@inco/lightning 0.6.8 → 0.6.9

package/src/interfaces/IIncoVerifier.sol

@@ -7,18 +7,13 @@ import {ITEELifecycle} from "../lightning-parts/interfaces/ITEELifecycle.sol";
 import {IQuoteVerifier} from "./automata-interfaces/IQuoteVerifier.sol";
 import {ISignatureVerifier} from "../lightning-parts/primitives/interfaces/ISignatureVerifier.sol";
 
-interface IIncoVerifier is
-    IAdvancedAccessControl,
-    IDecryptionAttester,
-    ITEELifecycle,
-    ISignatureVerifier
-{
-    function initialize(
-        address owner,
-        string memory name,
-        string memory version,
-        IQuoteVerifier quoteVerifier
-    ) external;
+interface IIncoVerifier is IAdvancedAccessControl, IDecryptionAttester, ITEELifecycle, ISignatureVerifier {
+
+    function initialize(address owner, string memory name, string memory version, IQuoteVerifier quoteVerifier)
+        external;
+    // forge-lint: disable-next-line(mixed-case-function)
     function getEIP712Name() external view returns (string memory);
+    // forge-lint: disable-next-line(mixed-case-function)
     function getEIP712Version() external view returns (string memory);
+
 }

package/src/interfaces/automata-interfaces/BELE.sol

@@ -5,6 +5,7 @@ pragma solidity ^0.8.0;
  * @notice Converts a little-endian encoded bytes to a big-endian uint256 integer
  */
 library BELE {
+
     function leBytesToBeUint(bytes memory encoded) internal pure returns (uint256 decoded) {
         for (uint256 i = 0; i < encoded.length; i++) {
             uint256 digits = uint256(uint8(bytes1(encoded[i])));
@@ -17,4 +18,5 @@ library BELE {
             decoded += acc;
         }
     }
+
 }

package/src/interfaces/automata-interfaces/IAutomataEnclaveIdentityDao.sol

@@ -5,24 +5,22 @@ import {EnclaveIdentityJsonObj, IdentityObj} from "./Types.sol";
 
 // only the functions we need have been included here
 interface IEnclaveIdentityHelper {
-    function parseIdentityString(
-        string calldata identityStr
-    )
+
+    function parseIdentityString(string calldata identityStr)
         external
         pure
         returns (IdentityObj memory identity, string memory identityTcbString);
+
 }
 
 // only the functions we need have been included here
 interface IAutomataEnclaveIdentityDao {
-    function upsertEnclaveIdentity(
-        uint256 id,
-        uint256 version,
-        EnclaveIdentityJsonObj calldata enclaveIdentityObj
-    ) external returns (bytes32 attestationId);
 
-    function EnclaveIdentityLib()
+    function upsertEnclaveIdentity(uint256 id, uint256 version, EnclaveIdentityJsonObj calldata enclaveIdentityObj)
         external
-        view
-        returns (IEnclaveIdentityHelper);
+        returns (bytes32 attestationId);
+
+    // forge-lint: disable-next-line(mixed-case-function)
+    function EnclaveIdentityLib() external view returns (IEnclaveIdentityHelper);
+
 }

package/src/interfaces/automata-interfaces/IFmspcTcbDao.sol

@@ -4,7 +4,7 @@ pragma solidity ^0.8;
 import {TcbInfoJsonObj} from "./Types.sol";
 
 interface IFmspcTcbDao {
-    function upsertFmspcTcb(
-        TcbInfoJsonObj calldata tcbInfoObj
-    ) external returns (bytes32 attestationId);
+
+    function upsertFmspcTcb(TcbInfoJsonObj calldata tcbInfoObj) external returns (bytes32 attestationId);
+
 }

package/src/interfaces/automata-interfaces/IPCCSRouter.sol

@@ -1,18 +1,7 @@
 //SPDX-License-Identifier: MIT
 pragma solidity >=0.8.0;
 
-import {
-    EnclaveIdentityJsonObj,
-    IdentityObj,
-    EnclaveId,
-    CA,
-    TcbInfoJsonObj,
-    TCBLevelsObj,
-    TcbInfoBasic,
-    TcbId,
-    TDXModule,
-    TDXModuleIdentity
-} from "./Types.sol";
+import {IdentityObj, EnclaveId, CA, TcbLevelsObj, TcbId, TdxModule, TdxModuleIdentity} from "./Types.sol";
 
 /**
  * @title PCCS Router Interface
@@ -20,6 +9,7 @@ import {
  * to fetch collaterals from the On Chain PCCS
  */
 interface IPCCSRouter {
+
     function qeIdDaoAddr() external view returns (address);
 
     function fmspcTcbDaoAddr() external view returns (address);
@@ -34,37 +24,18 @@ interface IPCCSRouter {
 
     function fmspcTcbHelperAddr() external view returns (address);
 
-    function getQeIdentity(
-        EnclaveId id,
-        uint256 quoteVersion
-    ) external view returns (IdentityObj memory);
+    function getQeIdentity(EnclaveId id, uint256 quoteVersion) external view returns (IdentityObj memory);
 
-    function getQeIdentityContentHash(
-        EnclaveId id,
-        uint256 version
-    ) external view returns (bytes32);
+    function getQeIdentityContentHash(EnclaveId id, uint256 version) external view returns (bytes32);
 
-    function getFmspcTcbV2(
-        bytes6 fmspc
-    ) external view returns (TCBLevelsObj[] memory);
+    function getFmspcTcbV2(bytes6 fmspc) external view returns (TcbLevelsObj[] memory);
 
-    function getFmspcTcbV3(
-        TcbId id,
-        bytes6 fmspc
-    )
+    function getFmspcTcbV3(TcbId id, bytes6 fmspc)
         external
         view
-        returns (
-            TCBLevelsObj[] memory,
-            TDXModule memory,
-            TDXModuleIdentity[] memory
-        );
-
-    function getFmspcTcbContentHash(
-        TcbId id,
-        bytes6 fmspc,
-        uint32 version
-    ) external view returns (bytes32);
+        returns (TcbLevelsObj[] memory, TdxModule memory, TdxModuleIdentity[] memory);
+
+    function getFmspcTcbContentHash(TcbId id, bytes6 fmspc, uint32 version) external view returns (bytes32);
 
     function getPckCert(
         string calldata qeid,
@@ -82,13 +53,8 @@ interface IPCCSRouter {
     function getCrlHash(CA ca) external view returns (bytes32);
 
     // *withTimestamp() methods to check collateral expiration status based on the provided timestamp
-    function getCertHashWithTimestamp(
-        CA ca,
-        uint64 timestamp
-    ) external view returns (bytes32);
-
-    function getCrlHashWithTimestamp(
-        CA ca,
-        uint64 timestamp
-    ) external view returns (bytes32);
+    function getCertHashWithTimestamp(CA ca, uint64 timestamp) external view returns (bytes32);
+
+    function getCrlHashWithTimestamp(CA ca, uint64 timestamp) external view returns (bytes32);
+
 }

package/src/interfaces/automata-interfaces/IPCCSRouterExtended.sol

@@ -6,5 +6,7 @@ import {IPCCSRouter} from "./IPCCSRouter.sol";
 /// @dev we declare this interface because the one exported from the automata-dcap-attestation package is missing some
 ///      external functions.
 interface IPCCSRouterExtended is IPCCSRouter {
+
     function setAuthorized(address caller, bool authorized) external;
+
 }

package/src/interfaces/automata-interfaces/IPcsDao.sol

@@ -4,15 +4,10 @@ pragma solidity ^0.8.0;
 import {CA} from "./Types.sol";
 
 interface IPcsDao {
-    function upsertPcsCertificates(
-        CA ca,
-        bytes calldata cert
-    ) external returns (bytes32 attestationId);
-    function upsertPckCrl(
-        CA ca,
-        bytes calldata crl
-    ) external returns (bytes32 attestationId);
-    function upsertRootCACrl(
-        bytes calldata rootcacrl
-    ) external returns (bytes32 attestationId);
+
+    function upsertPcsCertificates(CA ca, bytes calldata cert) external returns (bytes32 attestationId);
+    function upsertPckCrl(CA ca, bytes calldata crl) external returns (bytes32 attestationId);
+    // forge-lint: disable-next-line(mixed-case-function)
+    function upsertRootCACrl(bytes calldata rootcacrl) external returns (bytes32 attestationId);
+
 }

package/src/interfaces/automata-interfaces/IQuoteVerifier.sol

@@ -9,6 +9,7 @@ import {Header} from "./Types.sol";
  * @notice Provides the interface to implement version-specific verifiers
  */
 interface IQuoteVerifier {
+
     /**
      * @dev this method must be immutable
      * @return an instance of the PCCSRouter interface
@@ -20,15 +21,11 @@ interface IQuoteVerifier {
      */
     function quoteVersion() external view returns (uint16);
 
-    function verifyQuote(
-        Header calldata,
-        bytes calldata
-    ) external view returns (bool, bytes memory);
+    function verifyQuote(Header calldata, bytes calldata) external view returns (bool, bytes memory);
 
     /**
      * @notice additional check on the public output obtained from the ZK Program execution
      */
-    function verifyZkOutput(
-        bytes calldata
-    ) external view returns (bool, bytes memory);
+    function verifyZkOutput(bytes calldata) external view returns (bool, bytes memory);
+
 }

package/src/interfaces/automata-interfaces/Types.sol

@@ -41,7 +41,7 @@ struct TcbInfoBasic {
     bytes2 pceid;
 }
 
-struct TCBLevelsObj {
+struct TcbLevelsObj {
     uint16 pcesvn;
     uint8[] sgxComponentCpuSvns;
     uint8[] tdxComponentCpuSvns;
@@ -50,21 +50,21 @@ struct TCBLevelsObj {
     string[] advisoryIDs;
 }
 
-struct TDXModule {
+struct TdxModule {
     bytes mrsigner; // 48 bytes
     bytes8 attributes;
     bytes8 attributesMask;
 }
 
-struct TDXModuleIdentity {
+struct TdxModuleIdentity {
     string id;
     bytes8 attributes;
     bytes8 attributesMask;
     bytes mrsigner; // 48 bytes
-    TDXModuleTCBLevelsObj[] tcbLevels;
+    TdxModuleTcbLevelsObj[] tcbLevels;
 }
 
-struct TDXModuleTCBLevelsObj {
+struct TdxModuleTcbLevelsObj {
     uint8 isvsvn;
     uint64 tcbDateTimestamp;
     TCBStatus status;
@@ -154,12 +154,13 @@ struct Header {
  * @dev Section A.3.2 of Intel V4 TDX DCAP API Library Documentation
  * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/7e5b2a13ca5472de8d97dd7d7024c2ea5af9a6ba/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L82-L103
  */
-struct TD10ReportBody {
+struct Td10ReportBody {
     bytes16 teeTcbSvn;
     bytes mrSeam; // 48 bytes
     bytes mrsignerSeam; // 48 bytes
     bytes8 seamAttributes;
     bytes8 tdAttributes;
+    // forge-lint: disable-next-line(mixed-case-variable)
     bytes8 xFAM;
     bytes mrTd; // 48 bytes
     bytes mrConfigId; // 48 bytes

package/src/libs/incoLightning_devnet_v1_887305889.sol

@@ -5,8 +5,8 @@
 /// SPDX-License-Identifier: No License
 pragma solidity ^0.8;
 
-import { IncoLightning } from "../IncoLightning.sol";
-import { ebool, euint256, eaddress, ETypes } from "../Types.sol";
+import {IncoLightning} from "../IncoLightning.sol";
+import {ebool, euint256, eaddress, ETypes} from "../Types.sol";
 
 IncoLightning constant inco = IncoLightning(0x7b98b0482099611B0ebEA0F98f81FF555406794A);
 address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
@@ -16,6 +16,7 @@ function typeOf(bytes32 handle) pure returns (ETypes) {
 }
 
 library e {
+
     function sanitize(euint256 a) internal returns (euint256) {
         if (euint256.unwrap(a) == bytes32(0)) {
             return asEuint256(0);
@@ -448,4 +449,5 @@ library e {
     function select(ebool control, eaddress ifTrue, eaddress ifFalse) internal returns (eaddress) {
         return eaddress.wrap(inco.eIfThenElse(s(control), eaddress.unwrap(s(ifTrue)), eaddress.unwrap(s(ifFalse))));
     }
-}
+
+}

package/src/libs/incoLightning_testnet_v1_938327937.sol

@@ -5,8 +5,8 @@
 /// SPDX-License-Identifier: No License
 pragma solidity ^0.8;
 
-import { IncoLightning } from "../IncoLightning.sol";
-import { ebool, euint256, eaddress, ETypes } from "../Types.sol";
+import {IncoLightning} from "../IncoLightning.sol";
+import {ebool, euint256, eaddress, ETypes} from "../Types.sol";
 
 IncoLightning constant inco = IncoLightning(0xFb0Bd1a97DD2ECA4c7560b2a35d56474593f3Bab);
 address constant deployedBy = 0x1804c8AB1F12E6bbf3894d4083f33e07309d1f38;
@@ -16,6 +16,7 @@ function typeOf(bytes32 handle) pure returns (ETypes) {
 }
 
 library e {
+
     function sanitize(euint256 a) internal returns (euint256) {
         if (euint256.unwrap(a) == bytes32(0)) {
             return asEuint256(0);
@@ -448,4 +449,5 @@ library e {
     function select(ebool control, eaddress ifTrue, eaddress ifFalse) internal returns (eaddress) {
         return eaddress.wrap(inco.eIfThenElse(s(control), eaddress.unwrap(s(ifTrue)), eaddress.unwrap(s(ifFalse))));
     }
-}
+
+}

package/src/lightning-parts/AccessControl/AdvancedAccessControl.sol

@@ -11,43 +11,42 @@ import {IBaseAccessControlList} from "./interfaces/IBaseAccessControlList.sol";
 import {LightningAddressGetter} from "../primitives/LightningAddressGetter.sol";
 
 abstract contract AdvancedAccessControlStorage {
-    struct AACStorage {
+
+    struct AacStorage {
         mapping(address => bytes32) activeVouchersSessionNonce; // initial session nonce is 0
     }
 
-    bytes32 private constant AACStorageLocation =
-        keccak256("inco.storage.AdvancedAccessControl");
+    bytes32 private constant AAC_STORAGE_LOCATION = keccak256("inco.storage.AdvancedAccessControl");
 
-    function getAACStorage() internal pure returns (AACStorage storage $) {
-        bytes32 loc = AACStorageLocation;
+    function getAacStorage() internal pure returns (AacStorage storage $) {
+        bytes32 loc = AAC_STORAGE_LOCATION;
         assembly {
             $.slot := loc
         }
     }
+
 }
- 
+
 abstract contract VoucherEip712Checker is IVoucherEip712Checker, EIP712Upgradeable {
-    bytes32 constant AllowanceVoucherStructHash =
-        keccak256(
-            "AllowanceVoucher(bytes32 sessionNonce,address verifyingContract,bytes4 callFunction,bytes sharerArgData)"
-        );
 
-    function allowanceVoucherDigest(
-        AllowanceVoucher memory voucher
-    ) public view returns (bytes32) {
-        return
-            _hashTypedDataV4(
-                keccak256(
-                    abi.encode(
-                        AllowanceVoucherStructHash,
-                        voucher.sessionNonce,
-                        voucher.verifyingContract,
-                        voucher.callFunction,
-                        keccak256(voucher.sharerArgData)
-                    )
+    bytes32 constant ALLOWANCE_VOUCHER_STRUCT_HASH = keccak256(
+        "AllowanceVoucher(bytes32 sessionNonce,address verifyingContract,bytes4 callFunction,bytes sharerArgData)"
+    );
+
+    function allowanceVoucherDigest(AllowanceVoucher memory voucher) public view returns (bytes32) {
+        return _hashTypedDataV4(
+            keccak256(
+                abi.encode(
+                    ALLOWANCE_VOUCHER_STRUCT_HASH,
+                    voucher.sessionNonce,
+                    voucher.verifyingContract,
+                    voucher.callFunction,
+                    keccak256(voucher.sharerArgData)
                 )
-            );
+            )
+        );
     }
+
 }
 
 abstract contract AdvancedAccessControl is
@@ -56,78 +55,45 @@ abstract contract AdvancedAccessControl is
     VoucherEip712Checker,
     LightningAddressGetter
 {
+
     using SignatureChecker for address;
 
-    error InvalidVoucherSignature(
-        address signer,
-        bytes32 digest,
-        bytes signature
-    );
-    error InvalidVoucherSessionNonce(
-        bytes32 providedSessionNonce,
-        bytes32 activeSessionNonce
-    );
+    error InvalidVoucherSignature(address signer, bytes32 digest, bytes signature);
+    error InvalidVoucherSessionNonce(bytes32 providedSessionNonce, bytes32 activeSessionNonce);
 
     /// @dev meant to for simulation, can't be a view function as it calls other contracts
     /// @dev returns true if the account is allowed to access the handle, false or reverts otherwise
-    function isAllowedWithProof(
-        bytes32 handle,
-        address account,
-        AllowanceProof memory proof
-    ) public returns (bool) {
+    function isAllowedWithProof(bytes32 handle, address account, AllowanceProof memory proof) public returns (bool) {
         require(
             IBaseAccessControlList(incoLightningAddress).isAllowed(handle, proof.sharer),
             SharerNotAllowedForHandle(handle, proof.sharer)
         );
         bytes32 voucherDigest = allowanceVoucherDigest(proof.voucher);
         require(
-            proof.sharer.isValidSignatureNow(
-                voucherDigest,
-                proof.voucherSignature
-            ),
-            InvalidVoucherSignature(
-                proof.sharer,
-                voucherDigest,
-                proof.voucherSignature
-            )
+            proof.sharer.isValidSignatureNow(voucherDigest, proof.voucherSignature),
+            InvalidVoucherSignature(proof.sharer, voucherDigest, proof.voucherSignature)
         );
-        bytes32 sharerActiveVouchersSessionNonce = getActiveVouchersSessionNonce(
-                proof.sharer
-            );
+        bytes32 sharerActiveVouchersSessionNonce = getActiveVouchersSessionNonce(proof.sharer);
         require(
             proof.voucher.sessionNonce == sharerActiveVouchersSessionNonce,
-            InvalidVoucherSessionNonce(
-                proof.voucher.sessionNonce,
-                sharerActiveVouchersSessionNonce
+            InvalidVoucherSessionNonce(proof.voucher.sessionNonce, sharerActiveVouchersSessionNonce)
+        );
+        (bool success, bytes memory result) = proof.voucher.verifyingContract.call(
+            abi.encodeWithSelector(
+                proof.voucher.callFunction, handle, account, proof.voucher.sharerArgData, proof.requesterArgData
             )
         );
-        (bool success, bytes memory result) = proof
-            .voucher
-            .verifyingContract
-            .call(
-                abi.encodeWithSelector(
-                    proof.voucher.callFunction,
-                    handle,
-                    account,
-                    proof.voucher.sharerArgData,
-                    proof.requesterArgData
-                )
-            );
-        return (success &&
-            result.length >= 32 &&
-            abi.decode(result, (bytes32)) == ALLOWANCE_GRANTED_MAGIC_VALUE);
+        return (success && result.length >= 32 && abi.decode(result, (bytes32)) == ALLOWANCE_GRANTED_MAGIC_VALUE);
     }
 
-    function getActiveVouchersSessionNonce(
-        address account
-    ) public view returns (bytes32) {
-        return getAACStorage().activeVouchersSessionNonce[account];
+    function getActiveVouchersSessionNonce(address account) public view returns (bytes32) {
+        return getAacStorage().activeVouchersSessionNonce[account];
     }
 
     /// @notice invalidates all previously signed vouchers
     function updateActiveVouchersSessionNonce() external {
-        getAACStorage().activeVouchersSessionNonce[msg.sender] = keccak256(
-            abi.encodePacked(msg.sender, block.prevrandao)
-        );
+        getAacStorage().activeVouchersSessionNonce[msg.sender] =
+            keccak256(abi.encodePacked(msg.sender, block.prevrandao));
     }
+
 }

package/src/lightning-parts/AccessControl/BaseAccessControlList.sol

@@ -8,55 +8,46 @@ import {VerifierAddressGetter} from "../primitives/VerifierAddressGetter.sol";
 import {AllowanceProof} from "../AccessControl/AdvancedAccessControl.types.sol";
 
 contract AccessControlListStorage {
-    struct ACLStorage {
+
+    struct AclStorage {
         mapping(bytes32 handle => mapping(address account => bool isAllowed)) persistedAllowedPairs;
         mapping(bytes32 handle => bool isAllowed) persistedAllowedForDecryption;
     }
 
-    bytes32 private constant ACLStorageLocation = keccak256("inco.storage.ACL");
+    bytes32 private constant ACL_STORAGE_LOCATION = keccak256("inco.storage.ACL");
 
-    function getACLStorage() internal pure returns (ACLStorage storage $) {
-        bytes32 loc = ACLStorageLocation;
+    function getAclStorage() internal pure returns (AclStorage storage $) {
+        bytes32 loc = ACL_STORAGE_LOCATION;
         assembly {
             $.slot := loc
         }
     }
+
 }
 
-abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControlListStorage, VerifierAddressGetter, EventCounter {
-    error ProofVerificationFailed(
-        address verifyingContract,
-        bytes4 callFunction,
-        bytes argData
-    );
+abstract contract BaseAccessControlList is
+    IBaseAccessControlList,
+    AccessControlListStorage,
+    VerifierAddressGetter,
+    EventCounter
+{
+
+    error ProofVerificationFailed(address verifyingContract, bytes4 callFunction, bytes argData);
 
-    event Allow(
-        bytes32 handle,
-        address account,
-        uint256 eventId
-    );
+    event Allow(bytes32 handle, address account, uint256 eventId);
 
-    event Reveal(
-        bytes32 handle,
-        uint256 eventId
-    );
+    event Reveal(bytes32 handle, uint256 eventId);
 
     /// @dev persistent
     function allow(bytes32 handle, address account) public {
-        require(
-            isAllowed(handle, msg.sender),
-            SenderNotAllowedForHandle(handle, msg.sender)
-        );
+        require(isAllowed(handle, msg.sender), SenderNotAllowedForHandle(handle, msg.sender));
         allowInternal(handle, account);
     }
 
     /// @dev Permanently allows public decryption/reencryption access to anyone for the given handle.
     function reveal(bytes32 handle) public {
-        require(
-            isAllowed(handle, msg.sender),
-            SenderNotAllowedForHandle(handle, msg.sender)
-        );
-        ACLStorage storage $ = getACLStorage();
+        require(isAllowed(handle, msg.sender), SenderNotAllowedForHandle(handle, msg.sender));
+        AclStorage storage $ = getAclStorage();
         $.persistedAllowedForDecryption[handle] = true;
         uint256 id = getNextEventId();
         emit Reveal(handle, id);
@@ -65,7 +56,7 @@ abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControl
 
     /// @dev persistent
     function allowInternal(bytes32 handle, address account) internal {
-        ACLStorage storage $ = getACLStorage();
+        AclStorage storage $ = getAclStorage();
         $.persistedAllowedPairs[handle][account] = true;
         uint256 id = getNextEventId();
         emit Allow(handle, account, id);
@@ -74,10 +65,7 @@ abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControl
 
     // todo current transient allowance is unsafe, make storage account bound + how to clean between UserOps
     function allowTransient(bytes32 handle, address account) public {
-        require(
-            isAllowed(handle, msg.sender),
-            SenderNotAllowedForHandle(handle, msg.sender)
-        );
+        require(isAllowed(handle, msg.sender), SenderNotAllowedForHandle(handle, msg.sender));
         allowTransientInternal(handle, account);
     }
 
@@ -93,10 +81,7 @@ abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControl
         }
     }
 
-    function allowedTransient(
-        bytes32 handle,
-        address account
-    ) public view returns (bool) {
+    function allowedTransient(bytes32 handle, address account) public view returns (bool) {
         bool isAllowedTransient;
         bytes32 key = keccak256(abi.encodePacked(handle, account));
         assembly {
@@ -110,11 +95,7 @@ abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControl
             let length := tload(0)
             tstore(0, 0)
             let lengthPlusOne := add(length, 1)
-            for {
-                let i := 1
-            } lt(i, lengthPlusOne) {
-                i := add(i, 1)
-            } {
+            for { let i := 1 } lt(i, lengthPlusOne) { i := add(i, 1) } {
                 let handle := tload(i)
                 tstore(i, 0)
                 tstore(handle, 0)
@@ -126,36 +107,24 @@ abstract contract BaseAccessControlList is IBaseAccessControlList, AccessControl
         require(
             incoVerifier.isAllowedWithProof(handle, msg.sender, proof),
             ProofVerificationFailed(
-                proof.voucher.verifyingContract,
-                proof.voucher.callFunction,
-                proof.voucher.sharerArgData
+                proof.voucher.verifyingContract, proof.voucher.callFunction, proof.voucher.sharerArgData
             )
         );
         allowInternal(handle, msg.sender);
     }
 
-    function persistAllowed(
-        bytes32 handle,
-        address account
-    ) public view returns (bool) {
-        ACLStorage storage $ = getACLStorage();
+    function persistAllowed(bytes32 handle, address account) public view returns (bool) {
+        AclStorage storage $ = getAclStorage();
         return $.persistedAllowedPairs[handle][account];
     }
 
-    function isAllowed(
-        bytes32 handle,
-        address account
-    ) public view returns (bool) {
-        return
-            allowedTransient(handle, account) ||
-            persistAllowed(handle, account) ||
-            isRevealed(handle);
+    function isAllowed(bytes32 handle, address account) public view returns (bool) {
+        return allowedTransient(handle, account) || persistAllowed(handle, account) || isRevealed(handle);
     }
 
-    function isRevealed(
-        bytes32 handle
-    ) public view returns (bool) {
-        ACLStorage storage $ = getACLStorage();
+    function isRevealed(bytes32 handle) public view returns (bool) {
+        AclStorage storage $ = getAclStorage();
         return $.persistedAllowedForDecryption[handle];
     }
+
 }