ETH Price: $3,281.18 (-1.47%)

Contract

0x153CdDD727e407Cb951f728F24bEB9A5FaaA8512
 

Overview

ETH Balance

0.01 ETH

Eth Value

$32.81 (@ $3,281.18/ETH)

Token Holdings

Multichain Info

No addresses found
Transaction Hash
Method
Block
From
To
Submit Blocks Wi...214634482024-12-23 6:38:1134 mins ago1734935891IN
Loopring: Attestation
0 ETH0.002080914.81152839
Submit Blocks Wi...214630602024-12-23 5:19:591 hr ago1734931199IN
Loopring: Attestation
0 ETH0.002868924.38983708
Submit Blocks Wi...214627312024-12-23 4:13:592 hrs ago1734927239IN
Loopring: Attestation
0 ETH0.003413364.83377706
Submit Blocks Wi...214621462024-12-23 2:15:594 hrs ago1734920159IN
Loopring: Attestation
0 ETH0.001937514.51109482
Submit Blocks Wi...214620592024-12-23 1:58:355 hrs ago1734919115IN
Loopring: Attestation
0 ETH0.002946795.15829624
Submit Blocks Wi...214617252024-12-23 0:51:236 hrs ago1734915083IN
Loopring: Attestation
0 ETH0.001996974.54538389
Submit Blocks Wi...214616182024-12-23 0:29:476 hrs ago1734913787IN
Loopring: Attestation
0 ETH0.001983954.44437503
Submit Blocks Wi...214613092024-12-22 23:27:117 hrs ago1734910031IN
Loopring: Attestation
0 ETH0.002311354.62136965
Submit Blocks Wi...214609262024-12-22 22:09:479 hrs ago1734905387IN
Loopring: Attestation
0 ETH0.003432567.67918205
Submit Blocks Wi...214607932024-12-22 21:43:119 hrs ago1734903791IN
Loopring: Attestation
0 ETH0.003052555.92458232
Submit Blocks Wi...214605542024-12-22 20:54:4710 hrs ago1734900887IN
Loopring: Attestation
0 ETH0.003016896.90065926
Submit Blocks Wi...214603502024-12-22 20:13:4710 hrs ago1734898427IN
Loopring: Attestation
0 ETH0.005400738.21609032
Submit Blocks Wi...214601422024-12-22 19:31:4711 hrs ago1734895907IN
Loopring: Attestation
0 ETH0.002980165.93204574
Submit Blocks Wi...214599682024-12-22 18:56:4712 hrs ago1734893807IN
Loopring: Attestation
0 ETH0.002939215.72664565
Submit Blocks Wi...214597392024-12-22 18:10:4713 hrs ago1734891047IN
Loopring: Attestation
0 ETH0.003412296.44344332
Submit Blocks Wi...214591302024-12-22 16:08:1115 hrs ago1734883691IN
Loopring: Attestation
0 ETH0.003568697.27867435
Submit Blocks Wi...214584782024-12-22 13:57:1117 hrs ago1734875831IN
Loopring: Attestation
0 ETH0.003660537.13875987
Submit Blocks Wi...214583582024-12-22 13:33:1117 hrs ago1734874391IN
Loopring: Attestation
0 ETH0.002749986.28488109
Submit Blocks Wi...214581722024-12-22 12:55:4718 hrs ago1734872147IN
Loopring: Attestation
0 ETH0.002670525.90612862
Submit Blocks Wi...214576102024-12-22 11:02:2320 hrs ago1734865343IN
Loopring: Attestation
0 ETH0.002002235.02444669
Submit Blocks Wi...214574992024-12-22 10:40:1120 hrs ago1734864011IN
Loopring: Attestation
0 ETH0.002364755.17090281
Submit Blocks Wi...214571702024-12-22 9:33:5921 hrs ago1734860039IN
Loopring: Attestation
0 ETH0.002002414.25489631
Submit Blocks Wi...214569942024-12-22 8:58:2322 hrs ago1734857903IN
Loopring: Attestation
0 ETH0.002100414.93573608
Submit Blocks Wi...214568602024-12-22 8:31:2322 hrs ago1734856283IN
Loopring: Attestation
0 ETH0.002866875.42172458
Submit Blocks Wi...214564002024-12-22 6:59:2324 hrs ago1734850763IN
Loopring: Attestation
0 ETH0.003106384.82625852
View all transactions

Latest 1 internal transaction

Advanced mode:
Parent Transaction Hash Block
From
To
185079582023-11-05 19:43:11413 days ago1699213391
Loopring: Attestation
0.01 ETH
Loading...
Loading

Contract Source Code Verified (Exact Match)

Contract Name:
LoopringIOExchangeOwner

Compiler Version
v0.7.6+commit.7338295f

Optimization Enabled:
Yes with 999999 runs

Other Settings:
default evmVersion, Apache-2.0 license

Contract Source Code (Solidity)

/**
 *Submitted for verification at Etherscan.io on 2021-03-22
*/

// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
// File: contracts/aux/compression/ZeroDecompressor.sol

// Copyright 2017 Loopring Technology Limited.


/// @title ZeroDecompressor
/// @author Brecht Devos - <[email protected]>
/// @dev Easy decompressor that compresses runs of zeros.
/// The format is very simple. Each entry consists of
/// (uint16 numDataBytes, uint16 numZeroBytes) which will
/// copy `numDataBytes` data bytes from `data` and will
/// add an additional `numZeroBytes` after it.
library ZeroDecompressor
{
    function decompress(
        bytes calldata /*data*/,
        uint  parameterIdx
        )
        internal
        pure
        returns (bytes memory)
    {
        bytes memory uncompressed;
        uint offsetPos = 4 + 32 * parameterIdx;
        assembly {
            uncompressed := mload(0x40)
            let ptr := add(uncompressed, 32)
            let offset := add(4, calldataload(offsetPos))
            let pos := add(offset, 4)
            let dataLength := add(calldataload(offset), pos)
            let tupple := 0
            let numDataBytes := 0
            let numZeroBytes := 0

            for {} lt(pos, dataLength) {} {
                tupple := and(calldataload(pos), 0xFFFFFFFF)
                numDataBytes := shr(16, tupple)
                numZeroBytes := and(tupple, 0xFFFF)
                calldatacopy(ptr, add(32, pos), numDataBytes)
                pos := add(pos, add(4, numDataBytes))
                ptr := add(ptr, add(numDataBytes, numZeroBytes))
            }

            // Store data length
            mstore(uncompressed, sub(sub(ptr, uncompressed), 32))

            // Update free memory pointer
            mstore(0x40, add(ptr, 0x20))
        }
        return uncompressed;
    }
}

// File: contracts/thirdparty/BytesUtil.sol

//Mainly taken from https://github.com/GNSPS/solidity-bytes-utils/blob/master/contracts/BytesLib.sol

library BytesUtil {

    function concat(
        bytes memory _preBytes,
        bytes memory _postBytes
    )
        internal
        pure
        returns (bytes memory)
    {
        bytes memory tempBytes;

        assembly {
            // Get a location of some free memory and store it in tempBytes as
            // Solidity does for memory variables.
            tempBytes := mload(0x40)

            // Store the length of the first bytes array at the beginning of
            // the memory for tempBytes.
            let length := mload(_preBytes)
            mstore(tempBytes, length)

            // Maintain a memory counter for the current write location in the
            // temp bytes array by adding the 32 bytes for the array length to
            // the starting location.
            let mc := add(tempBytes, 0x20)
            // Stop copying when the memory counter reaches the length of the
            // first bytes array.
            let end := add(mc, length)

            for {
                // Initialize a copy counter to the start of the _preBytes data,
                // 32 bytes into its memory.
                let cc := add(_preBytes, 0x20)
            } lt(mc, end) {
                // Increase both counters by 32 bytes each iteration.
                mc := add(mc, 0x20)
                cc := add(cc, 0x20)
            } {
                // Write the _preBytes data into the tempBytes memory 32 bytes
                // at a time.
                mstore(mc, mload(cc))
            }

            // Add the length of _postBytes to the current length of tempBytes
            // and store it as the new length in the first 32 bytes of the
            // tempBytes memory.
            length := mload(_postBytes)
            mstore(tempBytes, add(length, mload(tempBytes)))

            // Move the memory counter back from a multiple of 0x20 to the
            // actual end of the _preBytes data.
            mc := end
            // Stop copying when the memory counter reaches the new combined
            // length of the arrays.
            end := add(mc, length)

            for {
                let cc := add(_postBytes, 0x20)
            } lt(mc, end) {
                mc := add(mc, 0x20)
                cc := add(cc, 0x20)
            } {
                mstore(mc, mload(cc))
            }

            // Update the free-memory pointer by padding our last write location
            // to 32 bytes: add 31 bytes to the end of tempBytes to move to the
            // next 32 byte block, then round down to the nearest multiple of
            // 32. If the sum of the length of the two arrays is zero then add
            // one before rounding down to leave a blank 32 bytes (the length block with 0).
            mstore(0x40, and(
              add(add(end, iszero(add(length, mload(_preBytes)))), 31),
              not(31) // Round down to the nearest 32 bytes.
            ))
        }

        return tempBytes;
    }

    function slice(
        bytes memory _bytes,
        uint _start,
        uint _length
    )
        internal
        pure
        returns (bytes memory)
    {
        require(_bytes.length >= (_start + _length));

        bytes memory tempBytes;

        assembly {
            switch iszero(_length)
            case 0 {
                // Get a location of some free memory and store it in tempBytes as
                // Solidity does for memory variables.
                tempBytes := mload(0x40)

                // The first word of the slice result is potentially a partial
                // word read from the original array. To read it, we calculate
                // the length of that partial word and start copying that many
                // bytes into the array. The first word we copy will start with
                // data we don't care about, but the last `lengthmod` bytes will
                // land at the beginning of the contents of the new array. When
                // we're done copying, we overwrite the full first word with
                // the actual length of the slice.
                let lengthmod := and(_length, 31)

                // The multiplication in the next line is necessary
                // because when slicing multiples of 32 bytes (lengthmod == 0)
                // the following copy loop was copying the origin's length
                // and then ending prematurely not copying everything it should.
                let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
                let end := add(mc, _length)

                for {
                    // The multiplication in the next line has the same exact purpose
                    // as the one above.
                    let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
                } lt(mc, end) {
                    mc := add(mc, 0x20)
                    cc := add(cc, 0x20)
                } {
                    mstore(mc, mload(cc))
                }

                mstore(tempBytes, _length)

                //update free-memory pointer
                //allocating the array padded to 32 bytes like the compiler does now
                mstore(0x40, and(add(mc, 31), not(31)))
            }
            //if we want a zero-length slice let's just return a zero-length array
            default {
                tempBytes := mload(0x40)

                mstore(0x40, add(tempBytes, 0x20))
            }
        }

        return tempBytes;
    }

    function toAddress(bytes memory _bytes, uint _start) internal  pure returns (address) {
        require(_bytes.length >= (_start + 20));
        address tempAddress;

        assembly {
            tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
        }

        return tempAddress;
    }

    function toUint8(bytes memory _bytes, uint _start) internal  pure returns (uint8) {
        require(_bytes.length >= (_start + 1));
        uint8 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x1), _start))
        }

        return tempUint;
    }

    function toUint16(bytes memory _bytes, uint _start) internal  pure returns (uint16) {
        require(_bytes.length >= (_start + 2));
        uint16 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x2), _start))
        }

        return tempUint;
    }

    function toUint24(bytes memory _bytes, uint _start) internal  pure returns (uint24) {
        require(_bytes.length >= (_start + 3));
        uint24 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x3), _start))
        }

        return tempUint;
    }

    function toUint32(bytes memory _bytes, uint _start) internal  pure returns (uint32) {
        require(_bytes.length >= (_start + 4));
        uint32 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x4), _start))
        }

        return tempUint;
    }

    function toUint64(bytes memory _bytes, uint _start) internal  pure returns (uint64) {
        require(_bytes.length >= (_start + 8));
        uint64 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x8), _start))
        }

        return tempUint;
    }

    function toUint96(bytes memory _bytes, uint _start) internal  pure returns (uint96) {
        require(_bytes.length >= (_start + 12));
        uint96 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0xc), _start))
        }

        return tempUint;
    }

    function toUint128(bytes memory _bytes, uint _start) internal  pure returns (uint128) {
        require(_bytes.length >= (_start + 16));
        uint128 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x10), _start))
        }

        return tempUint;
    }

    function toUint(bytes memory _bytes, uint _start) internal  pure returns (uint256) {
        require(_bytes.length >= (_start + 32));
        uint256 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x20), _start))
        }

        return tempUint;
    }

    function toBytes4(bytes memory _bytes, uint _start) internal  pure returns (bytes4) {
        require(_bytes.length >= (_start + 4));
        bytes4 tempBytes4;

        assembly {
            tempBytes4 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes4;
    }

    function toBytes20(bytes memory _bytes, uint _start) internal  pure returns (bytes20) {
        require(_bytes.length >= (_start + 20));
        bytes20 tempBytes20;

        assembly {
            tempBytes20 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes20;
    }

    function toBytes32(bytes memory _bytes, uint _start) internal  pure returns (bytes32) {
        require(_bytes.length >= (_start + 32));
        bytes32 tempBytes32;

        assembly {
            tempBytes32 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes32;
    }


    function toAddressUnsafe(bytes memory _bytes, uint _start) internal  pure returns (address) {
        address tempAddress;

        assembly {
            tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
        }

        return tempAddress;
    }

    function toUint8Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint8) {
        uint8 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x1), _start))
        }

        return tempUint;
    }

    function toUint16Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint16) {
        uint16 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x2), _start))
        }

        return tempUint;
    }

    function toUint24Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint24) {
        uint24 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x3), _start))
        }

        return tempUint;
    }

    function toUint32Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint32) {
        uint32 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x4), _start))
        }

        return tempUint;
    }

    function toUint64Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint64) {
        uint64 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x8), _start))
        }

        return tempUint;
    }

    function toUint96Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint96) {
        uint96 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0xc), _start))
        }

        return tempUint;
    }

    function toUint128Unsafe(bytes memory _bytes, uint _start) internal  pure returns (uint128) {
        uint128 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x10), _start))
        }

        return tempUint;
    }

    function toUintUnsafe(bytes memory _bytes, uint _start) internal  pure returns (uint256) {
        uint256 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x20), _start))
        }

        return tempUint;
    }

    function toBytes4Unsafe(bytes memory _bytes, uint _start) internal  pure returns (bytes4) {
        bytes4 tempBytes4;

        assembly {
            tempBytes4 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes4;
    }

    function toBytes20Unsafe(bytes memory _bytes, uint _start) internal  pure returns (bytes20) {
        bytes20 tempBytes20;

        assembly {
            tempBytes20 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes20;
    }

    function toBytes32Unsafe(bytes memory _bytes, uint _start) internal  pure returns (bytes32) {
        bytes32 tempBytes32;

        assembly {
            tempBytes32 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes32;
    }


    function fastSHA256(
        bytes memory data
        )
        internal
        view
        returns (bytes32)
    {
        bytes32[] memory result = new bytes32[](1);
        bool success;
        assembly {
             let ptr := add(data, 32)
             success := staticcall(sub(gas(), 2000), 2, ptr, mload(data), add(result, 32), 32)
        }
        require(success, "SHA256_FAILED");
        return result[0];
    }
}

// File: contracts/core/iface/IAgentRegistry.sol

// Copyright 2017 Loopring Technology Limited.

interface IAgent{}

abstract contract IAgentRegistry
{
    /// @dev Returns whether an agent address is an agent of an account owner
    /// @param owner The account owner.
    /// @param agent The agent address
    /// @return True if the agent address is an agent for the account owner, else false
    function isAgent(
        address owner,
        address agent
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Returns whether an agent address is an agent of all account owners
    /// @param owners The account owners.
    /// @param agent The agent address
    /// @return True if the agent address is an agent for the account owner, else false
    function isAgent(
        address[] calldata owners,
        address            agent
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Returns whether an agent address is a universal agent.
    /// @param agent The agent address
    /// @return True if the agent address is a universal agent, else false
    function isUniversalAgent(address agent)
        public
        virtual
        view
        returns (bool);
}

// File: contracts/lib/Ownable.sol

// Copyright 2017 Loopring Technology Limited.


/// @title Ownable
/// @author Brecht Devos - <[email protected]>
/// @dev The Ownable contract has an owner address, and provides basic
///      authorization control functions, this simplifies the implementation of
///      "user permissions".
contract Ownable
{
    address public owner;

    event OwnershipTransferred(
        address indexed previousOwner,
        address indexed newOwner
    );

    /// @dev The Ownable constructor sets the original `owner` of the contract
    ///      to the sender.
    constructor()
    {
        owner = msg.sender;
    }

    /// @dev Throws if called by any account other than the owner.
    modifier onlyOwner()
    {
        require(msg.sender == owner, "UNAUTHORIZED");
        _;
    }

    /// @dev Allows the current owner to transfer control of the contract to a
    ///      new owner.
    /// @param newOwner The address to transfer ownership to.
    function transferOwnership(
        address newOwner
        )
        public
        virtual
        onlyOwner
    {
        require(newOwner != address(0), "ZERO_ADDRESS");
        emit OwnershipTransferred(owner, newOwner);
        owner = newOwner;
    }

    function renounceOwnership()
        public
        onlyOwner
    {
        emit OwnershipTransferred(owner, address(0));
        owner = address(0);
    }
}

// File: contracts/lib/Claimable.sol

// Copyright 2017 Loopring Technology Limited.



/// @title Claimable
/// @author Brecht Devos - <[email protected]>
/// @dev Extension for the Ownable contract, where the ownership needs
///      to be claimed. This allows the new owner to accept the transfer.
contract Claimable is Ownable
{
    address public pendingOwner;

    /// @dev Modifier throws if called by any account other than the pendingOwner.
    modifier onlyPendingOwner() {
        require(msg.sender == pendingOwner, "UNAUTHORIZED");
        _;
    }

    /// @dev Allows the current owner to set the pendingOwner address.
    /// @param newOwner The address to transfer ownership to.
    function transferOwnership(
        address newOwner
        )
        public
        override
        onlyOwner
    {
        require(newOwner != address(0) && newOwner != owner, "INVALID_ADDRESS");
        pendingOwner = newOwner;
    }

    /// @dev Allows the pendingOwner address to finalize the transfer.
    function claimOwnership()
        public
        onlyPendingOwner
    {
        emit OwnershipTransferred(owner, pendingOwner);
        owner = pendingOwner;
        pendingOwner = address(0);
    }
}

// File: contracts/core/iface/IBlockVerifier.sol

// Copyright 2017 Loopring Technology Limited.



/// @title IBlockVerifier
/// @author Brecht Devos - <[email protected]>
abstract contract IBlockVerifier is Claimable
{
    // -- Events --

    event CircuitRegistered(
        uint8  indexed blockType,
        uint16         blockSize,
        uint8          blockVersion
    );

    event CircuitDisabled(
        uint8  indexed blockType,
        uint16         blockSize,
        uint8          blockVersion
    );

    // -- Public functions --

    /// @dev Sets the verifying key for the specified circuit.
    ///      Every block permutation needs its own circuit and thus its own set of
    ///      verification keys. Only a limited number of block sizes per block
    ///      type are supported.
    /// @param blockType The type of the block
    /// @param blockSize The number of requests handled in the block
    /// @param blockVersion The block version (i.e. which circuit version needs to be used)
    /// @param vk The verification key
    function registerCircuit(
        uint8    blockType,
        uint16   blockSize,
        uint8    blockVersion,
        uint[18] calldata vk
        )
        external
        virtual;

    /// @dev Disables the use of the specified circuit.
    /// @param blockType The type of the block
    /// @param blockSize The number of requests handled in the block
    /// @param blockVersion The block version (i.e. which circuit version needs to be used)
    function disableCircuit(
        uint8  blockType,
        uint16 blockSize,
        uint8  blockVersion
        )
        external
        virtual;

    /// @dev Verifies blocks with the given public data and proofs.
    ///      Verifying a block makes sure all requests handled in the block
    ///      are correctly handled by the operator.
    /// @param blockType The type of block
    /// @param blockSize The number of requests handled in the block
    /// @param blockVersion The block version (i.e. which circuit version needs to be used)
    /// @param publicInputs The hash of all the public data of the blocks
    /// @param proofs The ZK proofs proving that the blocks are correct
    /// @return True if the block is valid, false otherwise
    function verifyProofs(
        uint8  blockType,
        uint16 blockSize,
        uint8  blockVersion,
        uint[] calldata publicInputs,
        uint[] calldata proofs
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Checks if a circuit with the specified parameters is registered.
    /// @param blockType The type of the block
    /// @param blockSize The number of requests handled in the block
    /// @param blockVersion The block version (i.e. which circuit version needs to be used)
    /// @return True if the circuit is registered, false otherwise
    function isCircuitRegistered(
        uint8  blockType,
        uint16 blockSize,
        uint8  blockVersion
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Checks if a circuit can still be used to commit new blocks.
    /// @param blockType The type of the block
    /// @param blockSize The number of requests handled in the block
    /// @param blockVersion The block version (i.e. which circuit version needs to be used)
    /// @return True if the circuit is enabled, false otherwise
    function isCircuitEnabled(
        uint8  blockType,
        uint16 blockSize,
        uint8  blockVersion
        )
        external
        virtual
        view
        returns (bool);
}

// File: contracts/core/iface/IDepositContract.sol

// Copyright 2017 Loopring Technology Limited.


/// @title IDepositContract.
/// @dev   Contract storing and transferring funds for an exchange.
///
///        ERC1155 tokens can be supported by registering pseudo token addresses calculated
///        as `address(keccak256(real_token_address, token_params))`. Then the custom
///        deposit contract can look up the real token address and paramsters with the
///        pseudo token address before doing the transfers.
/// @author Brecht Devos - <[email protected]>
interface IDepositContract
{
    /// @dev Returns if a token is suppoprted by this contract.
    function isTokenSupported(address token)
        external
        view
        returns (bool);

    /// @dev Transfers tokens from a user to the exchange. This function will
    ///      be called when a user deposits funds to the exchange.
    ///      In a simple implementation the funds are simply stored inside the
    ///      deposit contract directly. More advanced implementations may store the funds
    ///      in some DeFi application to earn interest, so this function could directly
    ///      call the necessary functions to store the funds there.
    ///
    ///      This function needs to throw when an error occurred!
    ///
    ///      This function can only be called by the exchange.
    ///
    /// @param from The address of the account that sends the tokens.
    /// @param token The address of the token to transfer (`0x0` for ETH).
    /// @param amount The amount of tokens to transfer.
    /// @param extraData Opaque data that can be used by the contract to handle the deposit
    /// @return amountReceived The amount to deposit to the user's account in the Merkle tree
    function deposit(
        address from,
        address token,
        uint96  amount,
        bytes   calldata extraData
        )
        external
        payable
        returns (uint96 amountReceived);

    /// @dev Transfers tokens from the exchange to a user. This function will
    ///      be called when a withdrawal is done for a user on the exchange.
    ///      In the simplest implementation the funds are simply stored inside the
    ///      deposit contract directly so this simply transfers the requested tokens back
    ///      to the user. More advanced implementations may store the funds
    ///      in some DeFi application to earn interest so the function would
    ///      need to get those tokens back from the DeFi application first before they
    ///      can be transferred to the user.
    ///
    ///      This function needs to throw when an error occurred!
    ///
    ///      This function can only be called by the exchange.
    ///
    /// @param from The address from which 'amount' tokens are transferred.
    /// @param to The address to which 'amount' tokens are transferred.
    /// @param token The address of the token to transfer (`0x0` for ETH).
    /// @param amount The amount of tokens transferred.
    /// @param extraData Opaque data that can be used by the contract to handle the withdrawal
    function withdraw(
        address from,
        address to,
        address token,
        uint    amount,
        bytes   calldata extraData
        )
        external
        payable;

    /// @dev Transfers tokens (ETH not supported) for a user using the allowance set
    ///      for the exchange. This way the approval can be used for all functionality (and
    ///      extended functionality) of the exchange.
    ///      Should NOT be used to deposit/withdraw user funds, `deposit`/`withdraw`
    ///      should be used for that as they will contain specialised logic for those operations.
    ///      This function can be called by the exchange to transfer onchain funds of users
    ///      necessary for Agent functionality.
    ///
    ///      This function needs to throw when an error occurred!
    ///
    ///      This function can only be called by the exchange.
    ///
    /// @param from The address of the account that sends the tokens.
    /// @param to The address to which 'amount' tokens are transferred.
    /// @param token The address of the token to transfer (ETH is and cannot be suppported).
    /// @param amount The amount of tokens transferred.
    function transfer(
        address from,
        address to,
        address token,
        uint    amount
        )
        external
        payable;

    /// @dev Checks if the given address is used for depositing ETH or not.
    ///      Is used while depositing to send the correct ETH amount to the deposit contract.
    ///
    ///      Note that 0x0 is always registered for deposting ETH when the exchange is created!
    ///      This function allows additional addresses to be used for depositing ETH, the deposit
    ///      contract can implement different behaviour based on the address value.
    ///
    /// @param addr The address to check
    /// @return True if the address is used for depositing ETH, else false.
    function isETH(address addr)
        external
        view
        returns (bool);
}

// File: contracts/core/iface/ILoopringV3.sol

// Copyright 2017 Loopring Technology Limited.



/// @title ILoopringV3
/// @author Brecht Devos - <[email protected]>
/// @author Daniel Wang  - <[email protected]>
abstract contract ILoopringV3 is Claimable
{
    // == Events ==
    event ExchangeStakeDeposited(address exchangeAddr, uint amount);
    event ExchangeStakeWithdrawn(address exchangeAddr, uint amount);
    event ExchangeStakeBurned(address exchangeAddr, uint amount);
    event SettingsUpdated(uint time);

    // == Public Variables ==
    mapping (address => uint) internal exchangeStake;

    uint    public totalStake;
    address public blockVerifierAddress;
    uint    public forcedWithdrawalFee;
    uint    public tokenRegistrationFeeLRCBase;
    uint    public tokenRegistrationFeeLRCDelta;
    uint8   public protocolTakerFeeBips;
    uint8   public protocolMakerFeeBips;

    address payable public protocolFeeVault;

    // == Public Functions ==

    /// @dev Returns the LRC token address
    /// @return the LRC token address
    function lrcAddress()
        external
        view
        virtual
        returns (address);

    /// @dev Updates the global exchange settings.
    ///      This function can only be called by the owner of this contract.
    ///
    ///      Warning: these new values will be used by existing and
    ///      new Loopring exchanges.
    function updateSettings(
        address payable _protocolFeeVault,   // address(0) not allowed
        address _blockVerifierAddress,       // address(0) not allowed
        uint    _forcedWithdrawalFee
        )
        external
        virtual;

    /// @dev Updates the global protocol fee settings.
    ///      This function can only be called by the owner of this contract.
    ///
    ///      Warning: these new values will be used by existing and
    ///      new Loopring exchanges.
    function updateProtocolFeeSettings(
        uint8 _protocolTakerFeeBips,
        uint8 _protocolMakerFeeBips
        )
        external
        virtual;

    /// @dev Gets the amount of staked LRC for an exchange.
    /// @param exchangeAddr The address of the exchange
    /// @return stakedLRC The amount of LRC
    function getExchangeStake(
        address exchangeAddr
        )
        public
        virtual
        view
        returns (uint stakedLRC);

    /// @dev Burns a certain amount of staked LRC for a specific exchange.
    ///      This function is meant to be called only from exchange contracts.
    /// @return burnedLRC The amount of LRC burned. If the amount is greater than
    ///         the staked amount, all staked LRC will be burned.
    function burnExchangeStake(
        uint amount
        )
        external
        virtual
        returns (uint burnedLRC);

    /// @dev Stakes more LRC for an exchange.
    /// @param  exchangeAddr The address of the exchange
    /// @param  amountLRC The amount of LRC to stake
    /// @return stakedLRC The total amount of LRC staked for the exchange
    function depositExchangeStake(
        address exchangeAddr,
        uint    amountLRC
        )
        external
        virtual
        returns (uint stakedLRC);

    /// @dev Withdraws a certain amount of staked LRC for an exchange to the given address.
    ///      This function is meant to be called only from within exchange contracts.
    /// @param  recipient The address to receive LRC
    /// @param  requestedAmount The amount of LRC to withdraw
    /// @return amountLRC The amount of LRC withdrawn
    function withdrawExchangeStake(
        address recipient,
        uint    requestedAmount
        )
        external
        virtual
        returns (uint amountLRC);

    /// @dev Gets the protocol fee values for an exchange.
    /// @return takerFeeBips The protocol taker fee
    /// @return makerFeeBips The protocol maker fee
    function getProtocolFeeValues(
        )
        public
        virtual
        view
        returns (
            uint8 takerFeeBips,
            uint8 makerFeeBips
        );
}

// File: contracts/core/iface/ExchangeData.sol

// Copyright 2017 Loopring Technology Limited.






/// @title ExchangeData
/// @dev All methods in this lib are internal, therefore, there is no need
///      to deploy this library independently.
/// @author Daniel Wang  - <[email protected]>
/// @author Brecht Devos - <[email protected]>
library ExchangeData
{
    // -- Enums --
    enum TransactionType
    {
        NOOP,
        DEPOSIT,
        WITHDRAWAL,
        TRANSFER,
        SPOT_TRADE,
        ACCOUNT_UPDATE,
        AMM_UPDATE,
        SIGNATURE_VERIFICATION
    }

    // -- Structs --
    struct Token
    {
        address token;
    }

    struct ProtocolFeeData
    {
        uint32 syncedAt; // only valid before 2105 (85 years to go)
        uint8  takerFeeBips;
        uint8  makerFeeBips;
        uint8  previousTakerFeeBips;
        uint8  previousMakerFeeBips;
    }

    // General auxiliary data for each conditional transaction
    struct AuxiliaryData
    {
        uint  txIndex;
        bool  approved;
        bytes data;
    }

    // This is the (virtual) block the owner  needs to submit onchain to maintain the
    // per-exchange (virtual) blockchain.
    struct Block
    {
        uint8      blockType;
        uint16     blockSize;
        uint8      blockVersion;
        bytes      data;
        uint256[8] proof;

        // Whether we should store the @BlockInfo for this block on-chain.
        bool storeBlockInfoOnchain;

        // Block specific data that is only used to help process the block on-chain.
        // It is not used as input for the circuits and it is not necessary for data-availability.
        // This bytes array contains the abi encoded AuxiliaryData[] data.
        bytes auxiliaryData;

        // Arbitrary data, mainly for off-chain data-availability, i.e.,
        // the multihash of the IPFS file that contains the block data.
        bytes offchainData;
    }

    struct BlockInfo
    {
        // The time the block was submitted on-chain.
        uint32  timestamp;
        // The public data hash of the block (the 28 most significant bytes).
        bytes28 blockDataHash;
    }

    // Represents an onchain deposit request.
    struct Deposit
    {
        uint96 amount;
        uint64 timestamp;
    }

    // A forced withdrawal request.
    // If the actual owner of the account initiated the request (we don't know who the owner is
    // at the time the request is being made) the full balance will be withdrawn.
    struct ForcedWithdrawal
    {
        address owner;
        uint64  timestamp;
    }

    struct Constants
    {
        uint SNARK_SCALAR_FIELD;
        uint MAX_OPEN_FORCED_REQUESTS;
        uint MAX_AGE_FORCED_REQUEST_UNTIL_WITHDRAW_MODE;
        uint TIMESTAMP_HALF_WINDOW_SIZE_IN_SECONDS;
        uint MAX_NUM_ACCOUNTS;
        uint MAX_NUM_TOKENS;
        uint MIN_AGE_PROTOCOL_FEES_UNTIL_UPDATED;
        uint MIN_TIME_IN_SHUTDOWN;
        uint TX_DATA_AVAILABILITY_SIZE;
        uint MAX_AGE_DEPOSIT_UNTIL_WITHDRAWABLE_UPPERBOUND;
    }

    // This is the prime number that is used for the alt_bn128 elliptic curve, see EIP-196.
    uint public constant SNARK_SCALAR_FIELD = 21888242871839275222246405745257275088548364400416034343698204186575808495617;

    uint public constant MAX_OPEN_FORCED_REQUESTS = 4096;
    uint public constant MAX_AGE_FORCED_REQUEST_UNTIL_WITHDRAW_MODE = 15 days;
    uint public constant TIMESTAMP_HALF_WINDOW_SIZE_IN_SECONDS = 7 days;
    uint public constant MAX_NUM_ACCOUNTS = 2 ** 32;
    uint public constant MAX_NUM_TOKENS = 2 ** 16;
    uint public constant MIN_AGE_PROTOCOL_FEES_UNTIL_UPDATED = 7 days;
    uint public constant MIN_TIME_IN_SHUTDOWN = 30 days;
    // The amount of bytes each rollup transaction uses in the block data for data-availability.
    // This is the maximum amount of bytes of all different transaction types.
    uint32 public constant MAX_AGE_DEPOSIT_UNTIL_WITHDRAWABLE_UPPERBOUND = 15 days;
    uint32 public constant ACCOUNTID_PROTOCOLFEE = 0;

    uint public constant TX_DATA_AVAILABILITY_SIZE = 68;
    uint public constant TX_DATA_AVAILABILITY_SIZE_PART_1 = 29;
    uint public constant TX_DATA_AVAILABILITY_SIZE_PART_2 = 39;

    struct AccountLeaf
    {
        uint32   accountID;
        address  owner;
        uint     pubKeyX;
        uint     pubKeyY;
        uint32   nonce;
        uint     feeBipsAMM;
    }

    struct BalanceLeaf
    {
        uint16   tokenID;
        uint96   balance;
        uint96   weightAMM;
        uint     storageRoot;
    }

    struct MerkleProof
    {
        ExchangeData.AccountLeaf accountLeaf;
        ExchangeData.BalanceLeaf balanceLeaf;
        uint[48]                 accountMerkleProof;
        uint[24]                 balanceMerkleProof;
    }

    struct BlockContext
    {
        bytes32 DOMAIN_SEPARATOR;
        uint32  timestamp;
    }

    // Represents the entire exchange state except the owner of the exchange.
    struct State
    {
        uint32  maxAgeDepositUntilWithdrawable;
        bytes32 DOMAIN_SEPARATOR;

        ILoopringV3      loopring;
        IBlockVerifier   blockVerifier;
        IAgentRegistry   agentRegistry;
        IDepositContract depositContract;


        // The merkle root of the offchain data stored in a Merkle tree. The Merkle tree
        // stores balances for users using an account model.
        bytes32 merkleRoot;

        // List of all blocks
        mapping(uint => BlockInfo) blocks;
        uint  numBlocks;

        // List of all tokens
        Token[] tokens;

        // A map from a token to its tokenID + 1
        mapping (address => uint16) tokenToTokenId;

        // A map from an accountID to a tokenID to if the balance is withdrawn
        mapping (uint32 => mapping (uint16 => bool)) withdrawnInWithdrawMode;

        // A map from an account to a token to the amount withdrawable for that account.
        // This is only used when the automatic distribution of the withdrawal failed.
        mapping (address => mapping (uint16 => uint)) amountWithdrawable;

        // A map from an account to a token to the forced withdrawal (always full balance)
        mapping (uint32 => mapping (uint16 => ForcedWithdrawal)) pendingForcedWithdrawals;

        // A map from an address to a token to a deposit
        mapping (address => mapping (uint16 => Deposit)) pendingDeposits;

        // A map from an account owner to an approved transaction hash to if the transaction is approved or not
        mapping (address => mapping (bytes32 => bool)) approvedTx;

        // A map from an account owner to a destination address to a tokenID to an amount to a storageID to a new recipient address
        mapping (address => mapping (address => mapping (uint16 => mapping (uint => mapping (uint32 => address))))) withdrawalRecipient;


        // Counter to keep track of how many of forced requests are open so we can limit the work that needs to be done by the owner
        uint32 numPendingForcedTransactions;

        // Cached data for the protocol fee
        ProtocolFeeData protocolFeeData;

        // Time when the exchange was shutdown
        uint shutdownModeStartTime;

        // Time when the exchange has entered withdrawal mode
        uint withdrawalModeStartTime;

        // Last time the protocol fee was withdrawn for a specific token
        mapping (address => uint) protocolFeeLastWithdrawnTime;
    }
}

// File: contracts/core/impl/libtransactions/BlockReader.sol

// Copyright 2017 Loopring Technology Limited.



/// @title BlockReader
/// @author Brecht Devos - <[email protected]>
/// @dev Utility library to read block data.
library BlockReader {
    using BlockReader       for ExchangeData.Block;
    using BytesUtil         for bytes;

    uint public constant OFFSET_TO_TRANSACTIONS = 20 + 32 + 32 + 4 + 1 + 1 + 4 + 4;

    struct BlockHeader
    {
        address exchange;
        bytes32 merkleRootBefore;
        bytes32 merkleRootAfter;
        uint32  timestamp;
        uint8   protocolTakerFeeBips;
        uint8   protocolMakerFeeBips;
        uint32  numConditionalTransactions;
        uint32  operatorAccountID;
    }

    function readHeader(
        bytes memory _blockData
        )
        internal
        pure
        returns (BlockHeader memory header)
    {
        uint offset = 0;
        header.exchange = _blockData.toAddress(offset);
        offset += 20;
        header.merkleRootBefore = _blockData.toBytes32(offset);
        offset += 32;
        header.merkleRootAfter = _blockData.toBytes32(offset);
        offset += 32;
        header.timestamp = _blockData.toUint32(offset);
        offset += 4;
        header.protocolTakerFeeBips = _blockData.toUint8(offset);
        offset += 1;
        header.protocolMakerFeeBips = _blockData.toUint8(offset);
        offset += 1;
        header.numConditionalTransactions = _blockData.toUint32(offset);
        offset += 4;
        header.operatorAccountID = _blockData.toUint32(offset);
        offset += 4;
        assert(offset == OFFSET_TO_TRANSACTIONS);
    }

    function readTransactionData(
        bytes memory data,
        uint txIdx,
        uint blockSize,
        bytes memory txData
        )
        internal
        pure
    {
        require(txIdx < blockSize, "INVALID_TX_IDX");

        // The transaction was transformed to make it easier to compress.
        // Transform it back here.
        // Part 1
        uint txDataOffset = OFFSET_TO_TRANSACTIONS +
            txIdx * ExchangeData.TX_DATA_AVAILABILITY_SIZE_PART_1;
        assembly {
            mstore(add(txData, 32), mload(add(data, add(txDataOffset, 32))))
        }
        // Part 2
        txDataOffset = OFFSET_TO_TRANSACTIONS +
            blockSize * ExchangeData.TX_DATA_AVAILABILITY_SIZE_PART_1 +
            txIdx * ExchangeData.TX_DATA_AVAILABILITY_SIZE_PART_2;
        assembly {
            mstore(add(txData, 61 /*32 + 29*/), mload(add(data, add(txDataOffset, 32))))
            mstore(add(txData, 68            ), mload(add(data, add(txDataOffset, 39))))
        }
    }
}

// File: contracts/lib/EIP712.sol

// Copyright 2017 Loopring Technology Limited.


library EIP712
{
    struct Domain {
        string  name;
        string  version;
        address verifyingContract;
    }

    bytes32 constant internal EIP712_DOMAIN_TYPEHASH = keccak256(
        "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
    );

    string constant internal EIP191_HEADER = "\x19\x01";

    function hash(Domain memory domain)
        internal
        pure
        returns (bytes32)
    {
        uint _chainid;
        assembly { _chainid := chainid() }

        return keccak256(
            abi.encode(
                EIP712_DOMAIN_TYPEHASH,
                keccak256(bytes(domain.name)),
                keccak256(bytes(domain.version)),
                _chainid,
                domain.verifyingContract
            )
        );
    }

    function hashPacked(
        bytes32 domainHash,
        bytes32 dataHash
        )
        internal
        pure
        returns (bytes32)
    {
        return keccak256(
            abi.encodePacked(
                EIP191_HEADER,
                domainHash,
                dataHash
            )
        );
    }
}

// File: contracts/lib/MathUint.sol

// Copyright 2017 Loopring Technology Limited.


/// @title Utility Functions for uint
/// @author Daniel Wang - <[email protected]>
library MathUint
{
    using MathUint for uint;

    function mul(
        uint a,
        uint b
        )
        internal
        pure
        returns (uint c)
    {
        c = a * b;
        require(a == 0 || c / a == b, "MUL_OVERFLOW");
    }

    function sub(
        uint a,
        uint b
        )
        internal
        pure
        returns (uint)
    {
        require(b <= a, "SUB_UNDERFLOW");
        return a - b;
    }

    function add(
        uint a,
        uint b
        )
        internal
        pure
        returns (uint c)
    {
        c = a + b;
        require(c >= a, "ADD_OVERFLOW");
    }

    function add64(
        uint64 a,
        uint64 b
        )
        internal
        pure
        returns (uint64 c)
    {
        c = a + b;
        require(c >= a, "ADD_OVERFLOW");
    }
}

// File: contracts/lib/AddressUtil.sol

// Copyright 2017 Loopring Technology Limited.


/// @title Utility Functions for addresses
/// @author Daniel Wang - <[email protected]>
/// @author Brecht Devos - <[email protected]>
library AddressUtil
{
    using AddressUtil for *;

    function isContract(
        address addr
        )
        internal
        view
        returns (bool)
    {
        // According to EIP-1052, 0x0 is the value returned for not-yet created accounts
        // and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
        // for accounts without code, i.e. `keccak256('')`
        bytes32 codehash;
        // solhint-disable-next-line no-inline-assembly
        assembly { codehash := extcodehash(addr) }
        return (codehash != 0x0 &&
                codehash != 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470);
    }

    function toPayable(
        address addr
        )
        internal
        pure
        returns (address payable)
    {
        return payable(addr);
    }

    // Works like address.send but with a customizable gas limit
    // Make sure your code is safe for reentrancy when using this function!
    function sendETH(
        address to,
        uint    amount,
        uint    gasLimit
        )
        internal
        returns (bool success)
    {
        if (amount == 0) {
            return true;
        }
        address payable recipient = to.toPayable();
        /* solium-disable-next-line */
        (success, ) = recipient.call{value: amount, gas: gasLimit}("");
    }

    // Works like address.transfer but with a customizable gas limit
    // Make sure your code is safe for reentrancy when using this function!
    function sendETHAndVerify(
        address to,
        uint    amount,
        uint    gasLimit
        )
        internal
        returns (bool success)
    {
        success = to.sendETH(amount, gasLimit);
        require(success, "TRANSFER_FAILURE");
    }

    // Works like call but is slightly more efficient when data
    // needs to be copied from memory to do the call.
    function fastCall(
        address to,
        uint    gasLimit,
        uint    value,
        bytes   memory data
        )
        internal
        returns (bool success, bytes memory returnData)
    {
        if (to != address(0)) {
            assembly {
                // Do the call
                success := call(gasLimit, to, value, add(data, 32), mload(data), 0, 0)
                // Copy the return data
                let size := returndatasize()
                returnData := mload(0x40)
                mstore(returnData, size)
                returndatacopy(add(returnData, 32), 0, size)
                // Update free memory pointer
                mstore(0x40, add(returnData, add(32, size)))
            }
        }
    }

    // Like fastCall, but throws when the call is unsuccessful.
    function fastCallAndVerify(
        address to,
        uint    gasLimit,
        uint    value,
        bytes   memory data
        )
        internal
        returns (bytes memory returnData)
    {
        bool success;
        (success, returnData) = fastCall(to, gasLimit, value, data);
        if (!success) {
            assembly {
                revert(add(returnData, 32), mload(returnData))
            }
        }
    }
}

// File: contracts/lib/ERC1271.sol

// Copyright 2017 Loopring Technology Limited.

abstract contract ERC1271 {
    // bytes4(keccak256("isValidSignature(bytes32,bytes)")
    bytes4 constant internal ERC1271_MAGICVALUE = 0x1626ba7e;

    function isValidSignature(
        bytes32      _hash,
        bytes memory _signature)
        public
        view
        virtual
        returns (bytes4 magicValueB32);

}

// File: contracts/lib/SignatureUtil.sol

// Copyright 2017 Loopring Technology Limited.






/// @title SignatureUtil
/// @author Daniel Wang - <[email protected]>
/// @dev This method supports multihash standard. Each signature's last byte indicates
///      the signature's type.
library SignatureUtil
{
    using BytesUtil     for bytes;
    using MathUint      for uint;
    using AddressUtil   for address;

    enum SignatureType {
        ILLEGAL,
        INVALID,
        EIP_712,
        ETH_SIGN,
        WALLET   // deprecated
    }

    bytes4 constant internal ERC1271_MAGICVALUE = 0x1626ba7e;

    function verifySignatures(
        bytes32          signHash,
        address[] memory signers,
        bytes[]   memory signatures
        )
        internal
        view
        returns (bool)
    {
        require(signers.length == signatures.length, "BAD_SIGNATURE_DATA");
        address lastSigner;
        for (uint i = 0; i < signers.length; i++) {
            require(signers[i] > lastSigner, "INVALID_SIGNERS_ORDER");
            lastSigner = signers[i];
            if (!verifySignature(signHash, signers[i], signatures[i])) {
                return false;
            }
        }
        return true;
    }

    function verifySignature(
        bytes32        signHash,
        address        signer,
        bytes   memory signature
        )
        internal
        view
        returns (bool)
    {
        if (signer == address(0)) {
            return false;
        }

        return signer.isContract()?
            verifyERC1271Signature(signHash, signer, signature):
            verifyEOASignature(signHash, signer, signature);
    }

    function recoverECDSASigner(
        bytes32      signHash,
        bytes memory signature
        )
        internal
        pure
        returns (address)
    {
        if (signature.length != 65) {
            return address(0);
        }

        bytes32 r;
        bytes32 s;
        uint8   v;
        // we jump 32 (0x20) as the first slot of bytes contains the length
        // we jump 65 (0x41) per signature
        // for v we load 32 bytes ending with v (the first 31 come from s) then apply a mask
        assembly {
            r := mload(add(signature, 0x20))
            s := mload(add(signature, 0x40))
            v := and(mload(add(signature, 0x41)), 0xff)
        }
        // See https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/cryptography/ECDSA.sol
        if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
            return address(0);
        }
        if (v == 27 || v == 28) {
            return ecrecover(signHash, v, r, s);
        } else {
            return address(0);
        }
    }

    function verifyEOASignature(
        bytes32        signHash,
        address        signer,
        bytes   memory signature
        )
        private
        pure
        returns (bool success)
    {
        if (signer == address(0)) {
            return false;
        }

        uint signatureTypeOffset = signature.length.sub(1);
        SignatureType signatureType = SignatureType(signature.toUint8(signatureTypeOffset));

        // Strip off the last byte of the signature by updating the length
        assembly {
            mstore(signature, signatureTypeOffset)
        }

        if (signatureType == SignatureType.EIP_712) {
            success = (signer == recoverECDSASigner(signHash, signature));
        } else if (signatureType == SignatureType.ETH_SIGN) {
            bytes32 hash = keccak256(
                abi.encodePacked("\x19Ethereum Signed Message:\n32", signHash)
            );
            success = (signer == recoverECDSASigner(hash, signature));
        } else {
            success = false;
        }

        // Restore the signature length
        assembly {
            mstore(signature, add(signatureTypeOffset, 1))
        }

        return success;
    }

    function verifyERC1271Signature(
        bytes32 signHash,
        address signer,
        bytes   memory signature
        )
        private
        view
        returns (bool)
    {
        bytes memory callData = abi.encodeWithSelector(
            ERC1271.isValidSignature.selector,
            signHash,
            signature
        );
        (bool success, bytes memory result) = signer.staticcall(callData);
        return (
            success &&
            result.length == 32 &&
            result.toBytes4(0) == ERC1271_MAGICVALUE
        );
    }
}

// File: contracts/core/impl/libexchange/ExchangeSignatures.sol

// Copyright 2017 Loopring Technology Limited.




/// @title ExchangeSignatures.
/// @dev All methods in this lib are internal, therefore, there is no need
///      to deploy this library independently.
/// @author Brecht Devos - <[email protected]>
/// @author Daniel Wang  - <[email protected]>
library ExchangeSignatures
{
    using SignatureUtil for bytes32;

    function requireAuthorizedTx(
        ExchangeData.State storage S,
        address signer,
        bytes memory signature,
        bytes32 txHash
        )
        internal // inline call
    {
        require(signer != address(0), "INVALID_SIGNER");
        // Verify the signature if one is provided, otherwise fall back to an approved tx
        if (signature.length > 0) {
            require(txHash.verifySignature(signer, signature), "INVALID_SIGNATURE");
        } else {
            require(S.approvedTx[signer][txHash], "TX_NOT_APPROVED");
            delete S.approvedTx[signer][txHash];
        }
    }
}

// File: contracts/core/impl/libtransactions/AmmUpdateTransaction.sol

// Copyright 2017 Loopring Technology Limited.








/// @title AmmUpdateTransaction
/// @author Brecht Devos - <[email protected]>
library AmmUpdateTransaction
{
    using BytesUtil            for bytes;
    using MathUint             for uint;
    using ExchangeSignatures   for ExchangeData.State;

    bytes32 constant public AMMUPDATE_TYPEHASH = keccak256(
        "AmmUpdate(address owner,uint32 accountID,uint16 tokenID,uint8 feeBips,uint96 tokenWeight,uint32 validUntil,uint32 nonce)"
    );

    struct AmmUpdate
    {
        address owner;
        uint32  accountID;
        uint16  tokenID;
        uint8   feeBips;
        uint96  tokenWeight;
        uint32  validUntil;
        uint32  nonce;
        uint96  balance;
    }

    // Auxiliary data for each AMM update
    struct AmmUpdateAuxiliaryData
    {
        bytes  signature;
        uint32 validUntil;
    }

    function process(
        ExchangeData.State        storage S,
        ExchangeData.BlockContext memory  ctx,
        bytes                     memory  data,
        uint                              offset,
        bytes                     memory  auxiliaryData
        )
        internal
    {
        // Read in the AMM update
        AmmUpdate memory update;
        readTx(data, offset, update);
        AmmUpdateAuxiliaryData memory auxData = abi.decode(auxiliaryData, (AmmUpdateAuxiliaryData));

        // Check validUntil
        require(ctx.timestamp < auxData.validUntil, "AMM_UPDATE_EXPIRED");
        update.validUntil = auxData.validUntil;

        // Calculate the tx hash
        bytes32 txHash = hashTx(ctx.DOMAIN_SEPARATOR, update);

        // Check the on-chain authorization
        S.requireAuthorizedTx(update.owner, auxData.signature, txHash);
    }

    function readTx(
        bytes memory data,
        uint         offset,
        AmmUpdate memory update
        )
        internal
        pure
    {
        uint _offset = offset;

        require(data.toUint8Unsafe(_offset) == uint8(ExchangeData.TransactionType.AMM_UPDATE), "INVALID_TX_TYPE");
        _offset += 1;

        // We don't use abi.decode for this because of the large amount of zero-padding
        // bytes the circuit would also have to hash.
        update.owner = data.toAddressUnsafe(_offset);
        _offset += 20;
        update.accountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        update.tokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        update.feeBips = data.toUint8Unsafe(_offset);
        _offset += 1;
        update.tokenWeight = data.toUint96Unsafe(_offset);
        _offset += 12;
        update.nonce = data.toUint32Unsafe(_offset);
        _offset += 4;
        update.balance = data.toUint96Unsafe(_offset);
        _offset += 12;
    }

    function hashTx(
        bytes32 DOMAIN_SEPARATOR,
        AmmUpdate memory update
        )
        internal
        pure
        returns (bytes32)
    {
        return EIP712.hashPacked(
            DOMAIN_SEPARATOR,
            keccak256(
                abi.encode(
                    AMMUPDATE_TYPEHASH,
                    update.owner,
                    update.accountID,
                    update.tokenID,
                    update.feeBips,
                    update.tokenWeight,
                    update.validUntil,
                    update.nonce
                )
            )
        );
    }
}

// File: contracts/lib/MathUint96.sol

// Copyright 2017 Loopring Technology Limited.


/// @title Utility Functions for uint
/// @author Daniel Wang - <[email protected]>
library MathUint96
{
    function add(
        uint96 a,
        uint96 b
        )
        internal
        pure
        returns (uint96 c)
    {
        c = a + b;
        require(c >= a, "ADD_OVERFLOW");
    }

    function sub(
        uint96 a,
        uint96 b
        )
        internal
        pure
        returns (uint96 c)
    {
        require(b <= a, "SUB_UNDERFLOW");
        return a - b;
    }
}

// File: contracts/core/impl/libtransactions/DepositTransaction.sol

// Copyright 2017 Loopring Technology Limited.







/// @title DepositTransaction
/// @author Brecht Devos - <[email protected]>
library DepositTransaction
{
    using BytesUtil   for bytes;
    using MathUint96  for uint96;

    struct Deposit
    {
        address to;
        uint32  toAccountID;
        uint16  tokenID;
        uint96  amount;
    }

    function process(
        ExchangeData.State        storage S,
        ExchangeData.BlockContext memory  /*ctx*/,
        bytes                     memory  data,
        uint                              offset,
        bytes                     memory  /*auxiliaryData*/
        )
        internal
    {
        // Read in the deposit
        Deposit memory deposit;
        readTx(data, offset, deposit);
        if (deposit.amount == 0) {
            return;
        }

        // Process the deposit
        ExchangeData.Deposit memory pendingDeposit = S.pendingDeposits[deposit.to][deposit.tokenID];
        // Make sure the deposit was actually done
        require(pendingDeposit.timestamp > 0, "DEPOSIT_DOESNT_EXIST");

        // Processing partial amounts of the deposited amount is allowed.
        // This is done to ensure the user can do multiple deposits after each other
        // without invalidating work done by the exchange owner for previous deposit amounts.

        require(pendingDeposit.amount >= deposit.amount, "INVALID_AMOUNT");
        pendingDeposit.amount = pendingDeposit.amount.sub(deposit.amount);

        // If the deposit was fully consumed, reset it so the storage is freed up
        // and the owner receives a gas refund.
        if (pendingDeposit.amount == 0) {
            delete S.pendingDeposits[deposit.to][deposit.tokenID];
        } else {
            S.pendingDeposits[deposit.to][deposit.tokenID] = pendingDeposit;
        }
    }

    function readTx(
        bytes   memory data,
        uint           offset,
        Deposit memory deposit
        )
        internal
        pure
    {
        uint _offset = offset;

        require(data.toUint8Unsafe(_offset) == uint8(ExchangeData.TransactionType.DEPOSIT), "INVALID_TX_TYPE");
        _offset += 1;

        // We don't use abi.decode for this because of the large amount of zero-padding
        // bytes the circuit would also have to hash.
        deposit.to = data.toAddressUnsafe(_offset);
        _offset += 20;
        deposit.toAccountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        deposit.tokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        deposit.amount = data.toUint96Unsafe(_offset);
        _offset += 12;
    }
}

// File: contracts/core/impl/libtransactions/SignatureVerificationTransaction.sol

// Copyright 2017 Loopring Technology Limited.







/// @title SignatureVerificationTransaction
/// @author Brecht Devos - <[email protected]>
library SignatureVerificationTransaction
{
    using BytesUtil            for bytes;
    using MathUint             for uint;

    struct SignatureVerification
    {
        address owner;
        uint32  accountID;
        uint256 data;
    }

    function readTx(
        bytes memory data,
        uint         offset,
        SignatureVerification memory verification
        )
        internal
        pure
    {
        uint _offset = offset;

        require(data.toUint8Unsafe(_offset) == uint8(ExchangeData.TransactionType.SIGNATURE_VERIFICATION), "INVALID_TX_TYPE");
        _offset += 1;

        // We don't use abi.decode for this because of the large amount of zero-padding
        // bytes the circuit would also have to hash.
        verification.owner = data.toAddressUnsafe(_offset);
        _offset += 20;
        verification.accountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        verification.data = data.toUintUnsafe(_offset);
        _offset += 32;
    }
}

// File: contracts/thirdparty/SafeCast.sol

// Taken from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/SafeCast.sol



/**
 * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow
 * checks.
 *
 * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
 * easily result in undesired exploitation or bugs, since developers usually
 * assume that overflows raise errors. `SafeCast` restores this intuition by
 * reverting the transaction when such an operation overflows.
 *
 * Using this library instead of the unchecked operations eliminates an entire
 * class of bugs, so it's recommended to use it always.
 *
 * Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing
 * all math on `uint256` and `int256` and then downcasting.
 */
library SafeCast {

    /**
     * @dev Returns the downcasted uint128 from uint256, reverting on
     * overflow (when the input is greater than largest uint128).
     *
     * Counterpart to Solidity's `uint128` operator.
     *
     * Requirements:
     *
     * - input must fit into 128 bits
     */
    function toUint128(uint256 value) internal pure returns (uint128) {
        require(value < 2**128, "SafeCast: value doesn\'t fit in 128 bits");
        return uint128(value);
    }

    /**
     * @dev Returns the downcasted uint96 from uint256, reverting on
     * overflow (when the input is greater than largest uint96).
     *
     * Counterpart to Solidity's `uint96` operator.
     *
     * Requirements:
     *
     * - input must fit into 96 bits
     */
    function toUint96(uint256 value) internal pure returns (uint96) {
        require(value < 2**96, "SafeCast: value doesn\'t fit in 96 bits");
        return uint96(value);
    }

    /**
     * @dev Returns the downcasted uint64 from uint256, reverting on
     * overflow (when the input is greater than largest uint64).
     *
     * Counterpart to Solidity's `uint64` operator.
     *
     * Requirements:
     *
     * - input must fit into 64 bits
     */
    function toUint64(uint256 value) internal pure returns (uint64) {
        require(value < 2**64, "SafeCast: value doesn\'t fit in 64 bits");
        return uint64(value);
    }

    /**
     * @dev Returns the downcasted uint32 from uint256, reverting on
     * overflow (when the input is greater than largest uint32).
     *
     * Counterpart to Solidity's `uint32` operator.
     *
     * Requirements:
     *
     * - input must fit into 32 bits
     */
    function toUint32(uint256 value) internal pure returns (uint32) {
        require(value < 2**32, "SafeCast: value doesn\'t fit in 32 bits");
        return uint32(value);
    }

    /**
     * @dev Returns the downcasted uint40 from uint256, reverting on
     * overflow (when the input is greater than largest uint40).
     *
     * Counterpart to Solidity's `uint32` operator.
     *
     * Requirements:
     *
     * - input must fit into 40 bits
     */
    function toUint40(uint256 value) internal pure returns (uint40) {
        require(value < 2**40, "SafeCast: value doesn\'t fit in 40 bits");
        return uint40(value);
    }

    /**
     * @dev Returns the downcasted uint16 from uint256, reverting on
     * overflow (when the input is greater than largest uint16).
     *
     * Counterpart to Solidity's `uint16` operator.
     *
     * Requirements:
     *
     * - input must fit into 16 bits
     */
    function toUint16(uint256 value) internal pure returns (uint16) {
        require(value < 2**16, "SafeCast: value doesn\'t fit in 16 bits");
        return uint16(value);
    }

    /**
     * @dev Returns the downcasted uint8 from uint256, reverting on
     * overflow (when the input is greater than largest uint8).
     *
     * Counterpart to Solidity's `uint8` operator.
     *
     * Requirements:
     *
     * - input must fit into 8 bits.
     */
    function toUint8(uint256 value) internal pure returns (uint8) {
        require(value < 2**8, "SafeCast: value doesn\'t fit in 8 bits");
        return uint8(value);
    }

    /**
     * @dev Converts a signed int256 into an unsigned uint256.
     *
     * Requirements:
     *
     * - input must be greater than or equal to 0.
     */
    function toUint256(int256 value) internal pure returns (uint256) {
        require(value >= 0, "SafeCast: value must be positive");
        return uint256(value);
    }

    /**
     * @dev Returns the downcasted int128 from int256, reverting on
     * overflow (when the input is less than smallest int128 or
     * greater than largest int128).
     *
     * Counterpart to Solidity's `int128` operator.
     *
     * Requirements:
     *
     * - input must fit into 128 bits
     *
     * _Available since v3.1._
     */
    function toInt128(int256 value) internal pure returns (int128) {
        require(value >= -2**127 && value < 2**127, "SafeCast: value doesn\'t fit in 128 bits");
        return int128(value);
    }

    /**
     * @dev Returns the downcasted int64 from int256, reverting on
     * overflow (when the input is less than smallest int64 or
     * greater than largest int64).
     *
     * Counterpart to Solidity's `int64` operator.
     *
     * Requirements:
     *
     * - input must fit into 64 bits
     *
     * _Available since v3.1._
     */
    function toInt64(int256 value) internal pure returns (int64) {
        require(value >= -2**63 && value < 2**63, "SafeCast: value doesn\'t fit in 64 bits");
        return int64(value);
    }

    /**
     * @dev Returns the downcasted int32 from int256, reverting on
     * overflow (when the input is less than smallest int32 or
     * greater than largest int32).
     *
     * Counterpart to Solidity's `int32` operator.
     *
     * Requirements:
     *
     * - input must fit into 32 bits
     *
     * _Available since v3.1._
     */
    function toInt32(int256 value) internal pure returns (int32) {
        require(value >= -2**31 && value < 2**31, "SafeCast: value doesn\'t fit in 32 bits");
        return int32(value);
    }

    /**
     * @dev Returns the downcasted int16 from int256, reverting on
     * overflow (when the input is less than smallest int16 or
     * greater than largest int16).
     *
     * Counterpart to Solidity's `int16` operator.
     *
     * Requirements:
     *
     * - input must fit into 16 bits
     *
     * _Available since v3.1._
     */
    function toInt16(int256 value) internal pure returns (int16) {
        require(value >= -2**15 && value < 2**15, "SafeCast: value doesn\'t fit in 16 bits");
        return int16(value);
    }

    /**
     * @dev Returns the downcasted int8 from int256, reverting on
     * overflow (when the input is less than smallest int8 or
     * greater than largest int8).
     *
     * Counterpart to Solidity's `int8` operator.
     *
     * Requirements:
     *
     * - input must fit into 8 bits.
     *
     * _Available since v3.1._
     */
    function toInt8(int256 value) internal pure returns (int8) {
        require(value >= -2**7 && value < 2**7, "SafeCast: value doesn\'t fit in 8 bits");
        return int8(value);
    }

    /**
     * @dev Converts an unsigned uint256 into a signed int256.
     *
     * Requirements:
     *
     * - input must be less than or equal to maxInt256.
     */
    function toInt256(uint256 value) internal pure returns (int256) {
        require(value < 2**255, "SafeCast: value doesn't fit in an int256");
        return int256(value);
    }
}

// File: contracts/lib/FloatUtil.sol

// Copyright 2017 Loopring Technology Limited.




/// @title Utility Functions for floats
/// @author Brecht Devos - <[email protected]>
library FloatUtil
{
    using MathUint for uint;
    using SafeCast for uint;

    // Decodes a decimal float value that is encoded like `exponent | mantissa`.
    // Both exponent and mantissa are in base 10.
    // Decoding to an integer is as simple as `mantissa * (10 ** exponent)`
    // Will throw when the decoded value overflows an uint96
    /// @param f The float value with 5 bits for the exponent
    /// @param numBits The total number of bits (numBitsMantissa := numBits - numBitsExponent)
    /// @return value The decoded integer value.
    function decodeFloat(
        uint f,
        uint numBits
        )
        internal
        pure
        returns (uint96 value)
    {
        if (f == 0) {
            return 0;
        }
        uint numBitsMantissa = numBits.sub(5);
        uint exponent = f >> numBitsMantissa;
        // log2(10**77) = 255.79 < 256
        require(exponent <= 77, "EXPONENT_TOO_LARGE");
        uint mantissa = f & ((1 << numBitsMantissa) - 1);
        value = mantissa.mul(10 ** exponent).toUint96();
    }

    // Decodes a decimal float value that is encoded like `exponent | mantissa`.
    // Both exponent and mantissa are in base 10.
    // Decoding to an integer is as simple as `mantissa * (10 ** exponent)`
    // Will throw when the decoded value overflows an uint96
    /// @param f The float value with 5 bits exponent, 11 bits mantissa
    /// @return value The decoded integer value.
    function decodeFloat16(
        uint16 f
        )
        internal
        pure
        returns (uint96)
    {
        uint value = ((uint(f) & 2047) * (10 ** (uint(f) >> 11)));
        require(value < 2**96, "SafeCast: value doesn\'t fit in 96 bits");
        return uint96(value);
    }

    // Decodes a decimal float value that is encoded like `exponent | mantissa`.
    // Both exponent and mantissa are in base 10.
    // Decoding to an integer is as simple as `mantissa * (10 ** exponent)`
    // Will throw when the decoded value overflows an uint96
    /// @param f The float value with 5 bits exponent, 19 bits mantissa
    /// @return value The decoded integer value.
    function decodeFloat24(
        uint24 f
        )
        internal
        pure
        returns (uint96)
    {
        uint value = ((uint(f) & 524287) * (10 ** (uint(f) >> 19)));
        require(value < 2**96, "SafeCast: value doesn\'t fit in 96 bits");
        return uint96(value);
    }
}

// File: contracts/core/impl/libtransactions/TransferTransaction.sol

// Copyright 2017 Loopring Technology Limited.








/// @title TransferTransaction
/// @author Brecht Devos - <[email protected]>
library TransferTransaction
{
    using BytesUtil            for bytes;
    using FloatUtil            for uint24;
    using FloatUtil            for uint16;
    using MathUint             for uint;
    using ExchangeSignatures   for ExchangeData.State;

    bytes32 constant public TRANSFER_TYPEHASH = keccak256(
        "Transfer(address from,address to,uint16 tokenID,uint96 amount,uint16 feeTokenID,uint96 maxFee,uint32 validUntil,uint32 storageID)"
    );

    struct Transfer
    {
        uint32  fromAccountID;
        uint32  toAccountID;
        address from;
        address to;
        uint16  tokenID;
        uint96  amount;
        uint16  feeTokenID;
        uint96  maxFee;
        uint96  fee;
        uint32  validUntil;
        uint32  storageID;
    }

    // Auxiliary data for each transfer
    struct TransferAuxiliaryData
    {
        bytes  signature;
        uint96 maxFee;
        uint32 validUntil;
    }

    function process(
        ExchangeData.State        storage S,
        ExchangeData.BlockContext memory  ctx,
        bytes                     memory  data,
        uint                              offset,
        bytes                     memory  auxiliaryData
        )
        internal
    {
        // Read the transfer
        Transfer memory transfer;
        readTx(data, offset, transfer);
        TransferAuxiliaryData memory auxData = abi.decode(auxiliaryData, (TransferAuxiliaryData));

        // Fill in withdrawal data missing from DA
        transfer.validUntil = auxData.validUntil;
        transfer.maxFee = auxData.maxFee == 0 ? transfer.fee : auxData.maxFee;
        // Validate
        require(ctx.timestamp < transfer.validUntil, "TRANSFER_EXPIRED");
        require(transfer.fee <= transfer.maxFee, "TRANSFER_FEE_TOO_HIGH");

        // Calculate the tx hash
        bytes32 txHash = hashTx(ctx.DOMAIN_SEPARATOR, transfer);

        // Check the on-chain authorization
        S.requireAuthorizedTx(transfer.from, auxData.signature, txHash);
    }

    function readTx(
        bytes memory data,
        uint         offset,
        Transfer memory transfer
        )
        internal
        pure
    {
        uint _offset = offset;

        require(data.toUint8Unsafe(_offset) == uint8(ExchangeData.TransactionType.TRANSFER), "INVALID_TX_TYPE");
        _offset += 1;

        // Check that this is a conditional transfer
        require(data.toUint8Unsafe(_offset) == 1, "INVALID_AUXILIARYDATA_DATA");
        _offset += 1;

        // Extract the transfer data
        // We don't use abi.decode for this because of the large amount of zero-padding
        // bytes the circuit would also have to hash.
        transfer.fromAccountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        transfer.toAccountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        transfer.tokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        transfer.amount = data.toUint24Unsafe(_offset).decodeFloat24();
        _offset += 3;
        transfer.feeTokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        transfer.fee = data.toUint16Unsafe(_offset).decodeFloat16();
        _offset += 2;
        transfer.storageID = data.toUint32Unsafe(_offset);
        _offset += 4;
        transfer.to = data.toAddressUnsafe(_offset);
        _offset += 20;
        transfer.from = data.toAddressUnsafe(_offset);
        _offset += 20;
    }

    function hashTx(
        bytes32 DOMAIN_SEPARATOR,
        Transfer memory transfer
        )
        internal
        pure
        returns (bytes32)
    {
        return EIP712.hashPacked(
            DOMAIN_SEPARATOR,
            keccak256(
                abi.encode(
                    TRANSFER_TYPEHASH,
                    transfer.from,
                    transfer.to,
                    transfer.tokenID,
                    transfer.amount,
                    transfer.feeTokenID,
                    transfer.maxFee,
                    transfer.validUntil,
                    transfer.storageID
                )
            )
        );
    }
}

// File: contracts/core/impl/libexchange/ExchangeMode.sol

// Copyright 2017 Loopring Technology Limited.




/// @title ExchangeMode.
/// @dev All methods in this lib are internal, therefore, there is no need
///      to deploy this library independently.
/// @author Brecht Devos - <[email protected]>
/// @author Daniel Wang  - <[email protected]>
library ExchangeMode
{
    using MathUint  for uint;

    function isInWithdrawalMode(
        ExchangeData.State storage S
        )
        internal // inline call
        view
        returns (bool result)
    {
        result = S.withdrawalModeStartTime > 0;
    }

    function isShutdown(
        ExchangeData.State storage S
        )
        internal // inline call
        view
        returns (bool)
    {
        return S.shutdownModeStartTime > 0;
    }

    function getNumAvailableForcedSlots(
        ExchangeData.State storage S
        )
        internal
        view
        returns (uint)
    {
        return ExchangeData.MAX_OPEN_FORCED_REQUESTS - S.numPendingForcedTransactions;
    }
}

// File: contracts/lib/Poseidon.sol

// Copyright 2017 Loopring Technology Limited.


/// @title Poseidon hash function
///        See: https://eprint.iacr.org/2019/458.pdf
///        Code auto-generated by generate_poseidon_EVM_code.py
/// @author Brecht Devos - <[email protected]>
library Poseidon
{
    //
    // hash_t5f6p52
    //

    struct HashInputs5
    {
        uint t0;
        uint t1;
        uint t2;
        uint t3;
        uint t4;
    }

    function hash_t5f6p52_internal(
        uint t0,
        uint t1,
        uint t2,
        uint t3,
        uint t4,
        uint q
        )
        internal
        pure
        returns (uint)
    {
        assembly {
            function mix(_t0, _t1, _t2, _t3, _t4, _q) -> nt0, nt1, nt2, nt3, nt4 {
                nt0 := mulmod(_t0, 4977258759536702998522229302103997878600602264560359702680165243908162277980, _q)
                nt0 := addmod(nt0, mulmod(_t1, 19167410339349846567561662441069598364702008768579734801591448511131028229281, _q), _q)
                nt0 := addmod(nt0, mulmod(_t2, 14183033936038168803360723133013092560869148726790180682363054735190196956789, _q), _q)
                nt0 := addmod(nt0, mulmod(_t3, 9067734253445064890734144122526450279189023719890032859456830213166173619761, _q), _q)
                nt0 := addmod(nt0, mulmod(_t4, 16378664841697311562845443097199265623838619398287411428110917414833007677155, _q), _q)
                nt1 := mulmod(_t0, 107933704346764130067829474107909495889716688591997879426350582457782826785, _q)
                nt1 := addmod(nt1, mulmod(_t1, 17034139127218860091985397764514160131253018178110701196935786874261236172431, _q), _q)
                nt1 := addmod(nt1, mulmod(_t2, 2799255644797227968811798608332314218966179365168250111693473252876996230317, _q), _q)
                nt1 := addmod(nt1, mulmod(_t3, 2482058150180648511543788012634934806465808146786082148795902594096349483974, _q), _q)
                nt1 := addmod(nt1, mulmod(_t4, 16563522740626180338295201738437974404892092704059676533096069531044355099628, _q), _q)
                nt2 := mulmod(_t0, 13596762909635538739079656925495736900379091964739248298531655823337482778123, _q)
                nt2 := addmod(nt2, mulmod(_t1, 18985203040268814769637347880759846911264240088034262814847924884273017355969, _q), _q)
                nt2 := addmod(nt2, mulmod(_t2, 8652975463545710606098548415650457376967119951977109072274595329619335974180, _q), _q)
                nt2 := addmod(nt2, mulmod(_t3, 970943815872417895015626519859542525373809485973005165410533315057253476903, _q), _q)
                nt2 := addmod(nt2, mulmod(_t4, 19406667490568134101658669326517700199745817783746545889094238643063688871948, _q), _q)
                nt3 := mulmod(_t0, 2953507793609469112222895633455544691298656192015062835263784675891831794974, _q)
                nt3 := addmod(nt3, mulmod(_t1, 19025623051770008118343718096455821045904242602531062247152770448380880817517, _q), _q)
                nt3 := addmod(nt3, mulmod(_t2, 9077319817220936628089890431129759976815127354480867310384708941479362824016, _q), _q)
                nt3 := addmod(nt3, mulmod(_t3, 4770370314098695913091200576539533727214143013236894216582648993741910829490, _q), _q)
                nt3 := addmod(nt3, mulmod(_t4, 4298564056297802123194408918029088169104276109138370115401819933600955259473, _q), _q)
                nt4 := mulmod(_t0, 8336710468787894148066071988103915091676109272951895469087957569358494947747, _q)
                nt4 := addmod(nt4, mulmod(_t1, 16205238342129310687768799056463408647672389183328001070715567975181364448609, _q), _q)
                nt4 := addmod(nt4, mulmod(_t2, 8303849270045876854140023508764676765932043944545416856530551331270859502246, _q), _q)
                nt4 := addmod(nt4, mulmod(_t3, 20218246699596954048529384569730026273241102596326201163062133863539137060414, _q), _q)
                nt4 := addmod(nt4, mulmod(_t4, 1712845821388089905746651754894206522004527237615042226559791118162382909269, _q), _q)
            }

            function ark(_t0, _t1, _t2, _t3, _t4, _q, c) -> nt0, nt1, nt2, nt3, nt4 {
                nt0 := addmod(_t0, c, _q)
                nt1 := addmod(_t1, c, _q)
                nt2 := addmod(_t2, c, _q)
                nt3 := addmod(_t3, c, _q)
                nt4 := addmod(_t4, c, _q)
            }

            function sbox_full(_t0, _t1, _t2, _t3, _t4, _q) -> nt0, nt1, nt2, nt3, nt4 {
                nt0 := mulmod(_t0, _t0, _q)
                nt0 := mulmod(nt0, nt0, _q)
                nt0 := mulmod(_t0, nt0, _q)
                nt1 := mulmod(_t1, _t1, _q)
                nt1 := mulmod(nt1, nt1, _q)
                nt1 := mulmod(_t1, nt1, _q)
                nt2 := mulmod(_t2, _t2, _q)
                nt2 := mulmod(nt2, nt2, _q)
                nt2 := mulmod(_t2, nt2, _q)
                nt3 := mulmod(_t3, _t3, _q)
                nt3 := mulmod(nt3, nt3, _q)
                nt3 := mulmod(_t3, nt3, _q)
                nt4 := mulmod(_t4, _t4, _q)
                nt4 := mulmod(nt4, nt4, _q)
                nt4 := mulmod(_t4, nt4, _q)
            }

            function sbox_partial(_t, _q) -> nt {
                nt := mulmod(_t, _t, _q)
                nt := mulmod(nt, nt, _q)
                nt := mulmod(_t, nt, _q)
            }

            // round 0
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 14397397413755236225575615486459253198602422701513067526754101844196324375522)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 1
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 10405129301473404666785234951972711717481302463898292859783056520670200613128)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 2
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 5179144822360023508491245509308555580251733042407187134628755730783052214509)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 3
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 9132640374240188374542843306219594180154739721841249568925550236430986592615)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 4
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20360807315276763881209958738450444293273549928693737723235350358403012458514)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 5
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 17933600965499023212689924809448543050840131883187652471064418452962948061619)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 6
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 3636213416533737411392076250708419981662897009810345015164671602334517041153)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 7
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 2008540005368330234524962342006691994500273283000229509835662097352946198608)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 8
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 16018407964853379535338740313053768402596521780991140819786560130595652651567)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 9
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20653139667070586705378398435856186172195806027708437373983929336015162186471)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 10
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 17887713874711369695406927657694993484804203950786446055999405564652412116765)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 11
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 4852706232225925756777361208698488277369799648067343227630786518486608711772)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 12
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 8969172011633935669771678412400911310465619639756845342775631896478908389850)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 13
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20570199545627577691240476121888846460936245025392381957866134167601058684375)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 14
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 16442329894745639881165035015179028112772410105963688121820543219662832524136)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 15
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20060625627350485876280451423010593928172611031611836167979515653463693899374)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 16
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 16637282689940520290130302519163090147511023430395200895953984829546679599107)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 17
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 15599196921909732993082127725908821049411366914683565306060493533569088698214)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 18
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 16894591341213863947423904025624185991098788054337051624251730868231322135455)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 19
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 1197934381747032348421303489683932612752526046745577259575778515005162320212)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 20
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 6172482022646932735745595886795230725225293469762393889050804649558459236626)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 21
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 21004037394166516054140386756510609698837211370585899203851827276330669555417)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 22
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 15262034989144652068456967541137853724140836132717012646544737680069032573006)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 23
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 15017690682054366744270630371095785995296470601172793770224691982518041139766)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 24
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 15159744167842240513848638419303545693472533086570469712794583342699782519832)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 25
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 11178069035565459212220861899558526502477231302924961773582350246646450941231)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 26
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 21154888769130549957415912997229564077486639529994598560737238811887296922114)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 27
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20162517328110570500010831422938033120419484532231241180224283481905744633719)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 28
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 2777362604871784250419758188173029886707024739806641263170345377816177052018)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 29
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 15732290486829619144634131656503993123618032247178179298922551820261215487562)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 30
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 6024433414579583476444635447152826813568595303270846875177844482142230009826)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 31
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 17677827682004946431939402157761289497221048154630238117709539216286149983245)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 32
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 10716307389353583413755237303156291454109852751296156900963208377067748518748)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 33
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 14925386988604173087143546225719076187055229908444910452781922028996524347508)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 34
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 8940878636401797005293482068100797531020505636124892198091491586778667442523)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 35
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 18911747154199663060505302806894425160044925686870165583944475880789706164410)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 36
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 8821532432394939099312235292271438180996556457308429936910969094255825456935)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 37
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 20632576502437623790366878538516326728436616723089049415538037018093616927643)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 38
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 71447649211767888770311304010816315780740050029903404046389165015534756512)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 39
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 2781996465394730190470582631099299305677291329609718650018200531245670229393)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 40
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 12441376330954323535872906380510501637773629931719508864016287320488688345525)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 41
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 2558302139544901035700544058046419714227464650146159803703499681139469546006)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 42
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 10087036781939179132584550273563255199577525914374285705149349445480649057058)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 43
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 4267692623754666261749551533667592242661271409704769363166965280715887854739)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 44
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 4945579503584457514844595640661884835097077318604083061152997449742124905548)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 45
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 17742335354489274412669987990603079185096280484072783973732137326144230832311)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 46
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 6266270088302506215402996795500854910256503071464802875821837403486057988208)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 47
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 2716062168542520412498610856550519519760063668165561277991771577403400784706)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 48
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 19118392018538203167410421493487769944462015419023083813301166096764262134232)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 49
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 9386595745626044000666050847309903206827901310677406022353307960932745699524)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 50
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 9121640807890366356465620448383131419933298563527245687958865317869840082266)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 51
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 3078975275808111706229899605611544294904276390490742680006005661017864583210)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 52
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 7157404299437167354719786626667769956233708887934477609633504801472827442743)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 53
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 14056248655941725362944552761799461694550787028230120190862133165195793034373)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 54
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 14124396743304355958915937804966111851843703158171757752158388556919187839849)
            t0 := sbox_partial(t0, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 55
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 11851254356749068692552943732920045260402277343008629727465773766468466181076)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 56
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 9799099446406796696742256539758943483211846559715874347178722060519817626047)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
            // round 57
            t0, t1, t2, t3, t4 := ark(t0, t1, t2, t3, t4, q, 10156146186214948683880719664738535455146137901666656566575307300522957959544)
            t0, t1, t2, t3, t4 := sbox_full(t0, t1, t2, t3, t4, q)
            t0, t1, t2, t3, t4 := mix(t0, t1, t2, t3, t4, q)
        }
        return t0;
    }

    function hash_t5f6p52(HashInputs5 memory i, uint q) internal pure returns (uint)
    {
        // validate inputs
        require(i.t0 < q, "INVALID_INPUT");
        require(i.t1 < q, "INVALID_INPUT");
        require(i.t2 < q, "INVALID_INPUT");
        require(i.t3 < q, "INVALID_INPUT");
        require(i.t4 < q, "INVALID_INPUT");

        return hash_t5f6p52_internal(i.t0, i.t1, i.t2, i.t3, i.t4, q);
    }


    //
    // hash_t7f6p52
    //

    struct HashInputs7
    {
        uint t0;
        uint t1;
        uint t2;
        uint t3;
        uint t4;
        uint t5;
        uint t6;
    }

    function mix(HashInputs7 memory i, uint q) internal pure
    {
        HashInputs7 memory o;
        o.t0 = mulmod(i.t0, 14183033936038168803360723133013092560869148726790180682363054735190196956789, q);
        o.t0 = addmod(o.t0, mulmod(i.t1, 9067734253445064890734144122526450279189023719890032859456830213166173619761, q), q);
        o.t0 = addmod(o.t0, mulmod(i.t2, 16378664841697311562845443097199265623838619398287411428110917414833007677155, q), q);
        o.t0 = addmod(o.t0, mulmod(i.t3, 12968540216479938138647596899147650021419273189336843725176422194136033835172, q), q);
        o.t0 = addmod(o.t0, mulmod(i.t4, 3636162562566338420490575570584278737093584021456168183289112789616069756675, q), q);
        o.t0 = addmod(o.t0, mulmod(i.t5, 8949952361235797771659501126471156178804092479420606597426318793013844305422, q), q);
        o.t0 = addmod(o.t0, mulmod(i.t6, 13586657904816433080148729258697725609063090799921401830545410130405357110367, q), q);
        o.t1 = mulmod(i.t0, 2799255644797227968811798608332314218966179365168250111693473252876996230317, q);
        o.t1 = addmod(o.t1, mulmod(i.t1, 2482058150180648511543788012634934806465808146786082148795902594096349483974, q), q);
        o.t1 = addmod(o.t1, mulmod(i.t2, 16563522740626180338295201738437974404892092704059676533096069531044355099628, q), q);
        o.t1 = addmod(o.t1, mulmod(i.t3, 10468644849657689537028565510142839489302836569811003546969773105463051947124, q), q);
        o.t1 = addmod(o.t1, mulmod(i.t4, 3328913364598498171733622353010907641674136720305714432354138807013088636408, q), q);
        o.t1 = addmod(o.t1, mulmod(i.t5, 8642889650254799419576843603477253661899356105675006557919250564400804756641, q), q);
        o.t1 = addmod(o.t1, mulmod(i.t6, 14300697791556510113764686242794463641010174685800128469053974698256194076125, q), q);
        o.t2 = mulmod(i.t0, 8652975463545710606098548415650457376967119951977109072274595329619335974180, q);
        o.t2 = addmod(o.t2, mulmod(i.t1, 970943815872417895015626519859542525373809485973005165410533315057253476903, q), q);
        o.t2 = addmod(o.t2, mulmod(i.t2, 19406667490568134101658669326517700199745817783746545889094238643063688871948, q), q);
        o.t2 = addmod(o.t2, mulmod(i.t3, 17049854690034965250221386317058877242629221002521630573756355118745574274967, q), q);
        o.t2 = addmod(o.t2, mulmod(i.t4, 4964394613021008685803675656098849539153699842663541444414978877928878266244, q), q);
        o.t2 = addmod(o.t2, mulmod(i.t5, 15474947305445649466370538888925567099067120578851553103424183520405650587995, q), q);
        o.t2 = addmod(o.t2, mulmod(i.t6, 1016119095639665978105768933448186152078842964810837543326777554729232767846, q), q);
        o.t3 = mulmod(i.t0, 9077319817220936628089890431129759976815127354480867310384708941479362824016, q);
        o.t3 = addmod(o.t3, mulmod(i.t1, 4770370314098695913091200576539533727214143013236894216582648993741910829490, q), q);
        o.t3 = addmod(o.t3, mulmod(i.t2, 4298564056297802123194408918029088169104276109138370115401819933600955259473, q), q);
        o.t3 = addmod(o.t3, mulmod(i.t3, 6905514380186323693285869145872115273350947784558995755916362330070690839131, q), q);
        o.t3 = addmod(o.t3, mulmod(i.t4, 4783343257810358393326889022942241108539824540285247795235499223017138301952, q), q);
        o.t3 = addmod(o.t3, mulmod(i.t5, 1420772902128122367335354247676760257656541121773854204774788519230732373317, q), q);
        o.t3 = addmod(o.t3, mulmod(i.t6, 14172871439045259377975734198064051992755748777535789572469924335100006948373, q), q);
        o.t4 = mulmod(i.t0, 8303849270045876854140023508764676765932043944545416856530551331270859502246, q);
        o.t4 = addmod(o.t4, mulmod(i.t1, 20218246699596954048529384569730026273241102596326201163062133863539137060414, q), q);
        o.t4 = addmod(o.t4, mulmod(i.t2, 1712845821388089905746651754894206522004527237615042226559791118162382909269, q), q);
        o.t4 = addmod(o.t4, mulmod(i.t3, 13001155522144542028910638547179410124467185319212645031214919884423841839406, q), q);
        o.t4 = addmod(o.t4, mulmod(i.t4, 16037892369576300958623292723740289861626299352695838577330319504984091062115, q), q);
        o.t4 = addmod(o.t4, mulmod(i.t5, 19189494548480259335554606182055502469831573298885662881571444557262020106898, q), q);
        o.t4 = addmod(o.t4, mulmod(i.t6, 19032687447778391106390582750185144485341165205399984747451318330476859342654, q), q);
        o.t5 = mulmod(i.t0, 13272957914179340594010910867091459756043436017766464331915862093201960540910, q);
        o.t5 = addmod(o.t5, mulmod(i.t1, 9416416589114508529880440146952102328470363729880726115521103179442988482948, q), q);
        o.t5 = addmod(o.t5, mulmod(i.t2, 8035240799672199706102747147502951589635001418759394863664434079699838251138, q), q);
        o.t5 = addmod(o.t5, mulmod(i.t3, 21642389080762222565487157652540372010968704000567605990102641816691459811717, q), q);
        o.t5 = addmod(o.t5, mulmod(i.t4, 20261355950827657195644012399234591122288573679402601053407151083849785332516, q), q);
        o.t5 = addmod(o.t5, mulmod(i.t5, 14514189384576734449268559374569145463190040567900950075547616936149781403109, q), q);
        o.t5 = addmod(o.t5, mulmod(i.t6, 19038036134886073991945204537416211699632292792787812530208911676638479944765, q), q);
        o.t6 = mulmod(i.t0, 15627836782263662543041758927100784213807648787083018234961118439434298020664, q);
        o.t6 = addmod(o.t6, mulmod(i.t1, 5655785191024506056588710805596292231240948371113351452712848652644610823632, q), q);
        o.t6 = addmod(o.t6, mulmod(i.t2, 8265264721707292643644260517162050867559314081394556886644673791575065394002, q), q);
        o.t6 = addmod(o.t6, mulmod(i.t3, 17151144681903609082202835646026478898625761142991787335302962548605510241586, q), q);
        o.t6 = addmod(o.t6, mulmod(i.t4, 18731644709777529787185361516475509623264209648904603914668024590231177708831, q), q);
        o.t6 = addmod(o.t6, mulmod(i.t5, 20697789991623248954020701081488146717484139720322034504511115160686216223641, q), q);
        o.t6 = addmod(o.t6, mulmod(i.t6, 6200020095464686209289974437830528853749866001482481427982839122465470640886, q), q);
        i.t0 = o.t0;
        i.t1 = o.t1;
        i.t2 = o.t2;
        i.t3 = o.t3;
        i.t4 = o.t4;
        i.t5 = o.t5;
        i.t6 = o.t6;
    }

    function ark(HashInputs7 memory i, uint q, uint c) internal pure
    {
        HashInputs7 memory o;
        o.t0 = addmod(i.t0, c, q);
        o.t1 = addmod(i.t1, c, q);
        o.t2 = addmod(i.t2, c, q);
        o.t3 = addmod(i.t3, c, q);
        o.t4 = addmod(i.t4, c, q);
        o.t5 = addmod(i.t5, c, q);
        o.t6 = addmod(i.t6, c, q);
        i.t0 = o.t0;
        i.t1 = o.t1;
        i.t2 = o.t2;
        i.t3 = o.t3;
        i.t4 = o.t4;
        i.t5 = o.t5;
        i.t6 = o.t6;
    }

    function sbox_full(HashInputs7 memory i, uint q) internal pure
    {
        HashInputs7 memory o;
        o.t0 = mulmod(i.t0, i.t0, q);
        o.t0 = mulmod(o.t0, o.t0, q);
        o.t0 = mulmod(i.t0, o.t0, q);
        o.t1 = mulmod(i.t1, i.t1, q);
        o.t1 = mulmod(o.t1, o.t1, q);
        o.t1 = mulmod(i.t1, o.t1, q);
        o.t2 = mulmod(i.t2, i.t2, q);
        o.t2 = mulmod(o.t2, o.t2, q);
        o.t2 = mulmod(i.t2, o.t2, q);
        o.t3 = mulmod(i.t3, i.t3, q);
        o.t3 = mulmod(o.t3, o.t3, q);
        o.t3 = mulmod(i.t3, o.t3, q);
        o.t4 = mulmod(i.t4, i.t4, q);
        o.t4 = mulmod(o.t4, o.t4, q);
        o.t4 = mulmod(i.t4, o.t4, q);
        o.t5 = mulmod(i.t5, i.t5, q);
        o.t5 = mulmod(o.t5, o.t5, q);
        o.t5 = mulmod(i.t5, o.t5, q);
        o.t6 = mulmod(i.t6, i.t6, q);
        o.t6 = mulmod(o.t6, o.t6, q);
        o.t6 = mulmod(i.t6, o.t6, q);
        i.t0 = o.t0;
        i.t1 = o.t1;
        i.t2 = o.t2;
        i.t3 = o.t3;
        i.t4 = o.t4;
        i.t5 = o.t5;
        i.t6 = o.t6;
    }

    function sbox_partial(HashInputs7 memory i, uint q) internal pure
    {
        HashInputs7 memory o;
        o.t0 = mulmod(i.t0, i.t0, q);
        o.t0 = mulmod(o.t0, o.t0, q);
        o.t0 = mulmod(i.t0, o.t0, q);
        i.t0 = o.t0;
    }

    function hash_t7f6p52(HashInputs7 memory i, uint q) internal pure returns (uint)
    {
        // validate inputs
        require(i.t0 < q, "INVALID_INPUT");
        require(i.t1 < q, "INVALID_INPUT");
        require(i.t2 < q, "INVALID_INPUT");
        require(i.t3 < q, "INVALID_INPUT");
        require(i.t4 < q, "INVALID_INPUT");
        require(i.t5 < q, "INVALID_INPUT");
        require(i.t6 < q, "INVALID_INPUT");

        // round 0
        ark(i, q, 14397397413755236225575615486459253198602422701513067526754101844196324375522);
        sbox_full(i, q);
        mix(i, q);
        // round 1
        ark(i, q, 10405129301473404666785234951972711717481302463898292859783056520670200613128);
        sbox_full(i, q);
        mix(i, q);
        // round 2
        ark(i, q, 5179144822360023508491245509308555580251733042407187134628755730783052214509);
        sbox_full(i, q);
        mix(i, q);
        // round 3
        ark(i, q, 9132640374240188374542843306219594180154739721841249568925550236430986592615);
        sbox_partial(i, q);
        mix(i, q);
        // round 4
        ark(i, q, 20360807315276763881209958738450444293273549928693737723235350358403012458514);
        sbox_partial(i, q);
        mix(i, q);
        // round 5
        ark(i, q, 17933600965499023212689924809448543050840131883187652471064418452962948061619);
        sbox_partial(i, q);
        mix(i, q);
        // round 6
        ark(i, q, 3636213416533737411392076250708419981662897009810345015164671602334517041153);
        sbox_partial(i, q);
        mix(i, q);
        // round 7
        ark(i, q, 2008540005368330234524962342006691994500273283000229509835662097352946198608);
        sbox_partial(i, q);
        mix(i, q);
        // round 8
        ark(i, q, 16018407964853379535338740313053768402596521780991140819786560130595652651567);
        sbox_partial(i, q);
        mix(i, q);
        // round 9
        ark(i, q, 20653139667070586705378398435856186172195806027708437373983929336015162186471);
        sbox_partial(i, q);
        mix(i, q);
        // round 10
        ark(i, q, 17887713874711369695406927657694993484804203950786446055999405564652412116765);
        sbox_partial(i, q);
        mix(i, q);
        // round 11
        ark(i, q, 4852706232225925756777361208698488277369799648067343227630786518486608711772);
        sbox_partial(i, q);
        mix(i, q);
        // round 12
        ark(i, q, 8969172011633935669771678412400911310465619639756845342775631896478908389850);
        sbox_partial(i, q);
        mix(i, q);
        // round 13
        ark(i, q, 20570199545627577691240476121888846460936245025392381957866134167601058684375);
        sbox_partial(i, q);
        mix(i, q);
        // round 14
        ark(i, q, 16442329894745639881165035015179028112772410105963688121820543219662832524136);
        sbox_partial(i, q);
        mix(i, q);
        // round 15
        ark(i, q, 20060625627350485876280451423010593928172611031611836167979515653463693899374);
        sbox_partial(i, q);
        mix(i, q);
        // round 16
        ark(i, q, 16637282689940520290130302519163090147511023430395200895953984829546679599107);
        sbox_partial(i, q);
        mix(i, q);
        // round 17
        ark(i, q, 15599196921909732993082127725908821049411366914683565306060493533569088698214);
        sbox_partial(i, q);
        mix(i, q);
        // round 18
        ark(i, q, 16894591341213863947423904025624185991098788054337051624251730868231322135455);
        sbox_partial(i, q);
        mix(i, q);
        // round 19
        ark(i, q, 1197934381747032348421303489683932612752526046745577259575778515005162320212);
        sbox_partial(i, q);
        mix(i, q);
        // round 20
        ark(i, q, 6172482022646932735745595886795230725225293469762393889050804649558459236626);
        sbox_partial(i, q);
        mix(i, q);
        // round 21
        ark(i, q, 21004037394166516054140386756510609698837211370585899203851827276330669555417);
        sbox_partial(i, q);
        mix(i, q);
        // round 22
        ark(i, q, 15262034989144652068456967541137853724140836132717012646544737680069032573006);
        sbox_partial(i, q);
        mix(i, q);
        // round 23
        ark(i, q, 15017690682054366744270630371095785995296470601172793770224691982518041139766);
        sbox_partial(i, q);
        mix(i, q);
        // round 24
        ark(i, q, 15159744167842240513848638419303545693472533086570469712794583342699782519832);
        sbox_partial(i, q);
        mix(i, q);
        // round 25
        ark(i, q, 11178069035565459212220861899558526502477231302924961773582350246646450941231);
        sbox_partial(i, q);
        mix(i, q);
        // round 26
        ark(i, q, 21154888769130549957415912997229564077486639529994598560737238811887296922114);
        sbox_partial(i, q);
        mix(i, q);
        // round 27
        ark(i, q, 20162517328110570500010831422938033120419484532231241180224283481905744633719);
        sbox_partial(i, q);
        mix(i, q);
        // round 28
        ark(i, q, 2777362604871784250419758188173029886707024739806641263170345377816177052018);
        sbox_partial(i, q);
        mix(i, q);
        // round 29
        ark(i, q, 15732290486829619144634131656503993123618032247178179298922551820261215487562);
        sbox_partial(i, q);
        mix(i, q);
        // round 30
        ark(i, q, 6024433414579583476444635447152826813568595303270846875177844482142230009826);
        sbox_partial(i, q);
        mix(i, q);
        // round 31
        ark(i, q, 17677827682004946431939402157761289497221048154630238117709539216286149983245);
        sbox_partial(i, q);
        mix(i, q);
        // round 32
        ark(i, q, 10716307389353583413755237303156291454109852751296156900963208377067748518748);
        sbox_partial(i, q);
        mix(i, q);
        // round 33
        ark(i, q, 14925386988604173087143546225719076187055229908444910452781922028996524347508);
        sbox_partial(i, q);
        mix(i, q);
        // round 34
        ark(i, q, 8940878636401797005293482068100797531020505636124892198091491586778667442523);
        sbox_partial(i, q);
        mix(i, q);
        // round 35
        ark(i, q, 18911747154199663060505302806894425160044925686870165583944475880789706164410);
        sbox_partial(i, q);
        mix(i, q);
        // round 36
        ark(i, q, 8821532432394939099312235292271438180996556457308429936910969094255825456935);
        sbox_partial(i, q);
        mix(i, q);
        // round 37
        ark(i, q, 20632576502437623790366878538516326728436616723089049415538037018093616927643);
        sbox_partial(i, q);
        mix(i, q);
        // round 38
        ark(i, q, 71447649211767888770311304010816315780740050029903404046389165015534756512);
        sbox_partial(i, q);
        mix(i, q);
        // round 39
        ark(i, q, 2781996465394730190470582631099299305677291329609718650018200531245670229393);
        sbox_partial(i, q);
        mix(i, q);
        // round 40
        ark(i, q, 12441376330954323535872906380510501637773629931719508864016287320488688345525);
        sbox_partial(i, q);
        mix(i, q);
        // round 41
        ark(i, q, 2558302139544901035700544058046419714227464650146159803703499681139469546006);
        sbox_partial(i, q);
        mix(i, q);
        // round 42
        ark(i, q, 10087036781939179132584550273563255199577525914374285705149349445480649057058);
        sbox_partial(i, q);
        mix(i, q);
        // round 43
        ark(i, q, 4267692623754666261749551533667592242661271409704769363166965280715887854739);
        sbox_partial(i, q);
        mix(i, q);
        // round 44
        ark(i, q, 4945579503584457514844595640661884835097077318604083061152997449742124905548);
        sbox_partial(i, q);
        mix(i, q);
        // round 45
        ark(i, q, 17742335354489274412669987990603079185096280484072783973732137326144230832311);
        sbox_partial(i, q);
        mix(i, q);
        // round 46
        ark(i, q, 6266270088302506215402996795500854910256503071464802875821837403486057988208);
        sbox_partial(i, q);
        mix(i, q);
        // round 47
        ark(i, q, 2716062168542520412498610856550519519760063668165561277991771577403400784706);
        sbox_partial(i, q);
        mix(i, q);
        // round 48
        ark(i, q, 19118392018538203167410421493487769944462015419023083813301166096764262134232);
        sbox_partial(i, q);
        mix(i, q);
        // round 49
        ark(i, q, 9386595745626044000666050847309903206827901310677406022353307960932745699524);
        sbox_partial(i, q);
        mix(i, q);
        // round 50
        ark(i, q, 9121640807890366356465620448383131419933298563527245687958865317869840082266);
        sbox_partial(i, q);
        mix(i, q);
        // round 51
        ark(i, q, 3078975275808111706229899605611544294904276390490742680006005661017864583210);
        sbox_partial(i, q);
        mix(i, q);
        // round 52
        ark(i, q, 7157404299437167354719786626667769956233708887934477609633504801472827442743);
        sbox_partial(i, q);
        mix(i, q);
        // round 53
        ark(i, q, 14056248655941725362944552761799461694550787028230120190862133165195793034373);
        sbox_partial(i, q);
        mix(i, q);
        // round 54
        ark(i, q, 14124396743304355958915937804966111851843703158171757752158388556919187839849);
        sbox_partial(i, q);
        mix(i, q);
        // round 55
        ark(i, q, 11851254356749068692552943732920045260402277343008629727465773766468466181076);
        sbox_full(i, q);
        mix(i, q);
        // round 56
        ark(i, q, 9799099446406796696742256539758943483211846559715874347178722060519817626047);
        sbox_full(i, q);
        mix(i, q);
        // round 57
        ark(i, q, 10156146186214948683880719664738535455146137901666656566575307300522957959544);
        sbox_full(i, q);
        mix(i, q);

        return i.t0;
    }
}


// File: contracts/core/impl/libexchange/ExchangeBalances.sol

// Copyright 2017 Loopring Technology Limited.





/// @title ExchangeBalances.
/// @author Daniel Wang  - <[email protected]>
/// @author Brecht Devos - <[email protected]>
library ExchangeBalances
{
    using MathUint  for uint;

    function verifyAccountBalance(
        uint                              merkleRoot,
        ExchangeData.MerkleProof calldata merkleProof
        )
        public
        pure
    {
        require(
            isAccountBalanceCorrect(merkleRoot, merkleProof),
            "INVALID_MERKLE_TREE_DATA"
        );
    }

    function isAccountBalanceCorrect(
        uint                            merkleRoot,
        ExchangeData.MerkleProof memory merkleProof
        )
        public
        pure
        returns (bool)
    {
        // Calculate the Merkle root using the Merkle paths provided
        uint calculatedRoot = getBalancesRoot(
            merkleProof.balanceLeaf.tokenID,
            merkleProof.balanceLeaf.balance,
            merkleProof.balanceLeaf.weightAMM,
            merkleProof.balanceLeaf.storageRoot,
            merkleProof.balanceMerkleProof
        );
        calculatedRoot = getAccountInternalsRoot(
            merkleProof.accountLeaf.accountID,
            merkleProof.accountLeaf.owner,
            merkleProof.accountLeaf.pubKeyX,
            merkleProof.accountLeaf.pubKeyY,
            merkleProof.accountLeaf.nonce,
            merkleProof.accountLeaf.feeBipsAMM,
            calculatedRoot,
            merkleProof.accountMerkleProof
        );
        // Check against the expected Merkle root
        return (calculatedRoot == merkleRoot);
    }

    function getBalancesRoot(
        uint16   tokenID,
        uint     balance,
        uint     weightAMM,
        uint     storageRoot,
        uint[24] memory balanceMerkleProof
        )
        private
        pure
        returns (uint)
    {
        // Hash the balance leaf
        uint balanceItem = hashImpl(balance, weightAMM, storageRoot, 0);
        // Calculate the Merkle root of the balance quad Merkle tree
        uint _id = tokenID;
        for (uint depth = 0; depth < 8; depth++) {
            uint base = depth * 3;
            if (_id & 3 == 0) {
                balanceItem = hashImpl(
                    balanceItem,
                    balanceMerkleProof[base],
                    balanceMerkleProof[base + 1],
                    balanceMerkleProof[base + 2]
                );
            } else if (_id & 3 == 1) {
                balanceItem = hashImpl(
                    balanceMerkleProof[base],
                    balanceItem,
                    balanceMerkleProof[base + 1],
                    balanceMerkleProof[base + 2]
                );
            } else if (_id & 3 == 2) {
                balanceItem = hashImpl(
                    balanceMerkleProof[base],
                    balanceMerkleProof[base + 1],
                    balanceItem,
                    balanceMerkleProof[base + 2]
                );
            } else if (_id & 3 == 3) {
                balanceItem = hashImpl(
                    balanceMerkleProof[base],
                    balanceMerkleProof[base + 1],
                    balanceMerkleProof[base + 2],
                    balanceItem
                );
            }
            _id = _id >> 2;
        }
        return balanceItem;
    }

    function getAccountInternalsRoot(
        uint32   accountID,
        address  owner,
        uint     pubKeyX,
        uint     pubKeyY,
        uint     nonce,
        uint     feeBipsAMM,
        uint     balancesRoot,
        uint[48] memory accountMerkleProof
        )
        private
        pure
        returns (uint)
    {
        // Hash the account leaf
        uint accountItem = hashAccountLeaf(uint(owner), pubKeyX, pubKeyY, nonce, feeBipsAMM, balancesRoot);
        // Calculate the Merkle root of the account quad Merkle tree
        uint _id = accountID;
        for (uint depth = 0; depth < 16; depth++) {
            uint base = depth * 3;
            if (_id & 3 == 0) {
                accountItem = hashImpl(
                    accountItem,
                    accountMerkleProof[base],
                    accountMerkleProof[base + 1],
                    accountMerkleProof[base + 2]
                );
            } else if (_id & 3 == 1) {
                accountItem = hashImpl(
                    accountMerkleProof[base],
                    accountItem,
                    accountMerkleProof[base + 1],
                    accountMerkleProof[base + 2]
                );
            } else if (_id & 3 == 2) {
                accountItem = hashImpl(
                    accountMerkleProof[base],
                    accountMerkleProof[base + 1],
                    accountItem,
                    accountMerkleProof[base + 2]
                );
            } else if (_id & 3 == 3) {
                accountItem = hashImpl(
                    accountMerkleProof[base],
                    accountMerkleProof[base + 1],
                    accountMerkleProof[base + 2],
                    accountItem
                );
            }
            _id = _id >> 2;
        }
        return accountItem;
    }

    function hashAccountLeaf(
        uint t0,
        uint t1,
        uint t2,
        uint t3,
        uint t4,
        uint t5
        )
        public
        pure
        returns (uint)
    {
        Poseidon.HashInputs7 memory inputs = Poseidon.HashInputs7(t0, t1, t2, t3, t4, t5, 0);
        return Poseidon.hash_t7f6p52(inputs, ExchangeData.SNARK_SCALAR_FIELD);
    }

    function hashImpl(
        uint t0,
        uint t1,
        uint t2,
        uint t3
        )
        private
        pure
        returns (uint)
    {
        Poseidon.HashInputs5 memory inputs = Poseidon.HashInputs5(t0, t1, t2, t3, 0);
        return Poseidon.hash_t5f6p52(inputs, ExchangeData.SNARK_SCALAR_FIELD);
    }
}

// File: contracts/lib/ERC20SafeTransfer.sol

// Copyright 2017 Loopring Technology Limited.


/// @title ERC20 safe transfer
/// @dev see https://github.com/sec-bit/badERC20Fix
/// @author Brecht Devos - <[email protected]>
library ERC20SafeTransfer
{
    function safeTransferAndVerify(
        address token,
        address to,
        uint    value
        )
        internal
    {
        safeTransferWithGasLimitAndVerify(
            token,
            to,
            value,
            gasleft()
        );
    }

    function safeTransfer(
        address token,
        address to,
        uint    value
        )
        internal
        returns (bool)
    {
        return safeTransferWithGasLimit(
            token,
            to,
            value,
            gasleft()
        );
    }

    function safeTransferWithGasLimitAndVerify(
        address token,
        address to,
        uint    value,
        uint    gasLimit
        )
        internal
    {
        require(
            safeTransferWithGasLimit(token, to, value, gasLimit),
            "TRANSFER_FAILURE"
        );
    }

    function safeTransferWithGasLimit(
        address token,
        address to,
        uint    value,
        uint    gasLimit
        )
        internal
        returns (bool)
    {
        // A transfer is successful when 'call' is successful and depending on the token:
        // - No value is returned: we assume a revert when the transfer failed (i.e. 'call' returns false)
        // - A single boolean is returned: this boolean needs to be true (non-zero)

        // bytes4(keccak256("transfer(address,uint256)")) = 0xa9059cbb
        bytes memory callData = abi.encodeWithSelector(
            bytes4(0xa9059cbb),
            to,
            value
        );
        (bool success, ) = token.call{gas: gasLimit}(callData);
        return checkReturnValue(success);
    }

    function safeTransferFromAndVerify(
        address token,
        address from,
        address to,
        uint    value
        )
        internal
    {
        safeTransferFromWithGasLimitAndVerify(
            token,
            from,
            to,
            value,
            gasleft()
        );
    }

    function safeTransferFrom(
        address token,
        address from,
        address to,
        uint    value
        )
        internal
        returns (bool)
    {
        return safeTransferFromWithGasLimit(
            token,
            from,
            to,
            value,
            gasleft()
        );
    }

    function safeTransferFromWithGasLimitAndVerify(
        address token,
        address from,
        address to,
        uint    value,
        uint    gasLimit
        )
        internal
    {
        bool result = safeTransferFromWithGasLimit(
            token,
            from,
            to,
            value,
            gasLimit
        );
        require(result, "TRANSFER_FAILURE");
    }

    function safeTransferFromWithGasLimit(
        address token,
        address from,
        address to,
        uint    value,
        uint    gasLimit
        )
        internal
        returns (bool)
    {
        // A transferFrom is successful when 'call' is successful and depending on the token:
        // - No value is returned: we assume a revert when the transfer failed (i.e. 'call' returns false)
        // - A single boolean is returned: this boolean needs to be true (non-zero)

        // bytes4(keccak256("transferFrom(address,address,uint256)")) = 0x23b872dd
        bytes memory callData = abi.encodeWithSelector(
            bytes4(0x23b872dd),
            from,
            to,
            value
        );
        (bool success, ) = token.call{gas: gasLimit}(callData);
        return checkReturnValue(success);
    }

    function checkReturnValue(
        bool success
        )
        internal
        pure
        returns (bool)
    {
        // A transfer/transferFrom is successful when 'call' is successful and depending on the token:
        // - No value is returned: we assume a revert when the transfer failed (i.e. 'call' returns false)
        // - A single boolean is returned: this boolean needs to be true (non-zero)
        if (success) {
            assembly {
                switch returndatasize()
                // Non-standard ERC20: nothing is returned so if 'call' was successful we assume the transfer succeeded
                case 0 {
                    success := 1
                }
                // Standard ERC20: a single boolean value is returned which needs to be true
                case 32 {
                    returndatacopy(0, 0, 32)
                    success := mload(0)
                }
                // None of the above: not successful
                default {
                    success := 0
                }
            }
        }
        return success;
    }
}

// File: contracts/core/impl/libexchange/ExchangeTokens.sol

// Copyright 2017 Loopring Technology Limited.






/// @title ExchangeTokens.
/// @author Daniel Wang  - <[email protected]>
/// @author Brecht Devos - <[email protected]>
library ExchangeTokens
{
    using MathUint          for uint;
    using ERC20SafeTransfer for address;
    using ExchangeMode      for ExchangeData.State;

    event TokenRegistered(
        address token,
        uint16  tokenId
    );

    function getTokenAddress(
        ExchangeData.State storage S,
        uint16 tokenID
        )
        public
        view
        returns (address)
    {
        require(tokenID < S.tokens.length, "INVALID_TOKEN_ID");
        return S.tokens[tokenID].token;
    }

    function registerToken(
        ExchangeData.State storage S,
        address tokenAddress
        )
        public
        returns (uint16 tokenID)
    {
        require(!S.isInWithdrawalMode(), "INVALID_MODE");
        require(S.tokenToTokenId[tokenAddress] == 0, "TOKEN_ALREADY_EXIST");
        require(S.tokens.length < ExchangeData.MAX_NUM_TOKENS, "TOKEN_REGISTRY_FULL");

        // Check if the deposit contract supports the new token
        if (S.depositContract != IDepositContract(0)) {
            require(
                S.depositContract.isTokenSupported(tokenAddress),
                "UNSUPPORTED_TOKEN"
            );
        }

        // Assign a tokenID and store the token
        ExchangeData.Token memory token = ExchangeData.Token(
            tokenAddress
        );
        tokenID = uint16(S.tokens.length);
        S.tokens.push(token);
        S.tokenToTokenId[tokenAddress] = tokenID + 1;

        emit TokenRegistered(tokenAddress, tokenID);
    }

    function getTokenID(
        ExchangeData.State storage S,
        address tokenAddress
        )
        internal  // inline call
        view
        returns (uint16 tokenID)
    {
        tokenID = S.tokenToTokenId[tokenAddress];
        require(tokenID != 0, "TOKEN_NOT_FOUND");
        tokenID = tokenID - 1;
    }
}

// File: contracts/core/impl/libexchange/ExchangeWithdrawals.sol

// Copyright 2017 Loopring Technology Limited.








/// @title ExchangeWithdrawals.
/// @author Brecht Devos - <[email protected]>
/// @author Daniel Wang  - <[email protected]>
library ExchangeWithdrawals
{
    enum WithdrawalCategory
    {
        DISTRIBUTION,
        FROM_MERKLE_TREE,
        FROM_DEPOSIT_REQUEST,
        FROM_APPROVED_WITHDRAWAL
    }

    using AddressUtil       for address;
    using AddressUtil       for address payable;
    using BytesUtil         for bytes;
    using MathUint          for uint;
    using ExchangeBalances  for ExchangeData.State;
    using ExchangeMode      for ExchangeData.State;
    using ExchangeTokens    for ExchangeData.State;

    event ForcedWithdrawalRequested(
        address owner,
        address token,
        uint32  accountID
    );

    event WithdrawalCompleted(
        uint8   category,
        address from,
        address to,
        address token,
        uint    amount
    );

    event WithdrawalFailed(
        uint8   category,
        address from,
        address to,
        address token,
        uint    amount
    );

    function forceWithdraw(
        ExchangeData.State storage S,
        address owner,
        address token,
        uint32  accountID
        )
        public
    {
        require(!S.isInWithdrawalMode(), "INVALID_MODE");
        // Limit the amount of pending forced withdrawals so that the owner cannot be overwhelmed.
        require(S.getNumAvailableForcedSlots() > 0, "TOO_MANY_REQUESTS_OPEN");
        require(accountID < ExchangeData.MAX_NUM_ACCOUNTS, "INVALID_ACCOUNTID");

        uint16 tokenID = S.getTokenID(token);

        // A user needs to pay a fixed ETH withdrawal fee, set by the protocol.
        uint withdrawalFeeETH = S.loopring.forcedWithdrawalFee();

        // Check ETH value sent, can be larger than the expected withdraw fee
        require(msg.value >= withdrawalFeeETH, "INSUFFICIENT_FEE");

        // Send surplus of ETH back to the sender
        uint feeSurplus = msg.value.sub(withdrawalFeeETH);
        if (feeSurplus > 0) {
            msg.sender.sendETHAndVerify(feeSurplus, gasleft());
        }

        // There can only be a single forced withdrawal per (account, token) pair.
        require(
            S.pendingForcedWithdrawals[accountID][tokenID].timestamp == 0,
            "WITHDRAWAL_ALREADY_PENDING"
        );

        // Store the forced withdrawal request data
        S.pendingForcedWithdrawals[accountID][tokenID] = ExchangeData.ForcedWithdrawal({
            owner: owner,
            timestamp: uint64(block.timestamp)
        });

        // Increment the number of pending forced transactions so we can keep count.
        S.numPendingForcedTransactions++;

        emit ForcedWithdrawalRequested(
            owner,
            token,
            accountID
        );
    }

    // We alow anyone to withdraw these funds for the account owner
    function withdrawFromMerkleTree(
        ExchangeData.State       storage S,
        ExchangeData.MerkleProof calldata merkleProof
        )
        public
    {
        require(S.isInWithdrawalMode(), "NOT_IN_WITHDRAW_MODE");

        address owner = merkleProof.accountLeaf.owner;
        uint32 accountID = merkleProof.accountLeaf.accountID;
        uint16 tokenID = merkleProof.balanceLeaf.tokenID;
        uint96 balance = merkleProof.balanceLeaf.balance;

        // Make sure the funds aren't withdrawn already.
        require(S.withdrawnInWithdrawMode[accountID][tokenID] == false, "WITHDRAWN_ALREADY");

        // Verify that the provided Merkle tree data is valid by using the Merkle proof.
        ExchangeBalances.verifyAccountBalance(
            uint(S.merkleRoot),
            merkleProof
        );

        // Make sure the balance can only be withdrawn once
        S.withdrawnInWithdrawMode[accountID][tokenID] = true;

        // Transfer the tokens to the account owner
        transferTokens(
            S,
            uint8(WithdrawalCategory.FROM_MERKLE_TREE),
            owner,
            owner,
            tokenID,
            balance,
            new bytes(0),
            gasleft(),
            false
        );
    }

    function withdrawFromDepositRequest(
        ExchangeData.State storage S,
        address owner,
        address token
        )
        public
    {
        uint16 tokenID = S.getTokenID(token);
        ExchangeData.Deposit storage deposit = S.pendingDeposits[owner][tokenID];
        require(deposit.timestamp != 0, "DEPOSIT_NOT_WITHDRAWABLE_YET");

        // Check if the deposit has indeed exceeded the time limit of if the exchange is in withdrawal mode
        require(
            block.timestamp >= deposit.timestamp + S.maxAgeDepositUntilWithdrawable ||
            S.isInWithdrawalMode(),
            "DEPOSIT_NOT_WITHDRAWABLE_YET"
        );

        uint amount = deposit.amount;

        // Reset the deposit request
        delete S.pendingDeposits[owner][tokenID];

        // Transfer the tokens
        transferTokens(
            S,
            uint8(WithdrawalCategory.FROM_DEPOSIT_REQUEST),
            owner,
            owner,
            tokenID,
            amount,
            new bytes(0),
            gasleft(),
            false
        );
    }

    function withdrawFromApprovedWithdrawals(
        ExchangeData.State storage S,
        address[] memory owners,
        address[] memory tokens
        )
        public
    {
        require(owners.length == tokens.length, "INVALID_INPUT_DATA");
        for (uint i = 0; i < owners.length; i++) {
            address owner = owners[i];
            uint16 tokenID = S.getTokenID(tokens[i]);
            uint amount = S.amountWithdrawable[owner][tokenID];

            // Make sure this amount can't be withdrawn again
            delete S.amountWithdrawable[owner][tokenID];

            // Transfer the tokens to the owner
            transferTokens(
                S,
                uint8(WithdrawalCategory.FROM_APPROVED_WITHDRAWAL),
                owner,
                owner,
                tokenID,
                amount,
                new bytes(0),
                gasleft(),
                false
            );
        }
    }

    function distributeWithdrawal(
        ExchangeData.State storage S,
        address from,
        address to,
        uint16  tokenID,
        uint    amount,
        bytes   memory extraData,
        uint    gasLimit
        )
        public
    {
        // Try to transfer the tokens
        bool success = transferTokens(
            S,
            uint8(WithdrawalCategory.DISTRIBUTION),
            from,
            to,
            tokenID,
            amount,
            extraData,
            gasLimit,
            true
        );
        // If the transfer was successful there's nothing left to do.
        // However, if the transfer failed the tokens are still in the contract and can be
        // withdrawn later to `to` by anyone by using `withdrawFromApprovedWithdrawal.
        if (!success) {
            S.amountWithdrawable[to][tokenID] = S.amountWithdrawable[to][tokenID].add(amount);
        }
    }

    // == Internal and Private Functions ==

    // If allowFailure is true the transfer can fail because of a transfer error or
    // because the transfer uses more than `gasLimit` gas. The function
    // will return true when successful, false otherwise.
    // If allowFailure is false the transfer is guaranteed to succeed using
    // as much gas as needed, otherwise it throws. The function always returns true.
    function transferTokens(
        ExchangeData.State storage S,
        uint8   category,
        address from,
        address to,
        uint16  tokenID,
        uint    amount,
        bytes   memory extraData,
        uint    gasLimit,
        bool    allowFailure
        )
        private
        returns (bool success)
    {
        // Redirect withdrawals to address(0) to the protocol fee vault
        if (to == address(0)) {
            to = S.loopring.protocolFeeVault();
        }
        address token = S.getTokenAddress(tokenID);

        // Transfer the tokens from the deposit contract to the owner
        if (gasLimit > 0) {
            try S.depositContract.withdraw{gas: gasLimit}(from, to, token, amount, extraData) {
                success = true;
            } catch {
                success = false;
            }
        } else {
            success = false;
        }

        require(allowFailure || success, "TRANSFER_FAILURE");

        if (success) {
            emit WithdrawalCompleted(category, from, to, token, amount);

            // Keep track of when the protocol fees were last withdrawn
            // (only done to make this data easier available).
            if (from == address(0)) {
                S.protocolFeeLastWithdrawnTime[token] = block.timestamp;
            }
        } else {
            emit WithdrawalFailed(category, from, to, token, amount);
        }
    }
}

// File: contracts/core/impl/libtransactions/WithdrawTransaction.sol

// Copyright 2017 Loopring Technology Limited.











/// @title WithdrawTransaction
/// @author Brecht Devos - <[email protected]>
/// @dev The following 4 types of withdrawals are supported:
///      - withdrawType = 0: offchain withdrawals with EdDSA signatures
///      - withdrawType = 1: offchain withdrawals with ECDSA signatures or onchain appprovals
///      - withdrawType = 2: onchain valid forced withdrawals (owner and accountID match), or
///                          offchain operator-initiated withdrawals for protocol fees or for
///                          users in shutdown mode
///      - withdrawType = 3: onchain invalid forced withdrawals (owner and accountID mismatch)
library WithdrawTransaction
{
    using BytesUtil            for bytes;
    using FloatUtil            for uint16;
    using MathUint             for uint;
    using ExchangeMode         for ExchangeData.State;
    using ExchangeSignatures   for ExchangeData.State;
    using ExchangeWithdrawals  for ExchangeData.State;

    bytes32 constant public WITHDRAWAL_TYPEHASH = keccak256(
        "Withdrawal(address owner,uint32 accountID,uint16 tokenID,uint96 amount,uint16 feeTokenID,uint96 maxFee,address to,bytes extraData,uint256 minGas,uint32 validUntil,uint32 storageID)"
    );

    struct Withdrawal
    {
        uint    withdrawalType;
        address from;
        uint32  fromAccountID;
        uint16  tokenID;
        uint96  amount;
        uint16  feeTokenID;
        uint96  maxFee;
        uint96  fee;
        address to;
        bytes   extraData;
        uint    minGas;
        uint32  validUntil;
        uint32  storageID;
        bytes20 onchainDataHash;
    }

    // Auxiliary data for each withdrawal
    struct WithdrawalAuxiliaryData
    {
        bool  storeRecipient;
        uint  gasLimit;
        bytes signature;

        uint    minGas;
        address to;
        bytes   extraData;
        uint96  maxFee;
        uint32  validUntil;
    }

    function process(
        ExchangeData.State        storage S,
        ExchangeData.BlockContext memory  ctx,
        bytes                     memory  data,
        uint                              offset,
        bytes                     memory  auxiliaryData
        )
        internal
    {
        Withdrawal memory withdrawal;
        readTx(data, offset, withdrawal);
        WithdrawalAuxiliaryData memory auxData = abi.decode(auxiliaryData, (WithdrawalAuxiliaryData));

        // Validate the withdrawal data not directly part of the DA
        bytes20 onchainDataHash = hashOnchainData(
            auxData.minGas,
            auxData.to,
            auxData.extraData
        );
        // Only the 20 MSB are used, which is still 80-bit of security, which is more
        // than enough, especially when combined with validUntil.
        require(withdrawal.onchainDataHash == onchainDataHash, "INVALID_WITHDRAWAL_DATA");

        // Fill in withdrawal data missing from DA
        withdrawal.to = auxData.to;
        withdrawal.minGas = auxData.minGas;
        withdrawal.extraData = auxData.extraData;
        withdrawal.maxFee = auxData.maxFee == 0 ? withdrawal.fee : auxData.maxFee;
        withdrawal.validUntil = auxData.validUntil;

        // If the account has an owner, don't allow withdrawing to the zero address
        // (which will be the protocol fee vault contract).
        require(withdrawal.from == address(0) || withdrawal.to != address(0), "INVALID_WITHDRAWAL_RECIPIENT");

        if (withdrawal.withdrawalType == 0) {
            // Signature checked offchain, nothing to do
        } else if (withdrawal.withdrawalType == 1) {
            // Validate
            require(ctx.timestamp < withdrawal.validUntil, "WITHDRAWAL_EXPIRED");
            require(withdrawal.fee <= withdrawal.maxFee, "WITHDRAWAL_FEE_TOO_HIGH");

            // Check appproval onchain
            // Calculate the tx hash
            bytes32 txHash = hashTx(ctx.DOMAIN_SEPARATOR, withdrawal);
            // Check onchain authorization
            S.requireAuthorizedTx(withdrawal.from, auxData.signature, txHash);
        } else if (withdrawal.withdrawalType == 2 || withdrawal.withdrawalType == 3) {
            // Forced withdrawals cannot make use of certain features because the
            // necessary data is not authorized by the account owner.
            // For protocol fee withdrawals, `owner` and `to` are both address(0).
            require(withdrawal.from == withdrawal.to, "INVALID_WITHDRAWAL_ADDRESS");

            // Forced withdrawal fees are charged when the request is submitted.
            require(withdrawal.fee == 0, "FEE_NOT_ZERO");

            require(withdrawal.extraData.length == 0, "AUXILIARY_DATA_NOT_ALLOWED");

            ExchangeData.ForcedWithdrawal memory forcedWithdrawal =
                S.pendingForcedWithdrawals[withdrawal.fromAccountID][withdrawal.tokenID];

            if (forcedWithdrawal.timestamp != 0) {
                if (withdrawal.withdrawalType == 2) {
                    require(withdrawal.from == forcedWithdrawal.owner, "INCONSISENT_OWNER");
                } else { //withdrawal.withdrawalType == 3
                    require(withdrawal.from != forcedWithdrawal.owner, "INCONSISENT_OWNER");
                    require(withdrawal.amount == 0, "UNAUTHORIZED_WITHDRAWAL");
                }

                // delete the withdrawal request and free a slot
                delete S.pendingForcedWithdrawals[withdrawal.fromAccountID][withdrawal.tokenID];
                S.numPendingForcedTransactions--;
            } else {
                // Allow the owner to submit full withdrawals without authorization
                // - when in shutdown mode
                // - to withdraw protocol fees
                require(
                    withdrawal.fromAccountID == ExchangeData.ACCOUNTID_PROTOCOLFEE ||
                    S.isShutdown(),
                    "FULL_WITHDRAWAL_UNAUTHORIZED"
                );
            }
        } else {
            revert("INVALID_WITHDRAWAL_TYPE");
        }

        // Check if there is a withdrawal recipient
        address recipient = S.withdrawalRecipient[withdrawal.from][withdrawal.to][withdrawal.tokenID][withdrawal.amount][withdrawal.storageID];
        if (recipient != address(0)) {
            // Auxiliary data is not supported
            require (withdrawal.extraData.length == 0, "AUXILIARY_DATA_NOT_ALLOWED");

            // Set the new recipient address
            withdrawal.to = recipient;
            // Allow any amount of gas to be used on this withdrawal (which allows the transfer to be skipped)
            withdrawal.minGas = 0;

            // Do NOT delete the recipient to prevent replay attack
            // delete S.withdrawalRecipient[withdrawal.owner][withdrawal.to][withdrawal.tokenID][withdrawal.amount][withdrawal.storageID];
        } else if (auxData.storeRecipient) {
            // Store the destination address to mark the withdrawal as done
            require(withdrawal.to != address(0), "INVALID_DESTINATION_ADDRESS");
            S.withdrawalRecipient[withdrawal.from][withdrawal.to][withdrawal.tokenID][withdrawal.amount][withdrawal.storageID] = withdrawal.to;
        }

        // Validate gas provided
        require(auxData.gasLimit >= withdrawal.minGas, "OUT_OF_GAS_FOR_WITHDRAWAL");

        // Try to transfer the tokens with the provided gas limit
        S.distributeWithdrawal(
            withdrawal.from,
            withdrawal.to,
            withdrawal.tokenID,
            withdrawal.amount,
            withdrawal.extraData,
            auxData.gasLimit
        );
    }

    function readTx(
        bytes      memory data,
        uint              offset,
        Withdrawal memory withdrawal
        )
        internal
        pure
    {
        uint _offset = offset;

        require(data.toUint8Unsafe(_offset) == uint8(ExchangeData.TransactionType.WITHDRAWAL), "INVALID_TX_TYPE");
        _offset += 1;

        // Extract the transfer data
        // We don't use abi.decode for this because of the large amount of zero-padding
        // bytes the circuit would also have to hash.
        withdrawal.withdrawalType = data.toUint8Unsafe(_offset);
        _offset += 1;
        withdrawal.from = data.toAddressUnsafe(_offset);
        _offset += 20;
        withdrawal.fromAccountID = data.toUint32Unsafe(_offset);
        _offset += 4;
        withdrawal.tokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        withdrawal.amount = data.toUint96Unsafe(_offset);
        _offset += 12;
        withdrawal.feeTokenID = data.toUint16Unsafe(_offset);
        _offset += 2;
        withdrawal.fee = data.toUint16Unsafe(_offset).decodeFloat16();
        _offset += 2;
        withdrawal.storageID = data.toUint32Unsafe(_offset);
        _offset += 4;
        withdrawal.onchainDataHash = data.toBytes20Unsafe(_offset);
        _offset += 20;
    }

    function hashTx(
        bytes32 DOMAIN_SEPARATOR,
        Withdrawal memory withdrawal
        )
        internal
        pure
        returns (bytes32)
    {
        return EIP712.hashPacked(
            DOMAIN_SEPARATOR,
            keccak256(
                abi.encode(
                    WITHDRAWAL_TYPEHASH,
                    withdrawal.from,
                    withdrawal.fromAccountID,
                    withdrawal.tokenID,
                    withdrawal.amount,
                    withdrawal.feeTokenID,
                    withdrawal.maxFee,
                    withdrawal.to,
                    keccak256(withdrawal.extraData),
                    withdrawal.minGas,
                    withdrawal.validUntil,
                    withdrawal.storageID
                )
            )
        );
    }

    function hashOnchainData(
        uint    minGas,
        address to,
        bytes   memory extraData
        )
        internal
        pure
        returns (bytes20)
    {
        // Only the 20 MSB are used, which is still 80-bit of security, which is more
        // than enough, especially when combined with validUntil.
        return bytes20(keccak256(
            abi.encodePacked(
                minGas,
                to,
                extraData
            )
        ));
    }
}

// File: contracts/aux/transactions/TransactionReader.sol

// Copyright 2017 Loopring Technology Limited.







/// @title TransactionReader
/// @author Brecht Devos - <[email protected]>
/// @dev Utility library to read transactions.
library TransactionReader {
    using BlockReader       for bytes;
    using TransactionReader for ExchangeData.Block;
    using BytesUtil         for bytes;

    function readDeposit(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
        returns (DepositTransaction.Deposit memory deposit)
    {
        _block.readTx(txIdx, txData);
        DepositTransaction.readTx(txData, 0, deposit);
    }

    function readWithdrawal(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
        returns (WithdrawTransaction.Withdrawal memory withdrawal)
    {
        _block.readTx(txIdx, txData);
        WithdrawTransaction.readTx(txData, 0, withdrawal);
    }

    function readAmmUpdate(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
        returns (AmmUpdateTransaction.AmmUpdate memory ammUpdate)
    {
        _block.readTx(txIdx, txData);
        AmmUpdateTransaction.readTx(txData, 0, ammUpdate);
    }

    function readTransfer(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
        returns (TransferTransaction.Transfer memory transfer)
    {
        _block.readTx(txIdx, txData);
        TransferTransaction.readTx(txData, 0, transfer);
    }

    function readSignatureVerification(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
        returns (SignatureVerificationTransaction.SignatureVerification memory verification)
    {
        _block.readTx(txIdx, txData);
        SignatureVerificationTransaction.readTx(txData, 0, verification);
    }

    function readTx(
        ExchangeData.Block memory _block,
        uint txIdx,
        bytes memory txData
        )
        internal
        pure
    {
        _block.data.readTransactionData(txIdx, _block.blockSize, txData);
    }

    function readTxs(
        ExchangeData.Block memory _block,
        uint                      txIdx,
        uint16                    numTransactions,
        bytes              memory txsData
        )
        internal
        pure
    {
        bytes memory txData = txsData;
        uint TX_DATA_AVAILABILITY_SIZE = ExchangeData.TX_DATA_AVAILABILITY_SIZE;
        for (uint i = 0; i < numTransactions; i++) {
            _block.data.readTransactionData(txIdx + i, _block.blockSize, txData);
            assembly {
                txData := add(txData, TX_DATA_AVAILABILITY_SIZE)
            }
        }
    }
}

// File: contracts/core/iface/IExchangeV3.sol

// Copyright 2017 Loopring Technology Limited.




/// @title IExchangeV3
/// @dev Note that Claimable and RentrancyGuard are inherited here to
///      ensure all data members are declared on IExchangeV3 to make it
///      easy to support upgradability through proxies.
///
///      Subclasses of this contract must NOT define constructor to
///      initialize data.
///
/// @author Brecht Devos - <[email protected]>
/// @author Daniel Wang  - <[email protected]>
abstract contract IExchangeV3 is Claimable
{
    // -- Events --

    event ExchangeCloned(
        address exchangeAddress,
        address owner,
        bytes32 genesisMerkleRoot
    );

    event TokenRegistered(
        address token,
        uint16  tokenId
    );

    event Shutdown(
        uint timestamp
    );

    event WithdrawalModeActivated(
        uint timestamp
    );

    event BlockSubmitted(
        uint    indexed blockIdx,
        bytes32         merkleRoot,
        bytes32         publicDataHash
    );

    event DepositRequested(
        address from,
        address to,
        address token,
        uint16  tokenId,
        uint96  amount
    );

    event ForcedWithdrawalRequested(
        address owner,
        address token,
        uint32  accountID
    );

    event WithdrawalCompleted(
        uint8   category,
        address from,
        address to,
        address token,
        uint    amount
    );

    event WithdrawalFailed(
        uint8   category,
        address from,
        address to,
        address token,
        uint    amount
    );

    event ProtocolFeesUpdated(
        uint8 takerFeeBips,
        uint8 makerFeeBips,
        uint8 previousTakerFeeBips,
        uint8 previousMakerFeeBips
    );

    event TransactionApproved(
        address owner,
        bytes32 transactionHash
    );


    // -- Initialization --
    /// @dev Initializes this exchange. This method can only be called once.
    /// @param  loopring The LoopringV3 contract address.
    /// @param  owner The owner of this exchange.
    /// @param  genesisMerkleRoot The initial Merkle tree state.
    function initialize(
        address loopring,
        address owner,
        bytes32 genesisMerkleRoot
        )
        virtual
        external;

    /// @dev Initialized the agent registry contract used by the exchange.
    ///      Can only be called by the exchange owner once.
    /// @param agentRegistry The agent registry contract to be used
    function setAgentRegistry(address agentRegistry)
        external
        virtual;

    /// @dev Gets the agent registry contract used by the exchange.
    /// @return the agent registry contract
    function getAgentRegistry()
        external
        virtual
        view
        returns (IAgentRegistry);

    ///      Can only be called by the exchange owner once.
    /// @param depositContract The deposit contract to be used
    function setDepositContract(address depositContract)
        external
        virtual;

    /// @dev refresh the blockVerifier contract which maybe changed in loopringV3 contract.
    function refreshBlockVerifier()
        external
        virtual;

    /// @dev Gets the deposit contract used by the exchange.
    /// @return the deposit contract
    function getDepositContract()
        external
        virtual
        view
        returns (IDepositContract);

    // @dev Exchange owner withdraws fees from the exchange.
    // @param token Fee token address
    // @param feeRecipient Fee recipient address
    function withdrawExchangeFees(
        address token,
        address feeRecipient
        )
        external
        virtual;

    // -- Constants --
    /// @dev Returns a list of constants used by the exchange.
    /// @return constants The list of constants.
    function getConstants()
        external
        virtual
        pure
        returns(ExchangeData.Constants memory);

    // -- Mode --
    /// @dev Returns hether the exchange is in withdrawal mode.
    /// @return Returns true if the exchange is in withdrawal mode, else false.
    function isInWithdrawalMode()
        external
        virtual
        view
        returns (bool);

    /// @dev Returns whether the exchange is shutdown.
    /// @return Returns true if the exchange is shutdown, else false.
    function isShutdown()
        external
        virtual
        view
        returns (bool);

    // -- Tokens --
    /// @dev Registers an ERC20 token for a token id. Note that different exchanges may have
    ///      different ids for the same ERC20 token.
    ///
    ///      Please note that 1 is reserved for Ether (ETH), 2 is reserved for Wrapped Ether (ETH),
    ///      and 3 is reserved for Loopring Token (LRC).
    ///
    ///      This function is only callable by the exchange owner.
    ///
    /// @param  tokenAddress The token's address
    /// @return tokenID The token's ID in this exchanges.
    function registerToken(
        address tokenAddress
        )
        external
        virtual
        returns (uint16 tokenID);

    /// @dev Returns the id of a registered token.
    /// @param  tokenAddress The token's address
    /// @return tokenID The token's ID in this exchanges.
    function getTokenID(
        address tokenAddress
        )
        external
        virtual
        view
        returns (uint16 tokenID);

    /// @dev Returns the address of a registered token.
    /// @param  tokenID The token's ID in this exchanges.
    /// @return tokenAddress The token's address
    function getTokenAddress(
        uint16 tokenID
        )
        external
        virtual
        view
        returns (address tokenAddress);

    // -- Stakes --
    /// @dev Gets the amount of LRC the owner has staked onchain for this exchange.
    ///      The stake will be burned if the exchange does not fulfill its duty by
    ///      processing user requests in time. Please note that order matching may potentially
    ///      performed by another party and is not part of the exchange's duty.
    ///
    /// @return The amount of LRC staked
    function getExchangeStake()
        external
        virtual
        view
        returns (uint);

    /// @dev Withdraws the amount staked for this exchange.
    ///      This can only be done if the exchange has been correctly shutdown:
    ///      - The exchange owner has shutdown the exchange
    ///      - All deposit requests are processed
    ///      - All funds are returned to the users (merkle root is reset to initial state)
    ///
    ///      Can only be called by the exchange owner.
    ///
    /// @return amountLRC The amount of LRC withdrawn
    function withdrawExchangeStake(
        address recipient
        )
        external
        virtual
        returns (uint amountLRC);

    /// @dev Can by called by anyone to burn the stake of the exchange when certain
    ///      conditions are fulfilled.
    ///
    ///      Currently this will only burn the stake of the exchange if
    ///      the exchange is in withdrawal mode.
    function burnExchangeStake()
        external
        virtual;

    // -- Blocks --

    /// @dev Gets the current Merkle root of this exchange's virtual blockchain.
    /// @return The current Merkle root.
    function getMerkleRoot()
        external
        virtual
        view
        returns (bytes32);

    /// @dev Gets the height of this exchange's virtual blockchain. The block height for a
    ///      new exchange is 1.
    /// @return The virtual blockchain height which is the index of the last block.
    function getBlockHeight()
        external
        virtual
        view
        returns (uint);

    /// @dev Gets some minimal info of a previously submitted block that's kept onchain.
    ///      A DEX can use this function to implement a payment receipt verification
    ///      contract with a challange-response scheme.
    /// @param blockIdx The block index.
    function getBlockInfo(uint blockIdx)
        external
        virtual
        view
        returns (ExchangeData.BlockInfo memory);

    /// @dev Sumbits new blocks to the rollup blockchain.
    ///
    ///      This function can only be called by the exchange operator.
    ///
    /// @param blocks The blocks being submitted
    ///      - blockType: The type of the new block
    ///      - blockSize: The number of onchain or offchain requests/settlements
    ///        that have been processed in this block
    ///      - blockVersion: The circuit version to use for verifying the block
    ///      - storeBlockInfoOnchain: If the block info for this block needs to be stored on-chain
    ///      - data: The data for this block
    ///      - offchainData: Arbitrary data, mainly for off-chain data-availability, i.e.,
    ///        the multihash of the IPFS file that contains the block data.
    function submitBlocks(ExchangeData.Block[] calldata blocks)
        external
        virtual;

    /// @dev Gets the number of available forced request slots.
    /// @return The number of available slots.
    function getNumAvailableForcedSlots()
        external
        virtual
        view
        returns (uint);

    // -- Deposits --

    /// @dev Deposits Ether or ERC20 tokens to the specified account.
    ///
    ///      This function is only callable by an agent of 'from'.
    ///
    ///      A fee to the owner is paid in ETH to process the deposit.
    ///      The operator is not forced to do the deposit and the user can send
    ///      any fee amount.
    ///
    /// @param from The address that deposits the funds to the exchange
    /// @param to The account owner's address receiving the funds
    /// @param tokenAddress The address of the token, use `0x0` for Ether.
    /// @param amount The amount of tokens to deposit
    /// @param auxiliaryData Optional extra data used by the deposit contract
    function deposit(
        address from,
        address to,
        address tokenAddress,
        uint96  amount,
        bytes   calldata auxiliaryData
        )
        external
        virtual
        payable;

    /// @dev Gets the amount of tokens that may be added to the owner's account.
    /// @param owner The destination address for the amount deposited.
    /// @param tokenAddress The address of the token, use `0x0` for Ether.
    /// @return The amount of tokens pending.
    function getPendingDepositAmount(
        address owner,
        address tokenAddress
        )
        external
        virtual
        view
        returns (uint96);

    // -- Withdrawals --
    /// @dev Submits an onchain request to force withdraw Ether or ERC20 tokens.
    ///      This request always withdraws the full balance.
    ///
    ///      This function is only callable by an agent of the account.
    ///
    ///      The total fee in ETH that the user needs to pay is 'withdrawalFee'.
    ///      If the user sends too much ETH the surplus is sent back immediately.
    ///
    ///      Note that after such an operation, it will take the owner some
    ///      time (no more than MAX_AGE_FORCED_REQUEST_UNTIL_WITHDRAW_MODE) to process the request
    ///      and create the deposit to the offchain account.
    ///
    /// @param owner The expected owner of the account
    /// @param tokenAddress The address of the token, use `0x0` for Ether.
    /// @param accountID The address the account in the Merkle tree.
    function forceWithdraw(
        address owner,
        address tokenAddress,
        uint32  accountID
        )
        external
        virtual
        payable;

    /// @dev Checks if a forced withdrawal is pending for an account balance.
    /// @param  accountID The accountID of the account to check.
    /// @param  token The token address
    /// @return True if a request is pending, false otherwise
    function isForcedWithdrawalPending(
        uint32  accountID,
        address token
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Submits an onchain request to withdraw Ether or ERC20 tokens from the
    ///      protocol fees account. The complete balance is always withdrawn.
    ///
    ///      Anyone can request a withdrawal of the protocol fees.
    ///
    ///      Note that after such an operation, it will take the owner some
    ///      time (no more than MAX_AGE_FORCED_REQUEST_UNTIL_WITHDRAW_MODE) to process the request
    ///      and create the deposit to the offchain account.
    ///
    /// @param tokenAddress The address of the token, use `0x0` for Ether.
    function withdrawProtocolFees(
        address tokenAddress
        )
        external
        virtual
        payable;

    /// @dev Gets the time the protocol fee for a token was last withdrawn.
    /// @param tokenAddress The address of the token, use `0x0` for Ether.
    /// @return The time the protocol fee was last withdrawn.
    function getProtocolFeeLastWithdrawnTime(
        address tokenAddress
        )
        external
        virtual
        view
        returns (uint);

    /// @dev Allows anyone to withdraw funds for a specified user using the balances stored
    ///      in the Merkle tree. The funds will be sent to the owner of the acount.
    ///
    ///      Can only be used in withdrawal mode (i.e. when the owner has stopped
    ///      committing blocks and is not able to commit any more blocks).
    ///
    ///      This will NOT modify the onchain merkle root! The merkle root stored
    ///      onchain will remain the same after the withdrawal. We store if the user
    ///      has withdrawn the balance in State.withdrawnInWithdrawMode.
    ///
    /// @param  merkleProof The Merkle inclusion proof
    function withdrawFromMerkleTree(
        ExchangeData.MerkleProof calldata merkleProof
        )
        external
        virtual;

    /// @dev Checks if the balance for the account was withdrawn with `withdrawFromMerkleTree`.
    /// @param  accountID The accountID of the balance to check.
    /// @param  token The token address
    /// @return True if it was already withdrawn, false otherwise
    function isWithdrawnInWithdrawalMode(
        uint32  accountID,
        address token
        )
        external
        virtual
        view
        returns (bool);

    /// @dev Allows withdrawing funds deposited to the contract in a deposit request when
    ///      it was never processed by the owner within the maximum time allowed.
    ///
    ///      Can be called by anyone. The deposited tokens will be sent back to
    ///      the owner of the account they were deposited in.
    ///
    /// @param  owner The address of the account the withdrawal was done for.
    /// @param  token The token address
    function withdrawFromDepositRequest(
        address owner,
        address token
        )
        external
        virtual;

    /// @dev Allows withdrawing funds after a withdrawal request (either onchain
    ///      or offchain) was submitted in a block by the operator.
    ///
    ///      Can be called by anyone. The withdrawn tokens will be sent to
    ///      the owner of the account they were withdrawn out.
    ///
    ///      Normally it is should not be needed for users to call this manually.
    ///      Funds from withdrawal requests will be sent to the account owner
    ///      immediately by the owner when the block is submitted.
    ///      The user will however need to call this manually if the transfer failed.
    ///
    ///      Tokens and owners must have the same size.
    ///
    /// @param  owners The addresses of the account the withdrawal was done for.
    /// @param  tokens The token addresses
    function withdrawFromApprovedWithdrawals(
        address[] calldata owners,
        address[] calldata tokens
        )
        external
        virtual;

    /// @dev Gets the amount that can be withdrawn immediately with `withdrawFromApprovedWithdrawals`.
    /// @param  owner The address of the account the withdrawal was done for.
    /// @param  token The token address
    /// @return The amount withdrawable
    function getAmountWithdrawable(
        address owner,
        address token
        )
        external
        virtual
        view
        returns (uint);

    /// @dev Notifies the exchange that the owner did not process a forced request.
    ///      If this is indeed the case, the exchange will enter withdrawal mode.
    ///
    ///      Can be called by anyone.
    ///
    /// @param  accountID The accountID the forced request was made for
    /// @param  token The token address of the the forced request
    function notifyForcedRequestTooOld(
        uint32  accountID,
        address token
        )
        external
        virtual;

    /// @dev Allows a withdrawal to be done to an adddresss that is different
    ///      than initialy specified in the withdrawal request. This can be used to
    ///      implement functionality like fast withdrawals.
    ///
    ///      This function can only be called by an agent.
    ///
    /// @param from The address of the account that does the withdrawal.
    /// @param to The address to which 'amount' tokens were going to be withdrawn.
    /// @param token The address of the token that is withdrawn ('0x0' for ETH).
    /// @param amount The amount of tokens that are going to be withdrawn.
    /// @param storageID The storageID of the withdrawal request.
    /// @param newRecipient The new recipient address of the withdrawal.
    function setWithdrawalRecipient(
        address from,
        address to,
        address token,
        uint96  amount,
        uint32  storageID,
        address newRecipient
        )
        external
        virtual;

    /// @dev Gets the withdrawal recipient.
    ///
    /// @param from The address of the account that does the withdrawal.
    /// @param to The address to which 'amount' tokens were going to be withdrawn.
    /// @param token The address of the token that is withdrawn ('0x0' for ETH).
    /// @param amount The amount of tokens that are going to be withdrawn.
    /// @param storageID The storageID of the withdrawal request.
    function getWithdrawalRecipient(
        address from,
        address to,
        address token,
        uint96  amount,
        uint32  storageID
        )
        external
        virtual
        view
        returns (address);

    /// @dev Allows an agent to transfer ERC-20 tokens for a user using the allowance
    ///      the user has set for the exchange. This way the user only needs to approve a single exchange contract
    ///      for all exchange/agent features, which allows for a more seamless user experience.
    ///
    ///      This function can only be called by an agent.
    ///
    /// @param from The address of the account that sends the tokens.
    /// @param to The address to which 'amount' tokens are transferred.
    /// @param token The address of the token to transfer (ETH is and cannot be suppported).
    /// @param amount The amount of tokens transferred.
    function onchainTransferFrom(
        address from,
        address to,
        address token,
        uint    amount
        )
        external
        virtual;

    /// @dev Allows an agent to approve a rollup tx.
    ///
    ///      This function can only be called by an agent.
    ///
    /// @param owner The owner of the account
    /// @param txHash The hash of the transaction
    function approveTransaction(
        address owner,
        bytes32 txHash
        )
        external
        virtual;

    /// @dev Allows an agent to approve multiple rollup txs.
    ///
    ///      This function can only be called by an agent.
    ///
    /// @param owners The account owners
    /// @param txHashes The hashes of the transactions
    function approveTransactions(
        address[] calldata owners,
        bytes32[] calldata txHashes
        )
        external
        virtual;

    /// @dev Checks if a rollup tx is approved using the tx's hash.
    ///
    /// @param owner The owner of the account that needs to authorize the tx
    /// @param txHash The hash of the transaction
    /// @return True if the tx is approved, else false
    function isTransactionApproved(
        address owner,
        bytes32 txHash
        )
        external
        virtual
        view
        returns (bool);

    // -- Admins --
    /// @dev Sets the max time deposits have to wait before becoming withdrawable.
    /// @param newValue The new value.
    /// @return  The old value.
    function setMaxAgeDepositUntilWithdrawable(
        uint32 newValue
        )
        external
        virtual
        returns (uint32);

    /// @dev Returns the max time deposits have to wait before becoming withdrawable.
    /// @return The value.
    function getMaxAgeDepositUntilWithdrawable()
        external
        virtual
        view
        returns (uint32);

    /// @dev Shuts down the exchange.
    ///      Once the exchange is shutdown all onchain requests are permanently disabled.
    ///      When all requirements are fulfilled the exchange owner can withdraw
    ///      the exchange stake with withdrawStake.
    ///
    ///      Note that the exchange can still enter the withdrawal mode after this function
    ///      has been invoked successfully. To prevent entering the withdrawal mode before the
    ///      the echange stake can be withdrawn, all withdrawal requests still need to be handled
    ///      for at least MIN_TIME_IN_SHUTDOWN seconds.
    ///
    ///      Can only be called by the exchange owner.
    ///
    /// @return success True if the exchange is shutdown, else False
    function shutdown()
        external
        virtual
        returns (bool success);

    /// @dev Gets the protocol fees for this exchange.
    /// @return syncedAt The timestamp the protocol fees were last updated
    /// @return takerFeeBips The protocol taker fee
    /// @return makerFeeBips The protocol maker fee
    /// @return previousTakerFeeBips The previous protocol taker fee
    /// @return previousMakerFeeBips The previous protocol maker fee
    function getProtocolFeeValues()
        external
        virtual
        view
        returns (
            uint32 syncedAt,
            uint8 takerFeeBips,
            uint8 makerFeeBips,
            uint8 previousTakerFeeBips,
            uint8 previousMakerFeeBips
        );

    /// @dev Gets the domain separator used in this exchange.
    function getDomainSeparator()
        external
        virtual
        view
        returns (bytes32);

    /// @dev set amm pool feeBips value.
    function setAmmFeeBips(uint8 _feeBips)
        external
        virtual;

    /// @dev get amm pool feeBips value.
    function getAmmFeeBips()
        external
        virtual
        view
        returns (uint8);
}

// File: contracts/lib/ERC20.sol

// Copyright 2017 Loopring Technology Limited.


/// @title ERC20 Token Interface
/// @dev see https://github.com/ethereum/EIPs/issues/20
/// @author Daniel Wang - <[email protected]>
abstract contract ERC20
{
    function totalSupply()
        public
        virtual
        view
        returns (uint);

    function balanceOf(
        address who
        )
        public
        virtual
        view
        returns (uint);

    function allowance(
        address owner,
        address spender
        )
        public
        virtual
        view
        returns (uint);

    function transfer(
        address to,
        uint value
        )
        public
        virtual
        returns (bool);

    function transferFrom(
        address from,
        address to,
        uint    value
        )
        public
        virtual
        returns (bool);

    function approve(
        address spender,
        uint    value
        )
        public
        virtual
        returns (bool);
}

// File: contracts/lib/Drainable.sol

// Copyright 2017 Loopring Technology Limited.





/// @title Drainable
/// @author Brecht Devos - <[email protected]>
/// @dev Standard functionality to allow draining funds from a contract.
abstract contract Drainable
{
    using AddressUtil       for address;
    using ERC20SafeTransfer for address;

    event Drained(
        address to,
        address token,
        uint    amount
    );

    function drain(
        address to,
        address token
        )
        public
        returns (uint amount)
    {
        require(canDrain(msg.sender, token), "UNAUTHORIZED");

        if (token == address(0)) {
            amount = address(this).balance;
            to.sendETHAndVerify(amount, gasleft());   // ETH
        } else {
            amount = ERC20(token).balanceOf(address(this));
            token.safeTransferAndVerify(to, amount);  // ERC20 token
        }

        emit Drained(to, token, amount);
    }

    // Needs to return if the address is authorized to call drain.
    function canDrain(address drainer, address token)
        public
        virtual
        view
        returns (bool);
}

// File: contracts/aux/access/SelectorBasedAccessManager.sol

// Copyright 2017 Loopring Technology Limited.





/// @title  SelectorBasedAccessManager
/// @author Daniel Wang - <[email protected]>
contract SelectorBasedAccessManager is Claimable
{
    using BytesUtil for bytes;

    event PermissionUpdate(
        address indexed user,
        bytes4  indexed selector,
        bool            allowed
    );

    address public immutable target;
    mapping(address => mapping(bytes4 => bool)) public permissions;

    modifier withAccess(bytes4 selector)
    {
        require(hasAccessTo(msg.sender, selector), "PERMISSION_DENIED");
        _;
    }

    constructor(address _target)
    {
        require(_target != address(0), "ZERO_ADDRESS");
        target = _target;
    }

    function grantAccess(
        address user,
        bytes4  selector,
        bool    granted
        )
        external
        onlyOwner
    {
        require(permissions[user][selector] != granted, "INVALID_VALUE");
        permissions[user][selector] = granted;
        emit PermissionUpdate(user, selector, granted);
    }

    receive() payable external {}

    fallback()
        payable
        external
    {
        transact(msg.data);
    }

    function transact(bytes memory data)
        payable
        public
        withAccess(data.toBytes4(0))
    {
        (bool success, bytes memory returnData) = target
            .call{value: msg.value}(data);

        if (!success) {
            assembly { revert(add(returnData, 32), mload(returnData)) }
        }
    }

    function hasAccessTo(address user, bytes4 selector)
        public
        view
        returns (bool)
    {
        return user == owner || permissions[user][selector];
    }
}

// File: contracts/amm/libamm/IAmmSharedConfig.sol

// Copyright 2017 Loopring Technology Limited.

interface IAmmSharedConfig
{
    function maxForcedExitAge() external view returns (uint);
    function maxForcedExitCount() external view returns (uint);
    function forcedExitFee() external view returns (uint);
}

// File: contracts/amm/libamm/AmmData.sol

// Copyright 2017 Loopring Technology Limited.





/// @title AmmData
library AmmData
{
    uint public constant POOL_TOKEN_BASE = 100 * (10 ** 8);
    uint public constant POOL_TOKEN_MINTED_SUPPLY = uint96(-1);

    enum PoolTxType
    {
        NOOP,
        JOIN,
        EXIT
    }

    struct PoolConfig
    {
        address   sharedConfig;
        address   exchange;
        string    poolName;
        uint32    accountID;
        address[] tokens;
        uint96[]  weights;
        uint8     feeBips;
        string    tokenSymbol;
    }

    struct PoolJoin
    {
        address   owner;
        uint96[]  joinAmounts;
        uint32[]  joinStorageIDs;
        uint96    mintMinAmount;
        uint96    fee;
        uint32    validUntil;
    }

    struct PoolExit
    {
        address   owner;
        uint96    burnAmount;
        uint32    burnStorageID; // for pool token withdrawal from user to the pool
        uint96[]  exitMinAmounts; // the amount to receive BEFORE paying the fee.
        uint96    fee;
        uint32    validUntil;
    }

    struct PoolTx
    {
        PoolTxType txType;
        bytes      data;
        bytes      signature;
    }

    struct Token
    {
        address addr;
        uint96  weight;
        uint16  tokenID;
    }

    struct Context
    {
        // functional parameters
        uint txIdx;

        // AMM pool state variables
        bytes32 domainSeparator;
        uint32  accountID;

        uint16  poolTokenID;
        uint8   feeBips;
        uint    totalSupply;

        Token[]  tokens;
        uint96[] tokenBalancesL2;
    }

    struct State {
        // Pool token state variables
        string poolName;
        string symbol;
        uint   _totalSupply;

        mapping(address => uint) balanceOf;
        mapping(address => mapping(address => uint)) allowance;
        mapping(address => uint) nonces;

        // AMM pool state variables
        IAmmSharedConfig sharedConfig;

        Token[]     tokens;

        // The order of the following variables important to minimize loads
        bytes32     exchangeDomainSeparator;
        bytes32     domainSeparator;
        IExchangeV3 exchange;
        uint32      accountID;
        uint16      poolTokenID;
        uint8       feeBips;

        address     exchangeOwner;

        uint64      shutdownTimestamp;
        uint16      forcedExitCount;

        // A map from a user to the forced exit.
        mapping (address => PoolExit) forcedExit;
        mapping (bytes32 => bool) approvedTx;
    }
}

// File: contracts/aux/access/IBlockReceiver.sol

// Copyright 2017 Loopring Technology Limited.



/// @title IBlockReceiver
/// @author Brecht Devos - <[email protected]>
abstract contract IBlockReceiver
{
    function beforeBlockSubmission(
        bytes              calldata txsData,
        bytes              calldata callbackData
        )
        external
        virtual;
}

// File: contracts/aux/access/LoopringIOExchangeOwner.sol

// Copyright 2017 Loopring Technology Limited.













contract LoopringIOExchangeOwner is SelectorBasedAccessManager, ERC1271, Drainable
{
    using AddressUtil       for address;
    using AddressUtil       for address payable;
    using BytesUtil         for bytes;
    using MathUint          for uint;
    using SignatureUtil     for bytes32;
    using TransactionReader for ExchangeData.Block;

    bytes4    private constant SUBMITBLOCKS_SELECTOR = IExchangeV3.submitBlocks.selector;
    bool      public  open;

    event SubmitBlocksAccessOpened(bool open);

    struct TxCallback
    {
        uint16 txIdx;
        uint16 numTxs;
        uint16 receiverIdx;
        bytes  data;
    }

    struct BlockCallback
    {
        uint16        blockIdx;
        TxCallback[]  txCallbacks;
    }

    struct CallbackConfig
    {
        BlockCallback[] blockCallbacks;
        address[]       receivers;
    }

    constructor(
        address _exchange
        )
        SelectorBasedAccessManager(_exchange)
    {
    }

    function openAccessToSubmitBlocks(bool _open)
        external
        onlyOwner
    {
        open = _open;
        emit SubmitBlocksAccessOpened(_open);
    }

    function isValidSignature(
        bytes32        signHash,
        bytes   memory signature
        )
        public
        view
        override
        returns (bytes4)
    {
        // Role system used a bit differently here.
        return hasAccessTo(
            signHash.recoverECDSASigner(signature),
            this.isValidSignature.selector
        ) ? ERC1271_MAGICVALUE : bytes4(0);
    }

    function canDrain(address drainer, address /* token */)
        public
        override
        view
        returns (bool)
    {
        return hasAccessTo(drainer, this.drain.selector);
    }

    function submitBlocksWithCallbacks(
        bool                     isDataCompressed,
        bytes           calldata data,
        CallbackConfig  calldata config
        )
        external
    {
        if (config.blockCallbacks.length > 0) {
            require(config.receivers.length > 0, "MISSING_RECEIVERS");

            // Make sure the receiver is authorized to approve transactions
            IAgentRegistry agentRegistry = IExchangeV3(target).getAgentRegistry();
            for (uint i = 0; i < config.receivers.length; i++) {
                require(agentRegistry.isUniversalAgent(config.receivers[i]), "UNAUTHORIZED_RECEIVER");
            }
        }

        require(
            hasAccessTo(msg.sender, SUBMITBLOCKS_SELECTOR) || open,
            "PERMISSION_DENIED"
        );
        bytes memory decompressed = isDataCompressed ?
            ZeroDecompressor.decompress(data, 1):
            data;

        require(
            decompressed.toBytes4(0) == SUBMITBLOCKS_SELECTOR,
            "INVALID_DATA"
        );

        // Decode the blocks
        ExchangeData.Block[] memory blocks = _decodeBlocks(decompressed);

        // Process the callback logic.
        _beforeBlockSubmission(blocks, config);

        target.fastCallAndVerify(gasleft(), 0, decompressed);
    }

    function _beforeBlockSubmission(
        ExchangeData.Block[] memory   blocks,
        CallbackConfig       calldata config
        )
        private
    {
        // Allocate memory to verify transactions that are approved
        bool[][] memory preApprovedTxs = new bool[][](blocks.length);
        for (uint i = 0; i < blocks.length; i++) {
            preApprovedTxs[i] = new bool[](blocks[i].blockSize);
        }

        // Process transactions
        int lastBlockIdx = -1;
        for (uint i = 0; i < config.blockCallbacks.length; i++) {
            BlockCallback calldata blockCallback = config.blockCallbacks[i];

            uint16 blockIdx = blockCallback.blockIdx;
            require(blockIdx > lastBlockIdx, "BLOCK_INDEX_OUT_OF_ORDER");
            lastBlockIdx = int(blockIdx);

            require(blockIdx < blocks.length, "INVALID_BLOCKIDX");
            ExchangeData.Block memory _block = blocks[blockIdx];

            _processTxCallbacks(
                _block,
                blockCallback.txCallbacks,
                config.receivers,
                preApprovedTxs[blockIdx]
            );
        }

        // Verify the approved transactions data against the auxiliary data in the block
        for (uint i = 0; i < blocks.length; i++) {
            bool[] memory _preApprovedTxs = preApprovedTxs[i];
            ExchangeData.AuxiliaryData[] memory auxiliaryData;
            bytes memory blockAuxData = blocks[i].auxiliaryData;
            assembly {
                auxiliaryData := add(blockAuxData, 64)
            }

            for(uint j = 0; j < auxiliaryData.length; j++) {
                // Load the data from auxiliaryData, which is still encoded as calldata
                uint txIdx;
                bool approved;
                assembly {
                    // Offset to auxiliaryData[j]
                    let auxOffset := mload(add(auxiliaryData, add(32, mul(32, j))))
                    // Load `txIdx` (pos 0) and `approved` (pos 1) in auxiliaryData[j]
                    txIdx := mload(add(add(32, auxiliaryData), auxOffset))
                    approved := mload(add(add(64, auxiliaryData), auxOffset))
                }
                // Check that the provided data matches the expected value
                require(_preApprovedTxs[txIdx] == approved, "PRE_APPROVED_TX_MISMATCH");
            }
        }
    }

    function _processTxCallbacks(
        ExchangeData.Block memory _block,
        TxCallback[]       calldata txCallbacks,
        address[]          calldata receivers,
        bool[]             memory   preApprovedTxs
        )
        private
    {
        if (txCallbacks.length == 0) {
            return;
        }

        uint cursor = 0;

        // Reuse the data when possible to save on some memory alloc gas
        bytes memory txsData = new bytes(txCallbacks[0].numTxs * ExchangeData.TX_DATA_AVAILABILITY_SIZE);
        for (uint i = 0; i < txCallbacks.length; i++) {
            TxCallback calldata txCallback = txCallbacks[i];

            uint txIdx = uint(txCallback.txIdx);
            require(txIdx >= cursor, "TX_INDEX_OUT_OF_ORDER");

            require(txCallback.receiverIdx < receivers.length, "INVALID_RECEIVER_INDEX");

            uint txsDataLength = ExchangeData.TX_DATA_AVAILABILITY_SIZE*txCallback.numTxs;
            if (txsData.length != txsDataLength) {
                txsData = new bytes(txsDataLength);
            }
            _block.readTxs(txIdx, txCallback.numTxs, txsData);
            IBlockReceiver(receivers[txCallback.receiverIdx]).beforeBlockSubmission(
                txsData,
                txCallback.data
            );

            // Now that the transactions have been verified, mark them as approved
            for (uint j = txIdx; j < txIdx + txCallback.numTxs; j++) {
                preApprovedTxs[j] = true;
            }

            cursor = txIdx + txCallback.numTxs;
        }
    }

    function _decodeBlocks(bytes memory data)
        private
        pure
        returns (ExchangeData.Block[] memory)
    {
        // This copies the data (expensive) instead of just pointing to the correct address
        //bytes memory blockData;
        //assembly {
        //    blockData := add(data, 4)
        //}
        //ExchangeData.Block[] memory blocks = abi.decode(blockData, (ExchangeData.Block[]));

        // Points the block data to the data in the abi encoded data.
        // Only sets the data necessary in the callbacks!
        // 36 := 4 (function selector) + 32 (offset to blocks)
        uint numBlocks = data.toUint(36);
        ExchangeData.Block[] memory blocks = new ExchangeData.Block[](numBlocks);
        for (uint i = 0; i < numBlocks; i++) {
            ExchangeData.Block memory _block = blocks[i];

            // 68 := 36 (see above) + 32 (blocks length)
            uint blockOffset = 68 + data.toUint(68 + i*32);

            uint offset = blockOffset;
            //_block.blockType = uint8(data.toUint(offset));
            offset += 32;
            _block.blockSize = uint16(data.toUint(offset));
            offset += 32;
            //_block.blockVersion = uint8(data.toUint(offset));
            offset += 32;
            uint blockDataOffset = data.toUint(offset);
            offset += 32;
            // Skip over proof
            offset += 32 * 8;
            // Skip over storeBlockInfoOnchain
            offset += 32;
            uint auxiliaryDataOffset = data.toUint(offset);
            offset += 32;

            bytes memory blockData;
            assembly {
                blockData := add(data, add(32, add(blockOffset, blockDataOffset)))
            }
            _block.data = blockData;

            bytes memory auxiliaryData;
            assembly {
                auxiliaryData := add(data, add(32, add(blockOffset, auxiliaryDataOffset)))
            }
            // Encoded as calldata!
            _block.auxiliaryData = auxiliaryData;
        }
        return blocks;
    }
}

Contract Security Audit

Contract ABI

[{"inputs":[{"internalType":"address","name":"_exchange","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"to","type":"address"},{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"Drained","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"user","type":"address"},{"indexed":true,"internalType":"bytes4","name":"selector","type":"bytes4"},{"indexed":false,"internalType":"bool","name":"allowed","type":"bool"}],"name":"PermissionUpdate","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bool","name":"open","type":"bool"}],"name":"SubmitBlocksAccessOpened","type":"event"},{"stateMutability":"payable","type":"fallback"},{"inputs":[{"internalType":"address","name":"drainer","type":"address"},{"internalType":"address","name":"","type":"address"}],"name":"canDrain","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"claimOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"to","type":"address"},{"internalType":"address","name":"token","type":"address"}],"name":"drain","outputs":[{"internalType":"uint256","name":"amount","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"bytes4","name":"selector","type":"bytes4"},{"internalType":"bool","name":"granted","type":"bool"}],"name":"grantAccess","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"bytes4","name":"selector","type":"bytes4"}],"name":"hasAccessTo","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"signHash","type":"bytes32"},{"internalType":"bytes","name":"signature","type":"bytes"}],"name":"isValidSignature","outputs":[{"internalType":"bytes4","name":"","type":"bytes4"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"open","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bool","name":"_open","type":"bool"}],"name":"openAccessToSubmitBlocks","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pendingOwner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"},{"internalType":"bytes4","name":"","type":"bytes4"}],"name":"permissions","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bool","name":"isDataCompressed","type":"bool"},{"internalType":"bytes","name":"data","type":"bytes"},{"components":[{"components":[{"internalType":"uint16","name":"blockIdx","type":"uint16"},{"components":[{"internalType":"uint16","name":"txIdx","type":"uint16"},{"internalType":"uint16","name":"numTxs","type":"uint16"},{"internalType":"uint16","name":"receiverIdx","type":"uint16"},{"internalType":"bytes","name":"data","type":"bytes"}],"internalType":"struct LoopringIOExchangeOwner.TxCallback[]","name":"txCallbacks","type":"tuple[]"}],"internalType":"struct LoopringIOExchangeOwner.BlockCallback[]","name":"blockCallbacks","type":"tuple[]"},{"internalType":"address[]","name":"receivers","type":"address[]"}],"internalType":"struct LoopringIOExchangeOwner.CallbackConfig","name":"config","type":"tuple"}],"name":"submitBlocksWithCallbacks","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"target","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"data","type":"bytes"}],"name":"transact","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"stateMutability":"payable","type":"receive"}]

60a06040523480156200001157600080fd5b50604051620027ce380380620027ce833981016040819052620000349162000090565b600080546001600160a01b03191633179055806001600160a01b038116620000795760405162461bcd60e51b81526004016200007090620000c0565b60405180910390fd5b60601b6001600160601b03191660805250620000e6565b600060208284031215620000a2578081fd5b81516001600160a01b0381168114620000b9578182fd5b9392505050565b6020808252600c908201526b5a45524f5f4144445245535360a01b604082015260600190565b60805160601c6126bb62000113600039806103875280610a515280610ad35280610df452506126bb6000f3fe6080604052600436106100f75760003560e01c8063907d985b1161008a578063e30c397811610059578063e30c3978146102c4578063e789c633146102d9578063f2fde38b146102f9578063fcfff16f14610319576100fe565b8063907d985b1461024f578063cdb999f31461026f578063d4b839921461028f578063dcb2aa31146102a4576100fe565b80636d6f41cc116100c65780636d6f41cc146101d8578063715018a6146101eb578063837971e4146102005780638da5cb5b1461022d576100fe565b80631626ba7e14610140578063313861251461017657806331ad7333146101a35780634e71e0c8146101c3576100fe565b366100fe57005b61013e6000368080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061032e92505050565b005b34801561014c57600080fd5b5061016061015b366004611f71565b610425565b60405161016d9190612104565b60405180910390f35b34801561018257600080fd5b50610196610191366004611e15565b610490565b60405161016d91906120db565b3480156101af57600080fd5b5061013e6101be366004611e49565b610511565b3480156101cf57600080fd5b5061013e6106b2565b61013e6101e6366004611fb6565b61032e565b3480156101f757600080fd5b5061013e610799565b34801561020c57600080fd5b5061022061021b366004611ddd565b610859565b60405161016d91906124b4565b34801561023957600080fd5b506102426109e7565b60405161016d9190612063565b34801561025b57600080fd5b5061019661026a366004611ddd565b610a03565b34801561027b57600080fd5b5061019661028a366004611e15565b610a2f565b34801561029b57600080fd5b50610242610a4f565b3480156102b057600080fd5b5061013e6102bf366004611ec9565b610a73565b3480156102d057600080fd5b50610242610e26565b3480156102e557600080fd5b5061013e6102f4366004611e91565b610e42565b34801561030557600080fd5b5061013e610314366004611dc1565b610efa565b34801561032557600080fd5b50610196611008565b610339816000611011565b6103433382610490565b610382576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061228e565b60405180910390fd5b6000807f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff1634856040516103cb9190612047565b60006040518083038185875af1925050503d8060008114610408576040519150601f19603f3d011682016040523d82523d6000602084013e61040d565b606091505b50915091508161041f57805160208201fd5b50505050565b600061045a610434848461102d565b7f1626ba7e00000000000000000000000000000000000000000000000000000000610490565b610465576000610487565b7f1626ba7e000000000000000000000000000000000000000000000000000000005b90505b92915050565b6000805473ffffffffffffffffffffffffffffffffffffffff8481169116148061048757505073ffffffffffffffffffffffffffffffffffffffff9190911660009081526002602090815260408083207fffffffff000000000000000000000000000000000000000000000000000000009094168352929052205460ff1690565b60005473ffffffffffffffffffffffffffffffffffffffff163314610562576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff831660009081526002602090815260408083207fffffffff000000000000000000000000000000000000000000000000000000008616845290915290205460ff16151581151514156105f5576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612446565b73ffffffffffffffffffffffffffffffffffffffff831660008181526002602090815260408083207fffffffff00000000000000000000000000000000000000000000000000000000871680855292529182902080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001685151517905590519091907fa159e1c330823fd09e2338c9ca6e89b1423fee32c0d427a0764ed2d28d163bf8906106a59085906120db565b60405180910390a3505050565b60015473ffffffffffffffffffffffffffffffffffffffff163314610703576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b6001546000805460405173ffffffffffffffffffffffffffffffffffffffff93841693909116917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e091a360018054600080547fffffffffffffffffffffffff000000000000000000000000000000000000000090811673ffffffffffffffffffffffffffffffffffffffff841617909155169055565b60005473ffffffffffffffffffffffffffffffffffffffff1633146107ea576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b6000805460405173ffffffffffffffffffffffffffffffffffffffff909116907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0908390a3600080547fffffffffffffffffffffffff0000000000000000000000000000000000000000169055565b60006108653383610a03565b61089b576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff82166108e15750476108db815a73ffffffffffffffffffffffffffffffffffffffff86169190611105565b506109a6565b6040517f70a0823100000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff8316906370a0823190610933903090600401612063565b60206040518083038186803b15801561094b57600080fd5b505afa15801561095f573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610983919061202f565b90506109a673ffffffffffffffffffffffffffffffffffffffff83168483611168565b7fbfd2431e6c719bec0308db4f4ed0afc39712d368867354c711a1ea1e384fa7818383836040516109d993929190612084565b60405180910390a192915050565b60005473ffffffffffffffffffffffffffffffffffffffff1681565b6000610487837f837971e400000000000000000000000000000000000000000000000000000000610490565b600260209081526000928352604080842090915290825290205460ff1681565b7f000000000000000000000000000000000000000000000000000000000000000081565b6000610a7f8280612529565b90501115610c7f576000610a9660208301836124bd565b905011610acf576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122fc565b60007f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff166391cae3726040518163ffffffff1660e01b815260040160206040518083038186803b158015610b3757600080fd5b505afa158015610b4b573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610b6f9190611ff1565b905060005b610b8160208401846124bd565b9050811015610c7c5773ffffffffffffffffffffffffffffffffffffffff821663d143067c610bb360208601866124bd565b84818110610bbd57fe5b9050602002016020810190610bd29190611dc1565b6040518263ffffffff1660e01b8152600401610bee9190612063565b60206040518083038186803b158015610c0657600080fd5b505afa158015610c1a573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610c3e9190611ead565b610c74576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906123a1565b600101610b74565b50505b610ca9337f5322843000000000000000000000000000000000000000000000000000000000610490565b80610cb6575060035460ff165b610cec576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061228e565b600084610d2f5783838080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250610d3b92505050565b610d3b84846001611179565b90507f5322843000000000000000000000000000000000000000000000000000000000610d69826000611011565b7fffffffff000000000000000000000000000000000000000000000000000000001614610dc2576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061247d565b6000610dcd8261121a565b9050610dd98184611331565b610e1d5a73ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000000000000000000000000000000000000000000169060008561163e565b50505050505050565b60015473ffffffffffffffffffffffffffffffffffffffff1681565b60005473ffffffffffffffffffffffffffffffffffffffff163314610e93576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b600380547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00168215151790556040517f1911b12b69c8435466b5ab352e89357466a5a21c5ed8fa74b0ebe4d590d0a97f90610eef9083906120db565b60405180910390a150565b60005473ffffffffffffffffffffffffffffffffffffffff163314610f4b576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff811615801590610f8b575060005473ffffffffffffffffffffffffffffffffffffffff828116911614155b610fc1576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906121b2565b600180547fffffffffffffffffffffffff00000000000000000000000000000000000000001673ffffffffffffffffffffffffffffffffffffffff92909216919091179055565b60035460ff1681565b6000816004018351101561102457600080fd5b50016020015190565b600081516041146110405750600061048a565b60208201516040830151604184015160ff167f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0821115611086576000935050505061048a565b8060ff16601b148061109b57508060ff16601c145b156110f957600186828585604051600081526020016040526040516110c394939291906120e6565b6020604051602081039080840390855afa1580156110e5573d6000803e3d6000fd5b50505060206040510351935050505061048a565b6000935050505061048a565b600061112873ffffffffffffffffffffffffffffffffffffffff85168484611668565b905080611161576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122c5565b9392505050565b6111748383835a61170f565b505050565b606080600083602002600401905060405191506020820181356004016004810180823501915060008060005b848410156111df5763ffffffff84351692508260101c915061ffff83169050818460200187378160040184019350808201860195506111a5565b50505050508281037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe001835260200160405250949350505050565b60606000611229836024611751565b905060008167ffffffffffffffff8111801561124457600080fd5b5060405190808252806020026020018201604052801561127e57816020015b61126b611c96565b8152602001906001900390816112635790505b50905060005b8281101561132757600082828151811061129a57fe5b6020026020010151905060006112bf836020026044018861175190919063ffffffff16565b6044810191506064016112d28882611751565b61ffff16602084015260400160006112ea8983611751565b61014090920191905060006112ff8a84611751565b60209285018b01830160608701529390930189010160c0909301929092525050600101611284565b509150505b919050565b6000825167ffffffffffffffff8111801561134b57600080fd5b5060405190808252806020026020018201604052801561137f57816020015b606081526020019060019003908161136a5790505b50905060005b835181101561140a5783818151811061139a57fe5b60200260200101516020015161ffff1667ffffffffffffffff811180156113c057600080fd5b506040519080825280602002602001820160405280156113ea578160200160208202803683370190505b508282815181106113f757fe5b6020908102919091010152600101611385565b507fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff60005b6114398480612529565b905081101561155f573661144d8580612529565b8381811061145757fe5b905060200281019061146991906125c0565b9050600061147a602083018361200d565b9050838161ffff16136114b9576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061236a565b865161ffff8216945084106114fa576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061240f565b6000878261ffff168151811061150c57fe5b602002602001015190506115548184806020019061152a9190612529565b61153760208c018c6124bd565b8b8861ffff168151811061154757fe5b6020026020010151611764565b50505060010161142f565b5060005b845181101561163757600083828151811061157a57fe5b602002602001015190506060600087848151811061159457fe5b602002602001015160c00151905060408101915060005b825181101561162757602080820284018101518401908101516040909101518551811515908790849081106115dc57fe5b602002602001015115151461161d576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612333565b50506001016115ab565b5050600190920191506115639050565b5050505050565b6060600061164e86868686611a5d565b925090508061165f57815160208301fd5b50949350505050565b60008261167757506001611161565b60006116988573ffffffffffffffffffffffffffffffffffffffff16611aaf565b90508073ffffffffffffffffffffffffffffffffffffffff168484906040516116c090611aaf565b600060405180830381858888f193505050503d80600081146116fe576040519150601f19603f3d011682016040523d82523d6000602084013e611703565b606091505b50909695505050505050565b61171b84848484611ab2565b61041f576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122c5565b6000816020018351101561102457600080fd5b8361176e57611a55565b60008060448787600081811061178057fe5b905060200281019061179291906125f3565b6117a390604081019060200161200d565b61ffff160267ffffffffffffffff811180156117be57600080fd5b506040519080825280601f01601f1916602001820160405280156117e9576020820181803683370190505b50905060005b86811015611a51573688888381811061180457fe5b905060200281019061181691906125f3565b90506000611827602083018361200d565b61ffff16905084811015611867576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906121e9565b86611878606084016040850161200d565b61ffff16106118b3576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906123d8565b60006118c5604084016020850161200d565b61ffff1660440290508085511461191c578067ffffffffffffffff811180156118ed57600080fd5b506040519080825280601f01601f191660200182016040528015611918576020820181803683370190505b5094505b61193982611930604086016020870161200d565b8e919088611bb2565b888861194b606086016040870161200d565b61ffff1681811061195857fe5b905060200201602081019061196d9190611dc1565b73ffffffffffffffffffffffffffffffffffffffff16638ced702686611996606087018761255d565b6040518463ffffffff1660e01b81526004016119b493929190612131565b600060405180830381600087803b1580156119ce57600080fd5b505af11580156119e2573d6000803e3d6000fd5b5084925050505b6119f9604085016020860161200d565b61ffff168301811015611a2c576001888281518110611a1457fe5b911515602092830291909101909101526001016119e9565b50611a3d604084016020850161200d565b61ffff1691909101945050506001016117ef565b5050505b505050505050565b6000606073ffffffffffffffffffffffffffffffffffffffff861615611aa657600080845160208601878a8af191503d6040519150808252806000602084013e81016020016040525b94509492505050565b90565b60008063a9059cbb60e01b8585604051602401611ad09291906120b5565b604051602081830303815290604052907bffffffffffffffffffffffffffffffffffffffffffffffffffffffff19166020820180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff8381831617835250505050905060008673ffffffffffffffffffffffffffffffffffffffff168483604051611b579190612047565b60006040518083038160008787f1925050503d8060008114611b95576040519150601f19603f3d011682016040523d82523d6000602084013e611b9a565b606091505b50509050611ba781611bec565b979650505050505050565b80604460005b8461ffff16811015610e1d5760208701516060880151611be0918884019061ffff1686611c27565b91810191600101611bb8565b60008115611c23573d8015611c0c5760208114611c155760009250611c21565b60019250611c21565b60206000803e60005192505b505b5090565b818310611c60576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612257565b6082601d848102860182015160208401526027909402929093029190910190920190810151603d83015260890151604490910152565b60408051610100810182526000808252602082018190529181019190915260608082015260808101611cc6611cdf565b8152600060208201526060604082018190529081015290565b6040518061010001604052806008906020820280368337509192915050565b80357fffffffff000000000000000000000000000000000000000000000000000000008116811461132c57600080fd5b600082601f830112611d3e578081fd5b813567ffffffffffffffff80821115611d5357fe5b60405160207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f8501168201018181108382111715611d8f57fe5b604052828152848301602001861015611da6578384fd5b82602086016020830137918201602001929092529392505050565b600060208284031215611dd2578081fd5b813561116181612652565b60008060408385031215611def578081fd5b8235611dfa81612652565b91506020830135611e0a81612652565b809150509250929050565b60008060408385031215611e27578182fd5b8235611e3281612652565b9150611e4060208401611cfe565b90509250929050565b600080600060608486031215611e5d578081fd5b8335611e6881612652565b9250611e7660208501611cfe565b91506040840135611e8681612677565b809150509250925092565b600060208284031215611ea2578081fd5b813561116181612677565b600060208284031215611ebe578081fd5b815161116181612677565b60008060008060608587031215611ede578081fd5b8435611ee981612677565b9350602085013567ffffffffffffffff80821115611f05578283fd5b818701915087601f830112611f18578283fd5b813581811115611f26578384fd5b886020828501011115611f37578384fd5b602083019550809450506040870135915080821115611f54578283fd5b50850160408188031215611f66578182fd5b939692955090935050565b60008060408385031215611f83578182fd5b82359150602083013567ffffffffffffffff811115611fa0578182fd5b611fac85828601611d2e565b9150509250929050565b600060208284031215611fc7578081fd5b813567ffffffffffffffff811115611fdd578182fd5b611fe984828501611d2e565b949350505050565b600060208284031215612002578081fd5b815161116181612652565b60006020828403121561201e578081fd5b813561ffff81168114611161578182fd5b600060208284031215612040578081fd5b5051919050565b60008251612059818460208701612626565b9190910192915050565b73ffffffffffffffffffffffffffffffffffffffff91909116815260200190565b73ffffffffffffffffffffffffffffffffffffffff9384168152919092166020820152604081019190915260600190565b73ffffffffffffffffffffffffffffffffffffffff929092168252602082015260400190565b901515815260200190565b93845260ff9290921660208401526040830152606082015260800190565b7fffffffff0000000000000000000000000000000000000000000000000000000091909116815260200190565b6000604082528451806040840152612150816060850160208901612626565b7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe080601f830116840191506060848303016020850152846060830152848660808401378260808684010152608081601f87011683010192505050949350505050565b6020808252600f908201527f494e56414c49445f414444524553530000000000000000000000000000000000604082015260600190565b60208082526015908201527f54585f494e4445585f4f55545f4f465f4f524445520000000000000000000000604082015260600190565b6020808252600c908201527f554e415554484f52495a45440000000000000000000000000000000000000000604082015260600190565b6020808252600e908201527f494e56414c49445f54585f494458000000000000000000000000000000000000604082015260600190565b60208082526011908201527f5045524d495353494f4e5f44454e494544000000000000000000000000000000604082015260600190565b60208082526010908201527f5452414e534645525f4641494c55524500000000000000000000000000000000604082015260600190565b60208082526011908201527f4d495353494e475f524543454956455253000000000000000000000000000000604082015260600190565b60208082526018908201527f5052455f415050524f5645445f54585f4d49534d415443480000000000000000604082015260600190565b60208082526018908201527f424c4f434b5f494e4445585f4f55545f4f465f4f524445520000000000000000604082015260600190565b60208082526015908201527f554e415554484f52495a45445f52454345495645520000000000000000000000604082015260600190565b60208082526016908201527f494e56414c49445f52454345495645525f494e44455800000000000000000000604082015260600190565b60208082526010908201527f494e56414c49445f424c4f434b49445800000000000000000000000000000000604082015260600190565b6020808252600d908201527f494e56414c49445f56414c554500000000000000000000000000000000000000604082015260600190565b6020808252600c908201527f494e56414c49445f444154410000000000000000000000000000000000000000604082015260600190565b90815260200190565b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe18436030181126124f1578283fd5b83018035915067ffffffffffffffff82111561250b578283fd5b602090810192508102360382131561252257600080fd5b9250929050565b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe18436030181126124f1578182fd5b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe1843603018112612591578182fd5b83018035915067ffffffffffffffff8211156125ab578283fd5b60200191503681900382131561252257600080fd5b600082357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc1833603018112612059578182fd5b600082357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff81833603018112612059578182fd5b60005b83811015612641578181015183820152602001612629565b8381111561041f5750506000910152565b73ffffffffffffffffffffffffffffffffffffffff8116811461267457600080fd5b50565b801515811461267457600080fdfea2646970667358221220528f3246347ee3b9e3c65c13d4d7bd63221585b2d1e6850e477595ab8aa696d864736f6c634300070600330000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea4

Deployed Bytecode

0x6080604052600436106100f75760003560e01c8063907d985b1161008a578063e30c397811610059578063e30c3978146102c4578063e789c633146102d9578063f2fde38b146102f9578063fcfff16f14610319576100fe565b8063907d985b1461024f578063cdb999f31461026f578063d4b839921461028f578063dcb2aa31146102a4576100fe565b80636d6f41cc116100c65780636d6f41cc146101d8578063715018a6146101eb578063837971e4146102005780638da5cb5b1461022d576100fe565b80631626ba7e14610140578063313861251461017657806331ad7333146101a35780634e71e0c8146101c3576100fe565b366100fe57005b61013e6000368080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061032e92505050565b005b34801561014c57600080fd5b5061016061015b366004611f71565b610425565b60405161016d9190612104565b60405180910390f35b34801561018257600080fd5b50610196610191366004611e15565b610490565b60405161016d91906120db565b3480156101af57600080fd5b5061013e6101be366004611e49565b610511565b3480156101cf57600080fd5b5061013e6106b2565b61013e6101e6366004611fb6565b61032e565b3480156101f757600080fd5b5061013e610799565b34801561020c57600080fd5b5061022061021b366004611ddd565b610859565b60405161016d91906124b4565b34801561023957600080fd5b506102426109e7565b60405161016d9190612063565b34801561025b57600080fd5b5061019661026a366004611ddd565b610a03565b34801561027b57600080fd5b5061019661028a366004611e15565b610a2f565b34801561029b57600080fd5b50610242610a4f565b3480156102b057600080fd5b5061013e6102bf366004611ec9565b610a73565b3480156102d057600080fd5b50610242610e26565b3480156102e557600080fd5b5061013e6102f4366004611e91565b610e42565b34801561030557600080fd5b5061013e610314366004611dc1565b610efa565b34801561032557600080fd5b50610196611008565b610339816000611011565b6103433382610490565b610382576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061228e565b60405180910390fd5b6000807f0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea473ffffffffffffffffffffffffffffffffffffffff1634856040516103cb9190612047565b60006040518083038185875af1925050503d8060008114610408576040519150601f19603f3d011682016040523d82523d6000602084013e61040d565b606091505b50915091508161041f57805160208201fd5b50505050565b600061045a610434848461102d565b7f1626ba7e00000000000000000000000000000000000000000000000000000000610490565b610465576000610487565b7f1626ba7e000000000000000000000000000000000000000000000000000000005b90505b92915050565b6000805473ffffffffffffffffffffffffffffffffffffffff8481169116148061048757505073ffffffffffffffffffffffffffffffffffffffff9190911660009081526002602090815260408083207fffffffff000000000000000000000000000000000000000000000000000000009094168352929052205460ff1690565b60005473ffffffffffffffffffffffffffffffffffffffff163314610562576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff831660009081526002602090815260408083207fffffffff000000000000000000000000000000000000000000000000000000008616845290915290205460ff16151581151514156105f5576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612446565b73ffffffffffffffffffffffffffffffffffffffff831660008181526002602090815260408083207fffffffff00000000000000000000000000000000000000000000000000000000871680855292529182902080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001685151517905590519091907fa159e1c330823fd09e2338c9ca6e89b1423fee32c0d427a0764ed2d28d163bf8906106a59085906120db565b60405180910390a3505050565b60015473ffffffffffffffffffffffffffffffffffffffff163314610703576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b6001546000805460405173ffffffffffffffffffffffffffffffffffffffff93841693909116917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e091a360018054600080547fffffffffffffffffffffffff000000000000000000000000000000000000000090811673ffffffffffffffffffffffffffffffffffffffff841617909155169055565b60005473ffffffffffffffffffffffffffffffffffffffff1633146107ea576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b6000805460405173ffffffffffffffffffffffffffffffffffffffff909116907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0908390a3600080547fffffffffffffffffffffffff0000000000000000000000000000000000000000169055565b60006108653383610a03565b61089b576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff82166108e15750476108db815a73ffffffffffffffffffffffffffffffffffffffff86169190611105565b506109a6565b6040517f70a0823100000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff8316906370a0823190610933903090600401612063565b60206040518083038186803b15801561094b57600080fd5b505afa15801561095f573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610983919061202f565b90506109a673ffffffffffffffffffffffffffffffffffffffff83168483611168565b7fbfd2431e6c719bec0308db4f4ed0afc39712d368867354c711a1ea1e384fa7818383836040516109d993929190612084565b60405180910390a192915050565b60005473ffffffffffffffffffffffffffffffffffffffff1681565b6000610487837f837971e400000000000000000000000000000000000000000000000000000000610490565b600260209081526000928352604080842090915290825290205460ff1681565b7f0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea481565b6000610a7f8280612529565b90501115610c7f576000610a9660208301836124bd565b905011610acf576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122fc565b60007f0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea473ffffffffffffffffffffffffffffffffffffffff166391cae3726040518163ffffffff1660e01b815260040160206040518083038186803b158015610b3757600080fd5b505afa158015610b4b573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610b6f9190611ff1565b905060005b610b8160208401846124bd565b9050811015610c7c5773ffffffffffffffffffffffffffffffffffffffff821663d143067c610bb360208601866124bd565b84818110610bbd57fe5b9050602002016020810190610bd29190611dc1565b6040518263ffffffff1660e01b8152600401610bee9190612063565b60206040518083038186803b158015610c0657600080fd5b505afa158015610c1a573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610c3e9190611ead565b610c74576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906123a1565b600101610b74565b50505b610ca9337f5322843000000000000000000000000000000000000000000000000000000000610490565b80610cb6575060035460ff165b610cec576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061228e565b600084610d2f5783838080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250610d3b92505050565b610d3b84846001611179565b90507f5322843000000000000000000000000000000000000000000000000000000000610d69826000611011565b7fffffffff000000000000000000000000000000000000000000000000000000001614610dc2576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061247d565b6000610dcd8261121a565b9050610dd98184611331565b610e1d5a73ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea4169060008561163e565b50505050505050565b60015473ffffffffffffffffffffffffffffffffffffffff1681565b60005473ffffffffffffffffffffffffffffffffffffffff163314610e93576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b600380547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00168215151790556040517f1911b12b69c8435466b5ab352e89357466a5a21c5ed8fa74b0ebe4d590d0a97f90610eef9083906120db565b60405180910390a150565b60005473ffffffffffffffffffffffffffffffffffffffff163314610f4b576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612220565b73ffffffffffffffffffffffffffffffffffffffff811615801590610f8b575060005473ffffffffffffffffffffffffffffffffffffffff828116911614155b610fc1576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906121b2565b600180547fffffffffffffffffffffffff00000000000000000000000000000000000000001673ffffffffffffffffffffffffffffffffffffffff92909216919091179055565b60035460ff1681565b6000816004018351101561102457600080fd5b50016020015190565b600081516041146110405750600061048a565b60208201516040830151604184015160ff167f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0821115611086576000935050505061048a565b8060ff16601b148061109b57508060ff16601c145b156110f957600186828585604051600081526020016040526040516110c394939291906120e6565b6020604051602081039080840390855afa1580156110e5573d6000803e3d6000fd5b50505060206040510351935050505061048a565b6000935050505061048a565b600061112873ffffffffffffffffffffffffffffffffffffffff85168484611668565b905080611161576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122c5565b9392505050565b6111748383835a61170f565b505050565b606080600083602002600401905060405191506020820181356004016004810180823501915060008060005b848410156111df5763ffffffff84351692508260101c915061ffff83169050818460200187378160040184019350808201860195506111a5565b50505050508281037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe001835260200160405250949350505050565b60606000611229836024611751565b905060008167ffffffffffffffff8111801561124457600080fd5b5060405190808252806020026020018201604052801561127e57816020015b61126b611c96565b8152602001906001900390816112635790505b50905060005b8281101561132757600082828151811061129a57fe5b6020026020010151905060006112bf836020026044018861175190919063ffffffff16565b6044810191506064016112d28882611751565b61ffff16602084015260400160006112ea8983611751565b61014090920191905060006112ff8a84611751565b60209285018b01830160608701529390930189010160c0909301929092525050600101611284565b509150505b919050565b6000825167ffffffffffffffff8111801561134b57600080fd5b5060405190808252806020026020018201604052801561137f57816020015b606081526020019060019003908161136a5790505b50905060005b835181101561140a5783818151811061139a57fe5b60200260200101516020015161ffff1667ffffffffffffffff811180156113c057600080fd5b506040519080825280602002602001820160405280156113ea578160200160208202803683370190505b508282815181106113f757fe5b6020908102919091010152600101611385565b507fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff60005b6114398480612529565b905081101561155f573661144d8580612529565b8381811061145757fe5b905060200281019061146991906125c0565b9050600061147a602083018361200d565b9050838161ffff16136114b9576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061236a565b865161ffff8216945084106114fa576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103799061240f565b6000878261ffff168151811061150c57fe5b602002602001015190506115548184806020019061152a9190612529565b61153760208c018c6124bd565b8b8861ffff168151811061154757fe5b6020026020010151611764565b50505060010161142f565b5060005b845181101561163757600083828151811061157a57fe5b602002602001015190506060600087848151811061159457fe5b602002602001015160c00151905060408101915060005b825181101561162757602080820284018101518401908101516040909101518551811515908790849081106115dc57fe5b602002602001015115151461161d576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612333565b50506001016115ab565b5050600190920191506115639050565b5050505050565b6060600061164e86868686611a5d565b925090508061165f57815160208301fd5b50949350505050565b60008261167757506001611161565b60006116988573ffffffffffffffffffffffffffffffffffffffff16611aaf565b90508073ffffffffffffffffffffffffffffffffffffffff168484906040516116c090611aaf565b600060405180830381858888f193505050503d80600081146116fe576040519150601f19603f3d011682016040523d82523d6000602084013e611703565b606091505b50909695505050505050565b61171b84848484611ab2565b61041f576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906122c5565b6000816020018351101561102457600080fd5b8361176e57611a55565b60008060448787600081811061178057fe5b905060200281019061179291906125f3565b6117a390604081019060200161200d565b61ffff160267ffffffffffffffff811180156117be57600080fd5b506040519080825280601f01601f1916602001820160405280156117e9576020820181803683370190505b50905060005b86811015611a51573688888381811061180457fe5b905060200281019061181691906125f3565b90506000611827602083018361200d565b61ffff16905084811015611867576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906121e9565b86611878606084016040850161200d565b61ffff16106118b3576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610379906123d8565b60006118c5604084016020850161200d565b61ffff1660440290508085511461191c578067ffffffffffffffff811180156118ed57600080fd5b506040519080825280601f01601f191660200182016040528015611918576020820181803683370190505b5094505b61193982611930604086016020870161200d565b8e919088611bb2565b888861194b606086016040870161200d565b61ffff1681811061195857fe5b905060200201602081019061196d9190611dc1565b73ffffffffffffffffffffffffffffffffffffffff16638ced702686611996606087018761255d565b6040518463ffffffff1660e01b81526004016119b493929190612131565b600060405180830381600087803b1580156119ce57600080fd5b505af11580156119e2573d6000803e3d6000fd5b5084925050505b6119f9604085016020860161200d565b61ffff168301811015611a2c576001888281518110611a1457fe5b911515602092830291909101909101526001016119e9565b50611a3d604084016020850161200d565b61ffff1691909101945050506001016117ef565b5050505b505050505050565b6000606073ffffffffffffffffffffffffffffffffffffffff861615611aa657600080845160208601878a8af191503d6040519150808252806000602084013e81016020016040525b94509492505050565b90565b60008063a9059cbb60e01b8585604051602401611ad09291906120b5565b604051602081830303815290604052907bffffffffffffffffffffffffffffffffffffffffffffffffffffffff19166020820180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff8381831617835250505050905060008673ffffffffffffffffffffffffffffffffffffffff168483604051611b579190612047565b60006040518083038160008787f1925050503d8060008114611b95576040519150601f19603f3d011682016040523d82523d6000602084013e611b9a565b606091505b50509050611ba781611bec565b979650505050505050565b80604460005b8461ffff16811015610e1d5760208701516060880151611be0918884019061ffff1686611c27565b91810191600101611bb8565b60008115611c23573d8015611c0c5760208114611c155760009250611c21565b60019250611c21565b60206000803e60005192505b505b5090565b818310611c60576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161037990612257565b6082601d848102860182015160208401526027909402929093029190910190920190810151603d83015260890151604490910152565b60408051610100810182526000808252602082018190529181019190915260608082015260808101611cc6611cdf565b8152600060208201526060604082018190529081015290565b6040518061010001604052806008906020820280368337509192915050565b80357fffffffff000000000000000000000000000000000000000000000000000000008116811461132c57600080fd5b600082601f830112611d3e578081fd5b813567ffffffffffffffff80821115611d5357fe5b60405160207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f8501168201018181108382111715611d8f57fe5b604052828152848301602001861015611da6578384fd5b82602086016020830137918201602001929092529392505050565b600060208284031215611dd2578081fd5b813561116181612652565b60008060408385031215611def578081fd5b8235611dfa81612652565b91506020830135611e0a81612652565b809150509250929050565b60008060408385031215611e27578182fd5b8235611e3281612652565b9150611e4060208401611cfe565b90509250929050565b600080600060608486031215611e5d578081fd5b8335611e6881612652565b9250611e7660208501611cfe565b91506040840135611e8681612677565b809150509250925092565b600060208284031215611ea2578081fd5b813561116181612677565b600060208284031215611ebe578081fd5b815161116181612677565b60008060008060608587031215611ede578081fd5b8435611ee981612677565b9350602085013567ffffffffffffffff80821115611f05578283fd5b818701915087601f830112611f18578283fd5b813581811115611f26578384fd5b886020828501011115611f37578384fd5b602083019550809450506040870135915080821115611f54578283fd5b50850160408188031215611f66578182fd5b939692955090935050565b60008060408385031215611f83578182fd5b82359150602083013567ffffffffffffffff811115611fa0578182fd5b611fac85828601611d2e565b9150509250929050565b600060208284031215611fc7578081fd5b813567ffffffffffffffff811115611fdd578182fd5b611fe984828501611d2e565b949350505050565b600060208284031215612002578081fd5b815161116181612652565b60006020828403121561201e578081fd5b813561ffff81168114611161578182fd5b600060208284031215612040578081fd5b5051919050565b60008251612059818460208701612626565b9190910192915050565b73ffffffffffffffffffffffffffffffffffffffff91909116815260200190565b73ffffffffffffffffffffffffffffffffffffffff9384168152919092166020820152604081019190915260600190565b73ffffffffffffffffffffffffffffffffffffffff929092168252602082015260400190565b901515815260200190565b93845260ff9290921660208401526040830152606082015260800190565b7fffffffff0000000000000000000000000000000000000000000000000000000091909116815260200190565b6000604082528451806040840152612150816060850160208901612626565b7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe080601f830116840191506060848303016020850152846060830152848660808401378260808684010152608081601f87011683010192505050949350505050565b6020808252600f908201527f494e56414c49445f414444524553530000000000000000000000000000000000604082015260600190565b60208082526015908201527f54585f494e4445585f4f55545f4f465f4f524445520000000000000000000000604082015260600190565b6020808252600c908201527f554e415554484f52495a45440000000000000000000000000000000000000000604082015260600190565b6020808252600e908201527f494e56414c49445f54585f494458000000000000000000000000000000000000604082015260600190565b60208082526011908201527f5045524d495353494f4e5f44454e494544000000000000000000000000000000604082015260600190565b60208082526010908201527f5452414e534645525f4641494c55524500000000000000000000000000000000604082015260600190565b60208082526011908201527f4d495353494e475f524543454956455253000000000000000000000000000000604082015260600190565b60208082526018908201527f5052455f415050524f5645445f54585f4d49534d415443480000000000000000604082015260600190565b60208082526018908201527f424c4f434b5f494e4445585f4f55545f4f465f4f524445520000000000000000604082015260600190565b60208082526015908201527f554e415554484f52495a45445f52454345495645520000000000000000000000604082015260600190565b60208082526016908201527f494e56414c49445f52454345495645525f494e44455800000000000000000000604082015260600190565b60208082526010908201527f494e56414c49445f424c4f434b49445800000000000000000000000000000000604082015260600190565b6020808252600d908201527f494e56414c49445f56414c554500000000000000000000000000000000000000604082015260600190565b6020808252600c908201527f494e56414c49445f444154410000000000000000000000000000000000000000604082015260600190565b90815260200190565b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe18436030181126124f1578283fd5b83018035915067ffffffffffffffff82111561250b578283fd5b602090810192508102360382131561252257600080fd5b9250929050565b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe18436030181126124f1578182fd5b60008083357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe1843603018112612591578182fd5b83018035915067ffffffffffffffff8211156125ab578283fd5b60200191503681900382131561252257600080fd5b600082357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc1833603018112612059578182fd5b600082357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff81833603018112612059578182fd5b60005b83811015612641578181015183820152602001612629565b8381111561041f5750506000910152565b73ffffffffffffffffffffffffffffffffffffffff8116811461267457600080fd5b50565b801515811461267457600080fdfea2646970667358221220528f3246347ee3b9e3c65c13d4d7bd63221585b2d1e6850e477595ab8aa696d864736f6c63430007060033

Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)

0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea4

-----Decoded View---------------
Arg [0] : _exchange (address): 0x0BABA1Ad5bE3a5C0a66E7ac838a129Bf948f1eA4

-----Encoded View---------------
1 Constructor Arguments found :
Arg [0] : 0000000000000000000000000baba1ad5be3a5c0a66e7ac838a129bf948f1ea4


Deployed Bytecode Sourcemap

186947:9315:0:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;182808:18;182817:8;;182808:18;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;182808:8:0;;-1:-1:-1;;;182808:18:0:i;:::-;186947:9315;188139:417;;;;;;;;;;-1:-1:-1;188139:417:0;;;;;:::i;:::-;;:::i;:::-;;;;;;;:::i;:::-;;;;;;;;183184:181;;;;;;;;;;-1:-1:-1;183184:181:0;;;;;:::i;:::-;;:::i;:::-;;;;;;;:::i;182363:338::-;;;;;;;;;;-1:-1:-1;182363:338:0;;;;;:::i;:::-;;:::i;18791:205::-;;;;;;;;;;;;;:::i;182842:334::-;;;;;;:::i;:::-;;:::i;17572:161::-;;;;;;;;;;;;;:::i;180789:543::-;;;;;;;;;;-1:-1:-1;180789:543:0;;;;;:::i;:::-;;:::i;:::-;;;;;;;:::i;16632:20::-;;;;;;;;;;;;;:::i;:::-;;;;;;;:::i;188564:200::-;;;;;;;;;;-1:-1:-1;188564:200:0;;;;;:::i;:::-;;:::i;182014:62::-;;;;;;;;;;-1:-1:-1;182014:62:0;;;;;:::i;:::-;;:::i;181976:31::-;;;;;;;;;;;;;:::i;188772:1338::-;;;;;;;;;;-1:-1:-1;188772:1338:0;;;;;:::i;:::-;;:::i;18091:27::-;;;;;;;;;;;;;:::i;187965:166::-;;;;;;;;;;-1:-1:-1;187965:166:0;;;;;:::i;:::-;;:::i;18464:247::-;;;;;;;;;;-1:-1:-1;18464:247:0;;;;;:::i;:::-;;:::i;187397:22::-;;;;;;;;;;;;;:::i;182842:334::-;182932:16;:4;182946:1;182932:13;:16::i;:::-;182146:33;182158:10;182170:8;182146:11;:33::i;:::-;182138:63;;;;;;;;;;;;:::i;:::-;;;;;;;;;182967:12:::1;182981:23:::0;183008:6:::1;:25;;183041:9;183052:4;183008:49;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;182966:91;;;;183075:7;183070:99;;183144:10;183138:17;183133:2;183121:10;183117:19;183110:46;183108:50;182212:1;;182842:334:::0;;:::o;188139:417::-;188311:6;188395:120;188421:38;:8;188449:9;188421:27;:38::i;:::-;188474:30;188395:11;:120::i;:::-;:153;;188546:1;188395:153;;;188518:18;188395:153;188388:160;;188139:417;;;;;:::o;183184:181::-;183284:4;183321:5;;;183313:13;;;183321:5;;183313:13;;:44;;-1:-1:-1;;183330:17:0;;;;;;;;;:11;:17;;;;;;;;:27;;;;;;;;;;;;;;183184:181::o;182363:338::-;17078:5;;;;17064:10;:19;17056:44;;;;;;;;;;;;:::i;:::-;182532:17:::1;::::0;::::1;;::::0;;;:11:::1;:17;::::0;;;;;;;:27;;::::1;::::0;;;;;;;;::::1;;:38;;::::0;::::1;;;;182524:64;;;;;;;;;;;;:::i;:::-;182599:17;::::0;::::1;;::::0;;;:11:::1;:17;::::0;;;;;;;:27;;::::1;::::0;;;;;;;;;:37;;;::::1;::::0;::::1;;;::::0;;182652:41;;182599:27;;:17;182652:41:::1;::::0;::::1;::::0;182599:37;;182652:41:::1;:::i;:::-;;;;;;;;182363:338:::0;;;:::o;18791:205::-;18272:12;;;;18258:10;:26;18250:51;;;;;;;;;;;;:::i;:::-;18908:12:::1;::::0;::::1;18901:5:::0;;18880:41:::1;::::0;18908:12:::1;::::0;;::::1;::::0;18901:5;;::::1;::::0;18880:41:::1;::::0;::::1;18940:12;::::0;;::::1;18932:20:::0;;;;;::::1;18940:12;::::0;::::1;18932:20;::::0;;;18963:25:::1;::::0;;18791:205::o;17572:161::-;17078:5;;;;17064:10;:19;17056:44;;;;;;;;;;;;:::i;:::-;17693:1:::1;17678:5:::0;;17657:39:::1;::::0;::::1;17678:5:::0;;::::1;::::0;17657:39:::1;::::0;17693:1;;17657:39:::1;17723:1;17707:18:::0;;;::::1;::::0;;17572:161::o;180789:543::-;180894:11;180931:27;180940:10;180952:5;180931:8;:27::i;:::-;180923:52;;;;;;;;;;;;:::i;:::-;180992:19;;;180988:293;;-1:-1:-1;181037:21:0;181073:38;181037:21;181101:9;181073:19;;;;:38;:19;:38::i;:::-;;180988:293;;;181162:37;;;;;:22;;;;;;:37;;181193:4;;181162:37;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;181153:46;-1:-1:-1;181214:39:0;:27;;;181242:2;181153:46;181214:27;:39::i;:::-;181298:26;181306:2;181310:5;181317:6;181298:26;;;;;;;;:::i;:::-;;;;;;;;180789:543;;;;:::o;16632:20::-;;;;;;:::o;188564:200::-;188686:4;188715:41;188727:7;188736:19;188715:11;:41::i;182014:62::-;;;;;;;;;;;;;;;;;;;;;;;;;;:::o;181976:31::-;;;:::o;188772:1338::-;189021:1;188990:21;:6;;:21;:::i;:::-;:28;;:32;188986:470;;;189073:1;189047:16;;;;:6;:16;:::i;:::-;:23;;:27;189039:57;;;;;;;;;;;;:::i;:::-;189190:28;189233:6;189221:36;;;:38;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;189190:69;;189279:6;189274:171;189295:16;;;;:6;:16;:::i;:::-;:23;;189291:1;:27;189274:171;;;189352:30;;;;189383:16;;;;:6;:16;:::i;:::-;189400:1;189383:19;;;;;;;;;;;;;;;;;;;;:::i;:::-;189352:51;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;189344:85;;;;;;;;;;;;:::i;:::-;189320:3;;189274:171;;;;188986:470;;189490:46;189502:10;187357:33;189490:11;:46::i;:::-;:54;;;-1:-1:-1;189540:4:0;;;;189490:54;189468:121;;;;;;;;;;;;:::i;:::-;189600:25;189628:16;:87;;189711:4;;189628:87;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;189628:87:0;;-1:-1:-1;;;189628:87:0;;189660:36;189688:4;;189694:1;189660:27;:36::i;:::-;189600:115;-1:-1:-1;187357:33:0;189750:24;189600:115;189772:1;189750:21;:24::i;:::-;:49;;;189728:111;;;;;;;;;;;;:::i;:::-;189882:34;189919:27;189933:12;189919:13;:27::i;:::-;189882:64;;189999:38;190022:6;190030;189999:22;:38::i;:::-;190050:52;190075:9;190050:24;:6;:24;;190086:1;190089:12;190050:24;:52::i;:::-;;188772:1338;;;;;;:::o;18091:27::-;;;;;;:::o;187965:166::-;17078:5;;;;17064:10;:19;17056:44;;;;;;;;;;;;:::i;:::-;188064:4:::1;:12:::0;;;::::1;::::0;::::1;;;::::0;;188092:31:::1;::::0;::::1;::::0;::::1;::::0;188064:12;;188092:31:::1;:::i;:::-;;;;;;;;187965:166:::0;:::o;18464:247::-;17078:5;;;;17064:10;:19;17056:44;;;;;;;;;;;;:::i;:::-;18606:22:::1;::::0;::::1;::::0;;::::1;::::0;:43:::1;;-1:-1:-1::0;18644:5:0::1;::::0;::::1;18632:17:::0;;::::1;18644:5:::0;::::1;18632:17;;18606:43;18598:71;;;;;;;;;;;;:::i;:::-;18680:12;:23:::0;;;::::1;;::::0;;;::::1;::::0;;;::::1;::::0;;18464:247::o;187397:22::-;;;;;;:::o;10430:297::-;10506:6;10551;10560:1;10551:10;10533:6;:13;:29;;10525:38;;;;;;-1:-1:-1;10648:30:0;10664:4;10648:30;10642:37;;10430:297::o;50593:1116::-;50747:7;50776:9;:16;50796:2;50776:22;50772:72;;-1:-1:-1;50830:1:0;50815:17;;50772:72;51181:4;51166:20;;51160:27;51227:4;51212:20;;51206:27;51277:4;51262:20;;51256:27;51285:4;51252:38;51444:66;51431:79;;51427:129;;;51542:1;51527:17;;;;;;;51427:129;51570:1;:7;;51575:2;51570:7;:18;;;;51581:1;:7;;51586:2;51581:7;51570:18;51566:136;;;51612:28;51622:8;51632:1;51635;51638;51612:28;;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;51605:35;;;;;;;51566:136;51688:1;51673:17;;;;;;;46727:269;46873:12;46913:28;:10;;;46924:6;46932:8;46913:10;:28::i;:::-;46903:38;;46960:7;46952:36;;;;;;;;;;;;:::i;:::-;46727:269;;;;;:::o;125659:278::-;125804:125;125852:5;125872:2;125889:5;125909:9;125804:33;:125::i;:::-;125659:278;;;:::o;601:1263::-;745:12;775:25;811:14;837:12;832:2;:17;828:1;:21;811:38;;906:4;900:11;884:27;;954:2;940:12;936:21;1005:9;992:23;989:1;985:31;1053:1;1045:6;1041:14;1113:3;1104:6;1091:20;1087:30;1069:48;;1145:1;1180;1215;1232:394;1247:10;1242:3;1239:19;1232:394;;;1314:10;1308:3;1295:17;1291:34;1281:44;;1367:6;1363:2;1359:15;1343:31;;1420:6;1412;1408:19;1392:35;;1477:12;1471:3;1467:2;1463:12;1458:3;1445:45;1531:12;1528:1;1524:20;1519:3;1515:30;1508:37;;1597:12;1583;1579:31;1574:3;1570:41;1563:48;;1232:394;;;-1:-1:-1;;;;;1701:22:0;;;1697:31;;1676:53;;1725:2;1801:14;1795:4;1788:28;-1:-1:-1;1701:22:0;601:1263;-1:-1:-1;;;;601:1263:0:o;194159:2100::-;194250:27;194790:14;194807:15;:4;194819:2;194807:11;:15::i;:::-;194790:32;;194833:34;194895:9;194870:35;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;194833:72;;194921:6;194916:1312;194937:9;194933:1;:13;194916:1312;;;194968:32;195003:6;195010:1;195003:9;;;;;;;;;;;;;;194968:44;;195087:16;195111:22;195128:1;195130:2;195128:4;195123:2;:9;195111:4;:11;;:22;;;;:::i;:::-;195106:2;:27;;;-1:-1:-1;195252:12:0;;195305:19;:4;195252:12;195305:11;:19::i;:::-;195279:46;;:16;;;:46;195432:12;;195459:20;195482:19;:4;195432:12;195482:11;:19::i;:::-;195654:12;;;;;195459:42;-1:-1:-1;195681:24:0;195708:19;:4;195654:12;195708:11;:19::i;:::-;195752:2;195867:33;;;195849:53;;;;195771:22;195931:11;;:23;196075:37;;;;196057:57;;;196180:20;;;;:36;;;;-1:-1:-1;;194948:3:0;;194916:1312;;;-1:-1:-1;196245:6:0;-1:-1:-1;;194159:2100:0;;;;:::o;190118:2433::-;190357:30;190403:6;:13;190390:27;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;190357:60;;190433:6;190428:119;190449:6;:13;190445:1;:17;190428:119;;;190515:6;190522:1;190515:9;;;;;;;;;;;;;;:19;;;190504:31;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;190504:31:0;;190484:14;190499:1;190484:17;;;;;;;;;;;;;;;;;:51;190464:3;;190428:119;;;-1:-1:-1;190611:2:0;190592:16;190624:655;190645:21;:6;;:21;:::i;:::-;:28;;190641:1;:32;190624:655;;;190695:36;190734:21;:6;;:21;:::i;:::-;190756:1;190734:24;;;;;;;;;;;;;;;;;;:::i;:::-;190695:63;-1:-1:-1;190775:15:0;190793:22;;;;190695:63;190793:22;:::i;:::-;190775:40;;190849:12;190838:8;:23;;;190830:60;;;;;;;;;;;;:::i;:::-;190969:13;;190920;;;;-1:-1:-1;190958:24:0;;190950:53;;;;;;;;;;;;:::i;:::-;191018:32;191053:6;191060:8;191053:16;;;;;;;;;;;;;;;;191018:51;;191086:181;191124:6;191149:13;:25;;;;;;;;:::i;:::-;191193:16;;;;:6;:16;:::i;:::-;191228:14;191243:8;191228:24;;;;;;;;;;;;;;;;191086:19;:181::i;:::-;-1:-1:-1;;;190675:3:0;;190624:655;;;;191386:6;191381:1163;191402:6;:13;191398:1;:17;191381:1163;;;191437:29;191469:14;191484:1;191469:17;;;;;;;;;;;;;;191437:49;;191501;191565:25;191593:6;191600:1;191593:9;;;;;;;;;;;;;;:23;;;191565:51;;191694:2;191680:12;191676:21;191659:38;;191732:6;191728:805;191748:13;:20;191744:1;:24;191728:805;;;192081:2;192077:10;;;192050:39;;;;192044:46;192215:38;;;;;192209:45;192302:2;192294:38;;;192288:45;192454:22;;:34;;;;:15;;192209:45;;192454:22;;;;;;;;;;;;:34;;;192446:71;;;;;;;;;;;;:::i;:::-;-1:-1:-1;;191770:3:0;;191728:805;;;-1:-1:-1;;191417:3:0;;;;;-1:-1:-1;191381:1163:0;;-1:-1:-1;191381:1163:0;;;190118:2433;;;;:::o;47962:446::-;48138:23;48179:12;48226:35;48235:2;48239:8;48249:5;48256:4;48226:8;:35::i;:::-;48202:59;-1:-1:-1;48202:59:0;-1:-1:-1;48202:59:0;48272:129;;48363:10;48357:17;48352:2;48340:10;48336:19;48329:46;48310:80;47962:446;;;;;;;:::o;46177:395::-;46314:12;46348:11;46344:55;;-1:-1:-1;46383:4:0;46376:11;;46344:55;46409:25;46437:14;:2;:12;;;:14::i;:::-;46409:42;;46516:9;:14;;46538:6;46551:8;46516:48;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;46502:62:0;;46177:395;-1:-1:-1;;;;;;46177:395:0:o;126244:310::-;126450:52;126475:5;126482:2;126486:5;126493:8;126450:24;:52::i;:::-;126428:118;;;;;;;;;;;;:::i;10130:292::-;10204:7;10250:6;10259:2;10250:11;10232:6;:13;:30;;10224:39;;;;;192559:1592;192830:23;192826:62;;192870:7;;192826:62;192900:11;193002:20;36403:2;193035:11;;193047:1;193035:14;;;;;;;;;;;;;;;;;;:::i;:::-;:21;;;;;;;;;:::i;:::-;:62;;;193025:73;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;193025:73:0;;193002:96;;193114:6;193109:1035;193126:22;;;193109:1035;;;193170:30;193203:11;;193215:1;193203:14;;;;;;;;;;;;;;;;;;:::i;:::-;193170:47;-1:-1:-1;193234:10:0;193252:16;;;;193170:47;193252:16;:::i;:::-;193247:22;;193234:35;;193301:6;193292:5;:15;;193284:49;;;;;;;;;;;;:::i;:::-;193383:9;193358:22;;;;;;;;:::i;:::-;:41;;;193350:76;;;;;;;;;;;;:::i;:::-;193443:18;193503:17;;;;;;;;:::i;:::-;193464:56;;36403:2;193464:56;193443:77;;193557:13;193539:7;:14;:31;193535:106;;193611:13;193601:24;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;193601:24:0;;193591:34;;193535:106;193655:49;193670:5;193677:17;;;;;;;;:::i;:::-;193655:6;;:49;193696:7;193655:14;:49::i;:::-;193734:9;;193744:22;;;;;;;;:::i;:::-;193734:33;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;193719:71;;;193809:7;193835:15;;;;:10;:15;:::i;:::-;193719:146;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;193980:5:0;;-1:-1:-1;;;193966:116:0;193999:17;;;;;;;;:::i;:::-;193991:25;;:5;:25;193987:1;:29;193966:116;;;194062:4;194042:14;194057:1;194042:17;;;;;;;;:24;;;:17;;;;;;;;;;;:24;194018:3;;193966:116;;;-1:-1:-1;194115:17:0;;;;;;;;:::i;:::-;194107:25;;;;;;;-1:-1:-1;;;193150:3:0;;193109:1035;;;;192559:1592;;;;;;;;;:::o;47124:765::-;47291:12;47305:23;47350:16;;;;47346:536;;47511:1;47508;47501:4;47495:11;47490:2;47484:4;47480:13;47473:5;47469:2;47459:8;47454:59;47443:70;;47584:16;47638:4;47632:11;47618:25;;47680:4;47668:10;47661:24;47742:4;47739:1;47734:2;47722:10;47718:19;47703:44;47825:30;;47845:2;47825:30;47819:4;47812:44;47392:479;47124:765;;;;;;;:::o;45862:164::-;46013:4;45862:164::o;126562:800::-;126739:4;127119:21;127187:10;127180:18;;127213:2;127230:5;127143:103;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;127119:127;;127258:12;127276:5;:10;;127292:8;127302;127276:35;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;127257:54;;;127329:25;127346:7;127329:16;:25::i;:::-;127322:32;126562:800;-1:-1:-1;;;;;;;126562:800:0:o;155018:629::-;155297:7;36403:2;155275:19;155397:243;155418:15;155414:19;;:1;:19;155397:243;;;155498:16;;;;155455:11;;;;:68;;155487:9;;;;155455:68;;155516:6;155455:31;:68::i;:::-;155576:38;;;;155435:3;;155397:243;;129350:1127;129460:4;129783:7;129779:666;;;129842:16;129997:61;;;;130175:2;130170:115;;;;130399:1;130388:12;;129835:584;;129997:61;130038:1;130027:12;;129997:61;;130170:115;130222:2;130219:1;130216;130201:24;130264:1;130258:8;130247:19;;129835:584;;129816:618;-1:-1:-1;130462:7:0;129350:1127::o;41560:1027::-;41768:9;41760:5;:17;41752:44;;;;;;;;;;;;:::i;:::-;42125:21;36468:2;41997:53;;;42115:32;;;;42109:39;42143:2;42092:15;;42085:64;36533:2;42315:53;;;42242:57;;;;42204:164;;;;42445:32;;;;;;42439:39;42422:2;42410:27;;42403:76;42545:21;42535:32;42529:39;42512:2;42500:27;;;42493:76;42388:192::o;-1:-1:-1:-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;:::o;:::-;;;;;;;;;;;;;;;;;;;;;;;;:::o;14:221:1:-;83:20;;143:66;132:78;;122:89;;112:2;;225:1;222;215:12;240:753;;337:3;330:4;322:6;318:17;314:27;304:2;;359:5;352;345:20;304:2;399:6;386:20;425:18;462:2;458;455:10;452:2;;;468:9;452:2;508;502:9;643:4;573:66;566:4;562:2;558:13;554:86;546:6;542:99;538:110;698:6;686:10;683:22;678:2;666:10;663:18;660:46;657:2;;;709:9;657:2;736;729:22;760:18;;;797:15;;;814:4;793:26;790:35;-1:-1:-1;787:2:1;;;842:5;835;828:20;787:2;910;903:4;895:6;891:17;884:4;876:6;872:17;859:54;933:15;;;950:4;929:26;922:41;;;;937:6;294:699;-1:-1:-1;;;294:699:1:o;998:259::-;;1110:2;1098:9;1089:7;1085:23;1081:32;1078:2;;;1131:6;1123;1116:22;1078:2;1175:9;1162:23;1194:33;1221:5;1194:33;:::i;1262:402::-;;;1391:2;1379:9;1370:7;1366:23;1362:32;1359:2;;;1412:6;1404;1397:22;1359:2;1456:9;1443:23;1475:33;1502:5;1475:33;:::i;:::-;1527:5;-1:-1:-1;1584:2:1;1569:18;;1556:32;1597:35;1556:32;1597:35;:::i;:::-;1651:7;1641:17;;;1349:315;;;;;:::o;1669:333::-;;;1797:2;1785:9;1776:7;1772:23;1768:32;1765:2;;;1818:6;1810;1803:22;1765:2;1862:9;1849:23;1881:33;1908:5;1881:33;:::i;:::-;1933:5;-1:-1:-1;1957:39:1;1992:2;1977:18;;1957:39;:::i;:::-;1947:49;;1755:247;;;;;:::o;2007:470::-;;;;2149:2;2137:9;2128:7;2124:23;2120:32;2117:2;;;2170:6;2162;2155:22;2117:2;2214:9;2201:23;2233:33;2260:5;2233:33;:::i;:::-;2285:5;-1:-1:-1;2309:39:1;2344:2;2329:18;;2309:39;:::i;:::-;2299:49;;2400:2;2389:9;2385:18;2372:32;2413;2437:7;2413:32;:::i;:::-;2464:7;2454:17;;;2107:370;;;;;:::o;2482:253::-;;2591:2;2579:9;2570:7;2566:23;2562:32;2559:2;;;2612:6;2604;2597:22;2559:2;2656:9;2643:23;2675:30;2699:5;2675:30;:::i;2740:257::-;;2860:2;2848:9;2839:7;2835:23;2831:32;2828:2;;;2881:6;2873;2866:22;2828:2;2918:9;2912:16;2937:30;2961:5;2937:30;:::i;3002:1063::-;;;;;3198:2;3186:9;3177:7;3173:23;3169:32;3166:2;;;3219:6;3211;3204:22;3166:2;3263:9;3250:23;3282:30;3306:5;3282:30;:::i;:::-;3331:5;-1:-1:-1;3387:2:1;3372:18;;3359:32;3410:18;3440:14;;;3437:2;;;3472:6;3464;3457:22;3437:2;3515:6;3504:9;3500:22;3490:32;;3560:7;3553:4;3549:2;3545:13;3541:27;3531:2;;3587:6;3579;3572:22;3531:2;3632;3619:16;3658:2;3650:6;3647:14;3644:2;;;3679:6;3671;3664:22;3644:2;3729:7;3724:2;3715:6;3711:2;3707:15;3703:24;3700:37;3697:2;;;3755:6;3747;3740:22;3697:2;3791;3787;3783:11;3773:21;;3813:6;3803:16;;;3872:2;3861:9;3857:18;3844:32;3828:48;;3901:2;3891:8;3888:16;3885:2;;;3922:6;3914;3907:22;3885:2;-1:-1:-1;3950:24:1;;4008:2;3990:16;;;3986:25;3983:2;;;4029:6;4021;4014:22;3983:2;3156:909;;;;-1:-1:-1;3156:909:1;;-1:-1:-1;;3156:909:1:o;4070:410::-;;;4208:2;4196:9;4187:7;4183:23;4179:32;4176:2;;;4229:6;4221;4214:22;4176:2;4270:9;4257:23;4247:33;;4331:2;4320:9;4316:18;4303:32;4358:18;4350:6;4347:30;4344:2;;;4395:6;4387;4380:22;4344:2;4423:51;4466:7;4457:6;4446:9;4442:22;4423:51;:::i;:::-;4413:61;;;4166:314;;;;;:::o;4485:342::-;;4606:2;4594:9;4585:7;4581:23;4577:32;4574:2;;;4627:6;4619;4612:22;4574:2;4672:9;4659:23;4705:18;4697:6;4694:30;4691:2;;;4742:6;4734;4727:22;4691:2;4770:51;4813:7;4804:6;4793:9;4789:22;4770:51;:::i;:::-;4760:61;4564:263;-1:-1:-1;;;;4564:263:1:o;4832:285::-;;4977:2;4965:9;4956:7;4952:23;4948:32;4945:2;;;4998:6;4990;4983:22;4945:2;5035:9;5029:16;5054:33;5081:5;5054:33;:::i;5122:292::-;;5233:2;5221:9;5212:7;5208:23;5204:32;5201:2;;;5254:6;5246;5239:22;5201:2;5298:9;5285:23;5348:6;5341:5;5337:18;5330:5;5327:29;5317:2;;5375:6;5367;5360:22;5419:194;;5542:2;5530:9;5521:7;5517:23;5513:32;5510:2;;;5563:6;5555;5548:22;5510:2;-1:-1:-1;5591:16:1;;5500:113;-1:-1:-1;5500:113:1:o;5618:274::-;;5785:6;5779:13;5801:53;5847:6;5842:3;5835:4;5827:6;5823:17;5801:53;:::i;:::-;5870:16;;;;;5755:137;-1:-1:-1;;5755:137:1:o;6107:226::-;6283:42;6271:55;;;;6253:74;;6241:2;6226:18;;6208:125::o;6338:398::-;6550:42;6619:15;;;6601:34;;6671:15;;;;6666:2;6651:18;;6644:43;6718:2;6703:18;;6696:34;;;;6528:2;6513:18;;6495:241::o;6741:297::-;6945:42;6933:55;;;;6915:74;;7020:2;7005:18;;6998:34;6903:2;6888:18;;6870:168::o;7043:187::-;7208:14;;7201:22;7183:41;;7171:2;7156:18;;7138:92::o;7235:398::-;7462:25;;;7535:4;7523:17;;;;7518:2;7503:18;;7496:45;7572:2;7557:18;;7550:34;7615:2;7600:18;;7593:34;7449:3;7434:19;;7416:217::o;7638:248::-;7812:66;7800:79;;;;7782:98;;7770:2;7755:18;;7737:149::o;7891:773::-;;8094:2;8083:9;8076:21;8126:6;8120:13;8169:6;8164:2;8153:9;8149:18;8142:34;8185:68;8246:6;8241:2;8230:9;8226:18;8219:4;8211:6;8207:17;8185:68;:::i;:::-;8272:66;8393:2;8388;8380:6;8376:15;8372:24;8361:9;8357:40;8347:50;;8459:2;8447:9;8443:2;8439:18;8435:27;8428:4;8417:9;8413:20;8406:57;8492:6;8487:2;8483;8479:11;8472:27;8543:6;8535;8529:3;8525:2;8521:12;8508:42;8593:4;8587:3;8578:6;8574:2;8570:15;8566:25;8559:39;8654:3;8648:2;8643;8635:6;8631:15;8627:24;8623:2;8619:33;8615:43;8607:51;;;;8066:598;;;;;;:::o;8669:339::-;8871:2;8853:21;;;8910:2;8890:18;;;8883:30;8949:17;8944:2;8929:18;;8922:45;8999:2;8984:18;;8843:165::o;9013:345::-;9215:2;9197:21;;;9254:2;9234:18;;;9227:30;9293:23;9288:2;9273:18;;9266:51;9349:2;9334:18;;9187:171::o;9363:336::-;9565:2;9547:21;;;9604:2;9584:18;;;9577:30;9643:14;9638:2;9623:18;;9616:42;9690:2;9675:18;;9537:162::o;9704:338::-;9906:2;9888:21;;;9945:2;9925:18;;;9918:30;9984:16;9979:2;9964:18;;9957:44;10033:2;10018:18;;9878:164::o;10047:341::-;10249:2;10231:21;;;10288:2;10268:18;;;10261:30;10327:19;10322:2;10307:18;;10300:47;10379:2;10364:18;;10221:167::o;10393:340::-;10595:2;10577:21;;;10634:2;10614:18;;;10607:30;10673:18;10668:2;10653:18;;10646:46;10724:2;10709:18;;10567:166::o;10738:341::-;10940:2;10922:21;;;10979:2;10959:18;;;10952:30;11018:19;11013:2;10998:18;;10991:47;11070:2;11055:18;;10912:167::o;11084:348::-;11286:2;11268:21;;;11325:2;11305:18;;;11298:30;11364:26;11359:2;11344:18;;11337:54;11423:2;11408:18;;11258:174::o;11437:348::-;11639:2;11621:21;;;11678:2;11658:18;;;11651:30;11717:26;11712:2;11697:18;;11690:54;11776:2;11761:18;;11611:174::o;11790:345::-;11992:2;11974:21;;;12031:2;12011:18;;;12004:30;12070:23;12065:2;12050:18;;12043:51;12126:2;12111:18;;11964:171::o;12140:346::-;12342:2;12324:21;;;12381:2;12361:18;;;12354:30;12420:24;12415:2;12400:18;;12393:52;12477:2;12462:18;;12314:172::o;12491:340::-;12693:2;12675:21;;;12732:2;12712:18;;;12705:30;12771:18;12766:2;12751:18;;12744:46;12822:2;12807:18;;12665:166::o;12836:337::-;13038:2;13020:21;;;13077:2;13057:18;;;13050:30;13116:15;13111:2;13096:18;;13089:43;13164:2;13149:18;;13010:163::o;13178:336::-;13380:2;13362:21;;;13419:2;13399:18;;;13392:30;13458:14;13453:2;13438:18;;13431:42;13505:2;13490:18;;13352:162::o;13519:177::-;13665:25;;;13653:2;13638:18;;13620:76::o;13701:619::-;;;13860:11;13847:25;13950:66;13939:8;13923:14;13919:29;13915:102;13895:18;13891:127;13881:2;;14035:4;14029;14022:18;13881:2;14065:33;;14117:20;;;-1:-1:-1;14160:18:1;14149:30;;14146:2;;;14195:4;14189;14182:18;14146:2;14231:4;14219:17;;;;-1:-1:-1;14278:17:1;;14262:14;14258:38;14248:49;;14245:2;;;14310:1;14307;14300:12;14245:2;13811:509;;;;;:::o;14325:656::-;;;14517:11;14504:25;14607:66;14596:8;14580:14;14576:29;14572:102;14552:18;14548:127;14538:2;;14694:6;14686;14679:22;15644:596;;;15787:11;15774:25;15877:66;15866:8;15850:14;15846:29;15842:102;15822:18;15818:127;15808:2;;15964:6;15956;15949:22;15808:2;15996:33;;16048:20;;;-1:-1:-1;16091:18:1;16080:30;;16077:2;;;16126:4;16120;16113:18;16077:2;16162:4;16150:17;;-1:-1:-1;16193:14:1;16189:27;;;16179:38;;16176:2;;;16230:1;16227;16220:12;16245:395;;16402:11;16389:25;16492:66;16481:8;16465:14;16461:29;16457:102;16437:18;16433:127;16423:2;;16577:4;16571;16564:18;16645:392;;16799:11;16786:25;16889:66;16878:8;16862:14;16858:29;16854:102;16834:18;16830:127;16820:2;;16974:4;16968;16961:18;17042:258;17114:1;17124:113;17138:6;17135:1;17132:13;17124:113;;;17214:11;;;17208:18;17195:11;;;17188:39;17160:2;17153:10;17124:113;;;17255:6;17252:1;17249:13;17246:2;;;-1:-1:-1;;17290:1:1;17272:16;;17265:27;17095:205::o;17305:156::-;17393:42;17386:5;17382:54;17375:5;17372:65;17362:2;;17451:1;17448;17441:12;17362:2;17352:109;:::o;17466:120::-;17554:5;17547:13;17540:21;17533:5;17530:32;17520:2;;17576:1;17573;17566:12

Swarm Source

ipfs://528f3246347ee3b9e3c65c13d4d7bd63221585b2d1e6850e477595ab8aa696d8

Block Transaction Difficulty Gas Used Reward
View All Blocks Produced

Block Uncle Number Difficulty Gas Used Reward
View All Uncles
Loading...
Loading
Loading...
Loading

Validator Index Block Amount
View All Withdrawals

Transaction Hash Block Value Eth2 PubKey Valid
View All Deposits
Loading...
Loading
[ Download: CSV Export  ]
[ Download: CSV Export  ]

A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.