@layerzerolabs/lz-evm-oapp-v2 2.0.2

package/artifacts/contracts/precrime/libs/Packet.sol/PacketDecoder.json

@@ -0,0 +1,10 @@
+{
+  "_format": "hh-sol-artifact-1",
+  "contractName": "PacketDecoder",
+  "sourceName": "contracts/precrime/libs/Packet.sol",
+  "abi": [],
+  "bytecode": "0x60566037600b82828239805160001a607314602a57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600080fdfea264697066735822122029e3ce00edeb8557fe96561485377adb7ac0b821eb03a0e6790a9b82ee3eb46164736f6c63430008160033",
+  "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600080fdfea264697066735822122029e3ce00edeb8557fe96561485377adb7ac0b821eb03a0e6790a9b82ee3eb46164736f6c63430008160033",
+  "linkReferences": {},
+  "deployedLinkReferences": {}
+}

package/contracts/oapp/OApp.sol

@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.22;
+
+// @dev Import the 'MessagingFee' so it's exposed to OApp implementers
+// solhint-disable-next-line no-unused-import
+import { OAppSender, MessagingFee } from "./OAppSender.sol";
+// @dev Import the 'Origin' so it's exposed to OApp implementers
+// solhint-disable-next-line no-unused-import
+import { OAppReceiver, Origin } from "./OAppReceiver.sol";
+import { OAppCore } from "./OAppCore.sol";
+
+/**
+ * @title OApp
+ * @dev Abstract contract serving as the base for OApp implementation, combining OAppSender and OAppReceiver functionality.
+ */
+abstract contract OApp is OAppSender, OAppReceiver {
+    /**
+     * @dev Constructor to initialize the OApp with the provided endpoint and owner.
+     * @param _endpoint The address of the LOCAL LayerZero endpoint.
+     * @param _owner The address of the owner of the OApp.
+     */
+    constructor(address _endpoint, address _owner) OAppCore(_endpoint, _owner) {}
+
+    /**
+     * @notice Retrieves the OApp version information.
+     * @return senderVersion The version of the OAppSender.sol implementation.
+     * @return receiverVersion The version of the OAppReceiver.sol implementation.
+     */
+    function oAppVersion()
+        public
+        pure
+        virtual
+        override(OAppSender, OAppReceiver)
+        returns (uint64 senderVersion, uint64 receiverVersion)
+    {
+        return (SENDER_VERSION, RECEIVER_VERSION);
+    }
+}

package/contracts/oapp/OAppCore.sol

@@ -0,0 +1,68 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.22;
+
+import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
+import { IOAppCore, ILayerZeroEndpointV2 } from "./interfaces/IOAppCore.sol";
+
+/**
+ * @title OAppCore
+ * @dev Abstract contract implementing the IOAppCore interface with basic OApp configurations.
+ */
+abstract contract OAppCore is IOAppCore, Ownable {
+    // The LayerZero endpoint associated with the given OApp
+    ILayerZeroEndpointV2 public immutable endpoint;
+
+    // Mapping to store peers associated with corresponding endpoints
+    mapping(uint32 eid => bytes32 peer) public peers;
+
+    /**
+     * @dev Constructor to initialize the OAppCore with the provided endpoint and owner.
+     * @param _endpoint The address of the LOCAL Layer Zero endpoint.
+     * @param _owner The address of the owner of the OAppCore.
+     */
+    constructor(address _endpoint, address _owner) {
+        _transferOwnership(_owner);
+        endpoint = ILayerZeroEndpointV2(_endpoint);
+        endpoint.setDelegate(_owner); // @dev By default, the owner is the delegate
+    }
+
+    /**
+     * @notice Sets the peer address (OApp instance) for a corresponding endpoint.
+     * @param _eid The endpoint ID.
+     * @param _peer The address of the peer to be associated with the corresponding endpoint.
+     *
+     * @dev Only the owner/admin of the OApp can call this function.
+     * @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
+     * @dev Set this to bytes32(0) to remove the peer address.
+     * @dev Peer is a bytes32 to accommodate non-evm chains.
+     */
+    function setPeer(uint32 _eid, bytes32 _peer) public virtual onlyOwner {
+        peers[_eid] = _peer;
+        emit PeerSet(_eid, _peer);
+    }
+
+    /**
+     * @notice Internal function to get the peer address associated with a specific endpoint; reverts if NOT set.
+     * ie. the peer is set to bytes32(0).
+     * @param _eid The endpoint ID.
+     * @return peer The address of the peer associated with the specified endpoint.
+     */
+    function _getPeerOrRevert(uint32 _eid) internal view virtual returns (bytes32) {
+        bytes32 peer = peers[_eid];
+        if (peer == bytes32(0)) revert NoPeer(_eid);
+        return peer;
+    }
+
+    /**
+     * @notice Sets the delegate address for the OApp.
+     * @param _delegate The address of the delegate to be set.
+     *
+     * @dev Only the owner/admin of the OApp can call this function.
+     * @dev Provides the ability for a delegate to set configs, on behalf of the OApp, directly on the Endpoint contract.
+     * @dev Defaults to the owner of the OApp.
+     */
+    function setDelegate(address _delegate) public onlyOwner {
+        endpoint.setDelegate(_delegate);
+    }
+}

package/contracts/oapp/OAppReceiver.sol

@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.22;
+
+import { ILayerZeroReceiver, Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroReceiver.sol";
+import { OAppCore } from "./OAppCore.sol";
+
+/**
+ * @title OAppReceiver
+ * @dev Abstract contract implementing the ILayerZeroReceiver interface and extending OAppCore for OApp receivers.
+ */
+abstract contract OAppReceiver is ILayerZeroReceiver, OAppCore {
+    // Custom error message for when the caller is not the registered endpoint/
+    error OnlyEndpoint(address addr);
+
+    // @dev The version of the OAppReceiver implementation.
+    // @dev Version is bumped when changes are made to this contract.
+    uint64 internal constant RECEIVER_VERSION = 1;
+
+    /**
+     * @notice Retrieves the OApp version information.
+     * @return senderVersion The version of the OAppSender.sol contract.
+     * @return receiverVersion The version of the OAppReceiver.sol contract.
+     *
+     * @dev Providing 0 as the default for OAppSender version. Indicates that the OAppSender is not implemented.
+     * ie. this is a SEND only OApp.
+     * @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions.
+     */
+    function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
+        return (0, RECEIVER_VERSION);
+    }
+
+    /**
+     * @notice Checks if the path initialization is allowed based on the provided origin.
+     * @param origin The origin information containing the source endpoint and sender address.
+     * @return Whether the path has been initialized.
+     *
+     * @dev This indicates to the endpoint that the OApp has enabled msgs for this particular path to be received.
+     * @dev This defaults to assuming if a peer has been set, its initialized.
+     * Can be overridden by the OApp if there is other logic to determine this.
+     */
+    function allowInitializePath(Origin calldata origin) public view virtual returns (bool) {
+        return peers[origin.srcEid] == origin.sender;
+    }
+
+    /**
+     * @notice Retrieves the next nonce for a given source endpoint and sender address.
+     * @dev _srcEid The source endpoint ID.
+     * @dev _sender The sender address.
+     * @return nonce The next nonce.
+     *
+     * @dev The path nonce starts from 1. If 0 is returned it means that there is NO nonce ordered enforcement.
+     * @dev Is required by the off-chain executor to determine the OApp expects msg execution is ordered.
+     * @dev This is also enforced by the OApp.
+     * @dev By default this is NOT enabled. ie. nextNonce is hardcoded to return 0.
+     */
+    function nextNonce(uint32 /*_srcEid*/, bytes32 /*_sender*/) public view virtual returns (uint64 nonce) {
+        return 0;
+    }
+
+    /**
+     * @dev Entry point for receiving messages or packets from the endpoint.
+     * @param _origin The origin information containing the source endpoint and sender address.
+     *  - srcEid: The source chain endpoint ID.
+     *  - sender: The sender address on the src chain.
+     *  - nonce: The nonce of the message.
+     * @param _guid The unique identifier for the received LayerZero message.
+     * @param _message The payload of the received message.
+     * @param _executor The address of the executor for the received message.
+     * @param _extraData Additional arbitrary data provided by the corresponding executor.
+     *
+     * @dev Entry point for receiving msg/packet from the LayerZero endpoint.
+     */
+    function lzReceive(
+        Origin calldata _origin,
+        bytes32 _guid,
+        bytes calldata _message,
+        address _executor,
+        bytes calldata _extraData
+    ) public payable virtual {
+        // Ensures that only the endpoint can attempt to lzReceive() messages to this OApp.
+        if (address(endpoint) != msg.sender) revert OnlyEndpoint(msg.sender);
+
+        // Ensure that the sender matches the expected peer for the source endpoint.
+        if (_getPeerOrRevert(_origin.srcEid) != _origin.sender) revert OnlyPeer(_origin.srcEid, _origin.sender);
+
+        // Call the internal OApp implementation of lzReceive.
+        _lzReceive(_origin, _guid, _message, _executor, _extraData);
+    }
+
+    /**
+     * @dev Internal function to implement lzReceive logic without needing to copy the basic parameter validation.
+     */
+    function _lzReceive(
+        Origin calldata _origin,
+        bytes32 _guid,
+        bytes calldata _message,
+        address _executor,
+        bytes calldata _extraData
+    ) internal virtual;
+}

package/contracts/oapp/OAppSender.sol

@@ -0,0 +1,124 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.22;
+
+import { SafeERC20, IERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
+import { MessagingParams, MessagingFee, MessagingReceipt } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
+import { OAppCore } from "./OAppCore.sol";
+
+/**
+ * @title OAppSender
+ * @dev Abstract contract implementing the OAppSender functionality for sending messages to a LayerZero endpoint.
+ */
+abstract contract OAppSender is OAppCore {
+    using SafeERC20 for IERC20;
+
+    // Custom error messages
+    error NotEnoughNative(uint256 msgValue);
+    error LzTokenUnavailable();
+
+    // @dev The version of the OAppSender implementation.
+    // @dev Version is bumped when changes are made to this contract.
+    uint64 internal constant SENDER_VERSION = 1;
+
+    /**
+     * @notice Retrieves the OApp version information.
+     * @return senderVersion The version of the OAppSender.sol contract.
+     * @return receiverVersion The version of the OAppReceiver.sol contract.
+     *
+     * @dev Providing 0 as the default for OAppReceiver version. Indicates that the OAppReceiver is not implemented.
+     * ie. this is a RECEIVE only OApp.
+     * @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions
+     */
+    function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
+        return (SENDER_VERSION, 0);
+    }
+
+    /**
+     * @dev Internal function to interact with the LayerZero EndpointV2.quote() for fee calculation.
+     * @param _dstEid The destination endpoint ID.
+     * @param _message The message payload.
+     * @param _options Additional options for the message.
+     * @param _payInLzToken Flag indicating whether to pay the fee in LZ tokens.
+     * @return fee The calculated MessagingFee for the message.
+     *      - nativeFee: The native fee for the message.
+     *      - lzTokenFee: The LZ token fee for the message.
+     */
+    function _quote(
+        uint32 _dstEid,
+        bytes memory _message,
+        bytes memory _options,
+        bool _payInLzToken
+    ) internal view virtual returns (MessagingFee memory fee) {
+        return
+            endpoint.quote(
+                MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _payInLzToken),
+                address(this)
+            );
+    }
+
+    /**
+     * @dev Internal function to interact with the LayerZero EndpointV2.send() for sending a message.
+     * @param _dstEid The destination endpoint ID.
+     * @param _message The message payload.
+     * @param _options Additional options for the message.
+     * @param _fee The calculated LayerZero fee for the message.
+     *      - nativeFee: The native fee.
+     *      - lzTokenFee: The lzToken fee.
+     * @param _refundAddress The address to receive any excess fee values sent to the endpoint.
+     * @return receipt The receipt for the sent message.
+     *      - guid: The unique identifier for the sent message.
+     *      - nonce: The nonce of the sent message.
+     *      - fee: The LayerZero fee incurred for the message.
+     */
+    function _lzSend(
+        uint32 _dstEid,
+        bytes memory _message,
+        bytes memory _options,
+        MessagingFee memory _fee,
+        address _refundAddress
+    ) internal virtual returns (MessagingReceipt memory receipt) {
+        // @dev Push corresponding fees to the endpoint, any excess is sent back to the _refundAddress from the endpoint.
+        uint256 messageValue = _payNative(_fee.nativeFee);
+        if (_fee.lzTokenFee > 0) _payLzToken(_fee.lzTokenFee);
+
+        return
+            // solhint-disable-next-line check-send-result
+            endpoint.send{ value: messageValue }(
+                MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _fee.lzTokenFee > 0),
+                _refundAddress
+            );
+    }
+
+    /**
+     * @dev Internal function to pay the native fee associated with the message.
+     * @param _nativeFee The native fee to be paid.
+     * @return nativeFee The amount of native currency paid.
+     *
+     * @dev If the OApp needs to initiate MULTIPLE LayerZero messages in a single transaction,
+     * this will need to be overridden because msg.value would contain multiple lzFees.
+     * @dev Should be overridden in the event the LayerZero endpoint requires a different native currency.
+     * @dev Some EVMs use an ERC20 as a method for paying transactions/gasFees.
+     * @dev The endpoint is EITHER/OR, ie. it will NOT support both types of native payment at a time.
+     */
+    function _payNative(uint256 _nativeFee) internal virtual returns (uint256 nativeFee) {
+        if (msg.value != _nativeFee) revert NotEnoughNative(msg.value);
+        return _nativeFee;
+    }
+
+    /**
+     * @dev Internal function to pay the LZ token fee associated with the message.
+     * @param _lzTokenFee The LZ token fee to be paid.
+     *
+     * @dev If the caller is trying to pay in the specified lzToken, then the lzTokenFee is passed to the endpoint.
+     * @dev Any excess sent, is passed back to the specified _refundAddress in the _lzSend().
+     */
+    function _payLzToken(uint256 _lzTokenFee) internal virtual {
+        // @dev Cannot cache the token because it is not immutable in the endpoint.
+        address lzToken = endpoint.lzToken();
+        if (lzToken == address(0)) revert LzTokenUnavailable();
+
+        // Pay LZ token fee by sending tokens to the endpoint.
+        IERC20(lzToken).safeTransferFrom(msg.sender, address(endpoint), _lzTokenFee);
+    }
+}

package/contracts/oapp/examples/OmniCounter.sol

@@ -0,0 +1,283 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.22;
+
+import { ILayerZeroEndpointV2, MessagingFee, MessagingReceipt, Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
+import { ILayerZeroComposer } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroComposer.sol";
+
+import { OApp } from "../OApp.sol";
+import { OptionsBuilder } from "../libs/OptionsBuilder.sol";
+import { OAppPreCrimeSimulator } from "../../precrime/OAppPreCrimeSimulator.sol";
+
+library MsgCodec {
+    uint8 internal constant VANILLA_TYPE = 1;
+    uint8 internal constant COMPOSED_TYPE = 2;
+    uint8 internal constant ABA_TYPE = 3;
+    uint8 internal constant COMPOSED_ABA_TYPE = 4;
+
+    uint8 internal constant MSG_TYPE_OFFSET = 0;
+    uint8 internal constant SRC_EID_OFFSET = 1;
+    uint8 internal constant VALUE_OFFSET = 5;
+
+    function encode(uint8 _type, uint32 _srcEid) internal pure returns (bytes memory) {
+        return abi.encodePacked(_type, _srcEid);
+    }
+
+    function encode(uint8 _type, uint32 _srcEid, uint256 _value) internal pure returns (bytes memory) {
+        return abi.encodePacked(_type, _srcEid, _value);
+    }
+
+    function msgType(bytes calldata _message) internal pure returns (uint8) {
+        return uint8(bytes1(_message[MSG_TYPE_OFFSET:SRC_EID_OFFSET]));
+    }
+
+    function srcEid(bytes calldata _message) internal pure returns (uint32) {
+        return uint32(bytes4(_message[SRC_EID_OFFSET:VALUE_OFFSET]));
+    }
+
+    function value(bytes calldata _message) internal pure returns (uint256) {
+        return uint256(bytes32(_message[VALUE_OFFSET:]));
+    }
+}
+
+contract OmniCounter is ILayerZeroComposer, OApp, OAppPreCrimeSimulator {
+    using MsgCodec for bytes;
+    using OptionsBuilder for bytes;
+
+    uint256 public count;
+    uint256 public composedCount;
+
+    address public admin;
+    uint32 public eid;
+
+    mapping(uint32 srcEid => mapping(bytes32 sender => uint64 nonce)) private maxReceivedNonce;
+    bool private orderedNonce;
+
+    // for global assertions
+    mapping(uint32 srcEid => uint256 count) public inboundCount;
+    mapping(uint32 dstEid => uint256 count) public outboundCount;
+
+    constructor(address _endpoint, address _owner) OApp(_endpoint, _owner) {
+        admin = msg.sender;
+        eid = ILayerZeroEndpointV2(_endpoint).eid();
+    }
+
+    modifier onlyAdmin() {
+        require(msg.sender == admin, "only admin");
+        _;
+    }
+
+    // -------------------------------
+    // Only Admin
+    function setAdmin(address _admin) external onlyAdmin {
+        admin = _admin;
+    }
+
+    function withdraw(address payable _to, uint256 _amount) external onlyAdmin {
+        (bool success, ) = _to.call{ value: _amount }("");
+        require(success, "OmniCounter: withdraw failed");
+    }
+
+    // -------------------------------
+    // Send
+    function increment(uint32 _eid, uint8 _type, bytes calldata _options) external payable {
+        //        bytes memory options = combineOptions(_eid, _type, _options);
+        _lzSend(_eid, MsgCodec.encode(_type, eid), _options, MessagingFee(msg.value, 0), payable(msg.sender));
+        _incrementOutbound(_eid);
+    }
+
+    // this is a broken function to skip incrementing outbound count
+    // so that preCrime will fail
+    function brokenIncrement(uint32 _eid, uint8 _type, bytes calldata _options) external payable onlyAdmin {
+        //        bytes memory options = combineOptions(_eid, _type, _options);
+        _lzSend(_eid, MsgCodec.encode(_type, eid), _options, MessagingFee(msg.value, 0), payable(msg.sender));
+    }
+
+    function batchIncrement(
+        uint32[] calldata _eids,
+        uint8[] calldata _types,
+        bytes[] calldata _options
+    ) external payable {
+        require(_eids.length == _options.length && _eids.length == _types.length, "OmniCounter: length mismatch");
+
+        MessagingReceipt memory receipt;
+        uint256 providedFee = msg.value;
+        for (uint256 i = 0; i < _eids.length; i++) {
+            address refundAddress = i == _eids.length - 1 ? msg.sender : address(this);
+            uint32 dstEid = _eids[i];
+            uint8 msgType = _types[i];
+            //            bytes memory options = combineOptions(dstEid, msgType, _options[i]);
+            receipt = _lzSend(
+                dstEid,
+                MsgCodec.encode(msgType, eid),
+                _options[i],
+                MessagingFee(providedFee, 0),
+                payable(refundAddress)
+            );
+            _incrementOutbound(dstEid);
+            providedFee -= receipt.fee.nativeFee;
+        }
+    }
+
+    // -------------------------------
+    // View
+    function quote(
+        uint32 _eid,
+        uint8 _type,
+        bytes calldata _options
+    ) public view returns (uint256 nativeFee, uint256 lzTokenFee) {
+        //        bytes memory options = combineOptions(_eid, _type, _options);
+        MessagingFee memory fee = _quote(_eid, MsgCodec.encode(_type, eid), _options, false);
+        return (fee.nativeFee, fee.lzTokenFee);
+    }
+
+    // @dev enables preCrime simulator
+    // @dev routes the call down from the OAppPreCrimeSimulator, and up to the OApp
+    function _lzReceiveSimulate(
+        Origin calldata _origin,
+        bytes32 _guid,
+        bytes calldata _message,
+        address _executor,
+        bytes calldata _extraData
+    ) internal virtual override {
+        _lzReceive(_origin, _guid, _message, _executor, _extraData);
+    }
+
+    // -------------------------------
+    function _lzReceive(
+        Origin calldata _origin,
+        bytes32 _guid,
+        bytes calldata _message,
+        address /*_executor*/,
+        bytes calldata /*_extraData*/
+    ) internal override {
+        _acceptNonce(_origin.srcEid, _origin.sender, _origin.nonce);
+        uint8 messageType = _message.msgType();
+
+        if (messageType == MsgCodec.VANILLA_TYPE) {
+            count++;
+
+            //////////////////////////////// IMPORTANT //////////////////////////////////
+            /// if you request for msg.value in the options, you should also encode it
+            /// into your message and check the value received at destination (example below).
+            /// if not, the executor could potentially provide less msg.value than you requested
+            /// leading to unintended behavior. Another option is to assert the executor to be
+            /// one that you trust.
+            /////////////////////////////////////////////////////////////////////////////
+            require(msg.value >= _message.value(), "OmniCounter: insufficient value");
+
+            _incrementInbound(_origin.srcEid);
+        } else if (messageType == MsgCodec.COMPOSED_TYPE || messageType == MsgCodec.COMPOSED_ABA_TYPE) {
+            count++;
+            _incrementInbound(_origin.srcEid);
+            endpoint.sendCompose(address(this), _guid, 0, _message);
+        } else if (messageType == MsgCodec.ABA_TYPE) {
+            count++;
+            _incrementInbound(_origin.srcEid);
+
+            // send back to the sender
+            _incrementOutbound(_origin.srcEid);
+            bytes memory options = OptionsBuilder.newOptions().addExecutorLzReceiveOption(200000, 10);
+            _lzSend(
+                _origin.srcEid,
+                MsgCodec.encode(MsgCodec.VANILLA_TYPE, eid, 10),
+                options,
+                MessagingFee(msg.value, 0),
+                payable(address(this))
+            );
+        } else {
+            revert("invalid message type");
+        }
+    }
+
+    function _incrementInbound(uint32 _srcEid) internal {
+        inboundCount[_srcEid]++;
+    }
+
+    function _incrementOutbound(uint32 _dstEid) internal {
+        outboundCount[_dstEid]++;
+    }
+
+    function lzCompose(
+        address _oApp,
+        bytes32 /*_guid*/,
+        bytes calldata _message,
+        address,
+        bytes calldata
+    ) external payable override {
+        require(_oApp == address(this), "!oApp");
+        require(msg.sender == address(endpoint), "!endpoint");
+
+        uint8 msgType = _message.msgType();
+        if (msgType == MsgCodec.COMPOSED_TYPE) {
+            composedCount += 1;
+        } else if (msgType == MsgCodec.COMPOSED_ABA_TYPE) {
+            composedCount += 1;
+
+            uint32 srcEid = _message.srcEid();
+            _incrementOutbound(srcEid);
+            bytes memory options = OptionsBuilder.newOptions().addExecutorLzReceiveOption(200000, 0);
+            _lzSend(
+                srcEid,
+                MsgCodec.encode(MsgCodec.VANILLA_TYPE, eid),
+                options,
+                MessagingFee(msg.value, 0),
+                payable(address(this))
+            );
+        } else {
+            revert("invalid message type");
+        }
+    }
+
+    // -------------------------------
+    // Ordered OApp
+    // this demonstrates how to build an app that requires execution nonce ordering
+    // normally an app should decide ordered or not on contract construction
+    // this is just a demo
+    function setOrderedNonce(bool _orderedNonce) external onlyOwner {
+        orderedNonce = _orderedNonce;
+    }
+
+    function _acceptNonce(uint32 _srcEid, bytes32 _sender, uint64 _nonce) internal virtual {
+        uint64 currentNonce = maxReceivedNonce[_srcEid][_sender];
+        if (orderedNonce) {
+            require(_nonce == currentNonce + 1, "OApp: invalid nonce");
+        }
+        // update the max nonce anyway. once the ordered mode is turned on, missing early nonces will be rejected
+        if (_nonce > currentNonce) {
+            maxReceivedNonce[_srcEid][_sender] = _nonce;
+        }
+    }
+
+    function nextNonce(uint32 _srcEid, bytes32 _sender) public view virtual override returns (uint64) {
+        if (orderedNonce) {
+            return maxReceivedNonce[_srcEid][_sender] + 1;
+        } else {
+            return 0; // path nonce starts from 1. if 0 it means that there is no specific nonce enforcement
+        }
+    }
+
+    // TODO should override oApp version with added ordered nonce increment
+    // a governance function to skip nonce
+    function skipInboundNonce(uint32 _srcEid, bytes32 _sender, uint64 _nonce) public virtual onlyOwner {
+        endpoint.skip(address(this), _srcEid, _sender, _nonce);
+        if (orderedNonce) {
+            maxReceivedNonce[_srcEid][_sender]++;
+        }
+    }
+
+    function isPeer(uint32 _eid, bytes32 _peer) public view override returns (bool) {
+        return peers[_eid] == _peer;
+    }
+
+    // @dev Batch send requires overriding this function from OAppSender because the msg.value contains multiple fees
+    function _payNative(uint256 _nativeFee) internal virtual override returns (uint256 nativeFee) {
+        if (msg.value < _nativeFee) revert NotEnoughNative(msg.value);
+        return _nativeFee;
+    }
+
+    // be able to receive ether
+    receive() external payable virtual {}
+
+    fallback() external payable {}
+}