@keep-network/tbtc-v2 0.1.1-dev.53 → 0.1.1-dev.54

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. package/artifacts/Bank.json +6 -6
  2. package/artifacts/Bridge.json +187 -144
  3. package/artifacts/Deposit.json +7 -7
  4. package/artifacts/EcdsaDkgValidator.json +1 -1
  5. package/artifacts/EcdsaInactivity.json +1 -1
  6. package/artifacts/Fraud.json +8 -8
  7. package/artifacts/KeepRegistry.json +1 -1
  8. package/artifacts/KeepStake.json +2 -2
  9. package/artifacts/KeepToken.json +2 -2
  10. package/artifacts/KeepTokenStaking.json +1 -1
  11. package/artifacts/MovingFunds.json +13 -12
  12. package/artifacts/NuCypherStakingEscrow.json +1 -1
  13. package/artifacts/NuCypherToken.json +2 -2
  14. package/artifacts/RandomBeaconStub.json +1 -1
  15. package/artifacts/Redemption.json +11 -11
  16. package/artifacts/ReimbursementPool.json +2 -2
  17. package/artifacts/Relay.json +11 -11
  18. package/artifacts/SortitionPool.json +2 -2
  19. package/artifacts/Sweep.json +7 -7
  20. package/artifacts/T.json +2 -2
  21. package/artifacts/TBTC.json +6 -6
  22. package/artifacts/TBTCToken.json +6 -6
  23. package/artifacts/TokenStaking.json +1 -1
  24. package/artifacts/TokenholderGovernor.json +9 -9
  25. package/artifacts/TokenholderTimelock.json +8 -8
  26. package/artifacts/VendingMachine.json +13 -13
  27. package/artifacts/VendingMachineKeep.json +1 -1
  28. package/artifacts/VendingMachineNuCypher.json +1 -1
  29. package/artifacts/WalletRegistry.json +2 -2
  30. package/artifacts/WalletRegistryGovernance.json +2 -2
  31. package/artifacts/Wallets.json +9 -9
  32. package/artifacts/solcInputs/{fa22a04615b4037761340d27e55c86ee.json → 799c7b289d9b6d9cfc600d2fc23c7b64.json} +6 -6
  33. package/build/contracts/GovernanceUtils.sol/GovernanceUtils.dbg.json +1 -1
  34. package/build/contracts/bank/Bank.sol/Bank.dbg.json +1 -1
  35. package/build/contracts/bridge/BitcoinTx.sol/BitcoinTx.dbg.json +1 -1
  36. package/build/contracts/bridge/BitcoinTx.sol/BitcoinTx.json +2 -2
  37. package/build/contracts/bridge/Bridge.sol/Bridge.dbg.json +1 -1
  38. package/build/contracts/bridge/Bridge.sol/Bridge.json +71 -34
  39. package/build/contracts/bridge/BridgeState.sol/BridgeState.dbg.json +1 -1
  40. package/build/contracts/bridge/BridgeState.sol/BridgeState.json +14 -2
  41. package/build/contracts/bridge/Deposit.sol/Deposit.dbg.json +1 -1
  42. package/build/contracts/bridge/Deposit.sol/Deposit.json +2 -2
  43. package/build/contracts/bridge/EcdsaLib.sol/EcdsaLib.dbg.json +1 -1
  44. package/build/contracts/bridge/Fraud.sol/Fraud.dbg.json +1 -1
  45. package/build/contracts/bridge/Fraud.sol/Fraud.json +2 -2
  46. package/build/contracts/bridge/IRelay.sol/IRelay.dbg.json +1 -1
  47. package/build/contracts/bridge/MovingFunds.sol/MovingFunds.dbg.json +1 -1
  48. package/build/contracts/bridge/MovingFunds.sol/MovingFunds.json +2 -2
  49. package/build/contracts/bridge/Redemption.sol/OutboundTx.dbg.json +1 -1
  50. package/build/contracts/bridge/Redemption.sol/OutboundTx.json +2 -2
  51. package/build/contracts/bridge/Redemption.sol/Redemption.dbg.json +1 -1
  52. package/build/contracts/bridge/Redemption.sol/Redemption.json +2 -2
  53. package/build/contracts/bridge/Sweep.sol/Sweep.dbg.json +1 -1
  54. package/build/contracts/bridge/Sweep.sol/Sweep.json +2 -2
  55. package/build/contracts/bridge/VendingMachine.sol/VendingMachine.dbg.json +1 -1
  56. package/build/contracts/bridge/Wallets.sol/Wallets.dbg.json +1 -1
  57. package/build/contracts/bridge/Wallets.sol/Wallets.json +2 -2
  58. package/build/contracts/token/TBTC.sol/TBTC.dbg.json +1 -1
  59. package/build/contracts/vault/IVault.sol/IVault.dbg.json +1 -1
  60. package/build/contracts/vault/TBTCVault.sol/TBTCVault.dbg.json +1 -1
  61. package/contracts/bridge/Bridge.sol +46 -7
  62. package/contracts/bridge/BridgeState.sol +32 -0
  63. package/contracts/bridge/Fraud.sol +1 -1
  64. package/contracts/bridge/MovingFunds.sol +16 -3
  65. package/contracts/bridge/Redemption.sol +4 -4
  66. package/export.json +37 -13
  67. package/package.json +1 -1
package/artifacts/Bridge.json CHANGED
@@ -334,6 +334,18 @@
334
334
  "name": "movingFundsTimeout",
335
335
  "type": "uint32"
336
336
  },
337
+ {
338
+ "indexed": false,
339
+ "internalType": "uint96",
340
+ "name": "movingFundsTimeoutSlashingAmount",
341
+ "type": "uint96"
342
+ },
343
+ {
344
+ "indexed": false,
345
+ "internalType": "uint256",
346
+ "name": "movingFundsTimeoutNotifierRewardMultiplier",
347
+ "type": "uint256"
348
+ },
337
349
  {
338
350
  "indexed": false,
339
351
  "internalType": "uint64",
@@ -957,6 +969,16 @@
957
969
  "name": "movingFundsTimeout",
958
970
  "type": "uint32"
959
971
  },
972
+ {
973
+ "internalType": "uint96",
974
+ "name": "movingFundsTimeoutSlashingAmount",
975
+ "type": "uint96"
976
+ },
977
+ {
978
+ "internalType": "uint256",
979
+ "name": "movingFundsTimeoutNotifierRewardMultiplier",
980
+ "type": "uint256"
981
+ },
960
982
  {
961
983
  "internalType": "uint64",
962
984
  "name": "movingFundsDustThreshold",
@@ -1065,6 +1087,11 @@
1065
1087
  "internalType": "bytes20",
1066
1088
  "name": "walletPubKeyHash",
1067
1089
  "type": "bytes20"
1090
+ },
1091
+ {
1092
+ "internalType": "uint32[]",
1093
+ "name": "walletMembersIDs",
1094
+ "type": "uint32[]"
1068
1095
  }
1069
1096
  ],
1070
1097
  "name": "notifyMovingFundsTimeout",
@@ -2036,19 +2063,6 @@
2036
2063
  "stateMutability": "view",
2037
2064
  "type": "function"
2038
2065
  },
2039
- {
2040
- "inputs": [
2041
- {
2042
- "internalType": "bytes20",
2043
- "name": "walletPubKeyHash",
2044
- "type": "bytes20"
2045
- }
2046
- ],
2047
- "name": "unsetWalletMainUtxo",
2048
- "outputs": [],
2049
- "stateMutability": "nonpayable",
2050
- "type": "function"
2051
- },
2052
2066
  {
2053
2067
  "inputs": [
2054
2068
  {
@@ -2112,6 +2126,16 @@
2112
2126
  "name": "movingFundsTimeout",
2113
2127
  "type": "uint32"
2114
2128
  },
2129
+ {
2130
+ "internalType": "uint96",
2131
+ "name": "movingFundsTimeoutSlashingAmount",
2132
+ "type": "uint96"
2133
+ },
2134
+ {
2135
+ "internalType": "uint256",
2136
+ "name": "movingFundsTimeoutNotifierRewardMultiplier",
2137
+ "type": "uint256"
2138
+ },
2115
2139
  {
2116
2140
  "internalType": "uint64",
2117
2141
  "name": "movingFundsDustThreshold",
@@ -2309,32 +2333,32 @@
2309
2333
  "type": "function"
2310
2334
  }
2311
2335
  ],
2312
- "transactionHash": "0x6c2e0f4fced977bf889728ce43a25faeaf76785f047ab03180c330e6f2b64ed3",
2336
+ "transactionHash": "0xf40bebbbd317eec94b1d6f2fd1de7ec1ab915b364f86762c74417dd64397d999",
2313
2337
  "receipt": {
2314
2338
  "to": null,
2315
2339
  "from": "0x70997970C51812dc3A010C7d01b50e0d17dc79C8",
2316
2340
  "contractAddress": "0x093e8F4d8f267d2CeEc9eB889E2054710d187beD",
2317
2341
  "transactionIndex": 0,
2318
- "gasUsed": "4069089",
2342
+ "gasUsed": "4189269",
2319
2343
  "logsBloom": "0x00000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000800000000000000000000000000000000000000000000",
2320
- "blockHash": "0x756c47cc5ac484cacccf775398b5e10c864c725fb899cd9372713ad0ea55c857",
2321
- "transactionHash": "0x6c2e0f4fced977bf889728ce43a25faeaf76785f047ab03180c330e6f2b64ed3",
2344
+ "blockHash": "0x8b66ae3c7455353917cbcdf24ba271d1b289cb51cd5a55a70e1f4b1b6de228bb",
2345
+ "transactionHash": "0xf40bebbbd317eec94b1d6f2fd1de7ec1ab915b364f86762c74417dd64397d999",
2322
2346
  "logs": [
2323
2347
  {
2324
2348
  "transactionIndex": 0,
2325
2349
  "blockNumber": 46,
2326
- "transactionHash": "0x6c2e0f4fced977bf889728ce43a25faeaf76785f047ab03180c330e6f2b64ed3",
2350
+ "transactionHash": "0xf40bebbbd317eec94b1d6f2fd1de7ec1ab915b364f86762c74417dd64397d999",
2327
2351
  "address": "0x093e8F4d8f267d2CeEc9eB889E2054710d187beD",
2328
2352
  "topics": [
2329
2353
  "0x5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80"
2330
2354
  ],
2331
2355
  "data": "0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070997970c51812dc3a010c7d01b50e0d17dc79c8",
2332
2356
  "logIndex": 0,
2333
- "blockHash": "0x756c47cc5ac484cacccf775398b5e10c864c725fb899cd9372713ad0ea55c857"
2357
+ "blockHash": "0x8b66ae3c7455353917cbcdf24ba271d1b289cb51cd5a55a70e1f4b1b6de228bb"
2334
2358
  }
2335
2359
  ],
2336
2360
  "blockNumber": 46,
2337
- "cumulativeGasUsed": "4069089",
2361
+ "cumulativeGasUsed": "4189269",
2338
2362
  "status": 1,
2339
2363
  "byzantium": true
2340
2364
  },
@@ -2346,10 +2370,10 @@
2346
2370
  1
2347
2371
  ],
2348
2372
  "numDeployments": 1,
2349
- "solcInputHash": "fa22a04615b4037761340d27e55c86ee",
2350
- "metadata": "{\"compiler\":{\"version\":\"0.8.9+commit.e5eed63a\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"_bank\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_relay\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_treasury\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_walletRegistry\",\"type\":\"address\"},{\"internalType\":\"uint256\",\"name\":\"_txProofDifficultyFactor\",\"type\":\"uint256\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"DepositParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"fundingTxHash\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"fundingOutputIndex\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"bytes8\",\"name\":\"blindingFactor\",\"type\":\"bytes8\"},{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"refundPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes4\",\"name\":\"refundLocktime\",\"type\":\"bytes4\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"name\":\"DepositRevealed\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sweepTxHash\",\"type\":\"bytes32\"}],\"name\":\"DepositsSwept\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeDefeatTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeDefeated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"uint8\",\"name\":\"v\",\"type\":\"uint8\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"r\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"s\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeSubmitted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"name\":\"FraudParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"address\",\"name\":\"oldGovernance\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"newGovernance\",\"type\":\"address\"}],\"name\":\"GovernanceTransferred\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"MovingFundsBelowDustReported\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes20[]\",\"name\":\"targetWallets\",\"type\":\"bytes20[]\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"submitter\",\"type\":\"address\"}],\"name\":\"MovingFundsCommitmentSubmitted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"movingFundsTxHash\",\"type\":\"bytes32\"}],\"name\":\"MovingFundsCompleted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"name\":\"MovingFundsParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"MovingFundsTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"NewWalletRegistered\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[],\"name\":\"NewWalletRequested\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"name\":\"RedemptionParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"}],\"name\":\"RedemptionRequested\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"}],\"name\":\"RedemptionTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"redemptionTxHash\",\"type\":\"bytes32\"}],\"name\":\"RedemptionsCompleted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"bool\",\"name\":\"isTrusted\",\"type\":\"bool\"}],\"name\":\"VaultStatusUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletClosed\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletClosing\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletMovingFunds\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"name\":\"WalletParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletTerminated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyX\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyY\",\"type\":\"bytes32\"}],\"name\":\"__ecdsaWalletCreatedCallback\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyX\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyY\",\"type\":\"bytes32\"}],\"name\":\"__ecdsaWalletHeartbeatFailedCallback\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"activeWalletPubKeyHash\",\"outputs\":[{\"internalType\":\"bytes20\",\"name\":\"\",\"type\":\"bytes20\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"contractReferences\",\"outputs\":[{\"internalType\":\"contract Bank\",\"name\":\"bank\",\"type\":\"address\"},{\"internalType\":\"contract IRelay\",\"name\":\"relay\",\"type\":\"address\"},{\"internalType\":\"contract IWalletRegistry\",\"name\":\"ecdsaWalletRegistry\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"preimage\",\"type\":\"bytes\"},{\"internalType\":\"bool\",\"name\":\"witness\",\"type\":\"bool\"}],\"name\":\"defeatFraudChallenge\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"depositParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"depositKey\",\"type\":\"uint256\"}],\"name\":\"deposits\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"revealedAt\",\"type\":\"uint32\"},{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"sweptAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Deposit.DepositRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"challengeKey\",\"type\":\"uint256\"}],\"name\":\"fraudChallenges\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"challenger\",\"type\":\"address\"},{\"internalType\":\"uint256\",\"name\":\"depositAmount\",\"type\":\"uint256\"},{\"internalType\":\"uint32\",\"name\":\"reportedAt\",\"type\":\"uint32\"},{\"internalType\":\"bool\",\"name\":\"resolved\",\"type\":\"bool\"}],\"internalType\":\"struct Fraud.FraudChallenge\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"fraudParameters\",\"outputs\":[{\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"governance\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"name\":\"isVaultTrusted\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"liveWalletsCount\",\"outputs\":[{\"internalType\":\"uint32\",\"name\":\"\",\"type\":\"uint32\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"movingFundsParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"walletMainUtxo\",\"type\":\"tuple\"}],\"name\":\"notifyCloseableWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"notifyFraudChallengeDefeatTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"}],\"name\":\"notifyMovingFundsBelowDust\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"notifyMovingFundsTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"}],\"name\":\"notifyRedemptionTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"notifyWalletClosingPeriodElapsed\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"redemptionKey\",\"type\":\"uint256\"}],\"name\":\"pendingRedemptions\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"requestedAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Redemption.RedemptionRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"redemptionParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"activeWalletMainUtxo\",\"type\":\"tuple\"}],\"name\":\"requestNewWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"},{\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"}],\"name\":\"requestRedemption\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"fundingTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"uint32\",\"name\":\"fundingOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"internalType\":\"bytes8\",\"name\":\"blindingFactor\",\"type\":\"bytes8\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"bytes20\",\"name\":\"refundPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"bytes4\",\"name\":\"refundLocktime\",\"type\":\"bytes4\"},{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"internalType\":\"struct Deposit.DepositRevealInfo\",\"name\":\"reveal\",\"type\":\"tuple\"}],\"name\":\"revealDeposit\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"activeWalletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"setActiveWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_depositDustThreshold\",\"type\":\"uint64\"}],\"name\":\"setDepositDustThreshold\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"setDepositTxMaxFee\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_movingFundsTxMaxTotalFee\",\"type\":\"uint64\"}],\"name\":\"setMovingFundsTxMaxTotalFee\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_redemptionDustThreshold\",\"type\":\"uint64\"}],\"name\":\"setRedemptionDustThreshold\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"}],\"name\":\"setRedemptionTreasuryFeeDivisor\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO[]\",\"name\":\"utxos\",\"type\":\"tuple[]\"}],\"name\":\"setSpentMainUtxos\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO[]\",\"name\":\"utxos\",\"type\":\"tuple[]\"}],\"name\":\"setSweptDeposits\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"internalType\":\"bool\",\"name\":\"isTrusted\",\"type\":\"bool\"}],\"name\":\"setVaultStatus\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"mainUtxoHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint64\",\"name\":\"pendingRedemptionsValue\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"createdAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsRequestedAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"closingStartedAt\",\"type\":\"uint32\"},{\"internalType\":\"enum Wallets.WalletState\",\"name\":\"state\",\"type\":\"uint8\"},{\"internalType\":\"bytes32\",\"name\":\"movingFundsTargetWalletsCommitmentHash\",\"type\":\"bytes32\"}],\"internalType\":\"struct Wallets.Wallet\",\"name\":\"wallet\",\"type\":\"tuple\"}],\"name\":\"setWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"utxo\",\"type\":\"tuple\"}],\"name\":\"setWalletMainUtxo\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"utxoKey\",\"type\":\"uint256\"}],\"name\":\"spentMainUTXOs\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"r\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"s\",\"type\":\"bytes32\"},{\"internalType\":\"uint8\",\"name\":\"v\",\"type\":\"uint8\"}],\"internalType\":\"struct BitcoinTx.RSVSignature\",\"name\":\"signature\",\"type\":\"tuple\"}],\"name\":\"submitFraudChallenge\",\"outputs\":[],\"stateMutability\":\"payable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"walletMainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"uint256\",\"name\":\"walletMemberIndex\",\"type\":\"uint256\"},{\"internalType\":\"bytes20[]\",\"name\":\"targetWallets\",\"type\":\"bytes20[]\"}],\"name\":\"submitMovingFundsCommitment\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"movingFundsTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"movingFundsProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"submitMovingFundsProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"redemptionTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"redemptionProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"submitRedemptionProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"sweepTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"sweepProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"}],\"name\":\"submitSweepProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"redemptionKey\",\"type\":\"uint256\"}],\"name\":\"timedOutRedemptions\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"requestedAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Redemption.RedemptionRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"newGovernance\",\"type\":\"address\"}],\"name\":\"transferGovernance\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"treasury\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"txProofDifficultyFactor\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"unsetWalletMainUtxo\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"updateDepositParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"name\":\"updateFraudParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"name\":\"updateMovingFundsParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"name\":\"updateRedemptionParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"name\":\"updateWalletParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"walletParameters\",\"outputs\":[{\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"wallets\",\"outputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"mainUtxoHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint64\",\"name\":\"pendingRedemptionsValue\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"createdAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsRequestedAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"closingStartedAt\",\"type\":\"uint32\"},{\"internalType\":\"enum Wallets.WalletState\",\"name\":\"state\",\"type\":\"uint8\"},{\"internalType\":\"bytes32\",\"name\":\"movingFundsTargetWalletsCommitmentHash\",\"type\":\"bytes32\"}],\"internalType\":\"struct Wallets.Wallet\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"__ecdsaWalletCreatedCallback(bytes32,bytes32,bytes32)\":{\"details\":\"Requirements: - The only caller authorized to call this function is `registry` - Given wallet data must not belong to an already registered wallet\",\"params\":{\"ecdsaWalletID\":\"Wallet's unique identifier.\",\"publicKeyX\":\"Wallet's public key's X coordinate.\",\"publicKeyY\":\"Wallet's public key's Y coordinate.\"}},\"__ecdsaWalletHeartbeatFailedCallback(bytes32,bytes32,bytes32)\":{\"details\":\"Requirements: - The only caller authorized to call this function is `registry` - Wallet must be in Live state\",\"params\":{\"publicKeyX\":\"Wallet's public key's X coordinate\",\"publicKeyY\":\"Wallet's public key's Y coordinate\"}},\"activeWalletPubKeyHash()\":{\"returns\":{\"_0\":\"The 20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the active wallet. Returns bytes20(0) if there is no active wallet at the moment.\"}},\"contractReferences()\":{\"returns\":{\"bank\":\"Address of the Bank the Bridge belongs to.\",\"ecdsaWalletRegistry\":\"Address of the ECDSA Wallet Registry.\",\"relay\":\"Address of the Bitcoin relay providing the current Bitcoin network difficulty.\"}},\"defeatFraudChallenge(bytes,bytes,bool)\":{\"details\":\"Requirements: - `walletPublicKey` and `sighash` calculated as `hash256(preimage)` must identify an open fraud challenge - the preimage must be a valid preimage of a transaction generated according to the protocol rules and already proved in the Bridge - before a defeat attempt is made the transaction that spends the given UTXO must be proven in the Bridge\",\"params\":{\"preimage\":\"The preimage which produces sighash used to generate the ECDSA signature that is the subject of the fraud claim. It is a serialized subset of the transaction. The exact subset used as the preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\",\"witness\":\"Flag indicating whether the preimage was produced for a witness input. True for witness, false for non-witness input\"}},\"depositParameters()\":{\"returns\":{\"depositDustThreshold\":\"The minimal amount that can be requested to deposit. Value of this parameter must take into account the value of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the depositor.\",\"depositTreasuryFeeDivisor\":\"Divisor used to compute the treasury fee taken from each deposit and transferred to the treasury upon sweep proof submission. That fee is computed as follows: `treasuryFee = depositedAmount / depositTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each deposit, the `depositTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"depositTxMaxFee\":\"Maximum amount of BTC transaction fee that can be incurred by each swept deposit being part of the given sweep transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud.\"}},\"fraudParameters()\":{\"returns\":{\"fraudChallengeDefeatTimeout\":\"The amount of time the wallet has to defeat a fraud challenge.\",\"fraudChallengeDepositAmount\":\"The amount of ETH in wei the party challenging the wallet for fraud needs to deposit.\",\"fraudNotifierRewardMultiplier\":\"The percentage of the notifier reward from the staking contract the notifier of a fraud receives. The value is in the range [0, 100].\",\"fraudSlashingAmount\":\"The amount slashed from each wallet member for committing a fraud.\"}},\"liveWalletsCount()\":{\"returns\":{\"_0\":\"The current count of wallets being in the Live state.\"}},\"movingFundsParameters()\":{\"returns\":{\"movingFundsDustThreshold\":\"The minimal satoshi amount that makes\",\"movingFundsTimeout\":\"Time after which the moving funds process can be reported as timed out. It is counted from the moment when the wallet was requested to move their funds and switched to the MovingFunds state. Value in seconds.\",\"movingFundsTxMaxTotalFee\":\"Maximum amount of the total BTC transaction fee that is acceptable in a single moving funds transaction. This is a _total_ max fee for the entire moving funds transaction.\"}},\"notifyCloseableWallet(bytes20,(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - Wallet must not be set as the current active wallet - Wallet must exceed the wallet maximum age OR the wallet BTC balance must be lesser than the minimum threshold. If the latter case is true, the `walletMainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If the wallet has no main UTXO, this parameter can be empty as it is ignored since the wallet balance is assumed to be zero. - Wallet must be in Live state\",\"params\":{\"walletMainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain.\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyFraudChallengeDefeatTimeout(bytes,uint32[],bytes32)\":{\"details\":\"Requirements: - The wallet must be in the Live or MovingFunds or Closing or Terminated state - The `walletPublicKey` and `sighash` must identify an open fraud challenge - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The amount of time indicated by `challengeDefeatTimeout` must pass after the challenge was reported\",\"params\":{\"sighash\":\"The hash that was used to produce the ECDSA signature that is the subject of the fraud claim. This hash is constructed by applying double SHA-256 over a serialized subset of the transaction. The exact subset used as hash preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"walletMembersIDs\":\"Identifiers of the wallet signing group members\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\"}},\"notifyMovingFundsBelowDust(bytes20,(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - The wallet must be in the MovingFunds state - The `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If the wallet has no main UTXO, this parameter can be empty as it is ignored. - The wallet BTC balance must be below the moving funds threshold\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain.\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyMovingFundsTimeout(bytes20)\":{\"details\":\"Requirements: - The wallet must be in the MovingFunds state - The moving funds timeout must be actually exceeded\",\"params\":{\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyRedemptionTimeout(bytes20,uint32[],bytes)\":{\"details\":\"Requirements: - The wallet must be in the Live or MovingFunds or Terminated state - The redemption request identified by `walletPubKeyHash` and `redeemerOutputScript` must exist - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The amount of time defined by `redemptionTimeout` must have passed since the redemption was requested (the request must be timed-out).\",\"params\":{\"redeemerOutputScript\":\"The redeemer's length-prefixed output script (P2PKH, P2WPKH, P2SH or P2WSH)\",\"walletMembersIDs\":\"Identifiers of the wallet signing group members\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyWalletClosingPeriodElapsed(bytes20)\":{\"details\":\"Requirements: - The wallet must be in the Closing state - The wallet closing period must have elapsed\",\"params\":{\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"redemptionParameters()\":{\"returns\":{\"redemptionDustThreshold\":\"The minimal amount that can be requested for redemption. Value of this parameter must take into account the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the redeemer.\",\"redemptionTimeout\":\"Time after which the redemption request can be reported as timed out. It is counted from the moment when the redemption request was created via `requestRedemption` call. Reported timed out requests are cancelled and locked TBTC is returned to the redeemer in full amount.\",\"redemptionTimeoutNotifierRewardMultiplier\":\"The percentage of the notifier reward from the staking contract the notifier of a redemption timeout receives. The value is in the range [0, 100].\",\"redemptionTimeoutSlashingAmount\":\"The amount of stake slashed from each member of a wallet for a redemption timeout.\",\"redemptionTreasuryFeeDivisor\":\"Divisor used to compute the treasury fee taken from each redemption request and transferred to the treasury upon successful request finalization. That fee is computed as follows: `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each redemption request, the `redemptionTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"redemptionTxMaxFee\":\"Maximum amount of BTC transaction fee that can be incurred by each redemption request being part of the given redemption transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud. This is a per-redemption output max fee for the redemption transaction.\"}},\"requestNewWallet((bytes32,uint32,uint64))\":{\"details\":\"Requirements: - `activeWalletMainUtxo` components must point to the recent main UTXO of the given active wallet, as currently known on the Ethereum chain. If there is no active wallet at the moment, or the active wallet has no main UTXO, this parameter can be empty as it is ignored. - Wallet creation must not be in progress - If the active wallet is set, one of the following conditions must be true: - The active wallet BTC balance is above the minimum threshold and the active wallet is old enough, i.e. the creation period was elapsed since its creation time - The active wallet BTC balance is above the maximum threshold\",\"params\":{\"activeWalletMainUtxo\":\"Data of the active wallet's main UTXO, as currently known on the Ethereum chain.\"}},\"requestRedemption(bytes20,(bytes32,uint32,uint64),bytes,uint64)\":{\"details\":\"Requirements: - Wallet behind `walletPubKeyHash` must be live - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. - `redeemerOutputScript` must be a proper Bitcoin script - `redeemerOutputScript` cannot have wallet PKH as payload - `amount` must be above or equal the `redemptionDustThreshold` - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be used for only one pending request at the same time - Wallet must have enough Bitcoin balance to proceed the request - Redeemer must make an allowance in the Bank that the Bridge contract can spend the given `amount`.\",\"params\":{\"amount\":\"Requested amount in satoshi. This is also the TBTC amount that is taken from redeemer's balance in the Bank upon request. Once the request is handled, the actual amount of BTC locked on the redeemer output script will be always lower than this value since the treasury and Bitcoin transaction fees must be incurred. The minimal amount satisfying the request can be computed as: `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`. Fees values are taken at the moment of request creation.\",\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"redeemerOutputScript\":\"The redeemer's length-prefixed output script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock redeemed BTC\",\"walletPubKeyHash\":\"The 20-byte wallet public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key)\"}},\"revealDeposit((bytes4,bytes,bytes,bytes4),(uint32,address,bytes8,bytes20,bytes20,bytes4,address))\":{\"details\":\"Requirements: - `reveal.walletPubKeyHash` must identify a `Live` wallet - `reveal.vault` must be 0x0 or point to a trusted vault - `reveal.fundingOutputIndex` must point to the actual P2(W)SH output of the BTC deposit transaction - `reveal.depositor` must be the Ethereum address used in the P2(W)SH BTC deposit transaction, - `reveal.blindingFactor` must be the blinding factor used in the P2(W)SH BTC deposit transaction, - `reveal.walletPubKeyHash` must be the wallet pub key hash used in the P2(W)SH BTC deposit transaction, - `reveal.refundPubKeyHash` must be the refund pub key hash used in the P2(W)SH BTC deposit transaction, - `reveal.refundLocktime` must be the refund locktime used in the P2(W)SH BTC deposit transaction, - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex` can be revealed only one time. If any of these requirements is not met, the wallet _must_ refuse to sweep the deposit and the depositor has to wait until the deposit script unlocks to receive their BTC back.\",\"params\":{\"fundingTx\":\"Bitcoin funding transaction data, see `BitcoinTx.Info`\",\"reveal\":\"Deposit reveal data, see `RevealInfo struct\"}},\"setVaultStatus(address,bool)\":{\"details\":\"Without restricting reveal only to trusted vaults, malicious vaults not meeting the criteria would be able to nuke sweep proof transactions executed by ECDSA wallet with deposits routed to them.Can only be called by the Governance.\",\"params\":{\"isTrusted\":\"flag indicating whether the vault is trusted or not\",\"vault\":\"The address of the vault\"}},\"submitFraudChallenge(bytes,bytes32,(bytes32,bytes32,uint8))\":{\"details\":\"Requirements: - Wallet behind `walletPublicKey` must be in Live or MovingFunds or Closing state - The challenger must send appropriate amount of ETH used as fraud challenge deposit - The signature (represented by r, s and v) must be generated by the wallet behind `walletPubKey` during signing of `sighash` - Wallet can be challenged for the given signature only once\",\"params\":{\"sighash\":\"The hash that was used to produce the ECDSA signature that is the subject of the fraud claim. This hash is constructed by applying double SHA-256 over a serialized subset of the transaction. The exact subset used as hash preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"signature\":\"Bitcoin signature in the R/S/V format\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\"}},\"submitMovingFundsCommitment(bytes20,(bytes32,uint32,uint64),uint32[],uint256,bytes20[])\":{\"details\":\"Requirements: - The source wallet must be in the MovingFunds state - The source wallet must not have pending redemption requests - The source wallet must not have submitted its commitment already - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given source wallet in the ECDSA registry. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The `walletMemberIndex` must be in range [1, walletMembersIDs.length] - The caller must be the member of the source wallet signing group at the position indicated by `walletMemberIndex` parameter - The `walletMainUtxo` components must point to the recent main UTXO of the source wallet, as currently known on the Ethereum chain. - Source wallet BTC balance must be greater than zero - At least one Live wallet must exist in the system - Submitted target wallets count must match the expected count `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))` where `N > 0` - Each target wallet must be not equal to the source wallet - Each target wallet must follow the expected order i.e. all target wallets 20-byte public key hashes represented as numbers must form a strictly increasing sequence without duplicates. - Each target wallet must be in Live state\",\"params\":{\"targetWallets\":\"List of 20-byte public key hashes of the target wallets that the source wallet commits to move the funds to\",\"walletMainUtxo\":\"Data of the source wallet's main UTXO, as currently known on the Ethereum chain\",\"walletMemberIndex\":\"Position of the caller in the source wallet signing group members list\",\"walletMembersIDs\":\"Identifiers of the source wallet signing group members\",\"walletPubKeyHash\":\"20-byte public key hash of the source wallet\"}},\"submitMovingFundsProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"details\":\"Requirements: - `movingFundsTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `movingFundsTx` should represent a Bitcoin transaction with exactly 1 input that refers to the wallet's main UTXO. That transaction should have 1..n outputs corresponding to the pre-committed target wallets. Outputs must be ordered in the same way as their corresponding target wallets are ordered within the target wallets commitment. - `movingFundsProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. Additionally, the recent main UTXO on Ethereum must be set. - `walletPubKeyHash` must be connected with the main UTXO used as transaction single input. - The wallet that `walletPubKeyHash` points to must be in the MovingFunds state. - The target wallets commitment must be submitted by the wallet that `walletPubKeyHash` points to. - The total Bitcoin transaction fee must be lesser or equal to `movingFundsTxMaxTotalFee` governable parameter.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"movingFundsProof\":\"Bitcoin moving funds proof data\",\"movingFundsTx\":\"Bitcoin moving funds transaction data\",\"walletPubKeyHash\":\"20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the wallet which performed the moving funds transaction\"}},\"submitRedemptionProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"details\":\"Requirements: - `redemptionTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `redemptionTx` should represent a Bitcoin transaction with exactly 1 input that refers to the wallet's main UTXO. That transaction should have 1..n outputs handling existing pending redemption requests or pointing to reported timed out requests. There can be also 1 optional output representing the change and pointing back to the 20-byte wallet public key hash. The change should be always present if the redeemed value sum is lower than the total wallet's BTC balance. - `redemptionProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. Additionally, the recent main UTXO on Ethereum must be set. - `walletPubKeyHash` must be connected with the main UTXO used as transaction single input. Other remarks: - Putting the change output as the first transaction output can save some gas because the output processing loop begins each iteration by checking whether the given output is the change thus uses some gas for making the comparison. Once the change is identified, that check is omitted in further iterations.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"redemptionProof\":\"Bitcoin redemption proof data\",\"redemptionTx\":\"Bitcoin redemption transaction data\",\"walletPubKeyHash\":\"20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the wallet which performed the redemption transaction\"}},\"submitSweepProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - `sweepTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `sweepTx` should represent a Bitcoin transaction with 1..n inputs. If the wallet has no main UTXO, all n inputs should correspond to P2(W)SH revealed deposits UTXOs. If the wallet has an existing main UTXO, one of the n inputs must point to that main UTXO and remaining n-1 inputs should correspond to P2(W)SH revealed deposits UTXOs. That transaction must have only one P2(W)PKH output locking funds on the 20-byte wallet public key hash. - `sweepProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If there is no main UTXO, this parameter is ignored.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain. If no main UTXO exists for the given wallet, this parameter is ignored\",\"sweepProof\":\"Bitcoin sweep proof data\",\"sweepTx\":\"Bitcoin sweep transaction data\"}},\"updateDepositParameters(uint64,uint64,uint64)\":{\"details\":\"Requirements: - Deposit dust threshold must be greater than zero - Deposit treasury fee divisor must be greater than zero - Deposit transaction max fee must be greater than zero\",\"params\":{\"depositTreasuryFeeDivisor\":\"New value of the treasury fee divisor. It is the divisor used to compute the treasury fee taken from each deposit and transferred to the treasury upon sweep proof submission. That fee is computed as follows: `treasuryFee = depositedAmount / depositTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each deposit, the `depositTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`\",\"depositTxMaxFee\":\"New value of the deposit tx max fee in satoshis. It is the maximum amount of BTC transaction fee that can be incurred by each swept deposit being part of the given sweep transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud\"}},\"updateFraudParameters(uint96,uint256,uint256,uint256)\":{\"details\":\"Requirements: - Fraud notifier reward multiplier must be in the range [0, 100] - Fraud challenge defeat timeout must be greater than 0\",\"params\":{\"fraudChallengeDefeatTimeout\":\"New value of the challenge defeat timeout in seconds, it is the amount of time the wallet has to defeat a fraud challenge. The value must be greater than zero\",\"fraudChallengeDepositAmount\":\"New value of the fraud challenge deposit amount in wei, it is the amount of ETH the party challenging the wallet for fraud needs to deposit\",\"fraudNotifierRewardMultiplier\":\"New value of the fraud notifier reward multiplier as percentage, it determines the percentage of the notifier reward from the staking contact the notifier of a fraud receives. The value must be in the range [0, 100]\",\"fraudSlashingAmount\":\"New value of the fraud slashing amount in T, it is the amount slashed from each wallet member for committing a fraud\"}},\"updateMovingFundsParameters(uint64,uint32,uint64)\":{\"details\":\"Requirements: - Moving funds transaction max total fee must be greater than zero - Moving funds timeout must be greater than zero - Moving funds dust threshold must be greater than zero\"},\"updateRedemptionParameters(uint64,uint64,uint64,uint256,uint96,uint256)\":{\"details\":\"Requirements: - Redemption dust threshold must be greater than zero - Redemption treasury fee divisor must be greater than zero - Redemption transaction max fee must be greater than zero - Redemption timeout must be greater than zero - Redemption timeout notifier reward multiplier must be in the range [0, 100]\",\"params\":{\"redemptionDustThreshold\":\"New value of the redemption dust threshold in satoshis. It is the minimal amount that can be requested for redemption. Value of this parameter must take into account the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the redeemer.\",\"redemptionTimeout\":\"New value of the redemption timeout in seconds. It is the time after which the redemption request can be reported as timed out. It is counted from the moment when the redemption request was created via `requestRedemption` call. Reported timed out requests are cancelled and locked TBTC is returned to the redeemer in full amount.\",\"redemptionTimeoutNotifierRewardMultiplier\":\"New value of the redemption timeout notifier reward multiplier as percentage, it determines the percentage of the notifier reward from the staking contact the notifier of a redemption timeout receives. The value must be in the range [0, 100]\",\"redemptionTimeoutSlashingAmount\":\"New value of the redemption timeout slashing amount in T, it is the amount slashed from each wallet member for redemption timeout\",\"redemptionTreasuryFeeDivisor\":\"New value of the redemption treasury fee divisor. It is the divisor used to compute the treasury fee taken from each redemption request and transferred to the treasury upon successful request finalization. That fee is computed as follows: `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each redemption request, the `redemptionTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"redemptionTxMaxFee\":\"New value of the redemption transaction max fee in satoshis. It is the maximum amount of BTC transaction fee that can be incurred by each redemption request being part of the given redemption transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud. This is a per-redemption output max fee for the redemption transaction.\"}},\"updateWalletParameters(uint32,uint64,uint64,uint64,uint32,uint64,uint32)\":{\"details\":\"Requirements: - Wallet minimum BTC balance must be greater than zero - Wallet maximum BTC balance must be greater than the wallet minimum BTC balance - Wallet maximum BTC transfer must be greater than zero - Wallet closing period must be greater than zero\"},\"walletParameters()\":{\"returns\":{\"walletClosingPeriod\":\"Determines the length of the wallet closing period, i.e. the period when the wallet remains in the Closing state and can be subject of deposit fraud challenges. Value in seconds.\",\"walletClosureMinBtcBalance\":\"The minimum BTC threshold in satoshi that is used to decide about wallet closure.\",\"walletCreationMaxBtcBalance\":\"The maximum BTC threshold in satoshi that is used to decide about wallet creation.\",\"walletCreationMinBtcBalance\":\"The minimum BTC threshold in satoshi that is used to decide about wallet creation.\",\"walletCreationPeriod\":\"Determines how frequently a new wallet creation can be requested. Value in seconds.\",\"walletMaxAge\":\"The maximum age of a wallet in seconds, after which the wallet moving funds process can be requested.\",\"walletMaxBtcTransfer\":\"The maximum BTC amount in satoshi than can be transferred to a single target wallet during the moving funds process.\"}},\"wallets(bytes20)\":{\"params\":{\"walletPubKeyHash\":\"The 20-byte wallet public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key)\"},\"returns\":{\"_0\":\"Wallet details.\"}}},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{\"__ecdsaWalletCreatedCallback(bytes32,bytes32,bytes32)\":{\"notice\":\"A callback function that is called by the ECDSA Wallet Registry once a new ECDSA wallet is created.\"},\"__ecdsaWalletHeartbeatFailedCallback(bytes32,bytes32,bytes32)\":{\"notice\":\"A callback function that is called by the ECDSA Wallet Registry once a wallet heartbeat failure is detected.\"},\"activeWalletPubKeyHash()\":{\"notice\":\"Gets the public key hash of the active wallet.\"},\"contractReferences()\":{\"notice\":\"Returns the addresses of contracts Bridge is interacting with.\"},\"defeatFraudChallenge(bytes,bytes,bool)\":{\"notice\":\"Allows to defeat a pending fraud challenge against a wallet if the transaction that spends the UTXO follows the protocol rules. In order to defeat the challenge the same `walletPublicKey` and signature (represented by `r`, `s` and `v`) must be provided as were used to calculate the sighash during input signing. The fraud challenge defeat attempt will only succeed if the inputs in the preimage are considered honestly spent by the wallet. Therefore the transaction spending the UTXO must be proven in the Bridge before a challenge defeat is called. If successfully defeated, the fraud challenge is marked as resolved and the amount of ether deposited by the challenger is sent to the treasury.\"},\"depositParameters()\":{\"notice\":\"Returns the current values of Bridge deposit parameters.\"},\"deposits(uint256)\":{\"notice\":\"Collection of all revealed deposits indexed by keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash is bytes32 (ordered as in Bitcoin internally) and fundingOutputIndex an uint32. This mapping may contain valid and invalid deposits and the wallet is responsible for validating them before attempting to execute a sweep.\"},\"fraudChallenges(uint256)\":{\"notice\":\"Returns the fraud challenge identified by the given key built as keccak256(walletPublicKey|sighash).\"},\"fraudParameters()\":{\"notice\":\"Returns the current values of Bridge fraud parameters.\"},\"isVaultTrusted(address)\":{\"notice\":\"Indicates if the vault with the given address is trusted or not. Depositors can route their revealed deposits only to trusted vaults and have trusted vaults notified about new deposits as soon as these deposits get swept. Vaults not trusted by the Bridge can still be used by Bank balance owners on their own responsibility - anyone can approve their Bank balance to any address.\"},\"liveWalletsCount()\":{\"notice\":\"Gets the live wallets count.\"},\"movingFundsParameters()\":{\"notice\":\"Returns the current values of Bridge moving funds between wallets parameters.\"},\"notifyCloseableWallet(bytes20,(bytes32,uint32,uint64))\":{\"notice\":\"Notifies that the wallet is either old enough or has too few satoshi left and qualifies to be closed.\"},\"notifyFraudChallengeDefeatTimeout(bytes,uint32[],bytes32)\":{\"notice\":\"Notifies about defeat timeout for the given fraud challenge. Can be called only if there was a fraud challenge identified by the provided `walletPublicKey` and `sighash` and it was not defeated on time. The amount of time that needs to pass after a fraud challenge is reported is indicated by the `challengeDefeatTimeout`. After a successful fraud challenge defeat timeout notification the fraud challenge is marked as resolved, the stake of each operator is slashed, the ether deposited is returned to the challenger and the challenger is rewarded.\"},\"notifyMovingFundsBelowDust(bytes20,(bytes32,uint32,uint64))\":{\"notice\":\"Notifies about a moving funds wallet whose BTC balance is below the moving funds dust threshold. Ends the moving funds process and begins wallet closing immediately.\"},\"notifyMovingFundsTimeout(bytes20)\":{\"notice\":\"Notifies about a timed out moving funds process. Terminates the wallet and slashes signing group members as a result.\"},\"notifyRedemptionTimeout(bytes20,uint32[],bytes)\":{\"notice\":\"Notifies that there is a pending redemption request associated with the given wallet, that has timed out. The redemption request is identified by the key built as `keccak256(walletPubKeyHash | redeemerOutputScript)`. The results of calling this function: - the pending redemptions value for the wallet will be decreased by the requested amount (minus treasury fee), - the tokens taken from the redeemer on redemption request will be returned to the redeemer, - the request will be moved from pending redemptions to timed-out redemptions. - if the state of the wallet is `Live` or `MovingFunds`, the wallet operators will be slashed and the notifier will be rewarded - if the state of wallet is `Live`, the wallet will be closed or marked as `MovingFunds` (depending on the presence or absence of the wallet's main UTXO) and the wallet will no longer be marked as the active wallet (if it was marked as such).\"},\"notifyWalletClosingPeriodElapsed(bytes20)\":{\"notice\":\"Notifies about the end of the closing period for the given wallet. Closes the wallet ultimately and notifies the ECDSA registry about this fact.\"},\"pendingRedemptions(uint256)\":{\"notice\":\"Collection of all pending redemption requests indexed by redemption key built as keccak256(walletPubKeyHash | redeemerOutputScript). The walletPubKeyHash is the 20-byte wallet's public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) and redeemerOutputScript is a Bitcoin script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock redeemed BTC as requested by the redeemer. Requests are added to this mapping by the `requestRedemption` method (duplicates not allowed) and are removed by one of the following methods: - `submitRedemptionProof` in case the request was handled successfully - `notifyRedemptionTimeout` in case the request was reported to be timed out\"},\"redemptionParameters()\":{\"notice\":\"Returns the current values of Bridge redemption parameters.\"},\"requestNewWallet((bytes32,uint32,uint64))\":{\"notice\":\"Requests creation of a new wallet. This function just forms a request and the creation process is performed asynchronously. Once a wallet is created, the ECDSA Wallet Registry will notify this contract by calling the `__ecdsaWalletCreatedCallback` function.\"},\"requestRedemption(bytes20,(bytes32,uint32,uint64),bytes,uint64)\":{\"notice\":\"Requests redemption of the given amount from the specified wallet to the redeemer Bitcoin output script.\"},\"revealDeposit((bytes4,bytes,bytes,bytes4),(uint32,address,bytes8,bytes20,bytes20,bytes4,address))\":{\"notice\":\"Used by the depositor to reveal information about their P2(W)SH Bitcoin deposit to the Bridge on Ethereum chain. The off-chain wallet listens for revealed deposit events and may decide to include the revealed deposit in the next executed sweep. Information about the Bitcoin deposit can be revealed before or after the Bitcoin transaction with P2(W)SH deposit is mined on the Bitcoin chain. Worth noting, the gas cost of this function scales with the number of P2(W)SH transaction inputs and outputs. The deposit may be routed to one of the trusted vaults. When a deposit is routed to a vault, vault gets notified when the deposit gets swept and it may execute the appropriate action.\"},\"setVaultStatus(address,bool)\":{\"notice\":\"Allows the Governance to mark the given vault address as trusted or no longer trusted. Vaults are not trusted by default. Trusted vault must meet the following criteria: - `IVault.receiveBalanceIncrease` must have a known, low gas cost. - `IVault.receiveBalanceIncrease` must never revert.\"},\"spentMainUTXOs(uint256)\":{\"notice\":\"Collection of main UTXOs that are honestly spent indexed by keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash is bytes32 (ordered as in Bitcoin internally) and fundingOutputIndex an uint32. A main UTXO is considered honestly spent if it was used as an input of a transaction that have been proven in the Bridge.\"},\"submitFraudChallenge(bytes,bytes32,(bytes32,bytes32,uint8))\":{\"notice\":\"Submits a fraud challenge indicating that a UTXO being under wallet control was unlocked by the wallet but was not used according to the protocol rules. That means the wallet signed a transaction input pointing to that UTXO and there is a unique sighash and signature pair associated with that input. This function uses those parameters to create a fraud accusation that proves a given transaction input unlocking the given UTXO was actually signed by the wallet. This function cannot determine whether the transaction was actually broadcast and the input was consumed in a fraudulent way so it just opens a challenge period during which the wallet can defeat the challenge by submitting proof of a transaction that consumes the given input according to protocol rules. To prevent spurious allegations, the caller must deposit ETH that is returned back upon justified fraud challenge or confiscated otherwise.\"},\"submitMovingFundsCommitment(bytes20,(bytes32,uint32,uint64),uint32[],uint256,bytes20[])\":{\"notice\":\"Submits the moving funds target wallets commitment. Once all requirements are met, that function registers the target wallets commitment and opens the way for moving funds proof submission.\"},\"submitMovingFundsProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"notice\":\"Used by the wallet to prove the BTC moving funds transaction and to make the necessary state changes. Moving funds is only accepted if it satisfies SPV proof. The function validates the moving funds transaction structure by checking if it actually spends the main UTXO of the declared wallet and locks the value on the pre-committed target wallets using a reasonable transaction fee. If all preconditions are met, this functions closes the source wallet. It is possible to prove the given moving funds transaction only one time.\"},\"submitRedemptionProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"notice\":\"Used by the wallet to prove the BTC redemption transaction and to make the necessary bookkeeping. Redemption is only accepted if it satisfies SPV proof. The function is performing Bank balance updates by burning the total redeemed Bitcoin amount from Bridge balance and transferring the treasury fee sum to the treasury address. It is possible to prove the given redemption only one time.\"},\"submitSweepProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64))\":{\"notice\":\"Used by the wallet to prove the BTC deposit sweep transaction and to update Bank balances accordingly. Sweep is only accepted if it satisfies SPV proof. The function is performing Bank balance updates by first computing the Bitcoin fee for the sweep transaction. The fee is divided evenly between all swept deposits. Each depositor receives a balance in the bank equal to the amount inferred during the reveal transaction, minus their fee share. It is possible to prove the given sweep only one time.\"},\"timedOutRedemptions(uint256)\":{\"notice\":\"Collection of all timed out redemptions requests indexed by redemption key built as keccak256(walletPubKeyHash | redeemerOutputScript). The walletPubKeyHash is the 20-byte wallet's public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) and redeemerOutputScript is the Bitcoin script (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed out request. Timed out requests are stored in this mapping to avoid slashing the wallets multiple times for the same timeout. Only one method can add to this mapping: - `notifyRedemptionTimeout` which puts the redemption key to this mapping basing on a timed out request stored previously in `pendingRedemptions` mapping.\"},\"transferGovernance(address)\":{\"notice\":\"Transfers governance of the contract to `newGovernance`.\"},\"treasury()\":{\"notice\":\"Address where the deposit treasury fees will be sent to. Treasury takes part in the operators rewarding process.\"},\"txProofDifficultyFactor()\":{\"notice\":\"The number of confirmations on the Bitcoin chain required to successfully evaluate an SPV proof.\"},\"updateDepositParameters(uint64,uint64,uint64)\":{\"notice\":\"of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the depositor\"},\"updateFraudParameters(uint96,uint256,uint256,uint256)\":{\"notice\":\"Updates parameters related to frauds.\"},\"updateRedemptionParameters(uint64,uint64,uint64,uint256,uint96,uint256)\":{\"notice\":\"Updates parameters of redemptions.\"},\"wallets(bytes20)\":{\"notice\":\"Gets details about a registered wallet.\"}},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/test/BridgeStub.sol\":\"BridgeStub\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000},\"remappings\":[]},\"sources\":{\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title BitcoinSPV */\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {SafeMath} from \\\"./SafeMath.sol\\\";\\n\\nlibrary BTCUtils {\\n using BytesLib for bytes;\\n using SafeMath for uint256;\\n\\n // The target at minimum Difficulty. Also the target of the genesis block\\n uint256 public constant DIFF1_TARGET = 0xffff0000000000000000000000000000000000000000000000000000;\\n\\n uint256 public constant RETARGET_PERIOD = 2 * 7 * 24 * 60 * 60; // 2 weeks in seconds\\n uint256 public constant RETARGET_PERIOD_BLOCKS = 2016; // 2 weeks in blocks\\n\\n uint256 public constant ERR_BAD_ARG = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff;\\n\\n /* ***** */\\n /* UTILS */\\n /* ***** */\\n\\n /// @notice Determines the length of a VarInt in bytes\\n /// @dev A VarInt of >1 byte is prefixed with a flag indicating its length\\n /// @param _flag The first byte of a VarInt\\n /// @return The number of non-flag bytes in the VarInt\\n function determineVarIntDataLength(bytes memory _flag) internal pure returns (uint8) {\\n return determineVarIntDataLengthAt(_flag, 0);\\n }\\n\\n /// @notice Determines the length of a VarInt in bytes\\n /// @dev A VarInt of >1 byte is prefixed with a flag indicating its length\\n /// @param _b The byte array containing a VarInt\\n /// @param _at The position of the VarInt in the array\\n /// @return The number of non-flag bytes in the VarInt\\n function determineVarIntDataLengthAt(bytes memory _b, uint256 _at) internal pure returns (uint8) {\\n if (uint8(_b[_at]) == 0xff) {\\n return 8; // one-byte flag, 8 bytes data\\n }\\n if (uint8(_b[_at]) == 0xfe) {\\n return 4; // one-byte flag, 4 bytes data\\n }\\n if (uint8(_b[_at]) == 0xfd) {\\n return 2; // one-byte flag, 2 bytes data\\n }\\n\\n return 0; // flag is data\\n }\\n\\n /// @notice Parse a VarInt into its data length and the number it represents\\n /// @dev Useful for Parsing Vins and Vouts. Returns ERR_BAD_ARG if insufficient bytes.\\n /// Caller SHOULD explicitly handle this case (or bubble it up)\\n /// @param _b A byte-string starting with a VarInt\\n /// @return number of bytes in the encoding (not counting the tag), the encoded int\\n function parseVarInt(bytes memory _b) internal pure returns (uint256, uint256) {\\n return parseVarIntAt(_b, 0);\\n }\\n\\n /// @notice Parse a VarInt into its data length and the number it represents\\n /// @dev Useful for Parsing Vins and Vouts. Returns ERR_BAD_ARG if insufficient bytes.\\n /// Caller SHOULD explicitly handle this case (or bubble it up)\\n /// @param _b A byte-string containing a VarInt\\n /// @param _at The position of the VarInt\\n /// @return number of bytes in the encoding (not counting the tag), the encoded int\\n function parseVarIntAt(bytes memory _b, uint256 _at) internal pure returns (uint256, uint256) {\\n uint8 _dataLen = determineVarIntDataLengthAt(_b, _at);\\n\\n if (_dataLen == 0) {\\n return (0, uint8(_b[_at]));\\n }\\n if (_b.length < 1 + _dataLen + _at) {\\n return (ERR_BAD_ARG, 0);\\n }\\n uint256 _number;\\n if (_dataLen == 2) {\\n _number = reverseUint16(uint16(_b.slice2(1 + _at)));\\n } else if (_dataLen == 4) {\\n _number = reverseUint32(uint32(_b.slice4(1 + _at)));\\n } else if (_dataLen == 8) {\\n _number = reverseUint64(uint64(_b.slice8(1 + _at)));\\n }\\n return (_dataLen, _number);\\n }\\n\\n /// @notice Changes the endianness of a byte array\\n /// @dev Returns a new, backwards, bytes\\n /// @param _b The bytes to reverse\\n /// @return The reversed bytes\\n function reverseEndianness(bytes memory _b) internal pure returns (bytes memory) {\\n bytes memory _newValue = new bytes(_b.length);\\n\\n for (uint i = 0; i < _b.length; i++) {\\n _newValue[_b.length - i - 1] = _b[i];\\n }\\n\\n return _newValue;\\n }\\n\\n /// @notice Changes the endianness of a uint256\\n /// @dev https://graphics.stanford.edu/~seander/bithacks.html#ReverseParallel\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint256(uint256 _b) internal pure returns (uint256 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) |\\n ((v & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = ((v >> 16) & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) |\\n ((v & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) << 16);\\n // swap 4-byte long pairs\\n v = ((v >> 32) & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) |\\n ((v & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) << 32);\\n // swap 8-byte long pairs\\n v = ((v >> 64) & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) |\\n ((v & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) << 64);\\n // swap 16-byte long pairs\\n v = (v >> 128) | (v << 128);\\n }\\n\\n /// @notice Changes the endianness of a uint64\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint64(uint64 _b) internal pure returns (uint64 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF00FF00FF) |\\n ((v & 0x00FF00FF00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = ((v >> 16) & 0x0000FFFF0000FFFF) |\\n ((v & 0x0000FFFF0000FFFF) << 16);\\n // swap 4-byte long pairs\\n v = (v >> 32) | (v << 32);\\n }\\n\\n /// @notice Changes the endianness of a uint32\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint32(uint32 _b) internal pure returns (uint32 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF) |\\n ((v & 0x00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = (v >> 16) | (v << 16);\\n }\\n\\n /// @notice Changes the endianness of a uint24\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint24(uint24 _b) internal pure returns (uint24 v) {\\n v = (_b << 16) | (_b & 0x00FF00) | (_b >> 16);\\n }\\n\\n /// @notice Changes the endianness of a uint16\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint16(uint16 _b) internal pure returns (uint16 v) {\\n v = (_b << 8) | (_b >> 8);\\n }\\n\\n\\n /// @notice Converts big-endian bytes to a uint\\n /// @dev Traverses the byte array and sums the bytes\\n /// @param _b The big-endian bytes-encoded integer\\n /// @return The integer representation\\n function bytesToUint(bytes memory _b) internal pure returns (uint256) {\\n uint256 _number;\\n\\n for (uint i = 0; i < _b.length; i++) {\\n _number = _number + uint8(_b[i]) * (2 ** (8 * (_b.length - (i + 1))));\\n }\\n\\n return _number;\\n }\\n\\n /// @notice Get the last _num bytes from a byte array\\n /// @param _b The byte array to slice\\n /// @param _num The number of bytes to extract from the end\\n /// @return The last _num bytes of _b\\n function lastBytes(bytes memory _b, uint256 _num) internal pure returns (bytes memory) {\\n uint256 _start = _b.length.sub(_num);\\n\\n return _b.slice(_start, _num);\\n }\\n\\n /// @notice Implements bitcoin's hash160 (rmd160(sha2()))\\n /// @dev abi.encodePacked changes the return to bytes instead of bytes32\\n /// @param _b The pre-image\\n /// @return The digest\\n function hash160(bytes memory _b) internal pure returns (bytes memory) {\\n return abi.encodePacked(ripemd160(abi.encodePacked(sha256(_b))));\\n }\\n\\n /// @notice Implements bitcoin's hash160 (sha2 + ripemd160)\\n /// @dev sha2 precompile at address(2), ripemd160 at address(3)\\n /// @param _b The pre-image\\n /// @return res The digest\\n function hash160View(bytes memory _b) internal view returns (bytes20 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n pop(staticcall(gas(), 2, add(_b, 32), mload(_b), 0x00, 32))\\n pop(staticcall(gas(), 3, 0x00, 32, 0x00, 32))\\n // read from position 12 = 0c\\n res := mload(0x0c)\\n }\\n }\\n\\n /// @notice Implements bitcoin's hash256 (double sha2)\\n /// @dev abi.encodePacked changes the return to bytes instead of bytes32\\n /// @param _b The pre-image\\n /// @return The digest\\n function hash256(bytes memory _b) internal pure returns (bytes32) {\\n return sha256(abi.encodePacked(sha256(_b)));\\n }\\n\\n /// @notice Implements bitcoin's hash256 (double sha2)\\n /// @dev sha2 is precompiled smart contract located at address(2)\\n /// @param _b The pre-image\\n /// @return res The digest\\n function hash256View(bytes memory _b) internal view returns (bytes32 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n pop(staticcall(gas(), 2, add(_b, 32), mload(_b), 0x00, 32))\\n pop(staticcall(gas(), 2, 0x00, 32, 0x00, 32))\\n res := mload(0x00)\\n }\\n }\\n\\n /// @notice Implements bitcoin's hash256 on a pair of bytes32\\n /// @dev sha2 is precompiled smart contract located at address(2)\\n /// @param _a The first bytes32 of the pre-image\\n /// @param _b The second bytes32 of the pre-image\\n /// @return res The digest\\n function hash256Pair(bytes32 _a, bytes32 _b) internal view returns (bytes32 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n mstore(0x00, _a)\\n mstore(0x20, _b)\\n pop(staticcall(gas(), 2, 0x00, 64, 0x00, 32))\\n pop(staticcall(gas(), 2, 0x00, 32, 0x00, 32))\\n res := mload(0x00)\\n }\\n }\\n\\n /* ************ */\\n /* Legacy Input */\\n /* ************ */\\n\\n /// @notice Extracts the nth input from the vin (0-indexed)\\n /// @dev Iterates over the vin. If you need to extract several, write a custom function\\n /// @param _vin The vin as a tightly-packed byte array\\n /// @param _index The 0-indexed location of the input to extract\\n /// @return The input as a byte array\\n function extractInputAtIndex(bytes memory _vin, uint256 _index) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _nIns;\\n\\n (_varIntDataLen, _nIns) = parseVarInt(_vin);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Read overrun during VarInt parsing\\\");\\n require(_index < _nIns, \\\"Vin read overrun\\\");\\n\\n uint256 _len = 0;\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 _i = 0; _i < _index; _i ++) {\\n _len = determineInputLengthAt(_vin, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n _offset = _offset + _len;\\n }\\n\\n _len = determineInputLengthAt(_vin, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _vin.slice(_offset, _len);\\n }\\n\\n /// @notice Determines whether an input is legacy\\n /// @dev False if no scriptSig, otherwise True\\n /// @param _input The input\\n /// @return True for legacy, False for witness\\n function isLegacyInput(bytes memory _input) internal pure returns (bool) {\\n return _input[36] != hex\\\"00\\\";\\n }\\n\\n /// @notice Determines the length of a scriptSig in an input\\n /// @dev Will return 0 if passed a witness input.\\n /// @param _input The LEGACY input\\n /// @return The length of the script sig\\n function extractScriptSigLen(bytes memory _input) internal pure returns (uint256, uint256) {\\n return extractScriptSigLenAt(_input, 0);\\n }\\n\\n /// @notice Determines the length of a scriptSig in an input\\n /// starting at the specified position\\n /// @dev Will return 0 if passed a witness input.\\n /// @param _input The byte array containing the LEGACY input\\n /// @param _at The position of the input in the array\\n /// @return The length of the script sig\\n function extractScriptSigLenAt(bytes memory _input, uint256 _at) internal pure returns (uint256, uint256) {\\n if (_input.length < 37 + _at) {\\n return (ERR_BAD_ARG, 0);\\n }\\n\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = parseVarIntAt(_input, _at + 36);\\n\\n return (_varIntDataLen, _scriptSigLen);\\n }\\n\\n /// @notice Determines the length of an input from its scriptSig\\n /// @dev 36 for outpoint, 1 for scriptSig length, 4 for sequence\\n /// @param _input The input\\n /// @return The length of the input in bytes\\n function determineInputLength(bytes memory _input) internal pure returns (uint256) {\\n return determineInputLengthAt(_input, 0);\\n }\\n\\n /// @notice Determines the length of an input from its scriptSig,\\n /// starting at the specified position\\n /// @dev 36 for outpoint, 1 for scriptSig length, 4 for sequence\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input in the array\\n /// @return The length of the input in bytes\\n function determineInputLengthAt(bytes memory _input, uint256 _at) internal pure returns (uint256) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLenAt(_input, _at);\\n if (_varIntDataLen == ERR_BAD_ARG) {\\n return ERR_BAD_ARG;\\n }\\n\\n return 36 + 1 + _varIntDataLen + _scriptSigLen + 4;\\n }\\n\\n /// @notice Extracts the LE sequence bytes from an input\\n /// @dev Sequence is used for relative time locks\\n /// @param _input The LEGACY input\\n /// @return The sequence bytes (LE uint)\\n function extractSequenceLELegacy(bytes memory _input) internal pure returns (bytes4) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLen(_input);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _input.slice4(36 + 1 + _varIntDataLen + _scriptSigLen);\\n }\\n\\n /// @notice Extracts the sequence from the input\\n /// @dev Sequence is a 4-byte little-endian number\\n /// @param _input The LEGACY input\\n /// @return The sequence number (big-endian uint)\\n function extractSequenceLegacy(bytes memory _input) internal pure returns (uint32) {\\n uint32 _leSeqence = uint32(extractSequenceLELegacy(_input));\\n uint32 _beSequence = reverseUint32(_leSeqence);\\n return _beSequence;\\n }\\n /// @notice Extracts the VarInt-prepended scriptSig from the input in a tx\\n /// @dev Will return hex\\\"00\\\" if passed a witness input\\n /// @param _input The LEGACY input\\n /// @return The length-prepended scriptSig\\n function extractScriptSig(bytes memory _input) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLen(_input);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _input.slice(36, 1 + _varIntDataLen + _scriptSigLen);\\n }\\n\\n\\n /* ************* */\\n /* Witness Input */\\n /* ************* */\\n\\n /// @notice Extracts the LE sequence bytes from an input\\n /// @dev Sequence is used for relative time locks\\n /// @param _input The WITNESS input\\n /// @return The sequence bytes (LE uint)\\n function extractSequenceLEWitness(bytes memory _input) internal pure returns (bytes4) {\\n return _input.slice4(37);\\n }\\n\\n /// @notice Extracts the sequence from the input in a tx\\n /// @dev Sequence is a 4-byte little-endian number\\n /// @param _input The WITNESS input\\n /// @return The sequence number (big-endian uint)\\n function extractSequenceWitness(bytes memory _input) internal pure returns (uint32) {\\n uint32 _leSeqence = uint32(extractSequenceLEWitness(_input));\\n uint32 _inputeSequence = reverseUint32(_leSeqence);\\n return _inputeSequence;\\n }\\n\\n /// @notice Extracts the outpoint from the input in a tx\\n /// @dev 32-byte tx id with 4-byte index\\n /// @param _input The input\\n /// @return The outpoint (LE bytes of prev tx hash + LE bytes of prev tx index)\\n function extractOutpoint(bytes memory _input) internal pure returns (bytes memory) {\\n return _input.slice(0, 36);\\n }\\n\\n /// @notice Extracts the outpoint tx id from an input\\n /// @dev 32-byte tx id\\n /// @param _input The input\\n /// @return The tx id (little-endian bytes)\\n function extractInputTxIdLE(bytes memory _input) internal pure returns (bytes32) {\\n return _input.slice32(0);\\n }\\n\\n /// @notice Extracts the outpoint tx id from an input\\n /// starting at the specified position\\n /// @dev 32-byte tx id\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input\\n /// @return The tx id (little-endian bytes)\\n function extractInputTxIdLeAt(bytes memory _input, uint256 _at) internal pure returns (bytes32) {\\n return _input.slice32(_at);\\n }\\n\\n /// @notice Extracts the LE tx input index from the input in a tx\\n /// @dev 4-byte tx index\\n /// @param _input The input\\n /// @return The tx index (little-endian bytes)\\n function extractTxIndexLE(bytes memory _input) internal pure returns (bytes4) {\\n return _input.slice4(32);\\n }\\n\\n /// @notice Extracts the LE tx input index from the input in a tx\\n /// starting at the specified position\\n /// @dev 4-byte tx index\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input\\n /// @return The tx index (little-endian bytes)\\n function extractTxIndexLeAt(bytes memory _input, uint256 _at) internal pure returns (bytes4) {\\n return _input.slice4(32 + _at);\\n }\\n\\n /* ****** */\\n /* Output */\\n /* ****** */\\n\\n /// @notice Determines the length of an output\\n /// @dev Works with any properly formatted output\\n /// @param _output The output\\n /// @return The length indicated by the prefix, error if invalid length\\n function determineOutputLength(bytes memory _output) internal pure returns (uint256) {\\n return determineOutputLengthAt(_output, 0);\\n }\\n\\n /// @notice Determines the length of an output\\n /// starting at the specified position\\n /// @dev Works with any properly formatted output\\n /// @param _output The byte array containing the output\\n /// @param _at The position of the output\\n /// @return The length indicated by the prefix, error if invalid length\\n function determineOutputLengthAt(bytes memory _output, uint256 _at) internal pure returns (uint256) {\\n if (_output.length < 9 + _at) {\\n return ERR_BAD_ARG;\\n }\\n uint256 _varIntDataLen;\\n uint256 _scriptPubkeyLength;\\n (_varIntDataLen, _scriptPubkeyLength) = parseVarIntAt(_output, 8 + _at);\\n\\n if (_varIntDataLen == ERR_BAD_ARG) {\\n return ERR_BAD_ARG;\\n }\\n\\n // 8-byte value, 1-byte for tag itself\\n return 8 + 1 + _varIntDataLen + _scriptPubkeyLength;\\n }\\n\\n /// @notice Extracts the output at a given index in the TxOuts vector\\n /// @dev Iterates over the vout. If you need to extract multiple, write a custom function\\n /// @param _vout The _vout to extract from\\n /// @param _index The 0-indexed location of the output to extract\\n /// @return The specified output\\n function extractOutputAtIndex(bytes memory _vout, uint256 _index) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _nOuts;\\n\\n (_varIntDataLen, _nOuts) = parseVarInt(_vout);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Read overrun during VarInt parsing\\\");\\n require(_index < _nOuts, \\\"Vout read overrun\\\");\\n\\n uint256 _len = 0;\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 _i = 0; _i < _index; _i ++) {\\n _len = determineOutputLengthAt(_vout, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptPubkey\\\");\\n _offset += _len;\\n }\\n\\n _len = determineOutputLengthAt(_vout, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptPubkey\\\");\\n return _vout.slice(_offset, _len);\\n }\\n\\n /// @notice Extracts the value bytes from the output in a tx\\n /// @dev Value is an 8-byte little-endian number\\n /// @param _output The output\\n /// @return The output value as LE bytes\\n function extractValueLE(bytes memory _output) internal pure returns (bytes8) {\\n return _output.slice8(0);\\n }\\n\\n /// @notice Extracts the value from the output in a tx\\n /// @dev Value is an 8-byte little-endian number\\n /// @param _output The output\\n /// @return The output value\\n function extractValue(bytes memory _output) internal pure returns (uint64) {\\n uint64 _leValue = uint64(extractValueLE(_output));\\n uint64 _beValue = reverseUint64(_leValue);\\n return _beValue;\\n }\\n\\n /// @notice Extracts the data from an op return output\\n /// @dev Returns hex\\\"\\\" if no data or not an op return\\n /// @param _output The output\\n /// @return Any data contained in the opreturn output, null if not an op return\\n function extractOpReturnData(bytes memory _output) internal pure returns (bytes memory) {\\n if (_output[9] != hex\\\"6a\\\") {\\n return hex\\\"\\\";\\n }\\n bytes1 _dataLen = _output[10];\\n return _output.slice(11, uint256(uint8(_dataLen)));\\n }\\n\\n /// @notice Extracts the hash from the output script\\n /// @dev Determines type by the length prefix and validates format\\n /// @param _output The output\\n /// @return The hash committed to by the pk_script, or null for errors\\n function extractHash(bytes memory _output) internal pure returns (bytes memory) {\\n uint8 _scriptLen = uint8(_output[8]);\\n\\n // don't have to worry about overflow here.\\n // if _scriptLen + 9 overflows, then output.length would have to be < 9\\n // for this check to pass. if it's < 9, then we errored when assigning\\n // _scriptLen\\n if (_scriptLen + 9 != _output.length) {\\n return hex\\\"\\\";\\n }\\n\\n if (uint8(_output[9]) == 0) {\\n if (_scriptLen < 2) {\\n return hex\\\"\\\";\\n }\\n uint256 _payloadLen = uint8(_output[10]);\\n // Check for maliciously formatted witness outputs.\\n // No need to worry about underflow as long b/c of the `< 2` check\\n if (_payloadLen != _scriptLen - 2 || (_payloadLen != 0x20 && _payloadLen != 0x14)) {\\n return hex\\\"\\\";\\n }\\n return _output.slice(11, _payloadLen);\\n } else {\\n bytes3 _tag = _output.slice3(8);\\n // p2pkh\\n if (_tag == hex\\\"1976a9\\\") {\\n // Check for maliciously formatted p2pkh\\n // No need to worry about underflow, b/c of _scriptLen check\\n if (uint8(_output[11]) != 0x14 ||\\n _output.slice2(_output.length - 2) != hex\\\"88ac\\\") {\\n return hex\\\"\\\";\\n }\\n return _output.slice(12, 20);\\n //p2sh\\n } else if (_tag == hex\\\"17a914\\\") {\\n // Check for maliciously formatted p2sh\\n // No need to worry about underflow, b/c of _scriptLen check\\n if (uint8(_output[_output.length - 1]) != 0x87) {\\n return hex\\\"\\\";\\n }\\n return _output.slice(11, 20);\\n }\\n }\\n return hex\\\"\\\"; /* NB: will trigger on OPRETURN and any non-standard that doesn't overrun */\\n }\\n\\n /* ********** */\\n /* Witness TX */\\n /* ********** */\\n\\n\\n /// @notice Checks that the vin passed up is properly formatted\\n /// @dev Consider a vin with a valid vout in its scriptsig\\n /// @param _vin Raw bytes length-prefixed input vector\\n /// @return True if it represents a validly formatted vin\\n function validateVin(bytes memory _vin) internal pure returns (bool) {\\n uint256 _varIntDataLen;\\n uint256 _nIns;\\n\\n (_varIntDataLen, _nIns) = parseVarInt(_vin);\\n\\n // Not valid if it says there are too many or no inputs\\n if (_nIns == 0 || _varIntDataLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 i = 0; i < _nIns; i++) {\\n // If we're at the end, but still expect more\\n if (_offset >= _vin.length) {\\n return false;\\n }\\n\\n // Grab the next input and determine its length.\\n uint256 _nextLen = determineInputLengthAt(_vin, _offset);\\n if (_nextLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n // Increase the offset by that much\\n _offset += _nextLen;\\n }\\n\\n // Returns false if we're not exactly at the end\\n return _offset == _vin.length;\\n }\\n\\n /// @notice Checks that the vout passed up is properly formatted\\n /// @dev Consider a vout with a valid scriptpubkey\\n /// @param _vout Raw bytes length-prefixed output vector\\n /// @return True if it represents a validly formatted vout\\n function validateVout(bytes memory _vout) internal pure returns (bool) {\\n uint256 _varIntDataLen;\\n uint256 _nOuts;\\n\\n (_varIntDataLen, _nOuts) = parseVarInt(_vout);\\n\\n // Not valid if it says there are too many or no outputs\\n if (_nOuts == 0 || _varIntDataLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 i = 0; i < _nOuts; i++) {\\n // If we're at the end, but still expect more\\n if (_offset >= _vout.length) {\\n return false;\\n }\\n\\n // Grab the next output and determine its length.\\n // Increase the offset by that much\\n uint256 _nextLen = determineOutputLengthAt(_vout, _offset);\\n if (_nextLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n _offset += _nextLen;\\n }\\n\\n // Returns false if we're not exactly at the end\\n return _offset == _vout.length;\\n }\\n\\n\\n\\n /* ************ */\\n /* Block Header */\\n /* ************ */\\n\\n /// @notice Extracts the transaction merkle root from a block header\\n /// @dev Use verifyHash256Merkle to verify proofs with this root\\n /// @param _header The header\\n /// @return The merkle root (little-endian)\\n function extractMerkleRootLE(bytes memory _header) internal pure returns (bytes32) {\\n return _header.slice32(36);\\n }\\n\\n /// @notice Extracts the target from a block header\\n /// @dev Target is a 256-bit number encoded as a 3-byte mantissa and 1-byte exponent\\n /// @param _header The header\\n /// @return The target threshold\\n function extractTarget(bytes memory _header) internal pure returns (uint256) {\\n uint24 _m = uint24(_header.slice3(72));\\n uint8 _e = uint8(_header[75]);\\n uint256 _mantissa = uint256(reverseUint24(_m));\\n uint _exponent = _e - 3;\\n\\n return _mantissa * (256 ** _exponent);\\n }\\n\\n /// @notice Calculate difficulty from the difficulty 1 target and current target\\n /// @dev Difficulty 1 is 0x1d00ffff on mainnet and testnet\\n /// @dev Difficulty 1 is a 256-bit number encoded as a 3-byte mantissa and 1-byte exponent\\n /// @param _target The current target\\n /// @return The block difficulty (bdiff)\\n function calculateDifficulty(uint256 _target) internal pure returns (uint256) {\\n // Difficulty 1 calculated from 0x1d00ffff\\n return DIFF1_TARGET.div(_target);\\n }\\n\\n /// @notice Extracts the previous block's hash from a block header\\n /// @dev Block headers do NOT include block number :(\\n /// @param _header The header\\n /// @return The previous block's hash (little-endian)\\n function extractPrevBlockLE(bytes memory _header) internal pure returns (bytes32) {\\n return _header.slice32(4);\\n }\\n\\n /// @notice Extracts the timestamp from a block header\\n /// @dev Time is not 100% reliable\\n /// @param _header The header\\n /// @return The timestamp (little-endian bytes)\\n function extractTimestampLE(bytes memory _header) internal pure returns (bytes4) {\\n return _header.slice4(68);\\n }\\n\\n /// @notice Extracts the timestamp from a block header\\n /// @dev Time is not 100% reliable\\n /// @param _header The header\\n /// @return The timestamp (uint)\\n function extractTimestamp(bytes memory _header) internal pure returns (uint32) {\\n return reverseUint32(uint32(extractTimestampLE(_header)));\\n }\\n\\n /// @notice Extracts the expected difficulty from a block header\\n /// @dev Does NOT verify the work\\n /// @param _header The header\\n /// @return The difficulty as an integer\\n function extractDifficulty(bytes memory _header) internal pure returns (uint256) {\\n return calculateDifficulty(extractTarget(_header));\\n }\\n\\n /// @notice Concatenates and hashes two inputs for merkle proving\\n /// @param _a The first hash\\n /// @param _b The second hash\\n /// @return The double-sha256 of the concatenated hashes\\n function _hash256MerkleStep(bytes memory _a, bytes memory _b) internal view returns (bytes32) {\\n return hash256View(abi.encodePacked(_a, _b));\\n }\\n\\n /// @notice Concatenates and hashes two inputs for merkle proving\\n /// @param _a The first hash\\n /// @param _b The second hash\\n /// @return The double-sha256 of the concatenated hashes\\n function _hash256MerkleStep(bytes32 _a, bytes32 _b) internal view returns (bytes32) {\\n return hash256Pair(_a, _b);\\n }\\n\\n\\n /// @notice Verifies a Bitcoin-style merkle tree\\n /// @dev Leaves are 0-indexed. Inefficient version.\\n /// @param _proof The proof. Tightly packed LE sha256 hashes. The last hash is the root\\n /// @param _index The index of the leaf\\n /// @return true if the proof is valid, else false\\n function verifyHash256Merkle(bytes memory _proof, uint _index) internal view returns (bool) {\\n // Not an even number of hashes\\n if (_proof.length % 32 != 0) {\\n return false;\\n }\\n\\n // Special case for coinbase-only blocks\\n if (_proof.length == 32) {\\n return true;\\n }\\n\\n // Should never occur\\n if (_proof.length == 64) {\\n return false;\\n }\\n\\n bytes32 _root = _proof.slice32(_proof.length - 32);\\n bytes32 _current = _proof.slice32(0);\\n bytes memory _tree = _proof.slice(32, _proof.length - 64);\\n\\n return verifyHash256Merkle(_current, _tree, _root, _index);\\n }\\n\\n /// @notice Verifies a Bitcoin-style merkle tree\\n /// @dev Leaves are 0-indexed. Efficient version.\\n /// @param _leaf The leaf of the proof. LE sha256 hash.\\n /// @param _tree The intermediate nodes in the proof.\\n /// Tightly packed LE sha256 hashes.\\n /// @param _root The root of the proof. LE sha256 hash.\\n /// @param _index The index of the leaf\\n /// @return true if the proof is valid, else false\\n function verifyHash256Merkle(\\n bytes32 _leaf,\\n bytes memory _tree,\\n bytes32 _root,\\n uint _index\\n ) internal view returns (bool) {\\n // Not an even number of hashes\\n if (_tree.length % 32 != 0) {\\n return false;\\n }\\n\\n // Should never occur\\n if (_tree.length == 0) {\\n return false;\\n }\\n\\n uint _idx = _index;\\n bytes32 _current = _leaf;\\n\\n // i moves in increments of 32\\n for (uint i = 0; i < _tree.length; i += 32) {\\n if (_idx % 2 == 1) {\\n _current = _hash256MerkleStep(_tree.slice32(i), _current);\\n } else {\\n _current = _hash256MerkleStep(_current, _tree.slice32(i));\\n }\\n _idx = _idx >> 1;\\n }\\n return _current == _root;\\n }\\n\\n /*\\n NB: https://github.com/bitcoin/bitcoin/blob/78dae8caccd82cfbfd76557f1fb7d7557c7b5edb/src/pow.cpp#L49-L72\\n NB: We get a full-bitlength target from this. For comparison with\\n header-encoded targets we need to mask it with the header target\\n e.g. (full & truncated) == truncated\\n */\\n /// @notice performs the bitcoin difficulty retarget\\n /// @dev implements the Bitcoin algorithm precisely\\n /// @param _previousTarget the target of the previous period\\n /// @param _firstTimestamp the timestamp of the first block in the difficulty period\\n /// @param _secondTimestamp the timestamp of the last block in the difficulty period\\n /// @return the new period's target threshold\\n function retargetAlgorithm(\\n uint256 _previousTarget,\\n uint256 _firstTimestamp,\\n uint256 _secondTimestamp\\n ) internal pure returns (uint256) {\\n uint256 _elapsedTime = _secondTimestamp.sub(_firstTimestamp);\\n\\n // Normalize ratio to factor of 4 if very long or very short\\n if (_elapsedTime < RETARGET_PERIOD.div(4)) {\\n _elapsedTime = RETARGET_PERIOD.div(4);\\n }\\n if (_elapsedTime > RETARGET_PERIOD.mul(4)) {\\n _elapsedTime = RETARGET_PERIOD.mul(4);\\n }\\n\\n /*\\n NB: high targets e.g. ffff0020 can cause overflows here\\n so we divide it by 256**2, then multiply by 256**2 later\\n we know the target is evenly divisible by 256**2, so this isn't an issue\\n */\\n\\n uint256 _adjusted = _previousTarget.div(65536).mul(_elapsedTime);\\n return _adjusted.div(RETARGET_PERIOD).mul(65536);\\n }\\n}\\n\",\"keccak256\":\"0x0f6b9a8deec659541f8bf2e5c4ecf4596ffa7502f7a8f4d9e88a681a01ef0dfb\"},\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/*\\n\\nhttps://github.com/GNSPS/solidity-bytes-utils/\\n\\nThis is free and unencumbered software released into the public domain.\\n\\nAnyone is free to copy, modify, publish, use, compile, sell, or\\ndistribute this software, either in source code form or as a compiled\\nbinary, for any purpose, commercial or non-commercial, and by any\\nmeans.\\n\\nIn jurisdictions that recognize copyright laws, the author or authors\\nof this software dedicate any and all copyright interest in the\\nsoftware to the public domain. We make this dedication for the benefit\\nof the public at large and to the detriment of our heirs and\\nsuccessors. We intend this dedication to be an overt act of\\nrelinquishment in perpetuity of all present and future rights to this\\nsoftware under copyright law.\\n\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND,\\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR\\nOTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,\\nARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR\\nOTHER DEALINGS IN THE SOFTWARE.\\n\\nFor more information, please refer to <https://unlicense.org>\\n*/\\n\\n\\n/** @title BytesLib **/\\n/** @author https://github.com/GNSPS **/\\n\\nlibrary BytesLib {\\n function concat(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bytes memory) {\\n bytes memory tempBytes;\\n\\n assembly {\\n // Get a location of some free memory and store it in tempBytes as\\n // Solidity does for memory variables.\\n tempBytes := mload(0x40)\\n\\n // Store the length of the first bytes array at the beginning of\\n // the memory for tempBytes.\\n let length := mload(_preBytes)\\n mstore(tempBytes, length)\\n\\n // Maintain a memory counter for the current write location in the\\n // temp bytes array by adding the 32 bytes for the array length to\\n // the starting location.\\n let mc := add(tempBytes, 0x20)\\n // Stop copying when the memory counter reaches the length of the\\n // first bytes array.\\n let end := add(mc, length)\\n\\n for {\\n // Initialize a copy counter to the start of the _preBytes data,\\n // 32 bytes into its memory.\\n let cc := add(_preBytes, 0x20)\\n } lt(mc, end) {\\n // Increase both counters by 32 bytes each iteration.\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // Write the _preBytes data into the tempBytes memory 32 bytes\\n // at a time.\\n mstore(mc, mload(cc))\\n }\\n\\n // Add the length of _postBytes to the current length of tempBytes\\n // and store it as the new length in the first 32 bytes of the\\n // tempBytes memory.\\n length := mload(_postBytes)\\n mstore(tempBytes, add(length, mload(tempBytes)))\\n\\n // Move the memory counter back from a multiple of 0x20 to the\\n // actual end of the _preBytes data.\\n mc := end\\n // Stop copying when the memory counter reaches the new combined\\n // length of the arrays.\\n end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n } lt(mc, end) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n mstore(mc, mload(cc))\\n }\\n\\n // Update the free-memory pointer by padding our last write location\\n // to 32 bytes: add 31 bytes to the end of tempBytes to move to the\\n // next 32 byte block, then round down to the nearest multiple of\\n // 32. If the sum of the length of the two arrays is zero then add\\n // one before rounding down to leave a blank 32 bytes (the length block with 0).\\n mstore(0x40, and(\\n add(add(end, iszero(add(length, mload(_preBytes)))), 31),\\n not(31) // Round down to the nearest 32 bytes.\\n ))\\n }\\n\\n return tempBytes;\\n }\\n\\n function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {\\n assembly {\\n // Read the first 32 bytes of _preBytes storage, which is the length\\n // of the array. (We don't need to use the offset into the slot\\n // because arrays use the entire slot.)\\n let fslot := sload(_preBytes.slot)\\n // Arrays of 31 bytes or less have an even value in their slot,\\n // while longer arrays have an odd value. The actual length is\\n // the slot divided by two for odd values, and the lowest order\\n // byte divided by two for even values.\\n // If the slot is even, bitwise and the slot with 255 and divide by\\n // two to get the length. If the slot is odd, bitwise and the slot\\n // with -1 and divide by two.\\n let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)\\n let mlength := mload(_postBytes)\\n let newlength := add(slength, mlength)\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n switch add(lt(slength, 32), lt(newlength, 32))\\n case 2 {\\n // Since the new array still fits in the slot, we just need to\\n // update the contents of the slot.\\n // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length\\n sstore(\\n _preBytes.slot,\\n // all the modifications to the slot are inside this\\n // next block\\n add(\\n // we can just add to the slot contents because the\\n // bytes we want to change are the LSBs\\n fslot,\\n add(\\n mul(\\n div(\\n // load the bytes from memory\\n mload(add(_postBytes, 0x20)),\\n // zero all bytes to the right\\n exp(0x100, sub(32, mlength))\\n ),\\n // and now shift left the number of bytes to\\n // leave space for the length in the slot\\n exp(0x100, sub(32, newlength))\\n ),\\n // increase length by the double of the memory\\n // bytes length\\n mul(mlength, 2)\\n )\\n )\\n )\\n }\\n case 1 {\\n // The stored value fits in the slot, but the combined value\\n // will exceed it.\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // The contents of the _postBytes array start 32 bytes into\\n // the structure. Our first read should obtain the `submod`\\n // bytes that can fit into the unused space in the last word\\n // of the stored array. To get this, we read 32 bytes starting\\n // from `submod`, so the data we read overlaps with the array\\n // contents by `submod` bytes. Masking the lowest-order\\n // `submod` bytes allows us to add that value directly to the\\n // stored value.\\n\\n let submod := sub(32, slength)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(\\n sc,\\n add(\\n and(\\n fslot,\\n 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00\\n ),\\n and(mload(mc), mask)\\n )\\n )\\n\\n for {\\n mc := add(mc, 0x20)\\n sc := add(sc, 1)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n default {\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n // Start copying to the last used word of the stored array.\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // Copy over the first `submod` bytes of the new data as in\\n // case 1 above.\\n let slengthmod := mod(slength, 32)\\n let mlengthmod := mod(mlength, 32)\\n let submod := sub(32, slengthmod)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(sc, add(sload(sc), and(mload(mc), mask)))\\n\\n for {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n }\\n }\\n\\n function slice(bytes memory _bytes, uint _start, uint _length) internal pure returns (bytes memory res) {\\n if (_length == 0) {\\n return hex\\\"\\\";\\n }\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n // Alloc bytes array with additional 32 bytes afterspace and assign it's size\\n res := mload(0x40)\\n mstore(0x40, add(add(res, 64), _length))\\n mstore(res, _length)\\n\\n // Compute distance between source and destination pointers\\n let diff := sub(res, add(_bytes, _start))\\n\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n } {\\n mstore(add(src, diff), mload(src))\\n }\\n }\\n }\\n\\n /// @notice Take a slice of the byte array, overwriting the destination.\\n /// The length of the slice will equal the length of the destination array.\\n /// @dev Make sure the destination array has afterspace if required.\\n /// @param _bytes The source array\\n /// @param _dest The destination array.\\n /// @param _start The location to start in the source array.\\n function sliceInPlace(\\n bytes memory _bytes,\\n bytes memory _dest,\\n uint _start\\n ) internal pure {\\n uint _length = _dest.length;\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let res := add(_dest, 32)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n res := add(res, 32)\\n } {\\n mstore(res, mload(src))\\n }\\n }\\n }\\n\\n // Static slice functions, no bounds checking\\n /// @notice take a 32-byte slice from the specified position\\n function slice32(bytes memory _bytes, uint _start) internal pure returns (bytes32 res) {\\n assembly {\\n res := mload(add(add(_bytes, 32), _start))\\n }\\n }\\n\\n /// @notice take a 20-byte slice from the specified position\\n function slice20(bytes memory _bytes, uint _start) internal pure returns (bytes20) {\\n return bytes20(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 8-byte slice from the specified position\\n function slice8(bytes memory _bytes, uint _start) internal pure returns (bytes8) {\\n return bytes8(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 4-byte slice from the specified position\\n function slice4(bytes memory _bytes, uint _start) internal pure returns (bytes4) {\\n return bytes4(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 3-byte slice from the specified position\\n function slice3(bytes memory _bytes, uint _start) internal pure returns (bytes3) {\\n return bytes3(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 2-byte slice from the specified position\\n function slice2(bytes memory _bytes, uint _start) internal pure returns (bytes2) {\\n return bytes2(slice32(_bytes, _start));\\n }\\n\\n function toAddress(bytes memory _bytes, uint _start) internal pure returns (address) {\\n uint _totalLen = _start + 20;\\n require(_totalLen > _start && _bytes.length >= _totalLen, \\\"Address conversion out of bounds.\\\");\\n address tempAddress;\\n\\n assembly {\\n tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)\\n }\\n\\n return tempAddress;\\n }\\n\\n function toUint(bytes memory _bytes, uint _start) internal pure returns (uint256) {\\n uint _totalLen = _start + 32;\\n require(_totalLen > _start && _bytes.length >= _totalLen, \\\"Uint conversion out of bounds.\\\");\\n uint256 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x20), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {\\n bool success = true;\\n\\n assembly {\\n let length := mload(_preBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(length, mload(_postBytes))\\n case 1 {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n let mc := add(_preBytes, 0x20)\\n let end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n } eq(add(lt(mc, end), cb), 2) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // if any of these checks fails then arrays are not equal\\n if iszero(eq(mload(mc), mload(cc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function equalStorage(bytes storage _preBytes, bytes memory _postBytes) internal view returns (bool) {\\n bool success = true;\\n\\n assembly {\\n // we know _preBytes_offset is 0\\n let fslot := sload(_preBytes.slot)\\n // Decode the length of the stored array like in concatStorage().\\n let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)\\n let mlength := mload(_postBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(slength, mlength)\\n case 1 {\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n if iszero(iszero(slength)) {\\n switch lt(slength, 32)\\n case 1 {\\n // blank the last byte which is the length\\n fslot := mul(div(fslot, 0x100), 0x100)\\n\\n if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {\\n // unsuccess:\\n success := 0\\n }\\n }\\n default {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := keccak256(0x0, 0x20)\\n\\n let mc := add(_postBytes, 0x20)\\n let end := add(mc, mlength)\\n\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n for {} eq(add(lt(mc, end), cb), 2) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n if iszero(eq(sload(sc), mload(mc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function toBytes32(bytes memory _source) pure internal returns (bytes32 result) {\\n if (_source.length == 0) {\\n return 0x0;\\n }\\n\\n assembly {\\n result := mload(add(_source, 32))\\n }\\n }\\n\\n function keccak256Slice(bytes memory _bytes, uint _start, uint _length) pure internal returns (bytes32 result) {\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n result := keccak256(add(add(_bytes, 32), _start), _length)\\n }\\n }\\n}\\n\",\"keccak256\":\"0x43e0f3b3b23c861bd031588bf410dfdd02e2af17941a89aa38d70e534e0380d1\"},\"@keep-network/bitcoin-spv-sol/contracts/CheckBitcoinSigs.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title CheckBitcoinSigs */\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {BTCUtils} from \\\"./BTCUtils.sol\\\";\\n\\n\\nlibrary CheckBitcoinSigs {\\n\\n using BytesLib for bytes;\\n using BTCUtils for bytes;\\n\\n /// @notice Derives an Ethereum Account address from a pubkey\\n /// @dev The address is the last 20 bytes of the keccak256 of the address\\n /// @param _pubkey The public key X & Y. Unprefixed, as a 64-byte array\\n /// @return The account address\\n function accountFromPubkey(bytes memory _pubkey) internal pure returns (address) {\\n require(_pubkey.length == 64, \\\"Pubkey must be 64-byte raw, uncompressed key.\\\");\\n\\n // keccak hash of uncompressed unprefixed pubkey\\n bytes32 _digest = keccak256(_pubkey);\\n return address(uint160(uint256(_digest)));\\n }\\n\\n /// @notice Calculates the p2wpkh output script of a pubkey\\n /// @dev Compresses keys to 33 bytes as required by Bitcoin\\n /// @param _pubkey The public key, compressed or uncompressed\\n /// @return The p2wkph output script\\n function p2wpkhFromPubkey(bytes memory _pubkey) internal view returns (bytes memory) {\\n bytes memory _compressedPubkey;\\n uint8 _prefix;\\n\\n if (_pubkey.length == 64) {\\n _prefix = uint8(_pubkey[_pubkey.length - 1]) % 2 == 1 ? 3 : 2;\\n _compressedPubkey = abi.encodePacked(_prefix, _pubkey.slice32(0));\\n } else if (_pubkey.length == 65) {\\n _prefix = uint8(_pubkey[_pubkey.length - 1]) % 2 == 1 ? 3 : 2;\\n _compressedPubkey = abi.encodePacked(_prefix, _pubkey.slice32(1));\\n } else {\\n _compressedPubkey = _pubkey;\\n }\\n\\n require(_compressedPubkey.length == 33, \\\"Witness PKH requires compressed keys\\\");\\n\\n bytes20 _pubkeyHash = _compressedPubkey.hash160View();\\n return abi.encodePacked(hex\\\"0014\\\", _pubkeyHash);\\n }\\n\\n /// @notice checks a signed message's validity under a pubkey\\n /// @dev does this using ecrecover because Ethereum has no soul\\n /// @param _pubkey the public key to check (64 bytes)\\n /// @param _digest the message digest signed\\n /// @param _v the signature recovery value\\n /// @param _r the signature r value\\n /// @param _s the signature s value\\n /// @return true if signature is valid, else false\\n function checkSig(\\n bytes memory _pubkey,\\n bytes32 _digest,\\n uint8 _v,\\n bytes32 _r,\\n bytes32 _s\\n ) internal pure returns (bool) {\\n require(_pubkey.length == 64, \\\"Requires uncompressed unprefixed pubkey\\\");\\n address _expected = accountFromPubkey(_pubkey);\\n address _actual = ecrecover(_digest, _v, _r, _s);\\n return _actual == _expected;\\n }\\n\\n /// @notice checks a signed message against a bitcoin p2wpkh output script\\n /// @dev does this my verifying the p2wpkh matches an ethereum account\\n /// @param _p2wpkhOutputScript the bitcoin output script\\n /// @param _pubkey the uncompressed, unprefixed public key to check\\n /// @param _digest the message digest signed\\n /// @param _v the signature recovery value\\n /// @param _r the signature r value\\n /// @param _s the signature s value\\n /// @return true if signature is valid, else false\\n function checkBitcoinSig(\\n bytes memory _p2wpkhOutputScript,\\n bytes memory _pubkey,\\n bytes32 _digest,\\n uint8 _v,\\n bytes32 _r,\\n bytes32 _s\\n ) internal view returns (bool) {\\n require(_pubkey.length == 64, \\\"Requires uncompressed unprefixed pubkey\\\");\\n\\n bool _isExpectedSigner = keccak256(p2wpkhFromPubkey(_pubkey)) == keccak256(_p2wpkhOutputScript); // is it the expected signer?\\n if (!_isExpectedSigner) {return false;}\\n\\n bool _sigResult = checkSig(_pubkey, _digest, _v, _r, _s);\\n return _sigResult;\\n }\\n\\n /// @notice checks if a message is the sha256 preimage of a digest\\n /// @dev this is NOT the hash256! this step is necessary for ECDSA security!\\n /// @param _digest the digest\\n /// @param _candidate the purported preimage\\n /// @return true if the preimage matches the digest, else false\\n function isSha256Preimage(\\n bytes memory _candidate,\\n bytes32 _digest\\n ) internal pure returns (bool) {\\n return sha256(_candidate) == _digest;\\n }\\n\\n /// @notice checks if a message is the keccak256 preimage of a digest\\n /// @dev this step is necessary for ECDSA security!\\n /// @param _digest the digest\\n /// @param _candidate the purported preimage\\n /// @return true if the preimage matches the digest, else false\\n function isKeccak256Preimage(\\n bytes memory _candidate,\\n bytes32 _digest\\n ) internal pure returns (bool) {\\n return keccak256(_candidate) == _digest;\\n }\\n\\n /// @notice calculates the signature hash of a Bitcoin transaction with the provided details\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputScript the length-prefixed output script\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function wpkhSpendSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes memory _outputScript // lenght-prefixed output script\\n ) internal view returns (bytes32) {\\n // Fixes elements to easily make a 1-in 1-out sighash digest\\n // Does not support timelocks\\n // bytes memory _scriptCode = abi.encodePacked(\\n // hex\\\"1976a914\\\", // length, dup, hash160, pkh_length\\n // _inputPKH,\\n // hex\\\"88ac\\\"); // equal, checksig\\n\\n bytes32 _hashOutputs = abi.encodePacked(\\n _outputValue, // 8-byte LE\\n _outputScript).hash256View();\\n\\n bytes memory _sighashPreimage = abi.encodePacked(\\n hex\\\"01000000\\\", // version\\n _outpoint.hash256View(), // hashPrevouts\\n hex\\\"8cb9012517c817fead650287d61bdd9c68803b6bf9c64133dcab3e65b5a50cb9\\\", // hashSequence(00000000)\\n _outpoint, // outpoint\\n // p2wpkh script code\\n hex\\\"1976a914\\\", // length, dup, hash160, pkh_length\\n _inputPKH,\\n hex\\\"88ac\\\", // equal, checksig\\n // end script code\\n _inputValue, // value of the input in 8-byte LE\\n hex\\\"00000000\\\", // input nSequence\\n _hashOutputs, // hash of the single output\\n hex\\\"00000000\\\", // nLockTime\\n hex\\\"01000000\\\" // SIGHASH_ALL\\n );\\n return _sighashPreimage.hash256View();\\n }\\n\\n /// @notice calculates the signature hash of a Bitcoin transaction with the provided details\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputPKH the output pubkeyhash (hash160(recipient_pubkey))\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function wpkhToWpkhSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes20 _outputPKH // 20-byte hash160\\n ) internal view returns (bytes32) {\\n return wpkhSpendSighash(\\n _outpoint,\\n _inputPKH,\\n _inputValue,\\n _outputValue,\\n abi.encodePacked(\\n hex\\\"160014\\\", // wpkh tag\\n _outputPKH)\\n );\\n }\\n\\n /// @notice Preserved for API compatibility with older version\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputPKH the output pubkeyhash (hash160(recipient_pubkey))\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function oneInputOneOutputSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes20 _outputPKH // 20-byte hash160\\n ) internal view returns (bytes32) {\\n return wpkhToWpkhSighash(_outpoint, _inputPKH, _inputValue, _outputValue, _outputPKH);\\n }\\n\\n}\\n\",\"keccak256\":\"0xfffbd5486af77058fe9385d63d433da914a043994b1affdfcb87248aa10a234c\"},\"@keep-network/bitcoin-spv-sol/contracts/SafeMath.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/*\\nThe MIT License (MIT)\\n\\nCopyright (c) 2016 Smart Contract Solutions, Inc.\\n\\nPermission is hereby granted, free of charge, to any person obtaining\\na copy of this software and associated documentation files (the\\n\\\"Software\\\"), to deal in the Software without restriction, including\\nwithout limitation the rights to use, copy, modify, merge, publish,\\ndistribute, sublicense, and/or sell copies of the Software, and to\\npermit persons to whom the Software is furnished to do so, subject to\\nthe following conditions:\\n\\nThe above copyright notice and this permission notice shall be included\\nin all copies or substantial portions of the Software.\\n\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND, EXPRESS\\nOR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY\\nCLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,\\nTORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE\\nSOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\\n*/\\n\\n\\n/**\\n * @title SafeMath\\n * @dev Math operations with safety checks that throw on error\\n */\\nlibrary SafeMath {\\n\\n /**\\n * @dev Multiplies two numbers, throws on overflow.\\n */\\n function mul(uint256 _a, uint256 _b) internal pure returns (uint256 c) {\\n // Gas optimization: this is cheaper than asserting 'a' not being zero, but the\\n // benefit is lost if 'b' is also tested.\\n // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522\\n if (_a == 0) {\\n return 0;\\n }\\n\\n c = _a * _b;\\n require(c / _a == _b, \\\"Overflow during multiplication.\\\");\\n return c;\\n }\\n\\n /**\\n * @dev Integer division of two numbers, truncating the quotient.\\n */\\n function div(uint256 _a, uint256 _b) internal pure returns (uint256) {\\n // assert(_b > 0); // Solidity automatically throws when dividing by 0\\n // uint256 c = _a / _b;\\n // assert(_a == _b * c + _a % _b); // There is no case in which this doesn't hold\\n return _a / _b;\\n }\\n\\n /**\\n * @dev Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).\\n */\\n function sub(uint256 _a, uint256 _b) internal pure returns (uint256) {\\n require(_b <= _a, \\\"Underflow during subtraction.\\\");\\n return _a - _b;\\n }\\n\\n /**\\n * @dev Adds two numbers, throws on overflow.\\n */\\n function add(uint256 _a, uint256 _b) internal pure returns (uint256 c) {\\n c = _a + _b;\\n require(c >= _a, \\\"Overflow during addition.\\\");\\n return c;\\n }\\n}\\n\",\"keccak256\":\"0x35930d982394c7ffde439b82e5e696c5b21a6f09699d44861dfe409ef64084a3\"},\"@keep-network/bitcoin-spv-sol/contracts/ValidateSPV.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title ValidateSPV*/\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {SafeMath} from \\\"./SafeMath.sol\\\";\\nimport {BTCUtils} from \\\"./BTCUtils.sol\\\";\\n\\n\\nlibrary ValidateSPV {\\n\\n using BTCUtils for bytes;\\n using BTCUtils for uint256;\\n using BytesLib for bytes;\\n using SafeMath for uint256;\\n\\n enum InputTypes { NONE, LEGACY, COMPATIBILITY, WITNESS }\\n enum OutputTypes { NONE, WPKH, WSH, OP_RETURN, PKH, SH, NONSTANDARD }\\n\\n uint256 constant ERR_BAD_LENGTH = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff;\\n uint256 constant ERR_INVALID_CHAIN = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe;\\n uint256 constant ERR_LOW_WORK = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd;\\n\\n function getErrBadLength() internal pure returns (uint256) {\\n return ERR_BAD_LENGTH;\\n }\\n\\n function getErrInvalidChain() internal pure returns (uint256) {\\n return ERR_INVALID_CHAIN;\\n }\\n\\n function getErrLowWork() internal pure returns (uint256) {\\n return ERR_LOW_WORK;\\n }\\n\\n /// @notice Validates a tx inclusion in the block\\n /// @dev `index` is not a reliable indicator of location within a block\\n /// @param _txid The txid (LE)\\n /// @param _merkleRoot The merkle root (as in the block header)\\n /// @param _intermediateNodes The proof's intermediate nodes (digests between leaf and root)\\n /// @param _index The leaf's index in the tree (0-indexed)\\n /// @return true if fully valid, false otherwise\\n function prove(\\n bytes32 _txid,\\n bytes32 _merkleRoot,\\n bytes memory _intermediateNodes,\\n uint _index\\n ) internal view returns (bool) {\\n // Shortcut the empty-block case\\n if (_txid == _merkleRoot && _index == 0 && _intermediateNodes.length == 0) {\\n return true;\\n }\\n\\n // If the Merkle proof failed, bubble up error\\n return BTCUtils.verifyHash256Merkle(\\n _txid,\\n _intermediateNodes,\\n _merkleRoot,\\n _index\\n );\\n }\\n\\n /// @notice Hashes transaction to get txid\\n /// @dev Supports Legacy and Witness\\n /// @param _version 4-bytes version\\n /// @param _vin Raw bytes length-prefixed input vector\\n /// @param _vout Raw bytes length-prefixed output vector\\n /// @param _locktime 4-byte tx locktime\\n /// @return 32-byte transaction id, little endian\\n function calculateTxId(\\n bytes4 _version,\\n bytes memory _vin,\\n bytes memory _vout,\\n bytes4 _locktime\\n ) internal view returns (bytes32) {\\n // Get transaction hash double-Sha256(version + nIns + inputs + nOuts + outputs + locktime)\\n return abi.encodePacked(_version, _vin, _vout, _locktime).hash256View();\\n }\\n\\n /// @notice Checks validity of header chain\\n /// @notice Compares the hash of each header to the prevHash in the next header\\n /// @param _headers Raw byte array of header chain\\n /// @return _totalDifficulty The total accumulated difficulty of the header chain, or an error code\\n function validateHeaderChain(bytes memory _headers) internal view returns (uint256 _totalDifficulty) {\\n\\n // Check header chain length\\n if (_headers.length % 80 != 0) {return ERR_BAD_LENGTH;}\\n\\n // Initialize header start index\\n bytes32 _digest;\\n\\n _totalDifficulty = 0;\\n\\n bytes memory _header;\\n\\n // Allocate _header with extra space after it to fit 3 full words\\n assembly {\\n _header := mload(0x40)\\n mstore(0x40, add(_header, add(32, 96)))\\n mstore(_header, 80)\\n }\\n\\n for (uint256 _start = 0; _start < _headers.length; _start += 80) {\\n\\n // ith header start index and ith header\\n _headers.sliceInPlace(_header, _start);\\n\\n // After the first header, check that headers are in a chain\\n if (_start != 0) {\\n if (!validateHeaderPrevHash(_header, _digest)) {return ERR_INVALID_CHAIN;}\\n }\\n\\n // ith header target\\n uint256 _target = _header.extractTarget();\\n\\n // Require that the header has sufficient work\\n _digest = _header.hash256View();\\n if(uint256(_digest).reverseUint256() > _target) {\\n return ERR_LOW_WORK;\\n }\\n\\n // Add ith header difficulty to difficulty sum\\n _totalDifficulty = _totalDifficulty.add(_target.calculateDifficulty());\\n }\\n }\\n\\n /// @notice Checks validity of header work\\n /// @param _digest Header digest\\n /// @param _target The target threshold\\n /// @return true if header work is valid, false otherwise\\n function validateHeaderWork(bytes32 _digest, uint256 _target) internal pure returns (bool) {\\n if (_digest == bytes32(0)) {return false;}\\n return (uint256(_digest).reverseUint256() < _target);\\n }\\n\\n /// @notice Checks validity of header chain\\n /// @dev Compares current header prevHash to previous header's digest\\n /// @param _header The raw bytes header\\n /// @param _prevHeaderDigest The previous header's digest\\n /// @return true if the connect is valid, false otherwise\\n function validateHeaderPrevHash(bytes memory _header, bytes32 _prevHeaderDigest) internal pure returns (bool) {\\n\\n // Extract prevHash of current header\\n bytes32 _prevHash = _header.extractPrevBlockLE();\\n\\n // Compare prevHash of current header to previous header's digest\\n if (_prevHash != _prevHeaderDigest) {return false;}\\n\\n return true;\\n }\\n}\\n\",\"keccak256\":\"0x504c3de02695728018b1f54d0b0f3abdae11624305c8985f541f8f79eea5eeb4\"},\"@keep-network/ecdsa/contracts/EcdsaDkgValidator.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\n// Initial version copied from Keep Network Random Beacon:\\n// https://github.com/keep-network/keep-core/blob/5138c7628868dbeed3ae2164f76fccc6c1fbb9e8/solidity/random-beacon/contracts/DKGValidator.sol\\n//\\n// With the following differences:\\n// - group public key length,\\n// - group size and related thresholds,\\n// - documentation.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\\\";\\nimport \\\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\\\";\\nimport \\\"@keep-network/sortition-pools/contracts/SortitionPool.sol\\\";\\nimport \\\"./libraries/EcdsaDkg.sol\\\";\\n\\n/// @title DKG result validator\\n/// @notice EcdsaDkgValidator allows performing a full validation of DKG result,\\n/// including checking the format of fields in the result, declared\\n/// selected group members, and signatures of operators supporting the\\n/// result. The operator submitting the result should perform the\\n/// validation using a free contract call before submitting the result\\n/// to ensure their result is valid and can not be challenged. All other\\n/// network operators should perform validation of the submitted result\\n/// using a free contract call and challenge the result if the\\n/// validation fails.\\ncontract EcdsaDkgValidator {\\n using BytesLib for bytes;\\n using ECDSA for bytes32;\\n\\n /// @dev Size of a group in DKG.\\n uint256 public constant groupSize = 100;\\n\\n /// @dev The minimum number of group members needed to interact according to\\n /// the protocol to produce a signature. The adversary can not learn\\n /// anything about the key as long as it does not break into\\n /// groupThreshold+1 of members.\\n uint256 public constant groupThreshold = 51;\\n\\n /// @dev The minimum number of active and properly behaving group members\\n /// during the DKG needed to accept the result. This number is higher\\n /// than `groupThreshold` to keep a safety margin for members becoming\\n /// inactive after DKG so that the group can still produce signature.\\n uint256 public constant activeThreshold = 90; // 90% of groupSize\\n\\n /// @dev Size in bytes of a public key produced by group members during the\\n /// the DKG. The length assumes uncompressed ECDSA public key.\\n uint256 public constant publicKeyByteSize = 64;\\n\\n /// @dev Size in bytes of a single signature produced by operator supporting\\n /// DKG result.\\n uint256 public constant signatureByteSize = 65;\\n\\n SortitionPool public sortitionPool;\\n\\n constructor(SortitionPool _sortitionPool) {\\n sortitionPool = _sortitionPool;\\n }\\n\\n /// @notice Performs a full validation of DKG result, including checking the\\n /// format of fields in the result, declared selected group members,\\n /// and signatures of operators supporting the result.\\n /// @param seed seed used to start the DKG and select group members\\n /// @param startBlock DKG start block\\n /// @return isValid true if the result is valid, false otherwise\\n /// @return errorMsg validation error message; empty for a valid result\\n function validate(\\n EcdsaDkg.Result calldata result,\\n uint256 seed,\\n uint256 startBlock\\n ) external view returns (bool isValid, string memory errorMsg) {\\n (bool hasValidFields, string memory error) = validateFields(result);\\n if (!hasValidFields) {\\n return (false, error);\\n }\\n\\n if (!validateSignatures(result, startBlock)) {\\n return (false, \\\"Invalid signatures\\\");\\n }\\n\\n if (!validateGroupMembers(result, seed)) {\\n return (false, \\\"Invalid group members\\\");\\n }\\n\\n // At this point all group members and misbehaved members were verified\\n if (!validateMembersHash(result)) {\\n return (false, \\\"Invalid members hash\\\");\\n }\\n\\n return (true, \\\"\\\");\\n }\\n\\n /// @notice Performs a static validation of DKG result fields: lengths,\\n /// ranges, and order of arrays.\\n /// @return isValid true if the result is valid, false otherwise\\n /// @return errorMsg validation error message; empty for a valid result\\n function validateFields(EcdsaDkg.Result calldata result)\\n public\\n view\\n returns (bool isValid, string memory errorMsg)\\n {\\n if (result.groupPubKey.length != publicKeyByteSize) {\\n return (false, \\\"Malformed group public key\\\");\\n }\\n\\n // The number of misbehaved members can not exceed the threshold.\\n // Misbehaved member indices needs to be unique, between [1, groupSize],\\n // and sorted in ascending order.\\n uint8[] calldata misbehavedMembersIndices = result\\n .misbehavedMembersIndices;\\n if (groupSize - misbehavedMembersIndices.length < activeThreshold) {\\n return (false, \\\"Too many members misbehaving during DKG\\\");\\n }\\n if (misbehavedMembersIndices.length > 1) {\\n if (\\n misbehavedMembersIndices[0] < 1 ||\\n misbehavedMembersIndices[misbehavedMembersIndices.length - 1] >\\n groupSize\\n ) {\\n return (false, \\\"Corrupted misbehaved members indices\\\");\\n }\\n for (uint256 i = 1; i < misbehavedMembersIndices.length; i++) {\\n if (\\n misbehavedMembersIndices[i - 1] >=\\n misbehavedMembersIndices[i]\\n ) {\\n return (false, \\\"Corrupted misbehaved members indices\\\");\\n }\\n }\\n }\\n\\n // Each signature needs to have a correct length and signatures need to\\n // be provided.\\n uint256 signaturesCount = result.signatures.length / signatureByteSize;\\n if (result.signatures.length == 0) {\\n return (false, \\\"No signatures provided\\\");\\n }\\n if (result.signatures.length % signatureByteSize != 0) {\\n return (false, \\\"Malformed signatures array\\\");\\n }\\n\\n // We expect the same amount of signatures as the number of declared\\n // group member indices that signed the result.\\n uint256[] calldata signingMembersIndices = result.signingMembersIndices;\\n if (signaturesCount != signingMembersIndices.length) {\\n return (false, \\\"Unexpected signatures count\\\");\\n }\\n if (signaturesCount < groupThreshold) {\\n return (false, \\\"Too few signatures\\\");\\n }\\n if (signaturesCount > groupSize) {\\n return (false, \\\"Too many signatures\\\");\\n }\\n\\n // Signing member indices needs to be unique, between [1,groupSize],\\n // and sorted in ascending order.\\n if (\\n signingMembersIndices[0] < 1 ||\\n signingMembersIndices[signingMembersIndices.length - 1] > groupSize\\n ) {\\n return (false, \\\"Corrupted signing member indices\\\");\\n }\\n for (uint256 i = 1; i < signingMembersIndices.length; i++) {\\n if (signingMembersIndices[i - 1] >= signingMembersIndices[i]) {\\n return (false, \\\"Corrupted signing member indices\\\");\\n }\\n }\\n\\n return (true, \\\"\\\");\\n }\\n\\n /// @notice Performs validation of group members as declared in DKG\\n /// result against group members selected by the sortition pool.\\n /// @param seed seed used to start the DKG and select group members\\n /// @return true if group members matches; false otherwise\\n function validateGroupMembers(EcdsaDkg.Result calldata result, uint256 seed)\\n public\\n view\\n returns (bool)\\n {\\n uint32[] calldata resultMembers = result.members;\\n uint32[] memory actualGroupMembers = sortitionPool.selectGroup(\\n groupSize,\\n bytes32(seed)\\n );\\n if (resultMembers.length != actualGroupMembers.length) {\\n return false;\\n }\\n for (uint256 i = 0; i < resultMembers.length; i++) {\\n if (resultMembers[i] != actualGroupMembers[i]) {\\n return false;\\n }\\n }\\n return true;\\n }\\n\\n /// @notice Performs validation of signatures supplied in DKG result.\\n /// Note that this function does not check if addresses which\\n /// supplied signatures supporting the result are the ones selected\\n /// to the group by sortition pool. This function should be used\\n /// together with `validateGroupMembers`.\\n /// @param startBlock DKG start block\\n /// @return true if group members matches; false otherwise\\n function validateSignatures(\\n EcdsaDkg.Result calldata result,\\n uint256 startBlock\\n ) public view returns (bool) {\\n bytes32 hash = keccak256(\\n abi.encodePacked(\\n result.groupPubKey,\\n result.misbehavedMembersIndices,\\n startBlock\\n )\\n ).toEthSignedMessageHash();\\n\\n uint256[] calldata signingMembersIndices = result.signingMembersIndices;\\n uint32[] memory signingMemberIds = new uint32[](\\n signingMembersIndices.length\\n );\\n for (uint256 i = 0; i < signingMembersIndices.length; i++) {\\n signingMemberIds[i] = result.members[signingMembersIndices[i] - 1];\\n }\\n\\n address[] memory signingMemberAddresses = sortitionPool.getIDOperators(\\n signingMemberIds\\n );\\n\\n bytes memory current; // Current signature to be checked.\\n\\n uint256 signaturesCount = result.signatures.length / signatureByteSize;\\n for (uint256 i = 0; i < signaturesCount; i++) {\\n current = result.signatures.slice(\\n signatureByteSize * i,\\n signatureByteSize\\n );\\n address recoveredAddress = hash.recover(current);\\n\\n if (signingMemberAddresses[i] != recoveredAddress) {\\n return false;\\n }\\n }\\n\\n return true;\\n }\\n\\n /// @notice Performs validation of hashed group members that actively took\\n /// part in DKG.\\n /// @param result DKG result\\n /// @return true if calculated result's group members hash matches with the\\n /// one that is challenged.\\n function validateMembersHash(EcdsaDkg.Result calldata result)\\n public\\n view\\n returns (bool)\\n {\\n if (result.misbehavedMembersIndices.length > 0) {\\n // members that generated a group signing key\\n uint32[] memory groupMembers = new uint32[](\\n result.members.length - result.misbehavedMembersIndices.length\\n );\\n uint256 k = 0; // misbehaved members counter\\n uint256 j = 0; // group members counter\\n for (uint256 i = 0; i < result.members.length; i++) {\\n // misbehaved member indices start from 1, so we need to -1 on misbehaved\\n if (i != result.misbehavedMembersIndices[k] - 1) {\\n groupMembers[j] = result.members[i];\\n j++;\\n } else if (k < result.misbehavedMembersIndices.length - 1) {\\n k++;\\n }\\n }\\n\\n return keccak256(abi.encode(groupMembers)) == result.membersHash;\\n }\\n\\n return keccak256(abi.encode(result.members)) == result.membersHash;\\n }\\n}\\n\",\"keccak256\":\"0x03f6dca16ca31db65b537860005e0b34fcc7013eca5113ceeb0baae494a7e4a7\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/api/IWalletOwner.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\ninterface IWalletOwner {\\n /// @notice Callback function executed once a new wallet is created.\\n /// @dev Should be callable only by the Wallet Registry.\\n /// @param walletID Wallet's unique identifier.\\n /// @param publicKeyY Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n function __ecdsaWalletCreatedCallback(\\n bytes32 walletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external;\\n\\n /// @notice Callback function executed once a wallet heartbeat failure\\n /// is detected.\\n /// @dev Should be callable only by the Wallet Registry.\\n /// @param walletID Wallet's unique identifier.\\n /// @param publicKeyY Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n function __ecdsaWalletHeartbeatFailedCallback(\\n bytes32 walletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external;\\n}\\n\",\"keccak256\":\"0xad0c35fb23218babd529d51d047e24c712dd4812dd2506cefce46eafb00bbe1b\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/api/IWalletRegistry.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"../libraries/EcdsaDkg.sol\\\";\\n\\ninterface IWalletRegistry {\\n /// @notice Requests a new wallet creation.\\n /// @dev Only the Wallet Owner can call this function.\\n function requestNewWallet() external;\\n\\n /// @notice Closes an existing wallet.\\n /// @param walletID ID of the wallet.\\n /// @dev Only the Wallet Owner can call this function.\\n function closeWallet(bytes32 walletID) external;\\n\\n /// @notice Adds all signing group members of the wallet with the given ID\\n /// to the slashing queue of the staking contract. The notifier will\\n /// receive reward per each group member from the staking contract\\n /// notifiers treasury. The reward is scaled by the\\n /// `rewardMultiplier` provided as a parameter.\\n /// @param amount Amount of tokens to seize from each signing group member\\n /// @param rewardMultiplier Fraction of the staking contract notifiers\\n /// reward the notifier should receive; should be between [0, 100]\\n /// @param notifier Address of the misbehavior notifier\\n /// @param walletID ID of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @dev Only the Wallet Owner can call this function.\\n /// Requirements:\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - `rewardMultiplier` must be between [0, 100].\\n /// - This function does revert if staking contract call reverts.\\n /// The calling code needs to handle the potential revert.\\n function seize(\\n uint96 amount,\\n uint256 rewardMultiplier,\\n address notifier,\\n bytes32 walletID,\\n uint32[] calldata walletMembersIDs\\n ) external;\\n\\n /// @notice Gets public key of a wallet with a given wallet ID.\\n /// The public key is returned in an uncompressed format as a 64-byte\\n /// concatenation of X and Y coordinates.\\n /// @param walletID ID of the wallet.\\n /// @return Uncompressed public key of the wallet.\\n function getWalletPublicKey(bytes32 walletID)\\n external\\n view\\n returns (bytes memory);\\n\\n /// @notice Check current wallet creation state.\\n function getWalletCreationState() external view returns (EcdsaDkg.State);\\n\\n /// @notice Checks whether the given operator is a member of the given\\n /// wallet signing group.\\n /// @param walletID ID of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param operator Address of the checked operator\\n /// @param walletMemberIndex Position of the operator in the wallet signing\\n /// group members list\\n /// @return True - if the operator is a member of the given wallet signing\\n /// group. False - otherwise.\\n /// @dev Requirements:\\n /// - The `operator` parameter must be an actual sortition pool operator.\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n function isWalletMember(\\n bytes32 walletID,\\n uint32[] calldata walletMembersIDs,\\n address operator,\\n uint256 walletMemberIndex\\n ) external view returns (bool);\\n}\\n\",\"keccak256\":\"0x18f1f76f6b59dedf00ab6d79872589e349d28d8e527a754d0e215a57deb67e89\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/libraries/EcdsaDkg.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n//\\n\\n// Initial version copied from Keep Network Random Beacon:\\n// https://github.com/keep-network/keep-core/blob/5138c7628868dbeed3ae2164f76fccc6c1fbb9e8/solidity/random-beacon/contracts/libraries/DKG.sol\\n//\\n// With the following differences:\\n// - the group size was set to 100,\\n// - offchainDkgTimeout was removed,\\n// - submission eligibility verification is not performed on-chain,\\n// - submission eligibility delay was replaced with a submission timeout,\\n// - seed timeout notification requires seedTimeout period to pass.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\\\";\\nimport \\\"@keep-network/sortition-pools/contracts/SortitionPool.sol\\\";\\nimport \\\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\\\";\\nimport \\\"../EcdsaDkgValidator.sol\\\";\\n\\nlibrary EcdsaDkg {\\n using BytesLib for bytes;\\n using ECDSA for bytes32;\\n\\n struct Parameters {\\n // Time in blocks during which a seed is expected to be delivered.\\n // DKG starts only after a seed is delivered. The time the contract\\n // awaits for a seed is not included in the DKG timeout.\\n uint256 seedTimeout;\\n // Time in blocks during which a submitted result can be challenged.\\n uint256 resultChallengePeriodLength;\\n // Time in blocks during which a result is expected to be submitted.\\n uint256 resultSubmissionTimeout;\\n // Time in blocks during which only the result submitter is allowed to\\n // approve it. Once this period ends and the submitter have not approved\\n // the result, anyone can do it.\\n uint256 submitterPrecedencePeriodLength;\\n }\\n\\n struct Data {\\n // Address of the Sortition Pool contract.\\n SortitionPool sortitionPool;\\n // Address of the EcdsaDkgValidator contract.\\n EcdsaDkgValidator dkgValidator;\\n // DKG parameters. The parameters should persist between DKG executions.\\n // They should be updated with dedicated set functions only when DKG is not\\n // in progress.\\n Parameters parameters;\\n // Time in block at which DKG state was locked.\\n uint256 stateLockBlock;\\n // Time in blocks at which DKG started.\\n uint256 startBlock;\\n // Seed used to start DKG.\\n uint256 seed;\\n // Time in blocks that should be added to result submission eligibility\\n // delay calculation. It is used in case of a challenge to adjust\\n // DKG timeout calculation.\\n uint256 resultSubmissionStartBlockOffset;\\n // Hash of submitted DKG result.\\n bytes32 submittedResultHash;\\n // Block number from the moment of the DKG result submission.\\n uint256 submittedResultBlock;\\n }\\n\\n /// @notice DKG result.\\n struct Result {\\n // Claimed submitter candidate group member index.\\n // Must be in range [1, groupSize].\\n uint256 submitterMemberIndex;\\n // Generated candidate group public key\\n bytes groupPubKey;\\n // Array of misbehaved members indices (disqualified or inactive).\\n // Indices must be in range [1, groupSize], unique, and sorted in ascending\\n // order.\\n uint8[] misbehavedMembersIndices;\\n // Concatenation of signatures from members supporting the result.\\n // The message to be signed by each member is keccak256 hash of the\\n // calculated group public key, misbehaved members indices and DKG\\n // start block. The calculated hash should be prefixed with prefixed with\\n // `\\\\x19Ethereum signed message:\\\\n` before signing, so the message to\\n // sign is:\\n // `\\\\x19Ethereum signed message:\\\\n${keccak256(\\n // groupPubKey, misbehavedMembersIndices, dkgStartBlock\\n // )}`\\n bytes signatures;\\n // Indices of members corresponding to each signature. Indices must be\\n // be in range [1, groupSize], unique, and sorted in ascending order.\\n uint256[] signingMembersIndices;\\n // Identifiers of candidate group members as outputted by the group\\n // selection protocol.\\n uint32[] members;\\n // Keccak256 hash of group members identifiers that actively took part\\n // in DKG (excluding IA/DQ members).\\n bytes32 membersHash;\\n }\\n\\n /// @notice States for phases of group creation. The states doesn't include\\n /// timeouts which should be tracked and notified individually.\\n enum State {\\n // Group creation is not in progress. It is a state set after group creation\\n // completion either by timeout or by a result approval.\\n IDLE,\\n // Group creation is awaiting the seed and sortition pool is locked.\\n AWAITING_SEED,\\n // DKG protocol execution is in progress. A result is being calculated\\n // by the clients in this state and the contract awaits a result submission.\\n // This is a state to which group creation returns in case of a result\\n // challenge notification.\\n AWAITING_RESULT,\\n // DKG result was submitted and awaits an approval or a challenge. If a result\\n // gets challenge the state returns to `AWAITING_RESULT`. If a result gets\\n // approval the state changes to `IDLE`.\\n CHALLENGE\\n }\\n\\n /// @dev Size of a group in ECDSA wallet.\\n uint256 public constant groupSize = 100;\\n\\n event DkgStarted(uint256 indexed seed);\\n\\n // To recreate the members that actively took part in dkg, the selected members\\n // array should be filtered out from misbehavedMembersIndices.\\n event DkgResultSubmitted(\\n bytes32 indexed resultHash,\\n uint256 indexed seed,\\n Result result\\n );\\n\\n event DkgTimedOut();\\n\\n event DkgResultApproved(\\n bytes32 indexed resultHash,\\n address indexed approver\\n );\\n\\n event DkgResultChallenged(\\n bytes32 indexed resultHash,\\n address indexed challenger,\\n string reason\\n );\\n\\n event DkgStateLocked();\\n\\n event DkgSeedTimedOut();\\n\\n /// @notice Initializes SortitionPool and EcdsaDkgValidator addresses.\\n /// Can be performed only once.\\n /// @param _sortitionPool Sortition Pool reference\\n /// @param _dkgValidator EcdsaDkgValidator reference\\n function init(\\n Data storage self,\\n SortitionPool _sortitionPool,\\n EcdsaDkgValidator _dkgValidator\\n ) internal {\\n require(\\n address(self.sortitionPool) == address(0),\\n \\\"Sortition Pool address already set\\\"\\n );\\n\\n require(\\n address(self.dkgValidator) == address(0),\\n \\\"DKG Validator address already set\\\"\\n );\\n\\n self.sortitionPool = _sortitionPool;\\n self.dkgValidator = _dkgValidator;\\n }\\n\\n /// @notice Determines the current state of group creation. It doesn't take\\n /// timeouts into consideration. The timeouts should be tracked and\\n /// notified separately.\\n function currentState(Data storage self)\\n internal\\n view\\n returns (State state)\\n {\\n state = State.IDLE;\\n\\n if (self.sortitionPool.isLocked()) {\\n state = State.AWAITING_SEED;\\n\\n if (self.startBlock > 0) {\\n state = State.AWAITING_RESULT;\\n\\n if (self.submittedResultBlock > 0) {\\n state = State.CHALLENGE;\\n }\\n }\\n }\\n }\\n\\n /// @notice Locks the sortition pool and starts awaiting for the\\n /// group creation seed.\\n function lockState(Data storage self) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n emit DkgStateLocked();\\n\\n self.sortitionPool.lock();\\n\\n self.stateLockBlock = block.number;\\n }\\n\\n function start(Data storage self, uint256 seed) internal {\\n require(\\n currentState(self) == State.AWAITING_SEED,\\n \\\"Current state is not AWAITING_SEED\\\"\\n );\\n\\n emit DkgStarted(seed);\\n\\n self.startBlock = block.number;\\n self.seed = seed;\\n }\\n\\n /// @notice Allows to submit a DKG result. The submitted result does not go\\n /// through a validation and before it gets accepted, it needs to\\n /// wait through the challenge period during which everyone has\\n /// a chance to challenge the result as invalid one. Submitter of\\n /// the result needs to be in the sortition pool and if the result\\n /// gets challenged, the submitter will get slashed.\\n function submitResult(Data storage self, Result calldata result) internal {\\n require(\\n currentState(self) == State.AWAITING_RESULT,\\n \\\"Current state is not AWAITING_RESULT\\\"\\n );\\n require(!hasDkgTimedOut(self), \\\"DKG timeout already passed\\\");\\n\\n SortitionPool sortitionPool = self.sortitionPool;\\n\\n // Submitter must be an operator in the sortition pool.\\n // Declared submitter's member index in the DKG result needs to match\\n // the address calling this function.\\n require(\\n sortitionPool.isOperatorInPool(msg.sender),\\n \\\"Submitter not in the sortition pool\\\"\\n );\\n require(\\n sortitionPool.getIDOperator(\\n result.members[result.submitterMemberIndex - 1]\\n ) == msg.sender,\\n \\\"Unexpected submitter index\\\"\\n );\\n\\n self.submittedResultHash = keccak256(abi.encode(result));\\n self.submittedResultBlock = block.number;\\n\\n emit DkgResultSubmitted(self.submittedResultHash, self.seed, result);\\n }\\n\\n /// @notice Checks if awaiting seed timed out.\\n /// @return True if awaiting seed timed out, false otherwise.\\n function hasSeedTimedOut(Data storage self) internal view returns (bool) {\\n return\\n currentState(self) == State.AWAITING_SEED &&\\n block.number > (self.stateLockBlock + self.parameters.seedTimeout);\\n }\\n\\n /// @notice Checks if DKG timed out. The DKG timeout period includes time required\\n /// for off-chain protocol execution and time for the result publication.\\n /// After this time a result cannot be submitted and DKG can be notified\\n /// about the timeout. DKG period is adjusted by result submission\\n /// offset that include blocks that were mined while invalid result\\n /// has been registered until it got challenged.\\n /// @return True if DKG timed out, false otherwise.\\n function hasDkgTimedOut(Data storage self) internal view returns (bool) {\\n return\\n currentState(self) == State.AWAITING_RESULT &&\\n block.number >\\n (self.startBlock +\\n self.resultSubmissionStartBlockOffset +\\n self.parameters.resultSubmissionTimeout);\\n }\\n\\n /// @notice Notifies about the seed was not delivered and restores the\\n /// initial DKG state (IDLE).\\n function notifySeedTimeout(Data storage self) internal {\\n require(hasSeedTimedOut(self), \\\"Awaiting seed has not timed out\\\");\\n\\n emit DkgSeedTimedOut();\\n\\n complete(self);\\n }\\n\\n /// @notice Notifies about DKG timeout.\\n function notifyDkgTimeout(Data storage self) internal {\\n require(hasDkgTimedOut(self), \\\"DKG has not timed out\\\");\\n\\n emit DkgTimedOut();\\n\\n complete(self);\\n }\\n\\n /// @notice Approves DKG result. Can be called when the challenge period for\\n /// the submitted result is finished. Considers the submitted result\\n /// as valid. For the first `submitterPrecedencePeriodLength`\\n /// blocks after the end of the challenge period can be called only\\n /// by the DKG result submitter. After that time, can be called by\\n /// anyone.\\n /// @dev Can be called after a challenge period for the submitted result.\\n /// @param result Result to approve. Must match the submitted result stored\\n /// during `submitResult`.\\n /// @return misbehavedMembers Identifiers of members who misbehaved during DKG.\\n function approveResult(Data storage self, Result calldata result)\\n internal\\n returns (uint32[] memory misbehavedMembers)\\n {\\n require(\\n currentState(self) == State.CHALLENGE,\\n \\\"Current state is not CHALLENGE\\\"\\n );\\n\\n uint256 challengePeriodEnd = self.submittedResultBlock +\\n self.parameters.resultChallengePeriodLength;\\n\\n require(\\n block.number > challengePeriodEnd,\\n \\\"Challenge period has not passed yet\\\"\\n );\\n\\n require(\\n keccak256(abi.encode(result)) == self.submittedResultHash,\\n \\\"Result under approval is different than the submitted one\\\"\\n );\\n\\n // Extract submitter member address. Submitter member index is in\\n // range [1, groupSize] so we need to -1 when fetching identifier from members\\n // array.\\n address submitterMember = self.sortitionPool.getIDOperator(\\n result.members[result.submitterMemberIndex - 1]\\n );\\n\\n require(\\n msg.sender == submitterMember ||\\n block.number >\\n challengePeriodEnd +\\n self.parameters.submitterPrecedencePeriodLength,\\n \\\"Only the DKG result submitter can approve the result at this moment\\\"\\n );\\n\\n // Extract misbehaved members identifiers. Misbehaved members indices\\n // are in range [1, groupSize], so we need to -1 when fetching identifiers from\\n // members array.\\n misbehavedMembers = new uint32[](\\n result.misbehavedMembersIndices.length\\n );\\n for (uint256 i = 0; i < result.misbehavedMembersIndices.length; i++) {\\n misbehavedMembers[i] = result.members[\\n result.misbehavedMembersIndices[i] - 1\\n ];\\n }\\n\\n emit DkgResultApproved(self.submittedResultHash, msg.sender);\\n\\n return misbehavedMembers;\\n }\\n\\n /// @notice Challenges DKG result. If the submitted result is proved to be\\n /// invalid it reverts the DKG back to the result submission phase.\\n /// @dev Can be called during a challenge period for the submitted result.\\n /// @param result Result to challenge. Must match the submitted result\\n /// stored during `submitResult`.\\n /// @return maliciousResultHash Hash of the malicious result.\\n /// @return maliciousSubmitter Identifier of the malicious submitter.\\n function challengeResult(Data storage self, Result calldata result)\\n internal\\n returns (bytes32 maliciousResultHash, uint32 maliciousSubmitter)\\n {\\n require(\\n currentState(self) == State.CHALLENGE,\\n \\\"Current state is not CHALLENGE\\\"\\n );\\n\\n require(\\n block.number <=\\n self.submittedResultBlock +\\n self.parameters.resultChallengePeriodLength,\\n \\\"Challenge period has already passed\\\"\\n );\\n\\n require(\\n keccak256(abi.encode(result)) == self.submittedResultHash,\\n \\\"Result under challenge is different than the submitted one\\\"\\n );\\n\\n // https://github.com/crytic/slither/issues/982\\n // slither-disable-next-line unused-return\\n try\\n self.dkgValidator.validate(result, self.seed, self.startBlock)\\n returns (\\n // slither-disable-next-line uninitialized-local,variable-scope\\n bool isValid,\\n // slither-disable-next-line uninitialized-local,variable-scope\\n string memory errorMsg\\n ) {\\n if (isValid) {\\n revert(\\\"unjustified challenge\\\");\\n }\\n\\n emit DkgResultChallenged(\\n self.submittedResultHash,\\n msg.sender,\\n errorMsg\\n );\\n } catch {\\n // if the validation reverted we consider the DKG result as invalid\\n emit DkgResultChallenged(\\n self.submittedResultHash,\\n msg.sender,\\n \\\"validation reverted\\\"\\n );\\n }\\n\\n // Consider result hash as malicious.\\n maliciousResultHash = self.submittedResultHash;\\n maliciousSubmitter = result.members[result.submitterMemberIndex - 1];\\n\\n // Adjust DKG result submission block start, so submission stage starts\\n // from the beginning.\\n self.resultSubmissionStartBlockOffset = block.number - self.startBlock;\\n\\n submittedResultCleanup(self);\\n\\n return (maliciousResultHash, maliciousSubmitter);\\n }\\n\\n /// @notice Checks if DKG result is valid for the current DKG.\\n /// @param result DKG result.\\n /// @return True if the result is valid. If the result is invalid it returns\\n /// false and an error message.\\n function isResultValid(Data storage self, Result calldata result)\\n internal\\n view\\n returns (bool, string memory)\\n {\\n require(self.startBlock > 0, \\\"DKG has not been started\\\");\\n\\n return self.dkgValidator.validate(result, self.seed, self.startBlock);\\n }\\n\\n /// @notice Set setSeedTimeout parameter.\\n function setSeedTimeout(Data storage self, uint256 newSeedTimeout)\\n internal\\n {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(newSeedTimeout > 0, \\\"New value should be greater than zero\\\");\\n\\n self.parameters.seedTimeout = newSeedTimeout;\\n }\\n\\n /// @notice Set resultChallengePeriodLength parameter.\\n function setResultChallengePeriodLength(\\n Data storage self,\\n uint256 newResultChallengePeriodLength\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newResultChallengePeriodLength > 0,\\n \\\"New value should be greater than zero\\\"\\n );\\n\\n self\\n .parameters\\n .resultChallengePeriodLength = newResultChallengePeriodLength;\\n }\\n\\n /// @notice Set resultSubmissionTimeout parameter.\\n function setResultSubmissionTimeout(\\n Data storage self,\\n uint256 newResultSubmissionTimeout\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newResultSubmissionTimeout > 0,\\n \\\"New value should be greater than zero\\\"\\n );\\n\\n self.parameters.resultSubmissionTimeout = newResultSubmissionTimeout;\\n }\\n\\n /// @notice Set submitterPrecedencePeriodLength parameter.\\n function setSubmitterPrecedencePeriodLength(\\n Data storage self,\\n uint256 newSubmitterPrecedencePeriodLength\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newSubmitterPrecedencePeriodLength <\\n self.parameters.resultSubmissionTimeout,\\n \\\"New value should be less than result submission period length\\\"\\n );\\n\\n self\\n .parameters\\n .submitterPrecedencePeriodLength = newSubmitterPrecedencePeriodLength;\\n }\\n\\n /// @notice Completes DKG by cleaning up state.\\n /// @dev Should be called after DKG times out or a result is approved.\\n function complete(Data storage self) internal {\\n delete self.startBlock;\\n delete self.seed;\\n delete self.resultSubmissionStartBlockOffset;\\n submittedResultCleanup(self);\\n self.sortitionPool.unlock();\\n }\\n\\n /// @notice Cleans up submitted result state either after DKG completion\\n /// (as part of `complete` method) or after justified challenge.\\n function submittedResultCleanup(Data storage self) private {\\n delete self.submittedResultHash;\\n delete self.submittedResultBlock;\\n }\\n}\\n\",\"keccak256\":\"0xb3aada6a96598150d042944e675e93381183b01ad258e774e7c94500062db0f9\",\"license\":\"MIT\"},\"@keep-network/random-beacon/contracts/Governable.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\n/// @notice Governable contract.\\n/// @dev A constructor is not defined, which makes the contract compatible with\\n/// upgradable proxies. This requires calling explicitly `_transferGovernance`\\n/// function in a child contract.\\nabstract contract Governable {\\n // Governance of the contract\\n // The variable should be initialized by the implementing contract.\\n // slither-disable-next-line uninitialized-state\\n address public governance;\\n\\n event GovernanceTransferred(address oldGovernance, address newGovernance);\\n\\n modifier onlyGovernance() virtual {\\n require(governance == msg.sender, \\\"Caller is not the governance\\\");\\n _;\\n }\\n\\n /// @notice Transfers governance of the contract to `newGovernance`.\\n function transferGovernance(address newGovernance)\\n external\\n virtual\\n onlyGovernance\\n {\\n require(\\n newGovernance != address(0),\\n \\\"New governance is the zero address\\\"\\n );\\n _transferGovernance(newGovernance);\\n }\\n\\n function _transferGovernance(address newGovernance) internal virtual {\\n address oldGovernance = governance;\\n governance = newGovernance;\\n emit GovernanceTransferred(oldGovernance, newGovernance);\\n }\\n}\\n\",\"keccak256\":\"0xf06370004a36721cdbf88da4296efaa28944e99ab471f48b790ac846bced1792\",\"license\":\"MIT\"},\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n//\\n\\npragma solidity ^0.8.9;\\n\\n/*\\nVersion pulled from keep-core v1:\\nhttps://github.com/keep-network/keep-core/blob/f297202db00c027978ad8e7103a356503de5773c/solidity-v1/contracts/utils/BytesLib.sol\\n\\nTo compile it with solidity 0.8 `_preBytes_slot` was replaced with `_preBytes.slot`.\\n*/\\n\\n/*\\nhttps://github.com/GNSPS/solidity-bytes-utils/\\nThis is free and unencumbered software released into the public domain.\\nAnyone is free to copy, modify, publish, use, compile, sell, or\\ndistribute this software, either in source code form or as a compiled\\nbinary, for any purpose, commercial or non-commercial, and by any\\nmeans.\\nIn jurisdictions that recognize copyright laws, the author or authors\\nof this software dedicate any and all copyright interest in the\\nsoftware to the public domain. We make this dedication for the benefit\\nof the public at large and to the detriment of our heirs and\\nsuccessors. We intend this dedication to be an overt act of\\nrelinquishment in perpetuity of all present and future rights to this\\nsoftware under copyright law.\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND,\\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR\\nOTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,\\nARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR\\nOTHER DEALINGS IN THE SOFTWARE.\\nFor more information, please refer to <https://unlicense.org>\\n*/\\n\\n/** @title BytesLib **/\\n/** @author https://github.com/GNSPS **/\\n\\nlibrary BytesLib {\\n function concatStorage(bytes storage _preBytes, bytes memory _postBytes)\\n internal\\n {\\n assembly {\\n // Read the first 32 bytes of _preBytes storage, which is the length\\n // of the array. (We don't need to use the offset into the slot\\n // because arrays use the entire slot.)\\n let fslot := sload(_preBytes.slot)\\n // Arrays of 31 bytes or less have an even value in their slot,\\n // while longer arrays have an odd value. The actual length is\\n // the slot divided by two for odd values, and the lowest order\\n // byte divided by two for even values.\\n // If the slot is even, bitwise and the slot with 255 and divide by\\n // two to get the length. If the slot is odd, bitwise and the slot\\n // with -1 and divide by two.\\n let slength := div(\\n and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)),\\n 2\\n )\\n let mlength := mload(_postBytes)\\n let newlength := add(slength, mlength)\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n switch add(lt(slength, 32), lt(newlength, 32))\\n case 2 {\\n // Since the new array still fits in the slot, we just need to\\n // update the contents of the slot.\\n // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length\\n sstore(\\n _preBytes.slot,\\n // all the modifications to the slot are inside this\\n // next block\\n add(\\n // we can just add to the slot contents because the\\n // bytes we want to change are the LSBs\\n fslot,\\n add(\\n mul(\\n div(\\n // load the bytes from memory\\n mload(add(_postBytes, 0x20)),\\n // zero all bytes to the right\\n exp(0x100, sub(32, mlength))\\n ),\\n // and now shift left the number of bytes to\\n // leave space for the length in the slot\\n exp(0x100, sub(32, newlength))\\n ),\\n // increase length by the double of the memory\\n // bytes length\\n mul(mlength, 2)\\n )\\n )\\n )\\n }\\n case 1 {\\n // The stored value fits in the slot, but the combined value\\n // will exceed it.\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // The contents of the _postBytes array start 32 bytes into\\n // the structure. Our first read should obtain the `submod`\\n // bytes that can fit into the unused space in the last word\\n // of the stored array. To get this, we read 32 bytes starting\\n // from `submod`, so the data we read overlaps with the array\\n // contents by `submod` bytes. Masking the lowest-order\\n // `submod` bytes allows us to add that value directly to the\\n // stored value.\\n\\n let submod := sub(32, slength)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(\\n sc,\\n add(\\n and(\\n fslot,\\n 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00\\n ),\\n and(mload(mc), mask)\\n )\\n )\\n\\n for {\\n mc := add(mc, 0x20)\\n sc := add(sc, 1)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n default {\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n // Start copying to the last used word of the stored array.\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // Copy over the first `submod` bytes of the new data as in\\n // case 1 above.\\n let slengthmod := mod(slength, 32)\\n let submod := sub(32, slengthmod)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(sc, add(sload(sc), and(mload(mc), mask)))\\n\\n for {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n }\\n }\\n\\n function equalStorage(bytes storage _preBytes, bytes memory _postBytes)\\n internal\\n view\\n returns (bool)\\n {\\n bool success = true;\\n\\n assembly {\\n // we know _preBytes_offset is 0\\n let fslot := sload(_preBytes.slot)\\n // Decode the length of the stored array like in concatStorage().\\n let slength := div(\\n and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)),\\n 2\\n )\\n let mlength := mload(_postBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(slength, mlength)\\n case 1 {\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n if iszero(iszero(slength)) {\\n switch lt(slength, 32)\\n case 1 {\\n // blank the last byte which is the length\\n fslot := mul(div(fslot, 0x100), 0x100)\\n\\n if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {\\n // unsuccess:\\n success := 0\\n }\\n }\\n default {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := keccak256(0x0, 0x20)\\n\\n let mc := add(_postBytes, 0x20)\\n let end := add(mc, mlength)\\n\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n for {\\n\\n } eq(add(lt(mc, end), cb), 2) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n if iszero(eq(sload(sc), mload(mc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function concat(bytes memory _preBytes, bytes memory _postBytes)\\n internal\\n pure\\n returns (bytes memory)\\n {\\n bytes memory tempBytes;\\n\\n assembly {\\n // Get a location of some free memory and store it in tempBytes as\\n // Solidity does for memory variables.\\n tempBytes := mload(0x40)\\n\\n // Store the length of the first bytes array at the beginning of\\n // the memory for tempBytes.\\n let length := mload(_preBytes)\\n mstore(tempBytes, length)\\n\\n // Maintain a memory counter for the current write location in the\\n // temp bytes array by adding the 32 bytes for the array length to\\n // the starting location.\\n let mc := add(tempBytes, 0x20)\\n // Stop copying when the memory counter reaches the length of the\\n // first bytes array.\\n let end := add(mc, length)\\n\\n for {\\n // Initialize a copy counter to the start of the _preBytes data,\\n // 32 bytes into its memory.\\n let cc := add(_preBytes, 0x20)\\n } lt(mc, end) {\\n // Increase both counters by 32 bytes each iteration.\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // Write the _preBytes data into the tempBytes memory 32 bytes\\n // at a time.\\n mstore(mc, mload(cc))\\n }\\n\\n // Add the length of _postBytes to the current length of tempBytes\\n // and store it as the new length in the first 32 bytes of the\\n // tempBytes memory.\\n length := mload(_postBytes)\\n mstore(tempBytes, add(length, mload(tempBytes)))\\n\\n // Move the memory counter back from a multiple of 0x20 to the\\n // actual end of the _preBytes data.\\n mc := end\\n // Stop copying when the memory counter reaches the new combined\\n // length of the arrays.\\n end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n } lt(mc, end) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n mstore(mc, mload(cc))\\n }\\n\\n // Update the free-memory pointer by padding our last write location\\n // to 32 bytes: add 31 bytes to the end of tempBytes to move to the\\n // next 32 byte block, then round down to the nearest multiple of\\n // 32. If the sum of the length of the two arrays is zero then add\\n // one before rounding down to leave a blank 32 bytes (the length block with 0).\\n mstore(\\n 0x40,\\n and(\\n add(add(end, iszero(add(length, mload(_preBytes)))), 31),\\n not(31) // Round down to the nearest 32 bytes.\\n )\\n )\\n }\\n\\n return tempBytes;\\n }\\n\\n function slice(\\n bytes memory _bytes,\\n uint256 _start,\\n uint256 _length\\n ) internal pure returns (bytes memory res) {\\n uint256 _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n // Alloc bytes array with additional 32 bytes afterspace and assign it's size\\n res := mload(0x40)\\n mstore(0x40, add(add(res, 64), _length))\\n mstore(res, _length)\\n\\n // Compute distance between source and destination pointers\\n let diff := sub(res, add(_bytes, _start))\\n\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n } {\\n mstore(add(src, diff), mload(src))\\n }\\n }\\n }\\n\\n function toAddress(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (address)\\n {\\n uint256 _totalLen = _start + 20;\\n require(\\n _totalLen > _start && _bytes.length >= _totalLen,\\n \\\"Address conversion out of bounds.\\\"\\n );\\n address tempAddress;\\n\\n assembly {\\n tempAddress := div(\\n mload(add(add(_bytes, 0x20), _start)),\\n 0x1000000000000000000000000\\n )\\n }\\n\\n return tempAddress;\\n }\\n\\n function toUint8(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (uint8)\\n {\\n require(\\n _bytes.length >= (_start + 1),\\n \\\"Uint8 conversion out of bounds.\\\"\\n );\\n uint8 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x1), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function toUint(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (uint256)\\n {\\n uint256 _totalLen = _start + 32;\\n require(\\n _totalLen > _start && _bytes.length >= _totalLen,\\n \\\"Uint conversion out of bounds.\\\"\\n );\\n uint256 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x20), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function equal(bytes memory _preBytes, bytes memory _postBytes)\\n internal\\n pure\\n returns (bool)\\n {\\n bool success = true;\\n\\n assembly {\\n let length := mload(_preBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(length, mload(_postBytes))\\n case 1 {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n let mc := add(_preBytes, 0x20)\\n let end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n } eq(add(lt(mc, end), cb), 2) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // if any of these checks fails then arrays are not equal\\n if iszero(eq(mload(mc), mload(cc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function toBytes32(bytes memory _source)\\n internal\\n pure\\n returns (bytes32 result)\\n {\\n if (_source.length == 0) {\\n return 0x0;\\n }\\n\\n assembly {\\n result := mload(add(_source, 32))\\n }\\n }\\n\\n function keccak256Slice(\\n bytes memory _bytes,\\n uint256 _start,\\n uint256 _length\\n ) internal pure returns (bytes32 result) {\\n uint256 _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n result := keccak256(add(add(_bytes, 32), _start), _length)\\n }\\n }\\n}\\n\",\"keccak256\":\"0xd778546e5ccb131b9dbf25abc4fa8668168b55bae599ffe40f040e7100aa8a35\",\"license\":\"MIT\"},\"@keep-network/sortition-pools/contracts/Branch.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\n/// @notice The implicit 8-ary trees of the sortition pool\\n/// rely on packing 8 \\\"slots\\\" of 32-bit values into each uint256.\\n/// The Branch library permits efficient calculations on these slots.\\nlibrary Branch {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant LAST_SLOT = SLOT_COUNT - 1;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n /// @notice Calculate the right shift required\\n /// to make the 32 least significant bits of an uint256\\n /// be the bits of the `position`th slot\\n /// when treating the uint256 as a uint32[8].\\n ///\\n /// @dev Not used for efficiency reasons,\\n /// but left to illustrate the meaning of a common pattern.\\n /// I wish solidity had macros, even C macros.\\n function slotShift(uint256 position) internal pure returns (uint256) {\\n unchecked {\\n return position * SLOT_WIDTH;\\n }\\n }\\n\\n /// @notice Return the `position`th slot of the `node`,\\n /// treating `node` as a uint32[32].\\n function getSlot(uint256 node, uint256 position)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Doing a bitwise AND with `SLOT_MAX`\\n // clears all but the 32 least significant bits.\\n // Because of the right shift by `slotShift(position)` bits,\\n // those 32 bits contain the 32 bits in the `position`th slot of `node`.\\n return (node >> shiftBits) & SLOT_MAX;\\n }\\n }\\n\\n /// @notice Return `node` with the `position`th slot set to zero.\\n function clearSlot(uint256 node, uint256 position)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Shifting `SLOT_MAX` left by `slotShift(position)` bits\\n // gives us a number where all bits of the `position`th slot are set,\\n // and all other bits are unset.\\n //\\n // Using a bitwise NOT on this number,\\n // we get a uint256 where all bits are set\\n // except for those of the `position`th slot.\\n //\\n // Bitwise ANDing the original `node` with this number\\n // sets the bits of `position`th slot to zero,\\n // leaving all other bits unchanged.\\n return node & ~(SLOT_MAX << shiftBits);\\n }\\n }\\n\\n /// @notice Return `node` with the `position`th slot set to `weight`.\\n ///\\n /// @param weight The weight of of the node.\\n /// Safely truncated to a 32-bit number,\\n /// but this should never be called with an overflowing weight regardless.\\n function setSlot(\\n uint256 node,\\n uint256 position,\\n uint256 weight\\n ) internal pure returns (uint256) {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Clear the `position`th slot like in `clearSlot()`.\\n uint256 clearedNode = node & ~(SLOT_MAX << shiftBits);\\n // Bitwise AND `weight` with `SLOT_MAX`\\n // to clear all but the 32 least significant bits.\\n //\\n // Shift this left by `slotShift(position)` bits\\n // to obtain a uint256 with all bits unset\\n // except in the `position`th slot\\n // which contains the 32-bit value of `weight`.\\n uint256 shiftedWeight = (weight & SLOT_MAX) << shiftBits;\\n // When we bitwise OR these together,\\n // all other slots except the `position`th one come from the left argument,\\n // and the `position`th gets filled with `weight` from the right argument.\\n return clearedNode | shiftedWeight;\\n }\\n }\\n\\n /// @notice Calculate the summed weight of all slots in the `node`.\\n function sumWeight(uint256 node) internal pure returns (uint256 sum) {\\n unchecked {\\n sum = node & SLOT_MAX;\\n // Iterate through each slot\\n // by shifting `node` right in increments of 32 bits,\\n // and adding the 32 least significant bits to the `sum`.\\n uint256 newNode = node >> SLOT_WIDTH;\\n while (newNode > 0) {\\n sum += (newNode & SLOT_MAX);\\n newNode = newNode >> SLOT_WIDTH;\\n }\\n return sum;\\n }\\n }\\n\\n /// @notice Pick a slot in `node` that corresponds to `index`.\\n /// Treats the node like an array of virtual stakers,\\n /// the number of virtual stakers in each slot corresponding to its weight,\\n /// and picks which slot contains the `index`th virtual staker.\\n ///\\n /// @dev Requires that `index` be lower than `sumWeight(node)`.\\n /// However, this is not enforced for performance reasons.\\n /// If `index` exceeds the permitted range,\\n /// `pickWeightedSlot()` returns the rightmost slot\\n /// and an excessively high `newIndex`.\\n ///\\n /// @return slot The slot of `node` containing the `index`th virtual staker.\\n ///\\n /// @return newIndex The index of the `index`th virtual staker of `node`\\n /// within the returned slot.\\n function pickWeightedSlot(uint256 node, uint256 index)\\n internal\\n pure\\n returns (uint256 slot, uint256 newIndex)\\n {\\n unchecked {\\n newIndex = index;\\n uint256 newNode = node;\\n uint256 currentSlotWeight = newNode & SLOT_MAX;\\n while (newIndex >= currentSlotWeight) {\\n newIndex -= currentSlotWeight;\\n slot++;\\n newNode = newNode >> SLOT_WIDTH;\\n currentSlotWeight = newNode & SLOT_MAX;\\n }\\n return (slot, newIndex);\\n }\\n }\\n}\\n\",\"keccak256\":\"0x7ba28c2d49aa038c3a80e3e66a09f035c156abfc1ee3412c8d615c84612bdf29\"},\"@keep-network/sortition-pools/contracts/Leaf.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nlibrary Leaf {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n\\n uint256 private constant ID_WIDTH = SLOT_WIDTH;\\n uint256 private constant ID_MAX = SLOT_MAX;\\n\\n uint256 private constant BLOCKHEIGHT_WIDTH = 96 - ID_WIDTH;\\n uint256 private constant BLOCKHEIGHT_MAX = (2**BLOCKHEIGHT_WIDTH) - 1;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n function make(\\n address _operator,\\n uint256 _creationBlock,\\n uint256 _id\\n ) internal pure returns (uint256) {\\n assert(_creationBlock <= type(uint64).max);\\n assert(_id <= type(uint32).max);\\n // Converting a bytesX type into a larger type\\n // adds zero bytes on the right.\\n uint256 op = uint256(bytes32(bytes20(_operator)));\\n // Bitwise AND the id to erase\\n // all but the 32 least significant bits\\n uint256 uid = _id & ID_MAX;\\n // Erase all but the 64 least significant bits,\\n // then shift left by 32 bits to make room for the id\\n uint256 cb = (_creationBlock & BLOCKHEIGHT_MAX) << ID_WIDTH;\\n // Bitwise OR them all together to get\\n // [address operator || uint64 creationBlock || uint32 id]\\n return (op | cb | uid);\\n }\\n\\n function operator(uint256 leaf) internal pure returns (address) {\\n // Converting a bytesX type into a smaller type\\n // truncates it on the right.\\n return address(bytes20(bytes32(leaf)));\\n }\\n\\n /// @notice Return the block number the leaf was created in.\\n function creationBlock(uint256 leaf) internal pure returns (uint256) {\\n return ((leaf >> ID_WIDTH) & BLOCKHEIGHT_MAX);\\n }\\n\\n function id(uint256 leaf) internal pure returns (uint32) {\\n // Id is stored in the 32 least significant bits.\\n // Bitwise AND ensures that we only get the contents of those bits.\\n return uint32(leaf & ID_MAX);\\n }\\n}\\n\",\"keccak256\":\"0xaa56ba64d0990b014ce555b8edfd5e2fb3e62b6fade61e0b6d428c6058a33709\"},\"@keep-network/sortition-pools/contracts/Position.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nlibrary Position {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_POINTER_MAX = (2**SLOT_BITS) - 1;\\n uint256 private constant LEAF_FLAG = 1 << 255;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n // Return the last 3 bits of a position number,\\n // corresponding to its slot in its parent\\n function slot(uint256 a) internal pure returns (uint256) {\\n return a & SLOT_POINTER_MAX;\\n }\\n\\n // Return the parent of a position number\\n function parent(uint256 a) internal pure returns (uint256) {\\n return a >> SLOT_BITS;\\n }\\n\\n // Return the location of the child of a at the given slot\\n function child(uint256 a, uint256 s) internal pure returns (uint256) {\\n return (a << SLOT_BITS) | (s & SLOT_POINTER_MAX); // slot(s)\\n }\\n\\n // Return the uint p as a flagged position uint:\\n // the least significant 21 bits contain the position\\n // and the 22nd bit is set as a flag\\n // to distinguish the position 0x000000 from an empty field.\\n function setFlag(uint256 p) internal pure returns (uint256) {\\n return p | LEAF_FLAG;\\n }\\n\\n // Turn a flagged position into an unflagged position\\n // by removing the flag at the 22nd least significant bit.\\n //\\n // We shouldn't _actually_ need this\\n // as all position-manipulating code should ignore non-position bits anyway\\n // but it's cheap to call so might as well do it.\\n function unsetFlag(uint256 p) internal pure returns (uint256) {\\n return p & (~LEAF_FLAG);\\n }\\n}\\n\",\"keccak256\":\"0x2068219deb725390f294d2a710ec802b519e6e47eca00024034011d21e5fb8ac\"},\"@keep-network/sortition-pools/contracts/RNG.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"./Leaf.sol\\\";\\n\\nlibrary RNG {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant WEIGHT_WIDTH = 256 / SLOT_COUNT;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n /// @notice Get an index in the range `[0 .. range-1]`\\n /// and the new state of the RNG,\\n /// using the provided `state` of the RNG.\\n ///\\n /// @param range The upper bound of the index, exclusive.\\n ///\\n /// @param state The previous state of the RNG.\\n /// The initial state needs to be obtained\\n /// from a trusted randomness oracle (the random beacon),\\n /// or from a chain of earlier calls to `RNG.getIndex()`\\n /// on an originally trusted seed.\\n ///\\n /// @dev Calculates the number of bits required for the desired range,\\n /// takes the least significant bits of `state`\\n /// and checks if the obtained index is within the desired range.\\n /// The original state is hashed with `keccak256` to get a new state.\\n /// If the index is outside the range,\\n /// the function retries until it gets a suitable index.\\n ///\\n /// @return index A random integer between `0` and `range - 1`, inclusive.\\n ///\\n /// @return newState The new state of the RNG.\\n /// When `getIndex()` is called one or more times,\\n /// care must be taken to always use the output `state`\\n /// of the most recent call as the input `state` of a subsequent call.\\n /// At the end of a transaction calling `RNG.getIndex()`,\\n /// the previous stored state must be overwritten with the latest output.\\n function getIndex(\\n uint256 range,\\n bytes32 state,\\n uint256 bits\\n ) internal view returns (uint256, bytes32) {\\n bool found = false;\\n uint256 index = 0;\\n bytes32 newState = state;\\n while (!found) {\\n index = truncate(bits, uint256(newState));\\n newState = keccak256(abi.encodePacked(newState, address(this)));\\n if (index < range) {\\n found = true;\\n }\\n }\\n return (index, newState);\\n }\\n\\n /// @notice Calculate how many bits are required\\n /// for an index in the range `[0 .. range-1]`.\\n ///\\n /// @param range The upper bound of the desired range, exclusive.\\n ///\\n /// @return uint The smallest number of bits\\n /// that can contain the number `range-1`.\\n function bitsRequired(uint256 range) internal pure returns (uint256) {\\n unchecked {\\n if (range == 1) {\\n return 0;\\n }\\n\\n uint256 bits = WEIGHT_WIDTH - 1;\\n\\n // Left shift by `bits`,\\n // so we have a 1 in the (bits + 1)th least significant bit\\n // and 0 in other bits.\\n // If this number is equal or greater than `range`,\\n // the range [0, range-1] fits in `bits` bits.\\n //\\n // Because we loop from high bits to low bits,\\n // we find the highest number of bits that doesn't fit the range,\\n // and return that number + 1.\\n while (1 << bits >= range) {\\n bits--;\\n }\\n\\n return bits + 1;\\n }\\n }\\n\\n /// @notice Truncate `input` to the `bits` least significant bits.\\n function truncate(uint256 bits, uint256 input)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n return input & ((1 << bits) - 1);\\n }\\n }\\n}\\n\",\"keccak256\":\"0x1b52b2c45669145cbd9fa7337def843e3de69bfde089039a7fcc09f0aa00c81f\"},\"@keep-network/sortition-pools/contracts/Rewards.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\n/// @title Rewards\\n/// @notice Rewards are allocated proportionally to operators\\n/// present in the pool at payout based on their weight in the pool.\\n///\\n/// To facilitate this, we use a global accumulator value\\n/// to track the total rewards one unit of weight would've earned\\n/// since the creation of the pool.\\n///\\n/// Whenever a reward is paid, the accumulator is increased\\n/// by the size of the reward divided by the total weight\\n/// of all eligible operators in the pool.\\n///\\n/// Each operator has an individual accumulator value,\\n/// set to equal the global accumulator when the operator joins the pool.\\n/// This accumulator reflects the amount of rewards\\n/// that have already been accounted for with that operator.\\n///\\n/// Whenever an operator's weight in the pool changes,\\n/// we can update the amount of rewards the operator has earned\\n/// by subtracting the operator's accumulator from the global accumulator.\\n/// This gives us the amount of rewards one unit of weight has earned\\n/// since the last time the operator's rewards have been updated.\\n/// Then we multiply that by the operator's previous (pre-change) weight\\n/// to determine how much rewards in total the operator has earned,\\n/// and add this to the operator's earned rewards.\\n/// Finally, we set the operator's accumulator to the global accumulator value.\\ncontract Rewards {\\n struct OperatorRewards {\\n // The state of the global accumulator\\n // when the operator's rewards were last updated\\n uint96 accumulated;\\n // The amount of rewards collected by the operator after the latest update.\\n // The amount the operator could withdraw may equal `available`\\n // or it may be greater, if more rewards have been paid in since then.\\n // To evaulate the most recent amount including rewards potentially paid\\n // since the last update, use `availableRewards` function.\\n uint96 available;\\n // If nonzero, the operator is ineligible for rewards\\n // and may only re-enable rewards after the specified timestamp.\\n // XXX: unsigned 32-bit integer unix seconds, will break around 2106\\n uint32 ineligibleUntil;\\n // Locally cached weight of the operator,\\n // used to reduce the cost of setting operators ineligible.\\n uint32 weight;\\n }\\n\\n // The global accumulator of how much rewards\\n // a hypothetical operator of weight 1 would have earned\\n // since the creation of the pool.\\n uint96 internal globalRewardAccumulator;\\n // If the amount of reward tokens paid in\\n // does not divide cleanly by pool weight,\\n // the difference is recorded as rounding dust\\n // and added to the next reward.\\n uint96 internal rewardRoundingDust;\\n\\n // The amount of rewards that would've been earned by ineligible operators\\n // had they not been ineligible.\\n uint96 public ineligibleEarnedRewards;\\n\\n // Ineligibility times are calculated from this offset,\\n // set at contract creation.\\n uint256 internal immutable ineligibleOffsetStart;\\n\\n mapping(uint32 => OperatorRewards) internal operatorRewards;\\n\\n constructor() {\\n // solhint-disable-next-line not-rely-on-time\\n ineligibleOffsetStart = block.timestamp;\\n }\\n\\n /// @notice Return whether the operator is eligible for rewards or not.\\n function isEligibleForRewards(uint32 operator) public view returns (bool) {\\n return operatorRewards[operator].ineligibleUntil == 0;\\n }\\n\\n /// @notice Return the time the operator's reward eligibility can be restored.\\n function rewardsEligibilityRestorableAt(uint32 operator)\\n public\\n view\\n returns (uint256)\\n {\\n uint32 until = operatorRewards[operator].ineligibleUntil;\\n require(until != 0, \\\"Operator already eligible\\\");\\n return (uint256(until) + ineligibleOffsetStart);\\n }\\n\\n /// @notice Return whether the operator is able\\n /// to restore their eligibility for rewards right away.\\n function canRestoreRewardEligibility(uint32 operator)\\n public\\n view\\n returns (bool)\\n {\\n // solhint-disable-next-line not-rely-on-time\\n return rewardsEligibilityRestorableAt(operator) <= block.timestamp;\\n }\\n\\n /// @notice Internal function for updating the global state of rewards.\\n function addRewards(uint96 rewardAmount, uint32 currentPoolWeight) internal {\\n require(currentPoolWeight >= 0, \\\"No recipients in pool\\\");\\n\\n uint96 totalAmount = rewardAmount + rewardRoundingDust;\\n uint96 perWeightReward = totalAmount / currentPoolWeight;\\n uint96 newRoundingDust = totalAmount % currentPoolWeight;\\n\\n globalRewardAccumulator += perWeightReward;\\n rewardRoundingDust = newRoundingDust;\\n }\\n\\n /// @notice Internal function for updating the operator's reward state.\\n function updateOperatorRewards(uint32 operator, uint32 newWeight) internal {\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n if (o.ineligibleUntil == 0) {\\n // If operator is not ineligible, update their earned rewards\\n o.available += accruedRewards;\\n } else {\\n // If ineligible, put the rewards into the ineligible pot\\n ineligibleEarnedRewards += accruedRewards;\\n }\\n // In any case, update their accumulator and weight\\n o.accumulated = acc;\\n o.weight = newWeight;\\n operatorRewards[operator] = o;\\n }\\n\\n /// @notice Set the amount of withdrawable tokens to zero\\n /// and return the previous withdrawable amount.\\n /// @dev Does not update the withdrawable amount,\\n /// but should usually be accompanied by an update.\\n function withdrawOperatorRewards(uint32 operator)\\n internal\\n returns (uint96 withdrawable)\\n {\\n OperatorRewards storage o = operatorRewards[operator];\\n withdrawable = o.available;\\n o.available = 0;\\n }\\n\\n /// @notice Set the amount of ineligible-earned tokens to zero\\n /// and return the previous amount.\\n function withdrawIneligibleRewards() internal returns (uint96 withdrawable) {\\n withdrawable = ineligibleEarnedRewards;\\n ineligibleEarnedRewards = 0;\\n }\\n\\n /// @notice Set the given operators as ineligible for rewards.\\n /// The operators can restore their eligibility at the given time.\\n function setIneligible(uint32[] memory operators, uint256 until) internal {\\n OperatorRewards memory o = OperatorRewards(0, 0, 0, 0);\\n uint96 globalAcc = globalRewardAccumulator;\\n uint96 accrued = 0;\\n // Record ineligibility as seconds after contract creation\\n uint32 _until = uint32(until - ineligibleOffsetStart);\\n\\n for (uint256 i = 0; i < operators.length; i++) {\\n uint32 operator = operators[i];\\n OperatorRewards storage r = operatorRewards[operator];\\n o.available = r.available;\\n o.accumulated = r.accumulated;\\n o.ineligibleUntil = r.ineligibleUntil;\\n o.weight = r.weight;\\n\\n if (o.ineligibleUntil != 0) {\\n // If operator is already ineligible,\\n // don't earn rewards or shorten its ineligibility\\n if (o.ineligibleUntil < _until) {\\n o.ineligibleUntil = _until;\\n }\\n } else {\\n // The operator becomes ineligible -> earn rewards\\n o.ineligibleUntil = _until;\\n accrued = (globalAcc - o.accumulated) * uint96(o.weight);\\n o.available += accrued;\\n }\\n o.accumulated = globalAcc;\\n\\n r.available = o.available;\\n r.accumulated = o.accumulated;\\n r.ineligibleUntil = o.ineligibleUntil;\\n r.weight = o.weight;\\n }\\n }\\n\\n /// @notice Restore the given operator's eligibility for rewards.\\n function restoreEligibility(uint32 operator) internal {\\n // solhint-disable-next-line not-rely-on-time\\n require(canRestoreRewardEligibility(operator), \\\"Operator still ineligible\\\");\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n ineligibleEarnedRewards += accruedRewards;\\n o.accumulated = acc;\\n o.ineligibleUntil = 0;\\n operatorRewards[operator] = o;\\n }\\n\\n /// @notice Returns the amount of rewards currently available for withdrawal\\n /// for the given operator.\\n function availableRewards(uint32 operator) internal view returns (uint96) {\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n if (o.ineligibleUntil == 0) {\\n // If operator is not ineligible, calculate newly accrued rewards and add\\n // them to the available ones, calculated during the last update.\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n return o.available + accruedRewards;\\n } else {\\n // If ineligible, return only the rewards calculated during the last\\n // update.\\n return o.available;\\n }\\n }\\n}\\n\",\"keccak256\":\"0x608d5d04411469682191b8fe26bbc0d925e1f950e24ac45c272b74e3df2e91cf\"},\"@keep-network/sortition-pools/contracts/SortitionPool.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"@thesis/solidity-contracts/contracts/token/IERC20WithPermit.sol\\\";\\nimport \\\"@thesis/solidity-contracts/contracts/token/IReceiveApproval.sol\\\";\\n\\nimport \\\"@openzeppelin/contracts/access/Ownable.sol\\\";\\n\\nimport \\\"./RNG.sol\\\";\\nimport \\\"./SortitionTree.sol\\\";\\nimport \\\"./Rewards.sol\\\";\\n\\n/// @title Sortition Pool\\n/// @notice A logarithmic data structure used to store the pool of eligible\\n/// operators weighted by their stakes. It allows to select a group of operators\\n/// based on the provided pseudo-random seed.\\ncontract SortitionPool is SortitionTree, Rewards, Ownable, IReceiveApproval {\\n using Branch for uint256;\\n using Leaf for uint256;\\n using Position for uint256;\\n\\n IERC20WithPermit public immutable rewardToken;\\n\\n uint256 public immutable poolWeightDivisor;\\n\\n bool public isLocked;\\n\\n event IneligibleForRewards(uint32[] ids, uint256 until);\\n\\n event RewardEligibilityRestored(address indexed operator, uint32 indexed id);\\n\\n /// @notice Reverts if called while pool is locked.\\n modifier onlyUnlocked() {\\n require(!isLocked, \\\"Sortition pool locked\\\");\\n _;\\n }\\n\\n /// @notice Reverts if called while pool is unlocked.\\n modifier onlyLocked() {\\n require(isLocked, \\\"Sortition pool unlocked\\\");\\n _;\\n }\\n\\n constructor(IERC20WithPermit _rewardToken, uint256 _poolWeightDivisor) {\\n rewardToken = _rewardToken;\\n poolWeightDivisor = _poolWeightDivisor;\\n }\\n\\n function receiveApproval(\\n address sender,\\n uint256 amount,\\n address token,\\n bytes calldata\\n ) external override {\\n require(token == address(rewardToken), \\\"Unsupported token\\\");\\n rewardToken.transferFrom(sender, address(this), amount);\\n Rewards.addRewards(uint96(amount), uint32(root.sumWeight()));\\n }\\n\\n /// @notice Withdraws all available rewards for the given operator to the\\n /// given beneficiary.\\n /// @dev Can be called only be the owner. Does not validate if the provided\\n /// beneficiary is associated with the provided operator - this needs to\\n /// be done by the owner calling this function.\\n /// @return The amount of rewards withdrawn in this call.\\n function withdrawRewards(address operator, address beneficiary)\\n public\\n onlyOwner\\n returns (uint96)\\n {\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(getPoolWeight(operator)));\\n uint96 earned = Rewards.withdrawOperatorRewards(id);\\n rewardToken.transfer(beneficiary, uint256(earned));\\n return earned;\\n }\\n\\n /// @notice Withdraws rewards not allocated to operators marked as ineligible\\n /// to the given recipient address.\\n /// @dev Can be called only by the owner.\\n function withdrawIneligible(address recipient) public onlyOwner {\\n uint96 earned = Rewards.withdrawIneligibleRewards();\\n rewardToken.transfer(recipient, uint256(earned));\\n }\\n\\n /// @notice Locks the sortition pool. In locked state, members cannot be\\n /// inserted and removed from the pool. Members statuses cannot\\n /// be updated as well.\\n /// @dev Can be called only by the contract owner.\\n function lock() public onlyOwner {\\n isLocked = true;\\n }\\n\\n /// @notice Unlocks the sortition pool. Removes all restrictions set by\\n /// the `lock` method.\\n /// @dev Can be called only by the contract owner.\\n function unlock() public onlyOwner {\\n isLocked = false;\\n }\\n\\n /// @notice Inserts an operator to the pool. Reverts if the operator is\\n /// already present.\\n /// @dev Can be called only by the contract owner.\\n /// @param operator Address of the inserted operator.\\n /// @param authorizedStake Inserted operator's authorized stake for the application.\\n function insertOperator(address operator, uint256 authorizedStake)\\n public\\n onlyOwner\\n onlyUnlocked\\n {\\n uint256 weight = getWeight(authorizedStake);\\n require(weight > 0, \\\"Operator not eligible\\\");\\n\\n _insertOperator(operator, weight);\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(weight));\\n }\\n\\n /// @notice Update the operator's weight if present and eligible,\\n /// or remove from the pool if present and ineligible.\\n /// @dev Can be called only by the contract owner.\\n /// @param operator Address of the updated operator.\\n /// @param authorizedStake Operator's authorized stake for the application.\\n function updateOperatorStatus(address operator, uint256 authorizedStake)\\n public\\n onlyOwner\\n onlyUnlocked\\n {\\n uint256 weight = getWeight(authorizedStake);\\n\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(weight));\\n\\n if (weight == 0) {\\n _removeOperator(operator);\\n } else {\\n updateOperator(operator, weight);\\n }\\n }\\n\\n function setRewardIneligibility(uint32[] calldata operators, uint256 until)\\n public\\n onlyOwner\\n {\\n Rewards.setIneligible(operators, until);\\n emit IneligibleForRewards(operators, until);\\n }\\n\\n function restoreRewardEligibility(address operator) public {\\n uint32 id = getOperatorID(operator);\\n Rewards.restoreEligibility(id);\\n emit RewardEligibilityRestored(operator, id);\\n }\\n\\n /// @notice Returns the amount of rewards withdrawable for the given operator.\\n function getAvailableRewards(address operator) public view returns (uint96) {\\n uint32 id = getOperatorID(operator);\\n return availableRewards(id);\\n }\\n\\n /// @notice Return whether the operator is present in the pool.\\n function isOperatorInPool(address operator) public view returns (bool) {\\n return getFlaggedLeafPosition(operator) != 0;\\n }\\n\\n /// @notice Return whether the operator's weight in the pool\\n /// matches their eligible weight.\\n function isOperatorUpToDate(address operator, uint256 authorizedStake)\\n public\\n view\\n returns (bool)\\n {\\n return getWeight(authorizedStake) == getPoolWeight(operator);\\n }\\n\\n /// @notice Return the weight of the operator in the pool,\\n /// which may or may not be out of date.\\n function getPoolWeight(address operator) public view returns (uint256) {\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n if (flaggedPosition == 0) {\\n return 0;\\n } else {\\n uint256 leafPosition = flaggedPosition.unsetFlag();\\n uint256 leafWeight = getLeafWeight(leafPosition);\\n return leafWeight;\\n }\\n }\\n\\n /// @notice Selects a new group of operators of the provided size based on\\n /// the provided pseudo-random seed. At least one operator has to be\\n /// registered in the pool, otherwise the function fails reverting the\\n /// transaction.\\n /// @param groupSize Size of the requested group\\n /// @param seed Pseudo-random number used to select operators to group\\n /// @return selected Members of the selected group\\n function selectGroup(uint256 groupSize, bytes32 seed)\\n public\\n view\\n onlyLocked\\n returns (uint32[] memory)\\n {\\n uint256 _root = root;\\n\\n bytes32 rngState = seed;\\n uint256 rngRange = _root.sumWeight();\\n require(rngRange > 0, \\\"Not enough operators in pool\\\");\\n uint256 currentIndex;\\n\\n uint256 bits = RNG.bitsRequired(rngRange);\\n\\n uint32[] memory selected = new uint32[](groupSize);\\n\\n for (uint256 i = 0; i < groupSize; i++) {\\n (currentIndex, rngState) = RNG.getIndex(rngRange, rngState, bits);\\n\\n uint256 leafPosition = pickWeightedLeaf(currentIndex, _root);\\n\\n uint256 leaf = leaves[leafPosition];\\n selected[i] = leaf.id();\\n }\\n return selected;\\n }\\n\\n function getWeight(uint256 authorization) internal view returns (uint256) {\\n return authorization / poolWeightDivisor;\\n }\\n}\\n\",\"keccak256\":\"0x93d8bd42838147a475cb4c0086e3175714c9438bc5515fd6065577958d5b2b73\"},\"@keep-network/sortition-pools/contracts/SortitionTree.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"./Branch.sol\\\";\\nimport \\\"./Position.sol\\\";\\nimport \\\"./Leaf.sol\\\";\\n\\ncontract SortitionTree {\\n using Branch for uint256;\\n using Position for uint256;\\n using Leaf for uint256;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n uint256 private constant LEVELS = 7;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n uint256 private constant POOL_CAPACITY = SLOT_COUNT**LEVELS;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n // implicit tree\\n // root 8\\n // level2 64\\n // level3 512\\n // level4 4k\\n // level5 32k\\n // level6 256k\\n // level7 2M\\n uint256 internal root;\\n mapping(uint256 => mapping(uint256 => uint256)) internal branches;\\n mapping(uint256 => uint256) internal leaves;\\n\\n // the flagged (see setFlag() and unsetFlag() in Position.sol) positions\\n // of all operators present in the pool\\n mapping(address => uint256) internal flaggedLeafPosition;\\n\\n // the leaf after the rightmost occupied leaf of each stack\\n uint256 internal rightmostLeaf;\\n // the empty leaves in each stack\\n // between 0 and the rightmost occupied leaf\\n uint256[] internal emptyLeaves;\\n\\n // Each operator has an uint32 ID number\\n // which is allocated when they first join the pool\\n // and remains unchanged even if they leave and rejoin the pool.\\n mapping(address => uint32) internal operatorID;\\n // The idAddress array records the address corresponding to each ID number.\\n // The ID number 0 is initialized with a zero address and is not used.\\n address[] internal idAddress;\\n\\n constructor() {\\n root = 0;\\n rightmostLeaf = 0;\\n idAddress.push();\\n }\\n\\n // Return the ID number of the given operator address.\\n // An ID number of 0 means the operator has not been allocated an ID number yet.\\n function getOperatorID(address operator) public view returns (uint32) {\\n return operatorID[operator];\\n }\\n\\n // Get the operator address corresponding to the given ID number.\\n // An empty address means the ID number has not been allocated yet.\\n function getIDOperator(uint32 id) public view returns (address) {\\n return idAddress.length > id ? idAddress[id] : address(0);\\n }\\n\\n // Gets the operator addresses corresponding to the given ID numbers.\\n // An empty address means the ID number has not been allocated yet.\\n // This function works just like getIDOperator except that it allows to fetch\\n // operator addresses for multiple IDs in one call.\\n function getIDOperators(uint32[] calldata ids)\\n public\\n view\\n returns (address[] memory)\\n {\\n uint256 idCount = idAddress.length;\\n\\n address[] memory operators = new address[](ids.length);\\n for (uint256 i = 0; i < ids.length; i++) {\\n uint32 id = ids[i];\\n operators[i] = idCount > id ? idAddress[id] : address(0);\\n }\\n return operators;\\n }\\n\\n // checks if operator is already registered in the pool\\n function isOperatorRegistered(address operator) public view returns (bool) {\\n return getFlaggedLeafPosition(operator) != 0;\\n }\\n\\n // Sum the number of operators in each trunk\\n function operatorsInPool() public view returns (uint256) {\\n // Get the number of leaves that might be occupied;\\n // if `rightmostLeaf` equals `firstLeaf()` the tree must be empty,\\n // otherwise the difference between these numbers\\n // gives the number of leaves that may be occupied.\\n uint256 nPossiblyUsedLeaves = rightmostLeaf;\\n // Get the number of empty leaves\\n // not accounted for by the `rightmostLeaf`\\n uint256 nEmptyLeaves = emptyLeaves.length;\\n\\n return (nPossiblyUsedLeaves - nEmptyLeaves);\\n }\\n\\n function totalWeight() public view returns (uint256) {\\n return root.sumWeight();\\n }\\n\\n // Give the operator a new ID number\\n // Does not check if the operator already has an ID number\\n function allocateOperatorID(address operator) internal returns (uint256) {\\n uint256 id = idAddress.length;\\n\\n require(id <= type(uint32).max, \\\"Pool capacity exceeded\\\");\\n\\n operatorID[operator] = uint32(id);\\n idAddress.push(operator);\\n return id;\\n }\\n\\n function _insertOperator(address operator, uint256 weight) internal {\\n require(\\n !isOperatorRegistered(operator),\\n \\\"Operator is already registered in the pool\\\"\\n );\\n\\n uint256 id = getOperatorID(operator);\\n if (id == 0) {\\n id = allocateOperatorID(operator);\\n }\\n\\n uint256 position = getEmptyLeafPosition();\\n // Record the block the operator was inserted in\\n uint256 theLeaf = Leaf.make(operator, block.number, id);\\n\\n root = setLeaf(position, theLeaf, weight, root);\\n\\n // Without position flags,\\n // the position 0x000000 would be treated as empty\\n flaggedLeafPosition[operator] = position.setFlag();\\n }\\n\\n function _removeOperator(address operator) internal {\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n require(flaggedPosition != 0, \\\"Operator is not registered in the pool\\\");\\n uint256 unflaggedPosition = flaggedPosition.unsetFlag();\\n root = removeLeaf(unflaggedPosition, root);\\n removeLeafPositionRecord(operator);\\n }\\n\\n function updateOperator(address operator, uint256 weight) internal {\\n require(\\n isOperatorRegistered(operator),\\n \\\"Operator is not registered in the pool\\\"\\n );\\n\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n uint256 unflaggedPosition = flaggedPosition.unsetFlag();\\n root = updateLeaf(unflaggedPosition, weight, root);\\n }\\n\\n function removeLeafPositionRecord(address operator) internal {\\n flaggedLeafPosition[operator] = 0;\\n }\\n\\n function removeLeaf(uint256 position, uint256 _root)\\n internal\\n returns (uint256)\\n {\\n uint256 rightmostSubOne = rightmostLeaf - 1;\\n bool isRightmost = position == rightmostSubOne;\\n\\n uint256 newRoot = setLeaf(position, 0, 0, _root);\\n\\n if (isRightmost) {\\n rightmostLeaf = rightmostSubOne;\\n } else {\\n emptyLeaves.push(position);\\n }\\n return newRoot;\\n }\\n\\n function updateLeaf(\\n uint256 position,\\n uint256 weight,\\n uint256 _root\\n ) internal returns (uint256) {\\n if (getLeafWeight(position) != weight) {\\n return updateTree(position, weight, _root);\\n } else {\\n return _root;\\n }\\n }\\n\\n function setLeaf(\\n uint256 position,\\n uint256 theLeaf,\\n uint256 leafWeight,\\n uint256 _root\\n ) internal returns (uint256) {\\n // set leaf\\n leaves[position] = theLeaf;\\n\\n return (updateTree(position, leafWeight, _root));\\n }\\n\\n function updateTree(\\n uint256 position,\\n uint256 weight,\\n uint256 _root\\n ) internal returns (uint256) {\\n uint256 childSlot;\\n uint256 treeNode;\\n uint256 newNode;\\n uint256 nodeWeight = weight;\\n\\n uint256 parent = position;\\n // set levels 7 to 2\\n for (uint256 level = LEVELS; level >= 2; level--) {\\n childSlot = parent.slot();\\n parent = parent.parent();\\n treeNode = branches[level][parent];\\n newNode = treeNode.setSlot(childSlot, nodeWeight);\\n branches[level][parent] = newNode;\\n nodeWeight = newNode.sumWeight();\\n }\\n\\n // set level Root\\n childSlot = parent.slot();\\n return _root.setSlot(childSlot, nodeWeight);\\n }\\n\\n function getEmptyLeafPosition() internal returns (uint256) {\\n uint256 rLeaf = rightmostLeaf;\\n bool spaceOnRight = (rLeaf + 1) < POOL_CAPACITY;\\n if (spaceOnRight) {\\n rightmostLeaf = rLeaf + 1;\\n return rLeaf;\\n } else {\\n uint256 emptyLeafCount = emptyLeaves.length;\\n require(emptyLeafCount > 0, \\\"Pool is full\\\");\\n uint256 emptyLeaf = emptyLeaves[emptyLeafCount - 1];\\n emptyLeaves.pop();\\n return emptyLeaf;\\n }\\n }\\n\\n function getFlaggedLeafPosition(address operator)\\n internal\\n view\\n returns (uint256)\\n {\\n return flaggedLeafPosition[operator];\\n }\\n\\n function getLeafWeight(uint256 position) internal view returns (uint256) {\\n uint256 slot = position.slot();\\n uint256 parent = position.parent();\\n uint256 node = branches[LEVELS][parent];\\n return node.getSlot(slot);\\n }\\n\\n function pickWeightedLeaf(uint256 index, uint256 _root)\\n internal\\n view\\n returns (uint256 leafPosition)\\n {\\n uint256 currentIndex = index;\\n uint256 currentNode = _root;\\n uint256 currentPosition = 0;\\n uint256 currentSlot;\\n\\n require(index < currentNode.sumWeight(), \\\"Index exceeds weight\\\");\\n\\n // get root slot\\n (currentSlot, currentIndex) = currentNode.pickWeightedSlot(currentIndex);\\n\\n // get slots from levels 2 to 7\\n for (uint256 level = 2; level <= LEVELS; level++) {\\n currentPosition = currentPosition.child(currentSlot);\\n currentNode = branches[level][currentPosition];\\n (currentSlot, currentIndex) = currentNode.pickWeightedSlot(currentIndex);\\n }\\n\\n // get leaf position\\n leafPosition = currentPosition.child(currentSlot);\\n }\\n}\\n\",\"keccak256\":\"0x706033e40b631b2bb1d24b230f770c51546c7476605dd1f87475013673c36367\"},\"@openzeppelin/contracts/access/Ownable.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\nimport \\\"../utils/Context.sol\\\";\\n\\n/**\\n * @dev Contract module which provides a basic access control mechanism, where\\n * there is an account (an owner) that can be granted exclusive access to\\n * specific functions.\\n *\\n * By default, the owner account will be the one that deploys the contract. This\\n * can later be changed with {transferOwnership}.\\n *\\n * This module is used through inheritance. It will make available the modifier\\n * `onlyOwner`, which can be applied to your functions to restrict their use to\\n * the owner.\\n */\\nabstract contract Ownable is Context {\\n address private _owner;\\n\\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\\n\\n /**\\n * @dev Initializes the contract setting the deployer as the initial owner.\\n */\\n constructor() {\\n _setOwner(_msgSender());\\n }\\n\\n /**\\n * @dev Returns the address of the current owner.\\n */\\n function owner() public view virtual returns (address) {\\n return _owner;\\n }\\n\\n /**\\n * @dev Throws if called by any account other than the owner.\\n */\\n modifier onlyOwner() {\\n require(owner() == _msgSender(), \\\"Ownable: caller is not the owner\\\");\\n _;\\n }\\n\\n /**\\n * @dev Leaves the contract without owner. It will not be possible to call\\n * `onlyOwner` functions anymore. Can only be called by the current owner.\\n *\\n * NOTE: Renouncing ownership will leave the contract without an owner,\\n * thereby removing any functionality that is only available to the owner.\\n */\\n function renounceOwnership() public virtual onlyOwner {\\n _setOwner(address(0));\\n }\\n\\n /**\\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\\n * Can only be called by the current owner.\\n */\\n function transferOwnership(address newOwner) public virtual onlyOwner {\\n require(newOwner != address(0), \\\"Ownable: new owner is the zero address\\\");\\n _setOwner(newOwner);\\n }\\n\\n function _setOwner(address newOwner) private {\\n address oldOwner = _owner;\\n _owner = newOwner;\\n emit OwnershipTransferred(oldOwner, newOwner);\\n }\\n}\\n\",\"keccak256\":\"0x6bb804a310218875e89d12c053e94a13a4607cdf7cc2052f3e52bd32a0dc50a1\",\"license\":\"MIT\"},\"@openzeppelin/contracts/token/ERC20/IERC20.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Interface of the ERC20 standard as defined in the EIP.\\n */\\ninterface IERC20 {\\n /**\\n * @dev Returns the amount of tokens in existence.\\n */\\n function totalSupply() external view returns (uint256);\\n\\n /**\\n * @dev Returns the amount of tokens owned by `account`.\\n */\\n function balanceOf(address account) external view returns (uint256);\\n\\n /**\\n * @dev Moves `amount` tokens from the caller's account to `recipient`.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * Emits a {Transfer} event.\\n */\\n function transfer(address recipient, uint256 amount) external returns (bool);\\n\\n /**\\n * @dev Returns the remaining number of tokens that `spender` will be\\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\\n * zero by default.\\n *\\n * This value changes when {approve} or {transferFrom} are called.\\n */\\n function allowance(address owner, address spender) external view returns (uint256);\\n\\n /**\\n * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\\n * that someone may use both the old and the new allowance by unfortunate\\n * transaction ordering. One possible solution to mitigate this race\\n * condition is to first reduce the spender's allowance to 0 and set the\\n * desired value afterwards:\\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\\n *\\n * Emits an {Approval} event.\\n */\\n function approve(address spender, uint256 amount) external returns (bool);\\n\\n /**\\n * @dev Moves `amount` tokens from `sender` to `recipient` using the\\n * allowance mechanism. `amount` is then deducted from the caller's\\n * allowance.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * Emits a {Transfer} event.\\n */\\n function transferFrom(\\n address sender,\\n address recipient,\\n uint256 amount\\n ) external returns (bool);\\n\\n /**\\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\\n * another (`to`).\\n *\\n * Note that `value` may be zero.\\n */\\n event Transfer(address indexed from, address indexed to, uint256 value);\\n\\n /**\\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\\n * a call to {approve}. `value` is the new allowance.\\n */\\n event Approval(address indexed owner, address indexed spender, uint256 value);\\n}\\n\",\"keccak256\":\"0x027b891937d20ccf213fdb9c31531574256de774bda99d3a70ecef6e1913ed2a\",\"license\":\"MIT\"},\"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\nimport \\\"../IERC20.sol\\\";\\n\\n/**\\n * @dev Interface for the optional metadata functions from the ERC20 standard.\\n *\\n * _Available since v4.1._\\n */\\ninterface IERC20Metadata is IERC20 {\\n /**\\n * @dev Returns the name of the token.\\n */\\n function name() external view returns (string memory);\\n\\n /**\\n * @dev Returns the symbol of the token.\\n */\\n function symbol() external view returns (string memory);\\n\\n /**\\n * @dev Returns the decimals places of the token.\\n */\\n function decimals() external view returns (uint8);\\n}\\n\",\"keccak256\":\"0x83fe24f5c04a56091e50f4a345ff504c8bff658a76d4c43b16878c8f940c53b2\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/Context.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/*\\n * @dev Provides information about the current execution context, including the\\n * sender of the transaction and its data. While these are generally available\\n * via msg.sender and msg.data, they should not be accessed in such a direct\\n * manner, since when dealing with meta-transactions the account sending and\\n * paying for execution may not be the actual sender (as far as an application\\n * is concerned).\\n *\\n * This contract is only required for intermediate, library-like contracts.\\n */\\nabstract contract Context {\\n function _msgSender() internal view virtual returns (address) {\\n return msg.sender;\\n }\\n\\n function _msgData() internal view virtual returns (bytes calldata) {\\n return msg.data;\\n }\\n}\\n\",\"keccak256\":\"0x95098bd1d9c8dec4d80d3dedb88a0d949fa0d740ee99f2aa466bc308216ca6d5\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.\\n *\\n * These functions can be used to verify that a message was signed by the holder\\n * of the private keys of a given address.\\n */\\nlibrary ECDSA {\\n /**\\n * @dev Returns the address that signed a hashed message (`hash`) with\\n * `signature`. This address can then be used for verification purposes.\\n *\\n * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:\\n * this function rejects them by requiring the `s` value to be in the lower\\n * half order, and the `v` value to be either 27 or 28.\\n *\\n * IMPORTANT: `hash` _must_ be the result of a hash operation for the\\n * verification to be secure: it is possible to craft signatures that\\n * recover to arbitrary addresses for non-hashed data. A safe way to ensure\\n * this is by receiving a hash of the original message (which may otherwise\\n * be too long), and then calling {toEthSignedMessageHash} on it.\\n *\\n * Documentation for signature generation:\\n * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]\\n * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]\\n */\\n function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {\\n // Check the signature length\\n // - case 65: r,s,v signature (standard)\\n // - case 64: r,vs signature (cf https://eips.ethereum.org/EIPS/eip-2098) _Available since v4.1._\\n if (signature.length == 65) {\\n bytes32 r;\\n bytes32 s;\\n uint8 v;\\n // ecrecover takes the signature parameters, and the only way to get them\\n // currently is to use assembly.\\n assembly {\\n r := mload(add(signature, 0x20))\\n s := mload(add(signature, 0x40))\\n v := byte(0, mload(add(signature, 0x60)))\\n }\\n return recover(hash, v, r, s);\\n } else if (signature.length == 64) {\\n bytes32 r;\\n bytes32 vs;\\n // ecrecover takes the signature parameters, and the only way to get them\\n // currently is to use assembly.\\n assembly {\\n r := mload(add(signature, 0x20))\\n vs := mload(add(signature, 0x40))\\n }\\n return recover(hash, r, vs);\\n } else {\\n revert(\\\"ECDSA: invalid signature length\\\");\\n }\\n }\\n\\n /**\\n * @dev Overload of {ECDSA-recover} that receives the `r` and `vs` short-signature fields separately.\\n *\\n * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]\\n *\\n * _Available since v4.2._\\n */\\n function recover(\\n bytes32 hash,\\n bytes32 r,\\n bytes32 vs\\n ) internal pure returns (address) {\\n bytes32 s;\\n uint8 v;\\n assembly {\\n s := and(vs, 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff)\\n v := add(shr(255, vs), 27)\\n }\\n return recover(hash, v, r, s);\\n }\\n\\n /**\\n * @dev Overload of {ECDSA-recover} that receives the `v`, `r` and `s` signature fields separately.\\n */\\n function recover(\\n bytes32 hash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) internal pure returns (address) {\\n // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature\\n // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines\\n // the valid range for s in (281): 0 < s < secp256k1n \\u00f7 2 + 1, and for v in (282): v \\u2208 {27, 28}. Most\\n // signatures from current libraries generate a unique signature with an s-value in the lower half order.\\n //\\n // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value\\n // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or\\n // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept\\n // these malleable signatures as well.\\n require(\\n uint256(s) <= 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\\n \\\"ECDSA: invalid signature 's' value\\\"\\n );\\n require(v == 27 || v == 28, \\\"ECDSA: invalid signature 'v' value\\\");\\n\\n // If the signature is valid (and not malleable), return the signer address\\n address signer = ecrecover(hash, v, r, s);\\n require(signer != address(0), \\\"ECDSA: invalid signature\\\");\\n\\n return signer;\\n }\\n\\n /**\\n * @dev Returns an Ethereum Signed Message, created from a `hash`. This\\n * produces hash corresponding to the one signed with the\\n * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]\\n * JSON-RPC method as part of EIP-191.\\n *\\n * See {recover}.\\n */\\n function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {\\n // 32 is the length in bytes of hash,\\n // enforced by the type signature above\\n return keccak256(abi.encodePacked(\\\"\\\\x19Ethereum Signed Message:\\\\n32\\\", hash));\\n }\\n\\n /**\\n * @dev Returns an Ethereum Signed Typed Data, created from a\\n * `domainSeparator` and a `structHash`. This produces hash corresponding\\n * to the one signed with the\\n * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]\\n * JSON-RPC method as part of EIP-712.\\n *\\n * See {recover}.\\n */\\n function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {\\n return keccak256(abi.encodePacked(\\\"\\\\x19\\\\x01\\\", domainSeparator, structHash));\\n }\\n}\\n\",\"keccak256\":\"0x828774372910d18e7337bc31a288d786748af4cd9da80222467e486ed1d569ab\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/math/Math.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Standard math utilities missing in the Solidity language.\\n */\\nlibrary Math {\\n /**\\n * @dev Returns the largest of two numbers.\\n */\\n function max(uint256 a, uint256 b) internal pure returns (uint256) {\\n return a >= b ? a : b;\\n }\\n\\n /**\\n * @dev Returns the smallest of two numbers.\\n */\\n function min(uint256 a, uint256 b) internal pure returns (uint256) {\\n return a < b ? a : b;\\n }\\n\\n /**\\n * @dev Returns the average of two numbers. The result is rounded towards\\n * zero.\\n */\\n function average(uint256 a, uint256 b) internal pure returns (uint256) {\\n // (a + b) / 2 can overflow, so we distribute.\\n return (a / 2) + (b / 2) + (((a % 2) + (b % 2)) / 2);\\n }\\n\\n /**\\n * @dev Returns the ceiling of the division of two numbers.\\n *\\n * This differs from standard division with `/` in that it rounds up instead\\n * of rounding down.\\n */\\n function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {\\n // (a + b - 1) / b can overflow on addition, so we distribute.\\n return a / b + (a % b == 0 ? 0 : 1);\\n }\\n}\\n\",\"keccak256\":\"0x2cc1535d318fe533ffa4ad30de28f5abed305ff748bc72d0344072ac10007e29\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IApproveAndCall.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\n/// @notice An interface that should be implemented by tokens supporting\\n/// `approveAndCall`/`receiveApproval` pattern.\\ninterface IApproveAndCall {\\n /// @notice Executes `receiveApproval` function on spender as specified in\\n /// `IReceiveApproval` interface. Approves spender to withdraw from\\n /// the caller multiple times, up to the `amount`. If this\\n /// function is called again, it overwrites the current allowance\\n /// with `amount`. Reverts if the approval reverted or if\\n /// `receiveApproval` call on the spender reverted.\\n function approveAndCall(\\n address spender,\\n uint256 amount,\\n bytes memory extraData\\n ) external returns (bool);\\n}\\n\",\"keccak256\":\"0x393d18ef81a57dcc96fff4c340cc2945deaebb37b9796c322cf2bc96872c3df8\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IERC20WithPermit.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\nimport \\\"@openzeppelin/contracts/token/ERC20/IERC20.sol\\\";\\nimport \\\"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol\\\";\\n\\nimport \\\"./IApproveAndCall.sol\\\";\\n\\n/// @title IERC20WithPermit\\n/// @notice Burnable ERC20 token with EIP2612 permit functionality. User can\\n/// authorize a transfer of their token with a signature conforming\\n/// EIP712 standard instead of an on-chain transaction from their\\n/// address. Anyone can submit this signature on the user's behalf by\\n/// calling the permit function, as specified in EIP2612 standard,\\n/// paying gas fees, and possibly performing other actions in the same\\n/// transaction.\\ninterface IERC20WithPermit is IERC20, IERC20Metadata, IApproveAndCall {\\n /// @notice EIP2612 approval made with secp256k1 signature.\\n /// Users can authorize a transfer of their tokens with a signature\\n /// conforming EIP712 standard, rather than an on-chain transaction\\n /// from their address. Anyone can submit this signature on the\\n /// user's behalf by calling the permit function, paying gas fees,\\n /// and possibly performing other actions in the same transaction.\\n /// @dev The deadline argument can be set to `type(uint256).max to create\\n /// permits that effectively never expire.\\n function permit(\\n address owner,\\n address spender,\\n uint256 amount,\\n uint256 deadline,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) external;\\n\\n /// @notice Destroys `amount` tokens from the caller.\\n function burn(uint256 amount) external;\\n\\n /// @notice Destroys `amount` of tokens from `account`, deducting the amount\\n /// from caller's allowance.\\n function burnFrom(address account, uint256 amount) external;\\n\\n /// @notice Returns hash of EIP712 Domain struct with the token name as\\n /// a signing domain and token contract as a verifying contract.\\n /// Used to construct EIP2612 signature provided to `permit`\\n /// function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function DOMAIN_SEPARATOR() external view returns (bytes32);\\n\\n /// @notice Returns the current nonce for EIP2612 permission for the\\n /// provided token owner for a replay protection. Used to construct\\n /// EIP2612 signature provided to `permit` function.\\n function nonce(address owner) external view returns (uint256);\\n\\n /// @notice Returns EIP2612 Permit message hash. Used to construct EIP2612\\n /// signature provided to `permit` function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function PERMIT_TYPEHASH() external pure returns (bytes32);\\n}\\n\",\"keccak256\":\"0xdac9a5086c19a7128b505a7be1ab0ac1aa314f6989cb88d2417e9d7383f89fa9\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IReceiveApproval.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\n/// @notice An interface that should be implemented by contracts supporting\\n/// `approveAndCall`/`receiveApproval` pattern.\\ninterface IReceiveApproval {\\n /// @notice Receives approval to spend tokens. Called as a result of\\n /// `approveAndCall` call on the token.\\n function receiveApproval(\\n address from,\\n uint256 amount,\\n address token,\\n bytes calldata extraData\\n ) external;\\n}\\n\",\"keccak256\":\"0x6a30d83ad230548b1e7839737affc8489a035314209de14b89dbef7fb0f66395\",\"license\":\"MIT\"},\"contracts/bank/Bank.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/access/Ownable.sol\\\";\\n\\nimport \\\"../vault/IVault.sol\\\";\\n\\n/// @title Bitcoin Bank\\n/// @notice Bank is a central component tracking Bitcoin balances. Balances can\\n/// be transferred between holders and holders can approve their\\n/// balances to be spent by others. Balances in the Bank are updated for\\n/// depositors who deposit their Bitcoin into the Bridge and only the\\n/// Bridge can increase balances.\\n/// @dev Bank is a governable contract and the Governance can upgrade the Bridge\\n/// address.\\ncontract Bank is Ownable {\\n address public bridge;\\n\\n /// @notice The balance of a given account in the Bank. Zero by default.\\n mapping(address => uint256) public balanceOf;\\n\\n /// @notice The remaining amount of balance a spender will be\\n /// allowed to transfer on behalf of an owner using\\n /// `transferBalanceFrom`. Zero by default.\\n mapping(address => mapping(address => uint256)) public allowance;\\n\\n /// @notice Returns the current nonce for EIP2612 permission for the\\n /// provided balance owner for a replay protection. Used to\\n /// construct EIP2612 signature provided to `permit` function.\\n mapping(address => uint256) public nonce;\\n\\n uint256 public immutable cachedChainId;\\n bytes32 public immutable cachedDomainSeparator;\\n\\n /// @notice Returns EIP2612 Permit message hash. Used to construct EIP2612\\n /// signature provided to `permit` function.\\n bytes32 public constant PERMIT_TYPEHASH =\\n keccak256(\\n \\\"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)\\\"\\n );\\n\\n event BalanceTransferred(\\n address indexed from,\\n address indexed to,\\n uint256 amount\\n );\\n\\n event BalanceApproved(\\n address indexed owner,\\n address indexed spender,\\n uint256 amount\\n );\\n\\n event BalanceIncreased(address indexed owner, uint256 amount);\\n\\n event BalanceDecreased(address indexed owner, uint256 amount);\\n\\n event BridgeUpdated(address newBridge);\\n\\n modifier onlyBridge() {\\n require(msg.sender == address(bridge), \\\"Caller is not the bridge\\\");\\n _;\\n }\\n\\n constructor() {\\n cachedChainId = block.chainid;\\n cachedDomainSeparator = buildDomainSeparator();\\n }\\n\\n /// @notice Allows the Governance to upgrade the Bridge address.\\n /// @dev The function does not implement any governance delay and does not\\n /// check the status of the Bridge. The Governance implementation needs\\n /// to ensure all requirements for the upgrade are satisfied before\\n /// executing this function.\\n function updateBridge(address _bridge) external onlyOwner {\\n require(_bridge != address(0), \\\"Bridge address must not be 0x0\\\");\\n bridge = _bridge;\\n emit BridgeUpdated(_bridge);\\n }\\n\\n /// @notice Moves the given `amount` of balance from the caller to\\n /// `recipient`.\\n /// @dev Requirements:\\n /// - `recipient` cannot be the zero address,\\n /// - the caller must have a balance of at least `amount`.\\n function transferBalance(address recipient, uint256 amount) external {\\n _transferBalance(msg.sender, recipient, amount);\\n }\\n\\n /// @notice Sets `amount` as the allowance of `spender` over the caller's\\n /// balance.\\n /// @dev If the `amount` is set to `type(uint256).max` then\\n /// `transferBalanceFrom` will not reduce an allowance.\\n /// Beware that changing an allowance with this function brings the\\n /// risk that someone may use both the old and the new allowance by\\n /// unfortunate transaction ordering. Please use\\n /// `increaseBalanceAllowance` and `decreaseBalanceAllowance` to\\n /// eliminate the risk.\\n function approveBalance(address spender, uint256 amount) external {\\n _approveBalance(msg.sender, spender, amount);\\n }\\n\\n /// @notice Sets `amount` as the allowance of a smart contract `vault` over\\n /// the caller's balance and calls the vault via\\n /// `receiveBalanceApproval`.\\n /// @dev If the `amount` is set to `type(uint256).max` then the logic in\\n /// `receiveBalanceApproval` or later call to `transferBalanceFrom` by\\n /// the vault will not reduce an allowance. Beware that changing an\\n /// allowance with this function brings the risk that vault may use\\n /// both the old and the new allowance by unfortunate transaction\\n /// ordering. Please use `increaseBalanceAllowance` and\\n /// `decreaseBalanceAllowance` to eliminate the risk.\\n function approveBalanceAndCall(address vault, uint256 amount) external {\\n _approveBalance(msg.sender, vault, amount);\\n IVault(vault).receiveBalanceApproval(msg.sender, amount);\\n }\\n\\n /// @notice Atomically increases the balance allowance granted to `spender`\\n /// by the caller by the given `addedValue`.\\n function increaseBalanceAllowance(address spender, uint256 addedValue)\\n external\\n {\\n _approveBalance(\\n msg.sender,\\n spender,\\n allowance[msg.sender][spender] + addedValue\\n );\\n }\\n\\n /// @notice Atomically decreases the balance allowance granted to `spender`\\n /// by the caller by the given `subtractedValue`.\\n function decreaseBalanceAllowance(address spender, uint256 subtractedValue)\\n external\\n {\\n uint256 currentAllowance = allowance[msg.sender][spender];\\n require(\\n currentAllowance >= subtractedValue,\\n \\\"Can not decrease balance allowance below zero\\\"\\n );\\n unchecked {\\n _approveBalance(\\n msg.sender,\\n spender,\\n currentAllowance - subtractedValue\\n );\\n }\\n }\\n\\n /// @notice Moves `amount` of balance from `spender` to `recipient` using the\\n /// allowance mechanism. `amount` is then deducted from the caller's\\n /// allowance unless the allowance was made for `type(uint256).max`.\\n /// @dev Requirements:\\n /// - `recipient` cannot be the zero address,\\n /// - `spender` must have a balance of at least `amount`,\\n /// - the caller must have allowance for `spender`'s balance of at\\n /// least `amount`.\\n function transferBalanceFrom(\\n address spender,\\n address recipient,\\n uint256 amount\\n ) external {\\n uint256 currentAllowance = allowance[spender][msg.sender];\\n if (currentAllowance != type(uint256).max) {\\n require(\\n currentAllowance >= amount,\\n \\\"Transfer amount exceeds allowance\\\"\\n );\\n unchecked {\\n _approveBalance(spender, msg.sender, currentAllowance - amount);\\n }\\n }\\n _transferBalance(spender, recipient, amount);\\n }\\n\\n /// @notice EIP2612 approval made with secp256k1 signature.\\n /// Users can authorize a transfer of their balance with a signature\\n /// conforming EIP712 standard, rather than an on-chain transaction\\n /// from their address. Anyone can submit this signature on the\\n /// user's behalf by calling the permit function, paying gas fees,\\n /// and possibly performing other actions in the same transaction.\\n /// @dev The deadline argument can be set to `type(uint256).max to create\\n /// permits that effectively never expire. If the `amount` is set\\n /// to `type(uint256).max` then `transferBalanceFrom` will not\\n /// reduce an allowance. Beware that changing an allowance with this\\n /// function brings the risk that someone may use both the old and the\\n /// new allowance by unfortunate transaction ordering. Please use\\n /// `increaseBalanceAllowance` and `decreaseBalanceAllowance` to\\n /// eliminate the risk.\\n function permit(\\n address owner,\\n address spender,\\n uint256 amount,\\n uint256 deadline,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) external {\\n /* solhint-disable-next-line not-rely-on-time */\\n require(deadline >= block.timestamp, \\\"Permission expired\\\");\\n\\n // Validate `s` and `v` values for a malleability concern described in EIP2.\\n // Only signatures with `s` value in the lower half of the secp256k1\\n // curve's order and `v` value of 27 or 28 are considered valid.\\n require(\\n uint256(s) <=\\n 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\\n \\\"Invalid signature 's' value\\\"\\n );\\n require(v == 27 || v == 28, \\\"Invalid signature 'v' value\\\");\\n\\n bytes32 digest = keccak256(\\n abi.encodePacked(\\n \\\"\\\\x19\\\\x01\\\",\\n DOMAIN_SEPARATOR(),\\n keccak256(\\n abi.encode(\\n PERMIT_TYPEHASH,\\n owner,\\n spender,\\n amount,\\n nonce[owner]++,\\n deadline\\n )\\n )\\n )\\n );\\n address recoveredAddress = ecrecover(digest, v, r, s);\\n require(\\n recoveredAddress != address(0) && recoveredAddress == owner,\\n \\\"Invalid signature\\\"\\n );\\n _approveBalance(owner, spender, amount);\\n }\\n\\n /// @notice Increases balances of the provided `recipients` by the provided\\n /// `amounts`. Can only be called by the Bridge.\\n /// @dev Requirements:\\n /// - length of `recipients` and `amounts` must be the same.\\n function increaseBalances(\\n address[] calldata recipients,\\n uint256[] calldata amounts\\n ) external onlyBridge {\\n require(\\n recipients.length == amounts.length,\\n \\\"Arrays must have the same length\\\"\\n );\\n for (uint256 i = 0; i < recipients.length; i++) {\\n _increaseBalance(recipients[i], amounts[i]);\\n }\\n }\\n\\n /// @notice Increases balance of the provided `recipient` by the provided\\n /// `amount`. Can only be called by the Bridge.\\n function increaseBalance(address recipient, uint256 amount)\\n external\\n onlyBridge\\n {\\n _increaseBalance(recipient, amount);\\n }\\n\\n /// @notice Increases the given smart contract `vault`'s balance and\\n /// notifies the `vault` contract. Called by the Bridge after\\n /// the deposits routed by depositors to that `vault` have been\\n /// swept by the Bridge. This way, the depositor does not have to\\n /// issue a separate transaction to the `vault` contract.\\n /// Can be called only by the Bridge.\\n /// @dev Requirements:\\n /// - `vault` must implement `IVault` interface,\\n /// - length of `depositors` and `depositedAmounts` must be the same.\\n /// @param vault Address of `IVault` recipient contract\\n /// @param depositors Addresses of depositors whose deposits have been swept\\n /// @param depositedAmounts Amounts deposited by individual depositors and\\n /// swept. The `vault`'s balance in the Bank will be increased by the\\n /// sum of all elements in this array.\\n function increaseBalanceAndCall(\\n address vault,\\n address[] calldata depositors,\\n uint256[] calldata depositedAmounts\\n ) external onlyBridge {\\n require(\\n depositors.length == depositedAmounts.length,\\n \\\"Arrays must have the same length\\\"\\n );\\n uint256 totalAmount = 0;\\n for (uint256 i = 0; i < depositedAmounts.length; i++) {\\n totalAmount += depositedAmounts[i];\\n }\\n _increaseBalance(vault, totalAmount);\\n IVault(vault).receiveBalanceIncrease(depositors, depositedAmounts);\\n }\\n\\n /// @notice Decreases caller's balance by the provided `amount`. There is no\\n /// way to restore the balance so do not call this function unless\\n /// you really know what you are doing!\\n function decreaseBalance(uint256 amount) external {\\n balanceOf[msg.sender] -= amount;\\n emit BalanceDecreased(msg.sender, amount);\\n }\\n\\n /// @notice Returns hash of EIP712 Domain struct with `TBTC Bank` as\\n /// a signing domain and Bank contract as a verifying contract.\\n /// Used to construct EIP2612 signature provided to `permit`\\n /// function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function DOMAIN_SEPARATOR() public view returns (bytes32) {\\n // As explained in EIP-2612, if the DOMAIN_SEPARATOR contains the\\n // chainId and is defined at contract deployment instead of\\n // reconstructed for every signature, there is a risk of possible replay\\n // attacks between chains in the event of a future chain split.\\n // To address this issue, we check the cached chain ID against the\\n // current one and in case they are different, we build domain separator\\n // from scratch.\\n if (block.chainid == cachedChainId) {\\n return cachedDomainSeparator;\\n } else {\\n return buildDomainSeparator();\\n }\\n }\\n\\n function _increaseBalance(address recipient, uint256 amount) internal {\\n require(\\n recipient != address(this),\\n \\\"Can not increase balance for Bank\\\"\\n );\\n balanceOf[recipient] += amount;\\n emit BalanceIncreased(recipient, amount);\\n }\\n\\n function _transferBalance(\\n address spender,\\n address recipient,\\n uint256 amount\\n ) private {\\n require(\\n recipient != address(0),\\n \\\"Can not transfer to the zero address\\\"\\n );\\n require(\\n recipient != address(this),\\n \\\"Can not transfer to the Bank address\\\"\\n );\\n\\n uint256 spenderBalance = balanceOf[spender];\\n require(spenderBalance >= amount, \\\"Transfer amount exceeds balance\\\");\\n unchecked {\\n balanceOf[spender] = spenderBalance - amount;\\n }\\n balanceOf[recipient] += amount;\\n emit BalanceTransferred(spender, recipient, amount);\\n }\\n\\n function _approveBalance(\\n address owner,\\n address spender,\\n uint256 amount\\n ) private {\\n require(spender != address(0), \\\"Can not approve to the zero address\\\");\\n allowance[owner][spender] = amount;\\n emit BalanceApproved(owner, spender, amount);\\n }\\n\\n function buildDomainSeparator() private view returns (bytes32) {\\n return\\n keccak256(\\n abi.encode(\\n keccak256(\\n \\\"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)\\\"\\n ),\\n keccak256(bytes(\\\"TBTC Bank\\\")),\\n keccak256(bytes(\\\"1\\\")),\\n block.chainid,\\n address(this)\\n )\\n );\\n }\\n}\\n\",\"keccak256\":\"0x8c19af6dbb1974dcbf6bb623c6d3de6b28493b5f44e5fb1e36f47cdebf500453\",\"license\":\"MIT\"},\"contracts/bridge/BitcoinTx.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {ValidateSPV} from \\\"@keep-network/bitcoin-spv-sol/contracts/ValidateSPV.sol\\\";\\n\\nimport \\\"./BridgeState.sol\\\";\\n\\n/// @title Bitcoin transaction\\n/// @notice Allows to reference Bitcoin raw transaction in Solidity.\\n/// @dev See https://developer.bitcoin.org/reference/transactions.html#raw-transaction-format\\n///\\n/// Raw Bitcoin transaction data:\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|--------------|------------------------|---------------------------|\\n/// | 4 | version | int32_t (LE) | TX version number |\\n/// | varies | tx_in_count | compactSize uint (LE) | Number of TX inputs |\\n/// | varies | tx_in | txIn[] | TX inputs |\\n/// | varies | tx_out count | compactSize uint (LE) | Number of TX outputs |\\n/// | varies | tx_out | txOut[] | TX outputs |\\n/// | 4 | lock_time | uint32_t (LE) | Unix time or block number |\\n///\\n//\\n/// Non-coinbase transaction input (txIn):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|------------------|------------------------|---------------------------------------------|\\n/// | 36 | previous_output | outpoint | The previous outpoint being spent |\\n/// | varies | script bytes | compactSize uint (LE) | The number of bytes in the signature script |\\n/// | varies | signature script | char[] | The signature script, empty for P2WSH |\\n/// | 4 | sequence | uint32_t (LE) | Sequence number |\\n///\\n///\\n/// The reference to transaction being spent (outpoint):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |-------|-------|---------------|------------------------------------------|\\n/// | 32 | hash | char[32] | Hash of the transaction to spend |\\n/// | 4 | index | uint32_t (LE) | Index of the specific output from the TX |\\n///\\n///\\n/// Transaction output (txOut):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|-----------------|-----------------------|--------------------------------------|\\n/// | 8 | value | int64_t (LE) | Number of satoshis to spend |\\n/// | 1+ | pk_script_bytes | compactSize uint (LE) | Number of bytes in the pubkey script |\\n/// | varies | pk_script | char[] | Pubkey script |\\n///\\n/// compactSize uint format:\\n///\\n/// | Value | Bytes | Format |\\n/// |-----------------------------------------|-------|----------------------------------------------|\\n/// | >= 0 && <= 252 | 1 | uint8_t |\\n/// | >= 253 && <= 0xffff | 3 | 0xfd followed by the number as uint16_t (LE) |\\n/// | >= 0x10000 && <= 0xffffffff | 5 | 0xfe followed by the number as uint32_t (LE) |\\n/// | >= 0x100000000 && <= 0xffffffffffffffff | 9 | 0xff followed by the number as uint64_t (LE) |\\n///\\n/// (*) compactSize uint is often references as VarInt)\\n///\\nlibrary BitcoinTx {\\n using BTCUtils for bytes;\\n using BTCUtils for uint256;\\n using ValidateSPV for bytes;\\n using ValidateSPV for bytes32;\\n\\n /// @notice Represents Bitcoin transaction data.\\n struct Info {\\n /// @notice Bitcoin transaction version\\n /// @dev `version` from raw Bitcoin transaction data.\\n /// Encoded as 4-bytes signed integer, little endian.\\n bytes4 version;\\n /// @notice All Bitcoin transaction inputs, prepended by the number of\\n /// transaction inputs.\\n /// @dev `tx_in_count | tx_in` from raw Bitcoin transaction data.\\n ///\\n /// The number of transaction inputs encoded as compactSize\\n /// unsigned integer, little-endian.\\n ///\\n /// Note that some popular block explorers reverse the order of\\n /// bytes from `outpoint`'s `hash` and display it as big-endian.\\n /// Solidity code of Bridge expects hashes in little-endian, just\\n /// like they are represented in a raw Bitcoin transaction.\\n bytes inputVector;\\n /// @notice All Bitcoin transaction outputs prepended by the number of\\n /// transaction outputs.\\n /// @dev `tx_out_count | tx_out` from raw Bitcoin transaction data.\\n ///\\n /// The number of transaction outputs encoded as a compactSize\\n /// unsigned integer, little-endian.\\n bytes outputVector;\\n /// @notice Bitcoin transaction locktime.\\n ///\\n /// @dev `lock_time` from raw Bitcoin transaction data.\\n /// Encoded as 4-bytes unsigned integer, little endian.\\n bytes4 locktime;\\n }\\n\\n /// @notice Represents data needed to perform a Bitcoin SPV proof.\\n struct Proof {\\n /// @notice The merkle proof of transaction inclusion in a block.\\n bytes merkleProof;\\n /// @notice Transaction index in the block (0-indexed).\\n uint256 txIndexInBlock;\\n /// @notice Single byte-string of 80-byte bitcoin headers,\\n /// lowest height first.\\n bytes bitcoinHeaders;\\n }\\n\\n /// @notice Represents info about an unspent transaction output.\\n struct UTXO {\\n /// @notice Hash of the transaction the output belongs to.\\n /// @dev Byte order corresponds to the Bitcoin internal byte order.\\n bytes32 txHash;\\n /// @notice Index of the transaction output (0-indexed).\\n uint32 txOutputIndex;\\n /// @notice Value of the transaction output.\\n uint64 txOutputValue;\\n }\\n\\n /// @notice Represents Bitcoin signature in the R/S/V format.\\n struct RSVSignature {\\n /// @notice Signature r value.\\n bytes32 r;\\n /// @notice Signature s value.\\n bytes32 s;\\n /// @notice Signature recovery value.\\n uint8 v;\\n }\\n\\n /// @notice Validates the SPV proof of the Bitcoin transaction.\\n /// Reverts in case the validation or proof verification fail.\\n /// @param txInfo Bitcoin transaction data\\n /// @param proof Bitcoin proof data\\n /// @return txHash Proven 32-byte transaction hash.\\n function validateProof(\\n BridgeState.Storage storage self,\\n Info calldata txInfo,\\n Proof calldata proof\\n ) internal view returns (bytes32 txHash) {\\n require(\\n txInfo.inputVector.validateVin(),\\n \\\"Invalid input vector provided\\\"\\n );\\n require(\\n txInfo.outputVector.validateVout(),\\n \\\"Invalid output vector provided\\\"\\n );\\n\\n txHash = abi\\n .encodePacked(\\n txInfo.version,\\n txInfo.inputVector,\\n txInfo.outputVector,\\n txInfo.locktime\\n )\\n .hash256View();\\n\\n require(\\n txHash.prove(\\n proof.bitcoinHeaders.extractMerkleRootLE(),\\n proof.merkleProof,\\n proof.txIndexInBlock\\n ),\\n \\\"Tx merkle proof is not valid for provided header and tx hash\\\"\\n );\\n\\n evaluateProofDifficulty(self, proof.bitcoinHeaders);\\n\\n return txHash;\\n }\\n\\n /// @notice Evaluates the given Bitcoin proof difficulty against the actual\\n /// Bitcoin chain difficulty provided by the relay oracle.\\n /// Reverts in case the evaluation fails.\\n /// @param bitcoinHeaders Bitcoin headers chain being part of the SPV\\n /// proof. Used to extract the observed proof difficulty\\n function evaluateProofDifficulty(\\n BridgeState.Storage storage self,\\n bytes memory bitcoinHeaders\\n ) internal view {\\n IRelay relay = self.relay;\\n uint256 currentEpochDifficulty = relay.getCurrentEpochDifficulty();\\n uint256 previousEpochDifficulty = relay.getPrevEpochDifficulty();\\n\\n uint256 requestedDiff = 0;\\n uint256 firstHeaderDiff = bitcoinHeaders\\n .extractTarget()\\n .calculateDifficulty();\\n\\n if (firstHeaderDiff == currentEpochDifficulty) {\\n requestedDiff = currentEpochDifficulty;\\n } else if (firstHeaderDiff == previousEpochDifficulty) {\\n requestedDiff = previousEpochDifficulty;\\n } else {\\n revert(\\\"Not at current or previous difficulty\\\");\\n }\\n\\n uint256 observedDiff = bitcoinHeaders.validateHeaderChain();\\n\\n require(\\n observedDiff != ValidateSPV.getErrBadLength(),\\n \\\"Invalid length of the headers chain\\\"\\n );\\n require(\\n observedDiff != ValidateSPV.getErrInvalidChain(),\\n \\\"Invalid headers chain\\\"\\n );\\n require(\\n observedDiff != ValidateSPV.getErrLowWork(),\\n \\\"Insufficient work in a header\\\"\\n );\\n\\n require(\\n observedDiff >= requestedDiff * self.txProofDifficultyFactor,\\n \\\"Insufficient accumulated difficulty in header chain\\\"\\n );\\n }\\n}\\n\",\"keccak256\":\"0x94b3d2bd3f077810802906d88aa7be051f475f8f2721245117f8b292e570c3df\",\"license\":\"MIT\"},\"contracts/bridge/Bridge.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@keep-network/random-beacon/contracts/Governable.sol\\\";\\n\\nimport {IWalletOwner as EcdsaWalletOwner} from \\\"@keep-network/ecdsa/contracts/api/IWalletOwner.sol\\\";\\n\\nimport \\\"./IRelay.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Deposit.sol\\\";\\nimport \\\"./Sweep.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\nimport \\\"./Fraud.sol\\\";\\nimport \\\"./MovingFunds.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @title Bitcoin Bridge\\n/// @notice Bridge manages BTC deposit and redemption flow and is increasing and\\n/// decreasing balances in the Bank as a result of BTC deposit and\\n/// redemption operations performed by depositors and redeemers.\\n///\\n/// Depositors send BTC funds to the most recently created off-chain\\n/// ECDSA wallet of the bridge using pay-to-script-hash (P2SH) or\\n/// pay-to-witness-script-hash (P2WSH) containing hashed information\\n/// about the depositor\\u2019s Ethereum address. Then, the depositor reveals\\n/// their Ethereum address along with their deposit blinding factor,\\n/// refund public key hash and refund locktime to the Bridge on Ethereum\\n/// chain. The off-chain ECDSA wallet listens for these sorts of\\n/// messages and when it gets one, it checks the Bitcoin network to make\\n/// sure the deposit lines up. If it does, the off-chain ECDSA wallet\\n/// may decide to pick the deposit transaction for sweeping, and when\\n/// the sweep operation is confirmed on the Bitcoin network, the ECDSA\\n/// wallet informs the Bridge about the sweep increasing appropriate\\n/// balances in the Bank.\\n/// @dev Bridge is an upgradeable component of the Bank. The order of\\n/// functionalities in this contract is: deposit, sweep, redemption,\\n/// moving funds, wallet lifecycle, frauds, parameters.\\n///\\n/// TODO: Revisit all events and look which parameters should be indexed.\\n/// TODO: Align the convention around `param` and `dev` endings. They should\\n/// not have a punctuation mark.\\ncontract Bridge is Governable, EcdsaWalletOwner {\\n using BridgeState for BridgeState.Storage;\\n using Deposit for BridgeState.Storage;\\n using Sweep for BridgeState.Storage;\\n using Redemption for BridgeState.Storage;\\n using MovingFunds for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using Fraud for BridgeState.Storage;\\n\\n BridgeState.Storage internal self;\\n\\n event DepositRevealed(\\n bytes32 fundingTxHash,\\n uint32 fundingOutputIndex,\\n address depositor,\\n uint64 amount,\\n bytes8 blindingFactor,\\n bytes20 walletPubKeyHash,\\n bytes20 refundPubKeyHash,\\n bytes4 refundLocktime,\\n address vault\\n );\\n\\n event DepositsSwept(bytes20 walletPubKeyHash, bytes32 sweepTxHash);\\n\\n event RedemptionRequested(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript,\\n address redeemer,\\n uint64 requestedAmount,\\n uint64 treasuryFee,\\n uint64 txMaxFee\\n );\\n\\n event RedemptionsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 redemptionTxHash\\n );\\n\\n event RedemptionTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript\\n );\\n\\n event WalletMovingFunds(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event MovingFundsCommitmentSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes20[] targetWallets,\\n address submitter\\n );\\n\\n event MovingFundsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 movingFundsTxHash\\n );\\n\\n event MovingFundsTimedOut(bytes20 walletPubKeyHash);\\n\\n event MovingFundsBelowDustReported(bytes20 walletPubKeyHash);\\n\\n event NewWalletRequested();\\n\\n event NewWalletRegistered(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosing(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosed(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletTerminated(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event FraudChallengeSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n );\\n\\n event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);\\n\\n event FraudChallengeDefeatTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash\\n );\\n\\n event VaultStatusUpdated(address indexed vault, bool isTrusted);\\n\\n event DepositParametersUpdated(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n );\\n\\n event RedemptionParametersUpdated(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n );\\n\\n event MovingFundsParametersUpdated(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint64 movingFundsDustThreshold\\n );\\n\\n event WalletParametersUpdated(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n );\\n\\n event FraudParametersUpdated(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n );\\n\\n constructor(\\n address _bank,\\n address _relay,\\n address _treasury,\\n address _ecdsaWalletRegistry,\\n uint256 _txProofDifficultyFactor\\n ) {\\n require(_bank != address(0), \\\"Bank address cannot be zero\\\");\\n self.bank = Bank(_bank);\\n\\n require(_relay != address(0), \\\"Relay address cannot be zero\\\");\\n self.relay = IRelay(_relay);\\n\\n require(\\n _ecdsaWalletRegistry != address(0),\\n \\\"ECDSA Wallet Registry address cannot be zero\\\"\\n );\\n self.ecdsaWalletRegistry = EcdsaWalletRegistry(_ecdsaWalletRegistry);\\n\\n require(_treasury != address(0), \\\"Treasury address cannot be zero\\\");\\n self.treasury = _treasury;\\n\\n self.txProofDifficultyFactor = _txProofDifficultyFactor;\\n\\n // TODO: Revisit initial values.\\n self.depositDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC\\n self.depositTxMaxFee = 10000; // 10000 satoshi\\n self.depositTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005\\n self.redemptionDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC\\n self.redemptionTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005\\n self.redemptionTxMaxFee = 10000; // 10000 satoshi\\n self.redemptionTimeout = 172800; // 48 hours\\n self.redemptionTimeoutSlashingAmount = 10000 * 1e18; // 10000 T\\n self.redemptionTimeoutNotifierRewardMultiplier = 100; // 100%\\n self.movingFundsTxMaxTotalFee = 10000; // 10000 satoshi\\n self.movingFundsTimeout = 7 days;\\n self.movingFundsDustThreshold = 20000; // 20000 satoshi\\n self.fraudSlashingAmount = 10000 * 1e18; // 10000 T\\n self.fraudNotifierRewardMultiplier = 100; // 100%\\n self.fraudChallengeDefeatTimeout = 7 days;\\n self.fraudChallengeDepositAmount = 2 ether;\\n self.walletCreationPeriod = 1 weeks;\\n self.walletCreationMinBtcBalance = 1e8; // 1 BTC\\n self.walletCreationMaxBtcBalance = 100e8; // 100 BTC\\n self.walletClosureMinBtcBalance = 5 * 1e7; // 0.5 BTC\\n self.walletMaxAge = 26 weeks; // ~6 months\\n self.walletMaxBtcTransfer = 10e8; // 10 BTC\\n self.walletClosingPeriod = 40 days;\\n\\n _transferGovernance(msg.sender);\\n }\\n\\n /// @notice Used by the depositor to reveal information about their P2(W)SH\\n /// Bitcoin deposit to the Bridge on Ethereum chain. The off-chain\\n /// wallet listens for revealed deposit events and may decide to\\n /// include the revealed deposit in the next executed sweep.\\n /// Information about the Bitcoin deposit can be revealed before or\\n /// after the Bitcoin transaction with P2(W)SH deposit is mined on\\n /// the Bitcoin chain. Worth noting, the gas cost of this function\\n /// scales with the number of P2(W)SH transaction inputs and\\n /// outputs. The deposit may be routed to one of the trusted vaults.\\n /// When a deposit is routed to a vault, vault gets notified when\\n /// the deposit gets swept and it may execute the appropriate action.\\n /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`\\n /// @param reveal Deposit reveal data, see `RevealInfo struct\\n /// @dev Requirements:\\n /// - `reveal.walletPubKeyHash` must identify a `Live` wallet\\n /// - `reveal.vault` must be 0x0 or point to a trusted vault\\n /// - `reveal.fundingOutputIndex` must point to the actual P2(W)SH\\n /// output of the BTC deposit transaction\\n /// - `reveal.depositor` must be the Ethereum address used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.blindingFactor` must be the blinding factor used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.walletPubKeyHash` must be the wallet pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundPubKeyHash` must be the refund pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundLocktime` must be the refund locktime used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex`\\n /// can be revealed only one time.\\n ///\\n /// If any of these requirements is not met, the wallet _must_ refuse\\n /// to sweep the deposit and the depositor has to wait until the\\n /// deposit script unlocks to receive their BTC back.\\n function revealDeposit(\\n BitcoinTx.Info calldata fundingTx,\\n Deposit.DepositRevealInfo calldata reveal\\n ) external {\\n self.revealDeposit(fundingTx, reveal);\\n }\\n\\n /// @notice Used by the wallet to prove the BTC deposit sweep transaction\\n /// and to update Bank balances accordingly. Sweep is only accepted\\n /// if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by first\\n /// computing the Bitcoin fee for the sweep transaction. The fee is\\n /// divided evenly between all swept deposits. Each depositor\\n /// receives a balance in the bank equal to the amount inferred\\n /// during the reveal transaction, minus their fee share.\\n ///\\n /// It is possible to prove the given sweep only one time.\\n /// @param sweepTx Bitcoin sweep transaction data\\n /// @param sweepProof Bitcoin sweep proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - `sweepTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `sweepTx` should represent a Bitcoin transaction with 1..n\\n /// inputs. If the wallet has no main UTXO, all n inputs should\\n /// correspond to P2(W)SH revealed deposits UTXOs. If the wallet has\\n /// an existing main UTXO, one of the n inputs must point to that\\n /// main UTXO and remaining n-1 inputs should correspond to P2(W)SH\\n /// revealed deposits UTXOs. That transaction must have only\\n /// one P2(W)PKH output locking funds on the 20-byte wallet public\\n /// key hash.\\n /// - `sweepProof` components must match the expected structure. See\\n /// `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If there is no main UTXO, this parameter is ignored.\\n function submitSweepProof(\\n BitcoinTx.Info calldata sweepTx,\\n BitcoinTx.Proof calldata sweepProof,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n self.submitSweepProof(sweepTx, sweepProof, mainUtxo);\\n }\\n\\n /// @notice Requests redemption of the given amount from the specified\\n /// wallet to the redeemer Bitcoin output script.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC\\n /// @param amount Requested amount in satoshi. This is also the TBTC amount\\n /// that is taken from redeemer's balance in the Bank upon request.\\n /// Once the request is handled, the actual amount of BTC locked\\n /// on the redeemer output script will be always lower than this value\\n /// since the treasury and Bitcoin transaction fees must be incurred.\\n /// The minimal amount satisfying the request can be computed as:\\n /// `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.\\n /// Fees values are taken at the moment of request creation.\\n /// @dev Requirements:\\n /// - Wallet behind `walletPubKeyHash` must be live\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// - `redeemerOutputScript` must be a proper Bitcoin script\\n /// - `redeemerOutputScript` cannot have wallet PKH as payload\\n /// - `amount` must be above or equal the `redemptionDustThreshold`\\n /// - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be\\n /// used for only one pending request at the same time\\n /// - Wallet must have enough Bitcoin balance to proceed the request\\n /// - Redeemer must make an allowance in the Bank that the Bridge\\n /// contract can spend the given `amount`.\\n function requestRedemption(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes calldata redeemerOutputScript,\\n uint64 amount\\n ) external {\\n self.requestRedemption(\\n walletPubKeyHash,\\n mainUtxo,\\n redeemerOutputScript,\\n amount\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC redemption transaction\\n /// and to make the necessary bookkeeping. Redemption is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by burning\\n /// the total redeemed Bitcoin amount from Bridge balance and\\n /// transferring the treasury fee sum to the treasury address.\\n ///\\n /// It is possible to prove the given redemption only one time.\\n /// @param redemptionTx Bitcoin redemption transaction data\\n /// @param redemptionProof Bitcoin redemption proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction\\n /// @dev Requirements:\\n /// - `redemptionTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `redemptionTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs handling existing pending\\n /// redemption requests or pointing to reported timed out requests.\\n /// There can be also 1 optional output representing the\\n /// change and pointing back to the 20-byte wallet public key hash.\\n /// The change should be always present if the redeemed value sum\\n /// is lower than the total wallet's BTC balance.\\n /// - `redemptionProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// Other remarks:\\n /// - Putting the change output as the first transaction output can\\n /// save some gas because the output processing loop begins each\\n /// iteration by checking whether the given output is the change\\n /// thus uses some gas for making the comparison. Once the change\\n /// is identified, that check is omitted in further iterations.\\n function submitRedemptionProof(\\n BitcoinTx.Info calldata redemptionTx,\\n BitcoinTx.Proof calldata redemptionProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n self.submitRedemptionProof(\\n redemptionTx,\\n redemptionProof,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n }\\n\\n /// @notice Notifies that there is a pending redemption request associated\\n /// with the given wallet, that has timed out. The redemption\\n /// request is identified by the key built as\\n /// `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n /// The results of calling this function:\\n /// - the pending redemptions value for the wallet will be decreased\\n /// by the requested amount (minus treasury fee),\\n /// - the tokens taken from the redeemer on redemption request will\\n /// be returned to the redeemer,\\n /// - the request will be moved from pending redemptions to\\n /// timed-out redemptions.\\n /// - if the state of the wallet is `Live` or `MovingFunds`, the\\n /// wallet operators will be slashed and the notifier will be\\n /// rewarded\\n /// - if the state of wallet is `Live`, the wallet will be closed or\\n /// marked as `MovingFunds` (depending on the presence or absence\\n /// of the wallet's main UTXO) and the wallet will no longer be\\n /// marked as the active wallet (if it was marked as such).\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH)\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Terminated state\\n /// - The redemption request identified by `walletPubKeyHash` and\\n /// `redeemerOutputScript` must exist\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The amount of time defined by `redemptionTimeout` must have\\n /// passed since the redemption was requested (the request must be\\n /// timed-out).\\n function notifyRedemptionTimeout(\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs,\\n bytes calldata redeemerOutputScript\\n ) external {\\n self.notifyRedemptionTimeout(\\n walletPubKeyHash,\\n walletMembersIDs,\\n redeemerOutputScript\\n );\\n }\\n\\n /// @notice Submits the moving funds target wallets commitment.\\n /// Once all requirements are met, that function registers the\\n /// target wallets commitment and opens the way for moving funds\\n /// proof submission.\\n /// @param walletPubKeyHash 20-byte public key hash of the source wallet\\n /// @param walletMainUtxo Data of the source wallet's main UTXO, as\\n /// currently known on the Ethereum chain\\n /// @param walletMembersIDs Identifiers of the source wallet signing group\\n /// members\\n /// @param walletMemberIndex Position of the caller in the source wallet\\n /// signing group members list\\n /// @param targetWallets List of 20-byte public key hashes of the target\\n /// wallets that the source wallet commits to move the funds to\\n /// @dev Requirements:\\n /// - The source wallet must be in the MovingFunds state\\n /// - The source wallet must not have pending redemption requests\\n /// - The source wallet must not have submitted its commitment already\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given source wallet in the ECDSA registry. Those IDs are\\n /// not directly stored in the contract for gas efficiency purposes\\n /// but they can be read from appropriate `DkgResultSubmitted`\\n /// and `DkgResultApproved` events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n /// - The caller must be the member of the source wallet signing group\\n /// at the position indicated by `walletMemberIndex` parameter\\n /// - The `walletMainUtxo` components must point to the recent main\\n /// UTXO of the source wallet, as currently known on the Ethereum\\n /// chain.\\n /// - Source wallet BTC balance must be greater than zero\\n /// - At least one Live wallet must exist in the system\\n /// - Submitted target wallets count must match the expected count\\n /// `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`\\n /// where `N > 0`\\n /// - Each target wallet must be not equal to the source wallet\\n /// - Each target wallet must follow the expected order i.e. all\\n /// target wallets 20-byte public key hashes represented as numbers\\n /// must form a strictly increasing sequence without duplicates.\\n /// - Each target wallet must be in Live state\\n function submitMovingFundsCommitment(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo,\\n uint32[] calldata walletMembersIDs,\\n uint256 walletMemberIndex,\\n bytes20[] calldata targetWallets\\n ) external {\\n self.submitMovingFundsCommitment(\\n walletPubKeyHash,\\n walletMainUtxo,\\n walletMembersIDs,\\n walletMemberIndex,\\n targetWallets\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC moving funds transaction\\n /// and to make the necessary state changes. Moving funds is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function validates the moving funds transaction structure\\n /// by checking if it actually spends the main UTXO of the declared\\n /// wallet and locks the value on the pre-committed target wallets\\n /// using a reasonable transaction fee. If all preconditions are\\n /// met, this functions closes the source wallet.\\n ///\\n /// It is possible to prove the given moving funds transaction only\\n /// one time.\\n /// @param movingFundsTx Bitcoin moving funds transaction data\\n /// @param movingFundsProof Bitcoin moving funds proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet\\n /// which performed the moving funds transaction\\n /// @dev Requirements:\\n /// - `movingFundsTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `movingFundsTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs corresponding to the\\n /// pre-committed target wallets. Outputs must be ordered in the\\n /// same way as their corresponding target wallets are ordered\\n /// within the target wallets commitment.\\n /// - `movingFundsProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// - The wallet that `walletPubKeyHash` points to must be in the\\n /// MovingFunds state.\\n /// - The target wallets commitment must be submitted by the wallet\\n /// that `walletPubKeyHash` points to.\\n /// - The total Bitcoin transaction fee must be lesser or equal\\n /// to `movingFundsTxMaxTotalFee` governable parameter.\\n function submitMovingFundsProof(\\n BitcoinTx.Info calldata movingFundsTx,\\n BitcoinTx.Proof calldata movingFundsProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n self.submitMovingFundsProof(\\n movingFundsTx,\\n movingFundsProof,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n }\\n\\n /// @notice Notifies about a timed out moving funds process. Terminates\\n /// the wallet and slashes signing group members as a result.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The moving funds timeout must be actually exceeded\\n function notifyMovingFundsTimeout(bytes20 walletPubKeyHash) external {\\n self.notifyMovingFundsTimeout(walletPubKeyHash);\\n }\\n\\n /// @notice Notifies about a moving funds wallet whose BTC balance is\\n /// below the moving funds dust threshold. Ends the moving funds\\n /// process and begins wallet closing immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known\\n /// on the Ethereum chain.\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n /// - The wallet BTC balance must be below the moving funds threshold\\n function notifyMovingFundsBelowDust(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n self.notifyMovingFundsBelowDust(walletPubKeyHash, mainUtxo);\\n }\\n\\n /// @notice Requests creation of a new wallet. This function just\\n /// forms a request and the creation process is performed\\n /// asynchronously. Once a wallet is created, the ECDSA Wallet\\n /// Registry will notify this contract by calling the\\n /// `__ecdsaWalletCreatedCallback` function.\\n /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - `activeWalletMainUtxo` components must point to the recent main\\n /// UTXO of the given active wallet, as currently known on the\\n /// Ethereum chain. If there is no active wallet at the moment, or\\n /// the active wallet has no main UTXO, this parameter can be\\n /// empty as it is ignored.\\n /// - Wallet creation must not be in progress\\n /// - If the active wallet is set, one of the following\\n /// conditions must be true:\\n /// - The active wallet BTC balance is above the minimum threshold\\n /// and the active wallet is old enough, i.e. the creation period\\n /// was elapsed since its creation time\\n /// - The active wallet BTC balance is above the maximum threshold\\n function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)\\n external\\n {\\n self.requestNewWallet(activeWalletMainUtxo);\\n }\\n\\n /// @notice A callback function that is called by the ECDSA Wallet Registry\\n /// once a new ECDSA wallet is created.\\n /// @param ecdsaWalletID Wallet's unique identifier.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Given wallet data must not belong to an already registered wallet\\n function __ecdsaWalletCreatedCallback(\\n bytes32 ecdsaWalletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external override {\\n self.registerNewWallet(ecdsaWalletID, publicKeyX, publicKeyY);\\n }\\n\\n /// @notice A callback function that is called by the ECDSA Wallet Registry\\n /// once a wallet heartbeat failure is detected.\\n /// @param publicKeyX Wallet's public key's X coordinate\\n /// @param publicKeyY Wallet's public key's Y coordinate\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Wallet must be in Live state\\n function __ecdsaWalletHeartbeatFailedCallback(\\n bytes32,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external override {\\n self.notifyWalletHeartbeatFailed(publicKeyX, publicKeyY);\\n }\\n\\n /// @notice Notifies that the wallet is either old enough or has too few\\n /// satoshi left and qualifies to be closed.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - Wallet must not be set as the current active wallet\\n /// - Wallet must exceed the wallet maximum age OR the wallet BTC\\n /// balance must be lesser than the minimum threshold. If the latter\\n /// case is true, the `walletMainUtxo` components must point to the\\n /// recent main UTXO of the given wallet, as currently known on the\\n /// Ethereum chain. If the wallet has no main UTXO, this parameter\\n /// can be empty as it is ignored since the wallet balance is\\n /// assumed to be zero.\\n /// - Wallet must be in Live state\\n function notifyCloseableWallet(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) external {\\n self.notifyCloseableWallet(walletPubKeyHash, walletMainUtxo);\\n }\\n\\n /// @notice Notifies about the end of the closing period for the given wallet.\\n /// Closes the wallet ultimately and notifies the ECDSA registry\\n /// about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the Closing state\\n /// - The wallet closing period must have elapsed\\n function notifyWalletClosingPeriodElapsed(bytes20 walletPubKeyHash)\\n external\\n {\\n self.notifyWalletClosingPeriodElapsed(walletPubKeyHash);\\n }\\n\\n /// @notice Submits a fraud challenge indicating that a UTXO being under\\n /// wallet control was unlocked by the wallet but was not used\\n /// according to the protocol rules. That means the wallet signed\\n /// a transaction input pointing to that UTXO and there is a unique\\n /// sighash and signature pair associated with that input. This\\n /// function uses those parameters to create a fraud accusation that\\n /// proves a given transaction input unlocking the given UTXO was\\n /// actually signed by the wallet. This function cannot determine\\n /// whether the transaction was actually broadcast and the input was\\n /// consumed in a fraudulent way so it just opens a challenge period\\n /// during which the wallet can defeat the challenge by submitting\\n /// proof of a transaction that consumes the given input according\\n /// to protocol rules. To prevent spurious allegations, the caller\\n /// must deposit ETH that is returned back upon justified fraud\\n /// challenge or confiscated otherwise.\\n ///@param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @param signature Bitcoin signature in the R/S/V format\\n /// @dev Requirements:\\n /// - Wallet behind `walletPublicKey` must be in Live or MovingFunds\\n /// or Closing state\\n /// - The challenger must send appropriate amount of ETH used as\\n /// fraud challenge deposit\\n /// - The signature (represented by r, s and v) must be generated by\\n /// the wallet behind `walletPubKey` during signing of `sighash`\\n /// - Wallet can be challenged for the given signature only once\\n function submitFraudChallenge(\\n bytes calldata walletPublicKey,\\n bytes32 sighash,\\n BitcoinTx.RSVSignature calldata signature\\n ) external payable {\\n self.submitFraudChallenge(walletPublicKey, sighash, signature);\\n }\\n\\n /// @notice Allows to defeat a pending fraud challenge against a wallet if\\n /// the transaction that spends the UTXO follows the protocol rules.\\n /// In order to defeat the challenge the same `walletPublicKey` and\\n /// signature (represented by `r`, `s` and `v`) must be provided as\\n /// were used to calculate the sighash during input signing.\\n /// The fraud challenge defeat attempt will only succeed if the\\n /// inputs in the preimage are considered honestly spent by the\\n /// wallet. Therefore the transaction spending the UTXO must be\\n /// proven in the Bridge before a challenge defeat is called.\\n /// If successfully defeated, the fraud challenge is marked as\\n /// resolved and the amount of ether deposited by the challenger is\\n /// sent to the treasury.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @param witness Flag indicating whether the preimage was produced for a\\n /// witness input. True for witness, false for non-witness input\\n /// @dev Requirements:\\n /// - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`\\n /// must identify an open fraud challenge\\n /// - the preimage must be a valid preimage of a transaction generated\\n /// according to the protocol rules and already proved in the Bridge\\n /// - before a defeat attempt is made the transaction that spends the\\n /// given UTXO must be proven in the Bridge\\n function defeatFraudChallenge(\\n bytes calldata walletPublicKey,\\n bytes calldata preimage,\\n bool witness\\n ) external {\\n self.defeatFraudChallenge(walletPublicKey, preimage, witness);\\n }\\n\\n /// @notice Notifies about defeat timeout for the given fraud challenge.\\n /// Can be called only if there was a fraud challenge identified by\\n /// the provided `walletPublicKey` and `sighash` and it was not\\n /// defeated on time. The amount of time that needs to pass after\\n /// a fraud challenge is reported is indicated by the\\n /// `challengeDefeatTimeout`. After a successful fraud challenge\\n /// defeat timeout notification the fraud challenge is marked as\\n /// resolved, the stake of each operator is slashed, the ether\\n /// deposited is returned to the challenger and the challenger is\\n /// rewarded.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Closing or\\n /// Terminated state\\n /// - The `walletPublicKey` and `sighash` must identify an open fraud\\n /// challenge\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The amount of time indicated by `challengeDefeatTimeout` must pass\\n /// after the challenge was reported\\n function notifyFraudChallengeDefeatTimeout(\\n bytes calldata walletPublicKey,\\n uint32[] calldata walletMembersIDs,\\n bytes32 sighash\\n ) external {\\n self.notifyFraudChallengeDefeatTimeout(\\n walletPublicKey,\\n walletMembersIDs,\\n sighash\\n );\\n }\\n\\n /// @notice Allows the Governance to mark the given vault address as trusted\\n /// or no longer trusted. Vaults are not trusted by default.\\n /// Trusted vault must meet the following criteria:\\n /// - `IVault.receiveBalanceIncrease` must have a known, low gas\\n /// cost.\\n /// - `IVault.receiveBalanceIncrease` must never revert.\\n /// @dev Without restricting reveal only to trusted vaults, malicious\\n /// vaults not meeting the criteria would be able to nuke sweep proof\\n /// transactions executed by ECDSA wallet with deposits routed to\\n /// them.\\n /// @param vault The address of the vault\\n /// @param isTrusted flag indicating whether the vault is trusted or not\\n /// @dev Can only be called by the Governance.\\n function setVaultStatus(address vault, bool isTrusted)\\n external\\n onlyGovernance\\n {\\n self.isVaultTrusted[vault] = isTrusted;\\n emit VaultStatusUpdated(vault, isTrusted);\\n }\\n\\n /// @notice Updates parameters of deposits.\\n /// @param depositDustThreshold New value of the deposit dust threshold in\\n /// satoshis. It is the minimal amount that can be requested to\\n //// deposit. Value of this parameter must take into account the value\\n /// of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters\\n /// in order to make requests that can incur the treasury and\\n /// transaction fee and still satisfy the depositor\\n /// @param depositTreasuryFeeDivisor New value of the treasury fee divisor.\\n /// It is the divisor used to compute the treasury fee taken from\\n /// each deposit and transferred to the treasury upon sweep proof\\n /// submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`\\n /// @param depositTxMaxFee New value of the deposit tx max fee in satoshis.\\n /// It is the maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud\\n /// @dev Requirements:\\n /// - Deposit dust threshold must be greater than zero\\n /// - Deposit treasury fee divisor must be greater than zero\\n /// - Deposit transaction max fee must be greater than zero\\n function updateDepositParameters(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n ) external onlyGovernance {\\n self.updateDepositParameters(\\n depositDustThreshold,\\n depositTreasuryFeeDivisor,\\n depositTxMaxFee\\n );\\n }\\n\\n /// @notice Updates parameters of redemptions.\\n /// @param redemptionDustThreshold New value of the redemption dust\\n /// threshold in satoshis. It is the minimal amount that can be\\n /// requested for redemption. Value of this parameter must take into\\n /// account the value of `redemptionTreasuryFeeDivisor` and\\n /// `redemptionTxMaxFee` parameters in order to make requests that\\n /// can incur the treasury and transaction fee and still satisfy the\\n /// redeemer.\\n /// @param redemptionTreasuryFeeDivisor New value of the redemption\\n /// treasury fee divisor. It is the divisor used to compute the\\n /// treasury fee taken from each redemption request and transferred\\n /// to the treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @param redemptionTxMaxFee New value of the redemption transaction max\\n /// fee in satoshis. It is the maximum amount of BTC transaction fee\\n /// that can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction fee\\n /// is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @param redemptionTimeout New value of the redemption timeout in seconds.\\n /// It is the time after which the redemption request can be reported\\n /// as timed out. It is counted from the moment when the redemption\\n /// request was created via `requestRedemption` call. Reported timed\\n /// out requests are cancelled and locked TBTC is returned to the\\n /// redeemer in full amount.\\n /// @param redemptionTimeoutSlashingAmount New value of the redemption\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for redemption timeout\\n /// @param redemptionTimeoutNotifierRewardMultiplier New value of the\\n /// redemption timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a redemption timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @dev Requirements:\\n /// - Redemption dust threshold must be greater than zero\\n /// - Redemption treasury fee divisor must be greater than zero\\n /// - Redemption transaction max fee must be greater than zero\\n /// - Redemption timeout must be greater than zero\\n /// - Redemption timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n function updateRedemptionParameters(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n ) external onlyGovernance {\\n self.updateRedemptionParameters(\\n redemptionDustThreshold,\\n redemptionTreasuryFeeDivisor,\\n redemptionTxMaxFee,\\n redemptionTimeout,\\n redemptionTimeoutSlashingAmount,\\n redemptionTimeoutNotifierRewardMultiplier\\n );\\n }\\n\\n /// @notice Updates parameters of moving funds.\\n /// @param movingFundsTxMaxTotalFee New value of the moving funds transaction\\n /// max total fee in satoshis. It is the maximum amount of the total\\n /// BTC transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @param movingFundsTimeout New value of the moving funds timeout in\\n /// seconds. It is the time after which the moving funds process can\\n /// be reported as timed out. It is counted from the moment when the\\n /// wallet was requested to move their funds and switched to the\\n /// MovingFunds state.\\n /// @param movingFundsDustThreshold New value of the moving funds dust\\n /// threshold. It is the minimal satoshi amount that makes sense to\\n // be transferred during the moving funds process. Moving funds\\n // wallets having their BTC balance below that value can begin\\n // closing immediately as transferring such a low value may not be\\n // possible due to BTC network fees.\\n /// @dev Requirements:\\n /// - Moving funds transaction max total fee must be greater than zero\\n /// - Moving funds timeout must be greater than zero\\n /// - Moving funds dust threshold must be greater than zero\\n function updateMovingFundsParameters(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint64 movingFundsDustThreshold\\n ) external onlyGovernance {\\n self.updateMovingFundsParameters(\\n movingFundsTxMaxTotalFee,\\n movingFundsTimeout,\\n movingFundsDustThreshold\\n );\\n }\\n\\n /// @notice Updates parameters of wallets.\\n /// @param walletCreationPeriod New value of the wallet creation period in\\n /// seconds, determines how frequently a new wallet creation can be\\n /// requested\\n /// @param walletCreationMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param walletCreationMaxBtcBalance New value of the wallet maximum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param walletClosureMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet closure\\n /// @param walletMaxAge New value of the wallet maximum age in seconds,\\n /// indicates the maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested\\n /// @param walletMaxBtcTransfer New value of the wallet maximum BTC transfer\\n /// in satoshi, determines the maximum amount that can be transferred\\n // to a single target wallet during the moving funds process\\n /// @param walletClosingPeriod New value of the wallet closing period in\\n /// seconds, determines the length of the wallet closing period,\\n // i.e. the period when the wallet remains in the Closing state\\n // and can be subject of deposit fraud challenges\\n /// @dev Requirements:\\n /// - Wallet minimum BTC balance must be greater than zero\\n /// - Wallet maximum BTC balance must be greater than the wallet\\n /// minimum BTC balance\\n /// - Wallet maximum BTC transfer must be greater than zero\\n /// - Wallet closing period must be greater than zero\\n function updateWalletParameters(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n ) external onlyGovernance {\\n self.updateWalletParameters(\\n walletCreationPeriod,\\n walletCreationMinBtcBalance,\\n walletCreationMaxBtcBalance,\\n walletClosureMinBtcBalance,\\n walletMaxAge,\\n walletMaxBtcTransfer,\\n walletClosingPeriod\\n );\\n }\\n\\n /// @notice Updates parameters related to frauds.\\n /// @param fraudSlashingAmount New value of the fraud slashing amount in T,\\n /// it is the amount slashed from each wallet member for committing\\n /// a fraud\\n /// @param fraudNotifierRewardMultiplier New value of the fraud notifier\\n /// reward multiplier as percentage, it determines the percentage of\\n /// the notifier reward from the staking contact the notifier of\\n /// a fraud receives. The value must be in the range [0, 100]\\n /// @param fraudChallengeDefeatTimeout New value of the challenge defeat\\n /// timeout in seconds, it is the amount of time the wallet has to\\n /// defeat a fraud challenge. The value must be greater than zero\\n /// @param fraudChallengeDepositAmount New value of the fraud challenge\\n /// deposit amount in wei, it is the amount of ETH the party\\n /// challenging the wallet for fraud needs to deposit\\n /// @dev Requirements:\\n /// - Fraud notifier reward multiplier must be in the range [0, 100]\\n /// - Fraud challenge defeat timeout must be greater than 0\\n function updateFraudParameters(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n ) external onlyGovernance {\\n self.updateFraudParameters(\\n fraudSlashingAmount,\\n fraudNotifierRewardMultiplier,\\n fraudChallengeDefeatTimeout,\\n fraudChallengeDepositAmount\\n );\\n }\\n\\n /// @notice Collection of all revealed deposits indexed by\\n /// keccak256(fundingTxHash | fundingOutputIndex).\\n /// The fundingTxHash is bytes32 (ordered as in Bitcoin internally)\\n /// and fundingOutputIndex an uint32. This mapping may contain valid\\n /// and invalid deposits and the wallet is responsible for\\n /// validating them before attempting to execute a sweep.\\n function deposits(uint256 depositKey)\\n external\\n view\\n returns (Deposit.DepositRequest memory)\\n {\\n return self.deposits[depositKey];\\n }\\n\\n /// @notice Collection of all pending redemption requests indexed by\\n /// redemption key built as\\n /// keccak256(walletPubKeyHash | redeemerOutputScript). The\\n /// walletPubKeyHash is the 20-byte wallet's public key hash\\n /// (computed using Bitcoin HASH160 over the compressed ECDSA\\n /// public key) and redeemerOutputScript is a Bitcoin script\\n /// (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC as requested by the redeemer. Requests are added\\n /// to this mapping by the `requestRedemption` method (duplicates\\n /// not allowed) and are removed by one of the following methods:\\n /// - `submitRedemptionProof` in case the request was handled\\n /// successfully\\n /// - `notifyRedemptionTimeout` in case the request was reported\\n /// to be timed out\\n function pendingRedemptions(uint256 redemptionKey)\\n external\\n view\\n returns (Redemption.RedemptionRequest memory)\\n {\\n return self.pendingRedemptions[redemptionKey];\\n }\\n\\n /// @notice Collection of all timed out redemptions requests indexed by\\n /// redemption key built as\\n /// keccak256(walletPubKeyHash | redeemerOutputScript). The\\n /// walletPubKeyHash is the 20-byte wallet's public key hash\\n /// (computed using Bitcoin HASH160 over the compressed ECDSA\\n /// public key) and redeemerOutputScript is the Bitcoin script\\n /// (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed\\n /// out request. Timed out requests are stored in this mapping to\\n /// avoid slashing the wallets multiple times for the same timeout.\\n /// Only one method can add to this mapping:\\n /// - `notifyRedemptionTimeout` which puts the redemption key\\n /// to this mapping basing on a timed out request stored\\n /// previously in `pendingRedemptions` mapping.\\n function timedOutRedemptions(uint256 redemptionKey)\\n external\\n view\\n returns (Redemption.RedemptionRequest memory)\\n {\\n return self.timedOutRedemptions[redemptionKey];\\n }\\n\\n /// @notice Collection of main UTXOs that are honestly spent indexed by\\n /// keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash\\n /// is bytes32 (ordered as in Bitcoin internally) and\\n /// fundingOutputIndex an uint32. A main UTXO is considered honestly\\n /// spent if it was used as an input of a transaction that have been\\n /// proven in the Bridge.\\n function spentMainUTXOs(uint256 utxoKey) external view returns (bool) {\\n return self.spentMainUTXOs[utxoKey];\\n }\\n\\n /// @notice Gets details about a registered wallet.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @return Wallet details.\\n function wallets(bytes20 walletPubKeyHash)\\n external\\n view\\n returns (Wallets.Wallet memory)\\n {\\n return self.registeredWallets[walletPubKeyHash];\\n }\\n\\n /// @notice Gets the public key hash of the active wallet.\\n /// @return The 20-byte public key hash (computed using Bitcoin HASH160\\n /// over the compressed ECDSA public key) of the active wallet.\\n /// Returns bytes20(0) if there is no active wallet at the moment.\\n function activeWalletPubKeyHash() external view returns (bytes20) {\\n return self.activeWalletPubKeyHash;\\n }\\n\\n /// @notice Gets the live wallets count.\\n /// @return The current count of wallets being in the Live state.\\n function liveWalletsCount() external view returns (uint32) {\\n return self.liveWalletsCount;\\n }\\n\\n /// @notice Returns the fraud challenge identified by the given key built\\n /// as keccak256(walletPublicKey|sighash).\\n function fraudChallenges(uint256 challengeKey)\\n external\\n view\\n returns (Fraud.FraudChallenge memory)\\n {\\n return self.fraudChallenges[challengeKey];\\n }\\n\\n /// @notice Indicates if the vault with the given address is trusted or not.\\n /// Depositors can route their revealed deposits only to trusted\\n /// vaults and have trusted vaults notified about new deposits as\\n /// soon as these deposits get swept. Vaults not trusted by the\\n /// Bridge can still be used by Bank balance owners on their own\\n /// responsibility - anyone can approve their Bank balance to any\\n /// address.\\n function isVaultTrusted(address vault) external view returns (bool) {\\n return self.isVaultTrusted[vault];\\n }\\n\\n /// @notice Returns the current values of Bridge deposit parameters.\\n /// @return depositDustThreshold The minimal amount that can be requested\\n /// to deposit. Value of this parameter must take into account the\\n /// value of `depositTreasuryFeeDivisor` and `depositTxMaxFee`\\n /// parameters in order to make requests that can incur the\\n /// treasury and transaction fee and still satisfy the depositor.\\n /// @return depositTreasuryFeeDivisor Divisor used to compute the treasury\\n /// fee taken from each deposit and transferred to the treasury upon\\n /// sweep proof submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`.\\n /// @return depositTxMaxFee Maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud.\\n function depositParameters()\\n external\\n view\\n returns (\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n )\\n {\\n depositDustThreshold = self.depositDustThreshold;\\n depositTreasuryFeeDivisor = self.depositTreasuryFeeDivisor;\\n depositTxMaxFee = self.depositTxMaxFee;\\n }\\n\\n /// @notice Returns the current values of Bridge redemption parameters.\\n /// @return redemptionDustThreshold The minimal amount that can be requested\\n /// for redemption. Value of this parameter must take into account\\n /// the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`\\n /// parameters in order to make requests that can incur the\\n /// treasury and transaction fee and still satisfy the redeemer.\\n /// @return redemptionTreasuryFeeDivisor Divisor used to compute the treasury\\n /// fee taken from each redemption request and transferred to the\\n /// treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @return redemptionTxMaxFee Maximum amount of BTC transaction fee that\\n /// can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction\\n /// fee is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @return redemptionTimeout Time after which the redemption request can be\\n /// reported as timed out. It is counted from the moment when the\\n /// redemption request was created via `requestRedemption` call.\\n /// Reported timed out requests are cancelled and locked TBTC is\\n /// returned to the redeemer in full amount.\\n /// @return redemptionTimeoutSlashingAmount The amount of stake slashed\\n /// from each member of a wallet for a redemption timeout.\\n /// @return redemptionTimeoutNotifierRewardMultiplier The percentage of the\\n /// notifier reward from the staking contract the notifier of a\\n /// redemption timeout receives. The value is in the range [0, 100].\\n function redemptionParameters()\\n external\\n view\\n returns (\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n )\\n {\\n redemptionDustThreshold = self.redemptionDustThreshold;\\n redemptionTreasuryFeeDivisor = self.redemptionTreasuryFeeDivisor;\\n redemptionTxMaxFee = self.redemptionTxMaxFee;\\n redemptionTimeout = self.redemptionTimeout;\\n redemptionTimeoutSlashingAmount = self.redemptionTimeoutSlashingAmount;\\n redemptionTimeoutNotifierRewardMultiplier = self\\n .redemptionTimeoutNotifierRewardMultiplier;\\n }\\n\\n /// @notice Returns the current values of Bridge moving funds between\\n /// wallets parameters.\\n /// @return movingFundsTxMaxTotalFee Maximum amount of the total BTC\\n /// transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @return movingFundsTimeout Time after which the moving funds process\\n /// can be reported as timed out. It is counted from the moment\\n /// when the wallet was requested to move their funds and switched\\n /// to the MovingFunds state. Value in seconds.\\n /// @return movingFundsDustThreshold The minimal satoshi amount that makes\\n // sense to be transferred during the moving funds process. Moving\\n // funds wallets having their BTC balance below that value can\\n // begin closing immediately as transferring such a low value may\\n // not be possible due to BTC network fees.\\n function movingFundsParameters()\\n external\\n view\\n returns (\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint64 movingFundsDustThreshold\\n )\\n {\\n movingFundsTxMaxTotalFee = self.movingFundsTxMaxTotalFee;\\n movingFundsTimeout = self.movingFundsTimeout;\\n movingFundsDustThreshold = self.movingFundsDustThreshold;\\n }\\n\\n /// @return walletCreationPeriod Determines how frequently a new wallet\\n /// creation can be requested. Value in seconds.\\n /// @return walletCreationMinBtcBalance The minimum BTC threshold in satoshi\\n /// that is used to decide about wallet creation.\\n /// @return walletCreationMaxBtcBalance The maximum BTC threshold in satoshi\\n /// that is used to decide about wallet creation.\\n /// @return walletClosureMinBtcBalance The minimum BTC threshold in satoshi\\n /// that is used to decide about wallet closure.\\n /// @return walletMaxAge The maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested.\\n /// @return walletMaxBtcTransfer The maximum BTC amount in satoshi than\\n /// can be transferred to a single target wallet during the moving\\n /// funds process.\\n /// @return walletClosingPeriod Determines the length of the wallet closing\\n /// period, i.e. the period when the wallet remains in the Closing\\n /// state and can be subject of deposit fraud challenges. Value\\n /// in seconds.\\n function walletParameters()\\n external\\n view\\n returns (\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n )\\n {\\n walletCreationPeriod = self.walletCreationPeriod;\\n walletCreationMinBtcBalance = self.walletCreationMinBtcBalance;\\n walletCreationMaxBtcBalance = self.walletCreationMaxBtcBalance;\\n walletClosureMinBtcBalance = self.walletClosureMinBtcBalance;\\n walletMaxAge = self.walletMaxAge;\\n walletMaxBtcTransfer = self.walletMaxBtcTransfer;\\n walletClosingPeriod = self.walletClosingPeriod;\\n }\\n\\n /// @notice Returns the current values of Bridge fraud parameters.\\n /// @return fraudSlashingAmount The amount slashed from each wallet member\\n /// for committing a fraud.\\n /// @return fraudNotifierRewardMultiplier The percentage of the notifier\\n /// reward from the staking contract the notifier of a fraud\\n /// receives. The value is in the range [0, 100].\\n /// @return fraudChallengeDefeatTimeout The amount of time the wallet has to\\n /// defeat a fraud challenge.\\n /// @return fraudChallengeDepositAmount The amount of ETH in wei the party\\n /// challenging the wallet for fraud needs to deposit.\\n function fraudParameters()\\n external\\n view\\n returns (\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n )\\n {\\n fraudSlashingAmount = self.fraudSlashingAmount;\\n fraudNotifierRewardMultiplier = self.fraudNotifierRewardMultiplier;\\n fraudChallengeDefeatTimeout = self.fraudChallengeDefeatTimeout;\\n fraudChallengeDepositAmount = self.fraudChallengeDepositAmount;\\n }\\n\\n /// @notice Returns the addresses of contracts Bridge is interacting with.\\n /// @return bank Address of the Bank the Bridge belongs to.\\n /// @return relay Address of the Bitcoin relay providing the current Bitcoin\\n /// network difficulty.\\n /// @return ecdsaWalletRegistry Address of the ECDSA Wallet Registry.\\n function contractReferences()\\n external\\n view\\n returns (\\n Bank bank,\\n IRelay relay,\\n EcdsaWalletRegistry ecdsaWalletRegistry\\n )\\n {\\n bank = self.bank;\\n relay = self.relay;\\n ecdsaWalletRegistry = self.ecdsaWalletRegistry;\\n }\\n\\n /// @notice Address where the deposit treasury fees will be sent to.\\n /// Treasury takes part in the operators rewarding process.\\n function treasury() external view returns (address) {\\n return self.treasury;\\n }\\n\\n /// @notice The number of confirmations on the Bitcoin chain required to\\n /// successfully evaluate an SPV proof.\\n function txProofDifficultyFactor() external view returns (uint256) {\\n return self.txProofDifficultyFactor;\\n }\\n}\\n\",\"keccak256\":\"0x5c5c52250c17530f1ddaaedb2e308680080a1d1de2e0fad2fa813f024a5ce2d7\",\"license\":\"MIT\"},\"contracts/bridge/BridgeState.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {IWalletRegistry as EcdsaWalletRegistry} from \\\"@keep-network/ecdsa/contracts/api/IWalletRegistry.sol\\\";\\n\\nimport \\\"./IRelay.sol\\\";\\nimport \\\"./Deposit.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./Fraud.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\nlibrary BridgeState {\\n // TODO: Make parameters governable\\n struct Storage {\\n // Address of the Bank the Bridge belongs to.\\n Bank bank;\\n // Bitcoin relay providing the current Bitcoin network difficulty.\\n IRelay relay;\\n // ECDSA Wallet Registry contract handle.\\n EcdsaWalletRegistry ecdsaWalletRegistry;\\n // The number of confirmations on the Bitcoin chain required to\\n // successfully evaluate an SPV proof.\\n uint256 txProofDifficultyFactor;\\n // Address where the deposit and redemption treasury fees will be sent\\n // to. Treasury takes part in the operators rewarding process.\\n address treasury;\\n // The minimal amount that can be requested to deposit.\\n // Value of this parameter must take into account the value of\\n // `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order\\n // to make requests that can incur the treasury and transaction fee and\\n // still satisfy the depositor.\\n uint64 depositDustThreshold;\\n // Divisor used to compute the treasury fee taken from each deposit and\\n // transferred to the treasury upon sweep proof submission. That fee is\\n // computed as follows:\\n // `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n // For example, if the treasury fee needs to be 2% of each deposit,\\n // the `depositTreasuryFeeDivisor` should be set to `50` because\\n // `1/50 = 0.02 = 2%`.\\n uint64 depositTreasuryFeeDivisor;\\n // Maximum amount of BTC transaction fee that can be incurred by each\\n // swept deposit being part of the given sweep transaction. If the\\n // maximum BTC transaction fee is exceeded, such transaction is\\n // considered a fraud.\\n //\\n // This is a per-deposit input max fee for the sweep transaction.\\n uint64 depositTxMaxFee;\\n // Collection of all revealed deposits indexed by\\n // `keccak256(fundingTxHash | fundingOutputIndex)`.\\n // The `fundingTxHash` is `bytes32` (ordered as in Bitcoin internally)\\n // and `fundingOutputIndex` an `uint32`. This mapping may contain valid\\n // and invalid deposits and the wallet is responsible for validating\\n // them before attempting to execute a sweep.\\n mapping(uint256 => Deposit.DepositRequest) deposits;\\n // Indicates if the vault with the given address is trusted or not.\\n // Depositors can route their revealed deposits only to trusted vaults\\n // and have trusted vaults notified about new deposits as soon as these\\n // deposits get swept. Vaults not trusted by the Bridge can still be\\n // used by Bank balance owners on their own responsibility - anyone can\\n // approve their Bank balance to any address.\\n mapping(address => bool) isVaultTrusted;\\n // Maximum amount of the total BTC transaction fee that is acceptable in\\n // a single moving funds transaction.\\n //\\n // This is a TOTAL max fee for the moving funds transaction. Note\\n // that `depositTxMaxFee` is per single deposit and `redemptionTxMaxFee`\\n // if per single redemption. `movingFundsTxMaxTotalFee` is a total\\n // fee for the entire transaction.\\n uint64 movingFundsTxMaxTotalFee;\\n // Time after which the moving funds process can be reported as\\n // timed out. It is counted from the moment when the wallet\\n // was requested to move their funds and switched to the MovingFunds\\n // state. Value in seconds.\\n uint32 movingFundsTimeout;\\n // The minimal satoshi amount that makes sense to be transferred during\\n // the moving funds process. Moving funds wallets having their BTC\\n // balance below that value can begin closing immediately as\\n // transferring such a low value may not be possible due to\\n // BTC network fees.\\n uint64 movingFundsDustThreshold;\\n // The minimal amount that can be requested for redemption.\\n // Value of this parameter must take into account the value of\\n // `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`\\n // parameters in order to make requests that can incur the\\n // treasury and transaction fee and still satisfy the redeemer.\\n uint64 redemptionDustThreshold;\\n // Divisor used to compute the treasury fee taken from each\\n // redemption request and transferred to the treasury upon\\n // successful request finalization. That fee is computed as follows:\\n // `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n // For example, if the treasury fee needs to be 2% of each\\n // redemption request, the `redemptionTreasuryFeeDivisor` should\\n // be set to `50` because `1/50 = 0.02 = 2%`.\\n uint64 redemptionTreasuryFeeDivisor;\\n // Maximum amount of BTC transaction fee that can be incurred by\\n // each redemption request being part of the given redemption\\n // transaction. If the maximum BTC transaction fee is exceeded, such\\n // transaction is considered a fraud.\\n //\\n // This is a per-redemption output max fee for the redemption\\n // transaction.\\n uint64 redemptionTxMaxFee;\\n // Time after which the redemption request can be reported as\\n // timed out. It is counted from the moment when the redemption\\n // request was created via `requestRedemption` call. Reported\\n // timed out requests are cancelled and locked TBTC is returned\\n // to the redeemer in full amount.\\n uint256 redemptionTimeout;\\n // The amount of stake slashed from each member of a wallet for a\\n // redemption timeout.\\n uint96 redemptionTimeoutSlashingAmount;\\n // The percentage of the notifier reward from the staking contract\\n // the notifier of a redemption timeout receives. The value is in the\\n // range [0, 100].\\n uint256 redemptionTimeoutNotifierRewardMultiplier;\\n // Collection of all pending redemption requests indexed by\\n // redemption key built as\\n // `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n // The `walletPubKeyHash` is the 20-byte wallet's public key hash\\n // (computed using Bitcoin HASH160 over the compressed ECDSA\\n // public key) and `redeemerOutputScript` is a Bitcoin script\\n // (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n // redeemed BTC as requested by the redeemer. Requests are added\\n // to this mapping by the `requestRedemption` method (duplicates\\n // not allowed) and are removed by one of the following methods:\\n // - `submitRedemptionProof` in case the request was handled\\n // successfully\\n // - `notifyRedemptionTimeout` in case the request was reported\\n // to be timed out\\n mapping(uint256 => Redemption.RedemptionRequest) pendingRedemptions;\\n // Collection of all timed out redemptions requests indexed by\\n // redemption key built as\\n // `keccak256(walletPubKeyHash | redeemerOutputScript)`. The\\n // `walletPubKeyHash` is the 20-byte wallet's public key hash\\n // (computed using Bitcoin HASH160 over the compressed ECDSA\\n // public key) and `redeemerOutputScript` is the Bitcoin script\\n // (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed\\n // out request. Timed out requests are stored in this mapping to\\n // avoid slashing the wallets multiple times for the same timeout.\\n // Only one method can add to this mapping:\\n // - `notifyRedemptionTimeout` which puts the redemption key to this\\n // mapping basing on a timed out request stored previously in\\n // `pendingRedemptions` mapping.\\n mapping(uint256 => Redemption.RedemptionRequest) timedOutRedemptions;\\n // The amount of stake slashed from each member of a wallet for a fraud.\\n uint96 fraudSlashingAmount;\\n // The percentage of the notifier reward from the staking contract\\n // the notifier of a fraud receives. The value is in the range [0, 100].\\n uint256 fraudNotifierRewardMultiplier;\\n // The amount of time the wallet has to defeat a fraud challenge.\\n uint256 fraudChallengeDefeatTimeout;\\n // The amount of ETH in wei the party challenging the wallet for fraud\\n // needs to deposit.\\n uint256 fraudChallengeDepositAmount;\\n // Collection of all submitted fraud challenges indexed by challenge\\n // key built as `keccak256(walletPublicKey|sighash)`.\\n mapping(uint256 => Fraud.FraudChallenge) fraudChallenges;\\n // Collection of main UTXOs that are honestly spent indexed by\\n // `keccak256(fundingTxHash | fundingOutputIndex)`. The `fundingTxHash`\\n // is `bytes32` (ordered as in Bitcoin internally) and\\n // `fundingOutputIndex` an `uint32`. A main UTXO is considered honestly\\n // spent if it was used as an input of a transaction that have been\\n // proven in the Bridge.\\n mapping(uint256 => bool) spentMainUTXOs;\\n // Determines how frequently a new wallet creation can be requested.\\n // Value in seconds.\\n uint32 walletCreationPeriod;\\n // The minimum BTC threshold in satoshi that is used to decide about\\n // wallet creation. Specifically, we allow for the creation of a new\\n // wallet if the active wallet is old enough and their amount of BTC\\n // is greater than or equal this threshold.\\n uint64 walletCreationMinBtcBalance;\\n // The maximum BTC threshold in satoshi that is used to decide about\\n // wallet creation. Specifically, we allow for the creation of a new\\n // wallet if the active wallet's amount of BTC is greater than or equal\\n // this threshold, regardless of the active wallet's age.\\n uint64 walletCreationMaxBtcBalance;\\n // The minimum BTC threshold in satoshi that is used to decide about\\n // wallet closing. Specifically, we allow for the closure of the given\\n // wallet if their amount of BTC is lesser than this threshold,\\n // regardless of the wallet's age.\\n uint64 walletClosureMinBtcBalance;\\n // The maximum age of a wallet in seconds, after which the wallet\\n // moving funds process can be requested.\\n uint32 walletMaxAge;\\n // 20-byte wallet public key hash being reference to the currently\\n // active wallet. Can be unset to the zero value under certain\\n // circumstances.\\n bytes20 activeWalletPubKeyHash;\\n // The current number of wallets in the Live state.\\n uint32 liveWalletsCount;\\n // The maximum BTC amount in satoshi than can be transferred to a single\\n // target wallet during the moving funds process.\\n uint64 walletMaxBtcTransfer;\\n // Determines the length of the wallet closing period, i.e. the period\\n // when the wallet remains in the Closing state and can be subject\\n // of deposit fraud challenges. This value is in seconds and should be\\n // greater than the deposit refund time plus some time margin.\\n uint32 walletClosingPeriod;\\n // Maps the 20-byte wallet public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) to the basic wallet\\n // information like state and pending redemptions value.\\n mapping(bytes20 => Wallets.Wallet) registeredWallets;\\n }\\n\\n event DepositParametersUpdated(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n );\\n\\n event RedemptionParametersUpdated(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n );\\n\\n event MovingFundsParametersUpdated(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint64 movingFundsDustThreshold\\n );\\n\\n event WalletParametersUpdated(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n );\\n\\n event FraudParametersUpdated(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n );\\n\\n /// @notice Updates parameters of deposits.\\n /// @param _depositDustThreshold New value of the deposit dust threshold in\\n /// satoshis. It is the minimal amount that can be requested to\\n //// deposit. Value of this parameter must take into account the value\\n /// of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters\\n /// in order to make requests that can incur the treasury and\\n /// transaction fee and still satisfy the depositor\\n /// @param _depositTreasuryFeeDivisor New value of the treasury fee divisor.\\n /// It is the divisor used to compute the treasury fee taken from\\n /// each deposit and transferred to the treasury upon sweep proof\\n /// submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`\\n /// @param _depositTxMaxFee New value of the deposit tx max fee in satoshis.\\n /// It is the maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud\\n /// @dev Requirements:\\n /// - Deposit dust threshold must be greater than zero\\n /// - Deposit treasury fee divisor must be greater than zero\\n /// - Deposit transaction max fee must be greater than zero\\n function updateDepositParameters(\\n Storage storage self,\\n uint64 _depositDustThreshold,\\n uint64 _depositTreasuryFeeDivisor,\\n uint64 _depositTxMaxFee\\n ) internal {\\n require(\\n _depositDustThreshold > 0,\\n \\\"Deposit dust threshold must be greater than zero\\\"\\n );\\n\\n require(\\n _depositTreasuryFeeDivisor > 0,\\n \\\"Deposit treasury fee divisor must be greater than zero\\\"\\n );\\n\\n require(\\n _depositTxMaxFee > 0,\\n \\\"Deposit transaction max fee must be greater than zero\\\"\\n );\\n\\n self.depositDustThreshold = _depositDustThreshold;\\n self.depositTreasuryFeeDivisor = _depositTreasuryFeeDivisor;\\n self.depositTxMaxFee = _depositTxMaxFee;\\n\\n emit DepositParametersUpdated(\\n _depositDustThreshold,\\n _depositTreasuryFeeDivisor,\\n _depositTxMaxFee\\n );\\n }\\n\\n /// @notice Updates parameters of redemptions.\\n /// @param _redemptionDustThreshold New value of the redemption dust\\n /// threshold in satoshis. It is the minimal amount that can be\\n /// requested for redemption. Value of this parameter must take into\\n /// account the value of `redemptionTreasuryFeeDivisor` and\\n /// `redemptionTxMaxFee` parameters in order to make requests that\\n /// can incur the treasury and transaction fee and still satisfy the\\n /// redeemer.\\n /// @param _redemptionTreasuryFeeDivisor New value of the redemption\\n /// treasury fee divisor. It is the divisor used to compute the\\n /// treasury fee taken from each redemption request and transferred\\n /// to the treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @param _redemptionTxMaxFee New value of the redemption transaction max\\n /// fee in satoshis. It is the maximum amount of BTC transaction fee\\n /// that can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction fee\\n /// is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @param _redemptionTimeout New value of the redemption timeout in seconds.\\n /// It is the time after which the redemption request can be reported\\n /// as timed out. It is counted from the moment when the redemption\\n /// request was created via `requestRedemption` call. Reported timed\\n /// out requests are cancelled and locked TBTC is returned to the\\n /// redeemer in full amount.\\n /// @param _redemptionTimeoutSlashingAmount New value of the redemption\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for redemption timeout\\n /// @param _redemptionTimeoutNotifierRewardMultiplier New value of the\\n /// redemption timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a redemption timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @dev Requirements:\\n /// - Redemption dust threshold must be greater than zero\\n /// - Redemption treasury fee divisor must be greater than zero\\n /// - Redemption transaction max fee must be greater than zero\\n /// - Redemption timeout must be greater than zero\\n /// - Redemption timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n function updateRedemptionParameters(\\n Storage storage self,\\n uint64 _redemptionDustThreshold,\\n uint64 _redemptionTreasuryFeeDivisor,\\n uint64 _redemptionTxMaxFee,\\n uint256 _redemptionTimeout,\\n uint96 _redemptionTimeoutSlashingAmount,\\n uint256 _redemptionTimeoutNotifierRewardMultiplier\\n ) internal {\\n require(\\n _redemptionDustThreshold > 0,\\n \\\"Redemption dust threshold must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTreasuryFeeDivisor > 0,\\n \\\"Redemption treasury fee divisor must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTxMaxFee > 0,\\n \\\"Redemption transaction max fee must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTimeout > 0,\\n \\\"Redemption timeout must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTimeoutNotifierRewardMultiplier <= 100,\\n \\\"Redemption timeout notifier reward multiplier must be in the range [0, 100]\\\"\\n );\\n\\n self.redemptionDustThreshold = _redemptionDustThreshold;\\n self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;\\n self.redemptionTxMaxFee = _redemptionTxMaxFee;\\n self.redemptionTimeout = _redemptionTimeout;\\n self.redemptionTimeoutSlashingAmount = _redemptionTimeoutSlashingAmount;\\n self\\n .redemptionTimeoutNotifierRewardMultiplier = _redemptionTimeoutNotifierRewardMultiplier;\\n\\n emit RedemptionParametersUpdated(\\n _redemptionDustThreshold,\\n _redemptionTreasuryFeeDivisor,\\n _redemptionTxMaxFee,\\n _redemptionTimeout,\\n _redemptionTimeoutSlashingAmount,\\n _redemptionTimeoutNotifierRewardMultiplier\\n );\\n }\\n\\n /// @notice Updates parameters of moving funds.\\n /// @param _movingFundsTxMaxTotalFee New value of the moving funds transaction\\n /// max total fee in satoshis. It is the maximum amount of the total\\n /// BTC transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @param _movingFundsTimeout New value of the moving funds timeout in\\n /// seconds. It is the time after which the moving funds process can\\n /// be reported as timed out. It is counted from the moment when the\\n /// wallet was requested to move their funds and switched to the\\n /// MovingFunds state.\\n /// @param _movingFundsDustThreshold New value of the moving funds dust\\n /// threshold. It is the minimal satoshi amount that makes sense to\\n // be transferred during the moving funds process. Moving funds\\n // wallets having their BTC balance below that value can begin\\n // closing immediately as transferring such a low value may not be\\n // possible due to BTC network fees.\\n /// @dev Requirements:\\n /// - Moving funds transaction max total fee must be greater than zero\\n /// - Moving funds timeout must be greater than zero\\n /// - Moving funds dust threshold must be greater than zero\\n function updateMovingFundsParameters(\\n Storage storage self,\\n uint64 _movingFundsTxMaxTotalFee,\\n uint32 _movingFundsTimeout,\\n uint64 _movingFundsDustThreshold\\n ) internal {\\n require(\\n _movingFundsTxMaxTotalFee > 0,\\n \\\"Moving funds transaction max total fee must be greater than zero\\\"\\n );\\n\\n require(\\n _movingFundsTimeout > 0,\\n \\\"Moving funds timeout must be greater than zero\\\"\\n );\\n\\n require(\\n _movingFundsDustThreshold > 0,\\n \\\"Moving funds dust threshold must be greater than zero\\\"\\n );\\n\\n self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;\\n self.movingFundsTimeout = _movingFundsTimeout;\\n self.movingFundsDustThreshold = _movingFundsDustThreshold;\\n\\n emit MovingFundsParametersUpdated(\\n _movingFundsTxMaxTotalFee,\\n _movingFundsTimeout,\\n _movingFundsDustThreshold\\n );\\n }\\n\\n /// @notice Updates parameters of wallets.\\n /// @param _walletCreationPeriod New value of the wallet creation period in\\n /// seconds, determines how frequently a new wallet creation can be\\n /// requested\\n /// @param _walletCreationMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param _walletCreationMaxBtcBalance New value of the wallet maximum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param _walletClosureMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet closure\\n /// @param _walletMaxAge New value of the wallet maximum age in seconds,\\n /// indicates the maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested\\n /// @param _walletMaxBtcTransfer New value of the wallet maximum BTC transfer\\n /// in satoshi, determines the maximum amount that can be transferred\\n /// to a single target wallet during the moving funds process\\n /// @param _walletClosingPeriod New value of the wallet closing period in\\n /// seconds, determines the length of the wallet closing period,\\n // i.e. the period when the wallet remains in the Closing state\\n // and can be subject of deposit fraud challenges\\n /// @dev Requirements:\\n /// - Wallet minimum BTC balance must be greater than zero\\n /// - Wallet maximum BTC balance must be greater than the wallet\\n /// minimum BTC balance\\n /// - Wallet maximum BTC transfer must be greater than zero\\n /// - Wallet closing period must be greater than zero\\n function updateWalletParameters(\\n Storage storage self,\\n uint32 _walletCreationPeriod,\\n uint64 _walletCreationMinBtcBalance,\\n uint64 _walletCreationMaxBtcBalance,\\n uint64 _walletClosureMinBtcBalance,\\n uint32 _walletMaxAge,\\n uint64 _walletMaxBtcTransfer,\\n uint32 _walletClosingPeriod\\n ) internal {\\n require(\\n _walletCreationMaxBtcBalance > _walletCreationMinBtcBalance,\\n \\\"Wallet creation maximum BTC balance must be greater than the creation minimum BTC balance\\\"\\n );\\n require(\\n _walletClosureMinBtcBalance > 0,\\n \\\"Wallet closure minimum BTC balance must be greater than zero\\\"\\n );\\n require(\\n _walletMaxBtcTransfer > 0,\\n \\\"Wallet maximum BTC transfer must be greater than zero\\\"\\n );\\n require(\\n _walletClosingPeriod > 0,\\n \\\"Wallet closing period must be greater than zero\\\"\\n );\\n\\n self.walletCreationPeriod = _walletCreationPeriod;\\n self.walletCreationMinBtcBalance = _walletCreationMinBtcBalance;\\n self.walletCreationMaxBtcBalance = _walletCreationMaxBtcBalance;\\n self.walletClosureMinBtcBalance = _walletClosureMinBtcBalance;\\n self.walletMaxAge = _walletMaxAge;\\n self.walletMaxBtcTransfer = _walletMaxBtcTransfer;\\n self.walletClosingPeriod = _walletClosingPeriod;\\n\\n emit WalletParametersUpdated(\\n _walletCreationPeriod,\\n _walletCreationMinBtcBalance,\\n _walletCreationMaxBtcBalance,\\n _walletClosureMinBtcBalance,\\n _walletMaxAge,\\n _walletMaxBtcTransfer,\\n _walletClosingPeriod\\n );\\n }\\n\\n /// @notice Updates parameters related to frauds.\\n /// @param _fraudSlashingAmount New value of the fraud slashing amount in T,\\n /// it is the amount slashed from each wallet member for committing\\n /// a fraud\\n /// @param _fraudNotifierRewardMultiplier New value of the fraud notifier\\n /// reward multiplier as percentage, it determines the percentage of\\n /// the notifier reward from the staking contact the notifier of\\n /// a fraud receives. The value must be in the range [0, 100]\\n /// @param _fraudChallengeDefeatTimeout New value of the challenge defeat\\n /// timeout in seconds, it is the amount of time the wallet has to\\n /// defeat a fraud challenge. The value must be greater than zero\\n /// @param _fraudChallengeDepositAmount New value of the fraud challenge\\n /// deposit amount in wei, it is the amount of ETH the party\\n /// challenging the wallet for fraud needs to deposit\\n /// @dev Requirements:\\n /// - Fraud notifier reward multiplier must be in the range [0, 100]\\n /// - Fraud challenge defeat timeout must be greater than 0\\n function updateFraudParameters(\\n Storage storage self,\\n uint96 _fraudSlashingAmount,\\n uint256 _fraudNotifierRewardMultiplier,\\n uint256 _fraudChallengeDefeatTimeout,\\n uint256 _fraudChallengeDepositAmount\\n ) internal {\\n require(\\n _fraudNotifierRewardMultiplier <= 100,\\n \\\"Fraud notifier reward multiplier must be in the range [0, 100]\\\"\\n );\\n\\n require(\\n _fraudChallengeDefeatTimeout > 0,\\n \\\"Fraud challenge defeat timeout must be greater than zero\\\"\\n );\\n\\n self.fraudSlashingAmount = _fraudSlashingAmount;\\n self.fraudNotifierRewardMultiplier = _fraudNotifierRewardMultiplier;\\n self.fraudChallengeDefeatTimeout = _fraudChallengeDefeatTimeout;\\n self.fraudChallengeDepositAmount = _fraudChallengeDepositAmount;\\n\\n emit FraudParametersUpdated(\\n _fraudSlashingAmount,\\n _fraudNotifierRewardMultiplier,\\n _fraudChallengeDefeatTimeout,\\n _fraudChallengeDepositAmount\\n );\\n }\\n}\\n\",\"keccak256\":\"0xd20edf6c73cb4b0015f76f88fc37d5bd818d890e482dce40584a873ffdeef397\",\"license\":\"MIT\"},\"contracts/bridge/Deposit.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Bridge deposit\\n/// @notice The library handles the logic for revealing Bitcoin deposits to\\n/// the Bridge.\\n/// @dev The depositor puts together a P2SH or P2WSH address to deposit the\\n/// funds. This script is unique to each depositor and looks like this:\\n///\\n/// ```\\n/// <depositorAddress> DROP\\n/// <blindingFactor> DROP\\n/// DUP HASH160 <walletPubKeyHash> EQUAL\\n/// IF\\n/// CHECKSIG\\n/// ELSE\\n/// DUP HASH160 <refundPubkeyHash> EQUALVERIFY\\n/// <refundLocktime> CHECKLOCKTIMEVERIFY DROP\\n/// CHECKSIG\\n/// ENDIF\\n/// ```\\n///\\n/// Since each depositor has their own Ethereum address and their own\\n/// secret blinding factor, each depositor\\u2019s script is unique, and the hash\\n/// of each depositor\\u2019s script is unique.\\nlibrary Deposit {\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n /// @notice Represents data which must be revealed by the depositor during\\n /// deposit reveal.\\n struct DepositRevealInfo {\\n // Index of the funding output belonging to the funding transaction.\\n uint32 fundingOutputIndex;\\n // Ethereum depositor address.\\n address depositor;\\n // The blinding factor as 8 bytes. Byte endianness doesn't matter\\n // as this factor is not interpreted as uint.\\n bytes8 blindingFactor;\\n // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)\\n // of the deposit's wallet hashed in the HASH160 Bitcoin opcode style.\\n bytes20 walletPubKeyHash;\\n // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)\\n // that can be used to make the deposit refund after the refund\\n // locktime passes. Hashed in the HASH160 Bitcoin opcode style.\\n bytes20 refundPubKeyHash;\\n // The refund locktime (4-byte LE). Interpreted according to locktime\\n // parsing rules described in:\\n // https://developer.bitcoin.org/devguide/transactions.html#locktime-and-sequence-number\\n // and used with OP_CHECKLOCKTIMEVERIFY opcode as described in:\\n // https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki\\n bytes4 refundLocktime;\\n // Address of the Bank vault to which the deposit is routed to.\\n // Optional, can be 0x0. The vault must be trusted by the Bridge.\\n address vault;\\n }\\n\\n /// @notice Represents tBTC deposit request data.\\n struct DepositRequest {\\n // Ethereum depositor address.\\n address depositor;\\n // Deposit amount in satoshi.\\n uint64 amount;\\n // UNIX timestamp the deposit was revealed at.\\n uint32 revealedAt;\\n // Address of the Bank vault the deposit is routed to.\\n // Optional, can be 0x0.\\n address vault;\\n // Treasury TBTC fee in satoshi at the moment of deposit reveal.\\n uint64 treasuryFee;\\n // UNIX timestamp the deposit was swept at. Note this is not the\\n // time when the deposit was swept on the Bitcoin chain but actually\\n // the time when the sweep proof was delivered to the Ethereum chain.\\n uint32 sweptAt;\\n }\\n\\n event DepositRevealed(\\n bytes32 fundingTxHash,\\n uint32 fundingOutputIndex,\\n address depositor,\\n uint64 amount,\\n bytes8 blindingFactor,\\n bytes20 walletPubKeyHash,\\n bytes20 refundPubKeyHash,\\n bytes4 refundLocktime,\\n address vault\\n );\\n\\n /// @notice Used by the depositor to reveal information about their P2(W)SH\\n /// Bitcoin deposit to the Bridge on Ethereum chain. The off-chain\\n /// wallet listens for revealed deposit events and may decide to\\n /// include the revealed deposit in the next executed sweep.\\n /// Information about the Bitcoin deposit can be revealed before or\\n /// after the Bitcoin transaction with P2(W)SH deposit is mined on\\n /// the Bitcoin chain. Worth noting, the gas cost of this function\\n /// scales with the number of P2(W)SH transaction inputs and\\n /// outputs. The deposit may be routed to one of the trusted vaults.\\n /// When a deposit is routed to a vault, vault gets notified when\\n /// the deposit gets swept and it may execute the appropriate action.\\n /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`\\n /// @param reveal Deposit reveal data, see `RevealInfo struct\\n /// @dev Requirements:\\n /// - `reveal.walletPubKeyHash` must identify a `Live` wallet\\n /// - `reveal.vault` must be 0x0 or point to a trusted vault\\n /// - `reveal.fundingOutputIndex` must point to the actual P2(W)SH\\n /// output of the BTC deposit transaction\\n /// - `reveal.depositor` must be the Ethereum address used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.blindingFactor` must be the blinding factor used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.walletPubKeyHash` must be the wallet pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundPubKeyHash` must be the refund pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundLocktime` must be the refund locktime used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex`\\n /// can be revealed only one time.\\n ///\\n /// If any of these requirements is not met, the wallet _must_ refuse\\n /// to sweep the deposit and the depositor has to wait until the\\n /// deposit script unlocks to receive their BTC back.\\n function revealDeposit(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata fundingTx,\\n DepositRevealInfo calldata reveal\\n ) external {\\n require(\\n self.registeredWallets[reveal.walletPubKeyHash].state ==\\n Wallets.WalletState.Live,\\n \\\"Wallet must be in Live state\\\"\\n );\\n\\n require(\\n reveal.vault == address(0) || self.isVaultTrusted[reveal.vault],\\n \\\"Vault is not trusted\\\"\\n );\\n\\n // TODO: Should we enforce a specific locktime at contract level?\\n\\n bytes memory expectedScript = abi.encodePacked(\\n hex\\\"14\\\", // Byte length of depositor Ethereum address.\\n reveal.depositor,\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"08\\\", // Byte length of blinding factor value.\\n reveal.blindingFactor,\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"76\\\", // OP_DUP\\n hex\\\"a9\\\", // OP_HASH160\\n hex\\\"14\\\", // Byte length of a compressed Bitcoin public key hash.\\n reveal.walletPubKeyHash,\\n hex\\\"87\\\", // OP_EQUAL\\n hex\\\"63\\\", // OP_IF\\n hex\\\"ac\\\", // OP_CHECKSIG\\n hex\\\"67\\\", // OP_ELSE\\n hex\\\"76\\\", // OP_DUP\\n hex\\\"a9\\\", // OP_HASH160\\n hex\\\"14\\\", // Byte length of a compressed Bitcoin public key hash.\\n reveal.refundPubKeyHash,\\n hex\\\"88\\\", // OP_EQUALVERIFY\\n hex\\\"04\\\", // Byte length of refund locktime value.\\n reveal.refundLocktime,\\n hex\\\"b1\\\", // OP_CHECKLOCKTIMEVERIFY\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"ac\\\", // OP_CHECKSIG\\n hex\\\"68\\\" // OP_ENDIF\\n );\\n\\n bytes memory fundingOutput = fundingTx\\n .outputVector\\n .extractOutputAtIndex(reveal.fundingOutputIndex);\\n bytes memory fundingOutputHash = fundingOutput.extractHash();\\n\\n if (fundingOutputHash.length == 20) {\\n // A 20-byte output hash is used by P2SH. That hash is constructed\\n // by applying OP_HASH160 on the locking script. A 20-byte output\\n // hash is used as well by P2PKH and P2WPKH (OP_HASH160 on the\\n // public key). However, since we compare the actual output hash\\n // with an expected locking script hash, this check will succeed only\\n // for P2SH transaction type with expected script hash value. For\\n // P2PKH and P2WPKH, it will fail on the output hash comparison with\\n // the expected locking script hash.\\n require(\\n fundingOutputHash.slice20(0) == expectedScript.hash160View(),\\n \\\"Wrong 20-byte script hash\\\"\\n );\\n } else if (fundingOutputHash.length == 32) {\\n // A 32-byte output hash is used by P2WSH. That hash is constructed\\n // by applying OP_SHA256 on the locking script.\\n require(\\n fundingOutputHash.toBytes32() == sha256(expectedScript),\\n \\\"Wrong 32-byte script hash\\\"\\n );\\n } else {\\n revert(\\\"Wrong script hash length\\\");\\n }\\n\\n // Resulting TX hash is in native Bitcoin little-endian format.\\n bytes32 fundingTxHash = abi\\n .encodePacked(\\n fundingTx.version,\\n fundingTx.inputVector,\\n fundingTx.outputVector,\\n fundingTx.locktime\\n )\\n .hash256View();\\n\\n DepositRequest storage deposit = self.deposits[\\n uint256(\\n keccak256(\\n abi.encodePacked(fundingTxHash, reveal.fundingOutputIndex)\\n )\\n )\\n ];\\n require(deposit.revealedAt == 0, \\\"Deposit already revealed\\\");\\n\\n uint64 fundingOutputAmount = fundingOutput.extractValue();\\n\\n require(\\n fundingOutputAmount >= self.depositDustThreshold,\\n \\\"Deposit amount too small\\\"\\n );\\n\\n deposit.amount = fundingOutputAmount;\\n deposit.depositor = reveal.depositor;\\n /* solhint-disable-next-line not-rely-on-time */\\n deposit.revealedAt = uint32(block.timestamp);\\n deposit.vault = reveal.vault;\\n deposit.treasuryFee = self.depositTreasuryFeeDivisor > 0\\n ? fundingOutputAmount / self.depositTreasuryFeeDivisor\\n : 0;\\n // slither-disable-next-line reentrancy-events\\n emit DepositRevealed(\\n fundingTxHash,\\n reveal.fundingOutputIndex,\\n reveal.depositor,\\n fundingOutputAmount,\\n reveal.blindingFactor,\\n reveal.walletPubKeyHash,\\n reveal.refundPubKeyHash,\\n reveal.refundLocktime,\\n reveal.vault\\n );\\n }\\n}\\n\",\"keccak256\":\"0x2f3c592eb79ecf1411bb4e98530166efd722d926594e639ba8b09786777237bb\",\"license\":\"MIT\"},\"contracts/bridge/EcdsaLib.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nlibrary EcdsaLib {\\n using BytesLib for bytes;\\n\\n /// @notice Converts public key X and Y coordinates (32-byte each) to a\\n /// compressed public key (33-byte). Compressed public key is X\\n /// coordinate prefixed with `02` or `03` based on the Y coordinate parity.\\n /// It is expected that the uncompressed public key is stripped\\n /// (i.e. it is not prefixed with `04`).\\n /// @param x Wallet's public key's X coordinate.\\n /// @param y Wallet's public key's Y coordinate.\\n /// @return Compressed public key (33-byte), prefixed with `02` or `03`.\\n function compressPublicKey(bytes32 x, bytes32 y)\\n internal\\n pure\\n returns (bytes memory)\\n {\\n bytes1 prefix;\\n if (uint256(y) % 2 == 0) {\\n prefix = hex\\\"02\\\";\\n } else {\\n prefix = hex\\\"03\\\";\\n }\\n\\n return bytes.concat(prefix, x);\\n }\\n}\\n\",\"keccak256\":\"0x0b1b1755b6332c9d6d58a1d156a7151905a656faa7768345eb190b938f48c38d\",\"license\":\"MIT\"},\"contracts/bridge/Fraud.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {CheckBitcoinSigs} from \\\"@keep-network/bitcoin-spv-sol/contracts/CheckBitcoinSigs.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Bridge fraud\\n/// @notice The library handles the logic for challenging Bridge wallets that\\n/// committed fraud.\\n/// @dev Anyone can submit a fraud challenge indicating that a UTXO being under\\n/// the wallet control was unlocked by the wallet but was not used\\n/// according to the protocol rules. That means the wallet signed\\n/// a transaction input pointing to that UTXO and there is a unique\\n/// sighash and signature pair associated with that input.\\n///\\n/// In order to defeat the challenge, the same wallet public key and\\n/// signature must be provided as were used to calculate the sighash during\\n/// the challenge. The wallet provides the preimage which produces sighash\\n/// used to generate the ECDSA signature that is the subject of the fraud\\n/// claim. The fraud challenge defeat attempt will only succeed if the\\n/// inputs in the preimage are considered honestly spent by the wallet.\\n/// Therefore the transaction spending the UTXO must be proven in the\\n/// Bridge before a challenge defeat is called.\\nlibrary Fraud {\\n using Wallets for BridgeState.Storage;\\n\\n using BytesLib for bytes;\\n using BTCUtils for bytes;\\n using BTCUtils for uint32;\\n using EcdsaLib for bytes;\\n\\n struct FraudChallenge {\\n // The address of the party challenging the wallet.\\n address challenger;\\n // The amount of ETH the challenger deposited.\\n uint256 depositAmount;\\n // The timestamp the challenge was submitted at.\\n uint32 reportedAt;\\n // The flag indicating whether the challenge has been resolved.\\n bool resolved;\\n }\\n\\n event FraudChallengeSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n );\\n\\n event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);\\n\\n event FraudChallengeDefeatTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash\\n );\\n\\n /// @notice Submits a fraud challenge indicating that a UTXO being under\\n /// wallet control was unlocked by the wallet but was not used\\n /// according to the protocol rules. That means the wallet signed\\n /// a transaction input pointing to that UTXO and there is a unique\\n /// sighash and signature pair associated with that input. This\\n /// function uses those parameters to create a fraud accusation that\\n /// proves a given transaction input unlocking the given UTXO was\\n /// actually signed by the wallet. This function cannot determine\\n /// whether the transaction was actually broadcast and the input was\\n /// consumed in a fraudulent way so it just opens a challenge period\\n /// during which the wallet can defeat the challenge by submitting\\n /// proof of a transaction that consumes the given input according\\n /// to protocol rules. To prevent spurious allegations, the caller\\n /// must deposit ETH that is returned back upon justified fraud\\n /// challenge or confiscated otherwise\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @param signature Bitcoin signature in the R/S/V format\\n /// @dev Requirements:\\n /// - Wallet behind `walletPublicKey` must be in Live or MovingFunds\\n /// or Closing state\\n /// - The challenger must send appropriate amount of ETH used as\\n /// fraud challenge deposit\\n /// - The signature (represented by r, s and v) must be generated by\\n /// the wallet behind `walletPublicKey` during signing of `sighash`\\n /// - Wallet can be challenged for the given signature only once\\n function submitFraudChallenge(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n bytes32 sighash,\\n BitcoinTx.RSVSignature calldata signature\\n ) external {\\n require(\\n msg.value >= self.fraudChallengeDepositAmount,\\n \\\"The amount of ETH deposited is too low\\\"\\n );\\n\\n require(\\n CheckBitcoinSigs.checkSig(\\n walletPublicKey,\\n sighash,\\n signature.v,\\n signature.r,\\n signature.s\\n ),\\n \\\"Signature verification failure\\\"\\n );\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds ||\\n wallet.state == Wallets.WalletState.Closing,\\n \\\"Wallet must be in Live or MovingFunds or Closing state\\\"\\n );\\n\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n require(challenge.reportedAt == 0, \\\"Fraud challenge already exists\\\");\\n\\n challenge.challenger = msg.sender;\\n challenge.depositAmount = msg.value;\\n /* solhint-disable-next-line not-rely-on-time */\\n challenge.reportedAt = uint32(block.timestamp);\\n challenge.resolved = false;\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeSubmitted(\\n walletPubKeyHash,\\n sighash,\\n signature.v,\\n signature.r,\\n signature.s\\n );\\n }\\n\\n /// @notice Allows to defeat a pending fraud challenge against a wallet if\\n /// the transaction that spends the UTXO follows the protocol rules.\\n /// In order to defeat the challenge the same `walletPublicKey` and\\n /// signature (represented by `r`, `s` and `v`) must be provided as\\n /// were used to calculate the sighash during input signing.\\n /// The fraud challenge defeat attempt will only succeed if the\\n /// inputs in the preimage are considered honestly spent by the\\n /// wallet. Therefore the transaction spending the UTXO must be\\n /// proven in the Bridge before a challenge defeat is called.\\n /// If successfully defeated, the fraud challenge is marked as\\n /// resolved and the amount of ether deposited by the challenger is\\n /// sent to the treasury.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @param witness Flag indicating whether the preimage was produced for a\\n /// witness input. True for witness, false for non-witness input.\\n /// @dev Requirements:\\n /// - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`\\n /// must identify an open fraud challenge\\n /// - the preimage must be a valid preimage of a transaction generated\\n /// according to the protocol rules and already proved in the Bridge\\n /// - before a defeat attempt is made the transaction that spends the\\n /// given UTXO must be proven in the Bridge\\n function defeatFraudChallenge(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n bytes calldata preimage,\\n bool witness\\n ) external {\\n bytes32 sighash = preimage.hash256();\\n\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n\\n require(challenge.reportedAt > 0, \\\"Fraud challenge does not exist\\\");\\n require(\\n !challenge.resolved,\\n \\\"Fraud challenge has already been resolved\\\"\\n );\\n\\n // Ensure SIGHASH_ALL type was used during signing, which is represented\\n // by type value `1`.\\n require(extractSighashType(preimage) == 1, \\\"Wrong sighash type\\\");\\n\\n uint256 utxoKey = witness\\n ? extractUtxoKeyFromWitnessPreimage(preimage)\\n : extractUtxoKeyFromNonWitnessPreimage(preimage);\\n\\n // Check that the UTXO key identifies a correctly spent UTXO.\\n require(\\n self.deposits[utxoKey].sweptAt > 0 || self.spentMainUTXOs[utxoKey],\\n \\\"Spent UTXO not found among correctly spent UTXOs\\\"\\n );\\n\\n // Mark the challenge as resolved as it was successfully defeated\\n challenge.resolved = true;\\n\\n // Send the ether deposited by the challenger to the treasury\\n /* solhint-disable avoid-low-level-calls */\\n // slither-disable-next-line low-level-calls,unchecked-lowlevel,arbitrary-send\\n self.treasury.call{gas: 100000, value: challenge.depositAmount}(\\\"\\\");\\n /* solhint-enable avoid-low-level-calls */\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeDefeated(walletPubKeyHash, sighash);\\n }\\n\\n /// @notice Notifies about defeat timeout for the given fraud challenge.\\n /// Can be called only if there was a fraud challenge identified by\\n /// the provided `walletPublicKey` and `sighash` and it was not\\n /// defeated on time. The amount of time that needs to pass after a\\n /// fraud challenge is reported is indicated by the\\n /// `challengeDefeatTimeout`. After a successful fraud challenge\\n /// defeat timeout notification the fraud challenge is marked as\\n /// resolved, the stake of each operator is slashed, the ether\\n /// deposited is returned to the challenger and the challenger is\\n /// rewarded.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Closing or\\n /// Terminated state\\n /// - The `walletPublicKey` and `sighash` must identify an open fraud\\n /// challenge\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The amount of time indicated by `challengeDefeatTimeout` must pass\\n /// after the challenge was reported\\n function notifyFraudChallengeDefeatTimeout(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n uint32[] calldata walletMembersIDs,\\n bytes32 sighash\\n ) external {\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n\\n require(challenge.reportedAt > 0, \\\"Fraud challenge does not exist\\\");\\n\\n require(\\n !challenge.resolved,\\n \\\"Fraud challenge has already been resolved\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >=\\n challenge.reportedAt + self.fraudChallengeDefeatTimeout,\\n \\\"Fraud challenge defeat period did not time out yet\\\"\\n );\\n\\n challenge.resolved = true;\\n // Return the ether deposited by the challenger\\n /* solhint-disable avoid-low-level-calls */\\n // slither-disable-next-line low-level-calls,unchecked-lowlevel\\n challenge.challenger.call{gas: 100000, value: challenge.depositAmount}(\\n \\\"\\\"\\n );\\n /* solhint-enable avoid-low-level-calls */\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n Wallets.WalletState walletState = wallet.state;\\n\\n if (\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds ||\\n walletState == Wallets.WalletState.Closing\\n ) {\\n self.terminateWallet(walletPubKeyHash);\\n\\n self.ecdsaWalletRegistry.seize(\\n self.fraudSlashingAmount,\\n self.fraudNotifierRewardMultiplier,\\n challenge.challenger,\\n wallet.ecdsaWalletID,\\n walletMembersIDs\\n );\\n } else if (walletState == Wallets.WalletState.Terminated) {\\n // This is a special case when the wallet was already terminated\\n // due to a previous deliberate protocol violation. In that\\n // case, this function should be still callable for other fraud\\n // challenges timeouts in order to let the challenger unlock its\\n // ETH deposit back. However, the wallet termination logic is\\n // not called and the challenger is not rewarded.\\n } else {\\n revert(\\n \\\"Wallet must be in Live or MovingFunds or Closing or Terminated state\\\"\\n );\\n }\\n\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeDefeatTimedOut(walletPubKeyHash, sighash);\\n }\\n\\n /// @notice Extracts the UTXO keys from the given preimage used during\\n /// signing of a witness input.\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @return utxoKey UTXO key that identifies spent input.\\n function extractUtxoKeyFromWitnessPreimage(bytes calldata preimage)\\n internal\\n pure\\n returns (uint256 utxoKey)\\n {\\n // The expected structure of the preimage created during signing of a\\n // witness input:\\n // - transaction version (4 bytes)\\n // - hash of previous outpoints of all inputs (32 bytes)\\n // - hash of sequences of all inputs (32 bytes)\\n // - outpoint (hash + index) of the input being signed (36 bytes)\\n // - the unlocking script of the input (variable length)\\n // - value of the outpoint (8 bytes)\\n // - sequence of the input being signed (4 bytes)\\n // - hash of all outputs (32 bytes)\\n // - transaction locktime (4 bytes)\\n // - sighash type (4 bytes)\\n\\n // See Bitcoin's BIP-143 for reference:\\n // https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki.\\n\\n // The outpoint (hash and index) is located at the constant offset of\\n // 68 (4 + 32 + 32).\\n bytes32 outpointTxHash = preimage.extractInputTxIdLeAt(68);\\n uint32 outpointIndex = BTCUtils.reverseUint32(\\n uint32(preimage.extractTxIndexLeAt(68))\\n );\\n\\n return\\n uint256(keccak256(abi.encodePacked(outpointTxHash, outpointIndex)));\\n }\\n\\n /// @notice Extracts the UTXO key from the given preimage used during\\n /// signing of a non-witness input.\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @return utxoKey UTXO key that identifies spent input.\\n function extractUtxoKeyFromNonWitnessPreimage(bytes calldata preimage)\\n internal\\n pure\\n returns (uint256 utxoKey)\\n {\\n // The expected structure of the preimage created during signing of a\\n // non-witness input:\\n // - transaction version (4 bytes)\\n // - number of inputs written as compactSize uint (1 byte, 3 bytes,\\n // 5 bytes or 9 bytes)\\n // - for each input\\n // - outpoint (hash and index) (36 bytes)\\n // - unlocking script for the input being signed (variable length)\\n // or `00` for all other inputs (1 byte)\\n // - input sequence (4 bytes)\\n // - number of outputs written as compactSize uint (1 byte, 3 bytes,\\n // 5 bytes or 9 bytes)\\n // - outputs (variable length)\\n // - transaction locktime (4 bytes)\\n // - sighash type (4 bytes)\\n\\n // See example for reference:\\n // https://en.bitcoin.it/wiki/OP_CHECKSIG#Code_samples_and_raw_dumps.\\n\\n // The input data begins at the constant offset of 4 (the first 4 bytes\\n // are for the transaction version).\\n (uint256 inputsCompactSizeUintLength, uint256 inputsCount) = preimage\\n .parseVarIntAt(4);\\n\\n // To determine the first input starting index, we must jump 4 bytes\\n // over the transaction version length and the compactSize uint which\\n // prepends the input vector. One byte must be added because\\n // `BtcUtils.parseVarInt` does not include compactSize uint tag in the\\n // returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 inputStartingIndex = 4 + 1 + inputsCompactSizeUintLength;\\n\\n for (uint256 i = 0; i < inputsCount; i++) {\\n uint256 inputLength = preimage.determineInputLengthAt(\\n inputStartingIndex\\n );\\n\\n (, uint256 scriptSigLength) = preimage.extractScriptSigLenAt(\\n inputStartingIndex\\n );\\n\\n if (scriptSigLength > 0) {\\n // The input this preimage was generated for was found.\\n // All the other inputs in the preimage are marked with a null\\n // scriptSig (\\\"00\\\") which has length of 1.\\n bytes32 outpointTxHash = preimage.extractInputTxIdLeAt(\\n inputStartingIndex\\n );\\n uint32 outpointIndex = BTCUtils.reverseUint32(\\n uint32(preimage.extractTxIndexLeAt(inputStartingIndex))\\n );\\n\\n utxoKey = uint256(\\n keccak256(abi.encodePacked(outpointTxHash, outpointIndex))\\n );\\n\\n break;\\n }\\n\\n inputStartingIndex += inputLength;\\n }\\n\\n return utxoKey;\\n }\\n\\n /// @notice Extracts the sighash type from the given preimage.\\n /// @param preimage Serialized subset of the transaction. See BIP-143 for\\n /// reference\\n /// @dev Sighash type is stored as the last 4 bytes in the preimage (little\\n /// endian).\\n /// @return sighashType Sighash type as a 32-bit integer.\\n function extractSighashType(bytes calldata preimage)\\n internal\\n pure\\n returns (uint32 sighashType)\\n {\\n bytes4 sighashTypeBytes = preimage.slice4(preimage.length - 4);\\n uint32 sighashTypeLE = uint32(sighashTypeBytes);\\n return sighashTypeLE.reverseUint32();\\n }\\n}\\n\",\"keccak256\":\"0x504096d40d27aaf2ae81df9310f606db3b0892d648684400a3d47a22b961a1ea\",\"license\":\"MIT\"},\"contracts/bridge/IRelay.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\n/// @title Interface for the Bitcoin relay\\n/// @notice Contains only the methods needed by tBTC v2. The Bitcoin relay\\n/// provides the difficulty of the previous and current epoch. One\\n/// difficulty epoch spans 2016 blocks.\\ninterface IRelay {\\n /// @notice Returns the difficulty of the current epoch.\\n function getCurrentEpochDifficulty() external view returns (uint256);\\n\\n /// @notice Returns the difficulty of the previous epoch.\\n function getPrevEpochDifficulty() external view returns (uint256);\\n}\\n\",\"keccak256\":\"0xc8d3f66aacc2e9f645397e0114f9671099acade21ef5805ae1de297773c9c81a\",\"license\":\"MIT\"},\"contracts/bridge/MovingFunds.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Moving Bridge wallet funds\\n/// @notice The library handles the logic for moving Bitcoin between Bridge\\n/// wallets.\\n/// @dev A wallet that failed a heartbeat, did not process requested redemption\\n/// on time, or qualifies to be closed, begins the procedure of moving\\n/// funds to other wallets in the Bridge. The wallet needs to commit to\\n/// which other Live wallets it is moving the funds to and then, provide an\\n/// SPV proof of moving funds to the previously committed wallets.\\nlibrary MovingFunds {\\n using BridgeState for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n event MovingFundsCommitmentSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes20[] targetWallets,\\n address submitter\\n );\\n\\n event MovingFundsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 movingFundsTxHash\\n );\\n\\n event MovingFundsTimedOut(bytes20 walletPubKeyHash);\\n\\n event MovingFundsBelowDustReported(bytes20 walletPubKeyHash);\\n\\n /// @notice Submits the moving funds target wallets commitment.\\n /// Once all requirements are met, that function registers the\\n /// target wallets commitment and opens the way for moving funds\\n /// proof submission.\\n /// @param walletPubKeyHash 20-byte public key hash of the source wallet\\n /// @param walletMainUtxo Data of the source wallet's main UTXO, as\\n /// currently known on the Ethereum chain\\n /// @param walletMembersIDs Identifiers of the source wallet signing group\\n /// members\\n /// @param walletMemberIndex Position of the caller in the source wallet\\n /// signing group members list\\n /// @param targetWallets List of 20-byte public key hashes of the target\\n /// wallets that the source wallet commits to move the funds to\\n /// @dev Requirements:\\n /// - The source wallet must be in the MovingFunds state\\n /// - The source wallet must not have pending redemption requests\\n /// - The source wallet must not have submitted its commitment already\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given source wallet in the ECDSA registry. Those IDs are\\n /// not directly stored in the contract for gas efficiency purposes\\n /// but they can be read from appropriate `DkgResultSubmitted`\\n /// and `DkgResultApproved` events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n /// - The caller must be the member of the source wallet signing group\\n /// at the position indicated by `walletMemberIndex` parameter\\n /// - The `walletMainUtxo` components must point to the recent main\\n /// UTXO of the source wallet, as currently known on the Ethereum\\n /// chain.\\n /// - Source wallet BTC balance must be greater than zero\\n /// - At least one Live wallet must exist in the system\\n /// - Submitted target wallets count must match the expected count\\n /// `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`\\n /// where `N > 0`\\n /// - Each target wallet must be not equal to the source wallet\\n /// - Each target wallet must follow the expected order i.e. all\\n /// target wallets 20-byte public key hashes represented as numbers\\n /// must form a strictly increasing sequence without duplicates.\\n /// - Each target wallet must be in Live state\\n function submitMovingFundsCommitment(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo,\\n uint32[] calldata walletMembersIDs,\\n uint256 walletMemberIndex,\\n bytes20[] calldata targetWallets\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"Source wallet must be in MovingFunds state\\\"\\n );\\n\\n require(\\n wallet.pendingRedemptionsValue == 0,\\n \\\"Source wallet must handle all pending redemptions first\\\"\\n );\\n\\n require(\\n wallet.movingFundsTargetWalletsCommitmentHash == bytes32(0),\\n \\\"Target wallets commitment already submitted\\\"\\n );\\n\\n require(\\n self.ecdsaWalletRegistry.isWalletMember(\\n wallet.ecdsaWalletID,\\n walletMembersIDs,\\n msg.sender,\\n walletMemberIndex\\n ),\\n \\\"Caller is not a member of the source wallet\\\"\\n );\\n\\n uint64 walletBtcBalance = self.getWalletBtcBalance(\\n walletPubKeyHash,\\n walletMainUtxo\\n );\\n\\n require(walletBtcBalance > 0, \\\"Wallet BTC balance is zero\\\");\\n\\n uint256 expectedTargetWalletsCount = Math.min(\\n self.liveWalletsCount,\\n Math.ceilDiv(walletBtcBalance, self.walletMaxBtcTransfer)\\n );\\n\\n // This requirement fails only when `liveWalletsCount` is zero. In\\n // that case, the system cannot accept the commitment and must provide\\n // new wallets first.\\n //\\n // TODO: Expose separate function to reset the moving funds timeout\\n // if no Live wallets exist in the system.\\n require(expectedTargetWalletsCount > 0, \\\"No target wallets available\\\");\\n\\n require(\\n targetWallets.length == expectedTargetWalletsCount,\\n \\\"Submitted target wallets count is other than expected\\\"\\n );\\n\\n uint160 lastProcessedTargetWallet = 0;\\n\\n for (uint256 i = 0; i < targetWallets.length; i++) {\\n bytes20 targetWallet = targetWallets[i];\\n\\n require(\\n targetWallet != walletPubKeyHash,\\n \\\"Submitted target wallet cannot be equal to the source wallet\\\"\\n );\\n\\n require(\\n uint160(targetWallet) > lastProcessedTargetWallet,\\n \\\"Submitted target wallet breaks the expected order\\\"\\n );\\n\\n require(\\n self.registeredWallets[targetWallet].state ==\\n Wallets.WalletState.Live,\\n \\\"Submitted target wallet must be in Live state\\\"\\n );\\n\\n lastProcessedTargetWallet = uint160(targetWallet);\\n }\\n\\n wallet.movingFundsTargetWalletsCommitmentHash = keccak256(\\n abi.encodePacked(targetWallets)\\n );\\n\\n emit MovingFundsCommitmentSubmitted(\\n walletPubKeyHash,\\n targetWallets,\\n msg.sender\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC moving funds transaction\\n /// and to make the necessary state changes. Moving funds is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function validates the moving funds transaction structure\\n /// by checking if it actually spends the main UTXO of the declared\\n /// wallet and locks the value on the pre-committed target wallets\\n /// using a reasonable transaction fee. If all preconditions are\\n /// met, this functions closes the source wallet.\\n ///\\n /// It is possible to prove the given moving funds transaction only\\n /// one time.\\n /// @param movingFundsTx Bitcoin moving funds transaction data\\n /// @param movingFundsProof Bitcoin moving funds proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet\\n /// which performed the moving funds transaction\\n /// @dev Requirements:\\n /// - `movingFundsTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `movingFundsTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs corresponding to the\\n /// pre-committed target wallets. Outputs must be ordered in the\\n /// same way as their corresponding target wallets are ordered\\n /// within the target wallets commitment.\\n /// - `movingFundsProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// - The wallet that `walletPubKeyHash` points to must be in the\\n /// MovingFunds state.\\n /// - The target wallets commitment must be submitted by the wallet\\n /// that `walletPubKeyHash` points to.\\n /// - The total Bitcoin transaction fee must be lesser or equal\\n /// to `movingFundsTxMaxTotalFee` governable parameter.\\n function submitMovingFundsProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata movingFundsTx,\\n BitcoinTx.Proof calldata movingFundsProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 movingFundsTxHash = self.validateProof(\\n movingFundsTx,\\n movingFundsProof\\n );\\n\\n // Process the moving funds transaction input. Specifically, check if\\n // it refers to the expected wallet's main UTXO.\\n OutboundTx.processWalletOutboundTxInput(\\n self,\\n movingFundsTx.inputVector,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n\\n (\\n bytes32 targetWalletsHash,\\n uint256 outputsTotalValue\\n ) = processMovingFundsTxOutputs(movingFundsTx.outputVector);\\n\\n require(\\n mainUtxo.txOutputValue - outputsTotalValue <=\\n self.movingFundsTxMaxTotalFee,\\n \\\"Transaction fee is too high\\\"\\n );\\n\\n self.notifyWalletFundsMoved(walletPubKeyHash, targetWalletsHash);\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsCompleted(walletPubKeyHash, movingFundsTxHash);\\n }\\n\\n /// @notice Processes the moving funds Bitcoin transaction output vector\\n /// and extracts information required for further processing.\\n /// @param movingFundsTxOutputVector Bitcoin moving funds transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @return targetWalletsHash keccak256 hash over the list of actual\\n /// target wallets used in the transaction.\\n /// @return outputsTotalValue Sum of all outputs values.\\n /// @dev Requirements:\\n /// - The `movingFundsTxOutputVector` must be parseable, i.e. must\\n /// be validated by the caller as stated in their parameter doc.\\n /// - Each output must refer to a 20-byte public key hash.\\n /// - The total outputs value must be evenly divided over all outputs.\\n function processMovingFundsTxOutputs(bytes memory movingFundsTxOutputVector)\\n internal\\n pure\\n returns (bytes32 targetWalletsHash, uint256 outputsTotalValue)\\n {\\n // Determining the total number of Bitcoin transaction outputs in\\n // the same way as for number of inputs. See `BitcoinTx.outputVector`\\n // docs for more details.\\n (\\n uint256 outputsCompactSizeUintLength,\\n uint256 outputsCount\\n ) = movingFundsTxOutputVector.parseVarInt();\\n\\n // To determine the first output starting index, we must jump over\\n // the compactSize uint which prepends the output vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 outputStartingIndex = 1 + outputsCompactSizeUintLength;\\n\\n bytes20[] memory targetWallets = new bytes20[](outputsCount);\\n uint64[] memory outputsValues = new uint64[](outputsCount);\\n\\n // Outputs processing loop.\\n for (uint256 i = 0; i < outputsCount; i++) {\\n uint256 outputLength = movingFundsTxOutputVector\\n .determineOutputLengthAt(outputStartingIndex);\\n\\n bytes memory output = movingFundsTxOutputVector.slice(\\n outputStartingIndex,\\n outputLength\\n );\\n\\n // Extract the output script payload.\\n bytes memory targetWalletPubKeyHashBytes = output.extractHash();\\n // Output script payload must refer to a known wallet public key\\n // hash which is always 20-byte.\\n require(\\n targetWalletPubKeyHashBytes.length == 20,\\n \\\"Target wallet public key hash must have 20 bytes\\\"\\n );\\n\\n bytes20 targetWalletPubKeyHash = targetWalletPubKeyHashBytes\\n .slice20(0);\\n\\n // The next step is making sure that the 20-byte public key hash\\n // is actually used in the right context of a P2PKH or P2WPKH\\n // output. To do so, we must extract the full script from the output\\n // and compare with the expected P2PKH and P2WPKH scripts\\n // referring to that 20-byte public key hash. The output consists\\n // of an 8-byte value and a variable length script. To extract the\\n // script we slice the output starting from 9th byte until the end.\\n bytes32 outputScriptKeccak = keccak256(\\n output.slice(8, output.length - 8)\\n );\\n // Build the expected P2PKH script which has the following byte\\n // format: <0x1976a914> <20-byte PKH> <0x88ac>. According to\\n // https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x19: Byte length of the entire script\\n // - 0x76: OP_DUP\\n // - 0xa9: OP_HASH160\\n // - 0x14: Byte length of the public key hash\\n // - 0x88: OP_EQUALVERIFY\\n // - 0xac: OP_CHECKSIG\\n // which matches the P2PKH structure as per:\\n // https://en.bitcoin.it/wiki/Transaction#Pay-to-PubkeyHash\\n bytes32 targetWalletP2PKHScriptKeccak = keccak256(\\n abi.encodePacked(\\n hex\\\"1976a914\\\",\\n targetWalletPubKeyHash,\\n hex\\\"88ac\\\"\\n )\\n );\\n // Build the expected P2WPKH script which has the following format:\\n // <0x160014> <20-byte PKH>. According to\\n // https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x16: Byte length of the entire script\\n // - 0x00: OP_0\\n // - 0x14: Byte length of the public key hash\\n // which matches the P2WPKH structure as per:\\n // https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#P2WPKH\\n bytes32 targetWalletP2WPKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"160014\\\", targetWalletPubKeyHash)\\n );\\n // Make sure the actual output script matches either the P2PKH\\n // or P2WPKH format.\\n require(\\n outputScriptKeccak == targetWalletP2PKHScriptKeccak ||\\n outputScriptKeccak == targetWalletP2WPKHScriptKeccak,\\n \\\"Output must be P2PKH or P2WPKH\\\"\\n );\\n\\n // Add the wallet public key hash to the list that will be used\\n // to build the result list hash. There is no need to check if\\n // given output is a change here because the actual target wallet\\n // list must be exactly the same as the pre-committed target wallet\\n // list which is guaranteed to be valid.\\n targetWallets[i] = targetWalletPubKeyHash;\\n\\n // Extract the value from given output.\\n outputsValues[i] = output.extractValue();\\n outputsTotalValue += outputsValues[i];\\n\\n // Make the `outputStartingIndex` pointing to the next output by\\n // increasing it by current output's length.\\n outputStartingIndex += outputLength;\\n }\\n\\n // Compute the indivisible remainder that remains after dividing the\\n // outputs total value over all outputs evenly.\\n uint256 outputsTotalValueRemainder = outputsTotalValue % outputsCount;\\n // Compute the minimum allowed output value by dividing the outputs\\n // total value (reduced by the remainder) by the number of outputs.\\n uint256 minOutputValue = (outputsTotalValue -\\n outputsTotalValueRemainder) / outputsCount;\\n // Maximum possible value is the minimum value with the remainder included.\\n uint256 maxOutputValue = minOutputValue + outputsTotalValueRemainder;\\n\\n for (uint256 i = 0; i < outputsCount; i++) {\\n require(\\n minOutputValue <= outputsValues[i] &&\\n outputsValues[i] <= maxOutputValue,\\n \\\"Transaction amount is not distributed evenly\\\"\\n );\\n }\\n\\n targetWalletsHash = keccak256(abi.encodePacked(targetWallets));\\n\\n return (targetWalletsHash, outputsTotalValue);\\n }\\n\\n /// @notice Notifies about a timed out moving funds process. Terminates\\n /// the wallet and slashes signing group members as a result.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The moving funds timeout must be actually exceeded\\n function notifyMovingFundsTimeout(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >\\n wallet.movingFundsRequestedAt + self.movingFundsTimeout,\\n \\\"Moving funds has not timed out yet\\\"\\n );\\n\\n self.terminateWallet(walletPubKeyHash);\\n\\n // TODO: Perform slashing of wallet operators, reward the notifier\\n // using seized amount, and add unit tests for that.\\n\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsTimedOut(walletPubKeyHash);\\n }\\n\\n /// @notice Notifies about a moving funds wallet whose BTC balance is\\n /// below the moving funds dust threshold. Ends the moving funds\\n /// process and begins wallet closing immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known\\n /// on the Ethereum chain.\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n /// - The wallet BTC balance must be below the moving funds threshold\\n function notifyMovingFundsBelowDust(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n uint64 walletBtcBalance = self.getWalletBtcBalance(\\n walletPubKeyHash,\\n mainUtxo\\n );\\n\\n require(\\n walletBtcBalance < self.movingFundsDustThreshold,\\n \\\"Wallet BTC balance must be below the moving funds dust threshold\\\"\\n );\\n\\n self.beginWalletClosing(walletPubKeyHash);\\n\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsBelowDustReported(walletPubKeyHash);\\n }\\n}\\n\",\"keccak256\":\"0x6b7037f931e25dc776f6d6c23b51ce636a77ff1d73ff01c65cbfceaca8ce76ce\",\"license\":\"MIT\"},\"contracts/bridge/Redemption.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @notice Aggregates functions common to the redemption transaction proof\\n/// validation and to the moving funds transaction proof validation.\\nlibrary OutboundTx {\\n using BTCUtils for bytes;\\n\\n /// @notice Checks whether an outbound Bitcoin transaction performed from\\n /// the given wallet has an input vector that contains a single\\n /// input referring to the wallet's main UTXO. Marks that main UTXO\\n /// as correctly spent if the validation succeeds. Reverts otherwise.\\n /// There are two outbound transactions from a wallet possible: a\\n /// redemption transaction or a moving funds to another wallet\\n /// transaction.\\n /// @param walletOutboundTxInputVector Bitcoin outbound transaction's input\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVin` function\\n /// before it is passed here\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain.\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the outbound transaction.\\n function processWalletOutboundTxInput(\\n BridgeState.Storage storage self,\\n bytes memory walletOutboundTxInputVector,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) internal {\\n // Assert that main UTXO for passed wallet exists in storage.\\n bytes32 mainUtxoHash = self\\n .registeredWallets[walletPubKeyHash]\\n .mainUtxoHash;\\n require(mainUtxoHash != bytes32(0), \\\"No main UTXO for given wallet\\\");\\n\\n // Assert that passed main UTXO parameter is the same as in storage and\\n // can be used for further processing.\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n\\n // Assert that the single outbound transaction input actually\\n // refers to the wallet's main UTXO.\\n (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex\\n ) = parseWalletOutboundTxInput(walletOutboundTxInputVector);\\n require(\\n mainUtxo.txHash == outpointTxHash &&\\n mainUtxo.txOutputIndex == outpointIndex,\\n \\\"Outbound transaction input must point to the wallet's main UTXO\\\"\\n );\\n\\n // Main UTXO used as an input, mark it as spent.\\n self.spentMainUTXOs[\\n uint256(\\n keccak256(\\n abi.encodePacked(mainUtxo.txHash, mainUtxo.txOutputIndex)\\n )\\n )\\n ] = true;\\n }\\n\\n /// @notice Parses the input vector of an outbound Bitcoin transaction\\n /// performed from the given wallet. It extracts the single input\\n /// then the transaction hash and output index from its outpoint.\\n /// There are two outbound transactions from a wallet possible: a\\n /// redemption transaction or a moving funds to another wallet\\n /// transaction.\\n /// @param walletOutboundTxInputVector Bitcoin outbound transaction input\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVin` function\\n /// before it is passed here\\n /// @return outpointTxHash 32-byte hash of the Bitcoin transaction which is\\n /// pointed in the input's outpoint.\\n /// @return outpointIndex 4-byte index of the Bitcoin transaction output\\n /// which is pointed in the input's outpoint.\\n function parseWalletOutboundTxInput(\\n bytes memory walletOutboundTxInputVector\\n ) internal pure returns (bytes32 outpointTxHash, uint32 outpointIndex) {\\n // To determine the total number of Bitcoin transaction inputs,\\n // we need to parse the compactSize uint (VarInt) the input vector is\\n // prepended by. That compactSize uint encodes the number of vector\\n // elements using the format presented in:\\n // https://developer.bitcoin.org/reference/transactions.html#compactsize-unsigned-integers\\n // We don't need asserting the compactSize uint is parseable since it\\n // was already checked during `validateVin` validation.\\n // See `BitcoinTx.inputVector` docs for more details.\\n (, uint256 inputsCount) = walletOutboundTxInputVector.parseVarInt();\\n require(\\n inputsCount == 1,\\n \\\"Outbound transaction must have a single input\\\"\\n );\\n\\n bytes memory input = walletOutboundTxInputVector.extractInputAtIndex(0);\\n\\n outpointTxHash = input.extractInputTxIdLE();\\n\\n outpointIndex = BTCUtils.reverseUint32(\\n uint32(input.extractTxIndexLE())\\n );\\n\\n // There is only one input in the transaction. Input has an outpoint\\n // field that is a reference to the transaction being spent (see\\n // `BitcoinTx` docs). The outpoint contains the hash of the transaction\\n // to spend (`outpointTxHash`) and the index of the specific output\\n // from that transaction (`outpointIndex`).\\n return (outpointTxHash, outpointIndex);\\n }\\n}\\n\\n/// @title Bridge redemption\\n/// @notice The library handles the logic for redeeming Bitcoin balances from\\n/// the Bridge.\\n/// @dev To initiate a redemption, a user with a Bank balance supplies\\n/// a Bitcoin address. Then, the system calculates the redemption fee, and\\n/// releases balance to the provided Bitcoin address. Just like in case of\\n/// sweeps of revealed deposits, redemption requests are processed in\\n/// batches and require SPV proof to be submitted to the Bridge.\\nlibrary Redemption {\\n using BridgeState for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n /// @notice Represents a redemption request.\\n struct RedemptionRequest {\\n // ETH address of the redeemer who created the request.\\n address redeemer;\\n // Requested TBTC amount in satoshi.\\n uint64 requestedAmount;\\n // Treasury TBTC fee in satoshi at the moment of request creation.\\n uint64 treasuryFee;\\n // Transaction maximum BTC fee in satoshi at the moment of request\\n // creation.\\n uint64 txMaxFee;\\n // UNIX timestamp the request was created at.\\n uint32 requestedAt;\\n }\\n\\n /// @notice Represents an outcome of the redemption Bitcoin transaction\\n /// outputs processing.\\n struct RedemptionTxOutputsInfo {\\n // Total TBTC value in satoshi that should be burned by the Bridge.\\n // It includes the total amount of all BTC redeemed in the transaction\\n // and the fee paid to BTC miners for the redemption transaction.\\n uint64 totalBurnableValue;\\n // Total TBTC value in satoshi that should be transferred to\\n // the treasury. It is a sum of all treasury fees paid by all\\n // redeemers included in the redemption transaction.\\n uint64 totalTreasuryFee;\\n // Index of the change output. The change output becomes\\n // the new main wallet's UTXO.\\n uint32 changeIndex;\\n // Value in satoshi of the change output.\\n uint64 changeValue;\\n }\\n\\n /// @notice Represents temporary information needed during the processing of\\n /// the redemption Bitcoin transaction outputs. This structure is an\\n /// internal one and should not be exported outside of the redemption\\n /// transaction processing code.\\n /// @dev Allows to mitigate \\\"stack too deep\\\" errors on EVM.\\n struct RedemptionTxOutputsProcessingInfo {\\n // The first output starting index in the transaction.\\n uint256 outputStartingIndex;\\n // The number of outputs in the transaction.\\n uint256 outputsCount;\\n // P2PKH script for the wallet. Needed to determine the change output.\\n bytes32 walletP2PKHScriptKeccak;\\n // P2WPKH script for the wallet. Needed to determine the change output.\\n bytes32 walletP2WPKHScriptKeccak;\\n }\\n\\n event RedemptionRequested(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript,\\n address redeemer,\\n uint64 requestedAmount,\\n uint64 treasuryFee,\\n uint64 txMaxFee\\n );\\n\\n event RedemptionsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 redemptionTxHash\\n );\\n\\n event RedemptionTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript\\n );\\n\\n /// @notice Requests redemption of the given amount from the specified\\n /// wallet to the redeemer Bitcoin output script.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC\\n /// @param amount Requested amount in satoshi. This is also the TBTC amount\\n /// that is taken from redeemer's balance in the Bank upon request.\\n /// Once the request is handled, the actual amount of BTC locked\\n /// on the redeemer output script will be always lower than this value\\n /// since the treasury and Bitcoin transaction fees must be incurred.\\n /// The minimal amount satisfying the request can be computed as:\\n /// `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.\\n /// Fees values are taken at the moment of request creation.\\n /// @dev Requirements:\\n /// - Wallet behind `walletPubKeyHash` must be live\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// - `redeemerOutputScript` must be a proper Bitcoin script\\n /// - `redeemerOutputScript` cannot have wallet PKH as payload\\n /// - `amount` must be above or equal the `redemptionDustThreshold`\\n /// - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be\\n /// used for only one pending request at the same time\\n /// - Wallet must have enough Bitcoin balance to proceed the request\\n /// - Redeemer must make an allowance in the Bank that the Bridge\\n /// contract can spend the given `amount`.\\n function requestRedemption(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes calldata redeemerOutputScript,\\n uint64 amount\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.Live,\\n \\\"Wallet must be in Live state\\\"\\n );\\n\\n bytes32 mainUtxoHash = wallet.mainUtxoHash;\\n require(\\n mainUtxoHash != bytes32(0),\\n \\\"No main UTXO for the given wallet\\\"\\n );\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n\\n // TODO: Confirm if `walletPubKeyHash` should be validated by checking\\n // if it is the oldest one who can handle the request. This will\\n // be suggested by the dApp but may not be respected by users who\\n // interact directly with the contract. Do we need to enforce it\\n // here? One option is not to enforce it, to save on gas, but if\\n // we see this rule is not respected, upgrade Bridge contract to\\n // require it.\\n\\n // Validate if redeemer output script is a correct standard type\\n // (P2PKH, P2WPKH, P2SH or P2WSH). This is done by building a stub\\n // output with 0 as value and using `BTCUtils.extractHash` on it. Such\\n // a function extracts the payload properly only from standard outputs\\n // so if it succeeds, we have a guarantee the redeemer output script\\n // is proper. Worth to note `extractHash` ignores the value at all\\n // so this is why we can use 0 safely. This way of validation is the\\n // same as in tBTC v1.\\n bytes memory redeemerOutputScriptPayload = abi\\n .encodePacked(bytes8(0), redeemerOutputScript)\\n .extractHash();\\n require(\\n redeemerOutputScriptPayload.length > 0,\\n \\\"Redeemer output script must be a standard type\\\"\\n );\\n // Check if the redeemer output script payload does not point to the\\n // wallet public key hash.\\n require(\\n keccak256(abi.encodePacked(walletPubKeyHash)) !=\\n keccak256(redeemerOutputScriptPayload),\\n \\\"Redeemer output script must not point to the wallet PKH\\\"\\n );\\n\\n require(\\n amount >= self.redemptionDustThreshold,\\n \\\"Redemption amount too small\\\"\\n );\\n\\n // The redemption key is built on top of the wallet public key hash\\n // and redeemer output script pair. That means there can be only one\\n // request asking for redemption from the given wallet to the given\\n // BTC script at the same time.\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, redeemerOutputScript))\\n );\\n\\n // Check if given redemption key is not used by a pending redemption.\\n // There is no need to check for existence in `timedOutRedemptions`\\n // since the wallet's state is changed to other than Live after\\n // first time out is reported so making new requests is not possible.\\n // slither-disable-next-line incorrect-equality\\n require(\\n self.pendingRedemptions[redemptionKey].requestedAt == 0,\\n \\\"There is a pending redemption request from this wallet to the same address\\\"\\n );\\n\\n // No need to check whether `amount - treasuryFee - txMaxFee > 0`\\n // since the `redemptionDustThreshold` should force that condition\\n // to be always true.\\n uint64 treasuryFee = self.redemptionTreasuryFeeDivisor > 0\\n ? amount / self.redemptionTreasuryFeeDivisor\\n : 0;\\n uint64 txMaxFee = self.redemptionTxMaxFee;\\n\\n // The main wallet UTXO's value doesn't include all pending redemptions.\\n // To determine if the requested redemption can be performed by the\\n // wallet we need to subtract the total value of all pending redemptions\\n // from that wallet's main UTXO value. Given that the treasury fee is\\n // not redeemed from the wallet, we are subtracting it.\\n wallet.pendingRedemptionsValue += amount - treasuryFee;\\n require(\\n mainUtxo.txOutputValue >= wallet.pendingRedemptionsValue,\\n \\\"Insufficient wallet funds\\\"\\n );\\n\\n self.pendingRedemptions[redemptionKey] = RedemptionRequest(\\n msg.sender,\\n amount,\\n treasuryFee,\\n txMaxFee,\\n /* solhint-disable-next-line not-rely-on-time */\\n uint32(block.timestamp)\\n );\\n\\n emit RedemptionRequested(\\n walletPubKeyHash,\\n redeemerOutputScript,\\n msg.sender,\\n amount,\\n treasuryFee,\\n txMaxFee\\n );\\n\\n self.bank.transferBalanceFrom(msg.sender, address(this), amount);\\n }\\n\\n /// @notice Used by the wallet to prove the BTC redemption transaction\\n /// and to make the necessary bookkeeping. Redemption is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by burning\\n /// the total redeemed Bitcoin amount from Bridge balance and\\n /// transferring the treasury fee sum to the treasury address.\\n ///\\n /// It is possible to prove the given redemption only one time.\\n /// @param redemptionTx Bitcoin redemption transaction data\\n /// @param redemptionProof Bitcoin redemption proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction\\n /// @dev Requirements:\\n /// - `redemptionTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `redemptionTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs handling existing pending\\n /// redemption requests or pointing to reported timed out requests.\\n /// There can be also 1 optional output representing the\\n /// change and pointing back to the 20-byte wallet public key hash.\\n /// The change should be always present if the redeemed value sum\\n /// is lower than the total wallet's BTC balance.\\n /// - `redemptionProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// Other remarks:\\n /// - Putting the change output as the first transaction output can\\n /// save some gas because the output processing loop begins each\\n /// iteration by checking whether the given output is the change\\n /// thus uses some gas for making the comparison. Once the change\\n /// is identified, that check is omitted in further iterations.\\n function submitRedemptionProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata redemptionTx,\\n BitcoinTx.Proof calldata redemptionProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 redemptionTxHash = self.validateProof(\\n redemptionTx,\\n redemptionProof\\n );\\n\\n // Process the redemption transaction input. Specifically, check if it\\n // refers to the expected wallet's main UTXO.\\n OutboundTx.processWalletOutboundTxInput(\\n self,\\n redemptionTx.inputVector,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n Wallets.WalletState walletState = wallet.state;\\n require(\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds,\\n \\\"Wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n // Process redemption transaction outputs to extract some info required\\n // for further processing.\\n RedemptionTxOutputsInfo memory outputsInfo = processRedemptionTxOutputs(\\n self,\\n redemptionTx.outputVector,\\n walletPubKeyHash\\n );\\n\\n if (outputsInfo.changeValue > 0) {\\n // If the change value is grater than zero, it means the change\\n // output exists and can be used as new wallet's main UTXO.\\n wallet.mainUtxoHash = keccak256(\\n abi.encodePacked(\\n redemptionTxHash,\\n outputsInfo.changeIndex,\\n outputsInfo.changeValue\\n )\\n );\\n } else {\\n // If the change value is zero, it means the change output doesn't\\n // exists and no funds left on the wallet. Delete the main UTXO\\n // for that wallet to represent that state in a proper way.\\n delete wallet.mainUtxoHash;\\n }\\n\\n wallet.pendingRedemptionsValue -= outputsInfo.totalBurnableValue;\\n\\n emit RedemptionsCompleted(walletPubKeyHash, redemptionTxHash);\\n\\n self.bank.decreaseBalance(outputsInfo.totalBurnableValue);\\n self.bank.transferBalance(self.treasury, outputsInfo.totalTreasuryFee);\\n }\\n\\n /// @notice Processes the Bitcoin redemption transaction output vector.\\n /// It extracts each output and tries to identify it as a pending\\n /// redemption request, reported timed out request, or change.\\n /// Reverts if one of the outputs cannot be recognized properly.\\n /// This function also marks each request as processed by removing\\n /// them from `pendingRedemptions` mapping.\\n /// @param redemptionTxOutputVector Bitcoin redemption transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @return info Outcomes of the processing.\\n function processRedemptionTxOutputs(\\n BridgeState.Storage storage self,\\n bytes memory redemptionTxOutputVector,\\n bytes20 walletPubKeyHash\\n ) internal returns (RedemptionTxOutputsInfo memory info) {\\n // Determining the total number of redemption transaction outputs in\\n // the same way as for number of inputs. See `BitcoinTx.outputVector`\\n // docs for more details.\\n (\\n uint256 outputsCompactSizeUintLength,\\n uint256 outputsCount\\n ) = redemptionTxOutputVector.parseVarInt();\\n\\n // To determine the first output starting index, we must jump over\\n // the compactSize uint which prepends the output vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 outputStartingIndex = 1 + outputsCompactSizeUintLength;\\n\\n // Calculate the keccak256 for two possible wallet's P2PKH or P2WPKH\\n // scripts that can be used to lock the change. This is done upfront to\\n // save on gas. Both scripts have a strict format defined by Bitcoin.\\n //\\n // The P2PKH script has the byte format: <0x1976a914> <20-byte PKH> <0x88ac>.\\n // According to https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x19: Byte length of the entire script\\n // - 0x76: OP_DUP\\n // - 0xa9: OP_HASH160\\n // - 0x14: Byte length of the public key hash\\n // - 0x88: OP_EQUALVERIFY\\n // - 0xac: OP_CHECKSIG\\n // which matches the P2PKH structure as per:\\n // https://en.bitcoin.it/wiki/Transaction#Pay-to-PubkeyHash\\n bytes32 walletP2PKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"1976a914\\\", walletPubKeyHash, hex\\\"88ac\\\")\\n );\\n // The P2WPKH script has the byte format: <0x160014> <20-byte PKH>.\\n // According to https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x16: Byte length of the entire script\\n // - 0x00: OP_0\\n // - 0x14: Byte length of the public key hash\\n // which matches the P2WPKH structure as per:\\n // https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#P2WPKH\\n bytes32 walletP2WPKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"160014\\\", walletPubKeyHash)\\n );\\n\\n return\\n processRedemptionTxOutputs(\\n self,\\n redemptionTxOutputVector,\\n walletPubKeyHash,\\n RedemptionTxOutputsProcessingInfo(\\n outputStartingIndex,\\n outputsCount,\\n walletP2PKHScriptKeccak,\\n walletP2WPKHScriptKeccak\\n )\\n );\\n }\\n\\n /// @notice Processes all outputs from the redemption transaction. Tries to\\n /// identify output as a change output, pending redemption request\\n // or reported redemption. Reverts if one of the outputs cannot be\\n /// recognized properly. Marks each request as processed by removing\\n /// them from `pendingRedemptions` mapping.\\n /// @param redemptionTxOutputVector Bitcoin redemption transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @param processInfo RedemptionTxOutputsProcessingInfo identifying output\\n /// starting index, the number of outputs and possible wallet change\\n /// P2PKH and P2WPKH scripts.\\n function processRedemptionTxOutputs(\\n BridgeState.Storage storage self,\\n bytes memory redemptionTxOutputVector,\\n bytes20 walletPubKeyHash,\\n RedemptionTxOutputsProcessingInfo memory processInfo\\n ) internal returns (RedemptionTxOutputsInfo memory resultInfo) {\\n // Helper flag indicating whether there was at least one redemption\\n // output present (redemption must be either pending or reported as\\n // timed out).\\n bool redemptionPresent = false;\\n\\n // Outputs processing loop.\\n for (uint256 i = 0; i < processInfo.outputsCount; i++) {\\n // TODO: Check if we can optimize gas costs by adding\\n // `extractValueAt` and `extractHashAt` in `bitcoin-spv-sol`\\n // in order to avoid allocating bytes in memory.\\n uint256 outputLength = redemptionTxOutputVector\\n .determineOutputLengthAt(processInfo.outputStartingIndex);\\n bytes memory output = redemptionTxOutputVector.slice(\\n processInfo.outputStartingIndex,\\n outputLength\\n );\\n\\n // Extract the value from given output.\\n uint64 outputValue = output.extractValue();\\n // The output consists of an 8-byte value and a variable length\\n // script. To extract that script we slice the output starting from\\n // 9th byte until the end.\\n bytes memory outputScript = output.slice(8, output.length - 8);\\n\\n if (\\n resultInfo.changeValue == 0 &&\\n (keccak256(outputScript) ==\\n processInfo.walletP2PKHScriptKeccak ||\\n keccak256(outputScript) ==\\n processInfo.walletP2WPKHScriptKeccak) &&\\n outputValue > 0\\n ) {\\n // If we entered here, that means the change output with a\\n // proper non-zero value was found.\\n resultInfo.changeIndex = uint32(i);\\n resultInfo.changeValue = outputValue;\\n } else {\\n // If we entered here, that the means the given output is\\n // supposed to represent a redemption.\\n (\\n uint64 burnableValue,\\n uint64 treasuryFee\\n ) = processNonChangeRedemptionTxOutput(\\n self,\\n walletPubKeyHash,\\n outputScript,\\n outputValue\\n );\\n resultInfo.totalBurnableValue += burnableValue;\\n resultInfo.totalTreasuryFee += treasuryFee;\\n redemptionPresent = true;\\n }\\n\\n // Make the `outputStartingIndex` pointing to the next output by\\n // increasing it by current output's length.\\n processInfo.outputStartingIndex += outputLength;\\n }\\n\\n // Protect against the cases when there is only a single change output\\n // referring back to the wallet PKH and just burning main UTXO value\\n // for transaction fees.\\n require(\\n redemptionPresent,\\n \\\"Redemption transaction must process at least one redemption\\\"\\n );\\n }\\n\\n /// @notice Processes a single redemption transaction output. Tries to\\n /// identify output as a pending redemption request or reported\\n /// redemption timeout. Output script passed to this function must\\n /// not be the change output. Such output needs to be identified\\n /// separately before calling this function.\\n /// Reverts if output is neither requested pending redemption nor\\n /// requested and reported timed-out redemption.\\n /// This function also marks each pending request as processed by\\n /// removing them from `pendingRedemptions` mapping.\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @param outputScript Non-change output script to be processed\\n /// @param outputValue Value of the output being processed\\n /// @return burnableValue The value burnable as a result of processing this\\n /// single redemption output. This value needs to be summed up with\\n /// burnable values of all other outputs to evaluate total burnable\\n /// value for the entire redemption transaction. This value is 0\\n /// for a timed-out redemption request.\\n /// @return treasuryFee The treasury fee from this single redemption output.\\n /// This value needs to be summed up with treasury fees of all other\\n /// outputs to evaluate the total treasury fee for the entire\\n /// redemption transaction. This value is 0 for a timed-out\\n /// redemption request.\\n function processNonChangeRedemptionTxOutput(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n bytes memory outputScript,\\n uint64 outputValue\\n ) internal returns (uint64 burnableValue, uint64 treasuryFee) {\\n // This function should be called only if the given output is\\n // supposed to represent a redemption. Build the redemption key\\n // to perform that check.\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, outputScript))\\n );\\n\\n if (self.pendingRedemptions[redemptionKey].requestedAt != 0) {\\n // If we entered here, that means the output was identified\\n // as a pending redemption request.\\n RedemptionRequest storage request = self.pendingRedemptions[\\n redemptionKey\\n ];\\n // Compute the request's redeemable amount as the requested\\n // amount reduced by the treasury fee. The request's\\n // minimal amount is then the redeemable amount reduced by\\n // the maximum transaction fee.\\n uint64 redeemableAmount = request.requestedAmount -\\n request.treasuryFee;\\n // Output value must fit between the request's redeemable\\n // and minimal amounts to be deemed valid.\\n require(\\n redeemableAmount - request.txMaxFee <= outputValue &&\\n outputValue <= redeemableAmount,\\n \\\"Output value is not within the acceptable range of the pending request\\\"\\n );\\n // Add the redeemable amount to the total burnable value\\n // the Bridge will use to decrease its balance in the Bank.\\n burnableValue = redeemableAmount;\\n // Add the request's treasury fee to the total treasury fee\\n // value the Bridge will transfer to the treasury.\\n treasuryFee = request.treasuryFee;\\n // Request was properly handled so remove its redemption\\n // key from the mapping to make it reusable for further\\n // requests.\\n delete self.pendingRedemptions[redemptionKey];\\n } else {\\n // If we entered here, the output is not a redemption\\n // request but there is still a chance the given output is\\n // related to a reported timed out redemption request.\\n // If so, check if the output value matches the request\\n // amount to confirm this is an overdue request fulfillment\\n // then bypass this output and process the subsequent\\n // ones. That also means the wallet was already punished\\n // for the inactivity. Otherwise, just revert.\\n RedemptionRequest storage request = self.timedOutRedemptions[\\n redemptionKey\\n ];\\n\\n require(\\n request.requestedAt != 0,\\n \\\"Output is a non-requested redemption\\\"\\n );\\n\\n uint64 redeemableAmount = request.requestedAmount -\\n request.treasuryFee;\\n\\n require(\\n redeemableAmount - request.txMaxFee <= outputValue &&\\n outputValue <= redeemableAmount,\\n \\\"Output value is not within the acceptable range of the timed out request\\\"\\n );\\n }\\n }\\n\\n /// @notice Notifies that there is a pending redemption request associated\\n /// with the given wallet, that has timed out. The redemption\\n /// request is identified by the key built as\\n /// `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n /// The results of calling this function:\\n /// - the pending redemptions value for the wallet will be decreased\\n /// by the requested amount (minus treasury fee),\\n /// - the tokens taken from the redeemer on redemption request will\\n /// be returned to the redeemer,\\n /// - the request will be moved from pending redemptions to\\n /// timed-out redemptions.\\n /// - if the state of the wallet is `Live` or `MovingFunds`, the\\n /// wallet operators will be slashed and the notifier will be\\n /// rewarded\\n /// - if the state of wallet is `Live`, the wallet will be closed or\\n /// marked as `MovingFunds` (depending on the presence or absence\\n /// of the wallet's main UTXO) and the wallet will no longer be\\n /// marked as the active wallet (if it was marked as such).\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH)\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Terminated state\\n /// - The redemption request identified by `walletPubKeyHash` and\\n /// `redeemerOutputScript` must exist\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The amount of time defined by `redemptionTimeout` must have\\n /// passed since the redemption was requested (the request must be\\n /// timed-out).\\n function notifyRedemptionTimeout(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs,\\n bytes calldata redeemerOutputScript\\n ) external {\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, redeemerOutputScript))\\n );\\n Redemption.RedemptionRequest memory request = self.pendingRedemptions[\\n redemptionKey\\n ];\\n\\n require(request.requestedAt > 0, \\\"Redemption request does not exist\\\");\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n request.requestedAt + self.redemptionTimeout < block.timestamp,\\n \\\"Redemption request has not timed out\\\"\\n );\\n\\n // Update the wallet's pending redemptions value\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n wallet.pendingRedemptionsValue -=\\n request.requestedAmount -\\n request.treasuryFee;\\n\\n require(\\n // TODO: Allow the wallets in `Closing` state when the state is added\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds ||\\n wallet.state == Wallets.WalletState.Terminated,\\n \\\"The wallet must be in Live, MovingFunds or Terminated state\\\"\\n );\\n\\n // It is worth noting that there is no need to check if\\n // `timedOutRedemption` mapping already contains the given redemption\\n // key. There is no possibility to re-use a key of a reported timed-out\\n // redemption because the wallet responsible for causing the timeout is\\n // moved to a state that prevents it to receive new redemption requests.\\n\\n // Move the redemption from pending redemptions to timed-out redemptions\\n self.timedOutRedemptions[redemptionKey] = request;\\n delete self.pendingRedemptions[redemptionKey];\\n\\n if (\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds\\n ) {\\n // Propagate timeout consequences to the wallet\\n self.notifyWalletTimedOutRedemption(walletPubKeyHash);\\n\\n // Slash the wallet operators and reward the notifier\\n self.ecdsaWalletRegistry.seize(\\n self.redemptionTimeoutSlashingAmount,\\n self.redemptionTimeoutNotifierRewardMultiplier,\\n msg.sender,\\n wallet.ecdsaWalletID,\\n walletMembersIDs\\n );\\n }\\n\\n // slither-disable-next-line reentrancy-events\\n emit RedemptionTimedOut(walletPubKeyHash, redeemerOutputScript);\\n\\n // Return the requested amount of tokens to the redeemer\\n self.bank.transferBalance(request.redeemer, request.requestedAmount);\\n }\\n}\\n\",\"keccak256\":\"0x5b70d57f532554caf34af7fcbcb633ca08a364ee9499d9d9e904ed50b3faf959\",\"license\":\"MIT\"},\"contracts/bridge/Sweep.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @title Bridge deposit sweep\\n/// @notice The library handles the logic for sweeping transactions revealed to\\n/// the Bridge\\n/// @dev Bridge active wallet periodically signs a transaction that unlocks all\\n/// of the valid, revealed deposits above the dust threshold, combines them\\n/// into a single UTXO with the existing main wallet UTXO, and relocks\\n/// those transactions without a 30-day refund clause to the same wallet.\\n/// This has two main effects: it consolidates the UTXO set and it disables\\n/// the refund. Balances of depositors in the Bank are increased when the\\n/// SPV sweep proof is submitted to the Bridge.\\nlibrary Sweep {\\n using BridgeState for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n\\n /// @notice Represents an outcome of the sweep Bitcoin transaction\\n /// inputs processing.\\n struct SweepTxInputsInfo {\\n // Sum of all inputs values i.e. all deposits and main UTXO value,\\n // if present.\\n uint256 inputsTotalValue;\\n // Addresses of depositors who performed processed deposits. Ordered in\\n // the same order as deposits inputs in the input vector. Size of this\\n // array is either equal to the number of inputs (main UTXO doesn't\\n // exist) or less by one (main UTXO exists and is pointed by one of\\n // the inputs).\\n address[] depositors;\\n // Amounts of deposits corresponding to processed deposits. Ordered in\\n // the same order as deposits inputs in the input vector. Size of this\\n // array is either equal to the number of inputs (main UTXO doesn't\\n // exist) or less by one (main UTXO exists and is pointed by one of\\n // the inputs).\\n uint256[] depositedAmounts;\\n // Values of the treasury fee corresponding to processed deposits.\\n // Ordered in the same order as deposits inputs in the input vector.\\n // Size of this array is either equal to the number of inputs (main\\n // UTXO doesn't exist) or less by one (main UTXO exists and is pointed\\n // by one of the inputs).\\n uint256[] treasuryFees;\\n }\\n\\n event DepositsSwept(bytes20 walletPubKeyHash, bytes32 sweepTxHash);\\n\\n /// @notice Used by the wallet to prove the BTC deposit sweep transaction\\n /// and to update Bank balances accordingly. Sweep is only accepted\\n /// if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by first\\n /// computing the Bitcoin fee for the sweep transaction. The fee is\\n /// divided evenly between all swept deposits. Each depositor\\n /// receives a balance in the bank equal to the amount inferred\\n /// during the reveal transaction, minus their fee share.\\n ///\\n /// It is possible to prove the given sweep only one time.\\n /// @param sweepTx Bitcoin sweep transaction data\\n /// @param sweepProof Bitcoin sweep proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - `sweepTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `sweepTx` should represent a Bitcoin transaction with 1..n\\n /// inputs. If the wallet has no main UTXO, all n inputs should\\n /// correspond to P2(W)SH revealed deposits UTXOs. If the wallet has\\n /// an existing main UTXO, one of the n inputs must point to that\\n /// main UTXO and remaining n-1 inputs should correspond to P2(W)SH\\n /// revealed deposits UTXOs. That transaction must have only\\n /// one P2(W)PKH output locking funds on the 20-byte wallet public\\n /// key hash.\\n /// - `sweepProof` components must match the expected structure. See\\n /// `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If there is no main UTXO, this parameter is ignored.\\n function submitSweepProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata sweepTx,\\n BitcoinTx.Proof calldata sweepProof,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 sweepTxHash = self.validateProof(sweepTx, sweepProof);\\n\\n // Process sweep transaction output and extract its target wallet\\n // public key hash and value.\\n (\\n bytes20 walletPubKeyHash,\\n uint64 sweepTxOutputValue\\n ) = processSweepTxOutput(sweepTx.outputVector);\\n\\n (\\n Wallets.Wallet storage wallet,\\n BitcoinTx.UTXO memory resolvedMainUtxo\\n ) = resolveSweepingWallet(self, walletPubKeyHash, mainUtxo);\\n\\n // Process sweep transaction inputs and extract all information needed\\n // to perform deposit bookkeeping.\\n SweepTxInputsInfo memory inputsInfo = processSweepTxInputs(\\n self,\\n sweepTx.inputVector,\\n resolvedMainUtxo\\n );\\n\\n // Helper variable that will hold the sum of treasury fees paid by\\n // all deposits.\\n uint256 totalTreasuryFee = 0;\\n\\n // Determine the transaction fee that should be incurred by each deposit\\n // and the indivisible remainder that should be additionally incurred\\n // by the last deposit.\\n (\\n uint256 depositTxFee,\\n uint256 depositTxFeeRemainder\\n ) = sweepTxFeeDistribution(\\n inputsInfo.inputsTotalValue,\\n sweepTxOutputValue,\\n inputsInfo.depositedAmounts.length\\n );\\n\\n // Make sure the highest value of the deposit transaction fee does not\\n // exceed the maximum value limited by the governable parameter.\\n require(\\n depositTxFee + depositTxFeeRemainder <= self.depositTxMaxFee,\\n \\\"Transaction fee is too high\\\"\\n );\\n\\n // Reduce each deposit amount by treasury fee and transaction fee.\\n for (uint256 i = 0; i < inputsInfo.depositedAmounts.length; i++) {\\n // The last deposit should incur the deposit transaction fee\\n // remainder.\\n uint256 depositTxFeeIncurred = i ==\\n inputsInfo.depositedAmounts.length - 1\\n ? depositTxFee + depositTxFeeRemainder\\n : depositTxFee;\\n\\n // There is no need to check whether\\n // `inputsInfo.depositedAmounts[i] - inputsInfo.treasuryFees[i] - txFee > 0`\\n // since the `depositDustThreshold` should force that condition\\n // to be always true.\\n inputsInfo.depositedAmounts[i] =\\n inputsInfo.depositedAmounts[i] -\\n inputsInfo.treasuryFees[i] -\\n depositTxFeeIncurred;\\n totalTreasuryFee += inputsInfo.treasuryFees[i];\\n }\\n\\n // Record this sweep data and assign them to the wallet public key hash\\n // as new main UTXO. Transaction output index is always 0 as sweep\\n // transaction always contains only one output.\\n wallet.mainUtxoHash = keccak256(\\n abi.encodePacked(sweepTxHash, uint32(0), sweepTxOutputValue)\\n );\\n\\n emit DepositsSwept(walletPubKeyHash, sweepTxHash);\\n\\n // Update depositors balances in the Bank.\\n self.bank.increaseBalances(\\n inputsInfo.depositors,\\n inputsInfo.depositedAmounts\\n );\\n // Pass the treasury fee to the treasury address.\\n self.bank.increaseBalance(self.treasury, totalTreasuryFee);\\n\\n // TODO: Handle deposits having `vault` set.\\n }\\n\\n /// @notice Resolves sweeping wallet based on the provided wallet public key\\n /// hash. Validates the wallet state and current main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @param walletPubKeyHash public key hash of the wallet proving the sweep\\n /// Bitcoin transaction.\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - Sweeping wallet must be either in Live or MovingFunds state.\\n /// - If the main UTXO of the sweeping wallet exists in the storage,\\n /// the passed `mainUTXO` parameter must be equal to the stored one.\\n function resolveSweepingWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n )\\n internal\\n view\\n returns (\\n Wallets.Wallet storage wallet,\\n BitcoinTx.UTXO memory resolvedMainUtxo\\n )\\n {\\n wallet = self.registeredWallets[walletPubKeyHash];\\n\\n Wallets.WalletState walletState = wallet.state;\\n require(\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds,\\n \\\"Wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n // Check if the main UTXO for given wallet exists. If so, validate\\n // passed main UTXO data against the stored hash and use them for\\n // further processing. If no main UTXO exists, use empty data.\\n resolvedMainUtxo = BitcoinTx.UTXO(bytes32(0), 0, 0);\\n bytes32 mainUtxoHash = wallet.mainUtxoHash;\\n if (mainUtxoHash != bytes32(0)) {\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n resolvedMainUtxo = mainUtxo;\\n }\\n }\\n\\n /// @notice Processes the Bitcoin sweep transaction output vector by\\n /// extracting the single output and using it to gain additional\\n /// information required for further processing (e.g. value and\\n /// wallet public key hash).\\n /// @param sweepTxOutputVector Bitcoin sweep transaction output vector.\\n /// This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVout` function before\\n /// it is passed here\\n /// @return walletPubKeyHash 20-byte wallet public key hash.\\n /// @return value 8-byte sweep transaction output value.\\n function processSweepTxOutput(bytes memory sweepTxOutputVector)\\n internal\\n pure\\n returns (bytes20 walletPubKeyHash, uint64 value)\\n {\\n // To determine the total number of sweep transaction outputs, we need to\\n // parse the compactSize uint (VarInt) the output vector is prepended by.\\n // That compactSize uint encodes the number of vector elements using the\\n // format presented in:\\n // https://developer.bitcoin.org/reference/transactions.html#compactsize-unsigned-integers\\n // We don't need asserting the compactSize uint is parseable since it\\n // was already checked during `validateVout` validation.\\n // See `BitcoinTx.outputVector` docs for more details.\\n (, uint256 outputsCount) = sweepTxOutputVector.parseVarInt();\\n require(\\n outputsCount == 1,\\n \\\"Sweep transaction must have a single output\\\"\\n );\\n\\n bytes memory output = sweepTxOutputVector.extractOutputAtIndex(0);\\n value = output.extractValue();\\n bytes memory walletPubKeyHashBytes = output.extractHash();\\n // The sweep transaction output should always be P2PKH or P2WPKH.\\n // In both cases, the wallet public key hash should be 20 bytes length.\\n require(\\n walletPubKeyHashBytes.length == 20,\\n \\\"Wallet public key hash should have 20 bytes\\\"\\n );\\n /* solhint-disable-next-line no-inline-assembly */\\n assembly {\\n walletPubKeyHash := mload(add(walletPubKeyHashBytes, 32))\\n }\\n\\n return (walletPubKeyHash, value);\\n }\\n\\n /// @notice Processes the Bitcoin sweep transaction input vector. It\\n /// extracts each input and tries to obtain associated deposit or\\n /// main UTXO data, depending on the input type. Reverts\\n /// if one of the inputs cannot be recognized as a pointer to a\\n /// revealed deposit or expected main UTXO.\\n /// This function also marks each processed deposit as swept.\\n /// @param sweepTxInputVector Bitcoin sweep transaction input vector.\\n /// This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVin` function before\\n /// it is passed here\\n /// @param mainUtxo Data of the wallet's main UTXO. If no main UTXO\\n /// exists for the given the wallet, this parameter's fields should\\n /// be zeroed to bypass the main UTXO validation\\n /// @return info Outcomes of the processing.\\n function processSweepTxInputs(\\n BridgeState.Storage storage self,\\n bytes memory sweepTxInputVector,\\n BitcoinTx.UTXO memory mainUtxo\\n ) internal returns (SweepTxInputsInfo memory info) {\\n // If the passed `mainUtxo` parameter's values are zeroed, the main UTXO\\n // for the given wallet doesn't exist and it is not expected to be\\n // included in the sweep transaction input vector.\\n bool mainUtxoExpected = mainUtxo.txHash != bytes32(0);\\n bool mainUtxoFound = false;\\n\\n // Determining the total number of sweep transaction inputs in the same\\n // way as for number of outputs. See `BitcoinTx.inputVector` docs for\\n // more details.\\n (\\n uint256 inputsCompactSizeUintLength,\\n uint256 inputsCount\\n ) = sweepTxInputVector.parseVarInt();\\n\\n // To determine the first input starting index, we must jump over\\n // the compactSize uint which prepends the input vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 inputStartingIndex = 1 + inputsCompactSizeUintLength;\\n\\n // Determine the swept deposits count. If main UTXO is NOT expected,\\n // all inputs should be deposits. If main UTXO is expected, one input\\n // should point to that main UTXO.\\n info.depositors = new address[](\\n !mainUtxoExpected ? inputsCount : inputsCount - 1\\n );\\n info.depositedAmounts = new uint256[](info.depositors.length);\\n info.treasuryFees = new uint256[](info.depositors.length);\\n\\n // Initialize helper variables.\\n uint256 processedDepositsCount = 0;\\n\\n // Inputs processing loop.\\n for (uint256 i = 0; i < inputsCount; i++) {\\n (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex,\\n uint256 inputLength\\n ) = parseTxInputAt(sweepTxInputVector, inputStartingIndex);\\n\\n Deposit.DepositRequest storage deposit = self.deposits[\\n uint256(\\n keccak256(abi.encodePacked(outpointTxHash, outpointIndex))\\n )\\n ];\\n\\n if (deposit.revealedAt != 0) {\\n // If we entered here, that means the input was identified as\\n // a revealed deposit.\\n require(deposit.sweptAt == 0, \\\"Deposit already swept\\\");\\n\\n if (processedDepositsCount == info.depositors.length) {\\n // If this condition is true, that means a deposit input\\n // took place of an expected main UTXO input.\\n // In other words, there is no expected main UTXO\\n // input and all inputs come from valid, revealed deposits.\\n revert(\\n \\\"Expected main UTXO not present in sweep transaction inputs\\\"\\n );\\n }\\n\\n /* solhint-disable-next-line not-rely-on-time */\\n deposit.sweptAt = uint32(block.timestamp);\\n\\n info.depositors[processedDepositsCount] = deposit.depositor;\\n info.depositedAmounts[processedDepositsCount] = deposit.amount;\\n info.inputsTotalValue += info.depositedAmounts[\\n processedDepositsCount\\n ];\\n info.treasuryFees[processedDepositsCount] = deposit.treasuryFee;\\n\\n processedDepositsCount++;\\n } else if (\\n mainUtxoExpected != mainUtxoFound &&\\n mainUtxo.txHash == outpointTxHash\\n ) {\\n // If we entered here, that means the input was identified as\\n // the expected main UTXO.\\n info.inputsTotalValue += mainUtxo.txOutputValue;\\n mainUtxoFound = true;\\n\\n // Main UTXO used as an input, mark it as spent.\\n self.spentMainUTXOs[\\n uint256(\\n keccak256(\\n abi.encodePacked(outpointTxHash, outpointIndex)\\n )\\n )\\n ] = true;\\n } else {\\n revert(\\\"Unknown input type\\\");\\n }\\n\\n // Make the `inputStartingIndex` pointing to the next input by\\n // increasing it by current input's length.\\n inputStartingIndex += inputLength;\\n }\\n\\n // Construction of the input processing loop guarantees that:\\n // `processedDepositsCount == info.depositors.length == info.depositedAmounts.length`\\n // is always true at this point. We just use the first variable\\n // to assert the total count of swept deposit is bigger than zero.\\n require(\\n processedDepositsCount > 0,\\n \\\"Sweep transaction must process at least one deposit\\\"\\n );\\n\\n // Assert the main UTXO was used as one of current sweep's inputs if\\n // it was actually expected.\\n require(\\n mainUtxoExpected == mainUtxoFound,\\n \\\"Expected main UTXO not present in sweep transaction inputs\\\"\\n );\\n\\n return info;\\n }\\n\\n /// @notice Parses a Bitcoin transaction input starting at the given index.\\n /// @param inputVector Bitcoin transaction input vector\\n /// @param inputStartingIndex Index the given input starts at\\n /// @return outpointTxHash 32-byte hash of the Bitcoin transaction which is\\n /// pointed in the given input's outpoint.\\n /// @return outpointIndex 4-byte index of the Bitcoin transaction output\\n /// which is pointed in the given input's outpoint.\\n /// @return inputLength Byte length of the given input.\\n /// @dev This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVin` function before it\\n /// is passed here.\\n function parseTxInputAt(\\n bytes memory inputVector,\\n uint256 inputStartingIndex\\n )\\n internal\\n pure\\n returns (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex,\\n uint256 inputLength\\n )\\n {\\n outpointTxHash = inputVector.extractInputTxIdLeAt(inputStartingIndex);\\n\\n outpointIndex = BTCUtils.reverseUint32(\\n uint32(inputVector.extractTxIndexLeAt(inputStartingIndex))\\n );\\n\\n inputLength = inputVector.determineInputLengthAt(inputStartingIndex);\\n\\n return (outpointTxHash, outpointIndex, inputLength);\\n }\\n\\n /// @notice Determines the distribution of the sweep transaction fee\\n /// over swept deposits.\\n /// @param sweepTxInputsTotalValue Total value of all sweep transaction inputs.\\n /// @param sweepTxOutputValue Value of the sweep transaction output.\\n /// @param depositsCount Count of the deposits swept by the sweep transaction.\\n /// @return depositTxFee Transaction fee per deposit determined by evenly\\n /// spreading the divisible part of the sweep transaction fee\\n /// over all deposits.\\n /// @return depositTxFeeRemainder The indivisible part of the sweep\\n /// transaction fee than cannot be distributed over all deposits.\\n /// @dev It is up to the caller to decide how the remainder should be\\n /// counted in. This function only computes its value.\\n function sweepTxFeeDistribution(\\n uint256 sweepTxInputsTotalValue,\\n uint256 sweepTxOutputValue,\\n uint256 depositsCount\\n )\\n internal\\n pure\\n returns (uint256 depositTxFee, uint256 depositTxFeeRemainder)\\n {\\n // The sweep transaction fee is just the difference between inputs\\n // amounts sum and the output amount.\\n uint256 sweepTxFee = sweepTxInputsTotalValue - sweepTxOutputValue;\\n // Compute the indivisible remainder that remains after dividing the\\n // sweep transaction fee over all deposits evenly.\\n depositTxFeeRemainder = sweepTxFee % depositsCount;\\n // Compute the transaction fee per deposit by dividing the sweep\\n // transaction fee (reduced by the remainder) by the number of deposits.\\n depositTxFee = (sweepTxFee - depositTxFeeRemainder) / depositsCount;\\n\\n return (depositTxFee, depositTxFeeRemainder);\\n }\\n}\\n\",\"keccak256\":\"0xb037abcf187b812a7c510620b9845fd8f181bfc545adf629aa396f95e976e3f1\",\"license\":\"MIT\"},\"contracts/bridge/Wallets.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {EcdsaDkg} from \\\"@keep-network/ecdsa/contracts/libraries/EcdsaDkg.sol\\\";\\nimport {Math} from \\\"@openzeppelin/contracts/utils/math/Math.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\n\\n/// @title Wallet library\\n/// @notice Library responsible for handling integration between Bridge\\n/// contract and ECDSA wallets.\\nlibrary Wallets {\\n using BTCUtils for bytes;\\n\\n /// @notice Represents wallet state:\\n enum WalletState {\\n /// @dev The wallet is unknown to the Bridge.\\n Unknown,\\n /// @dev The wallet can sweep deposits and accept redemption requests.\\n Live,\\n /// @dev The wallet was deemed unhealthy and is expected to move their\\n /// outstanding funds to another wallet. The wallet can still\\n /// fulfill their pending redemption requests although new\\n /// redemption requests and new deposit reveals are not accepted.\\n MovingFunds,\\n /// @dev The wallet moved or redeemed all their funds and is in the\\n /// closing period where they can be subject of fraud challenges\\n /// and must defend against them. This state is needed to protect\\n /// against deposit frauds on deposits revealed but not swept.\\n /// The closing period must be greater that the deposit refund\\n /// time plus some time margin.\\n Closing,\\n /// @dev The wallet finalized the closing period successfully and\\n /// cannot perform any action in the Bridge.\\n Closed,\\n /// @dev The wallet committed a fraud that was reported. The wallet is\\n /// blocked and can not perform any actions in the Bridge.\\n /// Off-chain coordination with the wallet operators is needed to\\n /// recover funds.\\n Terminated\\n }\\n\\n /// @notice Holds information about a wallet.\\n struct Wallet {\\n // Identifier of a ECDSA Wallet registered in the ECDSA Wallet Registry.\\n bytes32 ecdsaWalletID;\\n // Latest wallet's main UTXO hash computed as\\n // keccak256(txHash | txOutputIndex | txOutputValue). The `tx` prefix\\n // refers to the transaction which created that main UTXO. The `txHash`\\n // is `bytes32` (ordered as in Bitcoin internally), `txOutputIndex`\\n // an `uint32`, and `txOutputValue` an `uint64` value.\\n bytes32 mainUtxoHash;\\n // The total redeemable value of pending redemption requests targeting\\n // that wallet.\\n uint64 pendingRedemptionsValue;\\n // UNIX timestamp the wallet was created at.\\n uint32 createdAt;\\n // UNIX timestamp indicating the moment the wallet was requested to\\n // move their funds.\\n uint32 movingFundsRequestedAt;\\n // UNIX timestamp indicating the moment the wallet's closing period\\n // started.\\n uint32 closingStartedAt;\\n // Current state of the wallet.\\n WalletState state;\\n // Moving funds target wallet commitment submitted by the wallet. It\\n // is built by applying the keccak256 hash over the list of 20-byte\\n // public key hashes of the target wallets.\\n bytes32 movingFundsTargetWalletsCommitmentHash;\\n }\\n\\n event NewWalletRequested();\\n\\n event NewWalletRegistered(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletMovingFunds(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosing(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosed(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletTerminated(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n /// @notice Requests creation of a new wallet. This function just\\n /// forms a request and the creation process is performed\\n /// asynchronously. Outcome of that process should be delivered\\n /// using `registerNewWallet` function.\\n /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - `activeWalletMainUtxo` components must point to the recent main\\n /// UTXO of the given active wallet, as currently known on the\\n /// Ethereum chain. If there is no active wallet at the moment, or\\n /// the active wallet has no main UTXO, this parameter can be\\n /// empty as it is ignored.\\n /// - Wallet creation must not be in progress\\n /// - If the active wallet is set, one of the following\\n /// conditions must be true:\\n /// - The active wallet BTC balance is above the minimum threshold\\n /// and the active wallet is old enough, i.e. the creation period\\n /// was elapsed since its creation time\\n /// - The active wallet BTC balance is above the maximum threshold\\n function requestNewWallet(\\n BridgeState.Storage storage self,\\n BitcoinTx.UTXO calldata activeWalletMainUtxo\\n ) external {\\n require(\\n self.ecdsaWalletRegistry.getWalletCreationState() ==\\n EcdsaDkg.State.IDLE,\\n \\\"Wallet creation already in progress\\\"\\n );\\n\\n bytes20 activeWalletPubKeyHash = self.activeWalletPubKeyHash;\\n\\n // If the active wallet is set, fetch this wallet's details from\\n // storage to perform conditions check. The `registerNewWallet`\\n // function guarantees an active wallet is always one of the\\n // registered ones.\\n if (activeWalletPubKeyHash != bytes20(0)) {\\n uint64 activeWalletBtcBalance = getWalletBtcBalance(\\n self,\\n activeWalletPubKeyHash,\\n activeWalletMainUtxo\\n );\\n uint32 activeWalletCreatedAt = self\\n .registeredWallets[activeWalletPubKeyHash]\\n .createdAt;\\n /* solhint-disable-next-line not-rely-on-time */\\n bool activeWalletOldEnough = block.timestamp >=\\n activeWalletCreatedAt + self.walletCreationPeriod;\\n\\n require(\\n (activeWalletOldEnough &&\\n activeWalletBtcBalance >=\\n self.walletCreationMinBtcBalance) ||\\n activeWalletBtcBalance >= self.walletCreationMaxBtcBalance,\\n \\\"Wallet creation conditions are not met\\\"\\n );\\n }\\n\\n emit NewWalletRequested();\\n\\n self.ecdsaWalletRegistry.requestNewWallet();\\n }\\n\\n /// @notice Gets BTC balance for given the wallet.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @return walletBtcBalance Current BTC balance for the given wallet.\\n /// @dev Requirements:\\n /// - `walletMainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n function getWalletBtcBalance(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) internal view returns (uint64 walletBtcBalance) {\\n bytes32 walletMainUtxoHash = self\\n .registeredWallets[walletPubKeyHash]\\n .mainUtxoHash;\\n\\n // If the wallet has a main UTXO hash set, cross-check it with the\\n // provided plain-text parameter and get the transaction output value\\n // as BTC balance. Otherwise, the BTC balance is just zero.\\n if (walletMainUtxoHash != bytes32(0)) {\\n require(\\n keccak256(\\n abi.encodePacked(\\n walletMainUtxo.txHash,\\n walletMainUtxo.txOutputIndex,\\n walletMainUtxo.txOutputValue\\n )\\n ) == walletMainUtxoHash,\\n \\\"Invalid wallet main UTXO data\\\"\\n );\\n\\n walletBtcBalance = walletMainUtxo.txOutputValue;\\n }\\n\\n return walletBtcBalance;\\n }\\n\\n /// @notice Registers a new wallet. This function should be called\\n /// after the wallet creation process initiated using\\n /// `requestNewWallet` completes and brings the outcomes.\\n /// @param ecdsaWalletID Wallet's unique identifier.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Given wallet data must not belong to an already registered wallet\\n function registerNewWallet(\\n BridgeState.Storage storage self,\\n bytes32 ecdsaWalletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external {\\n require(\\n msg.sender == address(self.ecdsaWalletRegistry),\\n \\\"Caller is not the ECDSA Wallet Registry\\\"\\n );\\n\\n // Compress wallet's public key and calculate Bitcoin's hash160 of it.\\n bytes20 walletPubKeyHash = bytes20(\\n EcdsaLib.compressPublicKey(publicKeyX, publicKeyY).hash160View()\\n );\\n\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n require(\\n wallet.state == WalletState.Unknown,\\n \\\"ECDSA wallet has been already registered\\\"\\n );\\n wallet.ecdsaWalletID = ecdsaWalletID;\\n wallet.state = WalletState.Live;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.createdAt = uint32(block.timestamp);\\n\\n // Set the freshly created wallet as the new active wallet.\\n self.activeWalletPubKeyHash = walletPubKeyHash;\\n\\n self.liveWalletsCount++;\\n\\n emit NewWalletRegistered(ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n /// @notice Handles a notification about a wallet heartbeat failure and\\n /// triggers the wallet moving funds process.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Wallet must be in Live state\\n function notifyWalletHeartbeatFailed(\\n BridgeState.Storage storage self,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external {\\n require(\\n msg.sender == address(self.ecdsaWalletRegistry),\\n \\\"Caller is not the ECDSA Wallet Registry\\\"\\n );\\n\\n // Compress wallet's public key and calculate Bitcoin's hash160 of it.\\n bytes20 walletPubKeyHash = bytes20(\\n EcdsaLib.compressPublicKey(publicKeyX, publicKeyY).hash160View()\\n );\\n\\n require(\\n self.registeredWallets[walletPubKeyHash].state == WalletState.Live,\\n \\\"ECDSA wallet must be in Live state\\\"\\n );\\n\\n moveFunds(self, walletPubKeyHash);\\n }\\n\\n /// @notice Handles a notification about a wallet redemption timeout.\\n /// Triggers the wallet moving funds process only if the wallet is\\n /// still in the Live state. That means multiple action timeouts can\\n /// be reported for the same wallet but only the first report\\n /// requests the wallet to move their funds.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the `Live` or `MovingFunds` state\\n function notifyWalletTimedOutRedemption(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n WalletState walletState = self\\n .registeredWallets[walletPubKeyHash]\\n .state;\\n\\n require(\\n walletState == WalletState.Live ||\\n walletState == WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n if (walletState == WalletState.Live) {\\n moveFunds(self, walletPubKeyHash);\\n }\\n }\\n\\n /// @notice Notifies that the wallet is either old enough or has too few\\n /// satoshis left and qualifies to be closed.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - Wallet must not be set as the current active wallet\\n /// - Wallet must exceed the wallet maximum age OR the wallet BTC\\n /// balance must be lesser than the minimum threshold. If the latter\\n /// case is true, the `walletMainUtxo` components must point to the\\n /// recent main UTXO of the given wallet, as currently known on the\\n /// Ethereum chain. If the wallet has no main UTXO, this parameter\\n /// can be empty as it is ignored since the wallet balance is\\n /// assumed to be zero.\\n /// - Wallet must be in Live state\\n function notifyCloseableWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) external {\\n require(\\n self.activeWalletPubKeyHash != walletPubKeyHash,\\n \\\"Active wallet cannot be considered closeable\\\"\\n );\\n\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n require(\\n wallet.state == WalletState.Live,\\n \\\"ECDSA wallet must be in Live state\\\"\\n );\\n\\n /* solhint-disable-next-line not-rely-on-time */\\n bool walletOldEnough = block.timestamp >=\\n wallet.createdAt + self.walletMaxAge;\\n\\n require(\\n walletOldEnough ||\\n getWalletBtcBalance(self, walletPubKeyHash, walletMainUtxo) <\\n self.walletClosureMinBtcBalance,\\n \\\"Wallet needs to be old enough or have too few satoshis\\\"\\n );\\n\\n moveFunds(self, walletPubKeyHash);\\n }\\n\\n /// @notice Requests a wallet to move their funds. If the wallet balance\\n /// is zero, the wallet closing begins immediately. If the move\\n /// funds request refers to the current active wallet, such a wallet\\n /// is no longer considered active and the active wallet slot\\n /// is unset allowing to trigger a new wallet creation immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the Live state\\n function moveFunds(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n if (wallet.mainUtxoHash == bytes32(0)) {\\n // If the wallet has no main UTXO, that means its BTC balance\\n // is zero and the wallet closing should begin immediately.\\n beginWalletClosing(self, walletPubKeyHash);\\n } else {\\n // Otherwise, initialize the moving funds process.\\n wallet.state = WalletState.MovingFunds;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.movingFundsRequestedAt = uint32(block.timestamp);\\n\\n emit WalletMovingFunds(wallet.ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n if (self.activeWalletPubKeyHash == walletPubKeyHash) {\\n // If the move funds request refers to the current active wallet,\\n // unset the active wallet and make the wallet creation process\\n // possible in order to get a new healthy active wallet.\\n delete self.activeWalletPubKeyHash;\\n }\\n\\n self.liveWalletsCount--;\\n }\\n\\n /// @notice Begins the closing period of the given wallet.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the\\n /// MovingFunds state\\n function beginWalletClosing(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n // Initialize the closing period.\\n wallet.state = WalletState.Closing;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.closingStartedAt = uint32(block.timestamp);\\n\\n emit WalletClosing(wallet.ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n /// @notice Notifies about the end of the closing period for the given wallet.\\n /// Closes the wallet ultimately and notifies the ECDSA registry\\n /// about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the Closing state\\n /// - The wallet closing period must have elapsed\\n function notifyWalletClosingPeriodElapsed(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n require(\\n wallet.state == WalletState.Closing,\\n \\\"ECDSA wallet must be in Closing state\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >\\n wallet.closingStartedAt + self.walletClosingPeriod,\\n \\\"Closing period has not elapsed yet\\\"\\n );\\n\\n finalizeWalletClosing(self, walletPubKeyHash);\\n }\\n\\n /// @notice Finalizes the closing period of the given wallet and notifies\\n /// the ECDSA registry about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the Closing state\\n function finalizeWalletClosing(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n wallet.state = WalletState.Closed;\\n\\n emit WalletClosed(wallet.ecdsaWalletID, walletPubKeyHash);\\n\\n self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);\\n }\\n\\n /// @notice Terminates the given wallet and notifies the ECDSA registry\\n /// about this fact. If the wallet termination refers to the current\\n /// active wallet, such a wallet is no longer considered active and\\n /// the active wallet slot is unset allowing to trigger a new wallet\\n /// creation immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the\\n /// Live or MovingFunds or Closing state.\\n function terminateWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n if (wallet.state == WalletState.Live) {\\n self.liveWalletsCount--;\\n }\\n\\n wallet.state = WalletState.Terminated;\\n\\n emit WalletTerminated(wallet.ecdsaWalletID, walletPubKeyHash);\\n\\n if (self.activeWalletPubKeyHash == walletPubKeyHash) {\\n // If termination refers to the current active wallet,\\n // unset the active wallet and make the wallet creation process\\n // possible in order to get a new healthy active wallet.\\n delete self.activeWalletPubKeyHash;\\n }\\n\\n self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);\\n }\\n\\n /// @notice Notifies that the wallet completed the moving funds process\\n /// successfully. Checks if the funds were moved to the expected\\n /// target wallets. Closes the source wallet if everything went\\n /// good and reverts otherwise.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param targetWalletsHash 32-byte keccak256 hash over the list of\\n /// 20-byte public key hashes of the target wallets actually used\\n /// within the moving funds transactions.\\n /// @dev Requirements:\\n /// - The caller must make sure the moving funds transaction actually\\n /// happened on Bitcoin chain and fits the protocol requirements.\\n /// - The source wallet must be in the MovingFunds state\\n /// - The target wallets commitment must be submitted by the source\\n /// wallet.\\n /// - The actual target wallets used in the moving funds transaction\\n /// must be exactly the same as the target wallets commitment.\\n function notifyWalletFundsMoved(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n bytes32 targetWalletsHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n // Check that the wallet is in the MovingFunds state but don't check\\n // if the moving funds timeout is exceeded. That should give a\\n // possibility to move funds in case when timeout was hit but was\\n // not reported yet.\\n require(\\n wallet.state == WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n bytes32 targetWalletsCommitmentHash = wallet\\n .movingFundsTargetWalletsCommitmentHash;\\n\\n require(\\n targetWalletsCommitmentHash != bytes32(0),\\n \\\"Target wallets commitment not submitted yet\\\"\\n );\\n\\n // Make sure that the target wallets where funds were moved to are\\n // exactly the same as the ones the source wallet committed to.\\n require(\\n targetWalletsCommitmentHash == targetWalletsHash,\\n \\\"Target wallets don't correspond to the commitment\\\"\\n );\\n\\n // If funds were moved, the wallet has no longer a main UTXO.\\n delete wallet.mainUtxoHash;\\n\\n beginWalletClosing(self, walletPubKeyHash);\\n }\\n}\\n\",\"keccak256\":\"0x61ae7c54cca8f74793c74fa5ff53aaa6266904ea971ba6d3b7d11d3b453c97c4\",\"license\":\"MIT\"},\"contracts/test/BridgeStub.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"../bridge/BitcoinTx.sol\\\";\\nimport \\\"../bridge/Bridge.sol\\\";\\nimport \\\"../bridge/Wallets.sol\\\";\\n\\ncontract BridgeStub is Bridge {\\n constructor(\\n address _bank,\\n address _relay,\\n address _treasury,\\n address _walletRegistry,\\n uint256 _txProofDifficultyFactor\\n )\\n Bridge(\\n _bank,\\n _relay,\\n _treasury,\\n _walletRegistry,\\n _txProofDifficultyFactor\\n )\\n {}\\n\\n function setSweptDeposits(BitcoinTx.UTXO[] calldata utxos) external {\\n for (uint256 i = 0; i < utxos.length; i++) {\\n uint256 utxoKey = uint256(\\n keccak256(\\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\\n )\\n );\\n self.deposits[utxoKey].sweptAt = 1641650400;\\n }\\n }\\n\\n function setSpentMainUtxos(BitcoinTx.UTXO[] calldata utxos) external {\\n for (uint256 i = 0; i < utxos.length; i++) {\\n uint256 utxoKey = uint256(\\n keccak256(\\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\\n )\\n );\\n self.spentMainUTXOs[utxoKey] = true;\\n }\\n }\\n\\n function setActiveWallet(bytes20 activeWalletPubKeyHash) external {\\n self.activeWalletPubKeyHash = activeWalletPubKeyHash;\\n }\\n\\n function setWalletMainUtxo(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata utxo\\n ) external {\\n self.registeredWallets[walletPubKeyHash].mainUtxoHash = keccak256(\\n abi.encodePacked(\\n utxo.txHash,\\n utxo.txOutputIndex,\\n utxo.txOutputValue\\n )\\n );\\n }\\n\\n function unsetWalletMainUtxo(bytes20 walletPubKeyHash) external {\\n delete self.registeredWallets[walletPubKeyHash].mainUtxoHash;\\n }\\n\\n function setWallet(bytes20 walletPubKeyHash, Wallets.Wallet calldata wallet)\\n external\\n {\\n self.registeredWallets[walletPubKeyHash] = wallet;\\n\\n if (wallet.state == Wallets.WalletState.Live) {\\n self.liveWalletsCount++;\\n }\\n }\\n\\n function setDepositDustThreshold(uint64 _depositDustThreshold) external {\\n self.depositDustThreshold = _depositDustThreshold;\\n }\\n\\n function setDepositTxMaxFee(uint64 _depositTxMaxFee) external {\\n self.depositTxMaxFee = _depositTxMaxFee;\\n }\\n\\n function setRedemptionDustThreshold(uint64 _redemptionDustThreshold)\\n external\\n {\\n self.redemptionDustThreshold = _redemptionDustThreshold;\\n }\\n\\n function setRedemptionTreasuryFeeDivisor(\\n uint64 _redemptionTreasuryFeeDivisor\\n ) external {\\n self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;\\n }\\n\\n function setMovingFundsTxMaxTotalFee(uint64 _movingFundsTxMaxTotalFee)\\n external\\n {\\n self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;\\n }\\n}\\n\",\"keccak256\":\"0x2ebd718df688d7334c64d6d02bde27fa9ef576fff30f462e525bea45bdf57b88\",\"license\":\"MIT\"},\"contracts/vault/IVault.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\n/// @title Bank Vault interface\\n/// @notice `IVault` is an interface for a smart contract consuming Bank\\n/// balances of other contracts or externally owned accounts (EOA).\\ninterface IVault {\\n /// @notice Called by the Bank in `approveBalanceAndCall` function after\\n /// the balance `owner` approved `amount` of their balance in the\\n /// Bank for the vault. This way, the depositor can approve balance\\n /// and call the vault to use the approved balance in a single\\n /// transaction.\\n /// @param owner Address of the Bank balance owner who approved their\\n /// balance to be used by the vault\\n /// @param amount The amount of the Bank balance approved by the owner\\n /// to be used by the vault\\n // @dev The implementation must ensure this function can only be called\\n /// by the Bank. The Bank does _not_ guarantee that the `amount`\\n /// approved by the `owner` currently exists on their balance. That is,\\n /// the `owner` could approve more balance than they currently have.\\n /// This works the same as `Bank.approve` function. The vault must\\n /// ensure the actual balance is checked before performing any action\\n /// based on it.\\n function receiveBalanceApproval(address owner, uint256 amount) external;\\n\\n /// @notice Called by the Bank in `increaseBalanceAndCall` function after\\n /// increasing the balance in the Bank for the vault. It happens in\\n /// the same transaction in which deposits were swept by the Bridge.\\n /// This allows the depositor to route their deposit revealed to the\\n /// Bridge to the particular smart contract (vault) in the same\\n /// transaction in which the deposit is revealed. This way, the\\n /// depositor does not have to execute additional transaction after\\n /// the deposit gets swept by the Bridge to approve and transfer\\n /// their balance to the vault.\\n /// @param depositors Addresses of depositors whose deposits have been swept\\n /// @param depositedAmounts Amounts deposited by individual depositors and\\n /// swept\\n /// @dev The implementation must ensure this function can only be called\\n /// by the Bank. The Bank guarantees that the vault's balance was\\n /// increased by the sum of all deposited amounts before this function\\n /// is called, in the same transaction.\\n function receiveBalanceIncrease(\\n address[] calldata depositors,\\n uint256[] calldata depositedAmounts\\n ) external;\\n}\\n\",\"keccak256\":\"0x48d596548f2e6a69e31825f49882998789ea43ff5bcaeb5eea2d9b910577a5e9\",\"license\":\"MIT\"}},\"version\":1}",
2351
- "bytecode": "0x60806040523480156200001157600080fd5b5060405162004504380380620045048339810160408190526200003491620003ac565b84848484846001600160a01b038516620000955760405162461bcd60e51b815260206004820152601b60248201527f42616e6b20616464726573732063616e6e6f74206265207a65726f000000000060448201526064015b60405180910390fd5b600180546001600160a01b0319166001600160a01b03878116919091179091558416620001055760405162461bcd60e51b815260206004820152601c60248201527f52656c617920616464726573732063616e6e6f74206265207a65726f0000000060448201526064016200008c565b600280546001600160a01b0319166001600160a01b038681169190911790915582166200018a5760405162461bcd60e51b815260206004820152602c60248201527f45434453412057616c6c6574205265676973747279206164647265737320636160448201526b6e6e6f74206265207a65726f60a01b60648201526084016200008c565b600380546001600160a01b0319166001600160a01b03848116919091179091558316620001fa5760405162461bcd60e51b815260206004820152601f60248201527f547265617375727920616464726573732063616e6e6f74206265207a65726f0060448201526064016200008c565b6005805460048390556001600160a01b0385166001600160e01b031991821617613d0960a61b17909155600680546001600160801b031990811669271000000000000007d090811790925560098054600a80549093169093179091556202a300600b55600c805469021e19e0c9bab24000006001600160601b031991821681179092556064600d81905593909416760f42400000000000004e2000093a80000000000000271017909155601080549093161790915560115562093a80601255671bc16d674ec800006013557eeff1000000000002faf08000000002540be4000000000005f5e10000093a80601655601780546001600160c01b0316621dcd6560c91b179055601880546234bc0063ffffffff199091161790556200031e336200032e565b5050505050505050505062000413565b600080546001600160a01b038381166001600160a01b031983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b80516001600160a01b0381168114620003a757600080fd5b919050565b600080600080600060a08688031215620003c557600080fd5b620003d0866200038f565b9450620003e0602087016200038f565b9350620003f0604087016200038f565b925062000400606087016200038f565b9150608086015190509295509295909350565b6140e180620004236000396000f3fe60806040526004361061034a5760003560e01c806375b922d1116101bb578063b216bd35116100f7578063d6eccdf011610095578063df7cd4ae1161006f578063df7cd4ae14610f9c578063e404c0a914610fe0578063e53c0b5514611000578063e65e19d51461103957600080fd5b8063d6eccdf014610f17578063d6ee3ecd14610f37578063ded1d24a14610f7057600080fd5b8063be05abe3116100d1578063be05abe314610e40578063c42b64d014610e8b578063c8b5d2db14610ed7578063d38bfff414610ef757600080fd5b8063b216bd3514610de0578063b34b321614610e00578063b8afb0a514610e2057600080fd5b8063a7738ab411610164578063abaeed8f1161013e578063abaeed8f14610bde578063b02c43d014610bfe578063b036c1ee14610d43578063b2146cd614610da057600080fd5b8063a7738ab414610b3f578063a8fa0f4214610b7e578063a9de2f3a14610b9e57600080fd5b80638c3992dd116101955780638c3992dd14610adf5780638d8191eb14610aff578063a145e2d514610b1f57600080fd5b806375b922d114610a5757806377145f2114610a9f578063883d6a1114610abf57600080fd5b80634fb1b4c61161028a57806360d712fc116102335780636c8541861161020d5780636c8541861461096d5780636d02b43c146109ac5780636e70ce41146109bf57806374babd9c14610a3757600080fd5b806360d712fc1461089257806361ccf97a146108b257806361d027b31461094f57600080fd5b806359e6a4561161026457806359e6a456146107f15780635aa6e6751461083a5780635c0b48121461087257600080fd5b80634fb1b4c614610791578063575e4279146107b157806359a9d90a146107d157600080fd5b80632bb818c2116102f757806331a4889a116102d157806331a4889a1461062957806333e957cb146106495780633c0038f4146107285780633dce98121461077157600080fd5b80632bb818c2146105cb5780632f429b64146105e9578063319a33a91461060957600080fd5b80631076088211610328578063107608821461055957806317c964001461057957806324028c111461059957600080fd5b806303d952f71461034f57806307f7d223146104795780630b6ba19d1461049b575b600080fd5b34801561035b57600080fd5b5061040d61036a366004612eb5565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600e6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b6040516104709190600060a0820190506001600160a01b038351168252602083015167ffffffffffffffff8082166020850152806040860151166040850152806060860151166060850152505063ffffffff608084015116608083015292915050565b60405180910390f35b34801561048557600080fd5b50610499610494366004612f03565b611066565b005b3480156104a757600080fd5b5061040d6104b6366004612eb5565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600f6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b34801561056557600080fd5b50610499610574366004612f53565b6110ef565b34801561058557600080fd5b50610499610594366004612fa2565b611162565b3480156105a557600080fd5b50601754600160a01b900463ffffffff1660405163ffffffff9091168152602001610470565b3480156105d757600080fd5b50600454604051908152602001610470565b3480156105f557600080fd5b50610499610604366004612fff565b6111ce565b34801561061557600080fd5b50610499610624366004613085565b61125b565b34801561063557600080fd5b50610499610644366004613135565b6112eb565b34801561065557600080fd5b506106e4610664366004612eb5565b60408051608081018252600080825260208201819052918101829052606081019190915250600090815260146020908152604091829020825160808101845281546001600160a01b031681526001820154928101929092526002015463ffffffff81169282019290925264010000000090910460ff161515606082015290565b604051610470919081516001600160a01b031681526020808301519082015260408083015163ffffffff169082015260609182015115159181019190915260800190565b34801561073457600080fd5b506104996107433660046131b6565b6009805467ffffffffffffffff909216600160a01b0267ffffffffffffffff60a01b19909216919091179055565b34801561077d57600080fd5b5061049961078c3660046131d3565b61137d565b34801561079d57600080fd5b506104996107ac3660046131ff565b61140d565b3480156107bd57600080fd5b506104996107cc366004612f03565b611468565b3480156107dd57600080fd5b506104996107ec366004613273565b6114bd565b3480156107fd57600080fd5b5061049961080c3660046131b6565b6005805467ffffffffffffffff909216600160a01b0267ffffffffffffffff60a01b19909216919091179055565b34801561084657600080fd5b5060005461085a906001600160a01b031681565b6040516001600160a01b039091168152602001610470565b34801561087e57600080fd5b5061049961088d3660046132e8565b611514565b34801561089e57600080fd5b506104996108ad36600461336a565b611569565b3480156108be57600080fd5b506016546017546018546040805163ffffffff808616825267ffffffffffffffff640100000000870481166020840152600160601b8704811693830193909352600160a01b860483166060830152600160e01b9095048516608082015278010000000000000000000000000000000000000000000000009093041660a08301529190911660c082015260e001610470565b34801561095b57600080fd5b506005546001600160a01b031661085a565b34801561097957600080fd5b506104996109883660046131b6565b600a805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b6104996109ba366004613394565b611622565b3480156109cb57600080fd5b50600954600a54600b54600c54600d5460408051600160a01b90960467ffffffffffffffff90811687528086166020880152600160401b9095049094169385019390935260608401919091526bffffffffffffffffffffffff16608083015260a082015260c001610470565b348015610a4357600080fd5b50610499610a523660046133e7565b61167b565b348015610a6357600080fd5b50601054601154601254601354604080516bffffffffffffffffffffffff90951685526020850193909352918301526060820152608001610470565b348015610aab57600080fd5b50610499610aba36600461345c565b611737565b348015610acb57600080fd5b50610499610ada3660046134ef565b611792565b348015610aeb57600080fd5b50610499610afa366004613585565b6117fd565b348015610b0b57600080fd5b50610499610b1a3660046135b5565b611864565b348015610b2b57600080fd5b50610499610b3a3660046135e8565b6118f6565b348015610b4b57600080fd5b50610499610b5a3660046131b6565b6009805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b348015610b8a57600080fd5b50610499610b993660046131d3565b611949565b348015610baa57600080fd5b50600154600254600354604080516001600160a01b0394851681529284166020840152921691810191909152606001610470565b348015610bea57600080fd5b50610499610bf9366004613604565b6119af565b348015610c0a57600080fd5b50610ccd610c19366004612eb5565b6040805160c081018252600080825260208201819052918101829052606081018290526080810182905260a081019190915250600090815260076020908152604091829020825160c08101845281546001600160a01b03808216835267ffffffffffffffff600160a01b80840482169685019690965263ffffffff600160e01b938490048116978501979097526001949094015490811660608401529384049092166080820152910490911660a082015290565b6040516104709190600060c0820190506001600160a01b03808451168352602084015167ffffffffffffffff80821660208601526040860151915063ffffffff80831660408701528360608801511660608701528160808801511660808701528060a08801511660a08701525050505092915050565b348015610d4f57600080fd5b50610499610d5e3660046131b6565b6006805467ffffffffffffffff909216600160401b027fffffffffffffffffffffffffffffffff0000000000000000ffffffffffffffff909216919091179055565b348015610dac57600080fd5b50610dd0610dbb366004612eb5565b60009081526015602052604090205460ff1690565b6040519015158152602001610470565b348015610dec57600080fd5b50610499610dfb3660046136a0565b611a47565b348015610e0c57600080fd5b50610499610e1b366004612fff565b611ab1565b348015610e2c57600080fd5b50610499610e3b3660046133e7565b611b0a565b348015610e4c57600080fd5b506009546040805167ffffffffffffffff808416825263ffffffff600160401b8504166020830152600160601b90930490921690820152606001610470565b348015610e9757600080fd5b5060055460065460408051600160a01b90930467ffffffffffffffff90811684528083166020850152600160401b90920490911690820152606001610470565b348015610ee357600080fd5b50610499610ef2366004613085565b611c02565b348015610f0357600080fd5b50610499610f1236600461370c565b611c10565b348015610f2357600080fd5b50610499610f32366004613727565b611cef565b348015610f4357600080fd5b50610499610f52366004613085565b6001600160601b031916600090815260196020526040812060010155565b348015610f7c57600080fd5b5060175460601b6040516001600160601b03199091168152602001610470565b348015610fa857600080fd5b50610499610fb7366004613085565b6017805473ffffffffffffffffffffffffffffffffffffffff191660609290921c919091179055565b348015610fec57600080fd5b50610499610ffb366004612f03565b611d4a565b34801561100c57600080fd5b50610dd061101b36600461370c565b6001600160a01b031660009081526008602052604090205460ff1690565b34801561104557600080fd5b50611059611054366004613085565b611df4565b60405161047091906137b7565b6040517f260b6cde000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e59063260b6cde906110bb9060019086908690600401613888565b60006040518083038186803b1580156110d357600080fd5b505af41580156110e7573d6000803e3d6000fd5b505050505050565b6000546001600160a01b0316331461114e5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e63650000000060448201526064015b60405180910390fd5b61115c600185858585611ef9565b50505050565b6000546001600160a01b031633146111bc5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6111c9600184848461206e565b505050565b6040517e92bac9000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e5906292bac990611225906001908890889088908890600401613a0f565b60006040518083038186803b15801561123d57600080fd5b505af4158015611251573d6000803e3d6000fd5b5050505050505050565b6040517fb45b31d5000000000000000000000000000000000000000000000000000000008152600160048201526001600160601b031982166024820152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e59063b45b31d5906044015b60006040518083038186803b1580156112d057600080fd5b505af41580156112e4573d6000803e3d6000fd5b5050505050565b6040517fa76558b3000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f9063a76558b3906113469060019089908990899089908990600401613aaf565b60006040518083038186803b15801561135e57600080fd5b505af4158015611372573d6000803e3d6000fd5b505050505050505050565b6040517fc87de7f4000000000000000000000000000000000000000000000000000000008152600160048201526024810183905260448101829052730AFdAcD509e73115EA1654B1a770f1a807e7c9C09063c87de7f4906064015b60006040518083038186803b1580156113f057600080fd5b505af4158015611404573d6000803e3d6000fd5b50505050505050565b6040517f89b43a8600000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e8544906389b43a86906113469060019089908990899089908990600401613afe565b6040517f99b0b847000000000000000000000000000000000000000000000000000000008152730AFdAcD509e73115EA1654B1a770f1a807e7c9C0906399b0b847906110bb9060019086908690600401613888565b6040517f510fc50a0000000000000000000000000000000000000000000000000000000081527355cb3b67D9E65F0Cf4eABCAC84564a1bE6E3b06A9063510fc50a906113d890600190879087908790600401613b3f565b6040517faea7fd0b00000000000000000000000000000000000000000000000000000000815273130A46b6E41DB6E1e18fb9c759F223c459190e909063aea7fd0b906110bb9060019086908690600401613b83565b6000546001600160a01b031633146115c35760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6001600160a01b038216600081815260086020908152604091829020805460ff191685151590811790915591519182527f9065599c12c4294d9e2201638226d0d0beb95c228f468c4e7c2bdb8322b6066f910160405180910390a25050565b6040517f3b5d9f2400000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e854490633b5d9f2490611225906001908890889088908890600401613c92565b60005b818110156111c957600083838381811061169a5761169a613cec565b905060600201600001358484848181106116b6576116b6613cec565b90506060020160200160208101906116ce9190613d02565b6040516020016116f592919091825260e01b6001600160e01b031916602082015260240190565b60408051601f198184030181529181528151602092830120600090815260159092529020805460ff19166001179055508061172f81613d35565b91505061167e565b6040517f624526fe00000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e85449063624526fe906113469060019089908990899089908990600401613d50565b6000546001600160a01b031633146117ec5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b611404600188888888888888612292565b6000546001600160a01b031633146118575760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6111c96001848484612662565b6001600160601b03198216600090815260196020526040902081906118898282613e0b565b506001905061189e60e0830160c08401613f4a565b60058111156118af576118af6137a1565b14156118f25760178054600160a01b900463ffffffff169060146118d283613f67565b91906101000a81548163ffffffff021916908363ffffffff160217905550505b5050565b6040517fd079fbb1000000000000000000000000000000000000000000000000000000008152730AFdAcD509e73115EA1654B1a770f1a807e7c9C09063d079fbb1906112b8906001908590600401613f8b565b6040517f4afbe4c900000000000000000000000000000000000000000000000000000000815260016004820152602481018490526044810183905260648101829052730AFdAcD509e73115EA1654B1a770f1a807e7c9C090634afbe4c9906084016113d8565b6040517fc8f77943000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e59063c8f7794390611a0e906001908b908b908b908b908b908b908b90600401613f9f565b60006040518083038186803b158015611a2657600080fd5b505af4158015611a3a573d6000803e3d6000fd5b5050505050505050505050565b6000546001600160a01b03163314611aa15760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6110e76001878787878787612883565b6040517fa164de6e000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f9063a164de6e90611225906001908890889088908890600401613a0f565b60005b818110156111c9576000838383818110611b2957611b29613cec565b90506060020160000135848484818110611b4557611b45613cec565b9050606002016020016020810190611b5d9190613d02565b604051602001611b8492919091825260e01b6001600160e01b031916602082015260240190565b60408051808303601f19018152918152815160209283012060009081526007909252902060010180547bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167f61d998e0000000000000000000000000000000000000000000000000000000001790555080611bfa81613d35565b915050611b0d565b611c0d600182612c06565b50565b6000546001600160a01b03163314611c6a5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6001600160a01b038116611ce65760405162461bcd60e51b815260206004820152602260248201527f4e657720676f7665726e616e636520697320746865207a65726f20616464726560448201527f73730000000000000000000000000000000000000000000000000000000000006064820152608401611145565b611c0d81612d5e565b6040517f7333b369000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f90637333b36990611346906001908990899089908990899060040161402f565b8035611d5c6040830160208401613d02565b611d6c60608401604085016131b6565b604051602001611dba9392919092835260e09190911b6001600160e01b031916602083015260c01b77ffffffffffffffffffffffffffffffffffffffffffffffff19166024820152602c0190565b60408051601f1981840301815291815281516020928301206001600160601b03199094166000908152601990925290206001019190915550565b6040805161010081018252600080825260208201819052918101829052606081018290526080810182905260a0810182905260c0810182905260e08101919091526001600160601b0319821660009081526019602090815260409182902082516101008101845281548152600182015492810192909252600281015467ffffffffffffffff81169383019390935263ffffffff600160401b840481166060840152600160601b840481166080840152600160801b84041660a0830152909160c083019060ff600160a01b909104166005811115611ed357611ed36137a1565b6005811115611ee457611ee46137a1565b81526020016003820154815250509050919050565b6064831115611f705760405162461bcd60e51b815260206004820152603e60248201527f4672617564206e6f74696669657220726577617264206d756c7469706c69657260448201527f206d75737420626520696e207468652072616e6765205b302c203130305d00006064820152608401611145565b60008211611fe65760405162461bcd60e51b815260206004820152603860248201527f4672617564206368616c6c656e6765206465666561742074696d656f7574206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611145565b600f850180546001600160601b0319166bffffffffffffffffffffffff861690811790915560108601849055601186018390556012860182905560408051918252602082018590528101839052606081018290527f05a00d49ab61707f55232992ae68b57d8ed6e071aa0f9b88f992f19215a5f0869060800160405180910390a15050505050565b60008367ffffffffffffffff16116120ee5760405162461bcd60e51b815260206004820152603060248201527f4465706f7369742064757374207468726573686f6c64206d757374206265206760448201527f726561746572207468616e207a65726f000000000000000000000000000000006064820152608401611145565b60008267ffffffffffffffff161161216e5760405162461bcd60e51b815260206004820152603660248201527f4465706f736974207472656173757279206665652064697669736f72206d757360448201527f742062652067726561746572207468616e207a65726f000000000000000000006064820152608401611145565b60008167ffffffffffffffff16116121ee5760405162461bcd60e51b815260206004820152603560248201527f4465706f736974207472616e73616374696f6e206d617820666565206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60048401805467ffffffffffffffff60a01b1916600160a01b67ffffffffffffffff868116918202929092179092556005860180548583166fffffffffffffffffffffffffffffffff199091168117600160401b938616938402179091556040805193845260208401919091528201527f1ced468902ca566e746a3c8c9516af81f8de9f1021c365083be9f2625ebfb7b5906060015b60405180910390a150505050565b8567ffffffffffffffff168567ffffffffffffffff16116123415760405162461bcd60e51b815260206004820152605960248201527f57616c6c6574206372656174696f6e206d6178696d756d204254432062616c6160448201527f6e6365206d7573742062652067726561746572207468616e207468652063726560648201527f6174696f6e206d696e696d756d204254432062616c616e636500000000000000608482015260a401611145565b60008467ffffffffffffffff16116123c15760405162461bcd60e51b815260206004820152603c60248201527f57616c6c657420636c6f73757265206d696e696d756d204254432062616c616e60448201527f6365206d7573742062652067726561746572207468616e207a65726f000000006064820152608401611145565b60008267ffffffffffffffff16116124415760405162461bcd60e51b815260206004820152603560248201527f57616c6c6574206d6178696d756d20425443207472616e73666572206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60008163ffffffff16116124bd5760405162461bcd60e51b815260206004820152602f60248201527f57616c6c657420636c6f73696e6720706572696f64206d75737420626520677260448201527f6561746572207468616e207a65726f00000000000000000000000000000000006064820152608401611145565b868860150160006101000a81548163ffffffff021916908363ffffffff160217905550858860150160046101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508488601501600c6101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550838860150160146101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508288601501601c6101000a81548163ffffffff021916908363ffffffff160217905550818860160160186101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550808860170160006101000a81548163ffffffff021916908363ffffffff1602179055507fc7d3a9af08692aeae771c329fddd95c7237a9f76fec996325f3959eeff07d4ac87878787878787604051612650979695949392919063ffffffff978816815267ffffffffffffffff968716602082015294861660408601529285166060850152908516608084015290921660a0820152911660c082015260e00190565b60405180910390a15050505050505050565b60008367ffffffffffffffff16116126e4576040805162461bcd60e51b81526020600482015260248101919091527f4d6f76696e672066756e6473207472616e73616374696f6e206d617820746f7460448201527f616c20666565206d7573742062652067726561746572207468616e207a65726f6064820152608401611145565b60008263ffffffff16116127605760405162461bcd60e51b815260206004820152602e60248201527f4d6f76696e672066756e64732074696d656f7574206d7573742062652067726560448201527f61746572207468616e207a65726f0000000000000000000000000000000000006064820152608401611145565b60008167ffffffffffffffff16116127e05760405162461bcd60e51b815260206004820152603560248201527f4d6f76696e672066756e64732064757374207468726573686f6c64206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60088401805467ffffffffffffffff838116600160601b81027fffffffffffffffffffffffff0000000000000000ffffffffffffffffffffffff63ffffffff8816600160401b81026001600160601b0319909616948a16948517959095171617909355604080519182526020820192909252908101919091527f3bc8e35585937de0df227d080c3587c7aadd7630aa377299d63a5bb67fc07d8a90606001612284565b60008667ffffffffffffffff16116129035760405162461bcd60e51b815260206004820152603360248201527f526564656d7074696f6e2064757374207468726573686f6c64206d757374206260448201527f652067726561746572207468616e207a65726f000000000000000000000000006064820152608401611145565b60008567ffffffffffffffff16116129835760405162461bcd60e51b815260206004820152603960248201527f526564656d7074696f6e207472656173757279206665652064697669736f722060448201527f6d7573742062652067726561746572207468616e207a65726f000000000000006064820152608401611145565b60008467ffffffffffffffff1611612a035760405162461bcd60e51b815260206004820152603860248201527f526564656d7074696f6e207472616e73616374696f6e206d617820666565206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611145565b60008311612a795760405162461bcd60e51b815260206004820152602c60248201527f526564656d7074696f6e2074696d656f7574206d75737420626520677265617460448201527f6572207468616e207a65726f00000000000000000000000000000000000000006064820152608401611145565b6064811115612b165760405162461bcd60e51b815260206004820152604b60248201527f526564656d7074696f6e2074696d656f7574206e6f746966696572207265776160448201527f7264206d756c7469706c696572206d75737420626520696e207468652072616e60648201527f6765205b302c203130305d000000000000000000000000000000000000000000608482015260a401611145565b60088701805467ffffffffffffffff60a01b1916600160a01b67ffffffffffffffff898116918202929092179092556009890180548883166fffffffffffffffffffffffffffffffff199091168117600160401b93891693840217909155600a8a01869055600b8a0180546001600160601b0319166bffffffffffffffffffffffff8716908117909155600c8b018590556040805194855260208501929092529083019190915260608201859052608082015260a081018290527f944cd06e316cc3da4159300dd41ab23416c89a5136c41fa79d57fe8a34bcc10f9060c00160405180910390a150505050505050565b6001600160601b031981166000908152601883016020526040902060036002820154600160a01b900460ff166005811115612c4357612c436137a1565b14612cb65760405162461bcd60e51b815260206004820152602560248201527f45434453412077616c6c6574206d75737420626520696e20436c6f73696e672060448201527f73746174650000000000000000000000000000000000000000000000000000006064820152608401611145565b60178301546002820154612cda9163ffffffff90811691600160801b900416614083565b63ffffffff164211612d545760405162461bcd60e51b815260206004820152602260248201527f436c6f73696e6720706572696f6420686173206e6f7420656c6170736564207960448201527f65740000000000000000000000000000000000000000000000000000000000006064820152608401611145565b6111c98383612dcc565b600080546001600160a01b0383811673ffffffffffffffffffffffffffffffffffffffff1983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b6001600160601b03198116600081815260188401602052604080822060028101805460ff60a01b191674040000000000000000000000000000000000000000179055805491519093927f47b159947c3066cb253f60e8f046cfd747411788a545cb189679e3fa1467b28d91a3600283015481546040517f343bb9270000000000000000000000000000000000000000000000000000000081526001600160a01b039092169163343bb92791612e879160040190815260200190565b600060405180830381600087803b158015612ea157600080fd5b505af1158015611404573d6000803e3d6000fd5b600060208284031215612ec757600080fd5b5035919050565b80356001600160601b031981168114612ee657600080fd5b919050565b600060608284031215612efd57600080fd5b50919050565b60008060808385031215612f1657600080fd5b612f1f83612ece565b9150612f2e8460208501612eeb565b90509250929050565b80356bffffffffffffffffffffffff81168114612ee657600080fd5b60008060008060808587031215612f6957600080fd5b612f7285612f37565b966020860135965060408601359560600135945092505050565b67ffffffffffffffff81168114611c0d57600080fd5b600080600060608486031215612fb757600080fd5b8335612fc281612f8c565b92506020840135612fd281612f8c565b91506040840135612fe281612f8c565b809150509250925092565b600060808284031215612efd57600080fd5b60008060008060c0858703121561301557600080fd5b843567ffffffffffffffff8082111561302d57600080fd5b61303988838901612fed565b9550602087013591508082111561304f57600080fd5b5061305c87828801612eeb565b93505061306c8660408701612eeb565b915061307a60a08601612ece565b905092959194509250565b60006020828403121561309757600080fd5b6130a082612ece565b9392505050565b60008083601f8401126130b957600080fd5b50813567ffffffffffffffff8111156130d157600080fd5b6020830191508360208260051b85010111156130ec57600080fd5b9250929050565b60008083601f84011261310557600080fd5b50813567ffffffffffffffff81111561311d57600080fd5b6020830191508360208285010111156130ec57600080fd5b60008060008060006060868803121561314d57600080fd5b61315686612ece565b9450602086013567ffffffffffffffff8082111561317357600080fd5b61317f89838a016130a7565b9096509450604088013591508082111561319857600080fd5b506131a5888289016130f3565b969995985093965092949392505050565b6000602082840312156131c857600080fd5b81356130a081612f8c565b6000806000606084860312156131e857600080fd5b505081359360208301359350604090920135919050565b60008060008060006060868803121561321757600080fd5b853567ffffffffffffffff8082111561322f57600080fd5b61323b89838a016130f3565b9097509550602088013591508082111561325457600080fd5b50613261888289016130a7565b96999598509660400135949350505050565b600080600060a0848603121561328857600080fd5b833567ffffffffffffffff808211156132a057600080fd5b6132ac87838801612fed565b945060208601359150808211156132c257600080fd5b506132cf86828701612eeb565b9250506132df8560408601612eeb565b90509250925092565b6000808284036101008112156132fd57600080fd5b833567ffffffffffffffff81111561331457600080fd5b61332086828701612fed565b93505060e0601f198201121561333557600080fd5b506020830190509250929050565b80356001600160a01b0381168114612ee657600080fd5b80358015158114612ee657600080fd5b6000806040838503121561337d57600080fd5b61338683613343565b9150612f2e6020840161335a565b60008060008060a085870312156133aa57600080fd5b843567ffffffffffffffff8111156133c157600080fd5b6133cd878288016130f3565b9095509350506020850135915061307a8660408701612eeb565b600080602083850312156133fa57600080fd5b823567ffffffffffffffff8082111561341257600080fd5b818501915085601f83011261342657600080fd5b81358181111561343557600080fd5b86602060608302850101111561344a57600080fd5b60209290920196919550909350505050565b60008060008060006060868803121561347457600080fd5b853567ffffffffffffffff8082111561348c57600080fd5b61349889838a016130f3565b909750955060208801359150808211156134b157600080fd5b506134be888289016130f3565b90945092506134d190506040870161335a565b90509295509295909350565b63ffffffff81168114611c0d57600080fd5b600080600080600080600060e0888a03121561350a57600080fd5b8735613515816134dd565b9650602088013561352581612f8c565b9550604088013561353581612f8c565b9450606088013561354581612f8c565b93506080880135613555816134dd565b925060a088013561356581612f8c565b915060c0880135613575816134dd565b8091505092959891949750929550565b60008060006060848603121561359a57600080fd5b83356135a581612f8c565b92506020840135612fd2816134dd565b6000808284036101208112156135ca57600080fd5b6135d384612ece565b9250610100601f198201121561333557600080fd5b6000606082840312156135fa57600080fd5b6130a08383612eeb565b600080600080600080600060e0888a03121561361f57600080fd5b61362888612ece565b96506136378960208a01612eeb565b9550608088013567ffffffffffffffff8082111561365457600080fd5b6136608b838c016130a7565b909750955060a08a0135945060c08a013591508082111561368057600080fd5b5061368d8a828b016130a7565b989b979a50959850939692959293505050565b60008060008060008060c087890312156136b957600080fd5b86356136c481612f8c565b955060208701356136d481612f8c565b945060408701356136e481612f8c565b9350606087013592506136f960808801612f37565b915060a087013590509295509295509295565b60006020828403121561371e57600080fd5b6130a082613343565b600080600080600060c0868803121561373f57600080fd5b61374886612ece565b94506137578760208801612eeb565b9350608086013567ffffffffffffffff81111561377357600080fd5b61377f888289016130f3565b90945092505060a086013561379381612f8c565b809150509295509295909350565b634e487b7160e01b600052602160045260246000fd5b600061010082019050825182526020830151602083015267ffffffffffffffff6040840151166040830152606083015163ffffffff80821660608501528060808601511660808501528060a08601511660a0850152505060c08301516006811061383157634e487b7160e01b600052602160045260246000fd5b8060c08401525060e083015160e083015292915050565b80358252602081013561385a816134dd565b63ffffffff166020830152604081013561387381612f8c565b67ffffffffffffffff81166040840152505050565b8381526001600160601b03198316602082015260a081016138ac6040830184613848565b949350505050565b80356001600160e01b031981168114612ee657600080fd5b6000808335601e198436030181126138e357600080fd5b830160208101925035905067ffffffffffffffff81111561390357600080fd5b8036038313156130ec57600080fd5b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b60006001600160e01b031980613950846138b4565b16845261396060208401846138cc565b60806020870152613975608087018284613912565b91505061398560408501856138cc565b8683036040880152613998838284613912565b92505050816139a9606086016138b4565b166060860152809250505092915050565b60006139c682836138cc565b606085526139d8606086018284613912565b915050602083013560208501526139f260408401846138cc565b8583036040870152613a05838284613912565b9695505050505050565b85815260e060208201526000613a2860e083018761393b565b8281036040840152613a3a81876139ba565b915050613a4a6060830185613848565b6bffffffffffffffffffffffff19831660c08301529695505050505050565b8183526000602080850194508260005b85811015613aa4578135613a8c816134dd565b63ffffffff1687529582019590820190600101613a79565b509495945050505050565b8681526bffffffffffffffffffffffff1986166020820152608060408201526000613ade608083018688613a69565b8281036060840152613af1818587613912565b9998505050505050505050565b868152608060208201526000613b18608083018789613912565b8281036040840152613b2b818688613a69565b915050826060830152979650505050505050565b84815260c060208201526000613b5860c083018661393b565b8281036040840152613b6a81866139ba565b915050613b7a6060830184613848565b95945050505050565b6000610120858352806020840152613b9d8184018661393b565b9150508235613bab816134dd565b63ffffffff1660408301526001600160a01b03613bca60208501613343565b166060830152604083013577ffffffffffffffffffffffffffffffffffffffffffffffff1981168114613bfc57600080fd5b77ffffffffffffffffffffffffffffffffffffffffffffffff19166080830152613c2860608401612ece565b6001600160601b03191660a0830152613c4360808401612ece565b6001600160601b03191660c0830152613c5e60a084016138b4565b6001600160e01b03191660e0830152613c7960c08401613343565b6001600160a01b03811661010084015250949350505050565b85815260c060208201526000613cac60c083018688613912565b90508360408301528235606083015260208301356080830152604083013560ff8116808214613cda57600080fd5b8060a085015250509695505050505050565b634e487b7160e01b600052603260045260246000fd5b600060208284031215613d1457600080fd5b81356130a0816134dd565b634e487b7160e01b600052601160045260246000fd5b6000600019821415613d4957613d49613d1f565b5060010190565b868152608060208201526000613d6a608083018789613912565b8281036040840152613d7d818688613912565b9150508215156060830152979650505050505050565b60008135613da0816134dd565b92915050565b60068110611c0d57600080fd5b60008135613da081613da6565b60068210613dde57634e487b7160e01b600052602160045260246000fd5b805474ff00000000000000000000000000000000000000008360a01b1660ff60a01b198216178255505050565b8135815560208201356001820155600281016040830135613e2b81612f8c565b67ffffffffffffffff8116905081548167ffffffffffffffff1982161783556060850135613e58816134dd565b6bffffffff00000000000000008160401b16836bffffffffffffffffffffffff19841617178455505050613ed2613e9160808501613d93565b82547fffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffff1660609190911b6fffffffff00000000000000000000000016178255565b613f26613ee160a08501613d93565b82547fffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffff1660809190911b73ffffffff0000000000000000000000000000000016178255565b613f3b613f3560c08501613db3565b82613dc0565b5060e082013560038201555050565b600060208284031215613f5c57600080fd5b81356130a081613da6565b600063ffffffff80831681811415613f8157613f81613d1f565b6001019392505050565b828152608081016130a06020830184613848565b60006101008a835260206bffffffffffffffffffffffff19808c1682860152613fcb604086018c613848565b8260a0860152613fde8386018a8c613a69565b60c0860189905285810360e0870152868152879350820160005b8781101561401d578261400a86612ece565b1682529383019390830190600101613ff8565b509d9c50505050505050505050505050565b8681526001600160601b03198616602082015261404f6040820186613848565b60e060a0820152600061406660e083018587613912565b905067ffffffffffffffff831660c0830152979650505050505050565b600063ffffffff8083168185168083038211156140a2576140a2613d1f565b0194935050505056fea2646970667358221220ccf2b3d768950944540e16a53bca322212cf3f94a049222961e026b51149868464736f6c63430008090033",
2352
- "deployedBytecode": "0x60806040526004361061034a5760003560e01c806375b922d1116101bb578063b216bd35116100f7578063d6eccdf011610095578063df7cd4ae1161006f578063df7cd4ae14610f9c578063e404c0a914610fe0578063e53c0b5514611000578063e65e19d51461103957600080fd5b8063d6eccdf014610f17578063d6ee3ecd14610f37578063ded1d24a14610f7057600080fd5b8063be05abe3116100d1578063be05abe314610e40578063c42b64d014610e8b578063c8b5d2db14610ed7578063d38bfff414610ef757600080fd5b8063b216bd3514610de0578063b34b321614610e00578063b8afb0a514610e2057600080fd5b8063a7738ab411610164578063abaeed8f1161013e578063abaeed8f14610bde578063b02c43d014610bfe578063b036c1ee14610d43578063b2146cd614610da057600080fd5b8063a7738ab414610b3f578063a8fa0f4214610b7e578063a9de2f3a14610b9e57600080fd5b80638c3992dd116101955780638c3992dd14610adf5780638d8191eb14610aff578063a145e2d514610b1f57600080fd5b806375b922d114610a5757806377145f2114610a9f578063883d6a1114610abf57600080fd5b80634fb1b4c61161028a57806360d712fc116102335780636c8541861161020d5780636c8541861461096d5780636d02b43c146109ac5780636e70ce41146109bf57806374babd9c14610a3757600080fd5b806360d712fc1461089257806361ccf97a146108b257806361d027b31461094f57600080fd5b806359e6a4561161026457806359e6a456146107f15780635aa6e6751461083a5780635c0b48121461087257600080fd5b80634fb1b4c614610791578063575e4279146107b157806359a9d90a146107d157600080fd5b80632bb818c2116102f757806331a4889a116102d157806331a4889a1461062957806333e957cb146106495780633c0038f4146107285780633dce98121461077157600080fd5b80632bb818c2146105cb5780632f429b64146105e9578063319a33a91461060957600080fd5b80631076088211610328578063107608821461055957806317c964001461057957806324028c111461059957600080fd5b806303d952f71461034f57806307f7d223146104795780630b6ba19d1461049b575b600080fd5b34801561035b57600080fd5b5061040d61036a366004612eb5565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600e6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b6040516104709190600060a0820190506001600160a01b038351168252602083015167ffffffffffffffff8082166020850152806040860151166040850152806060860151166060850152505063ffffffff608084015116608083015292915050565b60405180910390f35b34801561048557600080fd5b50610499610494366004612f03565b611066565b005b3480156104a757600080fd5b5061040d6104b6366004612eb5565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600f6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b34801561056557600080fd5b50610499610574366004612f53565b6110ef565b34801561058557600080fd5b50610499610594366004612fa2565b611162565b3480156105a557600080fd5b50601754600160a01b900463ffffffff1660405163ffffffff9091168152602001610470565b3480156105d757600080fd5b50600454604051908152602001610470565b3480156105f557600080fd5b50610499610604366004612fff565b6111ce565b34801561061557600080fd5b50610499610624366004613085565b61125b565b34801561063557600080fd5b50610499610644366004613135565b6112eb565b34801561065557600080fd5b506106e4610664366004612eb5565b60408051608081018252600080825260208201819052918101829052606081019190915250600090815260146020908152604091829020825160808101845281546001600160a01b031681526001820154928101929092526002015463ffffffff81169282019290925264010000000090910460ff161515606082015290565b604051610470919081516001600160a01b031681526020808301519082015260408083015163ffffffff169082015260609182015115159181019190915260800190565b34801561073457600080fd5b506104996107433660046131b6565b6009805467ffffffffffffffff909216600160a01b0267ffffffffffffffff60a01b19909216919091179055565b34801561077d57600080fd5b5061049961078c3660046131d3565b61137d565b34801561079d57600080fd5b506104996107ac3660046131ff565b61140d565b3480156107bd57600080fd5b506104996107cc366004612f03565b611468565b3480156107dd57600080fd5b506104996107ec366004613273565b6114bd565b3480156107fd57600080fd5b5061049961080c3660046131b6565b6005805467ffffffffffffffff909216600160a01b0267ffffffffffffffff60a01b19909216919091179055565b34801561084657600080fd5b5060005461085a906001600160a01b031681565b6040516001600160a01b039091168152602001610470565b34801561087e57600080fd5b5061049961088d3660046132e8565b611514565b34801561089e57600080fd5b506104996108ad36600461336a565b611569565b3480156108be57600080fd5b506016546017546018546040805163ffffffff808616825267ffffffffffffffff640100000000870481166020840152600160601b8704811693830193909352600160a01b860483166060830152600160e01b9095048516608082015278010000000000000000000000000000000000000000000000009093041660a08301529190911660c082015260e001610470565b34801561095b57600080fd5b506005546001600160a01b031661085a565b34801561097957600080fd5b506104996109883660046131b6565b600a805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b6104996109ba366004613394565b611622565b3480156109cb57600080fd5b50600954600a54600b54600c54600d5460408051600160a01b90960467ffffffffffffffff90811687528086166020880152600160401b9095049094169385019390935260608401919091526bffffffffffffffffffffffff16608083015260a082015260c001610470565b348015610a4357600080fd5b50610499610a523660046133e7565b61167b565b348015610a6357600080fd5b50601054601154601254601354604080516bffffffffffffffffffffffff90951685526020850193909352918301526060820152608001610470565b348015610aab57600080fd5b50610499610aba36600461345c565b611737565b348015610acb57600080fd5b50610499610ada3660046134ef565b611792565b348015610aeb57600080fd5b50610499610afa366004613585565b6117fd565b348015610b0b57600080fd5b50610499610b1a3660046135b5565b611864565b348015610b2b57600080fd5b50610499610b3a3660046135e8565b6118f6565b348015610b4b57600080fd5b50610499610b5a3660046131b6565b6009805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b348015610b8a57600080fd5b50610499610b993660046131d3565b611949565b348015610baa57600080fd5b50600154600254600354604080516001600160a01b0394851681529284166020840152921691810191909152606001610470565b348015610bea57600080fd5b50610499610bf9366004613604565b6119af565b348015610c0a57600080fd5b50610ccd610c19366004612eb5565b6040805160c081018252600080825260208201819052918101829052606081018290526080810182905260a081019190915250600090815260076020908152604091829020825160c08101845281546001600160a01b03808216835267ffffffffffffffff600160a01b80840482169685019690965263ffffffff600160e01b938490048116978501979097526001949094015490811660608401529384049092166080820152910490911660a082015290565b6040516104709190600060c0820190506001600160a01b03808451168352602084015167ffffffffffffffff80821660208601526040860151915063ffffffff80831660408701528360608801511660608701528160808801511660808701528060a08801511660a08701525050505092915050565b348015610d4f57600080fd5b50610499610d5e3660046131b6565b6006805467ffffffffffffffff909216600160401b027fffffffffffffffffffffffffffffffff0000000000000000ffffffffffffffff909216919091179055565b348015610dac57600080fd5b50610dd0610dbb366004612eb5565b60009081526015602052604090205460ff1690565b6040519015158152602001610470565b348015610dec57600080fd5b50610499610dfb3660046136a0565b611a47565b348015610e0c57600080fd5b50610499610e1b366004612fff565b611ab1565b348015610e2c57600080fd5b50610499610e3b3660046133e7565b611b0a565b348015610e4c57600080fd5b506009546040805167ffffffffffffffff808416825263ffffffff600160401b8504166020830152600160601b90930490921690820152606001610470565b348015610e9757600080fd5b5060055460065460408051600160a01b90930467ffffffffffffffff90811684528083166020850152600160401b90920490911690820152606001610470565b348015610ee357600080fd5b50610499610ef2366004613085565b611c02565b348015610f0357600080fd5b50610499610f1236600461370c565b611c10565b348015610f2357600080fd5b50610499610f32366004613727565b611cef565b348015610f4357600080fd5b50610499610f52366004613085565b6001600160601b031916600090815260196020526040812060010155565b348015610f7c57600080fd5b5060175460601b6040516001600160601b03199091168152602001610470565b348015610fa857600080fd5b50610499610fb7366004613085565b6017805473ffffffffffffffffffffffffffffffffffffffff191660609290921c919091179055565b348015610fec57600080fd5b50610499610ffb366004612f03565b611d4a565b34801561100c57600080fd5b50610dd061101b36600461370c565b6001600160a01b031660009081526008602052604090205460ff1690565b34801561104557600080fd5b50611059611054366004613085565b611df4565b60405161047091906137b7565b6040517f260b6cde00000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__9063260b6cde906110bb9060019086908690600401613888565b60006040518083038186803b1580156110d357600080fd5b505af41580156110e7573d6000803e3d6000fd5b505050505050565b6000546001600160a01b0316331461114e5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e63650000000060448201526064015b60405180910390fd5b61115c600185858585611ef9565b50505050565b6000546001600160a01b031633146111bc5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6111c9600184848461206e565b505050565b6040517e92bac900000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__906292bac990611225906001908890889088908890600401613a0f565b60006040518083038186803b15801561123d57600080fd5b505af4158015611251573d6000803e3d6000fd5b5050505050505050565b6040517fb45b31d5000000000000000000000000000000000000000000000000000000008152600160048201526001600160601b03198216602482015273__$edce581bb06331cf4dae1387760565e5d1$__9063b45b31d5906044015b60006040518083038186803b1580156112d057600080fd5b505af41580156112e4573d6000803e3d6000fd5b5050505050565b6040517fa76558b300000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__9063a76558b3906113469060019089908990899089908990600401613aaf565b60006040518083038186803b15801561135e57600080fd5b505af4158015611372573d6000803e3d6000fd5b505050505050505050565b6040517fc87de7f400000000000000000000000000000000000000000000000000000000815260016004820152602481018390526044810182905273__$0f118c52967a3847a37f0a2ef02ffcee04$__9063c87de7f4906064015b60006040518083038186803b1580156113f057600080fd5b505af4158015611404573d6000803e3d6000fd5b50505050505050565b6040517f89b43a8600000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__906389b43a86906113469060019089908990899089908990600401613afe565b6040517f99b0b84700000000000000000000000000000000000000000000000000000000815273__$0f118c52967a3847a37f0a2ef02ffcee04$__906399b0b847906110bb9060019086908690600401613888565b6040517f510fc50a00000000000000000000000000000000000000000000000000000000815273__$61f169726e973bba1227e0c23d2755f88e$__9063510fc50a906113d890600190879087908790600401613b3f565b6040517faea7fd0b00000000000000000000000000000000000000000000000000000000815273__$894ce12e79ca3e5683c1b49e363f37fa22$__9063aea7fd0b906110bb9060019086908690600401613b83565b6000546001600160a01b031633146115c35760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6001600160a01b038216600081815260086020908152604091829020805460ff191685151590811790915591519182527f9065599c12c4294d9e2201638226d0d0beb95c228f468c4e7c2bdb8322b6066f910160405180910390a25050565b6040517f3b5d9f2400000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__90633b5d9f2490611225906001908890889088908890600401613c92565b60005b818110156111c957600083838381811061169a5761169a613cec565b905060600201600001358484848181106116b6576116b6613cec565b90506060020160200160208101906116ce9190613d02565b6040516020016116f592919091825260e01b6001600160e01b031916602082015260240190565b60408051601f198184030181529181528151602092830120600090815260159092529020805460ff19166001179055508061172f81613d35565b91505061167e565b6040517f624526fe00000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__9063624526fe906113469060019089908990899089908990600401613d50565b6000546001600160a01b031633146117ec5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b611404600188888888888888612292565b6000546001600160a01b031633146118575760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6111c96001848484612662565b6001600160601b03198216600090815260196020526040902081906118898282613e0b565b506001905061189e60e0830160c08401613f4a565b60058111156118af576118af6137a1565b14156118f25760178054600160a01b900463ffffffff169060146118d283613f67565b91906101000a81548163ffffffff021916908363ffffffff160217905550505b5050565b6040517fd079fbb100000000000000000000000000000000000000000000000000000000815273__$0f118c52967a3847a37f0a2ef02ffcee04$__9063d079fbb1906112b8906001908590600401613f8b565b6040517f4afbe4c90000000000000000000000000000000000000000000000000000000081526001600482015260248101849052604481018390526064810182905273__$0f118c52967a3847a37f0a2ef02ffcee04$__90634afbe4c9906084016113d8565b6040517fc8f7794300000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__9063c8f7794390611a0e906001908b908b908b908b908b908b908b90600401613f9f565b60006040518083038186803b158015611a2657600080fd5b505af4158015611a3a573d6000803e3d6000fd5b5050505050505050505050565b6000546001600160a01b03163314611aa15760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6110e76001878787878787612883565b6040517fa164de6e00000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__9063a164de6e90611225906001908890889088908890600401613a0f565b60005b818110156111c9576000838383818110611b2957611b29613cec565b90506060020160000135848484818110611b4557611b45613cec565b9050606002016020016020810190611b5d9190613d02565b604051602001611b8492919091825260e01b6001600160e01b031916602082015260240190565b60408051808303601f19018152918152815160209283012060009081526007909252902060010180547bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167f61d998e0000000000000000000000000000000000000000000000000000000001790555080611bfa81613d35565b915050611b0d565b611c0d600182612c06565b50565b6000546001600160a01b03163314611c6a5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611145565b6001600160a01b038116611ce65760405162461bcd60e51b815260206004820152602260248201527f4e657720676f7665726e616e636520697320746865207a65726f20616464726560448201527f73730000000000000000000000000000000000000000000000000000000000006064820152608401611145565b611c0d81612d5e565b6040517f7333b36900000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__90637333b36990611346906001908990899089908990899060040161402f565b8035611d5c6040830160208401613d02565b611d6c60608401604085016131b6565b604051602001611dba9392919092835260e09190911b6001600160e01b031916602083015260c01b77ffffffffffffffffffffffffffffffffffffffffffffffff19166024820152602c0190565b60408051601f1981840301815291815281516020928301206001600160601b03199094166000908152601990925290206001019190915550565b6040805161010081018252600080825260208201819052918101829052606081018290526080810182905260a0810182905260c0810182905260e08101919091526001600160601b0319821660009081526019602090815260409182902082516101008101845281548152600182015492810192909252600281015467ffffffffffffffff81169383019390935263ffffffff600160401b840481166060840152600160601b840481166080840152600160801b84041660a0830152909160c083019060ff600160a01b909104166005811115611ed357611ed36137a1565b6005811115611ee457611ee46137a1565b81526020016003820154815250509050919050565b6064831115611f705760405162461bcd60e51b815260206004820152603e60248201527f4672617564206e6f74696669657220726577617264206d756c7469706c69657260448201527f206d75737420626520696e207468652072616e6765205b302c203130305d00006064820152608401611145565b60008211611fe65760405162461bcd60e51b815260206004820152603860248201527f4672617564206368616c6c656e6765206465666561742074696d656f7574206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611145565b600f850180546001600160601b0319166bffffffffffffffffffffffff861690811790915560108601849055601186018390556012860182905560408051918252602082018590528101839052606081018290527f05a00d49ab61707f55232992ae68b57d8ed6e071aa0f9b88f992f19215a5f0869060800160405180910390a15050505050565b60008367ffffffffffffffff16116120ee5760405162461bcd60e51b815260206004820152603060248201527f4465706f7369742064757374207468726573686f6c64206d757374206265206760448201527f726561746572207468616e207a65726f000000000000000000000000000000006064820152608401611145565b60008267ffffffffffffffff161161216e5760405162461bcd60e51b815260206004820152603660248201527f4465706f736974207472656173757279206665652064697669736f72206d757360448201527f742062652067726561746572207468616e207a65726f000000000000000000006064820152608401611145565b60008167ffffffffffffffff16116121ee5760405162461bcd60e51b815260206004820152603560248201527f4465706f736974207472616e73616374696f6e206d617820666565206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60048401805467ffffffffffffffff60a01b1916600160a01b67ffffffffffffffff868116918202929092179092556005860180548583166fffffffffffffffffffffffffffffffff199091168117600160401b938616938402179091556040805193845260208401919091528201527f1ced468902ca566e746a3c8c9516af81f8de9f1021c365083be9f2625ebfb7b5906060015b60405180910390a150505050565b8567ffffffffffffffff168567ffffffffffffffff16116123415760405162461bcd60e51b815260206004820152605960248201527f57616c6c6574206372656174696f6e206d6178696d756d204254432062616c6160448201527f6e6365206d7573742062652067726561746572207468616e207468652063726560648201527f6174696f6e206d696e696d756d204254432062616c616e636500000000000000608482015260a401611145565b60008467ffffffffffffffff16116123c15760405162461bcd60e51b815260206004820152603c60248201527f57616c6c657420636c6f73757265206d696e696d756d204254432062616c616e60448201527f6365206d7573742062652067726561746572207468616e207a65726f000000006064820152608401611145565b60008267ffffffffffffffff16116124415760405162461bcd60e51b815260206004820152603560248201527f57616c6c6574206d6178696d756d20425443207472616e73666572206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60008163ffffffff16116124bd5760405162461bcd60e51b815260206004820152602f60248201527f57616c6c657420636c6f73696e6720706572696f64206d75737420626520677260448201527f6561746572207468616e207a65726f00000000000000000000000000000000006064820152608401611145565b868860150160006101000a81548163ffffffff021916908363ffffffff160217905550858860150160046101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508488601501600c6101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550838860150160146101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508288601501601c6101000a81548163ffffffff021916908363ffffffff160217905550818860160160186101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550808860170160006101000a81548163ffffffff021916908363ffffffff1602179055507fc7d3a9af08692aeae771c329fddd95c7237a9f76fec996325f3959eeff07d4ac87878787878787604051612650979695949392919063ffffffff978816815267ffffffffffffffff968716602082015294861660408601529285166060850152908516608084015290921660a0820152911660c082015260e00190565b60405180910390a15050505050505050565b60008367ffffffffffffffff16116126e4576040805162461bcd60e51b81526020600482015260248101919091527f4d6f76696e672066756e6473207472616e73616374696f6e206d617820746f7460448201527f616c20666565206d7573742062652067726561746572207468616e207a65726f6064820152608401611145565b60008263ffffffff16116127605760405162461bcd60e51b815260206004820152602e60248201527f4d6f76696e672066756e64732074696d656f7574206d7573742062652067726560448201527f61746572207468616e207a65726f0000000000000000000000000000000000006064820152608401611145565b60008167ffffffffffffffff16116127e05760405162461bcd60e51b815260206004820152603560248201527f4d6f76696e672066756e64732064757374207468726573686f6c64206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611145565b60088401805467ffffffffffffffff838116600160601b81027fffffffffffffffffffffffff0000000000000000ffffffffffffffffffffffff63ffffffff8816600160401b81026001600160601b0319909616948a16948517959095171617909355604080519182526020820192909252908101919091527f3bc8e35585937de0df227d080c3587c7aadd7630aa377299d63a5bb67fc07d8a90606001612284565b60008667ffffffffffffffff16116129035760405162461bcd60e51b815260206004820152603360248201527f526564656d7074696f6e2064757374207468726573686f6c64206d757374206260448201527f652067726561746572207468616e207a65726f000000000000000000000000006064820152608401611145565b60008567ffffffffffffffff16116129835760405162461bcd60e51b815260206004820152603960248201527f526564656d7074696f6e207472656173757279206665652064697669736f722060448201527f6d7573742062652067726561746572207468616e207a65726f000000000000006064820152608401611145565b60008467ffffffffffffffff1611612a035760405162461bcd60e51b815260206004820152603860248201527f526564656d7074696f6e207472616e73616374696f6e206d617820666565206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611145565b60008311612a795760405162461bcd60e51b815260206004820152602c60248201527f526564656d7074696f6e2074696d656f7574206d75737420626520677265617460448201527f6572207468616e207a65726f00000000000000000000000000000000000000006064820152608401611145565b6064811115612b165760405162461bcd60e51b815260206004820152604b60248201527f526564656d7074696f6e2074696d656f7574206e6f746966696572207265776160448201527f7264206d756c7469706c696572206d75737420626520696e207468652072616e60648201527f6765205b302c203130305d000000000000000000000000000000000000000000608482015260a401611145565b60088701805467ffffffffffffffff60a01b1916600160a01b67ffffffffffffffff898116918202929092179092556009890180548883166fffffffffffffffffffffffffffffffff199091168117600160401b93891693840217909155600a8a01869055600b8a0180546001600160601b0319166bffffffffffffffffffffffff8716908117909155600c8b018590556040805194855260208501929092529083019190915260608201859052608082015260a081018290527f944cd06e316cc3da4159300dd41ab23416c89a5136c41fa79d57fe8a34bcc10f9060c00160405180910390a150505050505050565b6001600160601b031981166000908152601883016020526040902060036002820154600160a01b900460ff166005811115612c4357612c436137a1565b14612cb65760405162461bcd60e51b815260206004820152602560248201527f45434453412077616c6c6574206d75737420626520696e20436c6f73696e672060448201527f73746174650000000000000000000000000000000000000000000000000000006064820152608401611145565b60178301546002820154612cda9163ffffffff90811691600160801b900416614083565b63ffffffff164211612d545760405162461bcd60e51b815260206004820152602260248201527f436c6f73696e6720706572696f6420686173206e6f7420656c6170736564207960448201527f65740000000000000000000000000000000000000000000000000000000000006064820152608401611145565b6111c98383612dcc565b600080546001600160a01b0383811673ffffffffffffffffffffffffffffffffffffffff1983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b6001600160601b03198116600081815260188401602052604080822060028101805460ff60a01b191674040000000000000000000000000000000000000000179055805491519093927f47b159947c3066cb253f60e8f046cfd747411788a545cb189679e3fa1467b28d91a3600283015481546040517f343bb9270000000000000000000000000000000000000000000000000000000081526001600160a01b039092169163343bb92791612e879160040190815260200190565b600060405180830381600087803b158015612ea157600080fd5b505af1158015611404573d6000803e3d6000fd5b600060208284031215612ec757600080fd5b5035919050565b80356001600160601b031981168114612ee657600080fd5b919050565b600060608284031215612efd57600080fd5b50919050565b60008060808385031215612f1657600080fd5b612f1f83612ece565b9150612f2e8460208501612eeb565b90509250929050565b80356bffffffffffffffffffffffff81168114612ee657600080fd5b60008060008060808587031215612f6957600080fd5b612f7285612f37565b966020860135965060408601359560600135945092505050565b67ffffffffffffffff81168114611c0d57600080fd5b600080600060608486031215612fb757600080fd5b8335612fc281612f8c565b92506020840135612fd281612f8c565b91506040840135612fe281612f8c565b809150509250925092565b600060808284031215612efd57600080fd5b60008060008060c0858703121561301557600080fd5b843567ffffffffffffffff8082111561302d57600080fd5b61303988838901612fed565b9550602087013591508082111561304f57600080fd5b5061305c87828801612eeb565b93505061306c8660408701612eeb565b915061307a60a08601612ece565b905092959194509250565b60006020828403121561309757600080fd5b6130a082612ece565b9392505050565b60008083601f8401126130b957600080fd5b50813567ffffffffffffffff8111156130d157600080fd5b6020830191508360208260051b85010111156130ec57600080fd5b9250929050565b60008083601f84011261310557600080fd5b50813567ffffffffffffffff81111561311d57600080fd5b6020830191508360208285010111156130ec57600080fd5b60008060008060006060868803121561314d57600080fd5b61315686612ece565b9450602086013567ffffffffffffffff8082111561317357600080fd5b61317f89838a016130a7565b9096509450604088013591508082111561319857600080fd5b506131a5888289016130f3565b969995985093965092949392505050565b6000602082840312156131c857600080fd5b81356130a081612f8c565b6000806000606084860312156131e857600080fd5b505081359360208301359350604090920135919050565b60008060008060006060868803121561321757600080fd5b853567ffffffffffffffff8082111561322f57600080fd5b61323b89838a016130f3565b9097509550602088013591508082111561325457600080fd5b50613261888289016130a7565b96999598509660400135949350505050565b600080600060a0848603121561328857600080fd5b833567ffffffffffffffff808211156132a057600080fd5b6132ac87838801612fed565b945060208601359150808211156132c257600080fd5b506132cf86828701612eeb565b9250506132df8560408601612eeb565b90509250925092565b6000808284036101008112156132fd57600080fd5b833567ffffffffffffffff81111561331457600080fd5b61332086828701612fed565b93505060e0601f198201121561333557600080fd5b506020830190509250929050565b80356001600160a01b0381168114612ee657600080fd5b80358015158114612ee657600080fd5b6000806040838503121561337d57600080fd5b61338683613343565b9150612f2e6020840161335a565b60008060008060a085870312156133aa57600080fd5b843567ffffffffffffffff8111156133c157600080fd5b6133cd878288016130f3565b9095509350506020850135915061307a8660408701612eeb565b600080602083850312156133fa57600080fd5b823567ffffffffffffffff8082111561341257600080fd5b818501915085601f83011261342657600080fd5b81358181111561343557600080fd5b86602060608302850101111561344a57600080fd5b60209290920196919550909350505050565b60008060008060006060868803121561347457600080fd5b853567ffffffffffffffff8082111561348c57600080fd5b61349889838a016130f3565b909750955060208801359150808211156134b157600080fd5b506134be888289016130f3565b90945092506134d190506040870161335a565b90509295509295909350565b63ffffffff81168114611c0d57600080fd5b600080600080600080600060e0888a03121561350a57600080fd5b8735613515816134dd565b9650602088013561352581612f8c565b9550604088013561353581612f8c565b9450606088013561354581612f8c565b93506080880135613555816134dd565b925060a088013561356581612f8c565b915060c0880135613575816134dd565b8091505092959891949750929550565b60008060006060848603121561359a57600080fd5b83356135a581612f8c565b92506020840135612fd2816134dd565b6000808284036101208112156135ca57600080fd5b6135d384612ece565b9250610100601f198201121561333557600080fd5b6000606082840312156135fa57600080fd5b6130a08383612eeb565b600080600080600080600060e0888a03121561361f57600080fd5b61362888612ece565b96506136378960208a01612eeb565b9550608088013567ffffffffffffffff8082111561365457600080fd5b6136608b838c016130a7565b909750955060a08a0135945060c08a013591508082111561368057600080fd5b5061368d8a828b016130a7565b989b979a50959850939692959293505050565b60008060008060008060c087890312156136b957600080fd5b86356136c481612f8c565b955060208701356136d481612f8c565b945060408701356136e481612f8c565b9350606087013592506136f960808801612f37565b915060a087013590509295509295509295565b60006020828403121561371e57600080fd5b6130a082613343565b600080600080600060c0868803121561373f57600080fd5b61374886612ece565b94506137578760208801612eeb565b9350608086013567ffffffffffffffff81111561377357600080fd5b61377f888289016130f3565b90945092505060a086013561379381612f8c565b809150509295509295909350565b634e487b7160e01b600052602160045260246000fd5b600061010082019050825182526020830151602083015267ffffffffffffffff6040840151166040830152606083015163ffffffff80821660608501528060808601511660808501528060a08601511660a0850152505060c08301516006811061383157634e487b7160e01b600052602160045260246000fd5b8060c08401525060e083015160e083015292915050565b80358252602081013561385a816134dd565b63ffffffff166020830152604081013561387381612f8c565b67ffffffffffffffff81166040840152505050565b8381526001600160601b03198316602082015260a081016138ac6040830184613848565b949350505050565b80356001600160e01b031981168114612ee657600080fd5b6000808335601e198436030181126138e357600080fd5b830160208101925035905067ffffffffffffffff81111561390357600080fd5b8036038313156130ec57600080fd5b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b60006001600160e01b031980613950846138b4565b16845261396060208401846138cc565b60806020870152613975608087018284613912565b91505061398560408501856138cc565b8683036040880152613998838284613912565b92505050816139a9606086016138b4565b166060860152809250505092915050565b60006139c682836138cc565b606085526139d8606086018284613912565b915050602083013560208501526139f260408401846138cc565b8583036040870152613a05838284613912565b9695505050505050565b85815260e060208201526000613a2860e083018761393b565b8281036040840152613a3a81876139ba565b915050613a4a6060830185613848565b6bffffffffffffffffffffffff19831660c08301529695505050505050565b8183526000602080850194508260005b85811015613aa4578135613a8c816134dd565b63ffffffff1687529582019590820190600101613a79565b509495945050505050565b8681526bffffffffffffffffffffffff1986166020820152608060408201526000613ade608083018688613a69565b8281036060840152613af1818587613912565b9998505050505050505050565b868152608060208201526000613b18608083018789613912565b8281036040840152613b2b818688613a69565b915050826060830152979650505050505050565b84815260c060208201526000613b5860c083018661393b565b8281036040840152613b6a81866139ba565b915050613b7a6060830184613848565b95945050505050565b6000610120858352806020840152613b9d8184018661393b565b9150508235613bab816134dd565b63ffffffff1660408301526001600160a01b03613bca60208501613343565b166060830152604083013577ffffffffffffffffffffffffffffffffffffffffffffffff1981168114613bfc57600080fd5b77ffffffffffffffffffffffffffffffffffffffffffffffff19166080830152613c2860608401612ece565b6001600160601b03191660a0830152613c4360808401612ece565b6001600160601b03191660c0830152613c5e60a084016138b4565b6001600160e01b03191660e0830152613c7960c08401613343565b6001600160a01b03811661010084015250949350505050565b85815260c060208201526000613cac60c083018688613912565b90508360408301528235606083015260208301356080830152604083013560ff8116808214613cda57600080fd5b8060a085015250509695505050505050565b634e487b7160e01b600052603260045260246000fd5b600060208284031215613d1457600080fd5b81356130a0816134dd565b634e487b7160e01b600052601160045260246000fd5b6000600019821415613d4957613d49613d1f565b5060010190565b868152608060208201526000613d6a608083018789613912565b8281036040840152613d7d818688613912565b9150508215156060830152979650505050505050565b60008135613da0816134dd565b92915050565b60068110611c0d57600080fd5b60008135613da081613da6565b60068210613dde57634e487b7160e01b600052602160045260246000fd5b805474ff00000000000000000000000000000000000000008360a01b1660ff60a01b198216178255505050565b8135815560208201356001820155600281016040830135613e2b81612f8c565b67ffffffffffffffff8116905081548167ffffffffffffffff1982161783556060850135613e58816134dd565b6bffffffff00000000000000008160401b16836bffffffffffffffffffffffff19841617178455505050613ed2613e9160808501613d93565b82547fffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffff1660609190911b6fffffffff00000000000000000000000016178255565b613f26613ee160a08501613d93565b82547fffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffff1660809190911b73ffffffff0000000000000000000000000000000016178255565b613f3b613f3560c08501613db3565b82613dc0565b5060e082013560038201555050565b600060208284031215613f5c57600080fd5b81356130a081613da6565b600063ffffffff80831681811415613f8157613f81613d1f565b6001019392505050565b828152608081016130a06020830184613848565b60006101008a835260206bffffffffffffffffffffffff19808c1682860152613fcb604086018c613848565b8260a0860152613fde8386018a8c613a69565b60c0860189905285810360e0870152868152879350820160005b8781101561401d578261400a86612ece565b1682529383019390830190600101613ff8565b509d9c50505050505050505050505050565b8681526001600160601b03198616602082015261404f6040820186613848565b60e060a0820152600061406660e083018587613912565b905067ffffffffffffffff831660c0830152979650505050505050565b600063ffffffff8083168185168083038211156140a2576140a2613d1f565b0194935050505056fea2646970667358221220ccf2b3d768950944540e16a53bca322212cf3f94a049222961e026b51149868464736f6c63430008090033",
2373
+ "solcInputHash": "799c7b289d9b6d9cfc600d2fc23c7b64",
2374
+ "metadata": "{\"compiler\":{\"version\":\"0.8.9+commit.e5eed63a\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"_bank\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_relay\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_treasury\",\"type\":\"address\"},{\"internalType\":\"address\",\"name\":\"_walletRegistry\",\"type\":\"address\"},{\"internalType\":\"uint256\",\"name\":\"_txProofDifficultyFactor\",\"type\":\"uint256\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"DepositParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"fundingTxHash\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"fundingOutputIndex\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"bytes8\",\"name\":\"blindingFactor\",\"type\":\"bytes8\"},{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"refundPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes4\",\"name\":\"refundLocktime\",\"type\":\"bytes4\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"name\":\"DepositRevealed\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sweepTxHash\",\"type\":\"bytes32\"}],\"name\":\"DepositsSwept\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeDefeatTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeDefeated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"uint8\",\"name\":\"v\",\"type\":\"uint8\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"r\",\"type\":\"bytes32\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"s\",\"type\":\"bytes32\"}],\"name\":\"FraudChallengeSubmitted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"name\":\"FraudParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"address\",\"name\":\"oldGovernance\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"newGovernance\",\"type\":\"address\"}],\"name\":\"GovernanceTransferred\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"MovingFundsBelowDustReported\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes20[]\",\"name\":\"targetWallets\",\"type\":\"bytes20[]\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"submitter\",\"type\":\"address\"}],\"name\":\"MovingFundsCommitmentSubmitted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"movingFundsTxHash\",\"type\":\"bytes32\"}],\"name\":\"MovingFundsCompleted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint96\",\"name\":\"movingFundsTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"movingFundsTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"name\":\"MovingFundsParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"MovingFundsTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"NewWalletRegistered\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[],\"name\":\"NewWalletRequested\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"indexed\":false,\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"name\":\"RedemptionParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"}],\"name\":\"RedemptionRequested\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"}],\"name\":\"RedemptionTimedOut\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"indexed\":false,\"internalType\":\"bytes32\",\"name\":\"redemptionTxHash\",\"type\":\"bytes32\"}],\"name\":\"RedemptionsCompleted\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"indexed\":false,\"internalType\":\"bool\",\"name\":\"isTrusted\",\"type\":\"bool\"}],\"name\":\"VaultStatusUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletClosed\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletClosing\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletMovingFunds\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"indexed\":false,\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"indexed\":false,\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"name\":\"WalletParametersUpdated\",\"type\":\"event\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"indexed\":true,\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"WalletTerminated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyX\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyY\",\"type\":\"bytes32\"}],\"name\":\"__ecdsaWalletCreatedCallback\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyX\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"publicKeyY\",\"type\":\"bytes32\"}],\"name\":\"__ecdsaWalletHeartbeatFailedCallback\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"activeWalletPubKeyHash\",\"outputs\":[{\"internalType\":\"bytes20\",\"name\":\"\",\"type\":\"bytes20\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"contractReferences\",\"outputs\":[{\"internalType\":\"contract Bank\",\"name\":\"bank\",\"type\":\"address\"},{\"internalType\":\"contract IRelay\",\"name\":\"relay\",\"type\":\"address\"},{\"internalType\":\"contract IWalletRegistry\",\"name\":\"ecdsaWalletRegistry\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"preimage\",\"type\":\"bytes\"},{\"internalType\":\"bool\",\"name\":\"witness\",\"type\":\"bool\"}],\"name\":\"defeatFraudChallenge\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"depositParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"depositKey\",\"type\":\"uint256\"}],\"name\":\"deposits\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"revealedAt\",\"type\":\"uint32\"},{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"sweptAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Deposit.DepositRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"challengeKey\",\"type\":\"uint256\"}],\"name\":\"fraudChallenges\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"challenger\",\"type\":\"address\"},{\"internalType\":\"uint256\",\"name\":\"depositAmount\",\"type\":\"uint256\"},{\"internalType\":\"uint32\",\"name\":\"reportedAt\",\"type\":\"uint32\"},{\"internalType\":\"bool\",\"name\":\"resolved\",\"type\":\"bool\"}],\"internalType\":\"struct Fraud.FraudChallenge\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"fraudParameters\",\"outputs\":[{\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"governance\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"name\":\"isVaultTrusted\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"liveWalletsCount\",\"outputs\":[{\"internalType\":\"uint32\",\"name\":\"\",\"type\":\"uint32\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"movingFundsParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"internalType\":\"uint96\",\"name\":\"movingFundsTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"movingFundsTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"walletMainUtxo\",\"type\":\"tuple\"}],\"name\":\"notifyCloseableWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"}],\"name\":\"notifyFraudChallengeDefeatTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"}],\"name\":\"notifyMovingFundsBelowDust\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"}],\"name\":\"notifyMovingFundsTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"}],\"name\":\"notifyRedemptionTimeout\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"notifyWalletClosingPeriodElapsed\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"redemptionKey\",\"type\":\"uint256\"}],\"name\":\"pendingRedemptions\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"requestedAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Redemption.RedemptionRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"redemptionParameters\",\"outputs\":[{\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"activeWalletMainUtxo\",\"type\":\"tuple\"}],\"name\":\"requestNewWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes\",\"name\":\"redeemerOutputScript\",\"type\":\"bytes\"},{\"internalType\":\"uint64\",\"name\":\"amount\",\"type\":\"uint64\"}],\"name\":\"requestRedemption\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"fundingTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"uint32\",\"name\":\"fundingOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"address\",\"name\":\"depositor\",\"type\":\"address\"},{\"internalType\":\"bytes8\",\"name\":\"blindingFactor\",\"type\":\"bytes8\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"bytes20\",\"name\":\"refundPubKeyHash\",\"type\":\"bytes20\"},{\"internalType\":\"bytes4\",\"name\":\"refundLocktime\",\"type\":\"bytes4\"},{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"}],\"internalType\":\"struct Deposit.DepositRevealInfo\",\"name\":\"reveal\",\"type\":\"tuple\"}],\"name\":\"revealDeposit\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"activeWalletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"setActiveWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_depositDustThreshold\",\"type\":\"uint64\"}],\"name\":\"setDepositDustThreshold\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"setDepositTxMaxFee\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_movingFundsTxMaxTotalFee\",\"type\":\"uint64\"}],\"name\":\"setMovingFundsTxMaxTotalFee\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_redemptionDustThreshold\",\"type\":\"uint64\"}],\"name\":\"setRedemptionDustThreshold\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"_redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"}],\"name\":\"setRedemptionTreasuryFeeDivisor\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO[]\",\"name\":\"utxos\",\"type\":\"tuple[]\"}],\"name\":\"setSpentMainUtxos\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO[]\",\"name\":\"utxos\",\"type\":\"tuple[]\"}],\"name\":\"setSweptDeposits\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"vault\",\"type\":\"address\"},{\"internalType\":\"bool\",\"name\":\"isTrusted\",\"type\":\"bool\"}],\"name\":\"setVaultStatus\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"mainUtxoHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint64\",\"name\":\"pendingRedemptionsValue\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"createdAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsRequestedAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"closingStartedAt\",\"type\":\"uint32\"},{\"internalType\":\"enum Wallets.WalletState\",\"name\":\"state\",\"type\":\"uint8\"},{\"internalType\":\"bytes32\",\"name\":\"movingFundsTargetWalletsCommitmentHash\",\"type\":\"bytes32\"}],\"internalType\":\"struct Wallets.Wallet\",\"name\":\"wallet\",\"type\":\"tuple\"}],\"name\":\"setWallet\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"utxo\",\"type\":\"tuple\"}],\"name\":\"setWalletMainUtxo\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"utxoKey\",\"type\":\"uint256\"}],\"name\":\"spentMainUTXOs\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"walletPublicKey\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"sighash\",\"type\":\"bytes32\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"r\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"s\",\"type\":\"bytes32\"},{\"internalType\":\"uint8\",\"name\":\"v\",\"type\":\"uint8\"}],\"internalType\":\"struct BitcoinTx.RSVSignature\",\"name\":\"signature\",\"type\":\"tuple\"}],\"name\":\"submitFraudChallenge\",\"outputs\":[],\"stateMutability\":\"payable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"walletMainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"uint32[]\",\"name\":\"walletMembersIDs\",\"type\":\"uint32[]\"},{\"internalType\":\"uint256\",\"name\":\"walletMemberIndex\",\"type\":\"uint256\"},{\"internalType\":\"bytes20[]\",\"name\":\"targetWallets\",\"type\":\"bytes20[]\"}],\"name\":\"submitMovingFundsCommitment\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"movingFundsTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"movingFundsProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"submitMovingFundsProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"redemptionTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"redemptionProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"},{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"submitRedemptionProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"components\":[{\"internalType\":\"bytes4\",\"name\":\"version\",\"type\":\"bytes4\"},{\"internalType\":\"bytes\",\"name\":\"inputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"outputVector\",\"type\":\"bytes\"},{\"internalType\":\"bytes4\",\"name\":\"locktime\",\"type\":\"bytes4\"}],\"internalType\":\"struct BitcoinTx.Info\",\"name\":\"sweepTx\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes\",\"name\":\"merkleProof\",\"type\":\"bytes\"},{\"internalType\":\"uint256\",\"name\":\"txIndexInBlock\",\"type\":\"uint256\"},{\"internalType\":\"bytes\",\"name\":\"bitcoinHeaders\",\"type\":\"bytes\"}],\"internalType\":\"struct BitcoinTx.Proof\",\"name\":\"sweepProof\",\"type\":\"tuple\"},{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"txHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint32\",\"name\":\"txOutputIndex\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"txOutputValue\",\"type\":\"uint64\"}],\"internalType\":\"struct BitcoinTx.UTXO\",\"name\":\"mainUtxo\",\"type\":\"tuple\"}],\"name\":\"submitSweepProof\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"redemptionKey\",\"type\":\"uint256\"}],\"name\":\"timedOutRedemptions\",\"outputs\":[{\"components\":[{\"internalType\":\"address\",\"name\":\"redeemer\",\"type\":\"address\"},{\"internalType\":\"uint64\",\"name\":\"requestedAmount\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"treasuryFee\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"txMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"requestedAt\",\"type\":\"uint32\"}],\"internalType\":\"struct Redemption.RedemptionRequest\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"address\",\"name\":\"newGovernance\",\"type\":\"address\"}],\"name\":\"transferGovernance\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"treasury\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"txProofDifficultyFactor\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"depositDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"depositTxMaxFee\",\"type\":\"uint64\"}],\"name\":\"updateDepositParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint96\",\"name\":\"fraudSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"fraudNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDefeatTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"fraudChallengeDepositAmount\",\"type\":\"uint256\"}],\"name\":\"updateFraudParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"movingFundsTxMaxTotalFee\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsTimeout\",\"type\":\"uint32\"},{\"internalType\":\"uint96\",\"name\":\"movingFundsTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"movingFundsTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"},{\"internalType\":\"uint64\",\"name\":\"movingFundsDustThreshold\",\"type\":\"uint64\"}],\"name\":\"updateMovingFundsParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint64\",\"name\":\"redemptionDustThreshold\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTreasuryFeeDivisor\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"redemptionTxMaxFee\",\"type\":\"uint64\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeout\",\"type\":\"uint256\"},{\"internalType\":\"uint96\",\"name\":\"redemptionTimeoutSlashingAmount\",\"type\":\"uint96\"},{\"internalType\":\"uint256\",\"name\":\"redemptionTimeoutNotifierRewardMultiplier\",\"type\":\"uint256\"}],\"name\":\"updateRedemptionParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"name\":\"updateWalletParameters\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"walletParameters\",\"outputs\":[{\"internalType\":\"uint32\",\"name\":\"walletCreationPeriod\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletCreationMaxBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint64\",\"name\":\"walletClosureMinBtcBalance\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletMaxAge\",\"type\":\"uint32\"},{\"internalType\":\"uint64\",\"name\":\"walletMaxBtcTransfer\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"walletClosingPeriod\",\"type\":\"uint32\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes20\",\"name\":\"walletPubKeyHash\",\"type\":\"bytes20\"}],\"name\":\"wallets\",\"outputs\":[{\"components\":[{\"internalType\":\"bytes32\",\"name\":\"ecdsaWalletID\",\"type\":\"bytes32\"},{\"internalType\":\"bytes32\",\"name\":\"mainUtxoHash\",\"type\":\"bytes32\"},{\"internalType\":\"uint64\",\"name\":\"pendingRedemptionsValue\",\"type\":\"uint64\"},{\"internalType\":\"uint32\",\"name\":\"createdAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"movingFundsRequestedAt\",\"type\":\"uint32\"},{\"internalType\":\"uint32\",\"name\":\"closingStartedAt\",\"type\":\"uint32\"},{\"internalType\":\"enum Wallets.WalletState\",\"name\":\"state\",\"type\":\"uint8\"},{\"internalType\":\"bytes32\",\"name\":\"movingFundsTargetWalletsCommitmentHash\",\"type\":\"bytes32\"}],\"internalType\":\"struct Wallets.Wallet\",\"name\":\"\",\"type\":\"tuple\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"__ecdsaWalletCreatedCallback(bytes32,bytes32,bytes32)\":{\"details\":\"Requirements: - The only caller authorized to call this function is `registry` - Given wallet data must not belong to an already registered wallet\",\"params\":{\"ecdsaWalletID\":\"Wallet's unique identifier.\",\"publicKeyX\":\"Wallet's public key's X coordinate.\",\"publicKeyY\":\"Wallet's public key's Y coordinate.\"}},\"__ecdsaWalletHeartbeatFailedCallback(bytes32,bytes32,bytes32)\":{\"details\":\"Requirements: - The only caller authorized to call this function is `registry` - Wallet must be in Live state\",\"params\":{\"publicKeyX\":\"Wallet's public key's X coordinate\",\"publicKeyY\":\"Wallet's public key's Y coordinate\"}},\"activeWalletPubKeyHash()\":{\"returns\":{\"_0\":\"The 20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the active wallet. Returns bytes20(0) if there is no active wallet at the moment.\"}},\"contractReferences()\":{\"returns\":{\"bank\":\"Address of the Bank the Bridge belongs to.\",\"ecdsaWalletRegistry\":\"Address of the ECDSA Wallet Registry.\",\"relay\":\"Address of the Bitcoin relay providing the current Bitcoin network difficulty.\"}},\"defeatFraudChallenge(bytes,bytes,bool)\":{\"details\":\"Requirements: - `walletPublicKey` and `sighash` calculated as `hash256(preimage)` must identify an open fraud challenge - the preimage must be a valid preimage of a transaction generated according to the protocol rules and already proved in the Bridge - before a defeat attempt is made the transaction that spends the given UTXO must be proven in the Bridge\",\"params\":{\"preimage\":\"The preimage which produces sighash used to generate the ECDSA signature that is the subject of the fraud claim. It is a serialized subset of the transaction. The exact subset used as the preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\",\"witness\":\"Flag indicating whether the preimage was produced for a witness input. True for witness, false for non-witness input\"}},\"depositParameters()\":{\"returns\":{\"depositDustThreshold\":\"The minimal amount that can be requested to deposit. Value of this parameter must take into account the value of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the depositor.\",\"depositTreasuryFeeDivisor\":\"Divisor used to compute the treasury fee taken from each deposit and transferred to the treasury upon sweep proof submission. That fee is computed as follows: `treasuryFee = depositedAmount / depositTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each deposit, the `depositTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"depositTxMaxFee\":\"Maximum amount of BTC transaction fee that can be incurred by each swept deposit being part of the given sweep transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud.\"}},\"fraudParameters()\":{\"returns\":{\"fraudChallengeDefeatTimeout\":\"The amount of time the wallet has to defeat a fraud challenge.\",\"fraudChallengeDepositAmount\":\"The amount of ETH in wei the party challenging the wallet for fraud needs to deposit.\",\"fraudNotifierRewardMultiplier\":\"The percentage of the notifier reward from the staking contract the notifier of a fraud receives. The value is in the range [0, 100].\",\"fraudSlashingAmount\":\"The amount slashed from each wallet member for committing a fraud.\"}},\"liveWalletsCount()\":{\"returns\":{\"_0\":\"The current count of wallets being in the Live state.\"}},\"movingFundsParameters()\":{\"returns\":{\"movingFundsDustThreshold\":\"The minimal satoshi amount that makes\",\"movingFundsTimeout\":\"Time after which the moving funds process can be reported as timed out. It is counted from the moment when the wallet was requested to move their funds and switched to the MovingFunds state. Value in seconds.\",\"movingFundsTimeoutNotifierRewardMultiplier\":\"The percentage of the notifier reward from the staking contract the notifier of a moving funds timeout receives. The value is in the range [0, 100].\",\"movingFundsTimeoutSlashingAmount\":\"The amount of stake slashed from each member of a wallet for a moving funds timeout.\",\"movingFundsTxMaxTotalFee\":\"Maximum amount of the total BTC transaction fee that is acceptable in a single moving funds transaction. This is a _total_ max fee for the entire moving funds transaction.\"}},\"notifyCloseableWallet(bytes20,(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - Wallet must not be set as the current active wallet - Wallet must exceed the wallet maximum age OR the wallet BTC balance must be lesser than the minimum threshold. If the latter case is true, the `walletMainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If the wallet has no main UTXO, this parameter can be empty as it is ignored since the wallet balance is assumed to be zero. - Wallet must be in Live state\",\"params\":{\"walletMainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain.\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyFraudChallengeDefeatTimeout(bytes,uint32[],bytes32)\":{\"details\":\"Requirements: - The wallet must be in the Live or MovingFunds or Closing or Terminated state - The `walletPublicKey` and `sighash` must identify an open fraud challenge - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract - The amount of time indicated by `challengeDefeatTimeout` must pass after the challenge was reported\",\"params\":{\"sighash\":\"The hash that was used to produce the ECDSA signature that is the subject of the fraud claim. This hash is constructed by applying double SHA-256 over a serialized subset of the transaction. The exact subset used as hash preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"walletMembersIDs\":\"Identifiers of the wallet signing group members\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\"}},\"notifyMovingFundsBelowDust(bytes20,(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - The wallet must be in the MovingFunds state - The `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If the wallet has no main UTXO, this parameter can be empty as it is ignored. - The wallet BTC balance must be below the moving funds threshold\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain.\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyMovingFundsTimeout(bytes20,uint32[])\":{\"details\":\"Requirements: - The wallet must be in the MovingFunds state - The moving funds timeout must be actually exceeded - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract\",\"params\":{\"walletMembersIDs\":\"Identifiers of the wallet signing group members\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyRedemptionTimeout(bytes20,uint32[],bytes)\":{\"details\":\"Requirements: - The wallet must be in the Live or MovingFunds or Terminated state - The redemption request identified by `walletPubKeyHash` and `redeemerOutputScript` must exist - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract - The amount of time defined by `redemptionTimeout` must have passed since the redemption was requested (the request must be timed-out)\",\"params\":{\"redeemerOutputScript\":\"The redeemer's length-prefixed output script (P2PKH, P2WPKH, P2SH or P2WSH)\",\"walletMembersIDs\":\"Identifiers of the wallet signing group members\",\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"notifyWalletClosingPeriodElapsed(bytes20)\":{\"details\":\"Requirements: - The wallet must be in the Closing state - The wallet closing period must have elapsed\",\"params\":{\"walletPubKeyHash\":\"20-byte public key hash of the wallet\"}},\"redemptionParameters()\":{\"returns\":{\"redemptionDustThreshold\":\"The minimal amount that can be requested for redemption. Value of this parameter must take into account the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the redeemer.\",\"redemptionTimeout\":\"Time after which the redemption request can be reported as timed out. It is counted from the moment when the redemption request was created via `requestRedemption` call. Reported timed out requests are cancelled and locked TBTC is returned to the redeemer in full amount.\",\"redemptionTimeoutNotifierRewardMultiplier\":\"The percentage of the notifier reward from the staking contract the notifier of a redemption timeout receives. The value is in the range [0, 100].\",\"redemptionTimeoutSlashingAmount\":\"The amount of stake slashed from each member of a wallet for a redemption timeout.\",\"redemptionTreasuryFeeDivisor\":\"Divisor used to compute the treasury fee taken from each redemption request and transferred to the treasury upon successful request finalization. That fee is computed as follows: `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each redemption request, the `redemptionTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"redemptionTxMaxFee\":\"Maximum amount of BTC transaction fee that can be incurred by each redemption request being part of the given redemption transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud. This is a per-redemption output max fee for the redemption transaction.\"}},\"requestNewWallet((bytes32,uint32,uint64))\":{\"details\":\"Requirements: - `activeWalletMainUtxo` components must point to the recent main UTXO of the given active wallet, as currently known on the Ethereum chain. If there is no active wallet at the moment, or the active wallet has no main UTXO, this parameter can be empty as it is ignored. - Wallet creation must not be in progress - If the active wallet is set, one of the following conditions must be true: - The active wallet BTC balance is above the minimum threshold and the active wallet is old enough, i.e. the creation period was elapsed since its creation time - The active wallet BTC balance is above the maximum threshold\",\"params\":{\"activeWalletMainUtxo\":\"Data of the active wallet's main UTXO, as currently known on the Ethereum chain.\"}},\"requestRedemption(bytes20,(bytes32,uint32,uint64),bytes,uint64)\":{\"details\":\"Requirements: - Wallet behind `walletPubKeyHash` must be live - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. - `redeemerOutputScript` must be a proper Bitcoin script - `redeemerOutputScript` cannot have wallet PKH as payload - `amount` must be above or equal the `redemptionDustThreshold` - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be used for only one pending request at the same time - Wallet must have enough Bitcoin balance to proceed the request - Redeemer must make an allowance in the Bank that the Bridge contract can spend the given `amount`.\",\"params\":{\"amount\":\"Requested amount in satoshi. This is also the TBTC amount that is taken from redeemer's balance in the Bank upon request. Once the request is handled, the actual amount of BTC locked on the redeemer output script will be always lower than this value since the treasury and Bitcoin transaction fees must be incurred. The minimal amount satisfying the request can be computed as: `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`. Fees values are taken at the moment of request creation.\",\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"redeemerOutputScript\":\"The redeemer's length-prefixed output script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock redeemed BTC\",\"walletPubKeyHash\":\"The 20-byte wallet public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key)\"}},\"revealDeposit((bytes4,bytes,bytes,bytes4),(uint32,address,bytes8,bytes20,bytes20,bytes4,address))\":{\"details\":\"Requirements: - `reveal.walletPubKeyHash` must identify a `Live` wallet - `reveal.vault` must be 0x0 or point to a trusted vault - `reveal.fundingOutputIndex` must point to the actual P2(W)SH output of the BTC deposit transaction - `reveal.depositor` must be the Ethereum address used in the P2(W)SH BTC deposit transaction, - `reveal.blindingFactor` must be the blinding factor used in the P2(W)SH BTC deposit transaction, - `reveal.walletPubKeyHash` must be the wallet pub key hash used in the P2(W)SH BTC deposit transaction, - `reveal.refundPubKeyHash` must be the refund pub key hash used in the P2(W)SH BTC deposit transaction, - `reveal.refundLocktime` must be the refund locktime used in the P2(W)SH BTC deposit transaction, - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex` can be revealed only one time. If any of these requirements is not met, the wallet _must_ refuse to sweep the deposit and the depositor has to wait until the deposit script unlocks to receive their BTC back.\",\"params\":{\"fundingTx\":\"Bitcoin funding transaction data, see `BitcoinTx.Info`\",\"reveal\":\"Deposit reveal data, see `RevealInfo struct\"}},\"setVaultStatus(address,bool)\":{\"details\":\"Without restricting reveal only to trusted vaults, malicious vaults not meeting the criteria would be able to nuke sweep proof transactions executed by ECDSA wallet with deposits routed to them.Can only be called by the Governance.\",\"params\":{\"isTrusted\":\"flag indicating whether the vault is trusted or not\",\"vault\":\"The address of the vault\"}},\"submitFraudChallenge(bytes,bytes32,(bytes32,bytes32,uint8))\":{\"details\":\"Requirements: - Wallet behind `walletPublicKey` must be in Live or MovingFunds or Closing state - The challenger must send appropriate amount of ETH used as fraud challenge deposit - The signature (represented by r, s and v) must be generated by the wallet behind `walletPubKey` during signing of `sighash` - Wallet can be challenged for the given signature only once\",\"params\":{\"sighash\":\"The hash that was used to produce the ECDSA signature that is the subject of the fraud claim. This hash is constructed by applying double SHA-256 over a serialized subset of the transaction. The exact subset used as hash preimage depends on the transaction input the signature is produced for. See BIP-143 for reference\",\"signature\":\"Bitcoin signature in the R/S/V format\",\"walletPublicKey\":\"The public key of the wallet in the uncompressed and unprefixed format (64 bytes)\"}},\"submitMovingFundsCommitment(bytes20,(bytes32,uint32,uint64),uint32[],uint256,bytes20[])\":{\"details\":\"Requirements: - The source wallet must be in the MovingFunds state - The source wallet must not have pending redemption requests - The source wallet must not have submitted its commitment already - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given source wallet in the ECDSA registry. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The `walletMemberIndex` must be in range [1, walletMembersIDs.length] - The caller must be the member of the source wallet signing group at the position indicated by `walletMemberIndex` parameter - The `walletMainUtxo` components must point to the recent main UTXO of the source wallet, as currently known on the Ethereum chain. - Source wallet BTC balance must be greater than zero - At least one Live wallet must exist in the system - Submitted target wallets count must match the expected count `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))` where `N > 0` - Each target wallet must be not equal to the source wallet - Each target wallet must follow the expected order i.e. all target wallets 20-byte public key hashes represented as numbers must form a strictly increasing sequence without duplicates. - Each target wallet must be in Live state\",\"params\":{\"targetWallets\":\"List of 20-byte public key hashes of the target wallets that the source wallet commits to move the funds to\",\"walletMainUtxo\":\"Data of the source wallet's main UTXO, as currently known on the Ethereum chain\",\"walletMemberIndex\":\"Position of the caller in the source wallet signing group members list\",\"walletMembersIDs\":\"Identifiers of the source wallet signing group members\",\"walletPubKeyHash\":\"20-byte public key hash of the source wallet\"}},\"submitMovingFundsProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"details\":\"Requirements: - `movingFundsTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `movingFundsTx` should represent a Bitcoin transaction with exactly 1 input that refers to the wallet's main UTXO. That transaction should have 1..n outputs corresponding to the pre-committed target wallets. Outputs must be ordered in the same way as their corresponding target wallets are ordered within the target wallets commitment. - `movingFundsProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. Additionally, the recent main UTXO on Ethereum must be set. - `walletPubKeyHash` must be connected with the main UTXO used as transaction single input. - The wallet that `walletPubKeyHash` points to must be in the MovingFunds state. - The target wallets commitment must be submitted by the wallet that `walletPubKeyHash` points to. - The total Bitcoin transaction fee must be lesser or equal to `movingFundsTxMaxTotalFee` governable parameter.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"movingFundsProof\":\"Bitcoin moving funds proof data\",\"movingFundsTx\":\"Bitcoin moving funds transaction data\",\"walletPubKeyHash\":\"20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the wallet which performed the moving funds transaction\"}},\"submitRedemptionProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"details\":\"Requirements: - `redemptionTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `redemptionTx` should represent a Bitcoin transaction with exactly 1 input that refers to the wallet's main UTXO. That transaction should have 1..n outputs handling existing pending redemption requests or pointing to reported timed out requests. There can be also 1 optional output representing the change and pointing back to the 20-byte wallet public key hash. The change should be always present if the redeemed value sum is lower than the total wallet's BTC balance. - `redemptionProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. Additionally, the recent main UTXO on Ethereum must be set. - `walletPubKeyHash` must be connected with the main UTXO used as transaction single input. Other remarks: - Putting the change output as the first transaction output can save some gas because the output processing loop begins each iteration by checking whether the given output is the change thus uses some gas for making the comparison. Once the change is identified, that check is omitted in further iterations.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain\",\"redemptionProof\":\"Bitcoin redemption proof data\",\"redemptionTx\":\"Bitcoin redemption transaction data\",\"walletPubKeyHash\":\"20-byte public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) of the wallet which performed the redemption transaction\"}},\"submitSweepProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64))\":{\"details\":\"Requirements: - `sweepTx` components must match the expected structure. See `BitcoinTx.Info` docs for reference. Their values must exactly correspond to appropriate Bitcoin transaction fields to produce a provable transaction hash. - The `sweepTx` should represent a Bitcoin transaction with 1..n inputs. If the wallet has no main UTXO, all n inputs should correspond to P2(W)SH revealed deposits UTXOs. If the wallet has an existing main UTXO, one of the n inputs must point to that main UTXO and remaining n-1 inputs should correspond to P2(W)SH revealed deposits UTXOs. That transaction must have only one P2(W)PKH output locking funds on the 20-byte wallet public key hash. - `sweepProof` components must match the expected structure. See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders` field must contain a valid number of block headers, not less than the `txProofDifficultyFactor` contract constant. - `mainUtxo` components must point to the recent main UTXO of the given wallet, as currently known on the Ethereum chain. If there is no main UTXO, this parameter is ignored.\",\"params\":{\"mainUtxo\":\"Data of the wallet's main UTXO, as currently known on the Ethereum chain. If no main UTXO exists for the given wallet, this parameter is ignored\",\"sweepProof\":\"Bitcoin sweep proof data\",\"sweepTx\":\"Bitcoin sweep transaction data\"}},\"updateDepositParameters(uint64,uint64,uint64)\":{\"details\":\"Requirements: - Deposit dust threshold must be greater than zero - Deposit treasury fee divisor must be greater than zero - Deposit transaction max fee must be greater than zero\",\"params\":{\"depositTreasuryFeeDivisor\":\"New value of the treasury fee divisor. It is the divisor used to compute the treasury fee taken from each deposit and transferred to the treasury upon sweep proof submission. That fee is computed as follows: `treasuryFee = depositedAmount / depositTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each deposit, the `depositTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`\",\"depositTxMaxFee\":\"New value of the deposit tx max fee in satoshis. It is the maximum amount of BTC transaction fee that can be incurred by each swept deposit being part of the given sweep transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud\"}},\"updateFraudParameters(uint96,uint256,uint256,uint256)\":{\"details\":\"Requirements: - Fraud notifier reward multiplier must be in the range [0, 100] - Fraud challenge defeat timeout must be greater than 0\",\"params\":{\"fraudChallengeDefeatTimeout\":\"New value of the challenge defeat timeout in seconds, it is the amount of time the wallet has to defeat a fraud challenge. The value must be greater than zero\",\"fraudChallengeDepositAmount\":\"New value of the fraud challenge deposit amount in wei, it is the amount of ETH the party challenging the wallet for fraud needs to deposit\",\"fraudNotifierRewardMultiplier\":\"New value of the fraud notifier reward multiplier as percentage, it determines the percentage of the notifier reward from the staking contact the notifier of a fraud receives. The value must be in the range [0, 100]\",\"fraudSlashingAmount\":\"New value of the fraud slashing amount in T, it is the amount slashed from each wallet member for committing a fraud\"}},\"updateMovingFundsParameters(uint64,uint32,uint96,uint256,uint64)\":{\"details\":\"Requirements: - Moving funds transaction max total fee must be greater than zero - Moving funds timeout must be greater than zero - Moving funds timeout notifier reward multiplier must be in the range [0, 100] - Moving funds dust threshold must be greater than zero\"},\"updateRedemptionParameters(uint64,uint64,uint64,uint256,uint96,uint256)\":{\"details\":\"Requirements: - Redemption dust threshold must be greater than zero - Redemption treasury fee divisor must be greater than zero - Redemption transaction max fee must be greater than zero - Redemption timeout must be greater than zero - Redemption timeout notifier reward multiplier must be in the range [0, 100]\",\"params\":{\"redemptionDustThreshold\":\"New value of the redemption dust threshold in satoshis. It is the minimal amount that can be requested for redemption. Value of this parameter must take into account the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the redeemer.\",\"redemptionTimeout\":\"New value of the redemption timeout in seconds. It is the time after which the redemption request can be reported as timed out. It is counted from the moment when the redemption request was created via `requestRedemption` call. Reported timed out requests are cancelled and locked TBTC is returned to the redeemer in full amount.\",\"redemptionTimeoutNotifierRewardMultiplier\":\"New value of the redemption timeout notifier reward multiplier as percentage, it determines the percentage of the notifier reward from the staking contact the notifier of a redemption timeout receives. The value must be in the range [0, 100]\",\"redemptionTimeoutSlashingAmount\":\"New value of the redemption timeout slashing amount in T, it is the amount slashed from each wallet member for redemption timeout\",\"redemptionTreasuryFeeDivisor\":\"New value of the redemption treasury fee divisor. It is the divisor used to compute the treasury fee taken from each redemption request and transferred to the treasury upon successful request finalization. That fee is computed as follows: `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor` For example, if the treasury fee needs to be 2% of each redemption request, the `redemptionTreasuryFeeDivisor` should be set to `50` because `1/50 = 0.02 = 2%`.\",\"redemptionTxMaxFee\":\"New value of the redemption transaction max fee in satoshis. It is the maximum amount of BTC transaction fee that can be incurred by each redemption request being part of the given redemption transaction. If the maximum BTC transaction fee is exceeded, such transaction is considered a fraud. This is a per-redemption output max fee for the redemption transaction.\"}},\"updateWalletParameters(uint32,uint64,uint64,uint64,uint32,uint64,uint32)\":{\"details\":\"Requirements: - Wallet minimum BTC balance must be greater than zero - Wallet maximum BTC balance must be greater than the wallet minimum BTC balance - Wallet maximum BTC transfer must be greater than zero - Wallet closing period must be greater than zero\"},\"walletParameters()\":{\"returns\":{\"walletClosingPeriod\":\"Determines the length of the wallet closing period, i.e. the period when the wallet remains in the Closing state and can be subject of deposit fraud challenges. Value in seconds.\",\"walletClosureMinBtcBalance\":\"The minimum BTC threshold in satoshi that is used to decide about wallet closure.\",\"walletCreationMaxBtcBalance\":\"The maximum BTC threshold in satoshi that is used to decide about wallet creation.\",\"walletCreationMinBtcBalance\":\"The minimum BTC threshold in satoshi that is used to decide about wallet creation.\",\"walletCreationPeriod\":\"Determines how frequently a new wallet creation can be requested. Value in seconds.\",\"walletMaxAge\":\"The maximum age of a wallet in seconds, after which the wallet moving funds process can be requested.\",\"walletMaxBtcTransfer\":\"The maximum BTC amount in satoshi than can be transferred to a single target wallet during the moving funds process.\"}},\"wallets(bytes20)\":{\"params\":{\"walletPubKeyHash\":\"The 20-byte wallet public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key)\"},\"returns\":{\"_0\":\"Wallet details.\"}}},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{\"__ecdsaWalletCreatedCallback(bytes32,bytes32,bytes32)\":{\"notice\":\"A callback function that is called by the ECDSA Wallet Registry once a new ECDSA wallet is created.\"},\"__ecdsaWalletHeartbeatFailedCallback(bytes32,bytes32,bytes32)\":{\"notice\":\"A callback function that is called by the ECDSA Wallet Registry once a wallet heartbeat failure is detected.\"},\"activeWalletPubKeyHash()\":{\"notice\":\"Gets the public key hash of the active wallet.\"},\"contractReferences()\":{\"notice\":\"Returns the addresses of contracts Bridge is interacting with.\"},\"defeatFraudChallenge(bytes,bytes,bool)\":{\"notice\":\"Allows to defeat a pending fraud challenge against a wallet if the transaction that spends the UTXO follows the protocol rules. In order to defeat the challenge the same `walletPublicKey` and signature (represented by `r`, `s` and `v`) must be provided as were used to calculate the sighash during input signing. The fraud challenge defeat attempt will only succeed if the inputs in the preimage are considered honestly spent by the wallet. Therefore the transaction spending the UTXO must be proven in the Bridge before a challenge defeat is called. If successfully defeated, the fraud challenge is marked as resolved and the amount of ether deposited by the challenger is sent to the treasury.\"},\"depositParameters()\":{\"notice\":\"Returns the current values of Bridge deposit parameters.\"},\"deposits(uint256)\":{\"notice\":\"Collection of all revealed deposits indexed by keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash is bytes32 (ordered as in Bitcoin internally) and fundingOutputIndex an uint32. This mapping may contain valid and invalid deposits and the wallet is responsible for validating them before attempting to execute a sweep.\"},\"fraudChallenges(uint256)\":{\"notice\":\"Returns the fraud challenge identified by the given key built as keccak256(walletPublicKey|sighash).\"},\"fraudParameters()\":{\"notice\":\"Returns the current values of Bridge fraud parameters.\"},\"isVaultTrusted(address)\":{\"notice\":\"Indicates if the vault with the given address is trusted or not. Depositors can route their revealed deposits only to trusted vaults and have trusted vaults notified about new deposits as soon as these deposits get swept. Vaults not trusted by the Bridge can still be used by Bank balance owners on their own responsibility - anyone can approve their Bank balance to any address.\"},\"liveWalletsCount()\":{\"notice\":\"Gets the live wallets count.\"},\"movingFundsParameters()\":{\"notice\":\"Returns the current values of Bridge moving funds between wallets parameters.\"},\"notifyCloseableWallet(bytes20,(bytes32,uint32,uint64))\":{\"notice\":\"Notifies that the wallet is either old enough or has too few satoshi left and qualifies to be closed.\"},\"notifyFraudChallengeDefeatTimeout(bytes,uint32[],bytes32)\":{\"notice\":\"Notifies about defeat timeout for the given fraud challenge. Can be called only if there was a fraud challenge identified by the provided `walletPublicKey` and `sighash` and it was not defeated on time. The amount of time that needs to pass after a fraud challenge is reported is indicated by the `challengeDefeatTimeout`. After a successful fraud challenge defeat timeout notification the fraud challenge is marked as resolved, the stake of each operator is slashed, the ether deposited is returned to the challenger and the challenger is rewarded.\"},\"notifyMovingFundsBelowDust(bytes20,(bytes32,uint32,uint64))\":{\"notice\":\"Notifies about a moving funds wallet whose BTC balance is below the moving funds dust threshold. Ends the moving funds process and begins wallet closing immediately.\"},\"notifyMovingFundsTimeout(bytes20,uint32[])\":{\"notice\":\"Notifies about a timed out moving funds process. Terminates the wallet and slashes signing group members as a result.\"},\"notifyRedemptionTimeout(bytes20,uint32[],bytes)\":{\"notice\":\"Notifies that there is a pending redemption request associated with the given wallet, that has timed out. The redemption request is identified by the key built as `keccak256(walletPubKeyHash | redeemerOutputScript)`. The results of calling this function: - the pending redemptions value for the wallet will be decreased by the requested amount (minus treasury fee), - the tokens taken from the redeemer on redemption request will be returned to the redeemer, - the request will be moved from pending redemptions to timed-out redemptions, - if the state of the wallet is `Live` or `MovingFunds`, the wallet operators will be slashed and the notifier will be rewarded, - if the state of wallet is `Live`, the wallet will be closed or marked as `MovingFunds` (depending on the presence or absence of the wallet's main UTXO) and the wallet will no longer be marked as the active wallet (if it was marked as such).\"},\"notifyWalletClosingPeriodElapsed(bytes20)\":{\"notice\":\"Notifies about the end of the closing period for the given wallet. Closes the wallet ultimately and notifies the ECDSA registry about this fact.\"},\"pendingRedemptions(uint256)\":{\"notice\":\"Collection of all pending redemption requests indexed by redemption key built as keccak256(walletPubKeyHash | redeemerOutputScript). The walletPubKeyHash is the 20-byte wallet's public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) and redeemerOutputScript is a Bitcoin script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock redeemed BTC as requested by the redeemer. Requests are added to this mapping by the `requestRedemption` method (duplicates not allowed) and are removed by one of the following methods: - `submitRedemptionProof` in case the request was handled successfully - `notifyRedemptionTimeout` in case the request was reported to be timed out\"},\"redemptionParameters()\":{\"notice\":\"Returns the current values of Bridge redemption parameters.\"},\"requestNewWallet((bytes32,uint32,uint64))\":{\"notice\":\"Requests creation of a new wallet. This function just forms a request and the creation process is performed asynchronously. Once a wallet is created, the ECDSA Wallet Registry will notify this contract by calling the `__ecdsaWalletCreatedCallback` function.\"},\"requestRedemption(bytes20,(bytes32,uint32,uint64),bytes,uint64)\":{\"notice\":\"Requests redemption of the given amount from the specified wallet to the redeemer Bitcoin output script.\"},\"revealDeposit((bytes4,bytes,bytes,bytes4),(uint32,address,bytes8,bytes20,bytes20,bytes4,address))\":{\"notice\":\"Used by the depositor to reveal information about their P2(W)SH Bitcoin deposit to the Bridge on Ethereum chain. The off-chain wallet listens for revealed deposit events and may decide to include the revealed deposit in the next executed sweep. Information about the Bitcoin deposit can be revealed before or after the Bitcoin transaction with P2(W)SH deposit is mined on the Bitcoin chain. Worth noting, the gas cost of this function scales with the number of P2(W)SH transaction inputs and outputs. The deposit may be routed to one of the trusted vaults. When a deposit is routed to a vault, vault gets notified when the deposit gets swept and it may execute the appropriate action.\"},\"setVaultStatus(address,bool)\":{\"notice\":\"Allows the Governance to mark the given vault address as trusted or no longer trusted. Vaults are not trusted by default. Trusted vault must meet the following criteria: - `IVault.receiveBalanceIncrease` must have a known, low gas cost. - `IVault.receiveBalanceIncrease` must never revert.\"},\"spentMainUTXOs(uint256)\":{\"notice\":\"Collection of main UTXOs that are honestly spent indexed by keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash is bytes32 (ordered as in Bitcoin internally) and fundingOutputIndex an uint32. A main UTXO is considered honestly spent if it was used as an input of a transaction that have been proven in the Bridge.\"},\"submitFraudChallenge(bytes,bytes32,(bytes32,bytes32,uint8))\":{\"notice\":\"Submits a fraud challenge indicating that a UTXO being under wallet control was unlocked by the wallet but was not used according to the protocol rules. That means the wallet signed a transaction input pointing to that UTXO and there is a unique sighash and signature pair associated with that input. This function uses those parameters to create a fraud accusation that proves a given transaction input unlocking the given UTXO was actually signed by the wallet. This function cannot determine whether the transaction was actually broadcast and the input was consumed in a fraudulent way so it just opens a challenge period during which the wallet can defeat the challenge by submitting proof of a transaction that consumes the given input according to protocol rules. To prevent spurious allegations, the caller must deposit ETH that is returned back upon justified fraud challenge or confiscated otherwise.\"},\"submitMovingFundsCommitment(bytes20,(bytes32,uint32,uint64),uint32[],uint256,bytes20[])\":{\"notice\":\"Submits the moving funds target wallets commitment. Once all requirements are met, that function registers the target wallets commitment and opens the way for moving funds proof submission.\"},\"submitMovingFundsProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"notice\":\"Used by the wallet to prove the BTC moving funds transaction and to make the necessary state changes. Moving funds is only accepted if it satisfies SPV proof. The function validates the moving funds transaction structure by checking if it actually spends the main UTXO of the declared wallet and locks the value on the pre-committed target wallets using a reasonable transaction fee. If all preconditions are met, this functions closes the source wallet. It is possible to prove the given moving funds transaction only one time.\"},\"submitRedemptionProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64),bytes20)\":{\"notice\":\"Used by the wallet to prove the BTC redemption transaction and to make the necessary bookkeeping. Redemption is only accepted if it satisfies SPV proof. The function is performing Bank balance updates by burning the total redeemed Bitcoin amount from Bridge balance and transferring the treasury fee sum to the treasury address. It is possible to prove the given redemption only one time.\"},\"submitSweepProof((bytes4,bytes,bytes,bytes4),(bytes,uint256,bytes),(bytes32,uint32,uint64))\":{\"notice\":\"Used by the wallet to prove the BTC deposit sweep transaction and to update Bank balances accordingly. Sweep is only accepted if it satisfies SPV proof. The function is performing Bank balance updates by first computing the Bitcoin fee for the sweep transaction. The fee is divided evenly between all swept deposits. Each depositor receives a balance in the bank equal to the amount inferred during the reveal transaction, minus their fee share. It is possible to prove the given sweep only one time.\"},\"timedOutRedemptions(uint256)\":{\"notice\":\"Collection of all timed out redemptions requests indexed by redemption key built as keccak256(walletPubKeyHash | redeemerOutputScript). The walletPubKeyHash is the 20-byte wallet's public key hash (computed using Bitcoin HASH160 over the compressed ECDSA public key) and redeemerOutputScript is the Bitcoin script (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed out request. Timed out requests are stored in this mapping to avoid slashing the wallets multiple times for the same timeout. Only one method can add to this mapping: - `notifyRedemptionTimeout` which puts the redemption key to this mapping basing on a timed out request stored previously in `pendingRedemptions` mapping.\"},\"transferGovernance(address)\":{\"notice\":\"Transfers governance of the contract to `newGovernance`.\"},\"treasury()\":{\"notice\":\"Address where the deposit treasury fees will be sent to. Treasury takes part in the operators rewarding process.\"},\"txProofDifficultyFactor()\":{\"notice\":\"The number of confirmations on the Bitcoin chain required to successfully evaluate an SPV proof.\"},\"updateDepositParameters(uint64,uint64,uint64)\":{\"notice\":\"of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order to make requests that can incur the treasury and transaction fee and still satisfy the depositor\"},\"updateFraudParameters(uint96,uint256,uint256,uint256)\":{\"notice\":\"Updates parameters related to frauds.\"},\"updateRedemptionParameters(uint64,uint64,uint64,uint256,uint96,uint256)\":{\"notice\":\"Updates parameters of redemptions.\"},\"wallets(bytes20)\":{\"notice\":\"Gets details about a registered wallet.\"}},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/test/BridgeStub.sol\":\"BridgeStub\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000},\"remappings\":[]},\"sources\":{\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title BitcoinSPV */\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {SafeMath} from \\\"./SafeMath.sol\\\";\\n\\nlibrary BTCUtils {\\n using BytesLib for bytes;\\n using SafeMath for uint256;\\n\\n // The target at minimum Difficulty. Also the target of the genesis block\\n uint256 public constant DIFF1_TARGET = 0xffff0000000000000000000000000000000000000000000000000000;\\n\\n uint256 public constant RETARGET_PERIOD = 2 * 7 * 24 * 60 * 60; // 2 weeks in seconds\\n uint256 public constant RETARGET_PERIOD_BLOCKS = 2016; // 2 weeks in blocks\\n\\n uint256 public constant ERR_BAD_ARG = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff;\\n\\n /* ***** */\\n /* UTILS */\\n /* ***** */\\n\\n /// @notice Determines the length of a VarInt in bytes\\n /// @dev A VarInt of >1 byte is prefixed with a flag indicating its length\\n /// @param _flag The first byte of a VarInt\\n /// @return The number of non-flag bytes in the VarInt\\n function determineVarIntDataLength(bytes memory _flag) internal pure returns (uint8) {\\n return determineVarIntDataLengthAt(_flag, 0);\\n }\\n\\n /// @notice Determines the length of a VarInt in bytes\\n /// @dev A VarInt of >1 byte is prefixed with a flag indicating its length\\n /// @param _b The byte array containing a VarInt\\n /// @param _at The position of the VarInt in the array\\n /// @return The number of non-flag bytes in the VarInt\\n function determineVarIntDataLengthAt(bytes memory _b, uint256 _at) internal pure returns (uint8) {\\n if (uint8(_b[_at]) == 0xff) {\\n return 8; // one-byte flag, 8 bytes data\\n }\\n if (uint8(_b[_at]) == 0xfe) {\\n return 4; // one-byte flag, 4 bytes data\\n }\\n if (uint8(_b[_at]) == 0xfd) {\\n return 2; // one-byte flag, 2 bytes data\\n }\\n\\n return 0; // flag is data\\n }\\n\\n /// @notice Parse a VarInt into its data length and the number it represents\\n /// @dev Useful for Parsing Vins and Vouts. Returns ERR_BAD_ARG if insufficient bytes.\\n /// Caller SHOULD explicitly handle this case (or bubble it up)\\n /// @param _b A byte-string starting with a VarInt\\n /// @return number of bytes in the encoding (not counting the tag), the encoded int\\n function parseVarInt(bytes memory _b) internal pure returns (uint256, uint256) {\\n return parseVarIntAt(_b, 0);\\n }\\n\\n /// @notice Parse a VarInt into its data length and the number it represents\\n /// @dev Useful for Parsing Vins and Vouts. Returns ERR_BAD_ARG if insufficient bytes.\\n /// Caller SHOULD explicitly handle this case (or bubble it up)\\n /// @param _b A byte-string containing a VarInt\\n /// @param _at The position of the VarInt\\n /// @return number of bytes in the encoding (not counting the tag), the encoded int\\n function parseVarIntAt(bytes memory _b, uint256 _at) internal pure returns (uint256, uint256) {\\n uint8 _dataLen = determineVarIntDataLengthAt(_b, _at);\\n\\n if (_dataLen == 0) {\\n return (0, uint8(_b[_at]));\\n }\\n if (_b.length < 1 + _dataLen + _at) {\\n return (ERR_BAD_ARG, 0);\\n }\\n uint256 _number;\\n if (_dataLen == 2) {\\n _number = reverseUint16(uint16(_b.slice2(1 + _at)));\\n } else if (_dataLen == 4) {\\n _number = reverseUint32(uint32(_b.slice4(1 + _at)));\\n } else if (_dataLen == 8) {\\n _number = reverseUint64(uint64(_b.slice8(1 + _at)));\\n }\\n return (_dataLen, _number);\\n }\\n\\n /// @notice Changes the endianness of a byte array\\n /// @dev Returns a new, backwards, bytes\\n /// @param _b The bytes to reverse\\n /// @return The reversed bytes\\n function reverseEndianness(bytes memory _b) internal pure returns (bytes memory) {\\n bytes memory _newValue = new bytes(_b.length);\\n\\n for (uint i = 0; i < _b.length; i++) {\\n _newValue[_b.length - i - 1] = _b[i];\\n }\\n\\n return _newValue;\\n }\\n\\n /// @notice Changes the endianness of a uint256\\n /// @dev https://graphics.stanford.edu/~seander/bithacks.html#ReverseParallel\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint256(uint256 _b) internal pure returns (uint256 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) |\\n ((v & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = ((v >> 16) & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) |\\n ((v & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) << 16);\\n // swap 4-byte long pairs\\n v = ((v >> 32) & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) |\\n ((v & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) << 32);\\n // swap 8-byte long pairs\\n v = ((v >> 64) & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) |\\n ((v & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) << 64);\\n // swap 16-byte long pairs\\n v = (v >> 128) | (v << 128);\\n }\\n\\n /// @notice Changes the endianness of a uint64\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint64(uint64 _b) internal pure returns (uint64 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF00FF00FF) |\\n ((v & 0x00FF00FF00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = ((v >> 16) & 0x0000FFFF0000FFFF) |\\n ((v & 0x0000FFFF0000FFFF) << 16);\\n // swap 4-byte long pairs\\n v = (v >> 32) | (v << 32);\\n }\\n\\n /// @notice Changes the endianness of a uint32\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint32(uint32 _b) internal pure returns (uint32 v) {\\n v = _b;\\n\\n // swap bytes\\n v = ((v >> 8) & 0x00FF00FF) |\\n ((v & 0x00FF00FF) << 8);\\n // swap 2-byte long pairs\\n v = (v >> 16) | (v << 16);\\n }\\n\\n /// @notice Changes the endianness of a uint24\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint24(uint24 _b) internal pure returns (uint24 v) {\\n v = (_b << 16) | (_b & 0x00FF00) | (_b >> 16);\\n }\\n\\n /// @notice Changes the endianness of a uint16\\n /// @param _b The unsigned integer to reverse\\n /// @return v The reversed value\\n function reverseUint16(uint16 _b) internal pure returns (uint16 v) {\\n v = (_b << 8) | (_b >> 8);\\n }\\n\\n\\n /// @notice Converts big-endian bytes to a uint\\n /// @dev Traverses the byte array and sums the bytes\\n /// @param _b The big-endian bytes-encoded integer\\n /// @return The integer representation\\n function bytesToUint(bytes memory _b) internal pure returns (uint256) {\\n uint256 _number;\\n\\n for (uint i = 0; i < _b.length; i++) {\\n _number = _number + uint8(_b[i]) * (2 ** (8 * (_b.length - (i + 1))));\\n }\\n\\n return _number;\\n }\\n\\n /// @notice Get the last _num bytes from a byte array\\n /// @param _b The byte array to slice\\n /// @param _num The number of bytes to extract from the end\\n /// @return The last _num bytes of _b\\n function lastBytes(bytes memory _b, uint256 _num) internal pure returns (bytes memory) {\\n uint256 _start = _b.length.sub(_num);\\n\\n return _b.slice(_start, _num);\\n }\\n\\n /// @notice Implements bitcoin's hash160 (rmd160(sha2()))\\n /// @dev abi.encodePacked changes the return to bytes instead of bytes32\\n /// @param _b The pre-image\\n /// @return The digest\\n function hash160(bytes memory _b) internal pure returns (bytes memory) {\\n return abi.encodePacked(ripemd160(abi.encodePacked(sha256(_b))));\\n }\\n\\n /// @notice Implements bitcoin's hash160 (sha2 + ripemd160)\\n /// @dev sha2 precompile at address(2), ripemd160 at address(3)\\n /// @param _b The pre-image\\n /// @return res The digest\\n function hash160View(bytes memory _b) internal view returns (bytes20 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n pop(staticcall(gas(), 2, add(_b, 32), mload(_b), 0x00, 32))\\n pop(staticcall(gas(), 3, 0x00, 32, 0x00, 32))\\n // read from position 12 = 0c\\n res := mload(0x0c)\\n }\\n }\\n\\n /// @notice Implements bitcoin's hash256 (double sha2)\\n /// @dev abi.encodePacked changes the return to bytes instead of bytes32\\n /// @param _b The pre-image\\n /// @return The digest\\n function hash256(bytes memory _b) internal pure returns (bytes32) {\\n return sha256(abi.encodePacked(sha256(_b)));\\n }\\n\\n /// @notice Implements bitcoin's hash256 (double sha2)\\n /// @dev sha2 is precompiled smart contract located at address(2)\\n /// @param _b The pre-image\\n /// @return res The digest\\n function hash256View(bytes memory _b) internal view returns (bytes32 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n pop(staticcall(gas(), 2, add(_b, 32), mload(_b), 0x00, 32))\\n pop(staticcall(gas(), 2, 0x00, 32, 0x00, 32))\\n res := mload(0x00)\\n }\\n }\\n\\n /// @notice Implements bitcoin's hash256 on a pair of bytes32\\n /// @dev sha2 is precompiled smart contract located at address(2)\\n /// @param _a The first bytes32 of the pre-image\\n /// @param _b The second bytes32 of the pre-image\\n /// @return res The digest\\n function hash256Pair(bytes32 _a, bytes32 _b) internal view returns (bytes32 res) {\\n // solium-disable-next-line security/no-inline-assembly\\n assembly {\\n mstore(0x00, _a)\\n mstore(0x20, _b)\\n pop(staticcall(gas(), 2, 0x00, 64, 0x00, 32))\\n pop(staticcall(gas(), 2, 0x00, 32, 0x00, 32))\\n res := mload(0x00)\\n }\\n }\\n\\n /* ************ */\\n /* Legacy Input */\\n /* ************ */\\n\\n /// @notice Extracts the nth input from the vin (0-indexed)\\n /// @dev Iterates over the vin. If you need to extract several, write a custom function\\n /// @param _vin The vin as a tightly-packed byte array\\n /// @param _index The 0-indexed location of the input to extract\\n /// @return The input as a byte array\\n function extractInputAtIndex(bytes memory _vin, uint256 _index) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _nIns;\\n\\n (_varIntDataLen, _nIns) = parseVarInt(_vin);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Read overrun during VarInt parsing\\\");\\n require(_index < _nIns, \\\"Vin read overrun\\\");\\n\\n uint256 _len = 0;\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 _i = 0; _i < _index; _i ++) {\\n _len = determineInputLengthAt(_vin, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n _offset = _offset + _len;\\n }\\n\\n _len = determineInputLengthAt(_vin, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _vin.slice(_offset, _len);\\n }\\n\\n /// @notice Determines whether an input is legacy\\n /// @dev False if no scriptSig, otherwise True\\n /// @param _input The input\\n /// @return True for legacy, False for witness\\n function isLegacyInput(bytes memory _input) internal pure returns (bool) {\\n return _input[36] != hex\\\"00\\\";\\n }\\n\\n /// @notice Determines the length of a scriptSig in an input\\n /// @dev Will return 0 if passed a witness input.\\n /// @param _input The LEGACY input\\n /// @return The length of the script sig\\n function extractScriptSigLen(bytes memory _input) internal pure returns (uint256, uint256) {\\n return extractScriptSigLenAt(_input, 0);\\n }\\n\\n /// @notice Determines the length of a scriptSig in an input\\n /// starting at the specified position\\n /// @dev Will return 0 if passed a witness input.\\n /// @param _input The byte array containing the LEGACY input\\n /// @param _at The position of the input in the array\\n /// @return The length of the script sig\\n function extractScriptSigLenAt(bytes memory _input, uint256 _at) internal pure returns (uint256, uint256) {\\n if (_input.length < 37 + _at) {\\n return (ERR_BAD_ARG, 0);\\n }\\n\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = parseVarIntAt(_input, _at + 36);\\n\\n return (_varIntDataLen, _scriptSigLen);\\n }\\n\\n /// @notice Determines the length of an input from its scriptSig\\n /// @dev 36 for outpoint, 1 for scriptSig length, 4 for sequence\\n /// @param _input The input\\n /// @return The length of the input in bytes\\n function determineInputLength(bytes memory _input) internal pure returns (uint256) {\\n return determineInputLengthAt(_input, 0);\\n }\\n\\n /// @notice Determines the length of an input from its scriptSig,\\n /// starting at the specified position\\n /// @dev 36 for outpoint, 1 for scriptSig length, 4 for sequence\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input in the array\\n /// @return The length of the input in bytes\\n function determineInputLengthAt(bytes memory _input, uint256 _at) internal pure returns (uint256) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLenAt(_input, _at);\\n if (_varIntDataLen == ERR_BAD_ARG) {\\n return ERR_BAD_ARG;\\n }\\n\\n return 36 + 1 + _varIntDataLen + _scriptSigLen + 4;\\n }\\n\\n /// @notice Extracts the LE sequence bytes from an input\\n /// @dev Sequence is used for relative time locks\\n /// @param _input The LEGACY input\\n /// @return The sequence bytes (LE uint)\\n function extractSequenceLELegacy(bytes memory _input) internal pure returns (bytes4) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLen(_input);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _input.slice4(36 + 1 + _varIntDataLen + _scriptSigLen);\\n }\\n\\n /// @notice Extracts the sequence from the input\\n /// @dev Sequence is a 4-byte little-endian number\\n /// @param _input The LEGACY input\\n /// @return The sequence number (big-endian uint)\\n function extractSequenceLegacy(bytes memory _input) internal pure returns (uint32) {\\n uint32 _leSeqence = uint32(extractSequenceLELegacy(_input));\\n uint32 _beSequence = reverseUint32(_leSeqence);\\n return _beSequence;\\n }\\n /// @notice Extracts the VarInt-prepended scriptSig from the input in a tx\\n /// @dev Will return hex\\\"00\\\" if passed a witness input\\n /// @param _input The LEGACY input\\n /// @return The length-prepended scriptSig\\n function extractScriptSig(bytes memory _input) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _scriptSigLen;\\n (_varIntDataLen, _scriptSigLen) = extractScriptSigLen(_input);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Bad VarInt in scriptSig\\\");\\n return _input.slice(36, 1 + _varIntDataLen + _scriptSigLen);\\n }\\n\\n\\n /* ************* */\\n /* Witness Input */\\n /* ************* */\\n\\n /// @notice Extracts the LE sequence bytes from an input\\n /// @dev Sequence is used for relative time locks\\n /// @param _input The WITNESS input\\n /// @return The sequence bytes (LE uint)\\n function extractSequenceLEWitness(bytes memory _input) internal pure returns (bytes4) {\\n return _input.slice4(37);\\n }\\n\\n /// @notice Extracts the sequence from the input in a tx\\n /// @dev Sequence is a 4-byte little-endian number\\n /// @param _input The WITNESS input\\n /// @return The sequence number (big-endian uint)\\n function extractSequenceWitness(bytes memory _input) internal pure returns (uint32) {\\n uint32 _leSeqence = uint32(extractSequenceLEWitness(_input));\\n uint32 _inputeSequence = reverseUint32(_leSeqence);\\n return _inputeSequence;\\n }\\n\\n /// @notice Extracts the outpoint from the input in a tx\\n /// @dev 32-byte tx id with 4-byte index\\n /// @param _input The input\\n /// @return The outpoint (LE bytes of prev tx hash + LE bytes of prev tx index)\\n function extractOutpoint(bytes memory _input) internal pure returns (bytes memory) {\\n return _input.slice(0, 36);\\n }\\n\\n /// @notice Extracts the outpoint tx id from an input\\n /// @dev 32-byte tx id\\n /// @param _input The input\\n /// @return The tx id (little-endian bytes)\\n function extractInputTxIdLE(bytes memory _input) internal pure returns (bytes32) {\\n return _input.slice32(0);\\n }\\n\\n /// @notice Extracts the outpoint tx id from an input\\n /// starting at the specified position\\n /// @dev 32-byte tx id\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input\\n /// @return The tx id (little-endian bytes)\\n function extractInputTxIdLeAt(bytes memory _input, uint256 _at) internal pure returns (bytes32) {\\n return _input.slice32(_at);\\n }\\n\\n /// @notice Extracts the LE tx input index from the input in a tx\\n /// @dev 4-byte tx index\\n /// @param _input The input\\n /// @return The tx index (little-endian bytes)\\n function extractTxIndexLE(bytes memory _input) internal pure returns (bytes4) {\\n return _input.slice4(32);\\n }\\n\\n /// @notice Extracts the LE tx input index from the input in a tx\\n /// starting at the specified position\\n /// @dev 4-byte tx index\\n /// @param _input The byte array containing the input\\n /// @param _at The position of the input\\n /// @return The tx index (little-endian bytes)\\n function extractTxIndexLeAt(bytes memory _input, uint256 _at) internal pure returns (bytes4) {\\n return _input.slice4(32 + _at);\\n }\\n\\n /* ****** */\\n /* Output */\\n /* ****** */\\n\\n /// @notice Determines the length of an output\\n /// @dev Works with any properly formatted output\\n /// @param _output The output\\n /// @return The length indicated by the prefix, error if invalid length\\n function determineOutputLength(bytes memory _output) internal pure returns (uint256) {\\n return determineOutputLengthAt(_output, 0);\\n }\\n\\n /// @notice Determines the length of an output\\n /// starting at the specified position\\n /// @dev Works with any properly formatted output\\n /// @param _output The byte array containing the output\\n /// @param _at The position of the output\\n /// @return The length indicated by the prefix, error if invalid length\\n function determineOutputLengthAt(bytes memory _output, uint256 _at) internal pure returns (uint256) {\\n if (_output.length < 9 + _at) {\\n return ERR_BAD_ARG;\\n }\\n uint256 _varIntDataLen;\\n uint256 _scriptPubkeyLength;\\n (_varIntDataLen, _scriptPubkeyLength) = parseVarIntAt(_output, 8 + _at);\\n\\n if (_varIntDataLen == ERR_BAD_ARG) {\\n return ERR_BAD_ARG;\\n }\\n\\n // 8-byte value, 1-byte for tag itself\\n return 8 + 1 + _varIntDataLen + _scriptPubkeyLength;\\n }\\n\\n /// @notice Extracts the output at a given index in the TxOuts vector\\n /// @dev Iterates over the vout. If you need to extract multiple, write a custom function\\n /// @param _vout The _vout to extract from\\n /// @param _index The 0-indexed location of the output to extract\\n /// @return The specified output\\n function extractOutputAtIndex(bytes memory _vout, uint256 _index) internal pure returns (bytes memory) {\\n uint256 _varIntDataLen;\\n uint256 _nOuts;\\n\\n (_varIntDataLen, _nOuts) = parseVarInt(_vout);\\n require(_varIntDataLen != ERR_BAD_ARG, \\\"Read overrun during VarInt parsing\\\");\\n require(_index < _nOuts, \\\"Vout read overrun\\\");\\n\\n uint256 _len = 0;\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 _i = 0; _i < _index; _i ++) {\\n _len = determineOutputLengthAt(_vout, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptPubkey\\\");\\n _offset += _len;\\n }\\n\\n _len = determineOutputLengthAt(_vout, _offset);\\n require(_len != ERR_BAD_ARG, \\\"Bad VarInt in scriptPubkey\\\");\\n return _vout.slice(_offset, _len);\\n }\\n\\n /// @notice Extracts the value bytes from the output in a tx\\n /// @dev Value is an 8-byte little-endian number\\n /// @param _output The output\\n /// @return The output value as LE bytes\\n function extractValueLE(bytes memory _output) internal pure returns (bytes8) {\\n return _output.slice8(0);\\n }\\n\\n /// @notice Extracts the value from the output in a tx\\n /// @dev Value is an 8-byte little-endian number\\n /// @param _output The output\\n /// @return The output value\\n function extractValue(bytes memory _output) internal pure returns (uint64) {\\n uint64 _leValue = uint64(extractValueLE(_output));\\n uint64 _beValue = reverseUint64(_leValue);\\n return _beValue;\\n }\\n\\n /// @notice Extracts the data from an op return output\\n /// @dev Returns hex\\\"\\\" if no data or not an op return\\n /// @param _output The output\\n /// @return Any data contained in the opreturn output, null if not an op return\\n function extractOpReturnData(bytes memory _output) internal pure returns (bytes memory) {\\n if (_output[9] != hex\\\"6a\\\") {\\n return hex\\\"\\\";\\n }\\n bytes1 _dataLen = _output[10];\\n return _output.slice(11, uint256(uint8(_dataLen)));\\n }\\n\\n /// @notice Extracts the hash from the output script\\n /// @dev Determines type by the length prefix and validates format\\n /// @param _output The output\\n /// @return The hash committed to by the pk_script, or null for errors\\n function extractHash(bytes memory _output) internal pure returns (bytes memory) {\\n uint8 _scriptLen = uint8(_output[8]);\\n\\n // don't have to worry about overflow here.\\n // if _scriptLen + 9 overflows, then output.length would have to be < 9\\n // for this check to pass. if it's < 9, then we errored when assigning\\n // _scriptLen\\n if (_scriptLen + 9 != _output.length) {\\n return hex\\\"\\\";\\n }\\n\\n if (uint8(_output[9]) == 0) {\\n if (_scriptLen < 2) {\\n return hex\\\"\\\";\\n }\\n uint256 _payloadLen = uint8(_output[10]);\\n // Check for maliciously formatted witness outputs.\\n // No need to worry about underflow as long b/c of the `< 2` check\\n if (_payloadLen != _scriptLen - 2 || (_payloadLen != 0x20 && _payloadLen != 0x14)) {\\n return hex\\\"\\\";\\n }\\n return _output.slice(11, _payloadLen);\\n } else {\\n bytes3 _tag = _output.slice3(8);\\n // p2pkh\\n if (_tag == hex\\\"1976a9\\\") {\\n // Check for maliciously formatted p2pkh\\n // No need to worry about underflow, b/c of _scriptLen check\\n if (uint8(_output[11]) != 0x14 ||\\n _output.slice2(_output.length - 2) != hex\\\"88ac\\\") {\\n return hex\\\"\\\";\\n }\\n return _output.slice(12, 20);\\n //p2sh\\n } else if (_tag == hex\\\"17a914\\\") {\\n // Check for maliciously formatted p2sh\\n // No need to worry about underflow, b/c of _scriptLen check\\n if (uint8(_output[_output.length - 1]) != 0x87) {\\n return hex\\\"\\\";\\n }\\n return _output.slice(11, 20);\\n }\\n }\\n return hex\\\"\\\"; /* NB: will trigger on OPRETURN and any non-standard that doesn't overrun */\\n }\\n\\n /* ********** */\\n /* Witness TX */\\n /* ********** */\\n\\n\\n /// @notice Checks that the vin passed up is properly formatted\\n /// @dev Consider a vin with a valid vout in its scriptsig\\n /// @param _vin Raw bytes length-prefixed input vector\\n /// @return True if it represents a validly formatted vin\\n function validateVin(bytes memory _vin) internal pure returns (bool) {\\n uint256 _varIntDataLen;\\n uint256 _nIns;\\n\\n (_varIntDataLen, _nIns) = parseVarInt(_vin);\\n\\n // Not valid if it says there are too many or no inputs\\n if (_nIns == 0 || _varIntDataLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 i = 0; i < _nIns; i++) {\\n // If we're at the end, but still expect more\\n if (_offset >= _vin.length) {\\n return false;\\n }\\n\\n // Grab the next input and determine its length.\\n uint256 _nextLen = determineInputLengthAt(_vin, _offset);\\n if (_nextLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n // Increase the offset by that much\\n _offset += _nextLen;\\n }\\n\\n // Returns false if we're not exactly at the end\\n return _offset == _vin.length;\\n }\\n\\n /// @notice Checks that the vout passed up is properly formatted\\n /// @dev Consider a vout with a valid scriptpubkey\\n /// @param _vout Raw bytes length-prefixed output vector\\n /// @return True if it represents a validly formatted vout\\n function validateVout(bytes memory _vout) internal pure returns (bool) {\\n uint256 _varIntDataLen;\\n uint256 _nOuts;\\n\\n (_varIntDataLen, _nOuts) = parseVarInt(_vout);\\n\\n // Not valid if it says there are too many or no outputs\\n if (_nOuts == 0 || _varIntDataLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n uint256 _offset = 1 + _varIntDataLen;\\n\\n for (uint256 i = 0; i < _nOuts; i++) {\\n // If we're at the end, but still expect more\\n if (_offset >= _vout.length) {\\n return false;\\n }\\n\\n // Grab the next output and determine its length.\\n // Increase the offset by that much\\n uint256 _nextLen = determineOutputLengthAt(_vout, _offset);\\n if (_nextLen == ERR_BAD_ARG) {\\n return false;\\n }\\n\\n _offset += _nextLen;\\n }\\n\\n // Returns false if we're not exactly at the end\\n return _offset == _vout.length;\\n }\\n\\n\\n\\n /* ************ */\\n /* Block Header */\\n /* ************ */\\n\\n /// @notice Extracts the transaction merkle root from a block header\\n /// @dev Use verifyHash256Merkle to verify proofs with this root\\n /// @param _header The header\\n /// @return The merkle root (little-endian)\\n function extractMerkleRootLE(bytes memory _header) internal pure returns (bytes32) {\\n return _header.slice32(36);\\n }\\n\\n /// @notice Extracts the target from a block header\\n /// @dev Target is a 256-bit number encoded as a 3-byte mantissa and 1-byte exponent\\n /// @param _header The header\\n /// @return The target threshold\\n function extractTarget(bytes memory _header) internal pure returns (uint256) {\\n uint24 _m = uint24(_header.slice3(72));\\n uint8 _e = uint8(_header[75]);\\n uint256 _mantissa = uint256(reverseUint24(_m));\\n uint _exponent = _e - 3;\\n\\n return _mantissa * (256 ** _exponent);\\n }\\n\\n /// @notice Calculate difficulty from the difficulty 1 target and current target\\n /// @dev Difficulty 1 is 0x1d00ffff on mainnet and testnet\\n /// @dev Difficulty 1 is a 256-bit number encoded as a 3-byte mantissa and 1-byte exponent\\n /// @param _target The current target\\n /// @return The block difficulty (bdiff)\\n function calculateDifficulty(uint256 _target) internal pure returns (uint256) {\\n // Difficulty 1 calculated from 0x1d00ffff\\n return DIFF1_TARGET.div(_target);\\n }\\n\\n /// @notice Extracts the previous block's hash from a block header\\n /// @dev Block headers do NOT include block number :(\\n /// @param _header The header\\n /// @return The previous block's hash (little-endian)\\n function extractPrevBlockLE(bytes memory _header) internal pure returns (bytes32) {\\n return _header.slice32(4);\\n }\\n\\n /// @notice Extracts the timestamp from a block header\\n /// @dev Time is not 100% reliable\\n /// @param _header The header\\n /// @return The timestamp (little-endian bytes)\\n function extractTimestampLE(bytes memory _header) internal pure returns (bytes4) {\\n return _header.slice4(68);\\n }\\n\\n /// @notice Extracts the timestamp from a block header\\n /// @dev Time is not 100% reliable\\n /// @param _header The header\\n /// @return The timestamp (uint)\\n function extractTimestamp(bytes memory _header) internal pure returns (uint32) {\\n return reverseUint32(uint32(extractTimestampLE(_header)));\\n }\\n\\n /// @notice Extracts the expected difficulty from a block header\\n /// @dev Does NOT verify the work\\n /// @param _header The header\\n /// @return The difficulty as an integer\\n function extractDifficulty(bytes memory _header) internal pure returns (uint256) {\\n return calculateDifficulty(extractTarget(_header));\\n }\\n\\n /// @notice Concatenates and hashes two inputs for merkle proving\\n /// @param _a The first hash\\n /// @param _b The second hash\\n /// @return The double-sha256 of the concatenated hashes\\n function _hash256MerkleStep(bytes memory _a, bytes memory _b) internal view returns (bytes32) {\\n return hash256View(abi.encodePacked(_a, _b));\\n }\\n\\n /// @notice Concatenates and hashes two inputs for merkle proving\\n /// @param _a The first hash\\n /// @param _b The second hash\\n /// @return The double-sha256 of the concatenated hashes\\n function _hash256MerkleStep(bytes32 _a, bytes32 _b) internal view returns (bytes32) {\\n return hash256Pair(_a, _b);\\n }\\n\\n\\n /// @notice Verifies a Bitcoin-style merkle tree\\n /// @dev Leaves are 0-indexed. Inefficient version.\\n /// @param _proof The proof. Tightly packed LE sha256 hashes. The last hash is the root\\n /// @param _index The index of the leaf\\n /// @return true if the proof is valid, else false\\n function verifyHash256Merkle(bytes memory _proof, uint _index) internal view returns (bool) {\\n // Not an even number of hashes\\n if (_proof.length % 32 != 0) {\\n return false;\\n }\\n\\n // Special case for coinbase-only blocks\\n if (_proof.length == 32) {\\n return true;\\n }\\n\\n // Should never occur\\n if (_proof.length == 64) {\\n return false;\\n }\\n\\n bytes32 _root = _proof.slice32(_proof.length - 32);\\n bytes32 _current = _proof.slice32(0);\\n bytes memory _tree = _proof.slice(32, _proof.length - 64);\\n\\n return verifyHash256Merkle(_current, _tree, _root, _index);\\n }\\n\\n /// @notice Verifies a Bitcoin-style merkle tree\\n /// @dev Leaves are 0-indexed. Efficient version.\\n /// @param _leaf The leaf of the proof. LE sha256 hash.\\n /// @param _tree The intermediate nodes in the proof.\\n /// Tightly packed LE sha256 hashes.\\n /// @param _root The root of the proof. LE sha256 hash.\\n /// @param _index The index of the leaf\\n /// @return true if the proof is valid, else false\\n function verifyHash256Merkle(\\n bytes32 _leaf,\\n bytes memory _tree,\\n bytes32 _root,\\n uint _index\\n ) internal view returns (bool) {\\n // Not an even number of hashes\\n if (_tree.length % 32 != 0) {\\n return false;\\n }\\n\\n // Should never occur\\n if (_tree.length == 0) {\\n return false;\\n }\\n\\n uint _idx = _index;\\n bytes32 _current = _leaf;\\n\\n // i moves in increments of 32\\n for (uint i = 0; i < _tree.length; i += 32) {\\n if (_idx % 2 == 1) {\\n _current = _hash256MerkleStep(_tree.slice32(i), _current);\\n } else {\\n _current = _hash256MerkleStep(_current, _tree.slice32(i));\\n }\\n _idx = _idx >> 1;\\n }\\n return _current == _root;\\n }\\n\\n /*\\n NB: https://github.com/bitcoin/bitcoin/blob/78dae8caccd82cfbfd76557f1fb7d7557c7b5edb/src/pow.cpp#L49-L72\\n NB: We get a full-bitlength target from this. For comparison with\\n header-encoded targets we need to mask it with the header target\\n e.g. (full & truncated) == truncated\\n */\\n /// @notice performs the bitcoin difficulty retarget\\n /// @dev implements the Bitcoin algorithm precisely\\n /// @param _previousTarget the target of the previous period\\n /// @param _firstTimestamp the timestamp of the first block in the difficulty period\\n /// @param _secondTimestamp the timestamp of the last block in the difficulty period\\n /// @return the new period's target threshold\\n function retargetAlgorithm(\\n uint256 _previousTarget,\\n uint256 _firstTimestamp,\\n uint256 _secondTimestamp\\n ) internal pure returns (uint256) {\\n uint256 _elapsedTime = _secondTimestamp.sub(_firstTimestamp);\\n\\n // Normalize ratio to factor of 4 if very long or very short\\n if (_elapsedTime < RETARGET_PERIOD.div(4)) {\\n _elapsedTime = RETARGET_PERIOD.div(4);\\n }\\n if (_elapsedTime > RETARGET_PERIOD.mul(4)) {\\n _elapsedTime = RETARGET_PERIOD.mul(4);\\n }\\n\\n /*\\n NB: high targets e.g. ffff0020 can cause overflows here\\n so we divide it by 256**2, then multiply by 256**2 later\\n we know the target is evenly divisible by 256**2, so this isn't an issue\\n */\\n\\n uint256 _adjusted = _previousTarget.div(65536).mul(_elapsedTime);\\n return _adjusted.div(RETARGET_PERIOD).mul(65536);\\n }\\n}\\n\",\"keccak256\":\"0x0f6b9a8deec659541f8bf2e5c4ecf4596ffa7502f7a8f4d9e88a681a01ef0dfb\"},\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/*\\n\\nhttps://github.com/GNSPS/solidity-bytes-utils/\\n\\nThis is free and unencumbered software released into the public domain.\\n\\nAnyone is free to copy, modify, publish, use, compile, sell, or\\ndistribute this software, either in source code form or as a compiled\\nbinary, for any purpose, commercial or non-commercial, and by any\\nmeans.\\n\\nIn jurisdictions that recognize copyright laws, the author or authors\\nof this software dedicate any and all copyright interest in the\\nsoftware to the public domain. We make this dedication for the benefit\\nof the public at large and to the detriment of our heirs and\\nsuccessors. We intend this dedication to be an overt act of\\nrelinquishment in perpetuity of all present and future rights to this\\nsoftware under copyright law.\\n\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND,\\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR\\nOTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,\\nARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR\\nOTHER DEALINGS IN THE SOFTWARE.\\n\\nFor more information, please refer to <https://unlicense.org>\\n*/\\n\\n\\n/** @title BytesLib **/\\n/** @author https://github.com/GNSPS **/\\n\\nlibrary BytesLib {\\n function concat(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bytes memory) {\\n bytes memory tempBytes;\\n\\n assembly {\\n // Get a location of some free memory and store it in tempBytes as\\n // Solidity does for memory variables.\\n tempBytes := mload(0x40)\\n\\n // Store the length of the first bytes array at the beginning of\\n // the memory for tempBytes.\\n let length := mload(_preBytes)\\n mstore(tempBytes, length)\\n\\n // Maintain a memory counter for the current write location in the\\n // temp bytes array by adding the 32 bytes for the array length to\\n // the starting location.\\n let mc := add(tempBytes, 0x20)\\n // Stop copying when the memory counter reaches the length of the\\n // first bytes array.\\n let end := add(mc, length)\\n\\n for {\\n // Initialize a copy counter to the start of the _preBytes data,\\n // 32 bytes into its memory.\\n let cc := add(_preBytes, 0x20)\\n } lt(mc, end) {\\n // Increase both counters by 32 bytes each iteration.\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // Write the _preBytes data into the tempBytes memory 32 bytes\\n // at a time.\\n mstore(mc, mload(cc))\\n }\\n\\n // Add the length of _postBytes to the current length of tempBytes\\n // and store it as the new length in the first 32 bytes of the\\n // tempBytes memory.\\n length := mload(_postBytes)\\n mstore(tempBytes, add(length, mload(tempBytes)))\\n\\n // Move the memory counter back from a multiple of 0x20 to the\\n // actual end of the _preBytes data.\\n mc := end\\n // Stop copying when the memory counter reaches the new combined\\n // length of the arrays.\\n end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n } lt(mc, end) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n mstore(mc, mload(cc))\\n }\\n\\n // Update the free-memory pointer by padding our last write location\\n // to 32 bytes: add 31 bytes to the end of tempBytes to move to the\\n // next 32 byte block, then round down to the nearest multiple of\\n // 32. If the sum of the length of the two arrays is zero then add\\n // one before rounding down to leave a blank 32 bytes (the length block with 0).\\n mstore(0x40, and(\\n add(add(end, iszero(add(length, mload(_preBytes)))), 31),\\n not(31) // Round down to the nearest 32 bytes.\\n ))\\n }\\n\\n return tempBytes;\\n }\\n\\n function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {\\n assembly {\\n // Read the first 32 bytes of _preBytes storage, which is the length\\n // of the array. (We don't need to use the offset into the slot\\n // because arrays use the entire slot.)\\n let fslot := sload(_preBytes.slot)\\n // Arrays of 31 bytes or less have an even value in their slot,\\n // while longer arrays have an odd value. The actual length is\\n // the slot divided by two for odd values, and the lowest order\\n // byte divided by two for even values.\\n // If the slot is even, bitwise and the slot with 255 and divide by\\n // two to get the length. If the slot is odd, bitwise and the slot\\n // with -1 and divide by two.\\n let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)\\n let mlength := mload(_postBytes)\\n let newlength := add(slength, mlength)\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n switch add(lt(slength, 32), lt(newlength, 32))\\n case 2 {\\n // Since the new array still fits in the slot, we just need to\\n // update the contents of the slot.\\n // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length\\n sstore(\\n _preBytes.slot,\\n // all the modifications to the slot are inside this\\n // next block\\n add(\\n // we can just add to the slot contents because the\\n // bytes we want to change are the LSBs\\n fslot,\\n add(\\n mul(\\n div(\\n // load the bytes from memory\\n mload(add(_postBytes, 0x20)),\\n // zero all bytes to the right\\n exp(0x100, sub(32, mlength))\\n ),\\n // and now shift left the number of bytes to\\n // leave space for the length in the slot\\n exp(0x100, sub(32, newlength))\\n ),\\n // increase length by the double of the memory\\n // bytes length\\n mul(mlength, 2)\\n )\\n )\\n )\\n }\\n case 1 {\\n // The stored value fits in the slot, but the combined value\\n // will exceed it.\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // The contents of the _postBytes array start 32 bytes into\\n // the structure. Our first read should obtain the `submod`\\n // bytes that can fit into the unused space in the last word\\n // of the stored array. To get this, we read 32 bytes starting\\n // from `submod`, so the data we read overlaps with the array\\n // contents by `submod` bytes. Masking the lowest-order\\n // `submod` bytes allows us to add that value directly to the\\n // stored value.\\n\\n let submod := sub(32, slength)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(\\n sc,\\n add(\\n and(\\n fslot,\\n 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00\\n ),\\n and(mload(mc), mask)\\n )\\n )\\n\\n for {\\n mc := add(mc, 0x20)\\n sc := add(sc, 1)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n default {\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n // Start copying to the last used word of the stored array.\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // Copy over the first `submod` bytes of the new data as in\\n // case 1 above.\\n let slengthmod := mod(slength, 32)\\n let mlengthmod := mod(mlength, 32)\\n let submod := sub(32, slengthmod)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(sc, add(sload(sc), and(mload(mc), mask)))\\n\\n for {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n }\\n }\\n\\n function slice(bytes memory _bytes, uint _start, uint _length) internal pure returns (bytes memory res) {\\n if (_length == 0) {\\n return hex\\\"\\\";\\n }\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n // Alloc bytes array with additional 32 bytes afterspace and assign it's size\\n res := mload(0x40)\\n mstore(0x40, add(add(res, 64), _length))\\n mstore(res, _length)\\n\\n // Compute distance between source and destination pointers\\n let diff := sub(res, add(_bytes, _start))\\n\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n } {\\n mstore(add(src, diff), mload(src))\\n }\\n }\\n }\\n\\n /// @notice Take a slice of the byte array, overwriting the destination.\\n /// The length of the slice will equal the length of the destination array.\\n /// @dev Make sure the destination array has afterspace if required.\\n /// @param _bytes The source array\\n /// @param _dest The destination array.\\n /// @param _start The location to start in the source array.\\n function sliceInPlace(\\n bytes memory _bytes,\\n bytes memory _dest,\\n uint _start\\n ) internal pure {\\n uint _length = _dest.length;\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let res := add(_dest, 32)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n res := add(res, 32)\\n } {\\n mstore(res, mload(src))\\n }\\n }\\n }\\n\\n // Static slice functions, no bounds checking\\n /// @notice take a 32-byte slice from the specified position\\n function slice32(bytes memory _bytes, uint _start) internal pure returns (bytes32 res) {\\n assembly {\\n res := mload(add(add(_bytes, 32), _start))\\n }\\n }\\n\\n /// @notice take a 20-byte slice from the specified position\\n function slice20(bytes memory _bytes, uint _start) internal pure returns (bytes20) {\\n return bytes20(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 8-byte slice from the specified position\\n function slice8(bytes memory _bytes, uint _start) internal pure returns (bytes8) {\\n return bytes8(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 4-byte slice from the specified position\\n function slice4(bytes memory _bytes, uint _start) internal pure returns (bytes4) {\\n return bytes4(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 3-byte slice from the specified position\\n function slice3(bytes memory _bytes, uint _start) internal pure returns (bytes3) {\\n return bytes3(slice32(_bytes, _start));\\n }\\n\\n /// @notice take a 2-byte slice from the specified position\\n function slice2(bytes memory _bytes, uint _start) internal pure returns (bytes2) {\\n return bytes2(slice32(_bytes, _start));\\n }\\n\\n function toAddress(bytes memory _bytes, uint _start) internal pure returns (address) {\\n uint _totalLen = _start + 20;\\n require(_totalLen > _start && _bytes.length >= _totalLen, \\\"Address conversion out of bounds.\\\");\\n address tempAddress;\\n\\n assembly {\\n tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)\\n }\\n\\n return tempAddress;\\n }\\n\\n function toUint(bytes memory _bytes, uint _start) internal pure returns (uint256) {\\n uint _totalLen = _start + 32;\\n require(_totalLen > _start && _bytes.length >= _totalLen, \\\"Uint conversion out of bounds.\\\");\\n uint256 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x20), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {\\n bool success = true;\\n\\n assembly {\\n let length := mload(_preBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(length, mload(_postBytes))\\n case 1 {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n let mc := add(_preBytes, 0x20)\\n let end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n } eq(add(lt(mc, end), cb), 2) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // if any of these checks fails then arrays are not equal\\n if iszero(eq(mload(mc), mload(cc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function equalStorage(bytes storage _preBytes, bytes memory _postBytes) internal view returns (bool) {\\n bool success = true;\\n\\n assembly {\\n // we know _preBytes_offset is 0\\n let fslot := sload(_preBytes.slot)\\n // Decode the length of the stored array like in concatStorage().\\n let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)\\n let mlength := mload(_postBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(slength, mlength)\\n case 1 {\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n if iszero(iszero(slength)) {\\n switch lt(slength, 32)\\n case 1 {\\n // blank the last byte which is the length\\n fslot := mul(div(fslot, 0x100), 0x100)\\n\\n if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {\\n // unsuccess:\\n success := 0\\n }\\n }\\n default {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := keccak256(0x0, 0x20)\\n\\n let mc := add(_postBytes, 0x20)\\n let end := add(mc, mlength)\\n\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n for {} eq(add(lt(mc, end), cb), 2) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n if iszero(eq(sload(sc), mload(mc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function toBytes32(bytes memory _source) pure internal returns (bytes32 result) {\\n if (_source.length == 0) {\\n return 0x0;\\n }\\n\\n assembly {\\n result := mload(add(_source, 32))\\n }\\n }\\n\\n function keccak256Slice(bytes memory _bytes, uint _start, uint _length) pure internal returns (bytes32 result) {\\n uint _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n result := keccak256(add(add(_bytes, 32), _start), _length)\\n }\\n }\\n}\\n\",\"keccak256\":\"0x43e0f3b3b23c861bd031588bf410dfdd02e2af17941a89aa38d70e534e0380d1\"},\"@keep-network/bitcoin-spv-sol/contracts/CheckBitcoinSigs.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title CheckBitcoinSigs */\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {BTCUtils} from \\\"./BTCUtils.sol\\\";\\n\\n\\nlibrary CheckBitcoinSigs {\\n\\n using BytesLib for bytes;\\n using BTCUtils for bytes;\\n\\n /// @notice Derives an Ethereum Account address from a pubkey\\n /// @dev The address is the last 20 bytes of the keccak256 of the address\\n /// @param _pubkey The public key X & Y. Unprefixed, as a 64-byte array\\n /// @return The account address\\n function accountFromPubkey(bytes memory _pubkey) internal pure returns (address) {\\n require(_pubkey.length == 64, \\\"Pubkey must be 64-byte raw, uncompressed key.\\\");\\n\\n // keccak hash of uncompressed unprefixed pubkey\\n bytes32 _digest = keccak256(_pubkey);\\n return address(uint160(uint256(_digest)));\\n }\\n\\n /// @notice Calculates the p2wpkh output script of a pubkey\\n /// @dev Compresses keys to 33 bytes as required by Bitcoin\\n /// @param _pubkey The public key, compressed or uncompressed\\n /// @return The p2wkph output script\\n function p2wpkhFromPubkey(bytes memory _pubkey) internal view returns (bytes memory) {\\n bytes memory _compressedPubkey;\\n uint8 _prefix;\\n\\n if (_pubkey.length == 64) {\\n _prefix = uint8(_pubkey[_pubkey.length - 1]) % 2 == 1 ? 3 : 2;\\n _compressedPubkey = abi.encodePacked(_prefix, _pubkey.slice32(0));\\n } else if (_pubkey.length == 65) {\\n _prefix = uint8(_pubkey[_pubkey.length - 1]) % 2 == 1 ? 3 : 2;\\n _compressedPubkey = abi.encodePacked(_prefix, _pubkey.slice32(1));\\n } else {\\n _compressedPubkey = _pubkey;\\n }\\n\\n require(_compressedPubkey.length == 33, \\\"Witness PKH requires compressed keys\\\");\\n\\n bytes20 _pubkeyHash = _compressedPubkey.hash160View();\\n return abi.encodePacked(hex\\\"0014\\\", _pubkeyHash);\\n }\\n\\n /// @notice checks a signed message's validity under a pubkey\\n /// @dev does this using ecrecover because Ethereum has no soul\\n /// @param _pubkey the public key to check (64 bytes)\\n /// @param _digest the message digest signed\\n /// @param _v the signature recovery value\\n /// @param _r the signature r value\\n /// @param _s the signature s value\\n /// @return true if signature is valid, else false\\n function checkSig(\\n bytes memory _pubkey,\\n bytes32 _digest,\\n uint8 _v,\\n bytes32 _r,\\n bytes32 _s\\n ) internal pure returns (bool) {\\n require(_pubkey.length == 64, \\\"Requires uncompressed unprefixed pubkey\\\");\\n address _expected = accountFromPubkey(_pubkey);\\n address _actual = ecrecover(_digest, _v, _r, _s);\\n return _actual == _expected;\\n }\\n\\n /// @notice checks a signed message against a bitcoin p2wpkh output script\\n /// @dev does this my verifying the p2wpkh matches an ethereum account\\n /// @param _p2wpkhOutputScript the bitcoin output script\\n /// @param _pubkey the uncompressed, unprefixed public key to check\\n /// @param _digest the message digest signed\\n /// @param _v the signature recovery value\\n /// @param _r the signature r value\\n /// @param _s the signature s value\\n /// @return true if signature is valid, else false\\n function checkBitcoinSig(\\n bytes memory _p2wpkhOutputScript,\\n bytes memory _pubkey,\\n bytes32 _digest,\\n uint8 _v,\\n bytes32 _r,\\n bytes32 _s\\n ) internal view returns (bool) {\\n require(_pubkey.length == 64, \\\"Requires uncompressed unprefixed pubkey\\\");\\n\\n bool _isExpectedSigner = keccak256(p2wpkhFromPubkey(_pubkey)) == keccak256(_p2wpkhOutputScript); // is it the expected signer?\\n if (!_isExpectedSigner) {return false;}\\n\\n bool _sigResult = checkSig(_pubkey, _digest, _v, _r, _s);\\n return _sigResult;\\n }\\n\\n /// @notice checks if a message is the sha256 preimage of a digest\\n /// @dev this is NOT the hash256! this step is necessary for ECDSA security!\\n /// @param _digest the digest\\n /// @param _candidate the purported preimage\\n /// @return true if the preimage matches the digest, else false\\n function isSha256Preimage(\\n bytes memory _candidate,\\n bytes32 _digest\\n ) internal pure returns (bool) {\\n return sha256(_candidate) == _digest;\\n }\\n\\n /// @notice checks if a message is the keccak256 preimage of a digest\\n /// @dev this step is necessary for ECDSA security!\\n /// @param _digest the digest\\n /// @param _candidate the purported preimage\\n /// @return true if the preimage matches the digest, else false\\n function isKeccak256Preimage(\\n bytes memory _candidate,\\n bytes32 _digest\\n ) internal pure returns (bool) {\\n return keccak256(_candidate) == _digest;\\n }\\n\\n /// @notice calculates the signature hash of a Bitcoin transaction with the provided details\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputScript the length-prefixed output script\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function wpkhSpendSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes memory _outputScript // lenght-prefixed output script\\n ) internal view returns (bytes32) {\\n // Fixes elements to easily make a 1-in 1-out sighash digest\\n // Does not support timelocks\\n // bytes memory _scriptCode = abi.encodePacked(\\n // hex\\\"1976a914\\\", // length, dup, hash160, pkh_length\\n // _inputPKH,\\n // hex\\\"88ac\\\"); // equal, checksig\\n\\n bytes32 _hashOutputs = abi.encodePacked(\\n _outputValue, // 8-byte LE\\n _outputScript).hash256View();\\n\\n bytes memory _sighashPreimage = abi.encodePacked(\\n hex\\\"01000000\\\", // version\\n _outpoint.hash256View(), // hashPrevouts\\n hex\\\"8cb9012517c817fead650287d61bdd9c68803b6bf9c64133dcab3e65b5a50cb9\\\", // hashSequence(00000000)\\n _outpoint, // outpoint\\n // p2wpkh script code\\n hex\\\"1976a914\\\", // length, dup, hash160, pkh_length\\n _inputPKH,\\n hex\\\"88ac\\\", // equal, checksig\\n // end script code\\n _inputValue, // value of the input in 8-byte LE\\n hex\\\"00000000\\\", // input nSequence\\n _hashOutputs, // hash of the single output\\n hex\\\"00000000\\\", // nLockTime\\n hex\\\"01000000\\\" // SIGHASH_ALL\\n );\\n return _sighashPreimage.hash256View();\\n }\\n\\n /// @notice calculates the signature hash of a Bitcoin transaction with the provided details\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputPKH the output pubkeyhash (hash160(recipient_pubkey))\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function wpkhToWpkhSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes20 _outputPKH // 20-byte hash160\\n ) internal view returns (bytes32) {\\n return wpkhSpendSighash(\\n _outpoint,\\n _inputPKH,\\n _inputValue,\\n _outputValue,\\n abi.encodePacked(\\n hex\\\"160014\\\", // wpkh tag\\n _outputPKH)\\n );\\n }\\n\\n /// @notice Preserved for API compatibility with older version\\n /// @dev documented in bip143. many values are hardcoded here\\n /// @param _outpoint the bitcoin UTXO id (32-byte txid + 4-byte output index)\\n /// @param _inputPKH the input pubkeyhash (hash160(sender_pubkey))\\n /// @param _inputValue the value of the input in satoshi\\n /// @param _outputValue the value of the output in satoshi\\n /// @param _outputPKH the output pubkeyhash (hash160(recipient_pubkey))\\n /// @return the double-sha256 (hash256) signature hash as defined by bip143\\n function oneInputOneOutputSighash(\\n bytes memory _outpoint, // 36-byte UTXO id\\n bytes20 _inputPKH, // 20-byte hash160\\n bytes8 _inputValue, // 8-byte LE\\n bytes8 _outputValue, // 8-byte LE\\n bytes20 _outputPKH // 20-byte hash160\\n ) internal view returns (bytes32) {\\n return wpkhToWpkhSighash(_outpoint, _inputPKH, _inputValue, _outputValue, _outputPKH);\\n }\\n\\n}\\n\",\"keccak256\":\"0xfffbd5486af77058fe9385d63d433da914a043994b1affdfcb87248aa10a234c\"},\"@keep-network/bitcoin-spv-sol/contracts/SafeMath.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/*\\nThe MIT License (MIT)\\n\\nCopyright (c) 2016 Smart Contract Solutions, Inc.\\n\\nPermission is hereby granted, free of charge, to any person obtaining\\na copy of this software and associated documentation files (the\\n\\\"Software\\\"), to deal in the Software without restriction, including\\nwithout limitation the rights to use, copy, modify, merge, publish,\\ndistribute, sublicense, and/or sell copies of the Software, and to\\npermit persons to whom the Software is furnished to do so, subject to\\nthe following conditions:\\n\\nThe above copyright notice and this permission notice shall be included\\nin all copies or substantial portions of the Software.\\n\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND, EXPRESS\\nOR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY\\nCLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,\\nTORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE\\nSOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\\n*/\\n\\n\\n/**\\n * @title SafeMath\\n * @dev Math operations with safety checks that throw on error\\n */\\nlibrary SafeMath {\\n\\n /**\\n * @dev Multiplies two numbers, throws on overflow.\\n */\\n function mul(uint256 _a, uint256 _b) internal pure returns (uint256 c) {\\n // Gas optimization: this is cheaper than asserting 'a' not being zero, but the\\n // benefit is lost if 'b' is also tested.\\n // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522\\n if (_a == 0) {\\n return 0;\\n }\\n\\n c = _a * _b;\\n require(c / _a == _b, \\\"Overflow during multiplication.\\\");\\n return c;\\n }\\n\\n /**\\n * @dev Integer division of two numbers, truncating the quotient.\\n */\\n function div(uint256 _a, uint256 _b) internal pure returns (uint256) {\\n // assert(_b > 0); // Solidity automatically throws when dividing by 0\\n // uint256 c = _a / _b;\\n // assert(_a == _b * c + _a % _b); // There is no case in which this doesn't hold\\n return _a / _b;\\n }\\n\\n /**\\n * @dev Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).\\n */\\n function sub(uint256 _a, uint256 _b) internal pure returns (uint256) {\\n require(_b <= _a, \\\"Underflow during subtraction.\\\");\\n return _a - _b;\\n }\\n\\n /**\\n * @dev Adds two numbers, throws on overflow.\\n */\\n function add(uint256 _a, uint256 _b) internal pure returns (uint256 c) {\\n c = _a + _b;\\n require(c >= _a, \\\"Overflow during addition.\\\");\\n return c;\\n }\\n}\\n\",\"keccak256\":\"0x35930d982394c7ffde439b82e5e696c5b21a6f09699d44861dfe409ef64084a3\"},\"@keep-network/bitcoin-spv-sol/contracts/ValidateSPV.sol\":{\"content\":\"pragma solidity ^0.8.4;\\n\\n/** @title ValidateSPV*/\\n/** @author Summa (https://summa.one) */\\n\\nimport {BytesLib} from \\\"./BytesLib.sol\\\";\\nimport {SafeMath} from \\\"./SafeMath.sol\\\";\\nimport {BTCUtils} from \\\"./BTCUtils.sol\\\";\\n\\n\\nlibrary ValidateSPV {\\n\\n using BTCUtils for bytes;\\n using BTCUtils for uint256;\\n using BytesLib for bytes;\\n using SafeMath for uint256;\\n\\n enum InputTypes { NONE, LEGACY, COMPATIBILITY, WITNESS }\\n enum OutputTypes { NONE, WPKH, WSH, OP_RETURN, PKH, SH, NONSTANDARD }\\n\\n uint256 constant ERR_BAD_LENGTH = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff;\\n uint256 constant ERR_INVALID_CHAIN = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe;\\n uint256 constant ERR_LOW_WORK = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd;\\n\\n function getErrBadLength() internal pure returns (uint256) {\\n return ERR_BAD_LENGTH;\\n }\\n\\n function getErrInvalidChain() internal pure returns (uint256) {\\n return ERR_INVALID_CHAIN;\\n }\\n\\n function getErrLowWork() internal pure returns (uint256) {\\n return ERR_LOW_WORK;\\n }\\n\\n /// @notice Validates a tx inclusion in the block\\n /// @dev `index` is not a reliable indicator of location within a block\\n /// @param _txid The txid (LE)\\n /// @param _merkleRoot The merkle root (as in the block header)\\n /// @param _intermediateNodes The proof's intermediate nodes (digests between leaf and root)\\n /// @param _index The leaf's index in the tree (0-indexed)\\n /// @return true if fully valid, false otherwise\\n function prove(\\n bytes32 _txid,\\n bytes32 _merkleRoot,\\n bytes memory _intermediateNodes,\\n uint _index\\n ) internal view returns (bool) {\\n // Shortcut the empty-block case\\n if (_txid == _merkleRoot && _index == 0 && _intermediateNodes.length == 0) {\\n return true;\\n }\\n\\n // If the Merkle proof failed, bubble up error\\n return BTCUtils.verifyHash256Merkle(\\n _txid,\\n _intermediateNodes,\\n _merkleRoot,\\n _index\\n );\\n }\\n\\n /// @notice Hashes transaction to get txid\\n /// @dev Supports Legacy and Witness\\n /// @param _version 4-bytes version\\n /// @param _vin Raw bytes length-prefixed input vector\\n /// @param _vout Raw bytes length-prefixed output vector\\n /// @param _locktime 4-byte tx locktime\\n /// @return 32-byte transaction id, little endian\\n function calculateTxId(\\n bytes4 _version,\\n bytes memory _vin,\\n bytes memory _vout,\\n bytes4 _locktime\\n ) internal view returns (bytes32) {\\n // Get transaction hash double-Sha256(version + nIns + inputs + nOuts + outputs + locktime)\\n return abi.encodePacked(_version, _vin, _vout, _locktime).hash256View();\\n }\\n\\n /// @notice Checks validity of header chain\\n /// @notice Compares the hash of each header to the prevHash in the next header\\n /// @param _headers Raw byte array of header chain\\n /// @return _totalDifficulty The total accumulated difficulty of the header chain, or an error code\\n function validateHeaderChain(bytes memory _headers) internal view returns (uint256 _totalDifficulty) {\\n\\n // Check header chain length\\n if (_headers.length % 80 != 0) {return ERR_BAD_LENGTH;}\\n\\n // Initialize header start index\\n bytes32 _digest;\\n\\n _totalDifficulty = 0;\\n\\n bytes memory _header;\\n\\n // Allocate _header with extra space after it to fit 3 full words\\n assembly {\\n _header := mload(0x40)\\n mstore(0x40, add(_header, add(32, 96)))\\n mstore(_header, 80)\\n }\\n\\n for (uint256 _start = 0; _start < _headers.length; _start += 80) {\\n\\n // ith header start index and ith header\\n _headers.sliceInPlace(_header, _start);\\n\\n // After the first header, check that headers are in a chain\\n if (_start != 0) {\\n if (!validateHeaderPrevHash(_header, _digest)) {return ERR_INVALID_CHAIN;}\\n }\\n\\n // ith header target\\n uint256 _target = _header.extractTarget();\\n\\n // Require that the header has sufficient work\\n _digest = _header.hash256View();\\n if(uint256(_digest).reverseUint256() > _target) {\\n return ERR_LOW_WORK;\\n }\\n\\n // Add ith header difficulty to difficulty sum\\n _totalDifficulty = _totalDifficulty.add(_target.calculateDifficulty());\\n }\\n }\\n\\n /// @notice Checks validity of header work\\n /// @param _digest Header digest\\n /// @param _target The target threshold\\n /// @return true if header work is valid, false otherwise\\n function validateHeaderWork(bytes32 _digest, uint256 _target) internal pure returns (bool) {\\n if (_digest == bytes32(0)) {return false;}\\n return (uint256(_digest).reverseUint256() < _target);\\n }\\n\\n /// @notice Checks validity of header chain\\n /// @dev Compares current header prevHash to previous header's digest\\n /// @param _header The raw bytes header\\n /// @param _prevHeaderDigest The previous header's digest\\n /// @return true if the connect is valid, false otherwise\\n function validateHeaderPrevHash(bytes memory _header, bytes32 _prevHeaderDigest) internal pure returns (bool) {\\n\\n // Extract prevHash of current header\\n bytes32 _prevHash = _header.extractPrevBlockLE();\\n\\n // Compare prevHash of current header to previous header's digest\\n if (_prevHash != _prevHeaderDigest) {return false;}\\n\\n return true;\\n }\\n}\\n\",\"keccak256\":\"0x504c3de02695728018b1f54d0b0f3abdae11624305c8985f541f8f79eea5eeb4\"},\"@keep-network/ecdsa/contracts/EcdsaDkgValidator.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\n// Initial version copied from Keep Network Random Beacon:\\n// https://github.com/keep-network/keep-core/blob/5138c7628868dbeed3ae2164f76fccc6c1fbb9e8/solidity/random-beacon/contracts/DKGValidator.sol\\n//\\n// With the following differences:\\n// - group public key length,\\n// - group size and related thresholds,\\n// - documentation.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\\\";\\nimport \\\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\\\";\\nimport \\\"@keep-network/sortition-pools/contracts/SortitionPool.sol\\\";\\nimport \\\"./libraries/EcdsaDkg.sol\\\";\\n\\n/// @title DKG result validator\\n/// @notice EcdsaDkgValidator allows performing a full validation of DKG result,\\n/// including checking the format of fields in the result, declared\\n/// selected group members, and signatures of operators supporting the\\n/// result. The operator submitting the result should perform the\\n/// validation using a free contract call before submitting the result\\n/// to ensure their result is valid and can not be challenged. All other\\n/// network operators should perform validation of the submitted result\\n/// using a free contract call and challenge the result if the\\n/// validation fails.\\ncontract EcdsaDkgValidator {\\n using BytesLib for bytes;\\n using ECDSA for bytes32;\\n\\n /// @dev Size of a group in DKG.\\n uint256 public constant groupSize = 100;\\n\\n /// @dev The minimum number of group members needed to interact according to\\n /// the protocol to produce a signature. The adversary can not learn\\n /// anything about the key as long as it does not break into\\n /// groupThreshold+1 of members.\\n uint256 public constant groupThreshold = 51;\\n\\n /// @dev The minimum number of active and properly behaving group members\\n /// during the DKG needed to accept the result. This number is higher\\n /// than `groupThreshold` to keep a safety margin for members becoming\\n /// inactive after DKG so that the group can still produce signature.\\n uint256 public constant activeThreshold = 90; // 90% of groupSize\\n\\n /// @dev Size in bytes of a public key produced by group members during the\\n /// the DKG. The length assumes uncompressed ECDSA public key.\\n uint256 public constant publicKeyByteSize = 64;\\n\\n /// @dev Size in bytes of a single signature produced by operator supporting\\n /// DKG result.\\n uint256 public constant signatureByteSize = 65;\\n\\n SortitionPool public sortitionPool;\\n\\n constructor(SortitionPool _sortitionPool) {\\n sortitionPool = _sortitionPool;\\n }\\n\\n /// @notice Performs a full validation of DKG result, including checking the\\n /// format of fields in the result, declared selected group members,\\n /// and signatures of operators supporting the result.\\n /// @param seed seed used to start the DKG and select group members\\n /// @param startBlock DKG start block\\n /// @return isValid true if the result is valid, false otherwise\\n /// @return errorMsg validation error message; empty for a valid result\\n function validate(\\n EcdsaDkg.Result calldata result,\\n uint256 seed,\\n uint256 startBlock\\n ) external view returns (bool isValid, string memory errorMsg) {\\n (bool hasValidFields, string memory error) = validateFields(result);\\n if (!hasValidFields) {\\n return (false, error);\\n }\\n\\n if (!validateSignatures(result, startBlock)) {\\n return (false, \\\"Invalid signatures\\\");\\n }\\n\\n if (!validateGroupMembers(result, seed)) {\\n return (false, \\\"Invalid group members\\\");\\n }\\n\\n // At this point all group members and misbehaved members were verified\\n if (!validateMembersHash(result)) {\\n return (false, \\\"Invalid members hash\\\");\\n }\\n\\n return (true, \\\"\\\");\\n }\\n\\n /// @notice Performs a static validation of DKG result fields: lengths,\\n /// ranges, and order of arrays.\\n /// @return isValid true if the result is valid, false otherwise\\n /// @return errorMsg validation error message; empty for a valid result\\n function validateFields(EcdsaDkg.Result calldata result)\\n public\\n view\\n returns (bool isValid, string memory errorMsg)\\n {\\n if (result.groupPubKey.length != publicKeyByteSize) {\\n return (false, \\\"Malformed group public key\\\");\\n }\\n\\n // The number of misbehaved members can not exceed the threshold.\\n // Misbehaved member indices needs to be unique, between [1, groupSize],\\n // and sorted in ascending order.\\n uint8[] calldata misbehavedMembersIndices = result\\n .misbehavedMembersIndices;\\n if (groupSize - misbehavedMembersIndices.length < activeThreshold) {\\n return (false, \\\"Too many members misbehaving during DKG\\\");\\n }\\n if (misbehavedMembersIndices.length > 1) {\\n if (\\n misbehavedMembersIndices[0] < 1 ||\\n misbehavedMembersIndices[misbehavedMembersIndices.length - 1] >\\n groupSize\\n ) {\\n return (false, \\\"Corrupted misbehaved members indices\\\");\\n }\\n for (uint256 i = 1; i < misbehavedMembersIndices.length; i++) {\\n if (\\n misbehavedMembersIndices[i - 1] >=\\n misbehavedMembersIndices[i]\\n ) {\\n return (false, \\\"Corrupted misbehaved members indices\\\");\\n }\\n }\\n }\\n\\n // Each signature needs to have a correct length and signatures need to\\n // be provided.\\n uint256 signaturesCount = result.signatures.length / signatureByteSize;\\n if (result.signatures.length == 0) {\\n return (false, \\\"No signatures provided\\\");\\n }\\n if (result.signatures.length % signatureByteSize != 0) {\\n return (false, \\\"Malformed signatures array\\\");\\n }\\n\\n // We expect the same amount of signatures as the number of declared\\n // group member indices that signed the result.\\n uint256[] calldata signingMembersIndices = result.signingMembersIndices;\\n if (signaturesCount != signingMembersIndices.length) {\\n return (false, \\\"Unexpected signatures count\\\");\\n }\\n if (signaturesCount < groupThreshold) {\\n return (false, \\\"Too few signatures\\\");\\n }\\n if (signaturesCount > groupSize) {\\n return (false, \\\"Too many signatures\\\");\\n }\\n\\n // Signing member indices needs to be unique, between [1,groupSize],\\n // and sorted in ascending order.\\n if (\\n signingMembersIndices[0] < 1 ||\\n signingMembersIndices[signingMembersIndices.length - 1] > groupSize\\n ) {\\n return (false, \\\"Corrupted signing member indices\\\");\\n }\\n for (uint256 i = 1; i < signingMembersIndices.length; i++) {\\n if (signingMembersIndices[i - 1] >= signingMembersIndices[i]) {\\n return (false, \\\"Corrupted signing member indices\\\");\\n }\\n }\\n\\n return (true, \\\"\\\");\\n }\\n\\n /// @notice Performs validation of group members as declared in DKG\\n /// result against group members selected by the sortition pool.\\n /// @param seed seed used to start the DKG and select group members\\n /// @return true if group members matches; false otherwise\\n function validateGroupMembers(EcdsaDkg.Result calldata result, uint256 seed)\\n public\\n view\\n returns (bool)\\n {\\n uint32[] calldata resultMembers = result.members;\\n uint32[] memory actualGroupMembers = sortitionPool.selectGroup(\\n groupSize,\\n bytes32(seed)\\n );\\n if (resultMembers.length != actualGroupMembers.length) {\\n return false;\\n }\\n for (uint256 i = 0; i < resultMembers.length; i++) {\\n if (resultMembers[i] != actualGroupMembers[i]) {\\n return false;\\n }\\n }\\n return true;\\n }\\n\\n /// @notice Performs validation of signatures supplied in DKG result.\\n /// Note that this function does not check if addresses which\\n /// supplied signatures supporting the result are the ones selected\\n /// to the group by sortition pool. This function should be used\\n /// together with `validateGroupMembers`.\\n /// @param startBlock DKG start block\\n /// @return true if group members matches; false otherwise\\n function validateSignatures(\\n EcdsaDkg.Result calldata result,\\n uint256 startBlock\\n ) public view returns (bool) {\\n bytes32 hash = keccak256(\\n abi.encodePacked(\\n result.groupPubKey,\\n result.misbehavedMembersIndices,\\n startBlock\\n )\\n ).toEthSignedMessageHash();\\n\\n uint256[] calldata signingMembersIndices = result.signingMembersIndices;\\n uint32[] memory signingMemberIds = new uint32[](\\n signingMembersIndices.length\\n );\\n for (uint256 i = 0; i < signingMembersIndices.length; i++) {\\n signingMemberIds[i] = result.members[signingMembersIndices[i] - 1];\\n }\\n\\n address[] memory signingMemberAddresses = sortitionPool.getIDOperators(\\n signingMemberIds\\n );\\n\\n bytes memory current; // Current signature to be checked.\\n\\n uint256 signaturesCount = result.signatures.length / signatureByteSize;\\n for (uint256 i = 0; i < signaturesCount; i++) {\\n current = result.signatures.slice(\\n signatureByteSize * i,\\n signatureByteSize\\n );\\n address recoveredAddress = hash.recover(current);\\n\\n if (signingMemberAddresses[i] != recoveredAddress) {\\n return false;\\n }\\n }\\n\\n return true;\\n }\\n\\n /// @notice Performs validation of hashed group members that actively took\\n /// part in DKG.\\n /// @param result DKG result\\n /// @return true if calculated result's group members hash matches with the\\n /// one that is challenged.\\n function validateMembersHash(EcdsaDkg.Result calldata result)\\n public\\n view\\n returns (bool)\\n {\\n if (result.misbehavedMembersIndices.length > 0) {\\n // members that generated a group signing key\\n uint32[] memory groupMembers = new uint32[](\\n result.members.length - result.misbehavedMembersIndices.length\\n );\\n uint256 k = 0; // misbehaved members counter\\n uint256 j = 0; // group members counter\\n for (uint256 i = 0; i < result.members.length; i++) {\\n // misbehaved member indices start from 1, so we need to -1 on misbehaved\\n if (i != result.misbehavedMembersIndices[k] - 1) {\\n groupMembers[j] = result.members[i];\\n j++;\\n } else if (k < result.misbehavedMembersIndices.length - 1) {\\n k++;\\n }\\n }\\n\\n return keccak256(abi.encode(groupMembers)) == result.membersHash;\\n }\\n\\n return keccak256(abi.encode(result.members)) == result.membersHash;\\n }\\n}\\n\",\"keccak256\":\"0x03f6dca16ca31db65b537860005e0b34fcc7013eca5113ceeb0baae494a7e4a7\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/api/IWalletOwner.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\ninterface IWalletOwner {\\n /// @notice Callback function executed once a new wallet is created.\\n /// @dev Should be callable only by the Wallet Registry.\\n /// @param walletID Wallet's unique identifier.\\n /// @param publicKeyY Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n function __ecdsaWalletCreatedCallback(\\n bytes32 walletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external;\\n\\n /// @notice Callback function executed once a wallet heartbeat failure\\n /// is detected.\\n /// @dev Should be callable only by the Wallet Registry.\\n /// @param walletID Wallet's unique identifier.\\n /// @param publicKeyY Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n function __ecdsaWalletHeartbeatFailedCallback(\\n bytes32 walletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external;\\n}\\n\",\"keccak256\":\"0xad0c35fb23218babd529d51d047e24c712dd4812dd2506cefce46eafb00bbe1b\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/api/IWalletRegistry.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"../libraries/EcdsaDkg.sol\\\";\\n\\ninterface IWalletRegistry {\\n /// @notice Requests a new wallet creation.\\n /// @dev Only the Wallet Owner can call this function.\\n function requestNewWallet() external;\\n\\n /// @notice Closes an existing wallet.\\n /// @param walletID ID of the wallet.\\n /// @dev Only the Wallet Owner can call this function.\\n function closeWallet(bytes32 walletID) external;\\n\\n /// @notice Adds all signing group members of the wallet with the given ID\\n /// to the slashing queue of the staking contract. The notifier will\\n /// receive reward per each group member from the staking contract\\n /// notifiers treasury. The reward is scaled by the\\n /// `rewardMultiplier` provided as a parameter.\\n /// @param amount Amount of tokens to seize from each signing group member\\n /// @param rewardMultiplier Fraction of the staking contract notifiers\\n /// reward the notifier should receive; should be between [0, 100]\\n /// @param notifier Address of the misbehavior notifier\\n /// @param walletID ID of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @dev Only the Wallet Owner can call this function.\\n /// Requirements:\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - `rewardMultiplier` must be between [0, 100].\\n /// - This function does revert if staking contract call reverts.\\n /// The calling code needs to handle the potential revert.\\n function seize(\\n uint96 amount,\\n uint256 rewardMultiplier,\\n address notifier,\\n bytes32 walletID,\\n uint32[] calldata walletMembersIDs\\n ) external;\\n\\n /// @notice Gets public key of a wallet with a given wallet ID.\\n /// The public key is returned in an uncompressed format as a 64-byte\\n /// concatenation of X and Y coordinates.\\n /// @param walletID ID of the wallet.\\n /// @return Uncompressed public key of the wallet.\\n function getWalletPublicKey(bytes32 walletID)\\n external\\n view\\n returns (bytes memory);\\n\\n /// @notice Check current wallet creation state.\\n function getWalletCreationState() external view returns (EcdsaDkg.State);\\n\\n /// @notice Checks whether the given operator is a member of the given\\n /// wallet signing group.\\n /// @param walletID ID of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param operator Address of the checked operator\\n /// @param walletMemberIndex Position of the operator in the wallet signing\\n /// group members list\\n /// @return True - if the operator is a member of the given wallet signing\\n /// group. False - otherwise.\\n /// @dev Requirements:\\n /// - The `operator` parameter must be an actual sortition pool operator.\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n function isWalletMember(\\n bytes32 walletID,\\n uint32[] calldata walletMembersIDs,\\n address operator,\\n uint256 walletMemberIndex\\n ) external view returns (bool);\\n}\\n\",\"keccak256\":\"0x18f1f76f6b59dedf00ab6d79872589e349d28d8e527a754d0e215a57deb67e89\",\"license\":\"MIT\"},\"@keep-network/ecdsa/contracts/libraries/EcdsaDkg.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n//\\n\\n// Initial version copied from Keep Network Random Beacon:\\n// https://github.com/keep-network/keep-core/blob/5138c7628868dbeed3ae2164f76fccc6c1fbb9e8/solidity/random-beacon/contracts/libraries/DKG.sol\\n//\\n// With the following differences:\\n// - the group size was set to 100,\\n// - offchainDkgTimeout was removed,\\n// - submission eligibility verification is not performed on-chain,\\n// - submission eligibility delay was replaced with a submission timeout,\\n// - seed timeout notification requires seedTimeout period to pass.\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\\\";\\nimport \\\"@keep-network/sortition-pools/contracts/SortitionPool.sol\\\";\\nimport \\\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\\\";\\nimport \\\"../EcdsaDkgValidator.sol\\\";\\n\\nlibrary EcdsaDkg {\\n using BytesLib for bytes;\\n using ECDSA for bytes32;\\n\\n struct Parameters {\\n // Time in blocks during which a seed is expected to be delivered.\\n // DKG starts only after a seed is delivered. The time the contract\\n // awaits for a seed is not included in the DKG timeout.\\n uint256 seedTimeout;\\n // Time in blocks during which a submitted result can be challenged.\\n uint256 resultChallengePeriodLength;\\n // Time in blocks during which a result is expected to be submitted.\\n uint256 resultSubmissionTimeout;\\n // Time in blocks during which only the result submitter is allowed to\\n // approve it. Once this period ends and the submitter have not approved\\n // the result, anyone can do it.\\n uint256 submitterPrecedencePeriodLength;\\n }\\n\\n struct Data {\\n // Address of the Sortition Pool contract.\\n SortitionPool sortitionPool;\\n // Address of the EcdsaDkgValidator contract.\\n EcdsaDkgValidator dkgValidator;\\n // DKG parameters. The parameters should persist between DKG executions.\\n // They should be updated with dedicated set functions only when DKG is not\\n // in progress.\\n Parameters parameters;\\n // Time in block at which DKG state was locked.\\n uint256 stateLockBlock;\\n // Time in blocks at which DKG started.\\n uint256 startBlock;\\n // Seed used to start DKG.\\n uint256 seed;\\n // Time in blocks that should be added to result submission eligibility\\n // delay calculation. It is used in case of a challenge to adjust\\n // DKG timeout calculation.\\n uint256 resultSubmissionStartBlockOffset;\\n // Hash of submitted DKG result.\\n bytes32 submittedResultHash;\\n // Block number from the moment of the DKG result submission.\\n uint256 submittedResultBlock;\\n }\\n\\n /// @notice DKG result.\\n struct Result {\\n // Claimed submitter candidate group member index.\\n // Must be in range [1, groupSize].\\n uint256 submitterMemberIndex;\\n // Generated candidate group public key\\n bytes groupPubKey;\\n // Array of misbehaved members indices (disqualified or inactive).\\n // Indices must be in range [1, groupSize], unique, and sorted in ascending\\n // order.\\n uint8[] misbehavedMembersIndices;\\n // Concatenation of signatures from members supporting the result.\\n // The message to be signed by each member is keccak256 hash of the\\n // calculated group public key, misbehaved members indices and DKG\\n // start block. The calculated hash should be prefixed with prefixed with\\n // `\\\\x19Ethereum signed message:\\\\n` before signing, so the message to\\n // sign is:\\n // `\\\\x19Ethereum signed message:\\\\n${keccak256(\\n // groupPubKey, misbehavedMembersIndices, dkgStartBlock\\n // )}`\\n bytes signatures;\\n // Indices of members corresponding to each signature. Indices must be\\n // be in range [1, groupSize], unique, and sorted in ascending order.\\n uint256[] signingMembersIndices;\\n // Identifiers of candidate group members as outputted by the group\\n // selection protocol.\\n uint32[] members;\\n // Keccak256 hash of group members identifiers that actively took part\\n // in DKG (excluding IA/DQ members).\\n bytes32 membersHash;\\n }\\n\\n /// @notice States for phases of group creation. The states doesn't include\\n /// timeouts which should be tracked and notified individually.\\n enum State {\\n // Group creation is not in progress. It is a state set after group creation\\n // completion either by timeout or by a result approval.\\n IDLE,\\n // Group creation is awaiting the seed and sortition pool is locked.\\n AWAITING_SEED,\\n // DKG protocol execution is in progress. A result is being calculated\\n // by the clients in this state and the contract awaits a result submission.\\n // This is a state to which group creation returns in case of a result\\n // challenge notification.\\n AWAITING_RESULT,\\n // DKG result was submitted and awaits an approval or a challenge. If a result\\n // gets challenge the state returns to `AWAITING_RESULT`. If a result gets\\n // approval the state changes to `IDLE`.\\n CHALLENGE\\n }\\n\\n /// @dev Size of a group in ECDSA wallet.\\n uint256 public constant groupSize = 100;\\n\\n event DkgStarted(uint256 indexed seed);\\n\\n // To recreate the members that actively took part in dkg, the selected members\\n // array should be filtered out from misbehavedMembersIndices.\\n event DkgResultSubmitted(\\n bytes32 indexed resultHash,\\n uint256 indexed seed,\\n Result result\\n );\\n\\n event DkgTimedOut();\\n\\n event DkgResultApproved(\\n bytes32 indexed resultHash,\\n address indexed approver\\n );\\n\\n event DkgResultChallenged(\\n bytes32 indexed resultHash,\\n address indexed challenger,\\n string reason\\n );\\n\\n event DkgStateLocked();\\n\\n event DkgSeedTimedOut();\\n\\n /// @notice Initializes SortitionPool and EcdsaDkgValidator addresses.\\n /// Can be performed only once.\\n /// @param _sortitionPool Sortition Pool reference\\n /// @param _dkgValidator EcdsaDkgValidator reference\\n function init(\\n Data storage self,\\n SortitionPool _sortitionPool,\\n EcdsaDkgValidator _dkgValidator\\n ) internal {\\n require(\\n address(self.sortitionPool) == address(0),\\n \\\"Sortition Pool address already set\\\"\\n );\\n\\n require(\\n address(self.dkgValidator) == address(0),\\n \\\"DKG Validator address already set\\\"\\n );\\n\\n self.sortitionPool = _sortitionPool;\\n self.dkgValidator = _dkgValidator;\\n }\\n\\n /// @notice Determines the current state of group creation. It doesn't take\\n /// timeouts into consideration. The timeouts should be tracked and\\n /// notified separately.\\n function currentState(Data storage self)\\n internal\\n view\\n returns (State state)\\n {\\n state = State.IDLE;\\n\\n if (self.sortitionPool.isLocked()) {\\n state = State.AWAITING_SEED;\\n\\n if (self.startBlock > 0) {\\n state = State.AWAITING_RESULT;\\n\\n if (self.submittedResultBlock > 0) {\\n state = State.CHALLENGE;\\n }\\n }\\n }\\n }\\n\\n /// @notice Locks the sortition pool and starts awaiting for the\\n /// group creation seed.\\n function lockState(Data storage self) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n emit DkgStateLocked();\\n\\n self.sortitionPool.lock();\\n\\n self.stateLockBlock = block.number;\\n }\\n\\n function start(Data storage self, uint256 seed) internal {\\n require(\\n currentState(self) == State.AWAITING_SEED,\\n \\\"Current state is not AWAITING_SEED\\\"\\n );\\n\\n emit DkgStarted(seed);\\n\\n self.startBlock = block.number;\\n self.seed = seed;\\n }\\n\\n /// @notice Allows to submit a DKG result. The submitted result does not go\\n /// through a validation and before it gets accepted, it needs to\\n /// wait through the challenge period during which everyone has\\n /// a chance to challenge the result as invalid one. Submitter of\\n /// the result needs to be in the sortition pool and if the result\\n /// gets challenged, the submitter will get slashed.\\n function submitResult(Data storage self, Result calldata result) internal {\\n require(\\n currentState(self) == State.AWAITING_RESULT,\\n \\\"Current state is not AWAITING_RESULT\\\"\\n );\\n require(!hasDkgTimedOut(self), \\\"DKG timeout already passed\\\");\\n\\n SortitionPool sortitionPool = self.sortitionPool;\\n\\n // Submitter must be an operator in the sortition pool.\\n // Declared submitter's member index in the DKG result needs to match\\n // the address calling this function.\\n require(\\n sortitionPool.isOperatorInPool(msg.sender),\\n \\\"Submitter not in the sortition pool\\\"\\n );\\n require(\\n sortitionPool.getIDOperator(\\n result.members[result.submitterMemberIndex - 1]\\n ) == msg.sender,\\n \\\"Unexpected submitter index\\\"\\n );\\n\\n self.submittedResultHash = keccak256(abi.encode(result));\\n self.submittedResultBlock = block.number;\\n\\n emit DkgResultSubmitted(self.submittedResultHash, self.seed, result);\\n }\\n\\n /// @notice Checks if awaiting seed timed out.\\n /// @return True if awaiting seed timed out, false otherwise.\\n function hasSeedTimedOut(Data storage self) internal view returns (bool) {\\n return\\n currentState(self) == State.AWAITING_SEED &&\\n block.number > (self.stateLockBlock + self.parameters.seedTimeout);\\n }\\n\\n /// @notice Checks if DKG timed out. The DKG timeout period includes time required\\n /// for off-chain protocol execution and time for the result publication.\\n /// After this time a result cannot be submitted and DKG can be notified\\n /// about the timeout. DKG period is adjusted by result submission\\n /// offset that include blocks that were mined while invalid result\\n /// has been registered until it got challenged.\\n /// @return True if DKG timed out, false otherwise.\\n function hasDkgTimedOut(Data storage self) internal view returns (bool) {\\n return\\n currentState(self) == State.AWAITING_RESULT &&\\n block.number >\\n (self.startBlock +\\n self.resultSubmissionStartBlockOffset +\\n self.parameters.resultSubmissionTimeout);\\n }\\n\\n /// @notice Notifies about the seed was not delivered and restores the\\n /// initial DKG state (IDLE).\\n function notifySeedTimeout(Data storage self) internal {\\n require(hasSeedTimedOut(self), \\\"Awaiting seed has not timed out\\\");\\n\\n emit DkgSeedTimedOut();\\n\\n complete(self);\\n }\\n\\n /// @notice Notifies about DKG timeout.\\n function notifyDkgTimeout(Data storage self) internal {\\n require(hasDkgTimedOut(self), \\\"DKG has not timed out\\\");\\n\\n emit DkgTimedOut();\\n\\n complete(self);\\n }\\n\\n /// @notice Approves DKG result. Can be called when the challenge period for\\n /// the submitted result is finished. Considers the submitted result\\n /// as valid. For the first `submitterPrecedencePeriodLength`\\n /// blocks after the end of the challenge period can be called only\\n /// by the DKG result submitter. After that time, can be called by\\n /// anyone.\\n /// @dev Can be called after a challenge period for the submitted result.\\n /// @param result Result to approve. Must match the submitted result stored\\n /// during `submitResult`.\\n /// @return misbehavedMembers Identifiers of members who misbehaved during DKG.\\n function approveResult(Data storage self, Result calldata result)\\n internal\\n returns (uint32[] memory misbehavedMembers)\\n {\\n require(\\n currentState(self) == State.CHALLENGE,\\n \\\"Current state is not CHALLENGE\\\"\\n );\\n\\n uint256 challengePeriodEnd = self.submittedResultBlock +\\n self.parameters.resultChallengePeriodLength;\\n\\n require(\\n block.number > challengePeriodEnd,\\n \\\"Challenge period has not passed yet\\\"\\n );\\n\\n require(\\n keccak256(abi.encode(result)) == self.submittedResultHash,\\n \\\"Result under approval is different than the submitted one\\\"\\n );\\n\\n // Extract submitter member address. Submitter member index is in\\n // range [1, groupSize] so we need to -1 when fetching identifier from members\\n // array.\\n address submitterMember = self.sortitionPool.getIDOperator(\\n result.members[result.submitterMemberIndex - 1]\\n );\\n\\n require(\\n msg.sender == submitterMember ||\\n block.number >\\n challengePeriodEnd +\\n self.parameters.submitterPrecedencePeriodLength,\\n \\\"Only the DKG result submitter can approve the result at this moment\\\"\\n );\\n\\n // Extract misbehaved members identifiers. Misbehaved members indices\\n // are in range [1, groupSize], so we need to -1 when fetching identifiers from\\n // members array.\\n misbehavedMembers = new uint32[](\\n result.misbehavedMembersIndices.length\\n );\\n for (uint256 i = 0; i < result.misbehavedMembersIndices.length; i++) {\\n misbehavedMembers[i] = result.members[\\n result.misbehavedMembersIndices[i] - 1\\n ];\\n }\\n\\n emit DkgResultApproved(self.submittedResultHash, msg.sender);\\n\\n return misbehavedMembers;\\n }\\n\\n /// @notice Challenges DKG result. If the submitted result is proved to be\\n /// invalid it reverts the DKG back to the result submission phase.\\n /// @dev Can be called during a challenge period for the submitted result.\\n /// @param result Result to challenge. Must match the submitted result\\n /// stored during `submitResult`.\\n /// @return maliciousResultHash Hash of the malicious result.\\n /// @return maliciousSubmitter Identifier of the malicious submitter.\\n function challengeResult(Data storage self, Result calldata result)\\n internal\\n returns (bytes32 maliciousResultHash, uint32 maliciousSubmitter)\\n {\\n require(\\n currentState(self) == State.CHALLENGE,\\n \\\"Current state is not CHALLENGE\\\"\\n );\\n\\n require(\\n block.number <=\\n self.submittedResultBlock +\\n self.parameters.resultChallengePeriodLength,\\n \\\"Challenge period has already passed\\\"\\n );\\n\\n require(\\n keccak256(abi.encode(result)) == self.submittedResultHash,\\n \\\"Result under challenge is different than the submitted one\\\"\\n );\\n\\n // https://github.com/crytic/slither/issues/982\\n // slither-disable-next-line unused-return\\n try\\n self.dkgValidator.validate(result, self.seed, self.startBlock)\\n returns (\\n // slither-disable-next-line uninitialized-local,variable-scope\\n bool isValid,\\n // slither-disable-next-line uninitialized-local,variable-scope\\n string memory errorMsg\\n ) {\\n if (isValid) {\\n revert(\\\"unjustified challenge\\\");\\n }\\n\\n emit DkgResultChallenged(\\n self.submittedResultHash,\\n msg.sender,\\n errorMsg\\n );\\n } catch {\\n // if the validation reverted we consider the DKG result as invalid\\n emit DkgResultChallenged(\\n self.submittedResultHash,\\n msg.sender,\\n \\\"validation reverted\\\"\\n );\\n }\\n\\n // Consider result hash as malicious.\\n maliciousResultHash = self.submittedResultHash;\\n maliciousSubmitter = result.members[result.submitterMemberIndex - 1];\\n\\n // Adjust DKG result submission block start, so submission stage starts\\n // from the beginning.\\n self.resultSubmissionStartBlockOffset = block.number - self.startBlock;\\n\\n submittedResultCleanup(self);\\n\\n return (maliciousResultHash, maliciousSubmitter);\\n }\\n\\n /// @notice Checks if DKG result is valid for the current DKG.\\n /// @param result DKG result.\\n /// @return True if the result is valid. If the result is invalid it returns\\n /// false and an error message.\\n function isResultValid(Data storage self, Result calldata result)\\n internal\\n view\\n returns (bool, string memory)\\n {\\n require(self.startBlock > 0, \\\"DKG has not been started\\\");\\n\\n return self.dkgValidator.validate(result, self.seed, self.startBlock);\\n }\\n\\n /// @notice Set setSeedTimeout parameter.\\n function setSeedTimeout(Data storage self, uint256 newSeedTimeout)\\n internal\\n {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(newSeedTimeout > 0, \\\"New value should be greater than zero\\\");\\n\\n self.parameters.seedTimeout = newSeedTimeout;\\n }\\n\\n /// @notice Set resultChallengePeriodLength parameter.\\n function setResultChallengePeriodLength(\\n Data storage self,\\n uint256 newResultChallengePeriodLength\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newResultChallengePeriodLength > 0,\\n \\\"New value should be greater than zero\\\"\\n );\\n\\n self\\n .parameters\\n .resultChallengePeriodLength = newResultChallengePeriodLength;\\n }\\n\\n /// @notice Set resultSubmissionTimeout parameter.\\n function setResultSubmissionTimeout(\\n Data storage self,\\n uint256 newResultSubmissionTimeout\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newResultSubmissionTimeout > 0,\\n \\\"New value should be greater than zero\\\"\\n );\\n\\n self.parameters.resultSubmissionTimeout = newResultSubmissionTimeout;\\n }\\n\\n /// @notice Set submitterPrecedencePeriodLength parameter.\\n function setSubmitterPrecedencePeriodLength(\\n Data storage self,\\n uint256 newSubmitterPrecedencePeriodLength\\n ) internal {\\n require(currentState(self) == State.IDLE, \\\"Current state is not IDLE\\\");\\n\\n require(\\n newSubmitterPrecedencePeriodLength <\\n self.parameters.resultSubmissionTimeout,\\n \\\"New value should be less than result submission period length\\\"\\n );\\n\\n self\\n .parameters\\n .submitterPrecedencePeriodLength = newSubmitterPrecedencePeriodLength;\\n }\\n\\n /// @notice Completes DKG by cleaning up state.\\n /// @dev Should be called after DKG times out or a result is approved.\\n function complete(Data storage self) internal {\\n delete self.startBlock;\\n delete self.seed;\\n delete self.resultSubmissionStartBlockOffset;\\n submittedResultCleanup(self);\\n self.sortitionPool.unlock();\\n }\\n\\n /// @notice Cleans up submitted result state either after DKG completion\\n /// (as part of `complete` method) or after justified challenge.\\n function submittedResultCleanup(Data storage self) private {\\n delete self.submittedResultHash;\\n delete self.submittedResultBlock;\\n }\\n}\\n\",\"keccak256\":\"0xb3aada6a96598150d042944e675e93381183b01ad258e774e7c94500062db0f9\",\"license\":\"MIT\"},\"@keep-network/random-beacon/contracts/Governable.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n// Trust math, not hardware.\\n\\npragma solidity ^0.8.9;\\n\\n/// @notice Governable contract.\\n/// @dev A constructor is not defined, which makes the contract compatible with\\n/// upgradable proxies. This requires calling explicitly `_transferGovernance`\\n/// function in a child contract.\\nabstract contract Governable {\\n // Governance of the contract\\n // The variable should be initialized by the implementing contract.\\n // slither-disable-next-line uninitialized-state\\n address public governance;\\n\\n event GovernanceTransferred(address oldGovernance, address newGovernance);\\n\\n modifier onlyGovernance() virtual {\\n require(governance == msg.sender, \\\"Caller is not the governance\\\");\\n _;\\n }\\n\\n /// @notice Transfers governance of the contract to `newGovernance`.\\n function transferGovernance(address newGovernance)\\n external\\n virtual\\n onlyGovernance\\n {\\n require(\\n newGovernance != address(0),\\n \\\"New governance is the zero address\\\"\\n );\\n _transferGovernance(newGovernance);\\n }\\n\\n function _transferGovernance(address newGovernance) internal virtual {\\n address oldGovernance = governance;\\n governance = newGovernance;\\n emit GovernanceTransferred(oldGovernance, newGovernance);\\n }\\n}\\n\",\"keccak256\":\"0xf06370004a36721cdbf88da4296efaa28944e99ab471f48b790ac846bced1792\",\"license\":\"MIT\"},\"@keep-network/random-beacon/contracts/libraries/BytesLib.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n//\\n// \\u2593\\u2593\\u258c \\u2593\\u2593 \\u2590\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584\\u2584\\u2584\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\u2580\\u2580\\u2580 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2580\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2580\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2584 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u258c\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2588\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n// \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2590\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593 \\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\u2593\\n//\\n//\\n\\npragma solidity ^0.8.9;\\n\\n/*\\nVersion pulled from keep-core v1:\\nhttps://github.com/keep-network/keep-core/blob/f297202db00c027978ad8e7103a356503de5773c/solidity-v1/contracts/utils/BytesLib.sol\\n\\nTo compile it with solidity 0.8 `_preBytes_slot` was replaced with `_preBytes.slot`.\\n*/\\n\\n/*\\nhttps://github.com/GNSPS/solidity-bytes-utils/\\nThis is free and unencumbered software released into the public domain.\\nAnyone is free to copy, modify, publish, use, compile, sell, or\\ndistribute this software, either in source code form or as a compiled\\nbinary, for any purpose, commercial or non-commercial, and by any\\nmeans.\\nIn jurisdictions that recognize copyright laws, the author or authors\\nof this software dedicate any and all copyright interest in the\\nsoftware to the public domain. We make this dedication for the benefit\\nof the public at large and to the detriment of our heirs and\\nsuccessors. We intend this dedication to be an overt act of\\nrelinquishment in perpetuity of all present and future rights to this\\nsoftware under copyright law.\\nTHE SOFTWARE IS PROVIDED \\\"AS IS\\\", WITHOUT WARRANTY OF ANY KIND,\\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\\nIN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR\\nOTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,\\nARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR\\nOTHER DEALINGS IN THE SOFTWARE.\\nFor more information, please refer to <https://unlicense.org>\\n*/\\n\\n/** @title BytesLib **/\\n/** @author https://github.com/GNSPS **/\\n\\nlibrary BytesLib {\\n function concatStorage(bytes storage _preBytes, bytes memory _postBytes)\\n internal\\n {\\n assembly {\\n // Read the first 32 bytes of _preBytes storage, which is the length\\n // of the array. (We don't need to use the offset into the slot\\n // because arrays use the entire slot.)\\n let fslot := sload(_preBytes.slot)\\n // Arrays of 31 bytes or less have an even value in their slot,\\n // while longer arrays have an odd value. The actual length is\\n // the slot divided by two for odd values, and the lowest order\\n // byte divided by two for even values.\\n // If the slot is even, bitwise and the slot with 255 and divide by\\n // two to get the length. If the slot is odd, bitwise and the slot\\n // with -1 and divide by two.\\n let slength := div(\\n and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)),\\n 2\\n )\\n let mlength := mload(_postBytes)\\n let newlength := add(slength, mlength)\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n switch add(lt(slength, 32), lt(newlength, 32))\\n case 2 {\\n // Since the new array still fits in the slot, we just need to\\n // update the contents of the slot.\\n // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length\\n sstore(\\n _preBytes.slot,\\n // all the modifications to the slot are inside this\\n // next block\\n add(\\n // we can just add to the slot contents because the\\n // bytes we want to change are the LSBs\\n fslot,\\n add(\\n mul(\\n div(\\n // load the bytes from memory\\n mload(add(_postBytes, 0x20)),\\n // zero all bytes to the right\\n exp(0x100, sub(32, mlength))\\n ),\\n // and now shift left the number of bytes to\\n // leave space for the length in the slot\\n exp(0x100, sub(32, newlength))\\n ),\\n // increase length by the double of the memory\\n // bytes length\\n mul(mlength, 2)\\n )\\n )\\n )\\n }\\n case 1 {\\n // The stored value fits in the slot, but the combined value\\n // will exceed it.\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // The contents of the _postBytes array start 32 bytes into\\n // the structure. Our first read should obtain the `submod`\\n // bytes that can fit into the unused space in the last word\\n // of the stored array. To get this, we read 32 bytes starting\\n // from `submod`, so the data we read overlaps with the array\\n // contents by `submod` bytes. Masking the lowest-order\\n // `submod` bytes allows us to add that value directly to the\\n // stored value.\\n\\n let submod := sub(32, slength)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(\\n sc,\\n add(\\n and(\\n fslot,\\n 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00\\n ),\\n and(mload(mc), mask)\\n )\\n )\\n\\n for {\\n mc := add(mc, 0x20)\\n sc := add(sc, 1)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n default {\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n // Start copying to the last used word of the stored array.\\n let sc := add(keccak256(0x0, 0x20), div(slength, 32))\\n\\n // save new length\\n sstore(_preBytes.slot, add(mul(newlength, 2), 1))\\n\\n // Copy over the first `submod` bytes of the new data as in\\n // case 1 above.\\n let slengthmod := mod(slength, 32)\\n let submod := sub(32, slengthmod)\\n let mc := add(_postBytes, submod)\\n let end := add(_postBytes, mlength)\\n let mask := sub(exp(0x100, submod), 1)\\n\\n sstore(sc, add(sload(sc), and(mload(mc), mask)))\\n\\n for {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } lt(mc, end) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n sstore(sc, mload(mc))\\n }\\n\\n mask := exp(0x100, sub(mc, end))\\n\\n sstore(sc, mul(div(mload(mc), mask), mask))\\n }\\n }\\n }\\n\\n function equalStorage(bytes storage _preBytes, bytes memory _postBytes)\\n internal\\n view\\n returns (bool)\\n {\\n bool success = true;\\n\\n assembly {\\n // we know _preBytes_offset is 0\\n let fslot := sload(_preBytes.slot)\\n // Decode the length of the stored array like in concatStorage().\\n let slength := div(\\n and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)),\\n 2\\n )\\n let mlength := mload(_postBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(slength, mlength)\\n case 1 {\\n // slength can contain both the length and contents of the array\\n // if length < 32 bytes so let's prepare for that\\n // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage\\n if iszero(iszero(slength)) {\\n switch lt(slength, 32)\\n case 1 {\\n // blank the last byte which is the length\\n fslot := mul(div(fslot, 0x100), 0x100)\\n\\n if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {\\n // unsuccess:\\n success := 0\\n }\\n }\\n default {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n // get the keccak hash to get the contents of the array\\n mstore(0x0, _preBytes.slot)\\n let sc := keccak256(0x0, 0x20)\\n\\n let mc := add(_postBytes, 0x20)\\n let end := add(mc, mlength)\\n\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n for {\\n\\n } eq(add(lt(mc, end), cb), 2) {\\n sc := add(sc, 1)\\n mc := add(mc, 0x20)\\n } {\\n if iszero(eq(sload(sc), mload(mc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function concat(bytes memory _preBytes, bytes memory _postBytes)\\n internal\\n pure\\n returns (bytes memory)\\n {\\n bytes memory tempBytes;\\n\\n assembly {\\n // Get a location of some free memory and store it in tempBytes as\\n // Solidity does for memory variables.\\n tempBytes := mload(0x40)\\n\\n // Store the length of the first bytes array at the beginning of\\n // the memory for tempBytes.\\n let length := mload(_preBytes)\\n mstore(tempBytes, length)\\n\\n // Maintain a memory counter for the current write location in the\\n // temp bytes array by adding the 32 bytes for the array length to\\n // the starting location.\\n let mc := add(tempBytes, 0x20)\\n // Stop copying when the memory counter reaches the length of the\\n // first bytes array.\\n let end := add(mc, length)\\n\\n for {\\n // Initialize a copy counter to the start of the _preBytes data,\\n // 32 bytes into its memory.\\n let cc := add(_preBytes, 0x20)\\n } lt(mc, end) {\\n // Increase both counters by 32 bytes each iteration.\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // Write the _preBytes data into the tempBytes memory 32 bytes\\n // at a time.\\n mstore(mc, mload(cc))\\n }\\n\\n // Add the length of _postBytes to the current length of tempBytes\\n // and store it as the new length in the first 32 bytes of the\\n // tempBytes memory.\\n length := mload(_postBytes)\\n mstore(tempBytes, add(length, mload(tempBytes)))\\n\\n // Move the memory counter back from a multiple of 0x20 to the\\n // actual end of the _preBytes data.\\n mc := end\\n // Stop copying when the memory counter reaches the new combined\\n // length of the arrays.\\n end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n } lt(mc, end) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n mstore(mc, mload(cc))\\n }\\n\\n // Update the free-memory pointer by padding our last write location\\n // to 32 bytes: add 31 bytes to the end of tempBytes to move to the\\n // next 32 byte block, then round down to the nearest multiple of\\n // 32. If the sum of the length of the two arrays is zero then add\\n // one before rounding down to leave a blank 32 bytes (the length block with 0).\\n mstore(\\n 0x40,\\n and(\\n add(add(end, iszero(add(length, mload(_preBytes)))), 31),\\n not(31) // Round down to the nearest 32 bytes.\\n )\\n )\\n }\\n\\n return tempBytes;\\n }\\n\\n function slice(\\n bytes memory _bytes,\\n uint256 _start,\\n uint256 _length\\n ) internal pure returns (bytes memory res) {\\n uint256 _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n // Alloc bytes array with additional 32 bytes afterspace and assign it's size\\n res := mload(0x40)\\n mstore(0x40, add(add(res, 64), _length))\\n mstore(res, _length)\\n\\n // Compute distance between source and destination pointers\\n let diff := sub(res, add(_bytes, _start))\\n\\n for {\\n let src := add(add(_bytes, 32), _start)\\n let end := add(src, _length)\\n } lt(src, end) {\\n src := add(src, 32)\\n } {\\n mstore(add(src, diff), mload(src))\\n }\\n }\\n }\\n\\n function toAddress(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (address)\\n {\\n uint256 _totalLen = _start + 20;\\n require(\\n _totalLen > _start && _bytes.length >= _totalLen,\\n \\\"Address conversion out of bounds.\\\"\\n );\\n address tempAddress;\\n\\n assembly {\\n tempAddress := div(\\n mload(add(add(_bytes, 0x20), _start)),\\n 0x1000000000000000000000000\\n )\\n }\\n\\n return tempAddress;\\n }\\n\\n function toUint8(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (uint8)\\n {\\n require(\\n _bytes.length >= (_start + 1),\\n \\\"Uint8 conversion out of bounds.\\\"\\n );\\n uint8 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x1), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function toUint(bytes memory _bytes, uint256 _start)\\n internal\\n pure\\n returns (uint256)\\n {\\n uint256 _totalLen = _start + 32;\\n require(\\n _totalLen > _start && _bytes.length >= _totalLen,\\n \\\"Uint conversion out of bounds.\\\"\\n );\\n uint256 tempUint;\\n\\n assembly {\\n tempUint := mload(add(add(_bytes, 0x20), _start))\\n }\\n\\n return tempUint;\\n }\\n\\n function equal(bytes memory _preBytes, bytes memory _postBytes)\\n internal\\n pure\\n returns (bool)\\n {\\n bool success = true;\\n\\n assembly {\\n let length := mload(_preBytes)\\n\\n // if lengths don't match the arrays are not equal\\n switch eq(length, mload(_postBytes))\\n case 1 {\\n // cb is a circuit breaker in the for loop since there's\\n // no said feature for inline assembly loops\\n // cb = 1 - don't breaker\\n // cb = 0 - break\\n let cb := 1\\n\\n let mc := add(_preBytes, 0x20)\\n let end := add(mc, length)\\n\\n for {\\n let cc := add(_postBytes, 0x20)\\n // the next line is the loop condition:\\n // while(uint(mc < end) + cb == 2)\\n } eq(add(lt(mc, end), cb), 2) {\\n mc := add(mc, 0x20)\\n cc := add(cc, 0x20)\\n } {\\n // if any of these checks fails then arrays are not equal\\n if iszero(eq(mload(mc), mload(cc))) {\\n // unsuccess:\\n success := 0\\n cb := 0\\n }\\n }\\n }\\n default {\\n // unsuccess:\\n success := 0\\n }\\n }\\n\\n return success;\\n }\\n\\n function toBytes32(bytes memory _source)\\n internal\\n pure\\n returns (bytes32 result)\\n {\\n if (_source.length == 0) {\\n return 0x0;\\n }\\n\\n assembly {\\n result := mload(add(_source, 32))\\n }\\n }\\n\\n function keccak256Slice(\\n bytes memory _bytes,\\n uint256 _start,\\n uint256 _length\\n ) internal pure returns (bytes32 result) {\\n uint256 _end = _start + _length;\\n require(_end > _start && _bytes.length >= _end, \\\"Slice out of bounds\\\");\\n\\n assembly {\\n result := keccak256(add(add(_bytes, 32), _start), _length)\\n }\\n }\\n}\\n\",\"keccak256\":\"0xd778546e5ccb131b9dbf25abc4fa8668168b55bae599ffe40f040e7100aa8a35\",\"license\":\"MIT\"},\"@keep-network/sortition-pools/contracts/Branch.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\n/// @notice The implicit 8-ary trees of the sortition pool\\n/// rely on packing 8 \\\"slots\\\" of 32-bit values into each uint256.\\n/// The Branch library permits efficient calculations on these slots.\\nlibrary Branch {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant LAST_SLOT = SLOT_COUNT - 1;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n /// @notice Calculate the right shift required\\n /// to make the 32 least significant bits of an uint256\\n /// be the bits of the `position`th slot\\n /// when treating the uint256 as a uint32[8].\\n ///\\n /// @dev Not used for efficiency reasons,\\n /// but left to illustrate the meaning of a common pattern.\\n /// I wish solidity had macros, even C macros.\\n function slotShift(uint256 position) internal pure returns (uint256) {\\n unchecked {\\n return position * SLOT_WIDTH;\\n }\\n }\\n\\n /// @notice Return the `position`th slot of the `node`,\\n /// treating `node` as a uint32[32].\\n function getSlot(uint256 node, uint256 position)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Doing a bitwise AND with `SLOT_MAX`\\n // clears all but the 32 least significant bits.\\n // Because of the right shift by `slotShift(position)` bits,\\n // those 32 bits contain the 32 bits in the `position`th slot of `node`.\\n return (node >> shiftBits) & SLOT_MAX;\\n }\\n }\\n\\n /// @notice Return `node` with the `position`th slot set to zero.\\n function clearSlot(uint256 node, uint256 position)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Shifting `SLOT_MAX` left by `slotShift(position)` bits\\n // gives us a number where all bits of the `position`th slot are set,\\n // and all other bits are unset.\\n //\\n // Using a bitwise NOT on this number,\\n // we get a uint256 where all bits are set\\n // except for those of the `position`th slot.\\n //\\n // Bitwise ANDing the original `node` with this number\\n // sets the bits of `position`th slot to zero,\\n // leaving all other bits unchanged.\\n return node & ~(SLOT_MAX << shiftBits);\\n }\\n }\\n\\n /// @notice Return `node` with the `position`th slot set to `weight`.\\n ///\\n /// @param weight The weight of of the node.\\n /// Safely truncated to a 32-bit number,\\n /// but this should never be called with an overflowing weight regardless.\\n function setSlot(\\n uint256 node,\\n uint256 position,\\n uint256 weight\\n ) internal pure returns (uint256) {\\n unchecked {\\n uint256 shiftBits = position * SLOT_WIDTH;\\n // Clear the `position`th slot like in `clearSlot()`.\\n uint256 clearedNode = node & ~(SLOT_MAX << shiftBits);\\n // Bitwise AND `weight` with `SLOT_MAX`\\n // to clear all but the 32 least significant bits.\\n //\\n // Shift this left by `slotShift(position)` bits\\n // to obtain a uint256 with all bits unset\\n // except in the `position`th slot\\n // which contains the 32-bit value of `weight`.\\n uint256 shiftedWeight = (weight & SLOT_MAX) << shiftBits;\\n // When we bitwise OR these together,\\n // all other slots except the `position`th one come from the left argument,\\n // and the `position`th gets filled with `weight` from the right argument.\\n return clearedNode | shiftedWeight;\\n }\\n }\\n\\n /// @notice Calculate the summed weight of all slots in the `node`.\\n function sumWeight(uint256 node) internal pure returns (uint256 sum) {\\n unchecked {\\n sum = node & SLOT_MAX;\\n // Iterate through each slot\\n // by shifting `node` right in increments of 32 bits,\\n // and adding the 32 least significant bits to the `sum`.\\n uint256 newNode = node >> SLOT_WIDTH;\\n while (newNode > 0) {\\n sum += (newNode & SLOT_MAX);\\n newNode = newNode >> SLOT_WIDTH;\\n }\\n return sum;\\n }\\n }\\n\\n /// @notice Pick a slot in `node` that corresponds to `index`.\\n /// Treats the node like an array of virtual stakers,\\n /// the number of virtual stakers in each slot corresponding to its weight,\\n /// and picks which slot contains the `index`th virtual staker.\\n ///\\n /// @dev Requires that `index` be lower than `sumWeight(node)`.\\n /// However, this is not enforced for performance reasons.\\n /// If `index` exceeds the permitted range,\\n /// `pickWeightedSlot()` returns the rightmost slot\\n /// and an excessively high `newIndex`.\\n ///\\n /// @return slot The slot of `node` containing the `index`th virtual staker.\\n ///\\n /// @return newIndex The index of the `index`th virtual staker of `node`\\n /// within the returned slot.\\n function pickWeightedSlot(uint256 node, uint256 index)\\n internal\\n pure\\n returns (uint256 slot, uint256 newIndex)\\n {\\n unchecked {\\n newIndex = index;\\n uint256 newNode = node;\\n uint256 currentSlotWeight = newNode & SLOT_MAX;\\n while (newIndex >= currentSlotWeight) {\\n newIndex -= currentSlotWeight;\\n slot++;\\n newNode = newNode >> SLOT_WIDTH;\\n currentSlotWeight = newNode & SLOT_MAX;\\n }\\n return (slot, newIndex);\\n }\\n }\\n}\\n\",\"keccak256\":\"0x7ba28c2d49aa038c3a80e3e66a09f035c156abfc1ee3412c8d615c84612bdf29\"},\"@keep-network/sortition-pools/contracts/Leaf.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nlibrary Leaf {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n\\n uint256 private constant ID_WIDTH = SLOT_WIDTH;\\n uint256 private constant ID_MAX = SLOT_MAX;\\n\\n uint256 private constant BLOCKHEIGHT_WIDTH = 96 - ID_WIDTH;\\n uint256 private constant BLOCKHEIGHT_MAX = (2**BLOCKHEIGHT_WIDTH) - 1;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n function make(\\n address _operator,\\n uint256 _creationBlock,\\n uint256 _id\\n ) internal pure returns (uint256) {\\n assert(_creationBlock <= type(uint64).max);\\n assert(_id <= type(uint32).max);\\n // Converting a bytesX type into a larger type\\n // adds zero bytes on the right.\\n uint256 op = uint256(bytes32(bytes20(_operator)));\\n // Bitwise AND the id to erase\\n // all but the 32 least significant bits\\n uint256 uid = _id & ID_MAX;\\n // Erase all but the 64 least significant bits,\\n // then shift left by 32 bits to make room for the id\\n uint256 cb = (_creationBlock & BLOCKHEIGHT_MAX) << ID_WIDTH;\\n // Bitwise OR them all together to get\\n // [address operator || uint64 creationBlock || uint32 id]\\n return (op | cb | uid);\\n }\\n\\n function operator(uint256 leaf) internal pure returns (address) {\\n // Converting a bytesX type into a smaller type\\n // truncates it on the right.\\n return address(bytes20(bytes32(leaf)));\\n }\\n\\n /// @notice Return the block number the leaf was created in.\\n function creationBlock(uint256 leaf) internal pure returns (uint256) {\\n return ((leaf >> ID_WIDTH) & BLOCKHEIGHT_MAX);\\n }\\n\\n function id(uint256 leaf) internal pure returns (uint32) {\\n // Id is stored in the 32 least significant bits.\\n // Bitwise AND ensures that we only get the contents of those bits.\\n return uint32(leaf & ID_MAX);\\n }\\n}\\n\",\"keccak256\":\"0xaa56ba64d0990b014ce555b8edfd5e2fb3e62b6fade61e0b6d428c6058a33709\"},\"@keep-network/sortition-pools/contracts/Position.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nlibrary Position {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_POINTER_MAX = (2**SLOT_BITS) - 1;\\n uint256 private constant LEAF_FLAG = 1 << 255;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n // Return the last 3 bits of a position number,\\n // corresponding to its slot in its parent\\n function slot(uint256 a) internal pure returns (uint256) {\\n return a & SLOT_POINTER_MAX;\\n }\\n\\n // Return the parent of a position number\\n function parent(uint256 a) internal pure returns (uint256) {\\n return a >> SLOT_BITS;\\n }\\n\\n // Return the location of the child of a at the given slot\\n function child(uint256 a, uint256 s) internal pure returns (uint256) {\\n return (a << SLOT_BITS) | (s & SLOT_POINTER_MAX); // slot(s)\\n }\\n\\n // Return the uint p as a flagged position uint:\\n // the least significant 21 bits contain the position\\n // and the 22nd bit is set as a flag\\n // to distinguish the position 0x000000 from an empty field.\\n function setFlag(uint256 p) internal pure returns (uint256) {\\n return p | LEAF_FLAG;\\n }\\n\\n // Turn a flagged position into an unflagged position\\n // by removing the flag at the 22nd least significant bit.\\n //\\n // We shouldn't _actually_ need this\\n // as all position-manipulating code should ignore non-position bits anyway\\n // but it's cheap to call so might as well do it.\\n function unsetFlag(uint256 p) internal pure returns (uint256) {\\n return p & (~LEAF_FLAG);\\n }\\n}\\n\",\"keccak256\":\"0x2068219deb725390f294d2a710ec802b519e6e47eca00024034011d21e5fb8ac\"},\"@keep-network/sortition-pools/contracts/RNG.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"./Leaf.sol\\\";\\n\\nlibrary RNG {\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant WEIGHT_WIDTH = 256 / SLOT_COUNT;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n\\n /// @notice Get an index in the range `[0 .. range-1]`\\n /// and the new state of the RNG,\\n /// using the provided `state` of the RNG.\\n ///\\n /// @param range The upper bound of the index, exclusive.\\n ///\\n /// @param state The previous state of the RNG.\\n /// The initial state needs to be obtained\\n /// from a trusted randomness oracle (the random beacon),\\n /// or from a chain of earlier calls to `RNG.getIndex()`\\n /// on an originally trusted seed.\\n ///\\n /// @dev Calculates the number of bits required for the desired range,\\n /// takes the least significant bits of `state`\\n /// and checks if the obtained index is within the desired range.\\n /// The original state is hashed with `keccak256` to get a new state.\\n /// If the index is outside the range,\\n /// the function retries until it gets a suitable index.\\n ///\\n /// @return index A random integer between `0` and `range - 1`, inclusive.\\n ///\\n /// @return newState The new state of the RNG.\\n /// When `getIndex()` is called one or more times,\\n /// care must be taken to always use the output `state`\\n /// of the most recent call as the input `state` of a subsequent call.\\n /// At the end of a transaction calling `RNG.getIndex()`,\\n /// the previous stored state must be overwritten with the latest output.\\n function getIndex(\\n uint256 range,\\n bytes32 state,\\n uint256 bits\\n ) internal view returns (uint256, bytes32) {\\n bool found = false;\\n uint256 index = 0;\\n bytes32 newState = state;\\n while (!found) {\\n index = truncate(bits, uint256(newState));\\n newState = keccak256(abi.encodePacked(newState, address(this)));\\n if (index < range) {\\n found = true;\\n }\\n }\\n return (index, newState);\\n }\\n\\n /// @notice Calculate how many bits are required\\n /// for an index in the range `[0 .. range-1]`.\\n ///\\n /// @param range The upper bound of the desired range, exclusive.\\n ///\\n /// @return uint The smallest number of bits\\n /// that can contain the number `range-1`.\\n function bitsRequired(uint256 range) internal pure returns (uint256) {\\n unchecked {\\n if (range == 1) {\\n return 0;\\n }\\n\\n uint256 bits = WEIGHT_WIDTH - 1;\\n\\n // Left shift by `bits`,\\n // so we have a 1 in the (bits + 1)th least significant bit\\n // and 0 in other bits.\\n // If this number is equal or greater than `range`,\\n // the range [0, range-1] fits in `bits` bits.\\n //\\n // Because we loop from high bits to low bits,\\n // we find the highest number of bits that doesn't fit the range,\\n // and return that number + 1.\\n while (1 << bits >= range) {\\n bits--;\\n }\\n\\n return bits + 1;\\n }\\n }\\n\\n /// @notice Truncate `input` to the `bits` least significant bits.\\n function truncate(uint256 bits, uint256 input)\\n internal\\n pure\\n returns (uint256)\\n {\\n unchecked {\\n return input & ((1 << bits) - 1);\\n }\\n }\\n}\\n\",\"keccak256\":\"0x1b52b2c45669145cbd9fa7337def843e3de69bfde089039a7fcc09f0aa00c81f\"},\"@keep-network/sortition-pools/contracts/Rewards.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\n/// @title Rewards\\n/// @notice Rewards are allocated proportionally to operators\\n/// present in the pool at payout based on their weight in the pool.\\n///\\n/// To facilitate this, we use a global accumulator value\\n/// to track the total rewards one unit of weight would've earned\\n/// since the creation of the pool.\\n///\\n/// Whenever a reward is paid, the accumulator is increased\\n/// by the size of the reward divided by the total weight\\n/// of all eligible operators in the pool.\\n///\\n/// Each operator has an individual accumulator value,\\n/// set to equal the global accumulator when the operator joins the pool.\\n/// This accumulator reflects the amount of rewards\\n/// that have already been accounted for with that operator.\\n///\\n/// Whenever an operator's weight in the pool changes,\\n/// we can update the amount of rewards the operator has earned\\n/// by subtracting the operator's accumulator from the global accumulator.\\n/// This gives us the amount of rewards one unit of weight has earned\\n/// since the last time the operator's rewards have been updated.\\n/// Then we multiply that by the operator's previous (pre-change) weight\\n/// to determine how much rewards in total the operator has earned,\\n/// and add this to the operator's earned rewards.\\n/// Finally, we set the operator's accumulator to the global accumulator value.\\ncontract Rewards {\\n struct OperatorRewards {\\n // The state of the global accumulator\\n // when the operator's rewards were last updated\\n uint96 accumulated;\\n // The amount of rewards collected by the operator after the latest update.\\n // The amount the operator could withdraw may equal `available`\\n // or it may be greater, if more rewards have been paid in since then.\\n // To evaulate the most recent amount including rewards potentially paid\\n // since the last update, use `availableRewards` function.\\n uint96 available;\\n // If nonzero, the operator is ineligible for rewards\\n // and may only re-enable rewards after the specified timestamp.\\n // XXX: unsigned 32-bit integer unix seconds, will break around 2106\\n uint32 ineligibleUntil;\\n // Locally cached weight of the operator,\\n // used to reduce the cost of setting operators ineligible.\\n uint32 weight;\\n }\\n\\n // The global accumulator of how much rewards\\n // a hypothetical operator of weight 1 would have earned\\n // since the creation of the pool.\\n uint96 internal globalRewardAccumulator;\\n // If the amount of reward tokens paid in\\n // does not divide cleanly by pool weight,\\n // the difference is recorded as rounding dust\\n // and added to the next reward.\\n uint96 internal rewardRoundingDust;\\n\\n // The amount of rewards that would've been earned by ineligible operators\\n // had they not been ineligible.\\n uint96 public ineligibleEarnedRewards;\\n\\n // Ineligibility times are calculated from this offset,\\n // set at contract creation.\\n uint256 internal immutable ineligibleOffsetStart;\\n\\n mapping(uint32 => OperatorRewards) internal operatorRewards;\\n\\n constructor() {\\n // solhint-disable-next-line not-rely-on-time\\n ineligibleOffsetStart = block.timestamp;\\n }\\n\\n /// @notice Return whether the operator is eligible for rewards or not.\\n function isEligibleForRewards(uint32 operator) public view returns (bool) {\\n return operatorRewards[operator].ineligibleUntil == 0;\\n }\\n\\n /// @notice Return the time the operator's reward eligibility can be restored.\\n function rewardsEligibilityRestorableAt(uint32 operator)\\n public\\n view\\n returns (uint256)\\n {\\n uint32 until = operatorRewards[operator].ineligibleUntil;\\n require(until != 0, \\\"Operator already eligible\\\");\\n return (uint256(until) + ineligibleOffsetStart);\\n }\\n\\n /// @notice Return whether the operator is able\\n /// to restore their eligibility for rewards right away.\\n function canRestoreRewardEligibility(uint32 operator)\\n public\\n view\\n returns (bool)\\n {\\n // solhint-disable-next-line not-rely-on-time\\n return rewardsEligibilityRestorableAt(operator) <= block.timestamp;\\n }\\n\\n /// @notice Internal function for updating the global state of rewards.\\n function addRewards(uint96 rewardAmount, uint32 currentPoolWeight) internal {\\n require(currentPoolWeight >= 0, \\\"No recipients in pool\\\");\\n\\n uint96 totalAmount = rewardAmount + rewardRoundingDust;\\n uint96 perWeightReward = totalAmount / currentPoolWeight;\\n uint96 newRoundingDust = totalAmount % currentPoolWeight;\\n\\n globalRewardAccumulator += perWeightReward;\\n rewardRoundingDust = newRoundingDust;\\n }\\n\\n /// @notice Internal function for updating the operator's reward state.\\n function updateOperatorRewards(uint32 operator, uint32 newWeight) internal {\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n if (o.ineligibleUntil == 0) {\\n // If operator is not ineligible, update their earned rewards\\n o.available += accruedRewards;\\n } else {\\n // If ineligible, put the rewards into the ineligible pot\\n ineligibleEarnedRewards += accruedRewards;\\n }\\n // In any case, update their accumulator and weight\\n o.accumulated = acc;\\n o.weight = newWeight;\\n operatorRewards[operator] = o;\\n }\\n\\n /// @notice Set the amount of withdrawable tokens to zero\\n /// and return the previous withdrawable amount.\\n /// @dev Does not update the withdrawable amount,\\n /// but should usually be accompanied by an update.\\n function withdrawOperatorRewards(uint32 operator)\\n internal\\n returns (uint96 withdrawable)\\n {\\n OperatorRewards storage o = operatorRewards[operator];\\n withdrawable = o.available;\\n o.available = 0;\\n }\\n\\n /// @notice Set the amount of ineligible-earned tokens to zero\\n /// and return the previous amount.\\n function withdrawIneligibleRewards() internal returns (uint96 withdrawable) {\\n withdrawable = ineligibleEarnedRewards;\\n ineligibleEarnedRewards = 0;\\n }\\n\\n /// @notice Set the given operators as ineligible for rewards.\\n /// The operators can restore their eligibility at the given time.\\n function setIneligible(uint32[] memory operators, uint256 until) internal {\\n OperatorRewards memory o = OperatorRewards(0, 0, 0, 0);\\n uint96 globalAcc = globalRewardAccumulator;\\n uint96 accrued = 0;\\n // Record ineligibility as seconds after contract creation\\n uint32 _until = uint32(until - ineligibleOffsetStart);\\n\\n for (uint256 i = 0; i < operators.length; i++) {\\n uint32 operator = operators[i];\\n OperatorRewards storage r = operatorRewards[operator];\\n o.available = r.available;\\n o.accumulated = r.accumulated;\\n o.ineligibleUntil = r.ineligibleUntil;\\n o.weight = r.weight;\\n\\n if (o.ineligibleUntil != 0) {\\n // If operator is already ineligible,\\n // don't earn rewards or shorten its ineligibility\\n if (o.ineligibleUntil < _until) {\\n o.ineligibleUntil = _until;\\n }\\n } else {\\n // The operator becomes ineligible -> earn rewards\\n o.ineligibleUntil = _until;\\n accrued = (globalAcc - o.accumulated) * uint96(o.weight);\\n o.available += accrued;\\n }\\n o.accumulated = globalAcc;\\n\\n r.available = o.available;\\n r.accumulated = o.accumulated;\\n r.ineligibleUntil = o.ineligibleUntil;\\n r.weight = o.weight;\\n }\\n }\\n\\n /// @notice Restore the given operator's eligibility for rewards.\\n function restoreEligibility(uint32 operator) internal {\\n // solhint-disable-next-line not-rely-on-time\\n require(canRestoreRewardEligibility(operator), \\\"Operator still ineligible\\\");\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n ineligibleEarnedRewards += accruedRewards;\\n o.accumulated = acc;\\n o.ineligibleUntil = 0;\\n operatorRewards[operator] = o;\\n }\\n\\n /// @notice Returns the amount of rewards currently available for withdrawal\\n /// for the given operator.\\n function availableRewards(uint32 operator) internal view returns (uint96) {\\n uint96 acc = globalRewardAccumulator;\\n OperatorRewards memory o = operatorRewards[operator];\\n if (o.ineligibleUntil == 0) {\\n // If operator is not ineligible, calculate newly accrued rewards and add\\n // them to the available ones, calculated during the last update.\\n uint96 accruedRewards = (acc - o.accumulated) * uint96(o.weight);\\n return o.available + accruedRewards;\\n } else {\\n // If ineligible, return only the rewards calculated during the last\\n // update.\\n return o.available;\\n }\\n }\\n}\\n\",\"keccak256\":\"0x608d5d04411469682191b8fe26bbc0d925e1f950e24ac45c272b74e3df2e91cf\"},\"@keep-network/sortition-pools/contracts/SortitionPool.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"@thesis/solidity-contracts/contracts/token/IERC20WithPermit.sol\\\";\\nimport \\\"@thesis/solidity-contracts/contracts/token/IReceiveApproval.sol\\\";\\n\\nimport \\\"@openzeppelin/contracts/access/Ownable.sol\\\";\\n\\nimport \\\"./RNG.sol\\\";\\nimport \\\"./SortitionTree.sol\\\";\\nimport \\\"./Rewards.sol\\\";\\n\\n/// @title Sortition Pool\\n/// @notice A logarithmic data structure used to store the pool of eligible\\n/// operators weighted by their stakes. It allows to select a group of operators\\n/// based on the provided pseudo-random seed.\\ncontract SortitionPool is SortitionTree, Rewards, Ownable, IReceiveApproval {\\n using Branch for uint256;\\n using Leaf for uint256;\\n using Position for uint256;\\n\\n IERC20WithPermit public immutable rewardToken;\\n\\n uint256 public immutable poolWeightDivisor;\\n\\n bool public isLocked;\\n\\n event IneligibleForRewards(uint32[] ids, uint256 until);\\n\\n event RewardEligibilityRestored(address indexed operator, uint32 indexed id);\\n\\n /// @notice Reverts if called while pool is locked.\\n modifier onlyUnlocked() {\\n require(!isLocked, \\\"Sortition pool locked\\\");\\n _;\\n }\\n\\n /// @notice Reverts if called while pool is unlocked.\\n modifier onlyLocked() {\\n require(isLocked, \\\"Sortition pool unlocked\\\");\\n _;\\n }\\n\\n constructor(IERC20WithPermit _rewardToken, uint256 _poolWeightDivisor) {\\n rewardToken = _rewardToken;\\n poolWeightDivisor = _poolWeightDivisor;\\n }\\n\\n function receiveApproval(\\n address sender,\\n uint256 amount,\\n address token,\\n bytes calldata\\n ) external override {\\n require(token == address(rewardToken), \\\"Unsupported token\\\");\\n rewardToken.transferFrom(sender, address(this), amount);\\n Rewards.addRewards(uint96(amount), uint32(root.sumWeight()));\\n }\\n\\n /// @notice Withdraws all available rewards for the given operator to the\\n /// given beneficiary.\\n /// @dev Can be called only be the owner. Does not validate if the provided\\n /// beneficiary is associated with the provided operator - this needs to\\n /// be done by the owner calling this function.\\n /// @return The amount of rewards withdrawn in this call.\\n function withdrawRewards(address operator, address beneficiary)\\n public\\n onlyOwner\\n returns (uint96)\\n {\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(getPoolWeight(operator)));\\n uint96 earned = Rewards.withdrawOperatorRewards(id);\\n rewardToken.transfer(beneficiary, uint256(earned));\\n return earned;\\n }\\n\\n /// @notice Withdraws rewards not allocated to operators marked as ineligible\\n /// to the given recipient address.\\n /// @dev Can be called only by the owner.\\n function withdrawIneligible(address recipient) public onlyOwner {\\n uint96 earned = Rewards.withdrawIneligibleRewards();\\n rewardToken.transfer(recipient, uint256(earned));\\n }\\n\\n /// @notice Locks the sortition pool. In locked state, members cannot be\\n /// inserted and removed from the pool. Members statuses cannot\\n /// be updated as well.\\n /// @dev Can be called only by the contract owner.\\n function lock() public onlyOwner {\\n isLocked = true;\\n }\\n\\n /// @notice Unlocks the sortition pool. Removes all restrictions set by\\n /// the `lock` method.\\n /// @dev Can be called only by the contract owner.\\n function unlock() public onlyOwner {\\n isLocked = false;\\n }\\n\\n /// @notice Inserts an operator to the pool. Reverts if the operator is\\n /// already present.\\n /// @dev Can be called only by the contract owner.\\n /// @param operator Address of the inserted operator.\\n /// @param authorizedStake Inserted operator's authorized stake for the application.\\n function insertOperator(address operator, uint256 authorizedStake)\\n public\\n onlyOwner\\n onlyUnlocked\\n {\\n uint256 weight = getWeight(authorizedStake);\\n require(weight > 0, \\\"Operator not eligible\\\");\\n\\n _insertOperator(operator, weight);\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(weight));\\n }\\n\\n /// @notice Update the operator's weight if present and eligible,\\n /// or remove from the pool if present and ineligible.\\n /// @dev Can be called only by the contract owner.\\n /// @param operator Address of the updated operator.\\n /// @param authorizedStake Operator's authorized stake for the application.\\n function updateOperatorStatus(address operator, uint256 authorizedStake)\\n public\\n onlyOwner\\n onlyUnlocked\\n {\\n uint256 weight = getWeight(authorizedStake);\\n\\n uint32 id = getOperatorID(operator);\\n Rewards.updateOperatorRewards(id, uint32(weight));\\n\\n if (weight == 0) {\\n _removeOperator(operator);\\n } else {\\n updateOperator(operator, weight);\\n }\\n }\\n\\n function setRewardIneligibility(uint32[] calldata operators, uint256 until)\\n public\\n onlyOwner\\n {\\n Rewards.setIneligible(operators, until);\\n emit IneligibleForRewards(operators, until);\\n }\\n\\n function restoreRewardEligibility(address operator) public {\\n uint32 id = getOperatorID(operator);\\n Rewards.restoreEligibility(id);\\n emit RewardEligibilityRestored(operator, id);\\n }\\n\\n /// @notice Returns the amount of rewards withdrawable for the given operator.\\n function getAvailableRewards(address operator) public view returns (uint96) {\\n uint32 id = getOperatorID(operator);\\n return availableRewards(id);\\n }\\n\\n /// @notice Return whether the operator is present in the pool.\\n function isOperatorInPool(address operator) public view returns (bool) {\\n return getFlaggedLeafPosition(operator) != 0;\\n }\\n\\n /// @notice Return whether the operator's weight in the pool\\n /// matches their eligible weight.\\n function isOperatorUpToDate(address operator, uint256 authorizedStake)\\n public\\n view\\n returns (bool)\\n {\\n return getWeight(authorizedStake) == getPoolWeight(operator);\\n }\\n\\n /// @notice Return the weight of the operator in the pool,\\n /// which may or may not be out of date.\\n function getPoolWeight(address operator) public view returns (uint256) {\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n if (flaggedPosition == 0) {\\n return 0;\\n } else {\\n uint256 leafPosition = flaggedPosition.unsetFlag();\\n uint256 leafWeight = getLeafWeight(leafPosition);\\n return leafWeight;\\n }\\n }\\n\\n /// @notice Selects a new group of operators of the provided size based on\\n /// the provided pseudo-random seed. At least one operator has to be\\n /// registered in the pool, otherwise the function fails reverting the\\n /// transaction.\\n /// @param groupSize Size of the requested group\\n /// @param seed Pseudo-random number used to select operators to group\\n /// @return selected Members of the selected group\\n function selectGroup(uint256 groupSize, bytes32 seed)\\n public\\n view\\n onlyLocked\\n returns (uint32[] memory)\\n {\\n uint256 _root = root;\\n\\n bytes32 rngState = seed;\\n uint256 rngRange = _root.sumWeight();\\n require(rngRange > 0, \\\"Not enough operators in pool\\\");\\n uint256 currentIndex;\\n\\n uint256 bits = RNG.bitsRequired(rngRange);\\n\\n uint32[] memory selected = new uint32[](groupSize);\\n\\n for (uint256 i = 0; i < groupSize; i++) {\\n (currentIndex, rngState) = RNG.getIndex(rngRange, rngState, bits);\\n\\n uint256 leafPosition = pickWeightedLeaf(currentIndex, _root);\\n\\n uint256 leaf = leaves[leafPosition];\\n selected[i] = leaf.id();\\n }\\n return selected;\\n }\\n\\n function getWeight(uint256 authorization) internal view returns (uint256) {\\n return authorization / poolWeightDivisor;\\n }\\n}\\n\",\"keccak256\":\"0x93d8bd42838147a475cb4c0086e3175714c9438bc5515fd6065577958d5b2b73\"},\"@keep-network/sortition-pools/contracts/SortitionTree.sol\":{\"content\":\"pragma solidity 0.8.9;\\n\\nimport \\\"./Branch.sol\\\";\\nimport \\\"./Position.sol\\\";\\nimport \\\"./Leaf.sol\\\";\\n\\ncontract SortitionTree {\\n using Branch for uint256;\\n using Position for uint256;\\n using Leaf for uint256;\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Parameters for configuration\\n\\n // How many bits a position uses per level of the tree;\\n // each branch of the tree contains 2**SLOT_BITS slots.\\n uint256 private constant SLOT_BITS = 3;\\n uint256 private constant LEVELS = 7;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n ////////////////////////////////////////////////////////////////////////////\\n // Derived constants, do not touch\\n uint256 private constant SLOT_COUNT = 2**SLOT_BITS;\\n uint256 private constant SLOT_WIDTH = 256 / SLOT_COUNT;\\n uint256 private constant SLOT_MAX = (2**SLOT_WIDTH) - 1;\\n uint256 private constant POOL_CAPACITY = SLOT_COUNT**LEVELS;\\n ////////////////////////////////////////////////////////////////////////////\\n\\n // implicit tree\\n // root 8\\n // level2 64\\n // level3 512\\n // level4 4k\\n // level5 32k\\n // level6 256k\\n // level7 2M\\n uint256 internal root;\\n mapping(uint256 => mapping(uint256 => uint256)) internal branches;\\n mapping(uint256 => uint256) internal leaves;\\n\\n // the flagged (see setFlag() and unsetFlag() in Position.sol) positions\\n // of all operators present in the pool\\n mapping(address => uint256) internal flaggedLeafPosition;\\n\\n // the leaf after the rightmost occupied leaf of each stack\\n uint256 internal rightmostLeaf;\\n // the empty leaves in each stack\\n // between 0 and the rightmost occupied leaf\\n uint256[] internal emptyLeaves;\\n\\n // Each operator has an uint32 ID number\\n // which is allocated when they first join the pool\\n // and remains unchanged even if they leave and rejoin the pool.\\n mapping(address => uint32) internal operatorID;\\n // The idAddress array records the address corresponding to each ID number.\\n // The ID number 0 is initialized with a zero address and is not used.\\n address[] internal idAddress;\\n\\n constructor() {\\n root = 0;\\n rightmostLeaf = 0;\\n idAddress.push();\\n }\\n\\n // Return the ID number of the given operator address.\\n // An ID number of 0 means the operator has not been allocated an ID number yet.\\n function getOperatorID(address operator) public view returns (uint32) {\\n return operatorID[operator];\\n }\\n\\n // Get the operator address corresponding to the given ID number.\\n // An empty address means the ID number has not been allocated yet.\\n function getIDOperator(uint32 id) public view returns (address) {\\n return idAddress.length > id ? idAddress[id] : address(0);\\n }\\n\\n // Gets the operator addresses corresponding to the given ID numbers.\\n // An empty address means the ID number has not been allocated yet.\\n // This function works just like getIDOperator except that it allows to fetch\\n // operator addresses for multiple IDs in one call.\\n function getIDOperators(uint32[] calldata ids)\\n public\\n view\\n returns (address[] memory)\\n {\\n uint256 idCount = idAddress.length;\\n\\n address[] memory operators = new address[](ids.length);\\n for (uint256 i = 0; i < ids.length; i++) {\\n uint32 id = ids[i];\\n operators[i] = idCount > id ? idAddress[id] : address(0);\\n }\\n return operators;\\n }\\n\\n // checks if operator is already registered in the pool\\n function isOperatorRegistered(address operator) public view returns (bool) {\\n return getFlaggedLeafPosition(operator) != 0;\\n }\\n\\n // Sum the number of operators in each trunk\\n function operatorsInPool() public view returns (uint256) {\\n // Get the number of leaves that might be occupied;\\n // if `rightmostLeaf` equals `firstLeaf()` the tree must be empty,\\n // otherwise the difference between these numbers\\n // gives the number of leaves that may be occupied.\\n uint256 nPossiblyUsedLeaves = rightmostLeaf;\\n // Get the number of empty leaves\\n // not accounted for by the `rightmostLeaf`\\n uint256 nEmptyLeaves = emptyLeaves.length;\\n\\n return (nPossiblyUsedLeaves - nEmptyLeaves);\\n }\\n\\n function totalWeight() public view returns (uint256) {\\n return root.sumWeight();\\n }\\n\\n // Give the operator a new ID number\\n // Does not check if the operator already has an ID number\\n function allocateOperatorID(address operator) internal returns (uint256) {\\n uint256 id = idAddress.length;\\n\\n require(id <= type(uint32).max, \\\"Pool capacity exceeded\\\");\\n\\n operatorID[operator] = uint32(id);\\n idAddress.push(operator);\\n return id;\\n }\\n\\n function _insertOperator(address operator, uint256 weight) internal {\\n require(\\n !isOperatorRegistered(operator),\\n \\\"Operator is already registered in the pool\\\"\\n );\\n\\n uint256 id = getOperatorID(operator);\\n if (id == 0) {\\n id = allocateOperatorID(operator);\\n }\\n\\n uint256 position = getEmptyLeafPosition();\\n // Record the block the operator was inserted in\\n uint256 theLeaf = Leaf.make(operator, block.number, id);\\n\\n root = setLeaf(position, theLeaf, weight, root);\\n\\n // Without position flags,\\n // the position 0x000000 would be treated as empty\\n flaggedLeafPosition[operator] = position.setFlag();\\n }\\n\\n function _removeOperator(address operator) internal {\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n require(flaggedPosition != 0, \\\"Operator is not registered in the pool\\\");\\n uint256 unflaggedPosition = flaggedPosition.unsetFlag();\\n root = removeLeaf(unflaggedPosition, root);\\n removeLeafPositionRecord(operator);\\n }\\n\\n function updateOperator(address operator, uint256 weight) internal {\\n require(\\n isOperatorRegistered(operator),\\n \\\"Operator is not registered in the pool\\\"\\n );\\n\\n uint256 flaggedPosition = getFlaggedLeafPosition(operator);\\n uint256 unflaggedPosition = flaggedPosition.unsetFlag();\\n root = updateLeaf(unflaggedPosition, weight, root);\\n }\\n\\n function removeLeafPositionRecord(address operator) internal {\\n flaggedLeafPosition[operator] = 0;\\n }\\n\\n function removeLeaf(uint256 position, uint256 _root)\\n internal\\n returns (uint256)\\n {\\n uint256 rightmostSubOne = rightmostLeaf - 1;\\n bool isRightmost = position == rightmostSubOne;\\n\\n uint256 newRoot = setLeaf(position, 0, 0, _root);\\n\\n if (isRightmost) {\\n rightmostLeaf = rightmostSubOne;\\n } else {\\n emptyLeaves.push(position);\\n }\\n return newRoot;\\n }\\n\\n function updateLeaf(\\n uint256 position,\\n uint256 weight,\\n uint256 _root\\n ) internal returns (uint256) {\\n if (getLeafWeight(position) != weight) {\\n return updateTree(position, weight, _root);\\n } else {\\n return _root;\\n }\\n }\\n\\n function setLeaf(\\n uint256 position,\\n uint256 theLeaf,\\n uint256 leafWeight,\\n uint256 _root\\n ) internal returns (uint256) {\\n // set leaf\\n leaves[position] = theLeaf;\\n\\n return (updateTree(position, leafWeight, _root));\\n }\\n\\n function updateTree(\\n uint256 position,\\n uint256 weight,\\n uint256 _root\\n ) internal returns (uint256) {\\n uint256 childSlot;\\n uint256 treeNode;\\n uint256 newNode;\\n uint256 nodeWeight = weight;\\n\\n uint256 parent = position;\\n // set levels 7 to 2\\n for (uint256 level = LEVELS; level >= 2; level--) {\\n childSlot = parent.slot();\\n parent = parent.parent();\\n treeNode = branches[level][parent];\\n newNode = treeNode.setSlot(childSlot, nodeWeight);\\n branches[level][parent] = newNode;\\n nodeWeight = newNode.sumWeight();\\n }\\n\\n // set level Root\\n childSlot = parent.slot();\\n return _root.setSlot(childSlot, nodeWeight);\\n }\\n\\n function getEmptyLeafPosition() internal returns (uint256) {\\n uint256 rLeaf = rightmostLeaf;\\n bool spaceOnRight = (rLeaf + 1) < POOL_CAPACITY;\\n if (spaceOnRight) {\\n rightmostLeaf = rLeaf + 1;\\n return rLeaf;\\n } else {\\n uint256 emptyLeafCount = emptyLeaves.length;\\n require(emptyLeafCount > 0, \\\"Pool is full\\\");\\n uint256 emptyLeaf = emptyLeaves[emptyLeafCount - 1];\\n emptyLeaves.pop();\\n return emptyLeaf;\\n }\\n }\\n\\n function getFlaggedLeafPosition(address operator)\\n internal\\n view\\n returns (uint256)\\n {\\n return flaggedLeafPosition[operator];\\n }\\n\\n function getLeafWeight(uint256 position) internal view returns (uint256) {\\n uint256 slot = position.slot();\\n uint256 parent = position.parent();\\n uint256 node = branches[LEVELS][parent];\\n return node.getSlot(slot);\\n }\\n\\n function pickWeightedLeaf(uint256 index, uint256 _root)\\n internal\\n view\\n returns (uint256 leafPosition)\\n {\\n uint256 currentIndex = index;\\n uint256 currentNode = _root;\\n uint256 currentPosition = 0;\\n uint256 currentSlot;\\n\\n require(index < currentNode.sumWeight(), \\\"Index exceeds weight\\\");\\n\\n // get root slot\\n (currentSlot, currentIndex) = currentNode.pickWeightedSlot(currentIndex);\\n\\n // get slots from levels 2 to 7\\n for (uint256 level = 2; level <= LEVELS; level++) {\\n currentPosition = currentPosition.child(currentSlot);\\n currentNode = branches[level][currentPosition];\\n (currentSlot, currentIndex) = currentNode.pickWeightedSlot(currentIndex);\\n }\\n\\n // get leaf position\\n leafPosition = currentPosition.child(currentSlot);\\n }\\n}\\n\",\"keccak256\":\"0x706033e40b631b2bb1d24b230f770c51546c7476605dd1f87475013673c36367\"},\"@openzeppelin/contracts/access/Ownable.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\nimport \\\"../utils/Context.sol\\\";\\n\\n/**\\n * @dev Contract module which provides a basic access control mechanism, where\\n * there is an account (an owner) that can be granted exclusive access to\\n * specific functions.\\n *\\n * By default, the owner account will be the one that deploys the contract. This\\n * can later be changed with {transferOwnership}.\\n *\\n * This module is used through inheritance. It will make available the modifier\\n * `onlyOwner`, which can be applied to your functions to restrict their use to\\n * the owner.\\n */\\nabstract contract Ownable is Context {\\n address private _owner;\\n\\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\\n\\n /**\\n * @dev Initializes the contract setting the deployer as the initial owner.\\n */\\n constructor() {\\n _setOwner(_msgSender());\\n }\\n\\n /**\\n * @dev Returns the address of the current owner.\\n */\\n function owner() public view virtual returns (address) {\\n return _owner;\\n }\\n\\n /**\\n * @dev Throws if called by any account other than the owner.\\n */\\n modifier onlyOwner() {\\n require(owner() == _msgSender(), \\\"Ownable: caller is not the owner\\\");\\n _;\\n }\\n\\n /**\\n * @dev Leaves the contract without owner. It will not be possible to call\\n * `onlyOwner` functions anymore. Can only be called by the current owner.\\n *\\n * NOTE: Renouncing ownership will leave the contract without an owner,\\n * thereby removing any functionality that is only available to the owner.\\n */\\n function renounceOwnership() public virtual onlyOwner {\\n _setOwner(address(0));\\n }\\n\\n /**\\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\\n * Can only be called by the current owner.\\n */\\n function transferOwnership(address newOwner) public virtual onlyOwner {\\n require(newOwner != address(0), \\\"Ownable: new owner is the zero address\\\");\\n _setOwner(newOwner);\\n }\\n\\n function _setOwner(address newOwner) private {\\n address oldOwner = _owner;\\n _owner = newOwner;\\n emit OwnershipTransferred(oldOwner, newOwner);\\n }\\n}\\n\",\"keccak256\":\"0x6bb804a310218875e89d12c053e94a13a4607cdf7cc2052f3e52bd32a0dc50a1\",\"license\":\"MIT\"},\"@openzeppelin/contracts/token/ERC20/IERC20.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Interface of the ERC20 standard as defined in the EIP.\\n */\\ninterface IERC20 {\\n /**\\n * @dev Returns the amount of tokens in existence.\\n */\\n function totalSupply() external view returns (uint256);\\n\\n /**\\n * @dev Returns the amount of tokens owned by `account`.\\n */\\n function balanceOf(address account) external view returns (uint256);\\n\\n /**\\n * @dev Moves `amount` tokens from the caller's account to `recipient`.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * Emits a {Transfer} event.\\n */\\n function transfer(address recipient, uint256 amount) external returns (bool);\\n\\n /**\\n * @dev Returns the remaining number of tokens that `spender` will be\\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\\n * zero by default.\\n *\\n * This value changes when {approve} or {transferFrom} are called.\\n */\\n function allowance(address owner, address spender) external view returns (uint256);\\n\\n /**\\n * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\\n * that someone may use both the old and the new allowance by unfortunate\\n * transaction ordering. One possible solution to mitigate this race\\n * condition is to first reduce the spender's allowance to 0 and set the\\n * desired value afterwards:\\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\\n *\\n * Emits an {Approval} event.\\n */\\n function approve(address spender, uint256 amount) external returns (bool);\\n\\n /**\\n * @dev Moves `amount` tokens from `sender` to `recipient` using the\\n * allowance mechanism. `amount` is then deducted from the caller's\\n * allowance.\\n *\\n * Returns a boolean value indicating whether the operation succeeded.\\n *\\n * Emits a {Transfer} event.\\n */\\n function transferFrom(\\n address sender,\\n address recipient,\\n uint256 amount\\n ) external returns (bool);\\n\\n /**\\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\\n * another (`to`).\\n *\\n * Note that `value` may be zero.\\n */\\n event Transfer(address indexed from, address indexed to, uint256 value);\\n\\n /**\\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\\n * a call to {approve}. `value` is the new allowance.\\n */\\n event Approval(address indexed owner, address indexed spender, uint256 value);\\n}\\n\",\"keccak256\":\"0x027b891937d20ccf213fdb9c31531574256de774bda99d3a70ecef6e1913ed2a\",\"license\":\"MIT\"},\"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\nimport \\\"../IERC20.sol\\\";\\n\\n/**\\n * @dev Interface for the optional metadata functions from the ERC20 standard.\\n *\\n * _Available since v4.1._\\n */\\ninterface IERC20Metadata is IERC20 {\\n /**\\n * @dev Returns the name of the token.\\n */\\n function name() external view returns (string memory);\\n\\n /**\\n * @dev Returns the symbol of the token.\\n */\\n function symbol() external view returns (string memory);\\n\\n /**\\n * @dev Returns the decimals places of the token.\\n */\\n function decimals() external view returns (uint8);\\n}\\n\",\"keccak256\":\"0x83fe24f5c04a56091e50f4a345ff504c8bff658a76d4c43b16878c8f940c53b2\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/Context.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/*\\n * @dev Provides information about the current execution context, including the\\n * sender of the transaction and its data. While these are generally available\\n * via msg.sender and msg.data, they should not be accessed in such a direct\\n * manner, since when dealing with meta-transactions the account sending and\\n * paying for execution may not be the actual sender (as far as an application\\n * is concerned).\\n *\\n * This contract is only required for intermediate, library-like contracts.\\n */\\nabstract contract Context {\\n function _msgSender() internal view virtual returns (address) {\\n return msg.sender;\\n }\\n\\n function _msgData() internal view virtual returns (bytes calldata) {\\n return msg.data;\\n }\\n}\\n\",\"keccak256\":\"0x95098bd1d9c8dec4d80d3dedb88a0d949fa0d740ee99f2aa466bc308216ca6d5\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.\\n *\\n * These functions can be used to verify that a message was signed by the holder\\n * of the private keys of a given address.\\n */\\nlibrary ECDSA {\\n /**\\n * @dev Returns the address that signed a hashed message (`hash`) with\\n * `signature`. This address can then be used for verification purposes.\\n *\\n * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:\\n * this function rejects them by requiring the `s` value to be in the lower\\n * half order, and the `v` value to be either 27 or 28.\\n *\\n * IMPORTANT: `hash` _must_ be the result of a hash operation for the\\n * verification to be secure: it is possible to craft signatures that\\n * recover to arbitrary addresses for non-hashed data. A safe way to ensure\\n * this is by receiving a hash of the original message (which may otherwise\\n * be too long), and then calling {toEthSignedMessageHash} on it.\\n *\\n * Documentation for signature generation:\\n * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]\\n * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]\\n */\\n function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {\\n // Check the signature length\\n // - case 65: r,s,v signature (standard)\\n // - case 64: r,vs signature (cf https://eips.ethereum.org/EIPS/eip-2098) _Available since v4.1._\\n if (signature.length == 65) {\\n bytes32 r;\\n bytes32 s;\\n uint8 v;\\n // ecrecover takes the signature parameters, and the only way to get them\\n // currently is to use assembly.\\n assembly {\\n r := mload(add(signature, 0x20))\\n s := mload(add(signature, 0x40))\\n v := byte(0, mload(add(signature, 0x60)))\\n }\\n return recover(hash, v, r, s);\\n } else if (signature.length == 64) {\\n bytes32 r;\\n bytes32 vs;\\n // ecrecover takes the signature parameters, and the only way to get them\\n // currently is to use assembly.\\n assembly {\\n r := mload(add(signature, 0x20))\\n vs := mload(add(signature, 0x40))\\n }\\n return recover(hash, r, vs);\\n } else {\\n revert(\\\"ECDSA: invalid signature length\\\");\\n }\\n }\\n\\n /**\\n * @dev Overload of {ECDSA-recover} that receives the `r` and `vs` short-signature fields separately.\\n *\\n * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]\\n *\\n * _Available since v4.2._\\n */\\n function recover(\\n bytes32 hash,\\n bytes32 r,\\n bytes32 vs\\n ) internal pure returns (address) {\\n bytes32 s;\\n uint8 v;\\n assembly {\\n s := and(vs, 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff)\\n v := add(shr(255, vs), 27)\\n }\\n return recover(hash, v, r, s);\\n }\\n\\n /**\\n * @dev Overload of {ECDSA-recover} that receives the `v`, `r` and `s` signature fields separately.\\n */\\n function recover(\\n bytes32 hash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) internal pure returns (address) {\\n // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature\\n // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines\\n // the valid range for s in (281): 0 < s < secp256k1n \\u00f7 2 + 1, and for v in (282): v \\u2208 {27, 28}. Most\\n // signatures from current libraries generate a unique signature with an s-value in the lower half order.\\n //\\n // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value\\n // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or\\n // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept\\n // these malleable signatures as well.\\n require(\\n uint256(s) <= 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\\n \\\"ECDSA: invalid signature 's' value\\\"\\n );\\n require(v == 27 || v == 28, \\\"ECDSA: invalid signature 'v' value\\\");\\n\\n // If the signature is valid (and not malleable), return the signer address\\n address signer = ecrecover(hash, v, r, s);\\n require(signer != address(0), \\\"ECDSA: invalid signature\\\");\\n\\n return signer;\\n }\\n\\n /**\\n * @dev Returns an Ethereum Signed Message, created from a `hash`. This\\n * produces hash corresponding to the one signed with the\\n * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]\\n * JSON-RPC method as part of EIP-191.\\n *\\n * See {recover}.\\n */\\n function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {\\n // 32 is the length in bytes of hash,\\n // enforced by the type signature above\\n return keccak256(abi.encodePacked(\\\"\\\\x19Ethereum Signed Message:\\\\n32\\\", hash));\\n }\\n\\n /**\\n * @dev Returns an Ethereum Signed Typed Data, created from a\\n * `domainSeparator` and a `structHash`. This produces hash corresponding\\n * to the one signed with the\\n * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]\\n * JSON-RPC method as part of EIP-712.\\n *\\n * See {recover}.\\n */\\n function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {\\n return keccak256(abi.encodePacked(\\\"\\\\x19\\\\x01\\\", domainSeparator, structHash));\\n }\\n}\\n\",\"keccak256\":\"0x828774372910d18e7337bc31a288d786748af4cd9da80222467e486ed1d569ab\",\"license\":\"MIT\"},\"@openzeppelin/contracts/utils/math/Math.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Standard math utilities missing in the Solidity language.\\n */\\nlibrary Math {\\n /**\\n * @dev Returns the largest of two numbers.\\n */\\n function max(uint256 a, uint256 b) internal pure returns (uint256) {\\n return a >= b ? a : b;\\n }\\n\\n /**\\n * @dev Returns the smallest of two numbers.\\n */\\n function min(uint256 a, uint256 b) internal pure returns (uint256) {\\n return a < b ? a : b;\\n }\\n\\n /**\\n * @dev Returns the average of two numbers. The result is rounded towards\\n * zero.\\n */\\n function average(uint256 a, uint256 b) internal pure returns (uint256) {\\n // (a + b) / 2 can overflow, so we distribute.\\n return (a / 2) + (b / 2) + (((a % 2) + (b % 2)) / 2);\\n }\\n\\n /**\\n * @dev Returns the ceiling of the division of two numbers.\\n *\\n * This differs from standard division with `/` in that it rounds up instead\\n * of rounding down.\\n */\\n function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {\\n // (a + b - 1) / b can overflow on addition, so we distribute.\\n return a / b + (a % b == 0 ? 0 : 1);\\n }\\n}\\n\",\"keccak256\":\"0x2cc1535d318fe533ffa4ad30de28f5abed305ff748bc72d0344072ac10007e29\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IApproveAndCall.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\n/// @notice An interface that should be implemented by tokens supporting\\n/// `approveAndCall`/`receiveApproval` pattern.\\ninterface IApproveAndCall {\\n /// @notice Executes `receiveApproval` function on spender as specified in\\n /// `IReceiveApproval` interface. Approves spender to withdraw from\\n /// the caller multiple times, up to the `amount`. If this\\n /// function is called again, it overwrites the current allowance\\n /// with `amount`. Reverts if the approval reverted or if\\n /// `receiveApproval` call on the spender reverted.\\n function approveAndCall(\\n address spender,\\n uint256 amount,\\n bytes memory extraData\\n ) external returns (bool);\\n}\\n\",\"keccak256\":\"0x393d18ef81a57dcc96fff4c340cc2945deaebb37b9796c322cf2bc96872c3df8\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IERC20WithPermit.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\nimport \\\"@openzeppelin/contracts/token/ERC20/IERC20.sol\\\";\\nimport \\\"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol\\\";\\n\\nimport \\\"./IApproveAndCall.sol\\\";\\n\\n/// @title IERC20WithPermit\\n/// @notice Burnable ERC20 token with EIP2612 permit functionality. User can\\n/// authorize a transfer of their token with a signature conforming\\n/// EIP712 standard instead of an on-chain transaction from their\\n/// address. Anyone can submit this signature on the user's behalf by\\n/// calling the permit function, as specified in EIP2612 standard,\\n/// paying gas fees, and possibly performing other actions in the same\\n/// transaction.\\ninterface IERC20WithPermit is IERC20, IERC20Metadata, IApproveAndCall {\\n /// @notice EIP2612 approval made with secp256k1 signature.\\n /// Users can authorize a transfer of their tokens with a signature\\n /// conforming EIP712 standard, rather than an on-chain transaction\\n /// from their address. Anyone can submit this signature on the\\n /// user's behalf by calling the permit function, paying gas fees,\\n /// and possibly performing other actions in the same transaction.\\n /// @dev The deadline argument can be set to `type(uint256).max to create\\n /// permits that effectively never expire.\\n function permit(\\n address owner,\\n address spender,\\n uint256 amount,\\n uint256 deadline,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) external;\\n\\n /// @notice Destroys `amount` tokens from the caller.\\n function burn(uint256 amount) external;\\n\\n /// @notice Destroys `amount` of tokens from `account`, deducting the amount\\n /// from caller's allowance.\\n function burnFrom(address account, uint256 amount) external;\\n\\n /// @notice Returns hash of EIP712 Domain struct with the token name as\\n /// a signing domain and token contract as a verifying contract.\\n /// Used to construct EIP2612 signature provided to `permit`\\n /// function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function DOMAIN_SEPARATOR() external view returns (bytes32);\\n\\n /// @notice Returns the current nonce for EIP2612 permission for the\\n /// provided token owner for a replay protection. Used to construct\\n /// EIP2612 signature provided to `permit` function.\\n function nonce(address owner) external view returns (uint256);\\n\\n /// @notice Returns EIP2612 Permit message hash. Used to construct EIP2612\\n /// signature provided to `permit` function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function PERMIT_TYPEHASH() external pure returns (bytes32);\\n}\\n\",\"keccak256\":\"0xdac9a5086c19a7128b505a7be1ab0ac1aa314f6989cb88d2417e9d7383f89fa9\",\"license\":\"MIT\"},\"@thesis/solidity-contracts/contracts/token/IReceiveApproval.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.4;\\n\\n/// @notice An interface that should be implemented by contracts supporting\\n/// `approveAndCall`/`receiveApproval` pattern.\\ninterface IReceiveApproval {\\n /// @notice Receives approval to spend tokens. Called as a result of\\n /// `approveAndCall` call on the token.\\n function receiveApproval(\\n address from,\\n uint256 amount,\\n address token,\\n bytes calldata extraData\\n ) external;\\n}\\n\",\"keccak256\":\"0x6a30d83ad230548b1e7839737affc8489a035314209de14b89dbef7fb0f66395\",\"license\":\"MIT\"},\"contracts/bank/Bank.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@openzeppelin/contracts/access/Ownable.sol\\\";\\n\\nimport \\\"../vault/IVault.sol\\\";\\n\\n/// @title Bitcoin Bank\\n/// @notice Bank is a central component tracking Bitcoin balances. Balances can\\n/// be transferred between holders and holders can approve their\\n/// balances to be spent by others. Balances in the Bank are updated for\\n/// depositors who deposit their Bitcoin into the Bridge and only the\\n/// Bridge can increase balances.\\n/// @dev Bank is a governable contract and the Governance can upgrade the Bridge\\n/// address.\\ncontract Bank is Ownable {\\n address public bridge;\\n\\n /// @notice The balance of a given account in the Bank. Zero by default.\\n mapping(address => uint256) public balanceOf;\\n\\n /// @notice The remaining amount of balance a spender will be\\n /// allowed to transfer on behalf of an owner using\\n /// `transferBalanceFrom`. Zero by default.\\n mapping(address => mapping(address => uint256)) public allowance;\\n\\n /// @notice Returns the current nonce for EIP2612 permission for the\\n /// provided balance owner for a replay protection. Used to\\n /// construct EIP2612 signature provided to `permit` function.\\n mapping(address => uint256) public nonce;\\n\\n uint256 public immutable cachedChainId;\\n bytes32 public immutable cachedDomainSeparator;\\n\\n /// @notice Returns EIP2612 Permit message hash. Used to construct EIP2612\\n /// signature provided to `permit` function.\\n bytes32 public constant PERMIT_TYPEHASH =\\n keccak256(\\n \\\"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)\\\"\\n );\\n\\n event BalanceTransferred(\\n address indexed from,\\n address indexed to,\\n uint256 amount\\n );\\n\\n event BalanceApproved(\\n address indexed owner,\\n address indexed spender,\\n uint256 amount\\n );\\n\\n event BalanceIncreased(address indexed owner, uint256 amount);\\n\\n event BalanceDecreased(address indexed owner, uint256 amount);\\n\\n event BridgeUpdated(address newBridge);\\n\\n modifier onlyBridge() {\\n require(msg.sender == address(bridge), \\\"Caller is not the bridge\\\");\\n _;\\n }\\n\\n constructor() {\\n cachedChainId = block.chainid;\\n cachedDomainSeparator = buildDomainSeparator();\\n }\\n\\n /// @notice Allows the Governance to upgrade the Bridge address.\\n /// @dev The function does not implement any governance delay and does not\\n /// check the status of the Bridge. The Governance implementation needs\\n /// to ensure all requirements for the upgrade are satisfied before\\n /// executing this function.\\n function updateBridge(address _bridge) external onlyOwner {\\n require(_bridge != address(0), \\\"Bridge address must not be 0x0\\\");\\n bridge = _bridge;\\n emit BridgeUpdated(_bridge);\\n }\\n\\n /// @notice Moves the given `amount` of balance from the caller to\\n /// `recipient`.\\n /// @dev Requirements:\\n /// - `recipient` cannot be the zero address,\\n /// - the caller must have a balance of at least `amount`.\\n function transferBalance(address recipient, uint256 amount) external {\\n _transferBalance(msg.sender, recipient, amount);\\n }\\n\\n /// @notice Sets `amount` as the allowance of `spender` over the caller's\\n /// balance.\\n /// @dev If the `amount` is set to `type(uint256).max` then\\n /// `transferBalanceFrom` will not reduce an allowance.\\n /// Beware that changing an allowance with this function brings the\\n /// risk that someone may use both the old and the new allowance by\\n /// unfortunate transaction ordering. Please use\\n /// `increaseBalanceAllowance` and `decreaseBalanceAllowance` to\\n /// eliminate the risk.\\n function approveBalance(address spender, uint256 amount) external {\\n _approveBalance(msg.sender, spender, amount);\\n }\\n\\n /// @notice Sets `amount` as the allowance of a smart contract `vault` over\\n /// the caller's balance and calls the vault via\\n /// `receiveBalanceApproval`.\\n /// @dev If the `amount` is set to `type(uint256).max` then the logic in\\n /// `receiveBalanceApproval` or later call to `transferBalanceFrom` by\\n /// the vault will not reduce an allowance. Beware that changing an\\n /// allowance with this function brings the risk that vault may use\\n /// both the old and the new allowance by unfortunate transaction\\n /// ordering. Please use `increaseBalanceAllowance` and\\n /// `decreaseBalanceAllowance` to eliminate the risk.\\n function approveBalanceAndCall(address vault, uint256 amount) external {\\n _approveBalance(msg.sender, vault, amount);\\n IVault(vault).receiveBalanceApproval(msg.sender, amount);\\n }\\n\\n /// @notice Atomically increases the balance allowance granted to `spender`\\n /// by the caller by the given `addedValue`.\\n function increaseBalanceAllowance(address spender, uint256 addedValue)\\n external\\n {\\n _approveBalance(\\n msg.sender,\\n spender,\\n allowance[msg.sender][spender] + addedValue\\n );\\n }\\n\\n /// @notice Atomically decreases the balance allowance granted to `spender`\\n /// by the caller by the given `subtractedValue`.\\n function decreaseBalanceAllowance(address spender, uint256 subtractedValue)\\n external\\n {\\n uint256 currentAllowance = allowance[msg.sender][spender];\\n require(\\n currentAllowance >= subtractedValue,\\n \\\"Can not decrease balance allowance below zero\\\"\\n );\\n unchecked {\\n _approveBalance(\\n msg.sender,\\n spender,\\n currentAllowance - subtractedValue\\n );\\n }\\n }\\n\\n /// @notice Moves `amount` of balance from `spender` to `recipient` using the\\n /// allowance mechanism. `amount` is then deducted from the caller's\\n /// allowance unless the allowance was made for `type(uint256).max`.\\n /// @dev Requirements:\\n /// - `recipient` cannot be the zero address,\\n /// - `spender` must have a balance of at least `amount`,\\n /// - the caller must have allowance for `spender`'s balance of at\\n /// least `amount`.\\n function transferBalanceFrom(\\n address spender,\\n address recipient,\\n uint256 amount\\n ) external {\\n uint256 currentAllowance = allowance[spender][msg.sender];\\n if (currentAllowance != type(uint256).max) {\\n require(\\n currentAllowance >= amount,\\n \\\"Transfer amount exceeds allowance\\\"\\n );\\n unchecked {\\n _approveBalance(spender, msg.sender, currentAllowance - amount);\\n }\\n }\\n _transferBalance(spender, recipient, amount);\\n }\\n\\n /// @notice EIP2612 approval made with secp256k1 signature.\\n /// Users can authorize a transfer of their balance with a signature\\n /// conforming EIP712 standard, rather than an on-chain transaction\\n /// from their address. Anyone can submit this signature on the\\n /// user's behalf by calling the permit function, paying gas fees,\\n /// and possibly performing other actions in the same transaction.\\n /// @dev The deadline argument can be set to `type(uint256).max to create\\n /// permits that effectively never expire. If the `amount` is set\\n /// to `type(uint256).max` then `transferBalanceFrom` will not\\n /// reduce an allowance. Beware that changing an allowance with this\\n /// function brings the risk that someone may use both the old and the\\n /// new allowance by unfortunate transaction ordering. Please use\\n /// `increaseBalanceAllowance` and `decreaseBalanceAllowance` to\\n /// eliminate the risk.\\n function permit(\\n address owner,\\n address spender,\\n uint256 amount,\\n uint256 deadline,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n ) external {\\n /* solhint-disable-next-line not-rely-on-time */\\n require(deadline >= block.timestamp, \\\"Permission expired\\\");\\n\\n // Validate `s` and `v` values for a malleability concern described in EIP2.\\n // Only signatures with `s` value in the lower half of the secp256k1\\n // curve's order and `v` value of 27 or 28 are considered valid.\\n require(\\n uint256(s) <=\\n 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\\n \\\"Invalid signature 's' value\\\"\\n );\\n require(v == 27 || v == 28, \\\"Invalid signature 'v' value\\\");\\n\\n bytes32 digest = keccak256(\\n abi.encodePacked(\\n \\\"\\\\x19\\\\x01\\\",\\n DOMAIN_SEPARATOR(),\\n keccak256(\\n abi.encode(\\n PERMIT_TYPEHASH,\\n owner,\\n spender,\\n amount,\\n nonce[owner]++,\\n deadline\\n )\\n )\\n )\\n );\\n address recoveredAddress = ecrecover(digest, v, r, s);\\n require(\\n recoveredAddress != address(0) && recoveredAddress == owner,\\n \\\"Invalid signature\\\"\\n );\\n _approveBalance(owner, spender, amount);\\n }\\n\\n /// @notice Increases balances of the provided `recipients` by the provided\\n /// `amounts`. Can only be called by the Bridge.\\n /// @dev Requirements:\\n /// - length of `recipients` and `amounts` must be the same.\\n function increaseBalances(\\n address[] calldata recipients,\\n uint256[] calldata amounts\\n ) external onlyBridge {\\n require(\\n recipients.length == amounts.length,\\n \\\"Arrays must have the same length\\\"\\n );\\n for (uint256 i = 0; i < recipients.length; i++) {\\n _increaseBalance(recipients[i], amounts[i]);\\n }\\n }\\n\\n /// @notice Increases balance of the provided `recipient` by the provided\\n /// `amount`. Can only be called by the Bridge.\\n function increaseBalance(address recipient, uint256 amount)\\n external\\n onlyBridge\\n {\\n _increaseBalance(recipient, amount);\\n }\\n\\n /// @notice Increases the given smart contract `vault`'s balance and\\n /// notifies the `vault` contract. Called by the Bridge after\\n /// the deposits routed by depositors to that `vault` have been\\n /// swept by the Bridge. This way, the depositor does not have to\\n /// issue a separate transaction to the `vault` contract.\\n /// Can be called only by the Bridge.\\n /// @dev Requirements:\\n /// - `vault` must implement `IVault` interface,\\n /// - length of `depositors` and `depositedAmounts` must be the same.\\n /// @param vault Address of `IVault` recipient contract\\n /// @param depositors Addresses of depositors whose deposits have been swept\\n /// @param depositedAmounts Amounts deposited by individual depositors and\\n /// swept. The `vault`'s balance in the Bank will be increased by the\\n /// sum of all elements in this array.\\n function increaseBalanceAndCall(\\n address vault,\\n address[] calldata depositors,\\n uint256[] calldata depositedAmounts\\n ) external onlyBridge {\\n require(\\n depositors.length == depositedAmounts.length,\\n \\\"Arrays must have the same length\\\"\\n );\\n uint256 totalAmount = 0;\\n for (uint256 i = 0; i < depositedAmounts.length; i++) {\\n totalAmount += depositedAmounts[i];\\n }\\n _increaseBalance(vault, totalAmount);\\n IVault(vault).receiveBalanceIncrease(depositors, depositedAmounts);\\n }\\n\\n /// @notice Decreases caller's balance by the provided `amount`. There is no\\n /// way to restore the balance so do not call this function unless\\n /// you really know what you are doing!\\n function decreaseBalance(uint256 amount) external {\\n balanceOf[msg.sender] -= amount;\\n emit BalanceDecreased(msg.sender, amount);\\n }\\n\\n /// @notice Returns hash of EIP712 Domain struct with `TBTC Bank` as\\n /// a signing domain and Bank contract as a verifying contract.\\n /// Used to construct EIP2612 signature provided to `permit`\\n /// function.\\n /* solhint-disable-next-line func-name-mixedcase */\\n function DOMAIN_SEPARATOR() public view returns (bytes32) {\\n // As explained in EIP-2612, if the DOMAIN_SEPARATOR contains the\\n // chainId and is defined at contract deployment instead of\\n // reconstructed for every signature, there is a risk of possible replay\\n // attacks between chains in the event of a future chain split.\\n // To address this issue, we check the cached chain ID against the\\n // current one and in case they are different, we build domain separator\\n // from scratch.\\n if (block.chainid == cachedChainId) {\\n return cachedDomainSeparator;\\n } else {\\n return buildDomainSeparator();\\n }\\n }\\n\\n function _increaseBalance(address recipient, uint256 amount) internal {\\n require(\\n recipient != address(this),\\n \\\"Can not increase balance for Bank\\\"\\n );\\n balanceOf[recipient] += amount;\\n emit BalanceIncreased(recipient, amount);\\n }\\n\\n function _transferBalance(\\n address spender,\\n address recipient,\\n uint256 amount\\n ) private {\\n require(\\n recipient != address(0),\\n \\\"Can not transfer to the zero address\\\"\\n );\\n require(\\n recipient != address(this),\\n \\\"Can not transfer to the Bank address\\\"\\n );\\n\\n uint256 spenderBalance = balanceOf[spender];\\n require(spenderBalance >= amount, \\\"Transfer amount exceeds balance\\\");\\n unchecked {\\n balanceOf[spender] = spenderBalance - amount;\\n }\\n balanceOf[recipient] += amount;\\n emit BalanceTransferred(spender, recipient, amount);\\n }\\n\\n function _approveBalance(\\n address owner,\\n address spender,\\n uint256 amount\\n ) private {\\n require(spender != address(0), \\\"Can not approve to the zero address\\\");\\n allowance[owner][spender] = amount;\\n emit BalanceApproved(owner, spender, amount);\\n }\\n\\n function buildDomainSeparator() private view returns (bytes32) {\\n return\\n keccak256(\\n abi.encode(\\n keccak256(\\n \\\"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)\\\"\\n ),\\n keccak256(bytes(\\\"TBTC Bank\\\")),\\n keccak256(bytes(\\\"1\\\")),\\n block.chainid,\\n address(this)\\n )\\n );\\n }\\n}\\n\",\"keccak256\":\"0x8c19af6dbb1974dcbf6bb623c6d3de6b28493b5f44e5fb1e36f47cdebf500453\",\"license\":\"MIT\"},\"contracts/bridge/BitcoinTx.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {ValidateSPV} from \\\"@keep-network/bitcoin-spv-sol/contracts/ValidateSPV.sol\\\";\\n\\nimport \\\"./BridgeState.sol\\\";\\n\\n/// @title Bitcoin transaction\\n/// @notice Allows to reference Bitcoin raw transaction in Solidity.\\n/// @dev See https://developer.bitcoin.org/reference/transactions.html#raw-transaction-format\\n///\\n/// Raw Bitcoin transaction data:\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|--------------|------------------------|---------------------------|\\n/// | 4 | version | int32_t (LE) | TX version number |\\n/// | varies | tx_in_count | compactSize uint (LE) | Number of TX inputs |\\n/// | varies | tx_in | txIn[] | TX inputs |\\n/// | varies | tx_out count | compactSize uint (LE) | Number of TX outputs |\\n/// | varies | tx_out | txOut[] | TX outputs |\\n/// | 4 | lock_time | uint32_t (LE) | Unix time or block number |\\n///\\n//\\n/// Non-coinbase transaction input (txIn):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|------------------|------------------------|---------------------------------------------|\\n/// | 36 | previous_output | outpoint | The previous outpoint being spent |\\n/// | varies | script bytes | compactSize uint (LE) | The number of bytes in the signature script |\\n/// | varies | signature script | char[] | The signature script, empty for P2WSH |\\n/// | 4 | sequence | uint32_t (LE) | Sequence number |\\n///\\n///\\n/// The reference to transaction being spent (outpoint):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |-------|-------|---------------|------------------------------------------|\\n/// | 32 | hash | char[32] | Hash of the transaction to spend |\\n/// | 4 | index | uint32_t (LE) | Index of the specific output from the TX |\\n///\\n///\\n/// Transaction output (txOut):\\n///\\n/// | Bytes | Name | BTC type | Description |\\n/// |--------|-----------------|-----------------------|--------------------------------------|\\n/// | 8 | value | int64_t (LE) | Number of satoshis to spend |\\n/// | 1+ | pk_script_bytes | compactSize uint (LE) | Number of bytes in the pubkey script |\\n/// | varies | pk_script | char[] | Pubkey script |\\n///\\n/// compactSize uint format:\\n///\\n/// | Value | Bytes | Format |\\n/// |-----------------------------------------|-------|----------------------------------------------|\\n/// | >= 0 && <= 252 | 1 | uint8_t |\\n/// | >= 253 && <= 0xffff | 3 | 0xfd followed by the number as uint16_t (LE) |\\n/// | >= 0x10000 && <= 0xffffffff | 5 | 0xfe followed by the number as uint32_t (LE) |\\n/// | >= 0x100000000 && <= 0xffffffffffffffff | 9 | 0xff followed by the number as uint64_t (LE) |\\n///\\n/// (*) compactSize uint is often references as VarInt)\\n///\\nlibrary BitcoinTx {\\n using BTCUtils for bytes;\\n using BTCUtils for uint256;\\n using ValidateSPV for bytes;\\n using ValidateSPV for bytes32;\\n\\n /// @notice Represents Bitcoin transaction data.\\n struct Info {\\n /// @notice Bitcoin transaction version\\n /// @dev `version` from raw Bitcoin transaction data.\\n /// Encoded as 4-bytes signed integer, little endian.\\n bytes4 version;\\n /// @notice All Bitcoin transaction inputs, prepended by the number of\\n /// transaction inputs.\\n /// @dev `tx_in_count | tx_in` from raw Bitcoin transaction data.\\n ///\\n /// The number of transaction inputs encoded as compactSize\\n /// unsigned integer, little-endian.\\n ///\\n /// Note that some popular block explorers reverse the order of\\n /// bytes from `outpoint`'s `hash` and display it as big-endian.\\n /// Solidity code of Bridge expects hashes in little-endian, just\\n /// like they are represented in a raw Bitcoin transaction.\\n bytes inputVector;\\n /// @notice All Bitcoin transaction outputs prepended by the number of\\n /// transaction outputs.\\n /// @dev `tx_out_count | tx_out` from raw Bitcoin transaction data.\\n ///\\n /// The number of transaction outputs encoded as a compactSize\\n /// unsigned integer, little-endian.\\n bytes outputVector;\\n /// @notice Bitcoin transaction locktime.\\n ///\\n /// @dev `lock_time` from raw Bitcoin transaction data.\\n /// Encoded as 4-bytes unsigned integer, little endian.\\n bytes4 locktime;\\n }\\n\\n /// @notice Represents data needed to perform a Bitcoin SPV proof.\\n struct Proof {\\n /// @notice The merkle proof of transaction inclusion in a block.\\n bytes merkleProof;\\n /// @notice Transaction index in the block (0-indexed).\\n uint256 txIndexInBlock;\\n /// @notice Single byte-string of 80-byte bitcoin headers,\\n /// lowest height first.\\n bytes bitcoinHeaders;\\n }\\n\\n /// @notice Represents info about an unspent transaction output.\\n struct UTXO {\\n /// @notice Hash of the transaction the output belongs to.\\n /// @dev Byte order corresponds to the Bitcoin internal byte order.\\n bytes32 txHash;\\n /// @notice Index of the transaction output (0-indexed).\\n uint32 txOutputIndex;\\n /// @notice Value of the transaction output.\\n uint64 txOutputValue;\\n }\\n\\n /// @notice Represents Bitcoin signature in the R/S/V format.\\n struct RSVSignature {\\n /// @notice Signature r value.\\n bytes32 r;\\n /// @notice Signature s value.\\n bytes32 s;\\n /// @notice Signature recovery value.\\n uint8 v;\\n }\\n\\n /// @notice Validates the SPV proof of the Bitcoin transaction.\\n /// Reverts in case the validation or proof verification fail.\\n /// @param txInfo Bitcoin transaction data\\n /// @param proof Bitcoin proof data\\n /// @return txHash Proven 32-byte transaction hash.\\n function validateProof(\\n BridgeState.Storage storage self,\\n Info calldata txInfo,\\n Proof calldata proof\\n ) internal view returns (bytes32 txHash) {\\n require(\\n txInfo.inputVector.validateVin(),\\n \\\"Invalid input vector provided\\\"\\n );\\n require(\\n txInfo.outputVector.validateVout(),\\n \\\"Invalid output vector provided\\\"\\n );\\n\\n txHash = abi\\n .encodePacked(\\n txInfo.version,\\n txInfo.inputVector,\\n txInfo.outputVector,\\n txInfo.locktime\\n )\\n .hash256View();\\n\\n require(\\n txHash.prove(\\n proof.bitcoinHeaders.extractMerkleRootLE(),\\n proof.merkleProof,\\n proof.txIndexInBlock\\n ),\\n \\\"Tx merkle proof is not valid for provided header and tx hash\\\"\\n );\\n\\n evaluateProofDifficulty(self, proof.bitcoinHeaders);\\n\\n return txHash;\\n }\\n\\n /// @notice Evaluates the given Bitcoin proof difficulty against the actual\\n /// Bitcoin chain difficulty provided by the relay oracle.\\n /// Reverts in case the evaluation fails.\\n /// @param bitcoinHeaders Bitcoin headers chain being part of the SPV\\n /// proof. Used to extract the observed proof difficulty\\n function evaluateProofDifficulty(\\n BridgeState.Storage storage self,\\n bytes memory bitcoinHeaders\\n ) internal view {\\n IRelay relay = self.relay;\\n uint256 currentEpochDifficulty = relay.getCurrentEpochDifficulty();\\n uint256 previousEpochDifficulty = relay.getPrevEpochDifficulty();\\n\\n uint256 requestedDiff = 0;\\n uint256 firstHeaderDiff = bitcoinHeaders\\n .extractTarget()\\n .calculateDifficulty();\\n\\n if (firstHeaderDiff == currentEpochDifficulty) {\\n requestedDiff = currentEpochDifficulty;\\n } else if (firstHeaderDiff == previousEpochDifficulty) {\\n requestedDiff = previousEpochDifficulty;\\n } else {\\n revert(\\\"Not at current or previous difficulty\\\");\\n }\\n\\n uint256 observedDiff = bitcoinHeaders.validateHeaderChain();\\n\\n require(\\n observedDiff != ValidateSPV.getErrBadLength(),\\n \\\"Invalid length of the headers chain\\\"\\n );\\n require(\\n observedDiff != ValidateSPV.getErrInvalidChain(),\\n \\\"Invalid headers chain\\\"\\n );\\n require(\\n observedDiff != ValidateSPV.getErrLowWork(),\\n \\\"Insufficient work in a header\\\"\\n );\\n\\n require(\\n observedDiff >= requestedDiff * self.txProofDifficultyFactor,\\n \\\"Insufficient accumulated difficulty in header chain\\\"\\n );\\n }\\n}\\n\",\"keccak256\":\"0x94b3d2bd3f077810802906d88aa7be051f475f8f2721245117f8b292e570c3df\",\"license\":\"MIT\"},\"contracts/bridge/Bridge.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@keep-network/random-beacon/contracts/Governable.sol\\\";\\n\\nimport {IWalletOwner as EcdsaWalletOwner} from \\\"@keep-network/ecdsa/contracts/api/IWalletOwner.sol\\\";\\n\\nimport \\\"./IRelay.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Deposit.sol\\\";\\nimport \\\"./Sweep.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\nimport \\\"./Fraud.sol\\\";\\nimport \\\"./MovingFunds.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @title Bitcoin Bridge\\n/// @notice Bridge manages BTC deposit and redemption flow and is increasing and\\n/// decreasing balances in the Bank as a result of BTC deposit and\\n/// redemption operations performed by depositors and redeemers.\\n///\\n/// Depositors send BTC funds to the most recently created off-chain\\n/// ECDSA wallet of the bridge using pay-to-script-hash (P2SH) or\\n/// pay-to-witness-script-hash (P2WSH) containing hashed information\\n/// about the depositor\\u2019s Ethereum address. Then, the depositor reveals\\n/// their Ethereum address along with their deposit blinding factor,\\n/// refund public key hash and refund locktime to the Bridge on Ethereum\\n/// chain. The off-chain ECDSA wallet listens for these sorts of\\n/// messages and when it gets one, it checks the Bitcoin network to make\\n/// sure the deposit lines up. If it does, the off-chain ECDSA wallet\\n/// may decide to pick the deposit transaction for sweeping, and when\\n/// the sweep operation is confirmed on the Bitcoin network, the ECDSA\\n/// wallet informs the Bridge about the sweep increasing appropriate\\n/// balances in the Bank.\\n/// @dev Bridge is an upgradeable component of the Bank. The order of\\n/// functionalities in this contract is: deposit, sweep, redemption,\\n/// moving funds, wallet lifecycle, frauds, parameters.\\n///\\n/// TODO: Revisit all events and look which parameters should be indexed.\\n/// TODO: Align the convention around `param` and `dev` endings. They should\\n/// not have a punctuation mark.\\ncontract Bridge is Governable, EcdsaWalletOwner {\\n using BridgeState for BridgeState.Storage;\\n using Deposit for BridgeState.Storage;\\n using Sweep for BridgeState.Storage;\\n using Redemption for BridgeState.Storage;\\n using MovingFunds for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using Fraud for BridgeState.Storage;\\n\\n BridgeState.Storage internal self;\\n\\n event DepositRevealed(\\n bytes32 fundingTxHash,\\n uint32 fundingOutputIndex,\\n address depositor,\\n uint64 amount,\\n bytes8 blindingFactor,\\n bytes20 walletPubKeyHash,\\n bytes20 refundPubKeyHash,\\n bytes4 refundLocktime,\\n address vault\\n );\\n\\n event DepositsSwept(bytes20 walletPubKeyHash, bytes32 sweepTxHash);\\n\\n event RedemptionRequested(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript,\\n address redeemer,\\n uint64 requestedAmount,\\n uint64 treasuryFee,\\n uint64 txMaxFee\\n );\\n\\n event RedemptionsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 redemptionTxHash\\n );\\n\\n event RedemptionTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript\\n );\\n\\n event WalletMovingFunds(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event MovingFundsCommitmentSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes20[] targetWallets,\\n address submitter\\n );\\n\\n event MovingFundsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 movingFundsTxHash\\n );\\n\\n event MovingFundsTimedOut(bytes20 walletPubKeyHash);\\n\\n event MovingFundsBelowDustReported(bytes20 walletPubKeyHash);\\n\\n event NewWalletRequested();\\n\\n event NewWalletRegistered(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosing(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosed(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletTerminated(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event FraudChallengeSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n );\\n\\n event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);\\n\\n event FraudChallengeDefeatTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash\\n );\\n\\n event VaultStatusUpdated(address indexed vault, bool isTrusted);\\n\\n event DepositParametersUpdated(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n );\\n\\n event RedemptionParametersUpdated(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n );\\n\\n event MovingFundsParametersUpdated(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint96 movingFundsTimeoutSlashingAmount,\\n uint256 movingFundsTimeoutNotifierRewardMultiplier,\\n uint64 movingFundsDustThreshold\\n );\\n\\n event WalletParametersUpdated(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n );\\n\\n event FraudParametersUpdated(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n );\\n\\n constructor(\\n address _bank,\\n address _relay,\\n address _treasury,\\n address _ecdsaWalletRegistry,\\n uint256 _txProofDifficultyFactor\\n ) {\\n require(_bank != address(0), \\\"Bank address cannot be zero\\\");\\n self.bank = Bank(_bank);\\n\\n require(_relay != address(0), \\\"Relay address cannot be zero\\\");\\n self.relay = IRelay(_relay);\\n\\n require(\\n _ecdsaWalletRegistry != address(0),\\n \\\"ECDSA Wallet Registry address cannot be zero\\\"\\n );\\n self.ecdsaWalletRegistry = EcdsaWalletRegistry(_ecdsaWalletRegistry);\\n\\n require(_treasury != address(0), \\\"Treasury address cannot be zero\\\");\\n self.treasury = _treasury;\\n\\n self.txProofDifficultyFactor = _txProofDifficultyFactor;\\n\\n // TODO: Revisit initial values.\\n self.depositDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC\\n self.depositTxMaxFee = 10000; // 10000 satoshi\\n self.depositTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005\\n self.redemptionDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC\\n self.redemptionTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005\\n self.redemptionTxMaxFee = 10000; // 10000 satoshi\\n self.redemptionTimeout = 172800; // 48 hours\\n self.redemptionTimeoutSlashingAmount = 10000 * 1e18; // 10000 T\\n self.redemptionTimeoutNotifierRewardMultiplier = 100; // 100%\\n self.movingFundsTxMaxTotalFee = 10000; // 10000 satoshi\\n self.movingFundsTimeout = 7 days;\\n self.movingFundsTimeoutSlashingAmount = 10000 * 1e18; // 10000 T\\n self.movingFundsTimeoutNotifierRewardMultiplier = 100; //100%\\n self.movingFundsDustThreshold = 20000; // 20000 satoshi\\n self.fraudSlashingAmount = 10000 * 1e18; // 10000 T\\n self.fraudNotifierRewardMultiplier = 100; // 100%\\n self.fraudChallengeDefeatTimeout = 7 days;\\n self.fraudChallengeDepositAmount = 2 ether;\\n self.walletCreationPeriod = 1 weeks;\\n self.walletCreationMinBtcBalance = 1e8; // 1 BTC\\n self.walletCreationMaxBtcBalance = 100e8; // 100 BTC\\n self.walletClosureMinBtcBalance = 5 * 1e7; // 0.5 BTC\\n self.walletMaxAge = 26 weeks; // ~6 months\\n self.walletMaxBtcTransfer = 10e8; // 10 BTC\\n self.walletClosingPeriod = 40 days;\\n\\n _transferGovernance(msg.sender);\\n }\\n\\n /// @notice Used by the depositor to reveal information about their P2(W)SH\\n /// Bitcoin deposit to the Bridge on Ethereum chain. The off-chain\\n /// wallet listens for revealed deposit events and may decide to\\n /// include the revealed deposit in the next executed sweep.\\n /// Information about the Bitcoin deposit can be revealed before or\\n /// after the Bitcoin transaction with P2(W)SH deposit is mined on\\n /// the Bitcoin chain. Worth noting, the gas cost of this function\\n /// scales with the number of P2(W)SH transaction inputs and\\n /// outputs. The deposit may be routed to one of the trusted vaults.\\n /// When a deposit is routed to a vault, vault gets notified when\\n /// the deposit gets swept and it may execute the appropriate action.\\n /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`\\n /// @param reveal Deposit reveal data, see `RevealInfo struct\\n /// @dev Requirements:\\n /// - `reveal.walletPubKeyHash` must identify a `Live` wallet\\n /// - `reveal.vault` must be 0x0 or point to a trusted vault\\n /// - `reveal.fundingOutputIndex` must point to the actual P2(W)SH\\n /// output of the BTC deposit transaction\\n /// - `reveal.depositor` must be the Ethereum address used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.blindingFactor` must be the blinding factor used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.walletPubKeyHash` must be the wallet pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundPubKeyHash` must be the refund pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundLocktime` must be the refund locktime used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex`\\n /// can be revealed only one time.\\n ///\\n /// If any of these requirements is not met, the wallet _must_ refuse\\n /// to sweep the deposit and the depositor has to wait until the\\n /// deposit script unlocks to receive their BTC back.\\n function revealDeposit(\\n BitcoinTx.Info calldata fundingTx,\\n Deposit.DepositRevealInfo calldata reveal\\n ) external {\\n self.revealDeposit(fundingTx, reveal);\\n }\\n\\n /// @notice Used by the wallet to prove the BTC deposit sweep transaction\\n /// and to update Bank balances accordingly. Sweep is only accepted\\n /// if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by first\\n /// computing the Bitcoin fee for the sweep transaction. The fee is\\n /// divided evenly between all swept deposits. Each depositor\\n /// receives a balance in the bank equal to the amount inferred\\n /// during the reveal transaction, minus their fee share.\\n ///\\n /// It is possible to prove the given sweep only one time.\\n /// @param sweepTx Bitcoin sweep transaction data\\n /// @param sweepProof Bitcoin sweep proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - `sweepTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `sweepTx` should represent a Bitcoin transaction with 1..n\\n /// inputs. If the wallet has no main UTXO, all n inputs should\\n /// correspond to P2(W)SH revealed deposits UTXOs. If the wallet has\\n /// an existing main UTXO, one of the n inputs must point to that\\n /// main UTXO and remaining n-1 inputs should correspond to P2(W)SH\\n /// revealed deposits UTXOs. That transaction must have only\\n /// one P2(W)PKH output locking funds on the 20-byte wallet public\\n /// key hash.\\n /// - `sweepProof` components must match the expected structure. See\\n /// `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If there is no main UTXO, this parameter is ignored.\\n function submitSweepProof(\\n BitcoinTx.Info calldata sweepTx,\\n BitcoinTx.Proof calldata sweepProof,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n self.submitSweepProof(sweepTx, sweepProof, mainUtxo);\\n }\\n\\n /// @notice Requests redemption of the given amount from the specified\\n /// wallet to the redeemer Bitcoin output script.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC\\n /// @param amount Requested amount in satoshi. This is also the TBTC amount\\n /// that is taken from redeemer's balance in the Bank upon request.\\n /// Once the request is handled, the actual amount of BTC locked\\n /// on the redeemer output script will be always lower than this value\\n /// since the treasury and Bitcoin transaction fees must be incurred.\\n /// The minimal amount satisfying the request can be computed as:\\n /// `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.\\n /// Fees values are taken at the moment of request creation.\\n /// @dev Requirements:\\n /// - Wallet behind `walletPubKeyHash` must be live\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// - `redeemerOutputScript` must be a proper Bitcoin script\\n /// - `redeemerOutputScript` cannot have wallet PKH as payload\\n /// - `amount` must be above or equal the `redemptionDustThreshold`\\n /// - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be\\n /// used for only one pending request at the same time\\n /// - Wallet must have enough Bitcoin balance to proceed the request\\n /// - Redeemer must make an allowance in the Bank that the Bridge\\n /// contract can spend the given `amount`.\\n function requestRedemption(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes calldata redeemerOutputScript,\\n uint64 amount\\n ) external {\\n self.requestRedemption(\\n walletPubKeyHash,\\n mainUtxo,\\n redeemerOutputScript,\\n amount\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC redemption transaction\\n /// and to make the necessary bookkeeping. Redemption is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by burning\\n /// the total redeemed Bitcoin amount from Bridge balance and\\n /// transferring the treasury fee sum to the treasury address.\\n ///\\n /// It is possible to prove the given redemption only one time.\\n /// @param redemptionTx Bitcoin redemption transaction data\\n /// @param redemptionProof Bitcoin redemption proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction\\n /// @dev Requirements:\\n /// - `redemptionTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `redemptionTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs handling existing pending\\n /// redemption requests or pointing to reported timed out requests.\\n /// There can be also 1 optional output representing the\\n /// change and pointing back to the 20-byte wallet public key hash.\\n /// The change should be always present if the redeemed value sum\\n /// is lower than the total wallet's BTC balance.\\n /// - `redemptionProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// Other remarks:\\n /// - Putting the change output as the first transaction output can\\n /// save some gas because the output processing loop begins each\\n /// iteration by checking whether the given output is the change\\n /// thus uses some gas for making the comparison. Once the change\\n /// is identified, that check is omitted in further iterations.\\n function submitRedemptionProof(\\n BitcoinTx.Info calldata redemptionTx,\\n BitcoinTx.Proof calldata redemptionProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n self.submitRedemptionProof(\\n redemptionTx,\\n redemptionProof,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n }\\n\\n /// @notice Notifies that there is a pending redemption request associated\\n /// with the given wallet, that has timed out. The redemption\\n /// request is identified by the key built as\\n /// `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n /// The results of calling this function:\\n /// - the pending redemptions value for the wallet will be decreased\\n /// by the requested amount (minus treasury fee),\\n /// - the tokens taken from the redeemer on redemption request will\\n /// be returned to the redeemer,\\n /// - the request will be moved from pending redemptions to\\n /// timed-out redemptions,\\n /// - if the state of the wallet is `Live` or `MovingFunds`, the\\n /// wallet operators will be slashed and the notifier will be\\n /// rewarded,\\n /// - if the state of wallet is `Live`, the wallet will be closed or\\n /// marked as `MovingFunds` (depending on the presence or absence\\n /// of the wallet's main UTXO) and the wallet will no longer be\\n /// marked as the active wallet (if it was marked as such).\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH)\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Terminated state\\n /// - The redemption request identified by `walletPubKeyHash` and\\n /// `redeemerOutputScript` must exist\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n /// - The amount of time defined by `redemptionTimeout` must have\\n /// passed since the redemption was requested (the request must be\\n /// timed-out)\\n function notifyRedemptionTimeout(\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs,\\n bytes calldata redeemerOutputScript\\n ) external {\\n self.notifyRedemptionTimeout(\\n walletPubKeyHash,\\n walletMembersIDs,\\n redeemerOutputScript\\n );\\n }\\n\\n /// @notice Submits the moving funds target wallets commitment.\\n /// Once all requirements are met, that function registers the\\n /// target wallets commitment and opens the way for moving funds\\n /// proof submission.\\n /// @param walletPubKeyHash 20-byte public key hash of the source wallet\\n /// @param walletMainUtxo Data of the source wallet's main UTXO, as\\n /// currently known on the Ethereum chain\\n /// @param walletMembersIDs Identifiers of the source wallet signing group\\n /// members\\n /// @param walletMemberIndex Position of the caller in the source wallet\\n /// signing group members list\\n /// @param targetWallets List of 20-byte public key hashes of the target\\n /// wallets that the source wallet commits to move the funds to\\n /// @dev Requirements:\\n /// - The source wallet must be in the MovingFunds state\\n /// - The source wallet must not have pending redemption requests\\n /// - The source wallet must not have submitted its commitment already\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given source wallet in the ECDSA registry. Those IDs are\\n /// not directly stored in the contract for gas efficiency purposes\\n /// but they can be read from appropriate `DkgResultSubmitted`\\n /// and `DkgResultApproved` events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n /// - The caller must be the member of the source wallet signing group\\n /// at the position indicated by `walletMemberIndex` parameter\\n /// - The `walletMainUtxo` components must point to the recent main\\n /// UTXO of the source wallet, as currently known on the Ethereum\\n /// chain.\\n /// - Source wallet BTC balance must be greater than zero\\n /// - At least one Live wallet must exist in the system\\n /// - Submitted target wallets count must match the expected count\\n /// `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`\\n /// where `N > 0`\\n /// - Each target wallet must be not equal to the source wallet\\n /// - Each target wallet must follow the expected order i.e. all\\n /// target wallets 20-byte public key hashes represented as numbers\\n /// must form a strictly increasing sequence without duplicates.\\n /// - Each target wallet must be in Live state\\n function submitMovingFundsCommitment(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo,\\n uint32[] calldata walletMembersIDs,\\n uint256 walletMemberIndex,\\n bytes20[] calldata targetWallets\\n ) external {\\n self.submitMovingFundsCommitment(\\n walletPubKeyHash,\\n walletMainUtxo,\\n walletMembersIDs,\\n walletMemberIndex,\\n targetWallets\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC moving funds transaction\\n /// and to make the necessary state changes. Moving funds is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function validates the moving funds transaction structure\\n /// by checking if it actually spends the main UTXO of the declared\\n /// wallet and locks the value on the pre-committed target wallets\\n /// using a reasonable transaction fee. If all preconditions are\\n /// met, this functions closes the source wallet.\\n ///\\n /// It is possible to prove the given moving funds transaction only\\n /// one time.\\n /// @param movingFundsTx Bitcoin moving funds transaction data\\n /// @param movingFundsProof Bitcoin moving funds proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet\\n /// which performed the moving funds transaction\\n /// @dev Requirements:\\n /// - `movingFundsTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `movingFundsTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs corresponding to the\\n /// pre-committed target wallets. Outputs must be ordered in the\\n /// same way as their corresponding target wallets are ordered\\n /// within the target wallets commitment.\\n /// - `movingFundsProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// - The wallet that `walletPubKeyHash` points to must be in the\\n /// MovingFunds state.\\n /// - The target wallets commitment must be submitted by the wallet\\n /// that `walletPubKeyHash` points to.\\n /// - The total Bitcoin transaction fee must be lesser or equal\\n /// to `movingFundsTxMaxTotalFee` governable parameter.\\n function submitMovingFundsProof(\\n BitcoinTx.Info calldata movingFundsTx,\\n BitcoinTx.Proof calldata movingFundsProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n self.submitMovingFundsProof(\\n movingFundsTx,\\n movingFundsProof,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n }\\n\\n /// @notice Notifies about a timed out moving funds process. Terminates\\n /// the wallet and slashes signing group members as a result.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The moving funds timeout must be actually exceeded\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n function notifyMovingFundsTimeout(\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs\\n ) external {\\n self.notifyMovingFundsTimeout(walletPubKeyHash, walletMembersIDs);\\n }\\n\\n /// @notice Notifies about a moving funds wallet whose BTC balance is\\n /// below the moving funds dust threshold. Ends the moving funds\\n /// process and begins wallet closing immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known\\n /// on the Ethereum chain.\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n /// - The wallet BTC balance must be below the moving funds threshold\\n function notifyMovingFundsBelowDust(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n self.notifyMovingFundsBelowDust(walletPubKeyHash, mainUtxo);\\n }\\n\\n /// @notice Requests creation of a new wallet. This function just\\n /// forms a request and the creation process is performed\\n /// asynchronously. Once a wallet is created, the ECDSA Wallet\\n /// Registry will notify this contract by calling the\\n /// `__ecdsaWalletCreatedCallback` function.\\n /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - `activeWalletMainUtxo` components must point to the recent main\\n /// UTXO of the given active wallet, as currently known on the\\n /// Ethereum chain. If there is no active wallet at the moment, or\\n /// the active wallet has no main UTXO, this parameter can be\\n /// empty as it is ignored.\\n /// - Wallet creation must not be in progress\\n /// - If the active wallet is set, one of the following\\n /// conditions must be true:\\n /// - The active wallet BTC balance is above the minimum threshold\\n /// and the active wallet is old enough, i.e. the creation period\\n /// was elapsed since its creation time\\n /// - The active wallet BTC balance is above the maximum threshold\\n function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)\\n external\\n {\\n self.requestNewWallet(activeWalletMainUtxo);\\n }\\n\\n /// @notice A callback function that is called by the ECDSA Wallet Registry\\n /// once a new ECDSA wallet is created.\\n /// @param ecdsaWalletID Wallet's unique identifier.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Given wallet data must not belong to an already registered wallet\\n function __ecdsaWalletCreatedCallback(\\n bytes32 ecdsaWalletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external override {\\n self.registerNewWallet(ecdsaWalletID, publicKeyX, publicKeyY);\\n }\\n\\n /// @notice A callback function that is called by the ECDSA Wallet Registry\\n /// once a wallet heartbeat failure is detected.\\n /// @param publicKeyX Wallet's public key's X coordinate\\n /// @param publicKeyY Wallet's public key's Y coordinate\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Wallet must be in Live state\\n function __ecdsaWalletHeartbeatFailedCallback(\\n bytes32,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external override {\\n self.notifyWalletHeartbeatFailed(publicKeyX, publicKeyY);\\n }\\n\\n /// @notice Notifies that the wallet is either old enough or has too few\\n /// satoshi left and qualifies to be closed.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - Wallet must not be set as the current active wallet\\n /// - Wallet must exceed the wallet maximum age OR the wallet BTC\\n /// balance must be lesser than the minimum threshold. If the latter\\n /// case is true, the `walletMainUtxo` components must point to the\\n /// recent main UTXO of the given wallet, as currently known on the\\n /// Ethereum chain. If the wallet has no main UTXO, this parameter\\n /// can be empty as it is ignored since the wallet balance is\\n /// assumed to be zero.\\n /// - Wallet must be in Live state\\n function notifyCloseableWallet(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) external {\\n self.notifyCloseableWallet(walletPubKeyHash, walletMainUtxo);\\n }\\n\\n /// @notice Notifies about the end of the closing period for the given wallet.\\n /// Closes the wallet ultimately and notifies the ECDSA registry\\n /// about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the Closing state\\n /// - The wallet closing period must have elapsed\\n function notifyWalletClosingPeriodElapsed(bytes20 walletPubKeyHash)\\n external\\n {\\n self.notifyWalletClosingPeriodElapsed(walletPubKeyHash);\\n }\\n\\n /// @notice Submits a fraud challenge indicating that a UTXO being under\\n /// wallet control was unlocked by the wallet but was not used\\n /// according to the protocol rules. That means the wallet signed\\n /// a transaction input pointing to that UTXO and there is a unique\\n /// sighash and signature pair associated with that input. This\\n /// function uses those parameters to create a fraud accusation that\\n /// proves a given transaction input unlocking the given UTXO was\\n /// actually signed by the wallet. This function cannot determine\\n /// whether the transaction was actually broadcast and the input was\\n /// consumed in a fraudulent way so it just opens a challenge period\\n /// during which the wallet can defeat the challenge by submitting\\n /// proof of a transaction that consumes the given input according\\n /// to protocol rules. To prevent spurious allegations, the caller\\n /// must deposit ETH that is returned back upon justified fraud\\n /// challenge or confiscated otherwise.\\n ///@param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @param signature Bitcoin signature in the R/S/V format\\n /// @dev Requirements:\\n /// - Wallet behind `walletPublicKey` must be in Live or MovingFunds\\n /// or Closing state\\n /// - The challenger must send appropriate amount of ETH used as\\n /// fraud challenge deposit\\n /// - The signature (represented by r, s and v) must be generated by\\n /// the wallet behind `walletPubKey` during signing of `sighash`\\n /// - Wallet can be challenged for the given signature only once\\n function submitFraudChallenge(\\n bytes calldata walletPublicKey,\\n bytes32 sighash,\\n BitcoinTx.RSVSignature calldata signature\\n ) external payable {\\n self.submitFraudChallenge(walletPublicKey, sighash, signature);\\n }\\n\\n /// @notice Allows to defeat a pending fraud challenge against a wallet if\\n /// the transaction that spends the UTXO follows the protocol rules.\\n /// In order to defeat the challenge the same `walletPublicKey` and\\n /// signature (represented by `r`, `s` and `v`) must be provided as\\n /// were used to calculate the sighash during input signing.\\n /// The fraud challenge defeat attempt will only succeed if the\\n /// inputs in the preimage are considered honestly spent by the\\n /// wallet. Therefore the transaction spending the UTXO must be\\n /// proven in the Bridge before a challenge defeat is called.\\n /// If successfully defeated, the fraud challenge is marked as\\n /// resolved and the amount of ether deposited by the challenger is\\n /// sent to the treasury.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @param witness Flag indicating whether the preimage was produced for a\\n /// witness input. True for witness, false for non-witness input\\n /// @dev Requirements:\\n /// - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`\\n /// must identify an open fraud challenge\\n /// - the preimage must be a valid preimage of a transaction generated\\n /// according to the protocol rules and already proved in the Bridge\\n /// - before a defeat attempt is made the transaction that spends the\\n /// given UTXO must be proven in the Bridge\\n function defeatFraudChallenge(\\n bytes calldata walletPublicKey,\\n bytes calldata preimage,\\n bool witness\\n ) external {\\n self.defeatFraudChallenge(walletPublicKey, preimage, witness);\\n }\\n\\n /// @notice Notifies about defeat timeout for the given fraud challenge.\\n /// Can be called only if there was a fraud challenge identified by\\n /// the provided `walletPublicKey` and `sighash` and it was not\\n /// defeated on time. The amount of time that needs to pass after\\n /// a fraud challenge is reported is indicated by the\\n /// `challengeDefeatTimeout`. After a successful fraud challenge\\n /// defeat timeout notification the fraud challenge is marked as\\n /// resolved, the stake of each operator is slashed, the ether\\n /// deposited is returned to the challenger and the challenger is\\n /// rewarded.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Closing or\\n /// Terminated state\\n /// - The `walletPublicKey` and `sighash` must identify an open fraud\\n /// challenge\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n /// - The amount of time indicated by `challengeDefeatTimeout` must pass\\n /// after the challenge was reported\\n function notifyFraudChallengeDefeatTimeout(\\n bytes calldata walletPublicKey,\\n uint32[] calldata walletMembersIDs,\\n bytes32 sighash\\n ) external {\\n self.notifyFraudChallengeDefeatTimeout(\\n walletPublicKey,\\n walletMembersIDs,\\n sighash\\n );\\n }\\n\\n /// @notice Allows the Governance to mark the given vault address as trusted\\n /// or no longer trusted. Vaults are not trusted by default.\\n /// Trusted vault must meet the following criteria:\\n /// - `IVault.receiveBalanceIncrease` must have a known, low gas\\n /// cost.\\n /// - `IVault.receiveBalanceIncrease` must never revert.\\n /// @dev Without restricting reveal only to trusted vaults, malicious\\n /// vaults not meeting the criteria would be able to nuke sweep proof\\n /// transactions executed by ECDSA wallet with deposits routed to\\n /// them.\\n /// @param vault The address of the vault\\n /// @param isTrusted flag indicating whether the vault is trusted or not\\n /// @dev Can only be called by the Governance.\\n function setVaultStatus(address vault, bool isTrusted)\\n external\\n onlyGovernance\\n {\\n self.isVaultTrusted[vault] = isTrusted;\\n emit VaultStatusUpdated(vault, isTrusted);\\n }\\n\\n /// @notice Updates parameters of deposits.\\n /// @param depositDustThreshold New value of the deposit dust threshold in\\n /// satoshis. It is the minimal amount that can be requested to\\n //// deposit. Value of this parameter must take into account the value\\n /// of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters\\n /// in order to make requests that can incur the treasury and\\n /// transaction fee and still satisfy the depositor\\n /// @param depositTreasuryFeeDivisor New value of the treasury fee divisor.\\n /// It is the divisor used to compute the treasury fee taken from\\n /// each deposit and transferred to the treasury upon sweep proof\\n /// submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`\\n /// @param depositTxMaxFee New value of the deposit tx max fee in satoshis.\\n /// It is the maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud\\n /// @dev Requirements:\\n /// - Deposit dust threshold must be greater than zero\\n /// - Deposit treasury fee divisor must be greater than zero\\n /// - Deposit transaction max fee must be greater than zero\\n function updateDepositParameters(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n ) external onlyGovernance {\\n self.updateDepositParameters(\\n depositDustThreshold,\\n depositTreasuryFeeDivisor,\\n depositTxMaxFee\\n );\\n }\\n\\n /// @notice Updates parameters of redemptions.\\n /// @param redemptionDustThreshold New value of the redemption dust\\n /// threshold in satoshis. It is the minimal amount that can be\\n /// requested for redemption. Value of this parameter must take into\\n /// account the value of `redemptionTreasuryFeeDivisor` and\\n /// `redemptionTxMaxFee` parameters in order to make requests that\\n /// can incur the treasury and transaction fee and still satisfy the\\n /// redeemer.\\n /// @param redemptionTreasuryFeeDivisor New value of the redemption\\n /// treasury fee divisor. It is the divisor used to compute the\\n /// treasury fee taken from each redemption request and transferred\\n /// to the treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @param redemptionTxMaxFee New value of the redemption transaction max\\n /// fee in satoshis. It is the maximum amount of BTC transaction fee\\n /// that can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction fee\\n /// is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @param redemptionTimeout New value of the redemption timeout in seconds.\\n /// It is the time after which the redemption request can be reported\\n /// as timed out. It is counted from the moment when the redemption\\n /// request was created via `requestRedemption` call. Reported timed\\n /// out requests are cancelled and locked TBTC is returned to the\\n /// redeemer in full amount.\\n /// @param redemptionTimeoutSlashingAmount New value of the redemption\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for redemption timeout\\n /// @param redemptionTimeoutNotifierRewardMultiplier New value of the\\n /// redemption timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a redemption timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @dev Requirements:\\n /// - Redemption dust threshold must be greater than zero\\n /// - Redemption treasury fee divisor must be greater than zero\\n /// - Redemption transaction max fee must be greater than zero\\n /// - Redemption timeout must be greater than zero\\n /// - Redemption timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n function updateRedemptionParameters(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n ) external onlyGovernance {\\n self.updateRedemptionParameters(\\n redemptionDustThreshold,\\n redemptionTreasuryFeeDivisor,\\n redemptionTxMaxFee,\\n redemptionTimeout,\\n redemptionTimeoutSlashingAmount,\\n redemptionTimeoutNotifierRewardMultiplier\\n );\\n }\\n\\n /// @notice Updates parameters of moving funds.\\n /// @param movingFundsTxMaxTotalFee New value of the moving funds transaction\\n /// max total fee in satoshis. It is the maximum amount of the total\\n /// BTC transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @param movingFundsTimeout New value of the moving funds timeout in\\n /// seconds. It is the time after which the moving funds process can\\n /// be reported as timed out. It is counted from the moment when the\\n /// wallet was requested to move their funds and switched to the\\n /// MovingFunds state.\\n /// @param movingFundsTimeoutSlashingAmount New value of the moving funds\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for moving funds timeout\\n /// @param movingFundsTimeoutNotifierRewardMultiplier New value of the\\n /// moving funds timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a moving funds timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @param movingFundsDustThreshold New value of the moving funds dust\\n /// threshold. It is the minimal satoshi amount that makes sense to\\n // be transferred during the moving funds process. Moving funds\\n // wallets having their BTC balance below that value can begin\\n // closing immediately as transferring such a low value may not be\\n // possible due to BTC network fees.\\n /// @dev Requirements:\\n /// - Moving funds transaction max total fee must be greater than zero\\n /// - Moving funds timeout must be greater than zero\\n /// - Moving funds timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n /// - Moving funds dust threshold must be greater than zero\\n function updateMovingFundsParameters(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint96 movingFundsTimeoutSlashingAmount,\\n uint256 movingFundsTimeoutNotifierRewardMultiplier,\\n uint64 movingFundsDustThreshold\\n ) external onlyGovernance {\\n self.updateMovingFundsParameters(\\n movingFundsTxMaxTotalFee,\\n movingFundsTimeout,\\n movingFundsTimeoutSlashingAmount,\\n movingFundsTimeoutNotifierRewardMultiplier,\\n movingFundsDustThreshold\\n );\\n }\\n\\n /// @notice Updates parameters of wallets.\\n /// @param walletCreationPeriod New value of the wallet creation period in\\n /// seconds, determines how frequently a new wallet creation can be\\n /// requested\\n /// @param walletCreationMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param walletCreationMaxBtcBalance New value of the wallet maximum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param walletClosureMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet closure\\n /// @param walletMaxAge New value of the wallet maximum age in seconds,\\n /// indicates the maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested\\n /// @param walletMaxBtcTransfer New value of the wallet maximum BTC transfer\\n /// in satoshi, determines the maximum amount that can be transferred\\n // to a single target wallet during the moving funds process\\n /// @param walletClosingPeriod New value of the wallet closing period in\\n /// seconds, determines the length of the wallet closing period,\\n // i.e. the period when the wallet remains in the Closing state\\n // and can be subject of deposit fraud challenges\\n /// @dev Requirements:\\n /// - Wallet minimum BTC balance must be greater than zero\\n /// - Wallet maximum BTC balance must be greater than the wallet\\n /// minimum BTC balance\\n /// - Wallet maximum BTC transfer must be greater than zero\\n /// - Wallet closing period must be greater than zero\\n function updateWalletParameters(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n ) external onlyGovernance {\\n self.updateWalletParameters(\\n walletCreationPeriod,\\n walletCreationMinBtcBalance,\\n walletCreationMaxBtcBalance,\\n walletClosureMinBtcBalance,\\n walletMaxAge,\\n walletMaxBtcTransfer,\\n walletClosingPeriod\\n );\\n }\\n\\n /// @notice Updates parameters related to frauds.\\n /// @param fraudSlashingAmount New value of the fraud slashing amount in T,\\n /// it is the amount slashed from each wallet member for committing\\n /// a fraud\\n /// @param fraudNotifierRewardMultiplier New value of the fraud notifier\\n /// reward multiplier as percentage, it determines the percentage of\\n /// the notifier reward from the staking contact the notifier of\\n /// a fraud receives. The value must be in the range [0, 100]\\n /// @param fraudChallengeDefeatTimeout New value of the challenge defeat\\n /// timeout in seconds, it is the amount of time the wallet has to\\n /// defeat a fraud challenge. The value must be greater than zero\\n /// @param fraudChallengeDepositAmount New value of the fraud challenge\\n /// deposit amount in wei, it is the amount of ETH the party\\n /// challenging the wallet for fraud needs to deposit\\n /// @dev Requirements:\\n /// - Fraud notifier reward multiplier must be in the range [0, 100]\\n /// - Fraud challenge defeat timeout must be greater than 0\\n function updateFraudParameters(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n ) external onlyGovernance {\\n self.updateFraudParameters(\\n fraudSlashingAmount,\\n fraudNotifierRewardMultiplier,\\n fraudChallengeDefeatTimeout,\\n fraudChallengeDepositAmount\\n );\\n }\\n\\n /// @notice Collection of all revealed deposits indexed by\\n /// keccak256(fundingTxHash | fundingOutputIndex).\\n /// The fundingTxHash is bytes32 (ordered as in Bitcoin internally)\\n /// and fundingOutputIndex an uint32. This mapping may contain valid\\n /// and invalid deposits and the wallet is responsible for\\n /// validating them before attempting to execute a sweep.\\n function deposits(uint256 depositKey)\\n external\\n view\\n returns (Deposit.DepositRequest memory)\\n {\\n return self.deposits[depositKey];\\n }\\n\\n /// @notice Collection of all pending redemption requests indexed by\\n /// redemption key built as\\n /// keccak256(walletPubKeyHash | redeemerOutputScript). The\\n /// walletPubKeyHash is the 20-byte wallet's public key hash\\n /// (computed using Bitcoin HASH160 over the compressed ECDSA\\n /// public key) and redeemerOutputScript is a Bitcoin script\\n /// (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC as requested by the redeemer. Requests are added\\n /// to this mapping by the `requestRedemption` method (duplicates\\n /// not allowed) and are removed by one of the following methods:\\n /// - `submitRedemptionProof` in case the request was handled\\n /// successfully\\n /// - `notifyRedemptionTimeout` in case the request was reported\\n /// to be timed out\\n function pendingRedemptions(uint256 redemptionKey)\\n external\\n view\\n returns (Redemption.RedemptionRequest memory)\\n {\\n return self.pendingRedemptions[redemptionKey];\\n }\\n\\n /// @notice Collection of all timed out redemptions requests indexed by\\n /// redemption key built as\\n /// keccak256(walletPubKeyHash | redeemerOutputScript). The\\n /// walletPubKeyHash is the 20-byte wallet's public key hash\\n /// (computed using Bitcoin HASH160 over the compressed ECDSA\\n /// public key) and redeemerOutputScript is the Bitcoin script\\n /// (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed\\n /// out request. Timed out requests are stored in this mapping to\\n /// avoid slashing the wallets multiple times for the same timeout.\\n /// Only one method can add to this mapping:\\n /// - `notifyRedemptionTimeout` which puts the redemption key\\n /// to this mapping basing on a timed out request stored\\n /// previously in `pendingRedemptions` mapping.\\n function timedOutRedemptions(uint256 redemptionKey)\\n external\\n view\\n returns (Redemption.RedemptionRequest memory)\\n {\\n return self.timedOutRedemptions[redemptionKey];\\n }\\n\\n /// @notice Collection of main UTXOs that are honestly spent indexed by\\n /// keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash\\n /// is bytes32 (ordered as in Bitcoin internally) and\\n /// fundingOutputIndex an uint32. A main UTXO is considered honestly\\n /// spent if it was used as an input of a transaction that have been\\n /// proven in the Bridge.\\n function spentMainUTXOs(uint256 utxoKey) external view returns (bool) {\\n return self.spentMainUTXOs[utxoKey];\\n }\\n\\n /// @notice Gets details about a registered wallet.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @return Wallet details.\\n function wallets(bytes20 walletPubKeyHash)\\n external\\n view\\n returns (Wallets.Wallet memory)\\n {\\n return self.registeredWallets[walletPubKeyHash];\\n }\\n\\n /// @notice Gets the public key hash of the active wallet.\\n /// @return The 20-byte public key hash (computed using Bitcoin HASH160\\n /// over the compressed ECDSA public key) of the active wallet.\\n /// Returns bytes20(0) if there is no active wallet at the moment.\\n function activeWalletPubKeyHash() external view returns (bytes20) {\\n return self.activeWalletPubKeyHash;\\n }\\n\\n /// @notice Gets the live wallets count.\\n /// @return The current count of wallets being in the Live state.\\n function liveWalletsCount() external view returns (uint32) {\\n return self.liveWalletsCount;\\n }\\n\\n /// @notice Returns the fraud challenge identified by the given key built\\n /// as keccak256(walletPublicKey|sighash).\\n function fraudChallenges(uint256 challengeKey)\\n external\\n view\\n returns (Fraud.FraudChallenge memory)\\n {\\n return self.fraudChallenges[challengeKey];\\n }\\n\\n /// @notice Indicates if the vault with the given address is trusted or not.\\n /// Depositors can route their revealed deposits only to trusted\\n /// vaults and have trusted vaults notified about new deposits as\\n /// soon as these deposits get swept. Vaults not trusted by the\\n /// Bridge can still be used by Bank balance owners on their own\\n /// responsibility - anyone can approve their Bank balance to any\\n /// address.\\n function isVaultTrusted(address vault) external view returns (bool) {\\n return self.isVaultTrusted[vault];\\n }\\n\\n /// @notice Returns the current values of Bridge deposit parameters.\\n /// @return depositDustThreshold The minimal amount that can be requested\\n /// to deposit. Value of this parameter must take into account the\\n /// value of `depositTreasuryFeeDivisor` and `depositTxMaxFee`\\n /// parameters in order to make requests that can incur the\\n /// treasury and transaction fee and still satisfy the depositor.\\n /// @return depositTreasuryFeeDivisor Divisor used to compute the treasury\\n /// fee taken from each deposit and transferred to the treasury upon\\n /// sweep proof submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`.\\n /// @return depositTxMaxFee Maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud.\\n function depositParameters()\\n external\\n view\\n returns (\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n )\\n {\\n depositDustThreshold = self.depositDustThreshold;\\n depositTreasuryFeeDivisor = self.depositTreasuryFeeDivisor;\\n depositTxMaxFee = self.depositTxMaxFee;\\n }\\n\\n /// @notice Returns the current values of Bridge redemption parameters.\\n /// @return redemptionDustThreshold The minimal amount that can be requested\\n /// for redemption. Value of this parameter must take into account\\n /// the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`\\n /// parameters in order to make requests that can incur the\\n /// treasury and transaction fee and still satisfy the redeemer.\\n /// @return redemptionTreasuryFeeDivisor Divisor used to compute the treasury\\n /// fee taken from each redemption request and transferred to the\\n /// treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @return redemptionTxMaxFee Maximum amount of BTC transaction fee that\\n /// can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction\\n /// fee is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @return redemptionTimeout Time after which the redemption request can be\\n /// reported as timed out. It is counted from the moment when the\\n /// redemption request was created via `requestRedemption` call.\\n /// Reported timed out requests are cancelled and locked TBTC is\\n /// returned to the redeemer in full amount.\\n /// @return redemptionTimeoutSlashingAmount The amount of stake slashed\\n /// from each member of a wallet for a redemption timeout.\\n /// @return redemptionTimeoutNotifierRewardMultiplier The percentage of the\\n /// notifier reward from the staking contract the notifier of a\\n /// redemption timeout receives. The value is in the range [0, 100].\\n function redemptionParameters()\\n external\\n view\\n returns (\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n )\\n {\\n redemptionDustThreshold = self.redemptionDustThreshold;\\n redemptionTreasuryFeeDivisor = self.redemptionTreasuryFeeDivisor;\\n redemptionTxMaxFee = self.redemptionTxMaxFee;\\n redemptionTimeout = self.redemptionTimeout;\\n redemptionTimeoutSlashingAmount = self.redemptionTimeoutSlashingAmount;\\n redemptionTimeoutNotifierRewardMultiplier = self\\n .redemptionTimeoutNotifierRewardMultiplier;\\n }\\n\\n /// @notice Returns the current values of Bridge moving funds between\\n /// wallets parameters.\\n /// @return movingFundsTxMaxTotalFee Maximum amount of the total BTC\\n /// transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @return movingFundsTimeout Time after which the moving funds process\\n /// can be reported as timed out. It is counted from the moment\\n /// when the wallet was requested to move their funds and switched\\n /// to the MovingFunds state. Value in seconds.\\n /// @return movingFundsTimeoutSlashingAmount The amount of stake slashed\\n /// from each member of a wallet for a moving funds timeout.\\n /// @return movingFundsTimeoutNotifierRewardMultiplier The percentage of the\\n /// notifier reward from the staking contract the notifier of a\\n /// moving funds timeout receives. The value is in the range [0, 100].\\n /// @return movingFundsDustThreshold The minimal satoshi amount that makes\\n // sense to be transferred during the moving funds process. Moving\\n // funds wallets having their BTC balance below that value can\\n // begin closing immediately as transferring such a low value may\\n // not be possible due to BTC network fees.\\n function movingFundsParameters()\\n external\\n view\\n returns (\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint96 movingFundsTimeoutSlashingAmount,\\n uint256 movingFundsTimeoutNotifierRewardMultiplier,\\n uint64 movingFundsDustThreshold\\n )\\n {\\n movingFundsTxMaxTotalFee = self.movingFundsTxMaxTotalFee;\\n movingFundsTimeout = self.movingFundsTimeout;\\n movingFundsTimeoutSlashingAmount = self\\n .movingFundsTimeoutSlashingAmount;\\n movingFundsTimeoutNotifierRewardMultiplier = self\\n .movingFundsTimeoutNotifierRewardMultiplier;\\n movingFundsDustThreshold = self.movingFundsDustThreshold;\\n }\\n\\n /// @return walletCreationPeriod Determines how frequently a new wallet\\n /// creation can be requested. Value in seconds.\\n /// @return walletCreationMinBtcBalance The minimum BTC threshold in satoshi\\n /// that is used to decide about wallet creation.\\n /// @return walletCreationMaxBtcBalance The maximum BTC threshold in satoshi\\n /// that is used to decide about wallet creation.\\n /// @return walletClosureMinBtcBalance The minimum BTC threshold in satoshi\\n /// that is used to decide about wallet closure.\\n /// @return walletMaxAge The maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested.\\n /// @return walletMaxBtcTransfer The maximum BTC amount in satoshi than\\n /// can be transferred to a single target wallet during the moving\\n /// funds process.\\n /// @return walletClosingPeriod Determines the length of the wallet closing\\n /// period, i.e. the period when the wallet remains in the Closing\\n /// state and can be subject of deposit fraud challenges. Value\\n /// in seconds.\\n function walletParameters()\\n external\\n view\\n returns (\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n )\\n {\\n walletCreationPeriod = self.walletCreationPeriod;\\n walletCreationMinBtcBalance = self.walletCreationMinBtcBalance;\\n walletCreationMaxBtcBalance = self.walletCreationMaxBtcBalance;\\n walletClosureMinBtcBalance = self.walletClosureMinBtcBalance;\\n walletMaxAge = self.walletMaxAge;\\n walletMaxBtcTransfer = self.walletMaxBtcTransfer;\\n walletClosingPeriod = self.walletClosingPeriod;\\n }\\n\\n /// @notice Returns the current values of Bridge fraud parameters.\\n /// @return fraudSlashingAmount The amount slashed from each wallet member\\n /// for committing a fraud.\\n /// @return fraudNotifierRewardMultiplier The percentage of the notifier\\n /// reward from the staking contract the notifier of a fraud\\n /// receives. The value is in the range [0, 100].\\n /// @return fraudChallengeDefeatTimeout The amount of time the wallet has to\\n /// defeat a fraud challenge.\\n /// @return fraudChallengeDepositAmount The amount of ETH in wei the party\\n /// challenging the wallet for fraud needs to deposit.\\n function fraudParameters()\\n external\\n view\\n returns (\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n )\\n {\\n fraudSlashingAmount = self.fraudSlashingAmount;\\n fraudNotifierRewardMultiplier = self.fraudNotifierRewardMultiplier;\\n fraudChallengeDefeatTimeout = self.fraudChallengeDefeatTimeout;\\n fraudChallengeDepositAmount = self.fraudChallengeDepositAmount;\\n }\\n\\n /// @notice Returns the addresses of contracts Bridge is interacting with.\\n /// @return bank Address of the Bank the Bridge belongs to.\\n /// @return relay Address of the Bitcoin relay providing the current Bitcoin\\n /// network difficulty.\\n /// @return ecdsaWalletRegistry Address of the ECDSA Wallet Registry.\\n function contractReferences()\\n external\\n view\\n returns (\\n Bank bank,\\n IRelay relay,\\n EcdsaWalletRegistry ecdsaWalletRegistry\\n )\\n {\\n bank = self.bank;\\n relay = self.relay;\\n ecdsaWalletRegistry = self.ecdsaWalletRegistry;\\n }\\n\\n /// @notice Address where the deposit treasury fees will be sent to.\\n /// Treasury takes part in the operators rewarding process.\\n function treasury() external view returns (address) {\\n return self.treasury;\\n }\\n\\n /// @notice The number of confirmations on the Bitcoin chain required to\\n /// successfully evaluate an SPV proof.\\n function txProofDifficultyFactor() external view returns (uint256) {\\n return self.txProofDifficultyFactor;\\n }\\n}\\n\",\"keccak256\":\"0x57c05f7040b4716286a8016b9d4d683a3e5700767b9007c30332a131589a25c7\",\"license\":\"MIT\"},\"contracts/bridge/BridgeState.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {IWalletRegistry as EcdsaWalletRegistry} from \\\"@keep-network/ecdsa/contracts/api/IWalletRegistry.sol\\\";\\n\\nimport \\\"./IRelay.sol\\\";\\nimport \\\"./Deposit.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./Fraud.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\nlibrary BridgeState {\\n // TODO: Make parameters governable\\n struct Storage {\\n // Address of the Bank the Bridge belongs to.\\n Bank bank;\\n // Bitcoin relay providing the current Bitcoin network difficulty.\\n IRelay relay;\\n // ECDSA Wallet Registry contract handle.\\n EcdsaWalletRegistry ecdsaWalletRegistry;\\n // The number of confirmations on the Bitcoin chain required to\\n // successfully evaluate an SPV proof.\\n uint256 txProofDifficultyFactor;\\n // Address where the deposit and redemption treasury fees will be sent\\n // to. Treasury takes part in the operators rewarding process.\\n address treasury;\\n // The minimal amount that can be requested to deposit.\\n // Value of this parameter must take into account the value of\\n // `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters in order\\n // to make requests that can incur the treasury and transaction fee and\\n // still satisfy the depositor.\\n uint64 depositDustThreshold;\\n // Divisor used to compute the treasury fee taken from each deposit and\\n // transferred to the treasury upon sweep proof submission. That fee is\\n // computed as follows:\\n // `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n // For example, if the treasury fee needs to be 2% of each deposit,\\n // the `depositTreasuryFeeDivisor` should be set to `50` because\\n // `1/50 = 0.02 = 2%`.\\n uint64 depositTreasuryFeeDivisor;\\n // Maximum amount of BTC transaction fee that can be incurred by each\\n // swept deposit being part of the given sweep transaction. If the\\n // maximum BTC transaction fee is exceeded, such transaction is\\n // considered a fraud.\\n //\\n // This is a per-deposit input max fee for the sweep transaction.\\n uint64 depositTxMaxFee;\\n // Collection of all revealed deposits indexed by\\n // `keccak256(fundingTxHash | fundingOutputIndex)`.\\n // The `fundingTxHash` is `bytes32` (ordered as in Bitcoin internally)\\n // and `fundingOutputIndex` an `uint32`. This mapping may contain valid\\n // and invalid deposits and the wallet is responsible for validating\\n // them before attempting to execute a sweep.\\n mapping(uint256 => Deposit.DepositRequest) deposits;\\n // Indicates if the vault with the given address is trusted or not.\\n // Depositors can route their revealed deposits only to trusted vaults\\n // and have trusted vaults notified about new deposits as soon as these\\n // deposits get swept. Vaults not trusted by the Bridge can still be\\n // used by Bank balance owners on their own responsibility - anyone can\\n // approve their Bank balance to any address.\\n mapping(address => bool) isVaultTrusted;\\n // Maximum amount of the total BTC transaction fee that is acceptable in\\n // a single moving funds transaction.\\n //\\n // This is a TOTAL max fee for the moving funds transaction. Note\\n // that `depositTxMaxFee` is per single deposit and `redemptionTxMaxFee`\\n // if per single redemption. `movingFundsTxMaxTotalFee` is a total\\n // fee for the entire transaction.\\n uint64 movingFundsTxMaxTotalFee;\\n // Time after which the moving funds process can be reported as\\n // timed out. It is counted from the moment when the wallet\\n // was requested to move their funds and switched to the MovingFunds\\n // state. Value in seconds.\\n uint32 movingFundsTimeout;\\n // The amount of stake slashed from each member of a wallet for a moving\\n // funds timeout.\\n uint96 movingFundsTimeoutSlashingAmount;\\n // The percentage of the notifier reward from the staking contract\\n // the notifier of a moving funds timeout receives. The value is in the\\n // range [0, 100].\\n uint256 movingFundsTimeoutNotifierRewardMultiplier;\\n // The minimal satoshi amount that makes sense to be transferred during\\n // the moving funds process. Moving funds wallets having their BTC\\n // balance below that value can begin closing immediately as\\n // transferring such a low value may not be possible due to\\n // BTC network fees.\\n uint64 movingFundsDustThreshold;\\n // The minimal amount that can be requested for redemption.\\n // Value of this parameter must take into account the value of\\n // `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`\\n // parameters in order to make requests that can incur the\\n // treasury and transaction fee and still satisfy the redeemer.\\n uint64 redemptionDustThreshold;\\n // Divisor used to compute the treasury fee taken from each\\n // redemption request and transferred to the treasury upon\\n // successful request finalization. That fee is computed as follows:\\n // `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n // For example, if the treasury fee needs to be 2% of each\\n // redemption request, the `redemptionTreasuryFeeDivisor` should\\n // be set to `50` because `1/50 = 0.02 = 2%`.\\n uint64 redemptionTreasuryFeeDivisor;\\n // Maximum amount of BTC transaction fee that can be incurred by\\n // each redemption request being part of the given redemption\\n // transaction. If the maximum BTC transaction fee is exceeded, such\\n // transaction is considered a fraud.\\n //\\n // This is a per-redemption output max fee for the redemption\\n // transaction.\\n uint64 redemptionTxMaxFee;\\n // Time after which the redemption request can be reported as\\n // timed out. It is counted from the moment when the redemption\\n // request was created via `requestRedemption` call. Reported\\n // timed out requests are cancelled and locked TBTC is returned\\n // to the redeemer in full amount.\\n uint256 redemptionTimeout;\\n // The amount of stake slashed from each member of a wallet for a\\n // redemption timeout.\\n uint96 redemptionTimeoutSlashingAmount;\\n // The percentage of the notifier reward from the staking contract\\n // the notifier of a redemption timeout receives. The value is in the\\n // range [0, 100].\\n uint256 redemptionTimeoutNotifierRewardMultiplier;\\n // Collection of all pending redemption requests indexed by\\n // redemption key built as\\n // `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n // The `walletPubKeyHash` is the 20-byte wallet's public key hash\\n // (computed using Bitcoin HASH160 over the compressed ECDSA\\n // public key) and `redeemerOutputScript` is a Bitcoin script\\n // (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n // redeemed BTC as requested by the redeemer. Requests are added\\n // to this mapping by the `requestRedemption` method (duplicates\\n // not allowed) and are removed by one of the following methods:\\n // - `submitRedemptionProof` in case the request was handled\\n // successfully\\n // - `notifyRedemptionTimeout` in case the request was reported\\n // to be timed out\\n mapping(uint256 => Redemption.RedemptionRequest) pendingRedemptions;\\n // Collection of all timed out redemptions requests indexed by\\n // redemption key built as\\n // `keccak256(walletPubKeyHash | redeemerOutputScript)`. The\\n // `walletPubKeyHash` is the 20-byte wallet's public key hash\\n // (computed using Bitcoin HASH160 over the compressed ECDSA\\n // public key) and `redeemerOutputScript` is the Bitcoin script\\n // (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed\\n // out request. Timed out requests are stored in this mapping to\\n // avoid slashing the wallets multiple times for the same timeout.\\n // Only one method can add to this mapping:\\n // - `notifyRedemptionTimeout` which puts the redemption key to this\\n // mapping basing on a timed out request stored previously in\\n // `pendingRedemptions` mapping.\\n mapping(uint256 => Redemption.RedemptionRequest) timedOutRedemptions;\\n // The amount of stake slashed from each member of a wallet for a fraud.\\n uint96 fraudSlashingAmount;\\n // The percentage of the notifier reward from the staking contract\\n // the notifier of a fraud receives. The value is in the range [0, 100].\\n uint256 fraudNotifierRewardMultiplier;\\n // The amount of time the wallet has to defeat a fraud challenge.\\n uint256 fraudChallengeDefeatTimeout;\\n // The amount of ETH in wei the party challenging the wallet for fraud\\n // needs to deposit.\\n uint256 fraudChallengeDepositAmount;\\n // Collection of all submitted fraud challenges indexed by challenge\\n // key built as `keccak256(walletPublicKey|sighash)`.\\n mapping(uint256 => Fraud.FraudChallenge) fraudChallenges;\\n // Collection of main UTXOs that are honestly spent indexed by\\n // `keccak256(fundingTxHash | fundingOutputIndex)`. The `fundingTxHash`\\n // is `bytes32` (ordered as in Bitcoin internally) and\\n // `fundingOutputIndex` an `uint32`. A main UTXO is considered honestly\\n // spent if it was used as an input of a transaction that have been\\n // proven in the Bridge.\\n mapping(uint256 => bool) spentMainUTXOs;\\n // Determines how frequently a new wallet creation can be requested.\\n // Value in seconds.\\n uint32 walletCreationPeriod;\\n // The minimum BTC threshold in satoshi that is used to decide about\\n // wallet creation. Specifically, we allow for the creation of a new\\n // wallet if the active wallet is old enough and their amount of BTC\\n // is greater than or equal this threshold.\\n uint64 walletCreationMinBtcBalance;\\n // The maximum BTC threshold in satoshi that is used to decide about\\n // wallet creation. Specifically, we allow for the creation of a new\\n // wallet if the active wallet's amount of BTC is greater than or equal\\n // this threshold, regardless of the active wallet's age.\\n uint64 walletCreationMaxBtcBalance;\\n // The minimum BTC threshold in satoshi that is used to decide about\\n // wallet closing. Specifically, we allow for the closure of the given\\n // wallet if their amount of BTC is lesser than this threshold,\\n // regardless of the wallet's age.\\n uint64 walletClosureMinBtcBalance;\\n // The maximum age of a wallet in seconds, after which the wallet\\n // moving funds process can be requested.\\n uint32 walletMaxAge;\\n // 20-byte wallet public key hash being reference to the currently\\n // active wallet. Can be unset to the zero value under certain\\n // circumstances.\\n bytes20 activeWalletPubKeyHash;\\n // The current number of wallets in the Live state.\\n uint32 liveWalletsCount;\\n // The maximum BTC amount in satoshi than can be transferred to a single\\n // target wallet during the moving funds process.\\n uint64 walletMaxBtcTransfer;\\n // Determines the length of the wallet closing period, i.e. the period\\n // when the wallet remains in the Closing state and can be subject\\n // of deposit fraud challenges. This value is in seconds and should be\\n // greater than the deposit refund time plus some time margin.\\n uint32 walletClosingPeriod;\\n // Maps the 20-byte wallet public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) to the basic wallet\\n // information like state and pending redemptions value.\\n mapping(bytes20 => Wallets.Wallet) registeredWallets;\\n }\\n\\n event DepositParametersUpdated(\\n uint64 depositDustThreshold,\\n uint64 depositTreasuryFeeDivisor,\\n uint64 depositTxMaxFee\\n );\\n\\n event RedemptionParametersUpdated(\\n uint64 redemptionDustThreshold,\\n uint64 redemptionTreasuryFeeDivisor,\\n uint64 redemptionTxMaxFee,\\n uint256 redemptionTimeout,\\n uint96 redemptionTimeoutSlashingAmount,\\n uint256 redemptionTimeoutNotifierRewardMultiplier\\n );\\n\\n event MovingFundsParametersUpdated(\\n uint64 movingFundsTxMaxTotalFee,\\n uint32 movingFundsTimeout,\\n uint96 movingFundsTimeoutSlashingAmount,\\n uint256 movingFundsTimeoutNotifierRewardMultiplier,\\n uint64 movingFundsDustThreshold\\n );\\n\\n event WalletParametersUpdated(\\n uint32 walletCreationPeriod,\\n uint64 walletCreationMinBtcBalance,\\n uint64 walletCreationMaxBtcBalance,\\n uint64 walletClosureMinBtcBalance,\\n uint32 walletMaxAge,\\n uint64 walletMaxBtcTransfer,\\n uint32 walletClosingPeriod\\n );\\n\\n event FraudParametersUpdated(\\n uint96 fraudSlashingAmount,\\n uint256 fraudNotifierRewardMultiplier,\\n uint256 fraudChallengeDefeatTimeout,\\n uint256 fraudChallengeDepositAmount\\n );\\n\\n /// @notice Updates parameters of deposits.\\n /// @param _depositDustThreshold New value of the deposit dust threshold in\\n /// satoshis. It is the minimal amount that can be requested to\\n //// deposit. Value of this parameter must take into account the value\\n /// of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters\\n /// in order to make requests that can incur the treasury and\\n /// transaction fee and still satisfy the depositor\\n /// @param _depositTreasuryFeeDivisor New value of the treasury fee divisor.\\n /// It is the divisor used to compute the treasury fee taken from\\n /// each deposit and transferred to the treasury upon sweep proof\\n /// submission. That fee is computed as follows:\\n /// `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each deposit,\\n /// the `depositTreasuryFeeDivisor` should be set to `50`\\n /// because `1/50 = 0.02 = 2%`\\n /// @param _depositTxMaxFee New value of the deposit tx max fee in satoshis.\\n /// It is the maximum amount of BTC transaction fee that can\\n /// be incurred by each swept deposit being part of the given sweep\\n /// transaction. If the maximum BTC transaction fee is exceeded,\\n /// such transaction is considered a fraud\\n /// @dev Requirements:\\n /// - Deposit dust threshold must be greater than zero\\n /// - Deposit treasury fee divisor must be greater than zero\\n /// - Deposit transaction max fee must be greater than zero\\n function updateDepositParameters(\\n Storage storage self,\\n uint64 _depositDustThreshold,\\n uint64 _depositTreasuryFeeDivisor,\\n uint64 _depositTxMaxFee\\n ) internal {\\n require(\\n _depositDustThreshold > 0,\\n \\\"Deposit dust threshold must be greater than zero\\\"\\n );\\n\\n require(\\n _depositTreasuryFeeDivisor > 0,\\n \\\"Deposit treasury fee divisor must be greater than zero\\\"\\n );\\n\\n require(\\n _depositTxMaxFee > 0,\\n \\\"Deposit transaction max fee must be greater than zero\\\"\\n );\\n\\n self.depositDustThreshold = _depositDustThreshold;\\n self.depositTreasuryFeeDivisor = _depositTreasuryFeeDivisor;\\n self.depositTxMaxFee = _depositTxMaxFee;\\n\\n emit DepositParametersUpdated(\\n _depositDustThreshold,\\n _depositTreasuryFeeDivisor,\\n _depositTxMaxFee\\n );\\n }\\n\\n /// @notice Updates parameters of redemptions.\\n /// @param _redemptionDustThreshold New value of the redemption dust\\n /// threshold in satoshis. It is the minimal amount that can be\\n /// requested for redemption. Value of this parameter must take into\\n /// account the value of `redemptionTreasuryFeeDivisor` and\\n /// `redemptionTxMaxFee` parameters in order to make requests that\\n /// can incur the treasury and transaction fee and still satisfy the\\n /// redeemer.\\n /// @param _redemptionTreasuryFeeDivisor New value of the redemption\\n /// treasury fee divisor. It is the divisor used to compute the\\n /// treasury fee taken from each redemption request and transferred\\n /// to the treasury upon successful request finalization. That fee is\\n /// computed as follows:\\n /// `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`\\n /// For example, if the treasury fee needs to be 2% of each\\n /// redemption request, the `redemptionTreasuryFeeDivisor` should\\n /// be set to `50` because `1/50 = 0.02 = 2%`.\\n /// @param _redemptionTxMaxFee New value of the redemption transaction max\\n /// fee in satoshis. It is the maximum amount of BTC transaction fee\\n /// that can be incurred by each redemption request being part of the\\n /// given redemption transaction. If the maximum BTC transaction fee\\n /// is exceeded, such transaction is considered a fraud.\\n /// This is a per-redemption output max fee for the redemption\\n /// transaction.\\n /// @param _redemptionTimeout New value of the redemption timeout in seconds.\\n /// It is the time after which the redemption request can be reported\\n /// as timed out. It is counted from the moment when the redemption\\n /// request was created via `requestRedemption` call. Reported timed\\n /// out requests are cancelled and locked TBTC is returned to the\\n /// redeemer in full amount.\\n /// @param _redemptionTimeoutSlashingAmount New value of the redemption\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for redemption timeout\\n /// @param _redemptionTimeoutNotifierRewardMultiplier New value of the\\n /// redemption timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a redemption timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @dev Requirements:\\n /// - Redemption dust threshold must be greater than zero\\n /// - Redemption treasury fee divisor must be greater than zero\\n /// - Redemption transaction max fee must be greater than zero\\n /// - Redemption timeout must be greater than zero\\n /// - Redemption timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n function updateRedemptionParameters(\\n Storage storage self,\\n uint64 _redemptionDustThreshold,\\n uint64 _redemptionTreasuryFeeDivisor,\\n uint64 _redemptionTxMaxFee,\\n uint256 _redemptionTimeout,\\n uint96 _redemptionTimeoutSlashingAmount,\\n uint256 _redemptionTimeoutNotifierRewardMultiplier\\n ) internal {\\n require(\\n _redemptionDustThreshold > 0,\\n \\\"Redemption dust threshold must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTreasuryFeeDivisor > 0,\\n \\\"Redemption treasury fee divisor must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTxMaxFee > 0,\\n \\\"Redemption transaction max fee must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTimeout > 0,\\n \\\"Redemption timeout must be greater than zero\\\"\\n );\\n\\n require(\\n _redemptionTimeoutNotifierRewardMultiplier <= 100,\\n \\\"Redemption timeout notifier reward multiplier must be in the range [0, 100]\\\"\\n );\\n\\n self.redemptionDustThreshold = _redemptionDustThreshold;\\n self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;\\n self.redemptionTxMaxFee = _redemptionTxMaxFee;\\n self.redemptionTimeout = _redemptionTimeout;\\n self.redemptionTimeoutSlashingAmount = _redemptionTimeoutSlashingAmount;\\n self\\n .redemptionTimeoutNotifierRewardMultiplier = _redemptionTimeoutNotifierRewardMultiplier;\\n\\n emit RedemptionParametersUpdated(\\n _redemptionDustThreshold,\\n _redemptionTreasuryFeeDivisor,\\n _redemptionTxMaxFee,\\n _redemptionTimeout,\\n _redemptionTimeoutSlashingAmount,\\n _redemptionTimeoutNotifierRewardMultiplier\\n );\\n }\\n\\n /// @notice Updates parameters of moving funds.\\n /// @param _movingFundsTxMaxTotalFee New value of the moving funds transaction\\n /// max total fee in satoshis. It is the maximum amount of the total\\n /// BTC transaction fee that is acceptable in a single moving funds\\n /// transaction. This is a _total_ max fee for the entire moving\\n /// funds transaction.\\n /// @param _movingFundsTimeout New value of the moving funds timeout in\\n /// seconds. It is the time after which the moving funds process can\\n /// be reported as timed out. It is counted from the moment when the\\n /// wallet was requested to move their funds and switched to the\\n /// MovingFunds state.\\n /// @param _movingFundsTimeoutSlashingAmount New value of the moving funds\\n /// timeout slashing amount in T, it is the amount slashed from each\\n /// wallet member for moving funds timeout\\n /// @param _movingFundsTimeoutNotifierRewardMultiplier New value of the\\n /// moving funds timeout notifier reward multiplier as percentage,\\n /// it determines the percentage of the notifier reward from the\\n /// staking contact the notifier of a moving funds timeout receives.\\n /// The value must be in the range [0, 100]\\n /// @param _movingFundsDustThreshold New value of the moving funds dust\\n /// threshold. It is the minimal satoshi amount that makes sense to\\n // be transferred during the moving funds process. Moving funds\\n // wallets having their BTC balance below that value can begin\\n // closing immediately as transferring such a low value may not be\\n // possible due to BTC network fees.\\n /// @dev Requirements:\\n /// - Moving funds transaction max total fee must be greater than zero\\n /// - Moving funds timeout must be greater than zero\\n /// - Moving funds timeout notifier reward multiplier must be in the\\n /// range [0, 100]\\n /// - Moving funds dust threshold must be greater than zero\\n function updateMovingFundsParameters(\\n Storage storage self,\\n uint64 _movingFundsTxMaxTotalFee,\\n uint32 _movingFundsTimeout,\\n uint96 _movingFundsTimeoutSlashingAmount,\\n uint256 _movingFundsTimeoutNotifierRewardMultiplier,\\n uint64 _movingFundsDustThreshold\\n ) internal {\\n require(\\n _movingFundsTxMaxTotalFee > 0,\\n \\\"Moving funds transaction max total fee must be greater than zero\\\"\\n );\\n\\n require(\\n _movingFundsTimeout > 0,\\n \\\"Moving funds timeout must be greater than zero\\\"\\n );\\n\\n require(\\n _movingFundsTimeoutNotifierRewardMultiplier <= 100,\\n \\\"Moving funds timeout notifier reward multiplier must be in the range [0, 100]\\\"\\n );\\n\\n require(\\n _movingFundsDustThreshold > 0,\\n \\\"Moving funds dust threshold must be greater than zero\\\"\\n );\\n\\n self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;\\n self.movingFundsTimeout = _movingFundsTimeout;\\n self\\n .movingFundsTimeoutSlashingAmount = _movingFundsTimeoutSlashingAmount;\\n self\\n .movingFundsTimeoutNotifierRewardMultiplier = _movingFundsTimeoutNotifierRewardMultiplier;\\n self.movingFundsDustThreshold = _movingFundsDustThreshold;\\n\\n emit MovingFundsParametersUpdated(\\n _movingFundsTxMaxTotalFee,\\n _movingFundsTimeout,\\n _movingFundsTimeoutSlashingAmount,\\n _movingFundsTimeoutNotifierRewardMultiplier,\\n _movingFundsDustThreshold\\n );\\n }\\n\\n /// @notice Updates parameters of wallets.\\n /// @param _walletCreationPeriod New value of the wallet creation period in\\n /// seconds, determines how frequently a new wallet creation can be\\n /// requested\\n /// @param _walletCreationMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param _walletCreationMaxBtcBalance New value of the wallet maximum BTC\\n /// balance in satoshi, used to decide about wallet creation\\n /// @param _walletClosureMinBtcBalance New value of the wallet minimum BTC\\n /// balance in satoshi, used to decide about wallet closure\\n /// @param _walletMaxAge New value of the wallet maximum age in seconds,\\n /// indicates the maximum age of a wallet in seconds, after which\\n /// the wallet moving funds process can be requested\\n /// @param _walletMaxBtcTransfer New value of the wallet maximum BTC transfer\\n /// in satoshi, determines the maximum amount that can be transferred\\n /// to a single target wallet during the moving funds process\\n /// @param _walletClosingPeriod New value of the wallet closing period in\\n /// seconds, determines the length of the wallet closing period,\\n // i.e. the period when the wallet remains in the Closing state\\n // and can be subject of deposit fraud challenges\\n /// @dev Requirements:\\n /// - Wallet minimum BTC balance must be greater than zero\\n /// - Wallet maximum BTC balance must be greater than the wallet\\n /// minimum BTC balance\\n /// - Wallet maximum BTC transfer must be greater than zero\\n /// - Wallet closing period must be greater than zero\\n function updateWalletParameters(\\n Storage storage self,\\n uint32 _walletCreationPeriod,\\n uint64 _walletCreationMinBtcBalance,\\n uint64 _walletCreationMaxBtcBalance,\\n uint64 _walletClosureMinBtcBalance,\\n uint32 _walletMaxAge,\\n uint64 _walletMaxBtcTransfer,\\n uint32 _walletClosingPeriod\\n ) internal {\\n require(\\n _walletCreationMaxBtcBalance > _walletCreationMinBtcBalance,\\n \\\"Wallet creation maximum BTC balance must be greater than the creation minimum BTC balance\\\"\\n );\\n require(\\n _walletClosureMinBtcBalance > 0,\\n \\\"Wallet closure minimum BTC balance must be greater than zero\\\"\\n );\\n require(\\n _walletMaxBtcTransfer > 0,\\n \\\"Wallet maximum BTC transfer must be greater than zero\\\"\\n );\\n require(\\n _walletClosingPeriod > 0,\\n \\\"Wallet closing period must be greater than zero\\\"\\n );\\n\\n self.walletCreationPeriod = _walletCreationPeriod;\\n self.walletCreationMinBtcBalance = _walletCreationMinBtcBalance;\\n self.walletCreationMaxBtcBalance = _walletCreationMaxBtcBalance;\\n self.walletClosureMinBtcBalance = _walletClosureMinBtcBalance;\\n self.walletMaxAge = _walletMaxAge;\\n self.walletMaxBtcTransfer = _walletMaxBtcTransfer;\\n self.walletClosingPeriod = _walletClosingPeriod;\\n\\n emit WalletParametersUpdated(\\n _walletCreationPeriod,\\n _walletCreationMinBtcBalance,\\n _walletCreationMaxBtcBalance,\\n _walletClosureMinBtcBalance,\\n _walletMaxAge,\\n _walletMaxBtcTransfer,\\n _walletClosingPeriod\\n );\\n }\\n\\n /// @notice Updates parameters related to frauds.\\n /// @param _fraudSlashingAmount New value of the fraud slashing amount in T,\\n /// it is the amount slashed from each wallet member for committing\\n /// a fraud\\n /// @param _fraudNotifierRewardMultiplier New value of the fraud notifier\\n /// reward multiplier as percentage, it determines the percentage of\\n /// the notifier reward from the staking contact the notifier of\\n /// a fraud receives. The value must be in the range [0, 100]\\n /// @param _fraudChallengeDefeatTimeout New value of the challenge defeat\\n /// timeout in seconds, it is the amount of time the wallet has to\\n /// defeat a fraud challenge. The value must be greater than zero\\n /// @param _fraudChallengeDepositAmount New value of the fraud challenge\\n /// deposit amount in wei, it is the amount of ETH the party\\n /// challenging the wallet for fraud needs to deposit\\n /// @dev Requirements:\\n /// - Fraud notifier reward multiplier must be in the range [0, 100]\\n /// - Fraud challenge defeat timeout must be greater than 0\\n function updateFraudParameters(\\n Storage storage self,\\n uint96 _fraudSlashingAmount,\\n uint256 _fraudNotifierRewardMultiplier,\\n uint256 _fraudChallengeDefeatTimeout,\\n uint256 _fraudChallengeDepositAmount\\n ) internal {\\n require(\\n _fraudNotifierRewardMultiplier <= 100,\\n \\\"Fraud notifier reward multiplier must be in the range [0, 100]\\\"\\n );\\n\\n require(\\n _fraudChallengeDefeatTimeout > 0,\\n \\\"Fraud challenge defeat timeout must be greater than zero\\\"\\n );\\n\\n self.fraudSlashingAmount = _fraudSlashingAmount;\\n self.fraudNotifierRewardMultiplier = _fraudNotifierRewardMultiplier;\\n self.fraudChallengeDefeatTimeout = _fraudChallengeDefeatTimeout;\\n self.fraudChallengeDepositAmount = _fraudChallengeDepositAmount;\\n\\n emit FraudParametersUpdated(\\n _fraudSlashingAmount,\\n _fraudNotifierRewardMultiplier,\\n _fraudChallengeDefeatTimeout,\\n _fraudChallengeDepositAmount\\n );\\n }\\n}\\n\",\"keccak256\":\"0x821b1146c4afb77f4943cde60b2565d1cbf11dd64889e302f926fdaacffead90\",\"license\":\"MIT\"},\"contracts/bridge/Deposit.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Bridge deposit\\n/// @notice The library handles the logic for revealing Bitcoin deposits to\\n/// the Bridge.\\n/// @dev The depositor puts together a P2SH or P2WSH address to deposit the\\n/// funds. This script is unique to each depositor and looks like this:\\n///\\n/// ```\\n/// <depositorAddress> DROP\\n/// <blindingFactor> DROP\\n/// DUP HASH160 <walletPubKeyHash> EQUAL\\n/// IF\\n/// CHECKSIG\\n/// ELSE\\n/// DUP HASH160 <refundPubkeyHash> EQUALVERIFY\\n/// <refundLocktime> CHECKLOCKTIMEVERIFY DROP\\n/// CHECKSIG\\n/// ENDIF\\n/// ```\\n///\\n/// Since each depositor has their own Ethereum address and their own\\n/// secret blinding factor, each depositor\\u2019s script is unique, and the hash\\n/// of each depositor\\u2019s script is unique.\\nlibrary Deposit {\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n /// @notice Represents data which must be revealed by the depositor during\\n /// deposit reveal.\\n struct DepositRevealInfo {\\n // Index of the funding output belonging to the funding transaction.\\n uint32 fundingOutputIndex;\\n // Ethereum depositor address.\\n address depositor;\\n // The blinding factor as 8 bytes. Byte endianness doesn't matter\\n // as this factor is not interpreted as uint.\\n bytes8 blindingFactor;\\n // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)\\n // of the deposit's wallet hashed in the HASH160 Bitcoin opcode style.\\n bytes20 walletPubKeyHash;\\n // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)\\n // that can be used to make the deposit refund after the refund\\n // locktime passes. Hashed in the HASH160 Bitcoin opcode style.\\n bytes20 refundPubKeyHash;\\n // The refund locktime (4-byte LE). Interpreted according to locktime\\n // parsing rules described in:\\n // https://developer.bitcoin.org/devguide/transactions.html#locktime-and-sequence-number\\n // and used with OP_CHECKLOCKTIMEVERIFY opcode as described in:\\n // https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki\\n bytes4 refundLocktime;\\n // Address of the Bank vault to which the deposit is routed to.\\n // Optional, can be 0x0. The vault must be trusted by the Bridge.\\n address vault;\\n }\\n\\n /// @notice Represents tBTC deposit request data.\\n struct DepositRequest {\\n // Ethereum depositor address.\\n address depositor;\\n // Deposit amount in satoshi.\\n uint64 amount;\\n // UNIX timestamp the deposit was revealed at.\\n uint32 revealedAt;\\n // Address of the Bank vault the deposit is routed to.\\n // Optional, can be 0x0.\\n address vault;\\n // Treasury TBTC fee in satoshi at the moment of deposit reveal.\\n uint64 treasuryFee;\\n // UNIX timestamp the deposit was swept at. Note this is not the\\n // time when the deposit was swept on the Bitcoin chain but actually\\n // the time when the sweep proof was delivered to the Ethereum chain.\\n uint32 sweptAt;\\n }\\n\\n event DepositRevealed(\\n bytes32 fundingTxHash,\\n uint32 fundingOutputIndex,\\n address depositor,\\n uint64 amount,\\n bytes8 blindingFactor,\\n bytes20 walletPubKeyHash,\\n bytes20 refundPubKeyHash,\\n bytes4 refundLocktime,\\n address vault\\n );\\n\\n /// @notice Used by the depositor to reveal information about their P2(W)SH\\n /// Bitcoin deposit to the Bridge on Ethereum chain. The off-chain\\n /// wallet listens for revealed deposit events and may decide to\\n /// include the revealed deposit in the next executed sweep.\\n /// Information about the Bitcoin deposit can be revealed before or\\n /// after the Bitcoin transaction with P2(W)SH deposit is mined on\\n /// the Bitcoin chain. Worth noting, the gas cost of this function\\n /// scales with the number of P2(W)SH transaction inputs and\\n /// outputs. The deposit may be routed to one of the trusted vaults.\\n /// When a deposit is routed to a vault, vault gets notified when\\n /// the deposit gets swept and it may execute the appropriate action.\\n /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`\\n /// @param reveal Deposit reveal data, see `RevealInfo struct\\n /// @dev Requirements:\\n /// - `reveal.walletPubKeyHash` must identify a `Live` wallet\\n /// - `reveal.vault` must be 0x0 or point to a trusted vault\\n /// - `reveal.fundingOutputIndex` must point to the actual P2(W)SH\\n /// output of the BTC deposit transaction\\n /// - `reveal.depositor` must be the Ethereum address used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.blindingFactor` must be the blinding factor used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - `reveal.walletPubKeyHash` must be the wallet pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundPubKeyHash` must be the refund pub key hash used in\\n /// the P2(W)SH BTC deposit transaction,\\n /// - `reveal.refundLocktime` must be the refund locktime used in the\\n /// P2(W)SH BTC deposit transaction,\\n /// - BTC deposit for the given `fundingTxHash`, `fundingOutputIndex`\\n /// can be revealed only one time.\\n ///\\n /// If any of these requirements is not met, the wallet _must_ refuse\\n /// to sweep the deposit and the depositor has to wait until the\\n /// deposit script unlocks to receive their BTC back.\\n function revealDeposit(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata fundingTx,\\n DepositRevealInfo calldata reveal\\n ) external {\\n require(\\n self.registeredWallets[reveal.walletPubKeyHash].state ==\\n Wallets.WalletState.Live,\\n \\\"Wallet must be in Live state\\\"\\n );\\n\\n require(\\n reveal.vault == address(0) || self.isVaultTrusted[reveal.vault],\\n \\\"Vault is not trusted\\\"\\n );\\n\\n // TODO: Should we enforce a specific locktime at contract level?\\n\\n bytes memory expectedScript = abi.encodePacked(\\n hex\\\"14\\\", // Byte length of depositor Ethereum address.\\n reveal.depositor,\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"08\\\", // Byte length of blinding factor value.\\n reveal.blindingFactor,\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"76\\\", // OP_DUP\\n hex\\\"a9\\\", // OP_HASH160\\n hex\\\"14\\\", // Byte length of a compressed Bitcoin public key hash.\\n reveal.walletPubKeyHash,\\n hex\\\"87\\\", // OP_EQUAL\\n hex\\\"63\\\", // OP_IF\\n hex\\\"ac\\\", // OP_CHECKSIG\\n hex\\\"67\\\", // OP_ELSE\\n hex\\\"76\\\", // OP_DUP\\n hex\\\"a9\\\", // OP_HASH160\\n hex\\\"14\\\", // Byte length of a compressed Bitcoin public key hash.\\n reveal.refundPubKeyHash,\\n hex\\\"88\\\", // OP_EQUALVERIFY\\n hex\\\"04\\\", // Byte length of refund locktime value.\\n reveal.refundLocktime,\\n hex\\\"b1\\\", // OP_CHECKLOCKTIMEVERIFY\\n hex\\\"75\\\", // OP_DROP\\n hex\\\"ac\\\", // OP_CHECKSIG\\n hex\\\"68\\\" // OP_ENDIF\\n );\\n\\n bytes memory fundingOutput = fundingTx\\n .outputVector\\n .extractOutputAtIndex(reveal.fundingOutputIndex);\\n bytes memory fundingOutputHash = fundingOutput.extractHash();\\n\\n if (fundingOutputHash.length == 20) {\\n // A 20-byte output hash is used by P2SH. That hash is constructed\\n // by applying OP_HASH160 on the locking script. A 20-byte output\\n // hash is used as well by P2PKH and P2WPKH (OP_HASH160 on the\\n // public key). However, since we compare the actual output hash\\n // with an expected locking script hash, this check will succeed only\\n // for P2SH transaction type with expected script hash value. For\\n // P2PKH and P2WPKH, it will fail on the output hash comparison with\\n // the expected locking script hash.\\n require(\\n fundingOutputHash.slice20(0) == expectedScript.hash160View(),\\n \\\"Wrong 20-byte script hash\\\"\\n );\\n } else if (fundingOutputHash.length == 32) {\\n // A 32-byte output hash is used by P2WSH. That hash is constructed\\n // by applying OP_SHA256 on the locking script.\\n require(\\n fundingOutputHash.toBytes32() == sha256(expectedScript),\\n \\\"Wrong 32-byte script hash\\\"\\n );\\n } else {\\n revert(\\\"Wrong script hash length\\\");\\n }\\n\\n // Resulting TX hash is in native Bitcoin little-endian format.\\n bytes32 fundingTxHash = abi\\n .encodePacked(\\n fundingTx.version,\\n fundingTx.inputVector,\\n fundingTx.outputVector,\\n fundingTx.locktime\\n )\\n .hash256View();\\n\\n DepositRequest storage deposit = self.deposits[\\n uint256(\\n keccak256(\\n abi.encodePacked(fundingTxHash, reveal.fundingOutputIndex)\\n )\\n )\\n ];\\n require(deposit.revealedAt == 0, \\\"Deposit already revealed\\\");\\n\\n uint64 fundingOutputAmount = fundingOutput.extractValue();\\n\\n require(\\n fundingOutputAmount >= self.depositDustThreshold,\\n \\\"Deposit amount too small\\\"\\n );\\n\\n deposit.amount = fundingOutputAmount;\\n deposit.depositor = reveal.depositor;\\n /* solhint-disable-next-line not-rely-on-time */\\n deposit.revealedAt = uint32(block.timestamp);\\n deposit.vault = reveal.vault;\\n deposit.treasuryFee = self.depositTreasuryFeeDivisor > 0\\n ? fundingOutputAmount / self.depositTreasuryFeeDivisor\\n : 0;\\n // slither-disable-next-line reentrancy-events\\n emit DepositRevealed(\\n fundingTxHash,\\n reveal.fundingOutputIndex,\\n reveal.depositor,\\n fundingOutputAmount,\\n reveal.blindingFactor,\\n reveal.walletPubKeyHash,\\n reveal.refundPubKeyHash,\\n reveal.refundLocktime,\\n reveal.vault\\n );\\n }\\n}\\n\",\"keccak256\":\"0x2f3c592eb79ecf1411bb4e98530166efd722d926594e639ba8b09786777237bb\",\"license\":\"MIT\"},\"contracts/bridge/EcdsaLib.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nlibrary EcdsaLib {\\n using BytesLib for bytes;\\n\\n /// @notice Converts public key X and Y coordinates (32-byte each) to a\\n /// compressed public key (33-byte). Compressed public key is X\\n /// coordinate prefixed with `02` or `03` based on the Y coordinate parity.\\n /// It is expected that the uncompressed public key is stripped\\n /// (i.e. it is not prefixed with `04`).\\n /// @param x Wallet's public key's X coordinate.\\n /// @param y Wallet's public key's Y coordinate.\\n /// @return Compressed public key (33-byte), prefixed with `02` or `03`.\\n function compressPublicKey(bytes32 x, bytes32 y)\\n internal\\n pure\\n returns (bytes memory)\\n {\\n bytes1 prefix;\\n if (uint256(y) % 2 == 0) {\\n prefix = hex\\\"02\\\";\\n } else {\\n prefix = hex\\\"03\\\";\\n }\\n\\n return bytes.concat(prefix, x);\\n }\\n}\\n\",\"keccak256\":\"0x0b1b1755b6332c9d6d58a1d156a7151905a656faa7768345eb190b938f48c38d\",\"license\":\"MIT\"},\"contracts/bridge/Fraud.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {CheckBitcoinSigs} from \\\"@keep-network/bitcoin-spv-sol/contracts/CheckBitcoinSigs.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Bridge fraud\\n/// @notice The library handles the logic for challenging Bridge wallets that\\n/// committed fraud.\\n/// @dev Anyone can submit a fraud challenge indicating that a UTXO being under\\n/// the wallet control was unlocked by the wallet but was not used\\n/// according to the protocol rules. That means the wallet signed\\n/// a transaction input pointing to that UTXO and there is a unique\\n/// sighash and signature pair associated with that input.\\n///\\n/// In order to defeat the challenge, the same wallet public key and\\n/// signature must be provided as were used to calculate the sighash during\\n/// the challenge. The wallet provides the preimage which produces sighash\\n/// used to generate the ECDSA signature that is the subject of the fraud\\n/// claim. The fraud challenge defeat attempt will only succeed if the\\n/// inputs in the preimage are considered honestly spent by the wallet.\\n/// Therefore the transaction spending the UTXO must be proven in the\\n/// Bridge before a challenge defeat is called.\\nlibrary Fraud {\\n using Wallets for BridgeState.Storage;\\n\\n using BytesLib for bytes;\\n using BTCUtils for bytes;\\n using BTCUtils for uint32;\\n using EcdsaLib for bytes;\\n\\n struct FraudChallenge {\\n // The address of the party challenging the wallet.\\n address challenger;\\n // The amount of ETH the challenger deposited.\\n uint256 depositAmount;\\n // The timestamp the challenge was submitted at.\\n uint32 reportedAt;\\n // The flag indicating whether the challenge has been resolved.\\n bool resolved;\\n }\\n\\n event FraudChallengeSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash,\\n uint8 v,\\n bytes32 r,\\n bytes32 s\\n );\\n\\n event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);\\n\\n event FraudChallengeDefeatTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes32 sighash\\n );\\n\\n /// @notice Submits a fraud challenge indicating that a UTXO being under\\n /// wallet control was unlocked by the wallet but was not used\\n /// according to the protocol rules. That means the wallet signed\\n /// a transaction input pointing to that UTXO and there is a unique\\n /// sighash and signature pair associated with that input. This\\n /// function uses those parameters to create a fraud accusation that\\n /// proves a given transaction input unlocking the given UTXO was\\n /// actually signed by the wallet. This function cannot determine\\n /// whether the transaction was actually broadcast and the input was\\n /// consumed in a fraudulent way so it just opens a challenge period\\n /// during which the wallet can defeat the challenge by submitting\\n /// proof of a transaction that consumes the given input according\\n /// to protocol rules. To prevent spurious allegations, the caller\\n /// must deposit ETH that is returned back upon justified fraud\\n /// challenge or confiscated otherwise\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @param signature Bitcoin signature in the R/S/V format\\n /// @dev Requirements:\\n /// - Wallet behind `walletPublicKey` must be in Live or MovingFunds\\n /// or Closing state\\n /// - The challenger must send appropriate amount of ETH used as\\n /// fraud challenge deposit\\n /// - The signature (represented by r, s and v) must be generated by\\n /// the wallet behind `walletPublicKey` during signing of `sighash`\\n /// - Wallet can be challenged for the given signature only once\\n function submitFraudChallenge(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n bytes32 sighash,\\n BitcoinTx.RSVSignature calldata signature\\n ) external {\\n require(\\n msg.value >= self.fraudChallengeDepositAmount,\\n \\\"The amount of ETH deposited is too low\\\"\\n );\\n\\n require(\\n CheckBitcoinSigs.checkSig(\\n walletPublicKey,\\n sighash,\\n signature.v,\\n signature.r,\\n signature.s\\n ),\\n \\\"Signature verification failure\\\"\\n );\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds ||\\n wallet.state == Wallets.WalletState.Closing,\\n \\\"Wallet must be in Live or MovingFunds or Closing state\\\"\\n );\\n\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n require(challenge.reportedAt == 0, \\\"Fraud challenge already exists\\\");\\n\\n challenge.challenger = msg.sender;\\n challenge.depositAmount = msg.value;\\n /* solhint-disable-next-line not-rely-on-time */\\n challenge.reportedAt = uint32(block.timestamp);\\n challenge.resolved = false;\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeSubmitted(\\n walletPubKeyHash,\\n sighash,\\n signature.v,\\n signature.r,\\n signature.s\\n );\\n }\\n\\n /// @notice Allows to defeat a pending fraud challenge against a wallet if\\n /// the transaction that spends the UTXO follows the protocol rules.\\n /// In order to defeat the challenge the same `walletPublicKey` and\\n /// signature (represented by `r`, `s` and `v`) must be provided as\\n /// were used to calculate the sighash during input signing.\\n /// The fraud challenge defeat attempt will only succeed if the\\n /// inputs in the preimage are considered honestly spent by the\\n /// wallet. Therefore the transaction spending the UTXO must be\\n /// proven in the Bridge before a challenge defeat is called.\\n /// If successfully defeated, the fraud challenge is marked as\\n /// resolved and the amount of ether deposited by the challenger is\\n /// sent to the treasury.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @param witness Flag indicating whether the preimage was produced for a\\n /// witness input. True for witness, false for non-witness input.\\n /// @dev Requirements:\\n /// - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`\\n /// must identify an open fraud challenge\\n /// - the preimage must be a valid preimage of a transaction generated\\n /// according to the protocol rules and already proved in the Bridge\\n /// - before a defeat attempt is made the transaction that spends the\\n /// given UTXO must be proven in the Bridge\\n function defeatFraudChallenge(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n bytes calldata preimage,\\n bool witness\\n ) external {\\n bytes32 sighash = preimage.hash256();\\n\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n\\n require(challenge.reportedAt > 0, \\\"Fraud challenge does not exist\\\");\\n require(\\n !challenge.resolved,\\n \\\"Fraud challenge has already been resolved\\\"\\n );\\n\\n // Ensure SIGHASH_ALL type was used during signing, which is represented\\n // by type value `1`.\\n require(extractSighashType(preimage) == 1, \\\"Wrong sighash type\\\");\\n\\n uint256 utxoKey = witness\\n ? extractUtxoKeyFromWitnessPreimage(preimage)\\n : extractUtxoKeyFromNonWitnessPreimage(preimage);\\n\\n // Check that the UTXO key identifies a correctly spent UTXO.\\n require(\\n self.deposits[utxoKey].sweptAt > 0 || self.spentMainUTXOs[utxoKey],\\n \\\"Spent UTXO not found among correctly spent UTXOs\\\"\\n );\\n\\n // Mark the challenge as resolved as it was successfully defeated\\n challenge.resolved = true;\\n\\n // Send the ether deposited by the challenger to the treasury\\n /* solhint-disable avoid-low-level-calls */\\n // slither-disable-next-line low-level-calls,unchecked-lowlevel,arbitrary-send\\n self.treasury.call{gas: 100000, value: challenge.depositAmount}(\\\"\\\");\\n /* solhint-enable avoid-low-level-calls */\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeDefeated(walletPubKeyHash, sighash);\\n }\\n\\n /// @notice Notifies about defeat timeout for the given fraud challenge.\\n /// Can be called only if there was a fraud challenge identified by\\n /// the provided `walletPublicKey` and `sighash` and it was not\\n /// defeated on time. The amount of time that needs to pass after a\\n /// fraud challenge is reported is indicated by the\\n /// `challengeDefeatTimeout`. After a successful fraud challenge\\n /// defeat timeout notification the fraud challenge is marked as\\n /// resolved, the stake of each operator is slashed, the ether\\n /// deposited is returned to the challenger and the challenger is\\n /// rewarded.\\n /// @param walletPublicKey The public key of the wallet in the uncompressed\\n /// and unprefixed format (64 bytes)\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param sighash The hash that was used to produce the ECDSA signature\\n /// that is the subject of the fraud claim. This hash is constructed\\n /// by applying double SHA-256 over a serialized subset of the\\n /// transaction. The exact subset used as hash preimage depends on\\n /// the transaction input the signature is produced for. See BIP-143\\n /// for reference\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Closing or\\n /// Terminated state\\n /// - The `walletPublicKey` and `sighash` must identify an open fraud\\n /// challenge\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n /// - The amount of time indicated by `challengeDefeatTimeout` must pass\\n /// after the challenge was reported\\n function notifyFraudChallengeDefeatTimeout(\\n BridgeState.Storage storage self,\\n bytes calldata walletPublicKey,\\n uint32[] calldata walletMembersIDs,\\n bytes32 sighash\\n ) external {\\n uint256 challengeKey = uint256(\\n keccak256(abi.encodePacked(walletPublicKey, sighash))\\n );\\n\\n FraudChallenge storage challenge = self.fraudChallenges[challengeKey];\\n\\n require(challenge.reportedAt > 0, \\\"Fraud challenge does not exist\\\");\\n\\n require(\\n !challenge.resolved,\\n \\\"Fraud challenge has already been resolved\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >=\\n challenge.reportedAt + self.fraudChallengeDefeatTimeout,\\n \\\"Fraud challenge defeat period did not time out yet\\\"\\n );\\n\\n challenge.resolved = true;\\n // Return the ether deposited by the challenger\\n /* solhint-disable avoid-low-level-calls */\\n // slither-disable-next-line low-level-calls,unchecked-lowlevel\\n challenge.challenger.call{gas: 100000, value: challenge.depositAmount}(\\n \\\"\\\"\\n );\\n /* solhint-enable avoid-low-level-calls */\\n\\n bytes memory compressedWalletPublicKey = EcdsaLib.compressPublicKey(\\n walletPublicKey.slice32(0),\\n walletPublicKey.slice32(32)\\n );\\n bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n Wallets.WalletState walletState = wallet.state;\\n\\n if (\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds ||\\n walletState == Wallets.WalletState.Closing\\n ) {\\n self.terminateWallet(walletPubKeyHash);\\n\\n self.ecdsaWalletRegistry.seize(\\n self.fraudSlashingAmount,\\n self.fraudNotifierRewardMultiplier,\\n challenge.challenger,\\n wallet.ecdsaWalletID,\\n walletMembersIDs\\n );\\n } else if (walletState == Wallets.WalletState.Terminated) {\\n // This is a special case when the wallet was already terminated\\n // due to a previous deliberate protocol violation. In that\\n // case, this function should be still callable for other fraud\\n // challenges timeouts in order to let the challenger unlock its\\n // ETH deposit back. However, the wallet termination logic is\\n // not called and the challenger is not rewarded.\\n } else {\\n revert(\\n \\\"Wallet must be in Live or MovingFunds or Closing or Terminated state\\\"\\n );\\n }\\n\\n // slither-disable-next-line reentrancy-events\\n emit FraudChallengeDefeatTimedOut(walletPubKeyHash, sighash);\\n }\\n\\n /// @notice Extracts the UTXO keys from the given preimage used during\\n /// signing of a witness input.\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @return utxoKey UTXO key that identifies spent input.\\n function extractUtxoKeyFromWitnessPreimage(bytes calldata preimage)\\n internal\\n pure\\n returns (uint256 utxoKey)\\n {\\n // The expected structure of the preimage created during signing of a\\n // witness input:\\n // - transaction version (4 bytes)\\n // - hash of previous outpoints of all inputs (32 bytes)\\n // - hash of sequences of all inputs (32 bytes)\\n // - outpoint (hash + index) of the input being signed (36 bytes)\\n // - the unlocking script of the input (variable length)\\n // - value of the outpoint (8 bytes)\\n // - sequence of the input being signed (4 bytes)\\n // - hash of all outputs (32 bytes)\\n // - transaction locktime (4 bytes)\\n // - sighash type (4 bytes)\\n\\n // See Bitcoin's BIP-143 for reference:\\n // https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki.\\n\\n // The outpoint (hash and index) is located at the constant offset of\\n // 68 (4 + 32 + 32).\\n bytes32 outpointTxHash = preimage.extractInputTxIdLeAt(68);\\n uint32 outpointIndex = BTCUtils.reverseUint32(\\n uint32(preimage.extractTxIndexLeAt(68))\\n );\\n\\n return\\n uint256(keccak256(abi.encodePacked(outpointTxHash, outpointIndex)));\\n }\\n\\n /// @notice Extracts the UTXO key from the given preimage used during\\n /// signing of a non-witness input.\\n /// @param preimage The preimage which produces sighash used to generate the\\n /// ECDSA signature that is the subject of the fraud claim. It is a\\n /// serialized subset of the transaction. The exact subset used as\\n /// the preimage depends on the transaction input the signature is\\n /// produced for. See BIP-143 for reference\\n /// @return utxoKey UTXO key that identifies spent input.\\n function extractUtxoKeyFromNonWitnessPreimage(bytes calldata preimage)\\n internal\\n pure\\n returns (uint256 utxoKey)\\n {\\n // The expected structure of the preimage created during signing of a\\n // non-witness input:\\n // - transaction version (4 bytes)\\n // - number of inputs written as compactSize uint (1 byte, 3 bytes,\\n // 5 bytes or 9 bytes)\\n // - for each input\\n // - outpoint (hash and index) (36 bytes)\\n // - unlocking script for the input being signed (variable length)\\n // or `00` for all other inputs (1 byte)\\n // - input sequence (4 bytes)\\n // - number of outputs written as compactSize uint (1 byte, 3 bytes,\\n // 5 bytes or 9 bytes)\\n // - outputs (variable length)\\n // - transaction locktime (4 bytes)\\n // - sighash type (4 bytes)\\n\\n // See example for reference:\\n // https://en.bitcoin.it/wiki/OP_CHECKSIG#Code_samples_and_raw_dumps.\\n\\n // The input data begins at the constant offset of 4 (the first 4 bytes\\n // are for the transaction version).\\n (uint256 inputsCompactSizeUintLength, uint256 inputsCount) = preimage\\n .parseVarIntAt(4);\\n\\n // To determine the first input starting index, we must jump 4 bytes\\n // over the transaction version length and the compactSize uint which\\n // prepends the input vector. One byte must be added because\\n // `BtcUtils.parseVarInt` does not include compactSize uint tag in the\\n // returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 inputStartingIndex = 4 + 1 + inputsCompactSizeUintLength;\\n\\n for (uint256 i = 0; i < inputsCount; i++) {\\n uint256 inputLength = preimage.determineInputLengthAt(\\n inputStartingIndex\\n );\\n\\n (, uint256 scriptSigLength) = preimage.extractScriptSigLenAt(\\n inputStartingIndex\\n );\\n\\n if (scriptSigLength > 0) {\\n // The input this preimage was generated for was found.\\n // All the other inputs in the preimage are marked with a null\\n // scriptSig (\\\"00\\\") which has length of 1.\\n bytes32 outpointTxHash = preimage.extractInputTxIdLeAt(\\n inputStartingIndex\\n );\\n uint32 outpointIndex = BTCUtils.reverseUint32(\\n uint32(preimage.extractTxIndexLeAt(inputStartingIndex))\\n );\\n\\n utxoKey = uint256(\\n keccak256(abi.encodePacked(outpointTxHash, outpointIndex))\\n );\\n\\n break;\\n }\\n\\n inputStartingIndex += inputLength;\\n }\\n\\n return utxoKey;\\n }\\n\\n /// @notice Extracts the sighash type from the given preimage.\\n /// @param preimage Serialized subset of the transaction. See BIP-143 for\\n /// reference\\n /// @dev Sighash type is stored as the last 4 bytes in the preimage (little\\n /// endian).\\n /// @return sighashType Sighash type as a 32-bit integer.\\n function extractSighashType(bytes calldata preimage)\\n internal\\n pure\\n returns (uint32 sighashType)\\n {\\n bytes4 sighashTypeBytes = preimage.slice4(preimage.length - 4);\\n uint32 sighashTypeLE = uint32(sighashTypeBytes);\\n return sighashTypeLE.reverseUint32();\\n }\\n}\\n\",\"keccak256\":\"0xbb2b4056d6053cf430e6dba9b1d25f257db5bd08388988441bd562894b844de2\",\"license\":\"MIT\"},\"contracts/bridge/IRelay.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\n/// @title Interface for the Bitcoin relay\\n/// @notice Contains only the methods needed by tBTC v2. The Bitcoin relay\\n/// provides the difficulty of the previous and current epoch. One\\n/// difficulty epoch spans 2016 blocks.\\ninterface IRelay {\\n /// @notice Returns the difficulty of the current epoch.\\n function getCurrentEpochDifficulty() external view returns (uint256);\\n\\n /// @notice Returns the difficulty of the previous epoch.\\n function getPrevEpochDifficulty() external view returns (uint256);\\n}\\n\",\"keccak256\":\"0xc8d3f66aacc2e9f645397e0114f9671099acade21ef5805ae1de297773c9c81a\",\"license\":\"MIT\"},\"contracts/bridge/MovingFunds.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Redemption.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\n/// @title Moving Bridge wallet funds\\n/// @notice The library handles the logic for moving Bitcoin between Bridge\\n/// wallets.\\n/// @dev A wallet that failed a heartbeat, did not process requested redemption\\n/// on time, or qualifies to be closed, begins the procedure of moving\\n/// funds to other wallets in the Bridge. The wallet needs to commit to\\n/// which other Live wallets it is moving the funds to and then, provide an\\n/// SPV proof of moving funds to the previously committed wallets.\\nlibrary MovingFunds {\\n using BridgeState for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n event MovingFundsCommitmentSubmitted(\\n bytes20 walletPubKeyHash,\\n bytes20[] targetWallets,\\n address submitter\\n );\\n\\n event MovingFundsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 movingFundsTxHash\\n );\\n\\n event MovingFundsTimedOut(bytes20 walletPubKeyHash);\\n\\n event MovingFundsBelowDustReported(bytes20 walletPubKeyHash);\\n\\n /// @notice Submits the moving funds target wallets commitment.\\n /// Once all requirements are met, that function registers the\\n /// target wallets commitment and opens the way for moving funds\\n /// proof submission.\\n /// @param walletPubKeyHash 20-byte public key hash of the source wallet\\n /// @param walletMainUtxo Data of the source wallet's main UTXO, as\\n /// currently known on the Ethereum chain\\n /// @param walletMembersIDs Identifiers of the source wallet signing group\\n /// members\\n /// @param walletMemberIndex Position of the caller in the source wallet\\n /// signing group members list\\n /// @param targetWallets List of 20-byte public key hashes of the target\\n /// wallets that the source wallet commits to move the funds to\\n /// @dev Requirements:\\n /// - The source wallet must be in the MovingFunds state\\n /// - The source wallet must not have pending redemption requests\\n /// - The source wallet must not have submitted its commitment already\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given source wallet in the ECDSA registry. Those IDs are\\n /// not directly stored in the contract for gas efficiency purposes\\n /// but they can be read from appropriate `DkgResultSubmitted`\\n /// and `DkgResultApproved` events.\\n /// - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]\\n /// - The caller must be the member of the source wallet signing group\\n /// at the position indicated by `walletMemberIndex` parameter\\n /// - The `walletMainUtxo` components must point to the recent main\\n /// UTXO of the source wallet, as currently known on the Ethereum\\n /// chain.\\n /// - Source wallet BTC balance must be greater than zero\\n /// - At least one Live wallet must exist in the system\\n /// - Submitted target wallets count must match the expected count\\n /// `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`\\n /// where `N > 0`\\n /// - Each target wallet must be not equal to the source wallet\\n /// - Each target wallet must follow the expected order i.e. all\\n /// target wallets 20-byte public key hashes represented as numbers\\n /// must form a strictly increasing sequence without duplicates.\\n /// - Each target wallet must be in Live state\\n function submitMovingFundsCommitment(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo,\\n uint32[] calldata walletMembersIDs,\\n uint256 walletMemberIndex,\\n bytes20[] calldata targetWallets\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"Source wallet must be in MovingFunds state\\\"\\n );\\n\\n require(\\n wallet.pendingRedemptionsValue == 0,\\n \\\"Source wallet must handle all pending redemptions first\\\"\\n );\\n\\n require(\\n wallet.movingFundsTargetWalletsCommitmentHash == bytes32(0),\\n \\\"Target wallets commitment already submitted\\\"\\n );\\n\\n require(\\n self.ecdsaWalletRegistry.isWalletMember(\\n wallet.ecdsaWalletID,\\n walletMembersIDs,\\n msg.sender,\\n walletMemberIndex\\n ),\\n \\\"Caller is not a member of the source wallet\\\"\\n );\\n\\n uint64 walletBtcBalance = self.getWalletBtcBalance(\\n walletPubKeyHash,\\n walletMainUtxo\\n );\\n\\n require(walletBtcBalance > 0, \\\"Wallet BTC balance is zero\\\");\\n\\n uint256 expectedTargetWalletsCount = Math.min(\\n self.liveWalletsCount,\\n Math.ceilDiv(walletBtcBalance, self.walletMaxBtcTransfer)\\n );\\n\\n // This requirement fails only when `liveWalletsCount` is zero. In\\n // that case, the system cannot accept the commitment and must provide\\n // new wallets first.\\n //\\n // TODO: Expose separate function to reset the moving funds timeout\\n // if no Live wallets exist in the system.\\n require(expectedTargetWalletsCount > 0, \\\"No target wallets available\\\");\\n\\n require(\\n targetWallets.length == expectedTargetWalletsCount,\\n \\\"Submitted target wallets count is other than expected\\\"\\n );\\n\\n uint160 lastProcessedTargetWallet = 0;\\n\\n for (uint256 i = 0; i < targetWallets.length; i++) {\\n bytes20 targetWallet = targetWallets[i];\\n\\n require(\\n targetWallet != walletPubKeyHash,\\n \\\"Submitted target wallet cannot be equal to the source wallet\\\"\\n );\\n\\n require(\\n uint160(targetWallet) > lastProcessedTargetWallet,\\n \\\"Submitted target wallet breaks the expected order\\\"\\n );\\n\\n require(\\n self.registeredWallets[targetWallet].state ==\\n Wallets.WalletState.Live,\\n \\\"Submitted target wallet must be in Live state\\\"\\n );\\n\\n lastProcessedTargetWallet = uint160(targetWallet);\\n }\\n\\n wallet.movingFundsTargetWalletsCommitmentHash = keccak256(\\n abi.encodePacked(targetWallets)\\n );\\n\\n emit MovingFundsCommitmentSubmitted(\\n walletPubKeyHash,\\n targetWallets,\\n msg.sender\\n );\\n }\\n\\n /// @notice Used by the wallet to prove the BTC moving funds transaction\\n /// and to make the necessary state changes. Moving funds is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function validates the moving funds transaction structure\\n /// by checking if it actually spends the main UTXO of the declared\\n /// wallet and locks the value on the pre-committed target wallets\\n /// using a reasonable transaction fee. If all preconditions are\\n /// met, this functions closes the source wallet.\\n ///\\n /// It is possible to prove the given moving funds transaction only\\n /// one time.\\n /// @param movingFundsTx Bitcoin moving funds transaction data\\n /// @param movingFundsProof Bitcoin moving funds proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet\\n /// which performed the moving funds transaction\\n /// @dev Requirements:\\n /// - `movingFundsTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `movingFundsTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs corresponding to the\\n /// pre-committed target wallets. Outputs must be ordered in the\\n /// same way as their corresponding target wallets are ordered\\n /// within the target wallets commitment.\\n /// - `movingFundsProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// - The wallet that `walletPubKeyHash` points to must be in the\\n /// MovingFunds state.\\n /// - The target wallets commitment must be submitted by the wallet\\n /// that `walletPubKeyHash` points to.\\n /// - The total Bitcoin transaction fee must be lesser or equal\\n /// to `movingFundsTxMaxTotalFee` governable parameter.\\n function submitMovingFundsProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata movingFundsTx,\\n BitcoinTx.Proof calldata movingFundsProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 movingFundsTxHash = self.validateProof(\\n movingFundsTx,\\n movingFundsProof\\n );\\n\\n // Process the moving funds transaction input. Specifically, check if\\n // it refers to the expected wallet's main UTXO.\\n OutboundTx.processWalletOutboundTxInput(\\n self,\\n movingFundsTx.inputVector,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n\\n (\\n bytes32 targetWalletsHash,\\n uint256 outputsTotalValue\\n ) = processMovingFundsTxOutputs(movingFundsTx.outputVector);\\n\\n require(\\n mainUtxo.txOutputValue - outputsTotalValue <=\\n self.movingFundsTxMaxTotalFee,\\n \\\"Transaction fee is too high\\\"\\n );\\n\\n self.notifyWalletFundsMoved(walletPubKeyHash, targetWalletsHash);\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsCompleted(walletPubKeyHash, movingFundsTxHash);\\n }\\n\\n /// @notice Processes the moving funds Bitcoin transaction output vector\\n /// and extracts information required for further processing.\\n /// @param movingFundsTxOutputVector Bitcoin moving funds transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @return targetWalletsHash keccak256 hash over the list of actual\\n /// target wallets used in the transaction.\\n /// @return outputsTotalValue Sum of all outputs values.\\n /// @dev Requirements:\\n /// - The `movingFundsTxOutputVector` must be parseable, i.e. must\\n /// be validated by the caller as stated in their parameter doc.\\n /// - Each output must refer to a 20-byte public key hash.\\n /// - The total outputs value must be evenly divided over all outputs.\\n function processMovingFundsTxOutputs(bytes memory movingFundsTxOutputVector)\\n internal\\n pure\\n returns (bytes32 targetWalletsHash, uint256 outputsTotalValue)\\n {\\n // Determining the total number of Bitcoin transaction outputs in\\n // the same way as for number of inputs. See `BitcoinTx.outputVector`\\n // docs for more details.\\n (\\n uint256 outputsCompactSizeUintLength,\\n uint256 outputsCount\\n ) = movingFundsTxOutputVector.parseVarInt();\\n\\n // To determine the first output starting index, we must jump over\\n // the compactSize uint which prepends the output vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 outputStartingIndex = 1 + outputsCompactSizeUintLength;\\n\\n bytes20[] memory targetWallets = new bytes20[](outputsCount);\\n uint64[] memory outputsValues = new uint64[](outputsCount);\\n\\n // Outputs processing loop.\\n for (uint256 i = 0; i < outputsCount; i++) {\\n uint256 outputLength = movingFundsTxOutputVector\\n .determineOutputLengthAt(outputStartingIndex);\\n\\n bytes memory output = movingFundsTxOutputVector.slice(\\n outputStartingIndex,\\n outputLength\\n );\\n\\n // Extract the output script payload.\\n bytes memory targetWalletPubKeyHashBytes = output.extractHash();\\n // Output script payload must refer to a known wallet public key\\n // hash which is always 20-byte.\\n require(\\n targetWalletPubKeyHashBytes.length == 20,\\n \\\"Target wallet public key hash must have 20 bytes\\\"\\n );\\n\\n bytes20 targetWalletPubKeyHash = targetWalletPubKeyHashBytes\\n .slice20(0);\\n\\n // The next step is making sure that the 20-byte public key hash\\n // is actually used in the right context of a P2PKH or P2WPKH\\n // output. To do so, we must extract the full script from the output\\n // and compare with the expected P2PKH and P2WPKH scripts\\n // referring to that 20-byte public key hash. The output consists\\n // of an 8-byte value and a variable length script. To extract the\\n // script we slice the output starting from 9th byte until the end.\\n bytes32 outputScriptKeccak = keccak256(\\n output.slice(8, output.length - 8)\\n );\\n // Build the expected P2PKH script which has the following byte\\n // format: <0x1976a914> <20-byte PKH> <0x88ac>. According to\\n // https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x19: Byte length of the entire script\\n // - 0x76: OP_DUP\\n // - 0xa9: OP_HASH160\\n // - 0x14: Byte length of the public key hash\\n // - 0x88: OP_EQUALVERIFY\\n // - 0xac: OP_CHECKSIG\\n // which matches the P2PKH structure as per:\\n // https://en.bitcoin.it/wiki/Transaction#Pay-to-PubkeyHash\\n bytes32 targetWalletP2PKHScriptKeccak = keccak256(\\n abi.encodePacked(\\n hex\\\"1976a914\\\",\\n targetWalletPubKeyHash,\\n hex\\\"88ac\\\"\\n )\\n );\\n // Build the expected P2WPKH script which has the following format:\\n // <0x160014> <20-byte PKH>. According to\\n // https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x16: Byte length of the entire script\\n // - 0x00: OP_0\\n // - 0x14: Byte length of the public key hash\\n // which matches the P2WPKH structure as per:\\n // https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#P2WPKH\\n bytes32 targetWalletP2WPKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"160014\\\", targetWalletPubKeyHash)\\n );\\n // Make sure the actual output script matches either the P2PKH\\n // or P2WPKH format.\\n require(\\n outputScriptKeccak == targetWalletP2PKHScriptKeccak ||\\n outputScriptKeccak == targetWalletP2WPKHScriptKeccak,\\n \\\"Output must be P2PKH or P2WPKH\\\"\\n );\\n\\n // Add the wallet public key hash to the list that will be used\\n // to build the result list hash. There is no need to check if\\n // given output is a change here because the actual target wallet\\n // list must be exactly the same as the pre-committed target wallet\\n // list which is guaranteed to be valid.\\n targetWallets[i] = targetWalletPubKeyHash;\\n\\n // Extract the value from given output.\\n outputsValues[i] = output.extractValue();\\n outputsTotalValue += outputsValues[i];\\n\\n // Make the `outputStartingIndex` pointing to the next output by\\n // increasing it by current output's length.\\n outputStartingIndex += outputLength;\\n }\\n\\n // Compute the indivisible remainder that remains after dividing the\\n // outputs total value over all outputs evenly.\\n uint256 outputsTotalValueRemainder = outputsTotalValue % outputsCount;\\n // Compute the minimum allowed output value by dividing the outputs\\n // total value (reduced by the remainder) by the number of outputs.\\n uint256 minOutputValue = (outputsTotalValue -\\n outputsTotalValueRemainder) / outputsCount;\\n // Maximum possible value is the minimum value with the remainder included.\\n uint256 maxOutputValue = minOutputValue + outputsTotalValueRemainder;\\n\\n for (uint256 i = 0; i < outputsCount; i++) {\\n require(\\n minOutputValue <= outputsValues[i] &&\\n outputsValues[i] <= maxOutputValue,\\n \\\"Transaction amount is not distributed evenly\\\"\\n );\\n }\\n\\n targetWalletsHash = keccak256(abi.encodePacked(targetWallets));\\n\\n return (targetWalletsHash, outputsTotalValue);\\n }\\n\\n /// @notice Notifies about a timed out moving funds process. Terminates\\n /// the wallet and slashes signing group members as a result.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The moving funds timeout must be actually exceeded\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n function notifyMovingFundsTimeout(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >\\n wallet.movingFundsRequestedAt + self.movingFundsTimeout,\\n \\\"Moving funds has not timed out yet\\\"\\n );\\n\\n self.terminateWallet(walletPubKeyHash);\\n\\n self.ecdsaWalletRegistry.seize(\\n self.movingFundsTimeoutSlashingAmount,\\n self.movingFundsTimeoutNotifierRewardMultiplier,\\n msg.sender,\\n wallet.ecdsaWalletID,\\n walletMembersIDs\\n );\\n\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsTimedOut(walletPubKeyHash);\\n }\\n\\n /// @notice Notifies about a moving funds wallet whose BTC balance is\\n /// below the moving funds dust threshold. Ends the moving funds\\n /// process and begins wallet closing immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known\\n /// on the Ethereum chain.\\n /// @dev Requirements:\\n /// - The wallet must be in the MovingFunds state\\n /// - The `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n /// - The wallet BTC balance must be below the moving funds threshold\\n function notifyMovingFundsBelowDust(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n uint64 walletBtcBalance = self.getWalletBtcBalance(\\n walletPubKeyHash,\\n mainUtxo\\n );\\n\\n require(\\n walletBtcBalance < self.movingFundsDustThreshold,\\n \\\"Wallet BTC balance must be below the moving funds dust threshold\\\"\\n );\\n\\n self.beginWalletClosing(walletPubKeyHash);\\n\\n // slither-disable-next-line reentrancy-events\\n emit MovingFundsBelowDustReported(walletPubKeyHash);\\n }\\n}\\n\",\"keccak256\":\"0xd4500f5b642d543e944fbb5e6a61580fe1898dcc83ec70aa3f0ea7ff056a5154\",\"license\":\"MIT\"},\"contracts/bridge/Redemption.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {BytesLib} from \\\"@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @notice Aggregates functions common to the redemption transaction proof\\n/// validation and to the moving funds transaction proof validation.\\nlibrary OutboundTx {\\n using BTCUtils for bytes;\\n\\n /// @notice Checks whether an outbound Bitcoin transaction performed from\\n /// the given wallet has an input vector that contains a single\\n /// input referring to the wallet's main UTXO. Marks that main UTXO\\n /// as correctly spent if the validation succeeds. Reverts otherwise.\\n /// There are two outbound transactions from a wallet possible: a\\n /// redemption transaction or a moving funds to another wallet\\n /// transaction.\\n /// @param walletOutboundTxInputVector Bitcoin outbound transaction's input\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVin` function\\n /// before it is passed here\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain.\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the outbound transaction.\\n function processWalletOutboundTxInput(\\n BridgeState.Storage storage self,\\n bytes memory walletOutboundTxInputVector,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) internal {\\n // Assert that main UTXO for passed wallet exists in storage.\\n bytes32 mainUtxoHash = self\\n .registeredWallets[walletPubKeyHash]\\n .mainUtxoHash;\\n require(mainUtxoHash != bytes32(0), \\\"No main UTXO for given wallet\\\");\\n\\n // Assert that passed main UTXO parameter is the same as in storage and\\n // can be used for further processing.\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n\\n // Assert that the single outbound transaction input actually\\n // refers to the wallet's main UTXO.\\n (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex\\n ) = parseWalletOutboundTxInput(walletOutboundTxInputVector);\\n require(\\n mainUtxo.txHash == outpointTxHash &&\\n mainUtxo.txOutputIndex == outpointIndex,\\n \\\"Outbound transaction input must point to the wallet's main UTXO\\\"\\n );\\n\\n // Main UTXO used as an input, mark it as spent.\\n self.spentMainUTXOs[\\n uint256(\\n keccak256(\\n abi.encodePacked(mainUtxo.txHash, mainUtxo.txOutputIndex)\\n )\\n )\\n ] = true;\\n }\\n\\n /// @notice Parses the input vector of an outbound Bitcoin transaction\\n /// performed from the given wallet. It extracts the single input\\n /// then the transaction hash and output index from its outpoint.\\n /// There are two outbound transactions from a wallet possible: a\\n /// redemption transaction or a moving funds to another wallet\\n /// transaction.\\n /// @param walletOutboundTxInputVector Bitcoin outbound transaction input\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVin` function\\n /// before it is passed here\\n /// @return outpointTxHash 32-byte hash of the Bitcoin transaction which is\\n /// pointed in the input's outpoint.\\n /// @return outpointIndex 4-byte index of the Bitcoin transaction output\\n /// which is pointed in the input's outpoint.\\n function parseWalletOutboundTxInput(\\n bytes memory walletOutboundTxInputVector\\n ) internal pure returns (bytes32 outpointTxHash, uint32 outpointIndex) {\\n // To determine the total number of Bitcoin transaction inputs,\\n // we need to parse the compactSize uint (VarInt) the input vector is\\n // prepended by. That compactSize uint encodes the number of vector\\n // elements using the format presented in:\\n // https://developer.bitcoin.org/reference/transactions.html#compactsize-unsigned-integers\\n // We don't need asserting the compactSize uint is parseable since it\\n // was already checked during `validateVin` validation.\\n // See `BitcoinTx.inputVector` docs for more details.\\n (, uint256 inputsCount) = walletOutboundTxInputVector.parseVarInt();\\n require(\\n inputsCount == 1,\\n \\\"Outbound transaction must have a single input\\\"\\n );\\n\\n bytes memory input = walletOutboundTxInputVector.extractInputAtIndex(0);\\n\\n outpointTxHash = input.extractInputTxIdLE();\\n\\n outpointIndex = BTCUtils.reverseUint32(\\n uint32(input.extractTxIndexLE())\\n );\\n\\n // There is only one input in the transaction. Input has an outpoint\\n // field that is a reference to the transaction being spent (see\\n // `BitcoinTx` docs). The outpoint contains the hash of the transaction\\n // to spend (`outpointTxHash`) and the index of the specific output\\n // from that transaction (`outpointIndex`).\\n return (outpointTxHash, outpointIndex);\\n }\\n}\\n\\n/// @title Bridge redemption\\n/// @notice The library handles the logic for redeeming Bitcoin balances from\\n/// the Bridge.\\n/// @dev To initiate a redemption, a user with a Bank balance supplies\\n/// a Bitcoin address. Then, the system calculates the redemption fee, and\\n/// releases balance to the provided Bitcoin address. Just like in case of\\n/// sweeps of revealed deposits, redemption requests are processed in\\n/// batches and require SPV proof to be submitted to the Bridge.\\nlibrary Redemption {\\n using BridgeState for BridgeState.Storage;\\n using Wallets for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n using BytesLib for bytes;\\n\\n /// @notice Represents a redemption request.\\n struct RedemptionRequest {\\n // ETH address of the redeemer who created the request.\\n address redeemer;\\n // Requested TBTC amount in satoshi.\\n uint64 requestedAmount;\\n // Treasury TBTC fee in satoshi at the moment of request creation.\\n uint64 treasuryFee;\\n // Transaction maximum BTC fee in satoshi at the moment of request\\n // creation.\\n uint64 txMaxFee;\\n // UNIX timestamp the request was created at.\\n uint32 requestedAt;\\n }\\n\\n /// @notice Represents an outcome of the redemption Bitcoin transaction\\n /// outputs processing.\\n struct RedemptionTxOutputsInfo {\\n // Total TBTC value in satoshi that should be burned by the Bridge.\\n // It includes the total amount of all BTC redeemed in the transaction\\n // and the fee paid to BTC miners for the redemption transaction.\\n uint64 totalBurnableValue;\\n // Total TBTC value in satoshi that should be transferred to\\n // the treasury. It is a sum of all treasury fees paid by all\\n // redeemers included in the redemption transaction.\\n uint64 totalTreasuryFee;\\n // Index of the change output. The change output becomes\\n // the new main wallet's UTXO.\\n uint32 changeIndex;\\n // Value in satoshi of the change output.\\n uint64 changeValue;\\n }\\n\\n /// @notice Represents temporary information needed during the processing of\\n /// the redemption Bitcoin transaction outputs. This structure is an\\n /// internal one and should not be exported outside of the redemption\\n /// transaction processing code.\\n /// @dev Allows to mitigate \\\"stack too deep\\\" errors on EVM.\\n struct RedemptionTxOutputsProcessingInfo {\\n // The first output starting index in the transaction.\\n uint256 outputStartingIndex;\\n // The number of outputs in the transaction.\\n uint256 outputsCount;\\n // P2PKH script for the wallet. Needed to determine the change output.\\n bytes32 walletP2PKHScriptKeccak;\\n // P2WPKH script for the wallet. Needed to determine the change output.\\n bytes32 walletP2WPKHScriptKeccak;\\n }\\n\\n event RedemptionRequested(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript,\\n address redeemer,\\n uint64 requestedAmount,\\n uint64 treasuryFee,\\n uint64 txMaxFee\\n );\\n\\n event RedemptionsCompleted(\\n bytes20 walletPubKeyHash,\\n bytes32 redemptionTxHash\\n );\\n\\n event RedemptionTimedOut(\\n bytes20 walletPubKeyHash,\\n bytes redeemerOutputScript\\n );\\n\\n /// @notice Requests redemption of the given amount from the specified\\n /// wallet to the redeemer Bitcoin output script.\\n /// @param walletPubKeyHash The 20-byte wallet public key hash (computed\\n /// using Bitcoin HASH160 over the compressed ECDSA public key)\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock\\n /// redeemed BTC\\n /// @param amount Requested amount in satoshi. This is also the TBTC amount\\n /// that is taken from redeemer's balance in the Bank upon request.\\n /// Once the request is handled, the actual amount of BTC locked\\n /// on the redeemer output script will be always lower than this value\\n /// since the treasury and Bitcoin transaction fees must be incurred.\\n /// The minimal amount satisfying the request can be computed as:\\n /// `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.\\n /// Fees values are taken at the moment of request creation.\\n /// @dev Requirements:\\n /// - Wallet behind `walletPubKeyHash` must be live\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// - `redeemerOutputScript` must be a proper Bitcoin script\\n /// - `redeemerOutputScript` cannot have wallet PKH as payload\\n /// - `amount` must be above or equal the `redemptionDustThreshold`\\n /// - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be\\n /// used for only one pending request at the same time\\n /// - Wallet must have enough Bitcoin balance to proceed the request\\n /// - Redeemer must make an allowance in the Bank that the Bridge\\n /// contract can spend the given `amount`.\\n function requestRedemption(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes calldata redeemerOutputScript,\\n uint64 amount\\n ) external {\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n require(\\n wallet.state == Wallets.WalletState.Live,\\n \\\"Wallet must be in Live state\\\"\\n );\\n\\n bytes32 mainUtxoHash = wallet.mainUtxoHash;\\n require(\\n mainUtxoHash != bytes32(0),\\n \\\"No main UTXO for the given wallet\\\"\\n );\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n\\n // TODO: Confirm if `walletPubKeyHash` should be validated by checking\\n // if it is the oldest one who can handle the request. This will\\n // be suggested by the dApp but may not be respected by users who\\n // interact directly with the contract. Do we need to enforce it\\n // here? One option is not to enforce it, to save on gas, but if\\n // we see this rule is not respected, upgrade Bridge contract to\\n // require it.\\n\\n // Validate if redeemer output script is a correct standard type\\n // (P2PKH, P2WPKH, P2SH or P2WSH). This is done by building a stub\\n // output with 0 as value and using `BTCUtils.extractHash` on it. Such\\n // a function extracts the payload properly only from standard outputs\\n // so if it succeeds, we have a guarantee the redeemer output script\\n // is proper. Worth to note `extractHash` ignores the value at all\\n // so this is why we can use 0 safely. This way of validation is the\\n // same as in tBTC v1.\\n bytes memory redeemerOutputScriptPayload = abi\\n .encodePacked(bytes8(0), redeemerOutputScript)\\n .extractHash();\\n require(\\n redeemerOutputScriptPayload.length > 0,\\n \\\"Redeemer output script must be a standard type\\\"\\n );\\n // Check if the redeemer output script payload does not point to the\\n // wallet public key hash.\\n require(\\n keccak256(abi.encodePacked(walletPubKeyHash)) !=\\n keccak256(redeemerOutputScriptPayload),\\n \\\"Redeemer output script must not point to the wallet PKH\\\"\\n );\\n\\n require(\\n amount >= self.redemptionDustThreshold,\\n \\\"Redemption amount too small\\\"\\n );\\n\\n // The redemption key is built on top of the wallet public key hash\\n // and redeemer output script pair. That means there can be only one\\n // request asking for redemption from the given wallet to the given\\n // BTC script at the same time.\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, redeemerOutputScript))\\n );\\n\\n // Check if given redemption key is not used by a pending redemption.\\n // There is no need to check for existence in `timedOutRedemptions`\\n // since the wallet's state is changed to other than Live after\\n // first time out is reported so making new requests is not possible.\\n // slither-disable-next-line incorrect-equality\\n require(\\n self.pendingRedemptions[redemptionKey].requestedAt == 0,\\n \\\"There is a pending redemption request from this wallet to the same address\\\"\\n );\\n\\n // No need to check whether `amount - treasuryFee - txMaxFee > 0`\\n // since the `redemptionDustThreshold` should force that condition\\n // to be always true.\\n uint64 treasuryFee = self.redemptionTreasuryFeeDivisor > 0\\n ? amount / self.redemptionTreasuryFeeDivisor\\n : 0;\\n uint64 txMaxFee = self.redemptionTxMaxFee;\\n\\n // The main wallet UTXO's value doesn't include all pending redemptions.\\n // To determine if the requested redemption can be performed by the\\n // wallet we need to subtract the total value of all pending redemptions\\n // from that wallet's main UTXO value. Given that the treasury fee is\\n // not redeemed from the wallet, we are subtracting it.\\n wallet.pendingRedemptionsValue += amount - treasuryFee;\\n require(\\n mainUtxo.txOutputValue >= wallet.pendingRedemptionsValue,\\n \\\"Insufficient wallet funds\\\"\\n );\\n\\n self.pendingRedemptions[redemptionKey] = RedemptionRequest(\\n msg.sender,\\n amount,\\n treasuryFee,\\n txMaxFee,\\n /* solhint-disable-next-line not-rely-on-time */\\n uint32(block.timestamp)\\n );\\n\\n emit RedemptionRequested(\\n walletPubKeyHash,\\n redeemerOutputScript,\\n msg.sender,\\n amount,\\n treasuryFee,\\n txMaxFee\\n );\\n\\n self.bank.transferBalanceFrom(msg.sender, address(this), amount);\\n }\\n\\n /// @notice Used by the wallet to prove the BTC redemption transaction\\n /// and to make the necessary bookkeeping. Redemption is only\\n /// accepted if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by burning\\n /// the total redeemed Bitcoin amount from Bridge balance and\\n /// transferring the treasury fee sum to the treasury address.\\n ///\\n /// It is possible to prove the given redemption only one time.\\n /// @param redemptionTx Bitcoin redemption transaction data\\n /// @param redemptionProof Bitcoin redemption proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n /// HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction\\n /// @dev Requirements:\\n /// - `redemptionTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `redemptionTx` should represent a Bitcoin transaction with\\n /// exactly 1 input that refers to the wallet's main UTXO. That\\n /// transaction should have 1..n outputs handling existing pending\\n /// redemption requests or pointing to reported timed out requests.\\n /// There can be also 1 optional output representing the\\n /// change and pointing back to the 20-byte wallet public key hash.\\n /// The change should be always present if the redeemed value sum\\n /// is lower than the total wallet's BTC balance.\\n /// - `redemptionProof` components must match the expected structure.\\n /// See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// Additionally, the recent main UTXO on Ethereum must be set.\\n /// - `walletPubKeyHash` must be connected with the main UTXO used\\n /// as transaction single input.\\n /// Other remarks:\\n /// - Putting the change output as the first transaction output can\\n /// save some gas because the output processing loop begins each\\n /// iteration by checking whether the given output is the change\\n /// thus uses some gas for making the comparison. Once the change\\n /// is identified, that check is omitted in further iterations.\\n function submitRedemptionProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata redemptionTx,\\n BitcoinTx.Proof calldata redemptionProof,\\n BitcoinTx.UTXO calldata mainUtxo,\\n bytes20 walletPubKeyHash\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 redemptionTxHash = self.validateProof(\\n redemptionTx,\\n redemptionProof\\n );\\n\\n // Process the redemption transaction input. Specifically, check if it\\n // refers to the expected wallet's main UTXO.\\n OutboundTx.processWalletOutboundTxInput(\\n self,\\n redemptionTx.inputVector,\\n mainUtxo,\\n walletPubKeyHash\\n );\\n\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n\\n Wallets.WalletState walletState = wallet.state;\\n require(\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds,\\n \\\"Wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n // Process redemption transaction outputs to extract some info required\\n // for further processing.\\n RedemptionTxOutputsInfo memory outputsInfo = processRedemptionTxOutputs(\\n self,\\n redemptionTx.outputVector,\\n walletPubKeyHash\\n );\\n\\n if (outputsInfo.changeValue > 0) {\\n // If the change value is grater than zero, it means the change\\n // output exists and can be used as new wallet's main UTXO.\\n wallet.mainUtxoHash = keccak256(\\n abi.encodePacked(\\n redemptionTxHash,\\n outputsInfo.changeIndex,\\n outputsInfo.changeValue\\n )\\n );\\n } else {\\n // If the change value is zero, it means the change output doesn't\\n // exists and no funds left on the wallet. Delete the main UTXO\\n // for that wallet to represent that state in a proper way.\\n delete wallet.mainUtxoHash;\\n }\\n\\n wallet.pendingRedemptionsValue -= outputsInfo.totalBurnableValue;\\n\\n emit RedemptionsCompleted(walletPubKeyHash, redemptionTxHash);\\n\\n self.bank.decreaseBalance(outputsInfo.totalBurnableValue);\\n self.bank.transferBalance(self.treasury, outputsInfo.totalTreasuryFee);\\n }\\n\\n /// @notice Processes the Bitcoin redemption transaction output vector.\\n /// It extracts each output and tries to identify it as a pending\\n /// redemption request, reported timed out request, or change.\\n /// Reverts if one of the outputs cannot be recognized properly.\\n /// This function also marks each request as processed by removing\\n /// them from `pendingRedemptions` mapping.\\n /// @param redemptionTxOutputVector Bitcoin redemption transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @return info Outcomes of the processing.\\n function processRedemptionTxOutputs(\\n BridgeState.Storage storage self,\\n bytes memory redemptionTxOutputVector,\\n bytes20 walletPubKeyHash\\n ) internal returns (RedemptionTxOutputsInfo memory info) {\\n // Determining the total number of redemption transaction outputs in\\n // the same way as for number of inputs. See `BitcoinTx.outputVector`\\n // docs for more details.\\n (\\n uint256 outputsCompactSizeUintLength,\\n uint256 outputsCount\\n ) = redemptionTxOutputVector.parseVarInt();\\n\\n // To determine the first output starting index, we must jump over\\n // the compactSize uint which prepends the output vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 outputStartingIndex = 1 + outputsCompactSizeUintLength;\\n\\n // Calculate the keccak256 for two possible wallet's P2PKH or P2WPKH\\n // scripts that can be used to lock the change. This is done upfront to\\n // save on gas. Both scripts have a strict format defined by Bitcoin.\\n //\\n // The P2PKH script has the byte format: <0x1976a914> <20-byte PKH> <0x88ac>.\\n // According to https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x19: Byte length of the entire script\\n // - 0x76: OP_DUP\\n // - 0xa9: OP_HASH160\\n // - 0x14: Byte length of the public key hash\\n // - 0x88: OP_EQUALVERIFY\\n // - 0xac: OP_CHECKSIG\\n // which matches the P2PKH structure as per:\\n // https://en.bitcoin.it/wiki/Transaction#Pay-to-PubkeyHash\\n bytes32 walletP2PKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"1976a914\\\", walletPubKeyHash, hex\\\"88ac\\\")\\n );\\n // The P2WPKH script has the byte format: <0x160014> <20-byte PKH>.\\n // According to https://en.bitcoin.it/wiki/Script#Opcodes this translates to:\\n // - 0x16: Byte length of the entire script\\n // - 0x00: OP_0\\n // - 0x14: Byte length of the public key hash\\n // which matches the P2WPKH structure as per:\\n // https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#P2WPKH\\n bytes32 walletP2WPKHScriptKeccak = keccak256(\\n abi.encodePacked(hex\\\"160014\\\", walletPubKeyHash)\\n );\\n\\n return\\n processRedemptionTxOutputs(\\n self,\\n redemptionTxOutputVector,\\n walletPubKeyHash,\\n RedemptionTxOutputsProcessingInfo(\\n outputStartingIndex,\\n outputsCount,\\n walletP2PKHScriptKeccak,\\n walletP2WPKHScriptKeccak\\n )\\n );\\n }\\n\\n /// @notice Processes all outputs from the redemption transaction. Tries to\\n /// identify output as a change output, pending redemption request\\n // or reported redemption. Reverts if one of the outputs cannot be\\n /// recognized properly. Marks each request as processed by removing\\n /// them from `pendingRedemptions` mapping.\\n /// @param redemptionTxOutputVector Bitcoin redemption transaction output\\n /// vector. This function assumes vector's structure is valid so it\\n /// must be validated using e.g. `BTCUtils.validateVout` function\\n /// before it is passed here\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @param processInfo RedemptionTxOutputsProcessingInfo identifying output\\n /// starting index, the number of outputs and possible wallet change\\n /// P2PKH and P2WPKH scripts.\\n function processRedemptionTxOutputs(\\n BridgeState.Storage storage self,\\n bytes memory redemptionTxOutputVector,\\n bytes20 walletPubKeyHash,\\n RedemptionTxOutputsProcessingInfo memory processInfo\\n ) internal returns (RedemptionTxOutputsInfo memory resultInfo) {\\n // Helper flag indicating whether there was at least one redemption\\n // output present (redemption must be either pending or reported as\\n // timed out).\\n bool redemptionPresent = false;\\n\\n // Outputs processing loop.\\n for (uint256 i = 0; i < processInfo.outputsCount; i++) {\\n // TODO: Check if we can optimize gas costs by adding\\n // `extractValueAt` and `extractHashAt` in `bitcoin-spv-sol`\\n // in order to avoid allocating bytes in memory.\\n uint256 outputLength = redemptionTxOutputVector\\n .determineOutputLengthAt(processInfo.outputStartingIndex);\\n bytes memory output = redemptionTxOutputVector.slice(\\n processInfo.outputStartingIndex,\\n outputLength\\n );\\n\\n // Extract the value from given output.\\n uint64 outputValue = output.extractValue();\\n // The output consists of an 8-byte value and a variable length\\n // script. To extract that script we slice the output starting from\\n // 9th byte until the end.\\n bytes memory outputScript = output.slice(8, output.length - 8);\\n\\n if (\\n resultInfo.changeValue == 0 &&\\n (keccak256(outputScript) ==\\n processInfo.walletP2PKHScriptKeccak ||\\n keccak256(outputScript) ==\\n processInfo.walletP2WPKHScriptKeccak) &&\\n outputValue > 0\\n ) {\\n // If we entered here, that means the change output with a\\n // proper non-zero value was found.\\n resultInfo.changeIndex = uint32(i);\\n resultInfo.changeValue = outputValue;\\n } else {\\n // If we entered here, that the means the given output is\\n // supposed to represent a redemption.\\n (\\n uint64 burnableValue,\\n uint64 treasuryFee\\n ) = processNonChangeRedemptionTxOutput(\\n self,\\n walletPubKeyHash,\\n outputScript,\\n outputValue\\n );\\n resultInfo.totalBurnableValue += burnableValue;\\n resultInfo.totalTreasuryFee += treasuryFee;\\n redemptionPresent = true;\\n }\\n\\n // Make the `outputStartingIndex` pointing to the next output by\\n // increasing it by current output's length.\\n processInfo.outputStartingIndex += outputLength;\\n }\\n\\n // Protect against the cases when there is only a single change output\\n // referring back to the wallet PKH and just burning main UTXO value\\n // for transaction fees.\\n require(\\n redemptionPresent,\\n \\\"Redemption transaction must process at least one redemption\\\"\\n );\\n }\\n\\n /// @notice Processes a single redemption transaction output. Tries to\\n /// identify output as a pending redemption request or reported\\n /// redemption timeout. Output script passed to this function must\\n /// not be the change output. Such output needs to be identified\\n /// separately before calling this function.\\n /// Reverts if output is neither requested pending redemption nor\\n /// requested and reported timed-out redemption.\\n /// This function also marks each pending request as processed by\\n /// removing them from `pendingRedemptions` mapping.\\n /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin\\n // HASH160 over the compressed ECDSA public key) of the wallet which\\n /// performed the redemption transaction.\\n /// @param outputScript Non-change output script to be processed\\n /// @param outputValue Value of the output being processed\\n /// @return burnableValue The value burnable as a result of processing this\\n /// single redemption output. This value needs to be summed up with\\n /// burnable values of all other outputs to evaluate total burnable\\n /// value for the entire redemption transaction. This value is 0\\n /// for a timed-out redemption request.\\n /// @return treasuryFee The treasury fee from this single redemption output.\\n /// This value needs to be summed up with treasury fees of all other\\n /// outputs to evaluate the total treasury fee for the entire\\n /// redemption transaction. This value is 0 for a timed-out\\n /// redemption request.\\n function processNonChangeRedemptionTxOutput(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n bytes memory outputScript,\\n uint64 outputValue\\n ) internal returns (uint64 burnableValue, uint64 treasuryFee) {\\n // This function should be called only if the given output is\\n // supposed to represent a redemption. Build the redemption key\\n // to perform that check.\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, outputScript))\\n );\\n\\n if (self.pendingRedemptions[redemptionKey].requestedAt != 0) {\\n // If we entered here, that means the output was identified\\n // as a pending redemption request.\\n RedemptionRequest storage request = self.pendingRedemptions[\\n redemptionKey\\n ];\\n // Compute the request's redeemable amount as the requested\\n // amount reduced by the treasury fee. The request's\\n // minimal amount is then the redeemable amount reduced by\\n // the maximum transaction fee.\\n uint64 redeemableAmount = request.requestedAmount -\\n request.treasuryFee;\\n // Output value must fit between the request's redeemable\\n // and minimal amounts to be deemed valid.\\n require(\\n redeemableAmount - request.txMaxFee <= outputValue &&\\n outputValue <= redeemableAmount,\\n \\\"Output value is not within the acceptable range of the pending request\\\"\\n );\\n // Add the redeemable amount to the total burnable value\\n // the Bridge will use to decrease its balance in the Bank.\\n burnableValue = redeemableAmount;\\n // Add the request's treasury fee to the total treasury fee\\n // value the Bridge will transfer to the treasury.\\n treasuryFee = request.treasuryFee;\\n // Request was properly handled so remove its redemption\\n // key from the mapping to make it reusable for further\\n // requests.\\n delete self.pendingRedemptions[redemptionKey];\\n } else {\\n // If we entered here, the output is not a redemption\\n // request but there is still a chance the given output is\\n // related to a reported timed out redemption request.\\n // If so, check if the output value matches the request\\n // amount to confirm this is an overdue request fulfillment\\n // then bypass this output and process the subsequent\\n // ones. That also means the wallet was already punished\\n // for the inactivity. Otherwise, just revert.\\n RedemptionRequest storage request = self.timedOutRedemptions[\\n redemptionKey\\n ];\\n\\n require(\\n request.requestedAt != 0,\\n \\\"Output is a non-requested redemption\\\"\\n );\\n\\n uint64 redeemableAmount = request.requestedAmount -\\n request.treasuryFee;\\n\\n require(\\n redeemableAmount - request.txMaxFee <= outputValue &&\\n outputValue <= redeemableAmount,\\n \\\"Output value is not within the acceptable range of the timed out request\\\"\\n );\\n }\\n }\\n\\n /// @notice Notifies that there is a pending redemption request associated\\n /// with the given wallet, that has timed out. The redemption\\n /// request is identified by the key built as\\n /// `keccak256(walletPubKeyHash | redeemerOutputScript)`.\\n /// The results of calling this function:\\n /// - the pending redemptions value for the wallet will be decreased\\n /// by the requested amount (minus treasury fee),\\n /// - the tokens taken from the redeemer on redemption request will\\n /// be returned to the redeemer,\\n /// - the request will be moved from pending redemptions to\\n /// timed-out redemptions,\\n /// - if the state of the wallet is `Live` or `MovingFunds`, the\\n /// wallet operators will be slashed and the notifier will be\\n /// rewarded,\\n /// - if the state of wallet is `Live`, the wallet will be closed or\\n /// marked as `MovingFunds` (depending on the presence or absence\\n /// of the wallet's main UTXO) and the wallet will no longer be\\n /// marked as the active wallet (if it was marked as such).\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMembersIDs Identifiers of the wallet signing group members\\n /// @param redeemerOutputScript The redeemer's length-prefixed output\\n /// script (P2PKH, P2WPKH, P2SH or P2WSH)\\n /// @dev Requirements:\\n /// - The wallet must be in the Live or MovingFunds or Terminated state\\n /// - The redemption request identified by `walletPubKeyHash` and\\n /// `redeemerOutputScript` must exist\\n /// - The expression `keccak256(abi.encode(walletMembersIDs))` must\\n /// be exactly the same as the hash stored under `membersIdsHash`\\n /// for the given `walletID`. Those IDs are not directly stored\\n /// in the contract for gas efficiency purposes but they can be\\n /// read from appropriate `DkgResultSubmitted` and `DkgResultApproved`\\n /// events of the `WalletRegistry` contract\\n /// - The amount of time defined by `redemptionTimeout` must have\\n /// passed since the redemption was requested (the request must be\\n /// timed-out)\\n function notifyRedemptionTimeout(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n uint32[] calldata walletMembersIDs,\\n bytes calldata redeemerOutputScript\\n ) external {\\n uint256 redemptionKey = uint256(\\n keccak256(abi.encodePacked(walletPubKeyHash, redeemerOutputScript))\\n );\\n Redemption.RedemptionRequest memory request = self.pendingRedemptions[\\n redemptionKey\\n ];\\n\\n require(request.requestedAt > 0, \\\"Redemption request does not exist\\\");\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n request.requestedAt + self.redemptionTimeout < block.timestamp,\\n \\\"Redemption request has not timed out\\\"\\n );\\n\\n // Update the wallet's pending redemptions value\\n Wallets.Wallet storage wallet = self.registeredWallets[\\n walletPubKeyHash\\n ];\\n wallet.pendingRedemptionsValue -=\\n request.requestedAmount -\\n request.treasuryFee;\\n\\n require(\\n // TODO: Allow the wallets in `Closing` state when the state is added\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds ||\\n wallet.state == Wallets.WalletState.Terminated,\\n \\\"The wallet must be in Live, MovingFunds or Terminated state\\\"\\n );\\n\\n // It is worth noting that there is no need to check if\\n // `timedOutRedemption` mapping already contains the given redemption\\n // key. There is no possibility to re-use a key of a reported timed-out\\n // redemption because the wallet responsible for causing the timeout is\\n // moved to a state that prevents it to receive new redemption requests.\\n\\n // Move the redemption from pending redemptions to timed-out redemptions\\n self.timedOutRedemptions[redemptionKey] = request;\\n delete self.pendingRedemptions[redemptionKey];\\n\\n if (\\n wallet.state == Wallets.WalletState.Live ||\\n wallet.state == Wallets.WalletState.MovingFunds\\n ) {\\n // Propagate timeout consequences to the wallet\\n self.notifyWalletTimedOutRedemption(walletPubKeyHash);\\n\\n // Slash the wallet operators and reward the notifier\\n self.ecdsaWalletRegistry.seize(\\n self.redemptionTimeoutSlashingAmount,\\n self.redemptionTimeoutNotifierRewardMultiplier,\\n msg.sender,\\n wallet.ecdsaWalletID,\\n walletMembersIDs\\n );\\n }\\n\\n // slither-disable-next-line reentrancy-events\\n emit RedemptionTimedOut(walletPubKeyHash, redeemerOutputScript);\\n\\n // Return the requested amount of tokens to the redeemer\\n self.bank.transferBalance(request.redeemer, request.requestedAmount);\\n }\\n}\\n\",\"keccak256\":\"0x7abf06527135f3e650e106b44d105ba5ca27a9c3dcad12f4f8aa77cc60460720\",\"license\":\"MIT\"},\"contracts/bridge/Sweep.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\nimport \\\"./Wallets.sol\\\";\\n\\nimport \\\"../bank/Bank.sol\\\";\\n\\n/// @title Bridge deposit sweep\\n/// @notice The library handles the logic for sweeping transactions revealed to\\n/// the Bridge\\n/// @dev Bridge active wallet periodically signs a transaction that unlocks all\\n/// of the valid, revealed deposits above the dust threshold, combines them\\n/// into a single UTXO with the existing main wallet UTXO, and relocks\\n/// those transactions without a 30-day refund clause to the same wallet.\\n/// This has two main effects: it consolidates the UTXO set and it disables\\n/// the refund. Balances of depositors in the Bank are increased when the\\n/// SPV sweep proof is submitted to the Bridge.\\nlibrary Sweep {\\n using BridgeState for BridgeState.Storage;\\n using BitcoinTx for BridgeState.Storage;\\n\\n using BTCUtils for bytes;\\n\\n /// @notice Represents an outcome of the sweep Bitcoin transaction\\n /// inputs processing.\\n struct SweepTxInputsInfo {\\n // Sum of all inputs values i.e. all deposits and main UTXO value,\\n // if present.\\n uint256 inputsTotalValue;\\n // Addresses of depositors who performed processed deposits. Ordered in\\n // the same order as deposits inputs in the input vector. Size of this\\n // array is either equal to the number of inputs (main UTXO doesn't\\n // exist) or less by one (main UTXO exists and is pointed by one of\\n // the inputs).\\n address[] depositors;\\n // Amounts of deposits corresponding to processed deposits. Ordered in\\n // the same order as deposits inputs in the input vector. Size of this\\n // array is either equal to the number of inputs (main UTXO doesn't\\n // exist) or less by one (main UTXO exists and is pointed by one of\\n // the inputs).\\n uint256[] depositedAmounts;\\n // Values of the treasury fee corresponding to processed deposits.\\n // Ordered in the same order as deposits inputs in the input vector.\\n // Size of this array is either equal to the number of inputs (main\\n // UTXO doesn't exist) or less by one (main UTXO exists and is pointed\\n // by one of the inputs).\\n uint256[] treasuryFees;\\n }\\n\\n event DepositsSwept(bytes20 walletPubKeyHash, bytes32 sweepTxHash);\\n\\n /// @notice Used by the wallet to prove the BTC deposit sweep transaction\\n /// and to update Bank balances accordingly. Sweep is only accepted\\n /// if it satisfies SPV proof.\\n ///\\n /// The function is performing Bank balance updates by first\\n /// computing the Bitcoin fee for the sweep transaction. The fee is\\n /// divided evenly between all swept deposits. Each depositor\\n /// receives a balance in the bank equal to the amount inferred\\n /// during the reveal transaction, minus their fee share.\\n ///\\n /// It is possible to prove the given sweep only one time.\\n /// @param sweepTx Bitcoin sweep transaction data\\n /// @param sweepProof Bitcoin sweep proof data\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - `sweepTx` components must match the expected structure. See\\n /// `BitcoinTx.Info` docs for reference. Their values must exactly\\n /// correspond to appropriate Bitcoin transaction fields to produce\\n /// a provable transaction hash.\\n /// - The `sweepTx` should represent a Bitcoin transaction with 1..n\\n /// inputs. If the wallet has no main UTXO, all n inputs should\\n /// correspond to P2(W)SH revealed deposits UTXOs. If the wallet has\\n /// an existing main UTXO, one of the n inputs must point to that\\n /// main UTXO and remaining n-1 inputs should correspond to P2(W)SH\\n /// revealed deposits UTXOs. That transaction must have only\\n /// one P2(W)PKH output locking funds on the 20-byte wallet public\\n /// key hash.\\n /// - `sweepProof` components must match the expected structure. See\\n /// `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`\\n /// field must contain a valid number of block headers, not less\\n /// than the `txProofDifficultyFactor` contract constant.\\n /// - `mainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If there is no main UTXO, this parameter is ignored.\\n function submitSweepProof(\\n BridgeState.Storage storage self,\\n BitcoinTx.Info calldata sweepTx,\\n BitcoinTx.Proof calldata sweepProof,\\n BitcoinTx.UTXO calldata mainUtxo\\n ) external {\\n // The actual transaction proof is performed here. After that point, we\\n // can assume the transaction happened on Bitcoin chain and has\\n // a sufficient number of confirmations as determined by\\n // `txProofDifficultyFactor` constant.\\n bytes32 sweepTxHash = self.validateProof(sweepTx, sweepProof);\\n\\n // Process sweep transaction output and extract its target wallet\\n // public key hash and value.\\n (\\n bytes20 walletPubKeyHash,\\n uint64 sweepTxOutputValue\\n ) = processSweepTxOutput(sweepTx.outputVector);\\n\\n (\\n Wallets.Wallet storage wallet,\\n BitcoinTx.UTXO memory resolvedMainUtxo\\n ) = resolveSweepingWallet(self, walletPubKeyHash, mainUtxo);\\n\\n // Process sweep transaction inputs and extract all information needed\\n // to perform deposit bookkeeping.\\n SweepTxInputsInfo memory inputsInfo = processSweepTxInputs(\\n self,\\n sweepTx.inputVector,\\n resolvedMainUtxo\\n );\\n\\n // Helper variable that will hold the sum of treasury fees paid by\\n // all deposits.\\n uint256 totalTreasuryFee = 0;\\n\\n // Determine the transaction fee that should be incurred by each deposit\\n // and the indivisible remainder that should be additionally incurred\\n // by the last deposit.\\n (\\n uint256 depositTxFee,\\n uint256 depositTxFeeRemainder\\n ) = sweepTxFeeDistribution(\\n inputsInfo.inputsTotalValue,\\n sweepTxOutputValue,\\n inputsInfo.depositedAmounts.length\\n );\\n\\n // Make sure the highest value of the deposit transaction fee does not\\n // exceed the maximum value limited by the governable parameter.\\n require(\\n depositTxFee + depositTxFeeRemainder <= self.depositTxMaxFee,\\n \\\"Transaction fee is too high\\\"\\n );\\n\\n // Reduce each deposit amount by treasury fee and transaction fee.\\n for (uint256 i = 0; i < inputsInfo.depositedAmounts.length; i++) {\\n // The last deposit should incur the deposit transaction fee\\n // remainder.\\n uint256 depositTxFeeIncurred = i ==\\n inputsInfo.depositedAmounts.length - 1\\n ? depositTxFee + depositTxFeeRemainder\\n : depositTxFee;\\n\\n // There is no need to check whether\\n // `inputsInfo.depositedAmounts[i] - inputsInfo.treasuryFees[i] - txFee > 0`\\n // since the `depositDustThreshold` should force that condition\\n // to be always true.\\n inputsInfo.depositedAmounts[i] =\\n inputsInfo.depositedAmounts[i] -\\n inputsInfo.treasuryFees[i] -\\n depositTxFeeIncurred;\\n totalTreasuryFee += inputsInfo.treasuryFees[i];\\n }\\n\\n // Record this sweep data and assign them to the wallet public key hash\\n // as new main UTXO. Transaction output index is always 0 as sweep\\n // transaction always contains only one output.\\n wallet.mainUtxoHash = keccak256(\\n abi.encodePacked(sweepTxHash, uint32(0), sweepTxOutputValue)\\n );\\n\\n emit DepositsSwept(walletPubKeyHash, sweepTxHash);\\n\\n // Update depositors balances in the Bank.\\n self.bank.increaseBalances(\\n inputsInfo.depositors,\\n inputsInfo.depositedAmounts\\n );\\n // Pass the treasury fee to the treasury address.\\n self.bank.increaseBalance(self.treasury, totalTreasuryFee);\\n\\n // TODO: Handle deposits having `vault` set.\\n }\\n\\n /// @notice Resolves sweeping wallet based on the provided wallet public key\\n /// hash. Validates the wallet state and current main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @param walletPubKeyHash public key hash of the wallet proving the sweep\\n /// Bitcoin transaction.\\n /// @param mainUtxo Data of the wallet's main UTXO, as currently known on\\n /// the Ethereum chain. If no main UTXO exists for the given wallet,\\n /// this parameter is ignored\\n /// @dev Requirements:\\n /// - Sweeping wallet must be either in Live or MovingFunds state.\\n /// - If the main UTXO of the sweeping wallet exists in the storage,\\n /// the passed `mainUTXO` parameter must be equal to the stored one.\\n function resolveSweepingWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata mainUtxo\\n )\\n internal\\n view\\n returns (\\n Wallets.Wallet storage wallet,\\n BitcoinTx.UTXO memory resolvedMainUtxo\\n )\\n {\\n wallet = self.registeredWallets[walletPubKeyHash];\\n\\n Wallets.WalletState walletState = wallet.state;\\n require(\\n walletState == Wallets.WalletState.Live ||\\n walletState == Wallets.WalletState.MovingFunds,\\n \\\"Wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n // Check if the main UTXO for given wallet exists. If so, validate\\n // passed main UTXO data against the stored hash and use them for\\n // further processing. If no main UTXO exists, use empty data.\\n resolvedMainUtxo = BitcoinTx.UTXO(bytes32(0), 0, 0);\\n bytes32 mainUtxoHash = wallet.mainUtxoHash;\\n if (mainUtxoHash != bytes32(0)) {\\n require(\\n keccak256(\\n abi.encodePacked(\\n mainUtxo.txHash,\\n mainUtxo.txOutputIndex,\\n mainUtxo.txOutputValue\\n )\\n ) == mainUtxoHash,\\n \\\"Invalid main UTXO data\\\"\\n );\\n resolvedMainUtxo = mainUtxo;\\n }\\n }\\n\\n /// @notice Processes the Bitcoin sweep transaction output vector by\\n /// extracting the single output and using it to gain additional\\n /// information required for further processing (e.g. value and\\n /// wallet public key hash).\\n /// @param sweepTxOutputVector Bitcoin sweep transaction output vector.\\n /// This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVout` function before\\n /// it is passed here\\n /// @return walletPubKeyHash 20-byte wallet public key hash.\\n /// @return value 8-byte sweep transaction output value.\\n function processSweepTxOutput(bytes memory sweepTxOutputVector)\\n internal\\n pure\\n returns (bytes20 walletPubKeyHash, uint64 value)\\n {\\n // To determine the total number of sweep transaction outputs, we need to\\n // parse the compactSize uint (VarInt) the output vector is prepended by.\\n // That compactSize uint encodes the number of vector elements using the\\n // format presented in:\\n // https://developer.bitcoin.org/reference/transactions.html#compactsize-unsigned-integers\\n // We don't need asserting the compactSize uint is parseable since it\\n // was already checked during `validateVout` validation.\\n // See `BitcoinTx.outputVector` docs for more details.\\n (, uint256 outputsCount) = sweepTxOutputVector.parseVarInt();\\n require(\\n outputsCount == 1,\\n \\\"Sweep transaction must have a single output\\\"\\n );\\n\\n bytes memory output = sweepTxOutputVector.extractOutputAtIndex(0);\\n value = output.extractValue();\\n bytes memory walletPubKeyHashBytes = output.extractHash();\\n // The sweep transaction output should always be P2PKH or P2WPKH.\\n // In both cases, the wallet public key hash should be 20 bytes length.\\n require(\\n walletPubKeyHashBytes.length == 20,\\n \\\"Wallet public key hash should have 20 bytes\\\"\\n );\\n /* solhint-disable-next-line no-inline-assembly */\\n assembly {\\n walletPubKeyHash := mload(add(walletPubKeyHashBytes, 32))\\n }\\n\\n return (walletPubKeyHash, value);\\n }\\n\\n /// @notice Processes the Bitcoin sweep transaction input vector. It\\n /// extracts each input and tries to obtain associated deposit or\\n /// main UTXO data, depending on the input type. Reverts\\n /// if one of the inputs cannot be recognized as a pointer to a\\n /// revealed deposit or expected main UTXO.\\n /// This function also marks each processed deposit as swept.\\n /// @param sweepTxInputVector Bitcoin sweep transaction input vector.\\n /// This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVin` function before\\n /// it is passed here\\n /// @param mainUtxo Data of the wallet's main UTXO. If no main UTXO\\n /// exists for the given the wallet, this parameter's fields should\\n /// be zeroed to bypass the main UTXO validation\\n /// @return info Outcomes of the processing.\\n function processSweepTxInputs(\\n BridgeState.Storage storage self,\\n bytes memory sweepTxInputVector,\\n BitcoinTx.UTXO memory mainUtxo\\n ) internal returns (SweepTxInputsInfo memory info) {\\n // If the passed `mainUtxo` parameter's values are zeroed, the main UTXO\\n // for the given wallet doesn't exist and it is not expected to be\\n // included in the sweep transaction input vector.\\n bool mainUtxoExpected = mainUtxo.txHash != bytes32(0);\\n bool mainUtxoFound = false;\\n\\n // Determining the total number of sweep transaction inputs in the same\\n // way as for number of outputs. See `BitcoinTx.inputVector` docs for\\n // more details.\\n (\\n uint256 inputsCompactSizeUintLength,\\n uint256 inputsCount\\n ) = sweepTxInputVector.parseVarInt();\\n\\n // To determine the first input starting index, we must jump over\\n // the compactSize uint which prepends the input vector. One byte\\n // must be added because `BtcUtils.parseVarInt` does not include\\n // compactSize uint tag in the returned length.\\n //\\n // For >= 0 && <= 252, `BTCUtils.determineVarIntDataLengthAt`\\n // returns `0`, so we jump over one byte of compactSize uint.\\n //\\n // For >= 253 && <= 0xffff there is `0xfd` tag,\\n // `BTCUtils.determineVarIntDataLengthAt` returns `2` (no\\n // tag byte included) so we need to jump over 1+2 bytes of\\n // compactSize uint.\\n //\\n // Please refer `BTCUtils` library and compactSize uint\\n // docs in `BitcoinTx` library for more details.\\n uint256 inputStartingIndex = 1 + inputsCompactSizeUintLength;\\n\\n // Determine the swept deposits count. If main UTXO is NOT expected,\\n // all inputs should be deposits. If main UTXO is expected, one input\\n // should point to that main UTXO.\\n info.depositors = new address[](\\n !mainUtxoExpected ? inputsCount : inputsCount - 1\\n );\\n info.depositedAmounts = new uint256[](info.depositors.length);\\n info.treasuryFees = new uint256[](info.depositors.length);\\n\\n // Initialize helper variables.\\n uint256 processedDepositsCount = 0;\\n\\n // Inputs processing loop.\\n for (uint256 i = 0; i < inputsCount; i++) {\\n (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex,\\n uint256 inputLength\\n ) = parseTxInputAt(sweepTxInputVector, inputStartingIndex);\\n\\n Deposit.DepositRequest storage deposit = self.deposits[\\n uint256(\\n keccak256(abi.encodePacked(outpointTxHash, outpointIndex))\\n )\\n ];\\n\\n if (deposit.revealedAt != 0) {\\n // If we entered here, that means the input was identified as\\n // a revealed deposit.\\n require(deposit.sweptAt == 0, \\\"Deposit already swept\\\");\\n\\n if (processedDepositsCount == info.depositors.length) {\\n // If this condition is true, that means a deposit input\\n // took place of an expected main UTXO input.\\n // In other words, there is no expected main UTXO\\n // input and all inputs come from valid, revealed deposits.\\n revert(\\n \\\"Expected main UTXO not present in sweep transaction inputs\\\"\\n );\\n }\\n\\n /* solhint-disable-next-line not-rely-on-time */\\n deposit.sweptAt = uint32(block.timestamp);\\n\\n info.depositors[processedDepositsCount] = deposit.depositor;\\n info.depositedAmounts[processedDepositsCount] = deposit.amount;\\n info.inputsTotalValue += info.depositedAmounts[\\n processedDepositsCount\\n ];\\n info.treasuryFees[processedDepositsCount] = deposit.treasuryFee;\\n\\n processedDepositsCount++;\\n } else if (\\n mainUtxoExpected != mainUtxoFound &&\\n mainUtxo.txHash == outpointTxHash\\n ) {\\n // If we entered here, that means the input was identified as\\n // the expected main UTXO.\\n info.inputsTotalValue += mainUtxo.txOutputValue;\\n mainUtxoFound = true;\\n\\n // Main UTXO used as an input, mark it as spent.\\n self.spentMainUTXOs[\\n uint256(\\n keccak256(\\n abi.encodePacked(outpointTxHash, outpointIndex)\\n )\\n )\\n ] = true;\\n } else {\\n revert(\\\"Unknown input type\\\");\\n }\\n\\n // Make the `inputStartingIndex` pointing to the next input by\\n // increasing it by current input's length.\\n inputStartingIndex += inputLength;\\n }\\n\\n // Construction of the input processing loop guarantees that:\\n // `processedDepositsCount == info.depositors.length == info.depositedAmounts.length`\\n // is always true at this point. We just use the first variable\\n // to assert the total count of swept deposit is bigger than zero.\\n require(\\n processedDepositsCount > 0,\\n \\\"Sweep transaction must process at least one deposit\\\"\\n );\\n\\n // Assert the main UTXO was used as one of current sweep's inputs if\\n // it was actually expected.\\n require(\\n mainUtxoExpected == mainUtxoFound,\\n \\\"Expected main UTXO not present in sweep transaction inputs\\\"\\n );\\n\\n return info;\\n }\\n\\n /// @notice Parses a Bitcoin transaction input starting at the given index.\\n /// @param inputVector Bitcoin transaction input vector\\n /// @param inputStartingIndex Index the given input starts at\\n /// @return outpointTxHash 32-byte hash of the Bitcoin transaction which is\\n /// pointed in the given input's outpoint.\\n /// @return outpointIndex 4-byte index of the Bitcoin transaction output\\n /// which is pointed in the given input's outpoint.\\n /// @return inputLength Byte length of the given input.\\n /// @dev This function assumes vector's structure is valid so it must be\\n /// validated using e.g. `BTCUtils.validateVin` function before it\\n /// is passed here.\\n function parseTxInputAt(\\n bytes memory inputVector,\\n uint256 inputStartingIndex\\n )\\n internal\\n pure\\n returns (\\n bytes32 outpointTxHash,\\n uint32 outpointIndex,\\n uint256 inputLength\\n )\\n {\\n outpointTxHash = inputVector.extractInputTxIdLeAt(inputStartingIndex);\\n\\n outpointIndex = BTCUtils.reverseUint32(\\n uint32(inputVector.extractTxIndexLeAt(inputStartingIndex))\\n );\\n\\n inputLength = inputVector.determineInputLengthAt(inputStartingIndex);\\n\\n return (outpointTxHash, outpointIndex, inputLength);\\n }\\n\\n /// @notice Determines the distribution of the sweep transaction fee\\n /// over swept deposits.\\n /// @param sweepTxInputsTotalValue Total value of all sweep transaction inputs.\\n /// @param sweepTxOutputValue Value of the sweep transaction output.\\n /// @param depositsCount Count of the deposits swept by the sweep transaction.\\n /// @return depositTxFee Transaction fee per deposit determined by evenly\\n /// spreading the divisible part of the sweep transaction fee\\n /// over all deposits.\\n /// @return depositTxFeeRemainder The indivisible part of the sweep\\n /// transaction fee than cannot be distributed over all deposits.\\n /// @dev It is up to the caller to decide how the remainder should be\\n /// counted in. This function only computes its value.\\n function sweepTxFeeDistribution(\\n uint256 sweepTxInputsTotalValue,\\n uint256 sweepTxOutputValue,\\n uint256 depositsCount\\n )\\n internal\\n pure\\n returns (uint256 depositTxFee, uint256 depositTxFeeRemainder)\\n {\\n // The sweep transaction fee is just the difference between inputs\\n // amounts sum and the output amount.\\n uint256 sweepTxFee = sweepTxInputsTotalValue - sweepTxOutputValue;\\n // Compute the indivisible remainder that remains after dividing the\\n // sweep transaction fee over all deposits evenly.\\n depositTxFeeRemainder = sweepTxFee % depositsCount;\\n // Compute the transaction fee per deposit by dividing the sweep\\n // transaction fee (reduced by the remainder) by the number of deposits.\\n depositTxFee = (sweepTxFee - depositTxFeeRemainder) / depositsCount;\\n\\n return (depositTxFee, depositTxFeeRemainder);\\n }\\n}\\n\",\"keccak256\":\"0xb037abcf187b812a7c510620b9845fd8f181bfc545adf629aa396f95e976e3f1\",\"license\":\"MIT\"},\"contracts/bridge/Wallets.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\nimport {BTCUtils} from \\\"@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol\\\";\\nimport {EcdsaDkg} from \\\"@keep-network/ecdsa/contracts/libraries/EcdsaDkg.sol\\\";\\nimport {Math} from \\\"@openzeppelin/contracts/utils/math/Math.sol\\\";\\n\\nimport \\\"./BitcoinTx.sol\\\";\\nimport \\\"./EcdsaLib.sol\\\";\\nimport \\\"./BridgeState.sol\\\";\\n\\n/// @title Wallet library\\n/// @notice Library responsible for handling integration between Bridge\\n/// contract and ECDSA wallets.\\nlibrary Wallets {\\n using BTCUtils for bytes;\\n\\n /// @notice Represents wallet state:\\n enum WalletState {\\n /// @dev The wallet is unknown to the Bridge.\\n Unknown,\\n /// @dev The wallet can sweep deposits and accept redemption requests.\\n Live,\\n /// @dev The wallet was deemed unhealthy and is expected to move their\\n /// outstanding funds to another wallet. The wallet can still\\n /// fulfill their pending redemption requests although new\\n /// redemption requests and new deposit reveals are not accepted.\\n MovingFunds,\\n /// @dev The wallet moved or redeemed all their funds and is in the\\n /// closing period where they can be subject of fraud challenges\\n /// and must defend against them. This state is needed to protect\\n /// against deposit frauds on deposits revealed but not swept.\\n /// The closing period must be greater that the deposit refund\\n /// time plus some time margin.\\n Closing,\\n /// @dev The wallet finalized the closing period successfully and\\n /// cannot perform any action in the Bridge.\\n Closed,\\n /// @dev The wallet committed a fraud that was reported. The wallet is\\n /// blocked and can not perform any actions in the Bridge.\\n /// Off-chain coordination with the wallet operators is needed to\\n /// recover funds.\\n Terminated\\n }\\n\\n /// @notice Holds information about a wallet.\\n struct Wallet {\\n // Identifier of a ECDSA Wallet registered in the ECDSA Wallet Registry.\\n bytes32 ecdsaWalletID;\\n // Latest wallet's main UTXO hash computed as\\n // keccak256(txHash | txOutputIndex | txOutputValue). The `tx` prefix\\n // refers to the transaction which created that main UTXO. The `txHash`\\n // is `bytes32` (ordered as in Bitcoin internally), `txOutputIndex`\\n // an `uint32`, and `txOutputValue` an `uint64` value.\\n bytes32 mainUtxoHash;\\n // The total redeemable value of pending redemption requests targeting\\n // that wallet.\\n uint64 pendingRedemptionsValue;\\n // UNIX timestamp the wallet was created at.\\n uint32 createdAt;\\n // UNIX timestamp indicating the moment the wallet was requested to\\n // move their funds.\\n uint32 movingFundsRequestedAt;\\n // UNIX timestamp indicating the moment the wallet's closing period\\n // started.\\n uint32 closingStartedAt;\\n // Current state of the wallet.\\n WalletState state;\\n // Moving funds target wallet commitment submitted by the wallet. It\\n // is built by applying the keccak256 hash over the list of 20-byte\\n // public key hashes of the target wallets.\\n bytes32 movingFundsTargetWalletsCommitmentHash;\\n }\\n\\n event NewWalletRequested();\\n\\n event NewWalletRegistered(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletMovingFunds(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosing(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletClosed(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n event WalletTerminated(\\n bytes32 indexed ecdsaWalletID,\\n bytes20 indexed walletPubKeyHash\\n );\\n\\n /// @notice Requests creation of a new wallet. This function just\\n /// forms a request and the creation process is performed\\n /// asynchronously. Outcome of that process should be delivered\\n /// using `registerNewWallet` function.\\n /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as\\n /// currently known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - `activeWalletMainUtxo` components must point to the recent main\\n /// UTXO of the given active wallet, as currently known on the\\n /// Ethereum chain. If there is no active wallet at the moment, or\\n /// the active wallet has no main UTXO, this parameter can be\\n /// empty as it is ignored.\\n /// - Wallet creation must not be in progress\\n /// - If the active wallet is set, one of the following\\n /// conditions must be true:\\n /// - The active wallet BTC balance is above the minimum threshold\\n /// and the active wallet is old enough, i.e. the creation period\\n /// was elapsed since its creation time\\n /// - The active wallet BTC balance is above the maximum threshold\\n function requestNewWallet(\\n BridgeState.Storage storage self,\\n BitcoinTx.UTXO calldata activeWalletMainUtxo\\n ) external {\\n require(\\n self.ecdsaWalletRegistry.getWalletCreationState() ==\\n EcdsaDkg.State.IDLE,\\n \\\"Wallet creation already in progress\\\"\\n );\\n\\n bytes20 activeWalletPubKeyHash = self.activeWalletPubKeyHash;\\n\\n // If the active wallet is set, fetch this wallet's details from\\n // storage to perform conditions check. The `registerNewWallet`\\n // function guarantees an active wallet is always one of the\\n // registered ones.\\n if (activeWalletPubKeyHash != bytes20(0)) {\\n uint64 activeWalletBtcBalance = getWalletBtcBalance(\\n self,\\n activeWalletPubKeyHash,\\n activeWalletMainUtxo\\n );\\n uint32 activeWalletCreatedAt = self\\n .registeredWallets[activeWalletPubKeyHash]\\n .createdAt;\\n /* solhint-disable-next-line not-rely-on-time */\\n bool activeWalletOldEnough = block.timestamp >=\\n activeWalletCreatedAt + self.walletCreationPeriod;\\n\\n require(\\n (activeWalletOldEnough &&\\n activeWalletBtcBalance >=\\n self.walletCreationMinBtcBalance) ||\\n activeWalletBtcBalance >= self.walletCreationMaxBtcBalance,\\n \\\"Wallet creation conditions are not met\\\"\\n );\\n }\\n\\n emit NewWalletRequested();\\n\\n self.ecdsaWalletRegistry.requestNewWallet();\\n }\\n\\n /// @notice Gets BTC balance for given the wallet.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @return walletBtcBalance Current BTC balance for the given wallet.\\n /// @dev Requirements:\\n /// - `walletMainUtxo` components must point to the recent main UTXO\\n /// of the given wallet, as currently known on the Ethereum chain.\\n /// If the wallet has no main UTXO, this parameter can be empty as it\\n /// is ignored.\\n function getWalletBtcBalance(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) internal view returns (uint64 walletBtcBalance) {\\n bytes32 walletMainUtxoHash = self\\n .registeredWallets[walletPubKeyHash]\\n .mainUtxoHash;\\n\\n // If the wallet has a main UTXO hash set, cross-check it with the\\n // provided plain-text parameter and get the transaction output value\\n // as BTC balance. Otherwise, the BTC balance is just zero.\\n if (walletMainUtxoHash != bytes32(0)) {\\n require(\\n keccak256(\\n abi.encodePacked(\\n walletMainUtxo.txHash,\\n walletMainUtxo.txOutputIndex,\\n walletMainUtxo.txOutputValue\\n )\\n ) == walletMainUtxoHash,\\n \\\"Invalid wallet main UTXO data\\\"\\n );\\n\\n walletBtcBalance = walletMainUtxo.txOutputValue;\\n }\\n\\n return walletBtcBalance;\\n }\\n\\n /// @notice Registers a new wallet. This function should be called\\n /// after the wallet creation process initiated using\\n /// `requestNewWallet` completes and brings the outcomes.\\n /// @param ecdsaWalletID Wallet's unique identifier.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Given wallet data must not belong to an already registered wallet\\n function registerNewWallet(\\n BridgeState.Storage storage self,\\n bytes32 ecdsaWalletID,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external {\\n require(\\n msg.sender == address(self.ecdsaWalletRegistry),\\n \\\"Caller is not the ECDSA Wallet Registry\\\"\\n );\\n\\n // Compress wallet's public key and calculate Bitcoin's hash160 of it.\\n bytes20 walletPubKeyHash = bytes20(\\n EcdsaLib.compressPublicKey(publicKeyX, publicKeyY).hash160View()\\n );\\n\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n require(\\n wallet.state == WalletState.Unknown,\\n \\\"ECDSA wallet has been already registered\\\"\\n );\\n wallet.ecdsaWalletID = ecdsaWalletID;\\n wallet.state = WalletState.Live;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.createdAt = uint32(block.timestamp);\\n\\n // Set the freshly created wallet as the new active wallet.\\n self.activeWalletPubKeyHash = walletPubKeyHash;\\n\\n self.liveWalletsCount++;\\n\\n emit NewWalletRegistered(ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n /// @notice Handles a notification about a wallet heartbeat failure and\\n /// triggers the wallet moving funds process.\\n /// @param publicKeyX Wallet's public key's X coordinate.\\n /// @param publicKeyY Wallet's public key's Y coordinate.\\n /// @dev Requirements:\\n /// - The only caller authorized to call this function is `registry`\\n /// - Wallet must be in Live state\\n function notifyWalletHeartbeatFailed(\\n BridgeState.Storage storage self,\\n bytes32 publicKeyX,\\n bytes32 publicKeyY\\n ) external {\\n require(\\n msg.sender == address(self.ecdsaWalletRegistry),\\n \\\"Caller is not the ECDSA Wallet Registry\\\"\\n );\\n\\n // Compress wallet's public key and calculate Bitcoin's hash160 of it.\\n bytes20 walletPubKeyHash = bytes20(\\n EcdsaLib.compressPublicKey(publicKeyX, publicKeyY).hash160View()\\n );\\n\\n require(\\n self.registeredWallets[walletPubKeyHash].state == WalletState.Live,\\n \\\"ECDSA wallet must be in Live state\\\"\\n );\\n\\n moveFunds(self, walletPubKeyHash);\\n }\\n\\n /// @notice Handles a notification about a wallet redemption timeout.\\n /// Triggers the wallet moving funds process only if the wallet is\\n /// still in the Live state. That means multiple action timeouts can\\n /// be reported for the same wallet but only the first report\\n /// requests the wallet to move their funds.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the `Live` or `MovingFunds` state\\n function notifyWalletTimedOutRedemption(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n WalletState walletState = self\\n .registeredWallets[walletPubKeyHash]\\n .state;\\n\\n require(\\n walletState == WalletState.Live ||\\n walletState == WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in Live or MovingFunds state\\\"\\n );\\n\\n if (walletState == WalletState.Live) {\\n moveFunds(self, walletPubKeyHash);\\n }\\n }\\n\\n /// @notice Notifies that the wallet is either old enough or has too few\\n /// satoshis left and qualifies to be closed.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param walletMainUtxo Data of the wallet's main UTXO, as currently\\n /// known on the Ethereum chain.\\n /// @dev Requirements:\\n /// - Wallet must not be set as the current active wallet\\n /// - Wallet must exceed the wallet maximum age OR the wallet BTC\\n /// balance must be lesser than the minimum threshold. If the latter\\n /// case is true, the `walletMainUtxo` components must point to the\\n /// recent main UTXO of the given wallet, as currently known on the\\n /// Ethereum chain. If the wallet has no main UTXO, this parameter\\n /// can be empty as it is ignored since the wallet balance is\\n /// assumed to be zero.\\n /// - Wallet must be in Live state\\n function notifyCloseableWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata walletMainUtxo\\n ) external {\\n require(\\n self.activeWalletPubKeyHash != walletPubKeyHash,\\n \\\"Active wallet cannot be considered closeable\\\"\\n );\\n\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n require(\\n wallet.state == WalletState.Live,\\n \\\"ECDSA wallet must be in Live state\\\"\\n );\\n\\n /* solhint-disable-next-line not-rely-on-time */\\n bool walletOldEnough = block.timestamp >=\\n wallet.createdAt + self.walletMaxAge;\\n\\n require(\\n walletOldEnough ||\\n getWalletBtcBalance(self, walletPubKeyHash, walletMainUtxo) <\\n self.walletClosureMinBtcBalance,\\n \\\"Wallet needs to be old enough or have too few satoshis\\\"\\n );\\n\\n moveFunds(self, walletPubKeyHash);\\n }\\n\\n /// @notice Requests a wallet to move their funds. If the wallet balance\\n /// is zero, the wallet closing begins immediately. If the move\\n /// funds request refers to the current active wallet, such a wallet\\n /// is no longer considered active and the active wallet slot\\n /// is unset allowing to trigger a new wallet creation immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the Live state\\n function moveFunds(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n if (wallet.mainUtxoHash == bytes32(0)) {\\n // If the wallet has no main UTXO, that means its BTC balance\\n // is zero and the wallet closing should begin immediately.\\n beginWalletClosing(self, walletPubKeyHash);\\n } else {\\n // Otherwise, initialize the moving funds process.\\n wallet.state = WalletState.MovingFunds;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.movingFundsRequestedAt = uint32(block.timestamp);\\n\\n emit WalletMovingFunds(wallet.ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n if (self.activeWalletPubKeyHash == walletPubKeyHash) {\\n // If the move funds request refers to the current active wallet,\\n // unset the active wallet and make the wallet creation process\\n // possible in order to get a new healthy active wallet.\\n delete self.activeWalletPubKeyHash;\\n }\\n\\n self.liveWalletsCount--;\\n }\\n\\n /// @notice Begins the closing period of the given wallet.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the\\n /// MovingFunds state\\n function beginWalletClosing(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n // Initialize the closing period.\\n wallet.state = WalletState.Closing;\\n /* solhint-disable-next-line not-rely-on-time */\\n wallet.closingStartedAt = uint32(block.timestamp);\\n\\n emit WalletClosing(wallet.ecdsaWalletID, walletPubKeyHash);\\n }\\n\\n /// @notice Notifies about the end of the closing period for the given wallet.\\n /// Closes the wallet ultimately and notifies the ECDSA registry\\n /// about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The wallet must be in the Closing state\\n /// - The wallet closing period must have elapsed\\n function notifyWalletClosingPeriodElapsed(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n require(\\n wallet.state == WalletState.Closing,\\n \\\"ECDSA wallet must be in Closing state\\\"\\n );\\n\\n require(\\n /* solhint-disable-next-line not-rely-on-time */\\n block.timestamp >\\n wallet.closingStartedAt + self.walletClosingPeriod,\\n \\\"Closing period has not elapsed yet\\\"\\n );\\n\\n finalizeWalletClosing(self, walletPubKeyHash);\\n }\\n\\n /// @notice Finalizes the closing period of the given wallet and notifies\\n /// the ECDSA registry about this fact.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the Closing state\\n function finalizeWalletClosing(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n wallet.state = WalletState.Closed;\\n\\n emit WalletClosed(wallet.ecdsaWalletID, walletPubKeyHash);\\n\\n self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);\\n }\\n\\n /// @notice Terminates the given wallet and notifies the ECDSA registry\\n /// about this fact. If the wallet termination refers to the current\\n /// active wallet, such a wallet is no longer considered active and\\n /// the active wallet slot is unset allowing to trigger a new wallet\\n /// creation immediately.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @dev Requirements:\\n /// - The caller must make sure that the wallet is in the\\n /// Live or MovingFunds or Closing state.\\n function terminateWallet(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n\\n if (wallet.state == WalletState.Live) {\\n self.liveWalletsCount--;\\n }\\n\\n wallet.state = WalletState.Terminated;\\n\\n emit WalletTerminated(wallet.ecdsaWalletID, walletPubKeyHash);\\n\\n if (self.activeWalletPubKeyHash == walletPubKeyHash) {\\n // If termination refers to the current active wallet,\\n // unset the active wallet and make the wallet creation process\\n // possible in order to get a new healthy active wallet.\\n delete self.activeWalletPubKeyHash;\\n }\\n\\n self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);\\n }\\n\\n /// @notice Notifies that the wallet completed the moving funds process\\n /// successfully. Checks if the funds were moved to the expected\\n /// target wallets. Closes the source wallet if everything went\\n /// good and reverts otherwise.\\n /// @param walletPubKeyHash 20-byte public key hash of the wallet\\n /// @param targetWalletsHash 32-byte keccak256 hash over the list of\\n /// 20-byte public key hashes of the target wallets actually used\\n /// within the moving funds transactions.\\n /// @dev Requirements:\\n /// - The caller must make sure the moving funds transaction actually\\n /// happened on Bitcoin chain and fits the protocol requirements.\\n /// - The source wallet must be in the MovingFunds state\\n /// - The target wallets commitment must be submitted by the source\\n /// wallet.\\n /// - The actual target wallets used in the moving funds transaction\\n /// must be exactly the same as the target wallets commitment.\\n function notifyWalletFundsMoved(\\n BridgeState.Storage storage self,\\n bytes20 walletPubKeyHash,\\n bytes32 targetWalletsHash\\n ) internal {\\n Wallet storage wallet = self.registeredWallets[walletPubKeyHash];\\n // Check that the wallet is in the MovingFunds state but don't check\\n // if the moving funds timeout is exceeded. That should give a\\n // possibility to move funds in case when timeout was hit but was\\n // not reported yet.\\n require(\\n wallet.state == WalletState.MovingFunds,\\n \\\"ECDSA wallet must be in MovingFunds state\\\"\\n );\\n\\n bytes32 targetWalletsCommitmentHash = wallet\\n .movingFundsTargetWalletsCommitmentHash;\\n\\n require(\\n targetWalletsCommitmentHash != bytes32(0),\\n \\\"Target wallets commitment not submitted yet\\\"\\n );\\n\\n // Make sure that the target wallets where funds were moved to are\\n // exactly the same as the ones the source wallet committed to.\\n require(\\n targetWalletsCommitmentHash == targetWalletsHash,\\n \\\"Target wallets don't correspond to the commitment\\\"\\n );\\n\\n // If funds were moved, the wallet has no longer a main UTXO.\\n delete wallet.mainUtxoHash;\\n\\n beginWalletClosing(self, walletPubKeyHash);\\n }\\n}\\n\",\"keccak256\":\"0x61ae7c54cca8f74793c74fa5ff53aaa6266904ea971ba6d3b7d11d3b453c97c4\",\"license\":\"MIT\"},\"contracts/test/BridgeStub.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\npragma solidity ^0.8.9;\\n\\nimport \\\"../bridge/BitcoinTx.sol\\\";\\nimport \\\"../bridge/Bridge.sol\\\";\\nimport \\\"../bridge/Wallets.sol\\\";\\n\\ncontract BridgeStub is Bridge {\\n constructor(\\n address _bank,\\n address _relay,\\n address _treasury,\\n address _walletRegistry,\\n uint256 _txProofDifficultyFactor\\n )\\n Bridge(\\n _bank,\\n _relay,\\n _treasury,\\n _walletRegistry,\\n _txProofDifficultyFactor\\n )\\n {}\\n\\n function setSweptDeposits(BitcoinTx.UTXO[] calldata utxos) external {\\n for (uint256 i = 0; i < utxos.length; i++) {\\n uint256 utxoKey = uint256(\\n keccak256(\\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\\n )\\n );\\n self.deposits[utxoKey].sweptAt = 1641650400;\\n }\\n }\\n\\n function setSpentMainUtxos(BitcoinTx.UTXO[] calldata utxos) external {\\n for (uint256 i = 0; i < utxos.length; i++) {\\n uint256 utxoKey = uint256(\\n keccak256(\\n abi.encodePacked(utxos[i].txHash, utxos[i].txOutputIndex)\\n )\\n );\\n self.spentMainUTXOs[utxoKey] = true;\\n }\\n }\\n\\n function setActiveWallet(bytes20 activeWalletPubKeyHash) external {\\n self.activeWalletPubKeyHash = activeWalletPubKeyHash;\\n }\\n\\n function setWalletMainUtxo(\\n bytes20 walletPubKeyHash,\\n BitcoinTx.UTXO calldata utxo\\n ) external {\\n self.registeredWallets[walletPubKeyHash].mainUtxoHash = keccak256(\\n abi.encodePacked(\\n utxo.txHash,\\n utxo.txOutputIndex,\\n utxo.txOutputValue\\n )\\n );\\n }\\n\\n function setWallet(bytes20 walletPubKeyHash, Wallets.Wallet calldata wallet)\\n external\\n {\\n self.registeredWallets[walletPubKeyHash] = wallet;\\n\\n if (wallet.state == Wallets.WalletState.Live) {\\n self.liveWalletsCount++;\\n }\\n }\\n\\n function setDepositDustThreshold(uint64 _depositDustThreshold) external {\\n self.depositDustThreshold = _depositDustThreshold;\\n }\\n\\n function setDepositTxMaxFee(uint64 _depositTxMaxFee) external {\\n self.depositTxMaxFee = _depositTxMaxFee;\\n }\\n\\n function setRedemptionDustThreshold(uint64 _redemptionDustThreshold)\\n external\\n {\\n self.redemptionDustThreshold = _redemptionDustThreshold;\\n }\\n\\n function setRedemptionTreasuryFeeDivisor(\\n uint64 _redemptionTreasuryFeeDivisor\\n ) external {\\n self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;\\n }\\n\\n function setMovingFundsTxMaxTotalFee(uint64 _movingFundsTxMaxTotalFee)\\n external\\n {\\n self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;\\n }\\n}\\n\",\"keccak256\":\"0x54d44d1b81d65c51437d2ce1eff343af6e752409ed4169e1be3bf18ad9c648ad\",\"license\":\"MIT\"},\"contracts/vault/IVault.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588 \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\u2588\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n// \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c \\u2590\\u2588\\u2588\\u2588\\u2588\\u258c\\n\\npragma solidity ^0.8.9;\\n\\n/// @title Bank Vault interface\\n/// @notice `IVault` is an interface for a smart contract consuming Bank\\n/// balances of other contracts or externally owned accounts (EOA).\\ninterface IVault {\\n /// @notice Called by the Bank in `approveBalanceAndCall` function after\\n /// the balance `owner` approved `amount` of their balance in the\\n /// Bank for the vault. This way, the depositor can approve balance\\n /// and call the vault to use the approved balance in a single\\n /// transaction.\\n /// @param owner Address of the Bank balance owner who approved their\\n /// balance to be used by the vault\\n /// @param amount The amount of the Bank balance approved by the owner\\n /// to be used by the vault\\n // @dev The implementation must ensure this function can only be called\\n /// by the Bank. The Bank does _not_ guarantee that the `amount`\\n /// approved by the `owner` currently exists on their balance. That is,\\n /// the `owner` could approve more balance than they currently have.\\n /// This works the same as `Bank.approve` function. The vault must\\n /// ensure the actual balance is checked before performing any action\\n /// based on it.\\n function receiveBalanceApproval(address owner, uint256 amount) external;\\n\\n /// @notice Called by the Bank in `increaseBalanceAndCall` function after\\n /// increasing the balance in the Bank for the vault. It happens in\\n /// the same transaction in which deposits were swept by the Bridge.\\n /// This allows the depositor to route their deposit revealed to the\\n /// Bridge to the particular smart contract (vault) in the same\\n /// transaction in which the deposit is revealed. This way, the\\n /// depositor does not have to execute additional transaction after\\n /// the deposit gets swept by the Bridge to approve and transfer\\n /// their balance to the vault.\\n /// @param depositors Addresses of depositors whose deposits have been swept\\n /// @param depositedAmounts Amounts deposited by individual depositors and\\n /// swept\\n /// @dev The implementation must ensure this function can only be called\\n /// by the Bank. The Bank guarantees that the vault's balance was\\n /// increased by the sum of all deposited amounts before this function\\n /// is called, in the same transaction.\\n function receiveBalanceIncrease(\\n address[] calldata depositors,\\n uint256[] calldata depositedAmounts\\n ) external;\\n}\\n\",\"keccak256\":\"0x48d596548f2e6a69e31825f49882998789ea43ff5bcaeb5eea2d9b910577a5e9\",\"license\":\"MIT\"}},\"version\":1}",
2375
+ "bytecode": "0x60806040523480156200001157600080fd5b50604051620046e2380380620046e28339810160408190526200003491620003c1565b84848484846001600160a01b038516620000955760405162461bcd60e51b815260206004820152601b60248201527f42616e6b20616464726573732063616e6e6f74206265207a65726f000000000060448201526064015b60405180910390fd5b600180546001600160a01b0319166001600160a01b03878116919091179091558416620001055760405162461bcd60e51b815260206004820152601c60248201527f52656c617920616464726573732063616e6e6f74206265207a65726f0000000060448201526064016200008c565b600280546001600160a01b0319166001600160a01b038681169190911790915582166200018a5760405162461bcd60e51b815260206004820152602c60248201527f45434453412057616c6c6574205265676973747279206164647265737320636160448201526b6e6e6f74206265207a65726f60a01b60648201526084016200008c565b600380546001600160a01b0319166001600160a01b03848116919091179091558316620001fa5760405162461bcd60e51b815260206004820152601f60248201527f547265617375727920616464726573732063616e6e6f74206265207a65726f0060448201526064016200008c565b6005805460048390556001600160a01b0385166001600160e01b031990911617613d0960a61b179055600680546001600160801b03191669271000000000000007d01790556202a300600c55600d805469021e19e0c9bab24000006001600160601b031991821681179092556064600e819055600980546001600160c01b03191675021e19e0c9bab240000000093a800000000000002710179055600a81905579271000000000000007d000000000000f42400000000000004e20600b5560118054909216909217905560125562093a80601355671bc16d674ec800006014557eeff1000000000002faf08000000002540be4000000000005f5e10000093a80601755601880546001600160c01b0316621dcd6560c91b179055601980546234bc0063ffffffff19909116179055620003333362000343565b5050505050505050505062000428565b600080546001600160a01b038381166001600160a01b031983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b80516001600160a01b0381168114620003bc57600080fd5b919050565b600080600080600060a08688031215620003da57600080fd5b620003e586620003a4565b9450620003f560208701620003a4565b93506200040560408701620003a4565b92506200041560608701620003a4565b9150608086015190509295509295909350565b6142aa80620004386000396000f3fe60806040526004361061033f5760003560e01c806375b922d1116101b0578063b216bd35116100ec578063d38bfff411610095578063df7cd4ae1161006f578063df7cd4ae14610fa8578063e404c0a914610fec578063e53c0b551461100c578063e65e19d51461104557600080fd5b8063d38bfff414610f3c578063d6eccdf014610f5c578063ded1d24a14610f7c57600080fd5b8063be05abe3116100c6578063be05abe314610e65578063c42b64d014610ed0578063c8b5d2db14610f1c57600080fd5b8063b216bd3514610e05578063b34b321614610e25578063b8afb0a514610e4557600080fd5b8063a7738ab411610159578063abaeed8f11610133578063abaeed8f14610c12578063b02c43d014610c32578063b036c1ee14610d77578063b2146cd614610dc557600080fd5b8063a7738ab414610b73578063a8fa0f4214610bb2578063a9de2f3a14610bd257600080fd5b80638d8191eb1161018a5780638d8191eb14610b1357806392238f3214610b33578063a145e2d514610b5357600080fd5b806375b922d114610a9057806377145f2114610ad3578063883d6a1114610af357600080fd5b80634fb1b4c61161027f57806360d712fc116102285780636c854186116102025780636c854186146109665780636d02b43c146109c35780636e70ce41146109d657806374babd9c14610a7057600080fd5b806360d712fc146108a057806361ccf97a146108c057806361d027b31461094857600080fd5b806359e6a4561161025957806359e6a456146107eb5780635aa6e675146108485780635c0b48121461088057600080fd5b80634fb1b4c61461078b578063575e4279146107ab57806359a9d90a146107cb57600080fd5b806329e3e74d116102ec57806331a4889a116102c657806331a4889a1461061e57806333e957cb1461063e5780633c0038f41461071d5780633dce98121461076b57600080fd5b806329e3e74d146105c05780632bb818c2146105e05780632f429b64146105fe57600080fd5b8063107608821161031d578063107608821461054e57806317c964001461056e57806324028c111461058e57600080fd5b806303d952f71461034457806307f7d2231461046e5780630b6ba19d14610490575b600080fd5b34801561035057600080fd5b5061040261035f366004612ff2565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600f6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b6040516104659190600060a0820190506001600160a01b038351168252602083015167ffffffffffffffff8082166020850152806040860151166040850152806060860151166060850152505063ffffffff608084015116608083015292915050565b60405180910390f35b34801561047a57600080fd5b5061048e610489366004613040565b611072565b005b34801561049c57600080fd5b506104026104ab366004612ff2565b6040805160a08101825260008082526020820181905291810182905260608101829052608081019190915250600090815260106020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b34801561055a57600080fd5b5061048e61056936600461308b565b6110fb565b34801561057a57600080fd5b5061048e6105893660046130da565b61116e565b34801561059a57600080fd5b50601854600160a01b900463ffffffff1660405163ffffffff9091168152602001610465565b3480156105cc57600080fd5b5061048e6105db366004613137565b6111da565b3480156105ec57600080fd5b50600454604051908152602001610465565b34801561060a57600080fd5b5061048e6106193660046131af565b61124a565b34801561062a57600080fd5b5061048e6106393660046132c3565b6112d7565b34801561064a57600080fd5b506106d9610659366004612ff2565b60408051608081018252600080825260208201819052918101829052606081019190915250600090815260156020908152604091829020825160808101845281546001600160a01b031681526001820154928101929092526002015463ffffffff81169282019290925264010000000090910460ff161515606082015290565b604051610465919081516001600160a01b031681526020808301519082015260408083015163ffffffff169082015260609182015115159181019190915260800190565b34801561072957600080fd5b5061048e610738366004613344565b600b805467ffffffffffffffff909216600160401b026fffffffffffffffff000000000000000019909216919091179055565b34801561077757600080fd5b5061048e610786366004613368565b611369565b34801561079757600080fd5b5061048e6107a6366004613394565b6113f9565b3480156107b757600080fd5b5061048e6107c6366004613040565b611454565b3480156107d757600080fd5b5061048e6107e6366004613408565b6114a9565b3480156107f757600080fd5b5061048e610806366004613344565b6005805467ffffffffffffffff909216600160a01b027fffffffff0000000000000000ffffffffffffffffffffffffffffffffffffffff909216919091179055565b34801561085457600080fd5b50600054610868906001600160a01b031681565b6040516001600160a01b039091168152602001610465565b34801561088c57600080fd5b5061048e61089b36600461347d565b611500565b3480156108ac57600080fd5b5061048e6108bb3660046134ff565b611555565b3480156108cc57600080fd5b506017546018546019546040805163ffffffff808616825267ffffffffffffffff640100000000870481166020840152600160601b8704811693830193909352600160a01b860483166060830152600160e01b90950485166080820152600160c01b9093041660a08301529190911660c082015260e001610465565b34801561095457600080fd5b506005546001600160a01b0316610868565b34801561097257600080fd5b5061048e610981366004613344565b600b805467ffffffffffffffff909216600160801b027fffffffffffffffff0000000000000000ffffffffffffffffffffffffffffffff909216919091179055565b61048e6109d1366004613529565b61160e565b3480156109e257600080fd5b50610a28600b54600c54600d54600e5467ffffffffffffffff600160401b8504811695600160801b8604821695600160c01b900490911693926001600160601b03169190565b6040805167ffffffffffffffff97881681529587166020870152939095169284019290925260608301526001600160601b0316608082015260a081019190915260c001610465565b348015610a7c57600080fd5b5061048e610a8b36600461357c565b611667565b348015610a9c57600080fd5b50601154601254601354601454604080516001600160601b0390951685526020850193909352918301526060820152608001610465565b348015610adf57600080fd5b5061048e610aee3660046135f1565b611723565b348015610aff57600080fd5b5061048e610b0e366004613672565b61177e565b348015610b1f57600080fd5b5061048e610b2e366004613708565b6117e9565b348015610b3f57600080fd5b5061048e610b4e36600461373b565b61187b565b348015610b5f57600080fd5b5061048e610b6e36600461378e565b6118d2565b348015610b7f57600080fd5b5061048e610b8e366004613344565b6009805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b348015610bbe57600080fd5b5061048e610bcd366004613368565b611951565b348015610bde57600080fd5b50600154600254600354604080516001600160a01b0394851681529284166020840152921691810191909152606001610465565b348015610c1e57600080fd5b5061048e610c2d3660046137aa565b6119b7565b348015610c3e57600080fd5b50610d01610c4d366004612ff2565b6040805160c081018252600080825260208201819052918101829052606081018290526080810182905260a081019190915250600090815260076020908152604091829020825160c08101845281546001600160a01b03808216835267ffffffffffffffff600160a01b80840482169685019690965263ffffffff600160e01b938490048116978501979097526001949094015490811660608401529384049092166080820152910490911660a082015290565b6040516104659190600060c0820190506001600160a01b03808451168352602084015167ffffffffffffffff80821660208601526040860151915063ffffffff80831660408701528360608801511660608701528160808801511660808701528060a08801511660a08701525050505092915050565b348015610d8357600080fd5b5061048e610d92366004613344565b6006805467ffffffffffffffff909216600160401b026fffffffffffffffff000000000000000019909216919091179055565b348015610dd157600080fd5b50610df5610de0366004612ff2565b60009081526016602052604090205460ff1690565b6040519015158152602001610465565b348015610e1157600080fd5b5061048e610e20366004613846565b611a4f565b348015610e3157600080fd5b5061048e610e403660046131af565b611ab9565b348015610e5157600080fd5b5061048e610e6036600461357c565b611b12565b348015610e7157600080fd5b50600954600a54600b546040805167ffffffffffffffff8086168252600160401b860463ffffffff166020830152600160601b9095046001600160601b031691810191909152606081019290925291909116608082015260a001610465565b348015610edc57600080fd5b5060055460065460408051600160a01b90930467ffffffffffffffff90811684528083166020850152600160401b90920490911690820152606001610465565b348015610f2857600080fd5b5061048e610f373660046138b2565b611c0a565b348015610f4857600080fd5b5061048e610f573660046138cd565b611c18565b348015610f6857600080fd5b5061048e610f773660046138e8565b611cf7565b348015610f8857600080fd5b5060185460601b6040516001600160601b03199091168152602001610465565b348015610fb457600080fd5b5061048e610fc33660046138b2565b6018805473ffffffffffffffffffffffffffffffffffffffff191660609290921c919091179055565b348015610ff857600080fd5b5061048e611007366004613040565b611d52565b34801561101857600080fd5b50610df56110273660046138cd565b6001600160a01b031660009081526008602052604090205460ff1690565b34801561105157600080fd5b506110656110603660046138b2565b611dfc565b604051610465919061396a565b6040517f260b6cde000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e59063260b6cde906110c79060019086908690600401613a3b565b60006040518083038186803b1580156110df57600080fd5b505af41580156110f3573d6000803e3d6000fd5b505050505050565b6000546001600160a01b0316331461115a5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e63650000000060448201526064015b60405180910390fd5b611168600185858585611f01565b50505050565b6000546001600160a01b031633146111c85760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6111d56001848484612071565b505050565b6000546001600160a01b031633146112345760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b611243600186868686866122b7565b5050505050565b6040517e92bac9000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e5906292bac9906112a1906001908890889088908890600401613bc2565b60006040518083038186803b1580156112b957600080fd5b505af41580156112cd573d6000803e3d6000fd5b5050505050505050565b6040517fa76558b3000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f9063a76558b3906113329060019089908990899089908990600401613c5d565b60006040518083038186803b15801561134a57600080fd5b505af415801561135e573d6000803e3d6000fd5b505050505050505050565b6040517fc87de7f4000000000000000000000000000000000000000000000000000000008152600160048201526024810183905260448101829052730AFdAcD509e73115EA1654B1a770f1a807e7c9C09063c87de7f4906064015b60006040518083038186803b1580156113dc57600080fd5b505af41580156113f0573d6000803e3d6000fd5b50505050505050565b6040517f89b43a8600000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e8544906389b43a86906113329060019089908990899089908990600401613ca7565b6040517f99b0b847000000000000000000000000000000000000000000000000000000008152730AFdAcD509e73115EA1654B1a770f1a807e7c9C0906399b0b847906110c79060019086908690600401613a3b565b6040517f510fc50a0000000000000000000000000000000000000000000000000000000081527355cb3b67D9E65F0Cf4eABCAC84564a1bE6E3b06A9063510fc50a906113c490600190879087908790600401613ce8565b6040517faea7fd0b00000000000000000000000000000000000000000000000000000000815273130A46b6E41DB6E1e18fb9c759F223c459190e909063aea7fd0b906110c79060019086908690600401613d2c565b6000546001600160a01b031633146115af5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6001600160a01b038216600081815260086020908152604091829020805460ff191685151590811790915591519182527f9065599c12c4294d9e2201638226d0d0beb95c228f468c4e7c2bdb8322b6066f910160405180910390a25050565b6040517f3b5d9f2400000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e854490633b5d9f24906112a1906001908890889088908890600401613e3b565b60005b818110156111d557600083838381811061168657611686613e95565b905060600201600001358484848181106116a2576116a2613e95565b90506060020160200160208101906116ba9190613eab565b6040516020016116e192919091825260e01b6001600160e01b031916602082015260240190565b60408051601f198184030181529181528151602092830120600090815260169092529020805460ff19166001179055508061171b81613ede565b91505061166a565b6040517f624526fe00000000000000000000000000000000000000000000000000000000815273c63d2a04762529edB649d7a4cC3E57A0085e85449063624526fe906113329060019089908990899089908990600401613ef9565b6000546001600160a01b031633146117d85760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6113f06001888888888888886125b6565b6001600160601b031982166000908152601a60205260409020819061180e8282613fb4565b506001905061182360e0830160c084016140ee565b600581111561183457611834613954565b14156118775760188054600160a01b900463ffffffff169060146118578361410b565b91906101000a81548163ffffffff021916908363ffffffff160217905550505b5050565b6040517f07f96c42000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e5906307f96c42906113c49060019087908790879060040161412f565b6040517fd079fbb1000000000000000000000000000000000000000000000000000000008152730AFdAcD509e73115EA1654B1a770f1a807e7c9C09063d079fbb190611925906001908590600401614159565b60006040518083038186803b15801561193d57600080fd5b505af4158015611243573d6000803e3d6000fd5b6040517f4afbe4c900000000000000000000000000000000000000000000000000000000815260016004820152602481018490526044810183905260648101829052730AFdAcD509e73115EA1654B1a770f1a807e7c9C090634afbe4c9906084016113c4565b6040517fc8f77943000000000000000000000000000000000000000000000000000000008152731a6a3e7Bb246158dF31d8f924B84D961669Ba4e59063c8f7794390611a16906001908b908b908b908b908b908b908b9060040161416d565b60006040518083038186803b158015611a2e57600080fd5b505af4158015611a42573d6000803e3d6000fd5b5050505050505050505050565b6000546001600160a01b03163314611aa95760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6110f36001878787878787612986565b6040517fa164de6e000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f9063a164de6e906112a1906001908890889088908890600401613bc2565b60005b818110156111d5576000838383818110611b3157611b31613e95565b90506060020160000135848484818110611b4d57611b4d613e95565b9050606002016020016020810190611b659190613eab565b604051602001611b8c92919091825260e01b6001600160e01b031916602082015260240190565b60408051808303601f19018152918152815160209283012060009081526007909252902060010180547bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167f61d998e0000000000000000000000000000000000000000000000000000000001790555080611c0281613ede565b915050611b15565b611c15600182612d43565b50565b6000546001600160a01b03163314611c725760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6001600160a01b038116611cee5760405162461bcd60e51b815260206004820152602260248201527f4e657720676f7665726e616e636520697320746865207a65726f20616464726560448201527f73730000000000000000000000000000000000000000000000000000000000006064820152608401611151565b611c1581612e9b565b6040517f7333b369000000000000000000000000000000000000000000000000000000008152737290f72B5C67052DDE8e6E179F7803c493e90d3f90637333b3699061133290600190899089908990899089906004016141f8565b8035611d646040830160208401613eab565b611d746060840160408501613344565b604051602001611dc29392919092835260e09190911b6001600160e01b031916602083015260c01b77ffffffffffffffffffffffffffffffffffffffffffffffff19166024820152602c0190565b60408051601f1981840301815291815281516020928301206001600160601b03199094166000908152601a90925290206001019190915550565b6040805161010081018252600080825260208201819052918101829052606081018290526080810182905260a0810182905260c0810182905260e08101919091526001600160601b031982166000908152601a602090815260409182902082516101008101845281548152600182015492810192909252600281015467ffffffffffffffff81169383019390935263ffffffff600160401b840481166060840152600160601b840481166080840152600160801b84041660a0830152909160c083019060ff600160a01b909104166005811115611edb57611edb613954565b6005811115611eec57611eec613954565b81526020016003820154815250509050919050565b6064831115611f785760405162461bcd60e51b815260206004820152603e60248201527f4672617564206e6f74696669657220726577617264206d756c7469706c69657260448201527f206d75737420626520696e207468652072616e6765205b302c203130305d00006064820152608401611151565b60008211611fee5760405162461bcd60e51b815260206004820152603860248201527f4672617564206368616c6c656e6765206465666561742074696d656f7574206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611151565b6010850180546001600160601b0319166001600160601b03861690811790915560118601849055601286018390556013860182905560408051918252602082018590528101839052606081018290527f05a00d49ab61707f55232992ae68b57d8ed6e071aa0f9b88f992f19215a5f0869060800160405180910390a15050505050565b60008367ffffffffffffffff16116120f15760405162461bcd60e51b815260206004820152603060248201527f4465706f7369742064757374207468726573686f6c64206d757374206265206760448201527f726561746572207468616e207a65726f000000000000000000000000000000006064820152608401611151565b60008267ffffffffffffffff16116121715760405162461bcd60e51b815260206004820152603660248201527f4465706f736974207472656173757279206665652064697669736f72206d757360448201527f742062652067726561746572207468616e207a65726f000000000000000000006064820152608401611151565b60008167ffffffffffffffff16116121f15760405162461bcd60e51b815260206004820152603560248201527f4465706f736974207472616e73616374696f6e206d617820666565206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b6004840180547fffffffff0000000000000000ffffffffffffffffffffffffffffffffffffffff16600160a01b67ffffffffffffffff868116918202929092179092556005860180548583167fffffffffffffffffffffffffffffffff000000000000000000000000000000009091168117600160401b938616938402179091556040805193845260208401919091528201527f1ced468902ca566e746a3c8c9516af81f8de9f1021c365083be9f2625ebfb7b59060600160405180910390a150505050565b60008567ffffffffffffffff1611612339576040805162461bcd60e51b81526020600482015260248101919091527f4d6f76696e672066756e6473207472616e73616374696f6e206d617820746f7460448201527f616c20666565206d7573742062652067726561746572207468616e207a65726f6064820152608401611151565b60008463ffffffff16116123b55760405162461bcd60e51b815260206004820152602e60248201527f4d6f76696e672066756e64732074696d656f7574206d7573742062652067726560448201527f61746572207468616e207a65726f0000000000000000000000000000000000006064820152608401611151565b60648211156124525760405162461bcd60e51b815260206004820152604d60248201527f4d6f76696e672066756e64732074696d656f7574206e6f74696669657220726560448201527f77617264206d756c7469706c696572206d75737420626520696e20746865207260648201527f616e6765205b302c203130305d00000000000000000000000000000000000000608482015260a401611151565b60008167ffffffffffffffff16116124d25760405162461bcd60e51b815260206004820152603560248201527f4d6f76696e672066756e64732064757374207468726573686f6c64206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b6008860180546001600160601b038516600160601b81027fffffffffffffffff000000000000000000000000ffffffffffffffffffffffff63ffffffff8916600160401b81026001600160601b031990951667ffffffffffffffff8c811691821796909617929092169290921790945560098a01869055600a8a01805493861667ffffffffffffffff19909416841790556040805194855260208501919091528301526060820184905260808201527f3cb08bd9577c9b1e22ab543ef64f01f08ce3e6dea2cd14aeb408747fcae43b7d9060a00160405180910390a1505050505050565b8567ffffffffffffffff168567ffffffffffffffff16116126655760405162461bcd60e51b815260206004820152605960248201527f57616c6c6574206372656174696f6e206d6178696d756d204254432062616c6160448201527f6e6365206d7573742062652067726561746572207468616e207468652063726560648201527f6174696f6e206d696e696d756d204254432062616c616e636500000000000000608482015260a401611151565b60008467ffffffffffffffff16116126e55760405162461bcd60e51b815260206004820152603c60248201527f57616c6c657420636c6f73757265206d696e696d756d204254432062616c616e60448201527f6365206d7573742062652067726561746572207468616e207a65726f000000006064820152608401611151565b60008267ffffffffffffffff16116127655760405162461bcd60e51b815260206004820152603560248201527f57616c6c6574206d6178696d756d20425443207472616e73666572206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b60008163ffffffff16116127e15760405162461bcd60e51b815260206004820152602f60248201527f57616c6c657420636c6f73696e6720706572696f64206d75737420626520677260448201527f6561746572207468616e207a65726f00000000000000000000000000000000006064820152608401611151565b868860160160006101000a81548163ffffffff021916908363ffffffff160217905550858860160160046101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508488601601600c6101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550838860160160146101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508288601601601c6101000a81548163ffffffff021916908363ffffffff160217905550818860170160186101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550808860180160006101000a81548163ffffffff021916908363ffffffff1602179055507fc7d3a9af08692aeae771c329fddd95c7237a9f76fec996325f3959eeff07d4ac87878787878787604051612974979695949392919063ffffffff978816815267ffffffffffffffff968716602082015294861660408601529285166060850152908516608084015290921660a0820152911660c082015260e00190565b60405180910390a15050505050505050565b60008667ffffffffffffffff1611612a065760405162461bcd60e51b815260206004820152603360248201527f526564656d7074696f6e2064757374207468726573686f6c64206d757374206260448201527f652067726561746572207468616e207a65726f000000000000000000000000006064820152608401611151565b60008567ffffffffffffffff1611612a865760405162461bcd60e51b815260206004820152603960248201527f526564656d7074696f6e207472656173757279206665652064697669736f722060448201527f6d7573742062652067726561746572207468616e207a65726f000000000000006064820152608401611151565b60008467ffffffffffffffff1611612b065760405162461bcd60e51b815260206004820152603860248201527f526564656d7074696f6e207472616e73616374696f6e206d617820666565206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611151565b60008311612b7c5760405162461bcd60e51b815260206004820152602c60248201527f526564656d7074696f6e2074696d656f7574206d75737420626520677265617460448201527f6572207468616e207a65726f00000000000000000000000000000000000000006064820152608401611151565b6064811115612c195760405162461bcd60e51b815260206004820152604b60248201527f526564656d7074696f6e2074696d656f7574206e6f746966696572207265776160448201527f7264206d756c7469706c696572206d75737420626520696e207468652072616e60648201527f6765205b302c203130305d000000000000000000000000000000000000000000608482015260a401611151565b600a870180547fffffffffffffffff00000000000000000000000000000000ffffffffffffffff16600160401b67ffffffffffffffff8981169182027fffffffffffffffff0000000000000000ffffffffffffffffffffffffffffffff1692909217600160801b8984169081029190911777ffffffffffffffffffffffffffffffffffffffffffffffff16600160c01b93891693840217909355600b8a01869055600c8a0180546001600160601b0319166001600160601b038716908117909155600d8b018590556040805192835260208301949094529281019190915260608101859052608081019190915260a081018290527f944cd06e316cc3da4159300dd41ab23416c89a5136c41fa79d57fe8a34bcc10f9060c00160405180910390a150505050505050565b6001600160601b031981166000908152601983016020526040902060036002820154600160a01b900460ff166005811115612d8057612d80613954565b14612df35760405162461bcd60e51b815260206004820152602560248201527f45434453412077616c6c6574206d75737420626520696e20436c6f73696e672060448201527f73746174650000000000000000000000000000000000000000000000000000006064820152608401611151565b60188301546002820154612e179163ffffffff90811691600160801b90041661424c565b63ffffffff164211612e915760405162461bcd60e51b815260206004820152602260248201527f436c6f73696e6720706572696f6420686173206e6f7420656c6170736564207960448201527f65740000000000000000000000000000000000000000000000000000000000006064820152608401611151565b6111d58383612f09565b600080546001600160a01b0383811673ffffffffffffffffffffffffffffffffffffffff1983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b6001600160601b03198116600081815260198401602052604080822060028101805460ff60a01b191674040000000000000000000000000000000000000000179055805491519093927f47b159947c3066cb253f60e8f046cfd747411788a545cb189679e3fa1467b28d91a3600283015481546040517f343bb9270000000000000000000000000000000000000000000000000000000081526001600160a01b039092169163343bb92791612fc49160040190815260200190565b600060405180830381600087803b158015612fde57600080fd5b505af11580156113f0573d6000803e3d6000fd5b60006020828403121561300457600080fd5b5035919050565b80356001600160601b03198116811461302357600080fd5b919050565b60006060828403121561303a57600080fd5b50919050565b6000806080838503121561305357600080fd5b61305c8361300b565b915061306b8460208501613028565b90509250929050565b80356001600160601b038116811461302357600080fd5b600080600080608085870312156130a157600080fd5b6130aa85613074565b966020860135965060408601359560600135945092505050565b67ffffffffffffffff81168114611c1557600080fd5b6000806000606084860312156130ef57600080fd5b83356130fa816130c4565b9250602084013561310a816130c4565b9150604084013561311a816130c4565b809150509250925092565b63ffffffff81168114611c1557600080fd5b600080600080600060a0868803121561314f57600080fd5b853561315a816130c4565b9450602086013561316a81613125565b935061317860408701613074565b925060608601359150608086013561318f816130c4565b809150509295509295909350565b60006080828403121561303a57600080fd5b60008060008060c085870312156131c557600080fd5b843567ffffffffffffffff808211156131dd57600080fd5b6131e98883890161319d565b955060208701359150808211156131ff57600080fd5b5061320c87828801613028565b93505061321c8660408701613028565b915061322a60a0860161300b565b905092959194509250565b60008083601f84011261324757600080fd5b50813567ffffffffffffffff81111561325f57600080fd5b6020830191508360208260051b850101111561327a57600080fd5b9250929050565b60008083601f84011261329357600080fd5b50813567ffffffffffffffff8111156132ab57600080fd5b60208301915083602082850101111561327a57600080fd5b6000806000806000606086880312156132db57600080fd5b6132e48661300b565b9450602086013567ffffffffffffffff8082111561330157600080fd5b61330d89838a01613235565b9096509450604088013591508082111561332657600080fd5b5061333388828901613281565b969995985093965092949392505050565b60006020828403121561335657600080fd5b8135613361816130c4565b9392505050565b60008060006060848603121561337d57600080fd5b505081359360208301359350604090920135919050565b6000806000806000606086880312156133ac57600080fd5b853567ffffffffffffffff808211156133c457600080fd5b6133d089838a01613281565b909750955060208801359150808211156133e957600080fd5b506133f688828901613235565b96999598509660400135949350505050565b600080600060a0848603121561341d57600080fd5b833567ffffffffffffffff8082111561343557600080fd5b6134418783880161319d565b9450602086013591508082111561345757600080fd5b5061346486828701613028565b9250506134748560408601613028565b90509250925092565b60008082840361010081121561349257600080fd5b833567ffffffffffffffff8111156134a957600080fd5b6134b58682870161319d565b93505060e0601f19820112156134ca57600080fd5b506020830190509250929050565b80356001600160a01b038116811461302357600080fd5b8035801515811461302357600080fd5b6000806040838503121561351257600080fd5b61351b836134d8565b915061306b602084016134ef565b60008060008060a0858703121561353f57600080fd5b843567ffffffffffffffff81111561355657600080fd5b61356287828801613281565b9095509350506020850135915061322a8660408701613028565b6000806020838503121561358f57600080fd5b823567ffffffffffffffff808211156135a757600080fd5b818501915085601f8301126135bb57600080fd5b8135818111156135ca57600080fd5b8660206060830285010111156135df57600080fd5b60209290920196919550909350505050565b60008060008060006060868803121561360957600080fd5b853567ffffffffffffffff8082111561362157600080fd5b61362d89838a01613281565b9097509550602088013591508082111561364657600080fd5b5061365388828901613281565b90945092506136669050604087016134ef565b90509295509295909350565b600080600080600080600060e0888a03121561368d57600080fd5b873561369881613125565b965060208801356136a8816130c4565b955060408801356136b8816130c4565b945060608801356136c8816130c4565b935060808801356136d881613125565b925060a08801356136e8816130c4565b915060c08801356136f881613125565b8091505092959891949750929550565b60008082840361012081121561371d57600080fd5b6137268461300b565b9250610100601f19820112156134ca57600080fd5b60008060006040848603121561375057600080fd5b6137598461300b565b9250602084013567ffffffffffffffff81111561377557600080fd5b61378186828701613235565b9497909650939450505050565b6000606082840312156137a057600080fd5b6133618383613028565b600080600080600080600060e0888a0312156137c557600080fd5b6137ce8861300b565b96506137dd8960208a01613028565b9550608088013567ffffffffffffffff808211156137fa57600080fd5b6138068b838c01613235565b909750955060a08a0135945060c08a013591508082111561382657600080fd5b506138338a828b01613235565b989b979a50959850939692959293505050565b60008060008060008060c0878903121561385f57600080fd5b863561386a816130c4565b9550602087013561387a816130c4565b9450604087013561388a816130c4565b93506060870135925061389f60808801613074565b915060a087013590509295509295509295565b6000602082840312156138c457600080fd5b6133618261300b565b6000602082840312156138df57600080fd5b613361826134d8565b600080600080600060c0868803121561390057600080fd5b6139098661300b565b94506139188760208801613028565b9350608086013567ffffffffffffffff81111561393457600080fd5b61394088828901613281565b90945092505060a086013561318f816130c4565b634e487b7160e01b600052602160045260246000fd5b600061010082019050825182526020830151602083015267ffffffffffffffff6040840151166040830152606083015163ffffffff80821660608501528060808601511660808501528060a08601511660a0850152505060c0830151600681106139e457634e487b7160e01b600052602160045260246000fd5b8060c08401525060e083015160e083015292915050565b803582526020810135613a0d81613125565b63ffffffff1660208301526040810135613a26816130c4565b67ffffffffffffffff81166040840152505050565b8381526001600160601b03198316602082015260a08101613a5f60408301846139fb565b949350505050565b80356001600160e01b03198116811461302357600080fd5b6000808335601e19843603018112613a9657600080fd5b830160208101925035905067ffffffffffffffff811115613ab657600080fd5b80360383131561327a57600080fd5b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b60006001600160e01b031980613b0384613a67565b168452613b136020840184613a7f565b60806020870152613b28608087018284613ac5565b915050613b386040850185613a7f565b8683036040880152613b4b838284613ac5565b9250505081613b5c60608601613a67565b166060860152809250505092915050565b6000613b798283613a7f565b60608552613b8b606086018284613ac5565b91505060208301356020850152613ba56040840184613a7f565b8583036040870152613bb8838284613ac5565b9695505050505050565b85815260e060208201526000613bdb60e0830187613aee565b8281036040840152613bed8187613b6d565b915050613bfd60608301856139fb565b6001600160601b0319831660c08301529695505050505050565b8183526000602080850194508260005b85811015613c52578135613c3a81613125565b63ffffffff1687529582019590820190600101613c27565b509495945050505050565b8681526001600160601b031986166020820152608060408201526000613c87608083018688613c17565b8281036060840152613c9a818587613ac5565b9998505050505050505050565b868152608060208201526000613cc1608083018789613ac5565b8281036040840152613cd4818688613c17565b915050826060830152979650505050505050565b84815260c060208201526000613d0160c0830186613aee565b8281036040840152613d138186613b6d565b915050613d2360608301846139fb565b95945050505050565b6000610120858352806020840152613d4681840186613aee565b9150508235613d5481613125565b63ffffffff1660408301526001600160a01b03613d73602085016134d8565b166060830152604083013577ffffffffffffffffffffffffffffffffffffffffffffffff1981168114613da557600080fd5b77ffffffffffffffffffffffffffffffffffffffffffffffff19166080830152613dd16060840161300b565b6001600160601b03191660a0830152613dec6080840161300b565b6001600160601b03191660c0830152613e0760a08401613a67565b6001600160e01b03191660e0830152613e2260c084016134d8565b6001600160a01b03811661010084015250949350505050565b85815260c060208201526000613e5560c083018688613ac5565b90508360408301528235606083015260208301356080830152604083013560ff8116808214613e8357600080fd5b8060a085015250509695505050505050565b634e487b7160e01b600052603260045260246000fd5b600060208284031215613ebd57600080fd5b813561336181613125565b634e487b7160e01b600052601160045260246000fd5b6000600019821415613ef257613ef2613ec8565b5060010190565b868152608060208201526000613f13608083018789613ac5565b8281036040840152613f26818688613ac5565b9150508215156060830152979650505050505050565b60008135613f4981613125565b92915050565b60068110611c1557600080fd5b60008135613f4981613f4f565b60068210613f8757634e487b7160e01b600052602160045260246000fd5b805474ff00000000000000000000000000000000000000008360a01b1660ff60a01b198216178255505050565b8135815560208201356001820155600281016040830135613fd4816130c4565b67ffffffffffffffff8116905081548167ffffffffffffffff198216178355606085013561400181613125565b6bffffffff00000000000000008160401b16836001600160601b031984161717845550505061407661403560808501613f3c565b82547fffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffff1660609190911b6fffffffff00000000000000000000000016178255565b6140ca61408560a08501613f3c565b82547fffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffff1660809190911b73ffffffff0000000000000000000000000000000016178255565b6140df6140d960c08501613f5c565b82613f69565b5060e082013560038201555050565b60006020828403121561410057600080fd5b813561336181613f4f565b600063ffffffff8083168181141561412557614125613ec8565b6001019392505050565b8481526001600160601b031984166020820152606060408201526000613bb8606083018486613c17565b8281526080810161336160208301846139fb565b60006101008a835260206001600160601b0319808c1682860152614194604086018c6139fb565b8260a08601526141a78386018a8c613c17565b60c0860189905285810360e0870152868152879350820160005b878110156141e657826141d38661300b565b16825293830193908301906001016141c1565b509d9c50505050505050505050505050565b8681526001600160601b03198616602082015261421860408201866139fb565b60e060a0820152600061422f60e083018587613ac5565b905067ffffffffffffffff831660c0830152979650505050505050565b600063ffffffff80831681851680830382111561426b5761426b613ec8565b0194935050505056fea2646970667358221220d401a69186e7bf72ab215f60733fba5331d03c5b71eb017b0e868bdf21fd874c64736f6c63430008090033",
2376
+ "deployedBytecode": "0x60806040526004361061033f5760003560e01c806375b922d1116101b0578063b216bd35116100ec578063d38bfff411610095578063df7cd4ae1161006f578063df7cd4ae14610fa8578063e404c0a914610fec578063e53c0b551461100c578063e65e19d51461104557600080fd5b8063d38bfff414610f3c578063d6eccdf014610f5c578063ded1d24a14610f7c57600080fd5b8063be05abe3116100c6578063be05abe314610e65578063c42b64d014610ed0578063c8b5d2db14610f1c57600080fd5b8063b216bd3514610e05578063b34b321614610e25578063b8afb0a514610e4557600080fd5b8063a7738ab411610159578063abaeed8f11610133578063abaeed8f14610c12578063b02c43d014610c32578063b036c1ee14610d77578063b2146cd614610dc557600080fd5b8063a7738ab414610b73578063a8fa0f4214610bb2578063a9de2f3a14610bd257600080fd5b80638d8191eb1161018a5780638d8191eb14610b1357806392238f3214610b33578063a145e2d514610b5357600080fd5b806375b922d114610a9057806377145f2114610ad3578063883d6a1114610af357600080fd5b80634fb1b4c61161027f57806360d712fc116102285780636c854186116102025780636c854186146109665780636d02b43c146109c35780636e70ce41146109d657806374babd9c14610a7057600080fd5b806360d712fc146108a057806361ccf97a146108c057806361d027b31461094857600080fd5b806359e6a4561161025957806359e6a456146107eb5780635aa6e675146108485780635c0b48121461088057600080fd5b80634fb1b4c61461078b578063575e4279146107ab57806359a9d90a146107cb57600080fd5b806329e3e74d116102ec57806331a4889a116102c657806331a4889a1461061e57806333e957cb1461063e5780633c0038f41461071d5780633dce98121461076b57600080fd5b806329e3e74d146105c05780632bb818c2146105e05780632f429b64146105fe57600080fd5b8063107608821161031d578063107608821461054e57806317c964001461056e57806324028c111461058e57600080fd5b806303d952f71461034457806307f7d2231461046e5780630b6ba19d14610490575b600080fd5b34801561035057600080fd5b5061040261035f366004612ff2565b6040805160a081018252600080825260208201819052918101829052606081018290526080810191909152506000908152600f6020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b6040516104659190600060a0820190506001600160a01b038351168252602083015167ffffffffffffffff8082166020850152806040860151166040850152806060860151166060850152505063ffffffff608084015116608083015292915050565b60405180910390f35b34801561047a57600080fd5b5061048e610489366004613040565b611072565b005b34801561049c57600080fd5b506104026104ab366004612ff2565b6040805160a08101825260008082526020820181905291810182905260608101829052608081019190915250600090815260106020908152604091829020825160a08101845281546001600160a01b0381168252600160a01b900467ffffffffffffffff9081169382019390935260019091015480831693820193909352600160401b83049091166060820152600160801b90910463ffffffff16608082015290565b34801561055a57600080fd5b5061048e61056936600461308b565b6110fb565b34801561057a57600080fd5b5061048e6105893660046130da565b61116e565b34801561059a57600080fd5b50601854600160a01b900463ffffffff1660405163ffffffff9091168152602001610465565b3480156105cc57600080fd5b5061048e6105db366004613137565b6111da565b3480156105ec57600080fd5b50600454604051908152602001610465565b34801561060a57600080fd5b5061048e6106193660046131af565b61124a565b34801561062a57600080fd5b5061048e6106393660046132c3565b6112d7565b34801561064a57600080fd5b506106d9610659366004612ff2565b60408051608081018252600080825260208201819052918101829052606081019190915250600090815260156020908152604091829020825160808101845281546001600160a01b031681526001820154928101929092526002015463ffffffff81169282019290925264010000000090910460ff161515606082015290565b604051610465919081516001600160a01b031681526020808301519082015260408083015163ffffffff169082015260609182015115159181019190915260800190565b34801561072957600080fd5b5061048e610738366004613344565b600b805467ffffffffffffffff909216600160401b026fffffffffffffffff000000000000000019909216919091179055565b34801561077757600080fd5b5061048e610786366004613368565b611369565b34801561079757600080fd5b5061048e6107a6366004613394565b6113f9565b3480156107b757600080fd5b5061048e6107c6366004613040565b611454565b3480156107d757600080fd5b5061048e6107e6366004613408565b6114a9565b3480156107f757600080fd5b5061048e610806366004613344565b6005805467ffffffffffffffff909216600160a01b027fffffffff0000000000000000ffffffffffffffffffffffffffffffffffffffff909216919091179055565b34801561085457600080fd5b50600054610868906001600160a01b031681565b6040516001600160a01b039091168152602001610465565b34801561088c57600080fd5b5061048e61089b36600461347d565b611500565b3480156108ac57600080fd5b5061048e6108bb3660046134ff565b611555565b3480156108cc57600080fd5b506017546018546019546040805163ffffffff808616825267ffffffffffffffff640100000000870481166020840152600160601b8704811693830193909352600160a01b860483166060830152600160e01b90950485166080820152600160c01b9093041660a08301529190911660c082015260e001610465565b34801561095457600080fd5b506005546001600160a01b0316610868565b34801561097257600080fd5b5061048e610981366004613344565b600b805467ffffffffffffffff909216600160801b027fffffffffffffffff0000000000000000ffffffffffffffffffffffffffffffff909216919091179055565b61048e6109d1366004613529565b61160e565b3480156109e257600080fd5b50610a28600b54600c54600d54600e5467ffffffffffffffff600160401b8504811695600160801b8604821695600160c01b900490911693926001600160601b03169190565b6040805167ffffffffffffffff97881681529587166020870152939095169284019290925260608301526001600160601b0316608082015260a081019190915260c001610465565b348015610a7c57600080fd5b5061048e610a8b36600461357c565b611667565b348015610a9c57600080fd5b50601154601254601354601454604080516001600160601b0390951685526020850193909352918301526060820152608001610465565b348015610adf57600080fd5b5061048e610aee3660046135f1565b611723565b348015610aff57600080fd5b5061048e610b0e366004613672565b61177e565b348015610b1f57600080fd5b5061048e610b2e366004613708565b6117e9565b348015610b3f57600080fd5b5061048e610b4e36600461373b565b61187b565b348015610b5f57600080fd5b5061048e610b6e36600461378e565b6118d2565b348015610b7f57600080fd5b5061048e610b8e366004613344565b6009805467ffffffffffffffff191667ffffffffffffffff92909216919091179055565b348015610bbe57600080fd5b5061048e610bcd366004613368565b611951565b348015610bde57600080fd5b50600154600254600354604080516001600160a01b0394851681529284166020840152921691810191909152606001610465565b348015610c1e57600080fd5b5061048e610c2d3660046137aa565b6119b7565b348015610c3e57600080fd5b50610d01610c4d366004612ff2565b6040805160c081018252600080825260208201819052918101829052606081018290526080810182905260a081019190915250600090815260076020908152604091829020825160c08101845281546001600160a01b03808216835267ffffffffffffffff600160a01b80840482169685019690965263ffffffff600160e01b938490048116978501979097526001949094015490811660608401529384049092166080820152910490911660a082015290565b6040516104659190600060c0820190506001600160a01b03808451168352602084015167ffffffffffffffff80821660208601526040860151915063ffffffff80831660408701528360608801511660608701528160808801511660808701528060a08801511660a08701525050505092915050565b348015610d8357600080fd5b5061048e610d92366004613344565b6006805467ffffffffffffffff909216600160401b026fffffffffffffffff000000000000000019909216919091179055565b348015610dd157600080fd5b50610df5610de0366004612ff2565b60009081526016602052604090205460ff1690565b6040519015158152602001610465565b348015610e1157600080fd5b5061048e610e20366004613846565b611a4f565b348015610e3157600080fd5b5061048e610e403660046131af565b611ab9565b348015610e5157600080fd5b5061048e610e6036600461357c565b611b12565b348015610e7157600080fd5b50600954600a54600b546040805167ffffffffffffffff8086168252600160401b860463ffffffff166020830152600160601b9095046001600160601b031691810191909152606081019290925291909116608082015260a001610465565b348015610edc57600080fd5b5060055460065460408051600160a01b90930467ffffffffffffffff90811684528083166020850152600160401b90920490911690820152606001610465565b348015610f2857600080fd5b5061048e610f373660046138b2565b611c0a565b348015610f4857600080fd5b5061048e610f573660046138cd565b611c18565b348015610f6857600080fd5b5061048e610f773660046138e8565b611cf7565b348015610f8857600080fd5b5060185460601b6040516001600160601b03199091168152602001610465565b348015610fb457600080fd5b5061048e610fc33660046138b2565b6018805473ffffffffffffffffffffffffffffffffffffffff191660609290921c919091179055565b348015610ff857600080fd5b5061048e611007366004613040565b611d52565b34801561101857600080fd5b50610df56110273660046138cd565b6001600160a01b031660009081526008602052604090205460ff1690565b34801561105157600080fd5b506110656110603660046138b2565b611dfc565b604051610465919061396a565b6040517f260b6cde00000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__9063260b6cde906110c79060019086908690600401613a3b565b60006040518083038186803b1580156110df57600080fd5b505af41580156110f3573d6000803e3d6000fd5b505050505050565b6000546001600160a01b0316331461115a5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e63650000000060448201526064015b60405180910390fd5b611168600185858585611f01565b50505050565b6000546001600160a01b031633146111c85760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6111d56001848484612071565b505050565b6000546001600160a01b031633146112345760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b611243600186868686866122b7565b5050505050565b6040517e92bac900000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__906292bac9906112a1906001908890889088908890600401613bc2565b60006040518083038186803b1580156112b957600080fd5b505af41580156112cd573d6000803e3d6000fd5b5050505050505050565b6040517fa76558b300000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__9063a76558b3906113329060019089908990899089908990600401613c5d565b60006040518083038186803b15801561134a57600080fd5b505af415801561135e573d6000803e3d6000fd5b505050505050505050565b6040517fc87de7f400000000000000000000000000000000000000000000000000000000815260016004820152602481018390526044810182905273__$0f118c52967a3847a37f0a2ef02ffcee04$__9063c87de7f4906064015b60006040518083038186803b1580156113dc57600080fd5b505af41580156113f0573d6000803e3d6000fd5b50505050505050565b6040517f89b43a8600000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__906389b43a86906113329060019089908990899089908990600401613ca7565b6040517f99b0b84700000000000000000000000000000000000000000000000000000000815273__$0f118c52967a3847a37f0a2ef02ffcee04$__906399b0b847906110c79060019086908690600401613a3b565b6040517f510fc50a00000000000000000000000000000000000000000000000000000000815273__$61f169726e973bba1227e0c23d2755f88e$__9063510fc50a906113c490600190879087908790600401613ce8565b6040517faea7fd0b00000000000000000000000000000000000000000000000000000000815273__$894ce12e79ca3e5683c1b49e363f37fa22$__9063aea7fd0b906110c79060019086908690600401613d2c565b6000546001600160a01b031633146115af5760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6001600160a01b038216600081815260086020908152604091829020805460ff191685151590811790915591519182527f9065599c12c4294d9e2201638226d0d0beb95c228f468c4e7c2bdb8322b6066f910160405180910390a25050565b6040517f3b5d9f2400000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__90633b5d9f24906112a1906001908890889088908890600401613e3b565b60005b818110156111d557600083838381811061168657611686613e95565b905060600201600001358484848181106116a2576116a2613e95565b90506060020160200160208101906116ba9190613eab565b6040516020016116e192919091825260e01b6001600160e01b031916602082015260240190565b60408051601f198184030181529181528151602092830120600090815260169092529020805460ff19166001179055508061171b81613ede565b91505061166a565b6040517f624526fe00000000000000000000000000000000000000000000000000000000815273__$a542940934c03bae9a39609192cb25cc3c$__9063624526fe906113329060019089908990899089908990600401613ef9565b6000546001600160a01b031633146117d85760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6113f06001888888888888886125b6565b6001600160601b031982166000908152601a60205260409020819061180e8282613fb4565b506001905061182360e0830160c084016140ee565b600581111561183457611834613954565b14156118775760188054600160a01b900463ffffffff169060146118578361410b565b91906101000a81548163ffffffff021916908363ffffffff160217905550505b5050565b6040517f07f96c4200000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__906307f96c42906113c49060019087908790879060040161412f565b6040517fd079fbb100000000000000000000000000000000000000000000000000000000815273__$0f118c52967a3847a37f0a2ef02ffcee04$__9063d079fbb190611925906001908590600401614159565b60006040518083038186803b15801561193d57600080fd5b505af4158015611243573d6000803e3d6000fd5b6040517f4afbe4c90000000000000000000000000000000000000000000000000000000081526001600482015260248101849052604481018390526064810182905273__$0f118c52967a3847a37f0a2ef02ffcee04$__90634afbe4c9906084016113c4565b6040517fc8f7794300000000000000000000000000000000000000000000000000000000815273__$edce581bb06331cf4dae1387760565e5d1$__9063c8f7794390611a16906001908b908b908b908b908b908b908b9060040161416d565b60006040518083038186803b158015611a2e57600080fd5b505af4158015611a42573d6000803e3d6000fd5b5050505050505050505050565b6000546001600160a01b03163314611aa95760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6110f36001878787878787612986565b6040517fa164de6e00000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__9063a164de6e906112a1906001908890889088908890600401613bc2565b60005b818110156111d5576000838383818110611b3157611b31613e95565b90506060020160000135848484818110611b4d57611b4d613e95565b9050606002016020016020810190611b659190613eab565b604051602001611b8c92919091825260e01b6001600160e01b031916602082015260240190565b60408051808303601f19018152918152815160209283012060009081526007909252902060010180547bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167f61d998e0000000000000000000000000000000000000000000000000000000001790555080611c0281613ede565b915050611b15565b611c15600182612d43565b50565b6000546001600160a01b03163314611c725760405162461bcd60e51b815260206004820152601c60248201527f43616c6c6572206973206e6f742074686520676f7665726e616e6365000000006044820152606401611151565b6001600160a01b038116611cee5760405162461bcd60e51b815260206004820152602260248201527f4e657720676f7665726e616e636520697320746865207a65726f20616464726560448201527f73730000000000000000000000000000000000000000000000000000000000006064820152608401611151565b611c1581612e9b565b6040517f7333b36900000000000000000000000000000000000000000000000000000000815273__$9935b6ea18e0c526c293569ddd26842c9b$__90637333b3699061133290600190899089908990899089906004016141f8565b8035611d646040830160208401613eab565b611d746060840160408501613344565b604051602001611dc29392919092835260e09190911b6001600160e01b031916602083015260c01b77ffffffffffffffffffffffffffffffffffffffffffffffff19166024820152602c0190565b60408051601f1981840301815291815281516020928301206001600160601b03199094166000908152601a90925290206001019190915550565b6040805161010081018252600080825260208201819052918101829052606081018290526080810182905260a0810182905260c0810182905260e08101919091526001600160601b031982166000908152601a602090815260409182902082516101008101845281548152600182015492810192909252600281015467ffffffffffffffff81169383019390935263ffffffff600160401b840481166060840152600160601b840481166080840152600160801b84041660a0830152909160c083019060ff600160a01b909104166005811115611edb57611edb613954565b6005811115611eec57611eec613954565b81526020016003820154815250509050919050565b6064831115611f785760405162461bcd60e51b815260206004820152603e60248201527f4672617564206e6f74696669657220726577617264206d756c7469706c69657260448201527f206d75737420626520696e207468652072616e6765205b302c203130305d00006064820152608401611151565b60008211611fee5760405162461bcd60e51b815260206004820152603860248201527f4672617564206368616c6c656e6765206465666561742074696d656f7574206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611151565b6010850180546001600160601b0319166001600160601b03861690811790915560118601849055601286018390556013860182905560408051918252602082018590528101839052606081018290527f05a00d49ab61707f55232992ae68b57d8ed6e071aa0f9b88f992f19215a5f0869060800160405180910390a15050505050565b60008367ffffffffffffffff16116120f15760405162461bcd60e51b815260206004820152603060248201527f4465706f7369742064757374207468726573686f6c64206d757374206265206760448201527f726561746572207468616e207a65726f000000000000000000000000000000006064820152608401611151565b60008267ffffffffffffffff16116121715760405162461bcd60e51b815260206004820152603660248201527f4465706f736974207472656173757279206665652064697669736f72206d757360448201527f742062652067726561746572207468616e207a65726f000000000000000000006064820152608401611151565b60008167ffffffffffffffff16116121f15760405162461bcd60e51b815260206004820152603560248201527f4465706f736974207472616e73616374696f6e206d617820666565206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b6004840180547fffffffff0000000000000000ffffffffffffffffffffffffffffffffffffffff16600160a01b67ffffffffffffffff868116918202929092179092556005860180548583167fffffffffffffffffffffffffffffffff000000000000000000000000000000009091168117600160401b938616938402179091556040805193845260208401919091528201527f1ced468902ca566e746a3c8c9516af81f8de9f1021c365083be9f2625ebfb7b59060600160405180910390a150505050565b60008567ffffffffffffffff1611612339576040805162461bcd60e51b81526020600482015260248101919091527f4d6f76696e672066756e6473207472616e73616374696f6e206d617820746f7460448201527f616c20666565206d7573742062652067726561746572207468616e207a65726f6064820152608401611151565b60008463ffffffff16116123b55760405162461bcd60e51b815260206004820152602e60248201527f4d6f76696e672066756e64732074696d656f7574206d7573742062652067726560448201527f61746572207468616e207a65726f0000000000000000000000000000000000006064820152608401611151565b60648211156124525760405162461bcd60e51b815260206004820152604d60248201527f4d6f76696e672066756e64732074696d656f7574206e6f74696669657220726560448201527f77617264206d756c7469706c696572206d75737420626520696e20746865207260648201527f616e6765205b302c203130305d00000000000000000000000000000000000000608482015260a401611151565b60008167ffffffffffffffff16116124d25760405162461bcd60e51b815260206004820152603560248201527f4d6f76696e672066756e64732064757374207468726573686f6c64206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b6008860180546001600160601b038516600160601b81027fffffffffffffffff000000000000000000000000ffffffffffffffffffffffff63ffffffff8916600160401b81026001600160601b031990951667ffffffffffffffff8c811691821796909617929092169290921790945560098a01869055600a8a01805493861667ffffffffffffffff19909416841790556040805194855260208501919091528301526060820184905260808201527f3cb08bd9577c9b1e22ab543ef64f01f08ce3e6dea2cd14aeb408747fcae43b7d9060a00160405180910390a1505050505050565b8567ffffffffffffffff168567ffffffffffffffff16116126655760405162461bcd60e51b815260206004820152605960248201527f57616c6c6574206372656174696f6e206d6178696d756d204254432062616c6160448201527f6e6365206d7573742062652067726561746572207468616e207468652063726560648201527f6174696f6e206d696e696d756d204254432062616c616e636500000000000000608482015260a401611151565b60008467ffffffffffffffff16116126e55760405162461bcd60e51b815260206004820152603c60248201527f57616c6c657420636c6f73757265206d696e696d756d204254432062616c616e60448201527f6365206d7573742062652067726561746572207468616e207a65726f000000006064820152608401611151565b60008267ffffffffffffffff16116127655760405162461bcd60e51b815260206004820152603560248201527f57616c6c6574206d6178696d756d20425443207472616e73666572206d75737460448201527f2062652067726561746572207468616e207a65726f00000000000000000000006064820152608401611151565b60008163ffffffff16116127e15760405162461bcd60e51b815260206004820152602f60248201527f57616c6c657420636c6f73696e6720706572696f64206d75737420626520677260448201527f6561746572207468616e207a65726f00000000000000000000000000000000006064820152608401611151565b868860160160006101000a81548163ffffffff021916908363ffffffff160217905550858860160160046101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508488601601600c6101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550838860160160146101000a81548167ffffffffffffffff021916908367ffffffffffffffff1602179055508288601601601c6101000a81548163ffffffff021916908363ffffffff160217905550818860170160186101000a81548167ffffffffffffffff021916908367ffffffffffffffff160217905550808860180160006101000a81548163ffffffff021916908363ffffffff1602179055507fc7d3a9af08692aeae771c329fddd95c7237a9f76fec996325f3959eeff07d4ac87878787878787604051612974979695949392919063ffffffff978816815267ffffffffffffffff968716602082015294861660408601529285166060850152908516608084015290921660a0820152911660c082015260e00190565b60405180910390a15050505050505050565b60008667ffffffffffffffff1611612a065760405162461bcd60e51b815260206004820152603360248201527f526564656d7074696f6e2064757374207468726573686f6c64206d757374206260448201527f652067726561746572207468616e207a65726f000000000000000000000000006064820152608401611151565b60008567ffffffffffffffff1611612a865760405162461bcd60e51b815260206004820152603960248201527f526564656d7074696f6e207472656173757279206665652064697669736f722060448201527f6d7573742062652067726561746572207468616e207a65726f000000000000006064820152608401611151565b60008467ffffffffffffffff1611612b065760405162461bcd60e51b815260206004820152603860248201527f526564656d7074696f6e207472616e73616374696f6e206d617820666565206d60448201527f7573742062652067726561746572207468616e207a65726f00000000000000006064820152608401611151565b60008311612b7c5760405162461bcd60e51b815260206004820152602c60248201527f526564656d7074696f6e2074696d656f7574206d75737420626520677265617460448201527f6572207468616e207a65726f00000000000000000000000000000000000000006064820152608401611151565b6064811115612c195760405162461bcd60e51b815260206004820152604b60248201527f526564656d7074696f6e2074696d656f7574206e6f746966696572207265776160448201527f7264206d756c7469706c696572206d75737420626520696e207468652072616e60648201527f6765205b302c203130305d000000000000000000000000000000000000000000608482015260a401611151565b600a870180547fffffffffffffffff00000000000000000000000000000000ffffffffffffffff16600160401b67ffffffffffffffff8981169182027fffffffffffffffff0000000000000000ffffffffffffffffffffffffffffffff1692909217600160801b8984169081029190911777ffffffffffffffffffffffffffffffffffffffffffffffff16600160c01b93891693840217909355600b8a01869055600c8a0180546001600160601b0319166001600160601b038716908117909155600d8b018590556040805192835260208301949094529281019190915260608101859052608081019190915260a081018290527f944cd06e316cc3da4159300dd41ab23416c89a5136c41fa79d57fe8a34bcc10f9060c00160405180910390a150505050505050565b6001600160601b031981166000908152601983016020526040902060036002820154600160a01b900460ff166005811115612d8057612d80613954565b14612df35760405162461bcd60e51b815260206004820152602560248201527f45434453412077616c6c6574206d75737420626520696e20436c6f73696e672060448201527f73746174650000000000000000000000000000000000000000000000000000006064820152608401611151565b60188301546002820154612e179163ffffffff90811691600160801b90041661424c565b63ffffffff164211612e915760405162461bcd60e51b815260206004820152602260248201527f436c6f73696e6720706572696f6420686173206e6f7420656c6170736564207960448201527f65740000000000000000000000000000000000000000000000000000000000006064820152608401611151565b6111d58383612f09565b600080546001600160a01b0383811673ffffffffffffffffffffffffffffffffffffffff1983168117909355604080519190921680825260208201939093527f5f56bee8cffbe9a78652a74a60705edede02af10b0bbb888ca44b79a0d42ce80910160405180910390a15050565b6001600160601b03198116600081815260198401602052604080822060028101805460ff60a01b191674040000000000000000000000000000000000000000179055805491519093927f47b159947c3066cb253f60e8f046cfd747411788a545cb189679e3fa1467b28d91a3600283015481546040517f343bb9270000000000000000000000000000000000000000000000000000000081526001600160a01b039092169163343bb92791612fc49160040190815260200190565b600060405180830381600087803b158015612fde57600080fd5b505af11580156113f0573d6000803e3d6000fd5b60006020828403121561300457600080fd5b5035919050565b80356001600160601b03198116811461302357600080fd5b919050565b60006060828403121561303a57600080fd5b50919050565b6000806080838503121561305357600080fd5b61305c8361300b565b915061306b8460208501613028565b90509250929050565b80356001600160601b038116811461302357600080fd5b600080600080608085870312156130a157600080fd5b6130aa85613074565b966020860135965060408601359560600135945092505050565b67ffffffffffffffff81168114611c1557600080fd5b6000806000606084860312156130ef57600080fd5b83356130fa816130c4565b9250602084013561310a816130c4565b9150604084013561311a816130c4565b809150509250925092565b63ffffffff81168114611c1557600080fd5b600080600080600060a0868803121561314f57600080fd5b853561315a816130c4565b9450602086013561316a81613125565b935061317860408701613074565b925060608601359150608086013561318f816130c4565b809150509295509295909350565b60006080828403121561303a57600080fd5b60008060008060c085870312156131c557600080fd5b843567ffffffffffffffff808211156131dd57600080fd5b6131e98883890161319d565b955060208701359150808211156131ff57600080fd5b5061320c87828801613028565b93505061321c8660408701613028565b915061322a60a0860161300b565b905092959194509250565b60008083601f84011261324757600080fd5b50813567ffffffffffffffff81111561325f57600080fd5b6020830191508360208260051b850101111561327a57600080fd5b9250929050565b60008083601f84011261329357600080fd5b50813567ffffffffffffffff8111156132ab57600080fd5b60208301915083602082850101111561327a57600080fd5b6000806000806000606086880312156132db57600080fd5b6132e48661300b565b9450602086013567ffffffffffffffff8082111561330157600080fd5b61330d89838a01613235565b9096509450604088013591508082111561332657600080fd5b5061333388828901613281565b969995985093965092949392505050565b60006020828403121561335657600080fd5b8135613361816130c4565b9392505050565b60008060006060848603121561337d57600080fd5b505081359360208301359350604090920135919050565b6000806000806000606086880312156133ac57600080fd5b853567ffffffffffffffff808211156133c457600080fd5b6133d089838a01613281565b909750955060208801359150808211156133e957600080fd5b506133f688828901613235565b96999598509660400135949350505050565b600080600060a0848603121561341d57600080fd5b833567ffffffffffffffff8082111561343557600080fd5b6134418783880161319d565b9450602086013591508082111561345757600080fd5b5061346486828701613028565b9250506134748560408601613028565b90509250925092565b60008082840361010081121561349257600080fd5b833567ffffffffffffffff8111156134a957600080fd5b6134b58682870161319d565b93505060e0601f19820112156134ca57600080fd5b506020830190509250929050565b80356001600160a01b038116811461302357600080fd5b8035801515811461302357600080fd5b6000806040838503121561351257600080fd5b61351b836134d8565b915061306b602084016134ef565b60008060008060a0858703121561353f57600080fd5b843567ffffffffffffffff81111561355657600080fd5b61356287828801613281565b9095509350506020850135915061322a8660408701613028565b6000806020838503121561358f57600080fd5b823567ffffffffffffffff808211156135a757600080fd5b818501915085601f8301126135bb57600080fd5b8135818111156135ca57600080fd5b8660206060830285010111156135df57600080fd5b60209290920196919550909350505050565b60008060008060006060868803121561360957600080fd5b853567ffffffffffffffff8082111561362157600080fd5b61362d89838a01613281565b9097509550602088013591508082111561364657600080fd5b5061365388828901613281565b90945092506136669050604087016134ef565b90509295509295909350565b600080600080600080600060e0888a03121561368d57600080fd5b873561369881613125565b965060208801356136a8816130c4565b955060408801356136b8816130c4565b945060608801356136c8816130c4565b935060808801356136d881613125565b925060a08801356136e8816130c4565b915060c08801356136f881613125565b8091505092959891949750929550565b60008082840361012081121561371d57600080fd5b6137268461300b565b9250610100601f19820112156134ca57600080fd5b60008060006040848603121561375057600080fd5b6137598461300b565b9250602084013567ffffffffffffffff81111561377557600080fd5b61378186828701613235565b9497909650939450505050565b6000606082840312156137a057600080fd5b6133618383613028565b600080600080600080600060e0888a0312156137c557600080fd5b6137ce8861300b565b96506137dd8960208a01613028565b9550608088013567ffffffffffffffff808211156137fa57600080fd5b6138068b838c01613235565b909750955060a08a0135945060c08a013591508082111561382657600080fd5b506138338a828b01613235565b989b979a50959850939692959293505050565b60008060008060008060c0878903121561385f57600080fd5b863561386a816130c4565b9550602087013561387a816130c4565b9450604087013561388a816130c4565b93506060870135925061389f60808801613074565b915060a087013590509295509295509295565b6000602082840312156138c457600080fd5b6133618261300b565b6000602082840312156138df57600080fd5b613361826134d8565b600080600080600060c0868803121561390057600080fd5b6139098661300b565b94506139188760208801613028565b9350608086013567ffffffffffffffff81111561393457600080fd5b61394088828901613281565b90945092505060a086013561318f816130c4565b634e487b7160e01b600052602160045260246000fd5b600061010082019050825182526020830151602083015267ffffffffffffffff6040840151166040830152606083015163ffffffff80821660608501528060808601511660808501528060a08601511660a0850152505060c0830151600681106139e457634e487b7160e01b600052602160045260246000fd5b8060c08401525060e083015160e083015292915050565b803582526020810135613a0d81613125565b63ffffffff1660208301526040810135613a26816130c4565b67ffffffffffffffff81166040840152505050565b8381526001600160601b03198316602082015260a08101613a5f60408301846139fb565b949350505050565b80356001600160e01b03198116811461302357600080fd5b6000808335601e19843603018112613a9657600080fd5b830160208101925035905067ffffffffffffffff811115613ab657600080fd5b80360383131561327a57600080fd5b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b60006001600160e01b031980613b0384613a67565b168452613b136020840184613a7f565b60806020870152613b28608087018284613ac5565b915050613b386040850185613a7f565b8683036040880152613b4b838284613ac5565b9250505081613b5c60608601613a67565b166060860152809250505092915050565b6000613b798283613a7f565b60608552613b8b606086018284613ac5565b91505060208301356020850152613ba56040840184613a7f565b8583036040870152613bb8838284613ac5565b9695505050505050565b85815260e060208201526000613bdb60e0830187613aee565b8281036040840152613bed8187613b6d565b915050613bfd60608301856139fb565b6001600160601b0319831660c08301529695505050505050565b8183526000602080850194508260005b85811015613c52578135613c3a81613125565b63ffffffff1687529582019590820190600101613c27565b509495945050505050565b8681526001600160601b031986166020820152608060408201526000613c87608083018688613c17565b8281036060840152613c9a818587613ac5565b9998505050505050505050565b868152608060208201526000613cc1608083018789613ac5565b8281036040840152613cd4818688613c17565b915050826060830152979650505050505050565b84815260c060208201526000613d0160c0830186613aee565b8281036040840152613d138186613b6d565b915050613d2360608301846139fb565b95945050505050565b6000610120858352806020840152613d4681840186613aee565b9150508235613d5481613125565b63ffffffff1660408301526001600160a01b03613d73602085016134d8565b166060830152604083013577ffffffffffffffffffffffffffffffffffffffffffffffff1981168114613da557600080fd5b77ffffffffffffffffffffffffffffffffffffffffffffffff19166080830152613dd16060840161300b565b6001600160601b03191660a0830152613dec6080840161300b565b6001600160601b03191660c0830152613e0760a08401613a67565b6001600160e01b03191660e0830152613e2260c084016134d8565b6001600160a01b03811661010084015250949350505050565b85815260c060208201526000613e5560c083018688613ac5565b90508360408301528235606083015260208301356080830152604083013560ff8116808214613e8357600080fd5b8060a085015250509695505050505050565b634e487b7160e01b600052603260045260246000fd5b600060208284031215613ebd57600080fd5b813561336181613125565b634e487b7160e01b600052601160045260246000fd5b6000600019821415613ef257613ef2613ec8565b5060010190565b868152608060208201526000613f13608083018789613ac5565b8281036040840152613f26818688613ac5565b9150508215156060830152979650505050505050565b60008135613f4981613125565b92915050565b60068110611c1557600080fd5b60008135613f4981613f4f565b60068210613f8757634e487b7160e01b600052602160045260246000fd5b805474ff00000000000000000000000000000000000000008360a01b1660ff60a01b198216178255505050565b8135815560208201356001820155600281016040830135613fd4816130c4565b67ffffffffffffffff8116905081548167ffffffffffffffff198216178355606085013561400181613125565b6bffffffff00000000000000008160401b16836001600160601b031984161717845550505061407661403560808501613f3c565b82547fffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffff1660609190911b6fffffffff00000000000000000000000016178255565b6140ca61408560a08501613f3c565b82547fffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffff1660809190911b73ffffffff0000000000000000000000000000000016178255565b6140df6140d960c08501613f5c565b82613f69565b5060e082013560038201555050565b60006020828403121561410057600080fd5b813561336181613f4f565b600063ffffffff8083168181141561412557614125613ec8565b6001019392505050565b8481526001600160601b031984166020820152606060408201526000613bb8606083018486613c17565b8281526080810161336160208301846139fb565b60006101008a835260206001600160601b0319808c1682860152614194604086018c6139fb565b8260a08601526141a78386018a8c613c17565b60c0860189905285810360e0870152868152879350820160005b878110156141e657826141d38661300b565b16825293830193908301906001016141c1565b509d9c50505050505050505050505050565b8681526001600160601b03198616602082015261421860408201866139fb565b60e060a0820152600061422f60e083018587613ac5565b905067ffffffffffffffff831660c0830152979650505050505050565b600063ffffffff80831681851680830382111561426b5761426b613ec8565b0194935050505056fea2646970667358221220d401a69186e7bf72ab215f60733fba5331d03c5b71eb017b0e868bdf21fd874c64736f6c63430008090033",
2353
2377
  "libraries": {
2354
2378
  "Deposit": "0x130A46b6E41DB6E1e18fb9c759F223c459190e90",
2355
2379
  "Sweep": "0x55cb3b67D9E65F0Cf4eABCAC84564a1bE6E3b06A",
@@ -2420,6 +2444,8 @@
2420
2444
  "returns": {
2421
2445
  "movingFundsDustThreshold": "The minimal satoshi amount that makes",
2422
2446
  "movingFundsTimeout": "Time after which the moving funds process can be reported as timed out. It is counted from the moment when the wallet was requested to move their funds and switched to the MovingFunds state. Value in seconds.",
2447
+ "movingFundsTimeoutNotifierRewardMultiplier": "The percentage of the notifier reward from the staking contract the notifier of a moving funds timeout receives. The value is in the range [0, 100].",
2448
+ "movingFundsTimeoutSlashingAmount": "The amount of stake slashed from each member of a wallet for a moving funds timeout.",
2423
2449
  "movingFundsTxMaxTotalFee": "Maximum amount of the total BTC transaction fee that is acceptable in a single moving funds transaction. This is a _total_ max fee for the entire moving funds transaction."
2424
2450
  }
2425
2451
  },
@@ -2431,7 +2457,7 @@
2431
2457
  }
2432
2458
  },
2433
2459
  "notifyFraudChallengeDefeatTimeout(bytes,uint32[],bytes32)": {
2434
- "details": "Requirements: - The wallet must be in the Live or MovingFunds or Closing or Terminated state - The `walletPublicKey` and `sighash` must identify an open fraud challenge - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The amount of time indicated by `challengeDefeatTimeout` must pass after the challenge was reported",
2460
+ "details": "Requirements: - The wallet must be in the Live or MovingFunds or Closing or Terminated state - The `walletPublicKey` and `sighash` must identify an open fraud challenge - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract - The amount of time indicated by `challengeDefeatTimeout` must pass after the challenge was reported",
2435
2461
  "params": {
2436
2462
  "sighash": "The hash that was used to produce the ECDSA signature that is the subject of the fraud claim. This hash is constructed by applying double SHA-256 over a serialized subset of the transaction. The exact subset used as hash preimage depends on the transaction input the signature is produced for. See BIP-143 for reference",
2437
2463
  "walletMembersIDs": "Identifiers of the wallet signing group members",
@@ -2445,14 +2471,15 @@
2445
2471
  "walletPubKeyHash": "20-byte public key hash of the wallet"
2446
2472
  }
2447
2473
  },
2448
- "notifyMovingFundsTimeout(bytes20)": {
2449
- "details": "Requirements: - The wallet must be in the MovingFunds state - The moving funds timeout must be actually exceeded",
2474
+ "notifyMovingFundsTimeout(bytes20,uint32[])": {
2475
+ "details": "Requirements: - The wallet must be in the MovingFunds state - The moving funds timeout must be actually exceeded - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract",
2450
2476
  "params": {
2477
+ "walletMembersIDs": "Identifiers of the wallet signing group members",
2451
2478
  "walletPubKeyHash": "20-byte public key hash of the wallet"
2452
2479
  }
2453
2480
  },
2454
2481
  "notifyRedemptionTimeout(bytes20,uint32[],bytes)": {
2455
- "details": "Requirements: - The wallet must be in the Live or MovingFunds or Terminated state - The redemption request identified by `walletPubKeyHash` and `redeemerOutputScript` must exist - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events. - The amount of time defined by `redemptionTimeout` must have passed since the redemption was requested (the request must be timed-out).",
2482
+ "details": "Requirements: - The wallet must be in the Live or MovingFunds or Terminated state - The redemption request identified by `walletPubKeyHash` and `redeemerOutputScript` must exist - The expression `keccak256(abi.encode(walletMembersIDs))` must be exactly the same as the hash stored under `membersIdsHash` for the given `walletID`. Those IDs are not directly stored in the contract for gas efficiency purposes but they can be read from appropriate `DkgResultSubmitted` and `DkgResultApproved` events of the `WalletRegistry` contract - The amount of time defined by `redemptionTimeout` must have passed since the redemption was requested (the request must be timed-out)",
2456
2483
  "params": {
2457
2484
  "redeemerOutputScript": "The redeemer's length-prefixed output script (P2PKH, P2WPKH, P2SH or P2WSH)",
2458
2485
  "walletMembersIDs": "Identifiers of the wallet signing group members",
@@ -2564,8 +2591,8 @@
2564
2591
  "fraudSlashingAmount": "New value of the fraud slashing amount in T, it is the amount slashed from each wallet member for committing a fraud"
2565
2592
  }
2566
2593
  },
2567
- "updateMovingFundsParameters(uint64,uint32,uint64)": {
2568
- "details": "Requirements: - Moving funds transaction max total fee must be greater than zero - Moving funds timeout must be greater than zero - Moving funds dust threshold must be greater than zero"
2594
+ "updateMovingFundsParameters(uint64,uint32,uint96,uint256,uint64)": {
2595
+ "details": "Requirements: - Moving funds transaction max total fee must be greater than zero - Moving funds timeout must be greater than zero - Moving funds timeout notifier reward multiplier must be in the range [0, 100] - Moving funds dust threshold must be greater than zero"
2569
2596
  },
2570
2597
  "updateRedemptionParameters(uint64,uint64,uint64,uint256,uint96,uint256)": {
2571
2598
  "details": "Requirements: - Redemption dust threshold must be greater than zero - Redemption treasury fee divisor must be greater than zero - Redemption transaction max fee must be greater than zero - Redemption timeout must be greater than zero - Redemption timeout notifier reward multiplier must be in the range [0, 100]",
@@ -2651,11 +2678,11 @@
2651
2678
  "notifyMovingFundsBelowDust(bytes20,(bytes32,uint32,uint64))": {
2652
2679
  "notice": "Notifies about a moving funds wallet whose BTC balance is below the moving funds dust threshold. Ends the moving funds process and begins wallet closing immediately."
2653
2680
  },
2654
- "notifyMovingFundsTimeout(bytes20)": {
2681
+ "notifyMovingFundsTimeout(bytes20,uint32[])": {
2655
2682
  "notice": "Notifies about a timed out moving funds process. Terminates the wallet and slashes signing group members as a result."
2656
2683
  },
2657
2684
  "notifyRedemptionTimeout(bytes20,uint32[],bytes)": {
2658
- "notice": "Notifies that there is a pending redemption request associated with the given wallet, that has timed out. The redemption request is identified by the key built as `keccak256(walletPubKeyHash | redeemerOutputScript)`. The results of calling this function: - the pending redemptions value for the wallet will be decreased by the requested amount (minus treasury fee), - the tokens taken from the redeemer on redemption request will be returned to the redeemer, - the request will be moved from pending redemptions to timed-out redemptions. - if the state of the wallet is `Live` or `MovingFunds`, the wallet operators will be slashed and the notifier will be rewarded - if the state of wallet is `Live`, the wallet will be closed or marked as `MovingFunds` (depending on the presence or absence of the wallet's main UTXO) and the wallet will no longer be marked as the active wallet (if it was marked as such)."
2685
+ "notice": "Notifies that there is a pending redemption request associated with the given wallet, that has timed out. The redemption request is identified by the key built as `keccak256(walletPubKeyHash | redeemerOutputScript)`. The results of calling this function: - the pending redemptions value for the wallet will be decreased by the requested amount (minus treasury fee), - the tokens taken from the redeemer on redemption request will be returned to the redeemer, - the request will be moved from pending redemptions to timed-out redemptions, - if the state of the wallet is `Live` or `MovingFunds`, the wallet operators will be slashed and the notifier will be rewarded, - if the state of wallet is `Live`, the wallet will be closed or marked as `MovingFunds` (depending on the presence or absence of the wallet's main UTXO) and the wallet will no longer be marked as the active wallet (if it was marked as such)."
2659
2686
  },
2660
2687
  "notifyWalletClosingPeriodElapsed(bytes20)": {
2661
2688
  "notice": "Notifies about the end of the closing period for the given wallet. Closes the wallet ultimately and notifies the ECDSA registry about this fact."
@@ -2739,7 +2766,7 @@
2739
2766
  "label": "self",
2740
2767
  "offset": 0,
2741
2768
  "slot": "1",
2742
- "type": "t_struct(Storage)13293_storage"
2769
+ "type": "t_struct(Storage)13339_storage"
2743
2770
  }
2744
2771
  ],
2745
2772
  "types": {
@@ -2768,7 +2795,7 @@
2768
2795
  "label": "contract Bank",
2769
2796
  "numberOfBytes": "20"
2770
2797
  },
2771
- "t_contract(IRelay)14820": {
2798
+ "t_contract(IRelay)14895": {
2772
2799
  "encoding": "inplace",
2773
2800
  "label": "contract IRelay",
2774
2801
  "numberOfBytes": "20"
@@ -2778,7 +2805,7 @@
2778
2805
  "label": "contract IWalletRegistry",
2779
2806
  "numberOfBytes": "20"
2780
2807
  },
2781
- "t_enum(WalletState)17839": {
2808
+ "t_enum(WalletState)17933": {
2782
2809
  "encoding": "inplace",
2783
2810
  "label": "enum Wallets.WalletState",
2784
2811
  "numberOfBytes": "1"
@@ -2790,12 +2817,12 @@
2790
2817
  "numberOfBytes": "32",
2791
2818
  "value": "t_bool"
2792
2819
  },
2793
- "t_mapping(t_bytes20,t_struct(Wallet)17857_storage)": {
2820
+ "t_mapping(t_bytes20,t_struct(Wallet)17951_storage)": {
2794
2821
  "encoding": "mapping",
2795
2822
  "key": "t_bytes20",
2796
2823
  "label": "mapping(bytes20 => struct Wallets.Wallet)",
2797
2824
  "numberOfBytes": "32",
2798
- "value": "t_struct(Wallet)17857_storage"
2825
+ "value": "t_struct(Wallet)17951_storage"
2799
2826
  },
2800
2827
  "t_mapping(t_uint256,t_bool)": {
2801
2828
  "encoding": "mapping",
@@ -2804,33 +2831,33 @@
2804
2831
  "numberOfBytes": "32",
2805
2832
  "value": "t_bool"
2806
2833
  },
2807
- "t_mapping(t_uint256,t_struct(DepositRequest)13775_storage)": {
2834
+ "t_mapping(t_uint256,t_struct(DepositRequest)13850_storage)": {
2808
2835
  "encoding": "mapping",
2809
2836
  "key": "t_uint256",
2810
2837
  "label": "mapping(uint256 => struct Deposit.DepositRequest)",
2811
2838
  "numberOfBytes": "32",
2812
- "value": "t_struct(DepositRequest)13775_storage"
2839
+ "value": "t_struct(DepositRequest)13850_storage"
2813
2840
  },
2814
- "t_mapping(t_uint256,t_struct(FraudChallenge)14137_storage)": {
2841
+ "t_mapping(t_uint256,t_struct(FraudChallenge)14212_storage)": {
2815
2842
  "encoding": "mapping",
2816
2843
  "key": "t_uint256",
2817
2844
  "label": "mapping(uint256 => struct Fraud.FraudChallenge)",
2818
2845
  "numberOfBytes": "32",
2819
- "value": "t_struct(FraudChallenge)14137_storage"
2846
+ "value": "t_struct(FraudChallenge)14212_storage"
2820
2847
  },
2821
- "t_mapping(t_uint256,t_struct(RedemptionRequest)15662_storage)": {
2848
+ "t_mapping(t_uint256,t_struct(RedemptionRequest)15756_storage)": {
2822
2849
  "encoding": "mapping",
2823
2850
  "key": "t_uint256",
2824
2851
  "label": "mapping(uint256 => struct Redemption.RedemptionRequest)",
2825
2852
  "numberOfBytes": "32",
2826
- "value": "t_struct(RedemptionRequest)15662_storage"
2853
+ "value": "t_struct(RedemptionRequest)15756_storage"
2827
2854
  },
2828
- "t_struct(DepositRequest)13775_storage": {
2855
+ "t_struct(DepositRequest)13850_storage": {
2829
2856
  "encoding": "inplace",
2830
2857
  "label": "struct Deposit.DepositRequest",
2831
2858
  "members": [
2832
2859
  {
2833
- "astId": 13764,
2860
+ "astId": 13839,
2834
2861
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2835
2862
  "label": "depositor",
2836
2863
  "offset": 0,
@@ -2838,7 +2865,7 @@
2838
2865
  "type": "t_address"
2839
2866
  },
2840
2867
  {
2841
- "astId": 13766,
2868
+ "astId": 13841,
2842
2869
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2843
2870
  "label": "amount",
2844
2871
  "offset": 20,
@@ -2846,7 +2873,7 @@
2846
2873
  "type": "t_uint64"
2847
2874
  },
2848
2875
  {
2849
- "astId": 13768,
2876
+ "astId": 13843,
2850
2877
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2851
2878
  "label": "revealedAt",
2852
2879
  "offset": 28,
@@ -2854,7 +2881,7 @@
2854
2881
  "type": "t_uint32"
2855
2882
  },
2856
2883
  {
2857
- "astId": 13770,
2884
+ "astId": 13845,
2858
2885
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2859
2886
  "label": "vault",
2860
2887
  "offset": 0,
@@ -2862,7 +2889,7 @@
2862
2889
  "type": "t_address"
2863
2890
  },
2864
2891
  {
2865
- "astId": 13772,
2892
+ "astId": 13847,
2866
2893
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2867
2894
  "label": "treasuryFee",
2868
2895
  "offset": 20,
@@ -2870,7 +2897,7 @@
2870
2897
  "type": "t_uint64"
2871
2898
  },
2872
2899
  {
2873
- "astId": 13774,
2900
+ "astId": 13849,
2874
2901
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2875
2902
  "label": "sweptAt",
2876
2903
  "offset": 28,
@@ -2880,12 +2907,12 @@
2880
2907
  ],
2881
2908
  "numberOfBytes": "64"
2882
2909
  },
2883
- "t_struct(FraudChallenge)14137_storage": {
2910
+ "t_struct(FraudChallenge)14212_storage": {
2884
2911
  "encoding": "inplace",
2885
2912
  "label": "struct Fraud.FraudChallenge",
2886
2913
  "members": [
2887
2914
  {
2888
- "astId": 14130,
2915
+ "astId": 14205,
2889
2916
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2890
2917
  "label": "challenger",
2891
2918
  "offset": 0,
@@ -2893,7 +2920,7 @@
2893
2920
  "type": "t_address"
2894
2921
  },
2895
2922
  {
2896
- "astId": 14132,
2923
+ "astId": 14207,
2897
2924
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2898
2925
  "label": "depositAmount",
2899
2926
  "offset": 0,
@@ -2901,7 +2928,7 @@
2901
2928
  "type": "t_uint256"
2902
2929
  },
2903
2930
  {
2904
- "astId": 14134,
2931
+ "astId": 14209,
2905
2932
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2906
2933
  "label": "reportedAt",
2907
2934
  "offset": 0,
@@ -2909,7 +2936,7 @@
2909
2936
  "type": "t_uint32"
2910
2937
  },
2911
2938
  {
2912
- "astId": 14136,
2939
+ "astId": 14211,
2913
2940
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2914
2941
  "label": "resolved",
2915
2942
  "offset": 4,
@@ -2919,12 +2946,12 @@
2919
2946
  ],
2920
2947
  "numberOfBytes": "96"
2921
2948
  },
2922
- "t_struct(RedemptionRequest)15662_storage": {
2949
+ "t_struct(RedemptionRequest)15756_storage": {
2923
2950
  "encoding": "inplace",
2924
2951
  "label": "struct Redemption.RedemptionRequest",
2925
2952
  "members": [
2926
2953
  {
2927
- "astId": 15653,
2954
+ "astId": 15747,
2928
2955
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2929
2956
  "label": "redeemer",
2930
2957
  "offset": 0,
@@ -2932,7 +2959,7 @@
2932
2959
  "type": "t_address"
2933
2960
  },
2934
2961
  {
2935
- "astId": 15655,
2962
+ "astId": 15749,
2936
2963
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2937
2964
  "label": "requestedAmount",
2938
2965
  "offset": 20,
@@ -2940,7 +2967,7 @@
2940
2967
  "type": "t_uint64"
2941
2968
  },
2942
2969
  {
2943
- "astId": 15657,
2970
+ "astId": 15751,
2944
2971
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2945
2972
  "label": "treasuryFee",
2946
2973
  "offset": 0,
@@ -2948,7 +2975,7 @@
2948
2975
  "type": "t_uint64"
2949
2976
  },
2950
2977
  {
2951
- "astId": 15659,
2978
+ "astId": 15753,
2952
2979
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2953
2980
  "label": "txMaxFee",
2954
2981
  "offset": 8,
@@ -2956,7 +2983,7 @@
2956
2983
  "type": "t_uint64"
2957
2984
  },
2958
2985
  {
2959
- "astId": 15661,
2986
+ "astId": 15755,
2960
2987
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2961
2988
  "label": "requestedAt",
2962
2989
  "offset": 16,
@@ -2966,12 +2993,12 @@
2966
2993
  ],
2967
2994
  "numberOfBytes": "64"
2968
2995
  },
2969
- "t_struct(Storage)13293_storage": {
2996
+ "t_struct(Storage)13339_storage": {
2970
2997
  "encoding": "inplace",
2971
2998
  "label": "struct BridgeState.Storage",
2972
2999
  "members": [
2973
3000
  {
2974
- "astId": 13199,
3001
+ "astId": 13241,
2975
3002
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2976
3003
  "label": "bank",
2977
3004
  "offset": 0,
@@ -2979,15 +3006,15 @@
2979
3006
  "type": "t_contract(Bank)11616"
2980
3007
  },
2981
3008
  {
2982
- "astId": 13202,
3009
+ "astId": 13244,
2983
3010
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2984
3011
  "label": "relay",
2985
3012
  "offset": 0,
2986
3013
  "slot": "1",
2987
- "type": "t_contract(IRelay)14820"
3014
+ "type": "t_contract(IRelay)14895"
2988
3015
  },
2989
3016
  {
2990
- "astId": 13205,
3017
+ "astId": 13247,
2991
3018
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
2992
3019
  "label": "ecdsaWalletRegistry",
2993
3020
  "offset": 0,
@@ -2995,7 +3022,7 @@
2995
3022
  "type": "t_contract(IWalletRegistry)3962"
2996
3023
  },
2997
3024
  {
2998
- "astId": 13207,
3025
+ "astId": 13249,
2999
3026
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3000
3027
  "label": "txProofDifficultyFactor",
3001
3028
  "offset": 0,
@@ -3003,7 +3030,7 @@
3003
3030
  "type": "t_uint256"
3004
3031
  },
3005
3032
  {
3006
- "astId": 13209,
3033
+ "astId": 13251,
3007
3034
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3008
3035
  "label": "treasury",
3009
3036
  "offset": 0,
@@ -3011,7 +3038,7 @@
3011
3038
  "type": "t_address"
3012
3039
  },
3013
3040
  {
3014
- "astId": 13211,
3041
+ "astId": 13253,
3015
3042
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3016
3043
  "label": "depositDustThreshold",
3017
3044
  "offset": 20,
@@ -3019,7 +3046,7 @@
3019
3046
  "type": "t_uint64"
3020
3047
  },
3021
3048
  {
3022
- "astId": 13213,
3049
+ "astId": 13255,
3023
3050
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3024
3051
  "label": "depositTreasuryFeeDivisor",
3025
3052
  "offset": 0,
@@ -3027,7 +3054,7 @@
3027
3054
  "type": "t_uint64"
3028
3055
  },
3029
3056
  {
3030
- "astId": 13215,
3057
+ "astId": 13257,
3031
3058
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3032
3059
  "label": "depositTxMaxFee",
3033
3060
  "offset": 8,
@@ -3035,15 +3062,15 @@
3035
3062
  "type": "t_uint64"
3036
3063
  },
3037
3064
  {
3038
- "astId": 13220,
3065
+ "astId": 13262,
3039
3066
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3040
3067
  "label": "deposits",
3041
3068
  "offset": 0,
3042
3069
  "slot": "6",
3043
- "type": "t_mapping(t_uint256,t_struct(DepositRequest)13775_storage)"
3070
+ "type": "t_mapping(t_uint256,t_struct(DepositRequest)13850_storage)"
3044
3071
  },
3045
3072
  {
3046
- "astId": 13224,
3073
+ "astId": 13266,
3047
3074
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3048
3075
  "label": "isVaultTrusted",
3049
3076
  "offset": 0,
@@ -3051,7 +3078,7 @@
3051
3078
  "type": "t_mapping(t_address,t_bool)"
3052
3079
  },
3053
3080
  {
3054
- "astId": 13226,
3081
+ "astId": 13268,
3055
3082
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3056
3083
  "label": "movingFundsTxMaxTotalFee",
3057
3084
  "offset": 0,
@@ -3059,7 +3086,7 @@
3059
3086
  "type": "t_uint64"
3060
3087
  },
3061
3088
  {
3062
- "astId": 13228,
3089
+ "astId": 13270,
3063
3090
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3064
3091
  "label": "movingFundsTimeout",
3065
3092
  "offset": 8,
@@ -3067,214 +3094,230 @@
3067
3094
  "type": "t_uint32"
3068
3095
  },
3069
3096
  {
3070
- "astId": 13230,
3097
+ "astId": 13272,
3071
3098
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3072
- "label": "movingFundsDustThreshold",
3099
+ "label": "movingFundsTimeoutSlashingAmount",
3073
3100
  "offset": 12,
3074
3101
  "slot": "8",
3102
+ "type": "t_uint96"
3103
+ },
3104
+ {
3105
+ "astId": 13274,
3106
+ "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3107
+ "label": "movingFundsTimeoutNotifierRewardMultiplier",
3108
+ "offset": 0,
3109
+ "slot": "9",
3110
+ "type": "t_uint256"
3111
+ },
3112
+ {
3113
+ "astId": 13276,
3114
+ "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3115
+ "label": "movingFundsDustThreshold",
3116
+ "offset": 0,
3117
+ "slot": "10",
3075
3118
  "type": "t_uint64"
3076
3119
  },
3077
3120
  {
3078
- "astId": 13232,
3121
+ "astId": 13278,
3079
3122
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3080
3123
  "label": "redemptionDustThreshold",
3081
- "offset": 20,
3082
- "slot": "8",
3124
+ "offset": 8,
3125
+ "slot": "10",
3083
3126
  "type": "t_uint64"
3084
3127
  },
3085
3128
  {
3086
- "astId": 13234,
3129
+ "astId": 13280,
3087
3130
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3088
3131
  "label": "redemptionTreasuryFeeDivisor",
3089
- "offset": 0,
3090
- "slot": "9",
3132
+ "offset": 16,
3133
+ "slot": "10",
3091
3134
  "type": "t_uint64"
3092
3135
  },
3093
3136
  {
3094
- "astId": 13236,
3137
+ "astId": 13282,
3095
3138
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3096
3139
  "label": "redemptionTxMaxFee",
3097
- "offset": 8,
3098
- "slot": "9",
3140
+ "offset": 24,
3141
+ "slot": "10",
3099
3142
  "type": "t_uint64"
3100
3143
  },
3101
3144
  {
3102
- "astId": 13238,
3145
+ "astId": 13284,
3103
3146
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3104
3147
  "label": "redemptionTimeout",
3105
3148
  "offset": 0,
3106
- "slot": "10",
3149
+ "slot": "11",
3107
3150
  "type": "t_uint256"
3108
3151
  },
3109
3152
  {
3110
- "astId": 13240,
3153
+ "astId": 13286,
3111
3154
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3112
3155
  "label": "redemptionTimeoutSlashingAmount",
3113
3156
  "offset": 0,
3114
- "slot": "11",
3157
+ "slot": "12",
3115
3158
  "type": "t_uint96"
3116
3159
  },
3117
3160
  {
3118
- "astId": 13242,
3161
+ "astId": 13288,
3119
3162
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3120
3163
  "label": "redemptionTimeoutNotifierRewardMultiplier",
3121
3164
  "offset": 0,
3122
- "slot": "12",
3165
+ "slot": "13",
3123
3166
  "type": "t_uint256"
3124
3167
  },
3125
3168
  {
3126
- "astId": 13247,
3169
+ "astId": 13293,
3127
3170
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3128
3171
  "label": "pendingRedemptions",
3129
3172
  "offset": 0,
3130
- "slot": "13",
3131
- "type": "t_mapping(t_uint256,t_struct(RedemptionRequest)15662_storage)"
3173
+ "slot": "14",
3174
+ "type": "t_mapping(t_uint256,t_struct(RedemptionRequest)15756_storage)"
3132
3175
  },
3133
3176
  {
3134
- "astId": 13252,
3177
+ "astId": 13298,
3135
3178
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3136
3179
  "label": "timedOutRedemptions",
3137
3180
  "offset": 0,
3138
- "slot": "14",
3139
- "type": "t_mapping(t_uint256,t_struct(RedemptionRequest)15662_storage)"
3181
+ "slot": "15",
3182
+ "type": "t_mapping(t_uint256,t_struct(RedemptionRequest)15756_storage)"
3140
3183
  },
3141
3184
  {
3142
- "astId": 13254,
3185
+ "astId": 13300,
3143
3186
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3144
3187
  "label": "fraudSlashingAmount",
3145
3188
  "offset": 0,
3146
- "slot": "15",
3189
+ "slot": "16",
3147
3190
  "type": "t_uint96"
3148
3191
  },
3149
3192
  {
3150
- "astId": 13256,
3193
+ "astId": 13302,
3151
3194
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3152
3195
  "label": "fraudNotifierRewardMultiplier",
3153
3196
  "offset": 0,
3154
- "slot": "16",
3197
+ "slot": "17",
3155
3198
  "type": "t_uint256"
3156
3199
  },
3157
3200
  {
3158
- "astId": 13258,
3201
+ "astId": 13304,
3159
3202
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3160
3203
  "label": "fraudChallengeDefeatTimeout",
3161
3204
  "offset": 0,
3162
- "slot": "17",
3205
+ "slot": "18",
3163
3206
  "type": "t_uint256"
3164
3207
  },
3165
3208
  {
3166
- "astId": 13260,
3209
+ "astId": 13306,
3167
3210
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3168
3211
  "label": "fraudChallengeDepositAmount",
3169
3212
  "offset": 0,
3170
- "slot": "18",
3213
+ "slot": "19",
3171
3214
  "type": "t_uint256"
3172
3215
  },
3173
3216
  {
3174
- "astId": 13265,
3217
+ "astId": 13311,
3175
3218
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3176
3219
  "label": "fraudChallenges",
3177
3220
  "offset": 0,
3178
- "slot": "19",
3179
- "type": "t_mapping(t_uint256,t_struct(FraudChallenge)14137_storage)"
3221
+ "slot": "20",
3222
+ "type": "t_mapping(t_uint256,t_struct(FraudChallenge)14212_storage)"
3180
3223
  },
3181
3224
  {
3182
- "astId": 13269,
3225
+ "astId": 13315,
3183
3226
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3184
3227
  "label": "spentMainUTXOs",
3185
3228
  "offset": 0,
3186
- "slot": "20",
3229
+ "slot": "21",
3187
3230
  "type": "t_mapping(t_uint256,t_bool)"
3188
3231
  },
3189
3232
  {
3190
- "astId": 13271,
3233
+ "astId": 13317,
3191
3234
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3192
3235
  "label": "walletCreationPeriod",
3193
3236
  "offset": 0,
3194
- "slot": "21",
3237
+ "slot": "22",
3195
3238
  "type": "t_uint32"
3196
3239
  },
3197
3240
  {
3198
- "astId": 13273,
3241
+ "astId": 13319,
3199
3242
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3200
3243
  "label": "walletCreationMinBtcBalance",
3201
3244
  "offset": 4,
3202
- "slot": "21",
3245
+ "slot": "22",
3203
3246
  "type": "t_uint64"
3204
3247
  },
3205
3248
  {
3206
- "astId": 13275,
3249
+ "astId": 13321,
3207
3250
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3208
3251
  "label": "walletCreationMaxBtcBalance",
3209
3252
  "offset": 12,
3210
- "slot": "21",
3253
+ "slot": "22",
3211
3254
  "type": "t_uint64"
3212
3255
  },
3213
3256
  {
3214
- "astId": 13277,
3257
+ "astId": 13323,
3215
3258
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3216
3259
  "label": "walletClosureMinBtcBalance",
3217
3260
  "offset": 20,
3218
- "slot": "21",
3261
+ "slot": "22",
3219
3262
  "type": "t_uint64"
3220
3263
  },
3221
3264
  {
3222
- "astId": 13279,
3265
+ "astId": 13325,
3223
3266
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3224
3267
  "label": "walletMaxAge",
3225
3268
  "offset": 28,
3226
- "slot": "21",
3269
+ "slot": "22",
3227
3270
  "type": "t_uint32"
3228
3271
  },
3229
3272
  {
3230
- "astId": 13281,
3273
+ "astId": 13327,
3231
3274
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3232
3275
  "label": "activeWalletPubKeyHash",
3233
3276
  "offset": 0,
3234
- "slot": "22",
3277
+ "slot": "23",
3235
3278
  "type": "t_bytes20"
3236
3279
  },
3237
3280
  {
3238
- "astId": 13283,
3281
+ "astId": 13329,
3239
3282
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3240
3283
  "label": "liveWalletsCount",
3241
3284
  "offset": 20,
3242
- "slot": "22",
3285
+ "slot": "23",
3243
3286
  "type": "t_uint32"
3244
3287
  },
3245
3288
  {
3246
- "astId": 13285,
3289
+ "astId": 13331,
3247
3290
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3248
3291
  "label": "walletMaxBtcTransfer",
3249
3292
  "offset": 24,
3250
- "slot": "22",
3293
+ "slot": "23",
3251
3294
  "type": "t_uint64"
3252
3295
  },
3253
3296
  {
3254
- "astId": 13287,
3297
+ "astId": 13333,
3255
3298
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3256
3299
  "label": "walletClosingPeriod",
3257
3300
  "offset": 0,
3258
- "slot": "23",
3301
+ "slot": "24",
3259
3302
  "type": "t_uint32"
3260
3303
  },
3261
3304
  {
3262
- "astId": 13292,
3305
+ "astId": 13338,
3263
3306
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3264
3307
  "label": "registeredWallets",
3265
3308
  "offset": 0,
3266
- "slot": "24",
3267
- "type": "t_mapping(t_bytes20,t_struct(Wallet)17857_storage)"
3309
+ "slot": "25",
3310
+ "type": "t_mapping(t_bytes20,t_struct(Wallet)17951_storage)"
3268
3311
  }
3269
3312
  ],
3270
- "numberOfBytes": "800"
3313
+ "numberOfBytes": "832"
3271
3314
  },
3272
- "t_struct(Wallet)17857_storage": {
3315
+ "t_struct(Wallet)17951_storage": {
3273
3316
  "encoding": "inplace",
3274
3317
  "label": "struct Wallets.Wallet",
3275
3318
  "members": [
3276
3319
  {
3277
- "astId": 17841,
3320
+ "astId": 17935,
3278
3321
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3279
3322
  "label": "ecdsaWalletID",
3280
3323
  "offset": 0,
@@ -3282,7 +3325,7 @@
3282
3325
  "type": "t_bytes32"
3283
3326
  },
3284
3327
  {
3285
- "astId": 17843,
3328
+ "astId": 17937,
3286
3329
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3287
3330
  "label": "mainUtxoHash",
3288
3331
  "offset": 0,
@@ -3290,7 +3333,7 @@
3290
3333
  "type": "t_bytes32"
3291
3334
  },
3292
3335
  {
3293
- "astId": 17845,
3336
+ "astId": 17939,
3294
3337
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3295
3338
  "label": "pendingRedemptionsValue",
3296
3339
  "offset": 0,
@@ -3298,7 +3341,7 @@
3298
3341
  "type": "t_uint64"
3299
3342
  },
3300
3343
  {
3301
- "astId": 17847,
3344
+ "astId": 17941,
3302
3345
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3303
3346
  "label": "createdAt",
3304
3347
  "offset": 8,
@@ -3306,7 +3349,7 @@
3306
3349
  "type": "t_uint32"
3307
3350
  },
3308
3351
  {
3309
- "astId": 17849,
3352
+ "astId": 17943,
3310
3353
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3311
3354
  "label": "movingFundsRequestedAt",
3312
3355
  "offset": 12,
@@ -3314,7 +3357,7 @@
3314
3357
  "type": "t_uint32"
3315
3358
  },
3316
3359
  {
3317
- "astId": 17851,
3360
+ "astId": 17945,
3318
3361
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3319
3362
  "label": "closingStartedAt",
3320
3363
  "offset": 16,
@@ -3322,15 +3365,15 @@
3322
3365
  "type": "t_uint32"
3323
3366
  },
3324
3367
  {
3325
- "astId": 17854,
3368
+ "astId": 17948,
3326
3369
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3327
3370
  "label": "state",
3328
3371
  "offset": 20,
3329
3372
  "slot": "2",
3330
- "type": "t_enum(WalletState)17839"
3373
+ "type": "t_enum(WalletState)17933"
3331
3374
  },
3332
3375
  {
3333
- "astId": 17856,
3376
+ "astId": 17950,
3334
3377
  "contract": "contracts/test/BridgeStub.sol:BridgeStub",
3335
3378
  "label": "movingFundsTargetWalletsCommitmentHash",
3336
3379
  "offset": 0,