Sponsored
MoonPay
Buy, sell and swap Ethereum with MoonPay.Buy Now!
20M+ users trust MoonPay worldwide. Checkout with your preferred payment method.
MetaMask
Manage your web3 everything with MetaMask Portfolio. Try Now!
Ready to onboard to Ethereum? With MetaMask Portfolio, you're in control.
eToro
One-stop crypto shop: trusted, simple & safe.
Don’t invest unless you’re prepared to lose all the money you invest.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Stake
200% Bonus, 100K Daily Giveaways, Instant Withdrawals Play Now!
Slots, Roulette, Poker & more - Proud sponsors of UFC, Everton & StakeF1 team!
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
CryptoWins
200% More Funds to Play on Us up to 4 BTC! Claim Now!
100s of games, generous bonuses, 20+ years of trusted gaming. Join CryptoWins & start winning today!
This nametag was submitted by Kleros Curate.
Overview
ETH Balance
0 ETH
Eth Value
$0.00Token Holdings
- ERC-20 Tokens (8)73,651.1 LINK
ChainLink To... (LINK)$1,267,535.43@17.211 TSUKA
Dejitaru Tsu... (TSUKA)$0.01@0.0118750 $stLink rewards on stlink.fi
! stlink.fi ($stLin...)12,887,771 0xSwapo.com0xSwapo.com (0xSwap...)245.44 TokenERC-20 TOKEN*[Suspicious]132.84 TokenERC-20 TOKEN*[Spam]801 TokenERC-20 TOKEN*[Spam]5,555 TokenERC-20 TOKEN*[Spam]claim rewards on apylink.com
apylink.comERC-1155Reward Club [NAYFAGyy]Reward Club [g71yQMZk]ERC-1155More Info
Private Name Tags
ContractCreator
Latest 25 from a total of 46,438 transactions
View all transactionsTransaction Hash MethodBlockFromToFulfill Randomne... 21274484 7 mins ago IN 0 ETH 0.00276853 Fulfill Randomne... 21267321 24 hrs ago IN 0 ETH 0.00261406 Fulfill Randomne... 21260162 2 days ago IN 0 ETH 0.00221675 Fulfill Randomne... 21252996 3 days ago IN 0 ETH 0.00269997 Fulfill Randomne... 21250785 3 days ago IN 0 ETH 0.00097469 Fulfill Randomne... 21238665 5 days ago IN 0 ETH 0.00451388 Fulfill Randomne... 21231503 6 days ago IN 0 ETH 0.00469038 Fulfill Randomne... 21217162 8 days ago IN 0 ETH 0.00578078 Fulfill Randomne... 21181328 13 days ago IN 0 ETH 0.01692217 Fulfill Randomne... 21166999 15 days ago IN 0 ETH 0.01028718 Fulfill Randomne... 21153211 16 days ago IN 0 ETH 0.00071764 Fulfill Randomne... 21131167 20 days ago IN 0 ETH 0.00727893 Fulfill Randomne... 21116842 22 days ago IN 0 ETH 0.00194107 Fulfill Randomne... 21080711 27 days ago IN 0 ETH 0.00231299 Fulfill Randomne... 21066389 29 days ago IN 0 ETH 0.00349093 Fulfill Randomne... 21045020 32 days ago IN 0 ETH 0.00036018 Fulfill Randomne... 21030552 34 days ago IN 0 ETH 0.00297696 Fulfill Randomne... 21016218 36 days ago IN 0 ETH 0.00301832 Fulfill Randomne... 21001877 38 days ago IN 0 ETH 0.00199272 Fulfill Randomne... 20987544 40 days ago IN 0 ETH 0.00372273 Fulfill Randomne... 20982536 40 days ago IN 0 ETH 0.00076619 Fulfill Randomne... 20980384 41 days ago IN 0 ETH 0.00339454 Fulfill Randomne... 20973223 42 days ago IN 0 ETH 0.00536668 Fulfill Randomne... 20966062 43 days ago IN 0 ETH 0.00500164 Fulfill Randomne... 20951780 45 days ago IN 0 ETH 0.00219117 View more zero value Internal Transactions in Advanced View mode
Advanced mode:Loading...LoadingSimilar Match Source Code
This contract matches the deployed Bytecode of the Source Code for Contract 0xEa9249E7...31f703AA3The constructor portion of the code might be different and could alter the actual behaviour of the contractContract Name:VRFCoordinator
Compiler Versionv0.6.6+commit.6c089d02
Contract Source Code (Solidity)
/** *Submitted for verification at Etherscan.io on 2020-08-26 */ // File: contracts/vendor/SafeMath.sol pragma solidity ^0.6.0; /** * @dev Wrappers over Solidity's arithmetic operations with added overflow * checks. * * Arithmetic operations in Solidity wrap on overflow. This can easily result * in bugs, because programmers usually assume that an overflow raises an * error, which is the standard behavior in high level programming languages. * `SafeMath` restores this intuition by reverting the transaction when an * operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. */ library SafeMath { /** * @dev Returns the addition of two unsigned integers, reverting on * overflow. * * Counterpart to Solidity's `+` operator. * * Requirements: * - Addition cannot overflow. */ function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; require(c >= a, "SafeMath: addition overflow"); return c; } /** * @dev Returns the subtraction of two unsigned integers, reverting on * overflow (when the result is negative). * * Counterpart to Solidity's `-` operator. * * Requirements: * - Subtraction cannot overflow. */ function sub(uint256 a, uint256 b) internal pure returns (uint256) { require(b <= a, "SafeMath: subtraction overflow"); uint256 c = a - b; return c; } /** * @dev Returns the multiplication of two unsigned integers, reverting on * overflow. * * Counterpart to Solidity's `*` operator. * * Requirements: * - Multiplication cannot overflow. */ function mul(uint256 a, uint256 b) internal pure returns (uint256) { // Gas optimization: this is cheaper than requiring 'a' not being zero, but the // benefit is lost if 'b' is also tested. // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522 if (a == 0) { return 0; } uint256 c = a * b; require(c / a == b, "SafeMath: multiplication overflow"); return c; } /** * @dev Returns the integer division of two unsigned integers. Reverts on * division by zero. The result is rounded towards zero. * * Counterpart to Solidity's `/` operator. Note: this function uses a * `revert` opcode (which leaves remaining gas untouched) while Solidity * uses an invalid opcode to revert (consuming all remaining gas). * * Requirements: * - The divisor cannot be zero. */ function div(uint256 a, uint256 b) internal pure returns (uint256) { // Solidity only automatically asserts when dividing by 0 require(b > 0, "SafeMath: division by zero"); uint256 c = a / b; // assert(a == b * c + a % b); // There is no case in which this doesn't hold return c; } /** * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), * Reverts when dividing by zero. * * Counterpart to Solidity's `%` operator. This function uses a `revert` * opcode (which leaves remaining gas untouched) while Solidity uses an * invalid opcode to revert (consuming all remaining gas). * * Requirements: * - The divisor cannot be zero. */ function mod(uint256 a, uint256 b) internal pure returns (uint256) { require(b != 0, "SafeMath: modulo by zero"); return a % b; } } // File: contracts/interfaces/LinkTokenInterface.sol pragma solidity ^0.6.0; interface LinkTokenInterface { function allowance(address owner, address spender) external view returns (uint256 remaining); function approve(address spender, uint256 value) external returns (bool success); function balanceOf(address owner) external view returns (uint256 balance); function decimals() external view returns (uint8 decimalPlaces); function decreaseApproval(address spender, uint256 addedValue) external returns (bool success); function increaseApproval(address spender, uint256 subtractedValue) external; function name() external view returns (string memory tokenName); function symbol() external view returns (string memory tokenSymbol); function totalSupply() external view returns (uint256 totalTokensIssued); function transfer(address to, uint256 value) external returns (bool success); function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool success); function transferFrom(address from, address to, uint256 value) external returns (bool success); } // File: contracts/interfaces/BlockHashStoreInterface.sol pragma solidity 0.6.6; interface BlockHashStoreInterface { function getBlockhash(uint256 number) external view returns (bytes32); } // File: contracts/VRF.sol pragma solidity 0.6.6; /** **************************************************************************** * @notice Verification of verifiable-random-function (VRF) proofs, following * @notice https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.3 * @notice See https://eprint.iacr.org/2017/099.pdf for security proofs. * @dev Bibliographic references: * @dev Goldberg, et al., "Verifiable Random Functions (VRFs)", Internet Draft * @dev draft-irtf-cfrg-vrf-05, IETF, Aug 11 2019, * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05 * @dev Papadopoulos, et al., "Making NSEC5 Practical for DNSSEC", Cryptology * @dev ePrint Archive, Report 2017/099, https://eprint.iacr.org/2017/099.pdf * **************************************************************************** * @dev USAGE * @dev The main entry point is randomValueFromVRFProof. See its docstring. * **************************************************************************** * @dev PURPOSE * @dev Reggie the Random Oracle (not his real job) wants to provide randomness * @dev to Vera the verifier in such a way that Vera can be sure he's not * @dev making his output up to suit himself. Reggie provides Vera a public key * @dev to which he knows the secret key. Each time Vera provides a seed to * @dev Reggie, he gives back a value which is computed completely * @dev deterministically from the seed and the secret key. * @dev Reggie provides a proof by which Vera can verify that the output was * @dev correctly computed once Reggie tells it to her, but without that proof, * @dev the output is computationally indistinguishable to her from a uniform * @dev random sample from the output space. * @dev The purpose of this contract is to perform that verification. * **************************************************************************** * @dev DESIGN NOTES * @dev The VRF algorithm verified here satisfies the full unqiqueness, full * @dev collision resistance, and full pseudorandomness security properties. * @dev See "SECURITY PROPERTIES" below, and * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-3 * @dev An elliptic curve point is generally represented in the solidity code * @dev as a uint256[2], corresponding to its affine coordinates in * @dev GF(FIELD_SIZE). * @dev For the sake of efficiency, this implementation deviates from the spec * @dev in some minor ways: * @dev - Keccak hash rather than the SHA256 hash recommended in * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.5 * @dev Keccak costs much less gas on the EVM, and provides similar security. * @dev - Secp256k1 curve instead of the P-256 or ED25519 curves recommended in * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.5 * @dev For curve-point multiplication, it's much cheaper to abuse ECRECOVER * @dev - hashToCurve recursively hashes until it finds a curve x-ordinate. On * @dev the EVM, this is slightly more efficient than the recommendation in * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.4.1.1 * @dev step 5, to concatenate with a nonce then hash, and rehash with the * @dev nonce updated until a valid x-ordinate is found. * @dev - hashToCurve does not include a cipher version string or the byte 0x1 * @dev in the hash message, as recommended in step 5.B of the draft * @dev standard. They are unnecessary here because no variation in the * @dev cipher suite is allowed. * @dev - Similarly, the hash input in scalarFromCurvePoints does not include a * @dev commitment to the cipher suite, either, which differs from step 2 of * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.4.3 * @dev . Also, the hash input is the concatenation of the uncompressed * @dev points, not the compressed points as recommended in step 3. * @dev - In the calculation of the challenge value "c", the "u" value (i.e. * @dev the value computed by Reggie as the nonce times the secp256k1 * @dev generator point, see steps 5 and 7 of * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.3 * @dev ) is replaced by its ethereum address, i.e. the lower 160 bits of the * @dev keccak hash of the original u. This is because we only verify the * @dev calculation of u up to its address, by abusing ECRECOVER. * **************************************************************************** * @dev SECURITY PROPERTIES * @dev Here are the security properties for this VRF: * @dev Full uniqueness: For any seed and valid VRF public key, there is * @dev exactly one VRF output which can be proved to come from that seed, in * @dev the sense that the proof will pass verifyVRFProof. * @dev Full collision resistance: It's cryptographically infeasible to find * @dev two seeds with same VRF output from a fixed, valid VRF key * @dev Full pseudorandomness: Absent the proofs that the VRF outputs are * @dev derived from a given seed, the outputs are computationally * @dev indistinguishable from randomness. * @dev https://eprint.iacr.org/2017/099.pdf, Appendix B contains the proofs * @dev for these properties. * @dev For secp256k1, the key validation described in section * @dev https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.6 * @dev is unnecessary, because secp256k1 has cofactor 1, and the * @dev representation of the public key used here (affine x- and y-ordinates * @dev of the secp256k1 point on the standard y^2=x^3+7 curve) cannot refer to * @dev the point at infinity. * **************************************************************************** * @dev OTHER SECURITY CONSIDERATIONS * * @dev The seed input to the VRF could in principle force an arbitrary amount * @dev of work in hashToCurve, by requiring extra rounds of hashing and * @dev checking whether that's yielded the x ordinate of a secp256k1 point. * @dev However, under the Random Oracle Model the probability of choosing a * @dev point which forces n extra rounds in hashToCurve is 2⁻ⁿ. The base cost * @dev for calling hashToCurve is about 25,000 gas, and each round of checking * @dev for a valid x ordinate costs about 15,555 gas, so to find a seed for * @dev which hashToCurve would cost more than 2,017,000 gas, one would have to * @dev try, in expectation, about 2¹²⁸ seeds, which is infeasible for any * @dev foreseeable computational resources. (25,000 + 128 * 15,555 < 2,017,000.) * @dev Since the gas block limit for the Ethereum main net is 10,000,000 gas, * @dev this means it is infeasible for an adversary to prevent correct * @dev operation of this contract by choosing an adverse seed. * @dev (See TestMeasureHashToCurveGasCost for verification of the gas cost for * @dev hashToCurve.) * @dev It may be possible to make a secure constant-time hashToCurve function. * @dev See notes in hashToCurve docstring. */ contract VRF { // See https://www.secg.org/sec2-v2.pdf, section 2.4.1, for these constants. uint256 constant private GROUP_ORDER = // Number of points in Secp256k1 // solium-disable-next-line indentation 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141; // Prime characteristic of the galois field over which Secp256k1 is defined uint256 constant private FIELD_SIZE = // solium-disable-next-line indentation 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F; uint256 constant private WORD_LENGTH_BYTES = 0x20; // (base^exponent) % FIELD_SIZE // Cribbed from https://medium.com/@rbkhmrcr/precompiles-solidity-e5d29bd428c4 function bigModExp(uint256 base, uint256 exponent) internal view returns (uint256 exponentiation) { uint256 callResult; uint256[6] memory bigModExpContractInputs; bigModExpContractInputs[0] = WORD_LENGTH_BYTES; // Length of base bigModExpContractInputs[1] = WORD_LENGTH_BYTES; // Length of exponent bigModExpContractInputs[2] = WORD_LENGTH_BYTES; // Length of modulus bigModExpContractInputs[3] = base; bigModExpContractInputs[4] = exponent; bigModExpContractInputs[5] = FIELD_SIZE; uint256[1] memory output; assembly { // solhint-disable-line no-inline-assembly callResult := staticcall( not(0), // Gas cost: no limit 0x05, // Bigmodexp contract address bigModExpContractInputs, 0xc0, // Length of input segment: 6*0x20-bytes output, 0x20 // Length of output segment ) } if (callResult == 0) {revert("bigModExp failure!");} return output[0]; } // Let q=FIELD_SIZE. q % 4 = 3, ∴ x≡r^2 mod q ⇒ x^SQRT_POWER≡±r mod q. See // https://en.wikipedia.org/wiki/Modular_square_root#Prime_or_prime_power_modulus uint256 constant private SQRT_POWER = (FIELD_SIZE + 1) >> 2; // Computes a s.t. a^2 = x in the field. Assumes a exists function squareRoot(uint256 x) internal view returns (uint256) { return bigModExp(x, SQRT_POWER); } // The value of y^2 given that (x,y) is on secp256k1. function ySquared(uint256 x) internal pure returns (uint256) { // Curve is y^2=x^3+7. See section 2.4.1 of https://www.secg.org/sec2-v2.pdf uint256 xCubed = mulmod(x, mulmod(x, x, FIELD_SIZE), FIELD_SIZE); return addmod(xCubed, 7, FIELD_SIZE); } // True iff p is on secp256k1 function isOnCurve(uint256[2] memory p) internal pure returns (bool) { return ySquared(p[0]) == mulmod(p[1], p[1], FIELD_SIZE); } // Hash x uniformly into {0, ..., FIELD_SIZE-1}. function fieldHash(bytes memory b) internal pure returns (uint256 x_) { x_ = uint256(keccak256(b)); // Rejecting if x >= FIELD_SIZE corresponds to step 2.1 in section 2.3.4 of // http://www.secg.org/sec1-v2.pdf , which is part of the definition of // string_to_point in the IETF draft while (x_ >= FIELD_SIZE) { x_ = uint256(keccak256(abi.encodePacked(x_))); } } // Hash b to a random point which hopefully lies on secp256k1. The y ordinate // is always even, due to // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.4.1.1 // step 5.C, which references arbitrary_string_to_point, defined in // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.5 as // returning the point with given x ordinate, and even y ordinate. function newCandidateSecp256k1Point(bytes memory b) internal view returns (uint256[2] memory p) { p[0] = fieldHash(b); p[1] = squareRoot(ySquared(p[0])); if (p[1] % 2 == 1) { p[1] = FIELD_SIZE - p[1]; } } // Domain-separation tag for initial hash in hashToCurve. Corresponds to // vrf.go/hashToCurveHashPrefix uint256 constant HASH_TO_CURVE_HASH_PREFIX = 1; // Cryptographic hash function onto the curve. // // Corresponds to algorithm in section 5.4.1.1 of the draft standard. (But see // DESIGN NOTES above for slight differences.) // // TODO(alx): Implement a bounded-computation hash-to-curve, as described in // "Construction of Rational Points on Elliptic Curves over Finite Fields" // http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.831.5299&rep=rep1&type=pdf // and suggested by // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-01#section-5.2.2 // (Though we can't used exactly that because secp256k1's j-invariant is 0.) // // This would greatly simplify the analysis in "OTHER SECURITY CONSIDERATIONS" // https://www.pivotaltracker.com/story/show/171120900 function hashToCurve(uint256[2] memory pk, uint256 input) internal view returns (uint256[2] memory rv) { rv = newCandidateSecp256k1Point(abi.encodePacked(HASH_TO_CURVE_HASH_PREFIX, pk, input)); while (!isOnCurve(rv)) { rv = newCandidateSecp256k1Point(abi.encodePacked(rv[0])); } } /** ********************************************************************* * @notice Check that product==scalar*multiplicand * * @dev Based on Vitalik Buterin's idea in ethresear.ch post cited below. * * @param multiplicand: secp256k1 point * @param scalar: non-zero GF(GROUP_ORDER) scalar * @param product: secp256k1 expected to be multiplier * multiplicand * @return verifies true iff product==scalar*multiplicand, with cryptographically high probability */ function ecmulVerify(uint256[2] memory multiplicand, uint256 scalar, uint256[2] memory product) internal pure returns(bool verifies) { require(scalar != 0); // Rules out an ecrecover failure case uint256 x = multiplicand[0]; // x ordinate of multiplicand uint8 v = multiplicand[1] % 2 == 0 ? 27 : 28; // parity of y ordinate // https://ethresear.ch/t/you-can-kinda-abuse-ecrecover-to-do-ecmul-in-secp256k1-today/2384/9 // Point corresponding to address ecrecover(0, v, x, s=scalar*x) is // (x⁻¹ mod GROUP_ORDER) * (scalar * x * multiplicand - 0 * g), i.e. // scalar*multiplicand. See https://crypto.stackexchange.com/a/18106 bytes32 scalarTimesX = bytes32(mulmod(scalar, x, GROUP_ORDER)); address actual = ecrecover(bytes32(0), v, bytes32(x), scalarTimesX); // Explicit conversion to address takes bottom 160 bits address expected = address(uint256(keccak256(abi.encodePacked(product)))); return (actual == expected); } // Returns x1/z1-x2/z2=(x1z2-x2z1)/(z1z2) in projective coordinates on P¹(𝔽ₙ) function projectiveSub(uint256 x1, uint256 z1, uint256 x2, uint256 z2) internal pure returns(uint256 x3, uint256 z3) { uint256 num1 = mulmod(z2, x1, FIELD_SIZE); uint256 num2 = mulmod(FIELD_SIZE - x2, z1, FIELD_SIZE); (x3, z3) = (addmod(num1, num2, FIELD_SIZE), mulmod(z1, z2, FIELD_SIZE)); } // Returns x1/z1*x2/z2=(x1x2)/(z1z2), in projective coordinates on P¹(𝔽ₙ) function projectiveMul(uint256 x1, uint256 z1, uint256 x2, uint256 z2) internal pure returns(uint256 x3, uint256 z3) { (x3, z3) = (mulmod(x1, x2, FIELD_SIZE), mulmod(z1, z2, FIELD_SIZE)); } /** ************************************************************************** @notice Computes elliptic-curve sum, in projective co-ordinates @dev Using projective coordinates avoids costly divisions @dev To use this with p and q in affine coordinates, call @dev projectiveECAdd(px, py, qx, qy). This will return @dev the addition of (px, py, 1) and (qx, qy, 1), in the @dev secp256k1 group. @dev This can be used to calculate the z which is the inverse to zInv @dev in isValidVRFOutput. But consider using a faster @dev re-implementation such as ProjectiveECAdd in the golang vrf package. @dev This function assumes [px,py,1],[qx,qy,1] are valid projective coordinates of secp256k1 points. That is safe in this contract, because this method is only used by linearCombination, which checks points are on the curve via ecrecover. ************************************************************************** @param px The first affine coordinate of the first summand @param py The second affine coordinate of the first summand @param qx The first affine coordinate of the second summand @param qy The second affine coordinate of the second summand (px,py) and (qx,qy) must be distinct, valid secp256k1 points. ************************************************************************** Return values are projective coordinates of [px,py,1]+[qx,qy,1] as points on secp256k1, in P²(𝔽ₙ) @return sx @return sy @return sz */ function projectiveECAdd(uint256 px, uint256 py, uint256 qx, uint256 qy) internal pure returns(uint256 sx, uint256 sy, uint256 sz) { // See "Group law for E/K : y^2 = x^3 + ax + b", in section 3.1.2, p. 80, // "Guide to Elliptic Curve Cryptography" by Hankerson, Menezes and Vanstone // We take the equations there for (sx,sy), and homogenize them to // projective coordinates. That way, no inverses are required, here, and we // only need the one inverse in affineECAdd. // We only need the "point addition" equations from Hankerson et al. Can // skip the "point doubling" equations because p1 == p2 is cryptographically // impossible, and require'd not to be the case in linearCombination. // Add extra "projective coordinate" to the two points (uint256 z1, uint256 z2) = (1, 1); // (lx, lz) = (qy-py)/(qx-px), i.e., gradient of secant line. uint256 lx = addmod(qy, FIELD_SIZE - py, FIELD_SIZE); uint256 lz = addmod(qx, FIELD_SIZE - px, FIELD_SIZE); uint256 dx; // Accumulates denominator from sx calculation // sx=((qy-py)/(qx-px))^2-px-qx (sx, dx) = projectiveMul(lx, lz, lx, lz); // ((qy-py)/(qx-px))^2 (sx, dx) = projectiveSub(sx, dx, px, z1); // ((qy-py)/(qx-px))^2-px (sx, dx) = projectiveSub(sx, dx, qx, z2); // ((qy-py)/(qx-px))^2-px-qx uint256 dy; // Accumulates denominator from sy calculation // sy=((qy-py)/(qx-px))(px-sx)-py (sy, dy) = projectiveSub(px, z1, sx, dx); // px-sx (sy, dy) = projectiveMul(sy, dy, lx, lz); // ((qy-py)/(qx-px))(px-sx) (sy, dy) = projectiveSub(sy, dy, py, z1); // ((qy-py)/(qx-px))(px-sx)-py if (dx != dy) { // Cross-multiply to put everything over a common denominator sx = mulmod(sx, dy, FIELD_SIZE); sy = mulmod(sy, dx, FIELD_SIZE); sz = mulmod(dx, dy, FIELD_SIZE); } else { // Already over a common denominator, use that for z ordinate sz = dx; } } // p1+p2, as affine points on secp256k1. // // invZ must be the inverse of the z returned by projectiveECAdd(p1, p2). // It is computed off-chain to save gas. // // p1 and p2 must be distinct, because projectiveECAdd doesn't handle // point doubling. function affineECAdd( uint256[2] memory p1, uint256[2] memory p2, uint256 invZ) internal pure returns (uint256[2] memory) { uint256 x; uint256 y; uint256 z; (x, y, z) = projectiveECAdd(p1[0], p1[1], p2[0], p2[1]); require(mulmod(z, invZ, FIELD_SIZE) == 1, "invZ must be inverse of z"); // Clear the z ordinate of the projective representation by dividing through // by it, to obtain the affine representation return [mulmod(x, invZ, FIELD_SIZE), mulmod(y, invZ, FIELD_SIZE)]; } // True iff address(c*p+s*g) == lcWitness, where g is generator. (With // cryptographically high probability.) function verifyLinearCombinationWithGenerator( uint256 c, uint256[2] memory p, uint256 s, address lcWitness) internal pure returns (bool) { // Rule out ecrecover failure modes which return address 0. require(lcWitness != address(0), "bad witness"); uint8 v = (p[1] % 2 == 0) ? 27 : 28; // parity of y-ordinate of p bytes32 pseudoHash = bytes32(GROUP_ORDER - mulmod(p[0], s, GROUP_ORDER)); // -s*p[0] bytes32 pseudoSignature = bytes32(mulmod(c, p[0], GROUP_ORDER)); // c*p[0] // https://ethresear.ch/t/you-can-kinda-abuse-ecrecover-to-do-ecmul-in-secp256k1-today/2384/9 // The point corresponding to the address returned by // ecrecover(-s*p[0],v,p[0],c*p[0]) is // (p[0]⁻¹ mod GROUP_ORDER)*(c*p[0]-(-s)*p[0]*g)=c*p+s*g. // See https://crypto.stackexchange.com/a/18106 // https://bitcoin.stackexchange.com/questions/38351/ecdsa-v-r-s-what-is-v address computed = ecrecover(pseudoHash, v, bytes32(p[0]), pseudoSignature); return computed == lcWitness; } // c*p1 + s*p2. Requires cp1Witness=c*p1 and sp2Witness=s*p2. Also // requires cp1Witness != sp2Witness (which is fine for this application, // since it is cryptographically impossible for them to be equal. In the // (cryptographically impossible) case that a prover accidentally derives // a proof with equal c*p1 and s*p2, they should retry with a different // proof nonce.) Assumes that all points are on secp256k1 // (which is checked in verifyVRFProof below.) function linearCombination( uint256 c, uint256[2] memory p1, uint256[2] memory cp1Witness, uint256 s, uint256[2] memory p2, uint256[2] memory sp2Witness, uint256 zInv) internal pure returns (uint256[2] memory) { require((cp1Witness[0] - sp2Witness[0]) % FIELD_SIZE != 0, "points in sum must be distinct"); require(ecmulVerify(p1, c, cp1Witness), "First multiplication check failed"); require(ecmulVerify(p2, s, sp2Witness), "Second multiplication check failed"); return affineECAdd(cp1Witness, sp2Witness, zInv); } // Domain-separation tag for the hash taken in scalarFromCurvePoints. // Corresponds to scalarFromCurveHashPrefix in vrf.go uint256 constant SCALAR_FROM_CURVE_POINTS_HASH_PREFIX = 2; // Pseudo-random number from inputs. Matches vrf.go/scalarFromCurvePoints, and // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-05#section-5.4.3 // The draft calls (in step 7, via the definition of string_to_int, in // https://datatracker.ietf.org/doc/html/rfc8017#section-4.2 ) for taking the // first hash without checking that it corresponds to a number less than the // group order, which will lead to a slight bias in the sample. // // TODO(alx): We could save a bit of gas by following the standard here and // using the compressed representation of the points, if we collated the y // parities into a single bytes32. // https://www.pivotaltracker.com/story/show/171120588 function scalarFromCurvePoints( uint256[2] memory hash, uint256[2] memory pk, uint256[2] memory gamma, address uWitness, uint256[2] memory v) internal pure returns (uint256 s) { return uint256( keccak256(abi.encodePacked(SCALAR_FROM_CURVE_POINTS_HASH_PREFIX, hash, pk, gamma, v, uWitness))); } // True if (gamma, c, s) is a correctly constructed randomness proof from pk // and seed. zInv must be the inverse of the third ordinate from // projectiveECAdd applied to cGammaWitness and sHashWitness. Corresponds to // section 5.3 of the IETF draft. // // TODO(alx): Since I'm only using pk in the ecrecover call, I could only pass // the x ordinate, and the parity of the y ordinate in the top bit of uWitness // (which I could make a uint256 without using any extra space.) Would save // about 2000 gas. https://www.pivotaltracker.com/story/show/170828567 function verifyVRFProof( uint256[2] memory pk, uint256[2] memory gamma, uint256 c, uint256 s, uint256 seed, address uWitness, uint256[2] memory cGammaWitness, uint256[2] memory sHashWitness, uint256 zInv) internal view { require(isOnCurve(pk), "public key is not on curve"); require(isOnCurve(gamma), "gamma is not on curve"); require(isOnCurve(cGammaWitness), "cGammaWitness is not on curve"); require(isOnCurve(sHashWitness), "sHashWitness is not on curve"); // Step 5. of IETF draft section 5.3 (pk corresponds to 5.3's Y, and here // we use the address of u instead of u itself. Also, here we add the // terms instead of taking the difference, and in the proof consruction in // vrf.GenerateProof, we correspondingly take the difference instead of // taking the sum as they do in step 7 of section 5.1.) require( verifyLinearCombinationWithGenerator(c, pk, s, uWitness), "addr(c*pk+s*g)≠_uWitness" ); // Step 4. of IETF draft section 5.3 (pk corresponds to Y, seed to alpha_string) uint256[2] memory hash = hashToCurve(pk, seed); // Step 6. of IETF draft section 5.3, but see note for step 5 about +/- terms uint256[2] memory v = linearCombination( c, gamma, cGammaWitness, s, hash, sHashWitness, zInv); // Steps 7. and 8. of IETF draft section 5.3 uint256 derivedC = scalarFromCurvePoints(hash, pk, gamma, uWitness, v); require(c == derivedC, "invalid proof"); } // Domain-separation tag for the hash used as the final VRF output. // Corresponds to vrfRandomOutputHashPrefix in vrf.go uint256 constant VRF_RANDOM_OUTPUT_HASH_PREFIX = 3; // Length of proof marshaled to bytes array. Shows layout of proof uint public constant PROOF_LENGTH = 64 + // PublicKey (uncompressed format.) 64 + // Gamma 32 + // C 32 + // S 32 + // Seed 0 + // Dummy entry: The following elements are included for gas efficiency: 32 + // uWitness (gets padded to 256 bits, even though it's only 160) 64 + // cGammaWitness 64 + // sHashWitness 32; // zInv (Leave Output out, because that can be efficiently calculated) /* *************************************************************************** * @notice Returns proof's output, if proof is valid. Otherwise reverts * @param proof A binary-encoded proof, as output by vrf.Proof.MarshalForSolidityVerifier * * Throws if proof is invalid, otherwise: * @return output i.e., the random output implied by the proof * *************************************************************************** * @dev See the calculation of PROOF_LENGTH for the binary layout of proof. */ function randomValueFromVRFProof(bytes memory proof) internal view returns (uint256 output) { require(proof.length == PROOF_LENGTH, "wrong proof length"); uint256[2] memory pk; // parse proof contents into these variables uint256[2] memory gamma; // c, s and seed combined (prevents "stack too deep" compilation error) uint256[3] memory cSSeed; address uWitness; uint256[2] memory cGammaWitness; uint256[2] memory sHashWitness; uint256 zInv; (pk, gamma, cSSeed, uWitness, cGammaWitness, sHashWitness, zInv) = abi.decode( proof, (uint256[2], uint256[2], uint256[3], address, uint256[2], uint256[2], uint256)); verifyVRFProof( pk, gamma, cSSeed[0], // c cSSeed[1], // s cSSeed[2], // seed uWitness, cGammaWitness, sHashWitness, zInv ); output = uint256(keccak256(abi.encode(VRF_RANDOM_OUTPUT_HASH_PREFIX, gamma))); } } // File: contracts/VRFRequestIDBase.sol pragma solidity ^0.6.0; contract VRFRequestIDBase { /** * @notice returns the seed which is actually input to the VRF coordinator * * @dev To prevent repetition of VRF output due to repetition of the * @dev user-supplied seed, that seed is combined in a hash with the * @dev user-specific nonce, and the address of the consuming contract. The * @dev risk of repetition is mostly mitigated by inclusion of a blockhash in * @dev the final seed, but the nonce does protect against repetition in * @dev requests which are included in a single block. * * @param _userSeed VRF seed input provided by user * @param _requester Address of the requesting contract * @param _nonce User-specific nonce at the time of the request */ function makeVRFInputSeed(bytes32 _keyHash, uint256 _userSeed, address _requester, uint256 _nonce) internal pure returns (uint256) { return uint256(keccak256(abi.encode(_keyHash, _userSeed, _requester, _nonce))); } /** * @notice Returns the id for this request * @param _keyHash The serviceAgreement ID to be used for this request * @param _vRFInputSeed The seed to be passed directly to the VRF * @return The id for this request * * @dev Note that _vRFInputSeed is not the seed passed by the consuming * @dev contract, but the one generated by makeVRFInputSeed */ function makeRequestId( bytes32 _keyHash, uint256 _vRFInputSeed) internal pure returns (bytes32) { return keccak256(abi.encodePacked(_keyHash, _vRFInputSeed)); } } // File: contracts/VRFConsumerBase.sol pragma solidity ^0.6.0; /** **************************************************************************** * @notice Interface for contracts using VRF randomness * ***************************************************************************** * @dev PURPOSE * * @dev Reggie the Random Oracle (not his real job) wants to provide randomness * @dev to Vera the verifier in such a way that Vera can be sure he's not * @dev making his output up to suit himself. Reggie provides Vera a public key * @dev to which he knows the secret key. Each time Vera provides a seed to * @dev Reggie, he gives back a value which is computed completely * @dev deterministically from the seed and the secret key. * * @dev Reggie provides a proof by which Vera can verify that the output was * @dev correctly computed once Reggie tells it to her, but without that proof, * @dev the output is indistinguishable to her from a uniform random sample * @dev from the output space. * * @dev The purpose of this contract is to make it easy for unrelated contracts * @dev to talk to Vera the verifier about the work Reggie is doing, to provide * @dev simple access to a verifiable source of randomness. * ***************************************************************************** * @dev USAGE * * @dev Calling contracts must inherit from VRFConsumerInterface, and can * @dev initialize VRFConsumerInterface's attributes in their constructor as * @dev shown: * * @dev contract VRFConsumer { * @dev constuctor(<other arguments>, address _vrfCoordinator, address _link) * @dev VRFConsumerBase(_vrfCoordinator, _link) public { * @dev <initialization with other arguments goes here> * @dev } * @dev } * * @dev The oracle will have given you an ID for the VRF keypair they have * @dev committed to (let's call it keyHash), and have told you the minimum LINK * @dev price for VRF service. Make sure your contract has sufficient LINK, and * @dev call requestRandomness(keyHash, fee, seed), where seed is the input you * @dev want to generate randomness from. * * @dev Once the VRFCoordinator has received and validated the oracle's response * @dev to your request, it will call your contract's fulfillRandomness method. * * @dev The randomness argument to fulfillRandomness is the actual random value * @dev generated from your seed. * * @dev The requestId argument is generated from the keyHash and the seed by * @dev makeRequestId(keyHash, seed). If your contract could have concurrent * @dev requests open, you can use the requestId to track which seed is * @dev associated with which randomness. See VRFRequestIDBase.sol for more * @dev details. * * @dev Colliding `requestId`s are cryptographically impossible as long as seeds * @dev differ. (Which is critical to making unpredictable randomness! See the * @dev next section.) * * ***************************************************************************** * @dev SECURITY CONSIDERATIONS * * @dev Since the ultimate input to the VRF is mixed with the block hash of the * @dev block in which the request is made, user-provided seeds have no impact * @dev on its economic security properties. They are only included for API * @dev compatability with previous versions of this contract. * * @dev Since the block hash of the block which contains the requestRandomness() * @dev call is mixed into the input to the VRF *last*, a sufficiently powerful * @dev miner could, in principle, fork the blockchain to evict the block * @dev containing the request, forcing the request to be included in a * @dev different block with a different hash, and therefore a different input * @dev to the VRF. However, such an attack would incur a substantial economic * @dev cost. This cost scales with the number of blocks the VRF oracle waits * @dev until it calls fulfillRandomness(). */ abstract contract VRFConsumerBase is VRFRequestIDBase { using SafeMath for uint256; /** * @notice fulfillRandomness handles the VRF response. Your contract must * @notice implement it. * * @dev The VRFCoordinator expects a calling contract to have a method with * @dev this signature, and will trigger it once it has verified the proof * @dev associated with the randomness (It is triggered via a call to * @dev rawFulfillRandomness, below.) * * @param requestId The Id initially returned by requestRandomness * @param randomness the VRF output */ function fulfillRandomness(bytes32 requestId, uint256 randomness) internal virtual; /** * @notice requestRandomness initiates a request for VRF output given _seed * * @dev See "SECURITY CONSIDERATIONS" above for more information on _seed. * * @dev The fulfillRandomness method receives the output, once it's provided * @dev by the Oracle, and verified by the vrfCoordinator. * * @dev The _keyHash must already be registered with the VRFCoordinator, and * @dev the _fee must exceed the fee specified during registration of the * @dev _keyHash. * * @param _keyHash ID of public key against which randomness is generated * @param _fee The amount of LINK to send with the request * @param _seed seed mixed into the input of the VRF * * @return requestId unique ID for this request * * @dev The returned requestId can be used to distinguish responses to * * @dev concurrent requests. It is passed as the first argument to * @dev fulfillRandomness. */ function requestRandomness(bytes32 _keyHash, uint256 _fee, uint256 _seed) public returns (bytes32 requestId) { LINK.transferAndCall(vrfCoordinator, _fee, abi.encode(_keyHash, _seed)); // This is the seed passed to VRFCoordinator. The oracle will mix this with // the hash of the block containing this request to obtain the seed/input // which is finally passed to the VRF cryptographic machinery. uint256 vRFSeed = makeVRFInputSeed(_keyHash, _seed, address(this), nonces[_keyHash]); // nonces[_keyHash] must stay in sync with // VRFCoordinator.nonces[_keyHash][this], which was incremented by the above // successful LINK.transferAndCall (in VRFCoordinator.randomnessRequest). // This provides protection against the user repeating their input // seed, which would result in a predictable/duplicate output. nonces[_keyHash] = nonces[_keyHash].add(1); return makeRequestId(_keyHash, vRFSeed); } LinkTokenInterface immutable internal LINK; address immutable private vrfCoordinator; // Nonces for each VRF key from which randomness has been requested. // // Must stay in sync with VRFCoordinator[_keyHash][this] mapping(bytes32 /* keyHash */ => uint256 /* nonce */) public nonces; constructor(address _vrfCoordinator, address _link) public { vrfCoordinator = _vrfCoordinator; LINK = LinkTokenInterface(_link); } // rawFulfillRandomness is called by VRFCoordinator when it receives a valid VRF // proof. rawFulfillRandomness then calls fulfillRandomness, after validating // the origin of the call function rawFulfillRandomness(bytes32 requestId, uint256 randomness) external { require(msg.sender == vrfCoordinator, "Only VRFCoordinator can fulfill"); fulfillRandomness(requestId, randomness); } } // File: contracts/VRFCoordinator.sol pragma solidity 0.6.6; /** * @title VRFCoordinator coordinates on-chain verifiable-randomness requests * @title with off-chain responses */ contract VRFCoordinator is VRF, VRFRequestIDBase { using SafeMath for uint256; LinkTokenInterface internal LINK; BlockHashStoreInterface internal blockHashStore; constructor(address _link, address _blockHashStore) public { LINK = LinkTokenInterface(_link); blockHashStore = BlockHashStoreInterface(_blockHashStore); } struct Callback { // Tracks an ongoing request address callbackContract; // Requesting contract, which will receive response // Amount of LINK paid at request time. Total LINK = 1e9 * 1e18 < 2^96, so // this representation is adequate, and saves a word of storage when this // field follows the 160-bit callbackContract address. uint96 randomnessFee; // Commitment to seed passed to oracle by this contract, and the number of // the block in which the request appeared. This is the keccak256 of the // concatenation of those values. Storing this commitment saves a word of // storage. bytes32 seedAndBlockNum; } struct ServiceAgreement { // Tracks oracle commitments to VRF service address vRFOracle; // Oracle committing to respond with VRF service uint96 fee; // Minimum payment for oracle response. Total LINK=1e9*1e18<2^96 bytes32 jobID; // ID of corresponding chainlink job in oracle's DB } mapping(bytes32 /* (provingKey, seed) */ => Callback) public callbacks; mapping(bytes32 /* provingKey */ => ServiceAgreement) public serviceAgreements; mapping(address /* oracle */ => uint256 /* LINK balance */) public withdrawableTokens; mapping(bytes32 /* provingKey */ => mapping(address /* consumer */ => uint256)) private nonces; // The oracle only needs the jobID to look up the VRF, but specifying public // key as well prevents a malicious oracle from inducing VRF outputs from // another oracle by reusing the jobID. event RandomnessRequest( bytes32 keyHash, uint256 seed, bytes32 indexed jobID, address sender, uint256 fee, bytes32 requestID); event NewServiceAgreement(bytes32 keyHash, uint256 fee); event RandomnessRequestFulfilled(bytes32 requestId, uint256 output); /** * @notice Commits calling address to serve randomness * @param _fee minimum LINK payment required to serve randomness * @param _oracle the address of the Chainlink node with the proving key and job * @param _publicProvingKey public key used to prove randomness * @param _jobID ID of the corresponding chainlink job in the oracle's db */ function registerProvingKey( uint256 _fee, address _oracle, uint256[2] calldata _publicProvingKey, bytes32 _jobID ) external { bytes32 keyHash = hashOfKey(_publicProvingKey); address oldVRFOracle = serviceAgreements[keyHash].vRFOracle; require(oldVRFOracle == address(0), "please register a new key"); require(_oracle != address(0), "_oracle must not be 0x0"); serviceAgreements[keyHash].vRFOracle = _oracle; serviceAgreements[keyHash].jobID = _jobID; // Yes, this revert message doesn't fit in a word require(_fee <= 1e9 ether, "you can't charge more than all the LINK in the world, greedy"); serviceAgreements[keyHash].fee = uint96(_fee); emit NewServiceAgreement(keyHash, _fee); } /** * @notice Called by LINK.transferAndCall, on successful LINK transfer * * @dev To invoke this, use the requestRandomness method in VRFConsumerBase. * * @dev The VRFCoordinator will call back to the calling contract when the * @dev oracle responds, on the method fulfillRandomness. See * @dev VRFConsumerBase.fulfilRandomness for its signature. Your consuming * @dev contract should inherit from VRFConsumerBase, and implement * @dev fulfilRandomness. * * @param _sender address: who sent the LINK (must be a contract) * @param _fee amount of LINK sent * @param _data abi-encoded call to randomnessRequest */ function onTokenTransfer(address _sender, uint256 _fee, bytes memory _data) public onlyLINK { (bytes32 keyHash, uint256 seed) = abi.decode(_data, (bytes32, uint256)); randomnessRequest(keyHash, seed, _fee, _sender); } /** * @notice creates the chainlink request for randomness * * @param _keyHash ID of the VRF public key against which to generate output * @param _consumerSeed Input to the VRF, from which randomness is generated * @param _feePaid Amount of LINK sent with request. Must exceed fee for key * @param _sender Requesting contract; to be called back with VRF output * * @dev _consumerSeed is mixed with key hash, sender address and nonce to * @dev obtain preSeed, which is passed to VRF oracle, which mixes it with the * @dev hash of the block containing this request, to compute the final seed. * * @dev The requestId used to store the request data is constructed from the * @dev preSeed and keyHash. */ function randomnessRequest( bytes32 _keyHash, uint256 _consumerSeed, uint256 _feePaid, address _sender ) internal sufficientLINK(_feePaid, _keyHash) { uint256 nonce = nonces[_keyHash][_sender]; uint256 preSeed = makeVRFInputSeed(_keyHash, _consumerSeed, _sender, nonce); bytes32 requestId = makeRequestId(_keyHash, preSeed); // Cryptographically guaranteed by preSeed including an increasing nonce assert(callbacks[requestId].callbackContract == address(0)); callbacks[requestId].callbackContract = _sender; assert(_feePaid < 1e27); // Total LINK fits in uint96 callbacks[requestId].randomnessFee = uint96(_feePaid); callbacks[requestId].seedAndBlockNum = keccak256(abi.encodePacked( preSeed, block.number)); emit RandomnessRequest(_keyHash, preSeed, serviceAgreements[_keyHash].jobID, _sender, _feePaid, requestId); nonces[_keyHash][_sender] = nonces[_keyHash][_sender].add(1); } // Offsets into fulfillRandomnessRequest's _proof of various values // // Public key. Skips byte array's length prefix. uint256 public constant PUBLIC_KEY_OFFSET = 0x20; // Seed is 7th word in proof, plus word for length, (6+1)*0x20=0xe0 uint256 public constant PRESEED_OFFSET = 0xe0; /** * @notice Called by the chainlink node to fulfill requests * * @param _proof the proof of randomness. Actual random output built from this * * @dev The structure of _proof corresponds to vrf.MarshaledOnChainResponse, * @dev in the node source code. I.e., it is a vrf.MarshaledProof with the * @dev seed replaced by the preSeed, followed by the hash of the requesting * @dev block. */ function fulfillRandomnessRequest(bytes memory _proof) public { (bytes32 currentKeyHash, Callback memory callback, bytes32 requestId, uint256 randomness) = getRandomnessFromProof(_proof); // Pay oracle address oadd = serviceAgreements[currentKeyHash].vRFOracle; withdrawableTokens[oadd] = withdrawableTokens[oadd].add( callback.randomnessFee); // Forget request. Must precede callback (prevents reentrancy) delete callbacks[requestId]; callBackWithRandomness(requestId, randomness, callback.callbackContract); emit RandomnessRequestFulfilled(requestId, randomness); } function callBackWithRandomness(bytes32 requestId, uint256 randomness, address consumerContract) internal { // Dummy variable; allows access to method selector in next line. See // https://github.com/ethereum/solidity/issues/3506#issuecomment-553727797 VRFConsumerBase v; bytes memory resp = abi.encodeWithSelector( v.rawFulfillRandomness.selector, requestId, randomness); // The bound b here comes from https://eips.ethereum.org/EIPS/eip-150. The // actual gas available to the consuming contract will be b-floor(b/64). // This is chosen to leave the consuming contract ~200k gas, after the cost // of the call itself. uint256 b = 206000; require(gasleft() >= b, "not enough gas for consumer"); // A low-level call is necessary, here, because we don't want the consuming // contract to be able to revert this execution, and thus deny the oracle // payment for a valid randomness response. This also necessitates the above // check on the gasleft, as otherwise there would be no indication if the // callback method ran out of gas. // // solhint-disable-next-line avoid-low-level-calls (bool success,) = consumerContract.call(resp); // Avoid unused-local-variable warning. (success is only present to prevent // a warning that the return value of consumerContract.call is unused.) (success); } function getRandomnessFromProof(bytes memory _proof) internal view returns (bytes32 currentKeyHash, Callback memory callback, bytes32 requestId, uint256 randomness) { // blockNum follows proof, which follows length word (only direct-number // constants are allowed in assembly, so have to compute this in code) uint256 BLOCKNUM_OFFSET = 0x20 + PROOF_LENGTH; // _proof.length skips the initial length word, so not including the // blocknum in this length check balances out. require(_proof.length == BLOCKNUM_OFFSET, "wrong proof length"); uint256[2] memory publicKey; uint256 preSeed; uint256 blockNum; assembly { // solhint-disable-line no-inline-assembly publicKey := add(_proof, PUBLIC_KEY_OFFSET) preSeed := mload(add(_proof, PRESEED_OFFSET)) blockNum := mload(add(_proof, BLOCKNUM_OFFSET)) } currentKeyHash = hashOfKey(publicKey); requestId = makeRequestId(currentKeyHash, preSeed); callback = callbacks[requestId]; require(callback.callbackContract != address(0), "no corresponding request"); require(callback.seedAndBlockNum == keccak256(abi.encodePacked(preSeed, blockNum)), "wrong preSeed or block num"); bytes32 blockHash = blockhash(blockNum); if (blockHash == bytes32(0)) { blockHash = blockHashStore.getBlockhash(blockNum); require(blockHash != bytes32(0), "please prove blockhash"); } // The seed actually used by the VRF machinery, mixing in the blockhash uint256 actualSeed = uint256(keccak256(abi.encodePacked(preSeed, blockHash))); // solhint-disable-next-line no-inline-assembly assembly { // Construct the actual proof from the remains of _proof mstore(add(_proof, PRESEED_OFFSET), actualSeed) mstore(_proof, PROOF_LENGTH) } randomness = VRF.randomValueFromVRFProof(_proof); // Reverts on failure } /** * @dev Allows the oracle operator to withdraw their LINK * @param _recipient is the address the funds will be sent to * @param _amount is the amount of LINK transferred from the Coordinator contract */ function withdraw(address _recipient, uint256 _amount) external hasAvailableFunds(_amount) { withdrawableTokens[msg.sender] = withdrawableTokens[msg.sender].sub(_amount); assert(LINK.transfer(_recipient, _amount)); } /** * @notice Returns the serviceAgreements key associated with this public key * @param _publicKey the key to return the address for */ function hashOfKey(uint256[2] memory _publicKey) public pure returns (bytes32) { return keccak256(abi.encodePacked(_publicKey)); } /** * @dev Reverts if amount is not at least what was agreed upon in the service agreement * @param _feePaid The payment for the request * @param _keyHash The key which the request is for */ modifier sufficientLINK(uint256 _feePaid, bytes32 _keyHash) { require(_feePaid >= serviceAgreements[_keyHash].fee, "Below agreed payment"); _; } /** * @dev Reverts if not sent from the LINK token */ modifier onlyLINK() { require(msg.sender == address(LINK), "Must use LINK token"); _; } /** * @dev Reverts if amount requested is greater than withdrawable balance * @param _amount The given amount to compare to `withdrawableTokens` */ modifier hasAvailableFunds(uint256 _amount) { require(withdrawableTokens[msg.sender] >= _amount, "can't withdraw more than balance"); _; } }Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"address","name":"_link","type":"address"},{"internalType":"address","name":"_blockHashStore","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bytes32","name":"keyHash","type":"bytes32"},{"indexed":false,"internalType":"uint256","name":"fee","type":"uint256"}],"name":"NewServiceAgreement","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bytes32","name":"keyHash","type":"bytes32"},{"indexed":false,"internalType":"uint256","name":"seed","type":"uint256"},{"indexed":true,"internalType":"bytes32","name":"jobID","type":"bytes32"},{"indexed":false,"internalType":"address","name":"sender","type":"address"},{"indexed":false,"internalType":"uint256","name":"fee","type":"uint256"},{"indexed":false,"internalType":"bytes32","name":"requestID","type":"bytes32"}],"name":"RandomnessRequest","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bytes32","name":"requestId","type":"bytes32"},{"indexed":false,"internalType":"uint256","name":"output","type":"uint256"}],"name":"RandomnessRequestFulfilled","type":"event"},{"inputs":[],"name":"PRESEED_OFFSET","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"PROOF_LENGTH","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"PUBLIC_KEY_OFFSET","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"name":"callbacks","outputs":[{"internalType":"address","name":"callbackContract","type":"address"},{"internalType":"uint96","name":"randomnessFee","type":"uint96"},{"internalType":"bytes32","name":"seedAndBlockNum","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"_proof","type":"bytes"}],"name":"fulfillRandomnessRequest","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256[2]","name":"_publicKey","type":"uint256[2]"}],"name":"hashOfKey","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"address","name":"_sender","type":"address"},{"internalType":"uint256","name":"_fee","type":"uint256"},{"internalType":"bytes","name":"_data","type":"bytes"}],"name":"onTokenTransfer","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"_fee","type":"uint256"},{"internalType":"address","name":"_oracle","type":"address"},{"internalType":"uint256[2]","name":"_publicProvingKey","type":"uint256[2]"},{"internalType":"bytes32","name":"_jobID","type":"bytes32"}],"name":"registerProvingKey","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"name":"serviceAgreements","outputs":[{"internalType":"address","name":"vRFOracle","type":"address"},{"internalType":"uint96","name":"fee","type":"uint96"},{"internalType":"bytes32","name":"jobID","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_recipient","type":"address"},{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"withdraw","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"withdrawableTokens","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"}]Deployed Bytecode
0x608060405234801561001057600080fd5b50600436106100a85760003560e01c8063a4c0ed3611610071578063a4c0ed36146101ff578063b415f4f5146102ba578063caf70c4a146102c2578063d83402091461030d578063e911439c14610344578063f3fef3a31461034c576100a8565b80626f6ad0146100ad57806321f36509146100e55780635e1c10591461013257806375d35070146101da5780638aa7927b146101f7575b600080fd5b6100d3600480360360208110156100c357600080fd5b50356001600160a01b0316610378565b60408051918252519081900360200190f35b610102600480360360208110156100fb57600080fd5b503561038a565b604080516001600160a01b0390941684526001600160601b03909216602084015282820152519081900360600190f35b6101d86004803603602081101561014857600080fd5b81019060208101813564010000000081111561016357600080fd5b82018360208201111561017557600080fd5b8035906020019184600183028401116401000000008311171561019757600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295506103bf945050505050565b005b610102600480360360208110156101f057600080fd5b50356104a8565b6100d36104dd565b6101d86004803603606081101561021557600080fd5b6001600160a01b038235169160208101359181019060608101604082013564010000000081111561024557600080fd5b82018360208201111561025757600080fd5b8035906020019184600183028401116401000000008311171561027957600080fd5b91908080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152509295506104e2945050505050565b6100d3610570565b6100d3600480360360408110156102d857600080fd5b604080518082018252918301929181830191839060029083908390808284376000920191909152509194506105759350505050565b6101d8600480360360a081101561032357600080fd5b508035906001600160a01b03602082013516906040810190608001356105cb565b6100d36107ab565b6101d86004803603604081101561036257600080fd5b506001600160a01b0381351690602001356107b1565b60046020526000908152604090205481565b600260205260009081526040902080546001909101546001600160a01b03821691600160a01b90046001600160601b03169083565b60006103c9611c77565b6000806103d5856108d3565b600084815260036020908152604080832054828701516001600160a01b03909116808552600490935292205495995093975091955093509091610426916001600160601b031663ffffffff610b9716565b6001600160a01b038216600090815260046020908152604080832093909355858252600290529081208181556001015583516104659084908490610bfa565b604080518481526020810184905281517fa2e7a402243ebda4a69ceeb3dfb682943b7a9b3ac66d6eefa8db65894009611c929181900390910190a1505050505050565b600360205260009081526040902080546001909101546001600160a01b03821691600160a01b90046001600160601b03169083565b602081565b6000546001600160a01b03163314610537576040805162461bcd60e51b815260206004820152601360248201527226bab9ba103ab9b2902624a725903a37b5b2b760691b604482015290519081900360640190fd5b60008082806020019051604081101561054f57600080fd5b508051602090910151909250905061056982828688610d44565b5050505050565b60e081565b6000816040516020018082600260200280838360005b838110156105a357818101518382015260200161058b565b505050509050019150506040516020818303038152906040528051906020012090505b919050565b6040805180820182526000916105fa919085906002908390839080828437600092019190915250610575915050565b6000818152600360205260409020549091506001600160a01b03168015610668576040805162461bcd60e51b815260206004820152601960248201527f706c656173652072656769737465722061206e6577206b657900000000000000604482015290519081900360640190fd5b6001600160a01b0385166106c3576040805162461bcd60e51b815260206004820152601760248201527f5f6f7261636c65206d757374206e6f7420626520307830000000000000000000604482015290519081900360640190fd5b600082815260036020526040902080546001600160a01b0319166001600160a01b0387161781556001018390556b033b2e3c9fd0803ce800000086111561073b5760405162461bcd60e51b815260040180806020018281038252603c815260200180611d10603c913960400191505060405180910390fd5b60008281526003602090815260409182902080546001600160a01b0316600160a01b6001600160601b038b1602179055815184815290810188905281517fae189157e0628c1e62315e9179156e1ea10e90e9c15060002f7021e907dc2cfe929181900390910190a1505050505050565b6101a081565b336000908152600460205260409020548190811115610817576040805162461bcd60e51b815260206004820181905260248201527f63616e2774207769746864726177206d6f7265207468616e2062616c616e6365604482015290519081900360640190fd5b33600090815260046020526040902054610837908363ffffffff610f7016565b336000908152600460208181526040808420949094558254845163a9059cbb60e01b81526001600160a01b038981169482019490945260248101889052945192169363a9059cbb93604480830194928390030190829087803b15801561089c57600080fd5b505af11580156108b0573d6000803e3d6000fd5b505050506040513d60208110156108c657600080fd5b50516108ce57fe5b505050565b60006108dd611c77565b825160009081906101c0908114610930576040805162461bcd60e51b81526020600482015260126024820152710eee4dedcce40e0e4dedecc40d8cadccee8d60731b604482015290519081900360640190fd5b610938611c97565b5060e08601518187015160208801919061095183610575565b975061095d8883610fcd565b600081815260026020908152604091829020825160608101845281546001600160a01b038116808352600160a01b9091046001600160601b03169382019390935260019091015492810192909252909850909650610a02576040805162461bcd60e51b815260206004820152601860248201527f6e6f20636f72726573706f6e64696e6720726571756573740000000000000000604482015290519081900360640190fd5b6040805160208082018590528183018490528251808303840181526060909201835281519101209088015114610a7f576040805162461bcd60e51b815260206004820152601a60248201527f77726f6e672070726553656564206f7220626c6f636b206e756d000000000000604482015290519081900360640190fd5b804080610b4b5760015460408051631d2827a760e31b81526004810185905290516001600160a01b039092169163e9413d3891602480820192602092909190829003018186803b158015610ad257600080fd5b505afa158015610ae6573d6000803e3d6000fd5b505050506040513d6020811015610afc57600080fd5b5051905080610b4b576040805162461bcd60e51b81526020600482015260166024820152750e0d8cac2e6ca40e0e4deecca40c4d8dec6d6d0c2e6d60531b604482015290519081900360640190fd5b6040805160208082018690528183018490528251808303840181526060909201909252805191012060e08b018190526101a08b52610b888b610ff9565b96505050505050509193509193565b600082820183811015610bf1576040805162461bcd60e51b815260206004820152601b60248201527f536166654d6174683a206164646974696f6e206f766572666c6f770000000000604482015290519081900360640190fd5b90505b92915050565b604080516024810185905260448082018590528251808303909101815260649091019091526020810180516001600160e01b03166394985ddd60e01b179052600090620324b0805a1015610c95576040805162461bcd60e51b815260206004820152601b60248201527f6e6f7420656e6f7567682067617320666f7220636f6e73756d65720000000000604482015290519081900360640190fd5b6000846001600160a01b0316836040518082805190602001908083835b60208310610cd15780518252601f199092019160209182019101610cb2565b6001836020036101000a0380198251168184511680821785525050505050509050019150506000604051808303816000865af19150503d8060008114610d33576040519150601f19603f3d011682016040523d82523d6000602084013e610d38565b606091505b50505050505050505050565b60008481526003602052604090205482908590600160a01b90046001600160601b0316821015610db2576040805162461bcd60e51b815260206004820152601460248201527310995b1bddc81859dc995959081c185e5b595b9d60621b604482015290519081900360640190fd5b60008681526005602090815260408083206001600160a01b038716845290915281205490610de288888785611142565b90506000610df08983610fcd565b6000818152600260205260409020549091506001600160a01b031615610e1257fe5b600081815260026020526040902080546001600160a01b0319166001600160a01b0388161790556b033b2e3c9fd0803ce80000008710610e4e57fe5b600081815260026020908152604080832080546001600160601b038c16600160a01b026001600160a01b0391821617825582518085018890524381850152835180820385018152606082018086528151918701919091206001948501558f875260039095529483902090910154928d905260808401869052891660a084015260c083018a905260e083018490525190917f56bd374744a66d531874338def36c906e3a6cf31176eb1e9afd9f1de69725d5191908190036101000190a260008981526005602090815260408083206001600160a01b038a168452909152902054610f3e90600163ffffffff610b9716565b6000998a52600560209081526040808c206001600160a01b039099168c52979052959098209490945550505050505050565b600082821115610fc7576040805162461bcd60e51b815260206004820152601e60248201527f536166654d6174683a207375627472616374696f6e206f766572666c6f770000604482015290519081900360640190fd5b50900390565b604080516020808201949094528082019290925280518083038201815260609092019052805191012090565b60006101a0825114611047576040805162461bcd60e51b81526020600482015260126024820152710eee4dedcce40e0e4dedecc40d8cadccee8d60731b604482015290519081900360640190fd5b61104f611c97565b611057611c97565b61105f611cb5565b6000611069611c97565b611071611c97565b6000888060200190516101a081101561108957600080fd5b5060e08101516101808201519198506040890197506080890196509450610100880193506101408801925090506110dc878787600060200201518860016020020151896002602002015189898989611189565b6003866040516020018083815260200182600260200280838360005b838110156111105781810151838201526020016110f8565b50505050905001925050506040516020818303038152906040528051906020012060001c975050505050505050919050565b60408051602080820196909652808201949094526001600160a01b039290921660608401526080808401919091528151808403909101815260a09092019052805191012090565b611192896113d6565b6111e3576040805162461bcd60e51b815260206004820152601a60248201527f7075626c6963206b6579206973206e6f74206f6e206375727665000000000000604482015290519081900360640190fd5b6111ec886113d6565b611235576040805162461bcd60e51b815260206004820152601560248201527467616d6d61206973206e6f74206f6e20637572766560581b604482015290519081900360640190fd5b61123e836113d6565b61128f576040805162461bcd60e51b815260206004820152601d60248201527f6347616d6d615769746e657373206973206e6f74206f6e206375727665000000604482015290519081900360640190fd5b611298826113d6565b6112e9576040805162461bcd60e51b815260206004820152601c60248201527f73486173685769746e657373206973206e6f74206f6e20637572766500000000604482015290519081900360640190fd5b6112f5878a8887611400565b611346576040805162461bcd60e51b815260206004820152601a60248201527f6164647228632a706b2b732a6729e289a05f755769746e657373000000000000604482015290519081900360640190fd5b61134e611c97565b6113588a8761152e565b9050611362611c97565b611371898b878b8689896115d1565b90506000611382838d8d8a866116dc565b9050808a146113c8576040805162461bcd60e51b815260206004820152600d60248201526c34b73b30b634b210383937b7b360991b604482015290519081900360640190fd5b505050505050505050505050565b60208101516000906401000003d0199080096113f98360005b60200201516117e5565b1492915050565b60006001600160a01b03821661144b576040805162461bcd60e51b815260206004820152600b60248201526a626164207769746e65737360a81b604482015290519081900360640190fd5b60208401516000906001161561146257601c611465565b601b5b9050600070014551231950b75fc4402da1732fc9bebe1985876000602002015109865170014551231950b75fc4402da1732fc9bebe1991820392506000919089098751604080516000808252602082810180855288905260ff8916838501526060830194909452608082018590529151939450909260019260a0808401939192601f1981019281900390910190855afa158015611506573d6000803e3d6000fd5b5050604051601f1901516001600160a01b039081169088161495505050505050949350505050565b611536611c97565b611594600184846040516020018084815260200183600260200280838360005b8381101561156e578181015183820152602001611556565b505050509050018281526020019350505050604051602081830303815290604052611809565b90505b6115a0816113d6565b610bf45780516040805160208181019390935281518082039093018352810190526115ca90611809565b9050611597565b6115d9611c97565b825186516401000003d01991900306611639576040805162461bcd60e51b815260206004820152601e60248201527f706f696e747320696e2073756d206d7573742062652064697374696e63740000604482015290519081900360640190fd5b611644878988611857565b61167f5760405162461bcd60e51b8152600401808060200182810382526021815260200180611d4c6021913960400191505060405180910390fd5b61168a848685611857565b6116c55760405162461bcd60e51b8152600401808060200182810382526022815260200180611d6d6022913960400191505060405180910390fd5b6116d0868484611977565b98975050505050505050565b6000600286868685876040516020018087815260200186600260200280838360005b838110156117165781810151838201526020016116fe565b5050505090500185600260200280838360005b83811015611741578181015183820152602001611729565b5050505090500184600260200280838360005b8381101561176c578181015183820152602001611754565b5050505090500183600260200280838360005b8381101561179757818101518382015260200161177f565b50505050905001826001600160a01b03166001600160a01b031660601b815260140196505050505050506040516020818303038152906040528051906020012060001c905095945050505050565b6000806401000003d01980848509840990506401000003d019600782089392505050565b611811611c97565b61181a82611a3d565b815261182f61182a8260006113ef565b611a78565b6020820181905260029006600114156105c6576020810180516401000003d019039052919050565b60008261186357600080fd5b835160208501516000906001161561187c57601c61187f565b601b5b9050600070014551231950b75fc4402da1732fc9bebe19838709604080516000808252602080830180855282905260ff871683850152606083018890526080830185905292519394509260019260a0808401939192601f1981019281900390910190855afa1580156118f5573d6000803e3d6000fd5b5050506020604051035190506000866040516020018082600260200280838360005b8381101561192f578181015183820152602001611917565b505050509050019150506040516020818303038152906040528051906020012060001c9050806001600160a01b0316826001600160a01b031614955050505050509392505050565b61197f611c97565b8351602080860151855191860151600093849384936119a093909190611a8e565b919450925090506401000003d019858209600114611a05576040805162461bcd60e51b815260206004820152601960248201527f696e765a206d75737420626520696e7665727365206f66207a00000000000000604482015290519081900360640190fd5b60405180604001604052806401000003d01980611a1e57fe5b87860981526020016401000003d0198785099052979650505050505050565b805160208201205b6401000003d01981106105c657604080516020808201939093528151808203840181529082019091528051910120611a45565b6000610bf48263400000f4600160fe1b03611b6e565b60008080600180826401000003d019896401000003d019038808905060006401000003d0198b6401000003d019038a0890506000611ace83838585611c0a565b9098509050611adf88828e88611c2e565b9098509050611af088828c87611c2e565b90985090506000611b038d878b85611c2e565b9098509050611b1488828686611c0a565b9098509050611b2588828e89611c2e565b9098509050818114611b5a576401000003d019818a0998506401000003d01982890997506401000003d0198183099650611b5e565b8196505b5050505050509450945094915050565b600080611b79611cd3565b6020808252818101819052604082015260608101859052608081018490526401000003d01960a0820152611bab611cf1565b60208160c0846005600019fa925082611c00576040805162461bcd60e51b81526020600482015260126024820152716269674d6f64457870206661696c7572652160701b604482015290519081900360640190fd5b5195945050505050565b6000806401000003d0198487096401000003d0198487099097909650945050505050565b600080806401000003d019878509905060006401000003d01987876401000003d019030990506401000003d0198183086401000003d01986890990999098509650505050505050565b604080516060810182526000808252602082018190529181019190915290565b60405180604001604052806002906020820280368337509192915050565b60405180606001604052806003906020820280368337509192915050565b6040518060c001604052806006906020820280368337509192915050565b6040518060200160405280600190602082028036833750919291505056fe796f752063616e277420636861726765206d6f7265207468616e20616c6c20746865204c494e4b20696e2074686520776f726c642c206772656564794669727374206d756c7469706c69636174696f6e20636865636b206661696c65645365636f6e64206d756c7469706c69636174696f6e20636865636b206661696c6564a26469706673582212201881f125e9a7356d8ba82f7cb4affab38cc35ea01f2ee0cdef7101b1c52bc5f364736f6c63430006060033
Deployed Bytecode Sourcemap
41295:12338:0:-:0;;;;5:9:-1;2:2;;;27:1;24;17:12;2:2;41295:12338:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;12:1:-1;9;2:12;42789:90:0;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;42789:90:0;-1:-1:-1;;;;;42789:90:0;;:::i;:::-;;;;;;;;;;;;;;;;42626:70;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;42626:70:0;;:::i;:::-;;;;-1:-1:-1;;;;;42626:70:0;;;;;-1:-1:-1;;;;;42626:70:0;;;;;;;;;;;;;;;;;;;;48027:629;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;48027:629:0;;;;;;;;27:11:-1;11:28;;8:2;;;52:1;49;42:12;8:2;48027:629:0;;41:9:-1;34:4;18:14;14:25;11:40;8:2;;;64:1;61;54:12;8:2;48027:629:0;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;39:11;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;48027:629:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;48027:629:0;;-1:-1:-1;48027:629:0;;-1:-1:-1;;;;;48027:629:0:i;:::-;;42701:83;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;42701:83:0;;:::i;47424:48::-;;;:::i;45293:243::-;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;;;;;45293:243:0;;;;;;;;;;;;;;;;;;;27:11:-1;11:28;;8:2;;;52:1;49;42:12;8:2;45293:243:0;;41:9:-1;34:4;18:14;14:25;11:40;8:2;;;64:1;61;54:12;8:2;45293:243:0;;;;;;100:9:-1;95:1;81:12;77:20;67:8;63:35;60:50;39:11;25:12;22:29;11:107;8:2;;;131:1;128;121:12;8:2;45293:243:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30:3:-1;22:6;14;1:33;99:1;81:16;;74:27;;;;-1:-1;45293:243:0;;-1:-1:-1;45293:243:0;;-1:-1:-1;;;;;45293:243:0:i;47548:45::-;;;:::i;52628:138::-;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;52628:138:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;1:33:-1;99:1;81:16;;74:27;;;;-1:-1;52628:138:0;;-1:-1:-1;52628:138:0;;-1:-1:-1;;;;52628:138:0:i;43857:759::-;;;;;;15:3:-1;10;7:12;4:2;;;32:1;29;22:12;4:2;-1:-1;43857:759:0;;;-1:-1:-1;;;;;43857:759:0;;;;;;;;;;;;;;:::i;29958:360::-;;;:::i;52228:242::-;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;;;;;;52228:242:0;;;;;;;;:::i;42789:90::-;;;;;;;;;;;;;:::o;42626:70::-;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;42626:70:0;;;-1:-1:-1;;;42626:70:0;;-1:-1:-1;;;;;42626:70:0;;;:::o;48027:629::-;48097:22;48121:24;;:::i;:::-;48147:17;48172:18;48194:30;48217:6;48194:22;:30::i;:::-;48252:12;48267:33;;;:17;:33;;;;;;;;:43;48381:22;;;;-1:-1:-1;;;;;48267:43:0;;;48344:24;;;:18;:24;;;;;;48096:128;;-1:-1:-1;48096:128:0;;-1:-1:-1;48096:128:0;;-1:-1:-1;48096:128:0;-1:-1:-1;48267:43:0;;48344:60;;-1:-1:-1;;;;;48344:60:0;;:28;:60;:::i;:::-;-1:-1:-1;;;;;48317:24:0;;;;;;:18;:24;;;;;;;;:87;;;;48488:20;;;:9;:20;;;;;48481:27;;;;;;48561:25;;48515:72;;48498:9;;48549:10;;48515:22;:72::i;:::-;48601:49;;;;;;;;;;;;;;;;;;;;;;;;;48027:629;;;;;;:::o;42701:83::-;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;42701:83:0;;;-1:-1:-1;;;42701:83:0;;-1:-1:-1;;;;;42701:83:0;;;:::o;47424:48::-;47468:4;47424:48;:::o;45293:243::-;53265:4;;-1:-1:-1;;;;;53265:4:0;53243:10;:27;53235:59;;;;;-1:-1:-1;;;53235:59:0;;;;;;;;;;;;-1:-1:-1;;;53235:59:0;;;;;;;;;;;;;;;45406:15:::1;45423:12:::0;45450:5:::1;45439:37;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28::::0;21:12:::1;4:2;-1:-1:::0;45439:37:0;;::::1;::::0;;::::1;::::0;;;-1:-1:-1;45439:37:0;-1:-1:-1;45483:47:0::1;45439:37:::0;;45516:4;45522:7;45483:17:::1;:47::i;:::-;53301:1;;45293:243:::0;;;:::o;47548:45::-;47589:4;47548:45;:::o;52628:138::-;52698:7;52748:10;52731:28;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;52731:28:0;;;;;;;;;;;49:4:-1;39:7;30;26:21;22:32;13:7;6:49;52731:28:0;;;52721:39;;;;;;52714:46;;52628:138;;;;:::o;43857:759::-;44023:28;;;;;;;;44005:15;;44023:28;;;44033:17;;44023:28;;;;44033:17;;44023:28;44033:17;44023:28;1:33:-1;99:1;81:16;;74:27;;;;-1:-1;44023:9:0;;-1:-1:-1;;44023:28:0:i;:::-;44058:20;44081:26;;;:17;:26;;;;;:36;44005:46;;-1:-1:-1;;;;;;44081:36:0;44132:26;;44124:64;;;;;-1:-1:-1;;;44124:64:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;44203:21:0;;44195:57;;;;;-1:-1:-1;;;44195:57:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;44259:26;;;;:17;:26;;;;;:46;;-1:-1:-1;;;;;;44259:46:0;-1:-1:-1;;;;;44259:46:0;;;;;-1:-1:-1;44312:32:0;:41;;;44431:9;44423:17;;;44415:97;;;;-1:-1:-1;;;44415:97:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;44519:26;;;;:17;:26;;;;;;;;;:45;;-1:-1:-1;;;;;44519:45:0;-1:-1:-1;;;;;;;;44519:45:0;;;;;;44576:34;;;;;;;;;;;;;;;;;;;;;;;;43857:759;;;;;;:::o;29958:360::-;29994:324;29958:360;:::o;52228:242::-;53555:10;53536:30;;;;:18;:30;;;;;;52320:7;;53536:41;-1:-1:-1;53536:41:0;53528:86;;;;;-1:-1:-1;;;53528:86:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;52391:10:::1;52372:30;::::0;;;:18:::1;:30;::::0;;;;;:43:::1;::::0;52407:7;52372:43:::1;:34;:43;:::i;:::-;52358:10;52339:30;::::0;;;:18:::1;:30;::::0;;;;;;;:76;;;;52429:4;;:34;;-1:-1:-1;;;52429:34:0;;-1:-1:-1;;;;;52429:34:0;;::::1;::::0;;::::1;::::0;;;;;;;;;;;;:4;::::1;::::0;:13:::1;::::0;:34;;;;;;;;;;;;;:4;:34;::::1;;2:2:-1::0;::::1;;;27:1;24::::0;17:12:::1;2:2;52429:34:0;;;;8:9:-1;5:2;;;45:16;42:1;39::::0;24:38:::1;77:16;74:1;67:27;5:2;52429:34:0;;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28::::0;21:12:::1;4:2;-1:-1:::0;52429:34:0;52422:42:::1;;;;52228:242:::0;;;:::o;50081:1916::-;50162:22;50186:24;;:::i;:::-;50605:13;;50219:17;;;;50445:19;;50605:32;;50597:63;;;;;-1:-1:-1;;;50597:63:0;;;;;;;;;;;;-1:-1:-1;;;50597:63:0;;;;;;;;;;;;;;;50667:27;;:::i;:::-;-1:-1:-1;50887:14:0;50875:27;;50869:34;50929:28;;;50923:35;50832:17;50820:30;;;50869:34;50988:20;50820:30;50988:9;:20::i;:::-;50971:37;;51027:38;51041:14;51057:7;51027:13;:38::i;:::-;51083:20;;;;:9;:20;;;;;;;;;51072:31;;;;;;;;;-1:-1:-1;;;;;51072:31:0;;;;;-1:-1:-1;;;51072:31:0;;;-1:-1:-1;;;;;51072:31:0;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;51083:20:0;;-1:-1:-1;51110:76:0;;;;;-1:-1:-1;;;51110:76:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;51239:42;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;6:49;;51239:42:0;;;;;;51229:53;;;;;51201:24;;;;:81;51193:120;;;;;-1:-1:-1;;;51193:120:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;51342:19;;51372:23;51368:162;;51418:14;;:37;;;-1:-1:-1;;;51418:37:0;;;;;;;;;;-1:-1:-1;;;;;51418:14:0;;;;:27;;:37;;;;;;;;;;;;;;;:14;:37;;;2:2:-1;;;;27:1;24;17:12;2:2;51418:37:0;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;51418:37:0;;;;;;;15:2:-1;10:3;7:11;4:2;;;31:1;28;21:12;4:2;-1:-1;51418:37:0;;-1:-1:-1;51472:23:0;51464:58;;;;;-1:-1:-1;;;51464:58:0;;;;;;;;;;;;-1:-1:-1;;;51464:58:0;;;;;;;;;;;;;;;51652:36;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;6:49;;51652:36:0;;;;;;;51642:47;;;;;51844:14;51832:27;;51825:47;;;51895:12;51880:28;;51934:35;51836:6;51934:27;:35::i;:::-;51921:48;;50081:1916;;;;;;;;;;;:::o;889:167::-;947:7;975:5;;;995:6;;;;987:46;;;;;-1:-1:-1;;;987:46:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;1049:1;-1:-1:-1;889:167:0;;;;;:::o;48662:1413::-;48979:86;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;;6:49;;48979:86:0;;;;;;;;25:18:-1;;61:17;;-1:-1;;;;;182:15;-1:-1;;;179:29;160:49;;48935:17:0;;49351:6;;49372:9;:14;;49364:54;;;;;-1:-1:-1;;;49364:54:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;49851:12;49868:16;-1:-1:-1;;;;;49868:21:0;49890:4;49868:27;;;;;;;;;;;;;36:153:-1;66:2;61:3;58:11;36:153;;176:10;;164:23;;-1:-1;;139:12;;;;98:2;89:12;;;;114;36:153;;;274:1;267:3;263:2;259:12;254:3;250:22;246:30;315:4;311:9;305:3;299:10;295:26;356:4;350:3;344:10;340:21;389:7;380;377:20;372:3;365:33;3:399;;;49868:27:0;;;;;;;;;;;;;;;;;;;;;;;;12:1:-1;19;14:27;;;;67:4;61:11;56:16;;134:4;130:9;123:4;105:16;101:27;97:43;94:1;90:51;84:4;77:65;157:16;154:1;147:27;211:16;208:1;201:4;198:1;194:12;179:49;5:228;;14:27;32:4;27:9;;5:228;-1:-1;;;;;;;;;;48662:1413:0:o;46301:988::-;53069:27;;;;:17;:27;;;;;:31;46463:8;;53069:27;;-1:-1:-1;;;53069:31:0;;-1:-1:-1;;;;;53069:31:0;53057:43;;;53049:76;;;;;-1:-1:-1;;;53049:76:0;;;;;;;;;;;;-1:-1:-1;;;53049:76:0;;;;;;;;;;;;;;;46493:13:::1;46509:16:::0;;;:6:::1;:16;::::0;;;;;;;-1:-1:-1;;;;;46509:25:0;::::1;::::0;;;;;;;;;46559:57:::1;46516:8:::0;46586:13;46526:7;46509:25;46559:16:::1;:57::i;:::-;46541:75;;46623:17;46643:32;46657:8;46667:7;46643:13;:32::i;:::-;46816:1;46767:20:::0;;;:9:::1;:20;::::0;;;;:37;46623:52;;-1:-1:-1;;;;;;46767:37:0::1;:51:::0;46760:59:::1;;;;46826:20;::::0;;;:9:::1;:20;::::0;;;;:47;;-1:-1:-1;;;;;;46826:47:0::1;-1:-1:-1::0;;;;;46826:47:0;::::1;;::::0;;46898:4:::1;46887:15:::0;::::1;46880:23;;;;46939:20;::::0;;;:9:::1;:20;::::0;;;;;;;:53;;-1:-1:-1;;;;;46939:53:0;::::1;-1:-1:-1::0;;;46939:53:0::1;-1:-1:-1::0;;;;;46939:53:0;;::::1;;::::0;;47048:47;;;;::::1;::::0;;;47082:12:::1;47048:47:::0;;;;;;26:21:-1;;;22:32;;6:49;;47048:47:0;;;;;;47038:58;;;;::::1;::::0;;;;-1:-1:-1;46999:36:0;;::::1;:97:::0;47145:27;;;:17:::1;:27:::0;;;;;;;:33;;::::1;::::0;47108:108;;;;;;;;;;;::::1;::::0;;;;;;;;;;;;;;;;;47145:33;;47108:108:::1;::::0;;;;;46939:53:::1;47108:108:::0;;::::1;47251:16;::::0;;;:6:::1;:16;::::0;;;;;;;-1:-1:-1;;;;;47251:25:0;::::1;::::0;;;;;;;;:32:::1;::::0;47281:1:::1;47251:32;:29;:32;:::i;:::-;47223:16;::::0;;;:6:::1;:16;::::0;;;;;;;-1:-1:-1;;;;;47223:25:0;;::::1;::::0;;;;;;;;;:60;;;;-1:-1:-1;;;;;;;46301:988:0:o;1319:170::-;1377:7;1406:1;1401;:6;;1393:49;;;;;-1:-1:-1;;;1393:49:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;1461:5:0;;;1319:170::o;33418:174::-;33544:41;;;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;6:49;;33544:41:0;;;;;;33534:52;;;;;;33418:174::o;30934:1024::-;31015:14;29994:324;31048:5;:12;:28;31040:59;;;;;-1:-1:-1;;;31040:59:0;;;;;;;;;;;;-1:-1:-1;;;31040:59:0;;;;;;;;;;;;;;;31110:20;;:::i;:::-;31184:23;;:::i;:::-;31295:24;;:::i;:::-;31328:16;31353:31;;:::i;:::-;31393:30;;:::i;:::-;31432:12;31541:5;31520:124;;;;;15:3:-1;10;7:12;4:2;;;32:1;29;22:12;4:2;-1:-1;31520:124:0;;;;;;;;;;-1:-1:-1;31520:124:0;;;;-1:-1:-1;31520:124:0;;;;-1:-1:-1;31520:124:0;-1:-1:-1;31520:124:0;;;;-1:-1:-1;31520:124:0;;;;-1:-1:-1;31520:124:0;-1:-1:-1;31653:211:0;31520:124;;;31714:1;31707:9;;;;31732:6;31739:1;31732:9;;;;31757:6;31764:1;31757:9;;;;31785:8;31804:13;31828:12;31851:4;31653:14;:211::i;:::-;29880:1;31942:5;31900:48;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;31900:48:0;;;;;;;;;;;;49:4:-1;39:7;30;26:21;22:32;13:7;6:49;31900:48:0;;;31890:59;;;;;;31882:68;;31873:77;;30934:1024;;;;;;;;;;:::o;32791:236::-;32968:51;;;;;;;;;;;;;;;;;;-1:-1:-1;;;;;32968:51:0;;;;;;;;;;;;;;;;;;26:21:-1;;;22:32;;;6:49;;32968:51:0;;;;;;32958:62;;;;;;32791:236::o;28150:1547::-;28406:13;28416:2;28406:9;:13::i;:::-;28398:52;;;;;-1:-1:-1;;;28398:52:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;28467:16;28477:5;28467:9;:16::i;:::-;28459:50;;;;;-1:-1:-1;;;28459:50:0;;;;;;;;;;;;-1:-1:-1;;;28459:50:0;;;;;;;;;;;;;;;28526:24;28536:13;28526:9;:24::i;:::-;28518:66;;;;;-1:-1:-1;;;28518:66:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;28601:23;28611:12;28601:9;:23::i;:::-;28593:64;;;;;-1:-1:-1;;;28593:64:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;29066:56;29103:1;29106:2;29110:1;29113:8;29066:36;:56::i;:::-;29048:122;;;;;-1:-1:-1;;;29048:122:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;29267:22;;:::i;:::-;29292:21;29304:2;29308:4;29292:11;:21::i;:::-;29267:46;;29407:19;;:::i;:::-;29429:81;29457:1;29460:5;29467:13;29482:1;29485:4;29491:12;29505:4;29429:17;:81::i;:::-;29407:103;;29571:16;29590:51;29612:4;29618:2;29622:5;29629:8;29639:1;29590:21;:51::i;:::-;29571:70;;29663:8;29658:1;:13;29650:39;;;;;-1:-1:-1;;;29650:39:0;;;;;;;;;;;;-1:-1:-1;;;29650:39:0;;;;;;;;;;;;;;;28150:1547;;;;;;;;;;;;:::o;14727:137::-;14841:4;;;;14790;;-1:-1:-1;;12610:66:0;14841:4;14828:30;14810:14;14819:1;14821;14819:4;;;;;14810:8;:14::i;:::-;:48;;14727:137;-1:-1:-1;;14727:137:0:o;24133:1060::-;24275:4;-1:-1:-1;;;;;24365:23:0;;24357:47;;;;;-1:-1:-1;;;24357:47:0;;;;;;;;;;;;-1:-1:-1;;;24357:47:0;;;;;;;;;;;;;;;24424:4;;;;24413:7;;24424:8;;:13;24423:25;;24446:2;24423:25;;;24441:2;24423:25;24413:35;-1:-1:-1;24486:18:0;-1:-1:-1;;24542:1:0;24536;24538;24536:4;;;;24529:28;24622:4;;-1:-1:-1;;24515:42:0;;;;-1:-1:-1;24507:51:0;;12372:66;24619:1;24612:28;25125:4;;25092:56;;;24604:37;25092:56;;;25125:4;25092:56;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;24604:37;;-1:-1:-1;24604:37:0;;25092:56;;;;;;;25125:4;;-1:-1:-1;;25092:56:0;;;;;;;;;;;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;-1:-1;;25092:56:0;;-1:-1:-1;;25092:56:0;;-1:-1:-1;;;;;25164:21:0;;;;;;;;-1:-1:-1;;;;;;24133:1060:0;;;;;;:::o;16949:376::-;17035:20;;:::i;:::-;17071:138;16159:1;17198:2;17202:5;17098:110;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;17098:110:0;;;;;;;;;;;;;;;;;;49:4:-1;39:7;30;26:21;22:32;13:7;6:49;17098:110:0;;;17071:26;:138::i;:::-;17066:143;;17218:100;17226:13;17236:2;17226:9;:13::i;:::-;17218:100;;17301:5;;17284:23;;;17301:5;17284:23;;;;;;;;;26:21:-1;;;22:32;;;6:49;;17284:23:0;;;;17257:51;;:26;:51::i;:::-;17252:56;;17218:100;;25685:582;25896:17;;:::i;:::-;25949:13;;25933;;-1:-1:-1;;12610:66:0;25933:29;;25932:44;25924:107;;;;;-1:-1:-1;;;25924:107:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;26048:30;26060:2;26064:1;26067:10;26048:11;:30::i;:::-;26040:76;;;;-1:-1:-1;;;26040:76:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;26133:30;26145:2;26149:1;26152:10;26133:11;:30::i;:::-;26125:77;;;;-1:-1:-1;;;26125:77:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;26218:41;26230:10;26242;26254:4;26218:11;:41::i;:::-;26211:48;25685:582;-1:-1:-1;;;;;;;;25685:582:0:o;27191:365::-;27371:9;26459:1;27517:4;27523:2;27527:5;27534:1;27537:8;27426:120;;;;;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;27426:120:0;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;27426:120:0;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;27426:120:0;;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;27426:120:0;;;;;;;-1:-1:-1;;;;;27426:120:0;-1:-1:-1;;;;;27426:120:0;;;;;;;;;;;;;;;;;49:4:-1;39:7;30;26:21;22:32;13:7;6:49;27426:120:0;;;27416:131;;;;;;27398:150;;27391:157;;27191:365;;;;;;;:::o;14425:263::-;14477:7;;-1:-1:-1;;12610:66:0;14612:1;14609;14602:24;14599:1;14592:47;14575:64;-1:-1:-1;;;14668:1:0;14660:6;14653:29;14646:36;14425:263;-1:-1:-1;;;14425:263:0:o;15746:251::-;15826:19;;:::i;:::-;15863:12;15873:1;15863:9;:12::i;:::-;15856:19;;15891:26;15902:14;15856:1;15858;15911:4;;15902:14;15891:10;:26::i;:::-;15884:4;;;:33;;;15937:1;;15930:8;15942:1;15930:13;15926:64;;;15976:4;;;;;-1:-1:-1;;15963:17:0;15956:24;;15976:1;15746:251;-1:-1:-1;15746:251:0:o;17829:993::-;17952:13;17985:11;17977:20;;12:1:-1;9;2:12;17977:20:0;18055:15;;;18117;;;18043:9;;18117:19;;:24;:34;;18149:2;18117:34;;;18144:2;18117:34;18107:44;-1:-1:-1;18505:20:0;-1:-1:-1;;18551:1:0;18543:6;18536:30;18591:50;;;18528:39;18591:50;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;18528:39;;-1:-1:-1;18528:39:0;18591:50;;;;;;;;;-1:-1:-1;;18591:50:0;;;;;;;;;;;;;;8:9:-1;5:2;;;45:16;42:1;39;24:38;77:16;74:1;67:27;5:2;18591:50:0;;;;;;;;18574:67;;18709:16;18771:7;18754:25;;;;;;;;;;;;23:1:-1;8:100;33:3;30:1;27:10;8:100;;;90:11;;;84:18;71:11;;;64:39;52:2;45:10;8:100;;;12:14;18754:25:0;;;;;;;;;;;49:4:-1;39:7;30;26:21;22:32;13:7;6:49;18754:25:0;;;18744:36;;;;;;18736:45;;18709:73;;18807:8;-1:-1:-1;;;;;18797:18:0;:6;-1:-1:-1;;;;;18797:18:0;;18789:27;;;;;;;17829:993;;;;;:::o;23480:530::-;23593:17;;:::i;:::-;23695:5;;;23702;;;;23709;;23716;;;;23619:9;;;;;;23679:43;;23702:5;;23709;23679:15;:43::i;:::-;23667:55;;-1:-1:-1;23667:55:0;-1:-1:-1;23667:55:0;-1:-1:-1;;;23747:4:0;23744:1;23737:27;23768:1;23737:32;23729:70;;;;;-1:-1:-1;;;23729:70:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;23939:65;;;;;;;;-1:-1:-1;;23947:27:0;;;;;23957:4;23954:1;23947:27;23939:65;;;;-1:-1:-1;;23986:4:0;23983:1;23976:27;23939:65;;;23480:530;-1:-1:-1;;;;;;;23480:530:0:o;14922:402::-;15012:12;;;;;;15232:87;-1:-1:-1;;15239:2:0;:16;15232:87;;15289:20;;;;;;;;;;;;;26:21:-1;;;22:32;;6:49;;15289:20:0;;;;;;15279:31;;;;;15232:87;;14255:107;14309:7;14332:24;14342:1;-1:-1:-1;;;;;14332:9:0;:24::i;21168:2034::-;21268:10;;;22022:1;;21268:10;-1:-1:-1;;22144:2:0;-1:-1:-1;;22131:15:0;22127:2;22120:39;22107:52;-1:-1:-1;22168:10:0;-1:-1:-1;;22205:2:0;-1:-1:-1;;22192:15:0;22188:2;22181:39;22168:52;;22231:10;22347:29;22361:2;22365;22369;22373;22347:13;:29::i;:::-;22336:40;;-1:-1:-1;22336:40:0;-1:-1:-1;22419:29:0;22336:40;;22441:2;22445;22419:13;:29::i;:::-;22408:40;;-1:-1:-1;22408:40:0;-1:-1:-1;22494:29:0;22408:40;;22516:2;22520;22494:13;:29::i;:::-;22483:40;;-1:-1:-1;22483:40:0;-1:-1:-1;22563:10:0;22681:29;22695:2;22699;22483:40;;22681:13;:29::i;:::-;22670:40;;-1:-1:-1;22670:40:0;-1:-1:-1;22739:29:0;22670:40;;22761:2;22765;22739:13;:29::i;:::-;22728:40;;-1:-1:-1;22728:40:0;-1:-1:-1;22816:29:0;22728:40;;22838:2;22842;22816:13;:29::i;:::-;22805:40;;-1:-1:-1;22805:40:0;-1:-1:-1;22891:8:0;;;22887:308;;-1:-1:-1;;22990:2:0;22986;22979:26;22974:31;-1:-1:-1;;;23032:2:0;23028;23021:26;23016:31;-1:-1:-1;;;23074:2:0;23070;23063:26;23058:31;;22887:308;;;23183:2;23178:7;;22887:308;21168:2034;;;;;;;;;;;;;;:::o;12854:1095::-;12933:22;12966:18;12993:41;;:::i;:::-;12726:4;13043:46;;;13117:26;;;:46;;;13195:26;;;:46;13272:26;;;:33;;;13314:26;;;:37;;;-1:-1:-1;;13360:26:0;;;:39;13408:24;;:::i;:::-;13786:4;13769:6;13693:4;13659:23;13594:4;-1:-1:-1;;13516:332:0;13502:346;-1:-1:-1;13869:15:0;13865:52;;13887:28;;;-1:-1:-1;;;13887:28:0;;;;;;;;;;;;-1:-1:-1;;;13887:28:0;;;;;;;;;;;;;;13865:52;13932:9;;;-1:-1:-1;;;;;12854:1095:0:o;19327:206::-;19425:10;;-1:-1:-1;;19481:2:0;19477;19470:26;-1:-1:-1;;19509:2:0;19505;19498:26;19458:67;;;;-1:-1:-1;19327:206:0;-1:-1:-1;;;;;19327:206:0:o;18915:323::-;19013:10;;;-1:-1:-1;;19072:2:0;19068;19061:26;19046:41;-1:-1:-1;19096:12:0;-1:-1:-1;;19135:2:0;19131;-1:-1:-1;;19118:15:0;19111:39;19096:54;-1:-1:-1;;;19184:4:0;19178;19171:30;-1:-1:-1;;19214:2:0;19210;19203:26;19159:71;;;;-1:-1:-1;18915:323:0;-1:-1:-1;;;;;;;18915:323:0:o;41295:12338::-;;;;;;;;;-1:-1:-1;41295:12338:0;;;;;;;;;;;;;;;;;:::o;:::-;;;;;;;;;;;29:2:-1;21:6;17:15;125:4;109:14;101:6;88:42;-1:-1;41295:12338:0;;;-1:-1:-1;;41295:12338:0:o;:::-;;;;;;;;;;;29:2:-1;21:6;17:15;125:4;109:14;101:6;88:42;-1:-1;41295:12338:0;;;-1:-1:-1;;41295:12338:0:o;:::-;;;;;;;;;;;29:2:-1;21:6;17:15;125:4;109:14;101:6;88:42;-1:-1;41295:12338:0;;;-1:-1:-1;;41295:12338:0:o;:::-;;;;;;;;;;;29:2:-1;21:6;17:15;125:4;109:14;101:6;88:42;-1:-1;41295:12338:0;;;-1:-1:-1;;41295:12338:0:o
Swarm Source
ipfs://1881f125e9a7356d8ba82f7cb4affab38cc35ea01f2ee0cdef7101b1c52bc5f3
Loading...LoadingLoading...LoadingMultichain Portfolio | 30 Chains
Chain Token Portfolio % Price Amount Value ETH 100.00% $17.21 73,651.1 $1,267,535.43 Loading...Loading[ Download: CSV Export ]A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.
