UNPKG

@hyperlane-xyz/core

Version:

Core solidity contracts for Hyperlane

www.hyperlane.xyz

hyperlane-xyz/hyperlane-monorepo

1 lines 1.2 MB
1
{"input":{"language":"Solidity","sources":{"@arbitrum/nitro-contracts/src/bridge/IBridge.sol":{"content":"// Copyright 2021-2022, Offchain Labs, Inc.\n// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE\n// SPDX-License-Identifier: BUSL-1.1\n\n// solhint-disable-next-line compiler-version\npragma solidity >=0.6.9 <0.9.0;\n\nimport \"./IOwnable.sol\";\n\ninterface IBridge {\n /// @dev This is an instruction to offchain readers to inform them where to look\n /// for sequencer inbox batch data. This is not the type of data (eg. das, brotli encoded, or blob versioned hash)\n /// and this enum is not used in the state transition function, rather it informs an offchain\n /// reader where to find the data so that they can supply it to the replay binary\n enum BatchDataLocation {\n /// @notice The data can be found in the transaction call data\n TxInput,\n /// @notice The data can be found in an event emitted during the transaction\n SeparateBatchEvent,\n /// @notice This batch contains no data\n NoData,\n /// @notice The data can be found in the 4844 data blobs on this transaction\n Blob\n }\n\n struct TimeBounds {\n uint64 minTimestamp;\n uint64 maxTimestamp;\n uint64 minBlockNumber;\n uint64 maxBlockNumber;\n }\n\n event MessageDelivered(\n uint256 indexed messageIndex,\n bytes32 indexed beforeInboxAcc,\n address inbox,\n uint8 kind,\n address sender,\n bytes32 messageDataHash,\n uint256 baseFeeL1,\n uint64 timestamp\n );\n\n event BridgeCallTriggered(\n address indexed outbox,\n address indexed to,\n uint256 value,\n bytes data\n );\n\n event InboxToggle(address indexed inbox, bool enabled);\n\n event OutboxToggle(address indexed outbox, bool enabled);\n\n event SequencerInboxUpdated(address newSequencerInbox);\n\n event RollupUpdated(address rollup);\n\n function allowedDelayedInboxList(uint256) external returns (address);\n\n function allowedOutboxList(uint256) external returns (address);\n\n /// @dev Accumulator for delayed inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.\n function delayedInboxAccs(uint256) external view returns (bytes32);\n\n /// @dev Accumulator for sequencer inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.\n function sequencerInboxAccs(uint256) external view returns (bytes32);\n\n function rollup() external view returns (IOwnable);\n\n function sequencerInbox() external view returns (address);\n\n function activeOutbox() external view returns (address);\n\n function allowedDelayedInboxes(address inbox) external view returns (bool);\n\n function allowedOutboxes(address outbox) external view returns (bool);\n\n function sequencerReportedSubMessageCount() external view returns (uint256);\n\n function executeCall(\n address to,\n uint256 value,\n bytes calldata data\n ) external returns (bool success, bytes memory returnData);\n\n function delayedMessageCount() external view returns (uint256);\n\n function sequencerMessageCount() external view returns (uint256);\n\n // ---------- onlySequencerInbox functions ----------\n\n function enqueueSequencerMessage(\n bytes32 dataHash,\n uint256 afterDelayedMessagesRead,\n uint256 prevMessageCount,\n uint256 newMessageCount\n )\n external\n returns (\n uint256 seqMessageIndex,\n bytes32 beforeAcc,\n bytes32 delayedAcc,\n bytes32 acc\n );\n\n /**\n * @dev Allows the sequencer inbox to submit a delayed message of the batchPostingReport type\n * This is done through a separate function entrypoint instead of allowing the sequencer inbox\n * to call `enqueueDelayedMessage` to avoid the gas overhead of an extra SLOAD in either\n * every delayed inbox or every sequencer inbox call.\n */\n function submitBatchSpendingReport(address batchPoster, bytes32 dataHash)\n external\n returns (uint256 msgNum);\n\n // ---------- onlyRollupOrOwner functions ----------\n\n function setSequencerInbox(address _sequencerInbox) external;\n\n function setDelayedInbox(address inbox, bool enabled) external;\n\n function setOutbox(address inbox, bool enabled) external;\n\n function updateRollupAddress(IOwnable _rollup) external;\n}\n"},"@arbitrum/nitro-contracts/src/bridge/IOutbox.sol":{"content":"// Copyright 2021-2022, Offchain Labs, Inc.\n// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE\n// SPDX-License-Identifier: BUSL-1.1\n\n// solhint-disable-next-line compiler-version\npragma solidity >=0.6.9 <0.9.0;\n\nimport \"./IBridge.sol\";\n\ninterface IOutbox {\n event SendRootUpdated(bytes32 indexed outputRoot, bytes32 indexed l2BlockHash);\n event OutBoxTransactionExecuted(\n address indexed to,\n address indexed l2Sender,\n uint256 indexed zero,\n uint256 transactionIndex\n );\n\n function initialize(IBridge _bridge) external;\n\n function rollup() external view returns (address); // the rollup contract\n\n function bridge() external view returns (IBridge); // the bridge contract\n\n function spent(uint256) external view returns (bytes32); // packed spent bitmap\n\n function roots(bytes32) external view returns (bytes32); // maps root hashes => L2 block hash\n\n // solhint-disable-next-line func-name-mixedcase\n function OUTBOX_VERSION() external view returns (uint128); // the outbox version\n\n function updateSendRoot(bytes32 sendRoot, bytes32 l2BlockHash) external;\n\n function updateRollupAddress() external;\n\n /// @notice When l2ToL1Sender returns a nonzero address, the message was originated by an L2 account\n /// When the return value is zero, that means this is a system message\n /// @dev the l2ToL1Sender behaves as the tx.origin, the msg.sender should be validated to protect against reentrancies\n function l2ToL1Sender() external view returns (address);\n\n /// @return l2Block return L2 block when the L2 tx was initiated or 0 if no L2 to L1 transaction is active\n function l2ToL1Block() external view returns (uint256);\n\n /// @return l1Block return L1 block when the L2 tx was initiated or 0 if no L2 to L1 transaction is active\n function l2ToL1EthBlock() external view returns (uint256);\n\n /// @return timestamp return L2 timestamp when the L2 tx was initiated or 0 if no L2 to L1 transaction is active\n function l2ToL1Timestamp() external view returns (uint256);\n\n /// @return outputId returns the unique output identifier of the L2 to L1 tx or 0 if no L2 to L1 transaction is active\n function l2ToL1OutputId() external view returns (bytes32);\n\n /**\n * @notice Executes a messages in an Outbox entry.\n * @dev Reverts if dispute period hasn't expired, since the outbox entry\n * is only created once the rollup confirms the respective assertion.\n * @dev it is not possible to execute any L2-to-L1 transaction which contains data\n * to a contract address without any code (as enforced by the Bridge contract).\n * @param proof Merkle proof of message inclusion in send root\n * @param index Merkle path to message\n * @param l2Sender sender if original message (i.e., caller of ArbSys.sendTxToL1)\n * @param to destination address for L1 contract call\n * @param l2Block l2 block number at which sendTxToL1 call was made\n * @param l1Block l1 block number at which sendTxToL1 call was made\n * @param l2Timestamp l2 Timestamp at which sendTxToL1 call was made\n * @param value wei in L1 message\n * @param data abi-encoded L1 message data\n */\n function executeTransaction(\n bytes32[] calldata proof,\n uint256 index,\n address l2Sender,\n address to,\n uint256 l2Block,\n uint256 l1Block,\n uint256 l2Timestamp,\n uint256 value,\n bytes calldata data\n ) external;\n\n /**\n * @dev function used to simulate the result of a particular function call from the outbox\n * it is useful for things such as gas estimates. This function includes all costs except for\n * proof validation (which can be considered offchain as a somewhat of a fixed cost - it's\n * not really a fixed cost, but can be treated as so with a fixed overhead for gas estimation).\n * We can't include the cost of proof validation since this is intended to be used to simulate txs\n * that are included in yet-to-be confirmed merkle roots. The simulation entrypoint could instead pretend\n * to confirm a pending merkle root, but that would be less practical for integrating with tooling.\n * It is only possible to trigger it when the msg sender is address zero, which should be impossible\n * unless under simulation in an eth_call or eth_estimateGas\n */\n function executeTransactionSimulation(\n uint256 index,\n address l2Sender,\n address to,\n uint256 l2Block,\n uint256 l1Block,\n uint256 l2Timestamp,\n uint256 value,\n bytes calldata data\n ) external;\n\n /**\n * @param index Merkle path to message\n * @return true if the message has been spent\n */\n function isSpent(uint256 index) external view returns (bool);\n\n function calculateItemHash(\n address l2Sender,\n address to,\n uint256 l2Block,\n uint256 l1Block,\n uint256 l2Timestamp,\n uint256 value,\n bytes calldata data\n ) external pure returns (bytes32);\n\n function calculateMerkleRoot(\n bytes32[] memory proof,\n uint256 path,\n bytes32 item\n ) external pure returns (bytes32);\n\n /**\n * @dev function to be called one time during the outbox upgrade process\n * this is used to fix the storage slots\n */\n function postUpgradeInit() external;\n}\n"},"@arbitrum/nitro-contracts/src/bridge/IOwnable.sol":{"content":"// Copyright 2021-2022, Offchain Labs, Inc.\n// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE\n// SPDX-License-Identifier: BUSL-1.1\n\n// solhint-disable-next-line compiler-version\npragma solidity >=0.4.21 <0.9.0;\n\ninterface IOwnable {\n function owner() external view returns (address);\n}\n"},"@arbitrum/nitro-contracts/src/precompiles/ArbSys.sol":{"content":"// Copyright 2021-2022, Offchain Labs, Inc.\n// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE\n// SPDX-License-Identifier: BUSL-1.1\n\npragma solidity >=0.4.21 <0.9.0;\n\n/**\n * @title System level functionality\n * @notice For use by contracts to interact with core L2-specific functionality.\n * Precompiled contract that exists in every Arbitrum chain at address(100), 0x0000000000000000000000000000000000000064.\n */\ninterface ArbSys {\n /**\n * @notice Get Arbitrum block number (distinct from L1 block number; Arbitrum genesis block has block number 0)\n * @return block number as int\n */\n function arbBlockNumber() external view returns (uint256);\n\n /**\n * @notice Get Arbitrum block hash (reverts unless currentBlockNum-256 <= arbBlockNum < currentBlockNum)\n * @return block hash\n */\n function arbBlockHash(uint256 arbBlockNum) external view returns (bytes32);\n\n /**\n * @notice Gets the rollup's unique chain identifier\n * @return Chain identifier as int\n */\n function arbChainID() external view returns (uint256);\n\n /**\n * @notice Get internal version number identifying an ArbOS build\n * @return version number as int\n */\n function arbOSVersion() external view returns (uint256);\n\n /**\n * @notice Returns 0 since Nitro has no concept of storage gas\n * @return uint 0\n */\n function getStorageGasAvailable() external view returns (uint256);\n\n /**\n * @notice (deprecated) check if current call is top level (meaning it was triggered by an EoA or a L1 contract)\n * @dev this call has been deprecated and may be removed in a future release\n * @return true if current execution frame is not a call by another L2 contract\n */\n function isTopLevelCall() external view returns (bool);\n\n /**\n * @notice map L1 sender contract address to its L2 alias\n * @param sender sender address\n * @param unused argument no longer used\n * @return aliased sender address\n */\n function mapL1SenderContractAddressToL2Alias(address sender, address unused)\n external\n pure\n returns (address);\n\n /**\n * @notice check if the caller (of this caller of this) is an aliased L1 contract address\n * @return true iff the caller's address is an alias for an L1 contract address\n */\n function wasMyCallersAddressAliased() external view returns (bool);\n\n /**\n * @notice return the address of the caller (of this caller of this), without applying L1 contract address aliasing\n * @return address of the caller's caller, without applying L1 contract address aliasing\n */\n function myCallersAddressWithoutAliasing() external view returns (address);\n\n /**\n * @notice Send given amount of Eth to dest from sender.\n * This is a convenience function, which is equivalent to calling sendTxToL1 with empty data.\n * @param destination recipient address on L1\n * @return unique identifier for this L2-to-L1 transaction.\n */\n function withdrawEth(address destination) external payable returns (uint256);\n\n /**\n * @notice Send a transaction to L1\n * @dev it is not possible to execute on the L1 any L2-to-L1 transaction which contains data\n * to a contract address without any code (as enforced by the Bridge contract).\n * @param destination recipient address on L1\n * @param data (optional) calldata for L1 contract call\n * @return a unique identifier for this L2-to-L1 transaction.\n */\n function sendTxToL1(address destination, bytes calldata data)\n external\n payable\n returns (uint256);\n\n /**\n * @notice Get send Merkle tree state\n * @return size number of sends in the history\n * @return root root hash of the send history\n * @return partials hashes of partial subtrees in the send history tree\n */\n function sendMerkleTreeState()\n external\n view\n returns (\n uint256 size,\n bytes32 root,\n bytes32[] memory partials\n );\n\n /**\n * @notice creates a send txn from L2 to L1\n * @param position = (level << 192) + leaf = (0 << 192) + leaf = leaf\n */\n event L2ToL1Tx(\n address caller,\n address indexed destination,\n uint256 indexed hash,\n uint256 indexed position,\n uint256 arbBlockNum,\n uint256 ethBlockNum,\n uint256 timestamp,\n uint256 callvalue,\n bytes data\n );\n\n /// @dev DEPRECATED in favour of the new L2ToL1Tx event above after the nitro upgrade\n event L2ToL1Transaction(\n address caller,\n address indexed destination,\n uint256 indexed uniqueId,\n uint256 indexed batchNumber,\n uint256 indexInBatch,\n uint256 arbBlockNum,\n uint256 ethBlockNum,\n uint256 timestamp,\n uint256 callvalue,\n bytes data\n );\n\n /**\n * @notice logs a merkle branch for proof synthesis\n * @param reserved an index meant only to align the 4th index with L2ToL1Transaction's 4th event\n * @param hash the merkle hash\n * @param position = (level << 192) + leaf\n */\n event SendMerkleUpdate(\n uint256 indexed reserved,\n bytes32 indexed hash,\n uint256 indexed position\n );\n\n error InvalidBlockNumber(uint256 requested, uint256 current);\n}\n"},"@chainlink/contracts-ccip/src/v0.8/ccip/applications/CCIPReceiver.sol":{"content":"// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\nimport {IAny2EVMMessageReceiver} from \"../interfaces/IAny2EVMMessageReceiver.sol\";\n\nimport {Client} from \"../libraries/Client.sol\";\n\nimport {IERC165} from \"../../vendor/openzeppelin-solidity/v5.0.2/contracts/utils/introspection/IERC165.sol\";\n\n/// @title CCIPReceiver - Base contract for CCIP applications that can receive messages.\nabstract contract CCIPReceiver is IAny2EVMMessageReceiver, IERC165 {\n address internal immutable i_ccipRouter;\n\n constructor(address router) {\n if (router == address(0)) revert InvalidRouter(address(0));\n i_ccipRouter = router;\n }\n\n /// @notice IERC165 supports an interfaceId\n /// @param interfaceId The interfaceId to check\n /// @return true if the interfaceId is supported\n /// @dev Should indicate whether the contract implements IAny2EVMMessageReceiver\n /// e.g. return interfaceId == type(IAny2EVMMessageReceiver).interfaceId || interfaceId == type(IERC165).interfaceId\n /// This allows CCIP to check if ccipReceive is available before calling it.\n /// If this returns false or reverts, only tokens are transferred to the receiver.\n /// If this returns true, tokens are transferred and ccipReceive is called atomically.\n /// Additionally, if the receiver address does not have code associated with\n /// it at the time of execution (EXTCODESIZE returns 0), only tokens will be transferred.\n function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {\n return interfaceId == type(IAny2EVMMessageReceiver).interfaceId || interfaceId == type(IERC165).interfaceId;\n }\n\n /// @inheritdoc IAny2EVMMessageReceiver\n function ccipReceive(Client.Any2EVMMessage calldata message) external virtual override onlyRouter {\n _ccipReceive(message);\n }\n\n /// @notice Override this function in your implementation.\n /// @param message Any2EVMMessage\n function _ccipReceive(Client.Any2EVMMessage memory message) internal virtual;\n\n /////////////////////////////////////////////////////////////////////\n // Plumbing\n /////////////////////////////////////////////////////////////////////\n\n /// @notice Return the current router\n /// @return CCIP router address\n function getRouter() public view virtual returns (address) {\n return address(i_ccipRouter);\n }\n\n error InvalidRouter(address router);\n\n /// @dev only calls from the set router are accepted.\n modifier onlyRouter() {\n if (msg.sender != getRouter()) revert InvalidRouter(msg.sender);\n _;\n }\n}\n"},"@chainlink/contracts-ccip/src/v0.8/ccip/interfaces/IAny2EVMMessageReceiver.sol":{"content":"// SPDX-License-Identifier: MIT\npragma solidity ^0.8.0;\n\nimport {Client} from \"../libraries/Client.sol\";\n\n/// @notice Application contracts that intend to receive messages from\n/// the router should implement this interface.\ninterface IAny2EVMMessageReceiver {\n /// @notice Called by the Router to deliver a message.\n /// If this reverts, any token transfers also revert. The message\n /// will move to a FAILED state and become available for manual execution.\n /// @param message CCIP Message\n /// @dev Note ensure you check the msg.sender is the OffRampRouter\n function ccipReceive(Client.Any2EVMMessage calldata message) external;\n}\n"},"@chainlink/contracts-ccip/src/v0.8/ccip/interfaces/IRouterClient.sol":{"content":"// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\nimport {Client} from \"../libraries/Client.sol\";\n\ninterface IRouterClient {\n error UnsupportedDestinationChain(uint64 destChainSelector);\n error InsufficientFeeTokenAmount();\n error InvalidMsgValue();\n\n /// @notice Checks if the given chain ID is supported for sending/receiving.\n /// @param destChainSelector The chain to check.\n /// @return supported is true if it is supported, false if not.\n function isChainSupported(uint64 destChainSelector) external view returns (bool supported);\n\n /// @param destinationChainSelector The destination chainSelector\n /// @param message The cross-chain CCIP message including data and/or tokens\n /// @return fee returns execution fee for the message\n /// delivery to destination chain, denominated in the feeToken specified in the message.\n /// @dev Reverts with appropriate reason upon invalid message.\n function getFee(\n uint64 destinationChainSelector,\n Client.EVM2AnyMessage memory message\n ) external view returns (uint256 fee);\n\n /// @notice Request a message to be sent to the destination chain\n /// @param destinationChainSelector The destination chain ID\n /// @param message The cross-chain CCIP message including data and/or tokens\n /// @return messageId The message ID\n /// @dev Note if msg.value is larger than the required fee (from getFee) we accept\n /// the overpayment with no refund.\n /// @dev Reverts with appropriate reason upon invalid message.\n function ccipSend(\n uint64 destinationChainSelector,\n Client.EVM2AnyMessage calldata message\n ) external payable returns (bytes32);\n}\n"},"@chainlink/contracts-ccip/src/v0.8/ccip/libraries/Client.sol":{"content":"// SPDX-License-Identifier: MIT\npragma solidity ^0.8.0;\n\n// End consumer library.\nlibrary Client {\n /// @dev RMN depends on this struct, if changing, please notify the RMN maintainers.\n struct EVMTokenAmount {\n address token; // token address on the local chain.\n uint256 amount; // Amount of tokens.\n }\n\n struct Any2EVMMessage {\n bytes32 messageId; // MessageId corresponding to ccipSend on source.\n uint64 sourceChainSelector; // Source chain selector.\n bytes sender; // abi.decode(sender) if coming from an EVM chain.\n bytes data; // payload sent in original message.\n EVMTokenAmount[] destTokenAmounts; // Tokens and their amounts in their destination chain representation.\n }\n\n // If extraArgs is empty bytes, the default is 200k gas limit.\n struct EVM2AnyMessage {\n bytes receiver; // abi.encode(receiver address) for dest EVM chains\n bytes data; // Data payload\n EVMTokenAmount[] tokenAmounts; // Token transfers\n address feeToken; // Address of feeToken. address(0) means you will send msg.value.\n bytes extraArgs; // Populate this with _argsToBytes(EVMExtraArgsV2)\n }\n\n // bytes4(keccak256(\"CCIP EVMExtraArgsV1\"));\n bytes4 public constant EVM_EXTRA_ARGS_V1_TAG = 0x97a657c9;\n\n struct EVMExtraArgsV1 {\n uint256 gasLimit;\n }\n\n function _argsToBytes(EVMExtraArgsV1 memory extraArgs) internal pure returns (bytes memory bts) {\n return abi.encodeWithSelector(EVM_EXTRA_ARGS_V1_TAG, extraArgs);\n }\n\n // bytes4(keccak256(\"CCIP EVMExtraArgsV2\"));\n bytes4 public constant EVM_EXTRA_ARGS_V2_TAG = 0x181dcf10;\n\n /// @param gasLimit: gas limit for the callback on the destination chain.\n /// @param allowOutOfOrderExecution: if true, it indicates that the message can be executed in any order relative to other messages from the same sender.\n /// This value's default varies by chain. On some chains, a particular value is enforced, meaning if the expected value\n /// is not set, the message request will revert.\n struct EVMExtraArgsV2 {\n uint256 gasLimit;\n bool allowOutOfOrderExecution;\n }\n\n function _argsToBytes(EVMExtraArgsV2 memory extraArgs) internal pure returns (bytes memory bts) {\n return abi.encodeWithSelector(EVM_EXTRA_ARGS_V2_TAG, extraArgs);\n }\n}\n"},"@chainlink/contracts-ccip/src/v0.8/vendor/openzeppelin-solidity/v5.0.2/contracts/utils/introspection/IERC165.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Interface of the ERC165 standard, as defined in the\n * https://eips.ethereum.org/EIPS/eip-165[EIP].\n *\n * Implementers can declare support of contract interfaces, which can then be\n * queried by others ({ERC165Checker}).\n *\n * For an implementation, see {ERC165}.\n */\ninterface IERC165 {\n /**\n * @dev Returns true if this contract implements the interface defined by\n * `interfaceId`. See the corresponding\n * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]\n * to learn more about how these ids are created.\n *\n * This function call must use less than 30 000 gas.\n */\n function supportsInterface(bytes4 interfaceId) external view returns (bool);\n}\n"},"@openzeppelin/contracts-upgradeable/access/Ownable2StepUpgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable2Step.sol)\n\npragma solidity ^0.8.0;\n\nimport \"./OwnableUpgradeable.sol\";\nimport \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module which provides access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * By default, the owner account will be the one that deploys the contract. This\n * can later be changed with {transferOwnership} and {acceptOwnership}.\n *\n * This module is used through inheritance. It will make available all functions\n * from parent (Ownable).\n */\nabstract contract Ownable2StepUpgradeable is Initializable, OwnableUpgradeable {\n function __Ownable2Step_init() internal onlyInitializing {\n __Ownable_init_unchained();\n }\n\n function __Ownable2Step_init_unchained() internal onlyInitializing {\n }\n address private _pendingOwner;\n\n event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Returns the address of the pending owner.\n */\n function pendingOwner() public view virtual returns (address) {\n return _pendingOwner;\n }\n\n /**\n * @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual override onlyOwner {\n _pendingOwner = newOwner;\n emit OwnershipTransferStarted(owner(), newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual override {\n delete _pendingOwner;\n super._transferOwnership(newOwner);\n }\n\n /**\n * @dev The new owner accepts the ownership transfer.\n */\n function acceptOwnership() public virtual {\n address sender = _msgSender();\n require(pendingOwner() == sender, \"Ownable2Step: caller is not the new owner\");\n _transferOwnership(sender);\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[49] private __gap;\n}\n"},"@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../utils/ContextUpgradeable.sol\";\nimport \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module which provides a basic access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * By default, the owner account will be the one that deploys the contract. This\n * can later be changed with {transferOwnership}.\n *\n * This module is used through inheritance. It will make available the modifier\n * `onlyOwner`, which can be applied to your functions to restrict their use to\n * the owner.\n */\nabstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {\n address private _owner;\n\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Initializes the contract setting the deployer as the initial owner.\n */\n function __Ownable_init() internal onlyInitializing {\n __Ownable_init_unchained();\n }\n\n function __Ownable_init_unchained() internal onlyInitializing {\n _transferOwnership(_msgSender());\n }\n\n /**\n * @dev Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n _checkOwner();\n _;\n }\n\n /**\n * @dev Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n return _owner;\n }\n\n /**\n * @dev Throws if the sender is not the owner.\n */\n function _checkOwner() internal view virtual {\n require(owner() == _msgSender(), \"Ownable: caller is not the owner\");\n }\n\n /**\n * @dev Leaves the contract without owner. It will not be possible to call\n * `onlyOwner` functions. Can only be called by the current owner.\n *\n * NOTE: Renouncing ownership will leave the contract without an owner,\n * thereby disabling any functionality that is only available to the owner.\n */\n function renounceOwnership() public virtual onlyOwner {\n _transferOwnership(address(0));\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual onlyOwner {\n require(newOwner != address(0), \"Ownable: new owner is the zero address\");\n _transferOwnership(newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual {\n address oldOwner = _owner;\n _owner = newOwner;\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[49] private __gap;\n}\n"},"@openzeppelin/contracts-upgradeable/interfaces/IERC1271Upgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (interfaces/IERC1271.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Interface of the ERC1271 standard signature validation method for\n * contracts as defined in https://eips.ethereum.org/EIPS/eip-1271[ERC-1271].\n *\n * _Available since v4.1._\n */\ninterface IERC1271Upgradeable {\n /**\n * @dev Should return whether the signature provided is valid for the provided data\n * @param hash Hash of the data to be signed\n * @param signature Signature byte array associated with _data\n */\n function isValidSignature(bytes32 hash, bytes memory signature) external view returns (bytes4 magicValue);\n}\n"},"@openzeppelin/contracts-upgradeable/interfaces/IERC165Upgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (interfaces/IERC165.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../utils/introspection/IERC165Upgradeable.sol\";\n"},"@openzeppelin/contracts-upgradeable/interfaces/IERC4626Upgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC4626.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../token/ERC20/IERC20Upgradeable.sol\";\nimport \"../token/ERC20/extensions/IERC20MetadataUpgradeable.sol\";\n\n/**\n * @dev Interface of the ERC4626 \"Tokenized Vault Standard\", as defined in\n * https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].\n *\n * _Available since v4.7._\n */\ninterface IERC4626Upgradeable is IERC20Upgradeable, IERC20MetadataUpgradeable {\n event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);\n\n event Withdraw(\n address indexed sender,\n address indexed receiver,\n address indexed owner,\n uint256 assets,\n uint256 shares\n );\n\n /**\n * @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.\n *\n * - MUST be an ERC-20 token contract.\n * - MUST NOT revert.\n */\n function asset() external view returns (address assetTokenAddress);\n\n /**\n * @dev Returns the total amount of the underlying asset that is “managed” by Vault.\n *\n * - SHOULD include any compounding that occurs from yield.\n * - MUST be inclusive of any fees that are charged against assets in the Vault.\n * - MUST NOT revert.\n */\n function totalAssets() external view returns (uint256 totalManagedAssets);\n\n /**\n * @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal\n * scenario where all the conditions are met.\n *\n * - MUST NOT be inclusive of any fees that are charged against assets in the Vault.\n * - MUST NOT show any variations depending on the caller.\n * - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.\n * - MUST NOT revert.\n *\n * NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the\n * “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and\n * from.\n */\n function convertToShares(uint256 assets) external view returns (uint256 shares);\n\n /**\n * @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal\n * scenario where all the conditions are met.\n *\n * - MUST NOT be inclusive of any fees that are charged against assets in the Vault.\n * - MUST NOT show any variations depending on the caller.\n * - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.\n * - MUST NOT revert.\n *\n * NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the\n * “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and\n * from.\n */\n function convertToAssets(uint256 shares) external view returns (uint256 assets);\n\n /**\n * @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,\n * through a deposit call.\n *\n * - MUST return a limited value if receiver is subject to some deposit limit.\n * - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.\n * - MUST NOT revert.\n */\n function maxDeposit(address receiver) external view returns (uint256 maxAssets);\n\n /**\n * @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given\n * current on-chain conditions.\n *\n * - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit\n * call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called\n * in the same transaction.\n * - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the\n * deposit would be accepted, regardless if the user has enough tokens approved, etc.\n * - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.\n * - MUST NOT revert.\n *\n * NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in\n * share price or some other type of condition, meaning the depositor will lose assets by depositing.\n */\n function previewDeposit(uint256 assets) external view returns (uint256 shares);\n\n /**\n * @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.\n *\n * - MUST emit the Deposit event.\n * - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the\n * deposit execution, and are accounted for during deposit.\n * - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not\n * approving enough underlying tokens to the Vault contract, etc).\n *\n * NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.\n */\n function deposit(uint256 assets, address receiver) external returns (uint256 shares);\n\n /**\n * @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.\n * - MUST return a limited value if receiver is subject to some mint limit.\n * - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.\n * - MUST NOT revert.\n */\n function maxMint(address receiver) external view returns (uint256 maxShares);\n\n /**\n * @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given\n * current on-chain conditions.\n *\n * - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call\n * in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the\n * same transaction.\n * - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint\n * would be accepted, regardless if the user has enough tokens approved, etc.\n * - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.\n * - MUST NOT revert.\n *\n * NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in\n * share price or some other type of condition, meaning the depositor will lose assets by minting.\n */\n function previewMint(uint256 shares) external view returns (uint256 assets);\n\n /**\n * @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.\n *\n * - MUST emit the Deposit event.\n * - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint\n * execution, and are accounted for during mint.\n * - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not\n * approving enough underlying tokens to the Vault contract, etc).\n *\n * NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.\n */\n function mint(uint256 shares, address receiver) external returns (uint256 assets);\n\n /**\n * @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the\n * Vault, through a withdraw call.\n *\n * - MUST return a limited value if owner is subject to some withdrawal limit or timelock.\n * - MUST NOT revert.\n */\n function maxWithdraw(address owner) external view returns (uint256 maxAssets);\n\n /**\n * @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,\n * given current on-chain conditions.\n *\n * - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw\n * call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if\n * called\n * in the same transaction.\n * - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though\n * the withdrawal would be accepted, regardless if the user has enough shares, etc.\n * - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.\n * - MUST NOT revert.\n *\n * NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in\n * share price or some other type of condition, meaning the depositor will lose assets by depositing.\n */\n function previewWithdraw(uint256 assets) external view returns (uint256 shares);\n\n /**\n * @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.\n *\n * - MUST emit the Withdraw event.\n * - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the\n * withdraw execution, and are accounted for during withdraw.\n * - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner\n * not having enough shares, etc).\n *\n * Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.\n * Those methods should be performed separately.\n */\n function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares);\n\n /**\n * @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,\n * through a redeem call.\n *\n * - MUST return a limited value if owner is subject to some withdrawal limit or timelock.\n * - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.\n * - MUST NOT revert.\n */\n function maxRedeem(address owner) external view returns (uint256 maxShares);\n\n /**\n * @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,\n * given current on-chain conditions.\n *\n * - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call\n * in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the\n * same transaction.\n * - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the\n * redemption would be accepted, regardless if the user has enough shares, etc.\n * - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.\n * - MUST NOT revert.\n *\n * NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in\n * share price or some other type of condition, meaning the depositor will lose assets by redeeming.\n */\n function previewRedeem(uint256 shares) external view returns (uint256 assets);\n\n /**\n * @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.\n *\n * - MUST emit the Withdraw event.\n * - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the\n * redeem execution, and are accounted for during redeem.\n * - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner\n * not having enough shares, etc).\n *\n * NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.\n * Those methods should be performed separately.\n */\n function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets);\n}\n"},"@openzeppelin/contracts-upgradeable/interfaces/IERC4906Upgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC4906.sol)\n\npragma solidity ^0.8.0;\n\nimport \"./IERC165Upgradeable.sol\";\nimport \"./IERC721Upgradeable.sol\";\n\n/// @title EIP-721 Metadata Update Extension\ninterface IERC4906Upgradeable is IERC165Upgradeable, IERC721Upgradeable {\n /// @dev This event emits when the metadata of a token is changed.\n /// So that the third-party platforms such as NFT market could\n /// timely update the images and related attributes of the NFT.\n event MetadataUpdate(uint256 _tokenId);\n\n /// @dev This event emits when the metadata of a range of tokens is changed.\n /// So that the third-party platforms such as NFT market could\n /// timely update the images and related attributes of the NFTs.\n event BatchMetadataUpdate(uint256 _fromTokenId, uint256 _toTokenId);\n}\n"},"@openzeppelin/contracts-upgradeable/interfaces/IERC721Upgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (interfaces/IERC721.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../token/ERC721/IERC721Upgradeable.sol\";\n"},"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)\n\npragma solidity ^0.8.2;\n\nimport \"../../utils/AddressUpgradeable.sol\";\n\n/**\n * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed\n * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an\n * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer\n * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.\n *\n * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be\n * reused. This mechanism prevents re-execution of each \"step\" but allows the creation of new initialization steps in\n * case an upgrade adds a module that needs to be initialized.\n *\n * For example:\n *\n * [.hljs-theme-light.nopadding]\n * ```solidity\n * contract MyToken is ERC20Upgradeable {\n * function initialize() initializer public {\n * __ERC20_init(\"MyToken\", \"MTK\");\n * }\n * }\n *\n * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {\n * function initializeV2() reinitializer(2) public {\n * __ERC20Permit_init(\"MyToken\");\n * }\n * }\n * ```\n *\n * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as\n * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.\n *\n * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure\n * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.\n *\n * [CAUTION]\n * ====\n * Avoid leaving a contract uninitialized.\n *\n * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation\n * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke\n * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * /// @custom:oz-upgrades-unsafe-allow constructor\n * constructor() {\n * _disableInitializers();\n * }\n * ```\n * ====\n */\nabstract contract Initializable {\n /**\n * @dev Indicates that the contract has been initialized.\n * @custom:oz-retyped-from bool\n */\n uint8 private _initialized;\n\n /**\n * @dev Indicates that the contract is in the process of being initialized.\n */\n bool private _initializing;\n\n /**\n * @dev Triggered when the contract has been initialized or reinitialized.\n */\n event Initialized(uint8 version);\n\n /**\n * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,\n * `onlyInitializing` functions can be used to initialize parent contracts.\n *\n * Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a\n * constructor.\n *\n * Emits an {Initialized} event.\n */\n modifier initializer() {\n bool isTopLevelCall = !_initializing;\n require(\n (isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),\n \"Initializable: contract is already initialized\"\n );\n _initialized = 1;\n if (isTopLevelCall) {\n _initializing = true;\n }\n _;\n if (isTopLevelCall) {\n _initializing = false;\n emit Initialized(1);\n }\n }\n\n /**\n * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the\n * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be\n