@keep-network/tbtc-v2 0.1.1-dev.101 → 0.1.1-dev.102

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/artifacts/Bank.json +6 -6
  2. package/artifacts/Bridge.json +11 -11
  3. package/artifacts/BridgeGovernance.json +6 -6
  4. package/artifacts/BridgeGovernanceParameters.json +4 -4
  5. package/artifacts/Deposit.json +4 -4
  6. package/artifacts/DepositSweep.json +4 -4
  7. package/artifacts/EcdsaDkgValidator.json +3 -3
  8. package/artifacts/EcdsaInactivity.json +3 -3
  9. package/artifacts/EcdsaSortitionPool.json +5 -5
  10. package/artifacts/Fraud.json +4 -4
  11. package/artifacts/KeepRegistry.json +3 -3
  12. package/artifacts/KeepStake.json +5 -5
  13. package/artifacts/KeepToken.json +5 -5
  14. package/artifacts/KeepTokenStaking.json +3 -3
  15. package/artifacts/MaintainerProxy.json +1522 -0
  16. package/artifacts/MovingFunds.json +4 -4
  17. package/artifacts/NuCypherStakingEscrow.json +3 -3
  18. package/artifacts/NuCypherToken.json +5 -5
  19. package/artifacts/RandomBeaconStub.json +3 -3
  20. package/artifacts/Redemption.json +4 -4
  21. package/artifacts/ReimbursementPool.json +5 -5
  22. package/artifacts/Relay.json +6 -6
  23. package/artifacts/T.json +5 -5
  24. package/artifacts/TBTC.json +6 -6
  25. package/artifacts/TBTCToken.json +6 -6
  26. package/artifacts/TBTCVault.json +12 -12
  27. package/artifacts/TokenStaking.json +3 -3
  28. package/artifacts/TokenholderGovernor.json +19 -19
  29. package/artifacts/TokenholderTimelock.json +17 -17
  30. package/artifacts/VendingMachine.json +6 -6
  31. package/artifacts/VendingMachineKeep.json +3 -3
  32. package/artifacts/VendingMachineNuCypher.json +3 -3
  33. package/artifacts/WalletRegistry.json +11 -11
  34. package/artifacts/WalletRegistryGovernance.json +5 -5
  35. package/artifacts/Wallets.json +4 -4
  36. package/artifacts/solcInputs/{af641e0b3597cdfa29d6ad42d1cd8742.json → f53bc10568b6d3c32d2989742aa1c456.json} +25 -22
  37. package/build/contracts/GovernanceUtils.sol/GovernanceUtils.dbg.json +1 -1
  38. package/build/contracts/bank/Bank.sol/Bank.dbg.json +1 -1
  39. package/build/contracts/bank/IReceiveBalanceApproval.sol/IReceiveBalanceApproval.dbg.json +1 -1
  40. package/build/contracts/bridge/BitcoinTx.sol/BitcoinTx.dbg.json +1 -1
  41. package/build/contracts/bridge/Bridge.sol/Bridge.dbg.json +1 -1
  42. package/build/contracts/bridge/BridgeGovernance.sol/BridgeGovernance.dbg.json +1 -1
  43. package/build/contracts/bridge/BridgeGovernanceParameters.sol/BridgeGovernanceParameters.dbg.json +1 -1
  44. package/build/contracts/bridge/BridgeState.sol/BridgeState.dbg.json +1 -1
  45. package/build/contracts/bridge/Deposit.sol/Deposit.dbg.json +1 -1
  46. package/build/contracts/bridge/DepositSweep.sol/DepositSweep.dbg.json +1 -1
  47. package/build/contracts/bridge/EcdsaLib.sol/EcdsaLib.dbg.json +1 -1
  48. package/build/contracts/bridge/Fraud.sol/Fraud.dbg.json +1 -1
  49. package/build/contracts/bridge/Heartbeat.sol/Heartbeat.dbg.json +1 -1
  50. package/build/contracts/bridge/IRelay.sol/IRelay.dbg.json +1 -1
  51. package/build/contracts/bridge/MovingFunds.sol/MovingFunds.dbg.json +1 -1
  52. package/build/contracts/bridge/Redemption.sol/OutboundTx.dbg.json +1 -1
  53. package/build/contracts/bridge/Redemption.sol/Redemption.dbg.json +1 -1
  54. package/build/contracts/bridge/VendingMachine.sol/VendingMachine.dbg.json +1 -1
  55. package/build/contracts/bridge/Wallets.sol/Wallets.dbg.json +1 -1
  56. package/build/contracts/maintainer/MaintainerProxy.sol/MaintainerProxy.dbg.json +4 -0
  57. package/build/contracts/maintainer/MaintainerProxy.sol/MaintainerProxy.json +1111 -0
  58. package/build/contracts/token/TBTC.sol/TBTC.dbg.json +1 -1
  59. package/build/contracts/vault/DonationVault.sol/DonationVault.dbg.json +1 -1
  60. package/build/contracts/vault/IVault.sol/IVault.dbg.json +1 -1
  61. package/build/contracts/vault/TBTCVault.sol/TBTCVault.dbg.json +1 -1
  62. package/contracts/maintainer/MaintainerProxy.sol +512 -0
  63. package/deploy/08_deploy_maintainer_proxy.ts +30 -0
  64. package/deploy/{08_bank_update_bridge.ts → 09_bank_update_bridge.ts} +0 -0
  65. package/deploy/{09_transfer_bank_ownership.ts → 10_transfer_bank_ownership.ts} +0 -0
  66. package/deploy/{12_transfer_bridge_governance.ts → 11_transfer_bridge_governance.ts} +0 -0
  67. package/deploy/{11_transfer_bridge_governance_ownership.ts → 12_transfer_bridge_governance_ownership.ts} +0 -0
  68. package/deploy/{10_transfer_tbtc_vault_ownership.ts → 13_transfer_tbtc_vault_ownership.ts} +0 -0
  69. package/deploy/14_transfer_maintainer_proxy_ownership.ts +19 -0
  70. package/deploy/{13_initialize_wallet_owner.ts → 15_initialize_wallet_owner.ts} +0 -0
  71. package/deploy/{15_transfer_proxy_admin_ownership.ts → 16_transfer_proxy_admin_ownership.ts} +0 -0
  72. package/deploy/17_authorize_maintainer_proxy.ts +22 -0
  73. package/deploy/18_transfer_reimbursement_pool_ownership.ts +19 -0
  74. package/deploy/{14_deploy_proxy_admin_with_deputy.ts → 19_deploy_proxy_admin_with_deputy.ts} +0 -0
  75. package/export.json +1105 -0
  76. package/package.json +1 -1
package/artifacts/solcInputs/{af641e0b3597cdfa29d6ad42d1cd8742.json → f53bc10568b6d3c32d2989742aa1c456.json} RENAMED
@@ -199,23 +199,17 @@
199
199
  "contracts/test/BridgeStub.sol": {
200
200
  "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"../bridge/BitcoinTx.sol\";\nimport \"../bridge/Bridge.sol\";\nimport \"../bridge/MovingFunds.sol\";\nimport \"../bridge/Wallets.sol\";\n\ncontract BridgeStub is Bridge {\n function setSweptDeposits(BitcoinTx.UTXO[] calldata utxos) external {\n for (uint256 i = 0; i < utxos.length; i++) {\n uint256 utxoKey = uint256(\n keccak256(\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\n )\n );\n self.deposits[utxoKey].sweptAt = 1641650400;\n }\n }\n\n function setSpentMainUtxos(BitcoinTx.UTXO[] calldata utxos) external {\n for (uint256 i = 0; i < utxos.length; i++) {\n uint256 utxoKey = uint256(\n keccak256(\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\n )\n );\n self.spentMainUTXOs[utxoKey] = true;\n }\n }\n\n function setProcessedMovedFundsSweepRequests(\n BitcoinTx.UTXO[] calldata utxos\n ) external {\n for (uint256 i = 0; i < utxos.length; i++) {\n uint256 utxoKey = uint256(\n keccak256(\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\n )\n );\n self.movedFundsSweepRequests[utxoKey].state = MovingFunds\n .MovedFundsSweepRequestState\n .Processed;\n }\n }\n\n function setActiveWallet(bytes20 activeWalletPubKeyHash) external {\n self.activeWalletPubKeyHash = activeWalletPubKeyHash;\n }\n\n function setWalletMainUtxo(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata utxo\n ) external {\n self.registeredWallets[walletPubKeyHash].mainUtxoHash = keccak256(\n abi.encodePacked(\n utxo.txHash,\n utxo.txOutputIndex,\n utxo.txOutputValue\n )\n );\n }\n\n function setWallet(bytes20 walletPubKeyHash, Wallets.Wallet calldata wallet)\n external\n {\n self.registeredWallets[walletPubKeyHash] = wallet;\n\n if (wallet.state == Wallets.WalletState.Live) {\n self.liveWalletsCount++;\n }\n }\n\n function setDepositDustThreshold(uint64 _depositDustThreshold) external {\n self.depositDustThreshold = _depositDustThreshold;\n }\n\n function setDepositTxMaxFee(uint64 _depositTxMaxFee) external {\n self.depositTxMaxFee = _depositTxMaxFee;\n }\n\n function setRedemptionDustThreshold(uint64 _redemptionDustThreshold)\n external\n {\n self.redemptionDustThreshold = _redemptionDustThreshold;\n }\n\n function setRedemptionTxMaxFee(uint64 _redemptionTxMaxFee) external {\n self.redemptionTxMaxFee = _redemptionTxMaxFee;\n }\n\n function setRedemptionTreasuryFeeDivisor(\n uint64 _redemptionTreasuryFeeDivisor\n ) external {\n self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;\n }\n\n function setMovingFundsTxMaxTotalFee(uint64 _movingFundsTxMaxTotalFee)\n external\n {\n self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;\n }\n\n function setPendingMovedFundsSweepRequest(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata utxo\n ) external {\n uint256 requestKey = uint256(\n keccak256(abi.encodePacked(utxo.txHash, utxo.txOutputIndex))\n );\n\n self.movedFundsSweepRequests[requestKey] = MovingFunds\n .MovedFundsSweepRequest(\n walletPubKeyHash,\n utxo.txOutputValue,\n /* solhint-disable-next-line not-rely-on-time */\n uint32(block.timestamp),\n MovingFunds.MovedFundsSweepRequestState.Pending\n );\n\n self\n .registeredWallets[walletPubKeyHash]\n .pendingMovedFundsSweepRequestsCount++;\n }\n\n function processPendingMovedFundsSweepRequest(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata utxo\n ) external {\n uint256 requestKey = uint256(\n keccak256(abi.encodePacked(utxo.txHash, utxo.txOutputIndex))\n );\n\n MovingFunds.MovedFundsSweepRequest storage request = self\n .movedFundsSweepRequests[requestKey];\n\n require(\n request.state == MovingFunds.MovedFundsSweepRequestState.Pending,\n \"Stub sweep request must be in Pending state\"\n );\n\n request.state = MovingFunds.MovedFundsSweepRequestState.Processed;\n\n self\n .registeredWallets[walletPubKeyHash]\n .pendingMovedFundsSweepRequestsCount--;\n }\n\n function timeoutPendingMovedFundsSweepRequest(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata utxo\n ) external {\n uint256 requestKey = uint256(\n keccak256(abi.encodePacked(utxo.txHash, utxo.txOutputIndex))\n );\n\n MovingFunds.MovedFundsSweepRequest storage request = self\n .movedFundsSweepRequests[requestKey];\n\n require(\n request.state == MovingFunds.MovedFundsSweepRequestState.Pending,\n \"Stub sweep request must be in Pending state\"\n );\n\n request.state = MovingFunds.MovedFundsSweepRequestState.TimedOut;\n\n self\n .registeredWallets[walletPubKeyHash]\n .pendingMovedFundsSweepRequestsCount--;\n }\n\n function setMovedFundsSweepTxMaxTotalFee(\n uint64 _movedFundsSweepTxMaxTotalFee\n ) external {\n self.movedFundsSweepTxMaxTotalFee = _movedFundsSweepTxMaxTotalFee;\n }\n}\n"
201
201
  },
202
- "contracts/test/HeartbeatStub.sol": {
203
- "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"../bridge/Heartbeat.sol\";\n\n/// @dev This is a contract implemented to test Heartbeat library directly.\ncontract HeartbeatStub {\n function isValidHeartbeatMessage(bytes calldata message)\n public\n pure\n returns (bool)\n {\n return Heartbeat.isValidHeartbeatMessage(message);\n }\n}\n"
204
- },
205
- "contracts/test/TestEcdsaLib.sol": {
206
- "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"../bridge/EcdsaLib.sol\";\n\n// TODO: Rename to EcdsLibStub\n/// @dev This is a contract implemented to test EcdsaLib library directly.\ncontract TestEcdsaLib {\n function compressPublicKey(bytes32 x, bytes32 y)\n public\n pure\n returns (bytes memory)\n {\n return EcdsaLib.compressPublicKey(x, y);\n }\n}\n"
207
- },
208
- "@keep-network/ecdsa/contracts/libraries/EcdsaInactivity.sol": {
209
- "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts-upgradeable/utils/cryptography/ECDSAUpgradeable.sol\";\n\nimport \"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\";\nimport \"@keep-network/sortition-pools/contracts/SortitionPool.sol\";\n\nimport \"./Wallets.sol\";\n\nlibrary EcdsaInactivity {\n using BytesLib for bytes;\n using ECDSAUpgradeable for bytes32;\n\n struct Claim {\n // ID of the wallet whose signing group is raising the inactivity claim.\n bytes32 walletID;\n // Indices of group members accused of being inactive. Indices must be in\n // range [1, groupMembers.length], unique, and sorted in ascending order.\n uint256[] inactiveMembersIndices;\n // Indicates if inactivity claim is a wallet-wide heartbeat failure.\n // If wallet failed a heartbeat, this is signalled to the wallet owner\n // who may decide to move responsibilities to another wallet\n // given that the wallet who failed the heartbeat is at risk of not\n // being able to sign messages soon.\n bool heartbeatFailed;\n // Concatenation of signatures from members supporting the claim.\n // The message to be signed by each member is keccak256 hash of the\n // concatenation of inactivity claim nonce for the given wallet, wallet\n // public key, inactive members indices, and boolean flag indicating\n // if this is a wallet-wide heartbeat failure. The calculated hash should\n // be prefixed with `\\x19Ethereum signed message:\\n` before signing, so\n // the message to sign is:\n // `\\x19Ethereum signed message:\\n${keccak256(\n // nonce | walletPubKey | inactiveMembersIndices | heartbeatFailed\n // )}`\n bytes signatures;\n // Indices of members corresponding to each signature. Indices must be\n // in range [1, groupMembers.length], unique, and sorted in ascending\n // order.\n uint256[] signingMembersIndices;\n // This struct doesn't contain `__gap` property as the structure is not\n // stored, it is used as a function's calldata argument.\n }\n\n /// @notice The minimum number of wallet signing group members needed to\n /// interact according to the protocol to produce a valid inactivity\n /// claim.\n uint256 public constant groupThreshold = 51;\n\n /// @notice Size in bytes of a single signature produced by member\n /// supporting the inactivity claim.\n uint256 public constant signatureByteSize = 65;\n\n /// @notice Verifies the inactivity claim according to the rules defined in\n /// `Claim` struct documentation. Reverts if verification fails.\n /// @dev Wallet signing group members hash is validated upstream in\n /// `WalletRegistry.notifyOperatorInactivity()`\n /// @param sortitionPool Sortition pool reference\n /// @param claim Inactivity claim\n /// @param walletPubKey Public key of the wallet\n /// @param nonce Current inactivity nonce for wallet used in the claim\n /// @param groupMembers Identifiers of group members\n /// @return inactiveMembers Identifiers of members who are inactive\n function verifyClaim(\n SortitionPool sortitionPool,\n Claim calldata claim,\n bytes memory walletPubKey,\n uint256 nonce,\n uint32[] calldata groupMembers\n ) external view returns (uint32[] memory inactiveMembers) {\n // Validate inactive members indices. Maximum indices count is equal to\n // the group size and is not limited deliberately to leave a theoretical\n // possibility to accuse more members than `groupSize - groupThreshold`.\n validateMembersIndices(\n claim.inactiveMembersIndices,\n groupMembers.length\n );\n\n // Validate signatures array is properly formed and number of\n // signatures and signers is correct.\n uint256 signaturesCount = claim.signatures.length / signatureByteSize;\n require(claim.signatures.length != 0, \"No signatures provided\");\n require(\n claim.signatures.length % signatureByteSize == 0,\n \"Malformed signatures array\"\n );\n require(\n signaturesCount == claim.signingMembersIndices.length,\n \"Unexpected signatures count\"\n );\n require(signaturesCount >= groupThreshold, \"Too few signatures\");\n require(signaturesCount <= groupMembers.length, \"Too many signatures\");\n\n // Validate signing members indices. Note that `signingMembersIndices`\n // were already partially validated during `signatures` parameter\n // validation.\n validateMembersIndices(\n claim.signingMembersIndices,\n groupMembers.length\n );\n\n bytes32 signedMessageHash = keccak256(\n abi.encodePacked(\n nonce,\n walletPubKey,\n claim.inactiveMembersIndices,\n claim.heartbeatFailed\n )\n ).toEthSignedMessageHash();\n\n address[] memory groupMembersAddresses = sortitionPool.getIDOperators(\n groupMembers\n );\n\n // Verify each signature.\n bytes memory checkedSignature;\n bool senderSignatureExists = false;\n for (uint256 i = 0; i < signaturesCount; i++) {\n uint256 memberIndex = claim.signingMembersIndices[i];\n checkedSignature = claim.signatures.slice(\n signatureByteSize * i,\n signatureByteSize\n );\n address recoveredAddress = signedMessageHash.recover(\n checkedSignature\n );\n\n require(\n groupMembersAddresses[memberIndex - 1] == recoveredAddress,\n \"Invalid signature\"\n );\n\n if (!senderSignatureExists && msg.sender == recoveredAddress) {\n senderSignatureExists = true;\n }\n }\n\n require(senderSignatureExists, \"Sender must be claim signer\");\n\n inactiveMembers = new uint32[](claim.inactiveMembersIndices.length);\n for (uint256 i = 0; i < claim.inactiveMembersIndices.length; i++) {\n uint256 memberIndex = claim.inactiveMembersIndices[i];\n inactiveMembers[i] = groupMembers[memberIndex - 1];\n }\n\n return inactiveMembers;\n }\n\n /// @notice Validates members indices array. Array is considered valid\n /// if its size and each single index are in [1, groupSize] range,\n /// indexes are unique, and sorted in an ascending order.\n /// Reverts if validation fails.\n /// @param indices Array to validate.\n /// @param groupSize Group size used as reference.\n function validateMembersIndices(\n uint256[] calldata indices,\n uint256 groupSize\n ) internal view {\n require(\n indices.length > 0 && indices.length <= groupSize,\n \"Corrupted members indices\"\n );\n\n // Check if first and last indices are in range [1, groupSize].\n // This check combined with the loop below makes sure every single\n // index is in the correct range.\n require(\n indices[0] > 0 && indices[indices.length - 1] <= groupSize,\n \"Corrupted members indices\"\n );\n\n for (uint256 i = 0; i < indices.length - 1; i++) {\n // Check whether given index is smaller than the next one. This\n // way we are sure indexes are ordered in the ascending order\n // and there are no duplicates.\n require(indices[i] < indices[i + 1], \"Corrupted members indices\");\n }\n }\n}\n"
202
+ "contracts/maintainer/MaintainerProxy.sol": {
203
+ "content": "// SPDX-License-Identifier: MIT\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts/access/Ownable.sol\";\nimport \"@keep-network/random-beacon/contracts/Reimbursable.sol\";\nimport \"@keep-network/random-beacon/contracts/ReimbursementPool.sol\";\n\nimport \"../bridge/BitcoinTx.sol\";\nimport \"../bridge/Bridge.sol\";\n\n/// @title Maintainer Proxy\n/// @notice Maintainers are the willing off-chain clients approved by the governance.\n/// Maintainers proxy calls to the Bridge contract via 'MaintainerProxy'\n/// and are refunded for the spent gas from the Reimbursement Pool.\n/// Only the authorized maintainers can call 'MaintainerProxy' functions.\ncontract MaintainerProxy is Ownable, Reimbursable {\n Bridge public bridge;\n\n /// @notice Authorized maintainers that can interact with the set of functions\n /// for maintainers only. Authorization can be granted and removed by\n /// the governance.\n /// @dev 'Key' is the address of the maintainer. 'Value' represents an index+1\n /// in the 'maintainers' array. 1 was added so the maintainer index can\n /// never be 0 which is a reserved index for a non-existent maintainer\n /// in this map.\n mapping(address => uint256) public isAuthorized;\n\n /// @notice This list of maintainers keeps the order of which maintainer should\n /// be submitting a next transaction. It does not enforce the order\n /// but only tracks who should be next in line.\n address[] public maintainers;\n\n /// @notice Gas that is meant to balance the submission of deposit sweep proof\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public submitDepositSweepProofGasOffset;\n\n /// @notice Gas that is meant to balance the submission of redemption proof\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public submitRedemptionProofGasOffset;\n\n /// @notice Gas that is meant to balance the submission of moving funds commitment\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public submitMovingFundsCommitmentGasOffset;\n\n /// @notice Gas that is meant to balance the reset of moving funds timeout\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public resetMovingFundsTimeoutGasOffset;\n\n /// @notice Gas that is meant to balance the submission of moving funds proof\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public submitMovingFundsProofGasOffset;\n\n /// @notice Gas that is meant to balance the notification of moving funds below\n /// dust overall cost. Can be updated by the governance based on the\n /// current market conditions.\n uint256 public notifyMovingFundsBelowDustGasOffset;\n\n /// @notice Gas that is meant to balance the submission of moved funds sweep\n /// proof overall cost. Can be updated by the governance based on the\n /// current market conditions.\n uint256 public submitMovedFundsSweepProofGasOffset;\n\n /// @notice Gas that is meant to balance the request of a new wallet overall\n /// cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public requestNewWalletGasOffset;\n\n /// @notice Gas that is meant to balance the notification of closeable wallet\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public notifyWalletCloseableGasOffset;\n\n /// @notice Gas that is meant to balance the notification of wallet closing\n /// period elapsed overall cost. Can be updated by the governance\n /// based on the current market conditions.\n uint256 public notifyWalletClosingPeriodElapsedGasOffset;\n\n /// @notice Gas that is meant to balance the defeat fraud challenge\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public defeatFraudChallengeGasOffset;\n\n /// @notice Gas that is meant to balance the defeat fraud challenge with heartbeat\n /// overall cost. Can be updated by the governance based on the current\n /// market conditions.\n uint256 public defeatFraudChallengeWithHeartbeatGasOffset;\n\n event MaintainerAuthorized(address indexed maintainer);\n\n event MaintainerUnauthorized(address indexed maintainer);\n\n event BridgeUpdated(address newBridge);\n\n event GasOffsetParametersUpdated(\n uint256 submitDepositSweepProofGasOffset,\n uint256 submitRedemptionProofGasOffset,\n uint256 submitMovingFundsCommitmentGasOffset,\n uint256 resetMovingFundsTimeoutGasOffset,\n uint256 submitMovingFundsProofGasOffset,\n uint256 notifyMovingFundsBelowDustGasOffset,\n uint256 submitMovedFundsSweepProofGasOffset,\n uint256 requestNewWalletGasOffset,\n uint256 notifyWalletCloseableGasOffset,\n uint256 notifyWalletClosingPeriodElapsedGasOffset,\n uint256 defeatFraudChallengeGasOffset,\n uint256 defeatFraudChallengeWithHeartbeatGasOffset\n );\n\n modifier onlyMaintainer() {\n require(isAuthorized[msg.sender] != 0, \"Caller is not authorized\");\n _;\n }\n\n modifier onlyReimbursableAdmin() override {\n require(owner() == msg.sender, \"Caller is not the owner\");\n _;\n }\n\n constructor(Bridge _bridge, ReimbursementPool _reimbursementPool) {\n bridge = _bridge;\n reimbursementPool = _reimbursementPool;\n submitDepositSweepProofGasOffset = 27000;\n submitRedemptionProofGasOffset = 9750;\n submitMovingFundsCommitmentGasOffset = 8000;\n resetMovingFundsTimeoutGasOffset = 1000;\n submitMovingFundsProofGasOffset = 15000;\n notifyMovingFundsBelowDustGasOffset = 3500;\n submitMovedFundsSweepProofGasOffset = 22000;\n requestNewWalletGasOffset = 3500;\n notifyWalletCloseableGasOffset = 4000;\n notifyWalletClosingPeriodElapsedGasOffset = 3000;\n defeatFraudChallengeGasOffset = 10000;\n defeatFraudChallengeWithHeartbeatGasOffset = 5000;\n }\n\n /// @notice Wraps `Bridge.submitDepositSweepProof` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.submitDepositSweepProof` function documentation.\n function submitDepositSweepProof(\n BitcoinTx.Info calldata sweepTx,\n BitcoinTx.Proof calldata sweepProof,\n BitcoinTx.UTXO calldata mainUtxo,\n address vault\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.submitDepositSweepProof(sweepTx, sweepProof, mainUtxo, vault);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + submitDepositSweepProofGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.submitRedemptionProof` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.submitRedemptionProof` function documentation.\n function submitRedemptionProof(\n BitcoinTx.Info calldata redemptionTx,\n BitcoinTx.Proof calldata redemptionProof,\n BitcoinTx.UTXO calldata mainUtxo,\n bytes20 walletPubKeyHash\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.submitRedemptionProof(\n redemptionTx,\n redemptionProof,\n mainUtxo,\n walletPubKeyHash\n );\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + submitRedemptionProofGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.submitMovingFundsCommitment` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.submitMovingFundsCommitment` function documentation.\n function submitMovingFundsCommitment(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata walletMainUtxo,\n uint32[] calldata walletMembersIDs,\n uint256 walletMemberIndex,\n bytes20[] calldata targetWallets\n ) external {\n uint256 gasStart = gasleft();\n\n bridge.submitMovingFundsCommitment(\n walletPubKeyHash,\n walletMainUtxo,\n walletMembersIDs,\n walletMemberIndex,\n targetWallets\n );\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + submitMovingFundsCommitmentGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.resetMovingFundsTimeout` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.resetMovingFundsTimeout` function documentation.\n function resetMovingFundsTimeout(bytes20 walletPubKeyHash) external {\n uint256 gasStart = gasleft();\n\n bridge.resetMovingFundsTimeout(walletPubKeyHash);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + resetMovingFundsTimeoutGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.submitMovingFundsProof` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.submitMovingFundsProof` function documentation.\n function submitMovingFundsProof(\n BitcoinTx.Info calldata movingFundsTx,\n BitcoinTx.Proof calldata movingFundsProof,\n BitcoinTx.UTXO calldata mainUtxo,\n bytes20 walletPubKeyHash\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.submitMovingFundsProof(\n movingFundsTx,\n movingFundsProof,\n mainUtxo,\n walletPubKeyHash\n );\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + submitMovingFundsProofGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.notifyMovingFundsBelowDust` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.notifyMovingFundsBelowDust` function documentation.\n function notifyMovingFundsBelowDust(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata mainUtxo\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.notifyMovingFundsBelowDust(walletPubKeyHash, mainUtxo);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + notifyMovingFundsBelowDustGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.submitMovedFundsSweepProof` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.submitMovedFundsSweepProof` function documentation.\n function submitMovedFundsSweepProof(\n BitcoinTx.Info calldata sweepTx,\n BitcoinTx.Proof calldata sweepProof,\n BitcoinTx.UTXO calldata mainUtxo\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.submitMovedFundsSweepProof(sweepTx, sweepProof, mainUtxo);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + submitMovedFundsSweepProofGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.requestNewWallet` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.requestNewWallet` function documentation.\n function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)\n external\n onlyMaintainer\n {\n uint256 gasStart = gasleft();\n\n bridge.requestNewWallet(activeWalletMainUtxo);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + requestNewWalletGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.notifyWalletCloseable` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.notifyWalletCloseable` function documentation.\n function notifyWalletCloseable(\n bytes20 walletPubKeyHash,\n BitcoinTx.UTXO calldata walletMainUtxo\n ) external onlyMaintainer {\n uint256 gasStart = gasleft();\n\n bridge.notifyWalletCloseable(walletPubKeyHash, walletMainUtxo);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + notifyWalletCloseableGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.notifyWalletClosingPeriodElapsed` call and reimburses\n /// the caller's transaction cost.\n /// @dev See `Bridge.notifyWalletClosingPeriodElapsed` function documentation.\n function notifyWalletClosingPeriodElapsed(bytes20 walletPubKeyHash)\n external\n onlyMaintainer\n {\n uint256 gasStart = gasleft();\n\n bridge.notifyWalletClosingPeriodElapsed(walletPubKeyHash);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + notifyWalletClosingPeriodElapsedGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.defeatFraudChallenge` call and reimburses the\n /// caller's transaction cost.\n /// @dev See `Bridge.defeatFraudChallenge` function documentation.\n function defeatFraudChallenge(\n bytes calldata walletPublicKey,\n bytes calldata preimage,\n bool witness\n ) external {\n uint256 gasStart = gasleft();\n\n bridge.defeatFraudChallenge(walletPublicKey, preimage, witness);\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + defeatFraudChallengeGasOffset,\n msg.sender\n );\n }\n\n /// @notice Wraps `Bridge.defeatFraudChallengeWithHeartbeat` call and\n /// reimburses the caller's transaction cost.\n /// @dev See `Bridge.defeatFraudChallengeWithHeartbeat` function documentation.\n function defeatFraudChallengeWithHeartbeat(\n bytes calldata walletPublicKey,\n bytes calldata heartbeatMessage\n ) external {\n uint256 gasStart = gasleft();\n\n bridge.defeatFraudChallengeWithHeartbeat(\n walletPublicKey,\n heartbeatMessage\n );\n\n reimbursementPool.refund(\n (gasStart - gasleft()) + defeatFraudChallengeWithHeartbeatGasOffset,\n msg.sender\n );\n }\n\n /// @notice Authorize a maintainer that can interact with this reimbursement pool.\n /// Can be authorized by the owner only.\n /// @param maintainer Maintainer to authorize.\n function authorize(address maintainer) external onlyOwner {\n maintainers.push(maintainer);\n isAuthorized[maintainer] = maintainers.length;\n\n emit MaintainerAuthorized(maintainer);\n }\n\n /// @notice Unauthorize a maintainer that was previously authorized to interact\n /// with the Maintainer Proxy contract. Can be unauthorized by the\n /// owner only.\n /// @dev The last maintainer is swapped with the one to be unauthorized.\n /// The unauthorized maintainer is then removed from the list. An index\n /// of the last maintainer is changed with the removed maintainer.\n /// Ex.\n /// 'maintainers' list: [0x1, 0x2, 0x3, 0x4, 0x5]\n /// 'isAuthorized' map: [0x1 -> 1, 0x2 -> 2, 0x3 -> 3, 0x4 -> 4, 0x5 -> 5]\n /// unauthorize: 0x3\n /// new 'maintainers' list: [0x1, 0x2, 0x5, 0x4]\n /// new 'isAuthorized' map: [0x1 -> 1, 0x2 -> 2, 0x4 -> 4, 0x5 -> 3]\n /// @param maintainerToUnauthorize Maintainer to unauthorize.\n function unauthorize(address maintainerToUnauthorize) external onlyOwner {\n uint256 maintainerIdToUnauthorize = isAuthorized[\n maintainerToUnauthorize\n ];\n\n require(maintainerIdToUnauthorize != 0, \"No maintainer to unauthorize\");\n\n address lastMaintainerAddress = maintainers[maintainers.length - 1];\n\n maintainers[maintainerIdToUnauthorize - 1] = lastMaintainerAddress;\n maintainers.pop();\n\n isAuthorized[lastMaintainerAddress] = maintainerIdToUnauthorize;\n\n delete isAuthorized[maintainerToUnauthorize];\n\n emit MaintainerUnauthorized(maintainerToUnauthorize);\n }\n\n /// @notice Allows the Governance to upgrade the Bridge address.\n /// @dev The function does not implement any governance delay and does not\n /// check the status of the Bridge. The Governance implementation needs\n /// to ensure all requirements for the upgrade are satisfied before\n /// executing this function.\n function updateBridge(Bridge _bridge) external onlyOwner {\n bridge = _bridge;\n\n emit BridgeUpdated(address(_bridge));\n }\n\n /// @notice Updates the values of gas offset parameters.\n /// @dev Can be called only by the contract owner. The caller is responsible\n /// for validating parameters.\n /// @param newSubmitDepositSweepProofGasOffset New submit deposit sweep\n /// proof gas offset.\n /// @param newSubmitRedemptionProofGasOffset New submit redemption proof gas\n /// offset.\n /// @param newSubmitMovingFundsCommitmentGasOffset New submit moving funds\n /// commitment gas offset.\n /// @param newResetMovingFundsTimeoutGasOffset New reset moving funds\n /// timeout gas offset.\n /// @param newSubmitMovingFundsProofGasOffset New submit moving funds proof\n /// gas offset.\n /// @param newNotifyMovingFundsBelowDustGasOffset New notify moving funds\n /// below dust gas offset.\n /// @param newSubmitMovedFundsSweepProofGasOffset New submit moved funds\n /// sweep proof gas offset.\n /// @param newRequestNewWalletGasOffset New request new wallet gas offset.\n /// @param newNotifyWalletCloseableGasOffset New notify closeable wallet gas\n /// offset.\n /// @param newNotifyWalletClosingPeriodElapsedGasOffset New notify wallet\n /// closing period elapsed gas offset.\n /// @param newDefeatFraudChallengeGasOffset New defeat fraud challenge gas\n /// offset.\n /// @param newDefeatFraudChallengeWithHeartbeatGasOffset New defeat fraud\n /// challenge with heartbeat gas offset.\n function updateGasOffsetParameters(\n uint256 newSubmitDepositSweepProofGasOffset,\n uint256 newSubmitRedemptionProofGasOffset,\n uint256 newSubmitMovingFundsCommitmentGasOffset,\n uint256 newResetMovingFundsTimeoutGasOffset,\n uint256 newSubmitMovingFundsProofGasOffset,\n uint256 newNotifyMovingFundsBelowDustGasOffset,\n uint256 newSubmitMovedFundsSweepProofGasOffset,\n uint256 newRequestNewWalletGasOffset,\n uint256 newNotifyWalletCloseableGasOffset,\n uint256 newNotifyWalletClosingPeriodElapsedGasOffset,\n uint256 newDefeatFraudChallengeGasOffset,\n uint256 newDefeatFraudChallengeWithHeartbeatGasOffset\n ) external onlyOwner {\n submitDepositSweepProofGasOffset = newSubmitDepositSweepProofGasOffset;\n submitRedemptionProofGasOffset = newSubmitRedemptionProofGasOffset;\n submitMovingFundsCommitmentGasOffset = newSubmitMovingFundsCommitmentGasOffset;\n resetMovingFundsTimeoutGasOffset = newResetMovingFundsTimeoutGasOffset;\n submitMovingFundsProofGasOffset = newSubmitMovingFundsProofGasOffset;\n notifyMovingFundsBelowDustGasOffset = newNotifyMovingFundsBelowDustGasOffset;\n submitMovedFundsSweepProofGasOffset = newSubmitMovedFundsSweepProofGasOffset;\n requestNewWalletGasOffset = newRequestNewWalletGasOffset;\n notifyWalletCloseableGasOffset = newNotifyWalletCloseableGasOffset;\n notifyWalletClosingPeriodElapsedGasOffset = newNotifyWalletClosingPeriodElapsedGasOffset;\n defeatFraudChallengeGasOffset = newDefeatFraudChallengeGasOffset;\n defeatFraudChallengeWithHeartbeatGasOffset = newDefeatFraudChallengeWithHeartbeatGasOffset;\n\n emit GasOffsetParametersUpdated(\n submitDepositSweepProofGasOffset,\n submitRedemptionProofGasOffset,\n submitMovingFundsCommitmentGasOffset,\n resetMovingFundsTimeoutGasOffset,\n submitMovingFundsProofGasOffset,\n notifyMovingFundsBelowDustGasOffset,\n submitMovedFundsSweepProofGasOffset,\n requestNewWalletGasOffset,\n notifyWalletCloseableGasOffset,\n notifyWalletClosingPeriodElapsedGasOffset,\n defeatFraudChallengeGasOffset,\n defeatFraudChallengeWithHeartbeatGasOffset\n );\n }\n\n /// @notice Gets an entire array of maintainer addresses.\n function allMaintainers() external view returns (address[] memory) {\n return maintainers;\n }\n}\n"
210
204
  },
211
- "@keep-network/ecdsa/contracts/libraries/Wallets.sol": {
212
- "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nlibrary Wallets {\n struct Wallet {\n // Keccak256 hash of group members identifiers array. Group members do not\n // include operators selected by the sortition pool that misbehaved during DKG.\n bytes32 membersIdsHash;\n // Uncompressed ECDSA public key stored as X and Y coordinates (32 bytes each).\n bytes32 publicKeyX;\n bytes32 publicKeyY;\n // This struct doesn't contain `__gap` property as the structure is stored\n // in a mapping, mappings store values in different slots and they are\n // not contiguous with other values.\n }\n\n struct Data {\n // Mapping of keccak256 hashes of wallet public keys to wallet details.\n // Hash of public key is considered an unique wallet identifier.\n mapping(bytes32 => Wallet) registry;\n // Reserved storage space in case we need to add more variables.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[49] __gap;\n }\n\n /// @notice Registers a new wallet.\n /// @dev Uses a public key hash as a unique identifier of a wallet.\n /// @param membersIdsHash Keccak256 hash of group members identifiers array\n /// @param publicKey Uncompressed public key\n /// @return walletID Wallet's ID\n /// @return publicKeyX Wallet's public key's X coordinate\n /// @return publicKeyY Wallet's public key's Y coordinate\n function addWallet(\n Data storage self,\n bytes32 membersIdsHash,\n bytes calldata publicKey\n )\n internal\n returns (\n bytes32 walletID,\n bytes32 publicKeyX,\n bytes32 publicKeyY\n )\n {\n walletID = keccak256(publicKey);\n\n require(\n self.registry[walletID].publicKeyX == bytes32(0),\n \"Wallet with the given public key already exists\"\n );\n require(publicKey.length == 64, \"Invalid length of the public key\");\n\n publicKeyX = bytes32(publicKey[:32]);\n publicKeyY = bytes32(publicKey[32:]);\n\n self.registry[walletID].membersIdsHash = membersIdsHash;\n self.registry[walletID].publicKeyX = publicKeyX;\n self.registry[walletID].publicKeyY = publicKeyY;\n }\n\n /// @notice Deletes wallet with the given ID from the registry. Reverts\n /// if wallet with the given ID has not been registered or if it\n /// has already been closed.\n function deleteWallet(Data storage self, bytes32 walletID) internal {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n delete self.registry[walletID];\n }\n\n /// @notice Checks if a wallet with the given ID is registered.\n /// @param walletID Wallet's ID\n /// @return True if a wallet is registered, false otherwise\n function isWalletRegistered(Data storage self, bytes32 walletID)\n internal\n view\n returns (bool)\n {\n return self.registry[walletID].publicKeyX != bytes32(0);\n }\n\n /// @notice Returns Keccak256 hash of the wallet signing group members\n /// identifiers array. Group members do not include operators\n /// selected by the sortition pool that misbehaved during DKG.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return Wallet signing group members hash\n function getWalletMembersIdsHash(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes32)\n {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n return self.registry[walletID].membersIdsHash;\n }\n\n /// @notice Gets public key of a wallet with the given wallet ID.\n /// The public key is returned as X and Y coordinates.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return x Public key X coordinate\n /// @return y Public key Y coordinate\n function getWalletPublicKeyCoordinates(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes32 x, bytes32 y)\n {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n Wallet storage wallet = self.registry[walletID];\n\n return (wallet.publicKeyX, wallet.publicKeyY);\n }\n\n /// @notice Gets public key of a wallet with the given wallet ID.\n /// The public key is returned in an uncompressed format as a 64-byte\n /// concatenation of X and Y coordinates.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return Uncompressed public key of the wallet\n function getWalletPublicKey(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes memory)\n {\n (bytes32 x, bytes32 y) = getWalletPublicKeyCoordinates(self, walletID);\n return bytes.concat(x, y);\n }\n}\n"
205
+ "@keep-network/random-beacon/contracts/Reimbursable.sol": {
206
+ "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"./ReimbursementPool.sol\";\n\nabstract contract Reimbursable {\n // The variable should be initialized by the implementing contract.\n // slither-disable-next-line uninitialized-state\n ReimbursementPool public reimbursementPool;\n\n // Reserved storage space in case we need to add more variables,\n // since there are upgradeable contracts that inherit from this one.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[49] private __gap;\n\n event ReimbursementPoolUpdated(address newReimbursementPool);\n\n modifier refundable(address receiver) {\n uint256 gasStart = gasleft();\n _;\n reimbursementPool.refund(gasStart - gasleft(), receiver);\n }\n\n modifier onlyReimbursableAdmin() virtual {\n _;\n }\n\n function updateReimbursementPool(ReimbursementPool _reimbursementPool)\n external\n onlyReimbursableAdmin\n {\n emit ReimbursementPoolUpdated(address(_reimbursementPool));\n\n reimbursementPool = _reimbursementPool;\n }\n}\n"
213
207
  },
214
- "@keep-network/ecdsa/contracts/libraries/EcdsaAuthorization.sol": {
215
- "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n//\n\npragma solidity ^0.8.9;\n\nimport \"@keep-network/sortition-pools/contracts/SortitionPool.sol\";\nimport \"@threshold-network/solidity-contracts/contracts/staking/IStaking.sol\";\n\n/// @notice Library managing the state of stake authorizations for ECDSA\n/// operator contract and the presence of operators in the sortition\n/// pool based on the stake authorized for them.\nlibrary EcdsaAuthorization {\n struct Parameters {\n // The minimum authorization required by ECDSA application so that\n // operator can join the sortition pool and do the work.\n uint96 minimumAuthorization;\n // Authorization decrease delay in seconds between the time\n // authorization decrease is requested and the time the authorization\n // decrease can be approved. It is always the same value, no matter if\n // authorization decrease amount is small, significant, or if it is\n // a decrease to zero.\n uint64 authorizationDecreaseDelay;\n // The time period before the authorization decrease delay end,\n // during which the authorization decrease request can be overwritten.\n //\n // When the request is overwritten, the authorization decrease delay is\n // reset.\n //\n // For example, if `authorizationDecraseChangePeriod` is set to 4\n // days, `authorizationDecreaseDelay` is set to 14 days, and someone\n // requested authorization decrease, it means they can not\n // request another decrease for the first 10 days. After 10 days pass,\n // they can request again and overwrite the previous authorization\n // decrease request. The delay time will reset for them and they\n // will have to wait another 10 days to alter it and 14 days to\n // approve it.\n //\n // This value protects against malicious operators who manipulate\n // their weight by overwriting authorization decrease request, and\n // lowering or increasing their eligible stake this way.\n //\n // If set to a value equal to `authorizationDecreaseDelay, it means\n // that authorization decrease request can be always overwritten.\n // If set to zero, it means authorization decrease request can not be\n // overwritten until the delay end, and one needs to wait for the entire\n // authorization decrease delay to approve their decrease and request\n // for another one or to overwrite the pending one.\n //\n // (1) authorization decrease requested timestamp\n // (2) from this moment authorization decrease request can be\n // overwritten\n // (3) from this moment authorization decrease request can be\n // approved, assuming it was NOT overwritten in (2)\n //\n // (1) (2) (3)\n // --x------------------------------x--------------------------x---->\n // | \\________________________/\n // | authorizationDecreaseChangePeriod\n // \\______________________________________________________/\n // authorizationDecreaseDelay\n //\n uint64 authorizationDecreaseChangePeriod;\n // This struct doesn't contain `__gap` property as the structure is\n // stored inside `Data` struct, that already have a gap that can be used\n // on upgrade.\n }\n\n struct AuthorizationDecrease {\n uint96 decreasingBy; // amount\n uint64 decreasingAt; // timestamp\n }\n\n struct Data {\n Parameters parameters;\n mapping(address => address) stakingProviderToOperator;\n mapping(address => address) operatorToStakingProvider;\n mapping(address => AuthorizationDecrease) pendingDecreases;\n // Reserved storage space in case we need to add more variables.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[46] __gap;\n }\n\n event OperatorRegistered(\n address indexed stakingProvider,\n address indexed operator\n );\n\n event AuthorizationIncreased(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount\n );\n\n event AuthorizationDecreaseRequested(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount,\n uint64 decreasingAt\n );\n\n event AuthorizationDecreaseApproved(address indexed stakingProvider);\n\n event InvoluntaryAuthorizationDecreaseFailed(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount\n );\n\n event OperatorJoinedSortitionPool(\n address indexed stakingProvider,\n address indexed operator\n );\n\n event OperatorStatusUpdated(\n address indexed stakingProvider,\n address indexed operator\n );\n\n /// @notice Sets the minimum authorization for ECDSA application. Without\n /// at least the minimum authorization, staking provider is not\n /// eligible to join and operate in the network.\n function setMinimumAuthorization(\n Data storage self,\n uint96 _minimumAuthorization\n ) internal {\n self.parameters.minimumAuthorization = _minimumAuthorization;\n }\n\n /// @notice Sets the authorization decrease delay. It is the time in seconds\n /// that needs to pass between the time authorization decrease is\n /// requested and the time the authorization decrease can be\n /// approved, no matter the authorization decrease amount.\n function setAuthorizationDecreaseDelay(\n Data storage self,\n uint64 _authorizationDecreaseDelay\n ) internal {\n self\n .parameters\n .authorizationDecreaseDelay = _authorizationDecreaseDelay;\n }\n\n /// @notice Sets the authorization decrease change period. It is the time\n /// period before the authorization decrease delay end,\n /// during which the authorization decrease request can be\n /// overwritten.\n function setAuthorizationDecreaseChangePeriod(\n Data storage self,\n uint64 _authorizationDecreaseChangePeriod\n ) internal {\n self\n .parameters\n .authorizationDecreaseChangePeriod = _authorizationDecreaseChangePeriod;\n }\n\n /// @notice Used by staking provider to set operator address that will\n /// operate ECDSA node. The given staking provider can set operator\n /// address only one time. The operator address can not be changed\n /// and must be unique. Reverts if the operator is already set for\n /// the staking provider or if the operator address is already in\n /// use. Reverts if there is a pending authorization decrease for\n /// the staking provider.\n function registerOperator(Data storage self, address operator) internal {\n address stakingProvider = msg.sender;\n\n require(operator != address(0), \"Operator can not be zero address\");\n require(\n self.stakingProviderToOperator[stakingProvider] == address(0),\n \"Operator already set for the staking provider\"\n );\n require(\n self.operatorToStakingProvider[operator] == address(0),\n \"Operator address already in use\"\n );\n\n // Authorization request for a staking provider who has not yet\n // registered their operator can be approved immediately.\n // We need to make sure that the approval happens before operator\n // is registered to do not let the operator join the sortition pool\n // with an unresolved authorization decrease request that can be\n // approved at any point.\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n require(\n decrease.decreasingAt == 0,\n \"There is a pending authorization decrease request\"\n );\n\n emit OperatorRegistered(stakingProvider, operator);\n\n self.stakingProviderToOperator[stakingProvider] = operator;\n self.operatorToStakingProvider[operator] = stakingProvider;\n }\n\n /// @notice Used by T staking contract to inform the application that the\n /// authorized stake amount for the given staking provider increased.\n ///\n /// Reverts if the authorization amount is below the minimum.\n ///\n /// The function is not updating the sortition pool. Sortition pool\n /// state needs to be updated by the operator with a call to\n /// `joinSortitionPool` or `updateOperatorStatus`.\n ///\n /// @dev Should only be callable by T staking contract.\n function authorizationIncreased(\n Data storage self,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n require(\n toAmount >= self.parameters.minimumAuthorization,\n \"Authorization below the minimum\"\n );\n\n // Note that this function does not require the operator address to be\n // set for the given staking provider. This allows the stake owner\n // who is also an authorizer to increase the authorization before the\n // staking provider sets the operator. This allows delegating stake\n // and increasing authorization immediately one after another without\n // having to wait for the staking provider to do their part.\n\n address operator = self.stakingProviderToOperator[stakingProvider];\n emit AuthorizationIncreased(\n stakingProvider,\n operator,\n fromAmount,\n toAmount\n );\n }\n\n /// @notice Used by T staking contract to inform the application that the\n /// authorization decrease for the given staking provider has been\n /// requested.\n ///\n /// Reverts if the amount after deauthorization would be non-zero\n /// and lower than the minimum authorization.\n ///\n /// Reverts if another authorization decrease request is pending for\n /// the staking provider and not enough time passed since the\n /// original request (see `authorizationDecreaseChangePeriod`).\n ///\n /// If the operator is not known (`registerOperator` was not called)\n /// it lets to `approveAuthorizationDecrease` immediately. If the\n /// operator is known (`registerOperator` was called), the operator\n /// needs to update state of the sortition pool with a call to\n /// `joinSortitionPool` or `updateOperatorStatus`. After the\n /// sortition pool state is in sync, authorization decrease delay\n /// starts.\n ///\n /// After authorization decrease delay passes, authorization\n /// decrease request needs to be approved with a call to\n /// `approveAuthorizationDecrease` function.\n ///\n /// If there is a pending authorization decrease request, it is\n /// overwritten, but only if enough time passed since the original\n /// request. Otherwise, the function reverts.\n ///\n /// @dev Should only be callable by T staking contract.\n function authorizationDecreaseRequested(\n Data storage self,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n require(\n toAmount == 0 || toAmount >= self.parameters.minimumAuthorization,\n \"Authorization amount should be 0 or above the minimum\"\n );\n\n address operator = self.stakingProviderToOperator[stakingProvider];\n\n uint64 decreasingAt;\n\n if (operator == address(0)) {\n // Operator is not known. It means `registerOperator` was not\n // called yet, and there is no chance the operator could\n // call `joinSortitionPool`. We can let to approve authorization\n // decrease immediately because that operator was never in the\n // sortition pool.\n\n // solhint-disable-next-line not-rely-on-time\n decreasingAt = uint64(block.timestamp);\n } else {\n // Operator is known. It means that this operator is or was in\n // the sortition pool. Before authorization decrease delay starts,\n // the operator needs to update the state of the sortition pool\n // with a call to `joinSortitionPool` or `updateOperatorStatus`.\n // For now, we set `decreasingAt` as \"never decreasing\" and let\n // it be updated by `joinSortitionPool` or `updateOperatorStatus`\n // once we know the sortition pool is in sync.\n decreasingAt = type(uint64).max;\n }\n\n uint96 decreasingBy = fromAmount - toAmount;\n\n AuthorizationDecrease storage decreaseRequest = self.pendingDecreases[\n stakingProvider\n ];\n\n uint64 pendingDecreaseAt = decreaseRequest.decreasingAt;\n if (pendingDecreaseAt != 0 && pendingDecreaseAt != type(uint64).max) {\n // If there is already a pending authorization decrease request for\n // this staking provider and that request has been activated\n // (sortition pool was updated), require enough time to pass before\n // it can be overwritten.\n require(\n // solhint-disable-next-line not-rely-on-time\n block.timestamp >=\n pendingDecreaseAt -\n self.parameters.authorizationDecreaseChangePeriod,\n \"Not enough time passed since the original request\"\n );\n }\n\n decreaseRequest.decreasingBy = decreasingBy;\n decreaseRequest.decreasingAt = decreasingAt;\n\n emit AuthorizationDecreaseRequested(\n stakingProvider,\n operator,\n fromAmount,\n toAmount,\n decreasingAt\n );\n }\n\n /// @notice Approves the previously registered authorization decrease\n /// request. Reverts if authorization decrease delay have not passed\n /// yet or if the authorization decrease was not requested for the\n /// given staking provider.\n function approveAuthorizationDecrease(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider\n ) internal {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n require(\n decrease.decreasingAt > 0,\n \"Authorization decrease not requested\"\n );\n require(\n decrease.decreasingAt != type(uint64).max,\n \"Authorization decrease request not activated\"\n );\n require(\n // solhint-disable-next-line not-rely-on-time\n block.timestamp >= decrease.decreasingAt,\n \"Authorization decrease delay not passed\"\n );\n\n emit AuthorizationDecreaseApproved(stakingProvider);\n\n // slither-disable-next-line unused-return\n tokenStaking.approveAuthorizationDecrease(stakingProvider);\n delete self.pendingDecreases[stakingProvider];\n }\n\n /// @notice Used by T staking contract to inform the application the\n /// authorization has been decreased for the given staking provider\n /// involuntarily, as a result of slashing.\n ///\n /// If the operator is not known (`registerOperator` was not called)\n /// the function does nothing. The operator was never in a sortition\n /// pool so there is nothing to update.\n ///\n /// If the operator is known, sortition pool is unlocked, and the\n /// operator is in the sortition pool, the sortition pool state is\n /// updated. If the sortition pool is locked, update needs to be\n /// postponed. Every other staker is incentivized to call\n /// `updateOperatorStatus` for the problematic operator to increase\n /// their own rewards in the pool.\n ///\n /// @dev Should only be callable by T staking contract.\n function involuntaryAuthorizationDecrease(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n address operator = self.stakingProviderToOperator[stakingProvider];\n\n if (operator == address(0)) {\n // Operator is not known. It means `registerOperator` was not\n // called yet, and there is no chance the operator could\n // call `joinSortitionPool`. We can just ignore this update because\n // operator was never in the sortition pool.\n return;\n } else {\n // Operator is known. It means that this operator is or was in the\n // sortition pool and the sortition pool may need to be updated.\n //\n // If the sortition pool is not locked and the operator is in the\n // sortition pool, we are updating it.\n //\n // To keep stakes synchronized between applications when staking\n // providers are slashed, without the risk of running out of gas,\n // the staking contract queues up slashings and let users process\n // the transactions. When an application slashes one or more staking\n // providers, it adds them to the slashing queue on the staking\n // contract. A queue entry contains the staking provider’s address\n // and the amount they are due to be slashed.\n //\n // When there is at least one staking provider in the slashing\n // queue, any account can submit a transaction processing one or\n // more staking providers' slashings, and collecting a reward for\n // doing so. A queued slashing is processed by updating the staking\n // provider’s stake to the post-slashing amount, updating authorized\n // amount for each affected application, and notifying all affected\n // applications that the staking provider’s authorized stake has\n // been reduced due to slashing.\n //\n // The entire idea is that the process transaction is expensive\n // because each application needs to be updated, so the reward for\n // the processor is hefty and comes from the slashed tokens.\n // Practically, it means that if the sortition pool is unlocked, and\n // can be updated, it should be updated because we already paid\n // someone for updating it.\n //\n // If the sortition pool is locked, update needs to wait. Other\n // sortition pool members are incentivized to call\n // `updateOperatorStatus` for the problematic operator because they\n // will increase their rewards this way.\n if (sortitionPool.isOperatorInPool(operator)) {\n if (sortitionPool.isLocked()) {\n emit InvoluntaryAuthorizationDecreaseFailed(\n stakingProvider,\n operator,\n fromAmount,\n toAmount\n );\n } else {\n updateOperatorStatus(\n self,\n tokenStaking,\n sortitionPool,\n operator\n );\n }\n }\n }\n }\n\n /// @notice Lets the operator join the sortition pool. The operator address\n /// must be known - before calling this function, it has to be\n /// appointed by the staking provider by calling `registerOperator`.\n /// Also, the operator must have the minimum authorization required\n /// by ECDSA. Function reverts if there is no minimum stake\n /// authorized or if the operator is not known. If there was an\n /// authorization decrease requested, it is activated by starting\n /// the authorization decrease delay.\n function joinSortitionPool(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool\n ) internal {\n address operator = msg.sender;\n\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n require(_eligibleStake != 0, \"Authorization below the minimum\");\n\n emit OperatorJoinedSortitionPool(stakingProvider, operator);\n\n sortitionPool.insertOperator(operator, _eligibleStake);\n\n // If there is a pending authorization decrease request, activate it.\n // At this point, the sortition pool state is up to date so the\n // authorization decrease delay can start counting.\n if (decrease.decreasingAt == type(uint64).max) {\n decrease.decreasingAt =\n // solhint-disable-next-line not-rely-on-time\n uint64(block.timestamp) +\n self.parameters.authorizationDecreaseDelay;\n }\n }\n\n /// @notice Updates status of the operator in the sortition pool. If there\n /// was an authorization decrease requested, it is activated by\n /// starting the authorization decrease delay.\n /// Function reverts if the operator is not known.\n function updateOperatorStatus(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address operator\n ) internal {\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n emit OperatorStatusUpdated(stakingProvider, operator);\n\n if (sortitionPool.isOperatorInPool(operator)) {\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n sortitionPool.updateOperatorStatus(operator, _eligibleStake);\n }\n\n // If there is a pending authorization decrease request, activate it.\n // At this point, the sortition pool state is up to date so the\n // authorization decrease delay can start counting.\n if (decrease.decreasingAt == type(uint64).max) {\n decrease.decreasingAt =\n // solhint-disable-next-line not-rely-on-time\n uint64(block.timestamp) +\n self.parameters.authorizationDecreaseDelay;\n }\n }\n\n /// @notice Checks if the operator's authorized stake is in sync with\n /// operator's weight in the sortition pool.\n /// If the operator is not in the sortition pool and their\n /// authorized stake is non-zero, function returns false.\n function isOperatorUpToDate(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address operator\n ) internal view returns (bool) {\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n if (!sortitionPool.isOperatorInPool(operator)) {\n return _eligibleStake == 0;\n } else {\n return sortitionPool.isOperatorUpToDate(operator, _eligibleStake);\n }\n }\n\n /// @notice Returns the current value of the staking provider's eligible\n /// stake. Eligible stake is defined as the currently authorized\n /// stake minus the pending authorization decrease. Eligible stake\n /// is what is used for operator's weight in the pool. If the\n /// authorized stake minus the pending authorization decrease is\n /// below the minimum authorization, eligible stake is 0.\n /// @dev This function can be exposed to the public in contrast to the\n /// second variant accepting `decreasingBy` as a parameter.\n function eligibleStake(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider\n ) internal view returns (uint96) {\n return\n eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n pendingAuthorizationDecrease(self, stakingProvider)\n );\n }\n\n /// @notice Returns the current value of the staking provider's eligible\n /// stake. Eligible stake is defined as the currently authorized\n /// stake minus the pending authorization decrease. Eligible stake\n /// is what is used for operator's weight in the pool. If the\n /// authorized stake minus the pending authorization decrease is\n /// below the minimum authorization, eligible stake is 0.\n /// @dev This function is not intended to be exposes to the public.\n /// `decreasingBy` must be fetched from `pendingDecreases` mapping and\n /// it is passed as a parameter to optimize gas usage of functions that\n /// call `eligibleStake` and need to use `AuthorizationDecrease`\n /// fetched from `pendingDecreases` for some additional logic.\n function eligibleStake(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider,\n uint96 decreasingBy\n ) internal view returns (uint96) {\n uint96 authorizedStake = tokenStaking.authorizedStake(\n stakingProvider,\n address(this)\n );\n\n uint96 _eligibleStake = authorizedStake > decreasingBy\n ? authorizedStake - decreasingBy\n : 0;\n\n if (_eligibleStake < self.parameters.minimumAuthorization) {\n return 0;\n } else {\n return _eligibleStake;\n }\n }\n\n /// @notice Returns the amount of stake that is pending authorization\n /// decrease for the given staking provider. If no authorization\n /// decrease has been requested, returns zero.\n function pendingAuthorizationDecrease(\n Data storage self,\n address stakingProvider\n ) internal view returns (uint96) {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n return decrease.decreasingBy;\n }\n\n /// @notice Returns the remaining time in seconds that needs to pass before\n /// the requested authorization decrease can be approved.\n /// If the sortition pool state was not updated yet by the operator\n /// after requesting the authorization decrease, returns\n /// `type(uint64).max`.\n function remainingAuthorizationDecreaseDelay(\n Data storage self,\n address stakingProvider\n ) internal view returns (uint64) {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n if (decrease.decreasingAt == type(uint64).max) {\n return type(uint64).max;\n }\n\n // solhint-disable-next-line not-rely-on-time\n uint64 _now = uint64(block.timestamp);\n return _now > decrease.decreasingAt ? 0 : decrease.decreasingAt - _now;\n }\n}\n"
208
+ "@keep-network/random-beacon/contracts/ReimbursementPool.sol": {
209
+ "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts/access/Ownable.sol\";\nimport \"@openzeppelin/contracts/security/ReentrancyGuard.sol\";\n\ncontract ReimbursementPool is Ownable, ReentrancyGuard {\n /// @notice Authorized contracts that can interact with the reimbursment pool.\n /// Authorization can be granted and removed by the owner.\n mapping(address => bool) public isAuthorized;\n\n /// @notice Static gas includes:\n /// - cost of the refund function\n /// - base transaction cost\n uint256 public staticGas;\n\n /// @notice Max gas price used to reimburse a transaction submitter. Protects\n /// against malicious operator-miners.\n uint256 public maxGasPrice;\n\n event StaticGasUpdated(uint256 newStaticGas);\n\n event MaxGasPriceUpdated(uint256 newMaxGasPrice);\n\n event SendingEtherFailed(uint256 refundAmount, address receiver);\n\n event AuthorizedContract(address thirdPartyContract);\n\n event UnauthorizedContract(address thirdPartyContract);\n\n event FundsWithdrawn(uint256 withdrawnAmount, address receiver);\n\n constructor(uint256 _staticGas, uint256 _maxGasPrice) {\n staticGas = _staticGas;\n maxGasPrice = _maxGasPrice;\n }\n\n /// @notice Receive ETH\n receive() external payable {}\n\n /// @notice Refunds ETH to a spender for executing specific transactions.\n /// @dev Ignoring the result of sending ETH to a receiver is made on purpose.\n /// For EOA receiving ETH should always work. If a receiver is a smart\n /// contract, then we do not want to fail a transaction, because in some\n /// cases the refund is done at the very end of multiple calls where all\n /// the previous calls were already paid off. It is a receiver's smart\n /// contract resposibility to make sure it can receive ETH.\n /// @dev Only authorized contracts are allowed calling this function.\n /// @param gasSpent Gas spent on a transaction that needs to be reimbursed.\n /// @param receiver Address where the reimbursment is sent.\n function refund(uint256 gasSpent, address receiver) external nonReentrant {\n require(\n isAuthorized[msg.sender],\n \"Contract is not authorized for a refund\"\n );\n require(receiver != address(0), \"Receiver's address cannot be zero\");\n\n uint256 gasPrice = tx.gasprice < maxGasPrice\n ? tx.gasprice\n : maxGasPrice;\n\n uint256 refundAmount = (gasSpent + staticGas) * gasPrice;\n\n /* solhint-disable avoid-low-level-calls */\n // slither-disable-next-line low-level-calls,unchecked-lowlevel\n (bool sent, ) = receiver.call{value: refundAmount}(\"\");\n /* solhint-enable avoid-low-level-calls */\n if (!sent) {\n // slither-disable-next-line reentrancy-events\n emit SendingEtherFailed(refundAmount, receiver);\n }\n }\n\n /// @notice Authorize a contract that can interact with this reimbursment pool.\n /// Can be authorized by the owner only.\n /// @param _contract Authorized contract.\n function authorize(address _contract) external onlyOwner {\n isAuthorized[_contract] = true;\n\n emit AuthorizedContract(_contract);\n }\n\n /// @notice Unauthorize a contract that was previously authorized to interact\n /// with this reimbursment pool. Can be unauthorized by the\n /// owner only.\n /// @param _contract Authorized contract.\n function unauthorize(address _contract) external onlyOwner {\n delete isAuthorized[_contract];\n\n emit UnauthorizedContract(_contract);\n }\n\n /// @notice Setting a static gas cost for executing a transaction. Can be set\n /// by the owner only.\n /// @param _staticGas Static gas cost.\n function setStaticGas(uint256 _staticGas) external onlyOwner {\n staticGas = _staticGas;\n\n emit StaticGasUpdated(_staticGas);\n }\n\n /// @notice Setting a max gas price for transactions. Can be set by the\n /// owner only.\n /// @param _maxGasPrice Max gas price used to reimburse tx submitters.\n function setMaxGasPrice(uint256 _maxGasPrice) external onlyOwner {\n maxGasPrice = _maxGasPrice;\n\n emit MaxGasPriceUpdated(_maxGasPrice);\n }\n\n /// @notice Withdraws all ETH from this pool which are sent to a given\n /// address. Can be set by the owner only.\n /// @param receiver An address where ETH is sent.\n function withdrawAll(address receiver) external onlyOwner {\n withdraw(address(this).balance, receiver);\n }\n\n /// @notice Withdraws ETH amount from this pool which are sent to a given\n /// address. Can be set by the owner only.\n /// @param amount Amount to withdraw from the pool.\n /// @param receiver An address where ETH is sent.\n function withdraw(uint256 amount, address receiver) public onlyOwner {\n require(\n address(this).balance >= amount,\n \"Insufficient contract balance\"\n );\n require(receiver != address(0), \"Receiver's address cannot be zero\");\n\n emit FundsWithdrawn(amount, receiver);\n\n /* solhint-disable avoid-low-level-calls */\n // slither-disable-next-line low-level-calls,arbitrary-send\n (bool sent, ) = receiver.call{value: amount}(\"\");\n /* solhint-enable avoid-low-level-calls */\n require(sent, \"Failed to send Ether\");\n }\n}\n"
216
210
  },
217
- "@threshold-network/solidity-contracts/contracts/staking/IStaking.sol": {
218
- "content": "// SPDX-License-Identifier: GPL-3.0-or-later\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity 0.8.9;\n\n/// @title Interface of Threshold Network staking contract\n/// @notice The staking contract enables T owners to have their wallets offline\n/// and their stake managed by staking providers on their behalf.\n/// The staking contract does not define operator role. The operator\n/// responsible for running off-chain client software is appointed by\n/// the staking provider in the particular application utilizing the\n/// staking contract. All off-chain client software should be able\n/// to run without exposing operator's or staking provider’s private\n/// key and should not require any owner’s keys at all. The stake\n/// delegation optimizes the network throughput without compromising the\n/// security of the owners’ stake.\ninterface IStaking {\n enum StakeType {\n NU,\n KEEP,\n T\n }\n\n //\n //\n // Delegating a stake\n //\n //\n\n /// @notice Creates a delegation with `msg.sender` owner with the given\n /// staking provider, beneficiary, and authorizer. Transfers the\n /// given amount of T to the staking contract.\n /// @dev The owner of the delegation needs to have the amount approved to\n /// transfer to the staking contract.\n function stake(\n address stakingProvider,\n address payable beneficiary,\n address authorizer,\n uint96 amount\n ) external;\n\n /// @notice Copies delegation from the legacy KEEP staking contract to T\n /// staking contract. No tokens are transferred. Caches the active\n /// stake amount from KEEP staking contract. Can be called by\n /// anyone.\n /// @dev The staking provider in T staking contract is the legacy KEEP\n /// staking contract operator.\n function stakeKeep(address stakingProvider) external;\n\n /// @notice Copies delegation from the legacy NU staking contract to T\n /// staking contract, additionally appointing staking provider,\n /// beneficiary and authorizer roles. Caches the amount staked in NU\n /// staking contract. Can be called only by the original delegation\n /// owner.\n function stakeNu(\n address stakingProvider,\n address payable beneficiary,\n address authorizer\n ) external;\n\n /// @notice Refresh Keep stake owner. Can be called only by the old owner.\n /// @dev The staking provider in T staking contract is the legacy KEEP\n /// staking contract operator.\n function refreshKeepStakeOwner(address stakingProvider) external;\n\n /// @notice Allows the Governance to set the minimum required stake amount.\n /// This amount is required to protect against griefing the staking\n /// contract and individual applications are allowed to require\n /// higher minimum stakes if necessary.\n function setMinimumStakeAmount(uint96 amount) external;\n\n //\n //\n // Authorizing an application\n //\n //\n\n /// @notice Allows the Governance to approve the particular application\n /// before individual stake authorizers are able to authorize it.\n function approveApplication(address application) external;\n\n /// @notice Increases the authorization of the given staking provider for\n /// the given application by the given amount. Can only be called by\n /// the authorizer for that staking provider.\n /// @dev Calls `authorizationIncreased(address stakingProvider, uint256 amount)`\n /// on the given application to notify the application about\n /// authorization change. See `IApplication`.\n function increaseAuthorization(\n address stakingProvider,\n address application,\n uint96 amount\n ) external;\n\n /// @notice Requests decrease of the authorization for the given staking\n /// provider on the given application by the provided amount.\n /// It may not change the authorized amount immediatelly. When\n /// it happens depends on the application. Can only be called by the\n /// given staking provider’s authorizer. Overwrites pending\n /// authorization decrease for the given staking provider and\n /// application.\n /// @dev Calls `authorizationDecreaseRequested(address stakingProvider, uint256 amount)`\n /// on the given application. See `IApplication`.\n function requestAuthorizationDecrease(\n address stakingProvider,\n address application,\n uint96 amount\n ) external;\n\n /// @notice Requests decrease of all authorizations for the given staking\n /// provider on all applications by all authorized amount.\n /// It may not change the authorized amount immediatelly. When\n /// it happens depends on the application. Can only be called by the\n /// given staking provider’s authorizer. Overwrites pending\n /// authorization decrease for the given staking provider and\n /// application.\n /// @dev Calls `authorizationDecreaseRequested(address stakingProvider, uint256 amount)`\n /// for each authorized application. See `IApplication`.\n function requestAuthorizationDecrease(address stakingProvider) external;\n\n /// @notice Called by the application at its discretion to approve the\n /// previously requested authorization decrease request. Can only be\n /// called by the application that was previously requested to\n /// decrease the authorization for that staking provider.\n /// Returns resulting authorized amount for the application.\n function approveAuthorizationDecrease(address stakingProvider)\n external\n returns (uint96);\n\n /// @notice Decreases the authorization for the given `stakingProvider` on\n /// the given disabled `application`, for all authorized amount.\n /// Can be called by anyone.\n function forceDecreaseAuthorization(\n address stakingProvider,\n address application\n ) external;\n\n /// @notice Pauses the given application’s eligibility to slash stakes.\n /// Besides that stakers can't change authorization to the application.\n /// Can be called only by the Panic Button of the particular\n /// application. The paused application can not slash stakes until\n /// it is approved again by the Governance using `approveApplication`\n /// function. Should be used only in case of an emergency.\n function pauseApplication(address application) external;\n\n /// @notice Disables the given application. The disabled application can't\n /// slash stakers. Also stakers can't increase authorization to that\n /// application but can decrease without waiting by calling\n /// `requestAuthorizationDecrease` at any moment. Can be called only\n /// by the governance. The disabled application can't be approved\n /// again. Should be used only in case of an emergency.\n function disableApplication(address application) external;\n\n /// @notice Sets the Panic Button role for the given application to the\n /// provided address. Can only be called by the Governance. If the\n /// Panic Button for the given application should be disabled, the\n /// role address should be set to 0x0 address.\n function setPanicButton(address application, address panicButton) external;\n\n /// @notice Sets the maximum number of applications one staking provider can\n /// have authorized. Used to protect against DoSing slashing queue.\n /// Can only be called by the Governance.\n function setAuthorizationCeiling(uint256 ceiling) external;\n\n //\n //\n // Stake top-up\n //\n //\n\n /// @notice Increases the amount of the stake for the given staking provider.\n /// Can be called only by the owner or the staking provider.\n /// @dev The sender of this transaction needs to have the amount approved to\n /// transfer to the staking contract.\n function topUp(address stakingProvider, uint96 amount) external;\n\n /// @notice Propagates information about stake top-up from the legacy KEEP\n /// staking contract to T staking contract. Can be called only by\n /// the owner or the staking provider.\n function topUpKeep(address stakingProvider) external;\n\n /// @notice Propagates information about stake top-up from the legacy NU\n /// staking contract to T staking contract. Can be called only by\n /// the owner or the staking provider.\n function topUpNu(address stakingProvider) external;\n\n //\n //\n // Undelegating a stake (unstaking)\n //\n //\n\n /// @notice Reduces the liquid T stake amount by the provided amount and\n /// withdraws T to the owner. Reverts if there is at least one\n /// authorization higher than the sum of the legacy stake and\n /// remaining liquid T stake or if the unstake amount is higher than\n /// the liquid T stake amount. Can be called only by the delegation\n /// owner or the staking provider.\n function unstakeT(address stakingProvider, uint96 amount) external;\n\n /// @notice Sets the legacy KEEP staking contract active stake amount cached\n /// in T staking contract to 0. Reverts if the amount of liquid T\n /// staked in T staking contract is lower than the highest\n /// application authorization. This function allows to unstake from\n /// KEEP staking contract and still being able to operate in T\n /// network and earning rewards based on the liquid T staked. Can be\n /// called only by the delegation owner or the staking provider.\n function unstakeKeep(address stakingProvider) external;\n\n /// @notice Reduces cached legacy NU stake amount by the provided amount.\n /// Reverts if there is at least one authorization higher than the\n /// sum of remaining legacy NU stake and liquid T stake for that\n /// staking provider or if the untaked amount is higher than the\n /// cached legacy stake amount. If succeeded, the legacy NU stake\n /// can be partially or fully undelegated on the legacy staking\n /// contract. This function allows to unstake from NU staking\n /// contract and still being able to operate in T network and\n /// earning rewards based on the liquid T staked. Can be called only\n /// by the delegation owner or the staking provider.\n function unstakeNu(address stakingProvider, uint96 amount) external;\n\n /// @notice Sets cached legacy stake amount to 0, sets the liquid T stake\n /// amount to 0 and withdraws all liquid T from the stake to the\n /// owner. Reverts if there is at least one non-zero authorization.\n /// Can be called only by the delegation owner or the staking\n /// provider.\n function unstakeAll(address stakingProvider) external;\n\n //\n //\n // Keeping information in sync\n //\n //\n\n /// @notice Notifies about the discrepancy between legacy KEEP active stake\n /// and the amount cached in T staking contract. Slashes the staking\n /// provider in case the amount cached is higher than the actual\n /// active stake amount in KEEP staking contract. Needs to update\n /// authorizations of all affected applications and execute an\n /// involuntary allocation decrease on all affected applications.\n /// Can be called by anyone, notifier receives a reward.\n function notifyKeepStakeDiscrepancy(address stakingProvider) external;\n\n /// @notice Notifies about the discrepancy between legacy NU active stake\n /// and the amount cached in T staking contract. Slashes the\n /// staking provider in case the amount cached is higher than the\n /// actual active stake amount in NU staking contract. Needs to\n /// update authorizations of all affected applications and execute\n /// an involuntary allocation decrease on all affected applications.\n /// Can be called by anyone, notifier receives a reward.\n function notifyNuStakeDiscrepancy(address stakingProvider) external;\n\n /// @notice Sets the penalty amount for stake discrepancy and reward\n /// multiplier for reporting it. The penalty is seized from the\n /// delegated stake, and 5% of the penalty, scaled by the\n /// multiplier, is given to the notifier. The rest of the tokens are\n /// burned. Can only be called by the Governance. See `seize` function.\n function setStakeDiscrepancyPenalty(\n uint96 penalty,\n uint256 rewardMultiplier\n ) external;\n\n /// @notice Sets reward in T tokens for notification of misbehaviour\n /// of one staking provider. Can only be called by the governance.\n function setNotificationReward(uint96 reward) external;\n\n /// @notice Transfer some amount of T tokens as reward for notifications\n /// of misbehaviour\n function pushNotificationReward(uint96 reward) external;\n\n /// @notice Withdraw some amount of T tokens from notifiers treasury.\n /// Can only be called by the governance.\n function withdrawNotificationReward(address recipient, uint96 amount)\n external;\n\n /// @notice Adds staking providers to the slashing queue along with the\n /// amount that should be slashed from each one of them. Can only be\n /// called by application authorized for all staking providers in\n /// the array.\n function slash(uint96 amount, address[] memory stakingProviders) external;\n\n /// @notice Adds staking providers to the slashing queue along with the\n /// amount. The notifier will receive reward per each staking\n /// provider from notifiers treasury. Can only be called by\n /// application authorized for all staking providers in the array.\n function seize(\n uint96 amount,\n uint256 rewardMultipier,\n address notifier,\n address[] memory stakingProviders\n ) external;\n\n /// @notice Takes the given number of queued slashing operations and\n /// processes them. Receives 5% of the slashed amount.\n /// Executes `involuntaryAllocationDecrease` function on each\n /// affected application.\n function processSlashing(uint256 count) external;\n\n //\n //\n // Auxiliary functions\n //\n //\n\n /// @notice Returns the authorized stake amount of the staking provider for\n /// the application.\n function authorizedStake(address stakingProvider, address application)\n external\n view\n returns (uint96);\n\n /// @notice Returns staked amount of T, Keep and Nu for the specified\n /// staking provider.\n /// @dev All values are in T denomination\n function stakes(address stakingProvider)\n external\n view\n returns (\n uint96 tStake,\n uint96 keepInTStake,\n uint96 nuInTStake\n );\n\n /// @notice Returns start staking timestamp.\n /// @dev This value is set at most once.\n function getStartStakingTimestamp(address stakingProvider)\n external\n view\n returns (uint256);\n\n /// @notice Returns staked amount of NU for the specified staking provider.\n function stakedNu(address stakingProvider) external view returns (uint256);\n\n /// @notice Gets the stake owner, the beneficiary and the authorizer\n /// for the specified staking provider address.\n /// @return owner Stake owner address.\n /// @return beneficiary Beneficiary address.\n /// @return authorizer Authorizer address.\n function rolesOf(address stakingProvider)\n external\n view\n returns (\n address owner,\n address payable beneficiary,\n address authorizer\n );\n\n /// @notice Returns length of application array\n function getApplicationsLength() external view returns (uint256);\n\n /// @notice Returns length of slashing queue\n function getSlashingQueueLength() external view returns (uint256);\n\n /// @notice Returns minimum possible stake for T, KEEP or NU in T\n /// denomination.\n /// @dev For example, suppose the given staking provider has 10 T, 20 T\n /// worth of KEEP, and 30 T worth of NU all staked, and the maximum\n /// application authorization is 40 T, then `getMinStaked` for\n /// that staking provider returns:\n /// * 0 T if KEEP stake type specified i.e.\n /// min = 40 T max - (10 T + 30 T worth of NU) = 0 T\n /// * 10 T if NU stake type specified i.e.\n /// min = 40 T max - (10 T + 20 T worth of KEEP) = 10 T\n /// * 0 T if T stake type specified i.e.\n /// min = 40 T max - (20 T worth of KEEP + 30 T worth of NU) < 0 T\n /// In other words, the minimum stake amount for the specified\n /// stake type is the minimum amount of stake of the given type\n /// needed to satisfy the maximum application authorization given the\n /// staked amounts of the other stake types for that staking provider.\n function getMinStaked(address stakingProvider, StakeType stakeTypes)\n external\n view\n returns (uint96);\n\n /// @notice Returns available amount to authorize for the specified application\n function getAvailableToAuthorize(\n address stakingProvider,\n address application\n ) external view returns (uint96);\n}\n"
211
+ "@openzeppelin/contracts/security/ReentrancyGuard.sol": {
212
+ "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (security/ReentrancyGuard.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Contract module that helps prevent reentrant calls to a function.\n *\n * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier\n * available, which can be applied to functions to make sure there are no nested\n * (reentrant) calls to them.\n *\n * Note that because there is a single `nonReentrant` guard, functions marked as\n * `nonReentrant` may not call one another. This can be worked around by making\n * those functions `private`, and then adding `external` `nonReentrant` entry\n * points to them.\n *\n * TIP: If you would like to learn more about reentrancy and alternative ways\n * to protect against it, check out our blog post\n * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].\n */\nabstract contract ReentrancyGuard {\n // Booleans are more expensive than uint256 or any type that takes up a full\n // word because each write operation emits an extra SLOAD to first read the\n // slot's contents, replace the bits taken up by the boolean, and then write\n // back. This is the compiler's defense against contract upgrades and\n // pointer aliasing, and it cannot be disabled.\n\n // The values being non-zero value makes deployment a bit more expensive,\n // but in exchange the refund on every call to nonReentrant will be lower in\n // amount. Since refunds are capped to a percentage of the total\n // transaction's gas, it is best to keep them low in cases like this one, to\n // increase the likelihood of the full refund coming into effect.\n uint256 private constant _NOT_ENTERED = 1;\n uint256 private constant _ENTERED = 2;\n\n uint256 private _status;\n\n constructor() {\n _status = _NOT_ENTERED;\n }\n\n /**\n * @dev Prevents a contract from calling itself, directly or indirectly.\n * Calling a `nonReentrant` function from another `nonReentrant`\n * function is not supported. It is possible to prevent this from happening\n * by making the `nonReentrant` function external, and making it call a\n * `private` function that does the actual work.\n */\n modifier nonReentrant() {\n // On the first call to nonReentrant, _notEntered will be true\n require(_status != _ENTERED, \"ReentrancyGuard: reentrant call\");\n\n // Any calls to nonReentrant after this point will fail\n _status = _ENTERED;\n\n _;\n\n // By storing the original value once again, a refund is triggered (see\n // https://eips.ethereum.org/EIPS/eip-2200)\n _status = _NOT_ENTERED;\n }\n}\n"
219
213
  },
220
214
  "@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol": {
221
215
  "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (proxy/transparent/ProxyAdmin.sol)\n\npragma solidity ^0.8.0;\n\nimport \"./TransparentUpgradeableProxy.sol\";\nimport \"../../access/Ownable.sol\";\n\n/**\n * @dev This is an auxiliary contract meant to be assigned as the admin of a {TransparentUpgradeableProxy}. For an\n * explanation of why you would want to use this see the documentation for {TransparentUpgradeableProxy}.\n */\ncontract ProxyAdmin is Ownable {\n /**\n * @dev Returns the current implementation of `proxy`.\n *\n * Requirements:\n *\n * - This contract must be the admin of `proxy`.\n */\n function getProxyImplementation(TransparentUpgradeableProxy proxy) public view virtual returns (address) {\n // We need to manually run the static call since the getter cannot be flagged as view\n // bytes4(keccak256(\"implementation()\")) == 0x5c60da1b\n (bool success, bytes memory returndata) = address(proxy).staticcall(hex\"5c60da1b\");\n require(success);\n return abi.decode(returndata, (address));\n }\n\n /**\n * @dev Returns the current admin of `proxy`.\n *\n * Requirements:\n *\n * - This contract must be the admin of `proxy`.\n */\n function getProxyAdmin(TransparentUpgradeableProxy proxy) public view virtual returns (address) {\n // We need to manually run the static call since the getter cannot be flagged as view\n // bytes4(keccak256(\"admin()\")) == 0xf851a440\n (bool success, bytes memory returndata) = address(proxy).staticcall(hex\"f851a440\");\n require(success);\n return abi.decode(returndata, (address));\n }\n\n /**\n * @dev Changes the admin of `proxy` to `newAdmin`.\n *\n * Requirements:\n *\n * - This contract must be the current admin of `proxy`.\n */\n function changeProxyAdmin(TransparentUpgradeableProxy proxy, address newAdmin) public virtual onlyOwner {\n proxy.changeAdmin(newAdmin);\n }\n\n /**\n * @dev Upgrades `proxy` to `implementation`. See {TransparentUpgradeableProxy-upgradeTo}.\n *\n * Requirements:\n *\n * - This contract must be the admin of `proxy`.\n */\n function upgrade(TransparentUpgradeableProxy proxy, address implementation) public virtual onlyOwner {\n proxy.upgradeTo(implementation);\n }\n\n /**\n * @dev Upgrades `proxy` to `implementation` and calls a function on the new implementation. See\n * {TransparentUpgradeableProxy-upgradeToAndCall}.\n *\n * Requirements:\n *\n * - This contract must be the admin of `proxy`.\n */\n function upgradeAndCall(\n TransparentUpgradeableProxy proxy,\n address implementation,\n bytes memory data\n ) public payable virtual onlyOwner {\n proxy.upgradeToAndCall{value: msg.value}(implementation, data);\n }\n}\n"
@@ -247,17 +241,20 @@
247
241
  "contracts/test/TestERC20.sol": {
248
242
  "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"@thesis/solidity-contracts/contracts/token/ERC20WithPermit.sol\";\n\ncontract TestERC20 is ERC20WithPermit {\n string public constant NAME = \"Test ERC20 Token\";\n string public constant SYMBOL = \"TT\";\n\n constructor() ERC20WithPermit(NAME, SYMBOL) {}\n}\n"
249
243
  },
250
- "contracts/hardhat-dependency-compiler/@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol": {
251
- "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity >0.0.0;\nimport '@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol';\n"
244
+ "@keep-network/ecdsa/contracts/libraries/EcdsaInactivity.sol": {
245
+ "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts-upgradeable/utils/cryptography/ECDSAUpgradeable.sol\";\n\nimport \"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\";\nimport \"@keep-network/sortition-pools/contracts/SortitionPool.sol\";\n\nimport \"./Wallets.sol\";\n\nlibrary EcdsaInactivity {\n using BytesLib for bytes;\n using ECDSAUpgradeable for bytes32;\n\n struct Claim {\n // ID of the wallet whose signing group is raising the inactivity claim.\n bytes32 walletID;\n // Indices of group members accused of being inactive. Indices must be in\n // range [1, groupMembers.length], unique, and sorted in ascending order.\n uint256[] inactiveMembersIndices;\n // Indicates if inactivity claim is a wallet-wide heartbeat failure.\n // If wallet failed a heartbeat, this is signalled to the wallet owner\n // who may decide to move responsibilities to another wallet\n // given that the wallet who failed the heartbeat is at risk of not\n // being able to sign messages soon.\n bool heartbeatFailed;\n // Concatenation of signatures from members supporting the claim.\n // The message to be signed by each member is keccak256 hash of the\n // concatenation of inactivity claim nonce for the given wallet, wallet\n // public key, inactive members indices, and boolean flag indicating\n // if this is a wallet-wide heartbeat failure. The calculated hash should\n // be prefixed with `\\x19Ethereum signed message:\\n` before signing, so\n // the message to sign is:\n // `\\x19Ethereum signed message:\\n${keccak256(\n // nonce | walletPubKey | inactiveMembersIndices | heartbeatFailed\n // )}`\n bytes signatures;\n // Indices of members corresponding to each signature. Indices must be\n // in range [1, groupMembers.length], unique, and sorted in ascending\n // order.\n uint256[] signingMembersIndices;\n // This struct doesn't contain `__gap` property as the structure is not\n // stored, it is used as a function's calldata argument.\n }\n\n /// @notice The minimum number of wallet signing group members needed to\n /// interact according to the protocol to produce a valid inactivity\n /// claim.\n uint256 public constant groupThreshold = 51;\n\n /// @notice Size in bytes of a single signature produced by member\n /// supporting the inactivity claim.\n uint256 public constant signatureByteSize = 65;\n\n /// @notice Verifies the inactivity claim according to the rules defined in\n /// `Claim` struct documentation. Reverts if verification fails.\n /// @dev Wallet signing group members hash is validated upstream in\n /// `WalletRegistry.notifyOperatorInactivity()`\n /// @param sortitionPool Sortition pool reference\n /// @param claim Inactivity claim\n /// @param walletPubKey Public key of the wallet\n /// @param nonce Current inactivity nonce for wallet used in the claim\n /// @param groupMembers Identifiers of group members\n /// @return inactiveMembers Identifiers of members who are inactive\n function verifyClaim(\n SortitionPool sortitionPool,\n Claim calldata claim,\n bytes memory walletPubKey,\n uint256 nonce,\n uint32[] calldata groupMembers\n ) external view returns (uint32[] memory inactiveMembers) {\n // Validate inactive members indices. Maximum indices count is equal to\n // the group size and is not limited deliberately to leave a theoretical\n // possibility to accuse more members than `groupSize - groupThreshold`.\n validateMembersIndices(\n claim.inactiveMembersIndices,\n groupMembers.length\n );\n\n // Validate signatures array is properly formed and number of\n // signatures and signers is correct.\n uint256 signaturesCount = claim.signatures.length / signatureByteSize;\n require(claim.signatures.length != 0, \"No signatures provided\");\n require(\n claim.signatures.length % signatureByteSize == 0,\n \"Malformed signatures array\"\n );\n require(\n signaturesCount == claim.signingMembersIndices.length,\n \"Unexpected signatures count\"\n );\n require(signaturesCount >= groupThreshold, \"Too few signatures\");\n require(signaturesCount <= groupMembers.length, \"Too many signatures\");\n\n // Validate signing members indices. Note that `signingMembersIndices`\n // were already partially validated during `signatures` parameter\n // validation.\n validateMembersIndices(\n claim.signingMembersIndices,\n groupMembers.length\n );\n\n bytes32 signedMessageHash = keccak256(\n abi.encodePacked(\n nonce,\n walletPubKey,\n claim.inactiveMembersIndices,\n claim.heartbeatFailed\n )\n ).toEthSignedMessageHash();\n\n address[] memory groupMembersAddresses = sortitionPool.getIDOperators(\n groupMembers\n );\n\n // Verify each signature.\n bytes memory checkedSignature;\n bool senderSignatureExists = false;\n for (uint256 i = 0; i < signaturesCount; i++) {\n uint256 memberIndex = claim.signingMembersIndices[i];\n checkedSignature = claim.signatures.slice(\n signatureByteSize * i,\n signatureByteSize\n );\n address recoveredAddress = signedMessageHash.recover(\n checkedSignature\n );\n\n require(\n groupMembersAddresses[memberIndex - 1] == recoveredAddress,\n \"Invalid signature\"\n );\n\n if (!senderSignatureExists && msg.sender == recoveredAddress) {\n senderSignatureExists = true;\n }\n }\n\n require(senderSignatureExists, \"Sender must be claim signer\");\n\n inactiveMembers = new uint32[](claim.inactiveMembersIndices.length);\n for (uint256 i = 0; i < claim.inactiveMembersIndices.length; i++) {\n uint256 memberIndex = claim.inactiveMembersIndices[i];\n inactiveMembers[i] = groupMembers[memberIndex - 1];\n }\n\n return inactiveMembers;\n }\n\n /// @notice Validates members indices array. Array is considered valid\n /// if its size and each single index are in [1, groupSize] range,\n /// indexes are unique, and sorted in an ascending order.\n /// Reverts if validation fails.\n /// @param indices Array to validate.\n /// @param groupSize Group size used as reference.\n function validateMembersIndices(\n uint256[] calldata indices,\n uint256 groupSize\n ) internal view {\n require(\n indices.length > 0 && indices.length <= groupSize,\n \"Corrupted members indices\"\n );\n\n // Check if first and last indices are in range [1, groupSize].\n // This check combined with the loop below makes sure every single\n // index is in the correct range.\n require(\n indices[0] > 0 && indices[indices.length - 1] <= groupSize,\n \"Corrupted members indices\"\n );\n\n for (uint256 i = 0; i < indices.length - 1; i++) {\n // Check whether given index is smaller than the next one. This\n // way we are sure indexes are ordered in the ascending order\n // and there are no duplicates.\n require(indices[i] < indices[i + 1], \"Corrupted members indices\");\n }\n }\n}\n"
252
246
  },
253
- "@keep-network/random-beacon/contracts/ReimbursementPool.sol": {
254
- "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts/access/Ownable.sol\";\nimport \"@openzeppelin/contracts/security/ReentrancyGuard.sol\";\n\ncontract ReimbursementPool is Ownable, ReentrancyGuard {\n /// @notice Authorized contracts that can interact with the reimbursment pool.\n /// Authorization can be granted and removed by the owner.\n mapping(address => bool) public isAuthorized;\n\n /// @notice Static gas includes:\n /// - cost of the refund function\n /// - base transaction cost\n uint256 public staticGas;\n\n /// @notice Max gas price used to reimburse a transaction submitter. Protects\n /// against malicious operator-miners.\n uint256 public maxGasPrice;\n\n event StaticGasUpdated(uint256 newStaticGas);\n\n event MaxGasPriceUpdated(uint256 newMaxGasPrice);\n\n event SendingEtherFailed(uint256 refundAmount, address receiver);\n\n event AuthorizedContract(address thirdPartyContract);\n\n event UnauthorizedContract(address thirdPartyContract);\n\n event FundsWithdrawn(uint256 withdrawnAmount, address receiver);\n\n constructor(uint256 _staticGas, uint256 _maxGasPrice) {\n staticGas = _staticGas;\n maxGasPrice = _maxGasPrice;\n }\n\n /// @notice Receive ETH\n receive() external payable {}\n\n /// @notice Refunds ETH to a spender for executing specific transactions.\n /// @dev Ignoring the result of sending ETH to a receiver is made on purpose.\n /// For EOA receiving ETH should always work. If a receiver is a smart\n /// contract, then we do not want to fail a transaction, because in some\n /// cases the refund is done at the very end of multiple calls where all\n /// the previous calls were already paid off. It is a receiver's smart\n /// contract resposibility to make sure it can receive ETH.\n /// @dev Only authorized contracts are allowed calling this function.\n /// @param gasSpent Gas spent on a transaction that needs to be reimbursed.\n /// @param receiver Address where the reimbursment is sent.\n function refund(uint256 gasSpent, address receiver) external nonReentrant {\n require(\n isAuthorized[msg.sender],\n \"Contract is not authorized for a refund\"\n );\n require(receiver != address(0), \"Receiver's address cannot be zero\");\n\n uint256 gasPrice = tx.gasprice < maxGasPrice\n ? tx.gasprice\n : maxGasPrice;\n\n uint256 refundAmount = (gasSpent + staticGas) * gasPrice;\n\n /* solhint-disable avoid-low-level-calls */\n // slither-disable-next-line low-level-calls,unchecked-lowlevel\n (bool sent, ) = receiver.call{value: refundAmount}(\"\");\n /* solhint-enable avoid-low-level-calls */\n if (!sent) {\n // slither-disable-next-line reentrancy-events\n emit SendingEtherFailed(refundAmount, receiver);\n }\n }\n\n /// @notice Authorize a contract that can interact with this reimbursment pool.\n /// Can be authorized by the owner only.\n /// @param _contract Authorized contract.\n function authorize(address _contract) external onlyOwner {\n isAuthorized[_contract] = true;\n\n emit AuthorizedContract(_contract);\n }\n\n /// @notice Unauthorize a contract that was previously authorized to interact\n /// with this reimbursment pool. Can be unauthorized by the\n /// owner only.\n /// @param _contract Authorized contract.\n function unauthorize(address _contract) external onlyOwner {\n delete isAuthorized[_contract];\n\n emit UnauthorizedContract(_contract);\n }\n\n /// @notice Setting a static gas cost for executing a transaction. Can be set\n /// by the owner only.\n /// @param _staticGas Static gas cost.\n function setStaticGas(uint256 _staticGas) external onlyOwner {\n staticGas = _staticGas;\n\n emit StaticGasUpdated(_staticGas);\n }\n\n /// @notice Setting a max gas price for transactions. Can be set by the\n /// owner only.\n /// @param _maxGasPrice Max gas price used to reimburse tx submitters.\n function setMaxGasPrice(uint256 _maxGasPrice) external onlyOwner {\n maxGasPrice = _maxGasPrice;\n\n emit MaxGasPriceUpdated(_maxGasPrice);\n }\n\n /// @notice Withdraws all ETH from this pool which are sent to a given\n /// address. Can be set by the owner only.\n /// @param receiver An address where ETH is sent.\n function withdrawAll(address receiver) external onlyOwner {\n withdraw(address(this).balance, receiver);\n }\n\n /// @notice Withdraws ETH amount from this pool which are sent to a given\n /// address. Can be set by the owner only.\n /// @param amount Amount to withdraw from the pool.\n /// @param receiver An address where ETH is sent.\n function withdraw(uint256 amount, address receiver) public onlyOwner {\n require(\n address(this).balance >= amount,\n \"Insufficient contract balance\"\n );\n require(receiver != address(0), \"Receiver's address cannot be zero\");\n\n emit FundsWithdrawn(amount, receiver);\n\n /* solhint-disable avoid-low-level-calls */\n // slither-disable-next-line low-level-calls,arbitrary-send\n (bool sent, ) = receiver.call{value: amount}(\"\");\n /* solhint-enable avoid-low-level-calls */\n require(sent, \"Failed to send Ether\");\n }\n}\n"
247
+ "@keep-network/ecdsa/contracts/libraries/Wallets.sol": {
248
+ "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nlibrary Wallets {\n struct Wallet {\n // Keccak256 hash of group members identifiers array. Group members do not\n // include operators selected by the sortition pool that misbehaved during DKG.\n bytes32 membersIdsHash;\n // Uncompressed ECDSA public key stored as X and Y coordinates (32 bytes each).\n bytes32 publicKeyX;\n bytes32 publicKeyY;\n // This struct doesn't contain `__gap` property as the structure is stored\n // in a mapping, mappings store values in different slots and they are\n // not contiguous with other values.\n }\n\n struct Data {\n // Mapping of keccak256 hashes of wallet public keys to wallet details.\n // Hash of public key is considered an unique wallet identifier.\n mapping(bytes32 => Wallet) registry;\n // Reserved storage space in case we need to add more variables.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[49] __gap;\n }\n\n /// @notice Registers a new wallet.\n /// @dev Uses a public key hash as a unique identifier of a wallet.\n /// @param membersIdsHash Keccak256 hash of group members identifiers array\n /// @param publicKey Uncompressed public key\n /// @return walletID Wallet's ID\n /// @return publicKeyX Wallet's public key's X coordinate\n /// @return publicKeyY Wallet's public key's Y coordinate\n function addWallet(\n Data storage self,\n bytes32 membersIdsHash,\n bytes calldata publicKey\n )\n internal\n returns (\n bytes32 walletID,\n bytes32 publicKeyX,\n bytes32 publicKeyY\n )\n {\n walletID = keccak256(publicKey);\n\n require(\n self.registry[walletID].publicKeyX == bytes32(0),\n \"Wallet with the given public key already exists\"\n );\n require(publicKey.length == 64, \"Invalid length of the public key\");\n\n publicKeyX = bytes32(publicKey[:32]);\n publicKeyY = bytes32(publicKey[32:]);\n\n self.registry[walletID].membersIdsHash = membersIdsHash;\n self.registry[walletID].publicKeyX = publicKeyX;\n self.registry[walletID].publicKeyY = publicKeyY;\n }\n\n /// @notice Deletes wallet with the given ID from the registry. Reverts\n /// if wallet with the given ID has not been registered or if it\n /// has already been closed.\n function deleteWallet(Data storage self, bytes32 walletID) internal {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n delete self.registry[walletID];\n }\n\n /// @notice Checks if a wallet with the given ID is registered.\n /// @param walletID Wallet's ID\n /// @return True if a wallet is registered, false otherwise\n function isWalletRegistered(Data storage self, bytes32 walletID)\n internal\n view\n returns (bool)\n {\n return self.registry[walletID].publicKeyX != bytes32(0);\n }\n\n /// @notice Returns Keccak256 hash of the wallet signing group members\n /// identifiers array. Group members do not include operators\n /// selected by the sortition pool that misbehaved during DKG.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return Wallet signing group members hash\n function getWalletMembersIdsHash(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes32)\n {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n return self.registry[walletID].membersIdsHash;\n }\n\n /// @notice Gets public key of a wallet with the given wallet ID.\n /// The public key is returned as X and Y coordinates.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return x Public key X coordinate\n /// @return y Public key Y coordinate\n function getWalletPublicKeyCoordinates(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes32 x, bytes32 y)\n {\n require(\n isWalletRegistered(self, walletID),\n \"Wallet with the given ID has not been registered\"\n );\n\n Wallet storage wallet = self.registry[walletID];\n\n return (wallet.publicKeyX, wallet.publicKeyY);\n }\n\n /// @notice Gets public key of a wallet with the given wallet ID.\n /// The public key is returned in an uncompressed format as a 64-byte\n /// concatenation of X and Y coordinates.\n /// Reverts if wallet with the given ID is not registered.\n /// @param walletID ID of the wallet\n /// @return Uncompressed public key of the wallet\n function getWalletPublicKey(Data storage self, bytes32 walletID)\n internal\n view\n returns (bytes memory)\n {\n (bytes32 x, bytes32 y) = getWalletPublicKeyCoordinates(self, walletID);\n return bytes.concat(x, y);\n }\n}\n"
255
249
  },
256
- "@openzeppelin/contracts/security/ReentrancyGuard.sol": {
257
- "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (security/ReentrancyGuard.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Contract module that helps prevent reentrant calls to a function.\n *\n * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier\n * available, which can be applied to functions to make sure there are no nested\n * (reentrant) calls to them.\n *\n * Note that because there is a single `nonReentrant` guard, functions marked as\n * `nonReentrant` may not call one another. This can be worked around by making\n * those functions `private`, and then adding `external` `nonReentrant` entry\n * points to them.\n *\n * TIP: If you would like to learn more about reentrancy and alternative ways\n * to protect against it, check out our blog post\n * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].\n */\nabstract contract ReentrancyGuard {\n // Booleans are more expensive than uint256 or any type that takes up a full\n // word because each write operation emits an extra SLOAD to first read the\n // slot's contents, replace the bits taken up by the boolean, and then write\n // back. This is the compiler's defense against contract upgrades and\n // pointer aliasing, and it cannot be disabled.\n\n // The values being non-zero value makes deployment a bit more expensive,\n // but in exchange the refund on every call to nonReentrant will be lower in\n // amount. Since refunds are capped to a percentage of the total\n // transaction's gas, it is best to keep them low in cases like this one, to\n // increase the likelihood of the full refund coming into effect.\n uint256 private constant _NOT_ENTERED = 1;\n uint256 private constant _ENTERED = 2;\n\n uint256 private _status;\n\n constructor() {\n _status = _NOT_ENTERED;\n }\n\n /**\n * @dev Prevents a contract from calling itself, directly or indirectly.\n * Calling a `nonReentrant` function from another `nonReentrant`\n * function is not supported. It is possible to prevent this from happening\n * by making the `nonReentrant` function external, and making it call a\n * `private` function that does the actual work.\n */\n modifier nonReentrant() {\n // On the first call to nonReentrant, _notEntered will be true\n require(_status != _ENTERED, \"ReentrancyGuard: reentrant call\");\n\n // Any calls to nonReentrant after this point will fail\n _status = _ENTERED;\n\n _;\n\n // By storing the original value once again, a refund is triggered (see\n // https://eips.ethereum.org/EIPS/eip-2200)\n _status = _NOT_ENTERED;\n }\n}\n"
250
+ "@keep-network/ecdsa/contracts/libraries/EcdsaAuthorization.sol": {
251
+ "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n//\n\npragma solidity ^0.8.9;\n\nimport \"@keep-network/sortition-pools/contracts/SortitionPool.sol\";\nimport \"@threshold-network/solidity-contracts/contracts/staking/IStaking.sol\";\n\n/// @notice Library managing the state of stake authorizations for ECDSA\n/// operator contract and the presence of operators in the sortition\n/// pool based on the stake authorized for them.\nlibrary EcdsaAuthorization {\n struct Parameters {\n // The minimum authorization required by ECDSA application so that\n // operator can join the sortition pool and do the work.\n uint96 minimumAuthorization;\n // Authorization decrease delay in seconds between the time\n // authorization decrease is requested and the time the authorization\n // decrease can be approved. It is always the same value, no matter if\n // authorization decrease amount is small, significant, or if it is\n // a decrease to zero.\n uint64 authorizationDecreaseDelay;\n // The time period before the authorization decrease delay end,\n // during which the authorization decrease request can be overwritten.\n //\n // When the request is overwritten, the authorization decrease delay is\n // reset.\n //\n // For example, if `authorizationDecraseChangePeriod` is set to 4\n // days, `authorizationDecreaseDelay` is set to 14 days, and someone\n // requested authorization decrease, it means they can not\n // request another decrease for the first 10 days. After 10 days pass,\n // they can request again and overwrite the previous authorization\n // decrease request. The delay time will reset for them and they\n // will have to wait another 10 days to alter it and 14 days to\n // approve it.\n //\n // This value protects against malicious operators who manipulate\n // their weight by overwriting authorization decrease request, and\n // lowering or increasing their eligible stake this way.\n //\n // If set to a value equal to `authorizationDecreaseDelay, it means\n // that authorization decrease request can be always overwritten.\n // If set to zero, it means authorization decrease request can not be\n // overwritten until the delay end, and one needs to wait for the entire\n // authorization decrease delay to approve their decrease and request\n // for another one or to overwrite the pending one.\n //\n // (1) authorization decrease requested timestamp\n // (2) from this moment authorization decrease request can be\n // overwritten\n // (3) from this moment authorization decrease request can be\n // approved, assuming it was NOT overwritten in (2)\n //\n // (1) (2) (3)\n // --x------------------------------x--------------------------x---->\n // | \\________________________/\n // | authorizationDecreaseChangePeriod\n // \\______________________________________________________/\n // authorizationDecreaseDelay\n //\n uint64 authorizationDecreaseChangePeriod;\n // This struct doesn't contain `__gap` property as the structure is\n // stored inside `Data` struct, that already have a gap that can be used\n // on upgrade.\n }\n\n struct AuthorizationDecrease {\n uint96 decreasingBy; // amount\n uint64 decreasingAt; // timestamp\n }\n\n struct Data {\n Parameters parameters;\n mapping(address => address) stakingProviderToOperator;\n mapping(address => address) operatorToStakingProvider;\n mapping(address => AuthorizationDecrease) pendingDecreases;\n // Reserved storage space in case we need to add more variables.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[46] __gap;\n }\n\n event OperatorRegistered(\n address indexed stakingProvider,\n address indexed operator\n );\n\n event AuthorizationIncreased(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount\n );\n\n event AuthorizationDecreaseRequested(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount,\n uint64 decreasingAt\n );\n\n event AuthorizationDecreaseApproved(address indexed stakingProvider);\n\n event InvoluntaryAuthorizationDecreaseFailed(\n address indexed stakingProvider,\n address indexed operator,\n uint96 fromAmount,\n uint96 toAmount\n );\n\n event OperatorJoinedSortitionPool(\n address indexed stakingProvider,\n address indexed operator\n );\n\n event OperatorStatusUpdated(\n address indexed stakingProvider,\n address indexed operator\n );\n\n /// @notice Sets the minimum authorization for ECDSA application. Without\n /// at least the minimum authorization, staking provider is not\n /// eligible to join and operate in the network.\n function setMinimumAuthorization(\n Data storage self,\n uint96 _minimumAuthorization\n ) internal {\n self.parameters.minimumAuthorization = _minimumAuthorization;\n }\n\n /// @notice Sets the authorization decrease delay. It is the time in seconds\n /// that needs to pass between the time authorization decrease is\n /// requested and the time the authorization decrease can be\n /// approved, no matter the authorization decrease amount.\n function setAuthorizationDecreaseDelay(\n Data storage self,\n uint64 _authorizationDecreaseDelay\n ) internal {\n self\n .parameters\n .authorizationDecreaseDelay = _authorizationDecreaseDelay;\n }\n\n /// @notice Sets the authorization decrease change period. It is the time\n /// period before the authorization decrease delay end,\n /// during which the authorization decrease request can be\n /// overwritten.\n function setAuthorizationDecreaseChangePeriod(\n Data storage self,\n uint64 _authorizationDecreaseChangePeriod\n ) internal {\n self\n .parameters\n .authorizationDecreaseChangePeriod = _authorizationDecreaseChangePeriod;\n }\n\n /// @notice Used by staking provider to set operator address that will\n /// operate ECDSA node. The given staking provider can set operator\n /// address only one time. The operator address can not be changed\n /// and must be unique. Reverts if the operator is already set for\n /// the staking provider or if the operator address is already in\n /// use. Reverts if there is a pending authorization decrease for\n /// the staking provider.\n function registerOperator(Data storage self, address operator) internal {\n address stakingProvider = msg.sender;\n\n require(operator != address(0), \"Operator can not be zero address\");\n require(\n self.stakingProviderToOperator[stakingProvider] == address(0),\n \"Operator already set for the staking provider\"\n );\n require(\n self.operatorToStakingProvider[operator] == address(0),\n \"Operator address already in use\"\n );\n\n // Authorization request for a staking provider who has not yet\n // registered their operator can be approved immediately.\n // We need to make sure that the approval happens before operator\n // is registered to do not let the operator join the sortition pool\n // with an unresolved authorization decrease request that can be\n // approved at any point.\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n require(\n decrease.decreasingAt == 0,\n \"There is a pending authorization decrease request\"\n );\n\n emit OperatorRegistered(stakingProvider, operator);\n\n self.stakingProviderToOperator[stakingProvider] = operator;\n self.operatorToStakingProvider[operator] = stakingProvider;\n }\n\n /// @notice Used by T staking contract to inform the application that the\n /// authorized stake amount for the given staking provider increased.\n ///\n /// Reverts if the authorization amount is below the minimum.\n ///\n /// The function is not updating the sortition pool. Sortition pool\n /// state needs to be updated by the operator with a call to\n /// `joinSortitionPool` or `updateOperatorStatus`.\n ///\n /// @dev Should only be callable by T staking contract.\n function authorizationIncreased(\n Data storage self,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n require(\n toAmount >= self.parameters.minimumAuthorization,\n \"Authorization below the minimum\"\n );\n\n // Note that this function does not require the operator address to be\n // set for the given staking provider. This allows the stake owner\n // who is also an authorizer to increase the authorization before the\n // staking provider sets the operator. This allows delegating stake\n // and increasing authorization immediately one after another without\n // having to wait for the staking provider to do their part.\n\n address operator = self.stakingProviderToOperator[stakingProvider];\n emit AuthorizationIncreased(\n stakingProvider,\n operator,\n fromAmount,\n toAmount\n );\n }\n\n /// @notice Used by T staking contract to inform the application that the\n /// authorization decrease for the given staking provider has been\n /// requested.\n ///\n /// Reverts if the amount after deauthorization would be non-zero\n /// and lower than the minimum authorization.\n ///\n /// Reverts if another authorization decrease request is pending for\n /// the staking provider and not enough time passed since the\n /// original request (see `authorizationDecreaseChangePeriod`).\n ///\n /// If the operator is not known (`registerOperator` was not called)\n /// it lets to `approveAuthorizationDecrease` immediately. If the\n /// operator is known (`registerOperator` was called), the operator\n /// needs to update state of the sortition pool with a call to\n /// `joinSortitionPool` or `updateOperatorStatus`. After the\n /// sortition pool state is in sync, authorization decrease delay\n /// starts.\n ///\n /// After authorization decrease delay passes, authorization\n /// decrease request needs to be approved with a call to\n /// `approveAuthorizationDecrease` function.\n ///\n /// If there is a pending authorization decrease request, it is\n /// overwritten, but only if enough time passed since the original\n /// request. Otherwise, the function reverts.\n ///\n /// @dev Should only be callable by T staking contract.\n function authorizationDecreaseRequested(\n Data storage self,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n require(\n toAmount == 0 || toAmount >= self.parameters.minimumAuthorization,\n \"Authorization amount should be 0 or above the minimum\"\n );\n\n address operator = self.stakingProviderToOperator[stakingProvider];\n\n uint64 decreasingAt;\n\n if (operator == address(0)) {\n // Operator is not known. It means `registerOperator` was not\n // called yet, and there is no chance the operator could\n // call `joinSortitionPool`. We can let to approve authorization\n // decrease immediately because that operator was never in the\n // sortition pool.\n\n // solhint-disable-next-line not-rely-on-time\n decreasingAt = uint64(block.timestamp);\n } else {\n // Operator is known. It means that this operator is or was in\n // the sortition pool. Before authorization decrease delay starts,\n // the operator needs to update the state of the sortition pool\n // with a call to `joinSortitionPool` or `updateOperatorStatus`.\n // For now, we set `decreasingAt` as \"never decreasing\" and let\n // it be updated by `joinSortitionPool` or `updateOperatorStatus`\n // once we know the sortition pool is in sync.\n decreasingAt = type(uint64).max;\n }\n\n uint96 decreasingBy = fromAmount - toAmount;\n\n AuthorizationDecrease storage decreaseRequest = self.pendingDecreases[\n stakingProvider\n ];\n\n uint64 pendingDecreaseAt = decreaseRequest.decreasingAt;\n if (pendingDecreaseAt != 0 && pendingDecreaseAt != type(uint64).max) {\n // If there is already a pending authorization decrease request for\n // this staking provider and that request has been activated\n // (sortition pool was updated), require enough time to pass before\n // it can be overwritten.\n require(\n // solhint-disable-next-line not-rely-on-time\n block.timestamp >=\n pendingDecreaseAt -\n self.parameters.authorizationDecreaseChangePeriod,\n \"Not enough time passed since the original request\"\n );\n }\n\n decreaseRequest.decreasingBy = decreasingBy;\n decreaseRequest.decreasingAt = decreasingAt;\n\n emit AuthorizationDecreaseRequested(\n stakingProvider,\n operator,\n fromAmount,\n toAmount,\n decreasingAt\n );\n }\n\n /// @notice Approves the previously registered authorization decrease\n /// request. Reverts if authorization decrease delay have not passed\n /// yet or if the authorization decrease was not requested for the\n /// given staking provider.\n function approveAuthorizationDecrease(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider\n ) internal {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n require(\n decrease.decreasingAt > 0,\n \"Authorization decrease not requested\"\n );\n require(\n decrease.decreasingAt != type(uint64).max,\n \"Authorization decrease request not activated\"\n );\n require(\n // solhint-disable-next-line not-rely-on-time\n block.timestamp >= decrease.decreasingAt,\n \"Authorization decrease delay not passed\"\n );\n\n emit AuthorizationDecreaseApproved(stakingProvider);\n\n // slither-disable-next-line unused-return\n tokenStaking.approveAuthorizationDecrease(stakingProvider);\n delete self.pendingDecreases[stakingProvider];\n }\n\n /// @notice Used by T staking contract to inform the application the\n /// authorization has been decreased for the given staking provider\n /// involuntarily, as a result of slashing.\n ///\n /// If the operator is not known (`registerOperator` was not called)\n /// the function does nothing. The operator was never in a sortition\n /// pool so there is nothing to update.\n ///\n /// If the operator is known, sortition pool is unlocked, and the\n /// operator is in the sortition pool, the sortition pool state is\n /// updated. If the sortition pool is locked, update needs to be\n /// postponed. Every other staker is incentivized to call\n /// `updateOperatorStatus` for the problematic operator to increase\n /// their own rewards in the pool.\n ///\n /// @dev Should only be callable by T staking contract.\n function involuntaryAuthorizationDecrease(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address stakingProvider,\n uint96 fromAmount,\n uint96 toAmount\n ) internal {\n address operator = self.stakingProviderToOperator[stakingProvider];\n\n if (operator == address(0)) {\n // Operator is not known. It means `registerOperator` was not\n // called yet, and there is no chance the operator could\n // call `joinSortitionPool`. We can just ignore this update because\n // operator was never in the sortition pool.\n return;\n } else {\n // Operator is known. It means that this operator is or was in the\n // sortition pool and the sortition pool may need to be updated.\n //\n // If the sortition pool is not locked and the operator is in the\n // sortition pool, we are updating it.\n //\n // To keep stakes synchronized between applications when staking\n // providers are slashed, without the risk of running out of gas,\n // the staking contract queues up slashings and let users process\n // the transactions. When an application slashes one or more staking\n // providers, it adds them to the slashing queue on the staking\n // contract. A queue entry contains the staking provider’s address\n // and the amount they are due to be slashed.\n //\n // When there is at least one staking provider in the slashing\n // queue, any account can submit a transaction processing one or\n // more staking providers' slashings, and collecting a reward for\n // doing so. A queued slashing is processed by updating the staking\n // provider’s stake to the post-slashing amount, updating authorized\n // amount for each affected application, and notifying all affected\n // applications that the staking provider’s authorized stake has\n // been reduced due to slashing.\n //\n // The entire idea is that the process transaction is expensive\n // because each application needs to be updated, so the reward for\n // the processor is hefty and comes from the slashed tokens.\n // Practically, it means that if the sortition pool is unlocked, and\n // can be updated, it should be updated because we already paid\n // someone for updating it.\n //\n // If the sortition pool is locked, update needs to wait. Other\n // sortition pool members are incentivized to call\n // `updateOperatorStatus` for the problematic operator because they\n // will increase their rewards this way.\n if (sortitionPool.isOperatorInPool(operator)) {\n if (sortitionPool.isLocked()) {\n emit InvoluntaryAuthorizationDecreaseFailed(\n stakingProvider,\n operator,\n fromAmount,\n toAmount\n );\n } else {\n updateOperatorStatus(\n self,\n tokenStaking,\n sortitionPool,\n operator\n );\n }\n }\n }\n }\n\n /// @notice Lets the operator join the sortition pool. The operator address\n /// must be known - before calling this function, it has to be\n /// appointed by the staking provider by calling `registerOperator`.\n /// Also, the operator must have the minimum authorization required\n /// by ECDSA. Function reverts if there is no minimum stake\n /// authorized or if the operator is not known. If there was an\n /// authorization decrease requested, it is activated by starting\n /// the authorization decrease delay.\n function joinSortitionPool(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool\n ) internal {\n address operator = msg.sender;\n\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n require(_eligibleStake != 0, \"Authorization below the minimum\");\n\n emit OperatorJoinedSortitionPool(stakingProvider, operator);\n\n sortitionPool.insertOperator(operator, _eligibleStake);\n\n // If there is a pending authorization decrease request, activate it.\n // At this point, the sortition pool state is up to date so the\n // authorization decrease delay can start counting.\n if (decrease.decreasingAt == type(uint64).max) {\n decrease.decreasingAt =\n // solhint-disable-next-line not-rely-on-time\n uint64(block.timestamp) +\n self.parameters.authorizationDecreaseDelay;\n }\n }\n\n /// @notice Updates status of the operator in the sortition pool. If there\n /// was an authorization decrease requested, it is activated by\n /// starting the authorization decrease delay.\n /// Function reverts if the operator is not known.\n function updateOperatorStatus(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address operator\n ) internal {\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n emit OperatorStatusUpdated(stakingProvider, operator);\n\n if (sortitionPool.isOperatorInPool(operator)) {\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n sortitionPool.updateOperatorStatus(operator, _eligibleStake);\n }\n\n // If there is a pending authorization decrease request, activate it.\n // At this point, the sortition pool state is up to date so the\n // authorization decrease delay can start counting.\n if (decrease.decreasingAt == type(uint64).max) {\n decrease.decreasingAt =\n // solhint-disable-next-line not-rely-on-time\n uint64(block.timestamp) +\n self.parameters.authorizationDecreaseDelay;\n }\n }\n\n /// @notice Checks if the operator's authorized stake is in sync with\n /// operator's weight in the sortition pool.\n /// If the operator is not in the sortition pool and their\n /// authorized stake is non-zero, function returns false.\n function isOperatorUpToDate(\n Data storage self,\n IStaking tokenStaking,\n SortitionPool sortitionPool,\n address operator\n ) internal view returns (bool) {\n address stakingProvider = self.operatorToStakingProvider[operator];\n require(stakingProvider != address(0), \"Unknown operator\");\n\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n uint96 _eligibleStake = eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n decrease.decreasingBy\n );\n\n if (!sortitionPool.isOperatorInPool(operator)) {\n return _eligibleStake == 0;\n } else {\n return sortitionPool.isOperatorUpToDate(operator, _eligibleStake);\n }\n }\n\n /// @notice Returns the current value of the staking provider's eligible\n /// stake. Eligible stake is defined as the currently authorized\n /// stake minus the pending authorization decrease. Eligible stake\n /// is what is used for operator's weight in the pool. If the\n /// authorized stake minus the pending authorization decrease is\n /// below the minimum authorization, eligible stake is 0.\n /// @dev This function can be exposed to the public in contrast to the\n /// second variant accepting `decreasingBy` as a parameter.\n function eligibleStake(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider\n ) internal view returns (uint96) {\n return\n eligibleStake(\n self,\n tokenStaking,\n stakingProvider,\n pendingAuthorizationDecrease(self, stakingProvider)\n );\n }\n\n /// @notice Returns the current value of the staking provider's eligible\n /// stake. Eligible stake is defined as the currently authorized\n /// stake minus the pending authorization decrease. Eligible stake\n /// is what is used for operator's weight in the pool. If the\n /// authorized stake minus the pending authorization decrease is\n /// below the minimum authorization, eligible stake is 0.\n /// @dev This function is not intended to be exposes to the public.\n /// `decreasingBy` must be fetched from `pendingDecreases` mapping and\n /// it is passed as a parameter to optimize gas usage of functions that\n /// call `eligibleStake` and need to use `AuthorizationDecrease`\n /// fetched from `pendingDecreases` for some additional logic.\n function eligibleStake(\n Data storage self,\n IStaking tokenStaking,\n address stakingProvider,\n uint96 decreasingBy\n ) internal view returns (uint96) {\n uint96 authorizedStake = tokenStaking.authorizedStake(\n stakingProvider,\n address(this)\n );\n\n uint96 _eligibleStake = authorizedStake > decreasingBy\n ? authorizedStake - decreasingBy\n : 0;\n\n if (_eligibleStake < self.parameters.minimumAuthorization) {\n return 0;\n } else {\n return _eligibleStake;\n }\n }\n\n /// @notice Returns the amount of stake that is pending authorization\n /// decrease for the given staking provider. If no authorization\n /// decrease has been requested, returns zero.\n function pendingAuthorizationDecrease(\n Data storage self,\n address stakingProvider\n ) internal view returns (uint96) {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n return decrease.decreasingBy;\n }\n\n /// @notice Returns the remaining time in seconds that needs to pass before\n /// the requested authorization decrease can be approved.\n /// If the sortition pool state was not updated yet by the operator\n /// after requesting the authorization decrease, returns\n /// `type(uint64).max`.\n function remainingAuthorizationDecreaseDelay(\n Data storage self,\n address stakingProvider\n ) internal view returns (uint64) {\n AuthorizationDecrease storage decrease = self.pendingDecreases[\n stakingProvider\n ];\n\n if (decrease.decreasingAt == type(uint64).max) {\n return type(uint64).max;\n }\n\n // solhint-disable-next-line not-rely-on-time\n uint64 _now = uint64(block.timestamp);\n return _now > decrease.decreasingAt ? 0 : decrease.decreasingAt - _now;\n }\n}\n"
258
252
  },
259
- "@keep-network/random-beacon/contracts/Reimbursable.sol": {
260
- "content": "// SPDX-License-Identifier: MIT\n//\n// ▓▓▌ ▓▓ ▐▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▄\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▌▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓ ▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓ ▐▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▄▄▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▄▄▄▄ ▓▓▓▓▓▓▄▄▄▄ ▐▓▓▓▓▓▌ ▐▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ▐▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▀▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓▀▀▀▀ ▓▓▓▓▓▓▀▀▀▀ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀\n// ▓▓▓▓▓▓ ▀▓▓▓▓▓▓▄ ▐▓▓▓▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓▓ ▓▓▓▓▓ ▐▓▓▓▓▓▌\n// ▓▓▓▓▓▓▓▓▓▓ █▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n// ▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓\n//\n// Trust math, not hardware.\n\npragma solidity ^0.8.9;\n\nimport \"./ReimbursementPool.sol\";\n\nabstract contract Reimbursable {\n // The variable should be initialized by the implementing contract.\n // slither-disable-next-line uninitialized-state\n ReimbursementPool public reimbursementPool;\n\n // Reserved storage space in case we need to add more variables,\n // since there are upgradeable contracts that inherit from this one.\n // See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n // slither-disable-next-line unused-state\n uint256[49] private __gap;\n\n event ReimbursementPoolUpdated(address newReimbursementPool);\n\n modifier refundable(address receiver) {\n uint256 gasStart = gasleft();\n _;\n reimbursementPool.refund(gasStart - gasleft(), receiver);\n }\n\n modifier onlyReimbursableAdmin() virtual {\n _;\n }\n\n function updateReimbursementPool(ReimbursementPool _reimbursementPool)\n external\n onlyReimbursableAdmin\n {\n emit ReimbursementPoolUpdated(address(_reimbursementPool));\n\n reimbursementPool = _reimbursementPool;\n }\n}\n"
253
+ "@threshold-network/solidity-contracts/contracts/staking/IStaking.sol": {
254
+ "content": "// SPDX-License-Identifier: GPL-3.0-or-later\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity 0.8.9;\n\n/// @title Interface of Threshold Network staking contract\n/// @notice The staking contract enables T owners to have their wallets offline\n/// and their stake managed by staking providers on their behalf.\n/// The staking contract does not define operator role. The operator\n/// responsible for running off-chain client software is appointed by\n/// the staking provider in the particular application utilizing the\n/// staking contract. All off-chain client software should be able\n/// to run without exposing operator's or staking provider’s private\n/// key and should not require any owner’s keys at all. The stake\n/// delegation optimizes the network throughput without compromising the\n/// security of the owners’ stake.\ninterface IStaking {\n enum StakeType {\n NU,\n KEEP,\n T\n }\n\n //\n //\n // Delegating a stake\n //\n //\n\n /// @notice Creates a delegation with `msg.sender` owner with the given\n /// staking provider, beneficiary, and authorizer. Transfers the\n /// given amount of T to the staking contract.\n /// @dev The owner of the delegation needs to have the amount approved to\n /// transfer to the staking contract.\n function stake(\n address stakingProvider,\n address payable beneficiary,\n address authorizer,\n uint96 amount\n ) external;\n\n /// @notice Copies delegation from the legacy KEEP staking contract to T\n /// staking contract. No tokens are transferred. Caches the active\n /// stake amount from KEEP staking contract. Can be called by\n /// anyone.\n /// @dev The staking provider in T staking contract is the legacy KEEP\n /// staking contract operator.\n function stakeKeep(address stakingProvider) external;\n\n /// @notice Copies delegation from the legacy NU staking contract to T\n /// staking contract, additionally appointing staking provider,\n /// beneficiary and authorizer roles. Caches the amount staked in NU\n /// staking contract. Can be called only by the original delegation\n /// owner.\n function stakeNu(\n address stakingProvider,\n address payable beneficiary,\n address authorizer\n ) external;\n\n /// @notice Refresh Keep stake owner. Can be called only by the old owner.\n /// @dev The staking provider in T staking contract is the legacy KEEP\n /// staking contract operator.\n function refreshKeepStakeOwner(address stakingProvider) external;\n\n /// @notice Allows the Governance to set the minimum required stake amount.\n /// This amount is required to protect against griefing the staking\n /// contract and individual applications are allowed to require\n /// higher minimum stakes if necessary.\n function setMinimumStakeAmount(uint96 amount) external;\n\n //\n //\n // Authorizing an application\n //\n //\n\n /// @notice Allows the Governance to approve the particular application\n /// before individual stake authorizers are able to authorize it.\n function approveApplication(address application) external;\n\n /// @notice Increases the authorization of the given staking provider for\n /// the given application by the given amount. Can only be called by\n /// the authorizer for that staking provider.\n /// @dev Calls `authorizationIncreased(address stakingProvider, uint256 amount)`\n /// on the given application to notify the application about\n /// authorization change. See `IApplication`.\n function increaseAuthorization(\n address stakingProvider,\n address application,\n uint96 amount\n ) external;\n\n /// @notice Requests decrease of the authorization for the given staking\n /// provider on the given application by the provided amount.\n /// It may not change the authorized amount immediatelly. When\n /// it happens depends on the application. Can only be called by the\n /// given staking provider’s authorizer. Overwrites pending\n /// authorization decrease for the given staking provider and\n /// application.\n /// @dev Calls `authorizationDecreaseRequested(address stakingProvider, uint256 amount)`\n /// on the given application. See `IApplication`.\n function requestAuthorizationDecrease(\n address stakingProvider,\n address application,\n uint96 amount\n ) external;\n\n /// @notice Requests decrease of all authorizations for the given staking\n /// provider on all applications by all authorized amount.\n /// It may not change the authorized amount immediatelly. When\n /// it happens depends on the application. Can only be called by the\n /// given staking provider’s authorizer. Overwrites pending\n /// authorization decrease for the given staking provider and\n /// application.\n /// @dev Calls `authorizationDecreaseRequested(address stakingProvider, uint256 amount)`\n /// for each authorized application. See `IApplication`.\n function requestAuthorizationDecrease(address stakingProvider) external;\n\n /// @notice Called by the application at its discretion to approve the\n /// previously requested authorization decrease request. Can only be\n /// called by the application that was previously requested to\n /// decrease the authorization for that staking provider.\n /// Returns resulting authorized amount for the application.\n function approveAuthorizationDecrease(address stakingProvider)\n external\n returns (uint96);\n\n /// @notice Decreases the authorization for the given `stakingProvider` on\n /// the given disabled `application`, for all authorized amount.\n /// Can be called by anyone.\n function forceDecreaseAuthorization(\n address stakingProvider,\n address application\n ) external;\n\n /// @notice Pauses the given application’s eligibility to slash stakes.\n /// Besides that stakers can't change authorization to the application.\n /// Can be called only by the Panic Button of the particular\n /// application. The paused application can not slash stakes until\n /// it is approved again by the Governance using `approveApplication`\n /// function. Should be used only in case of an emergency.\n function pauseApplication(address application) external;\n\n /// @notice Disables the given application. The disabled application can't\n /// slash stakers. Also stakers can't increase authorization to that\n /// application but can decrease without waiting by calling\n /// `requestAuthorizationDecrease` at any moment. Can be called only\n /// by the governance. The disabled application can't be approved\n /// again. Should be used only in case of an emergency.\n function disableApplication(address application) external;\n\n /// @notice Sets the Panic Button role for the given application to the\n /// provided address. Can only be called by the Governance. If the\n /// Panic Button for the given application should be disabled, the\n /// role address should be set to 0x0 address.\n function setPanicButton(address application, address panicButton) external;\n\n /// @notice Sets the maximum number of applications one staking provider can\n /// have authorized. Used to protect against DoSing slashing queue.\n /// Can only be called by the Governance.\n function setAuthorizationCeiling(uint256 ceiling) external;\n\n //\n //\n // Stake top-up\n //\n //\n\n /// @notice Increases the amount of the stake for the given staking provider.\n /// Can be called only by the owner or the staking provider.\n /// @dev The sender of this transaction needs to have the amount approved to\n /// transfer to the staking contract.\n function topUp(address stakingProvider, uint96 amount) external;\n\n /// @notice Propagates information about stake top-up from the legacy KEEP\n /// staking contract to T staking contract. Can be called only by\n /// the owner or the staking provider.\n function topUpKeep(address stakingProvider) external;\n\n /// @notice Propagates information about stake top-up from the legacy NU\n /// staking contract to T staking contract. Can be called only by\n /// the owner or the staking provider.\n function topUpNu(address stakingProvider) external;\n\n //\n //\n // Undelegating a stake (unstaking)\n //\n //\n\n /// @notice Reduces the liquid T stake amount by the provided amount and\n /// withdraws T to the owner. Reverts if there is at least one\n /// authorization higher than the sum of the legacy stake and\n /// remaining liquid T stake or if the unstake amount is higher than\n /// the liquid T stake amount. Can be called only by the delegation\n /// owner or the staking provider.\n function unstakeT(address stakingProvider, uint96 amount) external;\n\n /// @notice Sets the legacy KEEP staking contract active stake amount cached\n /// in T staking contract to 0. Reverts if the amount of liquid T\n /// staked in T staking contract is lower than the highest\n /// application authorization. This function allows to unstake from\n /// KEEP staking contract and still being able to operate in T\n /// network and earning rewards based on the liquid T staked. Can be\n /// called only by the delegation owner or the staking provider.\n function unstakeKeep(address stakingProvider) external;\n\n /// @notice Reduces cached legacy NU stake amount by the provided amount.\n /// Reverts if there is at least one authorization higher than the\n /// sum of remaining legacy NU stake and liquid T stake for that\n /// staking provider or if the untaked amount is higher than the\n /// cached legacy stake amount. If succeeded, the legacy NU stake\n /// can be partially or fully undelegated on the legacy staking\n /// contract. This function allows to unstake from NU staking\n /// contract and still being able to operate in T network and\n /// earning rewards based on the liquid T staked. Can be called only\n /// by the delegation owner or the staking provider.\n function unstakeNu(address stakingProvider, uint96 amount) external;\n\n /// @notice Sets cached legacy stake amount to 0, sets the liquid T stake\n /// amount to 0 and withdraws all liquid T from the stake to the\n /// owner. Reverts if there is at least one non-zero authorization.\n /// Can be called only by the delegation owner or the staking\n /// provider.\n function unstakeAll(address stakingProvider) external;\n\n //\n //\n // Keeping information in sync\n //\n //\n\n /// @notice Notifies about the discrepancy between legacy KEEP active stake\n /// and the amount cached in T staking contract. Slashes the staking\n /// provider in case the amount cached is higher than the actual\n /// active stake amount in KEEP staking contract. Needs to update\n /// authorizations of all affected applications and execute an\n /// involuntary allocation decrease on all affected applications.\n /// Can be called by anyone, notifier receives a reward.\n function notifyKeepStakeDiscrepancy(address stakingProvider) external;\n\n /// @notice Notifies about the discrepancy between legacy NU active stake\n /// and the amount cached in T staking contract. Slashes the\n /// staking provider in case the amount cached is higher than the\n /// actual active stake amount in NU staking contract. Needs to\n /// update authorizations of all affected applications and execute\n /// an involuntary allocation decrease on all affected applications.\n /// Can be called by anyone, notifier receives a reward.\n function notifyNuStakeDiscrepancy(address stakingProvider) external;\n\n /// @notice Sets the penalty amount for stake discrepancy and reward\n /// multiplier for reporting it. The penalty is seized from the\n /// delegated stake, and 5% of the penalty, scaled by the\n /// multiplier, is given to the notifier. The rest of the tokens are\n /// burned. Can only be called by the Governance. See `seize` function.\n function setStakeDiscrepancyPenalty(\n uint96 penalty,\n uint256 rewardMultiplier\n ) external;\n\n /// @notice Sets reward in T tokens for notification of misbehaviour\n /// of one staking provider. Can only be called by the governance.\n function setNotificationReward(uint96 reward) external;\n\n /// @notice Transfer some amount of T tokens as reward for notifications\n /// of misbehaviour\n function pushNotificationReward(uint96 reward) external;\n\n /// @notice Withdraw some amount of T tokens from notifiers treasury.\n /// Can only be called by the governance.\n function withdrawNotificationReward(address recipient, uint96 amount)\n external;\n\n /// @notice Adds staking providers to the slashing queue along with the\n /// amount that should be slashed from each one of them. Can only be\n /// called by application authorized for all staking providers in\n /// the array.\n function slash(uint96 amount, address[] memory stakingProviders) external;\n\n /// @notice Adds staking providers to the slashing queue along with the\n /// amount. The notifier will receive reward per each staking\n /// provider from notifiers treasury. Can only be called by\n /// application authorized for all staking providers in the array.\n function seize(\n uint96 amount,\n uint256 rewardMultipier,\n address notifier,\n address[] memory stakingProviders\n ) external;\n\n /// @notice Takes the given number of queued slashing operations and\n /// processes them. Receives 5% of the slashed amount.\n /// Executes `involuntaryAllocationDecrease` function on each\n /// affected application.\n function processSlashing(uint256 count) external;\n\n //\n //\n // Auxiliary functions\n //\n //\n\n /// @notice Returns the authorized stake amount of the staking provider for\n /// the application.\n function authorizedStake(address stakingProvider, address application)\n external\n view\n returns (uint96);\n\n /// @notice Returns staked amount of T, Keep and Nu for the specified\n /// staking provider.\n /// @dev All values are in T denomination\n function stakes(address stakingProvider)\n external\n view\n returns (\n uint96 tStake,\n uint96 keepInTStake,\n uint96 nuInTStake\n );\n\n /// @notice Returns start staking timestamp.\n /// @dev This value is set at most once.\n function getStartStakingTimestamp(address stakingProvider)\n external\n view\n returns (uint256);\n\n /// @notice Returns staked amount of NU for the specified staking provider.\n function stakedNu(address stakingProvider) external view returns (uint256);\n\n /// @notice Gets the stake owner, the beneficiary and the authorizer\n /// for the specified staking provider address.\n /// @return owner Stake owner address.\n /// @return beneficiary Beneficiary address.\n /// @return authorizer Authorizer address.\n function rolesOf(address stakingProvider)\n external\n view\n returns (\n address owner,\n address payable beneficiary,\n address authorizer\n );\n\n /// @notice Returns length of application array\n function getApplicationsLength() external view returns (uint256);\n\n /// @notice Returns length of slashing queue\n function getSlashingQueueLength() external view returns (uint256);\n\n /// @notice Returns minimum possible stake for T, KEEP or NU in T\n /// denomination.\n /// @dev For example, suppose the given staking provider has 10 T, 20 T\n /// worth of KEEP, and 30 T worth of NU all staked, and the maximum\n /// application authorization is 40 T, then `getMinStaked` for\n /// that staking provider returns:\n /// * 0 T if KEEP stake type specified i.e.\n /// min = 40 T max - (10 T + 30 T worth of NU) = 0 T\n /// * 10 T if NU stake type specified i.e.\n /// min = 40 T max - (10 T + 20 T worth of KEEP) = 10 T\n /// * 0 T if T stake type specified i.e.\n /// min = 40 T max - (20 T worth of KEEP + 30 T worth of NU) < 0 T\n /// In other words, the minimum stake amount for the specified\n /// stake type is the minimum amount of stake of the given type\n /// needed to satisfy the maximum application authorization given the\n /// staked amounts of the other stake types for that staking provider.\n function getMinStaked(address stakingProvider, StakeType stakeTypes)\n external\n view\n returns (uint96);\n\n /// @notice Returns available amount to authorize for the specified application\n function getAvailableToAuthorize(\n address stakingProvider,\n address application\n ) external view returns (uint96);\n}\n"
255
+ },
256
+ "contracts/hardhat-dependency-compiler/@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol": {
257
+ "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity >0.0.0;\nimport '@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol';\n"
261
258
  },
262
259
  "contracts/bridge/BridgeGovernance.sol": {
263
260
  "content": "// SPDX-License-Identifier: MIT\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity ^0.8.9;\n\nimport \"@openzeppelin/contracts/access/Ownable.sol\";\nimport \"./BridgeGovernanceParameters.sol\";\n\nimport \"./Bridge.sol\";\n\n/// @title Bridge Governance\n/// @notice Owns the `Bridge` contract and is responsible for updating\n/// its governable parameters in respect to governance delay individual\n/// for each parameter. The other responsibility is marking a vault\n/// address as trusted or no longer trusted.\ncontract BridgeGovernance is Ownable {\n using BridgeGovernanceParameters for BridgeGovernanceParameters.DepositData;\n using BridgeGovernanceParameters for BridgeGovernanceParameters.RedemptionData;\n using BridgeGovernanceParameters for BridgeGovernanceParameters.MovingFundsData;\n using BridgeGovernanceParameters for BridgeGovernanceParameters.WalletData;\n using BridgeGovernanceParameters for BridgeGovernanceParameters.FraudData;\n\n BridgeGovernanceParameters.DepositData internal depositData;\n BridgeGovernanceParameters.RedemptionData internal redemptionData;\n BridgeGovernanceParameters.MovingFundsData internal movingFundsData;\n BridgeGovernanceParameters.WalletData internal walletData;\n BridgeGovernanceParameters.FraudData internal fraudData;\n\n Bridge internal bridge;\n\n // Array is used to mitigate the problem with the contract size limit.\n // governanceDelays[0] -> governanceDelay\n // governanceDelays[1] -> newGovernanceDelay\n // governanceDelays[2] -> governanceDelayChangeInitiated\n uint256[3] public governanceDelays;\n\n uint256 public bridgeGovernanceTransferChangeInitiated;\n address internal newBridgeGovernance;\n\n // We skip emitting event on *Update to go down with the contract size\n // limit. The reason why we leave *Started but not including *Updated is\n // because Bridge governance transferred event can also be read from the\n // Governable bridge contract 'GovernanceTransferred(old, new)'.\n event BridgeGovernanceTransferStarted(\n address newBridgeGovernance,\n uint256 timestamp\n );\n\n event DepositDustThresholdUpdateStarted(\n uint64 newDepositDustThreshold,\n uint256 timestamp\n );\n event DepositDustThresholdUpdated(uint64 depositDustThreshold);\n\n event DepositTreasuryFeeDivisorUpdateStarted(\n uint64 depositTreasuryFeeDivisor,\n uint256 timestamp\n );\n event DepositTreasuryFeeDivisorUpdated(uint64 depositTreasuryFeeDivisor);\n\n event DepositTxMaxFeeUpdateStarted(\n uint64 newDepositTxMaxFee,\n uint256 timestamp\n );\n event DepositTxMaxFeeUpdated(uint64 depositTxMaxFee);\n\n event RedemptionDustThresholdUpdateStarted(\n uint64 newRedemptionDustThreshold,\n uint256 timestamp\n );\n event RedemptionDustThresholdUpdated(uint64 redemptionDustThreshold);\n\n event RedemptionTreasuryFeeDivisorUpdateStarted(\n uint64 newRedemptionTreasuryFeeDivisor,\n uint256 timestamp\n );\n event RedemptionTreasuryFeeDivisorUpdated(\n uint64 redemptionTreasuryFeeDivisor\n );\n\n event RedemptionTxMaxFeeUpdateStarted(\n uint64 newRedemptionTxMaxFee,\n uint256 timestamp\n );\n event RedemptionTxMaxFeeUpdated(uint64 redemptionTxMaxFee);\n\n event RedemptionTimeoutUpdateStarted(\n uint32 newRedemptionTimeout,\n uint256 timestamp\n );\n event RedemptionTimeoutUpdated(uint32 redemptionTimeout);\n\n event RedemptionTimeoutSlashingAmountUpdateStarted(\n uint96 newRedemptionTimeoutSlashingAmount,\n uint256 timestamp\n );\n event RedemptionTimeoutSlashingAmountUpdated(\n uint96 redemptionTimeoutSlashingAmount\n );\n\n event RedemptionTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newRedemptionTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event RedemptionTimeoutNotifierRewardMultiplierUpdated(\n uint32 redemptionTimeoutNotifierRewardMultiplier\n );\n\n event MovingFundsTxMaxTotalFeeUpdateStarted(\n uint64 newMovingFundsTxMaxTotalFee,\n uint256 timestamp\n );\n event MovingFundsTxMaxTotalFeeUpdated(uint64 movingFundsTxMaxTotalFee);\n\n event MovingFundsDustThresholdUpdateStarted(\n uint64 newMovingFundsDustThreshold,\n uint256 timestamp\n );\n event MovingFundsDustThresholdUpdated(uint64 movingFundsDustThreshold);\n\n event MovingFundsTimeoutResetDelayUpdateStarted(\n uint32 newMovingFundsTimeoutResetDelay,\n uint256 timestamp\n );\n event MovingFundsTimeoutResetDelayUpdated(\n uint32 movingFundsTimeoutResetDelay\n );\n\n event MovingFundsTimeoutUpdateStarted(\n uint32 newMovingFundsTimeout,\n uint256 timestamp\n );\n event MovingFundsTimeoutUpdated(uint32 movingFundsTimeout);\n\n event MovingFundsTimeoutSlashingAmountUpdateStarted(\n uint96 newMovingFundsTimeoutSlashingAmount,\n uint256 timestamp\n );\n event MovingFundsTimeoutSlashingAmountUpdated(\n uint96 movingFundsTimeoutSlashingAmount\n );\n\n event MovingFundsTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newMovingFundsTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event MovingFundsTimeoutNotifierRewardMultiplierUpdated(\n uint32 movingFundsTimeoutNotifierRewardMultiplier\n );\n\n event MovedFundsSweepTxMaxTotalFeeUpdateStarted(\n uint64 newMovedFundsSweepTxMaxTotalFee,\n uint256 timestamp\n );\n event MovedFundsSweepTxMaxTotalFeeUpdated(\n uint64 movedFundsSweepTxMaxTotalFee\n );\n\n event MovedFundsSweepTimeoutUpdateStarted(\n uint32 newMovedFundsSweepTimeout,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutUpdated(uint32 movedFundsSweepTimeout);\n\n event MovedFundsSweepTimeoutSlashingAmountUpdateStarted(\n uint96 newMovedFundsSweepTimeoutSlashingAmount,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutSlashingAmountUpdated(\n uint96 movedFundsSweepTimeoutSlashingAmount\n );\n\n event MovedFundsSweepTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newMovedFundsSweepTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutNotifierRewardMultiplierUpdated(\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n\n event WalletCreationPeriodUpdateStarted(\n uint32 newWalletCreationPeriod,\n uint256 timestamp\n );\n event WalletCreationPeriodUpdated(uint32 walletCreationPeriod);\n\n event WalletCreationMinBtcBalanceUpdateStarted(\n uint64 newWalletCreationMinBtcBalance,\n uint256 timestamp\n );\n event WalletCreationMinBtcBalanceUpdated(\n uint64 walletCreationMinBtcBalance\n );\n\n event WalletCreationMaxBtcBalanceUpdateStarted(\n uint64 newWalletCreationMaxBtcBalance,\n uint256 timestamp\n );\n event WalletCreationMaxBtcBalanceUpdated(\n uint64 walletCreationMaxBtcBalance\n );\n\n event WalletClosureMinBtcBalanceUpdateStarted(\n uint64 newWalletClosureMinBtcBalance,\n uint256 timestamp\n );\n event WalletClosureMinBtcBalanceUpdated(uint64 walletClosureMinBtcBalance);\n\n event WalletMaxAgeUpdateStarted(uint32 newWalletMaxAge, uint256 timestamp);\n event WalletMaxAgeUpdated(uint32 walletMaxAge);\n\n event WalletMaxBtcTransferUpdateStarted(\n uint64 newWalletMaxBtcTransfer,\n uint256 timestamp\n );\n event WalletMaxBtcTransferUpdated(uint64 walletMaxBtcTransfer);\n\n event WalletClosingPeriodUpdateStarted(\n uint32 newWalletClosingPeriod,\n uint256 timestamp\n );\n event WalletClosingPeriodUpdated(uint32 walletClosingPeriod);\n\n event FraudChallengeDepositAmountUpdateStarted(\n uint96 newFraudChallengeDepositAmount,\n uint256 timestamp\n );\n event FraudChallengeDepositAmountUpdated(\n uint96 fraudChallengeDepositAmount\n );\n\n event FraudChallengeDefeatTimeoutUpdateStarted(\n uint32 newFraudChallengeDefeatTimeout,\n uint256 timestamp\n );\n event FraudChallengeDefeatTimeoutUpdated(\n uint32 fraudChallengeDefeatTimeout\n );\n\n event FraudSlashingAmountUpdateStarted(\n uint96 newFraudSlashingAmount,\n uint256 timestamp\n );\n event FraudSlashingAmountUpdated(uint96 fraudSlashingAmount);\n\n event FraudNotifierRewardMultiplierUpdateStarted(\n uint32 newFraudNotifierRewardMultiplier,\n uint256 timestamp\n );\n event FraudNotifierRewardMultiplierUpdated(\n uint32 fraudNotifierRewardMultiplier\n );\n\n constructor(Bridge _bridge, uint256 _governanceDelay) {\n bridge = _bridge;\n governanceDelays[0] = _governanceDelay;\n }\n\n /// @notice Allows the Governance to mark the given vault address as trusted\n /// or no longer trusted. Vaults are not trusted by default.\n /// Trusted vault must meet the following criteria:\n /// - `IVault.receiveBalanceIncrease` must have a known, low gas\n /// cost,\n /// - `IVault.receiveBalanceIncrease` must never revert.\n /// @param vault The address of the vault.\n /// @param isTrusted flag indicating whether the vault is trusted or not.\n function setVaultStatus(address vault, bool isTrusted) external onlyOwner {\n bridge.setVaultStatus(vault, isTrusted);\n }\n\n /// @notice Begins the governance delay update process.\n /// @dev Can be called only by the contract owner. The event that informs about\n /// the start of the governance delay was skipped on purpose to trim\n /// the contract size. All the params inside of the `governanceDelays`\n /// array are public and can be easily fetched.\n /// @param _newGovernanceDelay New governance delay\n function beginGovernanceDelayUpdate(uint256 _newGovernanceDelay)\n external\n onlyOwner\n {\n governanceDelays[1] = _newGovernanceDelay;\n /* solhint-disable not-rely-on-time */\n governanceDelays[2] = block.timestamp;\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the governance delay update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses. Updated event was skipped on purpose to trim the\n /// contract size. All the params inside of the `governanceDelays`\n /// array are public and can be easily fetched.\n function finalizeGovernanceDelayUpdate() external onlyOwner {\n require(governanceDelays[2] > 0, \"Change not initiated\");\n /* solhint-disable not-rely-on-time */\n require(\n block.timestamp - governanceDelays[2] > governanceDelay(),\n \"Governance delay has not elapsed\"\n );\n /* solhint-enable not-rely-on-time */\n governanceDelays[0] = governanceDelays[1];\n governanceDelays[1] = 0;\n governanceDelays[2] = 0;\n }\n\n /// @notice Begins the Bridge governance transfer process.\n /// @dev Can be called only by the contract owner. It is the governance\n /// responsibility to validate the correctness of the new Bridge\n /// Governance contract. The other reason for not adding this check is\n /// to go down with the contract size and leaving only the essential code.\n function beginBridgeGovernanceTransfer(address _newBridgeGovernance)\n external\n onlyOwner\n {\n // slither-disable-next-line missing-zero-check\n newBridgeGovernance = _newBridgeGovernance;\n /* solhint-disable not-rely-on-time */\n bridgeGovernanceTransferChangeInitiated = block.timestamp;\n emit BridgeGovernanceTransferStarted(\n _newBridgeGovernance,\n bridgeGovernanceTransferChangeInitiated\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the bridge governance transfer process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses. Bridge governance trannsferred event can be read\n /// from the Governable bridge contract 'GovernanceTransferred(old, new)'.\n /// Event that informs about the transfer in this function is skipped on\n /// purpose to go down with the contract size.\n function finalizeBridgeGovernanceTransfer() external onlyOwner {\n require(\n bridgeGovernanceTransferChangeInitiated > 0,\n \"Change not initiated\"\n );\n /* solhint-disable not-rely-on-time */\n require(\n block.timestamp - bridgeGovernanceTransferChangeInitiated >=\n governanceDelay(),\n \"Governance delay has not elapsed\"\n );\n /* solhint-enable not-rely-on-time */\n // slither-disable-next-line reentrancy-no-eth\n bridge.transferGovernance(newBridgeGovernance);\n bridgeGovernanceTransferChangeInitiated = 0;\n newBridgeGovernance = address(0);\n }\n\n // --- Deposit\n\n /// @notice Begins the deposit dust threshold amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositDustThreshold New deposit dust threshold amount.\n function beginDepositDustThresholdUpdate(uint64 _newDepositDustThreshold)\n external\n onlyOwner\n {\n depositData.beginDepositDustThresholdUpdate(_newDepositDustThreshold);\n }\n\n /// @notice Finalizes the deposit dust threshold amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositDustThresholdUpdate() external onlyOwner {\n (, uint64 depositTreasuryFeeDivisor, uint64 depositTxMaxFee) = bridge\n .depositParameters();\n bridge.updateDepositParameters(\n depositData.getNewDepositDustThreshold(),\n depositTreasuryFeeDivisor,\n depositTxMaxFee\n );\n depositData.finalizeDepositDustThresholdUpdate(governanceDelay());\n }\n\n /// @notice Begins the deposit treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositTreasuryFeeDivisor New deposit treasury fee divisor.\n function beginDepositTreasuryFeeDivisorUpdate(\n uint64 _newDepositTreasuryFeeDivisor\n ) external onlyOwner {\n depositData.beginDepositTreasuryFeeDivisorUpdate(\n _newDepositTreasuryFeeDivisor\n );\n }\n\n /// @notice Finalizes the deposit treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositTreasuryFeeDivisorUpdate() external onlyOwner {\n (uint64 depositDustThreshold, , uint64 depositTxMaxFee) = bridge\n .depositParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateDepositParameters(\n depositDustThreshold,\n depositData.getNewDepositTreasuryFeeDivisor(),\n depositTxMaxFee\n );\n depositData.finalizeDepositTreasuryFeeDivisorUpdate(governanceDelay());\n }\n\n /// @notice Begins the deposit tx max fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositTxMaxFee New deposit tx max fee.\n function beginDepositTxMaxFeeUpdate(uint64 _newDepositTxMaxFee)\n external\n onlyOwner\n {\n depositData.beginDepositTxMaxFeeUpdate(_newDepositTxMaxFee);\n }\n\n /// @notice Finalizes the deposit tx max fee amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositTxMaxFeeUpdate() external onlyOwner {\n (\n uint64 depositDustThreshold,\n uint64 depositTreasuryFeeDivisor,\n\n ) = bridge.depositParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateDepositParameters(\n depositDustThreshold,\n depositTreasuryFeeDivisor,\n depositData.getNewDepositTxMaxFee()\n );\n depositData.finalizeDepositTxMaxFeeUpdate(governanceDelay());\n }\n\n // --- Redemption\n\n /// @notice Begins the redemption dust threshold amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionDustThreshold New redemption dust threshold.\n function beginRedemptionDustThresholdUpdate(\n uint64 _newRedemptionDustThreshold\n ) external onlyOwner {\n redemptionData.beginRedemptionDustThresholdUpdate(\n _newRedemptionDustThreshold\n );\n }\n\n /// @notice Finalizes the dust threshold amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionDustThresholdUpdate() external onlyOwner {\n (\n ,\n uint64 redemptionTreasuryFeeDivisor,\n uint64 redemptionTxMaxFee,\n uint32 redemptionTimeout,\n uint96 redemptionTimeoutSlashingAmount,\n uint32 redemptionTimeoutNotifierRewardMultiplier\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionData.getNewRedemptionDustThreshold(),\n redemptionTreasuryFeeDivisor,\n redemptionTxMaxFee,\n redemptionTimeout,\n redemptionTimeoutSlashingAmount,\n redemptionTimeoutNotifierRewardMultiplier\n );\n\n redemptionData.finalizeRedemptionDustThresholdUpdate(governanceDelay());\n }\n\n /// @notice Begins the redemption treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTreasuryFeeDivisor New redemption treasury fee divisor.\n function beginRedemptionTreasuryFeeDivisorUpdate(\n uint64 _newRedemptionTreasuryFeeDivisor\n ) external onlyOwner {\n redemptionData.beginRedemptionTreasuryFeeDivisorUpdate(\n _newRedemptionTreasuryFeeDivisor\n );\n }\n\n /// @notice Finalizes the redemption treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTreasuryFeeDivisorUpdate() external onlyOwner {\n (\n uint64 redemptionDustThreshold,\n ,\n uint64 redemptionTxMaxFee,\n uint32 redemptionTimeout,\n uint96 redemptionTimeoutSlashingAmount,\n uint32 redemptionTimeoutNotifierRewardMultiplier\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionDustThreshold,\n redemptionData.getNewRedemptionTreasuryFeeDivisor(),\n redemptionTxMaxFee,\n redemptionTimeout,\n redemptionTimeoutSlashingAmount,\n redemptionTimeoutNotifierRewardMultiplier\n );\n\n redemptionData.finalizeRedemptionTreasuryFeeDivisorUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the redemption tx max fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTxMaxFee New redemption tx max fee.\n function beginRedemptionTxMaxFeeUpdate(uint64 _newRedemptionTxMaxFee)\n external\n onlyOwner\n {\n redemptionData.beginRedemptionTxMaxFeeUpdate(_newRedemptionTxMaxFee);\n }\n\n /// @notice Finalizes the redemption tx max fee amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTxMaxFeeUpdate() external onlyOwner {\n (\n uint64 redemptionDustThreshold,\n uint64 redemptionTreasuryFeeDivisor,\n ,\n uint32 redemptionTimeout,\n uint96 redemptionTimeoutSlashingAmount,\n uint32 redemptionTimeoutNotifierRewardMultiplier\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionDustThreshold,\n redemptionTreasuryFeeDivisor,\n redemptionData.getNewRedemptionTxMaxFee(),\n redemptionTimeout,\n redemptionTimeoutSlashingAmount,\n redemptionTimeoutNotifierRewardMultiplier\n );\n\n redemptionData.finalizeRedemptionTxMaxFeeUpdate(governanceDelay());\n }\n\n /// @notice Begins the redemption timeout amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeout New redemption timeout.\n function beginRedemptionTimeoutUpdate(uint32 _newRedemptionTimeout)\n external\n onlyOwner\n {\n redemptionData.beginRedemptionTimeoutUpdate(_newRedemptionTimeout);\n }\n\n /// @notice Finalizes the redemption timeout amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutUpdate() external onlyOwner {\n (\n uint64 redemptionDustThreshold,\n uint64 redemptionTreasuryFeeDivisor,\n uint64 redemptionTxMaxFee,\n ,\n uint96 redemptionTimeoutSlashingAmount,\n uint32 redemptionTimeoutNotifierRewardMultiplier\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionDustThreshold,\n redemptionTreasuryFeeDivisor,\n redemptionTxMaxFee,\n redemptionData.getNewRedemptionTimeout(),\n redemptionTimeoutSlashingAmount,\n redemptionTimeoutNotifierRewardMultiplier\n );\n\n redemptionData.finalizeRedemptionTimeoutUpdate(governanceDelay());\n }\n\n /// @notice Begins the redemption timeout slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeoutSlashingAmount New redemption timeout slashing\n /// amount.\n function beginRedemptionTimeoutSlashingAmountUpdate(\n uint96 _newRedemptionTimeoutSlashingAmount\n ) external onlyOwner {\n redemptionData.beginRedemptionTimeoutSlashingAmountUpdate(\n _newRedemptionTimeoutSlashingAmount\n );\n }\n\n /// @notice Finalizes the redemption timeout slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutSlashingAmountUpdate()\n external\n onlyOwner\n {\n (\n uint64 redemptionDustThreshold,\n uint64 redemptionTreasuryFeeDivisor,\n uint64 redemptionTxMaxFee,\n uint32 redemptionTimeout,\n ,\n uint32 redemptionTimeoutNotifierRewardMultiplier\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionDustThreshold,\n redemptionTreasuryFeeDivisor,\n redemptionTxMaxFee,\n redemptionTimeout,\n redemptionData.getNewRedemptionTimeoutSlashingAmount(),\n redemptionTimeoutNotifierRewardMultiplier\n );\n\n redemptionData.finalizeRedemptionTimeoutSlashingAmountUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the redemption timeout notifier reward multiplier amount\n /// update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeoutNotifierRewardMultiplier New redemption timeout\n /// notifier reward multiplier.\n function beginRedemptionTimeoutNotifierRewardMultiplierUpdate(\n uint32 _newRedemptionTimeoutNotifierRewardMultiplier\n ) external onlyOwner {\n redemptionData.beginRedemptionTimeoutNotifierRewardMultiplierUpdate(\n _newRedemptionTimeoutNotifierRewardMultiplier\n );\n }\n\n /// @notice Finalizes the redemption timeout notifier reward multiplier amount\n /// update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutNotifierRewardMultiplierUpdate()\n external\n onlyOwner\n {\n (\n uint64 redemptionDustThreshold,\n uint64 redemptionTreasuryFeeDivisor,\n uint64 redemptionTxMaxFee,\n uint32 redemptionTimeout,\n uint96 redemptionTimeoutSlashingAmount,\n\n ) = bridge.redemptionParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateRedemptionParameters(\n redemptionDustThreshold,\n redemptionTreasuryFeeDivisor,\n redemptionTxMaxFee,\n redemptionTimeout,\n redemptionTimeoutSlashingAmount,\n redemptionData.getNewRedemptionTimeoutNotifierRewardMultiplier()\n );\n\n redemptionData.finalizeRedemptionTimeoutNotifierRewardMultiplierUpdate(\n governanceDelay()\n );\n }\n\n // --- Moving funds\n\n /// @notice Begins the moving funds tx max total fee update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTxMaxTotalFee New moving funds tx max total fee.\n function beginMovingFundsTxMaxTotalFeeUpdate(\n uint64 _newMovingFundsTxMaxTotalFee\n ) external onlyOwner {\n movingFundsData.beginMovingFundsTxMaxTotalFeeUpdate(\n _newMovingFundsTxMaxTotalFee\n );\n }\n\n /// @notice Finalizes the moving funds tx max total fee update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTxMaxTotalFeeUpdate() external onlyOwner {\n (\n ,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsData.getNewMovingFundsTxMaxTotalFee(),\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovingFundsTxMaxTotalFeeUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moving funds dust threshold update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsDustThreshold New moving funds dust threshold.\n function beginMovingFundsDustThresholdUpdate(\n uint64 _newMovingFundsDustThreshold\n ) external onlyOwner {\n movingFundsData.beginMovingFundsDustThresholdUpdate(\n _newMovingFundsDustThreshold\n );\n }\n\n /// @notice Finalizes the moving funds dust threshold update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsDustThresholdUpdate() external onlyOwner {\n (\n uint64 movingFundsTxMaxTotalFee,\n ,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsData.getNewMovingFundsDustThreshold(),\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovingFundsDustThresholdUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moving funds timeout reset delay update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutResetDelay New moving funds timeout reset\n /// delay.\n function beginMovingFundsTimeoutResetDelayUpdate(\n uint32 _newMovingFundsTimeoutResetDelay\n ) external onlyOwner {\n movingFundsData.beginMovingFundsTimeoutResetDelayUpdate(\n _newMovingFundsTimeoutResetDelay\n );\n }\n\n /// @notice Finalizes the moving funds timeout reset delay update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutResetDelayUpdate() external onlyOwner {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n ,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsData.getNewMovingFundsTimeoutResetDelay(),\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovingFundsTimeoutResetDelayUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moving funds timeout update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeout New moving funds timeout.\n function beginMovingFundsTimeoutUpdate(uint32 _newMovingFundsTimeout)\n external\n onlyOwner\n {\n movingFundsData.beginMovingFundsTimeoutUpdate(_newMovingFundsTimeout);\n }\n\n /// @notice Finalizes the moving funds timeout update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutUpdate() external onlyOwner {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n ,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsData.getNewMovingFundsTimeout(),\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovingFundsTimeoutUpdate(governanceDelay());\n }\n\n /// @notice Begins the moving funds timeout slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutSlashingAmount New moving funds timeout\n /// slashing amount.\n function beginMovingFundsTimeoutSlashingAmountUpdate(\n uint96 _newMovingFundsTimeoutSlashingAmount\n ) external onlyOwner {\n movingFundsData.beginMovingFundsTimeoutSlashingAmountUpdate(\n _newMovingFundsTimeoutSlashingAmount\n );\n }\n\n /// @notice Finalizes the moving funds timeout slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutSlashingAmountUpdate()\n external\n onlyOwner\n {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n ,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsData.getNewMovingFundsTimeoutSlashingAmount(),\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovingFundsTimeoutSlashingAmountUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moving funds timeout notifier reward multiplier update\n /// process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutNotifierRewardMultiplier New moving funds\n /// timeout notifier reward multiplier.\n function beginMovingFundsTimeoutNotifierRewardMultiplierUpdate(\n uint32 _newMovingFundsTimeoutNotifierRewardMultiplier\n ) external onlyOwner {\n movingFundsData.beginMovingFundsTimeoutNotifierRewardMultiplierUpdate(\n _newMovingFundsTimeoutNotifierRewardMultiplier\n );\n }\n\n /// @notice Finalizes the moving funds timeout notifier reward multiplier\n /// update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutNotifierRewardMultiplierUpdate()\n external\n onlyOwner\n {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n ,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsData.getNewMovingFundsTimeoutNotifierRewardMultiplier(),\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData\n .finalizeMovingFundsTimeoutNotifierRewardMultiplierUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moved funds sweep tx max total fee update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTxMaxTotalFee New moved funds sweep tx max total\n /// fee.\n function beginMovedFundsSweepTxMaxTotalFeeUpdate(\n uint64 _newMovedFundsSweepTxMaxTotalFee\n ) external onlyOwner {\n movingFundsData.beginMovedFundsSweepTxMaxTotalFeeUpdate(\n _newMovedFundsSweepTxMaxTotalFee\n );\n }\n\n /// @notice Finalizes the moved funds sweep tx max total fee update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTxMaxTotalFeeUpdate() external onlyOwner {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n ,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movingFundsData.getNewMovedFundsSweepTxMaxTotalFee(),\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovedFundsSweepTxMaxTotalFeeUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moved funds sweep timeout update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeout New moved funds sweep timeout.\n function beginMovedFundsSweepTimeoutUpdate(\n uint32 _newMovedFundsSweepTimeout\n ) external onlyOwner {\n movingFundsData.beginMovedFundsSweepTimeoutUpdate(\n _newMovedFundsSweepTimeout\n );\n }\n\n /// @notice Finalizes the moved funds sweep timeout update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutUpdate() external onlyOwner {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n ,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movingFundsData.getNewMovedFundsSweepTimeout(),\n movedFundsSweepTimeoutSlashingAmount,\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovedFundsSweepTimeoutUpdate(governanceDelay());\n }\n\n /// @notice Begins the moved funds sweep timeout slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeoutSlashingAmount New moved funds sweep\n /// timeout slashing amount.\n function beginMovedFundsSweepTimeoutSlashingAmountUpdate(\n uint96 _newMovedFundsSweepTimeoutSlashingAmount\n ) external onlyOwner {\n movingFundsData.beginMovedFundsSweepTimeoutSlashingAmountUpdate(\n _newMovedFundsSweepTimeoutSlashingAmount\n );\n }\n\n /// @notice Finalizes the moved funds sweep timeout slashing amount update\n /// process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutSlashingAmountUpdate()\n external\n onlyOwner\n {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n ,\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n ) = bridge.movingFundsParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movingFundsData.getNewMovedFundsSweepTimeoutSlashingAmount(),\n movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n movingFundsData.finalizeMovedFundsSweepTimeoutSlashingAmountUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Begins the moved funds sweep timeout notifier reward multiplier\n /// update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeoutNotifierRewardMultiplier New moved funds\n /// sweep timeout notifier reward multiplier.\n function beginMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate(\n uint32 _newMovedFundsSweepTimeoutNotifierRewardMultiplier\n ) external onlyOwner {\n movingFundsData\n .beginMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate(\n _newMovedFundsSweepTimeoutNotifierRewardMultiplier\n );\n }\n\n /// @notice Finalizes the moved funds sweep timeout notifier reward multiplier\n /// update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate()\n external\n onlyOwner\n {\n (\n uint64 movingFundsTxMaxTotalFee,\n uint64 movingFundsDustThreshold,\n uint32 movingFundsTimeoutResetDelay,\n uint32 movingFundsTimeout,\n uint96 movingFundsTimeoutSlashingAmount,\n uint32 movingFundsTimeoutNotifierRewardMultiplier,\n uint64 movedFundsSweepTxMaxTotalFee,\n uint32 movedFundsSweepTimeout,\n uint96 movedFundsSweepTimeoutSlashingAmount,\n\n ) = bridge.movingFundsParameters();\n bridge.updateMovingFundsParameters(\n movingFundsTxMaxTotalFee,\n movingFundsDustThreshold,\n movingFundsTimeoutResetDelay,\n movingFundsTimeout,\n movingFundsTimeoutSlashingAmount,\n movingFundsTimeoutNotifierRewardMultiplier,\n movedFundsSweepTxMaxTotalFee,\n movedFundsSweepTimeout,\n movedFundsSweepTimeoutSlashingAmount,\n movingFundsData\n .getNewMovedFundsSweepTimeoutNotifierRewardMultiplier()\n );\n movingFundsData\n .finalizeMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate(\n governanceDelay()\n );\n }\n\n // --- Wallet creation\n\n /// @notice Begins the wallet creation period update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationPeriod New wallet creation period.\n function beginWalletCreationPeriodUpdate(uint32 _newWalletCreationPeriod)\n external\n onlyOwner\n {\n walletData.beginWalletCreationPeriodUpdate(_newWalletCreationPeriod);\n }\n\n /// @notice Finalizes the wallet creation period update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationPeriodUpdate() external onlyOwner {\n (\n ,\n uint64 walletCreationMinBtcBalance,\n uint64 walletCreationMaxBtcBalance,\n uint64 walletClosureMinBtcBalance,\n uint32 walletMaxAge,\n uint64 walletMaxBtcTransfer,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletData.getNewWalletCreationPeriod(),\n walletCreationMinBtcBalance,\n walletCreationMaxBtcBalance,\n walletClosureMinBtcBalance,\n walletMaxAge,\n walletMaxBtcTransfer,\n walletClosingPeriod\n );\n walletData.finalizeWalletCreationPeriodUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet creation min btc balance update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationMinBtcBalance New wallet creation min btc balance.\n function beginWalletCreationMinBtcBalanceUpdate(\n uint64 _newWalletCreationMinBtcBalance\n ) external onlyOwner {\n walletData.beginWalletCreationMinBtcBalanceUpdate(\n _newWalletCreationMinBtcBalance\n );\n }\n\n /// @notice Finalizes the wallet creation min btc balance update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationMinBtcBalanceUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n ,\n uint64 walletCreationMaxBtcBalance,\n uint64 walletClosureMinBtcBalance,\n uint32 walletMaxAge,\n uint64 walletMaxBtcTransfer,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletData.getNewWalletCreationMinBtcBalance(),\n walletCreationMaxBtcBalance,\n walletClosureMinBtcBalance,\n walletMaxAge,\n walletMaxBtcTransfer,\n walletClosingPeriod\n );\n walletData.finalizeWalletCreationMinBtcBalanceUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet creation max btc balance update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationMaxBtcBalance New wallet creation max btc\n /// balance.\n function beginWalletCreationMaxBtcBalanceUpdate(\n uint64 _newWalletCreationMaxBtcBalance\n ) external onlyOwner {\n walletData.beginWalletCreationMaxBtcBalanceUpdate(\n _newWalletCreationMaxBtcBalance\n );\n }\n\n /// @notice Finalizes the wallet creation max btc balance update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationMaxBtcBalanceUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n uint64 walletCreationMinBtcBalance,\n ,\n uint64 walletClosureMinBtcBalance,\n uint32 walletMaxAge,\n uint64 walletMaxBtcTransfer,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletCreationMinBtcBalance,\n walletData.getNewWalletCreationMaxBtcBalance(),\n walletClosureMinBtcBalance,\n walletMaxAge,\n walletMaxBtcTransfer,\n walletClosingPeriod\n );\n walletData.finalizeWalletCreationMaxBtcBalanceUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet closure min btc balance update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletClosureMinBtcBalance New wallet closure min btc balance.\n function beginWalletClosureMinBtcBalanceUpdate(\n uint64 _newWalletClosureMinBtcBalance\n ) external onlyOwner {\n walletData.beginWalletClosureMinBtcBalanceUpdate(\n _newWalletClosureMinBtcBalance\n );\n }\n\n /// @notice Finalizes the wallet closure min btc balance update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletClosureMinBtcBalanceUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n uint64 walletCreationMinBtcBalance,\n uint64 walletCreationMaxBtcBalance,\n ,\n uint32 walletMaxAge,\n uint64 walletMaxBtcTransfer,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletCreationMinBtcBalance,\n walletCreationMaxBtcBalance,\n walletData.getNewWalletClosureMinBtcBalance(),\n walletMaxAge,\n walletMaxBtcTransfer,\n walletClosingPeriod\n );\n walletData.finalizeWalletClosureMinBtcBalanceUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet max age update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletMaxAge New wallet max age.\n function beginWalletMaxAgeUpdate(uint32 _newWalletMaxAge)\n external\n onlyOwner\n {\n walletData.beginWalletMaxAgeUpdate(_newWalletMaxAge);\n }\n\n /// @notice Finalizes the wallet max age update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletMaxAgeUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n uint64 walletCreationMinBtcBalance,\n uint64 walletCreationMaxBtcBalance,\n uint64 walletClosureMinBtcBalance,\n ,\n uint64 walletMaxBtcTransfer,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletCreationMinBtcBalance,\n walletCreationMaxBtcBalance,\n walletClosureMinBtcBalance,\n walletData.getNewWalletMaxAge(),\n walletMaxBtcTransfer,\n walletClosingPeriod\n );\n walletData.finalizeWalletMaxAgeUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet max btc transafer amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletMaxBtcTransfer New wallet max btc transfer.\n function beginWalletMaxBtcTransferUpdate(uint64 _newWalletMaxBtcTransfer)\n external\n onlyOwner\n {\n walletData.beginWalletMaxBtcTransferUpdate(_newWalletMaxBtcTransfer);\n }\n\n /// @notice Finalizes the wallet max btc transfer amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletMaxBtcTransferUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n uint64 walletCreationMinBtcBalance,\n uint64 walletCreationMaxBtcBalance,\n uint64 walletClosureMinBtcBalance,\n uint32 walletMaxAge,\n ,\n uint32 walletClosingPeriod\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletCreationMinBtcBalance,\n walletCreationMaxBtcBalance,\n walletClosureMinBtcBalance,\n walletMaxAge,\n walletData.getNewWalletMaxBtcTransfer(),\n walletClosingPeriod\n );\n walletData.finalizeWalletMaxBtcTransferUpdate(governanceDelay());\n }\n\n /// @notice Begins the wallet closing period update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletClosingPeriod New wallet closing period.\n function beginWalletClosingPeriodUpdate(uint32 _newWalletClosingPeriod)\n external\n onlyOwner\n {\n walletData.beginWalletClosingPeriodUpdate(_newWalletClosingPeriod);\n }\n\n /// @notice Finalizes the wallet closing period update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletClosingPeriodUpdate() external onlyOwner {\n (\n uint32 walletCreationPeriod,\n uint64 walletCreationMinBtcBalance,\n uint64 walletCreationMaxBtcBalance,\n uint64 walletClosureMinBtcBalance,\n uint32 walletMaxAge,\n uint64 walletMaxBtcTransfer,\n\n ) = bridge.walletParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateWalletParameters(\n walletCreationPeriod,\n walletCreationMinBtcBalance,\n walletCreationMaxBtcBalance,\n walletClosureMinBtcBalance,\n walletMaxAge,\n walletMaxBtcTransfer,\n walletData.getNewWalletClosingPeriod()\n );\n walletData.finalizeWalletClosingPeriodUpdate(governanceDelay());\n }\n\n // --- Fraud\n\n /// @notice Begins the fraud challenge deposit amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudChallengeDepositAmount New fraud challenge deposit amount.\n function beginFraudChallengeDepositAmountUpdate(\n uint96 _newFraudChallengeDepositAmount\n ) external onlyOwner {\n fraudData.beginFraudChallengeDepositAmountUpdate(\n _newFraudChallengeDepositAmount\n );\n }\n\n /// @notice Finalizes the fraud challenge deposit amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudChallengeDepositAmountUpdate() external onlyOwner {\n (\n ,\n uint32 fraudChallengeDefeatTimeout,\n uint96 fraudSlashingAmount,\n uint32 fraudNotifierRewardMultiplier\n ) = bridge.fraudParameters();\n // slither-disable-next-line reentrancy-no-eth\n bridge.updateFraudParameters(\n fraudData.getNewFraudChallengeDepositAmount(),\n fraudChallengeDefeatTimeout,\n fraudSlashingAmount,\n fraudNotifierRewardMultiplier\n );\n fraudData.finalizeFraudChallengeDepositAmountUpdate(governanceDelay());\n }\n\n /// @notice Begins the fraud challenge defeat timeout update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudChallengeDefeatTimeout New fraud challenge defeat timeout.\n function beginFraudChallengeDefeatTimeoutUpdate(\n uint32 _newFraudChallengeDefeatTimeout\n ) external onlyOwner {\n fraudData.beginFraudChallengeDefeatTimeoutUpdate(\n _newFraudChallengeDefeatTimeout\n );\n }\n\n /// @notice Finalizes the fraud challenge defeat timeout update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudChallengeDefeatTimeoutUpdate() external onlyOwner {\n (\n uint96 fraudChallengeDepositAmount,\n ,\n uint96 fraudSlashingAmount,\n uint32 fraudNotifierRewardMultiplier\n ) = bridge.fraudParameters();\n bridge.updateFraudParameters(\n fraudChallengeDepositAmount,\n fraudData.getNewFraudChallengeDefeatTimeout(),\n fraudSlashingAmount,\n fraudNotifierRewardMultiplier\n );\n fraudData.finalizeFraudChallengeDefeatTimeoutUpdate(governanceDelay());\n }\n\n /// @notice Begins the fraud slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudSlashingAmount New fraud slashing amount.\n function beginFraudSlashingAmountUpdate(uint96 _newFraudSlashingAmount)\n external\n onlyOwner\n {\n fraudData.beginFraudSlashingAmountUpdate(_newFraudSlashingAmount);\n }\n\n /// @notice Finalizes the fraud slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudSlashingAmountUpdate() external onlyOwner {\n (\n uint96 fraudChallengeDepositAmount,\n uint32 fraudChallengeDefeatTimeout,\n ,\n uint32 fraudNotifierRewardMultiplier\n ) = bridge.fraudParameters();\n bridge.updateFraudParameters(\n fraudChallengeDepositAmount,\n fraudChallengeDefeatTimeout,\n fraudData.getNewFraudSlashingAmount(),\n fraudNotifierRewardMultiplier\n );\n fraudData.finalizeFraudSlashingAmountUpdate(governanceDelay());\n }\n\n /// @notice Begins the fraud notifier reward multiplier update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudNotifierRewardMultiplier New fraud notifier reward\n /// multiplier.\n function beginFraudNotifierRewardMultiplierUpdate(\n uint32 _newFraudNotifierRewardMultiplier\n ) external onlyOwner {\n fraudData.beginFraudNotifierRewardMultiplierUpdate(\n _newFraudNotifierRewardMultiplier\n );\n }\n\n /// @notice Finalizes the fraud notifier reward multiplier update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudNotifierRewardMultiplierUpdate() external onlyOwner {\n (\n uint96 fraudChallengeDepositAmount,\n uint32 fraudChallengeDefeatTimeout,\n uint96 fraudSlashingAmount,\n\n ) = bridge.fraudParameters();\n bridge.updateFraudParameters(\n fraudChallengeDepositAmount,\n fraudChallengeDefeatTimeout,\n fraudSlashingAmount,\n fraudData.getNewFraudNotifierRewardMultiplier()\n );\n fraudData.finalizeFraudNotifierRewardMultiplierUpdate(\n governanceDelay()\n );\n }\n\n /// @notice Gets the governance delay parameter.\n function governanceDelay() internal view returns (uint256) {\n return governanceDelays[0];\n }\n}\n"
@@ -265,6 +262,12 @@
265
262
  "contracts/bridge/BridgeGovernanceParameters.sol": {
266
263
  "content": "// SPDX-License-Identifier: MIT\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity ^0.8.9;\n\n/// @title Bridge Governance library for storing updatable parameters.\nlibrary BridgeGovernanceParameters {\n struct DepositData {\n uint64 newDepositDustThreshold;\n uint256 depositDustThresholdChangeInitiated;\n uint64 newDepositTreasuryFeeDivisor;\n uint256 depositTreasuryFeeDivisorChangeInitiated;\n uint64 newDepositTxMaxFee;\n uint256 depositTxMaxFeeChangeInitiated;\n }\n\n struct RedemptionData {\n uint64 newRedemptionDustThreshold;\n uint256 redemptionDustThresholdChangeInitiated;\n uint64 newRedemptionTreasuryFeeDivisor;\n uint256 redemptionTreasuryFeeDivisorChangeInitiated;\n uint64 newRedemptionTxMaxFee;\n uint256 redemptionTxMaxFeeChangeInitiated;\n uint32 newRedemptionTimeout;\n uint256 redemptionTimeoutChangeInitiated;\n uint96 newRedemptionTimeoutSlashingAmount;\n uint256 redemptionTimeoutSlashingAmountChangeInitiated;\n uint32 newRedemptionTimeoutNotifierRewardMultiplier;\n uint256 redemptionTimeoutNotifierRewardMultiplierChangeInitiated;\n }\n\n struct MovingFundsData {\n uint64 newMovingFundsTxMaxTotalFee;\n uint256 movingFundsTxMaxTotalFeeChangeInitiated;\n uint64 newMovingFundsDustThreshold;\n uint256 movingFundsDustThresholdChangeInitiated;\n uint32 newMovingFundsTimeoutResetDelay;\n uint256 movingFundsTimeoutResetDelayChangeInitiated;\n uint32 newMovingFundsTimeout;\n uint256 movingFundsTimeoutChangeInitiated;\n uint96 newMovingFundsTimeoutSlashingAmount;\n uint256 movingFundsTimeoutSlashingAmountChangeInitiated;\n uint32 newMovingFundsTimeoutNotifierRewardMultiplier;\n uint256 movingFundsTimeoutNotifierRewardMultiplierChangeInitiated;\n uint64 newMovedFundsSweepTxMaxTotalFee;\n uint256 movedFundsSweepTxMaxTotalFeeChangeInitiated;\n uint32 newMovedFundsSweepTimeout;\n uint256 movedFundsSweepTimeoutChangeInitiated;\n uint96 newMovedFundsSweepTimeoutSlashingAmount;\n uint256 movedFundsSweepTimeoutSlashingAmountChangeInitiated;\n uint32 newMovedFundsSweepTimeoutNotifierRewardMultiplier;\n uint256 movedFundsSweepTimeoutNotifierRewardMultiplierChangeInitiated;\n }\n\n struct WalletData {\n uint32 newWalletCreationPeriod;\n uint256 walletCreationPeriodChangeInitiated;\n uint64 newWalletCreationMinBtcBalance;\n uint256 walletCreationMinBtcBalanceChangeInitiated;\n uint64 newWalletCreationMaxBtcBalance;\n uint256 walletCreationMaxBtcBalanceChangeInitiated;\n uint64 newWalletClosureMinBtcBalance;\n uint256 walletClosureMinBtcBalanceChangeInitiated;\n uint32 newWalletMaxAge;\n uint256 walletMaxAgeChangeInitiated;\n uint64 newWalletMaxBtcTransfer;\n uint256 walletMaxBtcTransferChangeInitiated;\n uint32 newWalletClosingPeriod;\n uint256 walletClosingPeriodChangeInitiated;\n }\n\n struct FraudData {\n uint96 newFraudChallengeDepositAmount;\n uint256 fraudChallengeDepositAmountChangeInitiated;\n uint32 newFraudChallengeDefeatTimeout;\n uint256 fraudChallengeDefeatTimeoutChangeInitiated;\n uint96 newFraudSlashingAmount;\n uint256 fraudSlashingAmountChangeInitiated;\n uint32 newFraudNotifierRewardMultiplier;\n uint256 fraudNotifierRewardMultiplierChangeInitiated;\n }\n\n event DepositDustThresholdUpdateStarted(\n uint64 newDepositDustThreshold,\n uint256 timestamp\n );\n event DepositDustThresholdUpdated(uint64 depositDustThreshold);\n\n event DepositTreasuryFeeDivisorUpdateStarted(\n uint64 depositTreasuryFeeDivisor,\n uint256 timestamp\n );\n event DepositTreasuryFeeDivisorUpdated(uint64 depositTreasuryFeeDivisor);\n\n event DepositTxMaxFeeUpdateStarted(\n uint64 newDepositTxMaxFee,\n uint256 timestamp\n );\n event DepositTxMaxFeeUpdated(uint64 depositTxMaxFee);\n\n event RedemptionDustThresholdUpdateStarted(\n uint64 newRedemptionDustThreshold,\n uint256 timestamp\n );\n event RedemptionDustThresholdUpdated(uint64 redemptionDustThreshold);\n\n event RedemptionTreasuryFeeDivisorUpdateStarted(\n uint64 newRedemptionTreasuryFeeDivisor,\n uint256 timestamp\n );\n event RedemptionTreasuryFeeDivisorUpdated(\n uint64 redemptionTreasuryFeeDivisor\n );\n\n event RedemptionTxMaxFeeUpdateStarted(\n uint64 newRedemptionTxMaxFee,\n uint256 timestamp\n );\n event RedemptionTxMaxFeeUpdated(uint64 redemptionTxMaxFee);\n\n event RedemptionTimeoutUpdateStarted(\n uint32 newRedemptionTimeout,\n uint256 timestamp\n );\n event RedemptionTimeoutUpdated(uint32 redemptionTimeout);\n\n event RedemptionTimeoutSlashingAmountUpdateStarted(\n uint96 newRedemptionTimeoutSlashingAmount,\n uint256 timestamp\n );\n event RedemptionTimeoutSlashingAmountUpdated(\n uint96 redemptionTimeoutSlashingAmount\n );\n\n event RedemptionTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newRedemptionTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event RedemptionTimeoutNotifierRewardMultiplierUpdated(\n uint32 redemptionTimeoutNotifierRewardMultiplier\n );\n\n event MovingFundsTxMaxTotalFeeUpdateStarted(\n uint64 newMovingFundsTxMaxTotalFee,\n uint256 timestamp\n );\n event MovingFundsTxMaxTotalFeeUpdated(uint64 movingFundsTxMaxTotalFee);\n\n event MovingFundsDustThresholdUpdateStarted(\n uint64 newMovingFundsDustThreshold,\n uint256 timestamp\n );\n event MovingFundsDustThresholdUpdated(uint64 movingFundsDustThreshold);\n\n event MovingFundsTimeoutResetDelayUpdateStarted(\n uint32 newMovingFundsTimeoutResetDelay,\n uint256 timestamp\n );\n event MovingFundsTimeoutResetDelayUpdated(\n uint32 movingFundsTimeoutResetDelay\n );\n\n event MovingFundsTimeoutUpdateStarted(\n uint32 newMovingFundsTimeout,\n uint256 timestamp\n );\n event MovingFundsTimeoutUpdated(uint32 movingFundsTimeout);\n\n event MovingFundsTimeoutSlashingAmountUpdateStarted(\n uint96 newMovingFundsTimeoutSlashingAmount,\n uint256 timestamp\n );\n event MovingFundsTimeoutSlashingAmountUpdated(\n uint96 movingFundsTimeoutSlashingAmount\n );\n\n event MovingFundsTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newMovingFundsTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event MovingFundsTimeoutNotifierRewardMultiplierUpdated(\n uint32 movingFundsTimeoutNotifierRewardMultiplier\n );\n\n event MovedFundsSweepTxMaxTotalFeeUpdateStarted(\n uint64 newMovedFundsSweepTxMaxTotalFee,\n uint256 timestamp\n );\n event MovedFundsSweepTxMaxTotalFeeUpdated(\n uint64 movedFundsSweepTxMaxTotalFee\n );\n\n event MovedFundsSweepTimeoutUpdateStarted(\n uint32 newMovedFundsSweepTimeout,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutUpdated(uint32 movedFundsSweepTimeout);\n\n event MovedFundsSweepTimeoutSlashingAmountUpdateStarted(\n uint96 newMovedFundsSweepTimeoutSlashingAmount,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutSlashingAmountUpdated(\n uint96 movedFundsSweepTimeoutSlashingAmount\n );\n\n event MovedFundsSweepTimeoutNotifierRewardMultiplierUpdateStarted(\n uint32 newMovedFundsSweepTimeoutNotifierRewardMultiplier,\n uint256 timestamp\n );\n event MovedFundsSweepTimeoutNotifierRewardMultiplierUpdated(\n uint32 movedFundsSweepTimeoutNotifierRewardMultiplier\n );\n\n event WalletCreationPeriodUpdateStarted(\n uint32 newWalletCreationPeriod,\n uint256 timestamp\n );\n event WalletCreationPeriodUpdated(uint32 walletCreationPeriod);\n\n event WalletCreationMinBtcBalanceUpdateStarted(\n uint64 newWalletCreationMinBtcBalance,\n uint256 timestamp\n );\n event WalletCreationMinBtcBalanceUpdated(\n uint64 walletCreationMinBtcBalance\n );\n\n event WalletCreationMaxBtcBalanceUpdateStarted(\n uint64 newWalletCreationMaxBtcBalance,\n uint256 timestamp\n );\n event WalletCreationMaxBtcBalanceUpdated(\n uint64 walletCreationMaxBtcBalance\n );\n\n event WalletClosureMinBtcBalanceUpdateStarted(\n uint64 newWalletClosureMinBtcBalance,\n uint256 timestamp\n );\n event WalletClosureMinBtcBalanceUpdated(uint64 walletClosureMinBtcBalance);\n\n event WalletMaxAgeUpdateStarted(uint32 newWalletMaxAge, uint256 timestamp);\n event WalletMaxAgeUpdated(uint32 walletMaxAge);\n\n event WalletMaxBtcTransferUpdateStarted(\n uint64 newWalletMaxBtcTransfer,\n uint256 timestamp\n );\n event WalletMaxBtcTransferUpdated(uint64 walletMaxBtcTransfer);\n\n event WalletClosingPeriodUpdateStarted(\n uint32 newWalletClosingPeriod,\n uint256 timestamp\n );\n event WalletClosingPeriodUpdated(uint32 walletClosingPeriod);\n\n event FraudChallengeDepositAmountUpdateStarted(\n uint96 newFraudChallengeDepositAmount,\n uint256 timestamp\n );\n event FraudChallengeDepositAmountUpdated(\n uint96 fraudChallengeDepositAmount\n );\n\n event FraudChallengeDefeatTimeoutUpdateStarted(\n uint32 newFraudChallengeDefeatTimeout,\n uint256 timestamp\n );\n event FraudChallengeDefeatTimeoutUpdated(\n uint32 fraudChallengeDefeatTimeout\n );\n\n event FraudSlashingAmountUpdateStarted(\n uint96 newFraudSlashingAmount,\n uint256 timestamp\n );\n event FraudSlashingAmountUpdated(uint96 fraudSlashingAmount);\n\n event FraudNotifierRewardMultiplierUpdateStarted(\n uint32 newFraudNotifierRewardMultiplier,\n uint256 timestamp\n );\n event FraudNotifierRewardMultiplierUpdated(\n uint32 fraudNotifierRewardMultiplier\n );\n\n /// @notice Reverts if called before the governance delay elapses.\n /// @param changeInitiatedTimestamp Timestamp indicating the beginning\n /// of the change.\n modifier onlyAfterGovernanceDelay(\n uint256 changeInitiatedTimestamp,\n uint256 governanceDelay\n ) {\n /* solhint-disable not-rely-on-time */\n require(changeInitiatedTimestamp > 0, \"Change not initiated\");\n require(\n block.timestamp - changeInitiatedTimestamp >= governanceDelay,\n \"Governance delay has not elapsed\"\n );\n _;\n /* solhint-enable not-rely-on-time */\n }\n\n // --- Deposit\n\n /// @notice Begins the deposit dust threshold amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositDustThreshold New deposit dust threshold amount.\n function beginDepositDustThresholdUpdate(\n DepositData storage self,\n uint64 _newDepositDustThreshold\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newDepositDustThreshold = _newDepositDustThreshold;\n self.depositDustThresholdChangeInitiated = block.timestamp;\n emit DepositDustThresholdUpdateStarted(\n _newDepositDustThreshold,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the deposit dust threshold amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositDustThresholdUpdate(\n DepositData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.depositDustThresholdChangeInitiated,\n governanceDelay\n )\n {\n emit DepositDustThresholdUpdated(self.newDepositDustThreshold);\n\n self.newDepositDustThreshold = 0;\n self.depositDustThresholdChangeInitiated = 0;\n }\n\n function getNewDepositDustThreshold(DepositData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newDepositDustThreshold;\n }\n\n /// @notice Begins the deposit treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositTreasuryFeeDivisor New deposit treasury fee divisor amount.\n function beginDepositTreasuryFeeDivisorUpdate(\n DepositData storage self,\n uint64 _newDepositTreasuryFeeDivisor\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newDepositTreasuryFeeDivisor = _newDepositTreasuryFeeDivisor;\n self.depositTreasuryFeeDivisorChangeInitiated = block.timestamp;\n emit DepositTreasuryFeeDivisorUpdateStarted(\n _newDepositTreasuryFeeDivisor,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the deposit treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositTreasuryFeeDivisorUpdate(\n DepositData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.depositTreasuryFeeDivisorChangeInitiated,\n governanceDelay\n )\n {\n emit DepositTreasuryFeeDivisorUpdated(\n self.newDepositTreasuryFeeDivisor\n );\n\n self.newDepositTreasuryFeeDivisor = 0;\n self.depositTreasuryFeeDivisorChangeInitiated = 0;\n }\n\n function getNewDepositTreasuryFeeDivisor(DepositData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newDepositTreasuryFeeDivisor;\n }\n\n /// @notice Begins the deposit tx max fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newDepositTxMaxFee New deposit tx max fee amount.\n function beginDepositTxMaxFeeUpdate(\n DepositData storage self,\n uint64 _newDepositTxMaxFee\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newDepositTxMaxFee = _newDepositTxMaxFee;\n self.depositTxMaxFeeChangeInitiated = block.timestamp;\n emit DepositTxMaxFeeUpdateStarted(_newDepositTxMaxFee, block.timestamp);\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the deposit tx max fee amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeDepositTxMaxFeeUpdate(\n DepositData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.depositTxMaxFeeChangeInitiated,\n governanceDelay\n )\n {\n emit DepositTxMaxFeeUpdated(self.newDepositTxMaxFee);\n\n self.newDepositTxMaxFee = 0;\n self.depositTxMaxFeeChangeInitiated = 0;\n }\n\n function getNewDepositTxMaxFee(DepositData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newDepositTxMaxFee;\n }\n\n // --- Redemption\n\n /// @notice Begins the redemption dust threshold amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionDustThreshold New redemption dust threshold amount.\n function beginRedemptionDustThresholdUpdate(\n RedemptionData storage self,\n uint64 _newRedemptionDustThreshold\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newRedemptionDustThreshold = _newRedemptionDustThreshold;\n self.redemptionDustThresholdChangeInitiated = block.timestamp;\n emit RedemptionDustThresholdUpdateStarted(\n _newRedemptionDustThreshold,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption dust threshold amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionDustThresholdUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionDustThresholdChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionDustThresholdUpdated(self.newRedemptionDustThreshold);\n\n self.newRedemptionDustThreshold = 0;\n self.redemptionDustThresholdChangeInitiated = 0;\n }\n\n function getNewRedemptionDustThreshold(RedemptionData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newRedemptionDustThreshold;\n }\n\n /// @notice Begins the redemption treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTreasuryFeeDivisor New redemption treasury fee divisor\n /// amount.\n function beginRedemptionTreasuryFeeDivisorUpdate(\n RedemptionData storage self,\n uint64 _newRedemptionTreasuryFeeDivisor\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newRedemptionTreasuryFeeDivisor = _newRedemptionTreasuryFeeDivisor;\n self.redemptionTreasuryFeeDivisorChangeInitiated = block.timestamp;\n emit RedemptionTreasuryFeeDivisorUpdateStarted(\n _newRedemptionTreasuryFeeDivisor,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption treasury fee divisor amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTreasuryFeeDivisorUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionTreasuryFeeDivisorChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionTreasuryFeeDivisorUpdated(\n self.newRedemptionTreasuryFeeDivisor\n );\n\n self.newRedemptionTreasuryFeeDivisor = 0;\n self.redemptionTreasuryFeeDivisorChangeInitiated = 0;\n }\n\n function getNewRedemptionTreasuryFeeDivisor(RedemptionData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newRedemptionTreasuryFeeDivisor;\n }\n\n /// @notice Begins the redemption tx max fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTxMaxFee New redemption tx max fee amount.\n function beginRedemptionTxMaxFeeUpdate(\n RedemptionData storage self,\n uint64 _newRedemptionTxMaxFee\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newRedemptionTxMaxFee = _newRedemptionTxMaxFee;\n self.redemptionTxMaxFeeChangeInitiated = block.timestamp;\n emit RedemptionTxMaxFeeUpdateStarted(\n _newRedemptionTxMaxFee,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption tx max fee amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTxMaxFeeUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionTxMaxFeeChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionTxMaxFeeUpdated(self.newRedemptionTxMaxFee);\n\n self.newRedemptionTxMaxFee = 0;\n self.redemptionTxMaxFeeChangeInitiated = 0;\n }\n\n function getNewRedemptionTxMaxFee(RedemptionData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newRedemptionTxMaxFee;\n }\n\n /// @notice Begins the redemption timeout amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeout New redemption timeout amount.\n function beginRedemptionTimeoutUpdate(\n RedemptionData storage self,\n uint32 _newRedemptionTimeout\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newRedemptionTimeout = _newRedemptionTimeout;\n self.redemptionTimeoutChangeInitiated = block.timestamp;\n emit RedemptionTimeoutUpdateStarted(\n _newRedemptionTimeout,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption timeout amount update\n /// process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionTimeoutChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionTimeoutUpdated(self.newRedemptionTimeout);\n\n self.newRedemptionTimeout = 0;\n self.redemptionTimeoutChangeInitiated = 0;\n }\n\n function getNewRedemptionTimeout(RedemptionData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newRedemptionTimeout;\n }\n\n /// @notice Begins the redemption timeout slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeoutSlashingAmount New redemption timeout slashing\n /// amount.\n function beginRedemptionTimeoutSlashingAmountUpdate(\n RedemptionData storage self,\n uint96 _newRedemptionTimeoutSlashingAmount\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newRedemptionTimeoutSlashingAmount = _newRedemptionTimeoutSlashingAmount;\n self.redemptionTimeoutSlashingAmountChangeInitiated = block.timestamp;\n emit RedemptionTimeoutSlashingAmountUpdateStarted(\n _newRedemptionTimeoutSlashingAmount,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption timeout slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutSlashingAmountUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionTimeoutSlashingAmountChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionTimeoutSlashingAmountUpdated(\n self.newRedemptionTimeoutSlashingAmount\n );\n\n self.newRedemptionTimeoutSlashingAmount = 0;\n self.redemptionTimeoutSlashingAmountChangeInitiated = 0;\n }\n\n function getNewRedemptionTimeoutSlashingAmount(RedemptionData storage self)\n internal\n view\n returns (uint96)\n {\n return self.newRedemptionTimeoutSlashingAmount;\n }\n\n /// @notice Begins the redemption timeout notifier reward multiplier amount\n /// update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newRedemptionTimeoutNotifierRewardMultiplier New redemption\n /// timeout notifier reward multiplier amount.\n function beginRedemptionTimeoutNotifierRewardMultiplierUpdate(\n RedemptionData storage self,\n uint32 _newRedemptionTimeoutNotifierRewardMultiplier\n ) internal {\n /* solhint-disable not-rely-on-time */\n self\n .newRedemptionTimeoutNotifierRewardMultiplier = _newRedemptionTimeoutNotifierRewardMultiplier;\n self.redemptionTimeoutNotifierRewardMultiplierChangeInitiated = block\n .timestamp;\n emit RedemptionTimeoutNotifierRewardMultiplierUpdateStarted(\n _newRedemptionTimeoutNotifierRewardMultiplier,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the redemption timeout notifier reward multiplier amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeRedemptionTimeoutNotifierRewardMultiplierUpdate(\n RedemptionData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.redemptionTimeoutNotifierRewardMultiplierChangeInitiated,\n governanceDelay\n )\n {\n emit RedemptionTimeoutNotifierRewardMultiplierUpdated(\n self.newRedemptionTimeoutNotifierRewardMultiplier\n );\n\n self.newRedemptionTimeoutNotifierRewardMultiplier = 0;\n self.redemptionTimeoutNotifierRewardMultiplierChangeInitiated = 0;\n }\n\n function getNewRedemptionTimeoutNotifierRewardMultiplier(\n RedemptionData storage self\n ) internal view returns (uint32) {\n return self.newRedemptionTimeoutNotifierRewardMultiplier;\n }\n\n // --- Moving funds\n\n /// @notice Begins the moving funds tx max total fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTxMaxTotalFee New moving funds tx max total fee amount.\n function beginMovingFundsTxMaxTotalFeeUpdate(\n MovingFundsData storage self,\n uint64 _newMovingFundsTxMaxTotalFee\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovingFundsTxMaxTotalFee = _newMovingFundsTxMaxTotalFee;\n self.movingFundsTxMaxTotalFeeChangeInitiated = block.timestamp;\n emit MovingFundsTxMaxTotalFeeUpdateStarted(\n _newMovingFundsTxMaxTotalFee,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds tx max total fee amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTxMaxTotalFeeUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsTxMaxTotalFeeChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsTxMaxTotalFeeUpdated(self.newMovingFundsTxMaxTotalFee);\n\n self.newMovingFundsTxMaxTotalFee = 0;\n self.movingFundsTxMaxTotalFeeChangeInitiated = 0;\n }\n\n function getNewMovingFundsTxMaxTotalFee(MovingFundsData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newMovingFundsTxMaxTotalFee;\n }\n\n /// @notice Begins the moving funds dust threshold amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsDustThreshold New moving funds dust threshold amount.\n function beginMovingFundsDustThresholdUpdate(\n MovingFundsData storage self,\n uint64 _newMovingFundsDustThreshold\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovingFundsDustThreshold = _newMovingFundsDustThreshold;\n self.movingFundsDustThresholdChangeInitiated = block.timestamp;\n emit MovingFundsDustThresholdUpdateStarted(\n _newMovingFundsDustThreshold,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds dust threshold amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsDustThresholdUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsDustThresholdChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsDustThresholdUpdated(self.newMovingFundsDustThreshold);\n\n self.newMovingFundsDustThreshold = 0;\n self.movingFundsDustThresholdChangeInitiated = 0;\n }\n\n function getNewMovingFundsDustThreshold(MovingFundsData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newMovingFundsDustThreshold;\n }\n\n /// @notice Begins the moving funds timeout reset delay amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutResetDelay New moving funds timeout reset\n /// delay amount.\n function beginMovingFundsTimeoutResetDelayUpdate(\n MovingFundsData storage self,\n uint32 _newMovingFundsTimeoutResetDelay\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovingFundsTimeoutResetDelay = _newMovingFundsTimeoutResetDelay;\n self.movingFundsTimeoutResetDelayChangeInitiated = block.timestamp;\n emit MovingFundsTimeoutResetDelayUpdateStarted(\n _newMovingFundsTimeoutResetDelay,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds timeout reset delay amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutResetDelayUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsTimeoutResetDelayChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsTimeoutResetDelayUpdated(\n self.newMovingFundsTimeoutResetDelay\n );\n\n self.newMovingFundsTimeoutResetDelay = 0;\n self.movingFundsTimeoutResetDelayChangeInitiated = 0;\n }\n\n function getNewMovingFundsTimeoutResetDelay(MovingFundsData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newMovingFundsTimeoutResetDelay;\n }\n\n /// @notice Begins the moving funds timeout amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeout New moving funds timeout amount.\n function beginMovingFundsTimeoutUpdate(\n MovingFundsData storage self,\n uint32 _newMovingFundsTimeout\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovingFundsTimeout = _newMovingFundsTimeout;\n self.movingFundsTimeoutChangeInitiated = block.timestamp;\n emit MovingFundsTimeoutUpdateStarted(\n _newMovingFundsTimeout,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds timeout amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsTimeoutChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsTimeoutUpdated(self.newMovingFundsTimeout);\n\n self.newMovingFundsTimeout = 0;\n self.movingFundsTimeoutChangeInitiated = 0;\n }\n\n function getNewMovingFundsTimeout(MovingFundsData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newMovingFundsTimeout;\n }\n\n /// @notice Begins the moving funds timeout slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutSlashingAmount New moving funds timeout slashing amount.\n function beginMovingFundsTimeoutSlashingAmountUpdate(\n MovingFundsData storage self,\n uint96 _newMovingFundsTimeoutSlashingAmount\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newMovingFundsTimeoutSlashingAmount = _newMovingFundsTimeoutSlashingAmount;\n self.movingFundsTimeoutSlashingAmountChangeInitiated = block.timestamp;\n emit MovingFundsTimeoutSlashingAmountUpdateStarted(\n _newMovingFundsTimeoutSlashingAmount,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds timeout slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutSlashingAmountUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsTimeoutSlashingAmountChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsTimeoutSlashingAmountUpdated(\n self.newMovingFundsTimeoutSlashingAmount\n );\n\n self.newMovingFundsTimeoutSlashingAmount = 0;\n self.movingFundsTimeoutSlashingAmountChangeInitiated = 0;\n }\n\n function getNewMovingFundsTimeoutSlashingAmount(\n MovingFundsData storage self\n ) external view returns (uint96) {\n return self.newMovingFundsTimeoutSlashingAmount;\n }\n\n /// @notice Begins the moving funds timeout notifier reward multiplier amount\n /// update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovingFundsTimeoutNotifierRewardMultiplier New moving funds\n /// timeout notifier reward multiplier amount.\n function beginMovingFundsTimeoutNotifierRewardMultiplierUpdate(\n MovingFundsData storage self,\n uint32 _newMovingFundsTimeoutNotifierRewardMultiplier\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newMovingFundsTimeoutNotifierRewardMultiplier = _newMovingFundsTimeoutNotifierRewardMultiplier;\n self.movingFundsTimeoutNotifierRewardMultiplierChangeInitiated = block\n .timestamp;\n emit MovingFundsTimeoutNotifierRewardMultiplierUpdateStarted(\n _newMovingFundsTimeoutNotifierRewardMultiplier,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moving funds timeout notifier reward multiplier\n /// amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovingFundsTimeoutNotifierRewardMultiplierUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movingFundsTimeoutNotifierRewardMultiplierChangeInitiated,\n governanceDelay\n )\n {\n emit MovingFundsTimeoutNotifierRewardMultiplierUpdated(\n self.newMovingFundsTimeoutNotifierRewardMultiplier\n );\n\n self.newMovingFundsTimeoutNotifierRewardMultiplier = 0;\n self.movingFundsTimeoutNotifierRewardMultiplierChangeInitiated = 0;\n }\n\n function getNewMovingFundsTimeoutNotifierRewardMultiplier(\n MovingFundsData storage self\n ) internal view returns (uint32) {\n return self.newMovingFundsTimeoutNotifierRewardMultiplier;\n }\n\n /// @notice Begins the moved funds sweep tx max total fee amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTxMaxTotalFee New moved funds sweep tx max total\n /// fee amount.\n function beginMovedFundsSweepTxMaxTotalFeeUpdate(\n MovingFundsData storage self,\n uint64 _newMovedFundsSweepTxMaxTotalFee\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovedFundsSweepTxMaxTotalFee = _newMovedFundsSweepTxMaxTotalFee;\n self.movedFundsSweepTxMaxTotalFeeChangeInitiated = block.timestamp;\n emit MovedFundsSweepTxMaxTotalFeeUpdateStarted(\n _newMovedFundsSweepTxMaxTotalFee,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moved funds sweep tx max total fee amount update\n /// process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTxMaxTotalFeeUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movedFundsSweepTxMaxTotalFeeChangeInitiated,\n governanceDelay\n )\n {\n emit MovedFundsSweepTxMaxTotalFeeUpdated(\n self.newMovedFundsSweepTxMaxTotalFee\n );\n\n self.newMovedFundsSweepTxMaxTotalFee = 0;\n self.movedFundsSweepTxMaxTotalFeeChangeInitiated = 0;\n }\n\n function getNewMovedFundsSweepTxMaxTotalFee(MovingFundsData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newMovedFundsSweepTxMaxTotalFee;\n }\n\n /// @notice Begins the moved funds sweep timeout amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeout New moved funds sweep timeout amount.\n function beginMovedFundsSweepTimeoutUpdate(\n MovingFundsData storage self,\n uint32 _newMovedFundsSweepTimeout\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newMovedFundsSweepTimeout = _newMovedFundsSweepTimeout;\n self.movedFundsSweepTimeoutChangeInitiated = block.timestamp;\n emit MovedFundsSweepTimeoutUpdateStarted(\n _newMovedFundsSweepTimeout,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moved funds sweep timeout amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movedFundsSweepTimeoutChangeInitiated,\n governanceDelay\n )\n {\n emit MovedFundsSweepTimeoutUpdated(self.newMovedFundsSweepTimeout);\n\n self.newMovedFundsSweepTimeout = 0;\n self.movedFundsSweepTimeoutChangeInitiated = 0;\n }\n\n function getNewMovedFundsSweepTimeout(MovingFundsData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newMovedFundsSweepTimeout;\n }\n\n /// @notice Begins the moved funds sweep timeout slashing amount update\n /// process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeoutSlashingAmount New moved funds sweep\n /// timeout slashing amount.\n function beginMovedFundsSweepTimeoutSlashingAmountUpdate(\n MovingFundsData storage self,\n uint96 _newMovedFundsSweepTimeoutSlashingAmount\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newMovedFundsSweepTimeoutSlashingAmount = _newMovedFundsSweepTimeoutSlashingAmount;\n self.movedFundsSweepTimeoutSlashingAmountChangeInitiated = block\n .timestamp;\n emit MovedFundsSweepTimeoutSlashingAmountUpdateStarted(\n _newMovedFundsSweepTimeoutSlashingAmount,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moved funds sweep timeout slashing amount\n /// update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutSlashingAmountUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movedFundsSweepTimeoutSlashingAmountChangeInitiated,\n governanceDelay\n )\n {\n emit MovedFundsSweepTimeoutSlashingAmountUpdated(\n self.newMovedFundsSweepTimeoutSlashingAmount\n );\n\n self.newMovedFundsSweepTimeoutSlashingAmount = 0;\n self.movedFundsSweepTimeoutSlashingAmountChangeInitiated = 0;\n }\n\n function getNewMovedFundsSweepTimeoutSlashingAmount(\n MovingFundsData storage self\n ) internal view returns (uint96) {\n return self.newMovedFundsSweepTimeoutSlashingAmount;\n }\n\n /// @notice Begins the moved funds sweep timeout notifier reward multiplier\n /// amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newMovedFundsSweepTimeoutNotifierRewardMultiplier New moved funds\n /// sweep timeout notifier reward multiplier amount.\n function beginMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate(\n MovingFundsData storage self,\n uint32 _newMovedFundsSweepTimeoutNotifierRewardMultiplier\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newMovedFundsSweepTimeoutNotifierRewardMultiplier = _newMovedFundsSweepTimeoutNotifierRewardMultiplier;\n self\n .movedFundsSweepTimeoutNotifierRewardMultiplierChangeInitiated = block\n .timestamp;\n emit MovedFundsSweepTimeoutNotifierRewardMultiplierUpdateStarted(\n _newMovedFundsSweepTimeoutNotifierRewardMultiplier,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the moved funds sweep timeout notifier reward multiplier\n /// amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeMovedFundsSweepTimeoutNotifierRewardMultiplierUpdate(\n MovingFundsData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.movedFundsSweepTimeoutNotifierRewardMultiplierChangeInitiated,\n governanceDelay\n )\n {\n emit MovedFundsSweepTimeoutNotifierRewardMultiplierUpdated(\n self.newMovedFundsSweepTimeoutNotifierRewardMultiplier\n );\n\n self.newMovedFundsSweepTimeoutNotifierRewardMultiplier = 0;\n self.movedFundsSweepTimeoutNotifierRewardMultiplierChangeInitiated = 0;\n }\n\n function getNewMovedFundsSweepTimeoutNotifierRewardMultiplier(\n MovingFundsData storage self\n ) internal view returns (uint32) {\n return self.newMovedFundsSweepTimeoutNotifierRewardMultiplier;\n }\n\n // --- Wallet params\n\n /// @notice Begins the wallet creation period amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationPeriod New wallet creation period amount.\n function beginWalletCreationPeriodUpdate(\n WalletData storage self,\n uint32 _newWalletCreationPeriod\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletCreationPeriod = _newWalletCreationPeriod;\n self.walletCreationPeriodChangeInitiated = block.timestamp;\n emit WalletCreationPeriodUpdateStarted(\n _newWalletCreationPeriod,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet creation period amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationPeriodUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletCreationPeriodChangeInitiated,\n governanceDelay\n )\n {\n emit WalletCreationPeriodUpdated(self.newWalletCreationPeriod);\n\n self.newWalletCreationPeriod = 0;\n self.walletCreationPeriodChangeInitiated = 0;\n }\n\n function getNewWalletCreationPeriod(WalletData storage self)\n external\n view\n returns (uint32)\n {\n return self.newWalletCreationPeriod;\n }\n\n /// @notice Begins the wallet creation min btc balance amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationMinBtcBalance New wallet creation min btc balance\n /// amount.\n function beginWalletCreationMinBtcBalanceUpdate(\n WalletData storage self,\n uint64 _newWalletCreationMinBtcBalance\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletCreationMinBtcBalance = _newWalletCreationMinBtcBalance;\n self.walletCreationMinBtcBalanceChangeInitiated = block.timestamp;\n emit WalletCreationMinBtcBalanceUpdateStarted(\n _newWalletCreationMinBtcBalance,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet creation min btc balance amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationMinBtcBalanceUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletCreationMinBtcBalanceChangeInitiated,\n governanceDelay\n )\n {\n emit WalletCreationMinBtcBalanceUpdated(\n self.newWalletCreationMinBtcBalance\n );\n\n self.newWalletCreationMinBtcBalance = 0;\n self.walletCreationMinBtcBalanceChangeInitiated = 0;\n }\n\n function getNewWalletCreationMinBtcBalance(WalletData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newWalletCreationMinBtcBalance;\n }\n\n /// @notice Begins the wallet creation max btc balance amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletCreationMaxBtcBalance New wallet creation max btc balance\n /// amount.\n function beginWalletCreationMaxBtcBalanceUpdate(\n WalletData storage self,\n uint64 _newWalletCreationMaxBtcBalance\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletCreationMaxBtcBalance = _newWalletCreationMaxBtcBalance;\n self.walletCreationMaxBtcBalanceChangeInitiated = block.timestamp;\n emit WalletCreationMaxBtcBalanceUpdateStarted(\n _newWalletCreationMaxBtcBalance,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet creation max btc balance amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletCreationMaxBtcBalanceUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletCreationMaxBtcBalanceChangeInitiated,\n governanceDelay\n )\n {\n emit WalletCreationMaxBtcBalanceUpdated(\n self.newWalletCreationMaxBtcBalance\n );\n\n self.newWalletCreationMaxBtcBalance = 0;\n self.walletCreationMaxBtcBalanceChangeInitiated = 0;\n }\n\n function getNewWalletCreationMaxBtcBalance(WalletData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newWalletCreationMaxBtcBalance;\n }\n\n /// @notice Begins the wallet closure min btc balance amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletClosureMinBtcBalance New wallet closure min btc balance amount.\n function beginWalletClosureMinBtcBalanceUpdate(\n WalletData storage self,\n uint64 _newWalletClosureMinBtcBalance\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletClosureMinBtcBalance = _newWalletClosureMinBtcBalance;\n self.walletClosureMinBtcBalanceChangeInitiated = block.timestamp;\n emit WalletClosureMinBtcBalanceUpdateStarted(\n _newWalletClosureMinBtcBalance,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet closure min btc balance amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletClosureMinBtcBalanceUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletClosureMinBtcBalanceChangeInitiated,\n governanceDelay\n )\n {\n emit WalletClosureMinBtcBalanceUpdated(\n self.newWalletClosureMinBtcBalance\n );\n\n self.newWalletClosureMinBtcBalance = 0;\n self.walletClosureMinBtcBalanceChangeInitiated = 0;\n }\n\n function getNewWalletClosureMinBtcBalance(WalletData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newWalletClosureMinBtcBalance;\n }\n\n /// @notice Begins the wallet max age amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletMaxAge New wallet max age amount.\n function beginWalletMaxAgeUpdate(\n WalletData storage self,\n uint32 _newWalletMaxAge\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletMaxAge = _newWalletMaxAge;\n self.walletMaxAgeChangeInitiated = block.timestamp;\n emit WalletMaxAgeUpdateStarted(_newWalletMaxAge, block.timestamp);\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet max age amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletMaxAgeUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletMaxAgeChangeInitiated,\n governanceDelay\n )\n {\n emit WalletMaxAgeUpdated(self.newWalletMaxAge);\n\n self.newWalletMaxAge = 0;\n self.walletMaxAgeChangeInitiated = 0;\n }\n\n function getNewWalletMaxAge(WalletData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newWalletMaxAge;\n }\n\n /// @notice Begins the wallet max btc transfer amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletMaxBtcTransfer New wallet max btc transfer amount.\n function beginWalletMaxBtcTransferUpdate(\n WalletData storage self,\n uint64 _newWalletMaxBtcTransfer\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletMaxBtcTransfer = _newWalletMaxBtcTransfer;\n self.walletMaxBtcTransferChangeInitiated = block.timestamp;\n emit WalletMaxBtcTransferUpdateStarted(\n _newWalletMaxBtcTransfer,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet max btc transfer amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletMaxBtcTransferUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletMaxBtcTransferChangeInitiated,\n governanceDelay\n )\n {\n emit WalletMaxBtcTransferUpdated(self.newWalletMaxBtcTransfer);\n\n self.newWalletMaxBtcTransfer = 0;\n self.walletMaxBtcTransferChangeInitiated = 0;\n }\n\n function getNewWalletMaxBtcTransfer(WalletData storage self)\n internal\n view\n returns (uint64)\n {\n return self.newWalletMaxBtcTransfer;\n }\n\n /// @notice Begins the wallet closing period amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newWalletClosingPeriod New wallet closing period amount.\n function beginWalletClosingPeriodUpdate(\n WalletData storage self,\n uint32 _newWalletClosingPeriod\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newWalletClosingPeriod = _newWalletClosingPeriod;\n self.walletClosingPeriodChangeInitiated = block.timestamp;\n emit WalletClosingPeriodUpdateStarted(\n _newWalletClosingPeriod,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the wallet closing period amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeWalletClosingPeriodUpdate(\n WalletData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.walletClosingPeriodChangeInitiated,\n governanceDelay\n )\n {\n emit WalletClosingPeriodUpdated(self.newWalletClosingPeriod);\n\n self.newWalletClosingPeriod = 0;\n self.walletClosingPeriodChangeInitiated = 0;\n }\n\n function getNewWalletClosingPeriod(WalletData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newWalletClosingPeriod;\n }\n\n // --- Fraud\n\n /// @notice Begins the fraud challenge deposit amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudChallengeDepositAmount New fraud challenge deposit amount.\n function beginFraudChallengeDepositAmountUpdate(\n FraudData storage self,\n uint96 _newFraudChallengeDepositAmount\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newFraudChallengeDepositAmount = _newFraudChallengeDepositAmount;\n self.fraudChallengeDepositAmountChangeInitiated = block.timestamp;\n emit FraudChallengeDepositAmountUpdateStarted(\n _newFraudChallengeDepositAmount,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the fraud challenge deposit amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudChallengeDepositAmountUpdate(\n FraudData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.fraudChallengeDepositAmountChangeInitiated,\n governanceDelay\n )\n {\n emit FraudChallengeDepositAmountUpdated(\n self.newFraudChallengeDepositAmount\n );\n\n self.newFraudChallengeDepositAmount = 0;\n self.fraudChallengeDepositAmountChangeInitiated = 0;\n }\n\n function getNewFraudChallengeDepositAmount(FraudData storage self)\n internal\n view\n returns (uint96)\n {\n return self.newFraudChallengeDepositAmount;\n }\n\n /// @notice Begins the fraud challenge defeat timeout amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudChallengeDefeatTimeout New fraud challenge defeat timeout\n /// amount.\n function beginFraudChallengeDefeatTimeoutUpdate(\n FraudData storage self,\n uint32 _newFraudChallengeDefeatTimeout\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newFraudChallengeDefeatTimeout = _newFraudChallengeDefeatTimeout;\n self.fraudChallengeDefeatTimeoutChangeInitiated = block.timestamp;\n emit FraudChallengeDefeatTimeoutUpdateStarted(\n _newFraudChallengeDefeatTimeout,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the fraud challenge defeat timeout amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudChallengeDefeatTimeoutUpdate(\n FraudData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.fraudChallengeDefeatTimeoutChangeInitiated,\n governanceDelay\n )\n {\n emit FraudChallengeDefeatTimeoutUpdated(\n self.newFraudChallengeDefeatTimeout\n );\n\n self.newFraudChallengeDefeatTimeout = 0;\n self.fraudChallengeDefeatTimeoutChangeInitiated = 0;\n }\n\n function getNewFraudChallengeDefeatTimeout(FraudData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newFraudChallengeDefeatTimeout;\n }\n\n /// @notice Begins the fraud slashing amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudSlashingAmount New fraud slashing amount.\n function beginFraudSlashingAmountUpdate(\n FraudData storage self,\n uint96 _newFraudSlashingAmount\n ) external {\n /* solhint-disable not-rely-on-time */\n self.newFraudSlashingAmount = _newFraudSlashingAmount;\n self.fraudSlashingAmountChangeInitiated = block.timestamp;\n emit FraudSlashingAmountUpdateStarted(\n _newFraudSlashingAmount,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the fraud slashing amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudSlashingAmountUpdate(\n FraudData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.fraudSlashingAmountChangeInitiated,\n governanceDelay\n )\n {\n emit FraudSlashingAmountUpdated(self.newFraudSlashingAmount);\n\n self.newFraudSlashingAmount = 0;\n self.fraudSlashingAmountChangeInitiated = 0;\n }\n\n function getNewFraudSlashingAmount(FraudData storage self)\n internal\n view\n returns (uint96)\n {\n return self.newFraudSlashingAmount;\n }\n\n /// @notice Begins the fraud notifier reward multiplier amount update process.\n /// @dev Can be called only by the contract owner.\n /// @param _newFraudNotifierRewardMultiplier New fraud notifier reward multiplier\n /// amount.\n function beginFraudNotifierRewardMultiplierUpdate(\n FraudData storage self,\n uint32 _newFraudNotifierRewardMultiplier\n ) external {\n /* solhint-disable not-rely-on-time */\n self\n .newFraudNotifierRewardMultiplier = _newFraudNotifierRewardMultiplier;\n self.fraudNotifierRewardMultiplierChangeInitiated = block.timestamp;\n emit FraudNotifierRewardMultiplierUpdateStarted(\n _newFraudNotifierRewardMultiplier,\n block.timestamp\n );\n /* solhint-enable not-rely-on-time */\n }\n\n /// @notice Finalizes the fraud notifier reward multiplier amount update process.\n /// @dev Can be called only by the contract owner, after the governance\n /// delay elapses.\n function finalizeFraudNotifierRewardMultiplierUpdate(\n FraudData storage self,\n uint256 governanceDelay\n )\n external\n onlyAfterGovernanceDelay(\n self.fraudNotifierRewardMultiplierChangeInitiated,\n governanceDelay\n )\n {\n emit FraudNotifierRewardMultiplierUpdated(\n self.newFraudNotifierRewardMultiplier\n );\n\n self.newFraudNotifierRewardMultiplier = 0;\n self.fraudNotifierRewardMultiplierChangeInitiated = 0;\n }\n\n function getNewFraudNotifierRewardMultiplier(FraudData storage self)\n internal\n view\n returns (uint32)\n {\n return self.newFraudNotifierRewardMultiplier;\n }\n}\n"
267
264
  },
265
+ "contracts/test/HeartbeatStub.sol": {
266
+ "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"../bridge/Heartbeat.sol\";\n\n/// @dev This is a contract implemented to test Heartbeat library directly.\ncontract HeartbeatStub {\n function isValidHeartbeatMessage(bytes calldata message)\n public\n pure\n returns (bool)\n {\n return Heartbeat.isValidHeartbeatMessage(message);\n }\n}\n"
267
+ },
268
+ "contracts/test/TestEcdsaLib.sol": {
269
+ "content": "// SPDX-License-Identifier: MIT\n\npragma solidity ^0.8.9;\n\nimport \"../bridge/EcdsaLib.sol\";\n\n// TODO: Rename to EcdsLibStub\n/// @dev This is a contract implemented to test EcdsaLib library directly.\ncontract TestEcdsaLib {\n function compressPublicKey(bytes32 x, bytes32 y)\n public\n pure\n returns (bytes memory)\n {\n return EcdsaLib.compressPublicKey(x, y);\n }\n}\n"
270
+ },
268
271
  "contracts/vault/DonationVault.sol": {
269
272
  "content": "// SPDX-License-Identifier: MIT\n\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ██████████████ ▐████▌ ██████████████\n// ██████████████ ▐████▌ ██████████████\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n// ▐████▌ ▐████▌\n\npragma solidity ^0.8.9;\n\nimport \"./IVault.sol\";\nimport \"../bank/Bank.sol\";\n\n/// @title BTC donation vault\n/// @notice Vault that allows making BTC donations to the system. Upon deposit,\n/// this vault does not increase depositors' balances and always\n/// decreases its own balance in the same transaction. The vault also\n/// allows making donations using existing Bank balances.\n///\n/// BEWARE: ALL BTC DEPOSITS TARGETING THIS VAULT ARE NOT REDEEMABLE\n/// AND THERE IS NO WAY TO RESTORE THE DONATED BALANCE.\n/// USE THIS VAULT ONLY WHEN YOU REALLY KNOW WHAT YOU ARE DOING!\ncontract DonationVault is IVault {\n Bank public bank;\n\n event DonationReceived(address donor, uint256 donatedAmount);\n\n modifier onlyBank() {\n require(msg.sender == address(bank), \"Caller is not the Bank\");\n _;\n }\n\n constructor(Bank _bank) {\n require(\n address(_bank) != address(0),\n \"Bank can not be the zero address\"\n );\n\n bank = _bank;\n }\n\n /// @notice Transfers the given `amount` of the Bank balance from the\n /// caller to the Donation Vault and immediately decreases the\n /// vault's balance in the Bank by the transferred `amount`.\n /// @param amount Amount of the Bank balance to donate.\n /// @dev Requirements:\n /// - The caller's balance in the Bank must be greater than or equal\n /// to the `amount`,\n /// - Donation Vault must have an allowance for caller's balance in\n /// the Bank for at least `amount`.\n function donate(uint256 amount) external {\n address donor = msg.sender;\n\n require(\n bank.balanceOf(donor) >= amount,\n \"Amount exceeds balance in the bank\"\n );\n\n emit DonationReceived(donor, amount);\n\n bank.transferBalanceFrom(donor, address(this), amount);\n bank.decreaseBalance(amount);\n }\n\n /// @notice Transfers the given `amount` of the Bank balance from the\n /// `owner` to the Donation Vault and immediately decreases the\n /// vault's balance in the Bank by the transferred `amount`.\n /// @param owner Address of the Bank balance owner who approved their\n /// balance to be used by the vault.\n /// @param amount The amount of the Bank balance approved by the owner\n /// to be used by the vault.\n /// @dev Requirements:\n /// - Can only be called by the Bank via `approveBalanceAndCall`,\n /// - The `owner` balance in the Bank must be greater than or equal\n /// to the `amount`.\n function receiveBalanceApproval(\n address owner,\n uint256 amount,\n bytes memory\n ) external override onlyBank {\n require(\n bank.balanceOf(owner) >= amount,\n \"Amount exceeds balance in the bank\"\n );\n\n emit DonationReceived(owner, amount);\n\n bank.transferBalanceFrom(owner, address(this), amount);\n bank.decreaseBalance(amount);\n }\n\n /// @notice Ignores the deposited amounts and does not increase depositors'\n /// individual balances. The vault decreases its own tBTC balance\n /// in the Bank by the total deposited amount.\n /// @param depositors Addresses of depositors whose deposits have been swept.\n /// @param depositedAmounts Amounts deposited by individual depositors and\n /// swept.\n /// @dev Requirements:\n /// - Can only be called by the Bank after the Bridge swept deposits\n /// and Bank increased balance for the vault,\n /// - The `depositors` array must not be empty,\n /// - The `depositors` array length must be equal to the\n /// `depositedAmounts` array length.\n function receiveBalanceIncrease(\n address[] calldata depositors,\n uint256[] calldata depositedAmounts\n ) external override onlyBank {\n require(depositors.length != 0, \"No depositors specified\");\n\n uint256 totalAmount = 0;\n for (uint256 i = 0; i < depositors.length; i++) {\n totalAmount += depositedAmounts[i];\n emit DonationReceived(depositors[i], depositedAmounts[i]);\n }\n\n bank.decreaseBalance(totalAmount);\n }\n}\n"
270
273
  },