry verification fee.
// If this happens we return just the gasLimit here.
uint256 actualCallbackGas = gasSpent < gasLimit ? gasSpent : gasLimit;
uint256 actualCallbackFee = actualCallbackGas.mul(gasPrice);
// Get the beneficiary.
address payable beneficiary = stakingContract.beneficiaryOf(msg.sender);
// If we spent less on the callback than the customer transferred for the
// callback execution, we need to reimburse the difference.
if (actualCallbackFee < callbackFee) {
uint256 callbackSurplus = callbackFee.sub(actualCallbackFee);
// Reimburse submitter with his actual callback cost.
beneficiary.call.value(actualCallbackFee)("");
// Return callback surplus to the requestor.
// Expecting 32 bytes data containing 20 byte address
if (callbackSurplusRecipientData.length == 32) {
address surplusRecipient = callbackSurplusRecipientData.toAddress(12);
surplusRecipient.call.gas(8000).value(callbackSurplus)("");
}
} else {
// Reimburse submitter with the callback payment sent by the requestor.
beneficiary.call.value(callbackFee)("");
}
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
library DelayFactor {
using SafeMath for uint256;
/// @notice Gets delay factor for rewards calculation.
/// @return Integer representing floating-point number with 16 decimals places.
function calculate(
uint256 currentRequestStartBlock,
uint256 relayEntryTimeout
) public view returns(uint256 delayFactor) {
uint256 decimals = 1e16; // Adding 16 decimals to perform float division.
// T_deadline is the earliest block when no submissions are accepted
// and an entry timed out. The last block the entry can be published in is
// currentRequestStartBlock + relayEntryTimeout
// and submission are no longer accepted from block
// currentRequestStartBlock + relayEntryTimeout + 1.
uint256 deadlineBlock = currentRequestStartBlock.add(relayEntryTimeout).add(1);
// T_begin is the earliest block the result can be published in.
// Relay entry can be generated instantly after relay request is
// registered on-chain so a new entry can be published at the next
// block the earliest.
uint256 submissionStartBlock = currentRequestStartBlock.add(1);
// Use submissionStartBlock block as entryReceivedBlock if entry submitted earlier than expected.
uint256 entryReceivedBlock = block.number <= submissionStartBlock ? submissionStartBlock:block.number;
// T_remaining = T_deadline - T_received
uint256 remainingBlocks = deadlineBlock.sub(entryReceivedBlock);
// T_deadline - T_begin
uint256 submissionWindow = deadlineBlock.sub(submissionStartBlock);
// delay factor = [ T_remaining / (T_deadline - T_begin)]^2
//
// Since we add 16 decimal places to perform float division, we do:
// delay factor = [ T_temaining * decimals / (T_deadline - T_begin)]^2 / decimals =
// = [T_remaining / (T_deadline - T_begin) ]^2 * decimals
delayFactor = ((remainingBlocks.mul(decimals).div(submissionWindow))**2).div(decimals);
}
}pragma solidity 0.5.17;
import "../utils/ModUtils.sol";
/**
* @title Operations on alt_bn128
* @dev Implementations of common elliptic curve operations on Ethereum's
* (poorly named) alt_bn128 curve. Whenever possible, use post-Byzantium
* pre-compiled contracts to offset gas costs. Note that these pre-compiles
* might not be available on all (eg private) chains.
*/
library AltBn128 {
using ModUtils for uint256;
// G1Point implements a point in G1 group.
struct G1Point {
uint256 x;
uint256 y;
}
// gfP2 implements a field of size p² as a quadratic extension of the base field.
struct gfP2 {
uint256 x;
uint256 y;
}
// G2Point implements a point in G2 group.
struct G2Point {
gfP2 x;
gfP2 y;
}
// p is a prime over which we form a basic field
// Taken from go-ethereum/crypto/bn256/cloudflare/constants.go
uint256 constant p = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
function getP() internal pure returns (uint256) {
return p;
}
/**
* @dev Gets generator of G1 group.
* Taken from go-ethereum/crypto/bn256/cloudflare/curve.go
*/
uint256 constant g1x = 1;
uint256 constant g1y = 2;
function g1() internal pure returns (G1Point memory) {
return G1Point(g1x, g1y);
}
/**
* @dev Gets generator of G2 group.
* Taken from go-ethereum/crypto/bn256/cloudflare/twist.go
*/
uint256 constant g2xx = 11559732032986387107991004021392285783925812861821192530917403151452391805634;
uint256 constant g2xy = 10857046999023057135944570762232829481370756359578518086990519993285655852781;
uint256 constant g2yx = 4082367875863433681332203403145435568316851327593401208105741076214120093531;
uint256 constant g2yy = 8495653923123431417604973247489272438418190587263600148770280649306958101930;
function g2() internal pure returns (G2Point memory) {
return G2Point(
gfP2(g2xx, g2xy),
gfP2(g2yx, g2yy)
);
}
/**
* @dev Gets twist curve B constant.
* Taken from go-ethereum/crypto/bn256/cloudflare/twist.go
*/
uint256 constant twistBx = 266929791119991161246907387137283842545076965332900288569378510910307636690;
uint256 constant twistBy = 19485874751759354771024239261021720505790618469301721065564631296452457478373;
function twistB() private pure returns (gfP2 memory) {
return gfP2(twistBx, twistBy);
}
/**
* @dev Gets root of the point where x and y are equal.
*/
uint256 constant hexRootX = 21573744529824266246521972077326577680729363968861965890554801909984373949499;
uint256 constant hexRootY = 16854739155576650954933913186877292401521110422362946064090026408937773542853;
function hexRoot() private pure returns (gfP2 memory) {
return gfP2(hexRootX, hexRootY);
}
/**
* @dev g1YFromX computes a Y value for a G1 point based on an X value.
* This computation is simply evaluating the curve equation for Y on a
* given X, and allows a point on the curve to be represented by just
* an X value + a sign bit.
*/
function g1YFromX(uint256 x)
internal
view returns(uint256)
{
return ((x.modExp(3, p) + 3) % p).modSqrt(p);
}
/**
* @dev g2YFromX computes a Y value for a G2 point based on an X value.
* This computation is simply evaluating the curve equation for Y on a
* given X, and allows a point on the curve to be represented by just
* an X value + a sign bit.
*/
function g2YFromX(gfP2 memory _x)
internal
pure returns(gfP2 memory y)
{
(uint256 xx, uint256 xy) = _gfP2CubeAddTwistB(_x.x, _x.y);
// Using formula y = x ^ (p^2 + 15) / 32 from
// https://github.com/ethereum/beacon_chain/blob/master/beacon_chain/utils/bls.py
// (p^2 + 15) / 32 results into a big 512bit value, so breaking it to two uint256 as (a * a + b)
uint256 a = 3869331240733915743250440106392954448556483137451914450067252501901456824595;
uint256 b = 146360017852723390495514512480590656176144969185739259173561346299185050597;
(uint256 xbx, uint256 xby) = _gfP2Pow(xx, xy, b);
(uint256 yax, uint256 yay) = _gfP2Pow(xx, xy, a);
(uint256 ya2x, uint256 ya2y) = _gfP2Pow(yax, yay, a);
(y.x, y.y) = _gfP2Multiply(ya2x, ya2y, xbx, xby);
// Multiply y by hexRoot constant to find correct y.
while (!_g2X2y(xx, xy, y.x, y.y)) {
(y.x, y.y) = _gfP2Multiply(y.x, y.y, hexRootX, hexRootY);
}
}
/**
* @dev Hash a byte array message, m, and map it deterministically to a
* point on G1. Note that this approach was chosen for its simplicity /
* lower gas cost on the EVM, rather than good distribution of points on
* G1.
*/
function g1HashToPoint(bytes memory m)
internal
view returns(G1Point memory)
{
bytes32 h = sha256(m);
uint256 x = uint256(h) % p;
uint256 y;
while (true) {
y = g1YFromX(x);
if (y > 0) {
return G1Point(x, y);
}
x += 1;
}
}
/**
* @dev Calculates whether the provided number is even or odd.
* @return 0x01 if y is an even number and 0x00 if it's odd.
*/
function parity(uint256 value) private pure returns (byte) {
return bytes32(value)[31] & 0x01;
}
/**
* @dev Compress a point on G1 to a single uint256 for serialization.
*/
function g1Compress(G1Point memory point)
internal
pure returns(bytes32)
{
bytes32 m = bytes32(point.x);
byte leadM = m[0] | parity(point.y) << 7;
uint256 mask = 0xff << 31*8;
m = (m & ~bytes32(mask)) | (leadM >> 0);
return m;
}
/**
* @dev Compress a point on G2 to a pair of uint256 for serialization.
*/
function g2Compress(G2Point memory point)
internal
pure returns(bytes memory)
{
bytes32 m = bytes32(point.x.x);
byte leadM = m[0] | parity(point.y.x) << 7;
uint256 mask = 0xff << 31*8;
m = (m & ~bytes32(mask)) | (leadM >> 0);
return abi.encodePacked(m, bytes32(point.x.y));
}
/**
* @dev Decompress a point on G1 from a single uint256.
*/
function g1Decompress(bytes32 m)
internal
view returns(G1Point memory)
{
bytes32 mX = bytes32(0);
byte leadX = m[0] & 0x7f;
uint256 mask = 0xff << 31*8;
mX = (m & ~bytes32(mask)) | (leadX >> 0);
uint256 x = uint256(mX);
uint256 y = g1YFromX(x);
if (parity(y) != (m[0] & 0x80) >> 7) {
y = p - y;
}
require(isG1PointOnCurve(G1Point(x, y)), "Malformed bn256.G1 point.");
return G1Point(x, y);
}
/**
* @dev Unmarshals a point on G1 from bytes in an uncompressed form.
*/
function g1Unmarshal(bytes memory m) internal pure returns(G1Point memory) {
require(
m.length == 64,
"Invalid G1 bytes length"
);
bytes32 x;
bytes32 y;
/* solium-disable-next-line */
assembly {
x := mload(add(m, 0x20))
y := mload(add(m, 0x40))
}
return G1Point(uint256(x), uint256(y));
}
/**
* @dev Marshals a point on G1 to bytes form.
*/
function g1Marshal(G1Point memory point) internal pure returns(bytes memory) {
bytes memory m = new bytes(64);
bytes32 x = bytes32(point.x);
bytes32 y = bytes32(point.y);
/* solium-disable-next-line */
assembly {
mstore(add(m, 32), x)
mstore(add(m, 64), y)
}
return m;
}
/**
* @dev Unmarshals a point on G2 from bytes in an uncompressed form.
*/
function g2Unmarshal(bytes memory m) internal pure returns(G2Point memory) {
require(
m.length == 128,
"Invalid G2 bytes length"
);
uint256 xx;
uint256 xy;
uint256 yx;
uint256 yy;
/* solium-disable-next-line */
assembly {
xx := mload(add(m, 0x20))
xy := mload(add(m, 0x40))
yx := mload(add(m, 0x60))
yy := mload(add(m, 0x80))
}
return G2Point(gfP2(xx, xy), gfP2(yx,yy));
}
/**
* @dev Decompress a point on G2 from a pair of uint256.
*/
function g2Decompress(bytes memory m)
internal
pure returns(G2Point memory)
{
require(
m.length == 64,
"Invalid G2 compressed bytes length"
);
bytes32 x1;
bytes32 x2;
uint256 temp;
// Extract two bytes32 from bytes array
/* solium-disable-next-line */
assembly {
temp := add(m, 32)
x1 := mload(temp)
temp := add(m, 64)
x2 := mload(temp)
}
bytes32 mX = bytes32(0);
byte leadX = x1[0] & 0x7f;
uint256 mask = 0xff << 31*8;
mX = (x1 & ~bytes32(mask)) | (leadX >> 0);
gfP2 memory x = gfP2(uint256(mX), uint256(x2));
gfP2 memory y = g2YFromX(x);
if (parity(y.x) != (m[0] & 0x80) >> 7) {
y.x = p - y.x;
y.y = p - y.y;
}
return G2Point(x, y);
}
/**
* @dev Wrap the point addition pre-compile introduced in Byzantium. Return
* the sum of two points on G1. Revert if the provided points aren't on the
* curve.
*/
function g1Add(G1Point memory a, G1Point memory b)
internal view returns (G1Point memory c) {
/* solium-disable-next-line */
assembly {
let arg := mload(0x40)
mstore(arg, mload(a))
mstore(add(arg, 0x20), mload(add(a, 0x20)))
mstore(add(arg, 0x40), mload(b))
mstore(add(arg, 0x60), mload(add(b, 0x20)))
// 0x60 is the ECADD precompile address
if iszero(staticcall(not(0), 0x06, arg, 0x80, c, 0x40)) {
revert(0, 0)
}
}
}
/**
* @dev Return the sum of two gfP2 field elements.
*/
function gfP2Add(gfP2 memory a, gfP2 memory b) internal pure returns(gfP2 memory) {
return gfP2(
addmod(a.x, b.x, p),
addmod(a.y, b.y, p)
);
}
/**
* @dev Return multiplication of two gfP2 field elements.
*/
function gfP2Multiply(gfP2 memory a, gfP2 memory b) internal pure returns(gfP2 memory) {
return gfP2(
addmod(mulmod(a.x, b.y, p), mulmod(b.x, a.y, p), p),
addmod(mulmod(a.y, b.y, p), p - mulmod(a.x, b.x, p), p)
);
}
/**
* @dev Return gfP2 element to the power of the provided exponent.
*/
function gfP2Pow(gfP2 memory _a, uint256 _exp) internal pure returns(gfP2 memory result) {
(uint256 x, uint256 y) = _gfP2Pow(_a.x, _a.y, _exp);
return gfP2(x, y);
}
function gfP2Square(gfP2 memory a) internal pure returns (gfP2 memory) {
return gfP2Multiply(a, a);
}
function gfP2Cube(gfP2 memory a) internal pure returns (gfP2 memory) {
return gfP2Multiply(a, gfP2Square(a));
}
function gfP2CubeAddTwistB(gfP2 memory a) internal pure returns (gfP2 memory) {
(uint256 x, uint256 y) = _gfP2CubeAddTwistB(a.x, a.y);
return gfP2(x, y);
}
/**
* @dev Return true if G2 point's y^2 equals x.
*/
function g2X2y(gfP2 memory x, gfP2 memory y) internal pure returns(bool) {
gfP2 memory y2;
y2 = gfP2Square(y);
return (y2.x == x.x && y2.y == x.y);
}
/**
* @dev Return true if G1 point is on the curve.
*/
function isG1PointOnCurve(G1Point memory point) internal view returns (bool) {
return point.y.modExp(2, p) == (point.x.modExp(3, p) + 3) % p;
}
/**
* @dev Return true if G2 point is on the curve.
*/
function isG2PointOnCurve(G2Point memory point) internal pure returns(bool) {
(uint256 y2x, uint256 y2y) = _gfP2Square(point.y.x, point.y.y);
(uint256 x3x, uint256 x3y) = _gfP2CubeAddTwistB(point.x.x, point.x.y);
return (y2x == x3x && y2y == x3y);
}
/**
* @dev Wrap the scalar point multiplication pre-compile introduced in
* Byzantium. The result of a point from G1 multiplied by a scalar should
* match the point added to itself the same number of times. Revert if the
* provided point isn't on the curve.
*/
function scalarMultiply(G1Point memory p_1, uint256 scalar)
internal view returns (G1Point memory p_2) {
assembly {
let arg := mload(0x40)
mstore(arg, mload(p_1))
mstore(add(arg, 0x20), mload(add(p_1, 0x20)))
mstore(add(arg, 0x40), scalar)
// 0x07 is the ECMUL precompile address
if iszero(staticcall(not(0), 0x07, arg, 0x60, p_2, 0x40)) {
revert(0, 0)
}
}
}
/**
* @dev Wrap the pairing check pre-compile introduced in Byzantium. Return
* the result of a pairing check of 2 pairs (G1 p1, G2 p2) (G1 p3, G2 p4)
*/
function pairing(
G1Point memory p1,
G2Point memory p2,
G1Point memory p3,
G2Point memory p4
) internal view returns (bool result) {
uint256 _c;
/* solium-disable-next-line */
assembly {
let c := mload(0x40)
let arg := add(c, 0x20)
mstore(arg, mload(p1))
mstore(add(arg, 0x20), mload(add(p1, 0x20)))
let p2x := mload(p2)
mstore(add(arg, 0x40), mload(p2x))
mstore(add(arg, 0x60), mload(add(p2x, 0x20)))
let p2y := mload(add(p2, 0x20))
mstore(add(arg, 0x80), mload(p2y))
mstore(add(arg, 0xa0), mload(add(p2y, 0x20)))
mstore(add(arg, 0xc0), mload(p3))
mstore(add(arg, 0xe0), mload(add(p3, 0x20)))
let p4x := mload(p4)
mstore(add(arg, 0x100), mload(p4x))
mstore(add(arg, 0x120), mload(add(p4x, 0x20)))
let p4y := mload(add(p4, 0x20))
mstore(add(arg, 0x140), mload(p4y))
mstore(add(arg, 0x160), mload(add(p4y, 0x20)))
// call(gasLimit, to, value, inputOffset, inputSize, outputOffset, outputSize)
if iszero(staticcall(not(0), 0x08, arg, 0x180, c, 0x20)) {
revert(0, 0)
}
_c := mload(c)
}
return _c != 0;
}
function _gfP2Add(uint256 ax, uint256 ay, uint256 bx, uint256 by)
private pure returns(uint256 x, uint256 y) {
x = addmod(ax, bx, p);
y = addmod(ay, by, p);
}
function _gfP2Multiply(uint256 ax, uint256 ay, uint256 bx, uint256 by)
private pure returns(uint256 x, uint256 y) {
x = addmod(mulmod(ax, by, p), mulmod(bx, ay, p), p);
y = addmod(mulmod(ay, by, p), p - mulmod(ax, bx, p), p);
}
function _gfP2CubeAddTwistB(uint256 ax, uint256 ay)
private pure returns (uint256 x, uint256 y) {
(uint256 a3x, uint256 a3y) = _gfP2Cube(ax, ay);
return _gfP2Add(a3x, a3y, twistBx, twistBy);
}
function _gfP2Pow(uint256 _ax, uint256 _ay, uint256 _exp)
private pure returns (uint256 x, uint256 y) {
uint256 exp = _exp;
x = 0;
y = 1;
uint256 ax = _ax;
uint256 ay = _ay;
// Reduce exp dividing by 2 gradually to 0 while computing final
// result only when exp is an odd number.
while (exp > 0) {
if (parity(exp) == 0x01) {
(x, y) = _gfP2Multiply(x, y, ax, ay);
}
exp = exp / 2;
(ax, ay) = _gfP2Multiply(ax, ay, ax, ay);
}
}
function _gfP2Square(uint256 _ax, uint256 _ay)
private pure returns (uint256 x, uint256 y) {
return _gfP2Multiply(_ax, _ay, _ax, _ay);
}
function _gfP2Cube(uint256 _ax, uint256 _ay)
private pure returns (uint256 x, uint256 y) {
(uint256 _bx, uint256 _by) = _gfP2Square(_ax, _ay);
return _gfP2Multiply(_ax, _ay, _bx, _by);
}
function _g2X2y(uint256 xx, uint256 xy, uint256 yx, uint256 yy)
private pure returns (bool) {
(uint256 y2x, uint256 y2y) = _gfP2Square(yx, yy);
return (y2x == xx && y2y == xy);
}
}pragma solidity 0.5.17;
import "../../TokenGrant.sol";
import "../../TokenStakingEscrow.sol";
import "../..//utils/BytesLib.sol";
import "../RolesLookup.sol";
/// @notice TokenStaking contract library allowing to capture the details of
/// delegated grants and offering functions allowing to check grantee
/// authentication for stake delegation management.
library GrantStaking {
using BytesLib for bytes;
using RolesLookup for address payable;
/// @dev Grant ID is flagged with the most significant bit set, to
/// distinguish the grant ID `0` from default (null) value. The flag is
/// toggled with bitwise XOR (`^`) which keeps all other bits intact but
/// flips the flag bit. The flag should be set before writing to
/// `operatorToGrant`, and unset after reading from `operatorToGrant`
/// before using the value.
uint256 constant GRANT_ID_FLAG = 1 << 255;
struct Storage {
/// @dev Do not read or write this mapping directly; please use
/// `hasGrantDelegated`, `setGrantForOperator`, and `getGrantForOperator`
/// instead.
mapping (address => uint256) _operatorToGrant;
}
/// @notice Tries to capture delegation data if the pending delegation has
/// been created from a grant. There are only two possibilities and they
/// need to be handled differently: delegation comes from the TokenGrant
/// contract or delegation comes from TokenStakingEscrow. In those two cases
/// grant ID has to be captured in a different way.
/// @dev In case of a delegation from the escrow, it is expected that grant
/// ID is passed in extraData bytes array. When the delegation comes from
/// the TokenGrant contract, delegation data are obtained directly from that
/// contract using `tryCapturingGrantId` function.
/// @param tokenGrant KEEP token grant contract reference.
/// @param escrow TokenStakingEscrow contract address.
/// @param from The owner of the tokens who approved them to transfer.
/// @param operator The operator tokens are delegated to.
/// @param extraData Data for stake delegation, as passed to
/// `receiveApproval` of `TokenStaking`.
function tryCapturingDelegationData(
Storage storage self,
TokenGrant tokenGrant,
address escrow,
address from,
address operator,
bytes memory extraData
) public returns (bool, uint256) {
if (from == escrow) {
require(extraData.length == 92, "Corrupted delegation data from escrow");
uint256 grantId = extraData.toUint(60);
setGrantForOperator(self, operator, grantId);
return (true, grantId);
} else {
return tryCapturingGrantId(self, tokenGrant, operator);
}
}
/// @notice Checks if the delegation for the given operator has been created
/// from a grant defined in the passed token grant contract and if so,
/// captures the grant ID for that delegation.
/// Grant ID can be later retrieved based on the operator address and used
/// to authenticate grantee or to fetch the information about grant
/// unlocking schedule for escrow.
/// @param tokenGrant KEEP token grant contract reference.
/// @param operator The operator tokens are delegated to.
function tryCapturingGrantId(
Storage storage self,
TokenGrant tokenGrant,
address operator
) internal returns (bool, uint256) {
(bool success, bytes memory data) = address(tokenGrant).call(
abi.encodeWithSignature("getGrantStakeDetails(address)", operator)
);
if (success) {
(uint256 grantId,,address grantStakingContract) = abi.decode(
data, (uint256, uint256, address)
);
// Double-check if the delegation in TokenGrant has been defined
// for this staking contract. If not, it means it's an old
// delegation and the current one does not come from a grant.
// The scenario covered here is:
// - grantee delegated to operator A from a TokenGrant using another
// staking contract,
// - someone delegates to operator A using liquid tokens and this
// staking contract.
// Without this check, we'd consider the second delegation as coming
// from a grant.
if (address(this) != grantStakingContract) {
return (false, 0);
}
setGrantForOperator(self, operator, grantId);
return (true, grantId);
}
return (false, 0);
}
/// @notice Returns true if the given operator operates on stake delegated
/// from a grant. false is returned otherwise.
/// @param operator The operator to which tokens from a grant are
/// potentially delegated to.
function hasGrantDelegated(
Storage storage self,
address operator
) public view returns (bool) {
return self._operatorToGrant[operator] != 0;
}
/// @notice Associates operator with the provided grant ID. It means that
/// the given operator delegates on stake from the grant with this ID.
/// @param operator The operator tokens are delegate to.
/// @param grantId Identifier of a grant from which the tokens are delegated
/// to.
function setGrantForOperator(
Storage storage self,
address operator,
uint256 grantId
) public {
self._operatorToGrant[operator] = grantId ^ GRANT_ID_FLAG;
}
/// @notice Returns grant ID for the provided operator. If the operator
/// does not operate on stake delegated from a grant, function reverts.
/// @dev To avoid reverting in case the grant ID for the operator does not
/// exist, consider calling hasGrantDelegated before.
/// @param operator The operator tokens are delegate to.
function getGrantForOperator(
Storage storage self,
address operator
) public view returns (uint256) {
uint256 grantId = self._operatorToGrant[operator];
require (grantId != 0, "No grant for the operator");
return grantId ^ GRANT_ID_FLAG;
}
/// @notice Returns true if msg.sender is grantee eligible to trigger stake
/// undelegation for this operator. Function checks both standard grantee
/// and managed grantee case.
/// @param operator The operator tokens are delegated to.
/// @param tokenGrant KEEP token grant contract reference.
function canUndelegate(
Storage storage self,
address operator,
TokenGrant tokenGrant
) public returns (bool) {
// First of all, we need to see if the operator has grant delegated.
// If not, we don't need to bother about checking grantee or
// managed grantee and we just return false.
if (!hasGrantDelegated(self, operator)) {
return false;
}
uint256 grantId = getGrantForOperator(self, operator);
(,,,,uint256 revokedAt, address grantee) = tokenGrant.getGrant(grantId);
// Is msg.sender grantee of a standard grant?
if (msg.sender == grantee) {
return true;
}
// If not, we need to dig deeper and see if we are dealing with
// a grantee from a managed grant.
if ((msg.sender).isManagedGranteeForGrant(grantId, tokenGrant)) {
return true;
}
// There is only one possibility left - grant has been revoked and
// grant manager wants to take back delegated tokens.
if (revokedAt == 0) {
return false;
}
(address grantManager,,,,) = tokenGrant.getGrantUnlockingSchedule(grantId);
return msg.sender == grantManager;
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Burnable.sol";
import "openzeppelin-solidity/contracts/token/ERC20/SafeERC20.sol";
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "./libraries/grant/UnlockingSchedule.sol";
import "./utils/BytesLib.sol";
import "./utils/AddressArrayUtils.sol";
import "./TokenStaking.sol";
import "./TokenGrantStake.sol";
import "./GrantStakingPolicy.sol";
/// @title TokenGrant
/// @notice A token grant contract for a specified standard ERC20Burnable token.
/// Has additional functionality to stake delegate/undelegate token grants.
/// Tokens are granted to the grantee via unlocking scheme and can be
/// withdrawn gradually based on the unlocking schedule cliff and unlocking duration.
/// Optionally grant can be revoked by the token grant manager.
contract TokenGrant {
using SafeMath for uint256;
using UnlockingSchedule for uint256;
using SafeERC20 for ERC20Burnable;
using BytesLib for bytes;
using AddressArrayUtils for address[];
event TokenGrantCreated(uint256 id);
event TokenGrantWithdrawn(uint256 indexed grantId, uint256 amount);
event TokenGrantStaked(uint256 indexed grantId, uint256 amount, address operator);
event TokenGrantRevoked(uint256 id);
event StakingContractAuthorized(address indexed grantManager, address stakingContract);
struct Grant {
address grantManager; // Token grant manager.
address grantee; // Address to which granted tokens are going to be withdrawn.
uint256 revokedAt; // Timestamp at which grant was revoked by the grant manager.
uint256 revokedAmount; // The number of tokens revoked from the grantee.
uint256 revokedWithdrawn; // The number of tokens returned to the grant creator.
bool revocable; // Whether grant manager can revoke the grant.
uint256 amount; // Amount of tokens to be granted.
uint256 duration; // Duration in seconds of the period in which the granted tokens will unlock.
uint256 start; // Timestamp at which the linear unlocking schedule will start.
uint256 cliff; // Timestamp before which no tokens will be unlocked.
uint256 withdrawn; // Amount that was withdrawn to the grantee.
uint256 staked; // Amount that was staked by the grantee.
GrantStakingPolicy stakingPolicy;
}
uint256 public numGrants;
ERC20Burnable public token;
// Staking contracts authorized by the given grant manager.
// grant manager -> staking contract -> authorized?
mapping(address => mapping (address => bool)) internal stakingContracts;
// Token grants.
mapping(uint256 => Grant) public grants;
// Token grants stakes.
mapping(address => TokenGrantStake) public grantStakes;
// Mapping of token grant IDs per particular address
// involved in a grant as a grantee or as a grant manager.
mapping(address => uint256[]) public grantIndices;
// Token grants balances. Sum of all granted tokens to a grantee.
// This includes granted tokens that are already unlocked and
// available to be withdrawn to the grantee
mapping(address => uint256) public balances;
// Mapping of operator addresses per particular grantee address.
mapping(address => address[]) public granteesToOperators;
/// @notice Creates a token grant contract for a provided Standard ERC20Burnable token.
/// @param _tokenAddress address of a token that will be linked to this contract.
constructor(address _tokenAddress) public {
require(_tokenAddress != address(0x0), "Token address can't be zero.");
token = ERC20Burnable(_tokenAddress);
}
/// @notice Used by grant manager to authorize staking contract with the given
/// address.
function authorizeStakingContract(address _stakingContract) public {
require(
_stakingContract != address(0x0),
"Staking contract address can't be zero"
);
stakingContracts[msg.sender][_stakingContract] = true;
emit StakingContractAuthorized(msg.sender, _stakingContract);
}
/// @notice Gets the amount of granted tokens to the specified address.
/// @param _owner The address to query the grants balance of.
/// @return An uint256 representing the grants balance owned by the passed address.
function balanceOf(address _owner) public view returns (uint256 balance) {
return balances[_owner];
}
/// @notice Gets the stake balance of the specified address.
/// @param _address The address to query the balance of.
/// @return An uint256 representing the amount staked by the passed address.
function stakeBalanceOf(address _address) public view returns (uint256 balance) {
for (uint i = 0; i < grantIndices[_address].length; i++) {
uint256 id = grantIndices[_address][i];
balance += grants[id].staked;
}
return balance;
}
/// @notice Gets grant by ID. Returns only basic grant data.
/// If you need unlocking schedule for the grant you must call `getGrantUnlockingSchedule()`
/// This is to avoid Ethereum `Stack too deep` issue described here:
/// https://forum.ethereum.org/discussion/2400/error-stack-too-deep-try-removing-local-variables
/// @param _id ID of the token grant.
/// @return amount The amount of tokens the grant provides.
/// @return withdrawn The amount of tokens that have already been withdrawn
/// from the grant.
/// @return staked The amount of tokens that have been staked from the grant.
/// @return revoked A boolean indicating whether the grant has been revoked,
/// which is to say that it is no longer unlocking.
/// @return grantee The grantee of grant.
function getGrant(uint256 _id) public view returns (
uint256 amount,
uint256 withdrawn,
uint256 staked,
uint256 revokedAmount,
uint256 revokedAt,
address grantee
) {
return (
grants[_id].amount,
grants[_id].withdrawn,
grants[_id].staked,
grants[_id].revokedAmount,
grants[_id].revokedAt,
grants[_id].grantee
);
}
/// @notice Gets grant unlocking schedule by grant ID.
/// @param _id ID of the token grant.
/// @return grantManager The address designated as the manager of the grant,
/// which is the only address that can revoke this grant.
/// @return duration The duration, in seconds, during which the tokens will
/// unlocking linearly.
/// @return start The start time, as a timestamp comparing to `now`.
/// @return cliff The timestamp, before which none of the tokens in the grant
/// will be unlocked, and after which a linear amount based on
/// the time elapsed since the start will be unlocked.
/// @return policy The address of the grant's staking policy.
function getGrantUnlockingSchedule(
uint256 _id
) public view returns (
address grantManager,
uint256 duration,
uint256 start,
uint256 cliff,
address policy
) {
return (
grants[_id].grantManager,
grants[_id].duration,
grants[_id].start,
grants[_id].cliff,
address(grants[_id].stakingPolicy)
);
}
/// @notice Gets grant ids of the specified address.
/// @param _granteeOrGrantManager The address to query.
/// @return An uint256 array of grant IDs.
function getGrants(address _granteeOrGrantManager) public view returns (uint256[] memory) {
return grantIndices[_granteeOrGrantManager];
}
/// @notice Gets operator addresses of the specified grantee address.
/// @param grantee The grantee address.
/// @return An array of all operators for a given grantee.
function getGranteeOperators(address grantee) public view returns (address[] memory) {
return granteesToOperators[grantee];
}
/// @notice Gets grant stake details of the given operator.
/// @param operator The operator address.
/// @return grantId ID of the token grant.
/// @return amount The amount of tokens the given operator delegated.
/// @return stakingContract The address of staking contract.
function getGrantStakeDetails(address operator) public view returns (uint256 grantId, uint256 amount, address stakingContract) {
return grantStakes[operator].getDetails();
}
/// @notice Receives approval of token transfer and creates a token grant with a unlocking
/// schedule where balance withdrawn to the grantee gradually in a linear fashion until
/// start + duration. By then all of the balance will have unlocked.
/// @param _from The owner of the tokens who approved them to transfer.
/// @param _amount Approved amount for the transfer to create token grant.
/// @param _token Token contract address.
/// @param _extraData This byte array must have the following values ABI encoded:
/// grantManager (address) Address of the grant manager.
/// grantee (address) Address of the grantee.
/// duration (uint256) Duration in seconds of the unlocking period.
/// start (uint256) Timestamp at which unlocking will start.
/// cliffDuration (uint256) Duration in seconds of the cliff;
/// no tokens will be unlocked until the time `start + cliff`.
/// revocable (bool) Whether the token grant is revocable or not (1 or 0).
/// stakingPolicy (address) Address of the staking policy for the grant.
function receiveApproval(address _from, uint256 _amount, address _token, bytes memory _extraData) public {
require(ERC20Burnable(_token) == token, "Token contract must be the same one linked to this contract.");
require(_amount <= token.balanceOf(_from), "Sender must have enough amount.");
(address _grantManager,
address _grantee,
uint256 _duration,
uint256 _start,
uint256 _cliffDuration,
bool _revocable,
address _stakingPolicy) = abi.decode(
_extraData,
(address, address, uint256, uint256, uint256, bool, address)
);
require(_grantee != address(0), "Grantee address can't be zero.");
require(
_cliffDuration <= _duration,
"Unlocking cliff duration must be less or equal total unlocking duration."
);
require(_stakingPolicy != address(0), "Staking policy can't be zero.");
uint256 id = numGrants++;
grants[id] = Grant(
_grantManager,
_grantee,
0, 0, 0,
_revocable,
_amount,
_duration,
_start,
_start.add(_cliffDuration),
0, 0,
GrantStakingPolicy(_stakingPolicy)
);
// Maintain a record to make it easier to query grants by grant manager.
grantIndices[_from].push(id);
// Maintain a record to make it easier to query grants by grantee.
grantIndices[_grantee].push(id);
token.safeTransferFrom(_from, address(this), _amount);
// Maintain a record of the unlocked amount
balances[_grantee] = balances[_grantee].add(_amount);
emit TokenGrantCreated(id);
}
/// @notice Withdraws Token grant amount to grantee.
/// @dev Transfers unlocked tokens of the token grant to grantee.
/// @param _id Grant ID.
function withdraw(uint256 _id) public {
uint256 amount = withdrawable(_id);
require(amount > 0, "Grant available to withdraw amount should be greater than zero.");
// Update withdrawn amount.
grants[_id].withdrawn = grants[_id].withdrawn.add(amount);
// Update grantee grants balance.
balances[grants[_id].grantee] = balances[grants[_id].grantee].sub(amount);
// Transfer tokens from this contract balance to the grantee token balance.
token.safeTransfer(grants[_id].grantee, amount);
emit TokenGrantWithdrawn(_id, amount);
}
/// @notice Calculates and returns unlocked grant amount.
/// @dev Calculates token grant amount that has already unlocked,
/// including any tokens that have already been withdrawn by the grantee as well
/// as any tokens that are available to withdraw but have not yet been withdrawn.
/// @param _id Grant ID.
function unlockedAmount(uint256 _id) public view returns (uint256) {
Grant storage grant = grants[_id];
return (grant.revokedAt != 0)
// Grant revoked -> return what is remaining
? grant.amount.sub(grant.revokedAmount)
// Not revoked -> calculate the unlocked amount normally
: now.getUnlockedAmount(
grant.amount,
grant.duration,
grant.start,
grant.cliff
);
}
/// @notice Calculates withdrawable granted amount.
/// @dev Calculates the amount that has already unlocked but hasn't been withdrawn yet.
/// @param _id Grant ID.
function withdrawable(uint256 _id) public view returns (uint256) {
uint256 unlocked = unlockedAmount(_id);
uint256 withdrawn = grants[_id].withdrawn;
uint256 staked = grants[_id].staked;
if (withdrawn.add(staked) >= unlocked) {
return 0;
} else {
return unlocked.sub(withdrawn).sub(staked);
}
}
/// @notice Allows the grant manager to revoke the grant.
/// @dev Granted tokens that are already unlocked (releasable amount)
/// remain in the grant so grantee can still withdraw them
/// the rest are revoked and withdrawable by token grant manager.
/// @param _id Grant ID.
function revoke(uint256 _id) public {
require(grants[_id].grantManager == msg.sender, "Only grant manager can revoke.");
require(grants[_id].revocable, "Grant must be revocable in the first place.");
require(grants[_id].revokedAt == 0, "Grant must not be already revoked.");
uint256 unlockedAmount = unlockedAmount(_id);
uint256 revokedAmount = grants[_id].amount.sub(unlockedAmount);
grants[_id].revokedAt = now;
grants[_id].revokedAmount = revokedAmount;
// Update grantee's grants balance.
balances[grants[_id].grantee] = balances[grants[_id].grantee].sub(revokedAmount);
emit TokenGrantRevoked(_id);
}
/// @notice Allows the grant manager to withdraw revoked tokens.
/// @dev Will withdraw as many of the revoked tokens as possible
/// without pushing the grant contract into a token deficit.
/// If the grantee has staked more tokens than the unlocked amount,
/// those tokens will remain in the grant until undelegated and returned,
/// after which they can be withdrawn by calling `withdrawRevoked` again.
/// @param _id Grant ID.
function withdrawRevoked(uint256 _id) public {
Grant storage grant = grants[_id];
require(
grant.grantManager == msg.sender,
"Only grant manager can withdraw revoked tokens."
);
uint256 revoked = grant.revokedAmount;
uint256 revokedWithdrawn = grant.revokedWithdrawn;
require(revokedWithdrawn < revoked, "All revoked tokens withdrawn.");
uint256 revokedRemaining = revoked.sub(revokedWithdrawn);
uint256 totalAmount = grant.amount;
uint256 staked = grant.staked;
uint256 granteeWithdrawn = grant.withdrawn;
uint256 remainingPresentInGrant =
totalAmount.sub(staked).sub(revokedWithdrawn).sub(granteeWithdrawn);
require(remainingPresentInGrant > 0, "No revoked tokens withdrawable.");
uint256 amountToWithdraw = remainingPresentInGrant < revokedRemaining
? remainingPresentInGrant
: revokedRemaining;
token.safeTransfer(msg.sender, amountToWithdraw);
grant.revokedWithdrawn += amountToWithdraw;
}
/// @notice Stake token grant.
/// @dev Stakable token grant amount is determined
/// by the grant's staking policy.
/// @param _id Grant Id.
/// @param _stakingContract Address of the staking contract.
/// @param _amount Amount to stake.
/// @param _extraData Data for stake delegation. This byte array must have
/// the following values concatenated:
/// - Beneficiary address (20 bytes)
/// - Operator address (20 bytes)
/// - Authorizer address (20 bytes)
function stake(uint256 _id, address _stakingContract, uint256 _amount, bytes memory _extraData) public {
require(grants[_id].grantee == msg.sender, "Only grantee of the grant can stake it.");
require(grants[_id].revokedAt == 0, "Revoked grant can not be staked");
require(
stakingContracts[grants[_id].grantManager][_stakingContract],
"Provided staking contract is not authorized."
);
// Expecting 60 bytes _extraData for stake delegation.
require(_extraData.length == 60, "Stake delegation data must be provided.");
address operator = _extraData.toAddress(20);
// Calculate available amount. Amount of unlocked tokens minus what user already withdrawn and staked.
require(_amount <= availableToStake(_id), "Must have available granted amount to stake.");
// Keep staking record.
TokenGrantStake grantStake = new TokenGrantStake(
address(token),
_id,
_stakingContract
);
grantStakes[operator] = grantStake;
granteesToOperators[grants[_id].grantee].push(operator);
grants[_id].staked += _amount;
token.transfer(address(grantStake), _amount);
// Staking contract expects 40 bytes _extraData for stake delegation.
// 20 bytes beneficiary's address + 20 bytes operator's address.
grantStake.stake(_amount, _extraData);
emit TokenGrantStaked(_id, _amount, operator);
}
/// @notice Returns the amount of tokens available for staking from the grant.
/// The stakeable amount is determined by the staking policy of the grant.
/// If the grantee has withdrawn some tokens
/// or the policy returns an erroneously high value,
/// the stakeable amount is limited to the number of tokens remaining.
/// @param _grantId Identifier of the grant
function availableToStake(uint256 _grantId) public view returns (uint256) {
Grant storage grant = grants[_grantId];
// Revoked grants cannot be staked.
// If the grant isn't revoked, the number of revoked tokens is 0.
if (grant.revokedAt != 0) { return 0; }
uint256 amount = grant.amount;
uint256 withdrawn = grant.withdrawn;
uint256 remaining = amount.sub(withdrawn);
uint256 stakeable = grant.stakingPolicy.getStakeableAmount(
now,
amount,
grant.duration,
grant.start,
grant.cliff,
withdrawn
);
// Clamp the stakeable amount to what is left in the grant
// in the case of a malfunctioning staking policy.
if (stakeable > remaining) {
stakeable = remaining;
}
return stakeable.sub(grant.staked);
}
/// @notice Cancels delegation within the operator initialization period
/// without being subjected to the stake lockup for the undelegation period.
/// This can be used to undo mistaken delegation to the wrong operator address.
/// @param _operator Address of the stake operator.
function cancelStake(address _operator) public {
TokenGrantStake grantStake = grantStakes[_operator];
uint256 grantId = grantStake.getGrantId();
require(
msg.sender == _operator || msg.sender == grants[grantId].grantee,
"Only operator or grantee can cancel the delegation."
);
uint256 returned = grantStake.cancelStake();
grants[grantId].staked = grants[grantId].staked.sub(returned);
}
/// @notice Undelegate the token grant.
/// @param _operator Operator of the stake.
function undelegate(address _operator) public {
TokenGrantStake grantStake = grantStakes[_operator];
uint256 grantId = grantStake.getGrantId();
require(
msg.sender == _operator || msg.sender == grants[grantId].grantee,
"Only operator or grantee can undelegate."
);
grantStake.undelegate();
}
/// @notice Force cancellation of a revoked grant's stake.
/// Can be used by the grant manager
/// to immediately withdraw tokens back into the grant,
/// from an operator still within the initialization period.
/// These tokens can then be withdrawn
/// if some revoked tokens haven't been withdrawn yet.
function cancelRevokedStake(address _operator) public {
TokenGrantStake grantStake = grantStakes[_operator];
uint256 grantId = grantStake.getGrantId();
require(
grants[grantId].revokedAt != 0,
"Grant must be revoked"
);
require(
msg.sender == grants[grantId].grantManager,
"Only grant manager can force cancellation of revoked grant stake."
);
uint256 returned = grantStake.cancelStake();
grants[grantId].staked = grants[grantId].staked.sub(returned);
}
/// @notice Force undelegation of a revoked grant's stake.
/// @dev Can be called by the grant manager once the grant is revoked.
/// Has to be done this way, instead of undelegating all operators when the
/// grant is revoked, because the latter method is vulnerable to DoS via
/// out-of-gas.
function undelegateRevoked(address _operator) public {
TokenGrantStake grantStake = grantStakes[_operator];
uint256 grantId = grantStake.getGrantId();
require(
grants[grantId].revokedAt != 0,
"Grant must be revoked"
);
require(
msg.sender == grants[grantId].grantManager,
"Only grant manager can force undelegation of revoked grant stake"
);
grantStake.undelegate();
}
/// @notice Recover stake of the token grant.
/// Recovers the tokens correctly
/// even if they were earlier recovered directly in the staking contract.
/// @param _operator Operator of the stake.
function recoverStake(address _operator) public {
TokenGrantStake grantStake = grantStakes[_operator];
uint256 returned = grantStake.recoverStake();
uint256 grantId = grantStake.getGrantId();
grants[grantId].staked = grants[grantId].staked.sub(returned);
delete grantStakes[_operator];
}
}pragma solidity 0.5.17;
import "./AltBn128.sol";
/**
* @title BLS signatures verification
* @dev Library for verification of 2-pairing-check BLS signatures, including
* basic, aggregated, or reconstructed threshold BLS signatures, generated
* using the AltBn128 curve.
*/
library BLS {
/**
* @dev Creates a signature over message using the provided secret key.
*/
function sign(bytes memory message, uint256 secretKey) public view returns(bytes memory) {
AltBn128.G1Point memory p_1 = AltBn128.g1HashToPoint(message);
AltBn128.G1Point memory p_2 = AltBn128.scalarMultiply(p_1, secretKey);
return AltBn128.g1Marshal(p_2);
}
/**
* @dev Verify performs the pairing operation to check if the signature
* is correct for the provided message and the corresponding public key.
* Public key must be a valid point on G2 curve in an uncompressed format.
* Message must be a valid point on G1 curve in an uncompressed format.
* Signature must be a valid point on G1 curve in an uncompressed format.
*/
function verify(
bytes memory publicKey,
bytes memory message,
bytes memory signature
) public view returns (bool) {
AltBn128.G1Point memory _signature = AltBn128.g1Unmarshal(signature);
return AltBn128.pairing(
AltBn128.G1Point(_signature.x, AltBn128.getP() - _signature.y),
AltBn128.g2(),
AltBn128.g1Unmarshal(message),
AltBn128.g2Unmarshal(publicKey)
);
}
/**
* @dev VerifyBytes wraps the functionality of BLS.verify, but hashes a message
* to a point on G1 and marshal to bytes first to allow raw bytes verificaion.
*/
function verifyBytes(
bytes memory publicKey,
bytes memory message,
bytes memory signature
) public view returns (bool) {
AltBn128.G1Point memory point = AltBn128.g1HashToPoint(message);
bytes memory messageAsPoint = AltBn128.g1Marshal(point);
return verify(publicKey, messageAsPoint, signature);
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import { AuthorityVerifier } from "../../Authorizations.sol";
import "./LockUtils.sol";
library Locks {
using SafeMath for uint256;
using LockUtils for LockUtils.LockSet;
event StakeLocked(address indexed operator, address lockCreator, uint256 until);
event LockReleased(address indexed operator, address lockCreator);
event ExpiredLockReleased(address indexed operator, address lockCreator);
uint256 public constant maximumLockDuration = 86400 * 200; // 200 days in seconds
struct Storage {
// Locks placed on the operator.
// `operatorLocks[operator]` returns all locks placed on the operator.
// Each authorized operator contract can place one lock on an operator.
mapping(address => LockUtils.LockSet) operatorLocks;
}
function lockStake(
Storage storage self,
address operator,
uint256 duration
) public {
require(duration <= maximumLockDuration, "Lock duration too long");
self.operatorLocks[operator].setLock(
msg.sender,
uint96(block.timestamp.add(duration))
);
emit StakeLocked(operator, msg.sender, block.timestamp.add(duration));
}
function releaseLock(
Storage storage self,
address operator
) public {
self.operatorLocks[operator].releaseLock(msg.sender);
emit LockReleased(operator, msg.sender);
}
function releaseExpiredLock(
Storage storage self,
address operator,
address operatorContract,
address authorityVerifier
) public {
LockUtils.LockSet storage locks = self.operatorLocks[operator];
require(
locks.contains(operatorContract),
"No matching lock present"
);
bool expired = block.timestamp >= locks.getLockTime(operatorContract);
bool disabled = !AuthorityVerifier(authorityVerifier)
.isApprovedOperatorContract(operatorContract);
require(
expired || disabled,
"Lock still active and valid"
);
locks.releaseLock(operatorContract);
emit ExpiredLockReleased(operator, operatorContract);
}
/// @dev AuthorityVerifier is a trusted implementation and not a third-party,
/// external contract. AuthorityVerifier never reverts on the check and
/// has a reasonable gas consumption.
function isStakeLocked(
Storage storage self,
address operator,
address authorityVerifier
) public view returns (bool) {
LockUtils.Lock[] storage _locks = self.operatorLocks[operator].locks;
LockUtils.Lock memory lock;
for (uint i = 0; i < _locks.length; i++) {
lock = _locks[i];
if (block.timestamp < lock.expiresAt) {
if (
AuthorityVerifier(authorityVerifier)
.isApprovedOperatorContract(lock.creator)
) {
return true;
}
}
}
return false;
}
function isStakeReleased(
Storage storage self,
address operator,
address operatorContract
) public view returns (bool) {
LockUtils.LockSet storage locks = self.operatorLocks[operator];
// `getLockTime` returns 0 if the lock doesn't exist,
// thus we don't need to check for its presence separately.
return block.timestamp >= locks.getLockTime(operatorContract);
}
function getLocks(
Storage storage self,
address operator
) public view returns (address[] memory creators, uint256[] memory expirations) {
uint256 lockCount = self.operatorLocks[operator].locks.length;
creators = new address[](lockCount);
expirations = new uint256[](lockCount);
LockUtils.Lock memory lock;
for (uint i = 0; i < lockCount; i++) {
lock = self.operatorLocks[operator].locks[i];
creators[i] = lock.creator;
expirations[i] = lock.expiresAt;
}
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "../../TokenStakingEscrow.sol";
import "../../utils/OperatorParams.sol";
/// @notice TokenStaking contract library allowing to perform two-step stake
/// top-ups for existing delegations.
/// Top-up is a two-step process: it is initiated with a declared top-up value
/// and after waiting for at least the initialization period it can be
/// committed.
library TopUps {
using SafeMath for uint256;
using OperatorParams for uint256;
event TopUpInitiated(address indexed operator, uint256 topUp);
event TopUpCompleted(address indexed operator, uint256 newAmount);
struct TopUp {
uint256 amount;
uint256 createdAt;
}
struct Storage {
// operator -> TopUp
mapping(address => TopUp) topUps;
}
/// @notice Performs top-up in one step when stake is not yet initialized by
/// adding the top-up amount to the stake and resetting stake initialization
/// time counter.
/// @dev This function should be called only for not yet initialized stake.
/// @param value Top-up value, the number of tokens added to the stake.
/// @param operator Operator The operator with existing delegation to which
/// the tokens should be added to.
/// @param operatorParams Parameters of that operator, as stored in the
/// staking contract.
/// @param escrow Reference to TokenStakingEscrow contract.
/// @return New value of parameters. It should be updated for the operator
/// in the staking contract.
function instantComplete(
Storage storage self,
uint256 value,
address operator,
uint256 operatorParams,
TokenStakingEscrow escrow
) public returns (uint256 newParams) {
// Stake is not yet initialized so we don't need to check if the
// operator is not undelegating - initializing and undelegating at the
// same time is not possible. We do however, need to check whether the
// operator has not canceled its previous stake for that operator,
// depositing the stake it in the escrow. We do not want to allow
// resurrecting operators with cancelled stake by top-ups.
require(
!escrow.hasDeposit(operator),
"Stake for the operator already deposited in the escrow"
);
require(value > 0, "Top-up value must be greater than zero");
uint256 newAmount = operatorParams.getAmount().add(value);
newParams = operatorParams.setAmountAndCreationTimestamp(
newAmount,
block.timestamp
);
emit TopUpCompleted(operator, newAmount);
}
/// @notice Initiates top-up of the given value for tokens delegated to
/// the provided operator. If there is an existing top-up still
/// initializing, top-up values are summed up and initialization period
/// is set to the current block timestamp.
/// @dev This function should be called only for active operators with
/// initialized stake.
/// @param value Top-up value, the number of tokens added to the stake.
/// @param operator Operator The operator with existing delegation to which
/// the tokens should be added to.
/// @param operatorParams Parameters of that operator, as stored in the
/// staking contract.
/// @param escrow Reference to TokenStakingEscrow contract.
function initiate(
Storage storage self,
uint256 value,
address operator,
uint256 operatorParams,
TokenStakingEscrow escrow
) public {
// Stake is initialized, the operator is still active so we need
// to check if it's not undelegating.
require(!isUndelegating(operatorParams), "Stake undelegated");
// We also need to check if the stake for the operator is not already
// in the escrow because it's been previously cancelled.
require(
!escrow.hasDeposit(operator),
"Stake for the operator already deposited in the escrow"
);
require(value > 0, "Top-up value must be greater than zero");
TopUp memory awaiting = self.topUps[operator];
self.topUps[operator] = TopUp(awaiting.amount.add(value), now);
emit TopUpInitiated(operator, value);
}
/// @notice Commits the top-up if it passed the initialization period.
/// Tokens are added to the stake once the top-up is committed.
/// @param operator Operator The operator with a pending stake top-up.
/// @param initializationPeriod Stake initialization period.
function commit(
Storage storage self,
address operator,
uint256 operatorParams,
uint256 initializationPeriod
) public returns (uint256 newParams) {
TopUp memory topUp = self.topUps[operator];
require(topUp.amount > 0, "No top up to commit");
require(
now > topUp.createdAt.add(initializationPeriod),
"Stake is initializing"
);
uint256 newAmount = operatorParams.getAmount().add(topUp.amount);
newParams = operatorParams.setAmount(newAmount);
delete self.topUps[operator];
emit TopUpCompleted(operator, newAmount);
}
/// @notice Cancels pending, initiating top-up. If there is no initiating
/// top-up for the operator, function does nothing. This function should be
/// used when the stake is recovered to return tokens from a pending,
/// initiating top-up.
/// @param operator Operator The operator from which the stake is recovered.
function cancel(
Storage storage self,
address operator
) public returns (uint256) {
TopUp memory topUp = self.topUps[operator];
if (topUp.amount == 0) {
return 0;
}
delete self.topUps[operator];
return topUp.amount;
}
/// @notice Returns true if the given operatorParams indicate that the
/// operator is undelegating its stake or that it completed stake
/// undelegation.
/// @param operatorParams Parameters of the operator, as stored in the
/// staking contract.
function isUndelegating(uint256 operatorParams)
internal view returns (bool) {
uint256 undelegatedAt = operatorParams.getUndelegationTimestamp();
return (undelegatedAt != 0) && (block.timestamp > undelegatedAt);
}
}pragma solidity 0.5.17;
import "openzeppelin-solidity/contracts/math/SafeMath.sol";
library PercentUtils {
using SafeMath for uint256;
// Return `b`% of `a`
// 200.percent(40) == 80
// Commutative, works both ways
function percent(uint256 a, uint256 b) internal pure returns (uint256) {
return a.mul(b).div(100);
}
// Return `a` as percentage of `b`:
// 80.asPercentOf(200) == 40
function asPercentOf(uint256 a, uint256 b) internal pure returns (uint256) {
return a.mul(100).div(b);
}
}pragma solidity 0.5.17;
/*
Verison pulled from https://github.com/summa-tx/bitcoin-spv/blob/2535e4edaeaac4b2b095903fce684ae1c05761bc/solidity/contracts/BytesLib.sol
*/
/*
https://github.com/GNSPS/solidity-bytes-utils/
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <https://unlicense.org>
*/
/** @title BytesLib **/
/** @author https://github.com/GNSPS **/
library BytesLib {
function concat(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bytes memory) {
bytes memory tempBytes;
assembly {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// Store the length of the first bytes array at the beginning of
// the memory for tempBytes.
let length := mload(_preBytes)
mstore(tempBytes, length)
// Maintain a memory counter for the current write location in the
// temp bytes array by adding the 32 bytes for the array length to
// the starting location.
let mc := add(tempBytes, 0x20)
// Stop copying when the memory counter reaches the length of the
// first bytes array.
let end := add(mc, length)
for {
// Initialize a copy counter to the start of the _preBytes data,
// 32 bytes into its memory.
let cc := add(_preBytes, 0x20)
} lt(mc, end) {
// Increase both counters by 32 bytes each iteration.
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// Write the _preBytes data into the tempBytes memory 32 bytes
// at a time.
mstore(mc, mload(cc))
}
// Add the length of _postBytes to the current length of tempBytes
// and store it as the new length in the first 32 bytes of the
// tempBytes memory.
length := mload(_postBytes)
mstore(tempBytes, add(length, mload(tempBytes)))
// Move the memory counter back from a multiple of 0x20 to the
// actual end of the _preBytes data.
mc := end
// Stop copying when the memory counter reaches the new combined
// length of the arrays.
end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
// Update the free-memory pointer by padding our last write location
// to 32 bytes: add 31 bytes to the end of tempBytes to move to the
// next 32 byte block, then round down to the nearest multiple of
// 32. If the sum of the length of the two arrays is zero then add
// one before rounding down to leave a blank 32 bytes (the length block with 0).
mstore(0x40, and(
add(add(end, iszero(add(length, mload(_preBytes)))), 31),
not(31) // Round down to the nearest 32 bytes.
))
}
return tempBytes;
}
function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {
assembly {
// Read the first 32 bytes of _preBytes storage, which is the length
// of the array. (We don't need to use the offset into the slot
// because arrays use the entire slot.)
let fslot := sload(_preBytes_slot)
// Arrays of 31 bytes or less have an even value in their slot,
// while longer arrays have an odd value. The actual length is
// the slot divided by two for odd values, and the lowest order
// byte divided by two for even values.
// If the slot is even, bitwise and the slot with 255 and divide by
// two to get the length. If the slot is odd, bitwise and the slot
// with -1 and divide by two.
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
let newlength := add(slength, mlength)
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
switch add(lt(slength, 32), lt(newlength, 32))
case 2 {
// Since the new array still fits in the slot, we just need to
// update the contents of the slot.
// uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length
sstore(
_preBytes_slot,
// all the modifications to the slot are inside this
// next block
add(
// we can just add to the slot contents because the
// bytes we want to change are the LSBs
fslot,
add(
mul(
div(
// load the bytes from memory
mload(add(_postBytes, 0x20)),
// zero all bytes to the right
exp(0x100, sub(32, mlength))
),
// and now shift left the number of bytes to
// leave space for the length in the slot
exp(0x100, sub(32, newlength))
),
// increase length by the double of the memory
// bytes length
mul(mlength, 2)
)
)
)
}
case 1 {
// The stored value fits in the slot, but the combined value
// will exceed it.
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes_slot)
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes_slot, add(mul(newlength, 2), 1))
// The contents of the _postBytes array start 32 bytes into
// the structure. Our first read should obtain the `submod`
// bytes that can fit into the unused space in the last word
// of the stored array. To get this, we read 32 bytes starting
// from `submod`, so the data we read overlaps with the array
// contents by `submod` bytes. Masking the lowest-order
// `submod` bytes allows us to add that value directly to the
// stored value.
let submod := sub(32, slength)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(
sc,
add(
and(
fslot,
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00
),
and(mload(mc), mask)
)
)
for {
mc := add(mc, 0x20)
sc := add(sc, 1)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
default {
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes_slot)
// Start copying to the last used word of the stored array.
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes_slot, add(mul(newlength, 2), 1))
// Copy over the first `submod` bytes of the new data as in
// case 1 above.
let slengthmod := mod(slength, 32)
let mlengthmod := mod(mlength, 32)
let submod := sub(32, slengthmod)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(sc, add(sload(sc), and(mload(mc), mask)))
for {
sc := add(sc, 1)
mc := add(mc, 0x20)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
}
}
function slice(bytes memory _bytes, uint _start, uint _length) internal pure returns (bytes memory res) {
uint _end = _start + _length;
require(_end > _start && _bytes.length >= _end, "Slice out of bounds");
assembly {
// Alloc bytes array with additional 32 bytes afterspace and assign it's size
res := mload(0x40)
mstore(0x40, add(add(res, 64), _length))
mstore(res, _length)
// Compute distance between source and destination pointers
let diff := sub(res, add(_bytes, _start))
for {
let src := add(add(_bytes, 32), _start)
let end := add(src, _length)
} lt(src, end) {
src := add(src, 32)
} {
mstore(add(src, diff), mload(src))
}
}
}
function toAddress(bytes memory _bytes, uint _start) internal pure returns (address) {
uint _totalLen = _start + 20;
require(_totalLen > _start && _bytes.length >= _totalLen, "Address conversion out of bounds.");
address tempAddress;
assembly {
tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
}
return tempAddress;
}
function toUint8(bytes memory _bytes, uint _start) internal pure returns (uint8) {
require(_bytes.length >= (_start + 1), "Uint8 conversion out of bounds.");
uint8 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x1), _start))
}
return tempUint;
}
function toUint(bytes memory _bytes, uint _start) internal pure returns (uint256) {
uint _totalLen = _start + 32;
require(_totalLen > _start && _bytes.length >= _totalLen, "Uint conversion out of bounds.");
uint256 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x20), _start))
}
return tempUint;
}
function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {
bool success = true;
assembly {
let length := mload(_preBytes)
// if lengths don't match the arrays are not equal
switch eq(length, mload(_postBytes))
case 1 {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
let mc := add(_preBytes, 0x20)
let end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
// the next line is the loop condition:
// while(uint(mc < end) + cb == 2)
} eq(add(lt(mc, end), cb), 2) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// if any of these checks fails then arrays are not equal
if iszero(eq(mload(mc), mload(cc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
function equalStorage(bytes storage _preBytes, bytes memory _postBytes) internal view returns (bool) {
bool success = true;
assembly {
// we know _preBytes_offset is 0
let fslot := sload(_preBytes_slot)
// Decode the length of the stored array like in concatStorage().
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
// if lengths don't match the arrays are not equal
switch eq(slength, mlength)
case 1 {
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
if iszero(iszero(slength)) {
switch lt(slength, 32)
case 1 {
// blank the last byte which is the length
fslot := mul(div(fslot, 0x100), 0x100)
if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
// unsuccess:
success := 0
}
}
default {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes_slot)
let sc := keccak256(0x0, 0x20)
let mc := add(_postBytes, 0x20)
let end := add(mc, mlength)
// the next line is the loop condition:
// while(uint(mc < end) + cb == 2)
for {} eq(add(lt(mc, end), cb), 2) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
if iszero(eq(sload(sc), mload(mc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
function toBytes32(bytes memory _source) pure internal returns (bytes32 result) {
if (_source.length == 0) {
return 0x0;
}
assembly {
result := mload(add(_source, 32))
}
}
function keccak256Slice(bytes memory _bytes, uint _start, uint _length) pure internal returns (bytes32 result) {
uint _end = _start + _length;
require(_end > _start && _bytes.length >= _end, "Slice out of bounds");
assembly {
result := keccak256(add(add(_bytes, 32), _start), _length)
}
}
}pragma solidity ^0.5.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*/
contract ReentrancyGuard {
// counter to allow mutex lock with only one SSTORE operation
uint256 private _guardCounter;
constructor () internal {
// The counter starts at one to prevent changing it from zero to a non-zero
// value, which is a more expensive operation.
_guardCounter = 1;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_guardCounter += 1;
uint256 localCounter = _guardCounter;
_;
require(localCounter == _guardCounter, "ReentrancyGuard: reentrant call");
}
}pragma solidity ^0.5.0;
import "../GSN/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor () internal {
_owner = _msgSender();
emit OwnershipTransferred(address(0), _owner);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(isOwner(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Returns true if the caller is the current owner.
*/
function isOwner() public view returns (bool) {
return _msgSender() == _owner;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public onlyOwner {
emit OwnershipTransferred(_owner, address(0));
_owner = address(0);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public onlyOwner {
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
*/
function _transferOwnership(address newOwner) internal {
require(newOwner != address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferred(_owner, newOwner);
_owner = newOwner;
}
}{
"libraries": {
"solidity/contracts/KeepRandomBeaconOperator.sol": {
"BLS": "0xa10aD2570ea7b93d19fDae6Bd7189fF4929Bc747",
"Groups": "0xeec3e1799f908E7D1F367C71d6F2abCE5f63239B",
"GroupSelection": "0xF94D0d0471Ae14B6310d94fA4F95e5fc9f3ffC17",
"DKGResultVerification": "0xaaC423eDC4E3ee9ef81517e8093d52737165b71F",
"Reimbursements": "0x9b4E397A79ED197d5f8a835613A4326903fAa3d2",
"DelayFactor": "0xC08dcC93130Ab30987dD7fe64e011402BbE5FdA6"
}
},
"optimizer": {
"enabled": true,
"runs": 200
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"abi"
]
}
}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"address","name":"_serviceContract","type":"address"},{"internalType":"address","name":"_tokenStaking","type":"address"},{"internalType":"address","name":"_keepRegistry","type":"address"},{"internalType":"address","name":"_gasPriceOracle","type":"address"}],"payable":false,"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"memberIndex","type":"uint256"},{"indexed":false,"internalType":"bytes","name":"groupPubKey","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"misbehaved","type":"bytes"}],"name":"DkgResultSubmittedEvent","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"beneficiary","type":"address"},{"indexed":false,"internalType":"address","name":"operator","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"GroupMemberRewardsWithdrawn","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"newEntry","type":"uint256"}],"name":"GroupSelectionStarted","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bytes","name":"groupPubKey","type":"bytes"}],"name":"OnGroupRegistered","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bytes","name":"previousEntry","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"groupPublicKey","type":"bytes"}],"name":"RelayEntryRequested","type":"event"},{"anonymous":false,"inputs":[],"name":"RelayEntrySubmitted","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"RelayEntryTimeoutReported","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"UnauthorizedSigningReported","type":"event"},{"constant":false,"inputs":[{"internalType":"address","name":"serviceContract","type":"address"}],"name":"addServiceContract","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"internalType":"uint256","name":"_newEntry","type":"uint256"},{"internalType":"address payable","name":"submitter","type":"address"}],"name":"createGroup","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"constant":true,"inputs":[],"name":"currentRequestGroupIndex","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"currentRequestPreviousEntry","outputs":[{"internalType":"bytes","name":"","type":"bytes"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"currentRequestStartBlock","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"dkgGasEstimate","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"dkgSubmitterReimbursementFee","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"entryVerificationFee","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"entryVerificationGasEstimate","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"gasPriceCeiling","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[],"name":"genesis","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"constant":true,"inputs":[],"name":"getFirstActiveGroupIndex","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"bytes","name":"groupPubKey","type":"bytes"}],"name":"getGroupMemberRewards","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"bytes","name":"groupPubKey","type":"bytes"}],"name":"getGroupMembers","outputs":[{"internalType":"address[]","name":"members","type":"address[]"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"getGroupPublicKey","outputs":[{"internalType":"bytes","name":"","type":"bytes"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"getGroupRegistrationTime","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"getNumberOfCreatedGroups","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupCreationFee","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupMemberBaseReward","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupProfitFee","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupSelectionGasEstimate","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupSize","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"groupThreshold","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"address","name":"staker","type":"address"}],"name":"hasMinimumStake","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"address","name":"operator","type":"address"},{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"hasWithdrawnRewards","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"isEntryInProgress","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"bytes","name":"groupPubKey","type":"bytes"}],"name":"isGroupRegistered","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"isGroupSelectionPossible","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"isGroupTerminated","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[{"internalType":"bytes","name":"groupPubKey","type":"bytes"}],"name":"isStaleGroup","outputs":[{"internalType":"bool","name":"","type":"bool"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"numberOfGroups","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[],"name":"refreshGasPrice","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"internalType":"bytes","name":"_groupSignature","type":"bytes"}],"name":"relayEntry","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[],"name":"relayEntryTimeout","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[],"name":"reportRelayEntryTimeout","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"},{"internalType":"bytes","name":"signedMsgSender","type":"bytes"}],"name":"reportUnauthorizedSigning","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[],"name":"resultPublicationBlockStep","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"selectedParticipants","outputs":[{"internalType":"address[]","name":"","type":"address[]"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"internalType":"uint256","name":"requestId","type":"uint256"},{"internalType":"bytes","name":"previousEntry","type":"bytes"}],"name":"sign","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"constant":false,"inputs":[{"internalType":"uint256","name":"submitterMemberIndex","type":"uint256"},{"internalType":"bytes","name":"groupPubKey","type":"bytes"},{"internalType":"bytes","name":"misbehaved","type":"bytes"},{"internalType":"bytes","name":"signatures","type":"bytes"},{"internalType":"uint256[]","name":"signingMembersIndexes","type":"uint256[]"}],"name":"submitDkgResult","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"internalType":"bytes32","name":"ticket","type":"bytes32"}],"name":"submitTicket","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[],"name":"submittedTickets","outputs":[{"internalType":"uint64[]","name":"","type":"uint64[]"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"ticketSubmissionTimeout","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"internalType":"address","name":"operator","type":"address"},{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"withdrawGroupMemberRewards","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"}]Contract Creation Code
608060405266038d7ea4c68000601d55640df8475800601e556040601f556021602055600660215562000045602154601f546200017860201b620033ab1790919060201c565b602255620445c0602355621a8ce060245562030d406025553480156200006a57600080fd5b506040516200445a3803806200445a833981810160405260808110156200009057600080fd5b50805160208083015160408401516060909401516001600081815560198054928301815590527f944998273e477b495144fb8794c914197f3ccb46be2900f4698fd0ef743c96950180546001600160a01b03199081166001600160a01b0380881691909117909255601b805482168386161790819055601a80548316848a16179055601c805483168486161790556014805491909316911617905562013b00600b55602254600c55604e600455601f54600a8190556048601555602154601655601781905592549394919391929091600291036020549190040160185550620001df92505050565b6000826200018957506000620001d9565b828202828482816200019757fe5b0414620001d65760405162461bcd60e51b8152600401808060200182810382526021815260200180620044396021913960400191505060405180910390fd5b90505b92915050565b61424a80620001ef6000396000f3fe6080604052600436106102665760003560e01c80637d7d7dd911610144578063c300d058116100b6578063d12f5e691161007a578063d12f5e6914610c78578063e1f4d63214610d29578063e581ff7414610d3e578063eb9488d314610df6578063ef7c8f9c14610e0b578063fdd18b1314610e3557610266565b8063c300d05814610bf8578063c443894614610c0d578063c45751cd14610c22578063c96e71fb14610c37578063c98622fb14610c6357610266565b80639dabee44116101085780639dabee4414610a4f578063a7f0b3de14610b00578063ac374f4b14610b08578063b1c77c8f14610bb9578063b99f0c4314610bce578063bf95249614610be357610266565b80637d7d7dd914610926578063885c02041461093b5780638a3a3da8146109655780638e9e56a51461098f5780639b3d270a146109a457610266565b80635c1c0710116101dd5780636dcc64f8116101a15780636dcc64f81461065b5780636e5636e4146106705780637031b7ff1461068557806373f1daab1461069a5780637760c6c7146108de57806379f9fb7e1461091157610266565b80635c1c07101461054a5780635ec60d611461057d578063618c2656146105a75780636262d54e1461063157806363b635ea1461064657610266565b806324f173131161022f57806324f17313146103e85780632d6f8f31146103fd57806336c85717146104ae578063376f7a11146104c35780633926c28e146104fc578063517471a91461053557610266565b80623bf87e1461026b5780630b19991f146102925780631c524ac2146102f75780631ed74070146103bc57806321a8f86c146103d3575b600080fd5b34801561027757600080fd5b50610280610e4a565b60408051918252519081900360200190f35b34801561029e57600080fd5b506102a7610e50565b60408051602080825283518183015283519192839290830191858101910280838360005b838110156102e35781810151838201526020016102cb565b505050509050019250505060405180910390f35b34801561030357600080fd5b506103a86004803603602081101561031a57600080fd5b810190602081018135600160201b81111561033457600080fd5b82018360208201111561034657600080fd5b803590602001918460018302840111600160201b8311171561036757600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550610f71945050505050565b604080519115158252519081900360200190f35b3480156103c857600080fd5b506103d1610f8a565b005b3480156103df57600080fd5b506103a8611152565b3480156103f457600080fd5b50610280611181565b34801561040957600080fd5b506103a86004803603602081101561042057600080fd5b810190602081018135600160201b81111561043a57600080fd5b82018360208201111561044c57600080fd5b803590602001918460018302840111600160201b8311171561046d57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550611187945050505050565b3480156104ba57600080fd5b50610280611276565b3480156104cf57600080fd5b506103a8600480360360408110156104e657600080fd5b506001600160a01b03813516906020013561127c565b34801561050857600080fd5b506103d16004803603604081101561051f57600080fd5b506001600160a01b03813516906020013561131b565b34801561054157600080fd5b506102806115bb565b34801561055657600080fd5b506103a86004803603602081101561056d57600080fd5b50356001600160a01b03166115d9565b34801561058957600080fd5b50610280600480360360208110156105a057600080fd5b5035611643565b3480156105b357600080fd5b506105bc61169f565b6040805160208082528351818301528351919283929083019185019080838360005b838110156105f65781810151838201526020016105de565b50505050905090810190601f1680156106235780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561063d57600080fd5b506102a761172d565b34801561065257600080fd5b506102806117bc565b34801561066757600080fd5b506102806117c2565b34801561067c57600080fd5b506103a86117c8565b34801561069157600080fd5b506102806117d0565b3480156106a657600080fd5b506103d1600480360360a08110156106bd57600080fd5b81359190810190604081016020820135600160201b8111156106de57600080fd5b8201836020820111156106f057600080fd5b803590602001918460018302840111600160201b8311171561071157600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b81111561076357600080fd5b82018360208201111561077557600080fd5b803590602001918460018302840111600160201b8311171561079657600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b8111156107e857600080fd5b8201836020820111156107fa57600080fd5b803590602001918460018302840111600160201b8311171561081b57600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b81111561086d57600080fd5b82018360208201111561087f57600080fd5b803590602001918460208302840111600160201b831117156108a057600080fd5b9190808060200260200160405190810160405280939291908181526020018383602002808284376000920191909152509295506117d6945050505050565b3480156108ea57600080fd5b506103d16004803603602081101561090157600080fd5b50356001600160a01b0316611e61565b34801561091d57600080fd5b50610280611f75565b34801561093257600080fd5b50610280611f7b565b34801561094757600080fd5b506103a86004803603602081101561095e57600080fd5b5035611f81565b34801561097157600080fd5b506103d16004803603602081101561098857600080fd5b5035611f94565b34801561099b57600080fd5b506102806120a1565b6103d1600480360360408110156109ba57600080fd5b81359190810190604081016020820135600160201b8111156109db57600080fd5b8201836020820111156109ed57600080fd5b803590602001918460018302840111600160201b83111715610a0e57600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295506120a7945050505050565b348015610a5b57600080fd5b5061028060048036036020811015610a7257600080fd5b810190602081018135600160201b811115610a8c57600080fd5b820183602082011115610a9e57600080fd5b803590602001918460018302840111600160201b83111715610abf57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612204945050505050565b6103d161226f565b348015610b1457600080fd5b506103d160048036036020811015610b2b57600080fd5b810190602081018135600160201b811115610b4557600080fd5b820183602082011115610b5757600080fd5b803590602001918460018302840111600160201b83111715610b7857600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612407945050505050565b348015610bc557600080fd5b50610280612aac565b348015610bda57600080fd5b50610280612ab2565b348015610bef57600080fd5b50610280612ab8565b348015610c0457600080fd5b50610280612ac4565b348015610c1957600080fd5b50610280612aef565b348015610c2e57600080fd5b506103d1612b08565b6103d160048036036040811015610c4d57600080fd5b50803590602001356001600160a01b0316612b87565b348015610c6f57600080fd5b50610280612d95565b348015610c8457600080fd5b506102a760048036036020811015610c9b57600080fd5b810190602081018135600160201b811115610cb557600080fd5b820183602082011115610cc757600080fd5b803590602001918460018302840111600160201b83111715610ce857600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612d9b945050505050565b348015610d3557600080fd5b50610280612f27565b348015610d4a57600080fd5b506103d160048036036040811015610d6157600080fd5b81359190810190604081016020820135600160201b811115610d8257600080fd5b820183602082011115610d9457600080fd5b803590602001918460018302840111600160201b83111715610db557600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612f2d945050505050565b348015610e0257600080fd5b506102806130c3565b348015610e1757600080fd5b506105bc60048036036020811015610e2e57600080fd5b50356130c9565b348015610e4157600080fd5b506102806130dc565b60245481565b6060600173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc1763a3c6b2b390916040518263ffffffff1660e01b81526004018082815260200191505060006040518083038186803b158015610ea457600080fd5b505af4158015610eb8573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f191682016040526020811015610ee157600080fd5b8101908080516040519392919084600160201b821115610f0057600080fd5b908301906020820185811115610f1557600080fd5b82518660208202830111600160201b82111715610f3157600080fd5b82525081516020918201928201910280838360005b83811015610f5e578181015183820152602001610f46565b5050505090500160405250505090505b90565b6000610f84600b8363ffffffff6130e216565b92915050565b610f92613152565b610fdc576040805162461bcd60e51b8152602060048201526016602482015275115b9d1c9e48191a59081b9bdd081d1a5b59481bdd5d60521b604482015290519081900360640190fd5b600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b63a24940029091602a54601f546040518463ffffffff1660e01b815260040180848152602001838152602001828152602001935050505060006040518083038186803b15801561104257600080fd5b505af4158015611056573d6000803e3d6000fd5b505050506000602981905550600061106c612ab8565b111561112457602854602b8054604080516020601f600260001961010060018816150201909516949094049384018190048102820181019092528281526111249493909290918301828280156111035780601f106110d857610100808354040283529160200191611103565b820191906000526020600020905b8154815290600101906020018083116110e657829003601f168201915b5050602e54602c54602d546001600160a01b0390921694509250905061316f565b602a546040517f6675fe3ae219641aa4ec9e58867bd7af88bf03caf819d8858f3ddf4cc635eed290600090a2565b60065460009060ff1661116757506001610f6e565b50602154601f546015546004546005540101910201431190565b60255481565b6040805163664d9be160e11b8152600b600482018181526024830193845284516044840152845160009473eec3e1799f908e7d1f367c71d6f2abce5f63239b9463cc9b37c2949388939092916064019060208501908083838c5b838110156111f95781810151838201526020016111e1565b50505050905090810190601f1680156112265780820380516001836020036101000a031916815260200191505b50935050505060206040518083038186803b15801561124457600080fd5b505af4158015611258573d6000803e3d6000fd5b505050506040513d602081101561126e57600080fd5b505192915050565b60215481565b6040805163251be5d160e11b8152600b60048201526001600160a01b038416602482015260448101839052905160009173eec3e1799f908e7d1f367c71d6f2abce5f63239b91634a37cba291606480820192602092909190829003018186803b1580156112e857600080fd5b505af41580156112fc573d6000803e3d6000fd5b505050506040513d602081101561131257600080fd5b50519392505050565b60008054600101808255604080516319818cd360e01b8152600b60048201526001600160a01b038616602482015260448101859052905191929173eec3e1799f908e7d1f367c71d6f2abce5f63239b916319818cd3916064808301926020929190829003018186803b15801561139057600080fd5b505af41580156113a4573d6000803e3d6000fd5b505050506040513d60208110156113ba57600080fd5b5051601b546040805163ba7bffd360e01b81526001600160a01b0388811660048301529151939450600093919092169163ba7bffd3916024808301926020929190829003018186803b15801561140f57600080fd5b505afa158015611423573d6000803e3d6000fd5b505050506040513d602081101561143957600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114611485576040519150601f19603f3d011682016040523d82523d6000602084013e61148a565b606091505b50509050801561155e57601b546040805163ba7bffd360e01b81526001600160a01b0388811660048301529151919092169163ba7bffd3916024808301926020929190829003018186803b1580156114e157600080fd5b505afa1580156114f5573d6000803e3d6000fd5b505050506040513d602081101561150b57600080fd5b5051604080516001600160a01b03888116825260208201869052818301889052915191909216917fd2d1d8bb9db82c3480418ddcddf25a021102ad139edec2a62b274595d408a88d919081900360600190a25b505060005481146115b6576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b505050565b60006115d4601e546023546133ab90919063ffffffff16565b905090565b601b5460408051624298fb60e61b81526001600160a01b038481166004830152306024830152915160009392909216916310a63ec091604480820192602092909190829003018186803b15801561162f57600080fd5b505afa158015611258573d6000803e3d6000fd5b6000600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b634732bd3b9091846040518363ffffffff1660e01b8152600401808381526020018281526020019250505060206040518083038186803b15801561124457600080fd5b602b805460408051602060026001851615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156117255780601f106116fa57610100808354040283529160200191611725565b820191906000526020600020905b81548152906001019060200180831161170857829003601f168201915b505050505081565b606060016000018054806020026020016040519081016040528092919081815260200182805480156117b257602002820191906000526020600020906000905b82829054906101000a900467ffffffffffffffff1667ffffffffffffffff168152602001906008019060208260070104928301926001038202915080841161176d5790505b5050505050905090565b601f5481565b60205481565b602954151590565b602a5481565b600080546001019081905560606117eb610e50565b9050601573aac423edc4e3ee9ef81517e8093d52737165b71f63da0a16899091898989898988600160030154600160040154016040518963ffffffff1660e01b815260040180898152602001888152602001806020018060200180602001806020018060200187815260200186810386528c818151815260200191508051906020019080838360005b8381101561188c578181015183820152602001611874565b50505050905090810190601f1680156118b95780820380516001836020036101000a031916815260200191505b5086810385528b5181528b516020918201918d019080838360005b838110156118ec5781810151838201526020016118d4565b50505050905090810190601f1680156119195780820380516001836020036101000a031916815260200191505b5086810384528a5181528a516020918201918c019080838360005b8381101561194c578181015183820152602001611934565b50505050905090810190601f1680156119795780820380516001836020036101000a031916815260200191505b508681038352895181528951602091820191808c01910280838360005b838110156119ae578181015183820152602001611996565b50505050905001868103825288818151815260200191508051906020019060200280838360005b838110156119ed5781810151838201526020016119d5565b505050509050019d505050505050505050505050505060006040518083038186803b158015611a1b57600080fd5b505af4158015611a2f573d6000803e3d6000fd5b50505050600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b63e130bd6790918884896040518563ffffffff1660e01b815260040180858152602001806020018060200180602001848103845287818151815260200191508051906020019080838360005b83811015611aae578181015183820152602001611a96565b50505050905090810190601f168015611adb5780820380516001836020036101000a031916815260200191505b508481038352865181528651602091820191808901910280838360005b83811015611b10578181015183820152602001611af8565b50505050905001848103825285818151815260200191508051906020019080838360005b83811015611b4c578181015183820152602001611b34565b50505050905090810190601f168015611b795780820380516001836020036101000a031916815260200191505b5097505050505050505060006040518083038186803b158015611b9b57600080fd5b505af4158015611baf573d6000803e3d6000fd5b50506040805163250d2afd60e11b8152600b60048201818152602483019384528b5160448401528b5173eec3e1799f908e7d1f367c71d6f2abce5f63239b9650634a1a55fa955091938c939192909160640190602085019080838360005b83811015611c25578181015183820152602001611c0d565b50505050905090810190601f168015611c525780820380516001836020036101000a031916815260200191505b50935050505060006040518083038186803b158015611c7057600080fd5b505af4158015611c84573d6000803e3d6000fd5b50505050611c9061340b565b7fd1d71346ed0f1479c55b14e7c48b084207a7e1bcd9abe4f22d425ec23a518a1f878787604051808481526020018060200180602001838103835285818151815260200191508051906020019080838360005b83811015611cfb578181015183820152602001611ce3565b50505050905090810190601f168015611d285780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b83811015611d5b578181015183820152602001611d43565b50505050905090810190601f168015611d885780820380516001836020036101000a031916815260200191505b509550505050505060405180910390a16040805163292c56eb60e21b815260016004820152905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163a4b15bac916024808301926000929190829003018186803b158015611dea57600080fd5b505af4158015611dfe573d6000803e3d6000fd5b50505050506000548114611e59576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b505050505050565b601a5460408051636557eccf60e01b8152306004820152905133926001600160a01b031691636557eccf916024808301926020929190829003018186803b158015611eab57600080fd5b505afa158015611ebf573d6000803e3d6000fd5b505050506040513d6020811015611ed557600080fd5b50516001600160a01b031614611f23576040805162461bcd60e51b815260206004820152600e60248201526d139bdd08185d5d1a1bdc9a5e995960921b604482015290519081900360640190fd5b601980546001810182556000919091527f944998273e477b495144fb8794c914197f3ccb46be2900f4698fd0ef743c96950180546001600160a01b0319166001600160a01b0392909216919091179055565b60235481565b601d5481565b6000610f84600b8363ffffffff6135f916565b600754601b546040805163afff33ef60e01b815233600482015230602482015290516000936120299390926001600160a01b039091169163afff33ef91604480820192602092909190829003018186803b158015611ff157600080fd5b505afa158015612005573d6000803e3d6000fd5b505050506040513d602081101561201b57600080fd5b50519063ffffffff61362816565b60408051633edbb52760e21b8152600160048201526024810185905260448101839052905191925073f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163fb6ed49c91606480820192600092909190829003018186803b15801561208d57600080fd5b505af4158015611e59573d6000803e3d6000fd5b60295481565b61211433601980548060200260200160405190810160405280929190818152602001828054801561210157602002820191906000526020600020905b81546001600160a01b031681526001909101906020018083116120e3575b505050505061366a90919063ffffffff16565b612165576040805162461bcd60e51b815260206004820181905260248201527f43616c6c6572206973206e6f742061207365727669636520636f6e7472616374604482015290519081900360640190fd5b60006121866121726115bb565b61217a612aef565b9063ffffffff6136c016565b9050803410156121dd576040805162461bcd60e51b815260206004820152601a60248201527f496e73756666696369656e74206e657720656e74727920666565000000000000604482015290519081900360640190fd5b60006121ef348363ffffffff61371a16565b90506121fe848433858561316f565b50505050565b6000600b600601826040518082805190602001908083835b6020831061223b5780518252601f19909201916020918201910161221c565b51815160209384036101000a6000190180199092169116179052920194855250604051938490030190922054949350505050565b604080516001620f258b60e01b03198152600b6004820152905173eec3e1799f908e7d1f367c71d6f2abce5f63239b9163fff0da75916024808301926000929190829003018186803b1580156122c457600080fd5b505af41580156122d8573d6000803e3d6000fd5b505050506122e4612ab8565b15612325576040805162461bcd60e51b815260206004820152600c60248201526b11dc9bdd5c1cc8195e1a5cdd60a21b604482015290519081900360640190fd5b6040805163292c56eb60e21b815260016004820152905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163a4b15bac916024808301926000929190829003018186803b15801561237757600080fd5b505af415801561238b573d6000803e3d6000fd5b5050601980549092506123a69150600163ffffffff61371a16565b815481106123b057fe5b600091825260209091200154602780546001600160a01b0319166001600160a01b039092169190911790556124057f4574c8c75d6e88acd28f7e467dac97b5c60c3838d9dad993900bdf402152228e3461375c565b565b600080546001019081905561241a6117c8565b612461576040805162461bcd60e51b8152602060048201526013602482015272115b9d1c9e481dd85cc81cdd589b5a5d1d1959606a1b604482015290519081900360640190fd5b612469613152565b156124ad576040805162461bcd60e51b815260206004820152600f60248201526e115b9d1c9e481d1a5b5959081bdd5d608a1b604482015290519081900360640190fd5b60606124c5602a54600b6139af90919063ffffffff16565b905073a10ad2570ea7b93d19fdae6bd7189ff4929bc74763de8f50a182602b866040518463ffffffff1660e01b815260040180806020018060200180602001848103845287818151815260200191508051906020019080838360005b83811015612539578181015183820152602001612521565b50505050905090810190601f1680156125665780820380516001836020036101000a031916815260200191505b508481038352865460026000196101006001841615020190911604808252602090910190879080156125d95780601f106125ae576101008083540402835291602001916125d9565b820191906000526020600020905b8154815290600101906020018083116125bc57829003601f168201915b5050848103825285518152855160209182019187019080838360005b8381101561260d5781810151838201526020016125f5565b50505050905090810190601f16801561263a5780820380516001836020036101000a031916815260200191505b50965050505050505060206040518083038186803b15801561265b57600080fd5b505af415801561266f573d6000803e3d6000fd5b505050506040513d602081101561268557600080fd5b50516126cc576040805162461bcd60e51b8152602060048201526011602482015270496e76616c6964207369676e617475726560781b604482015290519081900360640190fd5b6040517f8711cae111460cf9bde0d890f0dc09abcb8851e39bf020f406e53e86394cdbd790600090a1602e546025546001600160a01b039091169061271990619c4063ffffffff6136c016565b6028546040516024810182815233606483018190526060604484019081528951608485015289518a9492939260a40190602086019080838360005b8381101561276c578181015183820152602001612754565b50505050905090810190601f1680156127995780820380516001836020036101000a031916815260200191505b5060408051601f198184030181529181526020820180516001600160e01b031663ef7284e360e01b178152905182519297509550859450925090508083835b602083106127f75780518252601f1990920191602091820191016127d8565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d806000811461285a576040519150601f19603f3d011682016040523d82523d6000602084013e61285f565b606091505b5050602d5415905061287b578251602084012061287b90613a60565b6000806000612888613da4565b919450925090506128a1600b858563ffffffff613f2716565b601b546040805163ba7bffd360e01b815233600482015290516001600160a01b039092169163ba7bffd391602480820192602092909190829003018186803b1580156128ec57600080fd5b505afa158015612900573d6000803e3d6000fd5b505050506040513d602081101561291657600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114612962576040519150601f19603f3d011682016040523d82523d6000602084013e612967565b606091505b505081159050612a4657602e5460408051600481526024810182526020810180516001600160e01b03166308f40b7760e11b178152915181516001600160a01b03909416936188b893869392918291908083835b602083106129da5780518252601f1990920191602091820191016129bb565b6001836020036101000a038019825116818451168082178552505050505050905001915050600060405180830381858888f193505050503d8060008114612a3d576040519150601f19603f3d011682016040523d82523d6000602084013e612a42565b606091505b5050505b6000602981905550505050506000548114612aa8576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b5050565b60265481565b60225481565b60006115d4600b613ffe565b60006115d4601e54612ae36025546024546136c090919063ffffffff16565b9063ffffffff6133ab16565b60006115d4601f54601d546133ab90919063ffffffff16565b601c60009054906101000a90046001600160a01b03166001600160a01b031663fe173b976040518163ffffffff1660e01b815260040160206040518083038186803b158015612b5657600080fd5b505afa158015612b6a573d6000803e3d6000fd5b505050506040513d6020811015612b8057600080fd5b5051601e55565b612bf2336019805480602002602001604051908101604052809291908181526020018280548015612101576020028201919060005260206000209081546001600160a01b031681526001909101906020018083116120e357505050505061366a90919063ffffffff16565b612c43576040805162461bcd60e51b815260206004820181905260248201527f43616c6c6572206973206e6f742061207365727669636520636f6e7472616374604482015290519081900360640190fd5b6000612c5c601e546025546133ab90919063ffffffff16565b602780546001600160a01b031916331790559050612c8983612c84348463ffffffff61371a16565b61375c565b601b546040805163ba7bffd360e01b81526001600160a01b0385811660048301529151600093929092169163ba7bffd391602480820192602092909190829003018186803b158015612cda57600080fd5b505afa158015612cee573d6000803e3d6000fd5b505050506040513d6020811015612d0457600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114612d50576040519150601f19603f3d011682016040523d82523d6000602084013e612d55565b606091505b50509050806121fe5760405162461bcd60e51b81526004018080602001828103825260248152602001806141f26024913960400191505060405180910390fd5b60045490565b6040805163dc26270360e01b8152600b600482018181526024830193845284516044840152845160609473eec3e1799f908e7d1f367c71d6f2abce5f63239b9463dc2627039493889390929160640190602085019080838360005b83811015612e0e578181015183820152602001612df6565b50505050905090810190601f168015612e3b5780820380516001836020036101000a031916815260200191505b50935050505060006040518083038186803b158015612e5957600080fd5b505af4158015612e6d573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f191682016040526020811015612e9657600080fd5b8101908080516040519392919084600160201b821115612eb557600080fd5b908301906020820185811115612eca57600080fd5b82518660208202830111600160201b82111715612ee657600080fd5b82525081516020918201928201910280838360005b83811015612f13578181015183820152602001612efb565b505050509050016040525050509050919050565b601e5481565b600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b6320bc286690918484601b60009054906101000a90046001600160a01b03166001600160a01b031663ec5ffac26040518163ffffffff1660e01b815260040160206040518083038186803b158015612f9b57600080fd5b505afa158015612faf573d6000803e3d6000fd5b505050506040513d6020811015612fc557600080fd5b50516040516001600160e01b031960e087901b1681526004810185815260248201859052606482018390526080604483019081528451608484015284519192909160a490910190602086019080838360005b8381101561302f578181015183820152602001613017565b50505050905090810190601f16801561305c5780820380516001836020036101000a031916815260200191505b509550505050505060006040518083038186803b15801561307c57600080fd5b505af4158015613090573d6000803e3d6000fd5b50506040518492507f6124f28ae7240a98a8ad3410bcd1f3bb0a113fc9834d5bd16426f9e1bd698fde9150600090a25050565b60135490565b6060610f84600b8363ffffffff6139af16565b600e5490565b60008083600201836040518082805190602001908083835b602083106131195780518252601f1990920191602091820191016130fa565b51815160209384036101000a60001901801990921691161790529201948552506040519384900301909220549290921195945050505050565b60006029546000141580156115d457505060225460295401431190565b6131776117c8565b156131ba576040805162461bcd60e51b815260206004820152600e60248201526d426561636f6e206973206275737960901b604482015290519081900360640190fd5b835160208086019190912060408051631bf6b56760e11b8152600b600482015260248101929092525160009273eec3e1799f908e7d1f367c71d6f2abce5f63239b926337ed6ace9260448083019392829003018186803b15801561321d57600080fd5b505af4158015613231573d6000803e3d6000fd5b505050506040513d602081101561324757600080fd5b5051602887905543602955602c849055602d839055602a819055855190915061327790602b906020880190614138565b50602e80546001600160a01b0319166001600160a01b03861617905560606132a0600b836139af565b90507ff3a8bf09e4f9146a48f9b91226985ac8d83d971beb4fc9ffdc569790e85a97e48682604051808060200180602001838103835285818151815260200191508051906020019080838360005b838110156133065781810151838201526020016132ee565b50505050905090810190601f1680156133335780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b8381101561336657818101518382015260200161334e565b50505050905090810190601f1680156133935780820380516001836020036101000a031916815260200191505b5094505050505060405180910390a150505050505050565b6000826133ba57506000610f84565b828202828482816133c757fe5b04146134045760405162461bcd60e51b81526004018080602001828103825260218152602001806141d16021913960400191505060405180910390fd5b9392505050565b601e543a1580159061341e5750601e543a105b1561342657503a5b60245460009061343c908363ffffffff6133ab16565b601b546040805163ba7bffd360e01b815233600482015290519293506000926001600160a01b039092169163ba7bffd391602480820192602092909190829003018186803b15801561348d57600080fd5b505afa1580156134a1573d6000803e3d6000fd5b505050506040513d60208110156134b757600080fd5b50516026549091508210156135a4576026546000906134dc908463ffffffff61371a16565b600060268190556040519192506001600160a01b03841691859181818185875af1925050503d806000811461352d576040519150601f19603f3d011682016040523d82523d6000602084013e613532565b606091505b505050602760009054906101000a90046001600160a01b03166001600160a01b0316634611b648826040518263ffffffff1660e01b81526004016000604051808303818588803b15801561358557600080fd5b505af1158015613599573d6000803e3d6000fd5b5050505050506115b6565b602680546000918290556040519093506001600160a01b0383169184919081818185875af1925050503d8060008114611e59576040519150601f19603f3d011682016040523d82523d6000602084013e611e59565b600082600301828154811061360a57fe5b600091825260209091206003909102016002015460ff169392505050565b600061340483836040518060400160405280601a81526020017f536166654d6174683a206469766973696f6e206279207a65726f000000000000815250614025565b6000805b83518110156136b65783818151811061368357fe5b60200260200101516001600160a01b0316836001600160a01b031614156136ae576001915050610f84565b60010161366e565b5060009392505050565b600082820183811015613404576040805162461bcd60e51b815260206004820152601b60248201527f536166654d6174683a206164646974696f6e206f766572666c6f770000000000604482015290519081900360640190fd5b600061340483836040518060400160405280601e81526020017f536166654d6174683a207375627472616374696f6e206f766572666c6f7700008152506140c7565b602454601e546137719163ffffffff6133ab16565b8110156137bc576040805162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e7420444b472066656560601b604482015290519081900360640190fd5b6137c4611152565b613815576040805162461bcd60e51b815260206004820152601b60248201527f47726f75702073656c656374696f6e20696e2070726f67726573730000000000604482015290519081900360640190fd5b602654156138875760268054600091829055602754604080516308c236c960e31b8152905192936001600160a01b0390921692634611b6489285926004808201939182900301818588803b15801561386c57600080fd5b505af1158015613880573d6000803e3d6000fd5b5050505050505b601b60009054906101000a90046001600160a01b03166001600160a01b031663ec5ffac26040518163ffffffff1660e01b815260040160206040518083038186803b1580156138d557600080fd5b505afa1580156138e9573d6000803e3d6000fd5b505050506040513d60208110156138ff57600080fd5b5051600755604080516352f9b3b960e01b81526001600482015260248101849052905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc17916352f9b3b9916044808301926000929190829003018186803b15801561395d57600080fd5b505af4158015613971573d6000803e3d6000fd5b50506040805185815290517f0769b89b6dbd96af3cdebccc7b68ce1e4ae748abc3e6b19a73b8b58460c57a949350908190036020019150a160265550565b60608260030182815481106139c057fe5b6000918252602091829020600390910201805460408051601f6002600019610100600187161502019094169390930492830185900485028101850190915281815292830182828015613a535780601f10613a2857610100808354040283529160200191613a53565b820191906000526020600020905b815481529060010190602001808311613a3657829003601f168201915b5050505050905092915050565b6000613a79601e54602d5461362890919063ffffffff16565b9050621e84808111613a8b5780613a90565b621e84805b602e54602854604080516024808201939093528151808203909301835260440181526020820180516001600160e01b03166303f6a73960e21b178152905182519495506060946001600160a01b0390941693619c40939282918083835b60208310613b0c5780518252601f199092019160209182019101613aed565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d8060008114613b6f576040519150601f19603f3d011682016040523d82523d6000602084013e613b74565b606091505b509150600090505a602e54602854604080516024810192909252604480830189905281518084039091018152606490920181526020820180516001600160e01b031663fc3fcec760e01b178152905182519495506001600160a01b039093169387939182918083835b60208310613bfc5780518252601f199092019160209182019101613bdd565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d8060008114613c5f576040519150601f19603f3d011682016040523d82523d6000602084013e613c64565b606091505b50505060005a90506000613c7e838363ffffffff61371a16565b9050739b4e397a79ed197d5f8a835613a4326903faa3d26346a50089601b60009054906101000a90046001600160a01b0316601e548885602d548a6040518763ffffffff1660e01b815260040180876001600160a01b03166001600160a01b0316815260200186815260200185815260200184815260200183815260200180602001828103825283818151815260200191508051906020019080838360005b83811015613d35578181015183820152602001613d1d565b50505050905090810190601f168015613d625780820380516001836020036101000a031916815260200191505b5097505050505050505060006040518083038186803b158015613d8457600080fd5b505af4158015613d98573d6000803e3d6000fd5b50505050505050505050565b600080600080662386f26fc100009050600073c08dcc93130ab30987dd7fe64e011402bbe5fda6638dfa43636029546022546040518363ffffffff1660e01b8152600401808381526020018281526020019250505060206040518083038186803b158015613e1157600080fd5b505af4158015613e25573d6000803e3d6000fd5b505050506040513d6020811015613e3b57600080fd5b5051601d54909150613e65908390613e59908463ffffffff6133ab16565b9063ffffffff61362816565b94506000613e8b613e7c848463ffffffff61371a16565b601d549063ffffffff6133ab16565b90506000613eb984613e596005613ead601f54876133ab90919063ffffffff16565b9063ffffffff61412116565b90506000613ed7613ec8612aef565b602c549063ffffffff61371a16565b9050613ee9818363ffffffff6136c016565b9650613f1b82613f0f613f07601f548c6133ab90919063ffffffff16565b613f0f612aef565b9063ffffffff61371a16565b95505050505050909192565b613f948184600601846040518082805190602001908083835b60208310613f5f5780518252601f199092019160209182019101613f40565b51815160209384036101000a6000190180199092169116179052920194855250604051938490030190922054929150506136c0565b83600601836040518082805190602001908083835b60208310613fc85780518252601f199092019160209182019101613fa9565b51815160209384036101000a60001901801990921691161790529201948552506040519384900301909220929092555050505050565b600481015460088201546003830154600092610f84929091613f0f9163ffffffff61371a16565b600081836140b15760405162461bcd60e51b81526004018080602001828103825283818151815260200191508051906020019080838360005b8381101561407657818101518382015260200161405e565b50505050905090810190601f1680156140a35780820380516001836020036101000a031916815260200191505b509250505060405180910390fd5b5060008385816140bd57fe5b0495945050505050565b600081848411156141195760405162461bcd60e51b815260206004820181815283516024840152835190928392604490910191908501908083836000831561407657818101518382015260200161405e565b505050900390565b60006134046064613e59858563ffffffff6133ab16565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061417957805160ff19168380011785556141a6565b828001600101855582156141a6579182015b828111156141a657825182559160200191906001019061418b565b506141b29291506141b6565b5090565b610f6e91905b808211156141b257600081556001016141bc56fe536166654d6174683a206d756c7469706c69636174696f6e206f766572666c6f7747726f75702073656c656374696f6e207265696d62757273656d656e74206661696c6564a265627a7a723158207a629fb1f01059c4affbe2beac32ada102cc0c255c006aa13f47d4a6ee0bf30c64736f6c63430005110032536166654d6174683a206d756c7469706c69636174696f6e206f766572666c6f7700000000000000000000000050510e691c90ea098e3fdd23c311731bf394aafd0000000000000000000000001293a54e160d1cd7075487898d65266081a154580000000000000000000000001a9589f56c969d6b0d3787ea02322476ead3fb050000000000000000000000002c0a348500638aace229d6868c26b4e64fe46ab3
Deployed Bytecode
0x6080604052600436106102665760003560e01c80637d7d7dd911610144578063c300d058116100b6578063d12f5e691161007a578063d12f5e6914610c78578063e1f4d63214610d29578063e581ff7414610d3e578063eb9488d314610df6578063ef7c8f9c14610e0b578063fdd18b1314610e3557610266565b8063c300d05814610bf8578063c443894614610c0d578063c45751cd14610c22578063c96e71fb14610c37578063c98622fb14610c6357610266565b80639dabee44116101085780639dabee4414610a4f578063a7f0b3de14610b00578063ac374f4b14610b08578063b1c77c8f14610bb9578063b99f0c4314610bce578063bf95249614610be357610266565b80637d7d7dd914610926578063885c02041461093b5780638a3a3da8146109655780638e9e56a51461098f5780639b3d270a146109a457610266565b80635c1c0710116101dd5780636dcc64f8116101a15780636dcc64f81461065b5780636e5636e4146106705780637031b7ff1461068557806373f1daab1461069a5780637760c6c7146108de57806379f9fb7e1461091157610266565b80635c1c07101461054a5780635ec60d611461057d578063618c2656146105a75780636262d54e1461063157806363b635ea1461064657610266565b806324f173131161022f57806324f17313146103e85780632d6f8f31146103fd57806336c85717146104ae578063376f7a11146104c35780633926c28e146104fc578063517471a91461053557610266565b80623bf87e1461026b5780630b19991f146102925780631c524ac2146102f75780631ed74070146103bc57806321a8f86c146103d3575b600080fd5b34801561027757600080fd5b50610280610e4a565b60408051918252519081900360200190f35b34801561029e57600080fd5b506102a7610e50565b60408051602080825283518183015283519192839290830191858101910280838360005b838110156102e35781810151838201526020016102cb565b505050509050019250505060405180910390f35b34801561030357600080fd5b506103a86004803603602081101561031a57600080fd5b810190602081018135600160201b81111561033457600080fd5b82018360208201111561034657600080fd5b803590602001918460018302840111600160201b8311171561036757600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550610f71945050505050565b604080519115158252519081900360200190f35b3480156103c857600080fd5b506103d1610f8a565b005b3480156103df57600080fd5b506103a8611152565b3480156103f457600080fd5b50610280611181565b34801561040957600080fd5b506103a86004803603602081101561042057600080fd5b810190602081018135600160201b81111561043a57600080fd5b82018360208201111561044c57600080fd5b803590602001918460018302840111600160201b8311171561046d57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550611187945050505050565b3480156104ba57600080fd5b50610280611276565b3480156104cf57600080fd5b506103a8600480360360408110156104e657600080fd5b506001600160a01b03813516906020013561127c565b34801561050857600080fd5b506103d16004803603604081101561051f57600080fd5b506001600160a01b03813516906020013561131b565b34801561054157600080fd5b506102806115bb565b34801561055657600080fd5b506103a86004803603602081101561056d57600080fd5b50356001600160a01b03166115d9565b34801561058957600080fd5b50610280600480360360208110156105a057600080fd5b5035611643565b3480156105b357600080fd5b506105bc61169f565b6040805160208082528351818301528351919283929083019185019080838360005b838110156105f65781810151838201526020016105de565b50505050905090810190601f1680156106235780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561063d57600080fd5b506102a761172d565b34801561065257600080fd5b506102806117bc565b34801561066757600080fd5b506102806117c2565b34801561067c57600080fd5b506103a86117c8565b34801561069157600080fd5b506102806117d0565b3480156106a657600080fd5b506103d1600480360360a08110156106bd57600080fd5b81359190810190604081016020820135600160201b8111156106de57600080fd5b8201836020820111156106f057600080fd5b803590602001918460018302840111600160201b8311171561071157600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b81111561076357600080fd5b82018360208201111561077557600080fd5b803590602001918460018302840111600160201b8311171561079657600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b8111156107e857600080fd5b8201836020820111156107fa57600080fd5b803590602001918460018302840111600160201b8311171561081b57600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295949360208101935035915050600160201b81111561086d57600080fd5b82018360208201111561087f57600080fd5b803590602001918460208302840111600160201b831117156108a057600080fd5b9190808060200260200160405190810160405280939291908181526020018383602002808284376000920191909152509295506117d6945050505050565b3480156108ea57600080fd5b506103d16004803603602081101561090157600080fd5b50356001600160a01b0316611e61565b34801561091d57600080fd5b50610280611f75565b34801561093257600080fd5b50610280611f7b565b34801561094757600080fd5b506103a86004803603602081101561095e57600080fd5b5035611f81565b34801561097157600080fd5b506103d16004803603602081101561098857600080fd5b5035611f94565b34801561099b57600080fd5b506102806120a1565b6103d1600480360360408110156109ba57600080fd5b81359190810190604081016020820135600160201b8111156109db57600080fd5b8201836020820111156109ed57600080fd5b803590602001918460018302840111600160201b83111715610a0e57600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295506120a7945050505050565b348015610a5b57600080fd5b5061028060048036036020811015610a7257600080fd5b810190602081018135600160201b811115610a8c57600080fd5b820183602082011115610a9e57600080fd5b803590602001918460018302840111600160201b83111715610abf57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612204945050505050565b6103d161226f565b348015610b1457600080fd5b506103d160048036036020811015610b2b57600080fd5b810190602081018135600160201b811115610b4557600080fd5b820183602082011115610b5757600080fd5b803590602001918460018302840111600160201b83111715610b7857600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612407945050505050565b348015610bc557600080fd5b50610280612aac565b348015610bda57600080fd5b50610280612ab2565b348015610bef57600080fd5b50610280612ab8565b348015610c0457600080fd5b50610280612ac4565b348015610c1957600080fd5b50610280612aef565b348015610c2e57600080fd5b506103d1612b08565b6103d160048036036040811015610c4d57600080fd5b50803590602001356001600160a01b0316612b87565b348015610c6f57600080fd5b50610280612d95565b348015610c8457600080fd5b506102a760048036036020811015610c9b57600080fd5b810190602081018135600160201b811115610cb557600080fd5b820183602082011115610cc757600080fd5b803590602001918460018302840111600160201b83111715610ce857600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612d9b945050505050565b348015610d3557600080fd5b50610280612f27565b348015610d4a57600080fd5b506103d160048036036040811015610d6157600080fd5b81359190810190604081016020820135600160201b811115610d8257600080fd5b820183602082011115610d9457600080fd5b803590602001918460018302840111600160201b83111715610db557600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550612f2d945050505050565b348015610e0257600080fd5b506102806130c3565b348015610e1757600080fd5b506105bc60048036036020811015610e2e57600080fd5b50356130c9565b348015610e4157600080fd5b506102806130dc565b60245481565b6060600173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc1763a3c6b2b390916040518263ffffffff1660e01b81526004018082815260200191505060006040518083038186803b158015610ea457600080fd5b505af4158015610eb8573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f191682016040526020811015610ee157600080fd5b8101908080516040519392919084600160201b821115610f0057600080fd5b908301906020820185811115610f1557600080fd5b82518660208202830111600160201b82111715610f3157600080fd5b82525081516020918201928201910280838360005b83811015610f5e578181015183820152602001610f46565b5050505090500160405250505090505b90565b6000610f84600b8363ffffffff6130e216565b92915050565b610f92613152565b610fdc576040805162461bcd60e51b8152602060048201526016602482015275115b9d1c9e48191a59081b9bdd081d1a5b59481bdd5d60521b604482015290519081900360640190fd5b600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b63a24940029091602a54601f546040518463ffffffff1660e01b815260040180848152602001838152602001828152602001935050505060006040518083038186803b15801561104257600080fd5b505af4158015611056573d6000803e3d6000fd5b505050506000602981905550600061106c612ab8565b111561112457602854602b8054604080516020601f600260001961010060018816150201909516949094049384018190048102820181019092528281526111249493909290918301828280156111035780601f106110d857610100808354040283529160200191611103565b820191906000526020600020905b8154815290600101906020018083116110e657829003601f168201915b5050602e54602c54602d546001600160a01b0390921694509250905061316f565b602a546040517f6675fe3ae219641aa4ec9e58867bd7af88bf03caf819d8858f3ddf4cc635eed290600090a2565b60065460009060ff1661116757506001610f6e565b50602154601f546015546004546005540101910201431190565b60255481565b6040805163664d9be160e11b8152600b600482018181526024830193845284516044840152845160009473eec3e1799f908e7d1f367c71d6f2abce5f63239b9463cc9b37c2949388939092916064019060208501908083838c5b838110156111f95781810151838201526020016111e1565b50505050905090810190601f1680156112265780820380516001836020036101000a031916815260200191505b50935050505060206040518083038186803b15801561124457600080fd5b505af4158015611258573d6000803e3d6000fd5b505050506040513d602081101561126e57600080fd5b505192915050565b60215481565b6040805163251be5d160e11b8152600b60048201526001600160a01b038416602482015260448101839052905160009173eec3e1799f908e7d1f367c71d6f2abce5f63239b91634a37cba291606480820192602092909190829003018186803b1580156112e857600080fd5b505af41580156112fc573d6000803e3d6000fd5b505050506040513d602081101561131257600080fd5b50519392505050565b60008054600101808255604080516319818cd360e01b8152600b60048201526001600160a01b038616602482015260448101859052905191929173eec3e1799f908e7d1f367c71d6f2abce5f63239b916319818cd3916064808301926020929190829003018186803b15801561139057600080fd5b505af41580156113a4573d6000803e3d6000fd5b505050506040513d60208110156113ba57600080fd5b5051601b546040805163ba7bffd360e01b81526001600160a01b0388811660048301529151939450600093919092169163ba7bffd3916024808301926020929190829003018186803b15801561140f57600080fd5b505afa158015611423573d6000803e3d6000fd5b505050506040513d602081101561143957600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114611485576040519150601f19603f3d011682016040523d82523d6000602084013e61148a565b606091505b50509050801561155e57601b546040805163ba7bffd360e01b81526001600160a01b0388811660048301529151919092169163ba7bffd3916024808301926020929190829003018186803b1580156114e157600080fd5b505afa1580156114f5573d6000803e3d6000fd5b505050506040513d602081101561150b57600080fd5b5051604080516001600160a01b03888116825260208201869052818301889052915191909216917fd2d1d8bb9db82c3480418ddcddf25a021102ad139edec2a62b274595d408a88d919081900360600190a25b505060005481146115b6576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b505050565b60006115d4601e546023546133ab90919063ffffffff16565b905090565b601b5460408051624298fb60e61b81526001600160a01b038481166004830152306024830152915160009392909216916310a63ec091604480820192602092909190829003018186803b15801561162f57600080fd5b505afa158015611258573d6000803e3d6000fd5b6000600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b634732bd3b9091846040518363ffffffff1660e01b8152600401808381526020018281526020019250505060206040518083038186803b15801561124457600080fd5b602b805460408051602060026001851615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156117255780601f106116fa57610100808354040283529160200191611725565b820191906000526020600020905b81548152906001019060200180831161170857829003601f168201915b505050505081565b606060016000018054806020026020016040519081016040528092919081815260200182805480156117b257602002820191906000526020600020906000905b82829054906101000a900467ffffffffffffffff1667ffffffffffffffff168152602001906008019060208260070104928301926001038202915080841161176d5790505b5050505050905090565b601f5481565b60205481565b602954151590565b602a5481565b600080546001019081905560606117eb610e50565b9050601573aac423edc4e3ee9ef81517e8093d52737165b71f63da0a16899091898989898988600160030154600160040154016040518963ffffffff1660e01b815260040180898152602001888152602001806020018060200180602001806020018060200187815260200186810386528c818151815260200191508051906020019080838360005b8381101561188c578181015183820152602001611874565b50505050905090810190601f1680156118b95780820380516001836020036101000a031916815260200191505b5086810385528b5181528b516020918201918d019080838360005b838110156118ec5781810151838201526020016118d4565b50505050905090810190601f1680156119195780820380516001836020036101000a031916815260200191505b5086810384528a5181528a516020918201918c019080838360005b8381101561194c578181015183820152602001611934565b50505050905090810190601f1680156119795780820380516001836020036101000a031916815260200191505b508681038352895181528951602091820191808c01910280838360005b838110156119ae578181015183820152602001611996565b50505050905001868103825288818151815260200191508051906020019060200280838360005b838110156119ed5781810151838201526020016119d5565b505050509050019d505050505050505050505050505060006040518083038186803b158015611a1b57600080fd5b505af4158015611a2f573d6000803e3d6000fd5b50505050600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b63e130bd6790918884896040518563ffffffff1660e01b815260040180858152602001806020018060200180602001848103845287818151815260200191508051906020019080838360005b83811015611aae578181015183820152602001611a96565b50505050905090810190601f168015611adb5780820380516001836020036101000a031916815260200191505b508481038352865181528651602091820191808901910280838360005b83811015611b10578181015183820152602001611af8565b50505050905001848103825285818151815260200191508051906020019080838360005b83811015611b4c578181015183820152602001611b34565b50505050905090810190601f168015611b795780820380516001836020036101000a031916815260200191505b5097505050505050505060006040518083038186803b158015611b9b57600080fd5b505af4158015611baf573d6000803e3d6000fd5b50506040805163250d2afd60e11b8152600b60048201818152602483019384528b5160448401528b5173eec3e1799f908e7d1f367c71d6f2abce5f63239b9650634a1a55fa955091938c939192909160640190602085019080838360005b83811015611c25578181015183820152602001611c0d565b50505050905090810190601f168015611c525780820380516001836020036101000a031916815260200191505b50935050505060006040518083038186803b158015611c7057600080fd5b505af4158015611c84573d6000803e3d6000fd5b50505050611c9061340b565b7fd1d71346ed0f1479c55b14e7c48b084207a7e1bcd9abe4f22d425ec23a518a1f878787604051808481526020018060200180602001838103835285818151815260200191508051906020019080838360005b83811015611cfb578181015183820152602001611ce3565b50505050905090810190601f168015611d285780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b83811015611d5b578181015183820152602001611d43565b50505050905090810190601f168015611d885780820380516001836020036101000a031916815260200191505b509550505050505060405180910390a16040805163292c56eb60e21b815260016004820152905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163a4b15bac916024808301926000929190829003018186803b158015611dea57600080fd5b505af4158015611dfe573d6000803e3d6000fd5b50505050506000548114611e59576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b505050505050565b601a5460408051636557eccf60e01b8152306004820152905133926001600160a01b031691636557eccf916024808301926020929190829003018186803b158015611eab57600080fd5b505afa158015611ebf573d6000803e3d6000fd5b505050506040513d6020811015611ed557600080fd5b50516001600160a01b031614611f23576040805162461bcd60e51b815260206004820152600e60248201526d139bdd08185d5d1a1bdc9a5e995960921b604482015290519081900360640190fd5b601980546001810182556000919091527f944998273e477b495144fb8794c914197f3ccb46be2900f4698fd0ef743c96950180546001600160a01b0319166001600160a01b0392909216919091179055565b60235481565b601d5481565b6000610f84600b8363ffffffff6135f916565b600754601b546040805163afff33ef60e01b815233600482015230602482015290516000936120299390926001600160a01b039091169163afff33ef91604480820192602092909190829003018186803b158015611ff157600080fd5b505afa158015612005573d6000803e3d6000fd5b505050506040513d602081101561201b57600080fd5b50519063ffffffff61362816565b60408051633edbb52760e21b8152600160048201526024810185905260448101839052905191925073f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163fb6ed49c91606480820192600092909190829003018186803b15801561208d57600080fd5b505af4158015611e59573d6000803e3d6000fd5b60295481565b61211433601980548060200260200160405190810160405280929190818152602001828054801561210157602002820191906000526020600020905b81546001600160a01b031681526001909101906020018083116120e3575b505050505061366a90919063ffffffff16565b612165576040805162461bcd60e51b815260206004820181905260248201527f43616c6c6572206973206e6f742061207365727669636520636f6e7472616374604482015290519081900360640190fd5b60006121866121726115bb565b61217a612aef565b9063ffffffff6136c016565b9050803410156121dd576040805162461bcd60e51b815260206004820152601a60248201527f496e73756666696369656e74206e657720656e74727920666565000000000000604482015290519081900360640190fd5b60006121ef348363ffffffff61371a16565b90506121fe848433858561316f565b50505050565b6000600b600601826040518082805190602001908083835b6020831061223b5780518252601f19909201916020918201910161221c565b51815160209384036101000a6000190180199092169116179052920194855250604051938490030190922054949350505050565b604080516001620f258b60e01b03198152600b6004820152905173eec3e1799f908e7d1f367c71d6f2abce5f63239b9163fff0da75916024808301926000929190829003018186803b1580156122c457600080fd5b505af41580156122d8573d6000803e3d6000fd5b505050506122e4612ab8565b15612325576040805162461bcd60e51b815260206004820152600c60248201526b11dc9bdd5c1cc8195e1a5cdd60a21b604482015290519081900360640190fd5b6040805163292c56eb60e21b815260016004820152905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc179163a4b15bac916024808301926000929190829003018186803b15801561237757600080fd5b505af415801561238b573d6000803e3d6000fd5b5050601980549092506123a69150600163ffffffff61371a16565b815481106123b057fe5b600091825260209091200154602780546001600160a01b0319166001600160a01b039092169190911790556124057f4574c8c75d6e88acd28f7e467dac97b5c60c3838d9dad993900bdf402152228e3461375c565b565b600080546001019081905561241a6117c8565b612461576040805162461bcd60e51b8152602060048201526013602482015272115b9d1c9e481dd85cc81cdd589b5a5d1d1959606a1b604482015290519081900360640190fd5b612469613152565b156124ad576040805162461bcd60e51b815260206004820152600f60248201526e115b9d1c9e481d1a5b5959081bdd5d608a1b604482015290519081900360640190fd5b60606124c5602a54600b6139af90919063ffffffff16565b905073a10ad2570ea7b93d19fdae6bd7189ff4929bc74763de8f50a182602b866040518463ffffffff1660e01b815260040180806020018060200180602001848103845287818151815260200191508051906020019080838360005b83811015612539578181015183820152602001612521565b50505050905090810190601f1680156125665780820380516001836020036101000a031916815260200191505b508481038352865460026000196101006001841615020190911604808252602090910190879080156125d95780601f106125ae576101008083540402835291602001916125d9565b820191906000526020600020905b8154815290600101906020018083116125bc57829003601f168201915b5050848103825285518152855160209182019187019080838360005b8381101561260d5781810151838201526020016125f5565b50505050905090810190601f16801561263a5780820380516001836020036101000a031916815260200191505b50965050505050505060206040518083038186803b15801561265b57600080fd5b505af415801561266f573d6000803e3d6000fd5b505050506040513d602081101561268557600080fd5b50516126cc576040805162461bcd60e51b8152602060048201526011602482015270496e76616c6964207369676e617475726560781b604482015290519081900360640190fd5b6040517f8711cae111460cf9bde0d890f0dc09abcb8851e39bf020f406e53e86394cdbd790600090a1602e546025546001600160a01b039091169061271990619c4063ffffffff6136c016565b6028546040516024810182815233606483018190526060604484019081528951608485015289518a9492939260a40190602086019080838360005b8381101561276c578181015183820152602001612754565b50505050905090810190601f1680156127995780820380516001836020036101000a031916815260200191505b5060408051601f198184030181529181526020820180516001600160e01b031663ef7284e360e01b178152905182519297509550859450925090508083835b602083106127f75780518252601f1990920191602091820191016127d8565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d806000811461285a576040519150601f19603f3d011682016040523d82523d6000602084013e61285f565b606091505b5050602d5415905061287b578251602084012061287b90613a60565b6000806000612888613da4565b919450925090506128a1600b858563ffffffff613f2716565b601b546040805163ba7bffd360e01b815233600482015290516001600160a01b039092169163ba7bffd391602480820192602092909190829003018186803b1580156128ec57600080fd5b505afa158015612900573d6000803e3d6000fd5b505050506040513d602081101561291657600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114612962576040519150601f19603f3d011682016040523d82523d6000602084013e612967565b606091505b505081159050612a4657602e5460408051600481526024810182526020810180516001600160e01b03166308f40b7760e11b178152915181516001600160a01b03909416936188b893869392918291908083835b602083106129da5780518252601f1990920191602091820191016129bb565b6001836020036101000a038019825116818451168082178552505050505050905001915050600060405180830381858888f193505050503d8060008114612a3d576040519150601f19603f3d011682016040523d82523d6000602084013e612a42565b606091505b5050505b6000602981905550505050506000548114612aa8576040805162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c00604482015290519081900360640190fd5b5050565b60265481565b60225481565b60006115d4600b613ffe565b60006115d4601e54612ae36025546024546136c090919063ffffffff16565b9063ffffffff6133ab16565b60006115d4601f54601d546133ab90919063ffffffff16565b601c60009054906101000a90046001600160a01b03166001600160a01b031663fe173b976040518163ffffffff1660e01b815260040160206040518083038186803b158015612b5657600080fd5b505afa158015612b6a573d6000803e3d6000fd5b505050506040513d6020811015612b8057600080fd5b5051601e55565b612bf2336019805480602002602001604051908101604052809291908181526020018280548015612101576020028201919060005260206000209081546001600160a01b031681526001909101906020018083116120e357505050505061366a90919063ffffffff16565b612c43576040805162461bcd60e51b815260206004820181905260248201527f43616c6c6572206973206e6f742061207365727669636520636f6e7472616374604482015290519081900360640190fd5b6000612c5c601e546025546133ab90919063ffffffff16565b602780546001600160a01b031916331790559050612c8983612c84348463ffffffff61371a16565b61375c565b601b546040805163ba7bffd360e01b81526001600160a01b0385811660048301529151600093929092169163ba7bffd391602480820192602092909190829003018186803b158015612cda57600080fd5b505afa158015612cee573d6000803e3d6000fd5b505050506040513d6020811015612d0457600080fd5b50516040516001600160a01b03909116908390600081818185875af1925050503d8060008114612d50576040519150601f19603f3d011682016040523d82523d6000602084013e612d55565b606091505b50509050806121fe5760405162461bcd60e51b81526004018080602001828103825260248152602001806141f26024913960400191505060405180910390fd5b60045490565b6040805163dc26270360e01b8152600b600482018181526024830193845284516044840152845160609473eec3e1799f908e7d1f367c71d6f2abce5f63239b9463dc2627039493889390929160640190602085019080838360005b83811015612e0e578181015183820152602001612df6565b50505050905090810190601f168015612e3b5780820380516001836020036101000a031916815260200191505b50935050505060006040518083038186803b158015612e5957600080fd5b505af4158015612e6d573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f191682016040526020811015612e9657600080fd5b8101908080516040519392919084600160201b821115612eb557600080fd5b908301906020820185811115612eca57600080fd5b82518660208202830111600160201b82111715612ee657600080fd5b82525081516020918201928201910280838360005b83811015612f13578181015183820152602001612efb565b505050509050016040525050509050919050565b601e5481565b600b73eec3e1799f908e7d1f367c71d6f2abce5f63239b6320bc286690918484601b60009054906101000a90046001600160a01b03166001600160a01b031663ec5ffac26040518163ffffffff1660e01b815260040160206040518083038186803b158015612f9b57600080fd5b505afa158015612faf573d6000803e3d6000fd5b505050506040513d6020811015612fc557600080fd5b50516040516001600160e01b031960e087901b1681526004810185815260248201859052606482018390526080604483019081528451608484015284519192909160a490910190602086019080838360005b8381101561302f578181015183820152602001613017565b50505050905090810190601f16801561305c5780820380516001836020036101000a031916815260200191505b509550505050505060006040518083038186803b15801561307c57600080fd5b505af4158015613090573d6000803e3d6000fd5b50506040518492507f6124f28ae7240a98a8ad3410bcd1f3bb0a113fc9834d5bd16426f9e1bd698fde9150600090a25050565b60135490565b6060610f84600b8363ffffffff6139af16565b600e5490565b60008083600201836040518082805190602001908083835b602083106131195780518252601f1990920191602091820191016130fa565b51815160209384036101000a60001901801990921691161790529201948552506040519384900301909220549290921195945050505050565b60006029546000141580156115d457505060225460295401431190565b6131776117c8565b156131ba576040805162461bcd60e51b815260206004820152600e60248201526d426561636f6e206973206275737960901b604482015290519081900360640190fd5b835160208086019190912060408051631bf6b56760e11b8152600b600482015260248101929092525160009273eec3e1799f908e7d1f367c71d6f2abce5f63239b926337ed6ace9260448083019392829003018186803b15801561321d57600080fd5b505af4158015613231573d6000803e3d6000fd5b505050506040513d602081101561324757600080fd5b5051602887905543602955602c849055602d839055602a819055855190915061327790602b906020880190614138565b50602e80546001600160a01b0319166001600160a01b03861617905560606132a0600b836139af565b90507ff3a8bf09e4f9146a48f9b91226985ac8d83d971beb4fc9ffdc569790e85a97e48682604051808060200180602001838103835285818151815260200191508051906020019080838360005b838110156133065781810151838201526020016132ee565b50505050905090810190601f1680156133335780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b8381101561336657818101518382015260200161334e565b50505050905090810190601f1680156133935780820380516001836020036101000a031916815260200191505b5094505050505060405180910390a150505050505050565b6000826133ba57506000610f84565b828202828482816133c757fe5b04146134045760405162461bcd60e51b81526004018080602001828103825260218152602001806141d16021913960400191505060405180910390fd5b9392505050565b601e543a1580159061341e5750601e543a105b1561342657503a5b60245460009061343c908363ffffffff6133ab16565b601b546040805163ba7bffd360e01b815233600482015290519293506000926001600160a01b039092169163ba7bffd391602480820192602092909190829003018186803b15801561348d57600080fd5b505afa1580156134a1573d6000803e3d6000fd5b505050506040513d60208110156134b757600080fd5b50516026549091508210156135a4576026546000906134dc908463ffffffff61371a16565b600060268190556040519192506001600160a01b03841691859181818185875af1925050503d806000811461352d576040519150601f19603f3d011682016040523d82523d6000602084013e613532565b606091505b505050602760009054906101000a90046001600160a01b03166001600160a01b0316634611b648826040518263ffffffff1660e01b81526004016000604051808303818588803b15801561358557600080fd5b505af1158015613599573d6000803e3d6000fd5b5050505050506115b6565b602680546000918290556040519093506001600160a01b0383169184919081818185875af1925050503d8060008114611e59576040519150601f19603f3d011682016040523d82523d6000602084013e611e59565b600082600301828154811061360a57fe5b600091825260209091206003909102016002015460ff169392505050565b600061340483836040518060400160405280601a81526020017f536166654d6174683a206469766973696f6e206279207a65726f000000000000815250614025565b6000805b83518110156136b65783818151811061368357fe5b60200260200101516001600160a01b0316836001600160a01b031614156136ae576001915050610f84565b60010161366e565b5060009392505050565b600082820183811015613404576040805162461bcd60e51b815260206004820152601b60248201527f536166654d6174683a206164646974696f6e206f766572666c6f770000000000604482015290519081900360640190fd5b600061340483836040518060400160405280601e81526020017f536166654d6174683a207375627472616374696f6e206f766572666c6f7700008152506140c7565b602454601e546137719163ffffffff6133ab16565b8110156137bc576040805162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e7420444b472066656560601b604482015290519081900360640190fd5b6137c4611152565b613815576040805162461bcd60e51b815260206004820152601b60248201527f47726f75702073656c656374696f6e20696e2070726f67726573730000000000604482015290519081900360640190fd5b602654156138875760268054600091829055602754604080516308c236c960e31b8152905192936001600160a01b0390921692634611b6489285926004808201939182900301818588803b15801561386c57600080fd5b505af1158015613880573d6000803e3d6000fd5b5050505050505b601b60009054906101000a90046001600160a01b03166001600160a01b031663ec5ffac26040518163ffffffff1660e01b815260040160206040518083038186803b1580156138d557600080fd5b505afa1580156138e9573d6000803e3d6000fd5b505050506040513d60208110156138ff57600080fd5b5051600755604080516352f9b3b960e01b81526001600482015260248101849052905173f94d0d0471ae14b6310d94fa4f95e5fc9f3ffc17916352f9b3b9916044808301926000929190829003018186803b15801561395d57600080fd5b505af4158015613971573d6000803e3d6000fd5b50506040805185815290517f0769b89b6dbd96af3cdebccc7b68ce1e4ae748abc3e6b19a73b8b58460c57a949350908190036020019150a160265550565b60608260030182815481106139c057fe5b6000918252602091829020600390910201805460408051601f6002600019610100600187161502019094169390930492830185900485028101850190915281815292830182828015613a535780601f10613a2857610100808354040283529160200191613a53565b820191906000526020600020905b815481529060010190602001808311613a3657829003601f168201915b5050505050905092915050565b6000613a79601e54602d5461362890919063ffffffff16565b9050621e84808111613a8b5780613a90565b621e84805b602e54602854604080516024808201939093528151808203909301835260440181526020820180516001600160e01b03166303f6a73960e21b178152905182519495506060946001600160a01b0390941693619c40939282918083835b60208310613b0c5780518252601f199092019160209182019101613aed565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d8060008114613b6f576040519150601f19603f3d011682016040523d82523d6000602084013e613b74565b606091505b509150600090505a602e54602854604080516024810192909252604480830189905281518084039091018152606490920181526020820180516001600160e01b031663fc3fcec760e01b178152905182519495506001600160a01b039093169387939182918083835b60208310613bfc5780518252601f199092019160209182019101613bdd565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038160008787f1925050503d8060008114613c5f576040519150601f19603f3d011682016040523d82523d6000602084013e613c64565b606091505b50505060005a90506000613c7e838363ffffffff61371a16565b9050739b4e397a79ed197d5f8a835613a4326903faa3d26346a50089601b60009054906101000a90046001600160a01b0316601e548885602d548a6040518763ffffffff1660e01b815260040180876001600160a01b03166001600160a01b0316815260200186815260200185815260200184815260200183815260200180602001828103825283818151815260200191508051906020019080838360005b83811015613d35578181015183820152602001613d1d565b50505050905090810190601f168015613d625780820380516001836020036101000a031916815260200191505b5097505050505050505060006040518083038186803b158015613d8457600080fd5b505af4158015613d98573d6000803e3d6000fd5b50505050505050505050565b600080600080662386f26fc100009050600073c08dcc93130ab30987dd7fe64e011402bbe5fda6638dfa43636029546022546040518363ffffffff1660e01b8152600401808381526020018281526020019250505060206040518083038186803b158015613e1157600080fd5b505af4158015613e25573d6000803e3d6000fd5b505050506040513d6020811015613e3b57600080fd5b5051601d54909150613e65908390613e59908463ffffffff6133ab16565b9063ffffffff61362816565b94506000613e8b613e7c848463ffffffff61371a16565b601d549063ffffffff6133ab16565b90506000613eb984613e596005613ead601f54876133ab90919063ffffffff16565b9063ffffffff61412116565b90506000613ed7613ec8612aef565b602c549063ffffffff61371a16565b9050613ee9818363ffffffff6136c016565b9650613f1b82613f0f613f07601f548c6133ab90919063ffffffff16565b613f0f612aef565b9063ffffffff61371a16565b95505050505050909192565b613f948184600601846040518082805190602001908083835b60208310613f5f5780518252601f199092019160209182019101613f40565b51815160209384036101000a6000190180199092169116179052920194855250604051938490030190922054929150506136c0565b83600601836040518082805190602001908083835b60208310613fc85780518252601f199092019160209182019101613fa9565b51815160209384036101000a60001901801990921691161790529201948552506040519384900301909220929092555050505050565b600481015460088201546003830154600092610f84929091613f0f9163ffffffff61371a16565b600081836140b15760405162461bcd60e51b81526004018080602001828103825283818151815260200191508051906020019080838360005b8381101561407657818101518382015260200161405e565b50505050905090810190601f1680156140a35780820380516001836020036101000a031916815260200191505b509250505060405180910390fd5b5060008385816140bd57fe5b0495945050505050565b600081848411156141195760405162461bcd60e51b815260206004820181815283516024840152835190928392604490910191908501908083836000831561407657818101518382015260200161405e565b505050900390565b60006134046064613e59858563ffffffff6133ab16565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061417957805160ff19168380011785556141a6565b828001600101855582156141a6579182015b828111156141a657825182559160200191906001019061418b565b506141b29291506141b6565b5090565b610f6e91905b808211156141b257600081556001016141bc56fe536166654d6174683a206d756c7469706c69636174696f6e206f766572666c6f7747726f75702073656c656374696f6e207265696d62757273656d656e74206661696c6564a265627a7a723158207a629fb1f01059c4affbe2beac32ada102cc0c255c006aa13f47d4a6ee0bf30c64736f6c63430005110032
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
00000000000000000000000050510e691c90ea098e3fdd23c311731bf394aafd0000000000000000000000001293a54e160d1cd7075487898d65266081a154580000000000000000000000001a9589f56c969d6b0d3787ea02322476ead3fb050000000000000000000000002c0a348500638aace229d6868c26b4e64fe46ab3
-----Decoded View---------------
Arg [0] : _serviceContract (address): 0x50510E691c90EA098e3fdd23C311731BF394aAFd
Arg [1] : _tokenStaking (address): 0x1293a54e160D1cd7075487898d65266081A15458
Arg [2] : _keepRegistry (address): 0x1a9589F56c969d6b0D3787ea02322476eAd3fB05
Arg [3] : _gasPriceOracle (address): 0x2c0a348500638aACe229d6868c26B4E64Fe46ab3
-----Encoded View---------------
4 Constructor Arguments found :
Arg [0] : 00000000000000000000000050510e691c90ea098e3fdd23c311731bf394aafd
Arg [1] : 0000000000000000000000001293a54e160d1cd7075487898d65266081a15458
Arg [2] : 0000000000000000000000001a9589f56c969d6b0d3787ea02322476ead3fb05
Arg [3] : 0000000000000000000000002c0a348500638aace229d6868c26b4e64fe46ab3
Deployed Bytecode Sourcemap
3153:30235:14:-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6095:39;;8:9:-1;5:2;;;30:1;27;20:12;5:2;6095:39:14;;;:::i;:::-;;;;;;;;;;;;;;;;15181:132;;8:9:-1;5:2;;;30:1;27;20:12;5:2;15181:132:14;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:100:-1;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;15181:132:14;;;;;;;;;;;;;;;;;28114:140;;8:9:-1;5:2;;;30:1;27;20:12;5:2;28114:140:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;28114:140:14;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;28114:140:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;28114:140:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;28114:140:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;28114:140:14;;-1:-1:-1;28114:140:14;;-1:-1:-1;;;;;28114:140:14:i;:::-;;;;;;;;;;;;;;;;;;26361:791;;8:9:-1;5:2;;;30:1;27;20:12;5:2;26361:791:14;;;:::i;:::-;;13158:548;;8:9:-1;5:2;;;30:1;27;20:12;5:2;13158:548:14;;;:::i;6210:49::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;6210:49:14;;;:::i;28746:130::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;28746:130:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;28746:130:14;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;28746:130:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;28746:130:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;28746:130:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;28746:130:14;;-1:-1:-1;28746:130:14;;-1:-1:-1;;;;;28746:130:14:i;5262:45::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;5262:45:14;;;:::i;29981:174::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;29981:174:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;;;;;;29981:174:14;;;;;;;;:::i;30528:459::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;30528:459:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;;;;;;30528:459:14;;;;;;;;:::i;31523:135::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;31523:135:14;;;:::i;27890:145::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;27890:145:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;27890:145:14;-1:-1:-1;;;;;27890:145:14;;:::i;32301:151::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;32301:151:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;32301:151:14;;:::i;7205:40::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;7205:40:14;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:100:-1;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;7205:40:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;14983:112;;8:9:-1;5:2;;;30:1;27;20:12;5:2;14983:112:14;;;:::i;4957:29::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;4957:29:14;;;:::i;5117:34::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;5117:34:14;;;:::i;25289:109::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;25289:109:14;;;:::i;7160:39::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;7160:39:14;;;:::i;15999:864::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;15999:864:14;;;;;;13:3:-1;8;5:12;2:2;;;30:1;27;20:12;2:2;15999:864:14;;;;;;;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;15999:864:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;15999:864:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;15999:864:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;15999:864:14;;;;;;;;-1:-1:-1;15999:864:14;;-1:-1:-1;;;;;5:28;;2:2;;;46:1;43;36:12;2:2;15999:864:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;15999:864:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;15999:864:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;15999:864:14;;;;;;;;-1:-1:-1;15999:864:14;;-1:-1:-1;;;;;5:28;;2:2;;;46:1;43;36:12;2:2;15999:864:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;15999:864:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;15999:864:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;15999:864:14;;;;;;;;-1:-1:-1;15999:864:14;;-1:-1:-1;;;;;5:28;;2:2;;;46:1;43;36:12;2:2;15999:864:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;15999:864:14;;;;;;101:9:-1;95:2;81:12;77:21;67:8;63:36;60:51;-1:-1;;;25:12;22:29;11:108;8:2;;;132:1;129;122:12;8:2;15999:864:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;15999:864:14;;-1:-1:-1;15999:864:14;;-1:-1:-1;;;;;15999:864:14:i;10807:251::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;10807:251:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;10807:251:14;-1:-1:-1;;;;;10807:251:14;;:::i;5948:52::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;5948:52:14;;;:::i;4487:50::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;4487:50:14;;;:::i;32458:134::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;32458:134:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;32458:134:14;;:::i;14410:257::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;14410:257:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;14410:257:14;;:::i;7115:39::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;7115:39:14;;;:::i;18795:582::-;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;18795:582:14;;;;;;;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;18795:582:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;18795:582:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;18795:582:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;18795:582:14;;-1:-1:-1;18795:582:14;;-1:-1:-1;;;;;18795:582:14:i;29718:149::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;29718:149:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;29718:149:14;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;29718:149:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;29718:149:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;29718:149:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;29718:149:14;;-1:-1:-1;29718:149:14;;-1:-1:-1;;;;;29718:149:14:i;7492:771::-;;;:::i;20465:1609::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;20465:1609:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;20465:1609:14;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;20465:1609:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;20465:1609:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;20465:1609:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;20465:1609:14;;-1:-1:-1;20465:1609:14;;-1:-1:-1;;;;;20465:1609:14:i;6607:43::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;6607:43:14;;;:::i;5690:76::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;5690:76:14;;;:::i;29533:102::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;29533:102:14;;;:::i;31796:148::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;31796:148:14;;;:::i;27214:115::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;27214:115:14;;;:::i;11135:94::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;11135:94:14;;;:::i;11466:588::-;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;11466:588:14;;;;;;-1:-1:-1;;;;;11466:588:14;;:::i;14783:127::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;14783:127:14;;;:::i;32022:157::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;32022:157:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;32022:157:14;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;32022:157:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;32022:157:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;32022:157:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;32022:157:14;;-1:-1:-1;32022:157:14;;-1:-1:-1;;;;;32022:157:14:i;4829:39::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;4829:39:14;;;:::i;33062:324::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;33062:324:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;33062:324:14;;;;;;;;;;;;;;-1:-1:-1;;;5:28;;2:2;;;46:1;43;36:12;2:2;33062:324:14;;35:9:-1;28:4;12:14;8:25;5:40;2:2;;;58:1;55;48:12;2:2;33062:324:14;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;-1:-1;;;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;33062:324:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;33062:324:14;;-1:-1:-1;33062:324:14;;-1:-1:-1;;;;;33062:324:14:i;31051:115::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;31051:115:14;;;:::i;31239:142::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;31239:142:14;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;31239:142:14;;:::i;32185:110::-;;8:9:-1;5:2;;;30:1;27;20:12;5:2;32185:110:14;;;:::i;6095:39::-;;;;:::o;15181:132::-;15234:16;15269:14;:35;;;;:37;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;15269:37:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;15269:37:14;;;;;;39:16:-1;36:1;17:17;2:54;101:4;15269:37:14;80:15:-1;;;-1:-1;;76:31;65:43;;120:4;113:20;13:2;5:11;;2:2;;;29:1;26;19:12;2:2;15269:37:14;;;;;;;;;;;;;-1:-1:-1;;;14:3;11:20;8:2;;;44:1;41;34:12;8:2;62:21;;;;123:4;114:14;;138:31;;;135:2;;;182:1;179;172:12;135:2;219:3;213:10;331:9;325:2;311:12;307:21;289:16;285:44;282:59;-1:-1;;;247:12;244:29;233:116;230:2;;;362:1;359;352:12;230:2;373:25;;-1:-1;15269:37:14;;421:4:-1;412:14;;;;15269:37:14;;;;;412:14:-1;15269:37:14;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;15269:37:14;;;;;;;;;;;15262:44;;15181:132;;:::o;28114:140::-;28187:4;28210:37;:6;28235:11;28210:37;:24;:37;:::i;:::-;28203:44;28114:140;-1:-1:-1;;28114:140:14:o;26361:791::-;26421:18;:16;:18::i;:::-;26413:53;;;;;-1:-1:-1;;;26413:53:14;;;;;;;;;;;;-1:-1:-1;;;26413:53:14;;;;;;;;;;;;;;;26476:6;:30;;;;26507:24;;26533:9;;26476:67;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;26476:67:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;26476:67:14;;;;26580:1;26553:24;:28;;;;26793:1;26774:16;:14;:16::i;:::-;:20;26770:309;;;26842:16;;26876:27;26810:258;;;;;;;;-1:-1:-1;;26810:258:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;26842:16;26810:258;;26876:27;;26810:258;;26876:27;26810:258;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;26921:29:14;;26968:43;;27029:25;;-1:-1:-1;;;;;26921:29:14;;;;-1:-1:-1;26968:43:14;-1:-1:-1;27029:25:14;-1:-1:-1;26810:14:14;:258::i;:::-;27120:24;;27094:51;;;;;;;26361:791::o;13158:548::-;13236:25;;13215:4;;13236:25;;13231:68;;-1:-1:-1;13284:4:14;13277:11;;13231:68;-1:-1:-1;13630:26:14;;13618:9;;13578:21;:29;13529:38;;13477:41;;:90;:130;13618:38;;13477:179;13674:12;:25;13158:548;:::o;6210:49::-;;;;:::o;28746:130::-;28837:32;;;-1:-1:-1;;;28837:32:14;;:6;:32;;;;;;;;;;;;;;;;;;;;28814:4;;28837:19;;;;:6;28857:11;;28837:32;;;;;;;;;;;;;28814:4;8:100:-1;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;28837:32:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;28837:32:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;28837:32:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;28837:32:14;;28746:130;-1:-1:-1;;28746:130:14:o;5262:45::-;;;;:::o;29981:174::-;30100:48;;;-1:-1:-1;;;30100:48:14;;:6;:48;;;;-1:-1:-1;;;;;30100:48:14;;;;;;;;;;;;;;30077:4;;30100:26;;;;:48;;;;;;;;;;;;;;;:26;:48;;;5:2:-1;;;;30:1;27;20:12;5:2;30100:48:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;30100:48:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;30100:48:14;;29981:174;-1:-1:-1;;;29981:174:14:o;30528:459::-;1296:13:10;:18;;1313:1;1296:18;;;;30669:46:14;;;-1:-1:-1;;;30669:46:14;;:6;:46;;;;-1:-1:-1;;;;;30669:46:14;;;;;;;;;;;;;;1296:18:10;;:13;30669:24:14;;;;:46;;;;;;;;;;;;;;:24;:46;;;5:2:-1;;;;30:1;27;20:12;5:2;30669:46:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;30669:46:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;30669:46:14;30744:15;;:39;;;-1:-1:-1;;;30744:39:14;;-1:-1:-1;;;;;30744:39:14;;;;;;;;;30669:46;;-1:-1:-1;30726:12:14;;30744:15;;;;;:29;;:39;;;;;30669:46;;30744:39;;;;;;;:15;:39;;;5:2:-1;;;;30:1;27;20:12;5:2;30744:39:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;30744:39:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;30744:39:14;:74;;-1:-1:-1;;;;;30744:44:14;;;;30795:18;;30744:74;;;;30795:18;30744:44;:74;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;;30725:93:14;;;30832:7;30828:153;;;30888:15;;:39;;;-1:-1:-1;;;30888:39:14;;-1:-1:-1;;;;;30888:39:14;;;;;;;;;:15;;;;;:29;;:39;;;;;;;;;;;;;;:15;:39;;;5:2:-1;;;;30:1;27;20:12;5:2;30888:39:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;30888:39:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;30888:39:14;30860:110;;;-1:-1:-1;;;;;30860:110:14;;;;;30888:39;30860:110;;;;;;;;;;;;;;;;;;;;;;;;;;;;30828:153;1370:1:10;;1405:13;;1389:12;:29;1381:73;;;;;-1:-1:-1;;;1381:73:10;;;;;;;;;;;;;;;;;;;;;;;;;;;;30528:459:14;;;:::o;31523:135::-;31576:7;31602:49;31635:15;;31602:28;;:32;;:49;;;;:::i;:::-;31595:56;;31523:135;:::o;27890:145::-;27974:15;;:54;;;-1:-1:-1;;;27974:54:14;;-1:-1:-1;;;;;27974:54:14;;;;;;;28022:4;27974:54;;;;;;27951:4;;27974:15;;;;;:31;;:54;;;;;;;;;;;;;;;:15;:54;;;5:2:-1;;;;30:1;27;20:12;5:2;27974:54:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;32301:151:14;32376:7;32402:6;:31;;;;32434:10;32402:43;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;7205:40:14;;;;;;;;;;;;;;;-1:-1:-1;;7205:40:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::o;14983:112::-;15032:15;15066:14;:22;;15059:29;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;14983:112;:::o;4957:29::-;;;;:::o;5117:34::-;;;;:::o;25289:109::-;25362:24;;:29;;25289:109;:::o;7160:39::-;;;;:::o;15999:864::-;1296:13:10;:18;;1313:1;1296:18;;;;;16243:24:14;16270:22;:20;:22::i;:::-;16243:49;;16303:21;:28;;;;16345:20;16379:11;16404:10;16428;16452:21;16487:7;16552:14;:38;;;16508:14;:41;;;:82;16303:297;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;16303:297:14;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;16303:297:14;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16303:297:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;16303:297:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;16303:297:14;;;;16611:6;:22;;;;16634:11;16647:7;16656:10;16611:56;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16611:56:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;16611:56:14;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16611:56:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16611:56:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;16611:56:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;-1:-1;;16677:28:14;;;-1:-1:-1;;;16677:28:14;;:6;:28;;;;;;;;;;;;;;;;;;;;:15;;-1:-1:-1;16677:15:14;;-1:-1:-1;16677:6:14;;16693:11;;16677:28;;;;;;;;;;;;;;-1:-1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16677:28:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;16677:28:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;16677:28:14;;;;16715:23;:21;:23::i;:::-;16753:70;16777:20;16799:11;16812:10;16753:70;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16753:70:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;16753:70:14;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;16753:70:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;16833:23;;;-1:-1:-1;;;16833:23:14;;:14;:23;;;;;;:21;;;;:23;;;;;-1:-1:-1;;16833:23:14;;;;;;;:21;:23;;;5:2:-1;;;;30:1;27;20:12;5:2;16833:23:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;16833:23:14;;;;1370:1:10;1405:13;;1389:12;:29;1381:73;;;;;-1:-1:-1;;;1381:73:10;;;;;;;;;;;;;;;;;;;;;;;;;;;;15999:864:14;;;;;;:::o;10807:251::-;10898:8;;:50;;;-1:-1:-1;;;10898:50:14;;10942:4;10898:50;;;;;;10952:10;;-1:-1:-1;;;;;10898:8:14;;:35;;:50;;;;;;;;;;;;;;:8;:50;;;5:2:-1;;;;30:1;27;20:12;5:2;10898:50:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;10898:50:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;10898:50:14;-1:-1:-1;;;;;10898:64:14;;10877:125;;;;;-1:-1:-1;;;10877:125:14;;;;;;;;;;;;-1:-1:-1;;;10877:125:14;;;;;;;;;;;;;;;11013:16;27:10:-1;;39:1;23:18;;45:23;;-1:-1;11013:38:14;;;;;;;;-1:-1:-1;;;;;;11013:38:14;-1:-1:-1;;;;;11013:38:14;;;;;;;;;;10807:251::o;5948:52::-;;;;:::o;4487:50::-;;;;:::o;32458:134::-;32526:4;32549:36;:6;32574:10;32549:36;:24;:36;:::i;14410:257::-;14572:27;;14489:15;;:78;;;-1:-1:-1;;;14489:78:14;;14532:10;14489:78;;;;14552:4;14489:78;;;;;;14465:21;;14489:111;;14572:27;;-1:-1:-1;;;;;14489:15:14;;;;:29;;:78;;;;;;;;;;;;;;;:15;:78;;;5:2:-1;;;;30:1;27;20:12;5:2;14489:78:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;14489:78:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;14489:78:14;;:111;:82;:111;:::i;:::-;14610:50;;;-1:-1:-1;;;14610:50:14;;:14;:50;;;;;;;;;;;;;;;;;;14465:135;;-1:-1:-1;14610:27:14;;;;:50;;;;;-1:-1:-1;;14610:50:14;;;;;;;;:27;:50;;;5:2:-1;;;;30:1;27;20:12;5:2;14610:50:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;7115:39:14;;;;:::o;18795:582::-;8331:37;8357:10;8331:16;:25;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;8331:25:14;;;;;;;;;;;;;;;;;;;;;;;:37;;;;:::i;:::-;8310:116;;;;;-1:-1:-1;;;8310:116:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;18923:37;18963:66;18997:22;:20;:22::i;:::-;18963:16;:14;:16::i;:::-;:20;:66;:20;:66;:::i;:::-;18923:106;;19073:29;19060:9;:42;;19039:115;;;;;-1:-1:-1;;;19039:115:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;19164:19;19186:44;:9;19200:29;19186:44;:13;:44;:::i;:::-;19164:66;;19240:130;19268:9;19279:13;19294:10;19318:29;19349:11;19240:14;:130::i;:::-;8436:1;;18795:582;;:::o;29718:149::-;29796:7;29822:6;:25;;29848:11;29822:38;;;;;;;;;;;;;36:153:-1;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;299:10;344;;263:2;259:12;;;254:3;250:22;-1:-1;;246:30;311:9;;295:26;;;340:21;;377:20;365:33;;29822:38:14;;;;;-1:-1:-1;29822:38:14;;;;;;;;;;;;29718:149;-1:-1:-1;;;;29718:149:14:o;7492:771::-;7825:24;;;-1:-1:-1;;;;;;7825:24:14;;:6;:24;;;;;;:22;;;;:24;;;;;-1:-1:-1;;7825:24:14;;;;;;;:22;:24;;;5:2:-1;;;;30:1;27;20:12;5:2;7825:24:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;7825:24:14;;;;7867:16;:14;:16::i;:::-;:21;7859:46;;;;;-1:-1:-1;;;7859:46:14;;;;;;;;;;;;-1:-1:-1;;;7859:46:14;;;;;;;;;;;;;;;7961:23;;;-1:-1:-1;;;7961:23:14;;:14;:23;;;;;;:21;;;;:23;;;;;-1:-1:-1;;7961:23:14;;;;;;;:21;:23;;;5:2:-1;;;;30:1;27;20:12;5:2;7961:23:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;-1:-1;;8148:16:14;8165:23;;8148:16;;-1:-1:-1;8165:30:14;;-1:-1:-1;8193:1:14;8165:30;:27;:30;:::i;:::-;8148:48;;;;;;;;;;;;;;;;;;8100:29;:97;;-1:-1:-1;;;;;;8100:97:14;-1:-1:-1;;;;;8148:48:14;;;8100:97;;;;;;8207:49;6827:77;8246:9;8207:19;:49::i;:::-;7492:771::o;20465:1609::-;1296:13:10;:18;;1313:1;1296:18;;;;;20553:19:14;:17;:19::i;:::-;20545:51;;;;;-1:-1:-1;;;20545:51:14;;;;;;;;;;;;-1:-1:-1;;;20545:51:14;;;;;;;;;;;;;;;20615:18;:16;:18::i;:::-;20614:19;20606:47;;;;;-1:-1:-1;;;20606:47:14;;;;;;;;;;;;-1:-1:-1;;;20606:47:14;;;;;;;;;;;;;;;20664:24;20691:50;20716:24;;20691:6;:24;;:50;;;;:::i;:::-;20664:77;;20773:3;:10;20801:11;20830:27;20875:15;20773:131;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;20773:131:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;20773:131:14;;;;;;;;-1:-1:-1;;20773:131:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;20773:131:14;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;20773:131:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;20773:131:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;20773:131:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;20773:131:14;20752:195;;;;;-1:-1:-1;;;20752:195:14;;;;;;;;;;;;-1:-1:-1;;;20752:195:14;;;;;;;;;;;;;;;20963:21;;;;;;;21159:29;;21198:25;;-1:-1:-1;;;;;21159:29:14;;;;21198:36;;21228:5;21198:36;:29;:36;:::i;:::-;21345:16;;21249:187;;;;;;;;21412:10;21249:187;;;;;;;;;;;;;;;;;;;;;21379:15;;21412:10;;21249:187;;;;;;;;;;;-1:-1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;21249:187:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;21249:187:14;;;-1:-1:-1;;26:21;;;22:32;6:49;;21249:187:14;;;49:4:-1;25:18;;61:17;;-1:-1;;;;;182:15;-1:-1;;;179:29;160:49;;21159:287:14;;;;21249:187;;-1:-1:-1;21159:287:14;-1:-1:-1;21159:287:14;;-1:-1:-1;25:18;-1:-1;21159:287:14;-1:-1:-1;21159:287:14;;25:18:-1;36:153;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;274:1;267:3;263:2;259:12;254:3;250:22;246:30;315:4;311:9;305:3;299:10;295:26;356:4;350:3;344:10;340:21;389:7;380;377:20;372:3;365:33;3:399;;;21159:287:14;;;;;;;;;;;;;;;;;;;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;-1:-1;;21461:25:14;;:29;;-1:-1:-1;21457:112:14;;21530:26;;;;;;21506:52;;:15;:52::i;:::-;21580:25;21607:23;21632:15;21651:26;:24;:26::i;:::-;21579:98;;-1:-1:-1;21579:98:14;-1:-1:-1;21579:98:14;-1:-1:-1;21687:59:14;:6;21715:11;21579:98;21687:59;:27;:59;:::i;:::-;21757:15;;:41;;;-1:-1:-1;;;21757:41:14;;21787:10;21757:41;;;;;;-1:-1:-1;;;;;21757:15:14;;;;:29;;:41;;;;;;;;;;;;;;;:15;:41;;;5:2:-1;;;;30:1;27;20:12;5:2;21757:41:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;21757:41:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;21757:41:14;:73;;-1:-1:-1;;;;;21757:46:14;;;;21810:15;;21757:73;;;;21810:15;21757:46;:73;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;-1:-1;;21845:11:14;;;-1:-1:-1;21841:188:14;;21872:29;;21950:54;;;22:32:-1;6:49;;21950:54:14;;;;;49:4:-1;25:18;;61:17;;-1:-1;;;;;182:15;-1:-1;;;179:29;160:49;;21872:146:14;;;;-1:-1:-1;;;;;21872:29:14;;;;21911:5;;21924:7;;21950:54;21872:146;;;25:18:-1;21872:146:14;;25:18:-1;36:153;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;274:1;267:3;263:2;259:12;254:3;250:22;246:30;315:4;311:9;305:3;299:10;295:26;356:4;350:3;344:10;340:21;389:7;380;377:20;372:3;365:33;3:399;;;21872:146:14;;;;;;;;;;;;;;;;;;;;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;;21872:146:14;;21841:188;22066:1;22039:24;:28;;;;1370:1:10;;;;1405:13;;1389:12;:29;1381:73;;;;;-1:-1:-1;;;1381:73:10;;;;;;;;;;;;;;;;;;;;;;;;;;;;20465:1609:14;;:::o;6607:43::-;;;;:::o;5690:76::-;;;;:::o;29533:102::-;29579:7;29605:23;:6;:21;:23::i;31796:148::-;31845:7;31871:66;31921:15;;31871:45;31890:25;;31871:14;;:18;;:45;;;;:::i;:::-;:49;:66;:49;:66;:::i;27214:115::-;27260:7;27286:36;27312:9;;27286:21;;:25;;:36;;;;:::i;11135:94::-;11197:14;;;;;;;;;-1:-1:-1;;;;;11197:14:14;-1:-1:-1;;;;;11197:23:14;;:25;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;11197:25:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;11197:25:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;11197:25:14;11179:15;:43;11135:94::o;11466:588::-;8331:37;8357:10;8331:16;:25;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;8331:25:14;;;;;;;;;;;;;;;;;;;;;;:37;;;;:::i;:::-;8310:116;;;;;-1:-1:-1;;;8310:116:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;11578:30;11611:46;11641:15;;11611:25;;:29;;:46;;;;:::i;:::-;11668:29;:59;;-1:-1:-1;;;;;;11668:59:14;11716:10;11668:59;;;11578:79;-1:-1:-1;11737:69:14;11757:9;11768:37;:9;11578:79;11768:37;:13;:37;:::i;:::-;11737:19;:69::i;:::-;11902:15;;:40;;;-1:-1:-1;;;11902:40:14;;-1:-1:-1;;;;;11902:40:14;;;;;;;;;11884:12;;11902:15;;;;;:29;;:40;;;;;;;;;;;;;;;:15;:40;;;5:2:-1;;;;30:1;27;20:12;5:2;11902:40:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;11902:40:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;11902:40:14;:79;;-1:-1:-1;;;;;11902:45:14;;;;11954:22;;11902:79;;;;11954:22;11902:45;:79;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;;11883:98:14;;;11999:7;11991:56;;;;-1:-1:-1;;;11991:56:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;14783:127;14865:38;;14783:127;:::o;32022:157::-;32137:35;;;-1:-1:-1;;;32137:35:14;;:6;:35;;;;;;;;;;;;;;;;;;;;32094:24;;32137:22;;;;:6;32160:11;;32137:35;;;;;;;;;;;;;-1:-1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;32137:35:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;32137:35:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;32137:35:14;;;;;;39:16:-1;36:1;17:17;2:54;101:4;32137:35:14;80:15:-1;;;-1:-1;;76:31;65:43;;120:4;113:20;13:2;5:11;;2:2;;;29:1;26;19:12;2:2;32137:35:14;;;;;;;;;;;;;-1:-1:-1;;;14:3;11:20;8:2;;;44:1;41;34:12;8:2;62:21;;;;123:4;114:14;;138:31;;;135:2;;;182:1;179;172:12;135:2;219:3;213:10;331:9;325:2;311:12;307:21;289:16;285:44;282:59;-1:-1;;;247:12;244:29;233:116;230:2;;;362:1;359;352:12;230:2;373:25;;-1:-1;32137:35:14;;421:4:-1;412:14;;;;32137:35:14;;;;;412:14:-1;32137:35:14;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;32137:35:14;;;;;;;;;;;32130:42;;32022:157;;;:::o;4829:39::-;;;;:::o;33062:324::-;33186:6;:32;;;;33232:10;33256:15;33285;;;;;;;;;-1:-1:-1;;;;;33285:15:14;-1:-1:-1;;;;;33285:28:14;;:30;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;33285:30:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;33285:30:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;33285:30:14;33186:139;;-1:-1:-1;;;;;;33186:139:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;33285:30;33186:139;;;;;;-1:-1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;33186:139:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;33186:139:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;-1:-1;;33340:39:14;;33368:10;;-1:-1:-1;33340:39:14;;-1:-1:-1;33340:39:14;;;33062:324;;:::o;31051:115::-;31134:25;;31051:115;:::o;31239:142::-;31307:12;31338:36;:6;31363:10;31338:36;:24;:36;:::i;32185:110::-;32268:13;:20;32185:110;:::o;6380:301:31:-;6499:4;6673:1;6640:4;:17;;6658:11;6640:30;;;;;;;;;;;;;36:153:-1;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;299:10;344;;263:2;259:12;;;254:3;250:22;-1:-1;;246:30;311:9;;295:26;;;340:21;;377:20;365:33;;6640:30:31;;;;;-1:-1:-1;6640:30:31;;;;;;;;;;;:34;;;;;6380:301;-1:-1:-1;;;;;6380:301:31:o;25618:173:14:-;25669:4;25692:24;;25720:1;25692:29;;:92;;;;-1:-1:-1;;25767:17:14;;25740:24;;:44;25725:12;:59;;25618:173::o;19383:875::-;19613:19;:17;:19::i;:::-;19612:20;19604:47;;;;;-1:-1:-1;;;19604:47:14;;;;;;;;;;;;-1:-1:-1;;;19604:47:14;;;;;;;;;;;;;;;19710:24;;;;;;;;;;19683:53;;;-1:-1:-1;;;19683:53:14;;:6;:53;;;;;;;;;;;;19662:18;;19683;;;;:53;;;;;19710:24;19683:53;;;;;:18;:53;;;5:2:-1;;;;30:1;27;20:12;5:2;19683:53:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;19683:53:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;19683:53:14;19747:16;:28;;;19812:12;19785:24;:39;19834:43;:75;;;19919:25;:39;;;19968:24;:37;;;20015:43;;19683:53;;-1:-1:-1;20015:43:14;;:27;;19683:53;20015:43;;;;:::i;:::-;-1:-1:-1;20068:29:14;:47;;-1:-1:-1;;;;;;20068:47:14;-1:-1:-1;;;;;20068:47:14;;;;;20126:24;20153:36;:6;20178:10;20153:24;:36::i;:::-;20126:63;;20204:47;20224:13;20239:11;20204:47;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;20204:47:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;20204:47:14;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;20204:47:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;19383:875;;;;;;;:::o;2159:459:2:-;2217:7;2458:6;2454:45;;-1:-1:-1;2487:1:2;2480:8;;2454:45;2521:5;;;2525:1;2521;:5;:1;2544:5;;;;;:10;2536:56;;;;-1:-1:-1;;;2536:56:2;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2610:1;2159:459;-1:-1:-1;;;2159:459:2:o;17244:1272:14:-;17315:15;;17513:11;:15;;;;:48;;;17546:15;;17532:11;:29;17513:48;17509:101;;;-1:-1:-1;17588:11:14;17509:101;17647:14;;17620:24;;17647:28;;17666:8;17647:28;:18;:28;:::i;:::-;17715:15;;:41;;;-1:-1:-1;;;17715:41:14;;17745:10;17715:41;;;;;;17620:55;;-1:-1:-1;17685:27:14;;-1:-1:-1;;;;;17715:15:14;;;;:29;;:41;;;;;;;;;;;;;;;:15;:41;;;5:2:-1;;;;30:1;27;20:12;5:2;17715:41:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;17715:41:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;17715:41:14;17790:28;;17715:41;;-1:-1:-1;17771:47:14;;17767:743;;;17852:28;;17834:15;;17852:50;;17885:16;17852:50;:32;:50;:::i;:::-;17947:1;17916:28;:32;;;18019:44;;17834:68;;-1:-1:-1;;;;;;18019:16:14;;;18042;;18019:44;17947:1;18019:44;18042:16;18019;:44;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;;18019:44:14;;18142:29;;;;;;;;;-1:-1:-1;;;;;18142:29:14;-1:-1:-1;;;;;18142:44:14;;18193:7;18142:61;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;18142:61:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;18142:61:14;;;;;17767:743;;;;18367:28;;;18440:1;18409:32;;;;18455:44;;18367:28;;-1:-1:-1;;;;;;18455:16:14;;;18367:28;;18455:44;;18440:1;18455:44;18367:28;18455:16;:44;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;6124:177:31;6237:4;6260;:11;;6272:10;6260:23;;;;;;;;;;;;;;;;;;;;;:34;;;;;;6124:177;-1:-1:-1;;;6124:177:31:o;3073:130:2:-;3131:7;3157:39;3161:1;3164;3157:39;;;;;;;;;;;;;;;;;:3;:39::i;59:286:38:-;165:4;;185:132;206:4;:11;202:1;:15;185:132;;;254:4;259:1;254:7;;;;;;;;;;;;;;-1:-1:-1;;;;;242:19:38;:8;-1:-1:-1;;;;;242:19:38;;238:69;;;288:4;281:11;;;;;238:69;219:3;;185:132;;;-1:-1:-1;333:5:38;;59:286;-1:-1:-1;;;59:286:38:o;834:176:2:-;892:7;923:5;;;946:6;;;;938:46;;;;;-1:-1:-1;;;938:46:2;;;;;;;;;;;;;;;;;;;;;;;;;;;1274:134;1332:7;1358:43;1362:1;1365;1358:43;;;;;;;;;;;;;;;;;:3;:43::i;12060:868:14:-;12198:14;;12178:15;;:35;;;:19;:35;:::i;:::-;12166:8;:47;;12145:114;;;;;-1:-1:-1;;;12145:114:14;;;;;;;;;;;;-1:-1:-1;;;12145:114:14;;;;;;;;;;;;;;;12278:26;:24;:26::i;:::-;12270:66;;;;;-1:-1:-1;;;12270:66:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;12471:28;;:32;12467:247;;12537:28;;;12519:15;12579:32;;;;12641:29;;12625:78;;;-1:-1:-1;;;12625:78:14;;;;12537:28;;-1:-1:-1;;;;;12641:29:14;;;;12625:61;;12537:28;;12625:78;;;;;;;;;;;12537:28;12641:29;12625:78;;;5:2:-1;;;;30:1;27;20:12;5:2;12625:78:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;12625:78:14;;;;;12467:247;;12754:15;;;;;;;;;-1:-1:-1;;;;;12754:15:14;-1:-1:-1;;;;;12754:28:14;;:30;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;12754:30:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;12754:30:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;12754:30:14;12724:27;:60;12794:31;;;-1:-1:-1;;;12794:31:14;;12724:14;12794:31;;;;;;;;;;;;:20;;;;:31;;;;;-1:-1:-1;;12794:31:14;;;;;;;:20;:31;;;5:2:-1;;;;30:1;27;20:12;5:2;12794:31:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;-1:-1;;12840:32:14;;;;;;;;;;-1:-1:-1;12840:32:14;;;;;;;-1:-1:-1;12840:32:14;12882:28;:39;-1:-1:-1;12060:868:14:o;4707:187:31:-;4821:12;4852:4;:11;;4864:10;4852:23;;;;;;;;;;;;;;;;;;;;;;4845:42;;;;;;;-1:-1:-1;;4845:42:31;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;4852:23;4845:42;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;4707:187;;;;:::o;22212:1412:14:-;22387:16;22406:46;22436:15;;22406:25;;:29;;:46;;;;:::i;:::-;22387:65;;22700:7;22689:8;:18;:39;;22720:8;22689:39;;;22710:7;22689:39;22825:29;;22979:16;;22893:112;;;;;;;;;;;;;26:21:-1;;;22:32;;;6:49;;22893:112:14;;;;;25:18:-1;;61:17;;-1:-1;;;;;182:15;-1:-1;;;179:29;160:49;;22825:181:14;;;;22678:50;;-1:-1:-1;22739:41:14;;-1:-1:-1;;;;;22825:29:14;;;;22877:5;;22893:112;22825:181;;;;25:18:-1;36:153;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;274:1;267:3;263:2;259:12;254:3;250:22;246:30;315:4;311:9;305:3;299:10;295:26;356:4;350:3;344:10;340:21;389:7;380;377:20;372:3;365:33;3:399;;;22825:181:14;;;;;;;;;;;;;;;;;;;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;-1:-1;22790:216:14;-1:-1:-1;23017:25:14;;-1:-1:-1;23045:9:14;23064:29;;23220:16;;23135:130;;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;;6:49;;23135:130:14;;;;;;;25:18:-1;;61:17;;-1:-1;;;;;182:15;-1:-1;;;179:29;160:49;;23064:202:14;;;;23017:37;;-1:-1:-1;;;;;;23064:29:14;;;;23116:8;;23064:202;;;;;25:18:-1;36:153;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;274:1;267:3;263:2;259:12;254:3;250:22;246:30;315:4;311:9;305:3;299:10;295:26;356:4;350:3;344:10;340:21;389:7;380;377:20;372:3;365:33;3:399;;;23064:202:14;;;;;;;;;;;;;;;;;;;;;;;;;14:1:-1;21;16:31;;;;75:4;69:11;64:16;;144:4;140:9;133:4;115:16;111:27;107:43;104:1;100:51;94:4;87:65;169:16;166:1;159:27;225:16;222:1;215:4;212:1;208:12;193:49;7:242;;16:31;36:4;31:9;;7:242;;23064:202:14;;23277:24;23304:9;23277:36;-1:-1:-1;23323:16:14;23342:39;:17;23277:36;23342:39;:21;:39;:::i;:::-;23323:58;;23392:14;:32;23438:15;;;;;;;;;-1:-1:-1;;;;;23438:15:14;23467;;23496:8;23518;23540:25;;23579:28;23392:225;;;;;;;;;;;;;-1:-1:-1;;;;;23392:225:14;-1:-1:-1;;;;;23392:225:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;23392:225:14;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;23392:225:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;23392:225:14;;;;22212:1412;;;;;;:::o;23737:1448::-;23804:25;23839:23;23872:15;23904:16;23923:4;23904:23;;23987:19;24009:11;:21;24044:24;;24082:17;;24009:100;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8:9:-1;5:2;;;30:1;27;20:12;5:2;24009:100:14;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;24009:100:14;;;;;;;13:2:-1;8:3;5:11;2:2;;;29:1;26;19:12;2:2;-1:-1;24009:100:14;24139:21;;24009:100;;-1:-1:-1;24139:52:14;;24182:8;;24139:38;;24009:100;24139:38;:25;:38;:::i;:::-;:42;:52;:42;:52;:::i;:::-;24119:72;-1:-1:-1;24262:31:14;24296:52;24322:25;:8;24335:11;24322:25;:12;:25;:::i;:::-;24296:21;;;:52;:25;:52;:::i;:::-;24262:86;;24700:28;24731:63;24785:8;24731:49;24778:1;24731:38;24759:9;;24731:23;:27;;:38;;;;:::i;:::-;:46;:49;:46;:49;:::i;:63::-;24700:94;;24804:28;24835:65;24883:16;:14;:16::i;:::-;24835:43;;;:65;:47;:65;:::i;:::-;24804:96;-1:-1:-1;24928:46:14;24804:96;24953:20;24928:46;:24;:46;:::i;:::-;24910:64;;25098:80;25157:20;25098:54;25119:32;25141:9;;25119:17;:21;;:32;;;;:::i;:::-;25098:16;:14;:16::i;:::-;:20;:54;:20;:54;:::i;:80::-;25088:90;;23737:1448;;;;;;;;:::o;4149:237:31:-;4331:48;4372:6;4331:4;:23;;4355:11;4331:36;;;;;;;;;;;;;36:153:-1;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;299:10;344;;263:2;259:12;;;254:3;250:22;-1:-1;;246:30;311:9;;295:26;;;340:21;;377:20;365:33;;4331:36:31;;;;;-1:-1:-1;4331:36:31;;;;;;;;;;;;;-1:-1:-1;;4331:40:31;:48::i;:::-;4292:4;:23;;4316:11;4292:36;;;;;;;;;;;;;36:153:-1;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;299:10;344;;263:2;259:12;;;254:3;250:22;-1:-1;;246:30;311:9;;295:26;;;340:21;;377:20;365:33;;4292:36:31;;;;;-1:-1:-1;4292:36:31;;;;;;;;;;:87;;;;-1:-1:-1;;;;;4149:237:31:o;9232:202::-;9392:27;;;:34;9363:23;;;;9340:11;;;:18;9314:7;;9340:87;;9392:34;;9340:47;;;:22;:47;:::i;3718:338:2:-;3804:7;3904:12;3897:5;3889:28;;;;-1:-1:-1;;;3889:28:2;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;3889:28:2;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;3927:9;3943:1;3939;:5;;;;;;;3718:338;-1:-1:-1;;;;;3718:338:2:o;1732:187::-;1818:7;1853:12;1845:6;;;;1837:29;;;;-1:-1:-1;;;1837:29:2;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;27:10:-1;;8:100;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;1837:29:2;-1:-1:-1;;;1888:5:2;;;1732:187::o;237:112:42:-;299:7;325:17;338:3;325:8;:1;331;325:8;:5;:8;:::i;3153:30235:14:-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;3153:30235:14;;;-1:-1:-1;3153:30235:14;:::i;:::-;;;:::o;:::-;;;;;;;;;;;;;;;;;
Swarm Source
bzzr://7a629fb1f01059c4affbe2beac32ada102cc0c255c006aa13f47d4a6ee0bf30c
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 26 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|---|---|---|---|---|
| ETH |  | 100.00% | $3,811.6 | 59.4501 | $226,599.91 |
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.