@ironblocks/firewall-consumer/artifacts/build-info/db590b791234d49ea9baac091b14acfe.json

Provided interface for smart contracts to connect to Ironblocks' Firewall

{"id":"db590b791234d49ea9baac091b14acfe","_format":"hh-sol-build-info-1","solcVersion":"0.8.19","solcLongVersion":"0.8.19+commit.7dd6d404","input":{"language":"Solidity","sources":{"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)\n\npragma solidity ^0.8.2;\n\nimport \"../../utils/AddressUpgradeable.sol\";\n\n/**\n * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed\n * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an\n * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer\n * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.\n *\n * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be\n * reused. This mechanism prevents re-execution of each \"step\" but allows the creation of new initialization steps in\n * case an upgrade adds a module that needs to be initialized.\n *\n * For example:\n *\n * [.hljs-theme-light.nopadding]\n * ```solidity\n * contract MyToken is ERC20Upgradeable {\n *     function initialize() initializer public {\n *         __ERC20_init(\"MyToken\", \"MTK\");\n *     }\n * }\n *\n * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {\n *     function initializeV2() reinitializer(2) public {\n *         __ERC20Permit_init(\"MyToken\");\n *     }\n * }\n * ```\n *\n * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as\n * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.\n *\n * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure\n * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.\n *\n * [CAUTION]\n * ====\n * Avoid leaving a contract uninitialized.\n *\n * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation\n * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke\n * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * /// @custom:oz-upgrades-unsafe-allow constructor\n * constructor() {\n *     _disableInitializers();\n * }\n * ```\n * ====\n */\nabstract contract Initializable {\n    /**\n     * @dev Indicates that the contract has been initialized.\n     * @custom:oz-retyped-from bool\n     */\n    uint8 private _initialized;\n\n    /**\n     * @dev Indicates that the contract is in the process of being initialized.\n     */\n    bool private _initializing;\n\n    /**\n     * @dev Triggered when the contract has been initialized or reinitialized.\n     */\n    event Initialized(uint8 version);\n\n    /**\n     * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,\n     * `onlyInitializing` functions can be used to initialize parent contracts.\n     *\n     * Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a\n     * constructor.\n     *\n     * Emits an {Initialized} event.\n     */\n    modifier initializer() {\n        bool isTopLevelCall = !_initializing;\n        require(\n            (isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),\n            \"Initializable: contract is already initialized\"\n        );\n        _initialized = 1;\n        if (isTopLevelCall) {\n            _initializing = true;\n        }\n        _;\n        if (isTopLevelCall) {\n            _initializing = false;\n            emit Initialized(1);\n        }\n    }\n\n    /**\n     * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the\n     * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be\n     * used to initialize parent contracts.\n     *\n     * A reinitializer may be used after the original initialization step. This is essential to configure modules that\n     * are added through upgrades and that require initialization.\n     *\n     * When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`\n     * cannot be nested. If one is invoked in the context of another, execution will revert.\n     *\n     * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in\n     * a contract, executing them in the right order is up to the developer or operator.\n     *\n     * WARNING: setting the version to 255 will prevent any future reinitialization.\n     *\n     * Emits an {Initialized} event.\n     */\n    modifier reinitializer(uint8 version) {\n        require(!_initializing && _initialized < version, \"Initializable: contract is already initialized\");\n        _initialized = version;\n        _initializing = true;\n        _;\n        _initializing = false;\n        emit Initialized(version);\n    }\n\n    /**\n     * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the\n     * {initializer} and {reinitializer} modifiers, directly or indirectly.\n     */\n    modifier onlyInitializing() {\n        require(_initializing, \"Initializable: contract is not initializing\");\n        _;\n    }\n\n    /**\n     * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.\n     * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized\n     * to any version. It is recommended to use this to lock implementation contracts that are designed to be called\n     * through proxies.\n     *\n     * Emits an {Initialized} event the first time it is successfully executed.\n     */\n    function _disableInitializers() internal virtual {\n        require(!_initializing, \"Initializable: contract is initializing\");\n        if (_initialized != type(uint8).max) {\n            _initialized = type(uint8).max;\n            emit Initialized(type(uint8).max);\n        }\n    }\n\n    /**\n     * @dev Returns the highest version that has been initialized. See {reinitializer}.\n     */\n    function _getInitializedVersion() internal view returns (uint8) {\n        return _initialized;\n    }\n\n    /**\n     * @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.\n     */\n    function _isInitializing() internal view returns (bool) {\n        return _initializing;\n    }\n}\n"},"@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)\n\npragma solidity ^0.8.1;\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary AddressUpgradeable {\n    /**\n     * @dev Returns true if `account` is a contract.\n     *\n     * [IMPORTANT]\n     * ====\n     * It is unsafe to assume that an address for which this function returns\n     * false is an externally-owned account (EOA) and not a contract.\n     *\n     * Among others, `isContract` will return false for the following\n     * types of addresses:\n     *\n     *  - an externally-owned account\n     *  - a contract in construction\n     *  - an address where a contract will be created\n     *  - an address where a contract lived, but was destroyed\n     *\n     * Furthermore, `isContract` will also return true if the target contract within\n     * the same transaction is already scheduled for destruction by `SELFDESTRUCT`,\n     * which only has an effect at the end of a transaction.\n     * ====\n     *\n     * [IMPORTANT]\n     * ====\n     * You shouldn't rely on `isContract` to protect against flash loan attacks!\n     *\n     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets\n     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract\n     * constructor.\n     * ====\n     */\n    function isContract(address account) internal view returns (bool) {\n        // This method relies on extcodesize/address.code.length, which returns 0\n        // for contracts in construction, since the code is only stored at the end\n        // of the constructor execution.\n\n        return account.code.length > 0;\n    }\n\n    /**\n     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n     * `recipient`, forwarding all available gas and reverting on errors.\n     *\n     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n     * of certain opcodes, possibly making contracts go over the 2300 gas limit\n     * imposed by `transfer`, making them unable to receive funds via\n     * `transfer`. {sendValue} removes this limitation.\n     *\n     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n     *\n     * IMPORTANT: because control is transferred to `recipient`, care must be\n     * taken to not create reentrancy vulnerabilities. Consider using\n     * {ReentrancyGuard} or the\n     * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n     */\n    function sendValue(address payable recipient, uint256 amount) internal {\n        require(address(this).balance >= amount, \"Address: insufficient balance\");\n\n        (bool success, ) = recipient.call{value: amount}(\"\");\n        require(success, \"Address: unable to send value, recipient may have reverted\");\n    }\n\n    /**\n     * @dev Performs a Solidity function call using a low level `call`. A\n     * plain `call` is an unsafe replacement for a function call: use this\n     * function instead.\n     *\n     * If `target` reverts with a revert reason, it is bubbled up by this\n     * function (like regular Solidity function calls).\n     *\n     * Returns the raw returned data. To convert to the expected return value,\n     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n     *\n     * Requirements:\n     *\n     * - `target` must be a contract.\n     * - calling `target` with `data` must not revert.\n     *\n     * _Available since v3.1._\n     */\n    function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, 0, \"Address: low-level call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with\n     * `errorMessage` as a fallback revert reason when `target` reverts.\n     *\n     * _Available since v3.1._\n     */\n    function functionCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, 0, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but also transferring `value` wei to `target`.\n     *\n     * Requirements:\n     *\n     * - the calling contract must have an ETH balance of at least `value`.\n     * - the called Solidity function must be `payable`.\n     *\n     * _Available since v3.1._\n     */\n    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, value, \"Address: low-level call with value failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but\n     * with `errorMessage` as a fallback revert reason when `target` reverts.\n     *\n     * _Available since v3.1._\n     */\n    function functionCallWithValue(\n        address target,\n        bytes memory data,\n        uint256 value,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        require(address(this).balance >= value, \"Address: insufficient balance for call\");\n        (bool success, bytes memory returndata) = target.call{value: value}(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but performing a static call.\n     *\n     * _Available since v3.3._\n     */\n    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n        return functionStaticCall(target, data, \"Address: low-level static call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n     * but performing a static call.\n     *\n     * _Available since v3.3._\n     */\n    function functionStaticCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal view returns (bytes memory) {\n        (bool success, bytes memory returndata) = target.staticcall(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but performing a delegate call.\n     *\n     * _Available since v3.4._\n     */\n    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {\n        return functionDelegateCall(target, data, \"Address: low-level delegate call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n     * but performing a delegate call.\n     *\n     * _Available since v3.4._\n     */\n    function functionDelegateCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        (bool success, bytes memory returndata) = target.delegatecall(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling\n     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.\n     *\n     * _Available since v4.8._\n     */\n    function verifyCallResultFromTarget(\n        address target,\n        bool success,\n        bytes memory returndata,\n        string memory errorMessage\n    ) internal view returns (bytes memory) {\n        if (success) {\n            if (returndata.length == 0) {\n                // only check isContract if the call was successful and the return data is empty\n                // otherwise we already know that it was a contract\n                require(isContract(target), \"Address: call to non-contract\");\n            }\n            return returndata;\n        } else {\n            _revert(returndata, errorMessage);\n        }\n    }\n\n    /**\n     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the\n     * revert reason or using the provided one.\n     *\n     * _Available since v4.3._\n     */\n    function verifyCallResult(\n        bool success,\n        bytes memory returndata,\n        string memory errorMessage\n    ) internal pure returns (bytes memory) {\n        if (success) {\n            return returndata;\n        } else {\n            _revert(returndata, errorMessage);\n        }\n    }\n\n    function _revert(bytes memory returndata, string memory errorMessage) private pure {\n        // Look for revert reason and bubble it up if present\n        if (returndata.length > 0) {\n            // The easiest way to bubble the revert reason is using memory via assembly\n            /// @solidity memory-safe-assembly\n            assembly {\n                let returndata_size := mload(returndata)\n                revert(add(32, returndata), returndata_size)\n            }\n        } else {\n            revert(errorMessage);\n        }\n    }\n}\n"},"@openzeppelin/contracts/utils/Address.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)\n\npragma solidity ^0.8.1;\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary Address {\n    /**\n     * @dev Returns true if `account` is a contract.\n     *\n     * [IMPORTANT]\n     * ====\n     * It is unsafe to assume that an address for which this function returns\n     * false is an externally-owned account (EOA) and not a contract.\n     *\n     * Among others, `isContract` will return false for the following\n     * types of addresses:\n     *\n     *  - an externally-owned account\n     *  - a contract in construction\n     *  - an address where a contract will be created\n     *  - an address where a contract lived, but was destroyed\n     *\n     * Furthermore, `isContract` will also return true if the target contract within\n     * the same transaction is already scheduled for destruction by `SELFDESTRUCT`,\n     * which only has an effect at the end of a transaction.\n     * ====\n     *\n     * [IMPORTANT]\n     * ====\n     * You shouldn't rely on `isContract` to protect against flash loan attacks!\n     *\n     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets\n     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract\n     * constructor.\n     * ====\n     */\n    function isContract(address account) internal view returns (bool) {\n        // This method relies on extcodesize/address.code.length, which returns 0\n        // for contracts in construction, since the code is only stored at the end\n        // of the constructor execution.\n\n        return account.code.length > 0;\n    }\n\n    /**\n     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n     * `recipient`, forwarding all available gas and reverting on errors.\n     *\n     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n     * of certain opcodes, possibly making contracts go over the 2300 gas limit\n     * imposed by `transfer`, making them unable to receive funds via\n     * `transfer`. {sendValue} removes this limitation.\n     *\n     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n     *\n     * IMPORTANT: because control is transferred to `recipient`, care must be\n     * taken to not create reentrancy vulnerabilities. Consider using\n     * {ReentrancyGuard} or the\n     * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n     */\n    function sendValue(address payable recipient, uint256 amount) internal {\n        require(address(this).balance >= amount, \"Address: insufficient balance\");\n\n        (bool success, ) = recipient.call{value: amount}(\"\");\n        require(success, \"Address: unable to send value, recipient may have reverted\");\n    }\n\n    /**\n     * @dev Performs a Solidity function call using a low level `call`. A\n     * plain `call` is an unsafe replacement for a function call: use this\n     * function instead.\n     *\n     * If `target` reverts with a revert reason, it is bubbled up by this\n     * function (like regular Solidity function calls).\n     *\n     * Returns the raw returned data. To convert to the expected return value,\n     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n     *\n     * Requirements:\n     *\n     * - `target` must be a contract.\n     * - calling `target` with `data` must not revert.\n     *\n     * _Available since v3.1._\n     */\n    function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, 0, \"Address: low-level call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with\n     * `errorMessage` as a fallback revert reason when `target` reverts.\n     *\n     * _Available since v3.1._\n     */\n    function functionCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, 0, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but also transferring `value` wei to `target`.\n     *\n     * Requirements:\n     *\n     * - the calling contract must have an ETH balance of at least `value`.\n     * - the called Solidity function must be `payable`.\n     *\n     * _Available since v3.1._\n     */\n    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {\n        return functionCallWithValue(target, data, value, \"Address: low-level call with value failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but\n     * with `errorMessage` as a fallback revert reason when `target` reverts.\n     *\n     * _Available since v3.1._\n     */\n    function functionCallWithValue(\n        address target,\n        bytes memory data,\n        uint256 value,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        require(address(this).balance >= value, \"Address: insufficient balance for call\");\n        (bool success, bytes memory returndata) = target.call{value: value}(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but performing a static call.\n     *\n     * _Available since v3.3._\n     */\n    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n        return functionStaticCall(target, data, \"Address: low-level static call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n     * but performing a static call.\n     *\n     * _Available since v3.3._\n     */\n    function functionStaticCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal view returns (bytes memory) {\n        (bool success, bytes memory returndata) = target.staticcall(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n     * but performing a delegate call.\n     *\n     * _Available since v3.4._\n     */\n    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {\n        return functionDelegateCall(target, data, \"Address: low-level delegate call failed\");\n    }\n\n    /**\n     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n     * but performing a delegate call.\n     *\n     * _Available since v3.4._\n     */\n    function functionDelegateCall(\n        address target,\n        bytes memory data,\n        string memory errorMessage\n    ) internal returns (bytes memory) {\n        (bool success, bytes memory returndata) = target.delegatecall(data);\n        return verifyCallResultFromTarget(target, success, returndata, errorMessage);\n    }\n\n    /**\n     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling\n     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.\n     *\n     * _Available since v4.8._\n     */\n    function verifyCallResultFromTarget(\n        address target,\n        bool success,\n        bytes memory returndata,\n        string memory errorMessage\n    ) internal view returns (bytes memory) {\n        if (success) {\n            if (returndata.length == 0) {\n                // only check isContract if the call was successful and the return data is empty\n                // otherwise we already know that it was a contract\n                require(isContract(target), \"Address: call to non-contract\");\n            }\n            return returndata;\n        } else {\n            _revert(returndata, errorMessage);\n        }\n    }\n\n    /**\n     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the\n     * revert reason or using the provided one.\n     *\n     * _Available since v4.3._\n     */\n    function verifyCallResult(\n        bool success,\n        bytes memory returndata,\n        string memory errorMessage\n    ) internal pure returns (bytes memory) {\n        if (success) {\n            return returndata;\n        } else {\n            _revert(returndata, errorMessage);\n        }\n    }\n\n    function _revert(bytes memory returndata, string memory errorMessage) private pure {\n        // Look for revert reason and bubble it up if present\n        if (returndata.length > 0) {\n            // The easiest way to bubble the revert reason is using memory via assembly\n            /// @solidity memory-safe-assembly\n            assembly {\n                let returndata_size := mload(returndata)\n                revert(add(32, returndata), returndata_size)\n            }\n        } else {\n            revert(errorMessage);\n        }\n    }\n}\n"},"@openzeppelin/contracts/utils/Context.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Provides information about the current execution context, including the\n * sender of the transaction and its data. While these are generally available\n * via msg.sender and msg.data, they should not be accessed in such a direct\n * manner, since when dealing with meta-transactions the account sending and\n * paying for execution may not be the actual sender (as far as an application\n * is concerned).\n *\n * This contract is only required for intermediate, library-like contracts.\n */\nabstract contract Context {\n    function _msgSender() internal view virtual returns (address) {\n        return msg.sender;\n    }\n\n    function _msgData() internal view virtual returns (bytes calldata) {\n        return msg.data;\n    }\n}\n"},"@openzeppelin/contracts/utils/introspection/ERC165Checker.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.9.0) (utils/introspection/ERC165Checker.sol)\n\npragma solidity ^0.8.0;\n\nimport \"./IERC165.sol\";\n\n/**\n * @dev Library used to query support of an interface declared via {IERC165}.\n *\n * Note that these functions return the actual result of the query: they do not\n * `revert` if an interface is not supported. It is up to the caller to decide\n * what to do in these cases.\n */\nlibrary ERC165Checker {\n    // As per the EIP-165 spec, no interface should ever match 0xffffffff\n    bytes4 private constant _INTERFACE_ID_INVALID = 0xffffffff;\n\n    /**\n     * @dev Returns true if `account` supports the {IERC165} interface.\n     */\n    function supportsERC165(address account) internal view returns (bool) {\n        // Any contract that implements ERC165 must explicitly indicate support of\n        // InterfaceId_ERC165 and explicitly indicate non-support of InterfaceId_Invalid\n        return\n            supportsERC165InterfaceUnchecked(account, type(IERC165).interfaceId) &&\n            !supportsERC165InterfaceUnchecked(account, _INTERFACE_ID_INVALID);\n    }\n\n    /**\n     * @dev Returns true if `account` supports the interface defined by\n     * `interfaceId`. Support for {IERC165} itself is queried automatically.\n     *\n     * See {IERC165-supportsInterface}.\n     */\n    function supportsInterface(address account, bytes4 interfaceId) internal view returns (bool) {\n        // query support of both ERC165 as per the spec and support of _interfaceId\n        return supportsERC165(account) && supportsERC165InterfaceUnchecked(account, interfaceId);\n    }\n\n    /**\n     * @dev Returns a boolean array where each value corresponds to the\n     * interfaces passed in and whether they're supported or not. This allows\n     * you to batch check interfaces for a contract where your expectation\n     * is that some interfaces may not be supported.\n     *\n     * See {IERC165-supportsInterface}.\n     *\n     * _Available since v3.4._\n     */\n    function getSupportedInterfaces(\n        address account,\n        bytes4[] memory interfaceIds\n    ) internal view returns (bool[] memory) {\n        // an array of booleans corresponding to interfaceIds and whether they're supported or not\n        bool[] memory interfaceIdsSupported = new bool[](interfaceIds.length);\n\n        // query support of ERC165 itself\n        if (supportsERC165(account)) {\n            // query support of each interface in interfaceIds\n            for (uint256 i = 0; i < interfaceIds.length; i++) {\n                interfaceIdsSupported[i] = supportsERC165InterfaceUnchecked(account, interfaceIds[i]);\n            }\n        }\n\n        return interfaceIdsSupported;\n    }\n\n    /**\n     * @dev Returns true if `account` supports all the interfaces defined in\n     * `interfaceIds`. Support for {IERC165} itself is queried automatically.\n     *\n     * Batch-querying can lead to gas savings by skipping repeated checks for\n     * {IERC165} support.\n     *\n     * See {IERC165-supportsInterface}.\n     */\n    function supportsAllInterfaces(address account, bytes4[] memory interfaceIds) internal view returns (bool) {\n        // query support of ERC165 itself\n        if (!supportsERC165(account)) {\n            return false;\n        }\n\n        // query support of each interface in interfaceIds\n        for (uint256 i = 0; i < interfaceIds.length; i++) {\n            if (!supportsERC165InterfaceUnchecked(account, interfaceIds[i])) {\n                return false;\n            }\n        }\n\n        // all interfaces supported\n        return true;\n    }\n\n    /**\n     * @notice Query if a contract implements an interface, does not check ERC165 support\n     * @param account The address of the contract to query for support of an interface\n     * @param interfaceId The interface identifier, as specified in ERC-165\n     * @return true if the contract at account indicates support of the interface with\n     * identifier interfaceId, false otherwise\n     * @dev Assumes that account contains a contract that supports ERC165, otherwise\n     * the behavior of this method is undefined. This precondition can be checked\n     * with {supportsERC165}.\n     *\n     * Some precompiled contracts will falsely indicate support for a given interface, so caution\n     * should be exercised when using this function.\n     *\n     * Interface identification is specified in ERC-165.\n     */\n    function supportsERC165InterfaceUnchecked(address account, bytes4 interfaceId) internal view returns (bool) {\n        // prepare call\n        bytes memory encodedParams = abi.encodeWithSelector(IERC165.supportsInterface.selector, interfaceId);\n\n        // perform static call\n        bool success;\n        uint256 returnSize;\n        uint256 returnValue;\n        assembly {\n            success := staticcall(30000, account, add(encodedParams, 0x20), mload(encodedParams), 0x00, 0x20)\n            returnSize := returndatasize()\n            returnValue := mload(0x00)\n        }\n\n        return success && returnSize >= 0x20 && returnValue > 0;\n    }\n}\n"},"@openzeppelin/contracts/utils/introspection/IERC165.sol":{"content":"// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Interface of the ERC165 standard, as defined in the\n * https://eips.ethereum.org/EIPS/eip-165[EIP].\n *\n * Implementers can declare support of contract interfaces, which can then be\n * queried by others ({ERC165Checker}).\n *\n * For an implementation, see {ERC165}.\n */\ninterface IERC165 {\n    /**\n     * @dev Returns true if this contract implements the interface defined by\n     * `interfaceId`. See the corresponding\n     * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]\n     * to learn more about how these ids are created.\n     *\n     * This function call must use less than 30 000 gas.\n     */\n    function supportsInterface(bytes4 interfaceId) external view returns (bool);\n}\n"},"contracts/consumers/FirewallConsumerStorage.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\n// See LICENSE file for full license text.\n// Copyright (c) Ironblocks 2024\npragma solidity ^0.8.0;\n\nimport {Address} from \"@openzeppelin/contracts/utils/Address.sol\";\nimport {IFirewall} from \"../interfaces/IFirewall.sol\";\nimport {IFirewallConsumerStorage} from \"../interfaces/IFirewallConsumerStorage.sol\";\n\n/**\n * @title Firewall Consumer Storage Contract\n * @author David Benchimol @ Ironblocks\n * @dev This contract is a parent contract that can be used to add firewall protection to any contract.\n *\n * The contract must define a firewall contract which will manage the policies that are applied to the contract.\n * It also must define a firewall admin which will be able to add and remove policies.\n *\n */\ncontract FirewallConsumerStorage is IFirewallConsumerStorage {\n\n    // This slot is used to store the firewall address\n    bytes32 private constant FIREWALL_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.firewall\")) - 1);\n\n    // This slot is used to store the firewall admin address\n    bytes32 private constant FIREWALL_ADMIN_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.firewall.admin\")) - 1);\n\n    // This slot is used to store the new firewall admin address (when changing admin)\n    bytes32 private constant NEW_FIREWALL_ADMIN_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.new.firewall.admin\")) - 1);\n\n    // This slot is special since it's used for mappings and not a single value\n    bytes32 private constant APPROVED_TARGET_SLOT = bytes32(uint256(keccak256(\"eip1967.approved.target\")) - 1);\n\n    bytes32 private constant USER_NATIVE_FEE_SLOT = bytes32(uint256(keccak256(\"eip1967.user.native.fee\")) - 1);\n\n    event FirewallAdminUpdated(address newAdmin);\n    event FirewallUpdated(address newFirewall);\n\n    /**\n     * @dev modifier similar to onlyOwner, but for the firewall admin.\n     */\n    modifier onlyFirewallAdmin() {\n        require(msg.sender == _getAddressBySlot(FIREWALL_ADMIN_STORAGE_SLOT), \"FirewallConsumer: not firewall admin\");\n        _;\n    }\n\n    /**\n     * @dev Initializes a contract protected by a firewall, with a firewall address and a firewall admin.\n     */\n    constructor(\n        address _firewall,\n        address _firewallAdmin\n    ) {\n        _setAddressBySlot(FIREWALL_STORAGE_SLOT, _firewall);\n        _setAddressBySlot(FIREWALL_ADMIN_STORAGE_SLOT, _firewallAdmin);\n    }\n\n    function getApprovedTarget() external view returns (address) {\n        return _getAddressBySlot(APPROVED_TARGET_SLOT);\n    }\n\n    function getUserNativeFee() external view returns (uint256) {\n        return uint256(_getValueBySlot(USER_NATIVE_FEE_SLOT));\n    }\n\n    function getFirewall() external view returns (address) {\n        return _getAddressBySlot(FIREWALL_STORAGE_SLOT);\n    }\n\n    function getFirewallAdmin() external view returns (address) {\n        return _getAddressBySlot(FIREWALL_ADMIN_STORAGE_SLOT);\n    }\n\n    /**\n     * @dev Allows firewall admin to set target.\n     * IMPORTANT: Only set approved target if you know what you're doing. Anyone can cause this contract\n     * to send any data to an approved target.\n     *\n     * @param target address of the target\n     */\n    function setTarget(address target) external onlyFirewallAdmin {\n        _setAddressBySlot(APPROVED_TARGET_SLOT, target);\n    }\n\n    /**\n     * @dev Allows firewall admin to set user native fee for safeFunctionCall.\n     *\n     * @param fee native fee for the user\n     */\n    function setUserNativeFee(uint256 fee) external onlyFirewallAdmin {\n        _setValueBySlot(USER_NATIVE_FEE_SLOT, fee);\n    }\n\n    /**\n     * @dev Admin only function allowing the consumers admin to set the firewall address.\n     * @param _firewall address of the firewall\n     */\n    function setFirewall(address _firewall) external onlyFirewallAdmin {\n        _setAddressBySlot(FIREWALL_STORAGE_SLOT, _firewall);\n        emit FirewallUpdated(_firewall);\n    }\n\n    /**\n     * @dev Admin only function, sets new firewall admin. New admin must accept.\n     * @param _firewallAdmin address of the new firewall admin\n     */\n    function setFirewallAdmin(address _firewallAdmin) external onlyFirewallAdmin {\n        require(_firewallAdmin != address(0), \"FirewallConsumer: zero address\");\n        _setAddressBySlot(NEW_FIREWALL_ADMIN_STORAGE_SLOT, _firewallAdmin);\n    }\n\n    /**\n     * @dev Accept the role as firewall admin.\n     */\n    function acceptFirewallAdmin() external {\n        require(msg.sender == _getAddressBySlot(NEW_FIREWALL_ADMIN_STORAGE_SLOT), \"FirewallConsumer: not new admin\");\n        _setAddressBySlot(FIREWALL_ADMIN_STORAGE_SLOT, msg.sender);\n        emit FirewallAdminUpdated(msg.sender);\n    }\n\n    /**\n     * @dev Internal helper function to set an address in a storage slot\n     * @param _slot storage slot\n     * @param _address address to be set\n     */\n    function _setAddressBySlot(bytes32 _slot, address _address) internal {\n        assembly {\n            sstore(_slot, _address)\n        }\n    }\n\n    /**\n     * @dev Internal helper function to get an address from a storage slot\n     * @param _slot storage slot\n     * @return _address from the storage slot\n     */\n    function _getAddressBySlot(bytes32 _slot) internal view returns (address _address) {\n        assembly {\n            _address := sload(_slot)\n        }\n    }\n\n    function _setValueBySlot(bytes32 _slot, uint256 _value) internal {\n        assembly {\n            sstore(_slot, _value)\n        }\n    }\n\n    /**\n     * @dev Internal helper function to get a value from a storage slot\n     * @param _slot storage slot\n     * @return _value from the storage slot\n     */\n    function _getValueBySlot(bytes32 _slot) internal view returns (bytes32 _value) {\n        assembly {\n            _value := sload(_slot)\n        }\n    }\n}"},"contracts/consumers/SimpleUpgradeableFirewallConsumer.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\n// See LICENSE file for full license text.\n// Copyright (c) Ironblocks 2024\npragma solidity ^0.8.0;\n\nimport {Initializable} from \"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol\";\nimport {Address} from \"@openzeppelin/contracts/utils/Address.sol\";\nimport {IFirewall} from \"../interfaces/IFirewall.sol\";\nimport {IFirewallConsumer} from \"../interfaces/IFirewallConsumer.sol\";\nimport {IFirewallConsumerStorage} from \"../interfaces/IFirewallConsumerStorage.sol\";\n\n/**\n * @title Firewall Minimal Upgradeable Consumer Contract\n * @author David Benchimol @ Ironblocks\n * @dev This contract is a parent contract that can be used to add firewall protection to any contract.\n *\n * The contract is the most minimal upgradeable contract that implements the FirewallConsumer interface.\n *\n */\ncontract SimpleUpgradeableFirewallConsumer is IFirewallConsumer, Initializable {\n\n    // This slot is used to store the consumer storage address\n    bytes32 private constant FIREWALL_CONSUMER_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.firewall.consumer.storage\")) - 1);\n\n    /**\n     * @dev modifier that will run the preExecution and postExecution hooks of the firewall, applying each of\n     * the subscribed policies.\n     *\n     * NOTE: Applying this modifier on functions that exit execution flow by an inline assmebly \"return\" call will\n     * prevent the postExecution hook from running - breaking the protection provided by the firewall.\n     * If you have any questions, please refer to the Firewall's documentation and/or contact our support.\n     */\n    modifier firewallProtected() {\n        address firewallConsumerStorage = _getFirewallConsumerStorage();\n        address firewall = IFirewallConsumerStorage(firewallConsumerStorage).getFirewall();\n        if (firewall == address(0)) {\n            _;\n            return;\n        }\n        // We do this because msg.value can only be accessed in payable functions.\n        uint256 value;\n        assembly {\n            value := callvalue()\n        }\n        IFirewall(firewall).preExecution(msg.sender, msg.data, value);\n        _;\n        IFirewall(firewall).postExecution(msg.sender, msg.data, value);\n    }\n\n    /**\n     * @dev modifier similar to onlyOwner, but for the firewall admin.\n     */\n    modifier onlyFirewallAdmin() {\n        require(msg.sender == _getFirewallAdmin(), \"FirewallConsumer: not firewall admin\");\n        _;\n    }\n\n    /**\n     * @dev Allows calling an approved external target before executing a method.\n     *\n     * This can be used for multiple purposes, but the initial one is to call `approveCallsViaSignature` before\n     * executing a function, allowing synchronous transaction approvals.\n     *\n     * NOTE: If userNativeFee is non zero, functions using this must take into account that\n     * the value received will be slightly less than msg.value due to the fee.\n     *\n     * @param targetPayload payload to be sent to the target\n     * @param data data to be executed after the target call\n     */\n    function safeFunctionCall(\n        bytes calldata targetPayload,\n        bytes calldata data\n    ) external payable {\n        address firewallConsumerStorage = _getFirewallConsumerStorage();\n        address target = IFirewallConsumerStorage(firewallConsumerStorage).getApprovedTarget();\n        uint256 userNativeFee = IFirewallConsumerStorage(firewallConsumerStorage).getUserNativeFee();\n        require(msg.value >= userNativeFee, \"FirewallConsumer: Not enough native value for fee\");\n        (bool success,) = target.call{value: userNativeFee}(targetPayload);\n        require(success);\n        Address.functionDelegateCall(address(this), data);\n    }\n\n    /**\n     * @dev View function for the firewall admin\n     */\n    function firewallAdmin() external view returns (address) {\n        return _getFirewallAdmin();\n    }\n\n    function setFirewallConsumerStorage(address _firewallConsumerStorage) external onlyFirewallAdmin {\n        _setAddressBySlot(FIREWALL_CONSUMER_STORAGE_SLOT, _firewallConsumerStorage);\n    }\n\n    function __SimpleUpgradeableFirewallConsumer_init(address _firewallConsumerStorage) internal onlyInitializing {\n        _setAddressBySlot(FIREWALL_CONSUMER_STORAGE_SLOT, _firewallConsumerStorage);\n    }\n\n    /**\n     * @dev Internal view function for the firewall admin\n     */\n    function _getFirewallAdmin() internal view returns (address) {\n        address firewallConsumerStorage = _getFirewallConsumerStorage();\n        return IFirewallConsumerStorage(firewallConsumerStorage).getFirewallAdmin();\n    }\n\n    /**\n     * @dev Internal view function for the consumer storage\n     */\n    function _getFirewallConsumerStorage() internal view returns (address) {\n        return _getAddressBySlot(FIREWALL_CONSUMER_STORAGE_SLOT);\n    }\n\n\n    /**\n     * @dev Internal helper function to set an address in a storage slot\n     * @param _slot storage slot\n     * @param _address address to be set\n     */\n    function _setAddressBySlot(bytes32 _slot, address _address) internal {\n        assembly {\n            sstore(_slot, _address)\n        }\n    }\n\n    /**\n     * @dev Internal helper function to get an address from a storage slot\n     * @param _slot storage slot\n     * @return _address from the storage slot\n     */\n    function _getAddressBySlot(bytes32 _slot) internal view returns (address _address) {\n        assembly {\n            _address := sload(_slot)\n        }\n    }\n\n}"},"contracts/FirewallConsumer.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\n// See LICENSE file for full license text.\n// Copyright (c) Ironblocks 2024\npragma solidity ^0.8;\n\nimport {FirewallConsumerBase} from \"./FirewallConsumerBase.sol\";\n\n/**\n * @title Firewall Consumer\n * @author David Benchimol @ Ironblocks\n * @dev This contract is a parent contract that can be used to add firewall protection to any contract.\n *\n * The contract must initializes with the firewall contract disabled, and the deployer\n * as the firewall admin.\n *\n */\ncontract FirewallConsumer is FirewallConsumerBase(address(0), msg.sender) {\n}"},"contracts/FirewallConsumerBase.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\n// See LICENSE file for full license text.\n// Copyright (c) Ironblocks 2024\npragma solidity ^0.8;\n\nimport {ERC165Checker} from \"@openzeppelin/contracts/utils/introspection/ERC165Checker.sol\";\nimport {Address} from \"@openzeppelin/contracts/utils/Address.sol\";\nimport {Context} from \"@openzeppelin/contracts/utils/Context.sol\";\nimport {IFirewall} from \"./interfaces/IFirewall.sol\";\nimport {IFirewallConsumer} from \"./interfaces/IFirewallConsumer.sol\";\n\n/**\n * @title Firewall Consumer Base Contract\n * @author David Benchimol @ Ironblocks\n * @dev This contract is a parent contract that can be used to add firewall protection to any contract.\n *\n * The contract must define a firewall contract which will manage the policies that are applied to the contract.\n * It also must define a firewall admin which will be able to add and remove policies.\n *\n */\ncontract FirewallConsumerBase is IFirewallConsumer, Context {\n\n    // This slot is used to store the firewall address\n    bytes32 private constant FIREWALL_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.firewall\")) - 1);\n\n    // This slot is used to store the firewall admin address\n    bytes32 private constant FIREWALL_ADMIN_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.firewall.admin\")) - 1);\n\n    // This slot is used to store the new firewall admin address (when changing admin)\n    bytes32 private constant NEW_FIREWALL_ADMIN_STORAGE_SLOT = bytes32(uint256(keccak256(\"eip1967.new.firewall.admin\")) - 1);\n    bytes4 private constant SUPPORTS_APPROVE_VIA_SIGNATURE_INTERFACE_ID = bytes4(0x0c908cff); // sighash of approveCallsViaSignature\n\n    // This slot is special since it's used for mappings and not a single value\n    bytes32 private constant APPROVED_TARGETS_MAPPING_SLOT = bytes32(uint256(keccak256(\"eip1967.approved.targets\")) - 1);\n\n    event FirewallAdminUpdated(address newAdmin);\n    event FirewallUpdated(address newFirewall);\n\n    /**\n     * @dev modifier that will run the preExecution and postExecution hooks of the firewall, applying each of\n     * the subscribed policies.\n     *\n     * NOTE: Applying this modifier on functions that exit execution flow by an inline assmebly \"return\" call will\n     * prevent the postExecution hook from running - breaking the protection provided by the firewall.\n     * If you have any questions, please refer to the Firewall's documentation and/or contact our support.\n     */\n    modifier firewallProtected() {\n        address firewall = _getAddressBySlot(FIREWALL_STORAGE_SLOT);\n        if (firewall == address(0)) {\n            _;\n            return;\n        }\n        uint256 value = _msgValue();\n        IFirewall(firewall).preExecution(_msgSender(), _msgData(), value);\n        _;\n        IFirewall(firewall).postExecution(_msgSender(), _msgData(), value);\n    }\n\n    /**\n     * @dev modifier that will run the preExecution and postExecution hooks of the firewall, applying each of\n     * the subscribed policies. Allows passing custom data to the firewall, not necessarily msg.data.\n     * Useful for checking internal function calls\n     *\n     * @param data custom data to be passed to the firewall\n     * NOTE: Using this modifier affects the data that is passed to the firewall, and as such it is mainly meant\n     * to be used by internal functions, and only in conjuction with policies that whose protection strategy\n     * requires this data.\n     *\n     * Using this modifier incorrectly may result in unexpected behavior.\n     *\n     * If you have any questions on how or when to use this modifier, please refer to the Firewall's documentation\n     * and/or contact our support.\n     *\n     * NOTE: Applying this modifier on functions that exit execution flow by an inline assmebly \"return\" call will\n     * prevent the postExecution hook from running - breaking the protection provi